You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When enforcing TLS, the only commands available before a TLS connection is established are EHLO and STARTTLS. LHLO is not allowed. Therefore, a STARTTLS connection for LMTP can not be established if TLS is enforced for the LMTP host. This line is responsible for this behavior.
Expected behavior
TLS should also be enforceable for LMTP.
Observed behavior
When enforcing TLS for the configured LMTP host, the connection will always be aborted, even if TLS is possible.
Steps To Reproduce
configure queue/lmtp plugin
add the LMTP host to force_tls_hosts[] in the [outbound] section of tls.ini
System Info:
Haraka
Haraka.js — Version: 3.0.1
Node
v21.6.2
OS
Linux example.fauringer.de 6.7.5-arch1-1 #1 SMP PREEMPT_DYNAMIC Sat, 17 Feb 2024 14:02:33 +0000 x86_64 GNU/Linux
openssl
OpenSSL 1.1.1w 11 Sep 2023
(I know that this is not the newest Haraka version but the issue is also present in the latest release.)
Additional context
I am currently working on a fix and will open a PR soon.
The text was updated successfully, but these errors were encountered:
Describe the bug
When enforcing TLS, the only commands available before a TLS connection is established are
EHLO
andSTARTTLS
.LHLO
is not allowed. Therefore, a STARTTLS connection for LMTP can not be established if TLS is enforced for the LMTP host. This line is responsible for this behavior.Expected behavior
TLS should also be enforceable for LMTP.
Observed behavior
When enforcing TLS for the configured LMTP host, the connection will always be aborted, even if TLS is possible.
Steps To Reproduce
queue/lmtp
pluginforce_tls_hosts[]
in the[outbound]
section oftls.ini
System Info:
(I know that this is not the newest Haraka version but the issue is also present in the latest release.)
Additional context
I am currently working on a fix and will open a PR soon.
The text was updated successfully, but these errors were encountered: