olemrefv
asked on
Wireshark SSL and SurgeMail
Hi,
I've enabled SSL in SurgeMail for a certain domain that i wan't to send to only using SSL.
When sniffing the packets i can read every packet both ways. I'm guessing this means that my mail server is sending everything in clear-text (and my SSL setup is wrong)?
The reason im asking is because there could be that possibility that Wireshark can read the packets unencrypted because im sniffing directly on the mail interface?
I've enabled SSL in SurgeMail for a certain domain that i wan't to send to only using SSL.
When sniffing the packets i can read every packet both ways. I'm guessing this means that my mail server is sending everything in clear-text (and my SSL setup is wrong)?
The reason im asking is because there could be that possibility that Wireshark can read the packets unencrypted because im sniffing directly on the mail interface?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is not an SSL issue per se..
250 is the status returned when an address is acceptable. So that value is expected.
The message received is: Server Rejected address, so the target host clearly doesn't like the receipient address.
250 is the status returned when an address is acceptable. So that value is expected.
The message received is: Server Rejected address, so the target host clearly doesn't like the receipient address.
It only is an SSL issue if you can tell the mail receiver that this account can only come from SSL protected links.
and the connection isn't SSL secured.
Also what port do you connect to, 25 is normaly not encrypted but can be encrypted using TLS if needed,
port 465 is the SSL encrypted port.
and the connection isn't SSL secured.
Also what port do you connect to, 25 is normaly not encrypted but can be encrypted using TLS if needed,
port 465 is the SSL encrypted port.
ASKER
When using smtpdiag.exe i send an email to a recipient being handled by the clusters, and my packets are still unencrypted. Here is the process:
SOA serial number match: Passed
Both TCP and UP queries succeeded. Local DNS test passed.
Both TCP and UP queries succeeded. Remote DNS test passed.
Successfully connected to cluter.xx.xxxxxxx.com (8 times)
Error: Expected "250". Server Rejected the recipient address.
Failed to submit mail to cluster.xx.xxxxxx.com
The recipient require SSL, so is this the reason for the error? I can't see any "evidence" of my mail server and the receiving end having some kind of negotiation of SSL.
My SSL certificate in SurgeMail is valid.