我的目标和问题
我想让我的 Lorex DVR 使用我的 Synology NAS MailPlus Server 发送电子邮件通知,但出现 TLS 连接失败,似乎是由于密码 (tls_post_process_client_hello:没有共享密码) 导致的。
什么有效
- MailPlus Server 可以通过 Outlook 客户端正常发送和接收我的常规电子邮件。
- 如果我将 DVR 配置为通过mail.com的 smtp 服务器发送邮件,则 DVR 能够通过 TLSv1.2 发送邮件通知。
- 如果我不使用 SSL/TLS,DVR 就能够通过端口 25 向我的 MailPlus 服务器发送通知(只要我在 MailPlus 中将其 IP 列入白名单)。
- 如果服务器使用自签名证书(带有 RSA 加密的 PKCS #1 SHA-256)而不是 Let's Encrypt(ECDSA)证书,则 DVR 能够使用 TLS 通过端口 587 向我的 MailPlus 服务器发送通知。
我的调查(自找到解决方案以来一直保留以供参考)
/volume1/@maillog/maillog
重要的部分是:“tls_post_process_client_hello:没有共享密码”
postfix/smtpd[PID]: connect from DVR.mydomain.tld
opendmarc[PID]: ignoring connection from DVR.mydomain.tld
postfix/smtpd[PID]: connect from DVR.mydomain.tld[192.168.xxx.aaa]
postfix/smtpd[PID]: SSL_accept error from DVR.mydomain.tld[192.168.xxx.aaa]: -1
postfix/smtpd[PID]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:2285:
postfix/smtpd[PID]: lost connection after STARTTLS from DVR.mydomain.tld[192.168.xxx.aaa]
postfix/smtpd[PID]: disconnect from DVR.mydomain.tld[192.168.xxx.aaa] ehlo=1 starttls=0/1 commands=1/2
我之前从未研究过 SSL 连接,但读了一些资料后,我了解到了密码的存在。
使用 Wireshark 分析 tcpdump .pcap 数据包捕获
DVR SERVER TCP 74 38018 → 587 [SYN] Seq=0 Win=27200 Len=0 MSS=1360 SACK_PERM TSval=3847845792 TSecr=0 WS=128
SERVER DVR TCP 74 587 → 38120 [SYN, ACK] Seq=0 Ack=1 Win=14480 Len=0 MSS=1460 SACK_PERM TSval=685449855 TSecr=3859275362 WS=128
DVR SERVER TCP 74 38120 → 587 [SYN] Seq=0 Win=27200 Len=0 MSS=1360 SACK_PERM TSval=3859275362 TSecr=0 WS=128
DVR SERVER TCP 66 38120 → 587 [ACK] Seq=1 Ack=1 Win=27264 Len=0 TSval=3859275364 TSecr=685449855
SERVER DVR SMTP 94 S: 220 mydomain.tld ESMTP Postfix
DVR SERVER TCP 66 38120 → 587 [ACK] Seq=1 Ack=29 Win=27264 Len=0 TSval=3859275732 TSecr=685450222
DVR SERVER SMTP 82 C: EHLO localhost
SERVER DVR TCP 66 587 → 38120 [ACK] Seq=29 Ack=17 Win=14592 Len=0 TSval=685450225 TSecr=3859275732
SERVER DVR SMTP 215 S: 250-mydomain.tld | PIPELINING | SIZE 10485760 | ETRN | STARTTLS | ENHANCEDSTATUSCODES | 8BITMIME | DSN | SMTPUTF8 | CHUNKING
DVR SERVER SMTP 76 C: STARTTLS
SERVER DVR SMTP 96 S: 220 2.0.0 Ready to start TLS
DVR SERVER TLSv1.2 209 Client Hello
SERVER DVR TLSv1.2 73 Alert (Level: Fatal, Description: Handshake Failure)
DVR SERVER TCP 66 38120 → 587 [FIN, ACK] Seq=170 Ack=215 Win=28288 Len=0 TSval=3859275742 TSecr=685450231
SERVER DVR TCP 66 587 → 38120 [FIN, ACK] Seq=215 Ack=171 Win=15616 Len=0 TSval=685450274 TSecr=3859275742
DVR SERVER TCP 66 38120 → 587 [ACK] Seq=171 Ack=216 Win=28288 Len=0 TSval=3859275784 TSecr=685450274
DVR 在客户端 Hello 数据包中提出的密码套件
Cipher Suites (31 suites)
Cipher Suite: TLS_DH_DSS_WITH_AES_256_GCM_SHA384 (0x00a5)
Cipher Suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0x00a3)
Cipher Suite: TLS_DH_RSA_WITH_AES_256_GCM_SHA384 (0x00a1)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b)
Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
Cipher Suite: TLS_DH_RSA_WITH_AES_256_CBC_SHA256 (0x0069)
Cipher Suite: TLS_DH_DSS_WITH_AES_256_CBC_SHA256 (0x0068)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
Cipher Suite: TLS_DH_RSA_WITH_AES_256_CBC_SHA (0x0037)
Cipher Suite: TLS_DH_DSS_WITH_AES_256_CBC_SHA (0x0036)
Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_DH_DSS_WITH_AES_128_GCM_SHA256 (0x00a4)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
Cipher Suite: TLS_DH_RSA_WITH_AES_128_GCM_SHA256 (0x00a0)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
Cipher Suite: TLS_DH_RSA_WITH_AES_128_CBC_SHA256 (0x003f)
Cipher Suite: TLS_DH_DSS_WITH_AES_128_CBC_SHA256 (0x003e)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
Cipher Suite: TLS_DH_RSA_WITH_AES_128_CBC_SHA (0x0031)
Cipher Suite: TLS_DH_DSS_WITH_AES_128_CBC_SHA (0x0030)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Synology OpenSSL 密码
我认为 Synology 上可能没有这些 TLSv1.2 密码,因此我尝试使用 openssl 进行检查:
me@my_server:~$ openssl ciphers -V | grep TLSv1.2 | sort
0x00,0x3C - AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256
0x00,0x3D - AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
0x00,0x67 - DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
0x00,0x6B - DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
0x00,0x9C - AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
0x00,0x9D - AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD
0x00,0x9E - DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
0x00,0x9F - DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
0x00,0xA8 - PSK-AES128-GCM-SHA256 TLSv1.2 Kx=PSK Au=PSK Enc=AESGCM(128) Mac=AEAD
0x00,0xA9 - PSK-AES256-GCM-SHA384 TLSv1.2 Kx=PSK Au=PSK Enc=AESGCM(256) Mac=AEAD
0x00,0xAA - DHE-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=DHEPSK Au=PSK Enc=AESGCM(128) Mac=AEAD
0x00,0xAB - DHE-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=DHEPSK Au=PSK Enc=AESGCM(256) Mac=AEAD
0x00,0xAC - RSA-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=RSAPSK Au=RSA Enc=AESGCM(128) Mac=AEAD
0x00,0xAD - RSA-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=RSAPSK Au=RSA Enc=AESGCM(256) Mac=AEAD
0xC0,0x23 - ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
0xC0,0x24 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
0xC0,0x27 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
0xC0,0x28 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
0xC0,0x2B - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
0xC0,0x2C - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
0xCC,0xA8 - ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
0xCC,0xAA - DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
0xCC,0xAB - PSK-CHACHA20-POLY1305 TLSv1.2 Kx=PSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD
0xCC,0xAC - ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=ECDHEPSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD
0xCC,0xAD - DHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=DHEPSK Au=PSK Enc=CHACHA20/POLY1305(256) Mac=AEAD
0xCC,0xAE - RSA-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=RSAPSK Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
以下密码是 Synology 和 Lorex DVR 所共有的
(0x003c) RSA_WITH_AES_128_CBC_SHA256
(0x003d) RSA_WITH_AES_256_CBC_SHA256
(0x0067) DHE_RSA_WITH_AES_128_CBC_SHA256
(0x006b) DHE_RSA_WITH_AES_256_CBC_SHA256
(0x009c) RSA_WITH_AES_128_GCM_SHA256
(0x009d) RSA_WITH_AES_256_GCM_SHA384
(0x009e) DHE_RSA_WITH_AES_128_GCM_SHA256
(0x009f) DHE_RSA_WITH_AES_256_GCM_SHA384
当 DVR 使用 mail.com SMTP 服务器成功发送通知时进行数据包捕获,显示 mail.com SSL 连接使用密码 RSA_WITH_AES_256_GCM_SHA384 (0x009d)。那么为什么不与 Synology MailPlus Server 一起使用呢?
我使用 openssl 检查了一下,可以使用以下命令为我的服务器和 mail.com 建立使用此密码的 starttls 连接
openssl s_client -tls1_2 -starttls smtp -crlf -connect smtp.mail.com:587 -ciphersuites 'TLS_RSA_WITH_AES_256_GCM_SHA384'
openssl s_client -tls1_2 -starttls smtp -crlf -connect smtp.mydomain.tld:587 -ciphersuites 'TLS_RSA_WITH_AES_256_GCM_SHA384'
我注意到,连接到 mail.com 的输出以“250 STARTTLS”结尾,而连接到我的域的输出以“250 CHUNKING”结尾。我不知道这是什么意思,不知道这是否正常。
Synology MailPlus Postfix
因此,我的注意力转向了邮件服务器。我尝试在 Synology 的 GUI 中将 TLS/SSL 配置文件级别设置为“旧向后兼容性”(控制面板->安全->高级),但行为没有任何变化。然后我了解到 postconf 会喷出 1,000 多个值...
尝试获取与密码相关的 Postfix 设置给了我以下信息:
me@my_server:/volume1/@appstore/MailPlus-Server/sbin$ ./postconf | grep -i cipher
lmtp_tls_ciphers = medium
lmtp_tls_exclude_ciphers =
lmtp_tls_mandatory_ciphers = medium
lmtp_tls_mandatory_exclude_ciphers =
milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer}
smtp_tls_ciphers = medium
smtp_tls_exclude_ciphers =
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_exclude_ciphers =
smtpd_tls_ciphers = low
smtpd_tls_exclude_ciphers =
smtpd_tls_mandatory_ciphers = low
smtpd_tls_mandatory_exclude_ciphers =
smtpd_tls_no_renegotiate_ciphers = yes
tls_export_cipherlist = aNULL:-aNULL:HIGH:MEDIUM:LOW:EXPORT:+RC4:@STRENGTH
tls_high_cipherlist = aNULL:-aNULL:HIGH:@STRENGTH
tls_low_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
tls_medium_cipherlist = aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH
tls_null_cipherlist = eNULL:!aNULL
tls_preempt_cipherlist = no
tls_session_ticket_cipher = aes-256-cbc
tlsproxy_tls_ciphers = $smtpd_tls_ciphers
tlsproxy_tls_exclude_ciphers = $smtpd_tls_exclude_ciphers
tlsproxy_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
tlsproxy_tls_mandatory_exclude_ciphers = $smtpd_tls_mandatory_exclude_ciphers
所以我看到密码 0x009d(AES256-GCM-SHA384)在 tls_low_cipherlist 中,并且 smtpd_tls_ciphers = low 和 smtpd_tls_mandatory_ciphers = low。
所以,我已经束手无策了,我想我应该在开始深入研究 postfix 如何工作之前问问是否有人可以帮助我,或者告诉我我走错了路。
回顾一下,为什么 TLS 连接没有建立?为什么没有共享密码?
我的环境:
- Synology DSM 7.1.1
- MailPlus 服务器 3.1.6-11332(Postfix 3.6.2)
Postfix 重新加载消息:
postfix[PID]: Postfix is running with backwards-compatible default settings
postfix[PID]: See http://www.postfix.org/COMPATIBILITY_README.html for details
postfix[PID]: To disable backwards compatibility use "postconf compatibility_level=3.6" and "postfix reload"
postfix/postfix-script[PID]: refreshing the Postfix mail system
postfix/master[PID]: reload -- version 3.6.2, configuration /var/packages/MailPlus-Server/target/etc
2025-03-16 根据 Grawity 的评论提供附加信息和测试
NAS 服务器证书是 ECDSA。
使用以下 DHE 密码测试 openssl 连接似乎有效,openssl 输出的结尾是 250 STARTTLS(DVR 没有 ECDHE 密码)
(0x0067) TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
(0x006b) TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
(0x009e) TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
(0x009f) TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
但是,这些都不在 Postfix 的 tls_low_cipherlist 中。
我们如何将其中至少一个密码添加到 Synology MailPlus 的 Postfix 配置中?