"TLS library problem" drops incoming mail when sender uses RC4-MD5 cipher
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
postfix (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Everytime my email server (Ubuntu Server 12.04) receives an email sent from google.com (e.g. gmail) using TLS with the RC4-MD5 cipher, it fails. Here is the output of once such interaction.
I have set smtpd_tls_
May 17 15:43:02 myhostname postfix/
May 17 15:43:02 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
May 17 15:43:03 myhostname postfix/
At least one other user is encountering this problem, as discussed here:
http://
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: postfix 2.9.1-4
ProcVersionSign
Uname: Linux 3.2.0-23-generic x86_64
ApportVersion: 2.0.1-0ubuntu7
Architecture: amd64
Date: Thu May 17 16:02:33 2012
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
ProcEnviron:
TERM=xterm
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: postfix
UpgradeStatus: No upgrade log present (probably fresh install)
This server has only been running a couple days. I initially performed all my testing for emails sent from "outside" using gmail.com and it seemd that my emails came through no problem.
I now see that google.com also uses cipher ECDHE-RSA-RC4-SHA, and messages received (by me) using this cipher do not error out and seem to arrive just fine.