Hello - we are using Secure Mail Gateway, and the configuration options allow for basic requiring of TLS, etc., but it makes no mention on what TLS protocols and ciphers are actually available. We are getting this in the logs, but only from a single connection, and I can't get any visibility past the basic stuff on the webpage:
Oct 9 09:40:37 kemg postfix/smtpd[57824]: connect from sil-mta-dmz-02-pub.dol.gov[152.180.11.245]
Oct 9 09:40:37 kemg postfix/smtpd[57824]: setting up TLS connection from sil-mta-dmz-02-pub.dol.gov[152.180.11.245]
Oct 9 09:40:37 kemg postfix/smtpd[57824]: SSL_accept error from sil-mta-dmz-02-pub.dol.gov[152.180.11.245]: -1
Oct 9 09:40:37 kemg postfix/smtpd[57824]: warning: TLS library problem: 57824:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1407:
Oct 9 09:40:37 kemg postfix/smtpd[57824]: lost connection after STARTTLS from sil-mta-dmz-02-pub.dol.gov[152.180.11.245]
Oct 9 09:40:37 kemg postfix/smtpd[57824]: disconnect from sil-mta-dmz-02-pub.dol.gov[152.180.11.245]
How can I get more information into this? Clearly a cipher mismatch, but how can I tell what/why? The logs in web page are of no use with respect to this.
Thanks,
John