This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM entschlüsselt keine Mails und liest manche Zertifikate nicht aus (S/MIME)

Hallo,

ich habe hier eine Sophos UTM SG120 mit der Firmwareversion: 9.405-5.

Ich nutze bei dem Gerät das Signieren und Verschlüsseln von E-Mails und habe ein S/MIME Zertifikat hierfür hinzugefügt. Nun habe ich konkret das Problem, dass wenn meine UTM von einer anderen Sophos UTM signierte / verschlüsselte E-Mails bekommt, diese von meiner UTM nicht entschlüsselt werden können, bzw. auch nicht das Zertifikat des Absenders ausgelesen werden kann.

Ein Kollege, der meine Mails mit einer Zertificon Z1 empfängt, machte mich weiterhin darauf aufmerksam, dass meine Mails mit folgender Fehlermeldung bei ihm ankommen:

"Fehler:

Der Nachrichteninhalt wurde möglicherweise verändert.
Signiert von xx@xxxxxxxxx.de unter Verwendung von RSA/SHA1 um 12:30:02 04.08.2016."

Wenn der Kollege mir mailt, wird sein Zertifikat sauber ausgelesen und auch die Mails vom ihm an mich werden von meiner UTM entschlüsselt.

Folgendes habe ich bereits versucht (lt. Anweisung vom Sophos-Support) :

1. In der exim.conf unter #TLS => "openssl_options = +no_sslv3" gelöscht

2. In der exim.conf unter #Main Section auf => "tls_require_ciphers = RC4+RSA:HIGH:!MD5:!ADH:!SSLv2:!SSLv3" ergänzt

3. UTM komplett neu installiert

Ein Auszug aus dem SMTP-Log:

2016:08:04-17:25:23 mail exim-in[5794]: 2016-08-04 17:25:23 SMTP connection from [192.168.6.16]:10888 (TCP/IP connection count = 2)
2016:08:04-17:25:23 mail exim-in[3794]: 2016-08-04 17:25:23 SMTP connection from [192.168.6.16]:10887 lost
2016:08:04-17:25:24 mail exim-in[3795]: 2016-08-04 17:25:24 SMTP connection from [192.168.6.16]:10888 lost
2016:08:04-17:25:24 mail exim-in[5794]: 2016-08-04 17:25:24 SMTP connection from [192.168.6.16]:10892 (TCP/IP connection count = 2)
2016:08:04-17:25:24 mail exim-in[5794]: 2016-08-04 17:25:24 SMTP connection from [192.168.6.16]:10893 (TCP/IP connection count = 2)
2016:08:04-17:25:24 mail exim-in[3796]: 2016-08-04 17:25:24 SMTP connection from [192.168.6.16]:10892 lost
2016:08:04-17:25:25 mail exim-in[3798]: 2016-08-04 17:25:25 TLS error on connection from [192.168.6.16]:10893 (SSL_accept): error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number
2016:08:04-17:25:25 mail exim-in[3798]: 2016-08-04 17:25:25 TLS client disconnected cleanly (rejected our certificate?)
2016:08:04-17:25:25 mail exim-in[5794]: 2016-08-04 17:25:25 SMTP connection from [192.168.6.16]:10894 (TCP/IP connection count = 1)
2016:08:04-17:25:25 mail exim-in[3804]: 2016-08-04 17:25:25 TLS error on connection from [192.168.6.16]:10894 (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2016:08:04-17:25:25 mail exim-in[3804]: 2016-08-04 17:25:25 TLS client disconnected cleanly (rejected our certificate?)
2016:08:04-17:25:28 mail exim-in[5794]: 2016-08-04 17:25:28 SMTP connection from [192.168.6.16]:10896 (TCP/IP connection count = 1)
2016:08:04-17:25:28 mail exim-in[5794]: 2016-08-04 17:25:28 SMTP connection from [192.168.6.15]:53722 (TCP/IP connection count = 2)
2016:08:04-17:25:28 mail exim-in[3821]: 2016-08-04 17:25:28 SMTP connection from (HyperV-01) [192.168.6.15]:53722 closed by QUIT
2016:08:04-17:25:28 mail exim-in[3812]: 2016-08-04 17:25:28 SMTP connection from [192.168.6.16]:10896 lost
2016:08:04-17:25:30 mail exim-in[5794]: 2016-08-04 17:25:30 SMTP connection from [62.xxx.xxx.xxx]:32149 (TCP/IP connection count = 1)
2016:08:04-17:25:31 mail exim-in[3822]: 2016-08-04 17:25:31 H=mail.absender.de [62.xxx.xxx.xxx]:32149 Warning: Exception matched: Skipping greylisting for this message
2016:08:04-17:25:31 mail exim-in[3822]: 2016-08-04 17:25:31 H=mail.absender.de [62.xxx.xxx.xxx]:32149 Warning: Exception matched: Skipping antispam for this message
2016:08:04-17:25:31 mail exim-in[3822]: 2016-08-04 17:25:31 H=mail.absender.de [62.xxx.xxx.xxx]:32149 Warning: empfaenger.de profile excludes greylisting: Skipping greylisting for this message
2016:08:04-17:25:31 mail exim-in[3822]: 2016-08-04 17:25:31 1bVKWZ-0000ze-0R <= prvs=0024b23532=1234@absender.de H=mail.absender.de [62.xxx.xxx.xxx]:32149 P=esmtps X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 S=17153 id=072CF516C7F6C140A0F14FE01422BA460ADF8BB3@Exchange2010.intern.lokal
2016:08:04-17:25:31 mail exim-in[3822]: 2016-08-04 17:25:31 SMTP connection from mail.absender.de [62.xxx.xxx.xxx]:32149 closed by QUIT
2016:08:04-17:25:32 mail smtpd[5689]: QMGR[5689]: 1bVKWZ-0000ze-0R moved to work queue
2016:08:04-17:25:33 mail exim-in[5794]: 2016-08-04 17:25:33 SMTP connection from [192.168.6.15]:53747 (TCP/IP connection count = 1)
2016:08:04-17:25:33 mail exim-in[5794]: 2016-08-04 17:25:33 SMTP connection from [192.168.6.15]:53749 (TCP/IP connection count = 2)
2016:08:04-17:25:33 mail exim-in[3836]: 2016-08-04 17:25:33 SMTP connection from [192.168.6.15]:53747 lost
2016:08:04-17:25:34 mail exim-in[3839]: 2016-08-04 17:25:34 SMTP connection from [192.168.6.15]:53749 lost
2016:08:04-17:25:34 mail exim-in[5794]: 2016-08-04 17:25:34 SMTP connection from [192.168.6.15]:53750 (TCP/IP connection count = 2)
2016:08:04-17:25:34 mail exim-in[3840]: 2016-08-04 17:25:34 SMTP connection from [192.168.6.15]:53750 lost
2016:08:04-17:25:34 mail exim-in[5794]: 2016-08-04 17:25:34 SMTP connection from [192.168.6.15]:53753 (TCP/IP connection count = 2)
2016:08:04-17:25:35 mail exim-in[3841]: 2016-08-04 17:25:35 TLS error on connection from [192.168.6.15]:53753 (SSL_accept): error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number
2016:08:04-17:25:35 mail exim-in[3841]: 2016-08-04 17:25:35 TLS client disconnected cleanly (rejected our certificate?)
2016:08:04-17:25:35 mail exim-in[5794]: 2016-08-04 17:25:35 SMTP connection from [192.168.6.15]:53754 (TCP/IP connection count = 1)
2016:08:04-17:25:35 mail exim-in[3842]: 2016-08-04 17:25:35 TLS error on connection from [192.168.6.15]:53754 (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2016:08:04-17:25:35 mail exim-in[3842]: 2016-08-04 17:25:35 TLS client disconnected cleanly (rejected our certificate?)
2016:08:04-17:25:38 mail exim-in[5794]: 2016-08-04 17:25:38 SMTP connection from [192.168.6.16]:10899 (TCP/IP connection count = 1)
2016:08:04-17:25:38 mail exim-in[3846]: 2016-08-04 17:25:38 SMTP connection from (V-SRV02-EX) [192.168.6.16]:10899 closed by QUIT
2016:08:04-17:25:38 mail exim-in[5794]: 2016-08-04 17:25:38 SMTP connection from [192.168.6.15]:53757 (TCP/IP connection count = 1)
2016:08:04-17:25:38 mail exim-in[3847]: 2016-08-04 17:25:38 SMTP connection from [192.168.6.15]:53757 lost
2016:08:04-17:25:40 mail smtpd[3859]: SCANNER[3859]: 1bVKWi-00010F-8n <= prvs=0024b23532=1234@absender.de R=1bVKWZ-0000ze-0R P=INPUT S=15955
2016:08:04-17:25:40 mail smtpd[3859]: SCANNER[3859]: id="1000" severity="info" sys="SecureMail" sub="smtp" name="email passed" srcip="62.xxx.xxx.xxx" from="prvs=0024b23532=1234@absender.de" to="asdf@empfaenger.de" subject="Test signiert und verschlüsselt ABCDEF" queueid="1bVKWi-00010F-8n" size="15955"
2016:08:04-17:25:40 mail smtpd[3859]: SCANNER[3859]: 1bVKWZ-0000ze-0R => work R=SCANNER T=SCANNER
2016:08:04-17:25:40 mail smtpd[3859]: SCANNER[3859]: 1bVKWZ-0000ze-0R Completed
2016:08:04-17:25:41 mail exim-out[3862]: 2016-08-04 17:25:41 1bVKWi-00010F-8n => asdf@empfaenger.de P=<prvs=0024b23532=1234@absender.de> R=static_route_hostlist T=static_smtp H=192.168.6.16 [192.168.6.16]:25 X=TLSv1.2:ECDHE-RSA-AES256-SHA384:256 C="250 2.6.0 <072CF516C7F6C140A0F14FE01422BA460ADF8BB3@Exchange2010.intern.lokal> [InternalId=317] Queue"
2016:08:04-17:25:41 mail exim-out[3862]: 2016-08-04 17:25:41 1bVKWi-00010F-8n Completed
2016:08:04-17:26:00 mail exim-out[3904]: 2016-08-04 17:26:00 Start queue run: pid=3904
2016:08:04-17:26:00 mail exim-out[3904]: 2016-08-04 17:26:00 End queue run: pid=3904
2016:08:04-17:26:10 mail smtpd[3859]: SCANNER[3859]: Nothing to do, exiting.

Tipps sind sehr willkommen! ;)

Danke

Martin

This thread was automatically locked due to age.