Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HELP: cannot send email out after upgraded to 2.3.3

    Scheduled Pinned Locked Moved General pfSense Questions
    29 Posts 6 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerelictD
      Derelict LAYER 8 Netgate
      last edited by

      To repeat: Ports 25 and 587 generally need STARTTLS. SSL/TLS generally needs to be on port 465.

      The email server I input is correct, I tested with "telnet email-server 587", etc.

      The proper test for how you have that configured would be:

      openssl s_client -connect mail_server:587

      Which would almost certainly fail.

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • C
        caigeliu
        last edited by

        You're right. port 25 no ssl/tls. port 465 for ssl, 587 for tls. I have tried many different combinations.

        I just tried your command from ssh console, testing is OK (see picture).

        The problem is why cannot connect the host from pfSense notification page? I can connect to the mail server host in ssh console.

        pfsense-email2.PNG
        pfsense-email2.PNG_thumb

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          That is not a successful connection.

          To test a connection to that server using encryption on port 587 you would need:

          openssl s_client -connect mail.server:587 -starttls smtp

          IF YOU ARE CONNECTING ON PORT 25 or 587 AND WANT ENCRYPTION YOU NEED TO USE STARTTLS

          IF YOU WANT TO CONNECT USING SSL/TLS YOU NEED TO USE PORT 465

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • D
            dgcom
            last edited by

            The correct command for testing STARTTLS is:

            openssl s_client -starttls smtp -crlf -connect smtp.gmail.com:587
            

            (use either Ctrl+C or type QUIT+CrLf to end)
            Provide output (you can sanitize it a bit if it shows your cert info.

            To test different versions of SSL, try -ssl3, -tls1,  -tls1_1 and  -tls1_2

            Could be that your server is not supporting recent SSL versions which were disabled in pfSence…

            DG

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              He is connecting to port 587 using SSL/TLS. That will never work.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • C
                caigeliu
                last edited by

                Thanks for all reply. If use 587:

                pfsense-email3.PNG
                pfsense-email3.PNG_thumb
                pfsense-email5.PNG
                pfsense-email5.PNG_thumb
                pfsense-email6.PNG
                pfsense-email6.PNG_thumb

                1 Reply Last reply Reply Quote 0
                • C
                  caigeliu
                  last edited by

                  If use 465,

                  pfsense-email7.PNG
                  pfsense-email7.PNG_thumb
                  pfsense-email8.PNG
                  pfsense-email8.PNG_thumb

                  1 Reply Last reply Reply Quote 0
                  • C
                    caigeliu
                    last edited by

                    All above errors are not caused by input parameters or our email server.

                    1 Reply Last reply Reply Quote 0
                    • P
                      phil.davis
                      last edited by

                      Note this bug https://redmine.pfsense.org/issues/7516 "Notify test buttons for smtp/growl should use new unsaved settings" and PR https://github.com/pfsense/pfsense/pull/3691 that fixes it.

                      In current releases (e.g. 2.3.3-p1) you have to save the settings first, then use the test buttons. It just tests the currently-saved settings, not the changes you may just have made in the form.

                      The fix is in 2.3.4 which is coming.

                      So maybe when you are trying lots of combinations and pressing "test", you are not actually getting an effective test.

                      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                      1 Reply Last reply Reply Quote 0
                      • D
                        dgcom
                        last edited by

                        Looking at your screenshots, I believe that something else is corrupted, possibly in the config - look at pfsense-email6.PNG - it says that it could not start TLS.
                        I would suggest you take packet capture with this setting and look at it in Wireshark - make sure it goes to the right destination, connects and tries to negotiate SSL session.

                        DG

                        1 Reply Last reply Reply Quote 0
                        • C
                          caigeliu
                          last edited by

                          @phil.davis:

                          In current releases (e.g. 2.3.3-p1) you have to save the settings first, then use the test buttons.

                          I first click "save", then click test in above screenshots.

                          1 Reply Last reply Reply Quote 0
                          • D
                            dgcom
                            last edited by

                            Please, review this forum thread - it may have an answer for you.
                            I did not read it in full, but it seems that there is an issue with certs used for SMTP, issued by private CA - pfSence has to trust them and some public CA certs might be missing in newer builds…

                            DG

                            1 Reply Last reply Reply Quote 0
                            • N
                              NOYB
                              last edited by

                              Maybe it's time to simplify and apply isolation troubleshooting techniques.

                              Remove encryption from the equation.  To protect authentication credentials, change the password or create a throwaway account for testing.

                              From time to time some CA's are eliminated from the store.  Don't recall the error message that occurs when that happens so don't know if your error messages are due to that or not.

                              1 Reply Last reply Reply Quote 0
                              • C
                                caigeliu
                                last edited by

                                Here  are complete packages for one testing of 465:

                                13:07:21.615841 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32106, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0x97b0 (correct), seq 2191407335:2191408795, ack 2273860481, win 16309, length 1460
                                13:07:21.643670 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 59, id 43376, offset 0, flags [DF], proto TCP (6), length 40)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0xd3da (correct), seq 1, ack 11680, win 1748, length 0
                                13:07:21.643920 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 526: (tos 0x0, ttl 63, id 32107, offset 0, flags [DF], proto TCP (6), length 512)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [P.], cksum 0xe604 (correct), seq 11680:12152, ack 1, win 16309, length 472
                                13:07:21.650116 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 60: (tos 0x0, ttl 59, id 43377, offset 0, flags [DF], proto TCP (6), length 40)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0xd1c5 (correct), seq 1, ack 12152, win 1809, length 0
                                13:07:21.650363 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32113, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0x6236 (correct), seq 17992:19452, ack 1, win 16309, length 1460
                                13:07:21.657134 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43378, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x925e (correct), seq 1, ack 12152, win 1809, options [nop,nop,sack 1 {17992:19452}], length 0
                                13:07:21.958969 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32114, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0xd8ef (correct), seq 12152:13612, ack 1, win 16309, length 1460
                                13:07:21.965808 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43379, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x8caa (correct), seq 1, ack 13612, win 1809, options [nop,nop,sack 1 {17992:19452}], length 0
                                13:07:21.966116 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32115, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [P.], cksum 0x09f4 (correct), seq 19452:20912, ack 1, win 16309, length 1460
                                13:07:21.966144 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32116, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0x4330 (correct), seq 20912:22372, ack 1, win 16309, length 1460
                                13:07:21.972885 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43380, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x86f6 (correct), seq 1, ack 13612, win 1809, options [nop,nop,sack 1 {17992:20912}], length 0
                                13:07:21.974129 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43381, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x8142 (correct), seq 1, ack 13612, win 1809, options [nop,nop,sack 1 {17992:22372}], length 0
                                13:07:22.308207 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 1868, offset 0, flags [DF], proto TCP (6), length 60)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags , cksum 0x4e45 (incorrect -> 0xc40a), seq 2198535874, win 65228, options [mss 1460,nop,wscale 7,sackOK,TS val 3724690981 ecr 0], length 0
                                13:07:22.330747 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 59, id 0, offset 0, flags [DF], proto TCP (6), length 60)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [S.], cksum 0x6922 (correct), seq 2017900417, ack 2198535875, win 14480, options [mss 1460,sackOK,TS val 1841922946 ecr 3724690981,nop,wscale 7], length 0
                                13:07:22.330792 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 4415, offset 0, flags [DF], proto TCP (6), length 52)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [.], cksum 0x4e3d (incorrect -> 0xce60), seq 1, ack 1, win 520, options [nop,nop,TS val 3724691003 ecr 1841922946], length 0
                                13:07:22.359282 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 583: (tos 0x0, ttl 64, id 25093, offset 0, flags [DF], proto TCP (6), length 569)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [P.], cksum 0x5042 (incorrect -> 0x1caf), seq 1:518, ack 1, win 520, options [nop,nop,TS val 3724691032 ecr 1841922946], length 517
                                13:07:22.365140 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 13339, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [.], cksum 0xcd98 (correct), seq 1, ack 518, win 122, options [nop,nop,TS val 1841922998 ecr 3724691032], length 0
                                13:07:22.369283 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 59, id 13340, offset 0, flags [DF], proto TCP (6), length 1500)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [.], cksum 0x40c3 (correct), seq 1:1449, ack 518, win 122, options [nop,nop,TS val 1841923000 ecr 3724691032], length 1448
                                13:07:22.369318 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 44488, offset 0, flags [DF], proto TCP (6), length 52)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [.], cksum 0x4e3d (incorrect -> 0xc661), seq 518, ack 1449, win 509, options [nop,nop,TS val 3724691042 ecr 1841923000], length 0
                                13:07:22.370515 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 59, id 13341, offset 0, flags [DF], proto TCP (6), length 1500)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [.], cksum 0xba14 (correct), seq 1449:2897, ack 518, win 122, options [nop,nop,TS val 1841923000 ecr 3724691032], length 1448
                                13:07:22.370549 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 11179, offset 0, flags [DF], proto TCP (6), length 52)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [.], cksum 0x4e3d (incorrect -> 0xc0b8), seq 518, ack 2897, win 509, options [nop,nop,TS val 3724691043 ecr 1841923000], length 0
                                13:07:22.371468 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1259: (tos 0x0, ttl 59, id 13342, offset 0, flags [DF], proto TCP (6), length 1245)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [P.], cksum 0xf721 (correct), seq 2897:4090, ack 518, win 122, options [nop,nop,TS val 1841923000 ecr 3724691032], length 1193
                                13:07:22.371500 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 51963, offset 0, flags [DF], proto TCP (6), length 52)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [.], cksum 0x4e3d (incorrect -> 0xbc0c), seq 518, ack 4090, win 511, options [nop,nop,TS val 3724691044 ecr 1841923000], length 0
                                13:07:22.378422 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 268: (tos 0x0, ttl 64, id 26698, offset 0, flags [DF], proto TCP (6), length 254)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [P.], cksum 0x4f07 (incorrect -> 0xe7bc), seq 518:720, ack 4090, win 520, options [nop,nop,TS val 3724691051 ecr 1841923000], length 202
                                13:07:22.384517 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 324: (tos 0x0, ttl 59, id 13343, offset 0, flags [DF], proto TCP (6), length 310)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [P.], cksum 0x1909 (correct), seq 4090:4348, ack 720, win 130, options [nop,nop,TS val 1841923017 ecr 3724691051], length 258
                                13:07:22.384548 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 11560, offset 0, flags [DF], proto TCP (6), length 52)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [.], cksum 0x4e3d (incorrect -> 0xba1b), seq 720, ack 4348, win 518, options [nop,nop,TS val 3724691057 ecr 1841923017], length 0
                                13:07:22.384753 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 97: (tos 0x0, ttl 64, id 43524, offset 0, flags [DF], proto TCP (6), length 83)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [P.], cksum 0x4e5c (incorrect -> 0x64db), seq 720:751, ack 4348, win 520, options [nop,nop,TS val 3724691057 ecr 1841923017], length 31
                                13:07:22.387929 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 24108, offset 0, flags [DF], proto TCP (6), length 52)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [F.], cksum 0x4e3d (incorrect -> 0xb9f6), seq 751, ack 4348, win 520, options [nop,nop,TS val 3724691060 ecr 1841923017], length 0
                                13:07:22.389948 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 59, id 13344, offset 0, flags [DF], proto TCP (6), length 160)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [P.], cksum 0x5a0d (correct), seq 4348:4456, ack 720, win 130, options [nop,nop,TS val 1841923022 ecr 3724691057], length 108
                                13:07:22.389982 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 64, id 2526, offset 0, flags [DF], proto TCP (6), length 40)
                                    pfsense-ip.36683 > mail-sever-ip.465: Flags [R], cksum 0x4e31 (incorrect -> 0x4c10), seq 2198536594, win 0, length 0
                                13:07:22.390025 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 13345, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [F.], cksum 0xbb0d (correct), seq 4456, ack 751, win 130, options [nop,nop,TS val 1841923023 ecr 3724691057], length 0
                                13:07:22.393318 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 13346, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [.], cksum 0xbb06 (correct), seq 4457, ack 752, win 130, options [nop,nop,TS val 1841923026 ecr 3724691060], length 0
                                13:07:22.879497 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32127, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0xda47 (correct), seq 13612:15072, ack 1, win 16309, length 1460
                                13:07:22.947930 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 59, id 13347, offset 0, flags [DF], proto TCP (6), length 160)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [P.], cksum 0x5835 (correct), seq 4348:4456, ack 752, win 130, options [nop,nop,TS val 1841923459 ecr 3724691060], length 108
                                13:07:22.948379 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43382, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x7b99 (correct), seq 1, ack 15072, win 1798, options [nop,nop,sack 1 {17992:22372}], length 0
                                13:07:22.948869 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32128, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0xe265 (correct), seq 22372:23832, ack 1, win 16309, length 1460
                                13:07:22.948886 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32129, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0x1c25 (correct), seq 23832:25292, ack 1, win 16309, length 1460
                                13:07:22.955779 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43383, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x75e5 (correct), seq 1, ack 15072, win 1798, options [nop,nop,sack 1 {17992:23832}], length 0
                                13:07:22.956866 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43384, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x7031 (correct), seq 1, ack 15072, win 1798, options [nop,nop,sack 1 {17992:25292}], length 0
                                13:07:23.874785 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 59, id 13348, offset 0, flags [DF], proto TCP (6), length 160)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [P.], cksum 0x54cb (correct), seq 4348:4456, ack 752, win 130, options [nop,nop,TS val 1841924333 ecr 3724691060], length 108
                                13:07:25.504447 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 59, id 13349, offset 0, flags [DF], proto TCP (6), length 160)
                                    mail-sever-ip.465 > pfsense-ip.36683: Flags [P.], cksum 0x4df7 (correct), seq 4348:4456, ack 752, win 130, options [nop,nop,TS val 1841926081 ecr 3724691060], length 108
                                13:07:25.968249 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32150, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0x8d20 (correct), seq 15072:16532, ack 1, win 16309, length 1460
                                13:07:26.311212 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43385, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x6a88 (correct), seq 1, ack 16532, win 1787, options [nop,nop,sack 1 {17992:25292}], length 0
                                13:07:26.311668 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32151, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0x4617 (correct), seq 25292:26752, ack 1, win 16309, length 1460
                                13:07:26.311692 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 63, id 32152, offset 0, flags [DF], proto TCP (6), length 1500)
                                    pfsense-ip.47374 > mail-sever-ip.465: Flags [.], cksum 0x5bf6 (correct), seq 26752:28212, ack 1, win 16309, length 1460
                                13:07:26.442459 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43386, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x64d4 (correct), seq 1, ack 16532, win 1787, options [nop,nop,sack 1 {17992:26752}], length 0
                                13:07:26.442489 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 43387, offset 0, flags [DF], proto TCP (6), length 52)
                                    mail-sever-ip.465 > pfsense-ip.47374: Flags [.], cksum 0x5f20 (correct), seq 1, ack 16532, win 1787, options [nop,nop,sack 1 {17992:28212}], length 0

                                1 Reply Last reply Reply Quote 0
                                • D
                                  dgcom
                                  last edited by

                                  You should really do this with port 587, save pcap file and review it in Wireshark.
                                  But even with this capture - it looks like it connects, but can't authenticate or negotiate proper SSL channel.

                                  DG

                                  1 Reply Last reply Reply Quote 0
                                  • N
                                    NOYB
                                    last edited by

                                    @dgcom:

                                    You should really do this with port 587, save pcap file and review it in Wireshark.
                                    But even with this capture - it looks like it connects, but can't authenticate or negotiate proper SSL channel.

                                    pfSense likely missing the CA for the server cert.  As is pointed out in that thread you linked to a few posts ago.

                                    1 Reply Last reply Reply Quote 0
                                    • D
                                      dgcom
                                      last edited by

                                      @NOYB:

                                      pfSense likely missing the CA for the server cert.

                                      I agree. But that needs to be tested/verified :)

                                      DG

                                      1 Reply Last reply Reply Quote 0
                                      • N
                                        NOYB
                                        last edited by

                                        @dgcom:

                                        @NOYB:

                                        pfSense likely missing the CA for the server cert.

                                        I agree. But that needs to be tested/verified :)

                                        Which is not that difficult to do and the start tls error message being thrown is exactly what happens when the CA is missing.

                                        Error: could not start TLS connection encryption protocol

                                        Going on a week and 2 forum pages for this without looking at the certs is nonsense.

                                        1 Reply Last reply Reply Quote 0
                                        • C
                                          caigeliu
                                          last edited by

                                          packages for 587:

                                          14:47:44.261660 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 37126, offset 0, flags [DF], proto TCP (6), length 60)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags , cksum 0x4e45 (incorrect -> 0xfe42), seq 2694817911, win 65228, options [mss 1460,nop,wscale 7,sackOK,TS val 3730712934 ecr 0], length 0
                                          14:47:44.306341 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 59, id 0, offset 0, flags [DF], proto TCP (6), length 60)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [S.], cksum 0xc474 (correct), seq 307632312, ack 2694817912, win 14480, options [mss 1460,sackOK,TS val 1847944902 ecr 3730712934,nop,wscale 7], length 0
                                          14:47:44.306391 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 27877, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x299c), seq 1, ack 1, win 520, options [nop,nop,TS val 3730712979 ecr 1847944902], length 0
                                          14:47:44.336073 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 59, id 32330, offset 0, flags [DF], proto TCP (6), length 131)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x14db (correct), seq 1:80, ack 1, win 114, options [nop,nop,TS val 1847944949 ecr 3730712979], length 79
                                          14:47:44.336109 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 50477, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x2901), seq 1, ack 80, win 519, options [nop,nop,TS val 3730713009 ecr 1847944949], length 0
                                          14:47:44.336429 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 87: (tos 0x0, ttl 64, id 63278, offset 0, flags [DF], proto TCP (6), length 73)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4e52 (incorrect -> 0x7a9c), seq 1:22, ack 80, win 520, options [nop,nop,TS val 3730713009 ecr 1847944949], length 21
                                          14:47:44.341645 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 32331, offset 0, flags [DF], proto TCP (6), length 52)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [.], cksum 0x2a65 (correct), seq 80, ack 22, win 114, options [nop,nop,TS val 1847944977 ecr 3730713009], length 0
                                          14:47:44.342041 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 306: (tos 0x0, ttl 59, id 32332, offset 0, flags [DF], proto TCP (6), length 292)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x9f00 (correct), seq 80:320, ack 22, win 114, options [nop,nop,TS val 1847944977 ecr 3730713009], length 240
                                          14:47:44.342076 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 57252, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x27db), seq 22, ack 320, win 518, options [nop,nop,TS val 3730713015 ecr 1847944977], length 0
                                          14:47:44.344219 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 76: (tos 0x0, ttl 64, id 64068, offset 0, flags [DF], proto TCP (6), length 62)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4e47 (incorrect -> 0xe56c), seq 22:32, ack 320, win 520, options [nop,nop,TS val 3730713017 ecr 1847944977], length 10
                                          14:47:44.349626 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 96: (tos 0x0, ttl 59, id 32333, offset 0, flags [DF], proto TCP (6), length 82)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x1212 (correct), seq 320:350, ack 32, win 114, options [nop,nop,TS val 1847944985 ecr 3730713017], length 30
                                          14:47:44.349665 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 15982, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x27a1), seq 32, ack 350, win 520, options [nop,nop,TS val 3730713023 ecr 1847944985], length 0
                                          14:47:44.381135 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 281: (tos 0x0, ttl 64, id 32683, offset 0, flags [DF], proto TCP (6), length 267)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4f14 (incorrect -> 0x9b5d), seq 32:247, ack 350, win 520, options [nop,nop,TS val 3730713054 ecr 1847944985], length 215
                                          14:47:44.390630 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 59, id 32334, offset 0, flags [DF], proto TCP (6), length 1500)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [.], seq 350:1798, ack 247, win 122, options [nop,nop,TS val 1847945024 ecr 3730713054], length 1448
                                          14:47:44.390661 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 36301, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x20dd), seq 247, ack 1798, win 509, options [nop,nop,TS val 3730713064 ecr 1847945024], length 0
                                          14:47:44.391858 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 59, id 32335, offset 0, flags [DF], proto TCP (6), length 1500)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [.], seq 1798:3246, ack 247, win 122, options [nop,nop,TS val 1847945024 ecr 3730713054], length 1448
                                          14:47:44.391883 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 16571, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x1b34), seq 247, ack 3246, win 509, options [nop,nop,TS val 3730713065 ecr 1847945024], length 0
                                          14:47:44.392776 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1225: (tos 0x0, ttl 59, id 32336, offset 0, flags [DF], proto TCP (6), length 1211)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [P.], seq 3246:4405, ack 247, win 122, options [nop,nop,TS val 1847945024 ecr 3730713054], length 1159
                                          14:47:44.392800 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 2578, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x16aa), seq 247, ack 4405, win 511, options [nop,nop,TS val 3730713066 ecr 1847945024], length 0
                                          14:47:44.400702 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 276: (tos 0x0, ttl 64, id 63205, offset 0, flags [DF], proto TCP (6), length 262)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4f0f (incorrect -> 0xf5a4), seq 247:457, ack 4405, win 520, options [nop,nop,TS val 3730713074 ecr 1847945024], length 210
                                          14:47:44.406888 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 332: (tos 0x0, ttl 59, id 32337, offset 0, flags [DF], proto TCP (6), length 318)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x5976 (correct), seq 4405:4671, ack 457, win 130, options [nop,nop,TS val 1847945042 ecr 3730713074], length 266
                                          14:47:44.406931 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 33146, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x14a7), seq 457, ack 4671, win 518, options [nop,nop,TS val 3730713080 ecr 1847945042], length 0
                                          14:47:44.407347 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 103: (tos 0x0, ttl 64, id 16572, offset 0, flags [DF], proto TCP (6), length 89)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4e62 (incorrect -> 0xd85d), seq 457:494, ack 4671, win 520, options [nop,nop,TS val 3730713080 ecr 1847945042], length 37
                                          14:47:44.410894 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 31114, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [F.], cksum 0x4e3d (incorrect -> 0x147b), seq 494, ack 4671, win 520, options [nop,nop,TS val 3730713084 ecr 1847945042], length 0
                                          14:47:44.412746 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 32338, offset 0, flags [DF], proto TCP (6), length 52)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [F.], cksum 0x15ff (correct), seq 4671, ack 494, win 130, options [nop,nop,TS val 1847945048 ecr 3730713080], length 0
                                          14:47:44.412801 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 64743, offset 0, flags [DF], proto TCP (6), length 52)
                                              pfsense-IP.43442 > mail-server-IP.587: Flags [F.], cksum 0x4e3d (incorrect -> 0x1472), seq 494, ack 4672, win 520, options [nop,nop,TS val 3730713086 ecr 1847945048], length 0
                                          14:47:44.416204 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 32339, offset 0, flags [DF], proto TCP (6), length 52)
                                              mail-server-IP.587 > pfsense-IP.43442: Flags [.], cksum 0x15f7 (correct), seq 4672, ack 495, win 130, options [nop,nop,TS val 1847945051 ecr 3730713084], length 0

                                          1 Reply Last reply Reply Quote 0
                                          • marcellocM
                                            marcelloc
                                            last edited by

                                            put your capture under [c o d e]  [/c o d e] (without spaces on code word) for a better undestanding

                                            14:47:44.261660 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 37126, offset 0, flags [DF], proto TCP (6), length 60)
                                            pfsense-IP.43442 > mail-server-IP.587: Flags , cksum 0x4e45 (incorrect -> 0xfe42), seq 2694817911, win 65228, options [mss 1460,nop,wscale 7,sackOK,TS val 3730712934 ecr 0], length 0
                                            14:47:44.306341 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 59, id 0, offset 0, flags [DF], proto TCP (6), length 60)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [S.], cksum 0xc474 (correct), seq 307632312, ack 2694817912, win 14480, options [mss 1460,sackOK,TS val 1847944902 ecr 3730712934,nop,wscale 7], length 0
                                            14:47:44.306391 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 27877, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x299c), seq 1, ack 1, win 520, options [nop,nop,TS val 3730712979 ecr 1847944902], length 0
                                            14:47:44.336073 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 59, id 32330, offset 0, flags [DF], proto TCP (6), length 131)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x14db (correct), seq 1:80, ack 1, win 114, options [nop,nop,TS val 1847944949 ecr 3730712979], length 79
                                            14:47:44.336109 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 50477, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x2901), seq 1, ack 80, win 519, options [nop,nop,TS val 3730713009 ecr 1847944949], length 0
                                            14:47:44.336429 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 87: (tos 0x0, ttl 64, id 63278, offset 0, flags [DF], proto TCP (6), length 73)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4e52 (incorrect -> 0x7a9c), seq 1:22, ack 80, win 520, options [nop,nop,TS val 3730713009 ecr 1847944949], length 21
                                            14:47:44.341645 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 32331, offset 0, flags [DF], proto TCP (6), length 52)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [.], cksum 0x2a65 (correct), seq 80, ack 22, win 114, options [nop,nop,TS val 1847944977 ecr 3730713009], length 0
                                            14:47:44.342041 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 306: (tos 0x0, ttl 59, id 32332, offset 0, flags [DF], proto TCP (6), length 292)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x9f00 (correct), seq 80:320, ack 22, win 114, options [nop,nop,TS val 1847944977 ecr 3730713009], length 240
                                            14:47:44.342076 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 57252, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x27db), seq 22, ack 320, win 518, options [nop,nop,TS val 3730713015 ecr 1847944977], length 0
                                            14:47:44.344219 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 76: (tos 0x0, ttl 64, id 64068, offset 0, flags [DF], proto TCP (6), length 62)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4e47 (incorrect -> 0xe56c), seq 22:32, ack 320, win 520, options [nop,nop,TS val 3730713017 ecr 1847944977], length 10
                                            14:47:44.349626 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 96: (tos 0x0, ttl 59, id 32333, offset 0, flags [DF], proto TCP (6), length 82)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x1212 (correct), seq 320:350, ack 32, win 114, options [nop,nop,TS val 1847944985 ecr 3730713017], length 30
                                            14:47:44.349665 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 15982, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x27a1), seq 32, ack 350, win 520, options [nop,nop,TS val 3730713023 ecr 1847944985], length 0
                                            14:47:44.381135 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 281: (tos 0x0, ttl 64, id 32683, offset 0, flags [DF], proto TCP (6), length 267)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4f14 (incorrect -> 0x9b5d), seq 32:247, ack 350, win 520, options [nop,nop,TS val 3730713054 ecr 1847944985], length 215
                                            14:47:44.390630 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 59, id 32334, offset 0, flags [DF], proto TCP (6), length 1500)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [.], seq 350:1798, ack 247, win 122, options [nop,nop,TS val 1847945024 ecr 3730713054], length 1448
                                            14:47:44.390661 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 36301, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x20dd), seq 247, ack 1798, win 509, options [nop,nop,TS val 3730713064 ecr 1847945024], length 0
                                            14:47:44.391858 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1514: (tos 0x0, ttl 59, id 32335, offset 0, flags [DF], proto TCP (6), length 1500)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [.], seq 1798:3246, ack 247, win 122, options [nop,nop,TS val 1847945024 ecr 3730713054], length 1448
                                            14:47:44.391883 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 16571, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x1b34), seq 247, ack 3246, win 509, options [nop,nop,TS val 3730713065 ecr 1847945024], length 0
                                            14:47:44.392776 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 1225: (tos 0x0, ttl 59, id 32336, offset 0, flags [DF], proto TCP (6), length 1211)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [P.], seq 3246:4405, ack 247, win 122, options [nop,nop,TS val 1847945024 ecr 3730713054], length 1159
                                            14:47:44.392800 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 2578, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x16aa), seq 247, ack 4405, win 511, options [nop,nop,TS val 3730713066 ecr 1847945024], length 0
                                            14:47:44.400702 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 276: (tos 0x0, ttl 64, id 63205, offset 0, flags [DF], proto TCP (6), length 262)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4f0f (incorrect -> 0xf5a4), seq 247:457, ack 4405, win 520, options [nop,nop,TS val 3730713074 ecr 1847945024], length 210
                                            14:47:44.406888 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 332: (tos 0x0, ttl 59, id 32337, offset 0, flags [DF], proto TCP (6), length 318)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [P.], cksum 0x5976 (correct), seq 4405:4671, ack 457, win 130, options [nop,nop,TS val 1847945042 ecr 3730713074], length 266
                                            14:47:44.406931 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 33146, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [.], cksum 0x4e3d (incorrect -> 0x14a7), seq 457, ack 4671, win 518, options [nop,nop,TS val 3730713080 ecr 1847945042], length 0
                                            14:47:44.407347 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 103: (tos 0x0, ttl 64, id 16572, offset 0, flags [DF], proto TCP (6), length 89)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [P.], cksum 0x4e62 (incorrect -> 0xd85d), seq 457:494, ack 4671, win 520, options [nop,nop,TS val 3730713080 ecr 1847945042], length 37
                                            14:47:44.410894 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 31114, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [F.], cksum 0x4e3d (incorrect -> 0x147b), seq 494, ack 4671, win 520, options [nop,nop,TS val 3730713084 ecr 1847945042], length 0
                                            14:47:44.412746 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 32338, offset 0, flags [DF], proto TCP (6), length 52)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [F.], cksum 0x15ff (correct), seq 4671, ack 494, win 130, options [nop,nop,TS val 1847945048 ecr 3730713080], length 0
                                            14:47:44.412801 00:08:a2:09:4b:7f > 00:31:46:3d:ab:84, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 64743, offset 0, flags [DF], proto TCP (6), length 52)
                                                pfsense-IP.43442 > mail-server-IP.587: Flags [F.], cksum 0x4e3d (incorrect -> 0x1472), seq 494, ack 4672, win 520, options [nop,nop,TS val 3730713086 ecr 1847945048], length 0
                                            14:47:44.416204 00:31:46:3d:ab:84 > 00:08:a2:09:4b:7f, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 32339, offset 0, flags [DF], proto TCP (6), length 52)
                                                mail-server-IP.587 > pfsense-IP.43442: Flags [.], cksum 0x15f7 (correct), seq 4672, ack 495, win 130, options [nop,nop,TS val 1847945051 ecr 3730713084], length 0
                                            
                                            

                                            This way it's easier to see some cksum 0x4e52 (incorrect -> 0x7a9c) on your tcpdump

                                            Treinamentos de Elite: http://sys-squad.com

                                            Help a community developer! ;D

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.