Hi,
we're trying to use authenticated relaying on a Exchange 2013 server (just one server with all roles) and run into a weird issue. It seems to just close the connection. Basically it seems to authenticate fine, but it closes the connection then...
Any ideas on what's happening?
$ openssl s_client -connect 10.240.8.4:25 -starttls smtp -crlf
CONNECTED(00000003)
depth=0 CN = ex01
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = ex01
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/CN=ex01
i:/CN=ex01
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDAjCCAeqgAwIBAgIQFcr6vm5AipdGqDK7Ms5tCjANBgkqhkiG9w0BAQUFADAP
<some ugly lines stripped>
ZDujIzAC
-----END CERTIFICATE-----
subject=/CN=ex01
issuer=/CN=ex01
---
No client certificate CA names sent
---
SSL handshake has read 1662 bytes and written 521 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : ECDHE-RSA-AES256-SHA
Session-ID: 961800000308780048A7A91B40A5DD1F85B1021FD8C64AE57ADE3E45CD21F509
Session-ID-ctx:
Master-Key: 5958D8CB9E799100D43A93F2957EB4A0A319E82782B773BFB818CD8C9F7C2F1D8316EB1F8C5F034065ADC3716473D835
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1403619173
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
250 XRDST
ehlo test.com
250-ex01.domain.local Hello [10.230.255.1]
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 XRDST
auth login
334 VXNlcm5hbWU6
eWVzLWktZGlkLWFsdGVyLXRoaXM=
334 UGFzc3dvcmQ6
bm8tcmVhbGx5LXN0b3Atd2FzdGluZy11ci10aW1l
DONE
<back to prompt here>