warthog9

stubs toe

OW, what the heck was that...

Ohhhhh, 'hi' Paypal, I see you stopped being able to send me e-mail back in October and I only just noticed. Lets take a look at why...

Apr 2 11:37:29 shards postfix/smtpd[85832]: SSL_accept error from mx0.slc.paypal.com[173.0.84.225]: Connection timed out
Apr 2 11:37:29 shards postfix/smtpd[85832]: lost connection after STARTTLS from mx0.slc.paypal.com[173.0.84.225]

And that started back on October 18th (about when EPEL switched to OpenSSL 3.5, and Postfix got updated)?

Ok, kicks and giggles lets try a newer Postfix. Nope, didn't solve it.

Sooooo disables TLS announcement to Paypal's netblock

Ohhh THAT works?

So yeah #PayPal not only has broken TLS support somewhere, but they also don't try secondary MXes listed in DNS. That's pretty epicly bad e-mail setup frankly.

Apr 4 at 8:48pmWeb
Show threadMarcus Müller1d ago
@warthog9 not to mention epic monitoring to not notice that in an operation of that scale
Show threadwarthog91d ago
@funkylab It feels epicly sus that I tripped over it 6 months on only because Paypal was complaining they couldn't send me an e-mail. I also can't replicate it so something is very off somewhere, and I'm not convinced it's on my side.