Polina Abramov polinaa at image-vault.com
Mon May 5 15:27:13 CEST 2014

You are right, it was the alert message type, not the alert type.
After some more investigation I now see what is happening but it is still unclear why.

When my smtp client is done sending the email it issues smtp QUIT message  and waits for 221 reply which the server should issue based on SMTP standard. However for some unknown reason 
the client never receives that 221 reply, instead gnutls_record_recv() function returns GNUTLS_E_PREMATURE_TERMINATION. Seems like the server starts termination process without notifying the client.
As a result of not receiving the expected 221 reply, our TLS session times out and that's when the alert to close the session is issued. So the alert that I am seeing is an expected behavior.
The only thing that is unclear here is why don't I receive 221 reply to my QUIT message from gmail and hotmail servers. 
Any ideas about that?


-----Original Message-----
From: n.mavrogiannopoulos at gmail.com [mailto:n.mavrogiannopoulos at gmail.com] On Behalf Of Nikos Mavrogiannopoulos
Sent: Friday, May 02, 2014 3:30 AM
To: Polina Abramov
Cc: gnutls-help at lists.gnutls.org
Subject: Re: [gnutls-help] GNUTLS_E_PREMATURE_TERMINATION error

On Thu, May 1, 2014 at 8:20 PM, Polina Abramov <polinaa at image-vault.com> wrote:
> Thanks!
> I ran wireshark and it looks like at some point my client issues 
> Encrypted Alert 21. Is it something I should be worried about?

How did you see the alert type? (it is encrypted) What you've seen is probably the alert message type which is also 21.

In that case it is most probably that you're sending the close notify alert, that is the proper way to signal the termination of the TLS session. If that's the case you could ignore the premature termination errors are you already intended to terminate it.


More information about the Gnutls-help mailing list