Q: Postfix logging mismatch in OpenSSL versions after Server upgrade

I am seeing this too. So far there are no ill effects and I don't think it will be an issue (other than the warning message). I doubt that this can be fixed without re-compiling Postfix against the correct library/header. Will investigate though.

I'm using ATT Uverse as my ISP. Configured the OS X Mail Server to relay through their relay server with no problems. After upgrading to El Capitan I know get  warning: run-time library vs. compile-time header version mismatch: OpenSSL 2.0.0 may not be compatible with OpenSSL 0.9.8.

The Email Server will receive emails but fails to send. The mailq shows timeout errors connecting to the relay.

After issuing sudo postsuper -d ALL it reports back that the mail server isn't running even though the Server.app says it is.

Doesn't sound like it is related to the original poster's issue. If connecting to your SMTP relay was an SSL issue, you would see an actual SSL error related to the relay, not just a time out.

I'd ask the admin of your relay server to tell you why it doesn't accept mail from your server if you have no real clues in your logs.

And... best to open a new thread for this.

I am having the same experience as the OP and pterobyte.  So far, no ill effects noticed, but concerned.

I am also seeing this.

Further, SMTP seems to no longer be able to authenticate.  I'm seeing:

error: validate response: authentication failed for user

It seems SMTP is working without authentication (very bad), but all authentication is broken.  All I did was upgrade our Mac (as per devonExpat).

Ok, I may be wrong about the authentication error.  So possibly there are no errors as a result.

I'm receiving the same exact message in smtp server logs after updating to El Capitan 10.11.4, Server 5.1. It doesn't appear to be impacting mail workflow, but I'm concerned if there is a vulnerability now in the server, or if 10.11.4 only partially patched mail components. I'm guessing it has to do with a sloppy deploy/cleanup on Apple's part, since OpenSSL was part of the update. They seem to be botching more updates in recent years.

About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002 - Apple Support

Did you ever find a solution to this problem. I have been getting this message as well. In fact for quite some time it was repeating every 4 seconds, not now though, just when a mail is sent or received.

Dave

The same error here, no problems with sending mail... BUT, people who uses Google mail gets a error message:

Delivery to the following recipient failed permanently:

    xx@xxxxxxx.xx

Technical details of permanent failure:

Google tried to deliver your message, but it was rejected by the server for the recipient domain xxxxxx.xx by mail.xxxxxx.xx. [2a01:7c8:eb:0:95:170:70:62].

The error that the other server returned was:

554 5.7.1 <mail-wm0-x234.google.com[2a00:1450:400c:c09::234]>: Client host rejected: Access denied

It looks like that Google wants to setup an ssl connection, but there is the mismatch and as result: Acces Denied.

I had it on my mailserver, rebuild a new one, new os installation and new server installation (not use of backup, total clean install) but i get the same errors. aAnd people from Google mail gets this messages. Send mail from gmail.com is no problem.