[sclug] Mail TLS Errors
Chris Aitken
chris at ion-dreams.com
Mon Jan 16 09:39:43 UTC 2006
> Hi,
>
> At the meeting last week I mentioned that I'd started to see
> Errors in maillog in the form:-
>
>
> Jan 14 10:26:23 l-oeuf sendmail[13414]: STARTTLS=client,
> relay=chimera.domian.com., version=TLSv1/SSLv3, verify=FAIL,
> cipher=DHE-RSA-AES256-SHA, bits=256/256
>
> However the mail does get delivered.
>
> Jan 14 10:26:23 l-oeuf sendmail[13414]: k0EAOn5G013392:
> to=<somebody at the.domain.com>, delay=00:01:19,
> xdelay=00:00:01, mailer=esmtp, pri=1676204,
> relay=chimera.domain.com. [80.68.92.172], dsn=2.0.0,
> stat=Sent (OK id=1Exic3-0005yR-K3)
>
> So can I stop sendmail attempting the TLS session?
>
>
> This particular example was mail to Chris A but I changed the
> hostnames :-) I get it for several other people too.
Looks like it is just the TLS/SSL verification failing (as you do not have
my SSL cert for server or cert. authority). The MTA will still send the
email regardless though.
In exim one can stop the TLS bit, so there must be something similar for
sendmail. My exim setup fires a starttls, and if that is not understodd,
drops back to unencrypted content.
Chris
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Sclug
mailing list