LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 12-27-2013, 06:00 AM   #1
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, exMandriva
Posts: 382

Rep: Reputation: 30
sendmail error


Hello!
i get new for me error, when try to send mail to one of address:


Dec 22 04:58:29 sten sm-mta[31252]: STARTTLS=client, relay=allentech.net., version=TLSv1/SSLv3, verify=FAIL, cipher=CAMELLIA256-SHA, bits=256/256

Dec 22 04:58:29 sten sm-mta[31252]: STARTTLS: read error=generic SSL error (-1), errno=0, get_error=error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record
mac, retry=1, ssl_err=1

Dec 22 04:58:29 sten sm-mta[31252]: rBH9OxpV022923: to=<siri@domain>, ctladdr=<john@domain> (1003/100), delay=4+17:33:28, xdelay=00:00:03, mailer=esmtp, pri=247016
85, relay=allentech.net. [69.89.18.145], dsn=4.0.0, stat=Deferred: Input/output error



try to resend that mail after it get back after five days, and get the same.
can anyone tell me, what direction i must to look and so on?
with another recipients i do not have similar problems, all work.
on other hand - i do not sure, i have an ssl3 links to another my email respondents.

my mailserver is slackware64 14.0 with default sendmail....

thanks on advice

Last edited by WiseDraco; 12-27-2013 at 06:15 AM.
 
Old 12-28-2013, 01:35 PM   #2
gengisdave
Member
 
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 280

Rep: Reputation: 56
i think the problem is related to SSL, don't know if caused by TX errors or error in encryption/decryption; what version on ssl are you using?
 
1 members found this post helpful.
Old 12-29-2013, 03:13 AM   #3
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, exMandriva
Posts: 382

Original Poster
Rep: Reputation: 30
openssl-1.0.1d-x86_64-1_slack14.0

i do some research in logfiles, and found, earlier, when mail going ok, there also be a STARTTLS error, but not a second error:

10:24:18 sten sm-mta[22477]: STARTTLS=client, relay=allentech.net., version=TLSv1/SSLv3, verify=FAIL, cipher=CAMELLIA256-SHA, bits=256/256
10:24:36 sten sm-mta[22477]: rB38OFgO022473: to=<siri@allen>, ctladdr=<john@domain> (1003/100), delay=00:00:21, xdelay=00:00:20, mailer=esmtp, pri=7121323, relay=allentech.net. [69.89.18.145], dsn=2.0.0, stat=Sent (OK id=1VnlHO-0003f5-GW)

i restarted sendmail ( ./rc.sendmail restart ), but in that direction no changes...
 
Old 12-29-2013, 04:23 AM   #4
gengisdave
Member
 
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 280

Rep: Reputation: 56
took a quick look at the sendmail source (i have 8.14.7 installed); the error is in file ./sendmail/sfsasl.c, function tls_read (line 717). The function SSL_read fails and returns a value of 0, according to 'man SSL_read' this means it was an improper shutdown.

According to 'man SSL_get_error', SSL_ERROR_SSL is a protocol error. Try to upgade to SSL-1.0.1e and see if it happens again.
 
1 members found this post helpful.
Old 12-29-2013, 05:13 AM   #5
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, exMandriva
Posts: 382

Original Poster
Rep: Reputation: 30
but i do not change or touch my mailserver configuration for several months - and that problem get out about a two or so weeks ago. very strange. now i update openssl and openssl solibs to 1.0.1e and see, what happens

PS upgrades, restart sendmail - and get a

Dec 29 13:13:44 sten sm-mta[20472]: starting daemon (8.14.5): SMTP+queueing@00:25:00
Dec 29 13:13:44 sten sm-msp-queue[20475]: starting daemon (8.14.5): queueing@00:25:00
Dec 29 13:13:47 sten sm-mta[20473]: STARTTLS=client, relay=allentech.net., version=TLSv1/SSLv3, verify=FAIL, cipher=CAMELLIA256-SHA, bits=256/256
Dec 29 13:13:53 sten sm-mta[20473]: rBQF73KP004757: to=<siri@allent>, ctladdr=<john@domain> (1003/100), delay=2+20:06:50, xdelay=00:00:09, maile
r=esmtp, pri=15083832, relay=allentech.net. [69.89.18.145], dsn=2.0.0, stat=Sent (OK id=1VxEJa-0003xb-Qu)

EG look, now it's works!
thank you very much!
but interesting, where is reason? because in my side there not be any changes for long time, and all works until suddently stops. there may cause by other side ( ellentech) upgraded their openssl and there starting some incompatibility between the machines?

Last edited by WiseDraco; 12-29-2013 at 05:17 AM.
 
Old 12-29-2013, 05:29 AM   #6
gengisdave
Member
 
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 280

Rep: Reputation: 56
it seems so, in the last version they changed some protocol behaviour. if upgrading isn't a solution, or you can't do that, you have to force some protocol in place of another
 
Old 12-29-2013, 06:25 AM   #7
WiseDraco
Member
 
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, exMandriva
Posts: 382

Original Poster
Rep: Reputation: 30
ok, thank you again.
the first string, version=TLSv1/SSLv3, verify=FAIL
is, as i understand, because i have no SSL certificates? and if i have a selfmade certificates, without authority signed, i also do not have a good working ssl protocol on mail, as it is with http / apache ( https) ?
its not a big deal, simply want a bit more understand in that topic...
 
Old 12-29-2013, 06:43 AM   #8
gengisdave
Member
 
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 280

Rep: Reputation: 56
the server don't know the CA of the certificate your sendmail is using; for an home sendmail it's quite normal, simply, the server doesn't trust you by certificate, but you can have other credentials, like user/pass login
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Sendmail error - DSN: Remote protocol error Anup D. Linux - Enterprise 1 12-26-2012 06:52 AM
[SOLVED] Sendmail "user stat unknown error " while delivering error out sanjay87 Linux - Server 1 02-29-2012 09:54 AM
sendmail: STARTTLS read error=generic SSL error.... All of a sudden! 3dMaster Linux - Server 2 12-08-2010 05:41 AM
Sendmail: eocket wedge , 504 error , dsn error, mail relay connection error djcs Debian 0 03-03-2009 12:41 AM
Sendmail Error while sendmail mail palavsachin27 Linux - Networking 1 01-22-2003 04:14 PM


All times are GMT -5. The time now is 07:09 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration