LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-10-2011, 09:43 AM   #1
fortez
Member
 
Registered: May 2009
Posts: 35

Rep: Reputation: 0
starttls & sendmail doubt


I have configured sendmail with startssl.
In my case i have not used certificate for client (so i have integrity and privacy but not sure authentication, i.e.identification of peer by certificate

From my log i see:

Code:
sendmail[4122]: STARTTLS=server, relay=[x.x.x.x], version=TLSv1/SSLv3, verify=NO, cipher=AES128-SHA, bits=128/128
sendmail[4122]: h279vxxu023679: from=<user1@domain1.com>, size=3096, class=0, nrcpts=2, msgid=<7A8BA31A-Z111-44AD-ACB0-E6ac56f6C41A@domain.com>, proto=ESMTP, daemon=MTA, relay=[x.x.x.x]
sendmail[4124]: h279vxxu023679: to=<user2@domain2.com>,delay=00:00:09, xdelay=00:00:02, mailer=relay, pri=153096, relay=zzzzzzz [y.y.y.y], dsn=2.0.0, stat=Sent (Ok: queued as .........)
verify=NO show that client certificate is not been presented, ad it is normal becuase i have not configurated it on client.

My doubt is:

STARTTLS=server, relay=[x.x.x.x], version=TLSv1/SSLv3, show that communication is encrypted (as i want)?

Thanks
 
Old 03-10-2011, 10:51 AM   #2
hua
Member
 
Registered: Oct 2006
Location: Slovak Republic
Distribution: Slackware 14.2, current
Posts: 463

Rep: Reputation: 79
Quote:
STARTTLS=server, relay=[x.x.x.x], version=TLSv1/SSLv3, show that communication is encrypted (as i want)?
Yes, encrypted. But I don't know what you want (You may want some specific encryption)
Quote:
verify=NO show that client certificate is not been presented, and it is normal because i have not configured it on client.
I don't think this is the case. But I didn't really checked this. I only know that I can see in my logs Verify=OK when my to servers sends email one to another. Both has correctly signed certificates by CA authority (CAcert). I think that it is about the fact that this two certificates can be verified by the CAcert (certificate authority). (I cannot see it on my MUAs which has certificates - Verify=NO)

Last edited by hua; 03-10-2011 at 11:00 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sendmail: STARTTLS read error=generic SSL error.... All of a sudden! 3dMaster Linux - Server 2 12-08-2010 06:41 AM
Sendmail STARTTLS error "tls_verify_cb, ssl == null" fast-reflexes Linux - Server 2 07-23-2010 03:13 AM
sendmail config has me stumped, StartTLS and relaying irishbitte Linux - Server 1 05-28-2009 05:50 PM
can't build sendmail v8.13.4 with starttls support on slack 10.1 ddaas Slackware 5 10-01-2008 02:31 AM
Sendmail STARTTLS Manuel-H Linux - General 0 04-11-2003 09:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration