LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 07-03-2008, 07:58 AM   #1
vaibhavs
Member
 
Registered: Jun 2008
Posts: 113

Rep: Reputation: 15
Sendmail TLS disable ?


Hi,

I found this in my maillog ( Sendmail 8.12.11/8.12.11)

---
Jul 3 18:00:36 server sendmail[2041]: STARTTLS=client, relay=mail.xxxxxxx.com., version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
---

In my sendmail.mc, all TLS related lines are commented
-------
dnl #### define(`CERT_DIR',`/etc/mail/certs')
dnl #### define(`confCACERT_PATH',`CERT_DIR')
dnl #### define(`confCACERT',`CERT_DIR/cacert.pem')
dnl #### define(`confSERVER_CERT',`CERT_DIR/cert.pem')
dnl #### define(`confSERVER_KEY',`CERT_DIR/key.pem')
dnl #### define(`confCLIENT_CERT',`CERT_DIR/cert.pem')
dnl #### define(`confCLIENT_KEY',`CERT_DIR/key.pem')
-------

But still I see Sendmail doing a Cert verification.

How can I disable this ? What am I missing?
Please advice.

Thx
Vai
 
Old 07-03-2008, 09:48 AM   #2
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
Its not your side that advertised STARTTLS in this case the remote side did, and sendmail will always use TLS if the remote side advertises it.

The only method i know of disabling it is on a per domain basis in you access db using the Try_TLS option

in this case you need an entry like this
Code:
Try_TLS:mail.xxxx.com       NO
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sendmail TLS rejection tajamari Linux - General 1 11-11-2007 09:23 AM
TLS (SSL) Between Sendmail and Outlook sigtau66 Linux - Security 5 08-30-2006 09:40 PM
Setting up Sendmail to use SASL and TLS rizhun Linux - Software 3 03-22-2006 01:35 PM
Sendmail (with TLS) relay denied freealx Linux - General 1 03-12-2005 04:10 PM
Sendmail TLS relay freealx Linux - Networking 1 03-12-2005 04:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 03:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration