Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
12-27-2013, 07:00 AM
|
#1
|
Member
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 591
Rep:
|
sendmail error
Hello!
i get new for me error, when try to send mail to one of address:
Dec 22 04:58:29 sten sm-mta[31252]: STARTTLS=client, relay=allentech.net., version=TLSv1/SSLv3, verify=FAIL, cipher=CAMELLIA256-SHA, bits=256/256
Dec 22 04:58:29 sten sm-mta[31252]: STARTTLS: read error=generic SSL error (-1), errno=0, get_error=error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record
mac, retry=1, ssl_err=1
Dec 22 04:58:29 sten sm-mta[31252]: rBH9OxpV022923: to=<siri@domain>, ctladdr=<john@domain> (1003/100), delay=4+17:33:28, xdelay=00:00:03, mailer=esmtp, pri=247016
85, relay=allentech.net. [69.89.18.145], dsn=4.0.0, stat=Deferred: Input/output error
try to resend that mail after it get back after five days, and get the same.
can anyone tell me, what direction i must to look and so on?
with another recipients i do not have similar problems, all work.
on other hand - i do not sure, i have an ssl3 links to another my email respondents.
my mailserver is slackware64 14.0 with default sendmail....
thanks on advice
Last edited by WiseDraco; 12-27-2013 at 07:15 AM.
|
|
|
12-28-2013, 02:35 PM
|
#2
|
Member
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 328
Rep:
|
i think the problem is related to SSL, don't know if caused by TX errors or error in encryption/decryption; what version on ssl are you using?
|
|
1 members found this post helpful.
|
12-29-2013, 04:13 AM
|
#3
|
Member
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 591
Original Poster
Rep:
|
openssl-1.0.1d-x86_64-1_slack14.0
i do some research in logfiles, and found, earlier, when mail going ok, there also be a STARTTLS error, but not a second error:
10:24:18 sten sm-mta[22477]: STARTTLS=client, relay=allentech.net., version=TLSv1/SSLv3, verify=FAIL, cipher=CAMELLIA256-SHA, bits=256/256
10:24:36 sten sm-mta[22477]: rB38OFgO022473: to=<siri@allen>, ctladdr=<john@domain> (1003/100), delay=00:00:21, xdelay=00:00:20, mailer=esmtp, pri=7121323, relay=allentech.net. [69.89.18.145], dsn=2.0.0, stat=Sent (OK id=1VnlHO-0003f5-GW)
i restarted sendmail ( ./rc.sendmail restart ), but in that direction no changes...
|
|
|
12-29-2013, 05:23 AM
|
#4
|
Member
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 328
Rep:
|
took a quick look at the sendmail source (i have 8.14.7 installed); the error is in file ./sendmail/sfsasl.c, function tls_read (line 717). The function SSL_read fails and returns a value of 0, according to 'man SSL_read' this means it was an improper shutdown.
According to 'man SSL_get_error', SSL_ERROR_SSL is a protocol error. Try to upgade to SSL-1.0.1e and see if it happens again.
|
|
1 members found this post helpful.
|
12-29-2013, 06:13 AM
|
#5
|
Member
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 591
Original Poster
Rep:
|
but i do not change or touch my mailserver configuration for several months - and that problem get out about a two or so weeks ago. very strange. now i update openssl and openssl solibs to 1.0.1e and see, what happens
PS upgrades, restart sendmail - and get a
Dec 29 13:13:44 sten sm-mta[20472]: starting daemon (8.14.5): SMTP+queueing@00:25:00
Dec 29 13:13:44 sten sm-msp-queue[20475]: starting daemon (8.14.5): queueing@00:25:00
Dec 29 13:13:47 sten sm-mta[20473]: STARTTLS=client, relay=allentech.net., version=TLSv1/SSLv3, verify=FAIL, cipher=CAMELLIA256-SHA, bits=256/256
Dec 29 13:13:53 sten sm-mta[20473]: rBQF73KP004757: to=<siri@allent>, ctladdr=<john@domain> (1003/100), delay=2+20:06:50, xdelay=00:00:09, maile
r=esmtp, pri=15083832, relay=allentech.net. [69.89.18.145], dsn=2.0.0, stat=Sent (OK id=1VxEJa-0003xb-Qu)
EG look, now it's works!
thank you very much!
but interesting, where is reason? because in my side there not be any changes for long time, and all works until suddently stops. there may cause by other side ( ellentech) upgraded their openssl and there starting some incompatibility between the machines?
Last edited by WiseDraco; 12-29-2013 at 06:17 AM.
|
|
|
12-29-2013, 06:29 AM
|
#6
|
Member
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 328
Rep:
|
it seems so, in the last version they changed some protocol behaviour. if upgrading isn't a solution, or you can't do that, you have to force some protocol in place of another
|
|
|
12-29-2013, 07:25 AM
|
#7
|
Member
Registered: Nov 2006
Location: Europe,Latvia,Riga
Distribution: slackware,slax, OS X, exMandriva
Posts: 591
Original Poster
Rep:
|
ok, thank you again.
the first string, version=TLSv1/SSLv3, verify=FAIL
is, as i understand, because i have no SSL certificates? and if i have a selfmade certificates, without authority signed, i also do not have a good working ssl protocol on mail, as it is with http / apache ( https) ?
its not a big deal, simply want a bit more understand in that topic...
|
|
|
12-29-2013, 07:43 AM
|
#8
|
Member
Registered: Dec 2013
Location: Turin, Italy
Distribution: slackware
Posts: 328
Rep:
|
the server don't know the CA of the certificate your sendmail is using; for an home sendmail it's quite normal, simply, the server doesn't trust you by certificate, but you can have other credentials, like user/pass login
|
|
1 members found this post helpful.
|
All times are GMT -5. The time now is 11:38 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|