Can't seem to disable STARTTLS in Fedora sendmail
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Fri Jan 30 20:56:56 UTC 2004
Am Fr, den 30.01.2004 schrieb Rick Stevens um 21:40:
> Adam Lanier wrote:
> > On Fri, 30 Jan 2004 11:32:19 -0800 (PST), Wayne Johnson <wdtj at yahoo.com>
> > wrote:
> >
> >> We have a new Fedora system that is suppose to send it's mail (using
> >> sendmail, no flames PLEASE!), to smtp.comcast.net. When we attempt to
> >> send it from a local account, we get an error back that the user is
> >> invalid. Strange, but it works find for mail being relayed from/for
> >> other windows machines.
> >
> > [snip]
> >
> >> il.mc, etc.), but sendmail continues to attempt TLS.
> >>
> >> How do I turn TLS off!
> >
> >
> > This is probably a question better suited to a sendmail mailing
> > list/newsgroup but...
> >
> > The sendmail book lists the following mc file directives that relate to
> > starttls:
> >
> > define(`CERT_DIR', `/etc/mail/certs')
> > define(`confCACERT_PATH', `CERT_DIR')
> > define(`confCACERT', `CERT_DIR`'/cacert.pem')
> > define(`confSERVER_CERT', `CERT_DIR`'/client.cert.pem')
> > define(`confSERVER_KEY', `CERT_DIR`'/client.key.pem')
> > define(`confCLIENT_CERT', `CERT_DIR`'/client.cert.pem')
> > define(`confCLIENT_KEY', `CERT_DIR`'/client.key.pem')
> >
> > If any of these are in your sendmail.mc, remove them (or rem them out),
> > rebuild the sendmail.cf file (with the command: m4 sendmail.mc >
> > sendmail.cf) and restart sendmail.
>
> Another way is to edit the current sendmail.cf file and make sure
> this line is in it and uncommented:
>
> O TLSSrvOptions=V
>
> This tells sendmail to NOT request the client's certificate. Note that
> this option is not safe and is only present in sendmail V8.12.x.
Really a bad idea to edit the sendmail.cf directly. Each service restart
will delete such a manual direct setting in the .cf file! And editing
the sendmai.cf directly often causes errors. Even the OP did set that
with define(`confTLS_SRV_OPTIONS', `V') in the sendmail.mc file.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2149.nptl
Sirendipity 21:54:35 up 4:10, 7 users, 0.02, 0.37, 1.05
[ Γνωθι σ'αυτον - gnothi seauton ]
More information about the fedora-list
mailing list