Can't seem to disable STARTTLS in Fedora sendmail

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Fri Jan 30 20:56:56 UTC 2004 

Am Fr, den 30.01.2004 schrieb Rick Stevens um 21:40:
> Adam Lanier wrote:
> > On Fri, 30 Jan 2004 11:32:19 -0800 (PST), Wayne Johnson <wdtj at yahoo.com> 
> > wrote:
> > 
> >> We have a new Fedora system that is suppose to send it's mail (using
> >> sendmail, no flames PLEASE!), to smtp.comcast.net.  When we attempt to
> >> send it from a local account, we get an error back that the user is
> >> invalid.  Strange, but it works find for mail being relayed from/for
> >> other windows machines.
> > 
> > [snip]
> > 
> >> il.mc, etc.), but sendmail continues to attempt TLS.
> >>
> >> How do I turn TLS off!
> > 
> > 
> > This is probably a question better suited to a sendmail mailing 
> > list/newsgroup but...
> > 
> > The sendmail book lists the following mc file directives that relate to 
> > starttls:
> > 
> > define(`CERT_DIR', `/etc/mail/certs')
> > define(`confCACERT_PATH', `CERT_DIR')
> > define(`confCACERT', `CERT_DIR`'/cacert.pem')
> > define(`confSERVER_CERT', `CERT_DIR`'/client.cert.pem')
> > define(`confSERVER_KEY', `CERT_DIR`'/client.key.pem')
> > define(`confCLIENT_CERT', `CERT_DIR`'/client.cert.pem')
> > define(`confCLIENT_KEY', `CERT_DIR`'/client.key.pem')
> > 
> > If any of these are in your sendmail.mc, remove them (or rem them out), 
> > rebuild the sendmail.cf file (with the command: m4 sendmail.mc > 
> > sendmail.cf) and restart sendmail.
> 
> Another way is to edit the current sendmail.cf file and make sure
> this line is in it and uncommented:
> 
> 	O TLSSrvOptions=V
> 
> This tells sendmail to NOT request the client's certificate.  Note that
> this option is not safe and is only present in sendmail V8.12.x.

Really a bad idea to edit the sendmail.cf directly. Each service restart
will delete such a manual direct setting in the .cf file! And editing
the sendmai.cf directly often causes errors. Even the OP did set that
with define(`confTLS_SRV_OPTIONS', `V') in the sendmail.mc file.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2149.nptl
Sirendipity 21:54:35 up 4:10, 7 users, 0.02, 0.37, 1.05 
                   [ Γνωθι σ'αυτον - gnothi seauton ]

More information about the fedora-list mailing list