newest sendmail packages break STARTTLS...
I've been trying to set up a new debian based email server
for a client and its a horrible nightmare to get both
STARTTLS and AUTH working.
Let's just tackle STARTTLS for this message.
When ever I try anything in evolution that attempts a STARTTLS
I get this evolution error dialog:
Error while performing operation:
Failed to connect to SMTP server mail.cyte.com in secure mode:
Input/output error
if I look in /var/log/mail.log I see this...
Sep 28 22:40:42 mail sm-mta[17847]: STARTTLS=server, error: accept
failed=-1, SSL_error=1, timedout=0, errno=0
Sep 28 22:40:42 mail sm-mta[17847]: STARTTLS=server:
7847:error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or
bad record mac:s3_pkt.c:424:
Sep 28 22:40:42 mail sm-mta[17847]: h8T5egvu017847: mail [127.0.0.1]
did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
So it looks like something is seriously broken with some sort of
decryption routine. My other, older debian box didn't have this
problem until I did this:
apt-get remove --purge sendmail sasl2-bin
rm -rf /etc/mail
apt-get install sasl2-bin
<edited sasl config and start saslauthd>
apt-get install sendmail
<configure sendmail and add the two include lines for tls and sasl>
remake the .cf files and then restart and sendmail and...
viola! now this machine also can't handle STARTTLS with exactly the
same errors being reported.
So I think something is seriously wrong with STARTTLS in the latest
sendmail package.
Does anybody know how to fix this?
- Jeff
Reply to: