Can't seem to disable STARTTLS in Fedora sendmail
Rick Stevens
rstevens at vitalstream.com
Fri Jan 30 20:40:14 UTC 2004
Adam Lanier wrote:
> On Fri, 30 Jan 2004 11:32:19 -0800 (PST), Wayne Johnson <wdtj at yahoo.com>
> wrote:
>
>> We have a new Fedora system that is suppose to send it's mail (using
>> sendmail, no flames PLEASE!), to smtp.comcast.net. When we attempt to
>> send it from a local account, we get an error back that the user is
>> invalid. Strange, but it works find for mail being relayed from/for
>> other windows machines.
>
> [snip]
>
>> il.mc, etc.), but sendmail continues to attempt TLS.
>>
>> How do I turn TLS off!
>
>
> This is probably a question better suited to a sendmail mailing
> list/newsgroup but...
>
> The sendmail book lists the following mc file directives that relate to
> starttls:
>
> define(`CERT_DIR', `/etc/mail/certs')
> define(`confCACERT_PATH', `CERT_DIR')
> define(`confCACERT', `CERT_DIR`'/cacert.pem')
> define(`confSERVER_CERT', `CERT_DIR`'/client.cert.pem')
> define(`confSERVER_KEY', `CERT_DIR`'/client.key.pem')
> define(`confCLIENT_CERT', `CERT_DIR`'/client.cert.pem')
> define(`confCLIENT_KEY', `CERT_DIR`'/client.key.pem')
>
> If any of these are in your sendmail.mc, remove them (or rem them out),
> rebuild the sendmail.cf file (with the command: m4 sendmail.mc >
> sendmail.cf) and restart sendmail.
Another way is to edit the current sendmail.cf file and make sure
this line is in it and uncommented:
O TLSSrvOptions=V
This tells sendmail to NOT request the client's certificate. Note that
this option is not safe and is only present in sendmail V8.12.x.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Is that a buffer overflow or are you just happy to see me? -
----------------------------------------------------------------------
More information about the fedora-list
mailing list