sending mail with squirrelmail

Phil Anderson pza at
Mon Dec 20 12:03:26 UTC 2004

Nathan Lee Reynolds (yibble) wrote:

>On Mon, 2004-12-20 at 15:08 +1100, Phil Anderson wrote:
>>Is anyone else having problems sending mail with squirrelmail?  This is
>>the only remaining problem I have before I'm switching my server to
>>enforcing mode.  The attachment problem was fixed in the latest policy
>Same problem here, I have yet to find time to investigate :D
I think this is a TLS problem - not a squirrelmail problem - take a look 
at the following.  I think sendmail needs access the random number 
generator?  Or am I off track?

sendmail[4239]: iBJBWAxA004239: Authentication-Warning: 
apache set sender to xxxx at using -f
sendmail[4239]: iBJBWAxA004239: from=xxxx at, size=1042, 
class=0, nrcpts=1, msgid=<32 at>, relay=apache at localhost
sendmail[4239]: iBJBWAxA004239: STARTTLS=client, error: connect 
failed=-1, SSL_error=1, timedout=0, errno=0
sendmail[4239]: STARTTLS=client: 4239:error:24064064:random number 
generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:503:You need to 
read the OpenSSL FAQ,
sendmail[4239]: STARTTLS=client: 4239:error:05067003:Diffie-Hellman 
routines:DH_generate_key:BN lib:dh_key.c:153:
sendmail[4239]: STARTTLS=client: 4239:error:14098005:SSL 
routines:SSL3_SEND_CLIENT_KEY_EXCHANGE:DH lib:s3_clnt.c:1655:
sendmail[4239]: ruleset=tls_server, arg1=SOFTWARE, relay=[], 
reject=403 4.7.0 TLS handshake.
sendmail[4239]: iBJBWAxA004239: to=xxxx at xxxx, ctladdr=xxxx at 
(48/48), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31042, 
relay=[] [], dsn=4.0.0, stat=Deferred: 403 4.7.0 TLS 
sendmail[4240]: STARTTLS=server, error: accept failed=0, SSL_error=5, 
timedout=0, errno=0
sendmail[4240]: iBJBWAHc004240: localhost.localdomain [] did 
not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

kernel: audit(1103515248.224:0): avc:  denied  {
    read } for  pid=12496 exe=/usr/sbin/sendmail.sendmail name=urandom
    dev=tmpfs ino=870 scontext=user_u:system_r:system_mail_t
    tcontext=system_u:object_r:urandom_device_t tclass=chr_file

More information about the fedora-selinux-list mailing list