Adam Lanier wrote:
On Fri, 30 Jan 2004 11:32:19 -0800 (PST), Wayne Johnson <wdtj@xxxxxxxxx>
wrote:
We have a new Fedora system that is suppose to send it's mail (using
sendmail, no flames PLEASE!), to smtp.comcast.net. When we attempt to
send it from a local account, we get an error back that the user is
invalid. Strange, but it works find for mail being relayed from/for
other windows machines.
[snip]
il.mc, etc.), but sendmail continues to attempt TLS.
How do I turn TLS off!
This is probably a question better suited to a sendmail mailing
list/newsgroup but...
The sendmail book lists the following mc file directives that relate to
starttls:
define(`CERT_DIR', `/etc/mail/certs')
define(`confCACERT_PATH', `CERT_DIR')
define(`confCACERT', `CERT_DIR`'/cacert.pem')
define(`confSERVER_CERT', `CERT_DIR`'/client.cert.pem')
define(`confSERVER_KEY', `CERT_DIR`'/client.key.pem')
define(`confCLIENT_CERT', `CERT_DIR`'/client.cert.pem')
define(`confCLIENT_KEY', `CERT_DIR`'/client.key.pem')
If any of these are in your sendmail.mc, remove them (or rem them out),
rebuild the sendmail.cf file (with the command: m4 sendmail.mc >
sendmail.cf) and restart sendmail.
Another way is to edit the current sendmail.cf file and make sure
this line is in it and uncommented:
O TLSSrvOptions=V
This tells sendmail to NOT request the client's certificate. Note that
this option is not safe and is only present in sendmail V8.12.x.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens@xxxxxxxxxxxxxxx -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Is that a buffer overflow or are you just happy to see me? -
----------------------------------------------------------------------
