Thanks for the response. Unfortunately, this problem occurs on all local users, not just root, and I don't believe their exposed. It does not occur on our internal users for whom we're acting as a relay. --- Alexander Dalloz <alexander.dalloz@xxxxxxxxxxxxxxxx> wrote: > Am Fr, den 30.01.2004 schrieb Wayne Johnson um 20:32: > > We have a new Fedora system that is suppose to send it's mail (using > > sendmail, no flames PLEASE!), to smtp.comcast.net. When we attempt > to > > send it from a local account, we get an error back that the user is > > invalid. Strange, but it works find for mail being relayed from/for > > other windows machines. > > > > The maillog shows: > > Jan 26 22:35:18 heritage1 sendmail[31926]: STARTTLS=client, > > relay=smtp.comcast.net., version=TLSv1/SSLv3, verify=FAIL, > > cipher=RC4-SHA, > > bits=128/128 > > Jan 26 22:35:18 heritage1 sendmail[31926]: i0R4ZH6U031924: > > to=<wdtj@xxxxxxxxx>, ctladdr=<root@xxxxxxxxxxxxxxxxxxxxxxxxx> (0/0), > > delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30342, > > relay=smtp.comcast.net. [63.240.76.27], dsn=5.1.1, stat=User unknown > > Jan 26 22:35:18 heritage1 sendmail[31926]: i0R4ZH6U031924: > > i0R4ZI6U031926: > > DSN: User unknown > > > > OK, so we're attempting to connect to comcast with TLS and we don't > have > > a > > certificate. I've tried to turn off TLS with several different > methods > > (Srv_Features: V in access, define(`confTLS_SRV_OPTIONS', `V') in > > sendmail.mc, etc.), but sendmail continues to attempt TLS. > > > > How do I turn TLS off! > > > > TIA, > > It's no TLS issue! TLS handshaking between the MTA works and is used by > default. There is no problem with it and does not require a verified > certificate validation. > > Your problem is, that you send mail as user root - which is an exposed > user! - from your sendmail host. This way it is not maqueraded as mail > is which is sent from relayed sender hosts. > > Alexander > > ===== --- Wayne Johnson, | There are two kinds of people: Those 3943 Penn Ave. N. | who say to God, "Thy will be done," Minneapolis, MN 55412-1908 | and those to whom God says, "All right, (612) 522-7003 | then, have it your way." --C.S. Lewis __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/
