Re: Q: How to set up Sendmail to use port 587, local certs, etc?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Miles Brennan wrote:

>Philip Prindeville wrote:
>  
>
>>Hi.
>>
>>I have a mail host that accepts mail externally from untrusted hosts
>>on port 25, and internally I'd like to use SMTP-over-SSL over
>>port 587 (as per RFC 2476).
>>Thanks,
>>-Philip
>>    
>>
>
>I've written a detailed FC5 HOWTO here:
>http://www.brennan.id.au/12-Sendmail_Server.html . It's enough to get
>you started.
>
>I haven't had time to do explicit testing and upgrade the HOWTO from
>FC5, however most of the configs are still FC6 compatible.
>
>Cheers,
>Miles
>  
>

Gave it a gander, thanks.

But I still have a couple of questions.  This is to use TLS (port 465),
right?

Not SMTP-over-SSL on port 587.

My understanding was that TLS was deprecated, and that a lot of
UA's didn't do it correctly.

Also, when you have client sendmail's running, how do you configure
them to use the certificate to authenticate themselves with the mailhost?

I tried changing the stock submit.mc to:

...
define(`confCLIENT_CERT',`/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCLIENT_KEY',`/etc/pki/tls/certs/sendmail.pem')dnl
dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1]
FEATURE(`msp', `[192.168.1.3]', `MSA')dnl

but no joy.  What am I missing?

Oh, and I copied the sendmail.pem file from the server to the
client as well.

-Philip



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux