From owner-freebsd-chat Sun Jun 10 19:49:56 2001 Delivered-To: freebsd-chat@freebsd.org Received: from riker.skynet.be (riker.skynet.be [195.238.3.132]) by hub.freebsd.org (Postfix) with ESMTP id 6A2F837B405 for ; Sun, 10 Jun 2001 19:49:51 -0700 (PDT) (envelope-from brad.knowles@skynet.be) Received: from [194.78.241.123] ([194.78.241.123]) by riker.skynet.be (8.11.2/8.11.2/Skynet-OUT-2.11) with ESMTP id f5B2nL617186; Mon, 11 Jun 2001 04:49:21 +0200 (MET DST) (envelope-from ) Mime-Version: 1.0 X-Sender: bs663385@pop.skynet.be Message-Id: In-Reply-To: <200106101336.f5ADa1U61233@lists.unixathome.org> References: <200106100343.f5A3hjU53739@lists.unixathome.org>; from dan@langille.org on Sat, Jun 09, 2001 at 11:43:44PM -0400 <200106101336.f5ADa1U61233@lists.unixathome.org> Date: Mon, 11 Jun 2001 04:37:36 +0200 To: dan@langille.org, Alex Zepeda From: Brad Knowles Subject: Re: MTA authentications Cc: chat@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 9:36 AM -0400 6/10/01, Dan Langille wrote: > Interesting. I just tried a manual message: > > [dan@lists:/etc/mail] $ telnet mail.thedatasource.net 25 > Trying 207.91.110.72... > Connected to mail.thedatasource.net. > Escape character is '^]'. > 220 thedatasource.net ESMTP CommuniGate Pro 3.2.4 > helo lists.unixathome.org > 250 thedatasource.net is pleased to meet you Right. You did "HELO" and not "EHLO", so you didn't see their extended greeting. It is: % telnet mail.thedatasource.net 25 Trying 207.91.110.72... Connected to mail.thedatasource.net. Escape character is '^]'. 220 thedatasource.net ESMTP CommuniGate Pro 3.2.4 ehlo me 250-thedatasource.net domain name should be qualified me 250-HELP 250-PIPELINING 250-ETRN 250-DSN 250-STARTTLS 250-SIZE 250-AUTH=LOGIN 250-AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5 250 EHLO quit 221 thedatasource.net SMTP The Data Source Network Closing - All Your e-mail Are Belong To Us! Connection closed by foreign host. Note that they advertise STARTTLS compatibility. > Which appears to have worked... But when I tried to send a message > to the postmaster: It's hard to say. I know that Microsoft screwed up the implementation of SMTPAUTH in their Microsoft Exchange server, and it freaks out and is unable to send any mail at all, if the outbound mail relay it's talking to advertises SMTPAUTH on port 25. That's why you make sure that you instead advertise these sorts of things on port 587, the new "submission" port. However, it would not surprise me to find that CommuniGate screwed up STARTTLS, or that they don't have a valid certificate. For that matter, you might not have a valid certificate. In your case, I'd try modifying your sendmail configuration so as to not try to use STARTTLS even when it's advertised by the remote end, and see if that fixes the problem (alternatively, this may require rebuilding and reinstalling sendmail). If this works, then you could either leave your system this way, or get a certificate set up properly, and then go back to the previous sendmail configuration, and see if that works. If it does, then you're now more secure, and this should be an improvement. -- Brad Knowles, /* efdtt.c Author: Charles M. Hannum */ /* Represented as 1045 digit prime number by Phil Carmody */ /* Prime as DNS cname chain by Roy Arends and Walter Belgers */ /* */ /* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */ /* where title-key = "153 2 8 105 225" or other similar 5-byte key */ dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message