Date: Mon, 11 Jun 2001 04:37:36 +0200 From: Brad Knowles <brad.knowles@skynet.be> To: dan@langille.org, Alex Zepeda <jazepeda@pacbell.net> Cc: chat@FreeBSD.ORG Subject: Re: MTA authentications Message-ID: <p05100306b749ddc2c10f@[194.78.241.123]> In-Reply-To: <200106101336.f5ADa1U61233@lists.unixathome.org> References: <200106100343.f5A3hjU53739@lists.unixathome.org>; from dan@langille.org on Sat, Jun 09, 2001 at 11:43:44PM -0400 <200106101336.f5ADa1U61233@lists.unixathome.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 9:36 AM -0400 6/10/01, Dan Langille wrote:
> Interesting. I just tried a manual message:
>
> [dan@lists:/etc/mail] $ telnet mail.thedatasource.net 25
> Trying 207.91.110.72...
> Connected to mail.thedatasource.net.
> Escape character is '^]'.
> 220 thedatasource.net ESMTP CommuniGate Pro 3.2.4
> helo lists.unixathome.org
> 250 thedatasource.net is pleased to meet you
Right. You did "HELO" and not "EHLO", so you didn't see their
extended greeting. It is:
% telnet mail.thedatasource.net 25
Trying 207.91.110.72...
Connected to mail.thedatasource.net.
Escape character is '^]'.
220 thedatasource.net ESMTP CommuniGate Pro 3.2.4
ehlo me
250-thedatasource.net domain name should be qualified me
250-HELP
250-PIPELINING
250-ETRN
250-DSN
250-STARTTLS
250-SIZE
250-AUTH=LOGIN
250-AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5
250 EHLO
quit
221 thedatasource.net SMTP The Data Source Network Closing - All Your
e-mail Are Belong To Us!
Connection closed by foreign host.
Note that they advertise STARTTLS compatibility.
> Which appears to have worked... But when I tried to send a message
> to the postmaster:
It's hard to say. I know that Microsoft screwed up the
implementation of SMTPAUTH in their Microsoft Exchange server, and it
freaks out and is unable to send any mail at all, if the outbound
mail relay it's talking to advertises SMTPAUTH on port 25. That's
why you make sure that you instead advertise these sorts of things on
port 587, the new "submission" port.
However, it would not surprise me to find that CommuniGate
screwed up STARTTLS, or that they don't have a valid certificate.
For that matter, you might not have a valid certificate.
In your case, I'd try modifying your sendmail configuration so as
to not try to use STARTTLS even when it's advertised by the remote
end, and see if that fixes the problem (alternatively, this may
require rebuilding and reinstalling sendmail).
If this works, then you could either leave your system this way,
or get a certificate set up properly, and then go back to the
previous sendmail configuration, and see if that works. If it does,
then you're now more secure, and this should be an improvement.
--
Brad Knowles, <brad.knowles@skynet.be>
/* efdtt.c Author: Charles M. Hannum <root@ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p05100306b749ddc2c10f>