Date: Mon, 3 Feb 2003 17:55:37 -0500 From: Mikhail Teterin <mi+mx@aldan.algebra.com> To: questions@FreeBSD.org, net@FreeBSD.org Subject: sendmail and SSL-based relaying Message-ID: <200302031755.37824.mi%2Bmx@aldan.algebra.com>
next in thread | raw e-mail | index | archive | help
Hello! I set things up once some time ago for one of my machines to relay e-mail from another -- based on SSL-certificate presented. I'm my own issuer. The setup was working for a while, but broke recently -- the relay-to-be now rejects relaying, even though it verifies the certificate Ok. Here are the relevant log messages: Feb 3 17:36:57 aldan sm-mta[6650]: STARTTLS=server, relay=centurion@corbulon.video-collage.com [64.35.99.179], version=TLSv1/SSLv3, verify=OK, cipher=EDH-RSA-DES-CBC3-SHA, bits=168/168 Feb 3 17:36:57 aldan sm-mta[6650]: STARTTLS=server, cert-subject=/C=US/ST=Massachusetts/L=Jamaica+20Plain/O=Video+20Collage,+20Inc./OU=Mail+20Server/CN=corbulon.video-collage.com/emailAddress=m, cert-issuer=/C=US/ST=Massachusetts/L=Jamaica+20Plain/O=Video+20Collage,+20Inc./OU=SSL+20Certificate+20Authority/CN=Video+20Collage+20CA/emai [...] Feb 3 17:49:24 aldan sm-mta[6699]: h13MnNBO006699: <-- RCPT To:<x@mail.ru> Feb 3 17:49:24 aldan sm-mta[6699]: h13MnNBO006699: --- 550 5.7.1 <x@mail.ru>... Relaying denied The (my own) authority's certificate did not change in months, and neither did the the /etc/mail/access. What changed was the sendmail's version on both ends (sendmail-tls-8.12.7_2 on the sender, and 8.12.6 on the relay) and the .cf files, which were re-made from the old .mc ones. Any clues? Thanks! -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302031755.37824.mi%2Bmx>