[SOLVED] Sendmail failing to establish SSL connections

Issues related to software problems.

[SOLVED] Sendmail failing to establish SSL connections

Postby t1shopper » 2012/03/03 19:04:16

I doubt this could be a bug but after 10 hours of debugging I have to post. The only clue I have left is that regardless if the below lines are used in sendmail.mc or if I comment them out, I get the same SSL errors (140BA0C3, 140770FC, SSL_new, etc) but can't find anything helpful on these codes. The same certs/key are being used on port 443 (apache) and 995 (dovecot) and are working flawlessly so I know the issue has to be Sendmail.

What am I missing?

---== Installed Software ==---[font=Courier]
$ rpm -qa | grep sendmail
sendmail-cf-8.13.8-8.1.el5_7
sendmail-8.13.8-8.1.el5_7
[/font]

---== Sendmail.mc ==---[font=Courier]
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/www.t1shopper.com.ev.crt')dnl
define(`confSERVER_KEY', `/etc/pki/tls/private/www.t1shopper.com.key')dnl
[/font]

---==Testing from remote server ==---[font=Courier]
$ openssl s_client -host www.t1shopper.com -port 465
CONNECTED(00000003)
7948:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:583:
[/font]
---== Here's the mail log from from the above client request ==--- [font=Courier]
Mar 3 18:52:41 www sendmail[9360]: NOQUEUE: connect from [98.142.1.1]
Mar 3 18:52:41 www sendmail[9360]: AUTH: available mech=CRAM-MD5 DIGEST-MD5, allowed mech=LOGIN PLAIN
Mar 3 18:52:41 www sendmail[9360]: q23Iqfve009360: Milter: no active filter
Mar 3 18:52:41 www sendmail[9360]: STARTTLS=server: 9360:error:140BA0C3:SSL routines:SSL_new:null ssl ctx:ssl_lib.c:244:
Mar 3 18:52:41 www sendmail[9360]: q23Iqfve009360: [98.142.1.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to SSLMTA
[/font]
t1shopper
 
Posts: 21
Joined: 2009/12/03 23:15:27

Re: Sendmail failing to establish SSL connections

Postby t1shopper » 2012/03/03 19:22:56

Aaaaaaaaaaarrrrrrrrrrrrrrrrrrrrrr

Permissions. I had the permissions too wide again. I've done that before too. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it. Dang it.


http://ist.uwaterloo.ca/security/howto/2006-08-03/
t1shopper
 
Posts: 21
Joined: 2009/12/03 23:15:27

[SOLVED] Sendmail failing to establish SSL connections

Postby pschaff » 2012/03/04 04:40:46

Thanks for [d]confessing[/d] reporting back. :-) Marking this thread [SOLVED] for posterity.
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America


Return to CentOS 5 - Software Support

Who is online

Users browsing this forum: Bing [Bot] and 3 guests