Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: AIX sendmail and tls
Operating Systems AIX AIX sendmail and tls Post 302943258 by Linusolaradm1 on Wednesday 6th of May 2015 10:22:40 PM
Old 05-06-2015
AIX sendmail and tls
The situation

Code:
Version AIX7.1/8.14.4
 Compiled with: DNSMAP LDAPMAP LDAP_REFERRALS LOG MAP_REGEX MATCHGECOS
                MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6
                NETUNIX NEWDB NIS NISPLUS PIPELINING SCANF STARTTLS USERDB
                USE_LDAP_INIT XDEBUG

Code:
  openssl.base             1.0.1.513    CE    F    Open Secure Socket Layer

I configure sendmail for use tls

Code:
divert(0)dnl
VERSIONID(`Mustafar')
OSTYPE(aixsample)dnl
DOMAIN(`generic')dnl
define(`_X400_UUCP_')dnl
define(`_MASQUERADE_ENVELOPE_')dnl
define(`MASQUERADE_NAME')dnl
define(`confTRY_NULL_MX_LIST',`T')dnl
define(`LUSER_RELAY',`name_of_luser_relay')dnl
define(`DATABASE_MAP_TYPE',`dbm')dnl
define(`_CLASS_U_')dnl
define(`LOCAL_RELAY')dnl
define(`MAIL_HUB')dnl
TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5')dnl
FEATURE(always_add_domain)dnl
FEATURE(access_db)dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(uucp)dnl
define(`SMART_HOST', `posta.server.local')
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/server.crt')dnl
define(`confSERVER_CERT', `/etc/mail/certs/ibmunix.server.crt')dnl
define(`confSERVER_KEY', `/etc/mail/certs/ibmunix.server.key')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/ibmunix.server.crt')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/ibmunix.server.key')dnl
define(`confRAND_FILE',`egd:/dev/random')dnl
define(`TLS_VERSION',`TLSV1')dnl
define(`confLOG_Level', `16')

I can receive mail from other server(all with tls)
but if try to send an email from this server

Code:
May  7 03:31:57 ibmunix mail:warn|warning sendmail[13303906]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
May  7 03:31:57 ibmunix mail:warn|warning sendmail[13303906]: STARTTLS=client: 13303906:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:593:
May  7 03:31:57 ibmunix mail:notice sendmail[13303906]: ruleset=tls_server, arg1=SOFTWARE, relay=posta.server.local, reject=403 4.7.0 TLS handshake failed.

The other servers are configure for allow TLS only,no ssl3
but i try also with ssl3 server,same error.
Any suggestion?
Thanks
 

10 More Discussions You Might Find Interesting

1. AIX

How to configure sendmail for AIX 5.3

Hello All, I am very new to this sendmail thing. I need to set up AIX servers with sendmail service to get emails in my corporate email address. All I am asked to do is use SMTP gateways (already in place) for using sendmail. thanks in advance (0 Replies)
Discussion started by: solaix14
0 Replies

2. UNIX for Dummies Questions & Answers

Implementing TLS with Sendmail and having problem with cert request

Hi. One of my company's customers requires mails to be sent to them to use TLS. Thanks to some good documentation on the web, I've got this mostly figured out, but now I'm stuck at generating the CSR. My company's mail domain is sg.bunny.com (not real address, obviously), but the email gateway... (0 Replies)
Discussion started by: pierreery
0 Replies

3. AIX

AIX sendmail configuration

I want to configure sendmail on AIX 4 and 5 to send emails to a windows SMTP proxy server for distribution. Mail would be going from AIX to Windows but any return emails would be sent not AIX but to a default Windows return address. What variables in the AIX sendmail.cf file would need to be... (1 Reply)
Discussion started by: rahe
1 Replies

4. AIX

Problems with sendmail on AIX

hi, i got this error, i have no idea where to start.. anyone please??? Warning: .cf file is out of date: sendmail AIX5.3/8.13.4 supports version 10, .c f file is version 9 WARNING: local host name (BAANPRO) is not qualified; see cf/README: WHO AM I? Running /var/spool/mqueue/o3CBj3np1138768... (3 Replies)
Discussion started by: fdeivis
3 Replies

5. AIX

sendmail on AIX

Hi, Is sendmail required to read local mail for root user on AIX? I shutdown sendmail daemon and sent a test mail to root and I got it. I don't know if I'm missing something here. Thanks regards Israel. (1 Reply)
Discussion started by: iga3725
1 Replies

6. HP-UX

Sendmail TLS and Certificate?

We are running HP-UX 11v1 and are about to upgrade sendmail to 8.13.3 to allow support for TLS. Enabling TLS seems pretty straightforward, but I'm wondering if an SSL certificate is required for this. Our MS Exchange server does use a certificate. Do I need to arrange for a public certificate to... (3 Replies)
Discussion started by: jduehmig
3 Replies

7. UNIX for Dummies Questions & Answers

Problems with Sendmail AUTH and TLS

Greetings. I desperately need help to get my sendmail configuration working again. I followed this guide: Unmemorable Memories » Blog Archive » Enabling SMTP-AUTH for Sendmail on Debian Linux 3.1 to enable TLS and AUTH in sendmail and now I get an error I just cannot find any information... (1 Reply)
Discussion started by: Mr.Glaurung
1 Replies

8. AIX

AIX LDAP client authenticate against Linux Openldap server over TLS/SSL

Hi folks, How can i configure an AIX LDAP client to authenticate against an Linux Openldap server over TLS/SSL? It works like a charm without TLS/SSL. i would like to have SSL encrypted communication for ldap (secldapclntd) and ldapsearch etc. while accepting every kind of certificate/CA.... (6 Replies)
Discussion started by: paco699
6 Replies

9. Solaris

How to configure CUPS on Solaris 11.3 - TLS and no TLS?

We are implementing CUPS on a new Solaris 11.3 system. The same system will run an application where users can print to networked printers inside our organisation, or to a printer outside of our organisation over the internet. For users printing to internal network printers, no encryption is... (0 Replies)
Discussion started by: SallyB
0 Replies

10. AIX

Unable to establish connection over TLS 1.2 on AIX 7.1/7.2

Hello Team, I would need your help to enable communication over TLS1.2 on AIX 7.1 or 7.2 with IBM JDK 1.8 latest update. By default, the request is trying to establish a connection over TLSv1 even though TLS 1.2 is explicitly enabled on server as well as on Java 8. The openssl command throws... (4 Replies)
Discussion started by: Naina2019
4 Replies

LEARN ABOUT DEBIAN

sensible-mda

SENSIBLE-MDA(8) 					      System Manager's Manual						   SENSIBLE-MDA(8)

NAME

       sensible-mda - a generic local MDA router for Debian systems

SYNOPSIS

       sensible-mda from to detail client-addr

DESCRIPTION

       sensible-mda  is used to simplify the installation and configuration of sendmail(8) , or other MTAs for use on Debian systems.  With sensi-
       ble-mda, sendmail can support a plethora of MDAs (procmail, maildrop, deliver, etc.) without having  pick any one of them as required.

FUNCTION

       sensible-mda is called by sendmail as a local mailer when the following exists in sendmail.mc:
       define(`LOCAL_MAILER_ARGS', `sensible-mda $g $u $h ${client_addr}')dnl

       sensible-mda will look for the following MDAs (in this order), and pass the mail on to the first SUID MDA found (Or first found MDA, if run
       w/euid=root): procmail(1), maildrop(1), deliver(8), mail.local(8)

OPTIONS

       Available command line options are the following:

       from   The sender of this email (sendmail $g variable)

       to     The recipient of this email (sendmail $u variable)

       detail The detail portion of the recipient userid (sendmail $h variable) - ie:
	      cowboy+sendmail@debian.org

       client-addr
	      TCP/IP address of the sender (sendmail ${client_addr} variable) Not used (for the nonce)

FILES

       /etc/mail/sendmail.mc
	      sendmail m4 input to generate sendmail.cf

       /etc/mail/sendmail.cf
	      actual sendmail configuration file (treated as a binary file)

SEE ALSO

       sendmail(8), procmail(1), maildrop(1), deliver(8), mail.local(8)

BUGS

       None known so far.

AUTHOR

       Richard Nelson <cowboy@debian.org>

HISTORY

4th Berkeley Distribution					  October 21 1999						   SENSIBLE-MDA(8)
All times are GMT -4. The time now is 05:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy