Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: AIX sendmail and tls
Operating Systems AIX AIX sendmail and tls Post 302943258 by Linusolaradm1 on Wednesday 6th of May 2015 10:22:40 PM
Old 05-06-2015
AIX sendmail and tls
The situation

Code:
Version AIX7.1/8.14.4
 Compiled with: DNSMAP LDAPMAP LDAP_REFERRALS LOG MAP_REGEX MATCHGECOS
                MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6
                NETUNIX NEWDB NIS NISPLUS PIPELINING SCANF STARTTLS USERDB
                USE_LDAP_INIT XDEBUG

Code:
  openssl.base             1.0.1.513    CE    F    Open Secure Socket Layer

I configure sendmail for use tls

Code:
divert(0)dnl
VERSIONID(`Mustafar')
OSTYPE(aixsample)dnl
DOMAIN(`generic')dnl
define(`_X400_UUCP_')dnl
define(`_MASQUERADE_ENVELOPE_')dnl
define(`MASQUERADE_NAME')dnl
define(`confTRY_NULL_MX_LIST',`T')dnl
define(`LUSER_RELAY',`name_of_luser_relay')dnl
define(`DATABASE_MAP_TYPE',`dbm')dnl
define(`_CLASS_U_')dnl
define(`LOCAL_RELAY')dnl
define(`MAIL_HUB')dnl
TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5')dnl
FEATURE(always_add_domain)dnl
FEATURE(access_db)dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(uucp)dnl
define(`SMART_HOST', `posta.server.local')
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/server.crt')dnl
define(`confSERVER_CERT', `/etc/mail/certs/ibmunix.server.crt')dnl
define(`confSERVER_KEY', `/etc/mail/certs/ibmunix.server.key')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/ibmunix.server.crt')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/ibmunix.server.key')dnl
define(`confRAND_FILE',`egd:/dev/random')dnl
define(`TLS_VERSION',`TLSV1')dnl
define(`confLOG_Level', `16')

I can receive mail from other server(all with tls)
but if try to send an email from this server

Code:
May  7 03:31:57 ibmunix mail:warn|warning sendmail[13303906]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
May  7 03:31:57 ibmunix mail:warn|warning sendmail[13303906]: STARTTLS=client: 13303906:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:593:
May  7 03:31:57 ibmunix mail:notice sendmail[13303906]: ruleset=tls_server, arg1=SOFTWARE, relay=posta.server.local, reject=403 4.7.0 TLS handshake failed.

The other servers are configure for allow TLS only,no ssl3
but i try also with ssl3 server,same error.
Any suggestion?
Thanks
 

10 More Discussions You Might Find Interesting

1. AIX

How to configure sendmail for AIX 5.3

Hello All, I am very new to this sendmail thing. I need to set up AIX servers with sendmail service to get emails in my corporate email address. All I am asked to do is use SMTP gateways (already in place) for using sendmail. thanks in advance (0 Replies)
Discussion started by: solaix14
0 Replies

2. UNIX for Dummies Questions & Answers

Implementing TLS with Sendmail and having problem with cert request

Hi. One of my company's customers requires mails to be sent to them to use TLS. Thanks to some good documentation on the web, I've got this mostly figured out, but now I'm stuck at generating the CSR. My company's mail domain is sg.bunny.com (not real address, obviously), but the email gateway... (0 Replies)
Discussion started by: pierreery
0 Replies

3. AIX

AIX sendmail configuration

I want to configure sendmail on AIX 4 and 5 to send emails to a windows SMTP proxy server for distribution. Mail would be going from AIX to Windows but any return emails would be sent not AIX but to a default Windows return address. What variables in the AIX sendmail.cf file would need to be... (1 Reply)
Discussion started by: rahe
1 Replies

4. AIX

Problems with sendmail on AIX

hi, i got this error, i have no idea where to start.. anyone please??? Warning: .cf file is out of date: sendmail AIX5.3/8.13.4 supports version 10, .c f file is version 9 WARNING: local host name (BAANPRO) is not qualified; see cf/README: WHO AM I? Running /var/spool/mqueue/o3CBj3np1138768... (3 Replies)
Discussion started by: fdeivis
3 Replies

5. AIX

sendmail on AIX

Hi, Is sendmail required to read local mail for root user on AIX? I shutdown sendmail daemon and sent a test mail to root and I got it. I don't know if I'm missing something here. Thanks regards Israel. (1 Reply)
Discussion started by: iga3725
1 Replies

6. HP-UX

Sendmail TLS and Certificate?

We are running HP-UX 11v1 and are about to upgrade sendmail to 8.13.3 to allow support for TLS. Enabling TLS seems pretty straightforward, but I'm wondering if an SSL certificate is required for this. Our MS Exchange server does use a certificate. Do I need to arrange for a public certificate to... (3 Replies)
Discussion started by: jduehmig
3 Replies

7. UNIX for Dummies Questions & Answers

Problems with Sendmail AUTH and TLS

Greetings. I desperately need help to get my sendmail configuration working again. I followed this guide: Unmemorable Memories » Blog Archive » Enabling SMTP-AUTH for Sendmail on Debian Linux 3.1 to enable TLS and AUTH in sendmail and now I get an error I just cannot find any information... (1 Reply)
Discussion started by: Mr.Glaurung
1 Replies

8. AIX

AIX LDAP client authenticate against Linux Openldap server over TLS/SSL

Hi folks, How can i configure an AIX LDAP client to authenticate against an Linux Openldap server over TLS/SSL? It works like a charm without TLS/SSL. i would like to have SSL encrypted communication for ldap (secldapclntd) and ldapsearch etc. while accepting every kind of certificate/CA.... (6 Replies)
Discussion started by: paco699
6 Replies

9. Solaris

How to configure CUPS on Solaris 11.3 - TLS and no TLS?

We are implementing CUPS on a new Solaris 11.3 system. The same system will run an application where users can print to networked printers inside our organisation, or to a printer outside of our organisation over the internet. For users printing to internal network printers, no encryption is... (0 Replies)
Discussion started by: SallyB
0 Replies

10. AIX

Unable to establish connection over TLS 1.2 on AIX 7.1/7.2

Hello Team, I would need your help to enable communication over TLS1.2 on AIX 7.1 or 7.2 with IBM JDK 1.8 latest update. By default, the request is trying to establish a connection over TLSv1 even though TLS 1.2 is explicitly enabled on server as well as on Java 8. The openssl command throws... (4 Replies)
Discussion started by: Naina2019
4 Replies

LEARN ABOUT SUSE

fvwmm4

FvwmM4(1)							   Fvwm Modules 							 FvwmM4(1)

NAME

       FvwmM4 - the fvwm  M4 pre-processor

SYNOPSIS

       Module FvwmM4 [options] filename

       The FvwmM4 module can only be invoked by fvwm.  Command line invocation of the FvwmM4 module will not work.

DESCRIPTION

       When  fvwm executes the FvwmM4 module, FvwmM4 invokes the M4 pre-processor on the file specified in its invocation, then FvwmM4 causes fvwm
       to execute the commands in the resulting file.

INVOCATION

       FvwmM4 can be invoked as a module using an fvwm command, from the .fvwm2rc file, a menu, mousebinding, or any of the many other	ways  fvwm
       commands can be issued.

       If the user wants his entire .fvwm2rc file pre-processed with FvwmM4, then fvwm should be invoked as:
       fvwm -cmd "Module FvwmM4 .fvwm2rc"

       Note that the argument to the option "-cmd" should be enclosed in quotes, and no other quoting should be used.

       When  FvwmM4  runs as a module, it runs asynchronously from fvwm.  If FvwmM4 is invoked from the .fvwm2rc, the commands generated by FvwmM4
       may or may not be executed by the time fvwm processes the next command in the .fvwm2rc.	Invoke FvwmM4 this way for synchronous execution:

       ModuleSynchronous FvwmM4 -lock filename

OPTIONS

       Some options can be specified following the modulename:

       -m4-prefix
	      I think this makes all the m4 directives require the prefix "m4_".

       -m4-prefix-defines
	      Causes built-in defines to be prefixed with "m4_" (i.e., m4_HOME is defined instead of HOME, etc.)

       -m4opt option
	      Lets you pass an option to the m4 program.  Not really needed as any unknown options will be passed on automatically.

       -m4-squote character
	      Lets you change the m4 start-of-quote character to character.

       -m4-equote character
	      Lets you change the m4 end-of-quote character to character.

       -m4prog name
	      Instead of invoking "m4", fvwm will invoke name.

       -outfile filename
	      Instead of creating a random unique name for the temporary file for the preprocessed rc file, this option specifies the name of  the
	      temporary  file  created.  FvwmM4 attempts to remove this file before writing to it, so don't point it at anything important even if
	      it has read-only protection.

       -debug Causes the temporary file created by m4 to be retained. This file is usually called "/tmp/fvwmrcXXXXXX"

       -lock  If you want to use this option you need to start FvwmM4 with ModuleSynchronous. This option causes fvwm to wait that the pre-process
	      to  finish  and  then  FvwmM4 asks fvwm to Read the pre-processed file before continuing. This can be useful at startup if you use a
	      session manager like Gnome. Also, this is useful if you want to process and run a Form in an fvwm function.

       -noread
	      Causes the pre-processed file to be not read by fvwm. Useful for pre-processing an FvwmScript script.

CONFIGURATION OPTIONS

       FvwmM4 defines some values for use in the pre-processor file:

       TWM_TYPE
	      Always set to "fvwm".

       SERVERHOST
	      The name of the machine running the X Server.

       CLIENTHOST
	      The name of the machine running fvwm.

       HOSTNAME
	      The hostname of the machine running fvwm. Generally the same as CLIENTHOST.

       OSTYPE The operating system for CLIENTHOST.

       USER   The name of the person running fvwm.

       HOME   The home directory of the person running fvwm.

       VERSION
	      The X11 version.

       REVISION
	      The X11 revision number.

       VENDOR The X server vendor.

       RELEASE
	      The X server release number.

       SCREEN The screen number.

       WIDTH  The screen width in pixels.

       HEIGHT The screen height in pixels.

       X_RESOLUTION
	      Some distance/pixel measurement for the horizontal direction, I think.

       Y_RESOLUTION
	      Some distance/pixel measurement for the vertical direction, I think.

       PLANES Number of color planes for the X server display

       BITS_PER_RGB
	      Number of bits in each rgb triplet.

       CLASS  The X11 default visual class, e.g. PseudoColor.

       COLOR  Yes or No, Yes if the default visual class is neither StaticGrey or GreyScale.

       FVWM_CLASS
	      The visual class that fvwm is using, e.g. TrueColor.

       FVWM_COLOR
	      Yes or No, Yes if the FVWM_CLASS is neither StaticGrey or GreyScale.

       FVWM_VERSION
	      The fvwm version number, ie 2.0

       OPTIONS
	      Some combination of SHAPE, XPM, NO_SAVEUNDERS, and M4, as defined in configure.h at compile time.

       FVWM_MODULEDIR
	      The directory where fvwm looks for .fvwm2rc and modules by default, as determined at compile time.

       FVWM_USERDIR
	      The value of $FVWM_USERDIR.

       SESSION_MANAGER
	      The value of $SESSION_MANAGER. Undefined if this variable is not set.

EXAMPLE PROLOG

       define(TWM_TYPE,``fvwm'')dnl
       define(SERVERHOST,``spx20'')dnl
       define(CLIENTHOST,``grumpy'')dnl
       define(HOSTNAME,``grumpy'')dnl
       define(OSTYPE,``SunOS'')dnl
       define(USER,``nation'')dnl
       define(HOME,``/local/homes/dsp/nation'')dnl
       define(VERSION,``11'')dnl
       define(REVISION,``0'')dnl
       define(VENDOR,``HDS human designed systems, inc. (2.1.2-D)'')dnl
       define(RELEASE,``4'')dnl
       define(SCREEN,``0'')dnl
       define(WIDTH,``1280'')dnl
       define(HEIGHT,``1024'')dnl
       define(X_RESOLUTION,``3938'')dnl
       define(Y_RESOLUTION,``3938'')dnl
       define(PLANES,``8'')dnl
       define(BITS_PER_RGB,``8'')dnl
       define(CLASS,``PseudoColor'')dnl
       define(COLOR,``Yes'')dnl
       define(FVWM_VERSION,``1.24l'')dnl
       define(OPTIONS,``SHAPE XPM M4 '')dnl
       define(FVWM_MODULEDIR,``/local/homes/dsp/nation/modules'')dnl
       define(FVWM_USERDIR,``/local/homes/dsp/nation/.fvwm'')dnl
       define(SESSION_MANAGER,``local/grumpy:/tmp/.ICE-unix/440,tcp/spx20:1025'')dnl

AUTHORS

       FvwmM4 is the result of a random bit mutation on a hard disk, presumably a result of a  cosmic-ray or some such thing.

3rd Berkeley Distribution					7 May 208 (2.5.26)							 FvwmM4(1)
All times are GMT -4. The time now is 07:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy