Hi Michael, I tried that, now I get the following errors with outlook.com Jun 19 16:36:49 bx3 sendmail[25225]: STARTTLS=server, relay=mail-eopbgr1310103.outbound.protection.outlook.com [40.107.131.103], version=TLSv1.2, verify=OK, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256 Jun 19 16:36:51 bx3 sendmail[25225]: STARTTLS: write error=syscall error (-1), errno=104, get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5
It seems to be right after an email arrives from outlook.com/hotmail.com Anyone else want to check their maillog for a similar error? - Ernie. > Hi Ernie, > > > I am having problems with emails for certain domains getting stuck in the > > mailq with 5210R. Not had this error in other BX versions. > > > > The server is using a Letsencrypt certificate, and the visite has it's own > > Letsencrypt certificate. There is only one visite on the server. Most users > > are sending via smtp AUTH. > > > > The error says: > > Deferred: 403 4.7.0 TLS handshake failed > > > > I can get around it by adding a TLS exemption in /etc/mail/access for the > > domain eg. > > > > Try_TLS:qld.gov.au NO > > > > But I can't be sitting there all day looking out for handshake failing > > domains to bypass. I would like to diagnose the problem, but don't know > > where to start. Any suggestions? > During the TLS-handshake MTA and sender (or recipient) are negotiating > to find out what's the best TLS protocol and cipher both support. > > If that negotiation fails, then that means that they were unable to > establish a common ground. > > On 5210R for Sendmail you might want to try to run this as "root": > > update-crypto-policies --set LEGACY > > Then restart Sendmail and see if that works better for you. > > -- > With best regards > > Michael Stauber > _______________________________________________ > Blueonyx mailing list > Blueonyx@mail.blueonyx.it > http://mail.blueonyx.it/mailman/listinfo/blueonyx _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx
