Kurt Roeckx a écrit :
> On Sat, Nov 10, 2018 at 08:17:19PM +0100, BERTRAND Joël wrote:
>> Kurt Roeckx a écrit :
>>> On Thu, Nov 08, 2018 at 06:36:52PM +0100, Kurt Roeckx wrote:
>>>> On Thu, Nov 08, 2018 at 06:10:29PM +0100, BERTRAND Joël wrote:
>>>>> Kurt Roeckx a écrit :
>>>>>> On Wed, Nov 07, 2018 at 11:21:44AM +0100, BERTRAND Joël wrote:
>>>>>>> Nov 7 09:17:31 rayleigh sm-mta[10148]: ruleset=try_tls,
>>>>>>> arg1=smtp-in.orange.fr, relay=smtp-in.orange.fr, reject=550 5.7.1
>>>>>>> <x...@orange.fr>... do not try TLS with smtp-in.orange.fr [80.12.242.9]
>>>>>>> Nov 7 09:17:31 rayleigh sm-mta[10148]: wA68PQwK006059:
>>>>>>> to=<x...@orange.fr>, delay=23:52:05, xdelay=00:00:01, mailer=esmtp,
>>>>>>> pri=77460547, relay=smtp-in.orange.fr. [80.12.242.9], dsn=5.0.0,
>>>>>>> stat=Service unavailable
>>>>>>
>>>>>> That server only seems to support TLS 1.0.
>>>>>>
>>>>>> Have you read: /usr/share/doc/libssl1.1/NEWS.Debian.gz
>>>>>>
>>>>>> Anyway, I suggest you file a bug against sendmail to override the
>>>>>> defaults.
>>>>>
>>>>> I have read /usr/share/doc/libssl1.1/NEWS.Debian.gz and tested all
>>>>> workarounds without any success.
>>>>
>>>> And you restarted sendmail after changing /etc/ssl/openssl.cfg?
>>>
>>> Any update on this?
>>
>> Of course, I have updated /etc/ssl/openssl.cfg with suggestions in NEWS
>> file and restarted sendmail without success.
>
> All I can say is that if I change both values to the value from
> NEWS, I can connect to it, otherwise I can't.
I have changed _both_ values and I cannot connect to orange.fr or
hotmail.com with sendmail. If I use stable package, sendmail runs as
expected.
