Kurt Roeckx a écrit : > On Sat, Nov 10, 2018 at 08:17:19PM +0100, BERTRAND Joël wrote: >> Kurt Roeckx a écrit : >>> On Thu, Nov 08, 2018 at 06:36:52PM +0100, Kurt Roeckx wrote: >>>> On Thu, Nov 08, 2018 at 06:10:29PM +0100, BERTRAND Joël wrote: >>>>> Kurt Roeckx a écrit : >>>>>> On Wed, Nov 07, 2018 at 11:21:44AM +0100, BERTRAND Joël wrote: >>>>>>> Nov 7 09:17:31 rayleigh sm-mta[10148]: ruleset=try_tls, >>>>>>> arg1=smtp-in.orange.fr, relay=smtp-in.orange.fr, reject=550 5.7.1 >>>>>>> <x...@orange.fr>... do not try TLS with smtp-in.orange.fr [80.12.242.9] >>>>>>> Nov 7 09:17:31 rayleigh sm-mta[10148]: wA68PQwK006059: >>>>>>> to=<x...@orange.fr>, delay=23:52:05, xdelay=00:00:01, mailer=esmtp, >>>>>>> pri=77460547, relay=smtp-in.orange.fr. [80.12.242.9], dsn=5.0.0, >>>>>>> stat=Service unavailable >>>>>> >>>>>> That server only seems to support TLS 1.0. >>>>>> >>>>>> Have you read: /usr/share/doc/libssl1.1/NEWS.Debian.gz >>>>>> >>>>>> Anyway, I suggest you file a bug against sendmail to override the >>>>>> defaults. >>>>> >>>>> I have read /usr/share/doc/libssl1.1/NEWS.Debian.gz and tested all >>>>> workarounds without any success. >>>> >>>> And you restarted sendmail after changing /etc/ssl/openssl.cfg? >>> >>> Any update on this? >> >> Of course, I have updated /etc/ssl/openssl.cfg with suggestions in NEWS >> file and restarted sendmail without success. > > All I can say is that if I change both values to the value from > NEWS, I can connect to it, otherwise I can't.
I have changed _both_ values and I cannot connect to orange.fr or hotmail.com with sendmail. If I use stable package, sendmail runs as expected.