Date: Sat, 30 Mar 2013 07:49:19 -0400
        From: Jerry <>
        To: FreeBSD <>
        Subject: Re: Operation timed out with - please help

        On Sat, 30 Mar 2013 10:49:45 +0000
        Matthew Seaman articulated:

        > Given you're seeing that CONNECTED message there, it certainly does.
        > The problem with that openssl command seems to be the 'unable to get
        > local issuer certificate' part.  That's possibly openssl being pickier
        > about verifying certs than sendmail would be, but that certificate
        > verification step is probably where you're coming adrift.  You need to
        > have the intermediate certs used by Google in your cacert.pem file, so
        > sendmail will trust the cert.  Check the 'confCACERT'
        > setting in your  I have a block of code like this:
        > define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
        > define(`confCACERT_PATH', `CERT_DIR')dnl
        > define(`confCACERT', `CERT_DIR/cacert.pem')dnl
        > define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
        > define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl
        > define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl
        > define(`confCLIENT_KEY', `CERT_DIR/key.pem')dnl
        > which allows me to put all the keys and certs in /etc/mail/certs/

        If you really need the Gmail certs, you can use this to get them:

        openssl s_client -connect -starttls smtp -showcerts

        If you feel you really need the "Equifax Secure Certificate Authority"
        pem, go here <> and
        download it.

        Again, how to set up Sendmail is a task I leave for the student.

Jerry, Matthew, thank you

I think I got it working.
In addition to your advice, this guide was very helpful:

It seems these two options were required:

define(`RELAY_MAILER_ARGS', `TCP $h 587')
define(`ESMTP_MAILER_ARGS', `TCP $h 587')

Thanks again

_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Reply via email to