Date: Sat, 30 Mar 2013 07:49:19 -0400 From: Jerry <je...@seibercom.net> To: FreeBSD <email@example.com> Subject: Re: Operation timed out with smtp.gmail.com - please help
On Sat, 30 Mar 2013 10:49:45 +0000 Matthew Seaman articulated: > Given you're seeing that CONNECTED message there, it certainly does. > The problem with that openssl command seems to be the 'unable to get > local issuer certificate' part. That's possibly openssl being pickier > about verifying certs than sendmail would be, but that certificate > verification step is probably where you're coming adrift. You need to > have the intermediate certs used by Google in your cacert.pem file, so > sendmail will trust the smtp.gmail.com cert. Check the 'confCACERT' > setting in your sendmail.mc. I have a block of code like this: >=20 > define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl > define(`confCACERT_PATH', `CERT_DIR')dnl > define(`confCACERT', `CERT_DIR/cacert.pem')dnl > define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl > define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl > define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl > define(`confCLIENT_KEY', `CERT_DIR/key.pem')dnl >=20 > which allows me to put all the keys and certs in /etc/mail/certs/ If you really need the Gmail certs, you can use this to get them: openssl s_client -connect smtp.gmail.com:587 -starttls smtp -showcerts If you feel you really need the "Equifax Secure Certificate Authority" pem, go here <http://www.geotrust.com/resources/root-certificates/> and download it. Again, how to set up Sendmail is a task I leave for the student. Jerry, Matthew, thank you I think I got it working. In addition to your advice, this guide was very helpful: http://www.phinesolutions.com/sendmail-gmail-smtp-relay-howto.html It seems these two options were required: define(`RELAY_MAILER_ARGS', `TCP $h 587') define(`ESMTP_MAILER_ARGS', `TCP $h 587') Thanks again Anton _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"