Bug#913129: [Pkg-openssl-devel] Bug#913129: openssl: TLS error (error 403 4.7.0 TLS handshake failed in sendmail logs)
On Thu, Nov 08, 2018 at 06:10:29PM +0100, BERTRAND Joël wrote: > Kurt Roeckx a écrit : > > On Wed, Nov 07, 2018 at 11:21:44AM +0100, BERTRAND Joël wrote: > >> Nov 7 09:17:31 rayleigh sm-mta[10148]: ruleset=try_tls, > >> arg1=smtp-in.orange.fr, relay=smtp-in.orange.fr, reject=550 5.7.1 > >> ... do not try TLS with smtp-in.orange.fr [80.12.242.9] > >> Nov 7 09:17:31 rayleigh sm-mta[10148]: wA68PQwK006059: > >> to=, delay=23:52:05, xdelay=00:00:01, mailer=esmtp, > >> pri=77460547, relay=smtp-in.orange.fr. [80.12.242.9], dsn=5.0.0, > >> stat=Service unavailable > > > > That server only seems to support TLS 1.0. > > > > Have you read: /usr/share/doc/libssl1.1/NEWS.Debian.gz > > > > Anyway, I suggest you file a bug against sendmail to override the > > defaults. > > I have read /usr/share/doc/libssl1.1/NEWS.Debian.gz and tested all > workarounds without any success. And you restarted sendmail after changing /etc/ssl/openssl.cfg? Kurt
Bug#913129: [Pkg-openssl-devel] Bug#913129: openssl: TLS error (error 403 4.7.0 TLS handshake failed in sendmail logs)
Kurt Roeckx a écrit : > On Wed, Nov 07, 2018 at 11:21:44AM +0100, BERTRAND Joël wrote: >> Nov 7 09:17:31 rayleigh sm-mta[10148]: ruleset=try_tls, >> arg1=smtp-in.orange.fr, relay=smtp-in.orange.fr, reject=550 5.7.1 >> ... do not try TLS with smtp-in.orange.fr [80.12.242.9] >> Nov 7 09:17:31 rayleigh sm-mta[10148]: wA68PQwK006059: to=, >> delay=23:52:05, xdelay=00:00:01, mailer=esmtp, pri=77460547, >> relay=smtp-in.orange.fr. [80.12.242.9], dsn=5.0.0, stat=Service unavailable > > That server only seems to support TLS 1.0. > > Have you read: /usr/share/doc/libssl1.1/NEWS.Debian.gz > > Anyway, I suggest you file a bug against sendmail to override the > defaults. I have read /usr/share/doc/libssl1.1/NEWS.Debian.gz and tested all workarounds without any success. It's not a sendmail's bug but a regression of debian's openssl. Regards, JKB
Bug#913129: [Pkg-openssl-devel] Bug#913129: openssl: TLS error (error 403 4.7.0 TLS handshake failed in sendmail logs)
On Wed, Nov 07, 2018 at 11:21:44AM +0100, BERTRAND Joël wrote: > Nov 7 09:17:31 rayleigh sm-mta[10148]: ruleset=try_tls, > arg1=smtp-in.orange.fr, relay=smtp-in.orange.fr, reject=550 5.7.1 > ... do not try TLS with smtp-in.orange.fr [80.12.242.9] > Nov 7 09:17:31 rayleigh sm-mta[10148]: wA68PQwK006059: to=, > delay=23:52:05, xdelay=00:00:01, mailer=esmtp, pri=77460547, > relay=smtp-in.orange.fr. [80.12.242.9], dsn=5.0.0, stat=Service unavailable That server only seems to support TLS 1.0. Have you read: /usr/share/doc/libssl1.1/NEWS.Debian.gz Anyway, I suggest you file a bug against sendmail to override the defaults. Kurt