Package: msmtp
Version: 1.6.7-1
Severity: important
Hi,
I've been using msmtp for years with a GMX mail account. Recently, I
tried to use it with the mail server provided by a webhost of mine, but
msmtp fails to verify the TLS certificate:
msmtp: TLS certificate verification failed: the certificate owner does not
match hostname mail.bdld.info
It seems that the problem is that the supplied certificate for
mail.bdld.info has bdld.info as the CN. But since mail.bdld.info is in
the list of SANs, the verification should succeed. Indeed, 'openssl
s_client -connect mail.bdld.info:465' reports "Verification: OK", and
swaks successfully sends mail through the server.
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8),
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages msmtp depends on:
ii debconf [debconf-2.0] 1.5.69
ii libc6 2.28-3
ii libgnutls303.6.5-2
ii libgsasl7 1.8.0-8+b2
ii ucf3.0038+nmu1
Versions of packages msmtp recommends:
ii ca-certificates 20180409
Versions of packages msmtp suggests:
ii msmtp-mta 1.6.7-1
-- debconf information excluded