From owner-freebsd-questions@freebsd.org Thu Mar 23 15:32:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DF498D19ABA for ; Thu, 23 Mar 2017 15:32:39 +0000 (UTC) (envelope-from jim@ohlste.in) Received: from mail-qt0-x22f.google.com (mail-qt0-x22f.google.com [IPv6:2607:f8b0:400d:c0d::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9CB1E10B4 for ; Thu, 23 Mar 2017 15:32:39 +0000 (UTC) (envelope-from jim@ohlste.in) Received: by mail-qt0-x22f.google.com with SMTP id r45so178332203qte.3 for ; Thu, 23 Mar 2017 08:32:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ohlste-in.20150623.gappssmtp.com; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=0Jz64CItr3MzorAEfPxrHZfOCSrwcAMXWBc0DeTV46k=; b=E0IHLyTjXLeywN305JiRSYqlPuvVfb6S3Nfb5NveIXwbcF5vXO6OEDFqHgmFWqv1GA rRjB6n3JcTFiD4OrfIlkc/fJjZ4Puuu8iLyhWZ9TWu/yFohk88ZpnHJR12dtgQxrNNM/ rRtMHUoA1LvgWwYGkFa56JZEh5Lk3wuQWKhUWTRDFAsseA1LbkddBGYHh1nMvnOE5P/m uanoIVVUgmur5Rp/KibBXNAYVFjp6hvBcLUlUFQkQLbO8Q8gagSF7LCJ8sQZFqHto5/q HBSi7rWR7XMnVgBZMIQlEcVb8sgIS75sPnuYUKMCtkhykWB/e+vN3tg/bq30N4WkpOtR i+XA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=0Jz64CItr3MzorAEfPxrHZfOCSrwcAMXWBc0DeTV46k=; b=RKj6YOQVL7C/8m6/wCJV8rq/oKMA3DzCe2FudhWndZJmltnmcdkDYIz8M1yw/Bk23a QgWMwuJK44ou7+1DywEj5LTc4Xk/98JnzYQbPWKi3sCM1ntI5RmqlQcR4ALl8OLm6Eak ccUya4yl4S0Md++GM1pbJ8Bc8eAwUshzzxOkF3Y9FrA+oq+fEG5TdnlD7Fdaq8GCaA3Q 4gC5FqHoMWAOkUWH25oWzOabx0xKilxoNOma9Gnwf7+7b/SZ0mo8ahOmeS4lmxhqbgRy 8r8Ziy/afasOEd4d7zE0c3wMhqYobhPry+oiuIPl9ihIFBiZ+2zgbH/roLFwpQZNLDqS ak+w== X-Gm-Message-State: AFeK/H0a6c2gLBxj2xjtcpKqxIxrDm0NZcA3okf9nQezygAyLEKb78fQKxELLwPnLMZuzg== X-Received: by 10.200.55.235 with SMTP id e40mr2846952qtc.251.1490283157978; Thu, 23 Mar 2017 08:32:37 -0700 (PDT) Received: from [192.168.1.10] (pool-108-39-64-29.nrflva.fios.verizon.net. [108.39.64.29]) by smtp.googlemail.com with ESMTPSA id i125sm3447357qkf.52.2017.03.23.08.32.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 23 Mar 2017 08:32:36 -0700 (PDT) Subject: Re: how do I get STARTTLS working with sendmail on FreeBSD 10.3 ? To: Arthur Chance References: <378051e6-d075-c00c-066d-e6240583ea59@ohlste.in> <8CDAF29F-034A-4BC5-8727-4EC0B39331F6@ohlste.in> <2cd77b54-1a7a-3bee-bf4a-1681acda3449@ohlste.in> <5748b716-7cb2-171e-ed0d-7db453d17b56@qeng-ho.org> Cc: "freebsd-questions@freebsd.org" , William Dudley From: Jim Ohlstein Message-ID: Date: Thu, 23 Mar 2017 11:32:35 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <5748b716-7cb2-171e-ed0d-7db453d17b56@qeng-ho.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Mar 2017 15:32:40 -0000 Hello, On 3/23/17 11:05 AM, Arthur Chance wrote: > On 23/03/2017 13:39, Jim Ohlstein wrote: >> Hello, >> >> On 3/23/17 8:21 AM, Arthur Chance wrote: >>> On 23/03/2017 03:25, Jim Ohlstein wrote: >>>> Your entire question is ridiculous since Sendmail will never be >>>> useful for retrieving email from a remote server. Ever. To do that >>>> you need a POP/IMAP server. That was my point. Still is. >>> >>> If you'd been paying attention you'd have noticed lines in his mail like >>> >>>> telnet localhost 25 >>> >>> which is rather a clue that he's talking about the sending side rather >>> than the receiving side. >> >> If you'd been paying attention, you'd have noticed lines his initial >> post to the list (emphasis mine): >> >> >> I just want to use a self-signed certificate so I can *get my email from >> my FreeBSD mail server to my cell phone*. >> >> >> This is rather a clue that he's talking about the receiving side rather >> than the sending side. > > I was basing it on > > --- Extract --- > STILL BROKEN, but now there's no error message to give me a clue what is > wrong. > > telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 mail.casano.com ESMTP Sendmail 8.15.2/8.15.2; Wed, 22 Mar 2017 10:10:14 > -0400 (EDT) > ehlo localhost > 250-mail.casano.com Hello localhost [127.0.0.1], pleased to meet you > 250-ENHANCEDSTATUSCODES > 250-PIPELINING > 250-8BITMIME > 250-SIZE > 250-DSN > 250-ETRN > 250-DELIVERBY > 250 HELP > quit > 221 2.0.0 mail.casano.com closing connection > Connection closed by foreign host. > ---- > > Generally speaking, you don't telnet into port 25, issue an EHLO to see > what capabilities the server has and complain that STARTTLS is still > missing unless you're trying to sort out the SMTP side of life. Also, > that's not the sort of thing a newbie usually tries. > > He also wrote (apologies for the lousy formatting, various mailers have > hacked it about) > >>> My FreeBSD server >>> runs >>> sendmail, and I've been running my own mail domain for about a decade. >>> >>> My latest guess (and that's all I can do is guess) is that my > self-signed >>> certificates >>> expired, and I just need to re-generate them. All the sources on > sendmail >>> and >>> STARTTLS that I've seen so far show configs identical to my config, so > from >>> this I infer perhaps one or more of my cert files is "bad". > > Which really doesn't sound like a novice. Yes, the remarks about wanting > to use IMAP are confusing, but I thought that was because he'd got into > a "can't see the wood for the trees" state of confusion. Fighting > recalcitrant software for a few days tends to do that. But it could be > he truly is clueless and thrashing. Perhaps it's hard to tell, but your quote above was conveniently taken out of context. A more full rendition might be a clue as to his cluelessness: The point of this exercise is to allow my Android phone to access my email on my FreeBSD 10.3 server, using imap. I had it working last year, and then, with nary an error message, it stopped working. So the email client is the native Android email client (on a recent Cyanogen Android). My FreeBSD server runs sendmail, and I've been running my own mail domain for about a decade. Here he speaks directly about accessing his email using IMAP. Looks pretty clear to me. In fact, I don't think it could be clearer. I would wager he is posting the results of commands found in Google searches without completely understanding what they mean, or understanding that he will NEVER retrieve email with Sendmail, at least until now. Running [his] "own mail domain for about a decade" may be as simple as using shared hosting on a cPanel server as his signature suggests he's using Linux. It doesn't mean he knows what he's doing. In fact, the evidence strongly suggests the opposite. Oh, and the idiom is "can't see the forest for the trees". > >>> [Much snippage] >>> >>>>>> "Never argue with a fool, onlookers may not be able to tell the >>>>>> difference." - Mark Twain >>> >>> [Except for that. :-)] >> >> Cute. Rather sophomoric, but still cute. > > I've never been sure about the exact details of the US university > system, having gone through a much older one on the other side of the > Atlantic, but I'm probably about 50 years too old to be a sophomore. > However, while I've definitely aged, I will be the first to admit I've > not necessarily matured. :-) > You should look at the definition of sophomoric. This link may help you: https://www.merriam-webster.com/dictionary/sophomoric -- Jim Ohlstein "Never argue with a fool, onlookers may not be able to tell the difference." - Mark Twain