Date: Mon, 22 Dec 2003 12:40:46 -0600 From: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: FreeBSD <questions@freebsd.org> Subject: MUA's time out - Sendmail + SASL2 : "no shared cipher" and more... Message-ID: <3FE73AAE.2090002@daleco.biz>
next in thread | raw e-mail | index | archive | help
Don't know if anyone can or wants to help, I've
scanned a lot of search results and followed
3 different "how to's" (starting with the Handbook)
and though I'm closer, perhaps, I'm still not there.
I need an SSL-capable POP3 and SMTP as our
needs expand. POP3 I've accomplished with
imap-uw; Sendmail has been some trouble
for 3 days now, and at least one client is really
needing to be able to send with M$ OE ASAP....
Both OE and the Mozilla mail client (and Mutt *on*
the server, last I checked) are timing out attempting
to use "SMTP Auth". With Sendmail set to "LogLevel=25",
here's a snippet of where I *think* the problem lies...
----------------------------------------------------------------------------------------
Dec 22 12:20:51 ezekiel sm-mta[94212]: hBMIG1ka094212:
--- 451 0.131.27.69.rel....osirusoft.com.: Name server
timeout
Dec 22 12:20:51 ezekiel sm-mta[94212]: AUTH: available mech=NTLM
LOGIN ANONYMOUS PLAIN OTP DIGEST-MD5 CRAM-MD5, allowed
mech=PLAIN LOGIN
Dec 22 12:20:51 ezekiel sm-mta[94212]: hBMIG1ka094212: Milter: no active
filter
Dec 22 12:20:51 ezekiel sm-mta[94212]: STARTTLS=server,
error: accept failed=-1, SSL_error=1, timedout=0, errno=0
Dec 22 12:20:51 ezekiel sm-mta[94212]: STARTTLS=server:
94212:error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared
cipher:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_srvr.c:886:
Dec 22 12:20:51 ezekiel sm-mta[94212]: hBMIG1ka094212: [66.27.130.10]
did not issue MAIL/EXPN/VRFY/ETRN during connection
to TLSMTA
Dec 22 12:21:02 ezekiel sm-mta[94238]: NOQUEUE: connect from [66.27.130.10]
Dec 22 12:22:08 ezekiel sm-mta[94238]: hBMIL2ka094238: ---
451 0.131.27.69.bl.spamcop.net.: Name server timeout
Dec 22 12:24:30 ezekiel sm-mta[94224]: hBMIJVka094224: ---
451 119.204.136.216....osirusoft.com.: Name server
timeout
--------------------------------------------------------------------------------------------
There are a few curiosities here in my mind, (Milter (?) and timeouts
looking for the spamcop NS's, but the issue seems most likely to
be the SSL error ("accept failed=-1" and "no shared cipher".
What have I misconfigured? I've tried all possible combinations of
checkboxes on the clients ... at least I think so. They just hang forever;
OE during the "securing" phase. If someone knows the incantations
I don't know for Sendmail, I'd appreciate a look at your spell book....
Kevin Kinsey
DaleCo, S.P.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FE73AAE.2090002>