From owner-freebsd-questions@FreeBSD.ORG Mon Dec 22 10:41:38 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 182FD16A4CE for ; Mon, 22 Dec 2003 10:41:38 -0800 (PST) Received: from ns1.tiadon.com (SMTP.tiadon.com [69.27.132.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id 987EF43D58 for ; Mon, 22 Dec 2003 10:41:36 -0800 (PST) (envelope-from kdk@daleco.biz) Received: from daleco.biz ([69.27.131.0]) by ns1.tiadon.com with Microsoft SMTPSVC(6.0.3790.0); Mon, 22 Dec 2003 12:44:44 -0600 Message-ID: <3FE73AAE.2090002@daleco.biz> Date: Mon, 22 Dec 2003 12:40:46 -0600 From: "Kevin D. Kinsey, DaleCo, S.P." User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.5) Gecko/20031124 X-Accept-Language: en-us, en MIME-Version: 1.0 To: FreeBSD Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 22 Dec 2003 18:44:44.0734 (UTC) FILETIME=[AAD9B5E0:01C3C8BB] Subject: MUA's time out - Sendmail + SASL2 : "no shared cipher" and more... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Dec 2003 18:41:38 -0000 Don't know if anyone can or wants to help, I've scanned a lot of search results and followed 3 different "how to's" (starting with the Handbook) and though I'm closer, perhaps, I'm still not there. I need an SSL-capable POP3 and SMTP as our needs expand. POP3 I've accomplished with imap-uw; Sendmail has been some trouble for 3 days now, and at least one client is really needing to be able to send with M$ OE ASAP.... Both OE and the Mozilla mail client (and Mutt *on* the server, last I checked) are timing out attempting to use "SMTP Auth". With Sendmail set to "LogLevel=25", here's a snippet of where I *think* the problem lies... ---------------------------------------------------------------------------------------- Dec 22 12:20:51 ezekiel sm-mta[94212]: hBMIG1ka094212: --- 451 0.131.27.69.rel....osirusoft.com.: Name server timeout Dec 22 12:20:51 ezekiel sm-mta[94212]: AUTH: available mech=NTLM LOGIN ANONYMOUS PLAIN OTP DIGEST-MD5 CRAM-MD5, allowed mech=PLAIN LOGIN Dec 22 12:20:51 ezekiel sm-mta[94212]: hBMIG1ka094212: Milter: no active filter Dec 22 12:20:51 ezekiel sm-mta[94212]: STARTTLS=server, error: accept failed=-1, SSL_error=1, timedout=0, errno=0 Dec 22 12:20:51 ezekiel sm-mta[94212]: STARTTLS=server: 94212:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_srvr.c:886: Dec 22 12:20:51 ezekiel sm-mta[94212]: hBMIG1ka094212: [66.27.130.10] did not issue MAIL/EXPN/VRFY/ETRN during connection to TLSMTA Dec 22 12:21:02 ezekiel sm-mta[94238]: NOQUEUE: connect from [66.27.130.10] Dec 22 12:22:08 ezekiel sm-mta[94238]: hBMIL2ka094238: --- 451 0.131.27.69.bl.spamcop.net.: Name server timeout Dec 22 12:24:30 ezekiel sm-mta[94224]: hBMIJVka094224: --- 451 119.204.136.216....osirusoft.com.: Name server timeout -------------------------------------------------------------------------------------------- There are a few curiosities here in my mind, (Milter (?) and timeouts looking for the spamcop NS's, but the issue seems most likely to be the SSL error ("accept failed=-1" and "no shared cipher". What have I misconfigured? I've tried all possible combinations of checkboxes on the clients ... at least I think so. They just hang forever; OE during the "securing" phase. If someone knows the incantations I don't know for Sendmail, I'd appreciate a look at your spell book.... Kevin Kinsey DaleCo, S.P.