Hello!
I set things up once some time ago for one of my machines to relay
e-mail from another -- based on SSL-certificate presented. I'm my
own issuer. The setup was working for a while, but broke recently --
the relay-to-be now rejects relaying, even though it verifies the
certificate Ok.
Here are the relevant log messages:
Feb 3 17:36:57 aldan sm-mta[6650]: STARTTLS=server,
[EMAIL PROTECTED] [64.35.99.179],
version=TLSv1/SSLv3, verify=OK, cipher=EDH-RSA-DES-CBC3-SHA, bits=168/168
Feb 3 17:36:57 aldan sm-mta[6650]: STARTTLS=server,
cert-subject=/C=US/ST=Massachusetts/L=Jamaica+20Plain/O=Video+20Collage,+20Inc./OU=Mail+20Server/CN=corbulon.video-collage.com/emailAddress=m,
cert-issuer=/C=US/ST=Massachusetts/L=Jamaica+20Plain/O=Video+20Collage,+20Inc./OU=SSL+20Certificate+20Authority/CN=Video+20Collage+20CA/emai
[...]
Feb 3 17:49:24 aldan sm-mta[6699]: h13MnNBO006699: <-- RCPT To:<[EMAIL PROTECTED]>
Feb 3 17:49:24 aldan sm-mta[6699]: h13MnNBO006699: --- 550 5.7.1
<[EMAIL PROTECTED]>... Relaying denied
The (my own) authority's certificate did not change in months, and
neither did the the /etc/mail/access. What changed was the sendmail's
version on both ends (sendmail-tls-8.12.7_2 on the sender, and 8.12.6 on
the relay) and the .cf files, which were re-made from the old .mc ones.
Any clues? Thanks!
-mi
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
