Prev: Sticky MX for queued messages. Bug??
Next: what's happening here? I need desparately a SENDMAIL geek!!!!!!!!!!!!!!!!
From: David Carvalho on 7 Jun 2010 13:21
Hi !
Since my previous Sendmail installation (8.14.1),
something may have change regarding STARTTLS.
My Windows XP clients could relay anymore when using Outlook and Outlook
Express.
After some research, I found that this may be related to the "inferior"
cipher used (RC4-MD5)
by these programs while using Windows XP. On Windows 7, windows mail clients
work fine. After installing Thunderbird on windows XP, I can also relay.
So I've tried to setup Sendmail to accept those weaker ciphers but without
success in sendmail.mc

LOCAL_CONFIG
O
CipherList=ALL:!ADH:!NULL:+HIGH:+MEDIUM:!LOW:+SSLv3:+TLSv1:+SSLv2:RC4+RSA:RC4-MD5:!EXP:!eNULL:!aNULL
define(`confTLS_SRV_OPTIONS',`C')

Althought I solved this by using more recent e-mail clients on Windows XP, I
would really
like to understand how this could be done.
Sending e-mails from other accounts (previous Sendmail versions) with the
same workstations
I could see in the logs that RC4-MD5 was being used.
Any ideas please ?
Regards



From: David Carvalho on 14 Jun 2010 04:54
it worked !
I copied the default /etc/pki/tls/certs/ca-bundle.crt to
/etc/pki/tls/certs/ca-bundle.sendmail.crt,
reduced its size from about 650KB to 270KB, used make -C /etc/mail to
generate
the new sendmail.cf. Restarted Sendmail and the result was immediate.
I've teste only in one client but I guess everthing should be working fine
(if not, I'll be back :) )
Thank you all very much.
Regards
David





"David Carvalho" <dave_carvalho(a)hotmail.com> wrote in message
news:huj9qc$rct$1(a)speranza.aioe.org...
> Hi !
> Since my previous Sendmail installation (8.14.1),
> something may have change regarding STARTTLS.
> My Windows XP clients could relay anymore when using Outlook and Outlook
> Express.
> After some research, I found that this may be related to the "inferior"
> cipher used (RC4-MD5)
> by these programs while using Windows XP. On Windows 7, windows mail
> clients
> work fine. After installing Thunderbird on windows XP, I can also relay.
> So I've tried to setup Sendmail to accept those weaker ciphers but
> without success in sendmail.mc
>
> LOCAL_CONFIG
> O
> CipherList=ALL:!ADH:!NULL:+HIGH:+MEDIUM:!LOW:+SSLv3:+TLSv1:+SSLv2:RC4+RSA:RC4-MD5:!EXP:!eNULL:!aNULL
> define(`confTLS_SRV_OPTIONS',`C')
>
> Althought I solved this by using more recent e-mail clients on Windows XP,
> I would really
> like to understand how this could be done.
> Sending e-mails from other accounts (previous Sendmail versions) with the
> same workstations
> I could see in the logs that RC4-MD5 was being used.
> Any ideas please ?
> Regards
>
>
>
 | 
Pages: 1
Prev: Sticky MX for queued messages. Bug??
Next: what's happening here? I need desparately a SENDMAIL geek!!!!!!!!!!!!!!!!