TLS Problems

From Roaring Penguin
Revision as of 16:03, 20 June 2014 by MCoyne (talk | contribs)

Jump to: navigation, search

We've found that Debian 7's version of OpenSSL has problems interoperating with some other SSL implementations. Here are some things you can try:

  1. Add this to the end of /etc/mail/ LOCAL_CONFIG dnl # Do not allow SSLv2 and weak ciphers O CipherList=HIGH:MEDIUM:!ADH:!MD5:!SSLv2 O ClientSSLOptions=+SSL_OP_NO_TLSv1
    After you add the above lines, type: make -C /etc/mail && /etc/init.d/sendmail reload
  2. If that doesn't help, you have to disable TLS with the machine Put this lines in /etc/mail/access: NO
    and again: make -C /etc/mail
  3. If that still does not work, you may have to disable STARTTLS for now by removing include(`/etc/mail/tls/starttls.m4')dnl from
    and running make -C /etc/mail && /etc/init.d/sendmail reload