> -----Original Message----- > From: tclug-list-bounces at mn-linux.org [mailto:tclug-list-bounces at mn- > linux.org] On Behalf Of David Alitz > Sent: Wednesday, June 15, 2005 9:45 AM > To: TCLUG Mailing List > Subject: Re: [tclug-list] mail server wont play nice > > sendmail? > > I had a problem with sendmail when I added ssl and auth support. I > added a certificate for the server, but I didn't define one for the > client. Whenever the outbound connection hit another server capable of > ssl, it attempted to authenticate and establish an encrypted client > connection. Without a client certificate it always failed. The > "Deferred: Connection reset..." was the only clue in the log files. > > I tried to figure out how to get it to fall back to an unencrypted > connection; but apparently sendmail doesn't like to do that. I resolved > it by defining the server certificate as the client certificate too. > Make sure you have a valid entry for: > > define(`confCLIENT_CERT', `/etc/mail/tls/sendmail.pem')dnl # path > to server certificate > define(`confCLIENT_KEY', `/etc/mail/tls/sendmail.pem')dnl # make > sure it's unencrypted > > in your sendmail.mc and regenerate your sendmail.conf. > > Dave Alitz > If you add "Try_TLS:<mailserver address> NO" to the access file in the sendmail directory and rebuild the access.db file, sendmail will stop trying to use TLS to the listed mail server. I had to use this with usa.net smtp server. The usa.net server will do TLS if you pay extra for that service. I don't send enough mail to make that economical. Joseph Key