Sendmail fails to relay mails through smart host with the error 'generic SSL error' in maillog.
Environment
- Red Hat Enterprise Linux Server 5.3
- sendmail-8.13.8-2.el5
- sendmail-cf-8.13.8-2.el5
Issue
-
Sendmail do not relay mails through smart host. The following SSL errors are seen in maillog when the issue occurs:
Feb 12 22:59:52 servername sendmail[2733]: STARTTLS=client, relay=email1.smarthost.com., version=TLSv1/SSLv3, verify=FAIL, cipher=DES-CBC3-SHA, bits=168/168 Feb 12 22:59:52 servername sendmail[2733]: STARTTLS: read error=generic SSL error (-1), errno=0, get_error=error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number, retry=1, ssl_err=1
Resolution
Edit /etc/mail/access file and append following line
Try_TLS:smarthost.server NO
Execute following commands afterwards
#makemap hash /etc/mail/access.db < /etc/mail/access
#service sendmail restart
Root Cause
Refer to the "Disabling STARTTLS And Setting SMTP Server Features" section at following link
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
