[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: strange smtp blockings

On Fri, 13 Jul 2001, Roland Krocin wrote:

> potato or woody?
> I'm getting the same problems on 2 out of 3 woody boxes (sendmail). the
> third works 70% of the time. reverse dns works perfectly to all other hosts.
> other interesting thing is that this seems to be an issue mostly with
> Microsoft-OS MTAs. There is a known problem with bind 9.x and MS DNS zone
> transfers, that may have something to do with it...

If you're having problems w/MTA -> M$ MTA  (the original poster said
telnet 25 had the same problem, so its not MTA->MTA) - and you're on
8.12, you may want to disable TLS negotiation (either on a host basis,
or altogether).

If you wish to completly disable outbound negotiation:
dnl #
dnl # Don't use AUTH/TLS in client mode (but do use addr for helo/ehlo)

If you'd rather do it on a host-by-host basis, you'll need to update
Srv_Features:some.domain flags
where flags can be a (comma or space separated) list of the following char:
A Do not offer AUTH
P Do not offer PIPELINING
S Do not offer STARTTLS
V Do not request a client certificate in STARTTLS
Generally upper case characters turn off a feature while lower case
characters turn it on.

Rick Nelson
----==-- _                     / /  \
---==---(_)__  __ ____  __    / / /\ \
--==---/ / _ \/ // /\ \/ /   / /_/\ \ \
-=====/_/_//_/\_,_/ /_/\_\  /______\ \ \
A proud member of TeamLinux \_________\/
	-- CHaley (HAC), haley@unm.edu, ch008cth@pi.lanl.gov)

Reply to: