version: sendmail-8.12.10-1 There is a bug in sendmail that makes it enter an infinite loop, writing STARTTLS: read error=generic SSL error to syslog until your filesystem is full ... For a detailed description, please see: http://www.mailarchive.ca/lists/comp.mail.sendmail//2003-02/0293.html To fix this, simply add -D _FFR_DEAL_WITH_ERROR_SSL to sendmail-8.12.2-redhat.patch . The result looks like this: +define(`confENVDEF', `$(RPM_OPT_FLAGS) -I/usr/include/db4 -I/usr/kerberos/include -Wall -DXDEBUG=0 -DTCPWRAPPERS -DSASL=2 -DSTARTTLS -DMILTER -DNETINET6 -DHES_GETMAILHOST -DUSE_VENDOR_CF_PATH=1 -D_FFR_WORKAROUND_BROKEN_NAMESERVERS -D_FFR_SMTP_SSL -D_FFR_MILTER_ROOT_UNSAFE -D_FFR_UNSAFE_SASL -D_FFR_DEAL_WITH_ERROR_SSL') Greetings, Michael
Can you please test this with the latest update for RHEL3?
I haven't yet figured out how to reproduce this bug, but I *do* see it on several servers. I'm trying to see if upgrading the the U2 sendmail RPM corrects the issue.
seeing it here too... millions of lines of Oct 24 10:54:04 mail sendmail[6797]: STARTTLS: read error=generic SSL error (0) Oct 24 10:54:04 mail sendmail[519]: STARTTLS: read error=generic SSL error (0) ...until the /var/ partition fills up. on FC3 - sendmail 8.13.1 Please release a fix for FC3!
This bug still exists in RHEL 4. To fix it, add _FFR_DEAL_WITH_ERROR_SSL to confENVDEF in the spec file (there is no need to change/add a patch, as describe above ...). The bug is still present because Red Hat uses 8.13.1. Since 8.13.3, _FFR_DEAL_WITH_ERROR_SSL is defined per default.
See also: http://groups.google.at/group/comp.mail.sendmail/browse_thread/thread/9ca0a49b001162ce/5ddd2a8f70de5177?lnk=st
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2007-0252.html