From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461) Description of problem: sendmail does not offer STARTTLS as authentication mechanism (using sendmail 8.11.6-3), no 'secure' SMTP is possible. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. modify /etc/sendmail.mc and make sendmail.cf according to documentation at sendmail.org and restart sendmail excerpt from sendmail.mc: define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN STARTTLS') dnl define(`confCACERT_PATH',`/usr/share/ssl')dnl define(`confCACERT',`/usr/share/ssl/cert.pem')dnl define(`confSERVER_CERT',`/usr/share/ssl/cert.pem')dnl define(`confSERVER_KEY',`/usr/share/ssl/cert.pem')dnl define(`confCLIENT_CERT',`/usr/share/ssl/cert.pem')dnl define(`confCLIENT_KEY',`/usr/share/ssl/cert.pem')dnl 2. check STARTTLS availability using: telnet localhost 25 ehlo localhost -> no AUTH STARTTLS available Log indicates: NOQUEUE: localhost.localdomain [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA 3. Netscape etc. cannot connect to SMTP using TLS Actual Results: no STARTTLS available Expected Results: TLS available as authentication mechanism Additional info:
Redhat please provide sendmail-8.12.1 rpm updates. sendmail-8.12 no longer needs sfio to provide STARTTLS.
It looks to me there is also an smtp-auth problem with the sendmail package in redhat7.2. Using the same sendmail.cf and supporting packages, I can only get "LOGIN" and "PLAIN" authentication mechanism to work in rh72. However, other auth mechanisms are available in rh70 + sendmail-8.11.6-2.7.0.
ignore my last comment. it's a cyrus-sasl problem due to missing /etc/sasldb. running saslpasswd to set a password solves the problem.
Ok, problem has been resolved. We will also have 8.12.2 or newer in the next release. Thanks, Florian La Roche