[GRLUG] Evolution NO TLS?

Adam Tauno Williams awilliam at whitemice.org
Tue Jul 30 13:23:43 EDT 2013


On Tue, 2013-07-30 at 12:40 -0400, Mark Farver wrote:
> On Tue, Jul 30, 2013 at 12:23 PM, L. V. Lammert <lvl at omnitec.net> wrote:
> > Interesting, .. why, then, does it choke when talking to sendmail? Have
> > there been updates in the RFCs that Evolution is following but our old
> > sendmail server is not?
> There were a few bugs in Sendmail's TLS handling around 8.14 that can
> cause this very issue, though I'm still at a loss as to why its
> happening on a server with TLS disabled.  It may be you are correct,
> and Evolution is sending STARTTLS and looking for the command to be
> rejected, instead of verifying that the server even offers it as an
> option.  Either that of the starttls error is a red herring, and
> something else is wrong.  (I found one article saying that not having
> the authentication username filled in might cause this error.)

If the server does not offer authentication it might be reasonable to
try to protect the connection and then try - as most servers will not
offer authentication on an unprotected connection.

> A wireshark capture of the TCP session would be very interesting, I think.

Exactly, use-the-tools!  I always go for Wireshark first thing when
there is some kind of network service issue; otherwise there is just a
lot speculative he-said-she-said.  Why bother with that when you can see
for yourself?

-- 
Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383
Systems Administrator, Python Developer, LPI / NCLA



More information about the grlug mailing list