[GRLUG] Evolution NO TLS?
Adam Tauno Williams
awilliam at whitemice.org
Tue Jul 30 13:23:43 EDT 2013
On Tue, 2013-07-30 at 12:40 -0400, Mark Farver wrote:
> On Tue, Jul 30, 2013 at 12:23 PM, L. V. Lammert <lvl at omnitec.net> wrote:
> > Interesting, .. why, then, does it choke when talking to sendmail? Have
> > there been updates in the RFCs that Evolution is following but our old
> > sendmail server is not?
> There were a few bugs in Sendmail's TLS handling around 8.14 that can
> cause this very issue, though I'm still at a loss as to why its
> happening on a server with TLS disabled. It may be you are correct,
> and Evolution is sending STARTTLS and looking for the command to be
> rejected, instead of verifying that the server even offers it as an
> option. Either that of the starttls error is a red herring, and
> something else is wrong. (I found one article saying that not having
> the authentication username filled in might cause this error.)
If the server does not offer authentication it might be reasonable to
try to protect the connection and then try - as most servers will not
offer authentication on an unprotected connection.
> A wireshark capture of the TCP session would be very interesting, I think.
Exactly, use-the-tools! I always go for Wireshark first thing when
there is some kind of network service issue; otherwise there is just a
lot speculative he-said-she-said. Why bother with that when you can see
for yourself?
--
Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383
Systems Administrator, Python Developer, LPI / NCLA
More information about the grlug
mailing list