Problems host name lookup failure sendmail

rickyarge92 · September 5, 2019, 11:24am

Hi
I have a problem in sendmail Freebsd when sending emails to yahoo as an example, I get:

 
Sep  5 10:05:43 local50 sm-mta[43926]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
Sep  5 10:05:43 local50 sm-mta[43926]: STARTTLS=client: 43926:error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:596:
Sep  5 10:05:43 local50 sm-mta[43926]: ruleset=tls_server, arg1=SOFTWARE, relay=mta6.am0.yahoodns.net, reject=403 4.7.0 TLS handshake failed

Any solution?

rbatte1 · September 5, 2019, 11:49am

How is your server trying to connect to the relay mta6.am0.yahoodns.net ? You might try to check if you can get a response from telnet mta6.am0.yahoodns.net 25

Maybe you could also post us the output/errors (wrapped in CODE tags) from something like sendmail -v target.email.address@target.domain < <(printf "Subject: Test email to diagnose\nHere is a line of content\n)

The output/trace might be returned as an email to your local user account, so check there if it just says Mail Delivery Status Report will be mailed to local.username

Robin

jim_mcnamara · September 5, 2019, 11:50am

It seems to be an SSL problem. I think the current version of Openssl is 1.0.2. What version do you have?

openssl version will tell you. Please tell us what you find, as well as your Linux distro and version. That way we can help

rickyarge92 · September 5, 2019, 12:41pm

By taking that test I get:
#telnet mta6.am0.yahoodns.net 25
Trying 67.195.204.77...
Connected to mta6.am0.yahoodns.net.
Escape character is '^]'.
220 mtaproxy106.free.mail.bf1.yahoo.com ESMTP ready
ehlo localhost
250-mtaproxy106.free.mail.bf1.yahoo.com
250-PIPELINING
250-SIZE 41943040
250-8BITMIME
250 STARTTLS

--- Post updated at 05:20 PM ---

The version I have is OpenSSL 0.9.8k 25 Mar 2009
This inconvenience is happening now, a few days ago it did not happen, is there any way to sendmail skips TLS in some domains?

--- Post updated at 05:38 PM ---

By taking that test I get:
#telnet mta6.am0.yahoodns.net 25
Trying 67.195.204.77...
Connected to mta6.am0.yahoodns.net.
Escape character is '^]'.
220 mtaproxy106.free.mail.bf1.yahoo.com ESMTP ready
ehlo localhost
250-mtaproxy106.free.mail.bf1.yahoo.com
250-PIPELINING
250-SIZE 41943040
250-8BITMIME
250 STARTTLS

--- Post updated at 05:39 PM ---

The version I have is OpenSSL 0.9.8k 25 Mar 2009
This inconvenience is happening now, a few days ago it did not happen, is there any way to sendmail skips TLS in some domains?

--- Post updated at 05:41 PM ---

The message that returns is this ----- Transcript of session follows ----- <ricardoacostait@yahoo.com>... Deferred: Name server: mta7.am0.yahoodns.net.: host name lookup failure
Warning: message still undelivered after 4 hours Will keep trying until message is 5 days old