sendmail client authentication failed with TLS
2010-03-04 by , tagged as
When sending mail with sendmail to a providers SMTP-server
authentication was not done because STARTTLS disabled
advertising authorization methods on the server side.
Authenticated SMTP is almost mandatory nowadays. But sendmail's AUTH implentation failes when the provider's mail server uses qmail and has STARTTLS enabled.
This is because when a SMTP-server offers TLS sendmail always use STARTTLS to use it. But qmail's EHLO does not show the available authication modes when in TLS mode - sendmail does not authenticate and mail relaying is denied.
The trick is to disable TLS for this specific server in sendmail.
This is only possible with the access-db FEATURE and an access rule like:
Try_TLS:smtp.myprovider.com NO
which disables TLS and make sendmail's client AUTH work.