-
All replies
-
Helpful answers
-
Jul 8, 2015 3:52 PM in response to drednaught_adminby ABerglund,Easier said than done. I've attempted to follow the instructions from weakdh.org on our authenticated sendmail SMTP relay, total failure. Nothing seems to help with the Apple devices, although following the instructions from weakdh.org restored SMTP for recent Thunderbird and Android clients.
On the off chance that my failure may have been caused by the age of the OS and sendmail that we have been using for years, I threw up a brand new VM (CentOS-7) and tried to configure it using either sendmail or postfix with a new 2048-bit DH key. No luck there either.
So if any sendmail/postfix admins have a clue how to deal with this, please share!
-
Jul 9, 2015 1:42 AM in response to GBatby eluis,That's my problem too.... I have an old system and updates are too dangerous by now as it may cause broken services.
I tried the instructions from weakdh.org too and didn't work too on my sendmail installation.
I think the problem maybe an outdated version of Open-SSL because I can generate successefully a 2048bits certificate.
It seems that the problem will only be solved with a fresh and recent OS installation.
-
Jul 9, 2015 7:38 AM in response to eluisby ABerglund,Well, here's an encouraging update. As mentioned earlier, fixing the cyphers as instructed at weakdh.org did not fix the problem on either my test iPhone or MacBook with 10.10.4 immediately.
But after the server tweaks, completely deleting the accounts and building them new from scratch did.
On the iPhone, I deleted methodically and completely - deleted the SMTP server first, then the entire account. I then powered off the phone completely and restarted it, then rebuilt the account from scratch, using the exact same SMTP settings as before (port 465, SSL on, password auth in my case). After the normal long validation, sending email works as it should again.
For the MacBook, I did similar, except I didn't reboot in the middle, just shut down Mail.app after account deletion. As with the iPhone, this process has restored SMTP ability to the MacBook as well.
The last bit is untested yet—now that the server has been remediated to Apple's liking, what will happen when the next iOS 8.3 device is updated to 8.4? Will it simply work as-is? Or will we need to delete and recreate the account on those devices as well?