sendmail broken by libssl in current
Paul Hoffman
paul.hoffman at vpnc.org
Wed Mar 11 14:28:04 UTC 2015
On Mar 10, 2015, at 11:57 PM, Julian Elischer <julian at freebsd.org> wrote:
> unfortunatly this makes sendmail incompatible with various email servers around the world,
> including (apparently (ironically (*))) Ironport email gateways.
> It fails in TLS handshake.
Can you say which email servers *other* than unpatched Ironport fail? I've only seen it with unpatched Ironport on my (somewhat active) FreeBSD-based mail server. FWIW, I only see these bounces in my mail queue for exactly two sites.
Cisco has known about this for many months; see <https://tools.cisco.com/quickview/bug/CSCuo25276>. I have been told by an Ironport user that there is already a patch that is available from Cisco. If that's true (I can't confirm), why would we want to do a patch to our core crypto?
--Paul Hoffman
More information about the freebsd-security
mailing list