sendemail Fails When Using TLS 2024-08-06
sendemail is a little utility that I often use in shell scripts to send notifications to myself about various good or bad things happening on the servers I manage. In general I think it makes sense to encrypt data [such as emails] in transit, which usually means TLS. My email server accepts TLS connections, and sendemail has worked well for me for years. However, this morning [after migrating my email to a different server] I noticed that I didn't get my daily notification about how many DNS queries my resolver did yesterday. Using a little -vvv magic I could see that the sendemail application was failing with this crap:
Aug 06 09:54:58 dns1 sendemail[22144]: SUCCESS => Received: 220 2.0.0 Ready to start TLS
Use of uninitialized value $2 in concatenation (.) or string at /usr/share/perl5/IO/Socket/SSL.pm line 792.
Aug 06 09:54:59 dns1 sendemail[22144]: ERROR => TLS setup failed: hostname verification failed
At first I was concerned about the "hostname verification failed" part, but it was definitely the TLS part that was failing. Turns out it was related to this FreeBSD bugzilla thread, and I found an easy fix for Devuan/Debian here in the sendemail github issues. All I had to do was:
# apt-get purge sendemail
# wget http://ftp.us.debian.org/debian/pool/main/s/sendemail/sendemail_1.56-5.2~bpo12+1_all.deb
# dpkg -i sendemail_1.56-5.2~bpo12+1_all.deb
... and sendemail immediately worked again.