Explicitly disable SSL / TLS for a host when sending email via sendmail

Once the sendmail mail server is configured with its own SSL certificate it will try and initiate TLS/SSL connections with all other SMTP servers if they advertise supporting TLS or SSL.

If you really need to send mail to a SMTP server that has a broken SSL configuration, sendmail can be configured to explicitly not attempt a secure connection but to instead deliver mail in using plain text.

To do this, edit your /etc/mail/mailertable and add an additional line in the format below:

Try_TLS:brokenhost.com       NO

To activate the new config the mailertable database will need to be rebuilt, which can be done by:

cd /etc/mail
makemap hash mailertable < mailertable

Last updated: 14/10/2015