${verify}
Result of cert verification V8.11 and later
When a connection is made or received and STARTTLS is
negotiated, sendmail updates
the value of several macros, among which is this
${verify}
macro.
This ${verify}
macro stores a text word that describes the result
of verification of the presented certificate. Those
possible text words are shown in Table 21-10.
Table 21-10. Possible values for ${verify}
|
Word |
Description |
|---|---|
|
|
A certificate was presented but could not be verified. |
|
|
STARTTLS has not been performed. |
|
|
No certificate was requested. |
|
|
No certificate was presented. |
|
|
The verification was successful. |
|
|
A protocol error occurred. |
|
|
The STARTTLS handshake failed (message will be queued). |
|
|
There was a temporary error. |
The ${verify} macro
is used in the standard configuration file as part
of the definition of the Received: header. If ${tls_version} has a
value, the following is included in the Received: header’s
text:
(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})If ${tls_version}
lacks a value, the preceding text is not included,
meaning a STARTTLS connection was not used.
${verify} is
transient. If it is defined in the configuration
file or in the command line, that definition is
ignored by sendmail. Note that
a $& prefix
is necessary when you reference this macro in rules
(that is, use $&{verify}, not ${verify}).
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
