Date: Wed, 12 Oct 2011 12:30:40 -0400 (EDT) From: Daniel Feenberg <feenberg@nber.org> To: "Dean E. Weimer" <dweimer@dweimer.net> Cc: freebsd-questions@freebsd.org Subject: Re: somewhat Off topic, Sendmail Issue Message-ID: <alpine.LFD.2.00.1110121225430.29440@agesas2.nber.org> In-Reply-To: <c867f6af02b1d0117bddbe0db805e668@www.dweimer.net> References: <c867f6af02b1d0117bddbe0db805e668@www.dweimer.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 12 Oct 2011, Dean E. Weimer wrote: > I know this is a Sendmail issue, but I haven't been able to track down any > information online, or found any Sendmail user email lists yet. And since I > am running it on a FreeBSD server, I thought I would try here and see if > anyone knows the answer to my problem. > > I have enabled SSL on SMTP to enable the delivery and reception of TLS > encrypted emails, the server is going to be used as a relay between a MS > Exchange server and an external Spam filtering service that has an encrypted > email sending application that strips attachments and creates a password > protected HTTPS link based on keywords in the subject. > > Everything works as expected, but when I test the server against required PCI > scans, it accepts weak encryption ciphers, I need to limit these ciphers. > After a lot of extensive searching I have found references to the fact that > it is possible to configure Sendmail to do this, but I can't find any > documentation on how to do it. > There is an active Usenet group at comp.mail.sendmail. Does the ENCR parameter documented at http://www.sendmail.org/m4/starttls.html do you any good? It doesn't restrict the method, only the number of bits in the key. Daniel Feenberg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.LFD.2.00.1110121225430.29440>