From owner-freebsd-stable@FreeBSD.ORG Thu Jun 18 23:09:38 2015 Return-Path: Delivered-To: freebsd-stable@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 54D41843 for ; Thu, 18 Jun 2015 23:09:38 +0000 (UTC) (envelope-from jamie@dyslexicfish.net) Received: from dyslexicfish.net (deadcat.mail.dyslexicfish.net [45.63.12.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 01587219 for ; Thu, 18 Jun 2015 23:09:37 +0000 (UTC) (envelope-from jamie@dyslexicfish.net) Received: from dyslexicfish.net (deadcat.mail.dyslexicfish.net [45.63.12.202]) by dyslexicfish.net (8.14.5/8.14.5) with ESMTP id t5IN2lvQ090848; Fri, 19 Jun 2015 00:02:47 +0100 (BST) (envelope-from jamie@dyslexicfish.net) Received: (from jamie@localhost) by dyslexicfish.net (8.14.5/8.14.5/Submit) id t5IN2l82090847; Fri, 19 Jun 2015 00:02:47 +0100 (BST) (envelope-from jamie) From: Jamie Landeg-Jones Message-Id: <201506182302.t5IN2l82090847@dyslexicfish.net> Date: Fri, 19 Jun 2015 00:02:47 +0100 To: gshapiro@gshapiro.net Cc: freebsd-stable@freebsd.org Subject: Re: Last openssl update brakes localhost email sending References: <5582C749.9060801@sentex.net> <20150618150404.GA42082@minime.local> In-Reply-To: User-Agent: Heirloom mailx 12.4 7/29/08 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (dyslexicfish.net [45.63.12.202]); Fri, 19 Jun 2015 00:02:47 +0100 (BST) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2015 23:09:38 -0000 Hello! I'm curious... Why is localhost delivery encrypted by default in the first place? I have this in /etc/mail/access: # ---------------------------------------------------------------------------- # Disable local encrypted connections: Srv_Features:localhost S # ---------------------------------------------------------------------------- The only reason I can think of is if there is some unencrypted TCP relayed 'tunnel', that has been set up not using ssh or some other encrypted transport. Have I answered my own question? This hardly seems like typical usage, and if someone did do such a thing, I'd expect them to know to tweak the sendmail defaults. Cheers, Jamie