From owner-freebsd-questions@FreeBSD.ORG  Wed Oct 12 19:36:47 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 638F31065672
	for <freebsd-questions@freebsd.org>;
	Wed, 12 Oct 2011 19:36:47 +0000 (UTC)
	(envelope-from dweimer@dweimer.net)
Received: from webmail.dweimer.net (adsl-70-129-195-213.dsl.ksc2mo.swbell.net
	[70.129.195.213])
	by mx1.freebsd.org (Postfix) with ESMTP id 002B08FC15
	for <freebsd-questions@freebsd.org>;
	Wed, 12 Oct 2011 19:36:46 +0000 (UTC)
Received: from www.dweimer.net (localhost [127.0.0.1])
	by webmail.dweimer.net (8.14.4/8.14.4) with ESMTP id p9CJajCD068879;
	Wed, 12 Oct 2011 14:36:45 -0500 (CDT)
	(envelope-from dweimer@dweimer.net)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Wed, 12 Oct 2011 14:36:45 -0500
From: "Dean E. Weimer" <dweimer@dweimer.net>
To: Daniel Feenberg <feenberg@nber.org>
Mail-Reply-To: <dweimer@dweimer.net>
In-Reply-To: <alpine.LFD.2.00.1110121225430.29440@agesas2.nber.org>
References: <c867f6af02b1d0117bddbe0db805e668@www.dweimer.net>
	<alpine.LFD.2.00.1110121225430.29440@agesas2.nber.org>
Message-ID: <c953575af6174a772d8b357c85ac47fd@www.dweimer.net>
X-Sender: dweimer@dweimer.net
User-Agent: RoundCube Webmail/0.6
Cc: freebsd-questions@freebsd.org
Subject: Re: somewhat Off topic, Sendmail Issue
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: dweimer@dweimer.net
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2011 19:36:47 -0000

On 12.10.2011 11:30, Daniel Feenberg wrote:

> There is an active Usenet group at comp.mail.sendmail.
>
> Does the ENCR parameter documented at
>
> http://www.sendmail.org/m4/starttls.html
>
> do you any good? It doesn't restrict the method, only the number of 
> bits
> in the key.
>
> Daniel Feenberg

Well after searching the comp.mail.sendmail list through Google groups, 
I have come up wiht the following changes.

I changed the orignal /etc/make.conf:
from this:
SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL
to:
SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL -D_FFR_TLS_1

redid the compile steps:

Added this to the end of /etc/mail/hostname.mc:
LOCAL_CONFIG
O 
CipherList=ALL:!aNULL:!eNULL:!LOW:!EXP:!ADH:RC4+RSA:+HIGH:+MEDIUM:!SSLv2

under /etc/mail
executed the make, make install steps

After restarting, an attempt to do:
/usr/local/bin/openssl s_client -starttls smtp -cipher EXP-RC4-MD5 
-connect localhost:25

Failed, this successfully connected before these changes.  Scans are 
running now, I will let you all know if it was successful.

-- 

Thanks,
  Dean E. Weimer
  dweimer@dweimer.net
  http://www.dweimer.net/