From owner-freebsd-questions@freebsd.org Thu Mar 23 00:18:15 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0604DD18FAE for ; Thu, 23 Mar 2017 00:18:15 +0000 (UTC) (envelope-from jim@ohlste.in) Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AF0DF19F6 for ; Thu, 23 Mar 2017 00:18:14 +0000 (UTC) (envelope-from jim@ohlste.in) Received: by mail-qk0-x22b.google.com with SMTP id p22so28317266qka.3 for ; Wed, 22 Mar 2017 17:18:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ohlste-in.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=Geb52UN2PDc8t1gwDlR+X2Z80JFwYZaneHSq5DN3KVQ=; b=PV92XktTKUbafn/iVPoX43Xk9EuhZsA/s/Ir6vPs/knRmtevksp6WQcQd+27Yk+M/j NZwJo6w8so8BYy/fGoxGcgCfZtiWmfdFKeV5k5jBPq5axRbRZZuash8kDMhs1yMkaCji 3HFcsRmmACL9b4NzUa3wNT52GNCfTA/Spzz50g58wUa9BSC5YzrbwHZGFK+9YRtT6BJD 1fqx1x2cBg/9lDY5r3KlARiZoDku+0UEtAF4Pmz2GqrSoBKoCIDXTAFIq6aBWkHWLzeb ZtFPdR8QI+OGyUS7FGVkcYlelq8+8zGrtGCTfWV16bwkXw5MR+5L2Ca/GTs41JPfIcW7 pdSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=Geb52UN2PDc8t1gwDlR+X2Z80JFwYZaneHSq5DN3KVQ=; b=uMaZOV5s1VIgw6p+pW/pQ4D6yr5Zy7VH4Msrb0RtHimXTtDUxoJQa8obmrKMd+KfKd OmHQqhOQng4SYHQnlYk4tPo6BfmhlKSdIfrDW236d+0MtgjeM+LuN1TumqY4DpGisTKK SbjbN7myjtgPyV+Gwd82NRaM7GVGns9iUAG+CL4eApqdxfk0wdD3DpDQsbAQzWTS9zXg 5YzIWSiYtb+nb0G5Sd5TyiWK+9Jyd5jW4uxDgiYEkJzpPvxWffnXip90aSiSieS8/8/g bWtY7Zw3Ek8tNoQcl7orzLDp5uPSXaLBY41vs9Ho7U1DlR7C+3uXD/p1znUmE2Jl/5fj S5CA== X-Gm-Message-State: AFeK/H12eCTVgkFjqBeNLyC0MS7wl7+D1cKw9YlYxF9VGRcNvjjYlH9Htj1wSmmsb32Xww== X-Received: by 10.55.23.94 with SMTP id i91mr3048388qkh.267.1490228293431; Wed, 22 Mar 2017 17:18:13 -0700 (PDT) Received: from [192.168.1.10] (pool-108-39-64-29.nrflva.fios.verizon.net. [108.39.64.29]) by smtp.googlemail.com with ESMTPSA id v63sm2139484qkc.5.2017.03.22.17.18.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Mar 2017 17:18:11 -0700 (PDT) Subject: Re: how do I get STARTTLS working with sendmail on FreeBSD 10.3 ? To: William Dudley , freebsd-questions@freebsd.org References: From: Jim Ohlstein Message-ID: Date: Wed, 22 Mar 2017 20:18:10 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Mar 2017 00:18:15 -0000 Hello, On 3/18/17 6:44 PM, William Dudley wrote: > A google search does not reveal a useful answer. > > I just want to use a self-signed certificate so I can get my email from my > FreeBSD mail server to my cell phone. My FreeBSD server runs sendmail. > I don't really want to switch to postfix, qmail, etc. etc. > I'm sorry to be the one to break it to you after all this time and effort, but AFAIK Sendmail speaks neither POP3 nor IMAP so you cannot use it as an MDA. You can use it to *send* email from your phone, but not to retrieve it. You also can use it to forward mails to another email address from which you can retrieve it, of that's what you want. If you want to retrieve emails using your phone's email client, you will need an MDA. I use mail/dovecot2. I know that you do not want to install a different MTA, but after all this effort I'd suggest trying Exim. TLS is supported out of the box (in the default ports/packages configuration) and is extremely easy to configure [1]. You can use Dovecot authorization [2] with Exim, killing two birds with one stone. [1] http://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html - see Section 6 [2] http://wiki2.dovecot.org/HowTo/EximAndDovecotSASL -- Jim Ohlstein "Never argue with a fool, onlookers may not be able to tell the difference." - Mark Twain