Date: Wed, 12 Oct 2011 14:36:45 -0500 From: "Dean E. Weimer" <dweimer@dweimer.net> To: Daniel Feenberg <feenberg@nber.org> Cc: freebsd-questions@freebsd.org Subject: Re: somewhat Off topic, Sendmail Issue Message-ID: <c953575af6174a772d8b357c85ac47fd@www.dweimer.net> In-Reply-To: <alpine.LFD.2.00.1110121225430.29440@agesas2.nber.org> References: <c867f6af02b1d0117bddbe0db805e668@www.dweimer.net> <alpine.LFD.2.00.1110121225430.29440@agesas2.nber.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12.10.2011 11:30, Daniel Feenberg wrote: > There is an active Usenet group at comp.mail.sendmail. > > Does the ENCR parameter documented at > > http://www.sendmail.org/m4/starttls.html > > do you any good? It doesn't restrict the method, only the number of > bits > in the key. > > Daniel Feenberg Well after searching the comp.mail.sendmail list through Google groups, I have come up wiht the following changes. I changed the orignal /etc/make.conf: from this: SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL to: SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL -D_FFR_TLS_1 redid the compile steps: Added this to the end of /etc/mail/hostname.mc: LOCAL_CONFIG O CipherList=ALL:!aNULL:!eNULL:!LOW:!EXP:!ADH:RC4+RSA:+HIGH:+MEDIUM:!SSLv2 under /etc/mail executed the make, make install steps After restarting, an attempt to do: /usr/local/bin/openssl s_client -starttls smtp -cipher EXP-RC4-MD5 -connect localhost:25 Failed, this successfully connected before these changes. Scans are running now, I will let you all know if it was successful. -- Thanks, Dean E. Weimer dweimer@dweimer.net http://www.dweimer.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c953575af6174a772d8b357c85ac47fd>