On 12.10.2011 11:30, Daniel Feenberg wrote:
There is an active Usenet group at comp.mail.sendmail.
Does the ENCR parameter documented at
http://www.sendmail.org/m4/starttls.html
do you any good? It doesn't restrict the method, only the number of
bits
in the key.
Daniel Feenberg
Well after searching the comp.mail.sendmail list through Google groups,
I have come up wiht the following changes.
I changed the orignal /etc/make.conf:
from this:
SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL
to:
SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL -D_FFR_TLS_1
redid the compile steps:
Added this to the end of /etc/mail/hostname.mc:
LOCAL_CONFIG
O
CipherList=ALL:!aNULL:!eNULL:!LOW:!EXP:!ADH:RC4+RSA:+HIGH:+MEDIUM:!SSLv2
under /etc/mail
executed the make, make install steps
After restarting, an attempt to do:
/usr/local/bin/openssl s_client -starttls smtp -cipher EXP-RC4-MD5
-connect localhost:25
Failed, this successfully connected before these changes. Scans are
running now, I will let you all know if it was successful.
--
Thanks,
Dean E. Weimer
dwei...@dweimer.net
http://www.dweimer.net/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"