Hi, Please consider adding the following to the OpenBSD sendmail port in order to add ECC support to STARTTLS (-D_FFR_TLS_EC), and hopefully to add a little more granular control of TLS (-D_FFR_TLS_SE_OPTS) as well (but at least the former seems a quite reasonable default in CE 2016).
--- sendmail/files/site.OS.m4.dist Mon Mar 28 06:39:40 2016 +++ sendmail/files/site.OS.m4 Mon Mar 28 06:50:33 2016 @@ -32,6 +32,8 @@ APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER') dnl (START)TLS APPENDDEF(`confENVDEF', `-DSTARTTLS')dnl +APPENDDEF(`confENVDEF', `-D_FFR_TLS_EC')dnl +APPENDDEF(`confENVDEF', `-D_FFR_TLS_SE_OPTS')dnl APPENDDEF(`confLIBS', `-lssl -lcrypto')dnl dnl Flavors dnl ======= Thanks and Best Regards, --Kyle P.S. Also, please note that I'm not on the ports mailing list. -- CA +1-778-819-UNIX BackWatcher, Inc. US +1-425-584-UNIX Information Security Solutions SIP am...@backwatcher.com www.backwatcher.ca INUM +883-5100-0990-1657 / ISN UNIX*1917 / C*NET 1-731-UNIX GPG ed25519/F57091DBD60FBBB8 [ed25519/D60FBBB8] 985C 5B61 4ACE C89A 0DEE ECCD F570 91DB D60F BBB8 OTR E1A46361 9FD0D801 0132D21A FE2E96BE 39E3F069 : am...@backwatcher.com 5AB3E0B8 31F6ADB4 9A7D2FC2 A8235281 5776701E : silcnet
pgpW2BykBgzC0.pgp
Description: OpenPGP digital signature