Hi, Please consider adding the following to the OpenBSD sendmail port in order to add ECC support to STARTTLS (-D_FFR_TLS_EC), and hopefully to add a little more granular control of TLS (-D_FFR_TLS_SE_OPTS) as well (but at least the former seems a quite reasonable default in CE 2016).
--- sendmail/files/site.OS.m4.dist Mon Mar 28 06:39:40 2016
+++ sendmail/files/site.OS.m4 Mon Mar 28 06:50:33 2016
@@ -32,6 +32,8 @@
APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
dnl (START)TLS
APPENDDEF(`confENVDEF', `-DSTARTTLS')dnl
+APPENDDEF(`confENVDEF', `-D_FFR_TLS_EC')dnl
+APPENDDEF(`confENVDEF', `-D_FFR_TLS_SE_OPTS')dnl
APPENDDEF(`confLIBS', `-lssl -lcrypto')dnl
dnl Flavors
dnl =======
Thanks and Best Regards,
--Kyle
P.S. Also, please note that I'm not on the ports mailing list.
--
CA +1-778-819-UNIX BackWatcher, Inc.
US +1-425-584-UNIX Information Security Solutions
SIP am...@backwatcher.com www.backwatcher.ca
INUM +883-5100-0990-1657 / ISN UNIX*1917 / C*NET 1-731-UNIX
GPG ed25519/F57091DBD60FBBB8 [ed25519/D60FBBB8]
985C 5B61 4ACE C89A 0DEE ECCD F570 91DB D60F BBB8
OTR E1A46361 9FD0D801 0132D21A FE2E96BE 39E3F069 : am...@backwatcher.com
5AB3E0B8 31F6ADB4 9A7D2FC2 A8235281 5776701E : silcnet
pgpW2BykBgzC0.pgp
Description: OpenPGP digital signature
