On Fri, 10 Jul 2015, R P Herrold wrote: We reached the following addition of a DH parameters file solution, which also solved the authentication issue for certain Apple email clients on IOS 8.4 (an update within the last month)
sendmail.mc fragment define(`CERT_DIR', `/etc/pki/tls')dnl define(`confCACERT_PATH', `CERT_DIR')dnl dnl https://www.sendmail.com/sm/open_source/docs/m4/tweaking_config.html dnl dnl http://weldon.whipple.org/sendmail/wwstarttls.html#DHParams dnl dnl http://lists.freebsd.org/pipermail/freebsd-questions/2015-June/266456.htm dnl > 3. If a setting for confDH_PARAMETERS exists and is set to dnl dnl > a file path, create a new file with: dnl dnl > openssl dhparam -out /path/to/file 2048 dnl dnl > for 2048-bit dnl dnl *** USED *** dnl dnl so: openssl dhparam -out /etc/pki/tls/certs/DH-options.pem 2048 dnl dnl dnl define(`confDH_PARAMETERS', `CERT_DIR/certs/DH-options.pem')dnl -- Russ herrold