On 12.10.2011 15:16, Matthew Seaman wrote:
_FFR_TLS_1 is actually already defined in the default sendmail on
FreeBSD. See /usr/src/usr.sbin/sendmail/Makefile around line 63.
It's also enabled in the ports version of sendmail, so long as you
select the WITH_TLS option. I just added this setting to my sendmail
config and it seems to work using the ports sendmail without having
to
recompile anything.
It could certainly do with being mentioned in the documentation more
prominently. There's not a hint of the CipherList option in
/usr/share/sendmail/cf/README
_FFR_SMTP_SSL on the other hand, doesn't appear anywhere under
/usr/src
-- think that must be a fossil remnant from some older version of
sendmail.
Cheers,
Matthew
-- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP:
http://www.infracaninophile.co.uk/pgpkey Ramsgate JID:
matt...@infracaninophile.co.uk Kent, CT11 9PW
Interesting info, I will take a look at that Makefile and see what I
find, I found those options to set originally on a web page, can't quite
remember where, I pieced info from a few different locations to get
everything working as I wanted. I do know a lot of it was originally
done for an older version of FreeBSD, so perhaps it was an FFR option at
that time it was written. One thing I have figured out in this process
is that Sendmail FFR compiled options are basically undocumented outside
of the source file comments. Perhaps it was my inclusion of an old
setting, that caused the ciphers to open up more to start with. It did
pass the tests as is, I will look more into this though. And see if I
can't slim down the overall steps to get the server up and running
before it goes live on a production server.
--
Thanks,
Dean E. Weimer
dwei...@dweimer.net
http://www.dweimer.net/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
