In the rapidly evolving Let's Encrypt the world it would be great to use FEATURE(`tls_session_features') in Sendmail, so we have a higher granularity setting ssl options and ciphers for older clients/servers using FEATURE(`access_db') while keeping base settings strict For that, files/site.config.m4.tls needs the following line APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -D_FFR_TLS_EC') To be changed into APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -D_FFR_TLS_EC -D_FFR_TLS_SE_OPTS') On a fbsd 12.1 system it will result in this functionality being available
Thanks. patches in testing.
A commit references this bug: Author: dinoex Date: Sun May 10 11:33:40 UTC 2020 New revision: 534845 URL: https://svnweb.freebsd.org/changeset/ports/534845 Log: - enable _FFR_TLS_SE_OPTS 246259 PR: 246259 Submitted by: ruben@verweg.com Changes: head/mail/sendmail/Makefile head/mail/sendmail/files/site.config.m4.tls