Solved newbie needs help: receiving email and SMTP authentication

[dr. bob]

Ugh, now I wonder if I've broken something. I was able to send and receive email before, with STARTTLS, but Thunderbird sometimes said there was a Domain Name Mismatch. Which I think was because sendmail was using default certificates that said:

Common Name: freebsd103
Organization: Some-org
Locality: Some-city
State: Some-state
Country: XX

so I tried to switch to the certificates Apache is using. While I was at it, I changed their permissions to 600 and moved them to a new directory, and made that directory's permissions 700. Then I edited freebsd.mc, renamed my local *.mc and *.cf files, and did make and then make install restart again.

I thought that worked. I can still send and receive email, and Thunderbird hasn't complained again. But now mxtoolbox says: "Warning - Does not support TLS." But Thunderbird is working with Server Settings > Connection Security set to STARTTLS. Any insight or tips, anyone? Thanks!

 

[Deleted member 45312]

I added the following lines in my /etc/rc.conf:

sendmail_enable="YES"
sendmail_cert_create="YES"
sendmail_cert_cn="mail.domain.tld"

Replace domain.tld with yours.
Remove your certs and they will be created at startup.

And create /etc/mail/certs/dh.param by running:
# cd /etc/mail/certs
# openssl dhparam -out dh.param 4096

because sendmail complained about missing this file.

 

[dr. bob]

Thanks, I was wondering about dh.param. I created it in my new directory, but mxtoolbox still gives me the same message.

Does this have to be in /etc/mail/certs/? I changed "CERT_DIR" in freebsd.mc.

Also, can I really remove my current certs if Apache and dovecot are using them? Can sendmail use these certs and Apache and dovecot other ones? Merci!

 

[dr. bob]

OK, that seems to have done the trick.

Edited /etc/rc.conf. Reverted my freebsd.mc. Did make and then make install restart again.

I guess sendmail can use the certificates in one place and Apache and dovecot can use those in another place.

Merci again!

 

[Deleted member 45312]

OK, that seems to have done the trick.
Edited /etc/rc.conf. Reverted my freebsd.mc. Did make and then make install restart again.

Be careful !
After having run make for the first time, your sendmail configuration file is hostname.domain.tld.mc. You don't need freebsd.mc anymore.