Sendmail Error at Boot

Robert Simmons rsimmons0 at
Mon Jan 27 07:40:52 UTC 2014

On Mon, Jan 27, 2014 at 2:28 AM, Matthew Seaman <matthew at> wrote:
> On 27/01/2014 03:19, Robert Simmons wrote:
>> Why is this not part of the install?
> Sendmail in base doesn't come configured to use TLS by default, although
> the appropriate capabilities are compiled in to the binaries.
> I've no idea why enabling TLS isn't the default -- seems like a
> no-brainer in this day and age.  It would require generating a key and
> (self-signed) cert on first startup after installation, much like the
> way SSH keys are generated, but so long as the problems with startup
> entropy availability have been satisfactorily sorted out (which I
> believe they have) I can't see any huge problem with that.

Thanks for the explanation. I agree with the no-brainer. Last week the
keynote at ShmooCon was Ian Golberg, and one of the main points of his
talk was that nothing should ever be sent over a network in plaintext
from now on. And there should not be a choice of two protocol
versions, one encrypted and one plaintext, because a non-zero number
of users will choose plaintext.

More information about the freebsd-questions mailing list