Manualshelf

Sendmail 8.13.3 Securing Mailing Solution

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
11121314151617181920
cd /usr/newconfig/etc/mail/cf/cf
3. To run the gen_cf utility, enter the following command:
$ ./gen_cf
4. Select the 2: STARTTLS option under the 4: Security Options option in the
main menu.
5. Select the 5: Generate sendmail.cf option and press Enter to generate the
Sendmail 8.13.3 configuration file (sendmail.cf.gen) with the STARTTLS feature
enabled.
6. Repeat Steps 1–4.
7. Select the 6: Generate submit.cf option and press Enter to generate the
configuration file of the Sendmail 8.13.3 client queue runner (submit.cf.gen)
with the STARTTLS feature enabled.
8. Copy the previously created sendmail.cf.gen file and the submit.cf.gen
file to the /etc/mail/sendmail.cf file and the /etc/mail/submit.cf file,
respectively.
9. Open the Sendmail 8.13.3 configuration files (/etc/mail/sendmail.cfand
/etc/mail/submit.cf) and edit the UseTLS, CACertPath, CACertFile,
ServerCertFile, ServerKeyFile, ClientCertFile, ClientKeyFile, and
RandFile options, as follows:
# If set, Sendmail enables the TLS feature
UseTLS=True
# CA directory
CACertPath=/etc/mail/certs
# CA file
CACertFile=/etc/mail/certs/cacert.pem
# Server Cert
ServerCertFile=/etc/mail/certs/servername-cert.pem
# Server private key
ServerKeyFile=/etc/mail/certs/servername-key.pem
# Client Cert
ClientCertFile=/etc/mail/certs/servername-cert.pem
# Client private key
ClientKeyFile=/etc/mail/certs/servername-key.pem
# Random data source (required for systems without /dev/urandom under OpenSSL)
RandFile=egd:/dev/random
10. Follow this procedure if Mail Submission Program (MSP) is enabled for Sendmail
8.13.3:
a. To change the directory to /etc/mail/certs, enter the following command:
cd /etc/mail/certs
b. To change the mode to 640 for all the private keys, enter the following
command:
chmod 640 *.pem
c. To change the group for all the private keys, enter the following command:
chgrp smmsp *.pem
d. To update the configuration file of the Sendmail 8.13.3 MTA
(/etc/mail/sendmail.cf) and the configuration file of the MSP
Configuring Sendmail 8.13.3 with TLS and SSL 19