sendmail (8.13.1-14) * TLS errors: From http://lists.debian.org/debian-security/2003/09/msg00209.html > I cannot get STARTTLS to work with the newest snendmail in unstable. > It *always* complains that the key file is group readable! > Now, before you scream RTFM, I did use GroupReadableKeyFile! please copy "/usr/share/sendmail/examples/starttls.m4 to /etc/mail/tls and execute 'sendmailconfig' after you copied the file over. It's an updated file you have to use by now. You should have read the install message by the sendmail update and the changelog too ;p You have to do the same with SASLv2 m4 if you use SASLv2 sendmail (8.13.1-8) * Make initial install prompt free (by using a sane&safe default): + listen only to 127.0.0.1 + if /etc/mailname extant, use it as the masquerade value + no smarthost (would have to prompt) + Issue msg to run sendmailconfig *later* if desired closes: #112397 #213022 #227464 If the default setup isn't what you'd like, you can run sendmailconfig at any time to change your preferences... * Correct sasl2 instructions - closes: #265976 Here's what you must do to make sasl usable with smtp/smmsp: + chown smmta:smmsp /etc/sasldb2 (problematic if used by others) + dpkg-statoverride --remove /var/run/saslauthd + dpkg-statoverride --add root sasl 711 /var/run/saslauthd Now, anytime a user authenticates with a PLAIN password, SASL will add the password to /etc/sasldb2 (automigrate) and subsequently, the user may use more secure mechanisms.