Knowledgebase
Certificate Installation: Sendmail (MTA)
Sendmail can be configured to encrypt email via the secure socket layer (SSL) when you want to send and receives emails.

1) Open sendmail configuration file /etc/mail/sendmail.mc (although your distribution might keep it elsewhere) using text editor such as vi, emacs, nano with write access:

# vi /etc/mail/sendmail.mc
Now append/modify following directives:
define(`confCACERT_PATH',`/etc/mail/ssl/certs')
     -- location to find certificates
define(`confCACERT',`/etc/mail/ssl/ca-bundle.crt')
      -- Root Bundle file (Make sure you select your server software as Apache & mod_ssl)
define(`confSERVER_CERT',`/etc/mail/ssl/sendmail.crt')
      -- Domain Certificate
define(`confSERVER_KEY',`/etc/mail/ssl/sendmail.key')

And make sure port is set to smtps (secure smtp i.e. port 465):
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

2) Restart sendmail and secure pop3s/imaps (optional, use the following if using POP/IMAP)
Type the following commands to restart sendmail and related services:
# /etc/init.d/sendmail restart
# chkconfig pop3s on
# chkconfig imaps on
# /etc/init.d/xinetd restart

pop3s and imaps will start from xinetd

Please note the following:
* All certificates provided by Comodo are in PEM format.
* .key file needs to have owner read/write permission for the owner, not group.
* define(`confLOG_LEVEL', `14')dnl ## Will help with debugging. Can be commented out or put back to its default level of 9 when done.


(1735 vote(s))
Helpful
Not helpful

Comments (0)