• sendmail snapshot 8.19.0.2 is available

    From Claus =?iso-8859-1?Q?A=DFmann?=@INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org to comp.mail.sendmail on Sun Jun 28 01:42:30 2026
    From Newsgroup: comp.mail.sendmail

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    sendmail snapshot 8.19.0.2 is available for testing. It has two new
    FFRs: _FFR_EKU_NOCLIENTAUTH: override cert restrictions and _FFR_KEX:
    log key-exchange algorithm (TLS) and also a new option: TLSEC.

    SHA256 (sendmail.8.19.0.2.tar.gz) = f3f2456be0534dec17096a4d94cf6b5487d79f21ab90ef0ce734c2c56ba6a312
    SHA256 (sendmail.8.19.0.2.tar.gz.sig) = 9f98666d9e13e27a94719838f746cd5684fd459fbca08181f47512de2c82658d

    Available at:
    https://ftp.sendmail.org/snapshots/sendmail.8.19.0.2.tar.gz https://ftp.sendmail.org/snapshots/sendmail.8.19.0.2.tar.gz.sig
    -----BEGIN PGP SIGNATURE-----

    iQIcBAEBAgAGBQJqQCWjAAoJEMApzDDVddAnfrEQAIcRKBKUzfoQ5lic8ENX0hW4 D71o26+/iqa00zE18YJApWIf7cntSBdQzBhA8XOUFXRrg94vBxuCz4fB5NfrQusT U3itWOIvBmevEG3YNri7IaMkeVwhJ2wtZ+n92iuvMQcxGPnp+yEqQj/1y7w1RuL4 4O9I4L+mnJvy2vfmXZkTQ+Ul9XaQfOmY7lmI3Rt2BiWX4x8QeVXHcVBaaull76Ek gWxH/cOnOkuxD+Fq1UcCmjy2J+dtVrStcTy2x2NtML8unw/KummqrDkafJ7zfB2r 9hrsKxltYX5i/RoknTnJud8hmXKFBoL88V7sraA38Siy/olK11ktBuRWfzxCHNcl rhix4IJTdi826YeSXE5yWqS0Q/CUwFwP3Ski6+lkJTRpaLAGJcPlW/6oFI6t/Yqy 046/bnJmzTO05a5GyH/BTepEXgteNq8tJiYvmAO4wdo9C9hIxD0KoILn6zUFdL3V 2KxqkHjdFCu7urNHcgyhqQ/RKZwI8GqWU8diub7HcRtUyqktDyf/iuB0YFGyg+SN G+7Lsj5s8PJ2+dxmZyei85ZJsYDyfntnBC27gb9brclfDVLpUzRmG5xTvahswlWg 3TO4/2w6tcTKsmnJWu+f2BgKLcvZKWZpiQ5V2GyIw/GSso0BxcJiUsRluaLIMB/J W58jxqfRKbjHESal2d8I
    =2+9l
    -----END PGP SIGNATURE-----
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From kalevi@kalevi@kolttonen.fi (Kalevi Kolttonen) to comp.mail.sendmail on Wed Jul 1 17:54:57 2026
    From Newsgroup: comp.mail.sendmail

    Claus A|fmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> wrote:
    sendmail snapshot 8.19.0.2 is available for testing. It has two new
    FFRs: _FFR_EKU_NOCLIENTAUTH: override cert restrictions and _FFR_KEX:
    log key-exchange algorithm (TLS) and also a new option: TLSEC.

    I used Fedora Linux 44 RPM sendmail.spec with modifications:

    1) Removed applying all patches since they were for 8.18.2.
    Since the switch to ISO C function definitions, none of
    the Red Hat patches apply any more.

    2) Added -D_FFR_EKU_NOCLIENTAUTH and -D_FFR_KEX


    ~ $ rpm -qi gcc|head -3
    Name : gcc
    Version : 16.1.1
    Release : 2.fc44


    Sendmail 8.19.0.2 compiles with some warnings, most of
    them being deprecations of certain functions since OpenSSL
    3.0. However, these might be worth checking:

    In function rCysm_strlcpyrCO,
    inlined from rCysm_errstringrCO at err.c:1238:9:
    ../libsm/strl.c:70:28: warning: rCystrlenrCO reading 1 or more bytes from a region of size 0 [-Wstringop-overread]
    70 | return i + strlen(src + i);
    | ^
    In function rCysm_strlcpyrCO,
    inlined from rCysafedirpathrCO at ../libsmutil/safefile.c:556:10: ../libsm/strl.c:70:28: warning: rCystrlenrCO reading 1 or more bytes from a region of size 0 [-Wstringop-overread]
    70 | return i + strlen(src + i);
    | ^

    br,
    KK
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From kalevi@kalevi@kolttonen.fi (Kalevi Kolttonen) to comp.mail.sendmail on Wed Jul 1 19:13:55 2026
    From Newsgroup: comp.mail.sendmail

    Claus A|fmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> wrote:
    sendmail snapshot 8.19.0.2 is available for testing. It has two new
    FFRs: _FFR_EKU_NOCLIENTAUTH: override cert restrictions and _FFR_KEX:
    log key-exchange algorithm (TLS) and also a new option: TLSEC.

    It builds on OmniOS latest stable (Open Solaris descendant based on
    illumos kernel):

    ~/src/3/sendmail-8.19.0.2@omnios $ uname -a
    SunOS omnios 5.11 omnios-r151058-c1eded413b i86pc i386 i86pc

    ~/src/3/sendmail-8.19.0.2@omnios $ gcc --version
    gcc (OmniOS 151058/15.2.0-il-0) 15.2.0
    Copyright (C) 2025 Free Software Foundation, Inc.
    This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

    ~/src/3/sendmail-8.19.0.2@omnios $ cat devtools/Site/site.config.m4 define(`confMAPDEF', `-DNEWDB -DMAP_REGEX -DSOCKETMAP -DNAMED_BIND=1 -I/opt/ooce/include/ -L/opt/ooce/lib -L/opt/ooce/lib/sasl2 -L/opt/ooce/lib/amd64')dnl
    define(`confINCDIRS', `-I/opt/ooce/include/')dnl APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -D_FFR_TLS_1 -DTLS_EC -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE -DDANE -D_FFR_EKU_NOCLIENTAUTH -D_FFR_KEX -DHASUNSETENV')dnl
    APPENDDEF(`confLIBDIRS', `-L/opt/ooce/lib/amd64 -R/opt/ooce/lib/amd64')dnl APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto -ldb -lsasl2')dnl APPENDDEF(`confENVDEF', `-DSASL=2 -I/opt/ooce/include/')dnl APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')dnl

    ~/src/3/sendmail-8.19.0.2@omnios $ obj.SunOS.5.11.i86pc/sendmail/sendmail -bt -d0.1</dev/null
    Version 8.19.0.2
    Compiled with: DANE HAVE_SSL_CTX_dane_enable MAX_TLSA_RR=64 DNSMAP
    IPV6_FULL LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
    NAMED_BIND NETINET NETINET6 NETUNIX NEWDB=5.3 PIPELINING SASLv2
    SCANF SOCKETMAP STARTTLS MTA_HAVE_TLSv1_3 TLS_EC= 1
    TLS_VRFY_PER_CTX USERDB XDEBUG
    /etc/mail/sendmail.cf: line 0: cannot open: No such file or directory
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From kalevi@kalevi@kolttonen.fi (Kalevi Kolttonen) to comp.mail.sendmail on Wed Jul 1 19:22:43 2026
    From Newsgroup: comp.mail.sendmail

    Claus A|fmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> wrote:
    sendmail snapshot 8.19.0.2 is available for testing. It has two new
    FFRs: _FFR_EKU_NOCLIENTAUTH: override cert restrictions and _FFR_KEX:
    log key-exchange algorithm (TLS) and also a new option: TLSEC.

    It builds on FreeBSD 15.1:

    fbsd15:~/c/sendmail-8.19.0.2 $ obj.FreeBSD.15.1-RELEASE.amd64/sendmail/sendmail -bt -d0.1</dev/null
    Version 8.19.0.2
    Compiled with: DANE HAVE_SSL_CTX_dane_enable MAX_TLSA_RR=64 DNSMAP
    IPV6_FULL LDAPMAP LDAP_NETWORK_TIMEOUT SM_CONF_LDAP_INITIALIZE
    SM_CONF_LDAP_MEMFREE LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
    MIME8TO7 NAMED_BIND NETINET NETUNIX NEWDB=5.3 CDB=1 NIS
    PICKY_HELO_CHECK PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
    MTA_HAVE_TLSv1_3 TCPWRAPPERS TLS_EC= 2 TLS_VRFY_PER_CTX USERDB
    USE_LDAP_INIT XDEBUG
    /etc/mail/sendmail.cf: line 91: LDAP map: cannot open secret /etc/mail/ldap-secret: Permission denied

    ============ SYSTEM IDENTITY (after readcf) ============
    (short domain name) $w = fbsd15
    (canonical domain name) $j = fbsd15.local
    (subdomain name) $m = local
    (node name) $k = fbsd15.local ========================================================

    ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
    Enter <ruleset> <address>

    fbsd15:~/c/sendmail-8.19.0.2 $ cc --version
    FreeBSD clang version 19.1.7 (https://github.com/llvm/llvm-project.git llvmorg-19.1.7-0-gcd708029e0b2)
    Target: x86_64-unknown-freebsd15.1
    Thread model: posix
    InstalledDir: /usr/bin
    --- Synchronet 3.22a-Linux NewsLink 1.2
  • From kalevi@kalevi@kolttonen.fi (Kalevi Kolttonen) to comp.mail.sendmail on Thu Jul 2 23:22:24 2026
    From Newsgroup: comp.mail.sendmail

    Kalevi Kolttonen <kalevi@kolttonen.fi> wrote:
    Claus A|fmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> wrote:
    sendmail snapshot 8.19.0.2 is available for testing. It has two new
    FFRs: _FFR_EKU_NOCLIENTAUTH: override cert restrictions and _FFR_KEX:
    log key-exchange algorithm (TLS) and also a new option: TLSEC.

    It builds on OmniOS latest stable (Open Solaris descendant based on
    illumos kernel):

    It has been running flawlessly since I installed it and
    imported it under SMF control.

    br,
    KK
    --- Synchronet 3.22a-Linux NewsLink 1.2