I have configured sendmail with startssl.
In my case i have not used certificate for client (so i have integrity and privacy but not sure authentication, i.e.identification of peer by certificate
From my log i see:
Code:
sendmail[4122]: STARTTLS=server, relay=[x.x.x.x], version=TLSv1/SSLv3, verify=NO, cipher=AES128-SHA, bits=128/128
sendmail[4122]: h279vxxu023679: from=<user1@domain1.com>, size=3096, class=0, nrcpts=2, msgid=<7A8BA31A-Z111-44AD-ACB0-E6ac56f6C41A@domain.com>, proto=ESMTP, daemon=MTA, relay=[x.x.x.x]
sendmail[4124]: h279vxxu023679: to=<user2@domain2.com>,delay=00:00:09, xdelay=00:00:02, mailer=relay, pri=153096, relay=zzzzzzz [y.y.y.y], dsn=2.0.0, stat=Sent (Ok: queued as .........)
verify=NO show that client certificate is not been presented, ad it is normal becuase i have not configurated it on client.
My doubt is:
STARTTLS=server, relay=[x.x.x.x], version=TLSv1/SSLv3, show that communication is encrypted (as i want)?
Thanks