Sendmail can be configured to encrypt email via the secure socket layer (SSL) when you want to send and receives emails.
1) Open sendmail configuration file /etc/mail/sendmail.mc (although your distribution might keep it elsewhere) using text editor such as vi, emacs, nano with write access:
# vi /etc/mail/sendmail.mc
Now append/modify following directives:
define(`confCACERT_PATH',`/etc/mail/ssl/certs')
-- location to find certificates
define(`confCACERT',`/etc/mail/ssl/ca-bundle.crt')
-- Root Bundle file (Make sure you select your server software as Apache & mod_ssl)
define(`confSERVER_CERT',`/etc/mail/ssl/sendmail.crt')
-- Domain Certificate
define(`confSERVER_KEY',`/etc/mail/ssl/sendmail.key')
And make sure port is set to smtps (secure smtp i.e. port 465):
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
2) Restart sendmail and secure pop3s/imaps (optional, use the following if using POP/IMAP)
Type the following commands to restart sendmail and related services:
# /etc/init.d/sendmail restart
# chkconfig pop3s on
# chkconfig imaps on
# /etc/init.d/xinetd restart
pop3s and imaps will start from xinetd
Please note the following:
* All certificates provided by GlobeSSL are in PEM format.
* .key file needs to have owner read/write permission for the owner, not group.
* define(`confLOG_LEVEL', `14')dnl ## Will help with debugging. Can be commented out or put back to its default level of 9 when done.
