SMM:08-98
Sendmail Installation and Operation Guide
a certificate authority or created with the help of OpenSSL. The required format for certificates
and private keys is PEM. To allow for automatic startup of sendmail, private keys
(ServerKeyFile, ClientKeyFile) must be stored unencrypted. The keys are only protected by the
permissions of the file system. Never make a private key available to a third party.
6.6.2. PRNG for STARTTLS
STARTTLS requires a strong pseudo random number generator (PRNG) to operate prop-
erly. Depending on the TLS library you use, it may be required to explicitly initialize the PRNG
with random data. OpenSSL makes use of /dev/urandom(4) if available (this corresponds to
the compile flag HASURANDOMDEV). On systems which lack this support, a random file
must be specified in the sendmail.cf file using the option RandFile. It is strongly advised to use
the "Entropy Gathering Daemon" EGD from Brian Warner on those systems to provide useful
random data. In this case, sendmail must be compiled with the flag EGD, and the RandFile
option must point to the EGD socket. If neither /dev/urandom(4) nor EGD are available, you
have to make sure that useful random data is available all the time in RandFile. If the file hasn't
been modified in the last 10 minutes before it is supposed to be used by sendmail the content is
considered obsolete. One method for generating this file is:
openssl rand -out /etc/mail/randfile -rand /path/to/file:...256
See the OpenSSL documentation for more information. In this case, the PRNG for TLS is only
seeded with other random data if the DontBlameSendmail option InsufficientEntropy is set.
This is most likely not sufficient for certain actions, e.g., generation of (temporary) keys.
Please see the OpenSSL documentation or other sources for further information about cer-
tificates, their creation and their usage, the importance of a good PRNG, and other aspects of
TLS.
6.7. Encoding of STARTTLS and AUTH related Macros
Macros that contain STARTTLS and AUTH related data which comes from outside sources,
e.g., all macros containing information from certificates, are encoded to avoid problems with non-
printable or special characters. The latter are '\', '<', '>', '(', ')', '"', '+', and ' '. All of these char-
acters are replaced by their value in hexadecimal with a leading '+'. For example:
/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/
Email=darth+cert@endmail.org
is encoded as:
/C=US/ST=California/O=endmail.org/OU=private/
CN=Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
(line breaks have been inserted for readability). The macros which are subject to this encoding are
{cert_subject}, {cert_issuer}, {cn_subject}, {cn_issuer}, as well as {auth_authen} and
{auth_author}.
7. ACKNOWLEDGEMENTS
I've worked on sendmail for many years, and many employers have been remarkably patient
about letting me work on a large project that was not part of my official job. This includes time on the
INGRES Project at the University of California at Berkeley, at Britton Lee, and again on the Mammoth
and Titan Projects at Berkeley.
Much of the second wav e of improvements resulting in version 8.1 should be credited to Bryan
Costales of the International Computer Science Institute. As he passed me drafts of his book on send-
mail I was inspired to start working on things again. Bryan was also available to bounce ideas off of.
Gregory Neil Shapiro of Worcester Polytechnic Institute has become instrumental in all phases of
sendmail support and development, and was largely responsible for getting versions 8.8 and 8.9 out the