Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: none <hzcnjkx656@tormails.com>
Newsgroups: comp.mail.sendmail
Subject: Re: key / crt permissions constantly
Date: Mon, 29 Jul 2024 19:58:59 +0200
Organization: A noiseless patient Spider
Lines: 15
Message-ID: <v88l95$jbai$1@dont-email.me>
References: <v87se5$eupk$1@dont-email.me> <v880rs$flti$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Mon, 29 Jul 2024 19:59:01 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="2f17a179b740586db49985d307eccd90";
	logging-data="634194"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/SK/TSWbdq0SvRL8xM/toJyoQRaT26YonItZkSr/S9CQ=="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:6KS5xancB1cC3z0R8Y6YZcrLlIA=
Content-Language: en-GB
In-Reply-To: <v880rs$flti$1@dont-email.me>
Bytes: 1617

:
> 
>> I don't really get why I am confronted with sendmail thinking it
>> knows better how I should put permissions on my key and crt files.
> 
> Sometimes users have default permissions of o+r, which means other
> users on the system can read the stuff. For key files, this is really,
> really bad, so sendmail warns you.
> 

Currently it is about the cert, which everyone can download remotely.

If it was a warning I would not care, currently it stops using tls/ssl 
(a bit older sendmail instance, still need to update this distro)