Path: ...!news.misty.com!.POSTED.veps.esmtp.org!not-for-mail
From: Claus =?iso-8859-1?Q?A=DFmann?= <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org>
Newsgroups: comp.mail.sendmail
Subject: Re: OpenSSL 3.4.x supported?
Date: Mon, 6 Jan 2025 11:18:17 -0500 (EST)
Organization: MGT Consulting
Sender: <ml+sendmail(-no-copies-please)@esmtp.org>
Message-ID: <vlgvo9$k4g$1@news.misty.com>
References: <vknu9u$4th9$1@dont-email.me> <vko2nb$99d$1@news.misty.com> <vlfspb$1g6rm$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 6 Jan 2025 16:18:17 -0000 (UTC)
Injection-Info: news.misty.com; posting-host="veps.esmtp.org:155.138.203.148";
	logging-data="20624"; mail-complaints-to="abuse@misty.com"
Mail-Copies-To: never
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: ca@x2.esmtp.org (Claus Assmann)
Bytes: 1948
Lines: 29

AMM  wrote:

> EOPENSSL_CONF=/etc/mail/sendmail.ossl

> In my case this file does not exist.

That's the entire idea - as the release notes entry explains:

> Note: OpenSSL 3 loads by default an openssl.cnf file from a location 
> specified in the library which may cause unwanted behaviour in sendmail. 

> It is not clear what unwanted behaviour can occur if OpenSSL defaults 
> are used?

Check the OpenSSL config file / documentation, e.g., wrt
"security level".

>  Didn't sendmail use OpenSSL defaults, earlier too?

sendmail never explicitly use{s,d} OpenSSL config files.

> Ideally, what setting should be mentioned in /etc/mail/sendmail.ossl?

None.

-- 
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.