With default configuration of FC2's Sendmail (8.12.11-4.6), the following appears on maillog when sending mail out to a STARTTLS-capable server: Jun 9 14:52:44 nasu sendmail[12145]: i59BqhBk012145: from=<toniw>, size=297, class=0, nrcpts=1, msgid=<1086782082.7958.23.camel@xxx>, proto=ESMTP, daemon=MTA, relay=nasu [127.0.0.1] Jun 9 14:52:44 nasu sendmail[12147]: STARTTLS=client: file /etc/mail/certs/cert.pem unsafe: No such file or directory Jun 9 14:52:44 nasu sendmail[12147]: STARTTLS=client: file /etc/mail/certs/key.pem unsafe: No such file or directory Jun 9 14:52:44 nasu sendmail[12147]: STARTTLS=client: file /etc/mail/certs/cacert.pem unsafe: No such file or directory Jun 9 14:52:44 nasu sendmail[12147]: STARTTLS=client, error: load verify locs /etc/mail/certs, /etc/mail/certs/cacert.pem failed: 0 Jun 9 14:52:44 nasu sendmail[12147]: STARTTLS=client, relay=the.remote.server.invalid., version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 The directory /etc/mail/certs/ is also missing (and not provided by any package). No idea (at this point) how to fix this. One way would be to disable STARTTLS support for outgoing mail by default. :)
Fixed in rawhide in rpm sendmail-8.13.0-1 or newer.