Internet Express for Tru64 UNIX Version 6.8 Administration Guide (14233)
Table 5-4 Sendmail Tunable Parameters
Default ValueDescriptionParameter
100Minimum file space needed for Sendmail to operateMinFreeBlocks
32768 bytesMaximum size of the header sectionMaxHeaderLength
0Maximum message lengthMaxMessageSize
0/0Maximum length of the MIME headersMaxMimeHeaders
To configure the Sendmail queue performance, follow these steps:
1. Under Mail on the Manage Components menu, choose Sendmail Server/Using Open Source
Configuration Rules.
2. From the Sendmail Server Administration menu, choose Configure Sendmail Server.
3. On the Configure Sendmail Server menu, make sure that Server is selected and click on
Configure.
4. From the Configure Sendmail Server menu, choose Configure Queue Performance.
A form is displayed, showing the current performance values.
5. Modify the timers and other parameters as desired.
6. Click Submit.
5.1.4.11 Configuring Trusted Layer Security
Sendmail includes support for enhanced security: Secure Socket Layer (SSL) and Transport Layer
Security (TLS). SSL and now TLS (successor to SSL) are used to establish a trusted connection.
Sendmail's usage of TLS is not end-to-end encryption. Certificates in X.509 form are used to form
this trusted connection.
To use TLS, sendmail needs a source of random information. This Internet Express release includes
both Tru64 UNIX Version 5.1A and 5.1B sendmail binaries to allow access of the appropriate
random number generators. In version 5.1B, the Sendmail binary uses the native /dev/random
device, while the Tru64 UNIX Version 5.1A operating system version includes support for egd.
egd is a Perl-based persistent daemon that gathers and then sources to Sendmail a flow of
pseudorandom information. This information is used for encryption actions.
In addition to access of random information, the system administrator must have a set of digital
certificates that defines the authority (local or remote), server and client identification. Certificates
follow a hierarchical model, the X.509 Certificate Authority.
Server certificates are used for incoming connections, and client certificates are used for outbound
connections. A single certificate can be shared for both functions.
Certificates contain identity information. Here is an example:
/C=US /ST=New Hampshire /L=Nashua /O=OurCompany.org /CN=OurCompany CA
[additional abbreviated information]
Table 5-5 Certificate Defaults
AbbreviationCerticate Authority
CACertificate Authority (signs
certificates)
Certificate Authority
CIOne that issues certificates (a CA)Certificate Issuer
certThe public part of the key pair
(identity information)
Certificate
keyPrivate part of the key pairKey
5.1 Sendmail Server Administration 117