Beginning with V8.12 sendmail, if you do not want to use the RSA algorithms with STARTTLS (Section 10.10), you can turn off those algorithms by specifying this TLS_NO_RSA compile-time macro:

APPENDDEF(`conf_sendmail_ENVDEF', `-DTLS_NO_RSA=1')

One good reason to do this would be if using RSA encryption is illegal in your country.

If you are running a precompiled sendmail binary, you can use the -d0.1 debugging command-line switch (-d0.1) to determine if TLS_NO_RSA support is included (if it appears in the list, support is included).