STARTTLS requires that it have some source for randomized data. It uses /dev/urandom on systems that support that device. On systems that don't, you must specify an alternative.

The RandFile option is used to specify an alternative source like this:

O RandFile=where               configuration file (V8.11 and later) 
-ORandFile=where               command line (V8.11 and later) 
define(`confRAND_FILE',`where')    mc configuration (V8.11 and later) 

Here, where is of type string, and specifies the source for the randomized data. That source can be either a Unix-domain socket used by the egd(8) daemon (Section 10.10.1.3), or a file you update with randomized data yourself (Section 10.10.1.5). You tell sendmail which you are using by prefixing where with either a literal egd: or file: expression:

define(`confRAND_FILE',`egd:/var/run/entropy')    socket for the egd daemon 
define(`confRAND_FILE',`file:/etc/randfile')  a file of random data 

See Section 10.10 in Chapter 10 for a full discussion of how this option and those file types fit into the STARTTLS scheme.

The RandFile option is not safe. If specified from the command line, it can cause sendmail to relinquish its special privileges.