The latest version is available in sendmail.8.18.1.tar.{Z,gz}{,.sig} -- the .Z file is compressed, the .gz file is the same bits gzipped, and the .sig files are the PGP signatures for the bits in either of the first two files. Please note that starting with 8.12.8 the compressed/gzipped files are signed, previously the uncompressed .tar file was signed. Please take ONLY ONE of the .Z or .gz files.
Add-ons for the open source sendmail MTA, including spam and virus filters and policy management tools, are available from Proofpoint, Inc. See http://www.proofpoint.com/ for details.
Older versions are in sendmail.${VER}.tar.{Z,gz,sig}. Except for the latest, these are unsupported by the Sendmail.ORG crew. The status of various interesting ${VER}s is:
Since sendmail 8.11 and later includes hooks to cryptography, the following information from OpenSSL applies to sendmail as well.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.