On Tue, Jun 03, 2003 at 07:47:54PM -0400, Scott Hiemstra wrote:
Noah,
I'm no sendmail expert, I prefer qmail myself but with some creative
googling I found this which I believe will answer your question.
http://www.sendmail.org/m4/tweaking_config.html#confAUTH_OPTIONS
That is a good resource (essentially a HTML-ized version of
/usr/share/sendmail/cf/README), but the original poster might find
this chunk out of /usr/share/doc/smm/08.sendmailop/paper.ascii.gz more
useful:
AuthOptions
[no short name] List of options for SMTP
AUTH consisting of single characters with
intervening white space or commas.
A Use the AUTH= parameter for the MAIL FROM
command only when authentication succeeded.
This can be used as a workaround for broken
MTAs that do not implement RFC 2554 correctly.
a protection from active (non-dictionary) attacks
during authentication exchange.
c require mechanisms which pass client credentials,
and allow mechanisms which can pass credentials
to do so.
d don't permit mechanisms susceptible to passive
dictionary attack.
f require forward secrecy between sessions
(breaking one won't help break next).
p don't permit mechanisms susceptible to simple
passive attack (e.g., PLAIN, LOGIN), unless a
security layer is active.
y don't permit mechanisms that allow anonymous login.
The first option applies to sendmail as a
client, the others to a server. Example:
O AuthOptions=p,y
would disallow ANONYMOUS as AUTH mechanism
and would allow PLAIN and LOGIN only if a
security layer (e.g., provided by STARTTLS)
is already active. The options 'a', 'c',
'd', 'f', 'p', and 'y' refer to properties
of the selected SASL mechanisms. Explana-
tions of these properties can be found in
[...]
the Cyrus SASL documentation.
So the OP's sendmail.mc file extract:
define(`confAUTH_OPTIONS', `A p')dnl
is absolutely fine. Either commas or spaces can be used to separate
the options, so he could use the equivalent:
define(`confAUTH_OPTIONS', `A,p')dnl
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgp0.pgp
Description: PGP signature