sendmail && SMTP AUTH: question about /etc/mail/auth/client-info file

Matthew Seaman m.seaman at infracaninophile.co.uk
Fri Jan 8 09:29:59 UTC 2010


Matthias Apitz wrote:

> I have read the above page during my configuration but it does not
> explain to me which user must be configured in U: value; Is it me? Or is it
> the userID the sendmail daemon is running as? It works with "U:root",
> but what does this mean exactly?

That's a SASL thing -- it has the concept of differentiating between
authentication ID (who you are (and you can prove it because you have the
password or other security token)) and authorization ID (who you are logging
in as, and whose permissions you can use on the remote server).  According
to /usr/share/sendmail/cf/README:

> The RHS for an AuthInfo: entry in the access map should consists of a
> list of tokens, each of which has the form: "TDstring" (including
> the quotes).  T is a tag which describes the item, D is a delimiter,
> either ':' for simple text or '=' for a base64 encoded string.
> Valid values for the tag are:
> 
>         U       user (authorization) id
>         I       authentication id
>         P       password
>         R       realm
>         M       list of mechanisms delimited by spaces

You don't generally need all of these items.  For the simplest case,
all you'ld need is U:username and P:password -- if you don't give 
I:authid explicitly it assumes it is the same as U:username (and vice
versa, if you give I:authid and not U:username).

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20100108/69042277/signature.pgp


More information about the freebsd-questions mailing list