1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-10-30 21:49:25 +00:00
freebsd-ports/security/cyrus-sasl/files/Sendmail.README
Steve Price 2fca6090bb Update Sendmail.README with instructions on how to enable the
GroupReadableSASLFile option for DONT_BLAME_SENDMAIL.

PR:		23149
Submitted by:	maintainer
2000-12-11 02:33:58 +00:00

42 lines
1.5 KiB
Plaintext

How to enable SMTP AUTH with FreeBSD default Sendmail 8.11
1) Add the following to /etc/make.conf:
# Add SMTP AUTH support to Sendmail
SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL
SENDMAIL_LDFLAGS+= -L/usr/local/lib
SENDMAIL_LDADD+= -lsasl
2) Rebuild FreeBSD (make buildworld, ...)
3) Create /usr/local/lib/sasl/Sendmail.conf with the following.
pwcheck_method: pwcheck
4) Add the following to your sendmail.mc file:
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
define(`confRUN_AS_USER',`root:mail')dnl
----
Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4.
These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space
seperated list. You may want to restrict LOGIN, and PLAIN authentication
methods for use with STARTTLS, as the password is not encrypted when
passed to sendmail.
LOGIN is required for Outlook Express users. "My server requires
authentication" needs to be checked in the accounts properties to
use SASL Authentication.
PLAIN is required for Netscape Communicator users. By default Netscape
Communicator will use SASL Authentication when sendmail is compiled with
SASL.
The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you
are using cyrus-imapd and sendmail on the same server that requires access
to the sasldb database.