DefaultAuthInfo

Previous page
Table of content
Next page
DefaultAuthInfo
Source of AUTH information Deprecated

When sendmail is compiled with SASL (SASL) defined, authenticated connections can be supported. When negotiating an authenticated connection certain information is required, specifically and in this order:

  • The user id is the identifier sendmail uses to check allowable permissions. In general this should never be root .

  • The authorization id is the identifier of the user allowed to set up the connection. In general this should never be root .

  • The password is the clear text password used to authorize the mail connection. This should be a password dedicated to this use, not the plain text copy of the user's password.

  • The realm is the administrative zone for authentication. In general this should be your DNS domain. If no realm is specified (this item is blank), sendmail will substitute the value of the $j macro ($j).

  • The mechanism is the preferred mechanism for connection authentication. This should match one of the mechanisms listed in the AuthMechanisms option (AuthMechanisms).

This information can be stored either in a file where the items are listed one per line in the order shown, or in a program that is run and that prints these items to its standard output, one per line in the order shown. A program is a path specification prefixed with a vertical bar character. A file is a path specification not prefixed. The DefaultAuthInfo option is declared like this: 

 O DefaultAuthInfo=  path    configuration file (V8.10 and later)  -ODefaultAuthInfo=  path    command line (V8.10 and later)  define(`confDEF_AUTH_INFO',`  path')    mc configuration (V8.10 and later)

The file or program specified by path must live in a secure directory (that is, one in which every component is writable only by root or the trusted user specified in the TrustedUser option), and must be readable or executable only by root or the user listed in the TrustedUser option (TrustedUser). This option is not declared in the default configuration file generated by the mc configuration technique. The recommended path for the file form is /etc/mail/default-auth- info . No programs currently exist which can provide the information that is currently provided by the file.

Note that this DefaultAuthInfo option was introduced in V8.10 and declared deprecated in V8.12. Its functionality has been replaced by the access database (Section 10.9.3) and the authinfo feature (FEATURE(authinfo)).

The DefaultAuthInfo option is not safe. If specified from the command line, it can cause sendmail to relinquish its special privileges.


Previous page
Table of content
Next page
Sendmail
sendmail, 4th Edition
ISBN: 0596510292
EAN: 2147483647
Year: 2002
Pages: 1174
Authors: Bryan Costales, Claus Assmann, George Jansen, Gregory Neil Shapiro
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Metrics and Models in Software Quality Engineering (2nd Edition)
Managing Enterprise Systems with the Windows Script Host
GO! with Microsoft Office 2003 Brief (2nd Edition)
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
.NET-A Complete Development Cycle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy