Date: Sat, 22 Sep 2007 13:44:25 -0400 From: "Michael W. Lucas" <mwlucas@blackhelicopters.org> To: freebsd-isp@freebsd.org Subject: SMTP AUTH over SSL only? Message-ID: <20070922174425.GA37518@bewilderbeast.blackhelicopters.org>
next in thread | raw e-mail | index | archive | help
Hi folks, I have a FreeBSD 7.0 server where I'd like to authenticate against /etc/master.passwd when using SMTP AUTH and Sendmail. This means using LOGIN, which can use either plain text or SSL-tunneled connections. I'd like to allow SMTP AUTH only over SSL, and disallow it over unencrypted connections. Any suggestions on this? Surely there's just some switch I'm missing? The archives and search engines are full of people trying to get SSL working, not people trying to turn off non-SSL connections. Here's the relevant snippets of sendmail.mc I'm using. TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`CERT_DIR', `/usr/local/etc/certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/hostname.pem')dnl define(`confSERVER_CERT', `CERT_DIR/hostname.pem')dnl define(`confSERVER_KEY', `CERT_DIR/hostname-key.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/hostname.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/hostname-key.pem')dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl Any suggestions greatly appreciated! Thanks, ==ml -- Michael W. Lucas mwlucas@BlackHelicopters.org, mwlucas@FreeBSD.org http://www.BlackHelicopters.org/~mwlucas/ Coming Soon: "Absolute FreeBSD" -- http://www.AbsoluteFreeBSD.com On 5/4/2007, the TSA kept 3 pairs of my soiled undies "for security reasons."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070922174425.GA37518>