Date: Fri, 08 Jan 2010 09:29:46 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Matthias Apitz <guru@unixarea.de> Cc: Glyn Millington <glyn@millingtons.org>, freebsd-questions@freebsd.org Subject: Re: sendmail && SMTP AUTH: question about /etc/mail/auth/client-info file Message-ID: <4B46FB0A.20005@infracaninophile.co.uk> In-Reply-To: <20100108090256.GA1998@current.Sisis.de> References: <20100107155451.GA26295@current.Sisis.de> <19270.54320.163083.261490@millingtons.org> <20100108090256.GA1998@current.Sisis.de>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig0726AF7C96F1CD090E6CBB46
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Matthias Apitz wrote:
> I have read the above page during my configuration but it does not
> explain to me which user must be configured in U: value; Is it me? Or i=
s it
> the userID the sendmail daemon is running as? It works with "U:root",
> but what does this mean exactly?
That's a SASL thing -- it has the concept of differentiating between
authentication ID (who you are (and you can prove it because you have the=
password or other security token)) and authorization ID (who you are logg=
ing
in as, and whose permissions you can use on the remote server). Accordin=
g
to /usr/share/sendmail/cf/README:
> The RHS for an AuthInfo: entry in the access map should consists of a
> list of tokens, each of which has the form: "TDstring" (including
> the quotes). T is a tag which describes the item, D is a delimiter,
> either ':' for simple text or '=3D' for a base64 encoded string.
> Valid values for the tag are:
>=20
> U user (authorization) id
> I authentication id
> P password
> R realm
> M list of mechanisms delimited by spaces
You don't generally need all of these items. For the simplest case,
all you'ld need is U:username and P:password -- if you don't give=20
I:authid explicitly it assumes it is the same as U:username (and vice
versa, if you give I:authid and not U:username).
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
--------------enig0726AF7C96F1CD090E6CBB46
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEAREIAAYFAktG+xEACgkQ8Mjk52CukIznbQCfVuBEEIurvOgP0FfACl6BBGY0
q3EAnipHUt1tAedOjIcDbh/ngyQqitET
=pLRz
-----END PGP SIGNATURE-----
--------------enig0726AF7C96F1CD090E6CBB46--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B46FB0A.20005>