[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SendMail Authentication via SASL

To: "Raymond C. Rodgers" <obsd@bbnk.dhs.org>
Subject: Re: SendMail Authentication via SASL
From: Okan Demirmen <odemirmen@khaoz.org>
Date: Thu, 2 Jan 2003 13:57:03 -0500
Cc: misc@openbsd.org
Content-Disposition: inline
References: <5.1.0.14.2.20021227222051.03d43de8@192.168.0.1> <5.1.0.14.2.20030101223445.0320b5c8@192.168.0.1>
User-Agent: Mutt/1.4i

not sure about general opinion, but it is relatively easy to include
yourself..

install cyrus-sasl2 port and add to /etc/mk.conf
.if ${.CURDIR} == ${BSDSRCDIR}/gnu/usr.sbin/sendmail/sendmail
ENVDEF+= -DSASL=2
LDADD+= -lsasl2
CFLAGS+= -I/usr/local/include
LDFLAGS+= -L/usr/local/lib
.endif

that used to work, pre-sendmail-8.12.6, -current is now at 8.12.7 ..not
sure what _might_ break as far as db is concerned...but try it..

okan

ATTR:Raymond C. Rodgers (obsd@bbnk.dhs.org) wrote concerning Re: SendMail Authentication via SASL, on [03.01.02 01:36]:
> Hmm... no comments on this? Theo? Beuller? Anyone?
> At 10:41 PM 12/27/2002, you wrote:
> >Hello everyone,
> > Today I started working on the challenge of getting my SendMail 
> >installation configured to relay through my ISP's SMTP server which 
> >requires authentication. I found tips here and there, and posted a 
> >message to a pair of newsgroups about this, but I came up short.
> >
> > The apparent reason for its failure is that OpenBSD 3.2 by default 
> >apparently doesn't include the SASL library which handles the SendMail 
> >authentication support. I foolishly assumed that since OpenBSD 3.2 
> >(-stable) includes SendMail 8.12.6 that the authentication support (and 
> >all its libraries) would be included by default.
> >
> >So, I made an easy mistake. :-)
> >
> >So, I'd like to ask a few questions on this subject:
> >1. Why wasn't SASL included in OpenBSD 3.2? Did it not pass security 
> >testing or something?
> >2. If it wasn't dropped for security reasons, why was it not included as 
> >part of a compile time configuration option?
> >3. Why doesn't information on configuring SendMail for authentication 
> >support appear in the OpenBSD faqs? Considering that OpenBSD is the secure 
> >BSD, it seems to me that configuring SendMail to be a bit tighter should 
> >be covered as part of the OpenBSD faqs, regardless of whether or not SASL 
> >is included by default.
> >4. Assuming that SASL can pass the OpenBSD team's security screening, how 
> >much interest would there need to be to get it included as part of the 
> >default distribution? (Even if SendMail isn't configured by default to use 
> >it.)
> >
> >All of my questions are null and void if SASL isn't very security 
> >conscious, but I found the whole situation frustrating. Would it be simple 
> >for me to get SendMail's authentication going by installing the SASL port 
> >in the ports tree? Or would I need to do a whole lot of compiling and 
> >reconfiguring? (I've already broken somethings this week by compiling and 
> >installing a newer version of PostgreSQL... I'd rather not break a lot 
> >more... :-) )
> >
> >In any event, my thanks to the OpenBSD team for all the great work.
> >Raymond

References:
- Re: SendMail Authentication via SASL
  - From: "Raymond C. Rodgers" <obsd@bbnk.dhs.org>

Prev by Date: Re: Are the FSF helpful?
Next by Date: Re: Are the FSF helpful?
Prev by thread: Re: SendMail Authentication via SASL
Next by thread: IMPACTE ...
Index(es):
- Date
- Thread