aboutsummaryrefslogtreecommitdiffstats
path: root/security/cyrus-sasl
diff options
context:
space:
mode:
authorsteve <steve@FreeBSD.org>2000-12-11 10:33:58 +0800
committersteve <steve@FreeBSD.org>2000-12-11 10:33:58 +0800
commitdbeb6f81c4b9e6d7f98d3164f5835f1425c57c89 (patch)
treec90f713a7043bf53d2560098fbce9b8b479effc9 /security/cyrus-sasl
parente12f6092639546cfe51b498080c93c25b1d69bf6 (diff)
downloadfreebsd-ports-gnome-dbeb6f81c4b9e6d7f98d3164f5835f1425c57c89.tar.gz
freebsd-ports-gnome-dbeb6f81c4b9e6d7f98d3164f5835f1425c57c89.tar.zst
freebsd-ports-gnome-dbeb6f81c4b9e6d7f98d3164f5835f1425c57c89.zip
Update Sendmail.README with instructions on how to enable the
GroupReadableSASLFile option for DONT_BLAME_SENDMAIL. PR: 23149 Submitted by: maintainer
Diffstat (limited to 'security/cyrus-sasl')
-rw-r--r--security/cyrus-sasl/files/Sendmail.README34
1 files changed, 30 insertions, 4 deletions
diff --git a/security/cyrus-sasl/files/Sendmail.README b/security/cyrus-sasl/files/Sendmail.README
index e4ee641ca069..a7dd2267c39d 100644
--- a/security/cyrus-sasl/files/Sendmail.README
+++ b/security/cyrus-sasl/files/Sendmail.README
@@ -2,10 +2,10 @@ How to enable SMTP AUTH with FreeBSD default Sendmail 8.11
1) Add the following to /etc/make.conf:
-# Add SMTP AUTH support to Sendmail
-SENDMAIL_CFLAGS+= -DSASL -I/usr/local/include/sasl
-SENDMAIL_LDFLAGS+= -L/usr/local/lib
-SENDMAIL_LDADD+= -lsasl
+ # Add SMTP AUTH support to Sendmail
+ SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL
+ SENDMAIL_LDFLAGS+= -L/usr/local/lib
+ SENDMAIL_LDADD+= -lsasl
2) Rebuild FreeBSD (make buildworld, ...)
@@ -13,3 +13,29 @@ SENDMAIL_LDADD+= -lsasl
pwcheck_method: pwcheck
+4) Add the following to your sendmail.mc file:
+
+ TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
+ define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
+ define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
+ define(`confRUN_AS_USER',`root:mail')dnl
+
+ ----
+
+ Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4.
+ These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space
+ seperated list. You may want to restrict LOGIN, and PLAIN authentication
+ methods for use with STARTTLS, as the password is not encrypted when
+ passed to sendmail.
+
+ LOGIN is required for Outlook Express users. "My server requires
+ authentication" needs to be checked in the accounts properties to
+ use SASL Authentication.
+
+ PLAIN is required for Netscape Communicator users. By default Netscape
+ Communicator will use SASL Authentication when sendmail is compiled with
+ SASL.
+
+ The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you
+ are using cyrus-imapd and sendmail on the same server that requires access
+ to the sasldb database.