aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/cyrus-sasl/files/Sendmail.README34
-rw-r--r--security/cyrus-sasl2/files/Sendmail.README34
2 files changed, 60 insertions, 8 deletions
diff --git a/security/cyrus-sasl/files/Sendmail.README b/security/cyrus-sasl/files/Sendmail.README
index e4ee641ca069..a7dd2267c39d 100644
--- a/security/cyrus-sasl/files/Sendmail.README
+++ b/security/cyrus-sasl/files/Sendmail.README
@@ -2,10 +2,10 @@ How to enable SMTP AUTH with FreeBSD default Sendmail 8.11
1) Add the following to /etc/make.conf:
-# Add SMTP AUTH support to Sendmail
-SENDMAIL_CFLAGS+= -DSASL -I/usr/local/include/sasl
-SENDMAIL_LDFLAGS+= -L/usr/local/lib
-SENDMAIL_LDADD+= -lsasl
+ # Add SMTP AUTH support to Sendmail
+ SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL
+ SENDMAIL_LDFLAGS+= -L/usr/local/lib
+ SENDMAIL_LDADD+= -lsasl
2) Rebuild FreeBSD (make buildworld, ...)
@@ -13,3 +13,29 @@ SENDMAIL_LDADD+= -lsasl
pwcheck_method: pwcheck
+4) Add the following to your sendmail.mc file:
+
+ TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
+ define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
+ define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
+ define(`confRUN_AS_USER',`root:mail')dnl
+
+ ----
+
+ Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4.
+ These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space
+ seperated list. You may want to restrict LOGIN, and PLAIN authentication
+ methods for use with STARTTLS, as the password is not encrypted when
+ passed to sendmail.
+
+ LOGIN is required for Outlook Express users. "My server requires
+ authentication" needs to be checked in the accounts properties to
+ use SASL Authentication.
+
+ PLAIN is required for Netscape Communicator users. By default Netscape
+ Communicator will use SASL Authentication when sendmail is compiled with
+ SASL.
+
+ The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you
+ are using cyrus-imapd and sendmail on the same server that requires access
+ to the sasldb database.
diff --git a/security/cyrus-sasl2/files/Sendmail.README b/security/cyrus-sasl2/files/Sendmail.README
index e4ee641ca069..a7dd2267c39d 100644
--- a/security/cyrus-sasl2/files/Sendmail.README
+++ b/security/cyrus-sasl2/files/Sendmail.README
@@ -2,10 +2,10 @@ How to enable SMTP AUTH with FreeBSD default Sendmail 8.11
1) Add the following to /etc/make.conf:
-# Add SMTP AUTH support to Sendmail
-SENDMAIL_CFLAGS+= -DSASL -I/usr/local/include/sasl
-SENDMAIL_LDFLAGS+= -L/usr/local/lib
-SENDMAIL_LDADD+= -lsasl
+ # Add SMTP AUTH support to Sendmail
+ SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL
+ SENDMAIL_LDFLAGS+= -L/usr/local/lib
+ SENDMAIL_LDADD+= -lsasl
2) Rebuild FreeBSD (make buildworld, ...)
@@ -13,3 +13,29 @@ SENDMAIL_LDADD+= -lsasl
pwcheck_method: pwcheck
+4) Add the following to your sendmail.mc file:
+
+ TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
+ define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
+ define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
+ define(`confRUN_AS_USER',`root:mail')dnl
+
+ ----
+
+ Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4.
+ These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space
+ seperated list. You may want to restrict LOGIN, and PLAIN authentication
+ methods for use with STARTTLS, as the password is not encrypted when
+ passed to sendmail.
+
+ LOGIN is required for Outlook Express users. "My server requires
+ authentication" needs to be checked in the accounts properties to
+ use SASL Authentication.
+
+ PLAIN is required for Netscape Communicator users. By default Netscape
+ Communicator will use SASL Authentication when sendmail is compiled with
+ SASL.
+
+ The DONT_BLAME_SENDMAIL option GroupReadableSASLFile is needed when you
+ are using cyrus-imapd and sendmail on the same server that requires access
+ to the sasldb database.