To
turn that off and only require the sender to authenticate, use M=A. For example:
DAEMON_OPTIONS(``..., M=A????)
Withth is M=A setting, you can screen individual users for relaying permission using
rule sets, as we demonstrate next. If your server receives mail from the Internet, you
must use M=A instead of M=a.
Table 5-2. AuthOptions character settings
Character Meaning
A Use the AUTH= parameter from the MAIL From: command only when authentication succeeds. This
character can be specified as a workaround for broken mail transfer agents (MTAs) that do not correctly
implement RFC2554. (Client only)
a Provide protection from active (nondictionary) attacks during the authentication exchange. (Server only)
c Allow only selected mechanisms (those that can pass client credentials) to be used with client credentials.
(Server only)
d Don??™t permit use of mechanisms that are susceptible to passive dictionary attacks. (Server only)
f Require forward secrecy between sessions (where breaking one won??™t help to break the next). (Server
only)
m Require the use of mechanisms that support mutual authentication. (Server only) (V8.13 and later)
p Don??™t permit mechanisms to be used if they are susceptible to simple passive attack (that is, disallow use
of PLAIN and LOGIN), unless a security layer is already active (as, for example, provided by STARTTLS).
Pages:
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371