(Server only)
T The opposite of A (pre-V8.12 only, client only)
y Don??™t permit the use of any mechanism that allows anonymous login. (Server only)
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc. All rights reserved.
194 | Chapter 5: Authentication and Encryption
5.1.4 SASL and Rule Sets
The SMTP AUTH extension, enabled by SASL, allows client machines to relay mail
through the authentication-checking server. This mechanism is especially useful for
roaming users whose laptops seldom have a constant IP number or hostname
assigned.* A special rule set called trust_auth, found inside the sendmail configuration
file, does the actual checking. This rule set decides whether the client??™s authentication
identifier (authid) is trusted to act as (proxy for) the requested authorization
identity (userid). It allows authid to act for userid if bothare recognized, and disallows
that action if the authentication fails.
Another rule set, called Local_trust_auth, is available if you wishto supplement the
basic test provided by trust_auth. Th eLocal_trust_auth rule set can return the
#error delivery agent to disallow proxying, or it can return OK to allow proxying.
Within the Local_trust_auth rule set you can use three new sendmail macros (in
addition to the other normal sendmail macros).
Pages:
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372