authenticated bits=0

Alexey Melnikov alexey.melnikov at isode.com
Fri Sep 16 20:00:22 EDT 2005


Forrest Aldrich wrote:

> I'm using Sendmail-8.13.4, and recently enabled SMTP-AUTH.
>
> What is "authenticated bits=0" referring to?   The "bits" field in TLS 
> refers to the keysize, I believe.

For SASL:
bits=0 - no confidentiality or integrity protection
bits=1 - integrity protection
bits>1 - keysize for the cipher used for confidentiality protection.

> First, the headers I'm seeing are:
>
>     Received: from [192.168.1.99] ([192.168.1.99])
>     (authenticated bits=0)
>     by forrie.com (8.13.4/8.13.4) with ESMTP id j8GI3HbH011192
>     (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
>
>The second portion is TLS.
>
>Corresponding syslog:
>  
>
>     Sep 16 13:53:21 forrie sm-mta[79497]: AUTH=server,
>     relay=[192.168.1.99],
>     authid=forrie at forrie.com, mech=CRAM-MD5, bits=0
>
>Sendmail, as I understand, allows relaying based on successful AUTH,
>ie: you don't need special rules beyond that really.
>
>Some providers (Sympatico?) have in their SMTP headers 
>"Authenticated-User: username at domain.com" - (and this
>is not SASL-specific).  I would like to place that in my Sendmail headers.
>
>So basically, I'm tracing all steps to ensure I have this configured
>and running properly.
>  
>




More information about the Cyrus-sasl mailing list