AW: Re: SASL2, sendmail, pam, auth failed

Alex dermannda at web.de
Fri Jul 14 11:01:54 EDT 2006


Am 2006-07-14 14:28, Alexander Dalloz schrieb:
> Eric Ewanco schrieb:
> 
> > Alex wrote:
> >
> >> dnl  p-PLAIN/LOGIN nur dann anbieten, wenn SSL/TLS aktiv ist
> >> dnl  y- anonymous-login verbieten
> >> define(`confAUTH_OPTIONS', `A y')dnl
> >>   
> >
> > Try a lowercase a.
> >
> If I may ask: why (how should that help out)?
> 
> Alexander
> 
> 

i don't think it'll help me. here is what Craig Hunt in Sendmail
Cookbook writes

"A -Use the AUTH= parameter only when successfully authenticated. 
a -Request optional protection against active attacks during the
authentication exchange 

The A option controls when the AUTH= parameter is added to the envelope
sender information on the SMTP Mail From: command line. 
The a option increases the checks SASL performs to detect active
authentication attacks. SASL is used in a variety of situations. In some
applications, higher security is worth the cost in increased processing
and authentication delays. Normally, that is not the case for email.
Mail hosts are authenticating to prevent spammers from relaying through
your server. Spammers do not spend the time and money to launch active
authentication attacks against servers that use strong authentication. 
"

anyway thanks for the help. other ideeas?

Alex




More information about the Cyrus-sasl mailing list