Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Re: Why not just change sendmail?' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Re: Why not just change sendmail?
Authored by: saint.duo on May 05, '02 08:08:30PM

As an exercise in curiosity (and me wanting to learn more), what is the security flaw that is opened up when changing this value in sendmail?
If the sendmail server is configured to only allow certain clients (IPs) relay permissions, and require others to authenticate to use it if they're not in the IP list, what can happen?
If you wish to email me off list to discuss this, feel free to.



[ Reply to This | # ]
Re: Why not just change sendmail?
Authored by: vonleigh on May 05, '02 08:46:11PM

Hello,

Have you really gotten authentication installed under OS X? I was looking through the web to see what was involved in getting SMTP authentication and it's not a trivial task.

First you need to compile sendmail from source, to do this you need to have also a user created "smmsp". Then you need to get a site.config.m4 (which I have no idea how to create or modify for my needs). Update the config files, add some cronjobs. After all this you have to figure out how the heck to compile Cyrus SASL (which seems to need some compile tweaks to work, hopefully someone on fink will get it working).

So if you did get smtp-auth to work, how about a friendly tutorial ;)


Vonleigh



[ Reply to This | # ]
Re: Why not just change sendmail?
Authored by: saint.duo on May 05, '02 09:11:22PM
Heh, I wish I could get authentication working. That would save me a few headaches. I just know that it is possible. Right now, I'm using IP addresses to restrict usage.

[ Reply to This | # ]