From owner-freebsd-isp@FreeBSD.ORG Tue Sep 18 12:12:03 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AEA5416A418 for ; Tue, 18 Sep 2007 12:12:03 +0000 (UTC) (envelope-from invite+o0o4s6zy@facebookmail.com) Received: from vipfallbackmx-out.facebook.com (out019.sctm.tfbnw.net [204.15.20.146]) by mx1.freebsd.org (Postfix) with ESMTP id 9125713C46E for ; Tue, 18 Sep 2007 12:12:03 +0000 (UTC) (envelope-from invite+o0o4s6zy@facebookmail.com) Received: from vipmx-out.facebook.com (intlb01-mip3.sctm.tfbnw.net [10.1.240.8]) by vipfallbackmx-out.facebook.com [hpvipfallback001] (8.13.1/FB.vipfallback-1.0.0) with ESMTP id l8I8xTj0029610 for ; Tue, 18 Sep 2007 01:59:29 -0700 Received: from register.facebook.com (intlb01-mip1.sctm.tfbnw.net [10.1.240.6]) by vipmx-out.facebook.com [vipemail006] (8.13.6/8.13.6) with ESMTP id l8I8xPYd004405 for ; Tue, 18 Sep 2007 01:59:25 -0700 X-Facebook: from zuckmail ([138.25.9.108]) by register.facebook.com with HTTP (ZuckMail); Date: Tue, 18 Sep 2007 01:59:25 -0700 To: freebsd-isp From: Mohammad Salaque Message-ID: <95d6fc1f6a3a2b32bbbb4b505690086e@register.facebook.com> X-Priority: 3 X-Mailer: ZuckMail [version 1.00] X-Facebook-Notify: general_invite Errors-To: invite+o0o4s6zy@facebookmail.com MIME-Version: 1.0 Content-Type: text/plain; charset = "UTF-8" Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: I've added you as a friend on Facebook... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Mohammad Salaque List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Sep 2007 12:12:03 -0000 I've requested to add you as a friend on Facebook. You can use Facebook to see the profiles of the people around you, share photos, and connect with friends. Thanks, Mohammad Here's the link: http://www.facebook.com/p.php?i=585352856&k=55FXPWT3V2TBWG1AVKW3&r&v=2 ___________________ This e-mail may contain promotional materials. If you do not wish to receive future commercial mailings from Facebook, please click on the link below. Facebook's offices are located at 156 University Ave., Palo Alto, CA 94301. http://www.facebook.com/o.php?u=585417980&k=435fbd From owner-freebsd-isp@FreeBSD.ORG Sat Sep 22 17:59:09 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 91FB416A418 for ; Sat, 22 Sep 2007 17:59:09 +0000 (UTC) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (bewilderbeast.blackhelicopters.org [198.22.63.8]) by mx1.freebsd.org (Postfix) with ESMTP id 51E2B13C467 for ; Sat, 22 Sep 2007 17:59:09 +0000 (UTC) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: from bewilderbeast.blackhelicopters.org (localhost [127.0.0.1]) by bewilderbeast.blackhelicopters.org (8.14.1/8.13.8) with ESMTP id l8MHiPfO037561 for ; Sat, 22 Sep 2007 13:44:26 -0400 (EDT) (envelope-from mwlucas@bewilderbeast.blackhelicopters.org) Received: (from mwlucas@localhost) by bewilderbeast.blackhelicopters.org (8.14.1/8.13.8/Submit) id l8MHiPvM037560 for freebsd-isp@freebsd.org; Sat, 22 Sep 2007 13:44:25 -0400 (EDT) (envelope-from mwlucas) Date: Sat, 22 Sep 2007 13:44:25 -0400 From: "Michael W. Lucas" To: freebsd-isp@freebsd.org Message-ID: <20070922174425.GA37518@bewilderbeast.blackhelicopters.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.2i X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (bewilderbeast.blackhelicopters.org [127.0.0.1]); Sat, 22 Sep 2007 13:44:26 -0400 (EDT) Subject: SMTP AUTH over SSL only? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Sep 2007 17:59:09 -0000 Hi folks, I have a FreeBSD 7.0 server where I'd like to authenticate against /etc/master.passwd when using SMTP AUTH and Sendmail. This means using LOGIN, which can use either plain text or SSL-tunneled connections. I'd like to allow SMTP AUTH only over SSL, and disallow it over unencrypted connections. Any suggestions on this? Surely there's just some switch I'm missing? The archives and search engines are full of people trying to get SSL working, not people trying to turn off non-SSL connections. Here's the relevant snippets of sendmail.mc I'm using. TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`CERT_DIR', `/usr/local/etc/certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/hostname.pem')dnl define(`confSERVER_CERT', `CERT_DIR/hostname.pem')dnl define(`confSERVER_KEY', `CERT_DIR/hostname-key.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/hostname.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/hostname-key.pem')dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl Any suggestions greatly appreciated! Thanks, ==ml -- Michael W. Lucas mwlucas@BlackHelicopters.org, mwlucas@FreeBSD.org http://www.BlackHelicopters.org/~mwlucas/ Coming Soon: "Absolute FreeBSD" -- http://www.AbsoluteFreeBSD.com On 5/4/2007, the TSA kept 3 pairs of my soiled undies "for security reasons." From owner-freebsd-isp@FreeBSD.ORG Sat Sep 22 18:26:57 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B662F16A418 for ; Sat, 22 Sep 2007 18:26:57 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 1512D13C469 for ; Sat, 22 Sep 2007 18:26:56 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.14.1/8.14.1) with ESMTP id l8MIQiQW012597; Sat, 22 Sep 2007 19:26:45 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Message-ID: <46F55E64.8080604@infracaninophile.co.uk> Date: Sat, 22 Sep 2007 19:26:44 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.6 (X11/20070803) MIME-Version: 1.0 To: "Michael W. Lucas" References: <20070922174425.GA37518@bewilderbeast.blackhelicopters.org> In-Reply-To: <20070922174425.GA37518@bewilderbeast.blackhelicopters.org> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (smtp.infracaninophile.co.uk [IPv6:::1]); Sat, 22 Sep 2007 19:26:45 +0100 (BST) X-Virus-Scanned: ClamAV 0.91.2/4360/Sat Sep 22 18:53:02 2007 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.8 required=5.0 tests=AWL,BAYES_00,NO_RELAYS autolearn=ham version=3.2.3 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-isp@freebsd.org Subject: Re: SMTP AUTH over SSL only? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Sep 2007 18:26:57 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Michael W. Lucas wrote: > Hi folks, > > I have a FreeBSD 7.0 server where I'd like to authenticate against > /etc/master.passwd when using SMTP AUTH and Sendmail. This means > using LOGIN, which can use either plain text or SSL-tunneled > connections. I'd like to allow SMTP AUTH only over SSL, and disallow > it over unencrypted connections. Any suggestions on this? Surely > there's just some switch I'm missing? The archives and search engines > are full of people trying to get SSL working, not people trying to > turn off non-SSL connections. > > Here's the relevant snippets of sendmail.mc I'm using. > > TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl > define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl > define(`CERT_DIR', `/usr/local/etc/certs')dnl > define(`confCACERT_PATH', `CERT_DIR')dnl > define(`confCACERT', `CERT_DIR/hostname.pem')dnl > define(`confSERVER_CERT', `CERT_DIR/hostname.pem')dnl > define(`confSERVER_KEY', `CERT_DIR/hostname-key.pem')dnl > define(`confCLIENT_CERT', `CERT_DIR/hostname.pem')dnl > define(`confCLIENT_KEY', `CERT_DIR/hostname-key.pem')dnl > DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl > DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl > > Any suggestions greatly appreciated! Add this to your /etc/mail/`hostname`.mc: define(`confAUTH_OPTIONS', `p,y')dnl See /usr/share/doc/smm/08.sendmailop/paper.ascii.gz for details - -- search for the section on AuthOptions.. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG9V5k8Mjk52CukIwRCJzNAJ9t/LFlY9x+NCpBJMoSk2FcDwXgbQCdERcm SlUoyTu7YKZCn3L8gl/LorI= =6ZUO -----END PGP SIGNATURE-----