Date: Tue, 17 Sep 2002 08:22:22 -0500 From: Greg Panula <greg.panula@dolaninformation.com> To: freebsd-security@freebsd.org Subject: Re: asmtp 587 - quickie faq submission Message-ID: <3D872C8E.C0D318DD@dolaninformation.com> References: <002b01c25930$f4627270$0100a8c0@soap> <3D7F3726.958781C8@dolaninformation.com> <20020911153003.GD19536@lupe-christoph.de> <20020911161018.GE19536@lupe-christoph.de> <008e01c25b58$2a2eb930$11fd2fd8@ADMIN00> <20020915122440.GF23222@lupe-christoph.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Ok, here is the latest&greatest version: FAQ Submission: ASMTP Q: What is ASMTP? A: Authenticated SMTP, as explained in RFC 2554 Q: What is ASMTP good for? A: Allow the SMTP server to authenticate users before allowing them to use the smtp service for sending mail. Useful if you have roaming users that connect from foreign networks (e.g. hotel somewhere). Q: How do I or my users make use of ASMTP? A: The user's email client needs to be configured to authenticate themselves to the smtp server. Earthlink has a FAQ section explaining various email client configurations at http://support.earthlink.net/mu/1/psc/img/walkthroughs/Help_FAQ/7280.psc.html Q: How do I implement ASMTP on my mail server? A: Depends on your MTA. Q: Ok, how about with Postfix? A: For information about configuring ASMTP&Postfix checkout: http://howto.state-of-mind.de/ Q: Ok, how about with Sendmail? A: To implement ASMTP, you must install a sendmail with SASL compiled in. This requires the installation of the cyrus-sasl port. After you have installed cyrus-sasl, documentation for the modification of sendmail can be found in /usr/local/share/doc/cyrus-sasl/Sendmail.README. Starting with Sendmail 8.12, you can also use the security/cyrus-sasl2 port. The documentation for this version ends up in .../doc/cyrus-sasl2. You can then either recompile the system's sendmail as described in /usr/local/share/doc/cyrus-sasl*/Sendmail.README or in /etc/defaults/make.conf (look for SASL) or install the sendmail-sasl port, and replace the default sendmail with the one from that port. Some additional information can be found at: http://www.sendmail.org/~ca/email/auth.html http://www.sendmail.org/~gshapiro/security.pdf FAQ Submission: Sendmail & port 587 Q: Why does Sendmail listen on Port 587? A: For compliance with RFC 2476 which states that separating the different parts of mail handling (submissions&transfers) is a good thing and port 587 was deemed to be the port for handling submissions. Sendmail 8.10.0 introduced DaemonPortOptions to support this. Checkout http://www.sendmail.org/~gshapiro/8.10.Training/DaemonPortOptions.html for some quick info about DaemonPortOptions. Q: How do I turn off the Message Submission Agent aka stop Sendmail from listening on port 587? A: A: Add FEATURE(`no_default_msa') your config.mc config file and recreate your sendmail.cf file. Brief example of recreating your sendmail.cf can be found at: http://www.sendmail.org/m4/intro.html Comments, suggestions, corrections? Thanks, Greg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D872C8E.C0D318DD>