Date: Fri, 29 Oct 2010 16:11:59 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Christopher Illies <Christopher.Illies@ki.se> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, Vincent Hoffman <vince@unsane.co.uk> Subject: Re: Sendmail as client via smarthost and ssl Message-ID: <4CCAE43F.5050607@infracaninophile.co.uk> In-Reply-To: <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C74@KIMSXCLU01.user.ki.se> References: <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C70@KIMSXCLU01.user.ki.se> <4CC98291.8000609@bah.homeip.net> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C71@KIMSXCLU01.user.ki.se> <4CC9E9A9.2090105@unsane.co.uk> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C73@KIMSXCLU01.user.ki.se>, <4CCABB82.9080504@unsane.co.uk> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C74@KIMSXCLU01.user.ki.se>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigF659D33D7415F0ECDB73A2D6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 29/10/2010 14:49, Christopher Illies wrote:
> Although I have no idea what GSSAPI and NTLM are, I remembered that I h=
ave
> seen these abbreviations before: NTLM is an OPTION for cyrus-sasl2, and=
yes,
> it is compiled in (WITH_NTLM=3Dtrue). And GSSAPI appeared first in the =
mc file:
GSSAPI is the "Generic Security Services Application Program Interface"
and NTLM is "NT Lan Manager" -- they are both authentication systems
popular amongst various generations of Microsoft OSes. GSSAPI is
actually based on that old Unix stalwart: Kerberos, and hence is also
fairly popular amongst non-Microsoft types. They are some of the
authentication mechanisms that come as standard with SASL implementations=
=2E
Unless you know that you do need them, you almost certainly don't. You
can turn off support for those mechanisms at the point of compiling
cyrus-sasl2, or you can take them out of the configuration for the
various SASL consumers if you want. They are pretty much harmless
though, so just doing nothing is also a viable option[*].
Cheers,
Matthew
[*] I have run into situations where not compiling them into various
software made everything run much more smoothly: however, those were
exceptional circumstances, and probably a temporary artefact of the
particular software versions. Your mileage will probably vary.
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matthew@infracaninophile.co.uk Kent, CT11 9PW
--------------enigF659D33D7415F0ECDB73A2D6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkzK5EQACgkQ8Mjk52CukIyhrgCgj93aUj/jILLXP8UPFKEF8hAO
opcAnjCEuZvL9gdNXTmDdw7TSfD9mc1z
=LSqK
-----END PGP SIGNATURE-----
--------------enigF659D33D7415F0ECDB73A2D6--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CCAE43F.5050607>