Date: Fri, 29 Oct 2010 16:11:59 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Christopher Illies <Christopher.Illies@ki.se> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, Vincent Hoffman <vince@unsane.co.uk> Subject: Re: Sendmail as client via smarthost and ssl Message-ID: <4CCAE43F.5050607@infracaninophile.co.uk> In-Reply-To: <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C74@KIMSXCLU01.user.ki.se> References: <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C70@KIMSXCLU01.user.ki.se> <4CC98291.8000609@bah.homeip.net> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C71@KIMSXCLU01.user.ki.se> <4CC9E9A9.2090105@unsane.co.uk> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C73@KIMSXCLU01.user.ki.se>, <4CCABB82.9080504@unsane.co.uk> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C74@KIMSXCLU01.user.ki.se>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigF659D33D7415F0ECDB73A2D6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 29/10/2010 14:49, Christopher Illies wrote: > Although I have no idea what GSSAPI and NTLM are, I remembered that I h= ave > seen these abbreviations before: NTLM is an OPTION for cyrus-sasl2, and= yes, > it is compiled in (WITH_NTLM=3Dtrue). And GSSAPI appeared first in the = mc file: GSSAPI is the "Generic Security Services Application Program Interface" and NTLM is "NT Lan Manager" -- they are both authentication systems popular amongst various generations of Microsoft OSes. GSSAPI is actually based on that old Unix stalwart: Kerberos, and hence is also fairly popular amongst non-Microsoft types. They are some of the authentication mechanisms that come as standard with SASL implementations= =2E Unless you know that you do need them, you almost certainly don't. You can turn off support for those mechanisms at the point of compiling cyrus-sasl2, or you can take them out of the configuration for the various SASL consumers if you want. They are pretty much harmless though, so just doing nothing is also a viable option[*]. Cheers, Matthew [*] I have run into situations where not compiling them into various software made everything run much more smoothly: however, those were exceptional circumstances, and probably a temporary artefact of the particular software versions. Your mileage will probably vary. --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enigF659D33D7415F0ECDB73A2D6 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzK5EQACgkQ8Mjk52CukIyhrgCgj93aUj/jILLXP8UPFKEF8hAO opcAnjCEuZvL9gdNXTmDdw7TSfD9mc1z =LSqK -----END PGP SIGNATURE----- --------------enigF659D33D7415F0ECDB73A2D6--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CCAE43F.5050607>