|
| PORTAIL | ANNUAIRE | ARTICLES | COMPARATEUR HÉBERGEURS | DEVIS | FORUMS | RÉDUCTEUR D'URL |
|
|
|
|
||||||
| comp.mail.sendmail Configuring and using the BSD sendmail agent. |
 |
|
|
LinkBack | Outils de la discussion |
02/09/2007, 08h10
|
#1 |
Messages: n/a
Hébergeur: |
SMTP-AUTH based on group membership
Hi,
Some users are allowed to SSH in based on their group membership. I would like to deny these members plaintext auth and force them to use TLS. TLS_Clt doesn't fit the bill as some users are roadwarriors connecting from unknown hosts. Is this not possible to do with Sendmail? And if not, can someone who understands the source, clarify if this is a non-trivial feature to hack or request the sendmail team for? Regards, Avinash |
|
|
07/09/2007, 17h53
|
#2 |
|
Messages: n/a
Hébergeur: |
smtp-auth based on group membership
I should've sniffed an entire SMTP conversation before.
The username and password are sent together, so the entire purpose of preventing people with SSH access to transmit cleartext passwords is not possible. Most use SSH certificates, well, back to educating the users. - Avinash |
|
|
|
07/09/2007, 23h56
|
#3 |
|
Messages: n/a
Hébergeur: |
Re: SMTP-AUTH based on group membership
In article <1189184036.957906.109840@w3g2000hsg.googlegroups. com> Avi
<avinash.duduskar@gmail.com> writes: >I should've sniffed an entire SMTP conversation before. >The username and password are sent together, so the entire purpose of >preventing people with SSH access to transmit cleartext passwords is >not possible. Right, you can't require TLS based on username - but why not always require TLS for cleartext auth mechanisms? I.e. define(`confAUTH_OPTIONS', `p') in the .mc file. --Per Hedeland per@hedeland.org |
|
|
|
| Outils de la discussion | |
|
|
