Relaying with Authentification, Secure Password transmission
Hi *! How do I tell sendmail, to relay mails for all users sending a correct login and password independent from the host from which they send the mail? Additional I want to enable secure password transmission for sendmail, popper and ftpd and don't know how! Thanx, Boris.
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hello. On Tue, 29 Aug 2000, Boris Kantwerk wrote:
How do I tell sendmail, to relay mails for all users sending a correct login and password independent from the host from which they send the mail?
First off: SMTP (Sendmail's protocol) does _not_ support authentication originally at all. Said that, there are several ways around this (sometimes) painful issue: - - SMTP after POP3: A user must login with POP3 first, then for some time this user and / or the user's ip-address may relay through sendmail Sendmail and POP3: http://www.sendmail.org/~ca/email/chk-rcpt5.html#POP - - SMTP AUTH (RFC 2554) based on SASL (RFC 2222): Adds a generic authentication system to SMTP. Based on the Cyrus SASL library, you can rebuild sendmail for use with SASL Cyrus SASL is available at ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/ Sendmail instructions at http://www.sendmail.org/~ca/email/auth.html Clients with SASL-support: http://www.sendmail.org/~ca/email/mel/SASL_ClientRef.html - - Various tunneling methods: TLS (formerly SSL) (via STARTTLS, sslwrap or stunnel), SSH, PPTP, whatever. STARTTLS at: http://www.sendmail.org/~ca/email/starttls.html
Additional I want to enable secure password transmission for sendmail, popper and ftpd and don't know how!
Your best bet should be something like SSL or SSH, I think (Yes, POP now also supports a somewhat better authentication mechanism, but not many clients did support it, last time I tried) How about completely scrapping FTP and replacing it with SSH? This, combined with sendmail, POP3, and IMAP all over SSL is what I use here.
Thanx, Boris.
Greetings olli - -- - -------------------------------------- Oliver Hensel <oliver.hensel@gmx.net> Linux - the choice of a GNU generation - -------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.2 (GNU/Linux) Comment: For info see http://www.gnupg.org iQEXAwUBOawu+9sdzhktCuebFAOb1gP/QLzT+mimFWsVHJWEm+hr0p5M4W4+HCWg 1boRok4cYGSYbyHGrRXknm0DzB9repf6Tl/rU4xKG33kHeDyXtR02/H6P1G6vsIg 6DiP9UzcqFVWBK/3/3ZAtCCDdzq25W3fzcXrSPpQ4IhxD8mROgYq+588rf/GGjKl 7yB6Iz7HG5ID/jH0y8aXFmDVJHg0iBAGF61v2l6hzcAbJwKW/hWt9QQAHaWBg/fw TZsmISUE+hxjjDdoUx89BdSlYnn98UYMzY8coYMHxF4b8vtSJ9vorRIucrBgNJRR +Wfv2osmme4sgvFEyqyBq69vyftENaq1e/wKeTD33VnKhs8swmHpI3Ah =fgGy -----END PGP SIGNATURE-----
Hello Boris! Am Tue, Aug 29, 2000 at 08:12:49PM +0200 schrieb Boris Kantwerk:
How do I tell sendmail, to relay mails for all users sending a correct login and password independent from the host from which they send the mail? Additional I want to enable secure password transmission for sendmail, popper and ftpd and don't know how!
How about tunneling through ssh? Will not work for ftp though. Regards Johannes
Am Tue, Aug 29, 2000 at 08:12:49PM +0200 schrieb Boris Kantwerk:
How do I tell sendmail, to relay mails for all users sending a correct login and password independent from the host from which they send the mail? Additional I want to enable secure password transmission for sendmail, popper and ftpd and don't know how!
Sendmail: 8.11.0 supports SMTP AUTH. www.sendmail.net has articles on it. POP/IMAP: SSL wrap them. I wrote an article on this for SysAdmin, may edition. the lskb covers it: www.securityportal.com/lskb/ FTP: FTP SUCKS ASS. use SSH with scp/etc. You can also ssl wrap it. www.cryptoarchive.net -Kurt
Hi On Tue, Aug 29, 2000 at 03:10:26PM -0600, Kurt Seifried wrote:
Am Tue, Aug 29, 2000 at 08:12:49PM +0200 schrieb Boris Kantwerk:
and password independent from the host from which they send the mail? Additional I want to enable secure password transmission for sendmail, popper and ftpd and don't know how! FTP: FTP SUCKS ASS. use SSH with scp/etc. You can also ssl wrap it. If you really want a ftp alike interface, use hsftp. It looks like a ftp client, but uses ssh as its backend. Might be easier to newusers, who are not familiar with ssh.
URLS: Source available under: http://www.freshmeat.net/projects/hsftp ftp://metalab.unc.edu/pub/Linux/system/network/file-transfer/ RPMs, spec files, and SRPMS (don't beat me, they're for trustix, not for suse and require readline and openssh-clients packages installed, I don't know whether they're named the same under SuSE, sorry for this) http://joker.rhwd.de/trustix Debian packages if you want/need them http://joker.rhwd.de/debian/debs/hsftp MfG/Regards, Alexander -- Alexander Reelsen http://joker.rhwd.de ref@linux.com GnuPG: pub 1024D/F0D7313C sub 2048g/6AA2EDDB ar@rhwd.net 7D44 F4E3 1993 FDDF 552E 7C88 EE9C CBD1 F0D7 313C Securing Debian: http://joker.rhwd.de/doc/Securing-Debian-HOWTO
participants (5)
-
Alexander Reelsen -
Boris Kantwerk -
Johannes Geiger -
Kurt Seifried -
Oliver Hensel