I am looking for a way for sendmail to ALLOW auth by IP and not user name (its a closed network) or even SKIP invalid auth ? Is that even possible ? Jerry
Am 01.06.2020 um 19:44 schrieb Jerry Geis:> I am looking for a way for sendmail to ALLOW auth by IP and not user name > (its a closed network) or even SKIP invalid auth ? > Is that even possible ?It is possible to configure Sendmail to relay based on client connection. The doc will tell you how. https://www.sendmail.org/~ca/email/doc8.12/cf/m4/anti_spam.html#access_db If your Sendmail setup demands AUTH, then it will not skip in case of false credentials. Whatever backend you configure cyrus-sasl to use for validating the SMTP AUTH credentials, it is possible to use other values than a user name.> JerryAlexander
On 6/1/2020 10:55 AM, Alexander Dalloz wrote:> > Whatever backend you configure cyrus-sasl to use for validating the > SMTP AUTH credentials, it is possible to use other values than a user > name.I'm no sasl expert but it looks like one could store the weird username in /etc/sasldb: https://www.cyrusimap.org/sasl/sasl/sysadmin.html One could also hack up an extra PAM module for use by saslauthd.
I came across /etc/mail/virtusertable. I am using fresh install of centos 7. I added my silly user as: silly at my.com silly did the make and service sendmail restart. But its still not working. Getting rejects as not valid just like before. I presume this would use the PW for "silly" user. Thought I was onto something there. Jerry
On 6/1/2020 12:03 PM, Jerry Geis wrote:> I came across /etc/mail/virtusertable. I am using fresh install of centos > 7. > I added my silly user as: > silly at my.com silly > > did the make and service sendmail restart. > But its still not working. Getting rejects as not valid just like before. I > presume this would use the PW for "silly" user.That's not used for authentication. That's used for routing received mail.? For authentication, you need to mess with cyrus-sasl.
>https://www.cyrusimap.org/sasl/sasl/sysadmin.html>One could also hack up an extra PAM module for use by saslauthd.Ok I read through this, played on my machine with it - It looks very promising. Will try on the end machine tomorrow. Thanks Kenneth! Jerry