sendmail as MSA and client side GSSAPI

Victor Sudakov vas at mpeks.no-spam-here.tomsk.su
Sun Mar 16 11:18:47 EDT 2008


Colleagues,

I have sendmail 8.13.6 acting as MSA for local users. It is compiled
with SASLv2 and has the following lines in the submit.mc file:
FEATURE(`authinfo')dnl 
FEATURE(`msp', `[mailhub]')dnl

The mailhub to which mail is submitted supports GSSAPI:
250-AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5 GSSAPI

Now how do I enable GSSAPI authentication for local users? What should
I put into the /etc/mail/authinfo file so that each local user who has
a Kerberos ticket could authenticate herself to the mailhub?

The users send mail from mutt, pine etc by calling /usr/sbin/sendmail.

Reading cf/README "Providing SMTP AUTH Data when sendmail acts as
Client" did not enlighten me. I want no U or P tags in the authinfo
file, since I want the calling user's Kerberos principal name as U and
her ticket instead of password.

Thanks in advance for any input.

-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/



More information about the Kerberos mailing list