PLAIN/LOGIN auth over SSL woes
What I currently have working:
Require CRAM-MD5 or DIGEST-MD5 authentication with or
What I want working:
Require CRAM-MD5 or DIGEST-MD5 authentication without SSL.
Additionally allow either LOGIN or PLAIN authentication
with SSL (but specifically forbid LOGIN or PLAIN without
I've tried various combinations of config options but never
gotten what I want to work working. Below are relevant excerpts
from my Debian sarge config files:
define(`confAUTH_MECHANISMS', `CRAM-MD5 DIGEST-MD5')
ifelse(eval(sm_version_math >= 527360), `1', `dnl
define(`confAUTH_OPTIONS',`A p y')
mech_list: EXTERNAL DIGEST-MD5 CRAM-MD5
For what I have working, I apparently do NOT need to run
saslauthd since everything works just fine without it.
1. If I want to allow either LOGIN or PLAIN, must I run
saslauthd? If so, is the "pam" mechanism in
/etc/default/saslauthd correct? If not, what should it be?
I'd actually prefer not to be running another daemon if I can
get away with it.
2. Do I need to add "LOGIN PLAIN" *everywhere* "CRAM-MD5 DIGEST-MD5"
are currently mentioned?
3. Is Sendmail.conf correct? If not, what needs to change?