AuthOptions
Tune authentication parameters V8.10 and later
AuthOptions
provides a list of general tuning parameters that
affect authentication. It is declared like
this:
O AuthOptions=string ← configuration file (V8.10 and later) -OAuthOptions=string ← configuration file (V8.10 and later) define(`confAUTH_OPTIONS', `string') ← mc configuration (V8.10 and later)
The argument, of type
string
, is a list of
characters selected from those shown in Table 24-13,
where each character sets a particular tuning
parameter. If more than one character is listed,
each character must be separated from the next by
either a comma or a space.
Table 24-13. AuthOptions character settings
Character |
Meaning |
---|---|
|
Use the |
|
Provide protection from active (nondictionary) attacks during the authentication exchange. (Server only) |
|
Allow only selected mechanisms (those that can pass client credentials) to be used with client credentials. (Server only) |
|
Don’t permit use of mechanisms that are susceptible to passive dictionary attacks. (Server only) |
|
Require forward-secrecy between sessions (where breaking one won’t help break the next). (Server only) |
|
Require the use of mechanisms that support mutual authentication. (Server only) (V8.13 and above) |
|
Don’t permit mechanisms to be used if they are susceptible ... |
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.