AuthOptions

Tune authentication parameters V8.10 and later

AuthOptions provides a list of general tuning parameters that affect authentication. It is declared like this:

O AuthOptions=stringconfiguration file (V8.10 and later)
-OAuthOptions=stringconfiguration file (V8.10 and later)
define(`confAUTH_OPTIONS', `string')  ← mc configuration (V8.10 and later)

The argument, of type string, is a list of characters selected from those shown in Table 24-13, where each character sets a particular tuning parameter. If more than one character is listed, each character must be separated from the next by either a comma or a space.

Table 24-13. AuthOptions character settings

Character

Meaning

A

Use the AUTH= parameter from the MAIL From: command only when authentication succeeds. This character can be specified as a workaround for broken MTAs that do not correctly implement RFC2554. (Client only)

a

Provide protection from active (nondictionary) attacks during the authentication exchange. (Server only)

c

Allow only selected mechanisms (those that can pass client credentials) to be used with client credentials. (Server only)

d

Don’t permit use of mechanisms that are susceptible to passive dictionary attacks. (Server only)

f

Require forward-secrecy between sessions (where breaking one won’t help break the next). (Server only)

m

Require the use of mechanisms that support mutual authentication. (Server only) (V8.13 and above)

p

Don’t permit mechanisms to be used if they are susceptible ...

Get sendmail, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.