HP-UX Mailing Services Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software

121

122

123

124

125

126

127

128

129

130

Sendmail 8.13.3

New Features in Sendmail 8.13.3

Chapter 3 127

SERVER_KEY

and CLIENT_KEY Specifies the private keys that correspond to the

certificates of the Sendmail server. Following is the

option in the sendmail.cf file:

# Server private key

O ServerKeyFile=/etc/mail/certs/oldreq.pem

# Client private key

O ClientKeyFile=/etc/mail/certs/oldreq.pem

You can use the /usr/newconfig/etc/mail/cf/cf/gen_cf script to

generate the sendmail.cf configuration file that supports the

STARTTLS feature. The generated configuration file contains all the

STARTTLS options discussed previously. But, these options contain

default values and are commented by default. The gen_cf script gives

you the option to change the default values. If you change the default

values for a particular option, the option is enabled or uncommented in

the generated sendmail.cf configuration file.

To use Sendmail with STARTTLS, you must install the OpenSSL

software on your system from http://www.software.hp.com.

Cyrus SASL v2 Support

The Simple Authentication and Security Layer (SASL), is a generic

mechanism for protocols to accomplish authentication. Because protocols

(such as SMTP or IMAP) use SASL, it is a natural place for code sharing

between applications. Some notable applications that use SASL include

Sendmail and Cyrus imapd (versions 1.6.0 and higher).

Applications use the SASL library to inform it how to accomplish the

SASL protocol exchange, and what the results are.

SASL is only a framework and specific SASL mechanisms govern the

exact protocol exchange. If there are n protocols and m different ways of

authenticating, SASL attempts to make it so only n plus m different

specifications need be written instead of n times m different

specifications. With the Cyrus SASL library, the mechanisms need only

be written once, and they work with all servers that use it.

How SASL Works How SASL works is governed by what mechanism

the client and server choose to use and the exact implementation of that

mechanism. This section describes the way these mechanisms act in the

Cyrus SASL implementation.