Manualshelf

Sendmail 8.13.3 Securing Mailing Solution

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
11121314151617181920
7. The SASL library returns some bytes to the client application.
8. The client application transmits these bytes over the network.
9. The client application repeats steps 7 9 until the server informs the application
that the authentication is successful.
An application in the server interacts with the SASL library as follows:
1. A server makes a few calls to initialize the SASL library.
2. When the server establishes a new connection, the server makes a new context for
that connection immediately.
3. The client requests a list of mechanisms the server supports and specifies the
mechanism it wants to use. The client also requests to start the authentication
process after finalizing on the authentication mechanism.
4. The server negotiates this authentication and retains the authentication information
for subsequent encoding and decoding operations.
RFC 2554 (SMTP Service Extension for Authentication) specifies that the AUTH command
indicates an authentication mechanism to the server. If the server supports the requested
authentication mechanism, it performs an authentication protocol exchange to
authenticate and identify the user. Optionally, it also negotiates a security layer for
subsequent protocol interactions. If the requested authentication mechanism is not
supported, the server rejects the AUTH command with a 504 reply.
Versions of Sendmail starting with 8.10 support the SMTP AUTH command, as defined
in RFC 2554.
Configuring Sendmail 8.13.3 with TLS and SSL
This section describes how to configure SMTP over TLS, as defined in RFC 2487. It also
describes how to verify the TLS/SSL configuration.
This section addresses the following topics:
“Prerequisites” (page 13)
“Generating Certificates and Keys” (page 14)
“Configuring the Sendmail 8.13.3 Server with TLS/SSL” (page 18)
“Verifying the TLS/SSL Configuration” (page 20)
Prerequisites
Following are the prerequisites for configuring the TLS/SSL security feature:
The KRNG11i strong random number generator
Configuring Sendmail 8.13.3 with TLS and SSL 13