Sendmail 8.13.3 Securing Mailing Solution

NOTE: If you use the FEATURE(`authinfo') option, the hostname in the map

entry must match exactly with the hostname of the ISP mailserver, as explained

in the ../cf/README file.

Sendmail 8.13.3 searches only for domain parts or IP nets if you use the access

map. If you use the authinfo feature, Sendmail 8.13.3 performs only three

lookups, one default and two exact matches.

Verifying the Cyrus SASL Setup

This section discusses how to verify the Cyrus SASL setup.

Follow this procedure to verify the Cyrus SASL setup:

1. From the system where you have configured the client to the Sendmail 8.13.3 SASL

server, enter the following commands to send mails to the Sendmail 8.13.3 server:

echo "TEST MAIL" | sendmail -v username@server.domain |

test.log

echo "TEST MAIL" | sendmail –v root@XXX.yyy.com | test.log

You can also use other mail clients, such as elm, mailx, and mail, to send mails.

2. Ensure that you receive a similar message, specified as follows, to denote that the

Cyrus SASL setup is working properly:

">>> AUTH CRAM-MD5

334 PDM2MzU1OTY5NDEuNDkxNjA3OEBpbmV0MTEuaW5kaWEuaHAuY29tPg== >

>> cm9vdCBmNWFkMGIyMDQzZGE2YTNkZmUwOTUxYWU2ZTU5NTg2Yg

== 235 2.0.0 OK Authenticated"

NOTE: This message varies with the AUTH mechanism used, but you must receive

the 235 2.0.0 OK Authenticated message to denote that the Cyrus SASL

setup is working properly. On the peer system, ensure that you receive the

authenticated bits=0 message in the corresponding message header.

Related Information

For more information on TLS/SSL and Cyrus SASL, see the following websites:

• http://www.sendmail.org/~ca/email/auth.html

• http://www.sendmail.org/~ca/email/starttls.html

• http://docs.hp.com/en/netcom.html#Internet%20Services

• http://www.sendmail.org/misc/other-non-sendmail-links.php