${auth_authen}
RFC2554 AUTH credentials V8.10 and later
A server offers authentication by presenting the AUTH keyword to the connecting site, following that with the types of mechanisms supported:
250-host.domain Hello some.domain, pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 ← note this line
250-DELIVERBY
250 HELPIf the connecting site wishes to authenticate itself, it replies with an AUTH command indicating the type of mechanism preferred:
AUTH X5 ← client sends 504 Unrecognized authentication type. ← server replies AUTH CRAM-MD5 ← client sends 334 PENCeUxFREJoU0NnbmhNWitOMjNGNndAZWx3b29kLmlubm9zb2Z0LmNvbT4= ← server replies ZnJlZCA5ZTk1YWVlMDljNDBhZjJiODRhMGMyYjNiYmFlNzg2ZQ= = ← client sends 235 Authentication successful. ← server replies
Here, the client first asks for X5 authentication, which the server rejects. The client next asks for CRAM-MD5. The server says it can support that by replying with a 334 followed by a challenge string. The client replies to the challenge with an appropriate reply string, and the authentication is successful (as shown in the last line).
If authentication is successful, this ${auth_authen} macro is
assigned the authentication credentials that were
approved as its value. The form of the credentials
depends on the encryption used. It could be a simple
username (such as bob) or a
username at a realm (such as
bob@some.domain).
The client can then offer a different user, rather ...
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
