AuthMechanisms
The AUTH mechanisms V8.10 and later
The AuthMechanisms
option is used to declare the types of
authentication you want to allow to be passed in the
AUTH ESMTP extension (see RFC2554). You use this
option by listing the mechanisms you wish to set as
its value.
O AuthMechanisms=mechanisms ← configuration file (V8.10 and later) -OAuthMechanisms=mechanisms ← configuration file (V8.10 and later) define(`confAUTH_MECHANISMS', `mechanisms') ← mc configuration (V8.10 and later)
When there is more than one preferred mechanism, each is separated from the others by space characters. For example:
define(`confAUTH_MECHANISMS', `CRAM-MD5 KERBEROS_V4')
Before the actual AUTH is generated, sendmail produces an intersection of the mechanisms you want and those supported by the SASL software you have installed. Only those that are specified by this option and those supported by your software are listed by the issued AUTH command:
250-AUTH CRAM-MD5
Here, you wanted both CRAM-MD5 and KERBEROS_V4 offered as mechanisms. But if the SASL software installed on your machine, for example, supports only CRAM-MD5 and DIGEST-MD5, the common or intersecting mechanism will be CRAM-MD5, so that is all that will be advertised.
When more than one mechanism is listed, the other side will negotiate them one at a time, until one succeeds. For example, the interplay of the offered mechanisms and the counters by the other side might look like this:
220 other.domain ESMTP Sendmail 8.12.7/8.12.7; Sat, 18 Dec 1999 09:17:09 ...
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.