On Fri, 2005-02-04 at 12:12, Rodolfo J. Paiz wrote: > On Fri, 2005-02-04 at 11:06 -0600, rcurts@xxxxxxxxxxxxxx wrote: > > I CAN send mail to <my_username>@<hostname_of_box>.com ... but if i send > > to an outside domain I get the error. > > > > The AUTH section of my sendmail.mc file: > > > > define(`confAUTH_OPTIONS', `A p')dnl > > TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl > > define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN > > PLAIN')dnl > > > > Try removing the "p" for the first line, like this: > > define(`confAUTH_OPTIONS', `A')dnl > > I believe the "p" parameter only allows encrypted authentication, and > will expressly prevent SMTP AUTH unencrypted mechanisms like PLAIN and > LOGIN unless the session is encrypted. > > For most people, allowing PLAIN and LOGIN SMTP AUTH is no greater risk > than they already have, since POP and IMAP *also* transmit unencrypted > passwords. Hence, no damage done by removing the 'p'. On the other hand, most mail clients that know how to do smtp AUTH also can encrypt the whole session for SMTP, POP, and IMAP. If you are going to do one, you might as well build the certificates and do it all. -- Les Mikesell les@xxxxxxxxxxxxxxxx
