-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Thomas wrote: > I want to set up smtp auth to authenticate me using my x509 certificate > from the SSL connection established by my mail client (thunderbird). > > Is this possible with the sendmail package in FC4? > If so, can anyone point me to some documentation on how to set it up? > Wart, I can't find a howto at the moment (maybe I should get around to writing one?). Anyhow, if I remember it right the steps needed to do this are: o Create a CA certificate for your server/domain, o Create a mail server certificate signed by the CA, o Change sendmail.mc accordingly and restart sendmail, o Create a client certificate also signed by the CA, o Import the client cert into thunderbird and force connect via SSL o Allow RELAY by CA in /etc/mail/access like: CERTIssuer:/C=GB/ST=GB/L=London/O=YourOrg/OU=CA/CN=your.domain.name/emailAddress=your@xxxxxxxxxxxxxxxx RELAY The values above should be taken from the client certificate information about the signing CA/Issuer. o Voila! Most of these steps can be googled for, but I can't find any one place where they are all together at the moment.... Sorry for the lack of detail, but I hope this helps a little ;-) Craig. - -- Craig McLean http://fukka.co.uk craig@xxxxxxxxxxx Where the fun never starts Powered by FreeBSD, and GIN! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFD8fkFMDDagS2VwJ4RAvWVAKC94lxDSFOlGUCcM6sr4mgktgmsBQCfb6da yBBzH06f02eBFCs1SAv295c= =EZaC -----END PGP SIGNATURE-----
