Hi folks,
Is it possible to configure an Exim4 server (exim4-daemon-heavy 4.72-6
on Debian squeeze) to offer an authenticated SMTP service with
end-to-end SSL encryption while authenticating the passwords with
Kerberos?
So far I've added the following to 00_exim4-config_header:
sasl_gssapi:
driver = cyrus_sasl
public_name = GSSAPI
server_realm = EXAMPLE.COM
server_set_id = $auth1
In addition to that:
* The mail server has a functioning Kerberos client.
* I've created the following principal for it in the KDC:
smtp/email.example.com@???
* I've added the keys for it to the local key table.
* I've created the following environment variable:
KRB5_KTNAME=/etc/krb5.keytab
* The key table has permissions 640 and owner.group
root.Debian-exim.
Still, I'm missing some things. For instance, I'm not even sure how
the MUAs should be configured (e.g. port 25, 465 or 587? SSL/TLS or
STARTTLS?).
Thanks,
Jaap
