著者: W B Hacker 日付: To: exim users 題目: Re: [exim] SMTP-AUTH, Kerberos and SSL
Jaap Winius wrote: > Hi folks,
>
> Is it possible to configure an Exim4 server (exim4-daemon-heavy 4.72-6
> on Debian squeeze) to offer an authenticated SMTP service with
> end-to-end SSL encryption while authenticating the passwords with Kerberos?
>
> So far I've added the following to 00_exim4-config_header:
>
> sasl_gssapi:
> driver = cyrus_sasl
> public_name = GSSAPI
> server_realm = EXAMPLE.COM
> server_set_id = $auth1
>
> In addition to that:
>
> * The mail server has a functioning Kerberos client.
> * I've created the following principal for it in the KDC:
> smtp/email.example.com@???
> * I've added the keys for it to the local key table.
> * I've created the following environment variable:
> KRB5_KTNAME=/etc/krb5.keytab
> * The key table has permissions 640 and owner.group
> root.Debian-exim.
>
> Still, I'm missing some things. For instance, I'm not even sure how the
> MUAs should be configured (e.g. port 25, 465 or 587? SSL/TLS or STARTTLS?).
>
> Thanks,
>
> Jaap
>
>
Have a look at these, walk the thread trees, and do your own due diligence:
