Re: [exim] Smarthost with Kerberos Auth

Top Pagina
Delete this message
Reply to this message
Auteur: Andy Bennett
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] Smarthost with Kerberos Auth
Hi,

Thanks for the reply!

>> + For exim acting as an SMTP client (i.e. when initiating an SMTP
>> connection to the smarthost) to use the data in a keytab to provide a
>> username and password to an authenticator.
>
>>  + For exim acting as an SMTP client to use a Kerberos service ticket
>> (obtained with the credentials in the keytab) to authenticate to the
>> relay via GSSAPI.
>>    This is the ideal scenario and in this instance the credentials would
>> never be sent over the wire.

>
> Neither at present. The correct fix is to expand the heimdal_gssapi
> authenticator to handle client-side authentication. This would be the
> simplest, with fewer layers of abstraction to manipulate, and is newer
> code (introduced with Exim 4.80).


I'm running MIT Kerberos. Can heimdal_gssapi speak to that?




Regards,
@ndy

--
andyjpb@???
http://www.ashurst.eu.org/
0x7EBA75FF