PMDF has the ability to configure the TCP/IP channel client to use SASL via the SMTP AUTH command when sending mail out from the PMDF MTA to a remote MTA. This is primarily needed by home users who are running PMDF on their home systems and have an ISP that requires a username and password to be able to send out mail through the ISP's MTA.
The username and password to use for authentication is configured in a
section in the
security.cnf file called
CLIENT_AUTH. For details see Section 14.2. An example
CLIENT_AUTH section is as follows:
[CLIENT_AUTH=default] USER=remote-username PASSWORD=remote-password
The TCP/IP channel also needs to be configured to enable client-side
SASL. This is done with one of the following channel keywords:
mustsasl. For details see
By default, the
[CLIENT_AUTH=default] section in the
security.cnf file is used to get the username and
password. To use a different
CLIENT_AUTH section, specify
its name using the
client_auth channel keyword.
This example channel definition is used to send mail out to a system called 'alpha' on the SMTP submission port (587) using SASL and TLS.
tcp_alpha smtp mx port 587 daemon router maysaslclient allowswitchchannel \ maytls client_auth alpha alpha.example.edu TCP-ALPHA