Name
${auth_authen}
Synopsis
A server offers authentication by presenting the AUTH keyword to the connecting site, following that with the types of mechanisms supported:
250-host.domain Hello some.domain, pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 ← note this line 250-DELIVERBY 250 HELP
If the connecting site wishes to authenticate itself, it replies with an AUTH command indicating the type of mechanism preferred:
AUTH X5 ← client sends 504 Unrecognized authentication type. ← server replies AUTH CRAM-MD5 ← client sends 334 PENCeUxFREJoU0NnbmhNWitOMjNGNndAZWx3b29kLmlubm9zb2Z0LmNvbT4= ← server replies ZnJlZCA5ZTk1YWVlMDljNDBhZjJiODRhMGMyYjNiYmFlNzg2ZQ= = ← client sends 235 Authentication successful.← server replies
Here, the client first asks for X5 authentication, which the server rejects. The client next asks for CRAM-MD5. The server says it can support that by replying with a 334 followed by a challenge string. The client replies to the challenge with an appropriate reply string, and the authentication is successful (as shown in the last line).
If authentication is successful, this
${auth_authen} macro is assigned the
authentication credentials that were approved as its value. The form
of the credentials depends on the encryption used. It could be a
simple username (such as bob), or a username at
a realm (such as bob@some.domain).
The client can then offer a different user, rather than the envelope ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
