Previous Section Next Section

FEATURE(authinfo)

Use a separate database for authentication information V8.12 and above

Beginning with V8.12, the authinfo feature tells sendmail to look in a special database file called authinfo for authentication information, rather than in the access database. This means you can have more secure permissions for the authinfo database than for the access database. This authinfo feature is declared like this:

FEATURE(`authinfo')

This creates a default configuration declaration that looks like this:

Kauthinfo hash /etc/mail/authinfo

Here the hash is derived from the setting of the DATABASE_MAP_TYPE mc configuration macro (Section 23.5.1), and the /etc/mail is derived from the setting of the MAIL_SETTINGS_DIR mc macro (Section 2.6.5.1). If you wish to change the defaults without having to change these two mc configuration macros, you can simply define that new default by adding a second argument to the feature declaration:

FEATURE(`authinfo', `hash /etc/private/authinfo')

If you provide a second argument and the second argument is a literal LDAP:

FEATURE(`authinfo', `LDAP')

the default becomes the following (we have wrapped the lines to fit the page):

Kauthinfo ldap -1 -v sendmailMTAMapValue -k (&(objectClass=sendmailMTAMapObject)
(|(sendmailMTACluster=${sendmailMTACluster})(sendmailMTAHost=$j))
(sendmailMTAMapName=authinfo)(sendmailMTAKey=%0))

See ldap (was ldapx) for a description of the ldap database type and its -1, -v, and -k switches. See Section 10.9.3.1 for a description of the authinfo database's contents and how to create that database.

    Previous Section Next Section