I just did this with sendmail 8.11.1:
You need to compile sendmail with _FFR_UNSAFE_SASL defined to enable a new
DontBlameSendmail option to relax the permission check on the sasldb.
For example, in the sendmail source distribution
Create a site.config.m4 in the devtools/Site directory that contains the
FFR:
APPENDDEF(`confENVDEF',`-D_FFR_UNSAFE_SASL')
Remove your obj directory and re-Build sendmail and install this new binary.
In your mc file, add the following line:
define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')
And regenerate your sendmail.cf
Now you can change the group ownership of the sasldb to cyrus, and its
permissions to 640 and all is happy!
Tim
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of The Hermit
Hacker
Sent: Thursday, November 23, 2000 4:45 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Using SASL with Sendmail & IMAPd ...
Okay, found docs on setting up Sendmail to use SASL, and got it setup
... when I connect, maillog reports:
error: safesasl(/usr/local/etc/sasldb) failed: Group readable file
on a file with permissions of:
-rw-r----- 1 root wheel 24576 Nov 22 23:55/usr/local/etc/sasldb
so, remove the read bit, and, of course, imap gets a permission denied ...
change it to owner cyrus, and the error becomes:
error: safesasl(/usr/local/etc/sasldb) failed: Permission denied
so, I'm missing a step here somewhere ... someone want to let me know
which one it is? :(
thanks ...
Marc G. Fournier ICQ#7615664 IRC Nick:
Scrappy
Systems Administrator @ hub.org
primary: [EMAIL PROTECTED] secondary:
scrappy@{freebsd|postgresql}.org
