Sam, I'm running SSL with SMTP AUTH and DCC and I can successfully bypass greylisting of the auth-ed sessions. I use standard hackme mc munging of my sendmail mc.
I had struggled with the same problem as yours for a while only to find out that I foolishly used delay_checks feature in my mc (it's even explicitly mentioned in the hackme script in the -T option writeup not to use FEATURE(`delay_checks')). Once I removed delay_checks feature, regenerated sendmail.cf with hackme, greylisting was was not invoked for auth-ed sessions. --p Sam Leffler wrote: > Vernon Schryver wrote: >>> From: Daniel V Klein >> >>> I'd like to whitelist any authenticated-user email (they come from >>> all manner >>> of IP adresses, so they are not necessarily "local"). Is this possible? >> >> You might Use `/var/dcc/libexec/hackmc -T` as the text in that shell >> script says to: >> >> # -T modify the sendmail rules to trust (whitelist) mail from users >> # authenticated with an SMTP AUTH TRUST_AUTH_MECH() mechanism or >> from >> # SMTP clients with certificates verified with START TLS. >> # If STMP-AUTH used, TRUST_AUTH_MECH must be set in the .mc file >> and >> # sendmail must be built with SASL or otherwise have working >> SMTP auth. >> # FEATURE(`delay_checks') must NOT be used. >> >> It works for me with START TLS, but I've never tried with SMTP AUTH. >> It should be the same, but I have heard a report from someone who >> was unable to make it work. > > I've never been able to leverage SMTP AUTH to bypass greylisting w/ > sendmail. Not sure if that's the intent of the original request. Some > folks suggested running sendmail on a separate port w/ a different > config that required SMTP AUTH and bypassed greylisting in the config > but I never did that. > _______________________________________________ DCC mailing list [email protected] http://www.rhyolite.com/mailman/listinfo/dcc
