Hi folks,

I have a FreeBSD 7.0 server where I'd like to authenticate against /etc/master.passwd when using SMTP AUTH and Sendmail. This means using LOGIN, which can use either plain text or SSL-tunneled connections. I'd like to allow SMTP AUTH only over SSL, and disallow it over unencrypted connections. Any suggestions on this? Surely there's just some switch I'm missing? The archives and search engines are full of people trying to get SSL working, not people trying to turn off non-SSL connections.

Here's the relevant snippets of sendmail.mc I'm using.

TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`CERT_DIR', `/usr/local/etc/certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/hostname.pem')dnl define(`confSERVER_CERT', `CERT_DIR/hostname.pem')dnl define(`confSERVER_KEY', `CERT_DIR/hostname-key.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/hostname.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/hostname-key.pem')dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

Any suggestions greatly appreciated!