The distribution files and documentation will have to be made available on an FTP site that allows anonymous access and has space for the compressed tar files (roughly 20 megabytes). Make sure to have a file called README that clearly explains where to get further documentation and whom to contact for questions.
Currently, the code in BSD that encrypts passwords is not exportable outside the United States. The script that generates the distribution files keeps all of the encryption code in a separate tar file. The rest can be downloaded by anyone, and users missing the encryption tar file will have to store their passwords in plain text. Make sure to clearly say both at the FTP site and in the README file that it is illegal for those outside the United States to download the encryption tar file. For example, this is the notice on sun-lamp.cs.berkeley.edu, NetBSD's home site:
EXPORT CONTROL NOTE:
Non-U.S. ftp users are required to follow U.S. export control restrictions, which means that if you see some DES or otherwise controlled software here, you SHOULD NOT copy it. Look at README.export-control (in / and most other directories) to learn more. (If the treaty between your country and the United States did not require you to respect U.S. export control restrictions, then you would not have Internet connectivity to this host. Check with your U.S. embassy if you want to verify this.)