[csw-users] configuring sendmail for smtp authentication
Jake Goerzen
jgoerzen at opencsw.org
Fri Sep 21 18:01:30 CEST 2012
On 09/20/12 03:14, Peter Bonivart wrote:
> On Wed, Sep 19, 2012 at 11:06 PM, Jake Goerzen<jgoerzen at opencsw.org> wrote:
>> Hello,
>>
>> I've have a working install of OpenCSW sendmail server up and running and
>> would like to add smtp authentication to it so I have added the following to
>> my sendmail.mc and rebuilt sendmail.cf:
>>
>> define(`confAUTH_OPTIONS', `A p y')dnl
>> define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
>> TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
>>
>> After restarting sendmail I setup thunderbird as a client and test sending
>> mail. I get a prompt for a username/password when sending but the
>> credentials are never accepted. I'm pretty sure saslauthd is configured
>> correctly since I can successfully test it:
>>
>> $ /opt/csw/sbin/testsaslauthd -u username -p password
>> 0: OK "Success."
>>
>> It is as if sendmail doesn't know how to communicate with saslauthd. From
>> searching the web, I've tried creating the file /etc/opt/csw/Sendmail.conf
>> with the contents:
>>
>> pwcheck_method: saslauthd
>> mech_list: PLAIN LOGIN
>> saslauthd_path: /var/opt/csw/saslauthd/mux
>>
>> But it still does not work. Has anyone set this up and have it working?
> I assume you have tested to connect to the server and seen that it
> actually offers AUTH?
>
> In your client, did you use TLS because you told it not to accept
> PLAIN/LOGIN otherwise?
>
>
Hi Peter,
Yes, I tested to make sure AUTH is offered. Yes, my client is using
TLS, I should have mentioned that I have STARTTLS already configured.
To make things easier to sort out, I removed the p and y options from
confAUTH_OPTIONS and rebuild sendmail.cf so now I'm using:
define(`confAUTH_OPTIONS', `A')dnl
Now AUTH is offered even without TLS/SSL but the behavior is the same,
username/password is prompted for but never authenticates successfully.
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-STARTTLS
250-DELIVERBY
250 HELP
auth login
334 VXNlcm5hbWU6
amdvZXJ6ZW5AZ29sZGVuZmFybXMuY29t
334 UGFzc3dvcmQ6
<BASE64encoded-password-entered-here>
535 5.7.0 authentication failed
Still not able to authenticate. It is as if the sendmail process
doesn't know where to look for the sasl communication socket which I
believe is /var/opt/csw/saslauthd/mux Perhaps there's an option I'm
missing that defines this path?
Jake
More information about the users
mailing list