[csw-users] configuring sendmail for smtp authentication
Yann Rouillard
yann at pleiades.fr.eu.org
Fri Sep 21 22:52:59 CEST 2012
Hi Jake,
Are you sure sendmail is looking Sendmail.conf in /etc/opt/csw ?
I think it's rather in /opt/csw/lib/sasl2/
You can check this by "trussing" the sendmail daemon startup:
truss -f /opt/csw/lib/sendmail -L sm-mta -bd -q15m 2>&1 | grep
Sendmail.conf
Yann
Could you "truss -f -p" the sendmail process while doing the
authentification and
2012/9/21 Jake Goerzen <jgoerzen at opencsw.org>
> On 09/20/12 03:14, Peter Bonivart wrote:
>
>> On Wed, Sep 19, 2012 at 11:06 PM, Jake Goerzen<jgoerzen at opencsw.org>
>> wrote:
>>
>>> Hello,
>>>
>>> I've have a working install of OpenCSW sendmail server up and running and
>>> would like to add smtp authentication to it so I have added the
>>> following to
>>> my sendmail.mc and rebuilt sendmail.cf:
>>>
>>> define(`confAUTH_OPTIONS', `A p y')dnl
>>> define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
>>> TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
>>>
>>> After restarting sendmail I setup thunderbird as a client and test
>>> sending
>>> mail. I get a prompt for a username/password when sending but the
>>> credentials are never accepted. I'm pretty sure saslauthd is configured
>>> correctly since I can successfully test it:
>>>
>>> $ /opt/csw/sbin/testsaslauthd -u username -p password
>>> 0: OK "Success."
>>>
>>> It is as if sendmail doesn't know how to communicate with saslauthd. From
>>> searching the web, I've tried creating the file
>>> /etc/opt/csw/Sendmail.conf
>>> with the contents:
>>>
>>> pwcheck_method: saslauthd
>>> mech_list: PLAIN LOGIN
>>> saslauthd_path: /var/opt/csw/saslauthd/mux
>>>
>>> But it still does not work. Has anyone set this up and have it working?
>>>
>> I assume you have tested to connect to the server and seen that it
>> actually offers AUTH?
>>
>> In your client, did you use TLS because you told it not to accept
>> PLAIN/LOGIN otherwise?
>>
>>
>>
> Hi Peter,
>
> Yes, I tested to make sure AUTH is offered. Yes, my client is using
> TLS, I should have mentioned that I have STARTTLS already configured. To
> make things easier to sort out, I removed the p and y options from
> confAUTH_OPTIONS and rebuild sendmail.cf so now I'm using:
>
> define(`confAUTH_OPTIONS', `A')dnl
>
> Now AUTH is offered even without TLS/SSL but the behavior is the same,
> username/password is prompted for but never authenticates successfully.
>
> 250-ENHANCEDSTATUSCODES
> 250-PIPELINING
> 250-EXPN
> 250-VERB
> 250-8BITMIME
> 250-SIZE
> 250-DSN
> 250-ETRN
> 250-AUTH LOGIN PLAIN
> 250-STARTTLS
> 250-DELIVERBY
> 250 HELP
> auth login
> 334 VXNlcm5hbWU6
> amdvZXJ6ZW5AZ29sZGVuZmFybXMuY2**9t
> 334 UGFzc3dvcmQ6
> <BASE64encoded-password-**entered-here>
> 535 5.7.0 authentication failed
>
>
> Still not able to authenticate. It is as if the sendmail process doesn't
> know where to look for the sasl communication socket which I believe is
> /var/opt/csw/saslauthd/mux Perhaps there's an option I'm missing that
> defines this path?
>
> Jake
>
> ______________________________**_________________
> users mailing list
> users at lists.opencsw.org
> https://lists.opencsw.org/**mailman/listinfo/users<https://lists.opencsw.org/mailman/listinfo/users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opencsw.org/pipermail/users/attachments/20120921/1dd121b7/attachment-0001.html>
More information about the users
mailing list