Bug with chkconfig? [WAS: Re: sendmail and smtps on fedora core 1]

Dave Oxley dave at daveoxley.co.uk
Thu Nov 27 13:22:49 UTC 2003 

I've got this working now. It seems saslauthd wasn't started. I think 
there is a bug with chkconfig on Fedora Core 1.
I had to change:
chkconfig: - 95 05
to
chkconfig: 2345 95 05
in /etc/init.d/saslauthd because with the '-' chkconfig didn't turn the 
service on for any level when doing chkconfig --add saslauthd.

Dave Oxley wrote:

> I did create the SSL certificates.
>
> Here is the log with the increased level. It looks like it can't 
> authenticate the user. When I've set this up on previous RedHat's it 
> authenticates against the unix user (adduser dave). Is there something 
> different I have to do to set up the users with sasl2?
>
> Nov 27 13:03:29 bertha sendmail[2769]: NOQUEUE: connect from 
> host81-128-245-107.
> in-addr.btopenworld.com [81.128.245.107]
> Nov 27 13:03:29 bertha sendmail[2769]: AUTH: available mech=GSSAPI 
> PLAIN LOGIN D
> IGEST-MD5 CRAM-MD5 ANONYMOUS, allowed mech=EXTERNAL GSSAPI KERBEROS_V4 
> DIGEST-MD
> 5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: Milter: no 
> active filter
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 220 
> bertha.mailboxmov
> ies.com ESMTP Sendmail 8.12.10/8.12.10; Thu, 27 Nov 2003 13:03:29 GMT
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: <-- EHLO davesxp
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 
> 250-bertha.mailboxmov
> ies.com Hello host81-128-245-107.in-addr.btopenworld.com 
> [81.128.245.107], pleas
> ed to meet you
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 
> 250-ENHANCEDSTATUSCOD
> ES
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-PIPELINING
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-8BITMIME
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-SIZE
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-DSN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-ETRN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-AUTH 
> GSSAPI DIGES
> T-MD5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-STARTTLS
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-DELIVERBY
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250 HELP
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: <-- STARTTLS
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 220 2.0.0 
> Ready to st
> art TLS
> Nov 27 13:03:30 bertha sendmail[2769]: STARTTLS=server, get_verify: 0 
> get_peer:
> 0x0
> Nov 27 13:03:30 bertha sendmail[2769]: STARTTLS=server, 
> relay=host81-128-245-107
> .in-addr.btopenworld.com [81.128.245.107], version=TLSv1/SSLv3, 
> verify=NO, ciphe
> r=RC4-MD5, bits=128/128
> Nov 27 13:03:30 bertha sendmail[2769]: STARTTLS=server, cert-subject=, 
> cert-issu
> er=
> Nov 27 13:03:30 bertha sendmail[2769]: AUTH: available mech=GSSAPI 
> PLAIN LOGIN D
> IGEST-MD5 CRAM-MD5 ANONYMOUS, allowed mech=EXTERNAL GSSAPI KERBEROS_V4 
> DIGEST-MD
> 5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMm002769: <-- EHLO davesxp
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 
> 250-bertha.mailboxmov
> ies.com Hello host81-128-245-107.in-addr.btopenworld.com 
> [81.128.245.107], pleas
> ed to meet you
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 
> 250-ENHANCEDSTATUSCOD
> ES
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-PIPELINING
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-8BITMIME
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-SIZE
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-DSN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-ETRN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-AUTH 
> GSSAPI DIGES
> T-MD5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-DELIVERBY
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250 HELP
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: <-- AUTH LOGIN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 334 
> VXNlcm5hbWU6
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 334 
> UGFzc3dvcmQ6
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 535 5.7.0 
> authenticat
> ion failed
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: AUTH failure 
> (LOGIN): gen
> eric failure (-1) SASL(-1): generic failure: checkpass failed
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 421 4.4.1 
> bertha.mail
> boxmovies.com Lost input channel from 
> host81-128-245-107.in-addr.btopenworld.com
> [81.128.245.107]
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: 
> host81-128-245-107.in-add
> r.btopenworld.com [81.128.245.107] did not issue MAIL/EXPN/VRFY/ETRN 
> during conn
> ection to MTA
>
>
> Alexander Dalloz wrote:
>
>> Am Do, den 27.11.2003 schrieb Dave Oxley um 13:42:
>>  
>>
>>> I am trying to setup sendmail on my Fedora box with SSL SMTP. When I 
>>> try to send an email I get the following error messages in 
>>> /var/log/maillog. Does anyone have any ideas?
>>>
>>> Nov 27 12:36:24 bertha sendmail[8076]: STARTTLS=server, 
>>> relay=host81-128-245-107.in-addr.btopenworld.com [81.128.245.107], 
>>> version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128
>>> Nov 27 12:36:24 bertha sendmail[8076]: hARCaOTX008076: 
>>> host81-128-245-107.in-addr.btopenworld.com [81.128.245.107] did not 
>>> issue MAIL/EXPN/VRFY/ETRN during connection to MTA
>>>   
>>
>>
>> [ sendmail.mc killed ]
>>
>> Did you generate the needed SSL certificates with OpenSSL?
>> Additional you can increase the default log level in sendmail from 9 to
>> 15 to see much more in the maillog. Add define(`confLOG_LEVEL', `15')dnl
>> to the sendmail.mc, regenerate the sendmail.cf and restart sendmail.
>>
>> Alexander
>>
>>
>>  
>>
>

-- 

* Dave Oxley *

* +44 (0)7966 249 344
* * * * Dave at JungleMoss.com * * <mailto:Dave at JungleMoss.com>
* * * * http://www.daveoxley.co.uk * * <http://www.daveoxley.co.uk> *

* "Linux: Because reboots are for hardware upgrades!" * * *   * *

More information about the fedora-list mailing list