Bug with chkconfig? [WAS: Re: sendmail and smtps on fedora core 1]
Dave Oxley
dave at daveoxley.co.uk
Thu Nov 27 13:22:49 UTC 2003
I've got this working now. It seems saslauthd wasn't started. I think
there is a bug with chkconfig on Fedora Core 1.
I had to change:
chkconfig: - 95 05
to
chkconfig: 2345 95 05
in /etc/init.d/saslauthd because with the '-' chkconfig didn't turn the
service on for any level when doing chkconfig --add saslauthd.
Dave Oxley wrote:
> I did create the SSL certificates.
>
> Here is the log with the increased level. It looks like it can't
> authenticate the user. When I've set this up on previous RedHat's it
> authenticates against the unix user (adduser dave). Is there something
> different I have to do to set up the users with sasl2?
>
> Nov 27 13:03:29 bertha sendmail[2769]: NOQUEUE: connect from
> host81-128-245-107.
> in-addr.btopenworld.com [81.128.245.107]
> Nov 27 13:03:29 bertha sendmail[2769]: AUTH: available mech=GSSAPI
> PLAIN LOGIN D
> IGEST-MD5 CRAM-MD5 ANONYMOUS, allowed mech=EXTERNAL GSSAPI KERBEROS_V4
> DIGEST-MD
> 5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: Milter: no
> active filter
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 220
> bertha.mailboxmov
> ies.com ESMTP Sendmail 8.12.10/8.12.10; Thu, 27 Nov 2003 13:03:29 GMT
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: <-- EHLO davesxp
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: ---
> 250-bertha.mailboxmov
> ies.com Hello host81-128-245-107.in-addr.btopenworld.com
> [81.128.245.107], pleas
> ed to meet you
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: ---
> 250-ENHANCEDSTATUSCOD
> ES
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-PIPELINING
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-8BITMIME
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-SIZE
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-DSN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-ETRN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-AUTH
> GSSAPI DIGES
> T-MD5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-STARTTLS
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250-DELIVERBY
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 250 HELP
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: <-- STARTTLS
> Nov 27 13:03:29 bertha sendmail[2769]: hARD3TMm002769: --- 220 2.0.0
> Ready to st
> art TLS
> Nov 27 13:03:30 bertha sendmail[2769]: STARTTLS=server, get_verify: 0
> get_peer:
> 0x0
> Nov 27 13:03:30 bertha sendmail[2769]: STARTTLS=server,
> relay=host81-128-245-107
> .in-addr.btopenworld.com [81.128.245.107], version=TLSv1/SSLv3,
> verify=NO, ciphe
> r=RC4-MD5, bits=128/128
> Nov 27 13:03:30 bertha sendmail[2769]: STARTTLS=server, cert-subject=,
> cert-issu
> er=
> Nov 27 13:03:30 bertha sendmail[2769]: AUTH: available mech=GSSAPI
> PLAIN LOGIN D
> IGEST-MD5 CRAM-MD5 ANONYMOUS, allowed mech=EXTERNAL GSSAPI KERBEROS_V4
> DIGEST-MD
> 5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMm002769: <-- EHLO davesxp
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: ---
> 250-bertha.mailboxmov
> ies.com Hello host81-128-245-107.in-addr.btopenworld.com
> [81.128.245.107], pleas
> ed to meet you
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: ---
> 250-ENHANCEDSTATUSCOD
> ES
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-PIPELINING
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-8BITMIME
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-SIZE
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-DSN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-ETRN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-AUTH
> GSSAPI DIGES
> T-MD5 CRAM-MD5 LOGIN PLAIN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250-DELIVERBY
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 250 HELP
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: <-- AUTH LOGIN
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 334
> VXNlcm5hbWU6
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 334
> UGFzc3dvcmQ6
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 535 5.7.0
> authenticat
> ion failed
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: AUTH failure
> (LOGIN): gen
> eric failure (-1) SASL(-1): generic failure: checkpass failed
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769: --- 421 4.4.1
> bertha.mail
> boxmovies.com Lost input channel from
> host81-128-245-107.in-addr.btopenworld.com
> [81.128.245.107]
> Nov 27 13:03:30 bertha sendmail[2769]: hARD3TMn002769:
> host81-128-245-107.in-add
> r.btopenworld.com [81.128.245.107] did not issue MAIL/EXPN/VRFY/ETRN
> during conn
> ection to MTA
>
>
> Alexander Dalloz wrote:
>
>> Am Do, den 27.11.2003 schrieb Dave Oxley um 13:42:
>>
>>
>>> I am trying to setup sendmail on my Fedora box with SSL SMTP. When I
>>> try to send an email I get the following error messages in
>>> /var/log/maillog. Does anyone have any ideas?
>>>
>>> Nov 27 12:36:24 bertha sendmail[8076]: STARTTLS=server,
>>> relay=host81-128-245-107.in-addr.btopenworld.com [81.128.245.107],
>>> version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128
>>> Nov 27 12:36:24 bertha sendmail[8076]: hARCaOTX008076:
>>> host81-128-245-107.in-addr.btopenworld.com [81.128.245.107] did not
>>> issue MAIL/EXPN/VRFY/ETRN during connection to MTA
>>>
>>
>>
>> [ sendmail.mc killed ]
>>
>> Did you generate the needed SSL certificates with OpenSSL?
>> Additional you can increase the default log level in sendmail from 9 to
>> 15 to see much more in the maillog. Add define(`confLOG_LEVEL', `15')dnl
>> to the sendmail.mc, regenerate the sendmail.cf and restart sendmail.
>>
>> Alexander
>>
>>
>>
>>
>
--
* Dave Oxley *
* +44 (0)7966 249 344
* * * * Dave at JungleMoss.com * * <mailto:Dave at JungleMoss.com>
* * * * http://www.daveoxley.co.uk * * <http://www.daveoxley.co.uk> *
* "Linux: Because reboots are for hardware upgrades!" * * * * *
More information about the fedora-list
mailing list