Cyrus-SASL + Sendmail (FC1)

Jonathan M. Gardner jgardner at jonathangardner.net
Sat Feb 21 19:06:40 UTC 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Saturday 21 February 2004 6:01 am, Alexander Dalloz wrote:
> Am Sa, den 21.02.2004 schrieb Jonathan M. Gardner um 13:13:
> > I'm playing around with authentication schemes with sendmail.
> >
> > I've noticed that the file /usr/lib/sasl2/Sendmail.conf is being
> > completely ignored. No matter what I seem to put in that, sendmail
> > checks /etc/sasldb2 for the password verification.
> >
> > If I use the saslpasswd2 utility, I can of course create an entry for
> > the users. However, I would much rather use PAM than this method.
> >
> > Any hints? It seems Google is turning up blanks...
>
> Sendmail does not ignore /usr/lib/sasl2/Sendmail.conf! It is just you
> confused about the authentification mechanisms. You can not
> authenticate with MD5 mechanism when auting against PAM. Only PLAIN /
> LOGIN will work that way.
>

Okay, I have the sendmail.mc file setup as so in my mail server:

define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
define(`confCACERT_PATH',`/usr/share/ssl/certs')
define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

On my mail server, /usr/lib/sasl2/Sendmail.conf reads:
pwcheck_method:pam

I am using KMail for the MUA on my workstation. I've set it up as so:
Auth: LOGIN
Encryption: TLS

When it goes to authenticate, KMail displays the following messages:
Sending failed:
Authentication failed.
Most likely the password is wrong.
The server responded: "5.7.0 authentication failed"

There is no message /var/log/messages from sendmail.

- -- 
Jonathan Gardner
jgardner at jonathangardner.net

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAN6xoqp6r/MVGlwwRAvGYAJ9uwaVZRCCNSRokspzBBCbItZfYzACfdEvK
AGg7U+k3wqOXrPeYu28Hg8k=
=ONY1
-----END PGP SIGNATURE-----





More information about the fedora-list mailing list