Sendmail-SASL Handshake

Glenn J. Miller glenn.miller at skyymap.com
Tue Jan 24 15:54:07 EST 2006 

Hey y'all... good afternoon...

I've been all over the 'net checking into getting my sendmail server
configured properly. As brief overview, the following are being used:

	Fedora Core 3
	sendmail 8.13.1-2
	Dovecot 0.99.13-3.FC3
	cyrus-sasl*2.1.19-3
	
Basically an out-of-the-boxen 'stock' sendmail distro that comes w/ Fedora
Core 3. I've got two other users beside myself (local), and everything is
working as advertised based on my own knowledge and observations. POP3
authentification appears to be what is giving me the headache (imagine
that). I've got the testsaslauthd working properly for etc/shadow access, as
it succeeds/fails accordingly based on the information I input from the
command line. But from what I've been able to discern, I may have an issue
w/ sendmail talking properly w/ the SASL libs based on the log message. When
trying to test the account from Outlook 2K3 on the LAN (I haven't even began
the 'fun' of connecting my business partnets remotely via POP/Dovecot -
hopefully that'll all just work after all this) here's the dump to the
/var/log/maillog for the attempted connection with the debug level bumped up
accordingly in the sendmail configuration:

sendmail[16596]: NOQUEUE: connect from [172.16.13.103]
sendmail[16596]: AUTH: available mech=PLAIN LOGIN, allowed mech=LOGIN PLAIN
sendmail[16596]: k0OKTmQm016596: Milter: no active filter
sendmail[16596]: k0OKTmQm016596: --- 220 www.skyymap.net ESMTP Sendmail
8.13.1/8.13.1; Tue, 24 Jan 2006 15:29:48 -0500
sendmail[16596]: k0OKTmQm016596: <-- EHLO gandalf
sendmail[16596]: k0OKTmQm016596: --- 250-www.skyymap.net Hello
[172.16.13.103], pleased to meet you
sendmail[16596]: k0OKTmQm016596: --- 250-ENHANCEDSTATUSCODES
sendmail[16596]: k0OKTmQm016596: --- 250-PIPELINING
sendmail[16596]: k0OKTmQm016596: --- 250-8BITMIME
sendmail[16596]: k0OKTmQm016596: --- 250-SIZE
sendmail[16596]: k0OKTmQm016596: --- 250-DSN
sendmail[16596]: k0OKTmQm016596: --- 250-ETRN
sendmail[16596]: k0OKTmQm016596: --- 250-AUTH LOGIN PLAIN
sendmail[16596]: k0OKTmQm016596: --- 250-STARTTLS
sendmail[16596]: k0OKTmQm016596: --- 250-DELIVERBY
sendmail[16596]: k0OKTmQm016596: --- 250 HELP
sendmail[16596]: k0OKTmQm016596: <-- AUTH LOGIN
sendmail[16596]: k0OKTmQm016596: --- 334 {actual characters removed}
sendmail[16596]: k0OKTmQm016596: --- 334 {actual characters removed}
sendmail[16596]: k0OKTmQm016596: --- 535 5.7.0 authentication failed
sendmail[16596]: k0OKTmQm016596: AUTH failure (LOGIN): no mechanism
available (-4) SASL(-4): no mechanism available: checkpass failed
sendmail[16596]: k0OKTmQm016596: --- 421 4.4.1 www.skyymap.net Lost input
channel from [172.16.13.103]
sendmail[16596]: k0OKTmQm016596: lost input channel from [172.16.13.103] to
MTA after auth
sendmail[16596]: k0OKTmQm016596: [172.16.13.103] did not issue
MAIL/EXPN/VRFY/ETRN during connection to MTA

Again, I've got SASL 'working' correctly for shadow access based on the
testsaslauthd results. From what I'm seeing in the log message, there's an
issue getting everyone to play nicely together like good citizens. Perhaps I
borked something?!?

Anyone have any input? I'm sure that by upon getting this ironed out, I
could handle anything else that rears it's ugly head. Even a further clue
here as to what's going on would be greatly appreciated.

Thanx so much in advance for any/all help, replies and insight....

--
Dok
Skyymap Inc.

"Suppose you were an idiot. And suppose you were a member of Congress. But I
repeat myself..."
-- Mark Twain

More information about the Cyrus-sasl mailing list