Sendmail authentication fails using SASL2
RescuNET.com
rescunet at gmail.com
Tue Jul 15 21:58:20 EDT 2008
I'm using openssl, saslauthd and sendmail as installed during a recent
CentOS5 upgrade. I've verified that sendmail was compiled with SASLv2 and
STARTTLS support. I configured TLS certs and had them signed by
cacert.org... I configured sendmail to use them.
# cat /usr/lib/sasl2/Sendmail.conf
pwcheck_method:saslauthd
mech_list:login plain
saslauthd_path:/var/run/saslauthd/
# cat /etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
MECH=shadow
I verified that saslauthd can authenticate against the /etc/shadow using
testsaslauthd:
[root at dal-rh03 mail]# testsaslauthd -u test -p xxxx1234
0: OK "Success."
I start saslauthd in debug mode with:
saslauthd -m /var/run/saslauthd -a shadow -d
MUA with TLS support initiates a connection and receives the server
certificate correctly. Then the password is sent...
Sendmail throws:
sendmail[12605]: m6FJ5aUj012605: AUTH failure (LOGIN): generic failure (-1)
SASL(-1): generic failure: checkpass failed
There's no output from saslauthd that sendmail even made a connection.
I've beat my head against a wall and Google for 2 weeks in every direction
and I cannot find any configuration problems. I'm also at the extent of my
knowledge debugging sasl2. How can I trace the connection between sendmail
and saslauthd?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.andrew.cmu.edu/mailman/private/cyrus-sasl/attachments/20080715/ef085880/attachment.html
More information about the Cyrus-sasl
mailing list