Sendmail authentication fails using SASL2
Scott Likens
damm at yazzy.org
Tue Jul 15 23:47:11 EDT 2008
Simple test,
telnet localhost 25
ehlo whatever
which plugins do you see listed, LOGIN? PLAIN? CRAM-MD5? DIGEST-MD5
NTLM?
Verify you are using the proper mech, and verify your sendmail is
setup for authentication properly, perhaps post your MC that you have
for Sendmail?
On Jul 15, 2008, at 6:58 PM, RescuNET.com wrote:
> I'm using openssl, saslauthd and sendmail as installed during a
> recent CentOS5 upgrade. I've verified that sendmail was compiled
> with SASLv2 and STARTTLS support. I configured TLS certs and had
> them signed by cacert.org... I configured sendmail to use them.
>
> # cat /usr/lib/sasl2/Sendmail.conf
> pwcheck_method:saslauthd
> mech_list:login plain
> saslauthd_path:/var/run/saslauthd/
>
> # cat /etc/sysconfig/saslauthd
> SOCKETDIR=/var/run/saslauthd
> MECH=shadow
>
> I verified that saslauthd can authenticate against the /etc/shadow
> using testsaslauthd:
> [root at dal-rh03 mail]# testsaslauthd -u test -p xxxx1234
> 0: OK "Success."
>
> I start saslauthd in debug mode with:
> saslauthd -m /var/run/saslauthd -a shadow -d
>
> MUA with TLS support initiates a connection and receives the server
> certificate correctly. Then the password is sent...
>
> Sendmail throws:
> sendmail[12605]: m6FJ5aUj012605: AUTH failure (LOGIN): generic
> failure (-1) SASL(-1): generic failure: checkpass failed
>
> There's no output from saslauthd that sendmail even made a connection.
>
> I've beat my head against a wall and Google for 2 weeks in every
> direction and I cannot find any configuration problems. I'm also at
> the extent of my knowledge debugging sasl2. How can I trace the
> connection between sendmail and saslauthd?
> !DSPAM:487d5c0582341804284693!
More information about the Cyrus-sasl
mailing list