Sendmail authentication fails using SASL2

Scott Likens damm at yazzy.org
Tue Jul 15 23:47:11 EDT 2008


Simple test,

telnet localhost 25
ehlo whatever

which plugins do you see listed, LOGIN? PLAIN? CRAM-MD5? DIGEST-MD5  
NTLM?

Verify you are using the proper mech, and verify your sendmail is  
setup for authentication properly, perhaps post your MC that you have  
for Sendmail?

On Jul 15, 2008, at 6:58 PM, RescuNET.com wrote:

> I'm using openssl, saslauthd and sendmail as installed during a  
> recent CentOS5 upgrade. I've verified that sendmail was compiled  
> with SASLv2 and STARTTLS support. I configured TLS certs and had  
> them signed by cacert.org... I configured sendmail to use them.
>
> # cat /usr/lib/sasl2/Sendmail.conf
> pwcheck_method:saslauthd
> mech_list:login plain
> saslauthd_path:/var/run/saslauthd/
>
> # cat /etc/sysconfig/saslauthd
> SOCKETDIR=/var/run/saslauthd
> MECH=shadow
>
> I verified that saslauthd can authenticate against the /etc/shadow  
> using testsaslauthd:
> [root at dal-rh03 mail]# testsaslauthd -u test -p xxxx1234
> 0: OK "Success."
>
> I start saslauthd in debug mode with:
> saslauthd -m /var/run/saslauthd -a shadow -d
>
> MUA with TLS support initiates a connection and receives the server  
> certificate correctly. Then the password is sent...
>
> Sendmail throws:
> sendmail[12605]: m6FJ5aUj012605: AUTH failure (LOGIN): generic  
> failure (-1) SASL(-1): generic failure: checkpass failed
>
> There's no output from saslauthd that sendmail even made a connection.
>
> I've beat my head against a wall and Google for 2 weeks in every  
> direction and I cannot find any configuration problems. I'm also at  
> the extent of my knowledge debugging sasl2. How can I trace the  
> connection between sendmail and saslauthd?
> !DSPAM:487d5c0582341804284693!



More information about the Cyrus-sasl mailing list