sendmail not authenticating

Dan White dwhite at olp.net
Tue Jun 17 10:01:24 EDT 2014 

On 06/17/14 11:30 +0100, Michael Grant wrote:
>On Tue, Jun 17, 2014 at 3:04 AM, Vijay Sarvepalli wrote:
>
>> Hello Michael,
>>
>> This is usually a permissions issue.  Have you checked where saslauthd is
>> running as a UNIX socket - the permissions are world readable/writeable?
>> Check the permissions of
>> (typical location)
>> /var/run/saslauthd/
>> /var/run/saslauthd/mux.socket
>>
>> If not, you can turn on debugging in Sendmail and then see the errors
>> either in mismatched of allowed protocols. "-O loglevel=14" when you run
>> sendmail should be sufficient.
>>
>>
>Thanks Vijay, still having problems.  I tried chmodding /var/run/saslauthd
>to 777 but it didn't help.  When raising the log level to 14, here's what I
>see in the log:

Also see syslog (auth facility).

>Jun 17 04:53:28 strange sm-mta[8152]: NOQUEUE: connect from
>host-X-X-X-X.rangeX-X.btcentralplus.com [1.2.3.4]
>Jun 17 04:53:28 strange sm-mta[8152]: AUTH: available mech=LOGIN PLAIN,
>allowed mech=EXTERNAL LOGIN PLAIN
>Jun 17 04:53:34 strange sm-mta[8152]: STARTTLS=server, relay=
>host-X-X-X-X.rangeX-X.btcentralplus.com [1.2.3.4], version=TLSv1/SSLv3,
>verify=NOT, cipher=DHE-RSA-AES128-SHA, bits=128/128
>Jun 17 04:53:34 strange sm-mta[8152]: STARTTLS=server, cert-subject=,
>cert-issuer=, verifymsg=ok
>Jun 17 04:53:34 strange sm-mta[8152]: AUTH: available mech=LOGIN PLAIN,
>allowed mech=EXTERNAL LOGIN PLAIN
>Jun 17 04:53:34 strange sm-mta[8152]: s5H8rS5Y008152: AUTH failure (PLAIN):
>generic failure (-1) SASL(-1): generic failure: Password verification
>failed, relay=host-X-X-X-X.rangeX-X.btcentralplus.com [1.2.3.4]
>Jun 17 04:53:34 strange sm-mta[8152]: s5H8rS5Y008152: AUTH failure (LOGIN):
>generic failure (-1) SASL(-1): generic failure: checkpass failed, relay=
>host-X-X-X-X.rangeX-X.btcentralplus.com [1.2.3.4]
>
>I tried reducing the methods to just LOGIN and PLAIN.  I also added some
>other lines to the Sendmail.conf.2 file:
>
>pwcheck_method:saslauthd
>mech_list: login plain
>saslauthd_path: /var/run/saslauthd

This should include the trailing /mux file. See:

http://www.cyrussasl.org/docs/cyrus-sasl/2.1.25/options.php

>allowplaintext: 1
>
>sendmail is just not even trying to talk to saslauthd.  Am I missing a
>library or something?

Being linked against the libsasl2 glue library should be all that's needed
for communication with saslauthd.

-- 
Dan White

More information about the Cyrus-sasl mailing list