AUTH confirmation with SENDMAIL

Michael aixtools at felt.demon.nl
Mon Apr 29 09:11:50 EDT 2019


If you have any experience with configuring SENDMAIL and AUTH - and
willing to share - I'd appreciate some hints.

Just to get things started:

a) I am building sasl and sendmail myself - errors are likely
self-inflicted.

b) when I start sendmail (-OLogLevel=14) I see:

syslog output: date-string... AUTH: available mech=SCRAM-SHA-1
SCRAM-SHA-256 DIGEST-MD5 OTP CRAM-MD5 PLAIN ANONYMOUS, allowed
mech=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5

FYI: no special attention to mechanisms I recall when building SASL (v1.27)

My sendmail.mc file contains:

dnl # FEATURE(genericstable)dnl
dnl # FEATURE(mailertable)dnl
dnl # FEATURE(virtusertable)dnl
dnl # FEATURE(domaintable)dnl
dnl # FEATURE(access_db)dnl
dnl # FEATURE(blacklist_recipients)dnl

dnl ### AUTH CONFIGURATION
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl

The generated sendmail.cf file contains:

root at x066:[/data/prj/aixtools/git/sendmail/sendmail-8.15.2.1/cf/cf]grep
Auth /tmp/sendmail.cf
C{TrustAuthMech}LOGIN PLAIN
O AuthMechanisms=LOGIN PLAIN
# Authentication realm
#O AuthRealm
#O DefaultAuthInfo=/etc/mail/default-auth-info
O AuthOptions=A
#O AuthMaxBits
R$*                     $: $1 $| $>"Local_Relay_Auth" $&{auth_type}
R$* $| $={TrustAuthMech}        $# RELAY

ehlo says:

ehlo x.y.z
250-x066.home.local Hello root at localhost, pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-STARTTLS
250-DELIVERBY
250 HELP
auth
501 5.5.2 AUTH mechanism must be specified
auth PLAIN
504 5.3.3 AUTH mechanism PLAIN not available
AUTH LOGIN
504 5.3.3 AUTH mechanism LOGIN not available
AUTH CRAM-MD5
334 PDEyMzI4NzU5MjEuMTMwMzk1NDZAeDA2Ni5ob21lLmxvY2FsPg==

***

While I do not expect to run as "PLAIN", I am using these values to
verify my understanding of the setup. Suggestions on how to activate
PLAIN/LOGIN are welcome!

Michael



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20190429/cd398b52/attachment.sig>


More information about the Cyrus-sasl mailing list