smtp auth + saslauthd + ldap

Chetan Dutta chetan.dutta at tatainfotech.com
Tue Nov 2 08:47:52 EST 2004 

hi!

i just received a reply from redhat tech support, they say that sendmail
linked to sasl1 is not a bug! i wonder why its not? sendmail is linked to
sasl1 but saslauthd is linked to sasl2 ! how can they communicate? redhat
people say that it is required because ldap is linked with sasl1.

anyways i fixed the error by recompiling the sendmail with sasl2, its
working now. so saslauthd was not at fault rather it was sendmail.

thnks for help.

chetan dutta


-----Original Message-----
From: Chetan Dutta [mailto:tata_mail at rediffmail.com]
Sent: Saturday, October 30, 2004 2:59 PM
To: Akshay Kumar
Cc: info-cyrus at lists.andrew.cmu.edu; Joe Rhett
Subject: Re: Re: smtp auth + saslauthd + ldap


hi!

thanks for ur reply, i'm trying it on RedHat enterprise Linux3.0. I also
have a similar setup but saslauthd is't working with sendmail, i tested it
with testsaslauthd its working fine, it is also working fine with
cyrus-imapd, i'm able to authenticate with user id/password stored in ldap.
logs show the following error:
saslauthd  do_request: login exceeded MAX_REQ_LEN:256

while searching on google groups i found a similar post regarding postfix on
redhat, redhat in some version had wrongly linked postfix with sasl-1
libraries, i wonder if its the same problem?

anybody on the list using saslauthd for smtp auth in sendmail on RedHat ?
I even tried using pam as the mech in saslauthd but nothing seems to work.


chetan



On Sat, 30 Oct 2004 Akshay Kumar wrote :
>Sure you can and it makes very good sense to do it, I just set it up and
>we went live today.
>
>This is how my mail server is configured - Sendmail requires SMTP AUTH for
>relaying using SASLv2(plain/login) over TLS, saslauthd uses the ldap
>auth_mech to connect to ldap(bdb backend) which contains the
>authentication information besides other things.
>
>So its not sendmail thats using ldap for authentication(maps are a
>different story). Sendmail uses sasl which in turn uses ldap.
>
>You don't even need to compile sendmail w/ ldap support unless you want to
>store aliases and other maps in ldap. As far as I know postfix is the only
>MTA that supports ldap v3 binds.
>
>For IMAP I am using Cyrus imapd.
>
>My setup is probably an overkill for the 15 users I have but soo far its
>been performing really well and I have had no reason to complain.
>
>At first it was quite some work as I haven't setup mail in 3 years and the
>fact that everything is in a non standard location made compiling on RH9 a
>pain but it was well worth the while.
>
>Best,
>Akshay
>
>On Fri, 29 Oct 2004, Joe Rhett wrote:
>
> > On Thu, Oct 28, 2004 at 01:11:55PM +0530, Chetan Dutta wrote:
> > > has anybody configured sendmail for smtp auth with saslauthd/pwcheck
and
> > > ldap.
> >
> > Which one are you trying?  You can't possibly be doing all three...
> >
> > --
> > Joe Rhett
> > Senior Geek
> > Meer.net
> > ---
> > Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> >





---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list