Re: sendmail auth

[david l goodrich <dlg@dorkzilla.org>]

On Monday, June 16, 2003, at 02:30  am, Andrew Basterfield wrote:

> Hi
>
> I am trying to set up sendmail+sasl2 for smtp relaying auth. I wish to 
> use
> plaintext auth against the BSD passwd database (as SMTP will be over 
> SSL).
>
> I have compiled sendmail with SASL by installing sasl2 from ports and
> rebuilt sendmail with WANT_SMTPAUTH=y. In 
> /usr/local/lib/sasl2/Sendmail.conf
> I have 'pwcheck_method: passwd'. In my sendmail m4 I have
>
>   define(ConfAUTH_MECHANISMS',PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI
> KERBEROS_V4')dnl
>   TRUST_AUTH_MECH('PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI 
> KERBEROS_V4')dnl
>
> so I can telnet into port 25
>
>   ehlo localhost
>   [...]
>   250-AUTH GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
>
> when I try to connect I get...
>
>   # cat /var/log/authlog
>   Jun 16 06:14:40 snigger sm-mta[19496]: no user in db
>   Jun 16 06:14:40 snigger sm-mta[19496]: no user in db
>   Jun 16 06:14:40 snigger sm-mta[19496]: no secret in database
>
> Sniffing the connection it seems it is trying to do CRAM-MD. How do I 
> force
> it to do plaintext?

if you're telnet'ing into the machine's port 25, it doesn't do anything 
until you send it a line like AUTH CRAM-MD5 ... so either you're typing 
that into the mail server via telnet, in which case we can't help you; 
or you're using a mail client, which should be easily re-configured.


>
> any suggestions welcome
>
> --Andrew
>
>
> --
> If at first you don't succeed, destroy all evidence that you tried.
>
> [demime 0.98d removed an attachment of type application/pgp-signature]

[demime 0.98d removed an attachment of type application/pgp-signature which had a name of PGP.sig]