[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

sendmail + sasl + ldap

To: misc@openbsd.org
Subject: sendmail + sasl + ldap
From: Francisco de Borja López Río <wubsd@e-shell.org>
Date: Mon, 9 Feb 2004 12:50:01 +0100
Organization: codigo23 S.L.

I'm trying to set up a mail server that authenticates users against a 
central authenticacion host (OpenLDAP). The user's info is stored in the
OpenLDAP server:

# ldapsearch -LL -H ldap://192.168.23.101 -b"dc=transportesjoti,dc=com" -x "(uid=joti)"
version: 1

dn: uid=joti,ou=People,dc=transportesjoti,dc=com
uid: joti
cn:: am90aSA=
sn:: am90aSA=
mail: joti@transportesjoti.com
mailRoutingAddress: joti@mail.transportesjoti.com
mailHost: mail.transportesjoti.com
objectClass: inetLocalMailRecipient
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
shadowLastChange: 12442
loginShell: /bin/bash
uidNumber: 1000
gidNumber: 100
homeDirectory: /home/joti


The OpenLDAP server is a linux one, and the mail server is a OpenBSD 3.4 -stable one.

I have set up sendmail to work with cyrus-sasl:

# sendmail -d0.1 -bv root | grep SASL
                NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SASLv2 

# cat /usr/local/lib/sasl2/Sendmail.conf                                                                                        pwcheck_method: saslauthd
mech_list: plain

and i have set up saslauthd with LDAP support:

# cat /etc/saslauthd.conf
ldap_servers: ldap://optimus.transportesjoti.com/
ldap_search_base: ou=People,dc=transportesjoti,dc=com 
ldap_auth_method: userPassword

saslauthd works fine, or testsaslauthd say so, but if i connect to mail 
servers' port 25:

# telnet localhost 25
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 [ ESMTP Transportes JOTI mail server ] - [ mail.transportesjoti.com ]
Feb  9 12:40:55 snarl sm-mta[4170]: AUTH warning: no mechanisms


and i can see in /var/log/maillog:

Feb  9 12:40:55 snarl sm-mta[4170]: NOQUEUE: connect from localhost.transportesjoti.com [127.0.0.1]
Feb  9 12:40:55 snarl sm-mta[4170]: AUTH warning: no mechanisms
Feb  9 12:40:55 snarl sm-mta[4170]: AUTH warning: no mechanisms
Feb  9 12:40:55 snarl sm-mta[4170]: i19BetLi004170: Milter: no active filter


That AUTH warning: no mechanisms line show me that sasl is not working:

ehlo localhost
250-snarl.transportesjoti.com Hello localhost.transportesjoti.com [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE 5242880
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP


I have googled, search in cyrus mailings and so on and i could not 
find an answer, perhaps someone here have a similar problem or could 
point me in the right direction...

Follow-Ups:
- Re: sendmail + sasl + ldap
  - From: Dennis Schoen <ds@1d10t.de>
- Re: sendmail + sasl + ldap
  - From: Waldemar Brodkorb <wbx@luusa.org>
- Re: sendmail + sasl + ldap
  - From: "J.C. Roberts" <unknown@abac.com>

Prev by Date: Back to Ed White's RFC#14 (openssh keysize)
Next by Date: Re: sendmail + sasl + ldap
Prev by thread: Back to Ed White's RFC#14 (openssh keysize)
Next by thread: Re: sendmail + sasl + ldap
Index(es):
- Date
- Thread