Re: [CentOS] Sendmail not presenting AUTH option after EHLO

Tue, 08 Oct 2013 22:56:58 -0700 

Am 08.10.2013 23:50, schrieb Chris Boyd:
> Hello folks,
> 
> I have a CentOS 6.4 installation running Sendmail, and after some serious 
> hair tear stare and compare I'm a bit stumped.  When I connect to the server 
> either with telnet or SSL, sendmail is not presenting the AUTH  capability 
> after an EHLO.  Everything looks like it should be working, but no amount of 
> tweaking is getting the AUTH capability advertised (and it doesn't work if 
> you just try it anyway).
> 
> Here's the config bits from sendmail.mc--
> 
>       define(`confAUTH_OPTIONS', `A p')dnl
>       define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 
> LOGIN PLAIN')dnl
>       TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

General advise: only offer those mechanisms your SASL backend can
provide. As you are using saslauthd the shared secret mechanisms do not
work.

> Note:  Also tried
>       define(`confAUTH_OPTIONS', `A')dnl
>       define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
>       TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
> just to keep things simple.
> 
> saslauthd is running, and configured--/etc/sysconfig/saslauthd 
> 
>       SOCKETDIR=/var/run/saslauthd
>       MECH=pam
>       FLAGS=
> 
> 
> /etc/sasl2/Sendmail.conf contains--
>       pwcheck_method:saslauthd
> 
> 
> /etc/pam.d/smtp contains--
>       #%PAM-1.0
>       auth       include      password-auth
>       account    include      password-auth
> 
> 
> But when I do "openssl s_client -starttls smtp -connect localhost:587" I 
> don't get any AUTH capability--
> 
> ehlo localhost
> 250-pennzoil.gizmopartners.com Hello localhost [127.0.0.1], pleased to meet 
> you
> 250-ENHANCEDSTATUSCODES
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE
> 250-DSN
> 250-DELIVERBY
> 250 HELP
> quit
> 
> 
> All the certs are built, and if I connect via telnet, the server does 
> advertise STARTTLS.
> 
> So anyone able to point out the obvious or not so obvious config mistakes?

I see no mistake. Make sure you have the sendmail-cf package installed,
else the .cf files can't be rebuild based on modified .mc files. Make
too sure that you have the necessary cyrus-* packages installed.

Regards

Alexander


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Reply via email to