Thanks for the detailed response, Alexander.
Alexander Dalloz wrote:
/usr/lib/sasl2/Sendmail.conf says:
#pwcheck_method: saslauthd
pwcheck_method: shadow
mech_list: PLAIN CRAM-MD5 DIGEST-MD5
2 faults: a) with SASLv2 you can't use pwcheck_method shadow! It has
either to be saslauthd or auxprop. b) using saslauthd you can't use
shared secret mechs (CRAM-MD5 / DIGEST-MD5).
Thanks, I fixed these, although it didn't help.
I tried running saslauthd in debug mode but it printed out nothing
when I invoked Sendmail.
sendmail.mc contains:
define(`confAUTH_MECHANISMS',`LOGIN PLAIN DIGEST-MD5')
define(`confAUTH_OPTIONS',`y,p,a')
You know what these parameters mean? If not please see in Sendmail's
op.me doc file. You specify "y" which means that LOGIN and PLAIN will
only be offered when a trusted connection is established: STARTTLS or
SMTPS. As said before, offering DIGEST-MD5 is useless if you run (or
need to run) saslauthd, because your auth credentials are stored in
the shadow file.
Good point (though as it turns out the option in question is p, not y).
Unfortunately I am having a problem with the op.me file. It crashes my
Ghostscript, and when I do a text search for AUTH_OPTIONS (or even just
OPTIONS), in either the nroff output or the nroff source, I come up empty.
TRUST_AUTH_MECH(`LOGIN DIGEST-MD5 PLAIN')
Your mech list in sendmail.mc does not match the list in
Sendmail.conf, that is not good. Here because Sendmail now offers
LOGIN while the SASL setup by Sendmail.conf does not list LOGIN as a
possible mech. An attempt to use LOGIN will fail.
Ah, ok. Fixed (still fails). Now all three of the mechanism lists say
LOGIN PLAIN.
BUT -- I changed the "a" to "A" and it works now! I can relay
messages! Wonderful! Thanks so much for your help.
--
# __ __ Eric Ewanco
# IC | XC eje@xxxxxxxxxx
# ---+--- http://www.ewanco.com/~eje
# NI | KA Shrewsbury, MA; USA
