I'm using openssl, saslauthd and sendmail as installed during a
recent CentOS5 upgrade. I've verified that sendmail was
compiled with SASLv2 and STARTTLS support. I configured TLS certs and
had them signed by cacert.org... I configured sendmail to use them.
# cat /usr/lib/sasl2/Sendmail.conf
pwcheck_method:saslauthd
mech_list:login plain
saslauthd_path:/var/run/saslauthd/
# cat /etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
MECH=shadow
I verified that saslauthd can authenticate against the /etc/shadow using testsaslauthd:
[root@dal-rh03 mail]# testsaslauthd -u test -p xxxx1234
0: OK "Success."
I start saslauthd in debug mode with:
saslauthd -m /var/run/saslauthd -a shadow -d
MUA with TLS support initiates a connection and receives the server certificate correctly. Then the password is sent...
Sendmail throws:
sendmail[12605]: m6FJ5aUj012605: AUTH failure (LOGIN): generic failure (-1) SASL(-1): generic failure: checkpass failed
There's no output from saslauthd that sendmail even made a connection.
I've beat my head against a wall and Google for 2 weeks in every direction and I cannot find any configuration problems. I'm also at the extent of my knowledge debugging sasl2. How can I trace the connection between sendmail and saslauthd?
# cat /usr/lib/sasl2/Sendmail.conf
pwcheck_method:saslauthd
mech_list:login plain
saslauthd_path:/var/run/saslauthd/
# cat /etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
MECH=shadow
I verified that saslauthd can authenticate against the /etc/shadow using testsaslauthd:
[root@dal-rh03 mail]# testsaslauthd -u test -p xxxx1234
0: OK "Success."
I start saslauthd in debug mode with:
saslauthd -m /var/run/saslauthd -a shadow -d
MUA with TLS support initiates a connection and receives the server certificate correctly. Then the password is sent...
Sendmail throws:
sendmail[12605]: m6FJ5aUj012605: AUTH failure (LOGIN): generic failure (-1) SASL(-1): generic failure: checkpass failed
There's no output from saslauthd that sendmail even made a connection.
I've beat my head against a wall and Google for 2 weeks in every direction and I cannot find any configuration problems. I'm also at the extent of my knowledge debugging sasl2. How can I trace the connection between sendmail and saslauthd?
