Also,
The 'smtptest' app is a good tool for testing authentication
(part of cyrus imapd).
Also, if you haven't already, check our your auth.log in addition
to your syslog/messages log.
I don't know if it's against syntax, but I haven't seen entries
like this without a space before:
pwcheck_method:saslauthd
I put a space after the colon:
pwcheck_method: saslauthd
- Dan
Scott Likens wrote:
Simple test,
telnet localhost 25
ehlo whatever
which plugins do you see listed, LOGIN? PLAIN? CRAM-MD5? DIGEST-MD5 NTLM?
Verify you are using the proper mech, and verify your sendmail is setup
for authentication properly, perhaps post your MC that you have for
Sendmail?
On Jul 15, 2008, at 6:58 PM, RescuNET.com wrote:
I'm using openssl, saslauthd and sendmail as installed during a recent
CentOS5 upgrade. I've verified that sendmail was compiled with SASLv2
and STARTTLS support. I configured TLS certs and had them signed by
cacert.org... I configured sendmail to use them.
# cat /usr/lib/sasl2/Sendmail.conf
pwcheck_method:saslauthd
mech_list:login plain
saslauthd_path:/var/run/saslauthd/
# cat /etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
MECH=shadow
I verified that saslauthd can authenticate against the /etc/shadow
using testsaslauthd:
[root@dal-rh03 mail]# testsaslauthd -u test -p xxxx1234
0: OK "Success."
I start saslauthd in debug mode with:
saslauthd -m /var/run/saslauthd -a shadow -d
MUA with TLS support initiates a connection and receives the server
certificate correctly. Then the password is sent...
Sendmail throws:
sendmail[12605]: m6FJ5aUj012605: AUTH failure (LOGIN): generic failure
(-1) SASL(-1): generic failure: checkpass failed
There's no output from saslauthd that sendmail even made a connection.
I've beat my head against a wall and Google for 2 weeks in every
direction and I cannot find any configuration problems. I'm also at
the extent of my knowledge debugging sasl2. How can I trace the
connection between sendmail and saslauthd?
!DSPAM:487d5c0582341804284693!
