On 29/04/2019 15:11, Michael wrote: > If you have any experience with configuring SENDMAIL and AUTH - and > willing to share - I'd appreciate some hints. > > Just to get things started: > > a) I am building sasl and sendmail myself - errors are likely > self-inflicted. And the answer is: not enough coffee - so I was blinded to my typo - not using sendmail .... -C /tmp/sendmail.cf, and it kept using, over and over and over, the system sendmail.cf. So, now I am getting "AUTH PLAIN" as an option. My many thanks to the replies - I shall post a short summary of my "encounter" with sendmail+sasl. FYI: I am working on AIX. IBM has apparently decided they do not plan to support AUTH (on AIX), so this been quite the experience. IMHO: the sendmail FAQ (which is very hard to find/access via the portal, I doubt I ever actually managed that) - would need to have added - a reminder - that sendmail ./Build pre-dates GNU autotools - and if there is a DEFINE missing, you must provide it yourself! (HADURANDOMDEV needed to get STARTTLS working) IMHO2: SASL documentation is not easy for a newbie - to find things. Working from defaults, so also an empty Sendmail.conf. I guess my task today is to find howto/whatto add into the ./configure arguments for SASL (as I am confused by the output of syslog re: SASL, compared to output of saslauthd) Apr 30 06:24:12 x066 mail:info sendmail[4194364]: AUTH: available mech=SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 OTP CRAM-MD5 PLAIN ANONYMOUS, allowed ... root@x066:[/]opt/sbin/saslauthd -v saslauthd authentication mechanisms saslauthd 2.1.27 authentication mechanisms: getpwent pam rimap My assumption at this point is that "getpwent" is the mechanism that gets local users. A document I have looked at mentions (at version 2.1.22 time) the mechanisms: getpwent rimap shadow (and places emphasis on shadow) Anyway - long intro (as in as I gather my thoughts). Suggestions on what to read first, then second - would be appreciated. Thanks again for the suggestions on where to look. They all helped! Sincerely, Michael knip > > ehlo says: > > ehlo x.y.z > 250-x066.home.local Hello root@localhost, pleased to meet you > 250-ENHANCEDSTATUSCODES > 250-PIPELINING > 250-EXPN > 250-VERB > 250-8BITMIME > 250-SIZE > 250-DSN > 250-ETRN > 250-AUTH DIGEST-MD5 CRAM-MD5 > 250-STARTTLS > 250-DELIVERBY > 250 HELP > auth > 501 5.5.2 AUTH mechanism must be specified > auth PLAIN > 504 5.3.3 AUTH mechanism PLAIN not available > AUTH LOGIN > 504 5.3.3 AUTH mechanism LOGIN not available > AUTH CRAM-MD5 > 334 PDEyMzI4NzU5MjEuMTMwMzk1NDZAeDA2Ni5ob21lLmxvY2FsPg== > > *** > > While I do not expect to run as "PLAIN", I am using these values to > verify my understanding of the setup. Suggestions on how to activate > PLAIN/LOGIN are welcome! > > Michael > > >
Attachment:
signature.asc
Description: OpenPGP digital signature
