Hi, I'm using sendmail 8.14.4 and Sasl 2.1.23 . Config info # more /etc/sasl2/Sendmail.conf pwcheck_method:saslauthd # egrep -v "^#" /etc/sysconfig/saslauthd SOCKETDIR=/var/run/saslauthd MECH=pam FLAGS=-d # cat /etc/pam.d/smtp #%PAM-1.0 auth include password-auth account include password-auth I'm having an issue when using "AUTH LOGIN" but not in every case. *Port 25: SENDMAIL - 235 2.0.0 OK Authenticated SASLAUTHD - saslauthd[26872] :released accept lock saslauthd[26871] :acquired accept lock saslauthd[26872] :auth success: [user=USER] [service=smtp] [realm=] [mech=pam] saslauthd[26872] :response: OK --- *Port 587: SENDMAIL - 235 2.0.0 OK Authenticated SASLAUTHD - saslauthd[26871] :released accept lock saslauthd[26875] :acquired accept lock saslauthd[26871] :auth success: [user=USER] [service=smtp] [realm=] [mech=pam] saslauthd[26871] :response: OK --- *Port 25 STARTTLS: SENDMAIL (Via openssl s_client -connect) RENEGOTIATING depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = MYSERVERNAME verify return:1 (I HIT RETURN HERE) 535 5.7.0 authentication failed SASLAUTHD- saslauthd[26875] :released accept lock saslauthd[26875] :NULL password received saslauthd[26875] :acquired accept lock --- *Port 465 SENDMAIL - (Via openssl s_client -connect) RENEGOTIATING depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = MYSERVERNAME verify return:1 (I HIT RETURN HERE) 535 5.7.0 authentication failed SASLAUTHD- saslauthd[26875] :released accept lock saslauthd[26874] :acquired accept lock saslauthd[26875] :NULL password received --- *testsaslauthd non existent service - TESTSASLAUTHD - 0: NO "authentication failed" SASLAUTHD- saslauthd[26873] :released accept lock saslauthd[26872] :acquired accept lock saslauthd[26873] :auth failure: [user=USER] [service=nonexistant] [realm=] [mech=pam] [reason=PAM auth error] --- *testsaslauthd smtp service TESTSASLAUTHD - 0: OK "Success." SASLAUTHD - saslauthd[26872] :released accept lock saslauthd[26871] :acquired accept lock saslauthd[26872] :auth success: [user=user] [service=smtp] [realm=] [mech=pam] saslauthd[26872] :response: OK --- I'm not sure why things work fine during plaintext, and then gives ":NULL password received" when it's STARTTLS / SSL. Any pointers to look / tweak / etc? Tnx, Tuc |
