LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Sendmail _ Cyrus Sasl2 (SMTP Auth) (https://www.linuxquestions.org/questions/linux-server-73/sendmail-_-cyrus-sasl2-smtp-auth-4175490394/)

shuajoh 01-07-2014 01:11 AM
Sendmail _ Cyrus Sasl2 (SMTP Auth)
 
Hello guys,

I'm trying to get SMTP Authentication to work on my el6 server which is running Sendmail. Below are the configs/output from the server.

# sendmail -d0.1
Version 8.14.4
Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
TCPWRAPPERS USERDB USE_LDAP_INIT

sendmail.mc:
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
LOCAL_CONFIG
ESASL_PATH=/usr/lib/sasl2
define(`confENVDEF', `-DSASL')dnl
define(`conf_sendmail_LIBS', `-lsasl')dnl

# cat /etc/sasl2/Sendmail.conf
pwcheck_method: saslauthd
mech_list: LOGIN PLAIN
saslauthd_path: /var/run/saslauthd/

# cat /etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
MECH=pam
FLAGS=

# cat /etc/sasl2/Sendmail.conf
pwcheck_method: saslauthd
mech_list: LOGIN PLAIN
saslauthd_path: /var/run/saslauthd/

# testsaslauthd -u xxxxx -p xxxxxx -s smtp
0: OK "Success."

Here's a log of a failed SMTP Auth

Jan 7 10:03:09 mail sendmail[5322]: NOQUEUE: connect from xxx.xxx.xxx.xxx
Jan 7 10:03:09 mail sendmail[5322]: AUTH: available mech=PLAIN LOGIN, allowed mech=LOGIN PLAIN
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: Milter: no active filter
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 220 xxxxx ESMTP
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: <-- EHLO MUMO
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-xxxxx Hello xxxxx [xxx.xxx.xxx.xxx], pleased to meet you
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-ENHANCEDSTATUSCODES
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-PIPELINING
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-8BITMIME
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-SIZE 54525952
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-DSN
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-AUTH LOGIN PLAIN
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250-DELIVERBY
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 250 HELP
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: <-- AUTH LOGIN
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 334 xxxxx
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 334 xxxxx
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 535 5.7.0 authentication failed
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: AUTH failure (LOGIN): generic failure (-1) SASL(-1): generic failure: checkpass failed, relay=xxxxx [xxx.xxx.xxx.xxx]
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: --- 421 4.4.1 xxxxx Lost input channel from xxxxxxxx [xxx.xxx.xxx.xxx]
Jan 7 10:03:09 mail sendmail[5322]: s07739E6005322: xxxxx [xxx.xxx.xxx.xxx] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA

I'll really appreciate any assistance i can get.

Thanks,
Shuajoh

Rawcous 01-07-2014 10:40 AM
Hello is your Sendmail server configured for an internal network only or does it also relay via an external ISP? If you are relaying mail externally do you need to add an smtp entry. If I remove the smtp.???.??? value from my sendmail server even though I am naturally connected to their broadband line it prevents me relaying mail...

My sendmail.mc file contains:

divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl # /etc/mail/make
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Do not advertize sendmail version.
dnl #
dnl define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
dnl #
dnl # default logging level is 9, you might want to set it higher to
dnl # debug the configuration
dnl #
dnl define(`confLOG_LEVEL', `9')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST', `smtp.isp.com')dnl
dnl #
define(`confDEF_USER_ID', ``8:12'')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl



Regards,

Rawcous

shuajoh 01-08-2014 01:51 AM
Hi Rawcous,

I don't use a smart host on my Sendmail server. All outgoing emails are relayed directly.


thanks,
Shuajoh


All times are GMT -5. The time now is 08:38 PM.