Sendmail+sasl2+smtpauth didn't work?

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Sun Sep 12 16:14:35 UTC 2004 

Am So, den 12.09.2004 schrieb Michele Ferritto um 17:57:

> I'm trying to setup a box with FC1 to act as MTA-only for a private network 
> trough client authentication,

> My '/usr/lib/sasl2/Sendmail.conf':
> 
> pwcheck_method:auxprop

Add: auxprop_plugin: sasldb

> root at dexter root]# ll /etc/sasldb2
> -rw-r-----  1 smmsp smmsp 12288 12 set 16:31 /etc/sasldb2 (r&w for the mail 
> user)

The permissions are wrong. As the sasldb2 contains the auth data in
plain format the file has only to be readable by root.

$ la /etc/sasldb2
-rw-r-----  1 root root 12288 24. Jan 2004  /etc/sasldb2
(chmod 600 would be sufficient)

The smmsp user is not involved into the process accessing the sasldb2.

> with one user added trough 'saslpasswd2 -c -u dexter -a smtp neuromante':
> 
> [root at dexter root]# sasldblistusers2
> neuromante at dexter: userPassword

So you have to use as username in the mail client "neuromante at dexter"
along with the password. The realm is necessary.

> I've also added a /usr/lib/sasl2 to '/etc/ld.so.conf' first to do a 'ldconfig'

Absolutely unnecessary.

> Trying to send e-mail with auth required (Eudora 6.1.0.6) I see in 
> '/var/log/maillog':
> 
> Sep 12 17:39:25 dexter sendmail[6612]: i8CFdPhH006612: ruleset=check_rcpt, 
> arg1=<destaddress>, relay=michelef [aaa.bbb.ccc.ddd], reject=550 5.7.1 
> <destaddress>... Relaying denied. Proper authentication required.

Shows too less. Increase the Sendmail log level to 15 with following in
the sendmail.mc file:

define(`confLOG_LEVEL', `15')dnl

It will give you much better information for debugging the situation.

> And in '/var/log/messages/':
> 
> Sep 12 17:39:25 dexter sendmail[6612]: no secret in database

I guess because of wrong permissions for the sasldb2.

> Michele Ferritto

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp 
Serendipity 18:04:30 up 13 days, 15:21, load average: 1.00, 0.74, 0.52 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040912/16b844e5/attachment-0002.bin

More information about the users mailing list