RE: SASL and Sendmail
Your line additions/changes to my config file worked! I don't know what the difference was, but I think it was the AUTH_OPTIONS A part. Who knows. My server seems to be working fine now, with LOGIN. Now to see if I can get TLS or CRAM-MD5 working. Thanks to all those that helped me. I really appreciate it. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 -Original Message- From: Chris Sechiatano [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 11:20 AM To: Eric Crist Subject: Re: SASL and Sendmail Here's what I added to my .mc file to get AUTH to finally work. I had to do this to send mail to this list through my SBC DSL SMTP server. sendmail.mc file: -- - FEATURE(`authinfo')dnl FEATURE(`authinfo',`hash -o /etc/mail/authinfo') define(`confAUTH_OPTIONS', `A') define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') authinfo file: -- - AuthInfo:smtp.domain.comU:smtp_username P:smtp_password M:PLAIN Your mileage may vary... On Tue, Jun 29, 2004 at 07:53:54PM -0500, Eric Crist [EMAIL PROTECTED] wrote: How, more specifically, do I enable TLS/SSL in sendmail, and where does the 'p' go? Thanks for your help. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: SASL and Sendmail
The idea behind this is to prevent the all-too common Relaying Denied message when sending a message from a location outside my network. While there are a number of solutions to this, from VPN to using the local SMTP server for where I am, smtp_auth seemed to fit the bill. It allows me to send mail via my server from where ever I happen to be. Now to make this an SSL/TLS connection instead. Thanks again for everyone's help. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 -Original Message- From: 'Chris Sechiatano' [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 5:16 PM To: Eric Crist Subject: Re: SASL and Sendmail the authinfo file is for making sendmail into a auth client. you put your username and password info in that file to authenticate you against a smtp server. this is only for relaying mail through another smtp server. i'm not sure if you want to sendmail to be an auth client or auth server, but those lines are basically what you need in your .mc file. On Wed, Jun 30, 2004 at 04:27:58PM -0500, Eric Crist [EMAIL PROTECTED] wrote: What is the stuff at the end about authinfo? Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 -Original Message- From: Chris Sechiatano [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 11:20 AM To: Eric Crist Subject: Re: SASL and Sendmail Here's what I added to my .mc file to get AUTH to finally work. I had to do this to send mail to this list through my SBC DSL SMTP server. sendmail.mc file: -- - FEATURE(`authinfo')dnl FEATURE(`authinfo',`hash -o /etc/mail/authinfo') define(`confAUTH_OPTIONS', `A') define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') authinfo file: -- - AuthInfo:smtp.domain.comU:smtp_username P:smtp_password M:PLAIN Your mileage may vary... On Tue, Jun 29, 2004 at 07:53:54PM -0500, Eric Crist [EMAIL PROTECTED] wrote: How, more specifically, do I enable TLS/SSL in sendmail, and where does the 'p' go? Thanks for your help. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 -- Chris Sechiatano [EMAIL PROTECTED] www.chris-s.com PGP Key 0x0021EFA0 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SASL and Sendmail
On Tue, 29 Jun 2004, Eric Crist wrote: I've installed SASL(Cyrus) according to the instructions found in the handbook. I've removed all the proper entries in the relay-domains file, but I get the following error message now when I try to send mail: 550 5.7.1 [EMAIL PROTECTED]... Relaying denied. Proper authentication required. What does it say in /var/log/maillog about these attempts? You might need to raise the Sendmail logging level (set LogLevel=14 in /etc/mail/sendmail.cf, restart Sendmail, and try again). Without better information, there's very little anyone can do to help. Cheers Richard -- Richard Stevenson ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: SASL and Sendmail
How, more specifically, do I enable TLS/SSL in sendmail, and where does the 'p' go? Thanks for your help. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 -Original Message- From: Richard Stevenson [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 29, 2004 7:48 PM To: Eric Crist Subject: RE: SASL and Sendmail Hi On Tue, 29 Jun 2004, Eric Crist wrote: Here is output at loglevel 20 on a denied mail: This is your problem: Jun 29 19:09:50 grog sm-mta[4868]: AUTH: available mech=LOGIN PLAIN ANONYMOUS, allowed mech=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 The intersection of (available mech) and (allowed mech) is null. You should probably add PLAIN and LOGIN to the TRUST_AUTH_MECH in your .mc file, regenerate the .cf and restart Sendmail. Those two mechanisms are susceptible to sniffing, so it's probably a good idea to enable STARTTLS in Sendmail as well, and add 'p' to the AuthOptions in your .cf as well. I hope this helps. Cheers Richard -- Richard Stevenson ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
