Am Mi, den 14.07.2004 schrieb James Kosin um 22:17: > | http://sial.org/howto/sendmail/tls-relay/ > Thanks, that is now taken care of...... > It was a great source of information about certificates and such. Good that it helped. Yes, it is a nicely written documentation. > Now I have a new error... > I've included the logfile results here... > I did add a user using saslpasswd, if that is what may have been needed; > but, still the same results.. > Any Ideas on this one? I have a question: Do you want to authenticate against a sasldb? That file is created as /etc/sasldb by running saslpasswd and should have chmod 600 and chown root:root. It is your decision whether you want to use system users or a decent database with auth data and mail users independent from the system. By default Sendmail on Fedora is configured to AUTH against the /etc/shadow by using the saslauthd. If you really want to use a sasl database I would recommend to use SASL version 2 instead of 1 and that means using saslpasswd2 which manages an /etc/sasldb2 database file. You will too have to set the content of /usr/lib/sasl2/Sendmail.conf to pwcheck_method:sasldb2. In case you simply want to use system users leave the Sendmail.conf file as it is and take care the saslauthd is running (service saslauthd start; chkconfig saslauthd on). > Thanks, > James > (CRAM-MD5): user not found (-20) SASL(-13): user not found: no secret in > database > authentication failed > Jul 14 15:25:31 beta sendmail[25566]: i6EJPDgV025566: AUTH failure > (LOGIN): no mechanism available (-4) SASL(-4): no mechanism available: > checkpass failed 2 different errors, maybe you switched your setup between them. See my above explanations and adjust your setup. I am sure SMTP AUTH is working then immediately. I cannot see a STARTTLS (certificate) error. The pasted log shows nicely well working TLS: relay=james.support.intcomgrp.com [192.168.10.158], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 Just as a warning: change your username and password immediately. You posted AUTH data through this list! though it seems to be unreadable data it is not. It is only base64 "encoded". I think it is enough if I tell you that you in one case you used "jkosinjk7619" ;) (Don't want to make it all too easy). While that indicates that the whole session was not TLS secured. Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) Athlon CPU kernel 2.6.6-1.435.2.3.uml Serendipity 23:54:46 up 1 day, 21:37, load average: 1.12, 1.10, 1.23
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
