On Sat, 2004-07-24 at 11:07, Alexander Dalloz wrote:
> Am Sa, den 24.07.2004 schrieb Jonathan T. Steadman um 3:15:
>
> > I have created a certificate so that I would be able to send passwords
> > securely, but now my problem is actually sending the password, right now
> > the user is asked to accept certificate which is wonderful, but my
> > server is not requiring users to use a user name and password (actually
> > it doesn't work if you try user name and password) to relay mail, I want
> > it to, I read up on it a little and thought it was because of AUTH_MECH
> > options, but I changed them to LOGIN and PLAIN so that PAM could deal
> > with them, (yes I did specify in ~/sasl2/sendmail.conf that pwcheck was
>
> Hope you just didn't take enough care when posting here. It must be
> /usr/lib/sasl2/Sendmail.conf - ~ stands for $HOME and the sasl2 files
> don't have to be there anywhere - and as you see Sendmail.conf starts
> with a capital S.
>
> > to be done with pam) do I somehow have to specify password file or
> > something? I have authentication for pop3 server working with
> > PAM/Dovecot but that is a whole other story. Anyways all of what I
> > considered important values for what I want are listed below. anyways
> > sorry about all my many send mail questions/issues, I am hoping this
> > really will be the last of them, I guess they (thankfully) have many
> > hoops to jump through in sendmail to help fight spammers.
>
> A bit hard to say what's going on with your Sendmail from the given
> information. Did you first check that SMTP AUTH works without using
> STARTTLS? Do so by telneting on port 25. Have a close look at the
> maillog and maybe increase the log level to 15. If SMTP AUTH works
> without a previously established encryption then you know that your
> STARTTLS does not work. It will be then certainly that you certificates
> are not proper.
>
> > define(`confAUTH_OPTIONS', `A p')dnl
> > TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
> > define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
> > define(`confCACERT_PATH',`/usr/share/ssl/certs')
> > define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
> > define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> > define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
> > define(`confTO_IDENT', `0')dnl
>
> Looks ok so far.
>
> Alexander
>
ok then, I went back a step and got rid of STARTTLS, and authentication
still does not take place, it works if I on mail client I dont check
user name and password required for outgoing, but if i do check it, it
does not work, unless of course my password would be different from
login ect. which I can't see the point of that. This is what my
sendmail.mc file looks like(at the bottom) I did a telnet on myself, and
then ehlo localhost, and got 250-AUTH LOGIN PLAIN which is good as far
as I can tell from readings I have done. I did have to change this:
define(`confAUTH_OPTIONS', `A p')dnl
to this:
define(`confAUTH_OPTIONS', `A')dnl
because when I did a telnet on port 25 with the former i turned up
nothing for AUTH. Anyways am truly sorry for just throwing out my whole
sendmail.mc file at you guys, but I tried to narrow it down the first
time with out anything wrong found that could be causing AUTH not to be
required.
I just found out to while writing this, that this file can't be
found (/etc/mail/userdb.db) I decided to see if all the files that were
specified below actually existed, and this one didnt. Could this be a
problem or is this normal?
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS',
`authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
