Am Do, den 01.12.2005 schrieb Hongwei Li um 20:45: > >> Dec 1 10:07:52 morpheus sendmail[26602]: AUTH: available mech=CRAM-MD5 > >> DIGEST-MD5, allowed mech=LOGIN PLAIN > > > > That does not look correct. The both MD5 mechs shouldn't been listed due > > to your configuration. > > -- where sohuld I change? I checked sendmail.mc, but could not find which > line to change. No, your sendmail.mc changes were correct, following the tutorial on the website I gave you the URL of. At least if you didn't just append the settings at the bottom but made the changes inline, where you found commented entries. > Below is what I did and got. > > # telnet morpheus.wustl.edu 25 Trying 128.252.85.129... > Connected to morpheus.wustl.edu (128.252.85.129). Escape character is '^]'. > 220 morpheus.wustl.edu ESMTP Sendmail 8.13.1/8.13.1; Thu, 1 Dec 2005 11:38:28 > -0600 > ehlo foo.bar > 250-morpheus.wustl.edu Hello morpheus.wustl.edu [128.252.85.129], pleased to > meet you > 250-ENHANCEDSTATUSCODES > 250-PIPELINING > 250-8BITMIME > 250-SIZE > 250-DSN > 250-ETRN > 250-STARTTLS > 250-DELIVERBY > 250 HELP > quit > 221 2.0.0 morpheus.wustl.edu closing connection > Connection closed by foreign host. That is exactly what is to be expected: STARTTLS is offered, but no AUTH - just because you told Sendmail to only offer LOGIN and PLAIN AUTH mechs when the connection is safe (=encrypted). > # openssl s_client -connect morpheus.wustl.edu:25 -starttls smtp > CONNECTED(00000003) [ certificate data stripped ] > Verify return code: 18 (self signed certificate) > --- > 220 morpheus.wustl.edu ESMTP Sendmail 8.13.1/8.13.1; Thu, 1 Dec 2005 11:41:29 > -0600 Good up to this point. The STARTTLS session was successfully established and Sendmail greats you. > ehlo foo.bar > 250-morpheus.wustl.edu Hello morpheus.wustl.edu [128.252.85.129], pleased to > meet you > 250-ENHANCEDSTATUSCODES > 250-PIPELINING > 250-8BITMIME > 250-SIZE > 250-DSN > 250-ETRN > 250-AUTH LOGIN PLAIN Now with the encrypted connection Sendmail allows you to AUTH using either LOGIN or PLAIN. > 250-DELIVERBY > 250 HELP > quit > 221 2.0.0 morpheus.wustl.edu closing connection > closed > # > > I cleaned SSL cache, cookies, etc. restart Outlook / OE, test it on 3 > different computers, still got the same error. > > Also, when I try OE, the error message is: > > Unable to establish SSL connection with the server. Account "morpheus", > Server: "morpheus.wustl.edu', Protocol: SMTP, Server Response: '454 TLS not > available due to temporary reason', Port: 25, Secure(SSL): Yes, Server Error: > 454, Error Number: 0x800CCC7F I would be it is a client problem. To evaluate simply go on with testing where you stopped. > Hongwei When you made the hand established TLS connection and then entered "EHLO foo.bar", go on and AUTH yourself. To do this you need to base64 encode your username and password. You can do this with a Perl 1-liner: perl -MMIME::Base64 -e 'print encode_base64("user\0user\0password");' That will print out a string which you have to enter following way (after initial EHLO): AUTH PLAIN dXNlcgB1c2VyAHBhc3N3b3Jk That must be answered by Sendmail with a authentication success message. If you hand auth using LOGIN, you enter "AUTH LOGIN", will get back a base64 string which decodes as the question which user shall auth, you enter the base64 encoded username, then Sendmail will ask in base64 form for your password, which you have to enter too in base64 encoding. Finally a success message must follow. I am sure these test will be successful as the initial test trying to establish a STARTTLS session already was successful. So your problem is client based. Check for firewalling and anti-virus scanners (outbound mail scanning), as I told you before. The issue (especially Norton's thing) is well known and an ongoing pain. You will find many hits and references to this through google. I.e. http://www.cs.wisc.edu/csl/old-doc/info/smtp-auth/ If you face other cryptic OE error codes, use google too or directly go to http://support.microsoft.com/default.aspx?scid=kb;en-us;208814 Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 21:03:53 up 33 days, 19:04, load average: 0.15, 0.23, 0.25
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil