sendmail SMTP-AUTH

Tony Berth tonyberth at googlemail.com
Wed Sep 17 11:09:43 CEST 2008 

On Mon, Sep 15, 2008 at 11:48 AM, Tony Berth <tonyberth at googlemail.com>wrote:

>
> On Fri, Sep 12, 2008 at 5:02 PM, Justin Krejci <jus at krytosvirus.com>wrote:
>
>>  I am not a sendmail admin and generally try to avoid it where possible
>> so I am not sure about the configuration file needs but you should be able
>> to connect to the mail server and issue the ehlo command to see if it is
>> active in your current running binary. After re-compiling and installing you
>> will of course have to restart sendmail so it loads the newly made binary
>> executable.
>>
>>
>>
>> To check using telnet
>>
>>
>>
>> *telnet IPADDRESS 25*
>>
>> 220 your.hostname.here ESMTP Sendmail
>>
>> *ehlo f*
>>
>>
>>
>> Once you issue the "ehlo" command it should give you the output similar to
>> this
>>
>>
>>
>> 250-your.mailserver.name Hello youraddress, pleased to meet you
>>
>> 250-ENHANCEDSTATUSCODES
>>
>> 250-PIPELINING
>>
>> 250-8BITMIME
>>
>> 250-SIZE
>>
>> 250-DSN
>>
>> 250-ETRN
>>
>> 250-AUTH LOGIN PLAIN
>>
>> 250-DELIVERBY
>>
>> 250 HELP
>>
>>
>>
>> There may be more or less stuff than this but the key you are looking for
>> is the *AUTH LOGIN PLAIN*. It may show up with other things like CRAM-MD5
>> on the same line.
>>
>>
>>  ------------------------------
>>
>> *From:* openbsd-newbies-bounces at sfobug.org [mailto:
>> openbsd-newbies-bounces at sfobug.org] *On Behalf Of *Tony Berth
>> *Sent:* Friday, September 12, 2008 8:56 AM
>> *To:* Woodchuck
>> *Cc:* openbsd-newbies at sfobug.org
>> *Subject:* Re: sendmail SMTP-AUTH
>>
>>
>>
>> On Thu, Sep 11, 2008 at 8:20 PM, Woodchuck <marmot at pennswoods.net> wrote:
>>
>>  On Thu, 11 Sep 2008, Tony Berth wrote:
>>
>> > > Re-compiling sendmail probably translates to
>> > >        # cd /usr/src/gnu/usr.sbin/sendmail
>> > >        # make clean
>> > >        # make obj
>> > >        # make
>> > >        # make install
>> > >
>> >
>>
>> > I did create mk.conf but sendmail is located in:
>> >
>> > /usr/src/gnu/usr.sbin/sendmail
>>
>> Yes.  This is for the whole sendmail suite of pgms.
>>
>> As I suggested :-)
>>
>>
>> > or
>> > /usr/src/gnu/usr.sbin/sendmail/sendmail
>>
>> No
>>
>>
>> > or
>> > /usr/src/usr.bin/file/magdir/sendmail
>>
>> No.
>>
>>
>> > The first is the correct one?
>>
>> Yes.
>>
>>
>> Dave
>> --
>>        Are there no natural enemies to limit the increase of these
>>        creatures?              -- Sherlock Holmes
>> _______________________________________________
>> Openbsd-newbies mailing list
>> Openbsd-newbies at sfobug.org
>> http://mailman.theapt.org/listinfo/openbsd-newbies
>>
>>
>> up to now everything worked fine. I did recompile and no errors showed up!
>>
>> Now, how do I verify that SMTP-AUTH capability is included? Any conf file
>> I should look into?
>>
>> Thanks
>>
>
>
> After applying the suggested steps, copying over my modified cf file (as it
> was with some customizations before recompiling sendmail!) and re-starting
> sendmail, my my telnet output displays:
>
> 250-ENHANCEDSTATUSCODES
> 250-PIPELINING
> 250-8BITMIME
> 250-SIZE
> 250-DSN
> 250-ETRN
> 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5
> 250-STARTTLS
> 250-DELIVERBY
> 250 HELP
>
> I think the above shows that I'm on track?
>
> Thanks
>
>
some more questions now regarding how SMTP-AUTH works!

Currently I have dovecot as IMAP server installed and when retrieving
e-mails from KMail everything works just fine. Now, after recompiling
sendmail with SMTP-AUTH I did search for kind of a tutorial to make all that
work with a MUA - in my case KMail but didn't find any!

When I did a test from KMail to check what auth options do I have from my
server regarding SMTP, I got TLS and GSSAPI, DIGEST-MD5 and CRAM-MD5. So
this part was OK. Now when entering the UNIX credentials of that user, I got
in maillog:

-----------------------
Sep 17 00:12:30 <server> sm-mta[12694]: STARTTLS=server, relaay=<IP
Address>, version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA,
bits=256/256
Sep 17 00:12:30 <server> sm-mta[12694]: m8GMCTlh012694: <IP Address> did not
issue MAIL/EXPN/VRFY/ETRN during connection to MTA
-------------------------

Following the man pages, tried the following:

sasldblistusers2 produced: listusers failed
applied saslpasswd2 and entered an account but this didn't show up in
sasldblistusers2 neither KMail was able to auth!
realised that sasl2 demon was not running after installing the package! So I
did start that as root manualy ( saslauthd -a rimap -O localhost) but this
didn't help either! I still get the same error in maillog!

Thanks for your help

Tony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.theapt.org/pipermail/openbsd-newbies/attachments/20080917/0de3bd82/attachment-0001.html

More information about the Openbsd-newbies mailing list