search for: confauth_mechan

Hi all, I have a problem with Sendmail in CentOS 5. I want use authentication for external access. I configure my sendmail.mc: TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl But when send a message, show this message: Relaying denied. Proper authentication required. Any idea of the error? Thanks, Daniel Bruno -------------- next part -------------- An HTML attachment was scrubbed... URL: <http...

...UTH capability after an EHLO. Everything looks like it should be working, but no amount of tweaking is getting the AUTH capability advertised (and it doesn't work if you just try it anyway). Here's the config bits from sendmail.mc-- define(`confAUTH_OPTIONS', `A p')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl Note: Also tried define(`confAUTH_OPTIONS', `A')dnl define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl TRUST_AUTH_MECH(`LOGIN PLAIN')dnl just...

...onth old running on a colocated production server. Previously, we ran a version of Fedora for over seven years. Specifically, I'm reviewing our sendmail configuration, both with respect to authentication and port usage. Previously, we had the following line in the sendmail.mc line: define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl To authenticate, users would first have to POP their mail. A klunky script would scan appropriate log files and copy relevant IP addresses to the /etc/mail/access file that would be regenerated every 5 minutes via cron. Once the IP address wa...

...mented the pki lines define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl set the confAUTH_MECHANISMS restarted sendmail It seems like sendmail is trying to use port 25 as the log shows "connection timeout". I did this to two other machines and it worked. the third one is being stubborn. Any suggestions to look at ??? Jerry

...(`confCACERT_PATH',`/etc/ssl/certs') define(`confCACERT',`/etc/ssl/ca-bundle.crt') define(`confSERVER_CERT',`/etc/ssl/smtp.crt') define(`confSERVER_KEY',`/etc/ssl/smtp.key') define(`confAUTH_OPTIONS', `A p') TRUST_AUTH_MECH(`EXTERNAL LOGIN PLAIN') define(`confAUTH_MECHANISMS', `EXTERNAL LOGIN PLAIN') DAEMON_OPTIONS(`Port=25, Name=MTA') DAEMON_OPTIONS(`Port=465, Name=TLSMTA, M=s') So basically, LOGIN and PLAIN should be offered when SSL/TLS is in use (but not for plaintext sessions). However, when connecting over TLS, sendmail doesn't advertise...

...endmail-8.13.1-3 sendmail-cf-8.13.1-3 dovecot-0.99.11-2 mailscanner-4.50.15-3.9 clamav-0.88.4-1.9 spamassassin-3.0.6-1 cyrus-sasl-2.1.19-5 cyrus-sasl-plain-2.1.19-5 cyrus-sasl-md5-2.1.19-5 and i have enabled the next config: TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl i try the next: /usr/lib/sasl2/Sendmail.conf pwcheck_method:shadow /etc/ld.so.conf /usr/lib/sasl2 i think than this is my problem, i don't know where i put this lines: # SASL2 (sm...

...2004 version indeed broken in regards to STARTTLS? I have just done the usual stuff that seems to work for Thunderbird, Evolution, Outlook, Mac Mail and the latest Eudora. On the sendmail server side: define(`confAUTH_OPTIONS', `A p y')dnl TRUST_AUTH_MECH(`LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl (purposely not showing the certificate config) On the Entourage X client side: Checked the box "SMTP service requires secure connection (SSL) Checked the box "SMTP server requires authentication Checked the box "Use the same settings as receiving ma...

...t with sendmail (just using auth when connecting outward-bound, nothing else). I've found a page here: http://www.sendmail.org/~ca/email/auth.html that explains it simply (for simple minds, like mine) but it appears to be old-ish. So, I'm wondering if the recommendation of using: define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl is still appropriate, since MD5 is known to be breakable. Are there other hash mechanisms that can be used in SMTP for this purpose? Also, if someone can help me understand the syntax, I'd appreciate it: does EXTERNAL mean so...

...in the servers /etc/shadow ... no problem but I cannot get my head around it how to do make saslauth OR sendmail lookup the user via the imap daemon. This is the working config (mc) for the sendmail daemon when using a locally created user (I knock the PLAIN off once I got it to work): define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5') TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5') DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL, M=s') etc. How can I make sendmail (or saslauth) to get the user credentials via an imap server running on the same machine (the c...

Everyone, Looks like the new version of oppenssl has broken my sendmail's use of tls. Has anyone else had this problem or seen a fix? Greg Ennis

...om NO" in the /etc/mail/access file of > two.domain.com. > > My sendmail switches in one.domain.com include the following : > > define(`confAUTH_OPTIONS', `A p y')dnl > dnl # > TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl > define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 > LOGIN PLAIN')dnl > dnl # > define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl > define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl > define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl &...

...until I enter "Try_TLS:one.domain.com NO" in the /etc/mail/access file of two.domain.com. My sendmail switches in one.domain.com include the following : define(`confAUTH_OPTIONS', `A p y')dnl dnl # TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl # define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl define(`confSERVER_KEY'...

...> > clamav-0.88.4-1.9 > > spamassassin-3.0.6-1 > > cyrus-sasl-2.1.19-5 > > cyrus-sasl-plain-2.1.19-5 > > cyrus-sasl-md5-2.1.19-5 > > and i have enabled the next config: > > TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl > > define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN') > > DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl > > i try the next: > > /usr/lib/sasl2/Sendmail.conf > > pwcheck_method:shadow > > /etc/ld.so.conf > > /usr/lib/sasl2 > > > > > &g...

...servers /etc/shadow ... no problem but I cannot get my head around it how to do make saslauth OR sendmail lookup the user creds via the imap daemon. This is the working config (mc) for the sendmail daemon when using a locally created user (I knock the PLAIN off once I got it to work): define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL, M=s')dnl etc. How can I make sendmail (or saslauth) to get the user credentials via an imap server running on the same machi...

...t;M:PLAIN" # cd /etc/mail/auth # makemap -r hash client-info.db < client-info # chmod 600 client-info client-info.db Then edit /etc/mail/sendmail.mc (most lines are there already and just need to be uncommented and edited a bit): define(`SMART_HOST', `smtp.gmail.com')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl define(`confSERVER_CERT', `/etc/p...

Hi Default sendmail setup on a centos4.1 box - I need to send report type mails from this machine under cron. The SMTP relay i need to use requires user/pass so how can i send user/pass smtp auth from within the 'default' sendmail install? Anyone know what to change in sendmail.mc thanks

...0000')dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS', `goaway,noetrn')dnl define(`confDOUBLE_BOUNCE_ADDRESS', `')dnl define(`confCOPY_ERRORS_TO', `')dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confTO_IDENT', `0')dnl FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_fil...

...spam relay - see http://www.mail-abuse.org/rss/')dnl FEATURE(`delay_checks')dnl FEATURE(`stickyhost')dnl dnl SASL Configuration dnl extract from http://www.sendmail.org/~ca/email/auth.html dnl dnl Next two lines are for SMTP Authentication TRUST_AUTH_MECH(`LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl dnl dnl Next line stops sendmail from allowing auth without encryption define(`confAUTH_OPTIONS', `Apy')dnl dnl dnl STARTTLS configuration dnl extract from http://www.sendmail.org/~ca/email/starttls.html dnl define(`CERT_DIR', `/etc/ssl/sendmail')dnl...

...on, though Outlook Express and other MUAs do dnl # use LOGIN. Other mechanisms should be used if the connection is not dnl # guaranteed secure. dnl # Please remember that saslauthd needs to be running for AUTH. dnl # dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl # dnl # Rudimentary information on creating certificates for sendmail TLS: dnl # cd /usr/share/ssl/certs; make sendmail.pem dnl # Complete usage: dnl # make -C /usr/share/ssl/certs usage dnl # dnl define(`confCACERT_PA...

...spam relay - see http://www.mail-abuse.org/rss/')dnl FEATURE(`delay_checks')dnl FEATURE(`stickyhost')dnl dnl SASL Configuration dnl extract from http://www.sendmail.org/~ca/email/auth.html dnl dnl Next two lines are for SMTP Authentication TRUST_AUTH_MECH(`LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl dnl dnl Next line stops sendmail from allowing auth without encryption define(`confAUTH_OPTIONS', `Apy')dnl dnl dnl STARTTLS configuration dnl extract from http://www.sendmail.org/~ca/email/starttls.html dnl define(`CERT_DIR', `/etc/ssl/sendmail')dnl...