[CentOS] sendmail + plain auth

Wed Jul 6 18:23:02 UTC 2005
Mike Kercher <mike at CamaroSS.net>

Probably a silly question, but did you rebuild your sendmail.cf after
modifying the sendmail.mc?

Mike
 

-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf
Of alex at milivojevic.org
Sent: Wednesday, July 06, 2005 1:16 PM
To: CentOS mailing list
Subject: [CentOS] sendmail + plain auth

I'm probably missing something obvious, but I can get sendmail to give me
AUTH PLAIN and LOGIN options.

What I have is fairly standard configuration.  The relevant part of
sendmail.mc looks something like this:

define(`confCACERT_PATH',`/etc/ssl/certs')
define(`confCACERT',`/etc/ssl/ca-bundle.crt')
define(`confSERVER_CERT',`/etc/ssl/smtp.crt')
define(`confSERVER_KEY',`/etc/ssl/smtp.key')
define(`confAUTH_OPTIONS', `A p')
TRUST_AUTH_MECH(`EXTERNAL LOGIN PLAIN')
define(`confAUTH_MECHANISMS', `EXTERNAL LOGIN PLAIN')
DAEMON_OPTIONS(`Port=25, Name=MTA') DAEMON_OPTIONS(`Port=465, Name=TLSMTA,
M=s')

So basically, LOGIN and PLAIN should be offered when SSL/TLS is in use (but
not for plaintext sessions).  However, when connecting over TLS, sendmail
doesn't advertise them:

$ openssl s_client -connect localhost:465 [ SSL/TLS handshake output
deleted, AES256 cipher was used ] 220 testbox.miliv.org ESMTP Unauthorized
access prohibited EHLO localhost 250-testbox.miliv.org Hello localhost
[127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING
250-8BITMIME 250-SIZE 250-DELIVERBY 250 HELP

Attempt to "brute-force" use them results in error (as expected):

AUTH PLAIN
504 5.3.3 AUTH mechanism PLAIN not available

I'm sure I'm missing something obvious here, probably a flag or two either
in confAUTH_OPTIONS or in DAEMON_OPTIONS, but couldn't dig out which.

Alraedy drank all coffe, and becoming desparate ;-)

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos