[CentOS] Up to date guide/information Sendmail SMTP Auth

Thu Mar 9 15:58:35 UTC 2017
Paul Heinlein <heinlein at madboa.com>

On Wed, 8 Mar 2017, Mark Weaver wrote:

> On 03/08/2017 07:09 PM, Mark Weaver wrote:
>> > >  I followed your guide to the letter, however I think it seems I
>> > >  missed something. When I test with telnet to port 25 this is the
>> > >  result:
>> > > 
>> > > >  telnet merlin 25
>> > >  Trying 10.10.3.6...
>> > >  Connected to merlin.ciss.local.
>> > >  Escape character is '^]'.
>> > >  220 mdw1982.com ESMTP Sendmail 8.14.7/8.13.8; Wed, 8 Mar 2017
>> >  16:53:31 -0500
>> > >  ehlo merlin
>> > >  250-mdw1982.com Hello [10.10.3.102], pleased to meet you
>> > >  250-ENHANCEDSTATUSCODES
>> > >  250-PIPELINING
>> > >  250-8BITMIME
>> > >  250-SIZE
>> > >  250-DSN
>> > >  250-ETRN
>> > >  250-DELIVERBY
>> > >  250 HELP
>> > > >  auth login
>> > >  504 5.3.3 AUTH mechanism login not available
>> > > 
>> > >  thoughts?
>> > 
>> >  Many. :-)
>> > 
>> >  Check your mail log for clues.
>> > 
>> >  Ensure you have a valid SSL certificate and key. Sendmail is touchy
>> >  about permissions on the key file. Try googling for
>> >  confDONT_BLAME_SENDMAIL and GroupReadableKeyFile.
>> > 
>> >  Make sure saslauthd is configured and running.
>> > 
>> >  Compile your .mc (m4) file with the macros distributed with the
>> >  version of sendmail you're actually running. This line suggests you're
>> >  not:
>> > 
>> >  mdw1982.com ESMTP Sendmail 8.14.7/8.13.8
>> > 
>> >  That's a first stab at things to try.
>>
>> I fixed the version mis-match by installing sendmail-cf package and 
>> recompiling sendmail.mc. saslauthd is running and conigured 
>> according to your specs. So, I'm not sure what's missing.
>
> Still googling around and found some things that appear to be 
> missing from the sendmail config, but when I test saslauthd it 
> doesn't appear to be working.
>
> testsaslauthd -u username -p mypassword
> 0: NO "authentication failed"

Usually, testsaslauthd needs a service name. In this case,

   testsaslauthd -u username -p mypassword -s smtp

If your password has any characters a shell might misinterpret (*, !, 
<, >, &, ...), make sure you enclose it in quotation marks.

What have you seen in your logs (usually /var/log/maillog on CentOS 
systems)? If sendmail is having trouble setting up TLS/SSL, it will 
let you know!

You may have to post the entire contents of your sendmail.mc (the m4 
file), redacted as necessary to obscure any non-relevant bits that may 
be sensitive.

-- 
Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/