From owner-freebsd-isp@FreeBSD.ORG  Sun Jun 11 16:13:16 2006
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
X-Original-To: freebsd-isp@freebsd.org
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 33EF916A41A
	for <freebsd-isp@freebsd.org>; Sun, 11 Jun 2006 16:13:16 +0000 (UTC)
	(envelope-from szlists@szarka.org)
Received: from hustle.szarka.net (hustle.szarka.net [204.89.131.44])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D1A6843D45
	for <freebsd-isp@freebsd.org>; Sun, 11 Jun 2006 16:13:15 +0000 (GMT)
	(envelope-from szlists@szarka.org)
Received: from BUCKY.szarka.org (ip-65-75-16-177.ct.dsl.ntplx.com
	[65.75.16.177])
	by hustle.szarka.net (8.13.6/8.13.6) with ESMTP id k5BGDDJx083074
	for <freebsd-isp@freebsd.org>; Sun, 11 Jun 2006 12:13:14 -0400 (EDT)
	(envelope-from szlists@szarka.org)
Message-Id: <7.0.1.0.0.20060611113015.072d4698@szarka.org>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Sun, 11 Jun 2006 12:13:13 -0400
To: freebsd-isp@freebsd.org
From: Rob Szarka <szlists@szarka.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Subject: Sendmail/SASL2/saslauthdb problem
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Jun 2006 16:13:16 -0000


I'm trying to configure sendmail to authenticate against the system 
password file for SMTP using the ports collection and having a heck 
of a time with it. saslauthdb works great when tested with 
testsaslauthd (testsaslauthd -s smtp  -u XXXXX -p XXXXX returns 
Success), but when testing by hand with the same account through 
sendmail (with the same bare username, no realm), I get the following error:

saslauthd[38367]: do_auth : auth failure: [user=XXXXXXX] 
[service=smtp] [realm=] [mech=pam] [reason=PAM auth error]

 From the other side, I see sendmail offering "250-AUTH PLAIN LOGIN" 
(what I want) in the ESTMP session and doing the auth login 
prompting, but then returning "535 5.7.0 authentication failed" in 
response to the base64-ed username and password.

Can anyone shed light on this? Here's my configuration:

FreeBSD 6.0-RELEASE #1

Sendmail 8.13.6/8.13.6 (installed via mail/sendmail-sasl compiled 
against an earlier install of security/cyrus-sasl2 -- I can see it 
passing the "-DSASL=2" during make)

/usr/local/lib/sasl2/Sendmail.conf has "pwcheck_method: saslauthd" 
and, I'm assuming from the error message, sendmail is actually calling it.