From owner-freebsd-questions  Fri Jun  1  8:43:29 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from trinity.lee.net (trinity.lee.net [208.229.121.1])
	by hub.freebsd.org (Postfix) with ESMTP id 5013237B422
	for <freebsd-questions@FreeBSD.ORG>; Fri,  1 Jun 2001 08:43:21 -0700 (PDT)
	(envelope-from awells@journalstar.com)
Received: from journalstar.com (leepcD-119.sub-d.lee.net [208.205.127.119])
	by trinity.lee.net (8.9.3/8.9.3) with ESMTP id KAA22168;
	Fri, 1 Jun 2001 10:42:44 -0500
Message-ID: <3B17B76B.FB6A6D91@journalstar.com>
Date: Fri, 01 Jun 2001 10:40:27 -0500
From: Tony Wells <awells@journalstar.com>
X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Ryan Masse <mail@max-info.net>
Cc: FreeBSD-Questions <freebsd-questions@FreeBSD.ORG>
Subject: Re: Compiling sendmail with SASL support problem
References: <3B16661C.A8366572@journalstar.com> <00f401c0e9ea$de8a5280$3200a8c0@Intranet> <3B1674BE.F4B48C3F@journalstar.com> <013701c0e9f2$9eef1540$3200a8c0@Intranet>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I'm getting pretty close to getting this working correctly...

I had to get sendmail to read the /usr/local/etc/sasldb with group read
permissions, but that's fixed.  My problem is now sendmail will work
with plain auth, but it's using the system password file, and not the
/usr/local/etc/sasldb file.  I know it's accessing it, because it balked
when there were group read permissions enabled on the file.

So my guess is that it doesn't like the format of the file, which is
generated from saslpasswd which was created by cyrus-imapd.  When I
compiled the cyrus-imapd, I only compiled in support for Berkley DB, but
when I run:

file /usr/local/etc/sasldb
/usr/local/etc/sasldb: MS Windows COFF Unknown CPU

Which doesn't look right.  Here's my site.config.m4:
APPENDDEF(`confENVDEF', `-DSASL=1 -D_FFR_UNSAFE_SASL=1')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl')
APPENDDEF(`confINCDIRS', `-I/usr/local/include/sasl')

Checking /var/log/maillog it show that the authentication method is
"PLAIN".

I _really_ want to be able to authenticate from /usr/local/etc/sasldb,
so I don't have to add users to the system as well as IMAP accounts.

Any help would be much appreciated.

TIA,
Tony Wells

Ryan Masse wrote:
> 
> *sorry forgot to cc the list :)*
> 
> all domains relaying through your box will go through sasl. no one domain
> listed in relay-domains, access.db or whaterver will override sasl.
> 
> as for the tests.. there are 2.
> 
> sendmail -d0.1 -bv root | grep SASL
> 
> > sendmail -d0.1 -bv root | grep SASL
>                 NETINET NETUNIX NEWDB NIS QUEUE SASL SCANF SMTP USERDB
> XDEBUG
> 
> The sendmail compiled correctly with sasl support if SASL is listed in the
> output of that command.
> 
> The second test is;
> 
> telnet to localhost 25 and issue the ehlo o syntax. it should printout a
> list of compiled features. You will need to look for the Auth* line. If
> found sasl is compile properly. A printout on my box is below.
> 
> > telnet localhost 25
> Trying ::1...
> telnet: connect to address ::1: Connection refused
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 220 comp1.mastery.ca ESMTP Sendmail 8.11.3/8.11.1; Thu, 31 May 2001
> 12:52:32 -0400 (EDT)
> ehlo o
> 250-comp1.mastery.ca Hello localhost [127.0.0.1], pleased to meet you
> 250-ENHANCEDSTATUSCODES
> 250-EXPN
> 250-VERB
> 250-8BITMIME
> 250-SIZE
> 250-DSN
> 250-ONEX
> 250-ETRN
> 250-XUSR
> 250-AUTH LOGIN
> 250 HELP
> quit
> 221 2.0.0 comp1.mastery.ca closing connection
> Connection closed by foreign host.
> >
> 
> If either of these tests fail its most likely a miss configuration with your
> sendmail.cf. If you would like me to send my config just ask.
> 
> Ryan
> 
> > Thanks much for your reply...
> >
> > I've done pretty much everything that you outlined, and had a couple of
> > more questions.
> >
> > Will domains that I list to permit relaying override sasl auth?
> >
> > Is there a test I can use to check and see if sasl auth is working
> > correctly with sendmail?
> >
> > Ryan Masse wrote:
> > >
> > > download the newest source from sendmail.org and extract it into a temp
> > > directory. Once that is finished you will want to create;
> > >
> > > > pwd
> > > /$tempdir/sendmail-8.11.3/devtools/Site
> > > > more site.config.m4
> > > APPENDDEF(`confENVDEF', `-DSASL=1')
> > > APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
> > > APPENDDEF(`confLIBDIRS', `-L/usr/local/lib')
> > > APPENDDEF(`confINCDIRS', `-I/usr/include/sasl')
> > > >
> > >
> > > jump back to the base dir and do a ./Build . after u'll want to do a
> make
> > > and  make install.
> > >
> > > After you've succesffuly recompiled sendmail with SASL support you will
> need
> > > compile the sendmail.cf with the sasl support. Do do this you will need
> a
> > > .mc file similar to the below.
> > >
> > > > pwd
> > > /usr/src/contrib/sendmail/cf/cf
> > > > more site-sasl.mc
> > > divert(-1)
> > > #
> > >
> > > divert(0)dnl
> > > VERSIONID(`$Id: site-sasl.mc,v 8.10 1999/02/07 07:26:02 gshapiro Exp $')
> > > OSTYPE(bsd4.4)dnl
> > > DOMAIN(generic)dnl
> > > MAILER(local)dnl
> > > MAILER(smtp)dnl
> > > FEATURE(use_cw_file)
> > > FEATURE(relay_based_on_MX)
> > > FEATURE(mailertable)
> > > FEATURE(access_db)
> > > FEATURE(virtusertable)
> > > FEATURE(blacklist_recipients)
> > > TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5')dnl
> > > define(`confAUTH_MECHANISMS', `PLAIN LOGIN')dnl
> > > define(`confDEF_AUTH_INFO', `/etc/mail/auth/auth-info')dnl
> > > FEATURE(`no_default_msa')dnl turn off default entry for MSA
> > > DAEMON_OPTIONS(`Port=25, Name=MTA, M=E')dnl
> > > >
> > >
> > > if you get lost anywhere on the way just email me back
> > >
> > > > Hi all,
> > > >
> > > > I'm trying to compile sendmail with sasl support since I have several
> > > > computers that I need to be able to send and receive email from.  I
> have
> > > > cyrus-imap running just fine, but right now I have to add domains with
> > > > relay permission to be able to send mail.(Bad) I would much rather use
> a
> > > > password based system that didn't care where you were coming from.
> > > >
> > > > So anyways, when I try and compile sendmail in the
> > > > /usr/src/usr.sbin/sendmail directory with the command:
> > > >
> > > > make SENDMAIL_CFLAGS='-DSASL=1524 -I/usr/local/include/sasl'
> > > >
> > > > And I get a bunch of errors.  I noticed in the
> > > > /usr/src/contrib/sendmail/src directory that it suggests you use the
> > > > 'Build' script, which of course doesn't exist.
> > > >
> > > > Has anyone successfully gotten sendmail compiled with sasl support?
> > > > Will sasl free me from domain-dependent relaying rules?
> > > >
> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > > with "unsubscribe freebsd-questions" in the body of the message
> > > >
> >
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message