Date: Fri, 01 Jun 2001 12:45:11 -0500 From: Tony Wells <awells@journalstar.com> To: Ryan Masse <mail@max-info.net>, FreeBSD-Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Compiling sendmail with SASL support problem Message-ID: <3B17D4A7.40EC3C6A@journalstar.com> References: <3B16661C.A8366572@journalstar.com> <00f401c0e9ea$de8a5280$3200a8c0@Intranet> <3B1674BE.F4B48C3F@journalstar.com> <013701c0e9f2$9eef1540$3200a8c0@Intranet> <3B17B76B.FB6A6D91@journalstar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Fixed! The answer was in /usr/local/lib/sasl/Sendmail.conf. Yet another conf file to be dealt with. :-) Tony Wells wrote: > > I'm getting pretty close to getting this working correctly... > > I had to get sendmail to read the /usr/local/etc/sasldb with group read > permissions, but that's fixed. My problem is now sendmail will work > with plain auth, but it's using the system password file, and not the > /usr/local/etc/sasldb file. I know it's accessing it, because it balked > when there were group read permissions enabled on the file. > > So my guess is that it doesn't like the format of the file, which is > generated from saslpasswd which was created by cyrus-imapd. When I > compiled the cyrus-imapd, I only compiled in support for Berkley DB, but > when I run: > > file /usr/local/etc/sasldb > /usr/local/etc/sasldb: MS Windows COFF Unknown CPU > > Which doesn't look right. Here's my site.config.m4: > APPENDDEF(`confENVDEF', `-DSASL=1 -D_FFR_UNSAFE_SASL=1') > APPENDDEF(`conf_sendmail_LIBS', `-lsasl') > APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') > APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl') > APPENDDEF(`confINCDIRS', `-I/usr/local/include/sasl') > > Checking /var/log/maillog it show that the authentication method is > "PLAIN". > > I _really_ want to be able to authenticate from /usr/local/etc/sasldb, > so I don't have to add users to the system as well as IMAP accounts. > > Any help would be much appreciated. > > TIA, > Tony Wells > > Ryan Masse wrote: > > > > *sorry forgot to cc the list :)* > > > > all domains relaying through your box will go through sasl. no one domain > > listed in relay-domains, access.db or whaterver will override sasl. > > > > as for the tests.. there are 2. > > > > sendmail -d0.1 -bv root | grep SASL > > > > > sendmail -d0.1 -bv root | grep SASL > > NETINET NETUNIX NEWDB NIS QUEUE SASL SCANF SMTP USERDB > > XDEBUG > > > > The sendmail compiled correctly with sasl support if SASL is listed in the > > output of that command. > > > > The second test is; > > > > telnet to localhost 25 and issue the ehlo o syntax. it should printout a > > list of compiled features. You will need to look for the Auth* line. If > > found sasl is compile properly. A printout on my box is below. > > > > > telnet localhost 25 > > Trying ::1... > > telnet: connect to address ::1: Connection refused > > Trying 127.0.0.1... > > Connected to localhost. > > Escape character is '^]'. > > 220 comp1.mastery.ca ESMTP Sendmail 8.11.3/8.11.1; Thu, 31 May 2001 > > 12:52:32 -0400 (EDT) > > ehlo o > > 250-comp1.mastery.ca Hello localhost [127.0.0.1], pleased to meet you > > 250-ENHANCEDSTATUSCODES > > 250-EXPN > > 250-VERB > > 250-8BITMIME > > 250-SIZE > > 250-DSN > > 250-ONEX > > 250-ETRN > > 250-XUSR > > 250-AUTH LOGIN > > 250 HELP > > quit > > 221 2.0.0 comp1.mastery.ca closing connection > > Connection closed by foreign host. > > > > > > > If either of these tests fail its most likely a miss configuration with your > > sendmail.cf. If you would like me to send my config just ask. > > > > Ryan > > > > > Thanks much for your reply... > > > > > > I've done pretty much everything that you outlined, and had a couple of > > > more questions. > > > > > > Will domains that I list to permit relaying override sasl auth? > > > > > > Is there a test I can use to check and see if sasl auth is working > > > correctly with sendmail? > > > > > > Ryan Masse wrote: > > > > > > > > download the newest source from sendmail.org and extract it into a temp > > > > directory. Once that is finished you will want to create; > > > > > > > > > pwd > > > > /$tempdir/sendmail-8.11.3/devtools/Site > > > > > more site.config.m4 > > > > APPENDDEF(`confENVDEF', `-DSASL=1') > > > > APPENDDEF(`conf_sendmail_LIBS', `-lsasl') > > > > APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') > > > > APPENDDEF(`confINCDIRS', `-I/usr/include/sasl') > > > > > > > > > > > > > jump back to the base dir and do a ./Build . after u'll want to do a > > make > > > > and make install. > > > > > > > > After you've succesffuly recompiled sendmail with SASL support you will > > need > > > > compile the sendmail.cf with the sasl support. Do do this you will need > > a > > > > .mc file similar to the below. > > > > > > > > > pwd > > > > /usr/src/contrib/sendmail/cf/cf > > > > > more site-sasl.mc > > > > divert(-1) > > > > # > > > > > > > > divert(0)dnl > > > > VERSIONID(`$Id: site-sasl.mc,v 8.10 1999/02/07 07:26:02 gshapiro Exp $') > > > > OSTYPE(bsd4.4)dnl > > > > DOMAIN(generic)dnl > > > > MAILER(local)dnl > > > > MAILER(smtp)dnl > > > > FEATURE(use_cw_file) > > > > FEATURE(relay_based_on_MX) > > > > FEATURE(mailertable) > > > > FEATURE(access_db) > > > > FEATURE(virtusertable) > > > > FEATURE(blacklist_recipients) > > > > TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5')dnl > > > > define(`confAUTH_MECHANISMS', `PLAIN LOGIN')dnl > > > > define(`confDEF_AUTH_INFO', `/etc/mail/auth/auth-info')dnl > > > > FEATURE(`no_default_msa')dnl turn off default entry for MSA > > > > DAEMON_OPTIONS(`Port=25, Name=MTA, M=E')dnl > > > > > > > > > > > > > if you get lost anywhere on the way just email me back > > > > > > > > > Hi all, > > > > > > > > > > I'm trying to compile sendmail with sasl support since I have several > > > > > computers that I need to be able to send and receive email from. I > > have > > > > > cyrus-imap running just fine, but right now I have to add domains with > > > > > relay permission to be able to send mail.(Bad) I would much rather use > > a > > > > > password based system that didn't care where you were coming from. > > > > > > > > > > So anyways, when I try and compile sendmail in the > > > > > /usr/src/usr.sbin/sendmail directory with the command: > > > > > > > > > > make SENDMAIL_CFLAGS='-DSASL=1524 -I/usr/local/include/sasl' > > > > > > > > > > And I get a bunch of errors. I noticed in the > > > > > /usr/src/contrib/sendmail/src directory that it suggests you use the > > > > > 'Build' script, which of course doesn't exist. > > > > > > > > > > Has anyone successfully gotten sendmail compiled with sasl support? > > > > > Will sasl free me from domain-dependent relaying rules? > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B17D4A7.40EC3C6A>