From owner-freebsd-questions@FreeBSD.ORG Thu Jul 30 08:02:24 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C27B2106566C for ; Thu, 30 Jul 2009 08:02:24 +0000 (UTC) (envelope-from reedlai@hotmail.com) Received: from snt0-omc4-s5.snt0.hotmail.com (snt0-omc4-s5.snt0.hotmail.com [65.55.90.208]) by mx1.freebsd.org (Postfix) with ESMTP id 8E0878FC1C for ; Thu, 30 Jul 2009 08:02:24 +0000 (UTC) (envelope-from reedlai@hotmail.com) Received: from SNT121-DS18 ([65.55.90.199]) by snt0-omc4-s5.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 30 Jul 2009 01:02:24 -0700 X-Originating-IP: [59.125.83.147] X-Originating-Email: [reedlai@hotmail.com] Message-ID: From: "Reed Lai" To: "FreeBSD Question" References: <4A710A2F.1030407@cia.com> <4A713F34.5050404@cia.com> In-Reply-To: <4A713F34.5050404@cia.com> Date: Thu, 30 Jul 2009 16:01:24 +0800 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="utf-8"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal Importance: Normal X-Mailer: Microsoft Windows Live Mail 14.0.8064.206 X-MimeOLE: Produced By Microsoft MimeOLE V14.0.8064.206 X-OriginalArrivalTime: 30 Jul 2009 08:02:24.0122 (UTC) FILETIME=[127145A0:01CA10EC] Subject: Re: SMTP Authentication X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2009 08:02:25 -0000 Yes, the new server leaks LOGIN in the 250-AUTH list! New server ========= 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 Functional server ============== 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN I have checked the generated .cf file in the new server and there are class and option listed C{TrustAuthMech}GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN O AuthMechanisms=GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN The new server has same configuration to old server, but has not LOGIN in the 250-AUTH list. BTW, the new server has hostname changed once... I don't know if it does matter or not.. Reed From: Ihor Prystay Sent: Thursday, July 30, 2009 2:35 PM To: freebsd-questions@freebsd.org Subject: Re: SMTP Authentication Tray telnet to port 25 of your working SMTP server and compare the output. Check 250-AUTH According to the provided log from the working server it should be LOGIN mech available in the list, which is not present on the new server. Ihor Reed Lai wrote: > The maillog does not log the sm-mta: AUTH=server action. The functional > server has the AUTH=server action logged. How do I debug from this > different? > > Reed > > From: Reed Lai > Sent: Thursday, July 30, 2009 11:51 AM > To: FreeBSD Questions > Subject: Re: SMTP Authentication > > > The mail client is Windows Live Mail and it work well with the functional > server. Its SMTP authenication should be ok. > > Reed > > > From: Ihor Prystay > Sent: Thursday, July 30, 2009 10:49 AM > To: freebsd-questions@freebsd.org > Subject: Re: SMTP Authentication > > > your working server does support LOGIN mech while other one dosn't. > I doubt if your mail client has a support for GSSAPI DIGEST-MD5 CRAM-MD5 > auth, usually it's PLAIN or/and LOGIN. > > Ihor > > > > Reed Lai wrote: >> Instruction of the "SMTP AUTO in sendmail 8.10-8.13" to test the Sendmail >> >> banyan# sendmail -d0.1 -bv root >> Version 8.14.2 >> Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 >> NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING >> SASLv2 >> SCANF STARTTLS TCPWRAPPERS USERDB XDEBUG >> >> ============ SYSTEM IDENTITY (after readcf) ============ >> (short domain name) $w = banyan >> (canonical domain name) $j = banyan...com >> (subdomain name) $m = ..com >> (node name) $k = banyan...com >> ======================================================== >> >> root... deliverable: mailer local, user root >> >> banyan# telnet localhost 25 >> Trying 127.0.0.1... >> Connected to localhost. >> Escape character is '^]'. >> 220 banyan...com ESMTP Sendmail 8.14.2/8.14.2; Wed, 29 Jul 2009 21:19:40 >> +0800 (CST) >> ehlo localhost >> 250-banyan...com Hello localhost [127.0.0.1], pleased to meet you >> 250-ENHANCEDSTATUSCODES >> 250-PIPELINING >> 250-8BITMIME >> 250-SIZE >> 250-DSN >> 250-ETRN >> 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 >> 250-DELIVERBY >> 250 HELP >> >> The Sendmail test seems OK >> But the SMTP authentication does not work from my mail client. >> >> Reed >> >> >> From: Reed Lai >> Sent: Wednesday, July 29, 2009 5:37 PM >> To: freebsd-questions@freebsd.org >> Subject: SMTP Authentication >> >> >> Hi, >> >> I have two freebsd mail servers both configured SMTP authentication: >> >> FreeBSD Handbook 28.10 SMTP Authenticatin >> http://www.freebsd.org/doc/en/books/handbook/smtp-auth.html >> >> SMTP AUTO in sendmail 8.10-8.13 >> http://www.sendmail.org/~ca/email/auth.html >> >> One is functional, and the other one doesn't seem to work. Compare the >> maillogs of the two servers, there is an AUTH=server message appear in >> the >> functional server, but the other one has not. >> >> The maillog of functional server >> ====================== >> Jul 29 16:15:10 maple sm-mta[57825]: AUTH=server, relay=59-....net >> [59...147], authid=a660407, mech=LOGIN, bits=0 >> Jul 29 16:15:10 maple sm-mta[57825]: n6T8F9ej057825: from=, >> size=1430, class=0, nrcpts=1, >> msgid=<40F9CC65E8874D128639A39C1EEBD410@ReedXP>, proto=ESMTP, >> daemon=IPv4, >> relay=59-...net [59...147] >> >> The other one >> ========= >> Jul 29 17:12:41 banyan sm-mta[2539]: n6T9Cf9q002539: ruleset=check_rcpt, >> arg1=, relay=59-...-147.HINET-IP.hinet.net [59...147], >> reject=550 5.7.1 ... Relaying denied >> Jul 29 17:12:41 banyan sm-mta[2539]: n6T9Cf9q002539: from=, >> size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, >> relay=59-...-147.HINET-IP.hinet.net [59...147] >> >> It seems the other one's smtp authentication is not trigged. >> >> Please help or tip me for something I forget. >> >> Thank you! >> >> Reed >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> >> > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"