Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 Aug 2003 22:42:37 -0500
From:      "Scot W. Hetzel" <hetzelsw@westbend.net>
To:        "Sean Ellis" <sellis@telus.net>, <freebsd-isp@freebsd.org>
Subject:   Re: sendmail sasl configuration
Message-ID:  <018e01c369f1$c439e830$11fd2fd8@westbend.net>
References:  <115133702237.20030823105257@telus.net> <00f801c369a6$2c3bf3c0$11fd2fd8@westbend.net> <21137037938.20030823114832@telus.net> <4151151969.20030823154344@telus.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
From: "Sean Ellis" <sellis@telus.net>
> >>> and the following log error appears when restarting sendmail:
> >>>
> >>> error: safesasl(/usr/local/etc/sasldb.db) failed: Permission denied
>
> Thanks for all the suggestions.
>
> I've made a huge leap forward after starting /usr/local/sbin/pwcheck,
> which I'd missed in all the excitement.
>
You need to use either the pwcheck or the saslauthd to authenticate users
from your password file.

You should switch to the saslauthd, as the pwcheck daemon has been removed
the Cyrus-SASL V2.

> I get relaying now:
>
> Aug 23 16:09:29 XXX sm-mta[54776]: AUTH=server,
relay=boi4263cy38nf.bc.hsia.telus.net [216.232.133.79],
>  authid=testuser, mech=LOGIN, bits=0
>
> which I imagine indicates a plain text exchange. I still get the error
below.
>
> error: safesasl(/usr/local/etc/sasldb.db) failed: Permission denied
>
> Is /usr/local/etc/sasldb.db required when authenticating against
> /etc/passwd?
>
The sasldb.db file is not required for PLAIN or LOGIN mechs, but if you want
to use DIGEST-MD5 or CRAM-MD5 for authentication, then you will need to use
the saslpasswd program to add the users to the sasldb.db file.

Add theses flags to your sendmail startup script:

    -O LogLevel=14 -d44.4

This will create additional output on each file and directories that
sendmail tries to access.  Check the permissions for the /usr, /usr/local/,
/usr/local/etc/ directories.  Making sure that sendmail has read access to
these directories.

Scot

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?018e01c369f1$c439e830$11fd2fd8>