Re: testsaslauth works but sendmail will not authenticate -- please help.
On Mon, 12 Jun 2006, John Covici wrote:
I have a Debian system where I have the sasl2 library set up -- there
were some problems doing that which I will get to in another message,
but the main problem is that I have used
testsaslauthd with a userid and password using my imap server for
authentication. The imap server uses a mysql database and that part
works. Now, what baffles me is that sendmail will still not
authenticate -- even though I have pwcheckmethod: authdaemond it still
tries to use pam somewhere and it fails.
I've never used authdamon for SASL - but your comment about PAM usage
is interesting...
You'll want to verify the following settings in /etc/mail/sasl/Sendmail.2
auto_transition: <-- should be false
pwcheck_method: <-- make sure it only has your authdaemon, not also auxprop
allowanonymouslogin: <-- probably not relevant, but check
allowplaintext: <-- this may need to be set to 0
My understanding, is that for plaintext passwords, PAM is called by
SASL and /etc/pam.d/smtp is used for authentication.
For non-plaintext, the pwcheck_method kicks in
--
Rick Nelson
<netgod> my client has been owned severely
<netgod> this guy got root, ran packet sniffers, installed .rhosts and
backdoors, put a whole new dir in called /lib/" ", which has a
full suite of smurfing and killing tools
<netgod> the only mistake was not deleting the logfiles
<netgod> question is how was root hacked, and that i couldnt tell u
<netgod> it is, of course, not a debian box
* netgod notes the debian box is the only one left untouched by the hacker
-- wonder why
Reply to: