Re: testsaslauth works but sendmail will not authenticate -- please help.
ahh, I didn't know they were different -- there is a mysql in sasl
itself which I might try.
Thanks.
on Wednesday 06/14/2006 Richard A Nelson(cowboy@debian.org) wrote
> On Mon, 12 Jun 2006, John Covici wrote:
>
> > I have a Debian system where I have the sasl2 library set up -- there
> > were some problems doing that which I will get to in another message,
> > but the main problem is that I have used
> > testsaslauthd with a userid and password using my imap server for
> > authentication. The imap server uses a mysql database and that part
> > works. Now, what baffles me is that sendmail will still not
> > authenticate -- even though I have pwcheckmethod: authdaemond it still
> > tries to use pam somewhere and it fails.
>
> I've never used authdamon for SASL - but your comment about PAM usage
> is interesting...
>
> You'll want to verify the following settings in /etc/mail/sasl/Sendmail.2
> auto_transition: <-- should be false
> pwcheck_method: <-- make sure it only has your authdaemon, not also auxprop
> allowanonymouslogin: <-- probably not relevant, but check
> allowplaintext: <-- this may need to be set to 0
>
> My understanding, is that for plaintext passwords, PAM is called by
> SASL and /etc/pam.d/smtp is used for authentication.
>
> For non-plaintext, the pwcheck_method kicks in
>
> --
> Rick Nelson
> <netgod> my client has been owned severely
> <netgod> this guy got root, ran packet sniffers, installed .rhosts and
> backdoors, put a whole new dir in called /lib/" ", which has a
> full suite of smurfing and killing tools
> <netgod> the only mistake was not deleting the logfiles
> <netgod> question is how was root hacked, and that i couldnt tell u
> <netgod> it is, of course, not a debian box
> * netgod notes the debian box is the only one left untouched by the hacker
> -- wonder why
--
Your life is like a penny. You're going to lose it. The question is:
How do
you spend it?
John Covici
covici@ccs.covici.com
Reply to: