Date: Fri, 01 Jun 2001 10:40:27 -0500 From: Tony Wells <awells@journalstar.com> To: Ryan Masse <mail@max-info.net> Cc: FreeBSD-Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Compiling sendmail with SASL support problem Message-ID: <3B17B76B.FB6A6D91@journalstar.com> References: <3B16661C.A8366572@journalstar.com> <00f401c0e9ea$de8a5280$3200a8c0@Intranet> <3B1674BE.F4B48C3F@journalstar.com> <013701c0e9f2$9eef1540$3200a8c0@Intranet>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm getting pretty close to getting this working correctly... I had to get sendmail to read the /usr/local/etc/sasldb with group read permissions, but that's fixed. My problem is now sendmail will work with plain auth, but it's using the system password file, and not the /usr/local/etc/sasldb file. I know it's accessing it, because it balked when there were group read permissions enabled on the file. So my guess is that it doesn't like the format of the file, which is generated from saslpasswd which was created by cyrus-imapd. When I compiled the cyrus-imapd, I only compiled in support for Berkley DB, but when I run: file /usr/local/etc/sasldb /usr/local/etc/sasldb: MS Windows COFF Unknown CPU Which doesn't look right. Here's my site.config.m4: APPENDDEF(`confENVDEF', `-DSASL=1 -D_FFR_UNSAFE_SASL=1') APPENDDEF(`conf_sendmail_LIBS', `-lsasl') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/sasl') APPENDDEF(`confINCDIRS', `-I/usr/local/include/sasl') Checking /var/log/maillog it show that the authentication method is "PLAIN". I _really_ want to be able to authenticate from /usr/local/etc/sasldb, so I don't have to add users to the system as well as IMAP accounts. Any help would be much appreciated. TIA, Tony Wells Ryan Masse wrote: > > *sorry forgot to cc the list :)* > > all domains relaying through your box will go through sasl. no one domain > listed in relay-domains, access.db or whaterver will override sasl. > > as for the tests.. there are 2. > > sendmail -d0.1 -bv root | grep SASL > > > sendmail -d0.1 -bv root | grep SASL > NETINET NETUNIX NEWDB NIS QUEUE SASL SCANF SMTP USERDB > XDEBUG > > The sendmail compiled correctly with sasl support if SASL is listed in the > output of that command. > > The second test is; > > telnet to localhost 25 and issue the ehlo o syntax. it should printout a > list of compiled features. You will need to look for the Auth* line. If > found sasl is compile properly. A printout on my box is below. > > > telnet localhost 25 > Trying ::1... > telnet: connect to address ::1: Connection refused > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 comp1.mastery.ca ESMTP Sendmail 8.11.3/8.11.1; Thu, 31 May 2001 > 12:52:32 -0400 (EDT) > ehlo o > 250-comp1.mastery.ca Hello localhost [127.0.0.1], pleased to meet you > 250-ENHANCEDSTATUSCODES > 250-EXPN > 250-VERB > 250-8BITMIME > 250-SIZE > 250-DSN > 250-ONEX > 250-ETRN > 250-XUSR > 250-AUTH LOGIN > 250 HELP > quit > 221 2.0.0 comp1.mastery.ca closing connection > Connection closed by foreign host. > > > > If either of these tests fail its most likely a miss configuration with your > sendmail.cf. If you would like me to send my config just ask. > > Ryan > > > Thanks much for your reply... > > > > I've done pretty much everything that you outlined, and had a couple of > > more questions. > > > > Will domains that I list to permit relaying override sasl auth? > > > > Is there a test I can use to check and see if sasl auth is working > > correctly with sendmail? > > > > Ryan Masse wrote: > > > > > > download the newest source from sendmail.org and extract it into a temp > > > directory. Once that is finished you will want to create; > > > > > > > pwd > > > /$tempdir/sendmail-8.11.3/devtools/Site > > > > more site.config.m4 > > > APPENDDEF(`confENVDEF', `-DSASL=1') > > > APPENDDEF(`conf_sendmail_LIBS', `-lsasl') > > > APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') > > > APPENDDEF(`confINCDIRS', `-I/usr/include/sasl') > > > > > > > > > > jump back to the base dir and do a ./Build . after u'll want to do a > make > > > and make install. > > > > > > After you've succesffuly recompiled sendmail with SASL support you will > need > > > compile the sendmail.cf with the sasl support. Do do this you will need > a > > > .mc file similar to the below. > > > > > > > pwd > > > /usr/src/contrib/sendmail/cf/cf > > > > more site-sasl.mc > > > divert(-1) > > > # > > > > > > divert(0)dnl > > > VERSIONID(`$Id: site-sasl.mc,v 8.10 1999/02/07 07:26:02 gshapiro Exp $') > > > OSTYPE(bsd4.4)dnl > > > DOMAIN(generic)dnl > > > MAILER(local)dnl > > > MAILER(smtp)dnl > > > FEATURE(use_cw_file) > > > FEATURE(relay_based_on_MX) > > > FEATURE(mailertable) > > > FEATURE(access_db) > > > FEATURE(virtusertable) > > > FEATURE(blacklist_recipients) > > > TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5')dnl > > > define(`confAUTH_MECHANISMS', `PLAIN LOGIN')dnl > > > define(`confDEF_AUTH_INFO', `/etc/mail/auth/auth-info')dnl > > > FEATURE(`no_default_msa')dnl turn off default entry for MSA > > > DAEMON_OPTIONS(`Port=25, Name=MTA, M=E')dnl > > > > > > > > > > if you get lost anywhere on the way just email me back > > > > > > > Hi all, > > > > > > > > I'm trying to compile sendmail with sasl support since I have several > > > > computers that I need to be able to send and receive email from. I > have > > > > cyrus-imap running just fine, but right now I have to add domains with > > > > relay permission to be able to send mail.(Bad) I would much rather use > a > > > > password based system that didn't care where you were coming from. > > > > > > > > So anyways, when I try and compile sendmail in the > > > > /usr/src/usr.sbin/sendmail directory with the command: > > > > > > > > make SENDMAIL_CFLAGS='-DSASL=1524 -I/usr/local/include/sasl' > > > > > > > > And I get a bunch of errors. I noticed in the > > > > /usr/src/contrib/sendmail/src directory that it suggests you use the > > > > 'Build' script, which of course doesn't exist. > > > > > > > > Has anyone successfully gotten sendmail compiled with sasl support? > > > > Will sasl free me from domain-dependent relaying rules? > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B17B76B.FB6A6D91>