Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 29 Oct 2010 15:49:46 +0200
From:      Christopher Illies <Christopher.Illies@ki.se>
To:        Vincent Hoffman <vince@unsane.co.uk>
Cc:        "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>
Subject:   RE: Sendmail as client via smarthost and ssl
Message-ID:  <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C74@KIMSXCLU01.user.ki.se>
In-Reply-To: <4CCABB82.9080504@unsane.co.uk>
References:  <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C70@KIMSXCLU01.user.ki.se> <4CC98291.8000609@bah.homeip.net> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C71@KIMSXCLU01.user.ki.se> <4CC9E9A9.2090105@unsane.co.uk> <F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C73@KIMSXCLU01.user.ki.se>, <4CCABB82.9080504@unsane.co.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for your explanations, Vince. It got me one step further (I think).

<...>

>PLAIN mechanism mean that i'm sending the password/user in plain rather
>than using something like DIGEST-MD5 or any of the other possible
>mechanisms that can be listed in confAUTH_MECHANISMS in your sendmail
>.mc file
>
>to get a list of whats supported by your relay telnet to it on port 25
>and issue an EHLO command. the supported mechanisms are listed following
>the AUTH keyword.
>
>for example for me
>(11:59:59 <~>) 1 $ telnet RELAY.ISP.net 25
>Trying 213.xxx.xxx.53...
>Connected to RELAY.ISP.net.
<...>
>250-AUTH LOGIN PLAIN           ---THIS ONE.
>250-STARTTLS
>250-DELIVERBY
>250 HELP

Ok, when I use telnet, this happens:
> telnet send.ki.se 587
Trying 130.xxx.xxx.26...
Connected to send.ki.se.
Escape character is '^]'.
220 KIMSX09.user.ki.se Microsoft ESMTP MAIL Service ready at Fri, 29 Oct 20=
10 14:55:51 +0200
EHLO
250-KIMSX09.user.ki.se Hello [136.xxx.xxx.214]
250-SIZE 10485760
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH GSSAPI NTLM      <<<<<<<
250-8BITMIME
250-BINARYMIME
250 CHUNKING


Although I have no idea what GSSAPI and NTLM are, I remembered that I have
seen these abbreviations before: NTLM is an OPTION for cyrus-sasl2, and yes=
,
it is compiled in (WITH_NTLM=3Dtrue). And GSSAPI appeared first in the mc f=
ile:

define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PL=
AIN')dnl

So I changed the authinfo/client-info file to:

AuthInfo:[send.ki.se] "U:smmsp" "I:XXX" "P:YYY" "M:GSSAPI"

Still, it does not work:

<<< 530 5.7.1 Client was not authenticated

Christopher




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F3AFB0E3A0FF1F44833C16C79ED54F724BE42A5C74>