top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Sendmail not presenting AUTH option after EHLO on CentOS

+1 vote
2,752 views

I have a CentOS 6.4 installation running Sendmail, and after some serious hair tear stare and compare I'm a bit stumped. When I connect to the server either with telnet or SSL, sendmail is not presenting the AUTH capability after an EHLO. Everything looks like it should be working, but no amount of tweaking is getting the AUTH capability advertised (and it doesn't work if you just try it anyway).

Here's the config bits from sendmail.mc--

 define(`confAUTH_OPTIONS', `A p')dnl
 define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
 TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

Note: Also tried

 define(`confAUTH_OPTIONS', `A')dnl
 define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
 TRUST_AUTH_MECH(`LOGIN PLAIN')dnl

just to keep things simple.

saslauthd is running, and configured--/etc/sysconfig/saslauthd 

 SOCKETDIR=/var/run/saslauthd
 MECH=pam
 FLAGS=

/etc/sasl2/Sendmail.conf contains--
 pwcheck_method:saslauthd

/etc/pam.d/smtp contains--
 #%PAM-1.0
 auth include password-auth
 account include password-auth

But when I do "openssl s_client -starttls smtp -connect localhost:587" I don't get any AUTH capability--

ehlo localhost
250-pennzoil.gizmopartners.com Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-DELIVERBY
250 HELP
quit

All the certs are built, and if I connect via telnet, the server does advertise STARTTLS. So anyone able to point out the obvious or not so obvious config mistakes?

posted Oct 8, 2013 by Luv Kumar

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

General advise: only offer those mechanisms your SASL backend can provide. As you are using saslauthd the shared secret mechanisms do not work.

And I see no mistake. Make sure you have the sendmail-cf package installed, else the .cf files can't be rebuild based on modified .mc files. Make too sure that you have the necessary cyrus-* packages installed.

answer Oct 9, 2013 by Jai Prakash
Similar Questions
+1 vote

I'm running Fedora-24(beta)/KDE, and sendmail/email (through KMail) is failing.
When I try to send email I get the warning "Failed to transmit message", and journalctl has the entry
"sendmail.service: PID file /run/sendmail.pid not readable (yet?)
after start: No such file or directory".

I've checked, and sendmail.pid is in place:

$ sudo cat /run/sendmail.pid 
2829 
/usr/sbin/sendmail -bd -q1h 

Googling for the journalctl entry, I see people have been encountering this problem for years. But I haven't seen any solution offered. Several of the comments suggest that it is a systemd problem.

please help?

+3 votes

How to send a mail using sendmail utility? Example would help?

+2 votes

I am looking for a python library that does mailing directly through "sendmail".

When I look into the docs, I see only an "smtlip" library but nothing that could serve with sendmail or postfix.

+2 votes

In CentOS 5.10, if I have, say, an X terminal window up on my screen, the next time I log in, it's there when I log in as an unprivileged user.

That's because I can save the layout the way I want to; there's a checkbox for it to save the layout upon exiting.

I see none for CentOS 6.5. So, my X-terminal isn't there when I log in each time.

0 votes

I am using CentOS 6.0 with Apache 2.2.15, and set up Apache with virtual host. The SSI works fine on the first VH, but ssi on the other virtual hosts does not work. I got the following message in the error log:

mod_include: Options +Includes (or IncludesNoExec) wasnt set, INCLUDES filter removed

Does anyone know how to resolve this problem?

...