Re: sendmail sasl configuration
From: Scot W. Hetzel (hetzelsw_at_westbend.net)
Date: 08/24/03
- Previous message: NORID autoreply: "Re: Details [ND20030824000021]"
- In reply to: Sean Ellis: "Re: sendmail sasl configuration"
- Next in thread: Sean Ellis: "Re: sendmail sasl configuration"
- Reply: Sean Ellis: "Re: sendmail sasl configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: "Sean Ellis" <sellis@telus.net>, <freebsd-isp@freebsd.org> Date: Sat, 23 Aug 2003 22:42:37 -0500
From: "Sean Ellis" <sellis@telus.net>
> >>> and the following log error appears when restarting sendmail:
> >>>
> >>> error: safesasl(/usr/local/etc/sasldb.db) failed: Permission denied
>
> Thanks for all the suggestions.
>
> I've made a huge leap forward after starting /usr/local/sbin/pwcheck,
> which I'd missed in all the excitement.
>
You need to use either the pwcheck or the saslauthd to authenticate users
from your password file.
You should switch to the saslauthd, as the pwcheck daemon has been removed
the Cyrus-SASL V2.
> I get relaying now:
>
> Aug 23 16:09:29 XXX sm-mta[54776]: AUTH=server,
relay=boi4263cy38nf.bc.hsia.telus.net [216.232.133.79],
> authid=testuser, mech=LOGIN, bits=0
>
> which I imagine indicates a plain text exchange. I still get the error
below.
>
> error: safesasl(/usr/local/etc/sasldb.db) failed: Permission denied
>
> Is /usr/local/etc/sasldb.db required when authenticating against
> /etc/passwd?
>
The sasldb.db file is not required for PLAIN or LOGIN mechs, but if you want
to use DIGEST-MD5 or CRAM-MD5 for authentication, then you will need to use
the saslpasswd program to add the users to the sasldb.db file.
Add theses flags to your sendmail startup script:
-O LogLevel=14 -d44.4
This will create additional output on each file and directories that
sendmail tries to access. Check the permissions for the /usr, /usr/local/,
/usr/local/etc/ directories. Making sure that sendmail has read access to
these directories.
Scot
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: NORID autoreply: "Re: Details [ND20030824000021]"
- In reply to: Sean Ellis: "Re: sendmail sasl configuration"
- Next in thread: Sean Ellis: "Re: sendmail sasl configuration"
- Reply: Sean Ellis: "Re: sendmail sasl configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
- Re: Postfix + SASL problem "no SASL authentication mechanisms"
... >>Could someone tell me more specifically what the error is indicating? ...
"warning: SASL authentication problem: unable to open Berkeley db ... (Having first installed
cyrus-common to provide pwcheck) ... I want saslauthd to use pam to authenticate
users against their regular ... (Debian-User) - Re: Postfix + SASL problem "no SASL authentication mechanisms"
... > (Having first installed cyrus-common to provide pwcheck) ... >
I want saslauthd to use pam to authenticate users against their regular ... "warning: SASL
authentication failure: cannot connect to saslauthd ... (Debian-User) - Unable to AUTH with usernames containing @
... I have sendmail set up to use saslauthd to authenticate users and it
... figure out how to fix the problem. ... (comp.mail.sendmail)
