# Sendmail-8.12.6.r1 and Cyrus-SASL-1.5.27.r5

## sklim

I hv emerge the sendmail and cyrus-sasl on my system.  But I can get the authentication working.

Initial test

sendmail -d0.1 -bv root | grep SASL 

No response, this mean sendmail was not compiled with SASL options.

According to Sendmail's "auth.html" documentation, I need the following few lines to be added for SASL support in sendmail's site.config.m4 file and recompile it. 

      APPENDDEF(`confENVDEF', `-DSASL')

      APPENDDEF(`conf_sendmail_LIBS' `-lsasl')

how can I do that on the sendmail-8.12.x.x.ebuild

Regards

 :Surprised: 

----------

## mglauche

a qnd fix would be to use ebuild to decompress the package, then patch it manually, then run ebuild build and install process  :Smile: 

----------

## ozz

I've got the same problem..

Could you pls. explain better what I have to do in order sendmail works with sasl?

----------

## fyerk

The sendmail-8.12.6-r1 ebuild already has the necessary options for building SASL support if you've got it installed. Simply emerge SASL first, and then emerge sendmail.

```

# emerge sync

# emerge dev-libs/cyrus-sasl

# emerge net-mail/sendmail

```

----------

## ozz

Well..peraphs I am wrong something..

I have emerged cyrus-sasl-2.1.7-r3 and sendmail-8.12.6-r1, but when I run m4 mysite.mc >sendmail.cf, sendmail seems not to understand the following config I have found in sendmail.org:

```
APPENDDEF(`confENVDEF', `-DSASL')

APPENDDEF(`conf_sendmail_LIBS', `-lsasl')

APPENDDEF(`confLIBDIRS', `-L/usr/lib/sasl2')

APPENDDEF(`confINCDIRS', `-I/usr/include/sasl')

APPENDDEF(`confENVDEF', `-DSASL=20007')
```

In the resulting sendmail.cf I've got:

```
#####  $Id: use_cw_file.m4,v 8.11 2001/08/26 20:58:57 gshapiro Exp $  #####

APPENDDEF(confENVDEF, -DSASL)

APPENDDEF(conf_sendmail_LIBS, -lsasl)

APPENDDEF(confLIBDIRS, -L/usr/lib/sasl2)

APPENDDEF(confINCDIRS, -I/usr/include/sasl)

APPENDDEF(confENVDEF, -DSASL=20007)

#####  $Id: proto.m4,v 8.649.2.5 2002/08/15 02:39:01 ca Exp $  #####
```

not parsed by the interpreter as you can see..

And, obviously when I run 

```
/etc/init.d/sendmail start
```

it doesn't work..   :Sad: 

The 

```
 ldd /usr/sbin/sendmail
```

 returns the correct output that show me that sendmail has been correctly linked with sasl2

```
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x40026000)
```

I am missing something?

----------

## fyerk

The APPENDEF statements are unnecessary. They are only used when building sendmail and this is done during the emerge.

Your mc file just needs to include the SASL AUTH MECHs available.

```

TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

```

----------

## hachre

To enable SASL Support in sendmail do this:

You can easily activate sasl support in sendmail by adding "sasl" to the USE string in /etc/make.conf - you will have to recompile sendmail (emerge sendmail) and you will have to manually "m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf" after you have replaced your current sendmail.mc file with the new ._cfg0000_sendmail.mc created by emerge...

My problems

I don't know how to activate that smtp authentication support in sendmail after compiling recompiling it with SASL support. I think some changes have to be made to the sendmail.mc file to enable that smtp auth support.

Currently when I'm trying to authenticate to sendmail via mozilla mail I'm getting following message in /var/log/auth.log

 *Quote:*   

> Jan 21 01:05:19 opteron sm-mta[8558]: Password verification failed

 

Can someone help?

PS: I tried to add the lines to the mc file that edge suggested but I didn't help. I'm still getting the same messages in auth.log. Am I right that I am supposed to log into sendmail via my unix user account and my unix password? Does my user need to be member of any specific group like mail or something?!

PS2: I tried "sendmail -bv myusername@localhost" and it works...

PS3: I found out more detailed info - I set the loglevel to 20 in sendmail.cf I got following output:

 *Quote:*   

> Jan 21 02:54:00 opteron sm-mta[3738]: starting daemon (8.12.7): SMTP+queueing@00:30:00
> 
> Jan 21 02:54:00 opteron sm-mta[3738]: STARTTLS: ServerKeyFile missing
> 
> Jan 21 02:54:00 opteron sm-mta[3738]: started as: /usr/sbin/sendmail -bd -q30m -L sm-mta
> ...

 

I have a file /usr/lib/sasl2/Sendmail.conf containing this:

 *Quote:*   

> pwcheck_method:PAM

 

I have a /etc/pam.d/smtp file containing this:

 *Quote:*   

> #%PAM-1.0
> 
> auth       required     /lib/security/pam_stack.so service=system-auth
> 
> account    required     /lib/security/pam_stack.so service=system-auth
> ...

 

My /etc/mail/sendmail.mc contains this:

 *Quote:*   

> divert(-1)
> 
> # bla blub
> 
> divert(0)dnl
> ...

 

I used "sasl" in my USE variable while compiling sendmail.

I'm using sendmail-8.12.7-r1 and cyrus-sasl-2.1.10.

I wanna be able to use sendmail as a mailer with SMTP authentication so Outlook and Mozilla eMail clients can log into the smtp to send mails. It should use the linux user and the linux password which I'm also using to log into the shell.

I tried to authenticate via Mozilla-Mail without SSL encryption as user "hachre" with my linux shell password.

Can someone please help... thanx

----------

## ptbarnett

I found the solution here:

http://englanders.cc/~jason/howtos.php?howto=cyrus-sasl

/usr/lib/sasl2/Sendmail.conf should contain:

pwcheck_method: saslauthd

I then copied the contents of /etc/pam.d/imap to /etc/pam.d/smtp

Finally, you need to start saslauthd.

----------

## ElCondor

I still cannot geht SMTP AUTH running. I'm using sendmail + cyrus, so I  set the sasl_pwcheck_method to auxprop in /etc/imapd.conf. everything works fine, my sendmail supports AUTH (digest an cram), but it seems not to authenticate against the sasl-db. I want to have the same password for accessing mail in cyrus as well as authenticating to sendmail (there are no accounts with login on this machine)

Is this possible? did I just miss a thing? 

Any help appreciated!

* ElCondor pasa *

----------

