Sendmail Not Presenting AUTH Option After EHLO

Home » CentOS » Sendmail Not Presenting AUTH Option After EHLO
CentOS 5 Comments

Hello folks,

I have a CentOS 6.4 installation running Sendmail, and after some serious hair tear stare and compare I’m a bit stumped. When I connect to the server either with telnet or SSL, sendmail is not presenting the AUTH capability after an EHLO. Everything looks like it should be working, but no amount of tweaking is getting the AUTH capability advertised (and it doesn’t work if you just try it anyway).

Here’s the config bits from sendmail.mc

5 thoughts on - Sendmail Not Presenting AUTH Option After EHLO

  • Am 08.10.2013 23:50, schrieb Chris Boyd:

    General advise: only offer those mechanisms your SASL backend can provide. As you are using saslauthd the shared secret mechanisms do not work.

    I see no mistake. Make sure you have the sendmail-cf package installed, else the .cf files can’t be rebuild based on modified .mc files. Make too sure that you have the necessary cyrus-* packages installed.

    Regards

    Alexander

  • Sorry, missed to note that for your issue it is important to have following 2 settings in your sendmail.mc as well:

    FEATURE(`no_default_msa’, `dnl’)dnl
    -> this is default in the sendmail.mc shipped with CentOS

    DAEMON_OPTIONS(`Port=submission, Name=MSA, M

  • Yes, got those.

    [root@pennzoil mail]# yum list installed | grep sendmail sendmail.x86_64 8.14.4-8.el6 @base
    sendmail-cf.noarch 8.14.4-8.el6 @base
    sendmail-milter.x86_64 8.14.4-8.el6 @base

    [root@pennzoil mail]# yum list installed | grep cyrus cyrus-sasl.x86_64 2.1.23-13.el6_3.1 @updates
    cyrus-sasl-lib.x86_64 2.1.23-13.el6_3.1 @updates

    Yes, I have those lines enabled as well. I can connect SSL to 587, but just not getting the AUTH capability.

    –Chris

  • Am 09.10.2013 16:17, schrieb Chris Boyd:

    You miss at least to have cyrus-sasl-plain.

    On localhost port 587 really Sendmail is listening? I doubt! It is Postfix. Sendmail would have a different greeting statement than

    250-pennzoil.gizmopartners.com Hello localhost [127.0.0.1], pleased to meet you

    On CentOS 6 the default MTA is Postfix. You can change that by using the alternatives mechanism, stopping the postfix service and starting the sendmail service. You haven’t followed your /var/log/mail, else you would have seen what’s happening.

    Alexander

  • Bingo! We have a winner! Installing that package and restarting saslauthd and sendmail fixed it.

    Yes, I’m definitely talking to sendmail. I use greetpause and a custom greeting:

    [root@pennzoil mail]# telnet localhost 25
    Trying ::1… telnet: connect to address ::1: Connection refused Trying 127.0.0.1… Connected to localhost. Escape character is ‘^]’.
    220-pennzoil.gizmopartners.com ESMTP
    220-Authorized use only. Spammers who send email
    220-using this system agree that they will pay Five Hundred
    220-US Dollars per message. Please send small unmarked bills.
    220-Thanks for paying attention.
    220 Have a good day.

    I have yet to collect from a spammer, but you never know.

    Thanks much for your help.

    –Chris

Leave a Reply to Alexander Dalloz Cancel reply