Thanks Andrew, On Tue, 17 Apr 2001, Andrew McGill wrote:
(2c: run rpm --rebuild and stop it once you know which parameters to call ./configure with -- then add a few of your own. )
Some thoughtful individual included a rpm in 7.1, and probably earlier, called sendmail-tls, which, with a few minor hacks to the linux.mc config Great, I didn't dare to go for that initially, but then I decided to give it a try!!!
file, you can actually get working. I installed this and cyrus-sasl on a redhat 6.2 system, although I had to upgrade pretty much everything .. so it is now a very confused little redhat box (a little disaster just waiting to happen). If you are prepared to upgrade glibc, you can do it too. Well, that was the one thing I wanted to avoid! That would have too many consequences, I believe it's a big job to update all the packages.
TRUST_AUTH_MECH(`GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 LOGIN DPA NTLM') define(`confAUTH_MECHANISMS',`GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 LOGIN DPA NTLM') That was strange for me, since I included PLAIN and LOGIN, but for some reason my sendmail wouldn't allow these mechanisms. If I do a telnet to
BUT, I got the source rpm of that sendmail-tls from 7.1 and with some adaptions concerning search paths I was able to build that package, certainly after I installed the 7.1 cyrus-sasl.rpm. By the way, the sfio included in the spm still doesn't contain a known patch available on the sfio site. But I think everything will be available with 7.2. !!! self-build 7.1's sendmail-tls is working now on my SuSE 6.3 !!! But there are unfortunately some BUTs: port 25 I see that the only trusted mechs are 'GSSAPI DIGEST-MD5 CRAM-MD5'. Why?
echo password | saslpasswd -p -c user -p -u `hostname -f` # first time fails The same effect with me. I think it's caused by the non-existent sasldb file at the first user-create. Looks like that is somehow broken. But at least it works from the second time on...
I have a slightly more comprehensive doc on how to do it ... any takers? I am interested!
The biggest problem for me is now to understand the auth dialog. Up to now I was only able to reproduce a simple LOGIN method. The PLAIN already didn't work for me anymore, authentication failed every time, though I believe to have given the right MD5-string with all the info from sasldb for a specific user. Anyway, docs are somehow non-sufficient regarding the whole authentication mechs, at least for me... So if you could help me out at this point, would be nice. For instance with DIGEST-MD5 only 80% are understandable: I suspect that 'nc' is the number of copies of 'nonce' counting the 'cnonce', but what is 'digest-uri' is this the address of the client or the server? And what about the value of 'response'? How to evaluate that? Well, and for CRAM-MD5 there is no example at all... I would like to get this running with my ISP at home where I have to dial-up. I use mx.freenet.de and they now allow this also for connections from other ISPs with CRAM-MD5. How to properly enter the authentication data into the sasldb. I tried now several versions, but all don't work. I still don't know which 'realm' to use, since freenet doesn't say anything about that specifically, since they only give orders how to set-up netscape, ie and such... THanks in advance! Regards, Marko -- O _ O 0 0 ------------------m-\o/-m------------------------------------------ Dr. Marko K"aning Tel/Fax: +49-3834 554 442 / -3834 554 301 INP Greifswald email : kaening@inp-greifswald.de