port-i386: Re: Sendmail/SASL/Crypt issue

Subject: Re: Sendmail/SASL/Crypt issue
To: James Webster <james3838@tsi-net.com>
From: Kevin Sullivan <ksulliva@psc.edu>
List: port-i386
Date: 10/09/2003 14:48:58
--==========1774556916==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

--On 10/08/03 10:28:45 -0700 James Webster wrote:
>
> While this is not directly NetBSD related, I'm hoping someone on this
> list has done it before and can help me out.
> I'm trying to configure a Sendmail server that sends mail outbound using
> TLS/Login authentication.  I've been able to setup and test SSL without
> issue, but I'm having problems getting Plain/Login working.  I've
> downloaded the source for cyrus-sasl-1.58.28 and appear to have
> successfully compiled and installed it.  But when I tried to compile
> Sendmail I was getting a build failure:  /usr/lib/libsasl.so: undefined
> reference to `crypt'
>
> I suspected it had something to do with cyrus complaining about not
> finding crypt.h, though it went on to compile successfully.  Doing a
> search on the NetBSD site crypt.h only turned up this thread:
> http://mail-index.netbsd.org/tech-pkg/2003/07/21/0011.html  The only
> thing I found that might indicate the problem with the crypt function is
> : http://mail-index.netbsd.org/port-pmax/1996/12/10/0000.html, so I added
> "APPENDDEF(`conf_sendmail_LIBS',`-lsasl -lcrypt') to my site.config.m4
> file.
> That appears to have fixed my compile issues, but when I start up
> sendmail and connect, its only advertising CRAM-MD5.  I have the
> TrustAuthMech and AuthMechanisms set to LOGIN PLAIN, and for testing
> purposes have made sure that AuthOptions does not include the p flag.

I'm doing something similar; I use SASL LOGIN/PLAIN (over TLS) to=20
authenticate employees with laptops who want to relay mail.

I used mail/sendmail, security/cyrus-sasl, and security/cy-login from=20
pkgsrc.  It's all working well for me.

I'm not sure what advice to give, except to suggest that the problem is=20
within SASL.  Sendmail will advertise the intersection of the SASL methods=20
listed in AuthMechanisms and the methods that the SASL library thinks it=20
can do.

Make sure you've set up /usr/lib/sasl/Sendmail.conf.

	-Kevin

--==========1774556916==========
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (NetBSD)

iQCVAwUBP4Wtmn4qeMKIUCpVAQEQswP/fuy43kEZmxfkoOPE0M5pQsWZ5KkpRcWQ
+USZnbTio+TXqyFHWe1FFegxccaVpMWWH9/Zwk96er0tM82yPvNYkWWlGY59QO1T
sD3JNV3HFOlyGvairHMfbHI0uwJWs6IOCA8UEvXClmKBfpOWvTQa1GV0RJUalO/P
u6C5lJj/PGE=
=oHCO
-----END PGP SIGNATURE-----

--==========1774556916==========--