Well, after some tweaking, I finally have sendmail working with SASL. Because I found almost nothing on this, I'll post it here so the search engines will pick it up. Getting the Software -------------------- First, go get sendmail, I am using sendmail-8.11.0, it has better integration of SASL then sendmail-8.10.x releases. Second, get openssl 0.9.5a, this is very specific! It's the only version I could get to work with sendmail and sasl. Third, get cyrus-sasl-1.5.24. There is a bug in configure.in It detectes openssl, but for some reason the logic selects -lcrypto then resets it to -ldes. See the compile section for a patch. Compiling the software ---------------------- First, compile openssl, you can do this by hand or get my RPM/SRPM. Make sure you install the development package. It will be needed in the next steps. Second, compile cyrus-sasl, you can do this by hand or get my RPM/SRPM. If you compile by hand, make sure you apply the below patch to fix the library problem. --- cyrus-sasl-1.5.24/configure.in Thu Jul 20 21:35:01 2000 +++ cyrus-sasl-1.5.24.samurai/configure.in Fri Aug 11 18:13:23 2000 @@ -378,7 +378,7 @@ if test "$with_des" != no; then AC_DEFINE(WITH_DES) - LIB_DES="-ldes" +# LIB_DES="-ldes" fi AC_SUBST(LIB_DES) Third, compile sendmail. I highly recommend getting my RPM/SRPM. If you compile by hand you will need all of RedHat's patches (too many to list) and my patch to activate SASL. Since my patch is based off of RedHat's patches there are some dependancies that make this a whole lot easier if you just grab my RPMS. If you don't trust me :-P, you can grab RedHat's base sendmail RPM, rev it up to 8.11.x and apply this patch. --- sendmail-8.11.0.samurai/redhat.config.m4 Fri Aug 11 03:45:04 2000 +++ sendmail-8.11.0/redhat.config.m4 Fri Aug 11 03:48:21 2000 @@ -1,6 +1,6 @@ -define(`confMAPDEF', `-DNEWDB -DNIS') -define(`confENVDEF', `$(RPM_OPT_FLAGS) -DXDEBUG=0') -define(`confLIBS', `-lnsl') +define(`confMAPDEF', `-DNEWDB -DNIS') +define(`confENVDEF', `$(RPM_OPT_FLAGS) -DXDEBUG=0 -DSASL') +define(`confLIBS', `-lnsl -lsasl') define(`confLDOPTS', `-s') define(`confMANOWN', `root') define(`confMANGRP', `root') Configuring sendmail to use SASL -------------------------------- At this point, sendmail's web site does a very good job explaining the details of configuring sendmail to use SASL. Read these URLs over: http://www.sendmail.org/~ca/email/auth.html http://www.sendmail.org/~ca/email/starttls.html http://www.sendmail.org/~ca/email/cyrus/sysadmin.html The biggest test is the 'telnet mailserver 25' and the 'ehlo localhost' SMTP conversion. Make sure you get the 'AUTH <support auth schemes>' listed. Here is the output from my SMTP server: % telnet mail 25 Trying 192.168.252.8... Connected to mail.real-time.com. Escape character is '^]'. 220 mail.real-time.com ESMTP Sendmail 8.11.0/8.10.2; Sat, 12 Aug 2000 18:34:42 -0500 ehlo localhost 250-mail.real-time.com Hello IDENT:tanner at mail.real-time.com [192.168.252.7], pleased to meet you 250-ENHANCEDSTATUSCODES 250-EXPN 250-VERB 250-8BITMIME 250-SIZE 250-DSN 250-ONEX 250-ETRN 250-XUSR 250-AUTH DIGEST-MD5 CRAM-MD5 250 HELP Mail clients that support AUTH SMTP ---------------------------------- Sendmail's web site has a great list of MUA that are supported: http://www.sendmail.org/~ca/email/mel/SASL_ClientRef.html Drop the mailing list any questions so we can share the troubles AND the solutions. Thanks. -- Bob Tanner <tanner at real-time.com> | Phone : (612)943-8700 http://www.mn-linux.org | Fax : (612)943-8500 Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9 --------------------------------------------------------------------- To unsubscribe, e-mail: tclug-list-unsubscribe at mn-linux.org For additional commands, e-mail: tclug-list-help at mn-linux.org