Subject: My Notes on HOWTO SMTP AUTH with Outook 5.0
From: "Elixir Man" <elixir_man@my-deja.com>
Date: 2000/06/06
Newsgroups: comp.mail.sendmail
****Notice Disclaimer:  I am posting this "How To : SMTP Authenticate with Sendmail 8.10.0 and Outlook Express 5.0" in order to aid other newbie users. I have spent many long days of frustration and disgust trying to resolve this issue.    The intent of this document is aid other new users (not replace any CF/Readme files)  and not to be considered a technical manual written by an expert.    Newbie users should first consult www.sendmail.org and www.sendmail.net.    In addition, this document is for my Linux Red Hat 6.1 server...I'm not sure about any similarities for other Operating Systems.
 
Finally, I want to thank all the comp.mail.sendmail newsgroup users who have patiently helped me with hints along the way.    Other advanced users, I'm sure will know or find short cuts to my steps.  Please bare with me, I'm learning.
 
Elixir Man
elixir_man@email.com
 
 
 
(** = comments)
___________________________________
 
1. From a clean installation of Linux Red Hat 6.1,  I downloaded Cyrus Sasl from ftp://andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-1.5.21.tar.gz
 
2. cp cyrus-sasl-1.5.21.tar.gz to /usr/local
3. tar xvfz cyrus-sasl-1.5.21.tar.gz      ** unzipping compressed file
 
4. cd cyrus-sasl-1.5.21
./configure -enable-login
      make
      make install
 
      **Above is very important.  You are compiling Cyrus Sasl with the       LOGIN plugin mechanism for Outlook Express authentication.
 
5. copy all files from /usr/local/lib/sasl to /user/lib/sasl
6. Opened gnotepad, and created a file called usr/lib/sasl/Sendmail.conf File contains the following:
# /usr/local/lib/sasl/sendmail.cf
pwcheck_method: sasldb
 
7. Copied usr/lib/sasl/Sendmail.conf to usr/lib/local/sasl/
 
8. I downloaded Sendmail 8.10.0 from
ftp://ftp.sendmail.org/pub/sendmail/sendmail8.10.0.tar.gz
 
9. tar xvfz sendmail8.10.0.tar.gz          **unzipping compressed file
 
10. cd sendmail8.10.0
 
11. Opened gnotepad, and created a file called
usr/local/sendmail8.10.0/devtools/site/site.config.m4
      File contains the following:
      APPENDDEF(`confENVDEF', `-DSASL')
      APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
      APPENDDEF(`confLIBDIRS', `-L/usr/lib/sasl')
      APPENDDEF(`confINCDIRS', `-I/usr/local/include')'
 
      **watch for exact spaces and ending marks [ ) ' ` ]
 
12. From within /usr/local/sendmail8.10.0
./Build
make
make install
 
** Read compilation output.  Look for the following:
Including ../devtools/Site/site.config.m4    ***Sendmail found site.config file
 
Also look for:
../../Include -I /usr/local/include -DNEWDB -DSASL -c  ***Sendmail has found SASL library
 
13. Created Sendmail.mc
Added the following lines:
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
 
**This is where you define mechanisms(LOGIN PLAIN DIGEST-MD5
CRAM-MD5).  Outlook Express will only  recognize LOGIN mechanism
 
**I also added two additional lines at the bottom of my
Sendmail.mc.  However, I believe these are optional:
 
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
DAEMON_OPTIONS(`Port=587, Name-MSA, M=Ea')dnl
 
14. cd /etc/mail
15. m4 sendmail.mc > sendmail.cf      **creates new sendmail.cf
 
16. cd /usr/local/cyrus/utils/
./saslpasswd anyuser
** anyuser needs to have local signon
enter password :      *******
retype password:    *******
 
**This should create /etc/sasldb file.  Check CHMOD properties.  Should be 600
 
17. Opened gnotepad, and created a file called
/usr/lib/sasl/saslpassword.conf
File contains:
pwcheck_method: sasldb
 
 
18. Copied usr/lib/sasl/saslpassword.conf to usr/lib/local/sasl/
 
 
 
19. cd /usr/local/sendmail8.10.0
./Build -c    **recompiles Sendmail
 
20. sendmail -d0.1 -bv root | grep SASL
**You should see the below output:
    NETUNIX NEWDB QUEUE SASL SCANF SMTP USERDB XDEBUG
 
21. Restart the Sendmail Daemon.
/etc/rcid/init.d/./sendmail restart
 
 

22. Ready for a test:
 
Telnet localhost 25
 
ehlo localhost
 
You should see the below 250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ONEX
250-ETRN
250-XUSR
250-AUTH LOGIN PLAIN              **This is want you want!
250 HELP
quit
 
 
**If you don't see the 250-AUTH, then change your Sendmail login to 14:   sendmail -O LogLevel=14 -bs
 
**Sometimes, I also had to check from a remote Telnet session to see the 250-AUTH
 
23.      Now open your Outlook Express 5.0
      -I would setup a regular mail account to your mail server IP.
 
1. Tools / Accounts / Properties or ADD for new mail account
2. Choose Server Tab
  Make sure to have your valid Account Name and password:
  Account Name:  anyuser
  Password: *********
 
 
  Outgoing Mail Servers
 
  -Check the box "My Server requires Authentication Settings"
 
3. Click on the Settings button
4. Logon Information
  -Check the Log On using
  Account Name:  anyuser@yourmailserver.domain.com
  Password: ********
 
  **if you need help with the above yourmailserver.domain.com
  cd /usr/local/ cyrus-sasl-1.5.21/utils/
  ./sasldblistusers
 
  **this should show all users with the defined mechanisms available,   and your mail server and domain name
 
24.        Before you click the Send and Receive button within Outlook.. Open the
            /var/log/maillog
 
  **This log is the most important for trying to debug any AUTH problems.
 
25.        Try to send a email to anyone, and click the Send/Receive button
 

26.        Check out the mail log.
 
Jun  2 07:49:56 yourmailserver sendmail[4239]: SASL: available mech=LOGIN PLAIN ANONYMOUS
DIGEST-MD5 CRAM-MD5, allowed mech=LOGIN PLAIN
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 220 yourmailserver.domain.com ESMTP Sendmail 8.10.0/8.10.0; Fri, 2 Jun 2000 07:49:56 -0500
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: <-- EHLO yourcomputername
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250- yourmailserver.domain.com Hello yourcomputername.yourdomain.com
[123.45.67.890], pleased
to meet you
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-ENHANCEDSTATUSCODES
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-8BITMIME
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-SIZE Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-DSN Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-ONEX Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-ETRN Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-XUSR Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250-AUTH LOGIN PLAIN
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 250 HELP Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: <-- AUTH LOGIN Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 334 VXNlcm5hbWU6
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 334 UGFzc3dvcmQ6
Jun  2 07:49:56 yourmailserver sendmail[4239]: e52Cnun04239: --> 235 2.0.0 OK
Authenticated
Jun  2 07:49:56 yourmailserver sendmail[4239]: SASL: connection from yourcomputername.yourdomain.com [123.45.67.890], mech=LOGIN,
id=anyuser@yourmailserver.domain.com
 
 
 
 
That's it  (three weeks later)!  Good Luck!
 
 
Elixir Man
 
elixir_man@email.com
 
 
Notes and Debugging hints:
 
I had the problem of testing with my Telnet Session, and not seeing 250-AUTH from my local PC.
Make sure and test the telnet session from another PC.
 
Many times, I simple couldn't get Cyrus SASL and Sendmail to work with one another.    If they weren't working together, I would simple delete the /usr/local/Cyrus* and /usr/local/sendmail* directories and start from scratch. I would also delete the /usr/lib/sasl and /usr/local/lib/sasl folders as well. Some one consider this quite extreme measures, but I wasn't for sure what/where things became broken.
 
I can't emphasize how helpful the  /var/log/maillog file works.    I was able to debug most of my initial problems from there.