[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp

To: <ilangovan.muthiah@...140...>
Subject: Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
From: Simon Josefsson <simon@...143...>
Date: Fri, 25 Apr 2008 12:50:25 +0200
Cc: msmtp-users@lists.sourceforge.net
In-reply-to: <B5F477957E65D44AA0E25877D165AAC7017D378E@...141...> (ilangovan muthiah's message of "Fri, 25 Apr 2008 15:24:12 +0530")
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=msmtp-users>
List-help: <mailto:msmtp-users-request@lists.sourceforge.net?subject=help>
List-id: "General discussion, questions & answers" <msmtp-users.lists.sourceforge.net>
List-post: <mailto:msmtp-users@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/msmtp-users>, <mailto:msmtp-users-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/msmtp-users>, <mailto:msmtp-users-request@lists.sourceforge.net?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <B5F477957E65D44AA0E25877D165AAC7017D3184@...141...> <87wsmn63ea.fsf@...144...> <B5F477957E65D44AA0E25877D165AAC7017D335F@...141...> <87wsmnwhvy.fsf@...144...> <B5F477957E65D44AA0E25877D165AAC7017D378E@...141...>
User-agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.2 (gnu/linux)

<ilangovan.muthiah@...140...> writes:

> Hi Simon,
>         I installed the heimdal package and then tried to include
> kerberos-v5 support in the SASL but kerberos_v5 support is not inclueded
> in the SASL build .below is the output of  # ./configure
> --enable-kerberos_v5  

Hi.  No, you don't want to use --enable-kerberos_v5, that's not the
GSSAPI mechanism.  The configure output looks fine:

> checking if GSSAPI should be used... yes

Ignore the other warnings.

> I also tried with MIT kerberos package 1.6.1
> It always look for libshishi support.then I installed the  shishi-0.0.35
> version and tried but I got some compilation error when the
> --enable-kerberos_v5 flag is on .
> without shishi kerberos_v5 support is possible in SASL?

No, KERBEROS_V5 is Shishi-specific, but I don't recommend to use it.  It
is not standardized, and was part of an experiment.

> Localhost:~/SMTP__AUTH# msmtp --version
> msmtp version 1.4.14
> TLS/SSL library: none
> Authentication library: GNU SASL
> Supported authentication methods:
> plain cram-md5 digest-md5 gssapi external login ntlm

So you have GSSAPI support, so all should be fine.

> But the gssappi authentication is failing.Follwing is the output of
> gsasl --smtp command and msmtp --auth command
>
>
> localhost:~# gsasl --smtp labmail.com
> Trying `labmail.com'...
> 220 tmail.labmail.com Microsoft ESMTP MAIL Service, Version:
> 5.0.2195.6713 ready at  Fri, 25 Apr 2008 15:10:12 -1000
> EHLO [127.0.0.1]
> 250-tmail.labmail.com Hello [172.168.8.92]
> 250-TURN
> 250-ATRN
> 250-SIZE
> 250-ETRN
> 250-PIPELINING
> 250-DSN
> 250-ENHANCEDSTATUSCODES
> 250-8bitmime
> 250-BINARYMIME
> 250-CHUNKING
> 250-VRFY
> 250-X-EXPS GSSAPI NTLM LOGIN
> 250-X-EXPS=LOGIN
> 250-AUTH GSSAPI NTLM LOGIN
> 250-AUTH=LOGIN
> 250-X-LINK2STATE
> 250-XEXCH50
> 250 OK
> AUTH GSSAPI
> 334 GSSAPI supported
> gsasl: mechanism error: Base 64 coding error in SASL library 

That error is more interesting!  Do you have a Kerberos ticket?  Try
running 'klist'.  It should print your ticket.  If you don't have a
kerberos ticket, authentication won't work.

> msmtp: GNU SASL: GSSAPI error in client while negotiating security
> context in gss_init_sec_context() in SASL library.  This is most likely
> due insufficient credentials or malicious interactions.
> msmtp: could not send mail (account default from /root/.msmtprc)

This error looks consistent you didn't have a Kerberos ticket.  I don't
understand why you get different errors with -d and without though?  Is
that consistent?

/Simon

References:
- [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
  - From: <ilangovan.muthiah@...140...>
- Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
  - From: Simon Josefsson <simon@...143...>
- Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
  - From: <ilangovan.muthiah@...140...>
- Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
  - From: Simon Josefsson <simon@...143...>
- Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
  - From: <ilangovan.muthiah@...140...>

Prev by Date: Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
Next by Date: [msmtp-users] Not specifying password in .msptprc breaks sendmail-mode behavior
Previous by thread: Re: [msmtp-users] msmtp: support for authentication method GSSAPI is not compiled in / gssapi support for msmtp
Next by thread: [msmtp-users] 4xx errors
Index(es):
- Date
- Thread