[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[msmtp-users] HELP for msmtp: GNU SASL: GSSAPI error in client while negotiating security context in gss_init_sec_context()

Hi Dear Members,

I want to send mail from my ofice which uses a exchange server, using smtp.
but due to it use GSSAPI or NTLM both authentications for outside mail,
I am not able to configure msmtprc properly to send mail outside.

In some different mails I have seen some KerberOS lacking
but do not well about SASL/GSSAPI and kerberOS.

I am sending all the out put I got from
$ msmtp -d friend@...177...
$ msmtp -d --serverinfo --host=exchange
$ gsasl -d --smtp exchange
$ cat ~/myself/.msmtprc

Please help me how to correct it.

===========================\/===========================
$ msmtp -d friend@...177...
msmtp: GNU SASL: GSSAPI error in client while negotiating security context in gss_init_sec_context() in SASL library.  This is most likely due insufficient credentials or malicious interactions.
msmtp: could not send mail (account default from /home/myself/.msmtprc)
ignoring system configuration file /etc/msmtprc: No such file or directory
loaded user configuration file /home/myself/.msmtprc
using account default from /home/myself/.msmtprc
host            = exchange.office.com
port            = 25
timeout         = off
protocol        = smtp
domain          = localhost
auth            = choose
user            = myself
password        = *
ntlmdomain      = (not set)
tls             = off
tls_starttls    = on
tls_trust_file  = (not set)
tls_key_file    = (not set)
tls_cert_file   = (not set)
tls_certcheck   = on
tls_force_sslv3 = off
auto_from       = off
maildomain      = (not set)
from            = myself@...178...
dsn_notify      = (not set)
dsn_return      = (not set)
keepbcc         = off
logfile         = /home/myself/logs/msmtp
syslog          = (not set)
reading recipients from the command line
<-- 220 EXCHANGE.office.com ready Mon, 22 Dec 2008 18:22:39 +0530 
--> EHLO localhost
<-- 250-EXCHANGE.office.com Hello [10.1.18.12]
<-- 250-TURN
<-- 250-SIZE
<-- 250-ETRN
<-- 250-PIPELINING
<-- 250-DSN
<-- 250-ENHANCEDSTATUSCODES
<-- 250-8bitmime
<-- 250-BINARYMIME
<-- 250-CHUNKING
<-- 250-VRFY
<-- 250-X-EXPS GSSAPI NTLM LOGIN
<-- 250-X-EXPS=LOGIN
<-- 250-AUTH GSSAPI NTLM LOGIN
<-- 250-AUTH=LOGIN
<-- 250-X-LINK2STATE
<-- 250-XEXCH50
<-- 250 OK
===========================/\===========================

===========================\/===========================
$ msmtp -d --serverinfo --host=exchange
host            = exchange
port            = 25
timeout         = off
protocol        = smtp
domain          = localhost
auth            = none
user            = (not set)
password        = (not set)
ntlmdomain      = (not set)
tls             = off
tls_starttls    = on
tls_trust_file  = (not set)
tls_key_file    = (not set)
tls_cert_file   = (not set)
tls_certcheck   = on
tls_force_sslv3 = off
<-- 220 EXCHANGE.office.com ready Mon, 22 Dec 2008 18:24:07 +0530 
--> EHLO localhost
<-- 250-EXCHANGE.office.com Hello [10.1.18.12]
<-- 250-TURN
<-- 250-SIZE
<-- 250-ETRN
<-- 250-PIPELINING
<-- 250-DSN
<-- 250-ENHANCEDSTATUSCODES
<-- 250-8bitmime
<-- 250-BINARYMIME
<-- 250-CHUNKING
<-- 250-VRFY
<-- 250-X-EXPS GSSAPI NTLM LOGIN
<-- 250-X-EXPS=LOGIN
<-- 250-AUTH GSSAPI NTLM LOGIN
<-- 250-AUTH=LOGIN
<-- 250-X-LINK2STATE
<-- 250-XEXCH50
<-- 250 OK
--> QUIT
<-- 221 2.0.0 EXCHANGE.office.com Service closing transmission channel
SMTP server at exchange (exchange.office.com [10.1.0.134]), port 25:
    EXCHANGE.office.com ready Mon, 22 Dec 2008 18:24:07 +0530
Capabilities:
    PIPELINING:
        Support for command grouping for faster transmission
    ETRN:
        Support for RMQS (Remote Message Queue Starting)
    DSN:
        Support for Delivery Status Notifications
    AUTH:
        Supported authentication methods:
        GSSAPI LOGIN NTLM
===========================/\===========================

===========================\/===========================
$ gsasl -d --smtp exchange
Trying `exchange.office.com'...
220 EXCHANGE.office.com ready Mon, 22 Dec 2008 18:24:53 +0530 
EHLO [127.0.0.1]
250-EXCHANGE.office.com Hello [10.1.18.12]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
EHLO [127.0.0.1]
250-EXCHANGE.office.com Hello [10.1.18.12]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
AUTH GSSAPI
334 GSSAPI supported
gsasl: mechanism error: Base 64 coding error in SASL library

===========================/\===========================

===========================\/===========================
$ cat ~/myself/.msmtprc
# Set default values for all following accounts.
defaults
logfile ~/logs/msmtp
# A freemail service
account office
    host exchange.office.com
    from myself@...178...
    auth on
    protocol smtp
    user myself
    password 'mypassword'
    # tls off
    # tls_trust_file /etc/ssl/certs/ca-certificates.crt
        # auto_from on
# Set a default account
account default : office
===========================/\===========================

Regards,
Sharad Pratap