Re: [msmtp-users] HELP for msmtp: GNU SASL: GSSAPI error in client while negotiating security context in gss_init_sec_context()

["Sharad Pratap" <sh4r4d@...20...>]

Hi
I am ready to use clear test password, and tried login method it is not working.
===========================\/===========================
$  msmtp -d  friend@...177... 
msmtp: authentication failed (method LOGIN)
msmtp: server message: 535 5.7.3 Authentication unsuccessful.
msmtp: could not send mail (account default from /home/myself/.msmtprc)
ignoring system configuration file /etc/msmtprc: No such file or directory
loaded user configuration file /home/myself/.msmtprc
using account default from /home/myself/.msmtprc
host            = exchange.office.com
port            = 25
timeout         = off
protocol        = smtp
domain          = localhost
auth            = LOGIN
user            = myself
password        = *
ntlmdomain      = (not set)
tls             = off
tls_starttls    = on
tls_trust_file  = (not set)
tls_key_file    = (not set)
tls_cert_file   = (not set)
tls_certcheck   = on
tls_force_sslv3 = off
auto_from       = off
maildomain      = (not set)
from            = myself@...178...
dsn_notify      = (not set)
dsn_return      = (not set)
keepbcc         = off
logfile         = /home/myself/logs/msmtp
syslog          = (not set)
reading recipients from the command line
<-- 220 EXCHANGE.office.com ready Mon, 22 Dec 2008 20:03:04 +0530 
--> EHLO localhost
<-- 250-EXCHANGE.office.com Hello [10.1.18.12]
<-- 250-TURN
<-- 250-SIZE
<-- 250-ETRN
<-- 250-PIPELINING
<-- 250-DSN
<-- 250-ENHANCEDSTATUSCODES
<-- 250-8bitmime
<-- 250-BINARYMIME
<-- 250-CHUNKING
<-- 250-VRFY
<-- 250-X-EXPS GSSAPI NTLM LOGIN
<-- 250-X-EXPS=LOGIN
<-- 250-AUTH GSSAPI NTLM LOGIN
<-- 250-AUTH=LOGIN
<-- 250-X-LINK2STATE
<-- 250-XEXCH50
<-- 250 OK
--> AUTH LOGIN
<-- 334 VXNlcm5hbWU6
--> Y19zaGFyYWQ=
<-- 334 UGFzc3dvcmQ6
--> J1Rlc3RAMTIzJw==
<-- 535 5.7.3 Authentication unsuccessful.
===========================/\===========================

and 
other one port 465 not open, on 25 no response I think this the default behavior
I will try to find which is open port here, but you have told me the 

> If this works, use "tls on", "tls_starttls off" and "tls_trustfile
> /path/to/file" to use TLS.
In case I will be successful to find open port and things will work fine, then
here by /path/to/file mean /etc/ssl/certs/ca-certificates.crt file, Am I correct.

===========================\/===========================
$ msmtp -d --serverinfo --host=exchange.office.com --tls --tls-starttls=off --tls-certcheck=off

msmtp: cannot connect to exchange.office.com, port 465: Connection refused
host            = exchange.office.com
port            = 465
timeout         = off
protocol        = smtp
domain          = localhost
auth            = none
user            = (not set)
password        = (not set)
ntlmdomain      = (not set)
tls             = on
tls_starttls    = off
tls_trust_file  = (not set)
tls_key_file    = (not set)
tls_cert_file   = (not set)
tls_certcheck   = off
tls_force_sslv3 = off
===========================/\===========================

Thanks very mush Martin 
Regards
Sharad

On Mon, Dec 22, 2008 at 7:45 PM, Martin Lambers <marlam@...23...> wrote:

Hi!

On Mon, 22. Dec 2008, 18:41:39 +0530, Sharad Pratap wrote:
> I want to send mail from my ofice which uses a exchange server, using smtp.
> but due to it use GSSAPI or NTLM both authentications for outside mail,
> I am not able to configure msmtprc properly to send mail outside.

> <-- 250-AUTH GSSAPI NTLM LOGIN

This looks like you can manually choose the LOGIN authentication method
using "auth login" in your .msmtprc. That should work, but since you are
not using TLS, your password will be sent unencrypted over the net.

If you are using a secure VPN to connect to your company's network, that
might be acceptable. Otherwise, you could try to find out if the server
supports TLS on a different port, i.e. without STARTTLS:
msmtp --serverinfo --host=exchange --tls --tls-starttls=off --tls-certcheck=off

If this works, use "tls on", "tls_starttls off" and "tls_trustfile
/path/to/file" to use TLS.