Hi,

yesterday a collegue passed by and told me that when
he tries to send mail via our mailserver he can't do
that. After increasing the loglevel I could watch the
smtp communication showing up with this error:

Mar 13 11:28:29 [32707]: m2DASOk7032707: <-- AUTH CRAM-MD5
Mar 13 11:28:29 [32707]: m2DASOk7032707: --- 334 PDEzMzk4MDAzOS4xNDIyMTg0NEBGcmV1bmQtSEgubmV0Pg==
Mar 13 11:28:29 [32707]: STARTTLS=read, info: fds=6/4, err=2
Mar 13 11:28:29 [32707]: m2DASOk7032707: --- 535 5.7.0 authentication failed
Mar 13 11:28:29 [32707]: m2DASOk7032707: AUTH failure (CRAM-MD5): user not found (-20) SASL(-13): user not found: no secret in database
Mar 13 11:28:29 [32707]: STARTTLS=read, info: fds=6/4, err=2
Mar 13 11:28:29 [32707]: m2DASOk7032707: <-- AUTH PLAIN "base64 encoded login data"
Mar 13 11:28:29 [32707]: m2DASOk7032707: --- 235 2.0.0 OK Authenticated

This is the same with Thunderbird on two different servers.
I mean, there should be more (at least a string with base64 encoded
login data after the AUTH CRAM-MD5 statement (first log line) just
like in the AUTH PLAIN line.

Does anyone know, what ist going wrong or how to debug deeper?

-Ingo.

On 13.03.2008 11:43, Ingo Freund wrote (please find the answer below the original text):

Well, looking here:
http://www.fehcom.de/qmail/smtpauth.html

In the line with AUTH CRAM-MD5 is no need for more data.

The answer from the server seems to be valid.

After dumping the network traffic between client and server
I can see a base64 encoded string with user and another encrypted
string sent by the client but not displayed in the sendmail log.
In the log immedeatly appears a "STARTTLS=read, info: fds=6/4, err=2"
followed by "--- 535 5.7.0 authentication failed".

The login data sent by the client seems to be right, at least
the username is correct. Is it possible to decode the part of the
password with command line utilities?

Are there any other hints?

-Ingo.