I have a CentOS 6.4 installation running Sendmail, and after some serious hair tear stare and compare I'm a bit stumped. When I connect to the server either with telnet or SSL, sendmail is not presenting the AUTH capability after an EHLO. Everything looks like it should be working, but no amount of tweaking is getting the AUTH capability advertised (and it doesn't work if you just try it anyway).
Here's the config bits from sendmail.mc--
define(`confAUTH_OPTIONS', `A p')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
Note: Also tried
define(`confAUTH_OPTIONS', `A')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
just to keep things simple.
saslauthd is running, and configured--/etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
MECH=pam
FLAGS=
/etc/sasl2/Sendmail.conf contains--
pwcheck_method:saslauthd
/etc/pam.d/smtp contains--
#%PAM-1.0
auth include password-auth
account include password-auth
But when I do "openssl s_client -starttls smtp -connect localhost:587" I don't get any AUTH capability--
ehlo localhost
250-pennzoil.gizmopartners.com Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-DELIVERBY
250 HELP
quit
All the certs are built, and if I connect via telnet, the server does advertise STARTTLS. So anyone able to point out the obvious or not so obvious config mistakes?