<[EMAIL PROTECTED]> writes: > Hi Simon, > I installed the heimdal package and then tried to include > kerberos-v5 support in the SASL but kerberos_v5 support is not inclueded > in the SASL build .below is the output of # ./configure > --enable-kerberos_v5
Hi. No, you don't want to use --enable-kerberos_v5, that's not the GSSAPI mechanism. The configure output looks fine: > checking if GSSAPI should be used... yes Ignore the other warnings. > I also tried with MIT kerberos package 1.6.1 > It always look for libshishi support.then I installed the shishi-0.0.35 > version and tried but I got some compilation error when the > --enable-kerberos_v5 flag is on . > without shishi kerberos_v5 support is possible in SASL? No, KERBEROS_V5 is Shishi-specific, but I don't recommend to use it. It is not standardized, and was part of an experiment. > Localhost:~/SMTP__AUTH# msmtp --version > msmtp version 1.4.14 > TLS/SSL library: none > Authentication library: GNU SASL > Supported authentication methods: > plain cram-md5 digest-md5 gssapi external login ntlm So you have GSSAPI support, so all should be fine. > But the gssappi authentication is failing.Follwing is the output of > gsasl --smtp command and msmtp --auth command > > > localhost:~# gsasl --smtp labmail.com > Trying `labmail.com'... > 220 tmail.labmail.com Microsoft ESMTP MAIL Service, Version: > 5.0.2195.6713 ready at Fri, 25 Apr 2008 15:10:12 -1000 > EHLO [127.0.0.1] > 250-tmail.labmail.com Hello [172.168.8.92] > 250-TURN > 250-ATRN > 250-SIZE > 250-ETRN > 250-PIPELINING > 250-DSN > 250-ENHANCEDSTATUSCODES > 250-8bitmime > 250-BINARYMIME > 250-CHUNKING > 250-VRFY > 250-X-EXPS GSSAPI NTLM LOGIN > 250-X-EXPS=LOGIN > 250-AUTH GSSAPI NTLM LOGIN > 250-AUTH=LOGIN > 250-X-LINK2STATE > 250-XEXCH50 > 250 OK > AUTH GSSAPI > 334 GSSAPI supported > gsasl: mechanism error: Base 64 coding error in SASL library That error is more interesting! Do you have a Kerberos ticket? Try running 'klist'. It should print your ticket. If you don't have a kerberos ticket, authentication won't work. > msmtp: GNU SASL: GSSAPI error in client while negotiating security > context in gss_init_sec_context() in SASL library. This is most likely > due insufficient credentials or malicious interactions. > msmtp: could not send mail (account default from /root/.msmtprc) This error looks consistent you didn't have a Kerberos ticket. I don't understand why you get different errors with -d and without though? Is that consistent? /Simon ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ msmtp-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/msmtp-users
