Android and sendmail

And you probably read in my last post … I had a problem getting mail setup my new Android phone.

I could receive mail fine … but it failed (with a totally useless message) whenever I tried to send mail.  I was sure I had the settings right (userid, password, ssl, etc).

I have my mail server configured to do authenticated sending (as all good mail server admin’s should) … but for some reason the authentication wasn’t working correctly.

I tried various setting combinations to see what might be the problem … I verified the settings with my iPhone and Thunderbird.  Everything matched up.

I checked the logs on my mail server and saw some odd errors …

Aug  5 20:01:53 rivendell sendmail[31534]: p7611rkF031534: [192.168.1.178] did n
ot issue MAIL/EXPN/VRFY/ETRN during connection to internal-msa-smtps

so I bumped up the logging level up on sendmail to see what if I could get any more information …

define(`confLOG_LEVEL’,`14′)

… and tried sending again … and saw something VERY interesting …

Aug  5 22:07:54 rivendell sendmail[11409]: p7637rkt011409: AUTH failure (CRAM-MD
5): user not found (-20) SASL(-13): user not found: no secret in database

… well, that indicated that it was trying to use the CRAM-MD5 authentication mechanism in sendmail … which I have never actually setup or used.

So I checked the sendmail.mc again and saw that the authentication mechanism’s setup did indeed include CRAM-MD5 (and DIGEST-MD5).

TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN’)
define(`confAUTH_MECHANISMS’, `DIGEST-MD5 CRAM-MD5 LOGIN’)

So I disabled the two MD5 authentication mechanism’s …

TRUST_AUTH_MECH(`LOGIN’)
define(`confAUTH_MECHANISMS’, `LOGIN’)

… and tried to send again.  It worked!

Of course it would probably be better to use some variation on MD5 credentials for authentication … but that’s a project for another day.

2 thoughts on “Android and sendmail

  1. Larry "DrFranken" Bolhuis

    Having just set up my new Android phone on Friday I do feel your pain. My outbound mail also was frustrating to set up as I authenticate to Communigate via a Barracuda unit. Getting the combination of TLS and port number etc took many tries. I also found messages in the Communigate logs similar to yours as I fought through the issues. Luckily the Barracuda does much of the security stuff in this configuration.

    Reply

Leave a Reply to Sean Cancel reply

Your email address will not be published. Required fields are marked *