define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl

dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
define(`confAUTH_OPTIONS', `A p')dnl

-------------------------

telnet mail.iamtraining.com 25

ehlo localhost
250-mail.iamtraining.com Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP

As you see, "LOGIN PLAIN" authentication method is not included because there is no certificate bound to sendmail.

================

To enable "LOGIN PLAIN" authentication without using a certificate, the configuration must be:

define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl

dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl

=========

[root@mail ~]# telnet mail.iamtraining.com 25
Trying 127.0.0.1...
Connected to mail.iamtraining.com.
Escape character is '^]'.
220 mail.iamtraining.com ESMTP Sendmail 8.14.4/8.14.4; Mon, 1 Aug 2011 06:49:16 -0700
ehlo localhost
250-mail.iamtraining.com Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP


As seen, the "LOGIN PLAIN" is included.

dnl define(`confAUTH_OPTIONS', `A p')dnl