LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Linux Answers > Networking
User Name
Password

Notices

By SiegeX at 2004-09-07 01:58
Introduction

In case you have no idea what SMTP AUTH is good for, basically it allows you to provide relaying to people outside your trusted network by authenticating them in a secure manner. This is in contrast to an "open relay" which will allow anybody, anywhere to use your server to email whomever they want. As you can imagine, an open relay is a spammers dream as they are using YOUR precious resources to spam ten million people with your IP as the source....a very very bad thing!

As with most Internet services we must break them down into two categories: client and server. Client-side SMTP AUTH is useful when your ISP's mail server requires you to authenticate yourself in order to relay through it using SMART_HOST; if you are on DSL you probably know what I

by alvarezp on Fri, 2004-12-10 15:53
This HOWTO is excellent, but it has one problem which drove me crazy for about 4 days.

Use this line to ./configure SASL2 instead. Notice that my --with-plugindir is NOT under /usr/local/lib, but under /usr/lib.

./configure --prefix=/usr --enable-anon --enable-plain --enable-login --disable-krb4 --with-mysql \
--with-saslauthd=/var/state/saslauthd --with-openssl --with-plugindir=/usr/lib/sasl2 \
--enable-cram --enable-digest --enable-otp

Greetings to all, and congratulations --and thank you-- for the great HOWTO.

by Mig21 on Sat, 2005-01-22 23:28
i registered to these forums just so i can say thank you for the excellent article.

one thing you might want to fix is to explain where these files came from:
Quote:
installpkg sendmail-sasl-8.13.0-i486-2sub.tgz
installpkg sendmail-cf-8.13.1-noarch-1.tgz
i think you renamed them.

great job.

by alvarezp on Thu, 2005-03-17 12:11
I have a question for all of you out there.

Regarding certificates, take a look at this part:

Quote:
We are nearly done, but first we must create an SSL certificate so that STARTTLS will function. Run the following commands to first create a Certificate Authority (CA)

Code:
mkdir /etc/mail/certs
cd /etc/mail/certs
openssl req -new -x509 -keyout cakey.pem -out cacert.pem -days 1865
When prompted for the Common Name be sure to enter the FQDN of your webserver i.e. www.mywebserver.com
Now that we have our own CA lets go ahead and make a certificate and sign it.

Code:
openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 1460
Isn't the sendmail.pem certificate NOT supposed to be self-signed, but signed by the Certificate Authority?

by Mig21 on Thu, 2005-03-17 20:57
the only thing you gain if your certificate is signed by a ca is that people don't have to click 'accept certificate' when connecting.

you normally have an option to accept the certificate permanently

by serial69 on Fri, 2005-03-25 03:45
i get this error msg..what can i do wrong?

saslauthd[4724] :main : could not chdir to: /var/state/saslauthd
saslauthd[4724] :main : chdir: No such file or directory
saslauthd[4724] :main : Check to make sure the directory exists and is
saslauthd[4724] :main : writeable by the user this process runs as.

FIXED
...only to mkdir..
but i still cant relay...only if i put for example hotmail.com in /etc/mail/access then i can post to my hotmail account......
I have this in my access

localhost RELAY
192.168.1 RELAY

by xrxr on Wed, 2005-09-14 15:14
Cyrus' make ended on a segmentation fault. My server was set up by another employee and packages have been installed in fits and starts, as needed.

Since trying to compile the sasl libs also segfaulted I'm hoping that it might be due to some compiler version incompatibility.

I'm about to install the gcc gdb packages in the mad hope that it will make the problem go away. But....

Anyway, here's the error. It's the same for versions .17 through .21

gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../include I../lib -I../sasldb -I../include -I/usr/include/mysql -Wall -W -g -O2 -MT sasldb_init.lo -MD -MP -MF .deps/sasldb_init.Tpo -c sasldb_init.c -fPIC -DPIC -o sasldb_init.lo
if /bin/sh ../libtool --mode=compile gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../include -I../lib -I../sasldb -I../include -I/usr/include/mysql -Wall -W -g -O2 -MT plugin_common.lo -MD -MP -MF ".deps/plugin_common.Tpo" \
-c -o plugin_common.lo `test -f 'plugin_common.c' || echo './'`plugin_common.c; \
then mv ".deps/plugin_common.Tpo" ".deps/plugin_common.Plo"; \
else rm -f ".deps/plugin_common.Tpo"; exit 1; \
fi
gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../include -I../lib -I../sasldb -I../include -I/usr/include/mysql -Wall -W -g -O2 -MT plugin_common.lo -MD -MP -MF .deps/plugin_common.Tpo -c plugin_common.c -fPIC -DPIC -o plugin_common.lo
plugin_common.c: In function `_plug_make_prompts':
plugin_common.c:606: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <URL:http://gcc.gnu.org/bugs.html> for instructions.
make[2]: *** [plugin_common.lo] Error 1
make[2]: Leaving directory `/usr/local/src/cyrus-sasl-2.1.19/plugins'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/local/src/cyrus-sasl-2.1.19'
make: *** [all] Error 2

by Tux-Slack on Sun, 2006-11-12 15:12
i followed this howto now 4 times
and i still have the same problem
when i start sendmail
/etc/rc.d/rc.sendmail
there are no errors reported
no error in /var/log/maillog
but sendmail just doesn't run
if i try to send mail it says SMTP server down in pine
if i try to send mail from "outside" it says SMTP server refusing connection in Thunderbird
port 25 is opened with iptables, also port 465
tried both, sending without SSL and with SSL
but it doesn't work
when i run nmap localhost there is no port 25 or 465
this is my nmap:
Code:
21/tcp   open  ftp
22/tcp   open  ssh
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
113/tcp  open  auth
i removed sendmail, cyrus-sasl, even m4(don't know why i did this)
and reinstalled everything with installpkg and this howto
but there were no results

even here:
Code:
/usr/sbin/sendmail -d0.1 -bv root


In the Compiled With line make sure you see STARTTLS and SASLv2. If you do, go ahead and CTRL+C out, if you don't see both
please re-read this howto more carefully and recompile Sendmail and/or Cyrus SASLv2.
i see no compiled with
this is what happens:
Code:
root@x:/etc/rc.d# /usr/sbin/sendmail -d0.1 -bv root
root@x:/etc/rc.d#
i use slackware 10.2 and i used a newer version of sendmail 8.13.8
maybe something has changed since this is a little newer version that the one it was used in this howto?!

i tried geting sendmail to work for the last 6 hours
i just have no other ideas what to do
can you please help me?

by mollik on Mon, 2007-03-12 14:40
I am using redhat 9 and using sendmail. my local smtp address relay do'nt not work.


The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'info@digital-online.net'. Subject 'test mail', Account: 'mail.digital-online.net', Server: '172.20.20.1', Protocol: SMTP, Server Response: '550 5.1.1 <info@digital-online.net>... User unknown', Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79

by thepowah on Mon, 2007-09-17 19:42
This article is not seen as completed
It ends with "if you are on DSL you probably know what I".
Then what? Where is the whole story?

by Mig21 on Mon, 2007-09-17 19:49
I know what you'r looking at and I've no idea what it is, or how to get to the actual article from there. I have it bookmerked though: http://www.linuxquestions.org/questi...d.php?t=224543

By the way the article is wrong where it says 'you can skip down to the Client-Side SMTP AUTH + SMART_HOST section', you cannot skip the part about Sendmail.conf, as I documented here: http://littlesvr.ca/linux-stuff/arti...tpauthfail.php


  



All times are GMT -5. The time now is 11:14 AM.

Main Menu

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration