LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 03-07-2011, 12:49 PM   #1
lrtward
Member
 
Registered: Feb 2011
Distribution: CentOS, Ubuntu
Posts: 97

Rep: Reputation: 9
Unhappy How to set up sendmail to use Exchange server with auth NTLM as smart relay?


I have a CentOS 5 box that is a web server. When it generates emails, all emails should go out through our Exchange mail server.

I believe our Exchange server requires NTLM authentication:
Code:
# telnet exchangeserv 25
Trying 10.102.14.27...
Connected to exchangeserv.domain.edu (10.102.14.27).
Escape character is '^]'.
220 ExchangeServ.domain.edu Microsoft ESMTP MAIL Service ready at Mon, 7 Mar 2011 11:49:31 -0500
ehlo webserv.domain.edu
250-ExchangeServ.domain.edu Hello [10.102.15.191]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
I set up my /etc/mail/access file as follows:
Code:
Connect:localhost.localdomain           RELAY
Connect:localhost                       RELAY
Connect:127.0.0.1                       RELAY

AuthInfo:ExchangeServ.domain.edu "U:smmsp" "I:domain\first.last" "P:password" "M:NTLM"
Then I ran
Code:
# makemap hash /etc/mail/access.db < /etc/mail/access
Then I restarted sendmail.

I am not getting authenticated though.

The message gets accepted for delivery by localhost but then when it hands the message off to the Exchange server smart relay, I see this in /var/log/maillog:
Code:
Mar  7 12:44:15 webserv sendmail[10129]: STARTTLS=client, relay=exchangeserv.domain.edu., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Mar  7 12:44:15 webserv sendmail[10129]: AUTH=client, relay=exchangeserv.domain.edu [10.102.14.27], authinfo failed
My Exchange folks told me that the userid should be in the form "domain\first.last" just like I log into our Active Directory domain. I can't find any information on how to test that I've got the correct userid format though. I've spent quite a lot of time doing searches and reading.

Last edited by lrtward; 03-07-2011 at 12:50 PM.
 
Old 04-21-2011, 12:14 PM   #2
lrtward
Member
 
Registered: Feb 2011
Distribution: CentOS, Ubuntu
Posts: 97

Original Poster
Rep: Reputation: 9
Well, as it turns out my Exchange folks were wrong.
Our Exchange server did NOT require authentication, they just needed to set up their server so that my IP was allowed to relay through.

Figured I'd post the solution in case any other poor soul stumbled upon this as a result of a search.
 
Old 06-05-2012, 08:27 PM   #3
viktor1985
LQ Newbie
 
Registered: Jun 2012
Location: Mexico
Distribution: Fedora , Red Hat 4.6
Posts: 11

Rep: Reputation: Disabled
Quote:
Originally Posted by lrtward View Post
Well, as it turns out my Exchange folks were wrong.
Our Exchange server did NOT require authentication, they just needed to set up their server so that my IP was allowed to relay through.

Figured I'd post the solution in case any other poor soul stumbled upon this as a result of a search.
Hello

Could you please be more explicit how was your solution.

I have a red hat 4.6 server, running a perl , that in case of failure sends an email through a exchange server (this supports NTLM authentication). How Can I implement this authentication ?

echo "something" | mailx -s "subject" personal@mail.com

mailx: invalid option -- S
Usage: mailx [-BFintv~] [-s subject] [-a attachment] [-c cc-addr] [-b bcc-addr] [-r from-addr] [-h hops] [-R reply-addr] to-addr ...
[- sendmail-options ...]
mailx [-BeHiInNv~] [-T name] -f [name]
mailx [-BeinNv~] [-u user]


But no mail is sent. The guys in charge of email server says that it accepts anonymus connections.



Code:
ndsis01ven:~ # telnet 172.22.95.125 25
Trying 172.22.95.125...
Connected to 172.22.95.125.
Escape character is '^]'.
220 WEXHUB.telcel.com.co Microsoft ESMTP MAIL Service ready at Fri, 1 Jun 2012 14:12:45 -0500
ehlo
250-WEXHUB.telcel.com.co Hello [10.159.229.60]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
Any clue would be very very appreciated.

Thanks in advance.
 
Old 06-21-2012, 10:44 AM   #4
lrtward
Member
 
Registered: Feb 2011
Distribution: CentOS, Ubuntu
Posts: 97

Original Poster
Rep: Reputation: 9
What shows up in your /var/log/maillog when you try to send the email?
 
Old 06-21-2012, 12:41 PM   #5
viktor1985
LQ Newbie
 
Registered: Jun 2012
Location: Mexico
Distribution: Fedora , Red Hat 4.6
Posts: 11

Rep: Reputation: Disabled
Quote:
Originally Posted by lrtward View Post
What shows up in your /var/log/maillog when you try to send the email?
Hello


Code:
Jun 19 11:08:51 ndsis01ven postfix/smtp[13137]: warning: SASL authentication failure: No worthy mechs found
Jun 19 11:08:51 ndsis01ven postfix/smtp[13137]: 57486208160: to=<someone@something.com>, relay=170.20.80.120[170.20.80.120], delay=330121, status=deferred (Authentication failed: cannot SASL authenticate to server 170.20.80.120[170.20.80.120]: no mechanism available)
The guys of Exchange Server had told me a few days ago, they don't allow anonymous connection and gave me a user and password.

I have already rebuild the new sasl_passwd (sasl_passwd.db) file with the user and pass.

What Am I missing ?

Thanks in advance.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SENDMAIL]relay only to auth users if FROM: user@mydom and no relay for staff@mydom damien235 Linux - Server 0 02-23-2011 09:35 AM
Setting up sendmail to relay to exchange server raymwu Linux - Server 4 10-29-2010 10:28 AM
How to set up Squid to accept NTLM challenge/responce auth Norman.Maina Linux - Newbie 2 04-28-2010 03:24 PM
configure sendmail to relay mail to exchange server goldwing Red Hat 3 10-18-2008 05:07 PM
Using Sendmail to relay all mail to my Exchange Server TimothyBoggess Linux - Newbie 7 05-01-2007 04:32 AM


All times are GMT -5. The time now is 11:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration