ganesh_914

[Log in to get rid of this advertisement]

Hi,

I want to configure SMTP Auth on sendmail 8.14.3/8.14.3 in fedora core 11 OS. But, my mail server with the following info is still a open relay. I want to make sure that the mail is relayed only of the user authenticates. Please help me.

My sendmail.mc has the following lines, sendmail.pem was creating by exicuting command: # make sendmail.pem. Current permissions are 600 root:root .
*****************************************
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/cacert.pem')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confAUTH_OPTIONS', `A p y')dnl
*************************************************

Following is the output of the telnetting to port 25
--------------------------------------------------------------------------------------------
250-foo.test.com Hello foo2.test.com [61.95.16.124], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
-------------------------------------------------------------

Following is the output of "sendmail -d0.1 -bv"
here sendmail is compiled with "SASLv2 " and "STARTTLS"
----------------------------------------------------------
[root@foo2 ~]# sendmail -d0.1 -bv
Version 8.14.3
Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
TCPWRAPPERS USERDB USE_LDAP_INIT
-----------------------------------------------------------------

# cat /etc/mail/local-host-names
test.com
foo2.test.com.
---------

[root@foo2 ~]# cat /etc/mail/access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
---------------------------------

[root@foo2 ~]# saslauthd -v
saslauthd 2.1.22
authentication mechanisms: getpwent kerberos4 kerberos5 pam rimap shadow ldap
--------------------------------------------

[root@foo2 ~]# rpm -q -a | grep cyrus
cyrus-sasl-2.1.22-22.fc11.i586
cyrus-sasl-plain-2.1.22-22.fc11.i586
cyrus-sasl-lib-2.1.22-22.fc11.i586
[root@foo2 ~]# rpm -q -a | grep openssl
openssl-0.9.8k-5.fc11.i686
[root@foo2 ~]# rpm -q -a | grep sendmail
sendmail-cf-8.14.3-5.fc11.i586
sendmail-8.14.3-5.fc11.i586
------------

I can ping www.yahoo.com


Regards,
Ganesh.