LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Sendmail authentication for SMART_HOST relay (https://www.linuxquestions.org/questions/linux-software-2/sendmail-authentication-for-smart_host-relay-354488/)

cdhgee 08-18-2005 04:48 AM
Sendmail authentication for SMART_HOST relay
 
I'm trying to configure sendmail to send e-mail through my ISP's SMTP gateway. I've found the SMART_HOST directive in /etc/mail/sendmail.mc and set it thus:

Code:
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
define(`SMART_HOST',`smtp.my.isp.com')
This works when I connect when I am actually dialed up to my ISP. However I occasionally dial into work and when I do I can't send e-mails via my ISP's smtp gateway any more because it rejects it.

I believe the problem will be resolved if I can turn on SMTP authentication when sendmail forwards e-mail using the SMART_HOST directive, but I can't see how to do that. Can anyone point me in the right direction?

Pete M 08-18-2005 02:04 PM
cdhgee

Depends what version of sendmail you are using

Before sendmail-8.12

Add to sendmail.mc
Code:
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
Create directories and files
Code:
#cd /etc/mail
#mkdir auth
#chmod 700 auth
#cd auth
#touch client-info
Insert into client-info
Code:
AuthInfo:your.isp.net "U:smmsp" "I:user" "P:password"
Use your ISP, leave "U:smmsp" as is, insert your user and password

Then
Code:
# makemap hash client-info < client-info
Set permissions
Code:
# chmod 644 client-info
# chmod 640 client-info.db
Which should look like

Code:
auth# ls -a -l
total 24
drwx------  2 root  root  4096 Aug  5 22:23 .
drwxr-xr-x  4 root  root  4096 Aug  5 22:24 ..
-rw-r--r--  1 root  root    65 Aug  5 22:23 client-info
-rw-r-----  1 smmsp root 12288 Aug  5 22:23 client-info.db
Make sendmail.cf from sendmail.mc, restart sendmail

As of sendmail-8.12 "authinfo" is built into sendmail.cf so all you have to do is add your "AuthInfo" statement to /etc/mail/access

Insert into /etc/mail/access

Code:
AuthInfo:your.isp.net "U:smmsp" "I:user" "P:password"
Use your ISP, leave "U:smmsp" as is, insert your user and password

Then
Code:
# makemap hash /etc/mail/access.db < /etc/mail/access
Restart sendmail

Hope it helps

Pete

diven 09-01-2005 06:58 PM
I'm trying to do something similar. Is it possible to encrypt the password in the /etc/mail/access file? (edit: so that someone browsing the file can't read it)

Sorry major newb! :newbie:

tonyfreeman 09-01-2005 07:10 PM
No ... That's why the poster had you (the root user) change the permission on the auth folder to 700

Code:
#chmod 700 auth
This means that the root user has full permission to access this directory and everyone else will be rejected.

-- Tony

diven 09-01-2005 07:22 PM
sorry I was refering to method 2: using sendmail 8.12 or greater. Which doesn't say anything about chmoding the /etc/mail/access file. Since access must be built into a database I suppose I might be able to simply change the password to something else after the database is mapped. But that could cause a problem if someone else maps the database without changing the access file. I guess just chmodding that file is best.

Thanks.

diven 09-07-2005 05:22 PM
Sorry, I'm still having problems.
I'm running sendmail on Fedora Core 2, the version is 8.12.11-4.6 for i386.

I added the line:
Code:
AuthInfo:smtp.domain.com "U:smmsp" "I:user" "P:password"
I've tried using both username and username@domain.com for Identity field. Used username in this example.
I make the access.db map and restart sendmail like so:
Code:
[root@localhost mail]# makemap hash /etc/mail/access.db < /etc/mail/access
[root@localhost mail]# /etc/init.d/sendmail restart
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                  [  OK  ]
Starting sendmail:                                        [  OK  ]
Starting sm-client:                                        [  OK  ]
Then I tested out sendmail using the following mail command:
Code:
[root@localhost mail]# mail -s "test" recipient@domain.com
this is a test
Cc:
Which resulted in me receiving this returned message:
Code:
From MAILER-DAEMON@localhost.localdomain  Wed Sep  7 14:47:24 2005
Return-Path: <MAILER-DAEMON@localhost.localdomain>
Received: from localhost (localhost)
        by localhost.localdomain (8.12.11/8.12.11) id j87LlOLB006159;
        Wed, 7 Sep 2005 14:47:24 -0700
Date: Wed, 7 Sep 2005 14:47:24 -0700
From: Mail Delivery Subsystem <MAILER-DAEMON@localhost.localdomain>
Message-Id: <200509072147.j87LlOLB006159@localhost.localdomain>
To: <root@localhost.localdomain>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
        boundary="j87LlOLB006159.1126129644/localhost.localdomain"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
Status: RO
Content-Length: 1808
Lines: 49

This is a MIME-encapsulated message

--j87LlOLB006159.1126129644/localhost.localdomain

The original message was received at Wed, 7 Sep 2005 14:47:24 -0700
from localhost.localdomain [127.0.0.1]

  ----- The following addresses had permanent fatal errors -----
<recipient@domain.com>
    (reason: 572 root@localhost.localdomain host name is unknown)

  ----- Transcript of session follows -----
... while talking to mail.server.address.com.:
>>> MAIL From:<root@localhost.localdomain> SIZE=379
<<< 572 root@localhost.localdomain host name is unknown
554 5.0.0 Service unavailable

--j87LlOLB006159.1126129644/localhost.localdomain
Content-Type: message/delivery-status

Reporting-MTA: dns; localhost.localdomain
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Wed, 7 Sep 2005 14:47:24 -0700

Final-Recipient: RFC822; recipient@domain.com
Action: failed
Status: 5.0.0
Diagnostic-Code: SMTP; 572 root@localhost.localdomain host name is unknown
Last-Attempt-Date: Wed, 7 Sep 2005 14:47:24 -0700

--j87LlOLB006159.1126129644/localhost.localdomain
Content-Type: message/rfc822

Return-Path: <root@localhost.localdomain>
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
        by localhost.localdomain (8.12.11/8.12.11) with ESMTP id j87LlOLB006157
        for <recipient@domain.com>; Wed, 7 Sep 2005 14:47:24 -0700
Received: (from root@localhost)
        by localhost.localdomain (8.12.11/8.12.11/Submit) id j87LlOWs006156
        for recipient@domain.com; Wed, 7 Sep 2005 14:47:24 -0700
Date: Wed, 7 Sep 2005 14:47:24 -0700
From: root <root@localhost.localdomain>
Message-Id: <200509072147.j87LlOWs006156@localhost.localdomain>
To: recipient@domain.com
Subject: test

this is a test

--j87LlOLB006159.1126129644/localhost.localdomain--
I also thought that perhaps the SMART_HOST line from sendmail.mc had to be changed as the original poster did. (This is actually what I tried first). This method results in no returned message.. but the message doesn't get through either. I have also tried different adding thing for Realm and Mechanism tokens but still get a similar return message. I will try the method listed here http://www.sendmail.org/~ca/email/auth.html#smtpclient which is basically Pete M's method for pre 8.12 with a couple additions to the sendmail.mc file. I will also perhaps try another smtp server I have to see if results are different.

diven 09-07-2005 07:18 PM
I get a message back when I use the other smtp server with smart host.

Here is the reply:
Code:
From MAILER-DAEMON@localhost.localdomain  Wed Sep  7 16:12:16 2005
Return-Path: <MAILER-DAEMON@localhost.localdomain>
Received: from localhost (localhost)
        by localhost.localdomain (8.12.11/8.12.11) id j87NCGGb006488;
        Wed, 7 Sep 2005 16:12:16 -0700
Date: Wed, 7 Sep 2005 16:12:16 -0700
From: Mail Delivery Subsystem <MAILER-DAEMON@localhost.localdomain>
Message-Id: <200509072312.j87NCGGb006488@localhost.localdomain>
To: <root@localhost.localdomain>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
        boundary="j87NCGGb006488.1126134736/localhost.localdomain"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
Status: RO
Content-Length: 1767
Lines: 49

This is a MIME-encapsulated message

--j87NCGGb006488.1126134736/localhost.localdomain

The original message was received at Wed, 7 Sep 2005 16:12:16 -0700
from localhost.localdomain [127.0.0.1]

  ----- The following addresses had permanent fatal errors -----
<recipient@domain.com>
    (reason: 553 localhost.localdomain does not exist)

  ----- Transcript of session follows -----
... while talking to smtp.new-domain.net:
>>> MAIL From:<root@localhost.localdomain> SIZE=388
<<< 553 localhost.localdomain does not exist
501 5.6.0 Data format error

--j87NCGGb006488.1126134736/localhost.localdomain
Content-Type: message/delivery-status

Reporting-MTA: dns; localhost.localdomain
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Wed, 7 Sep 2005 16:12:16 -0700

Final-Recipient: RFC822; recipient@domain.com
Action: failed
Status: 5.1.3
Diagnostic-Code: SMTP; 553 localhost.localdomain does not exist
Last-Attempt-Date: Wed, 7 Sep 2005 16:12:16 -0700

--j87NCGGb006488.1126134736/localhost.localdomain
Content-Type: message/rfc822

Return-Path: <root@localhost.localdomain>
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
        by localhost.localdomain (8.12.11/8.12.11) with ESMTP id j87NCGGb006486
        for <recipient@domain.com>; Wed, 7 Sep 2005 16:12:16 -0700
Received: (from root@localhost)
        by localhost.localdomain (8.12.11/8.12.11/Submit) id j87NCGoG006485
        for recipient@domain.com; Wed, 7 Sep 2005 16:12:16 -0700
Date: Wed, 7 Sep 2005 16:12:16 -0700
From: root <root@localhost.localdomain>
Message-Id: <200509072312.j87NCGoG006485@localhost.localdomain>
To: recipient@domain.com
Subject: the subject

the message body

--j87NCGGb006488.1126134736/localhost.localdomain--
The ----- Transcript of session follows ----- section differs as the ...while talking to address is now the smtp server instead of the receiving mail server. This actually kind of makes sense. But why am I still being identified as root@localhost.localdomain.

gda2004 05-24-2011 10:15 AM
Solution ?
 
Has anyone got a solution that works for this as I am having the very same issue I have done a lot of searching on the net and nothing is comming up. I have looked at the sendmail man pages I came away more confused.

Cheers,

GDA2004

janduy 04-18-2017 02:14 PM
Authentication SMTP Relay
 
Quote:
Originally Posted by Pete M (Post 1807291)
cdhgee

Depends what version of sendmail you are using

Before sendmail-8.12

Add to sendmail.mc
Code:
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
Create directories and files
Code:
#cd /etc/mail
#mkdir auth
#chmod 700 auth
#cd auth
#touch client-info
Insert into client-info
Code:
AuthInfo:your.isp.net "U:smmsp" "I:user" "P:password"
Use your ISP, leave "U:smmsp" as is, insert your user and password

Then
Code:
# makemap hash client-info < client-info
Set permissions
Code:
# chmod 644 client-info
# chmod 640 client-info.db
Which should look like

Code:
auth# ls -a -l
total 24
drwx------  2 root  root  4096 Aug  5 22:23 .
drwxr-xr-x  4 root  root  4096 Aug  5 22:24 ..
-rw-r--r--  1 root  root    65 Aug  5 22:23 client-info
-rw-r-----  1 smmsp root 12288 Aug  5 22:23 client-info.db
Make sendmail.cf from sendmail.mc, restart sendmail

As of sendmail-8.12 "authinfo" is built into sendmail.cf so all you have to do is add your "AuthInfo" statement to /etc/mail/access

Insert into /etc/mail/access

Code:
AuthInfo:your.isp.net "U:smmsp" "I:user" "P:password"
Use your ISP, leave "U:smmsp" as is, insert your user and password

Then
Code:
# makemap hash /etc/mail/access.db < /etc/mail/access
Restart sendmail

Hope it helps

Pete
Hello PeterM, I am configuring this authentication in my sendmail (8.14.4) but when running it generates some authentication errors como "Deferred: Temporary AUTH failure

Log:
Br. [X.X.X.X], dsn = 4.0.0, stat = Deferred: Temporary AUTH failure
Apr 18 16:00:36 meuservidor-pc sendmail [7907]: starting daemon (8.14.4): SMTP + queueing @ 01: 00: 00
Apr 18 16:00:36 meuservidor-pc sendmail [7908]: v3IIX78T006476: AUTH = client, available mechanisms do not fulfill requirements
Apr 18 16:00:36 meuservidor-pc sendmail [7908]: AUTH = client, relay = meuservidor.com.br., Temporary failure, connection abort
Apr 18 16:00:36 meuservidor-pc sm-msp-queue [7916]: starting daemon (8.14.4): queueing @ 01: 00: 00
Apr 18 16:00:36 meuservidor-pc sendmail [7908]: v3IIX78T006476: to = <jsilva@server.com.br>, delay = 00: 26: 58, xdelay = 00: 00: 00, mailer = relay, pri = 840006, relay = meuservidor.com.br. [X.X.X.X], dsn = 4.0.0, stat = Deferred: Temporary AUTH failure".

Can you help me? please!


All times are GMT -5. The time now is 04:52 PM.