LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Fedora Core 2 Mail server ssl and smtp configuration steps (https://www.linuxquestions.org/questions/linux-networking-3/fedora-core-2-mail-server-ssl-and-smtp-configuration-steps-242073/)

harish_neo 10-13-2004 05:57 AM

Fedora Core 2 Mail server ssl and smtp configuration steps
 
Hi,

I have Fedora Core 2 Linux Version installed in my computer. I have already setup to work as a mail server using sendmail and Dovecot. Kernel version: 2.6.5-1.358.

Now Iam trying to setup SSL and SMTP authentication in my computer. But iam not able to do it.

The following is wht i tried:
===================

1) I edited the /etc/mail/sendmail.mc file and uncommented the foll lines:

define(`confAUTH_OPTIONS', `A p y')dnl

TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM- MD5 LOGIN PLAIN')

2) I created a new ceritificate for sendmail using the command,

make sendmail.pem

3) I also updated the sendmail.mc file with

define(`CERT_DIR',`/usr/share/ssl/certs')
define(`confCACERT_PATH',`/usr/share/ssl/certs')
define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
define(`confCLIENT_CERT',`CERT_DIR/cert.pem')
define(`confCLIENT_KEY',`CERT_DIR/key.pem')

4) I restarted sendmail, saslauthd and xinetd services.

And when I try to send a mail using Outlook express ( Winxp m/c), it says 454 TLS Not available due to Temporary reasons.

5) I also checked /etc/pam.d/smtp file, following is the contents of the file.

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth


Can anyone help me

-Hari

scowles 10-13-2004 08:16 AM

Everything you have done looks correct. Unfortunately, I have never been able to get OE to work with TLS. If you want to test your current configuration, try using an MUA like Thunderbird on your XP box.

harish_neo 10-13-2004 08:40 AM

Hi,

Even I tried with mozilla Thunderbird, it didnt work. I am pretty positive, the way I configured my server is where the problem is. I am just trying to configure ssl in my Fedora core 2 but no luck. But why would it say TLS related error. I was having Redhat 9 before and Outlook Express was just working fine. Once again Thanks for your help. Any suggestions :-)

scowles 10-13-2004 09:48 AM

I don't know if I can add much more to what you have already posted.

The only step I had to add to what you posted was to add the user to the sasl passwd database using saslpasswd2 -c. This step confused me because I have sendmail configured to use saslauthd which is configured to use pam as the auth mechanism. Pam in turn should authenticate using its rules as you outlined in your post. Strange! But Thunderbird works correctly at this end. I get the initial warning about the CERT, but once I accept it - I get the password prompt and the email is sent.

If I could suggest, start by getting SMTP auth working first without TLS. At least you can verify the auth mechanisms are working properly before moving on to the TLS integration.

harish_neo 10-13-2004 10:46 AM

Sure,

Let me try that :-)


All times are GMT -5. The time now is 08:11 PM.