I have a CentOS 5 box that is a web server. When it generates emails, all emails should go out through our Exchange mail server.
I believe our Exchange server requires NTLM authentication:
Code:
# telnet exchangeserv 25
Trying 10.102.14.27...
Connected to exchangeserv.domain.edu (10.102.14.27).
Escape character is '^]'.
220 ExchangeServ.domain.edu Microsoft ESMTP MAIL Service ready at Mon, 7 Mar 2011 11:49:31 -0500
ehlo webserv.domain.edu
250-ExchangeServ.domain.edu Hello [10.102.15.191]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
I set up my /etc/mail/access file as follows:
Code:
Connect:localhost.localdomain RELAY
Connect:localhost RELAY
Connect:127.0.0.1 RELAY
AuthInfo:ExchangeServ.domain.edu "U:smmsp" "I:domain\first.last" "P:password" "M:NTLM"
Then I ran
Code:
# makemap hash /etc/mail/access.db < /etc/mail/access
Then I restarted sendmail.
I am not getting authenticated though.
The message gets accepted for delivery by localhost but then when it hands the message off to the Exchange server smart relay, I see this in /var/log/maillog:
Code:
Mar 7 12:44:15 webserv sendmail[10129]: STARTTLS=client, relay=exchangeserv.domain.edu., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Mar 7 12:44:15 webserv sendmail[10129]: AUTH=client, relay=exchangeserv.domain.edu [10.102.14.27], authinfo failed
My Exchange folks told me that the userid should be in the form "domain\first.last" just like I log into our Active Directory domain. I can't find any information on how to test that I've got the correct userid format though. I've spent quite a lot of time doing searches and reading.