LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 12-15-2008, 10:41 PM   #1
hebblethwaite
LQ Newbie
 
Registered: Oct 2007
Posts: 6

Rep: Reputation: 0
Sendmail.mc entry for Smart Host on different port


Hi all, I use Scalix for email and point outbound SMTP connections to that of my ISP. The ISP recently started blocking 25, annoying lots of people of course.

Can anyone tell me how to modify the entry for the smart host server so that I can point to port 587 and also authenticate appropriately?

thanks

kh
 
Old 12-20-2008, 11:40 PM   #2
mackdav
Member
 
Registered: Feb 2005
Distribution: RHEL, CentOS
Posts: 113

Rep: Reputation: 16
In your /etc/mail/sendmail.mc, try:

Code:
define(`SMART_HOST',`relay:your.relay.system.com')dnl
define(`RELAY_MAILER',`esmtp')dnl
define(`RELAY_MAILER_ARGS', `TPC $h 587')dnl
This ensures that you use the relay mailer when talking to your smarthost (which for some reason isn't the default with Fedora Core 3), that you use esmtp when talking to your smarthost (possibly unneccessary), and overrides the 'RELAY' mailer defaults to connect on port 587.

(Note for googlers: if you ARE trying to relay through port 587, you probably want to use SMTP AUTH with it, here's how you do that: http://wiki.xdroop.com/space/sendmai...+a+smart+relay)

Last edited by mackdav; 12-20-2008 at 11:42 PM. Reason: changed web plug to be something more useful.
 
1 members found this post helpful.
Old 12-22-2008, 11:01 PM   #3
hebblethwaite
LQ Newbie
 
Registered: Oct 2007
Posts: 6

Original Poster
Rep: Reputation: 0
mackdav,

well, I'm very close. Here's the log from the relay:

Dec 22 23:52:40 lenny sendmail[30226]: STARTTLS=client, relay=smtp.isp.net, version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Dec 22 23:52:40 lenny sendmail[30226]: mBN4qdfG030223: to=<"recipient">, delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=122750, relay=smtp.isp.net [xx.xx.xx.xx], dsn=5.0.0, stat=Service unavailable

I'm guessing the "verify=FAIL" is the problem. ISP seems to want to use TLS/SSL. Need a little help turning that on in sendmail.

kh
 
Old 12-23-2008, 07:55 AM   #4
mackdav
Member
 
Registered: Feb 2005
Distribution: RHEL, CentOS
Posts: 113

Rep: Reputation: 16
Nope, the way I read that the TLS session got set up -- verify=FAIL means something else. (Don't know what, though -- I think it means that the certs used to set up TLS were not externally verified.)

Usually "Service Unavailable" means that the receiving system won't relay for "<recipient>". Are you trying to relay through this system, or is it the destination?

Are you doing the SMTP-AUTH bit as well?
 
Old 12-23-2008, 10:21 PM   #5
hebblethwaite
LQ Newbie
 
Registered: Oct 2007
Posts: 6

Original Poster
Rep: Reputation: 0
I'm trying to relay through this system (my ISP) from my email server, which worked previously on standard port 25 with the simple line in .mc:

define(`SMART_HOST',`smtp.comcast.net')dnl

Of course now they've blocked 25; here is the current AUTH section:

dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl # Please remember that saslauthd needs to be running for AUTH.
dnl #
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl # cd /usr/share/ssl/certs; make sendmail.pem
dnl # Complete usage:
dnl # make -C /usr/share/ssl/certs usage
dnl #
dnl define(`confCACERT_PATH',`/etc/pki/tls/certs')
dnl define(`confCACERT',`/etc/pki/tls/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/etc/pki/tls/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/etc/pki/tls/certs/sendmail.pem')
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`authinfo',`hash -o /etc/mail/authinfo.db')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
-----------------------------------------------------------------
1. Is the first section talking about AUTH for mail client connections?
2. Are the FEATURE lines setup right?

Here is my current authinfo.db:

AuthInfo:smtp.comcast.net "U:<username>" "P:<password>" "M:PLAIN"

1. Pretty sure I need to change the M parameter.

Thanks again!

kh
 
Old 12-24-2008, 11:07 AM   #6
mackdav
Member
 
Registered: Feb 2005
Distribution: RHEL, CentOS
Posts: 113

Rep: Reputation: 16
Mine is DIGEST-MD5.

I think there is a way to ask the remote server what it will do.
 
Old 06-10-2010, 09:37 AM   #7
rgheck
LQ Newbie
 
Registered: Dec 2003
Distribution: Fedora Core 3
Posts: 29

Rep: Reputation: 15
Had this same problem. The "M:PLAIN" was what worked for me, on smtp.comcast.net. They stopped using encryped authentication a bit ago, which caused problems on all my machines.
 
  


Reply

Tags
relay, sendmail, smtpauth


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Sendmail Scondary MX and SMART HOST muralee29477 Linux - Networking 3 04-09-2008 04:32 PM
Sendmail--Smart host entry not working dhanju Linux - Server 1 03-19-2008 08:09 AM
how to configure sendmail as smart host cksoo Linux - Enterprise 2 01-16-2006 01:43 PM
sendmail and isp smart host adafos Linux - Networking 3 09-22-2004 08:41 AM
configuring sendmail with smart host zapperabhi Linux - Software 2 01-07-2004 03:24 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 06:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration