Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I can't figure out how to be able to send mails using sendmail. I've a dovecot/sendmail installation and I can recieve mails OK but when I try to send mail I get the error message "Relaying denied. Proper authentication required."
Example from maillog:
Oct 2 18:10:08 localhost sendmail: l92GA4UC002196: ruleset=check_rcpt, arg1=<email@example.com>, relay=rl-nvt-kaxx.xxxxxx.xxx [000.000.000.000], reject= 550 5.7.1 <firstname.lastname@example.org>... Relaying denied. Proper authentication required .
Oct 2 18:10:08 localhost sendmail: l92GA4UC002196: from=<email@example.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=rl-nvt-kaxx.xxxxxx.xxx [000.000.000.000]
Here is my sendmail.mc:
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl # make -C /etc/mail
VERSIONID(`setup for linux')dnl
dnl # Do not advertize sendmail version.
dnl define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
dnl # default logging level is 9, you might want to set it higher to
dnl # debug the configuration
dnl define(`confLOG_LEVEL', `9')dnl
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl # Please remember that saslauthd needs to be running for AUTH.
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl # cd /usr/share/ssl/certs; make sendmail.pem
dnl # Complete usage:
dnl # make -C /usr/share/ssl/certs usage
dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl define(`confDONT_BLAME_SENDMAIL', `groupreadablekeyfile')dnl
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
dnl # The following limits the number of processes sendmail can fork to accept
dnl # incoming messages or process its message queues to 20.) sendmail refuses
dnl # to accept connections once it has reached its quota of child processes.
dnl define(`confMAX_DAEMON_CHILDREN', `20')dnl
dnl # Limits the number of new connections per second. This caps the overhead
dnl # incurred due to forking new sendmail processes. May be useful against
dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address
dnl # limit would be useful but is not available as an option at this writing.)
dnl define(`confCONNECTION_RATE_THROTTLE', `3')dnl
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment
dnl # the following 2 definitions and activate below in the MAILER section the
dnl # cyrusv2 mailer.
dnl define(`confLOCAL_MAILER', `cyrusv2')dnl
dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl # For this to work your OpenSSL certificates must be configured.
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl # enable both ipv6 and ipv4 in sendmail:
dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl # masquerade not just the headers, but the envelope as well
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
Here is my local-host-names:
Here is my relay-domains:
mydomain.com is actually my real domain, and the "xxxx.." parts of the IPs and mail addresses has just been changed for this thread. I really need help to solve this, I can't figure out why the server just gives me that error message regardless of what I do.. Please help!
How is your firewall configured? Can you just send over port 25 without client authentication? At one point a year ago, we went from the ability to send to our server to having to have client access. I built that into sendmail's config using a kind of shim. Of course, for all root/cron mail being sent from our Linux systems, my email id is the sender, but that's a small price to pay.
most likely the authentification mode configuration problem. Do you want plain auth mode? So that your SMTP will validate the user/password before sending email. You have to check the this option in your mail client software.