Sendmail Auth + Relay

Poetics · 08-30-2009, 02:16 AM

I'm currently running a Slackware 13.0 server configured with Sendmail 8.14.3 and Dovecot 1.1.15. So far I have users able to authenticate and check mail, move messages betwixt folders, and send to other users on the domain.

Unfortunately, I am as of yet unable to have these users send mail to other domains, even after authenticating (IMAP is the preferred protocol). I've seen a lot of how-to's, especially here on LQ (and in the Slackware forum specifically), but have been unable to replicate others' success, save for exposing myself as an open relay (which is certainly not optimal by any stretch of the imagination).

Below is a selection from my primary configuration cf file:

Code:

include(`../m4/cf.m4')                                                  
VERSIONID(`Poetics setup for Slackware Linux')dnl                       
OSTYPE(`linux')dnl                                                      
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun,goaway')dnl
define(`SMART_HOST',`mail.myisp.net')dnl                                        
define(`confTO_IDENT', `0')dnl                                                  
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl             
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl                           
define(`confCACERT_PATH', `/etc/mail/certs')dnl                                 
define(`confCACERT', `/etc/mail/certs/cacert.pem')dnl                           
define(`confSERVER_CERT', `/etc/mail/certs/sendmail.pem')dnl                    
define(`confSERVER_KEY', `/etc/mail/certs/sendmail.pem')dnl                     
define(`confCLIENT_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confAUTH_OPTIONS', `A p y')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
EXPOSED_USER(`root')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl

My end-goal is to not allow unauthenticated users any access, but to allow those who have accounts access to send mail to anyone they'd like. I'm not sure if the smart host forwards in the case of other permission denials, but it is currently not working as I would expect either.

Thanks in advance for any ideas you can send my way -- this is my first foray into Sendmail and I'm certainly enjoying how powerful it is, but will be much happier when it's up and running.

kbp · 08-31-2009, 08:31 AM

Hi Poetics,

This is not really assistance but have you tried postfix ? .. its a drop-in replacement for sendmail and its tons easier to configure

my2c

cheers

Poetics · 08-31-2009, 10:08 AM

I've used Postfix in the past, and am in fact more familiar with postfix, but sendmail is both something I need to learn how to use/configure, and a requirement for this project quoth managers on-high

mjsurette · 08-31-2009, 06:09 PM

Your symptoms indicate that authentication isn't happening. Local mail is always delivered, no matter who sends it, even unauthenticated local users.

I assume that you're using sasl authentication. Do you have cyrus-sasl installed and configured?

Mike