The next you want to check out these directories:
/usr/share/sendmail/cf/cf
/etc/mail
First you create your sendmail.cf file. You do not edit this file (/etc/mail/sendmail.cf) by hand rather you use one of the sendmail.mc files in this directory (/usr/share/sendmail/cf/cf). Since the sendmail.cf file is too difficult to know (edit manually) there are those mc files which does contain only those options what you need to modify in the default sednamil.cf file.
This is what you want to do:
Quote:
cd /usr/share/sendmail/cf/cf
m4 sendmail-slackware.mc > sendmail.cf
cp /usr/share/sednamil/cf/cf/sendmail.cf /etc/mail
/etc/rc.d/rc.sendmail restart
|
This is the way how you edit the configuration options in you sendmail.cf file. But there are still several things which you need to make clear before you can generate a usable config file.
Take a look into the example mc files (personally I used the sendmail-slackware-tls-sasl.mc) and find out what you need.
Several suggestions:
1. You need to know what authentication mechanism you going to use (sasl for plain authentication for example - this requires additional configuration of the saslauthd)
2. Whether you going to use encryption. In default configuration - sendmail will not allow week authentication without encryption (SASL - PLAIN, LOGIN auth) (for encryption you can use stunnel)
Here is an example sendmail-slackware.mc file:
Code:
include(`../m4/cf.m4')
VERSIONID(`SALS supporting setup for Slackware Linux')dnl
OSTYPE(`linux')dnl
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
FEATURE(`no_default_msa')dnl
EXPOSED_USER(`root')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl# Allow SASL authentication/relaying:
define(`confAUTH_OPTIONS', `A')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
LOCAL_CONFIG
When you generate the sendmail.cf file from this sendmail-slackware.mc file it should work.
NOTE: This mc file is modified and the above noted security defaults are changed. You should not use it in production environment in this form.
The lines starting with dnl# or dnl are commented out. Each option should end with dnl.
You need to enable SALS.
Quote:
mkdir /etc/sasl2
touch /etc/sasl2/Sendmail.conf
|
Put this into the Sendmail.conf file:
Quote:
pwcheck_method: saslauthd
mech_list: login plain
|
Start the saslauthd:
Quote:
chmod +x /etc/rc.d/rc.saslauthd
/etc/rc.d/rc.saslauthd start
/etc/rc.d/rc.sendmail restart
|
At this point you should be able to authenticate with sendmail.
Start up imap2 and pop3 - edit the /etc/inetd.conf file and uncomment the imap2 and pop3 lines.
Quote:
/etc/rc.d/rc.inetd restart
|
Check out what is running:
Quote:
nmap localhost
# You should see this services
25
143
110
|
And the last ones are the config files in /etc/mail - especially the access, domaintable and local-host-names.
access:
Quote:
mail.yourdomain.com RELAY
|
domaintable:
Quote:
mail.yourdomain.com yourdomain.com
|
local-host-names:
Quote:
mail.yourdomain.com
yourdomain.com
|
Run make in the /etc/mail directory and retart sendmail:
Quote:
cd /etc/mail
make
/etc/rc.d/rc.sendmail restart
|
Thats it. Now it should work.
NOTE: This is a very quick-and-dirty how-to, so if this works you should focus on security. (Configure encryption, disallow week authentication to be used without encryption, use different authentication application - not sasl, use different imap-pop3 servers and so on ....)
Good luck