Roaming users & SMTP_AUTH
Hello,
I have setup my mail server(RH Linux 8.0, sendmail 8.11.6). Roaming users are not able to send their mails using this Mail server. So I'm thinking of configurring SMTP_AUTH.
So can any one assist me to configure that? Or any other simple solution to resolve my problem?
Thx,
Raja.
I have setup my mail server(RH Linux 8.0, sendmail 8.11.6). Roaming users are not able to send their mails using this Mail server. So I'm thinking of configurring SMTP_AUTH.
So can any one assist me to configure that? Or any other simple solution to resolve my problem?
Thx,
Raja.
ASKER
Hi jlevie,
Thanks alot for giving reply to me.
The sendmai I'm using is sendamail-8.11.6.
And info I'm getting when I give the command...
#sendmail -d0.1 -bv root |grep SASL
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS QUEUE SASL SCANF
The lines you said in the previous Answer are already uncommented. Following is my sendmail.mc for your reference.
**************************
divert(-1)
dnl This is the sendmail macro config file. If you make changes to this file,
dnl you need the sendmail-cf rpm installed and then have to generate a
dnl new /etc/sendmail.cf by running the following command:
dnl
dnl m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
dnl
include(`/usr/share/sendma
VERSIONID(`linux setup for Red Hat Linux')dnl
OSTYPE(`linux')
define(`confDEF_USER_ID',`
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dn
define(`confAUTO_REBUILD')
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LI
define(`confDONT_PROBE_INT
define(`PROCMAIL_MAILER_PA
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS'
define(`confAUTH_OPTIONS',
define(`MASQUERADE_AS', `myhostname')dnl
dnl TRUST_AUTH_MECH(`DIGEST-MD
dnl define(`confAUTH_MECHANISM
dnl define(`confTO_QUEUEWARN',
dnl define(`confTO_QUEUERETURN
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa',`
FEATURE(`smrsh',`/usr/sbin
FEATURE(`mailertable',`has
FEATURE(`virtusertable',`h
FEATURE(redirect)dnl
FEATURE(always_add_domain)
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',
FEATURE(`access_db',`hash -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipie
dnl FEATURE(`masquerade_entire
dnl FEATURE(`masquerade_envelo
dnl FEATURE(`promiscuous_relay
EXPOSED_USER(`root')dnl
dnl This changes sendmail to only listen on the loopback device 127.0.0.1
dnl and not on any other network devices. Comment this out if you want
dnl to accept email over the network.
dnl DAEMON_OPTIONS(`Port=smtp,
dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl a kernel patch
dnl DAEMON_OPTIONS(`port=smtp,
dnl yourself from spam. However, the laptop and users on computers that do
dnl not have 24x7 DNS do need this.
FEATURE(`accept_unresolvab
dnl FEATURE(`relay_based_on_MX
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl Cwlocalhost.localdomain
**************************
Still I'm not able to send the mails(not relaying)
Thanks for your Support.
Regards,
Raja.
Thanks alot for giving reply to me.
The sendmai I'm using is sendamail-8.11.6.
And info I'm getting when I give the command...
#sendmail -d0.1 -bv root |grep SASL
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS QUEUE SASL SCANF
The lines you said in the previous Answer are already uncommented. Following is my sendmail.mc for your reference.
**************************
divert(-1)
dnl This is the sendmail macro config file. If you make changes to this file,
dnl you need the sendmail-cf rpm installed and then have to generate a
dnl new /etc/sendmail.cf by running the following command:
dnl
dnl m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
dnl
include(`/usr/share/sendma
VERSIONID(`linux setup for Red Hat Linux')dnl
OSTYPE(`linux')
define(`confDEF_USER_ID',`
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dn
define(`confAUTO_REBUILD')
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LI
define(`confDONT_PROBE_INT
define(`PROCMAIL_MAILER_PA
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS'
define(`confAUTH_OPTIONS',
define(`MASQUERADE_AS', `myhostname')dnl
dnl TRUST_AUTH_MECH(`DIGEST-MD
dnl define(`confAUTH_MECHANISM
dnl define(`confTO_QUEUEWARN',
dnl define(`confTO_QUEUERETURN
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa',`
FEATURE(`smrsh',`/usr/sbin
FEATURE(`mailertable',`has
FEATURE(`virtusertable',`h
FEATURE(redirect)dnl
FEATURE(always_add_domain)
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',
FEATURE(`access_db',`hash -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipie
dnl FEATURE(`masquerade_entire
dnl FEATURE(`masquerade_envelo
dnl FEATURE(`promiscuous_relay
EXPOSED_USER(`root')dnl
dnl This changes sendmail to only listen on the loopback device 127.0.0.1
dnl and not on any other network devices. Comment this out if you want
dnl to accept email over the network.
dnl DAEMON_OPTIONS(`Port=smtp,
dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl a kernel patch
dnl DAEMON_OPTIONS(`port=smtp,
dnl yourself from spam. However, the laptop and users on computers that do
dnl not have 24x7 DNS do need this.
FEATURE(`accept_unresolvab
dnl FEATURE(`relay_based_on_MX
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl Cwlocalhost.localdomain
**************************
Still I'm not able to send the mails(not relaying)
Thanks for your Support.
Regards,
Raja.
ASKER
Hi jlevie,
Please look at the above sendmail.mc and figure-out what went wrong.
Thx & Rgds,
Raja.
Please look at the above sendmail.mc and figure-out what went wrong.
Thx & Rgds,
Raja.
ASKER
Sorry...,The version of my RedHatLinux is 7.2. Sorry for my error in my Question.
ASKER
Sorry...,The version of my RedHatLinux is 7.2. Sorry for my error in my Question.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you jlevie..!!
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISM
in /etc/mail/sendmail.mc, build a new sendmail.cf, and restart sendmail.
Email clients that authenticate to the server will be granted relay privs.
One needs to keep in mind the security implications of this. Roving clients that use PLAIN or LOGIN are exposing their username and password to anyone with a sniffer or password capture program that's in a position to see the SMTP session. This isn't too much of a problem if there are no other Internet accessible services with login privs (like telnet, FTP, ssh, etc). However, if you have servers that could be exploited by someone with a valid username/password you should probably consider:
1) Using a separate (non-system) authentication database and an IMAP/POP server like Cyrus that supports that. A side benefit of that is that the secure methods (CRAM-MD5, DIGEST-MD5) become available.
2) Creating email only accounts that have no access to a shell.