Ok, I'm trying to secure up sendmail's relaying capability.
Here's what I want to do:
Have local users on the network be able to send email thru my email server.
Have remote users on other networks that have local email addressess send email thru my server. - Remote users must use username/password to be able to have email relayed thru my email server. most remote clients will be using Outlook Express, a few using Outlook 2000.
Problem: I can't get it to work right. I have sasl installed, and have added a dummy user to the database named tom. He can get pop his email, but he can't send email thru outlook express on an external network. It comes up prompting for a username and password, but all I get are failures...
here is the error I'm getting in my messages:
Mar 25 10:41:33 mail saslauthd: do_auth : auth failure: [user=tom] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error]
here are the relevant lines in sendmail.mc...
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
I know I am fairly close to the solution, but I am just doing something simple wrong. Any help would be most appreciated.
On a side note - I'm also having to come into sendmail's smtp vi port 587 on my client instead of 25, I don't know why but it won't respond on port 25 to external hosts at all. I know the firewall isn't blocking it, I've checked several times.
Thanks in advance.