smtp auth // like jlivie or redimido like / complex problem

Posted on 2004-09-29
Last Modified: 2010-03-18
hi all i have a problem

i update RH9 to FC2 and  i install imapd for my user check mail and use smpt but i cant use it by netscape or another
the /var/log/message say

Sep 30 00:15:26 omega sendmail[18112]: unable to open Berkeley db /etc/sasldb2: No such file or directory

yes i need a sasldb2 but i dont use postfix i use sendmail all example is for postfix  

i need to auth bye system users passwds NOT by postfix users or sasldb  becasuse I DONT USE POSTFIX

i have 2 ideas for that .. modify my

or use a /etcsasldb2

but i dont have an example to do that

 i need help in this becasue SMTD is not working now....................
Question by:pablouruguay
  • 4
  • 3
LVL 40

Expert Comment

ID: 12186736
To use system auth data (passwd/shadow) /usr/lib/sasl2/Sendmail.conf must contain:


and you must be running the saslauthd daemon (chkconfig saslauthd on; service saslauthd start)
LVL 14

Author Comment

ID: 12188961
that is my problem how i disable sasl????
LVL 40

Accepted Solution

jlevie earned 500 total points
ID: 12193722
You don't "disable sasl". You change what SASL mechanism is used to authenticate users, as I described above. Note that when doing this you'll also waqnt to change the SMTP AUTH methods to only advertise PLAIN and LOGIN since those are the only ones that can be used with saslauthd. The config for that would look like:

define(`confAUTH_OPTIONS', `A')dnl
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

LVL 14

Author Comment

ID: 12193811
ok thanks! i will try today later... antoher question you have a  standart?because this machine lost or the last administrator erase it. :(
LVL 14

Author Comment

ID: 12193848
or is possible to modify the ??? how directives need to add in ????
LVL 40

Expert Comment

ID: 12195003
The base from an RHEL 3.0 system is below. It should be fine for Fedora.

dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/, you will need to regenerate the
dnl # /etc/mail/ file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl #     make -C /etc/mail
dnl #
VERSIONID(`setup for Red Hat Linux')dnl
dnl #
dnl # default logging level is 9, you might want to set it higher to
dnl # debug the configuration
dnl #
dnl define(`confLOG_LEVEL', `9')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST',`smtp.your.provider')
dnl #
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl #     make -C /usr/share/ssl/certs usage
dnl # or use the included script
dnl #
dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
dnl DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl # enable both ipv6 and ipv4 in sendmail:
dnl #
dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
dnl #
dnl FEATURE(`relay_based_on_MX')dnl
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from
dnl #
dnl MASQUERADE_AS(`')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just, but @* as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
LVL 14

Author Comment

ID: 12195921
yep!!!! always jlevie  :)  

only for comments. i use my old sendmail, with your directives i create a new .cf and copy and paste the new lines. i paste in here and i add too the certs for SSL pop3 auth. the lines to add in CF file are.

O AuthMechanisms=LOGIN PLAIN

# SMTP AUTH flags
O AuthOptions=A

# SMTP AUTH maximum encryption strength
#O AuthMaxBits

# SMTP STARTTLS server options
#O TLSSrvOptions

# Input mail filters
#O InputMailFilters

O CACertPath=/etc/mail/certs/CA
# CA file
O CACertFile=/etc/mail/certs/CA/cacert.pem
# Server Cert
O ServerCertFile=/etc/mail/certs/CA/sendmail_c.pem
# Server private key
O ServerKeyFile=/etc/mail/certs/CA/sendmail_r.pem

THANK YOU!!!!!!! jlevie

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question