• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 696
  • Last Modified:

FC sendmail will not send mail (relay)

I have sendmail and dovecot IMAP running on Fedora Core I got to the point that I can receive my mail form anywhere and anyone but I can only send to people in the same domain as me also the plain text authentication does not seem to wanna work
0
athera
Asked:
athera
  • 4
  • 3
1 Solution
 
jlevieCommented:
If you attempt to send a message to a location outside of your local domain what happens? Does the mail just sit in the queue (check the output of mailq)? Is there anything interesting in /var/log/maillog?

Can you open a connection on the SMTP port to an MTA outside of your network, e.g., 'telnet mx1.redhat.com 25'?
0
 
atheraAuthor Commented:
hi j-

I can only send to people in the same domain as me also the plain text authentication does not seem to wanna work

For some reason I think that this is an authentication  problem.

Because it allows to relay to anyone in the same domain but not ouside with password authentication off.

If I try to send to someone outside it says authentication failed.

If I turn password authentication on it keeps on asking for password over and over.

And yes I can open a connection on the SMTP port to an MTA outside of my network.
0
 
jlevieCommented:
Can you send mail to an outside address from the server itself (e.g., with the mail command)?

Do you need to have clients outside of the local network relay mail thorugh your server? If the answer to that is no the simple solution is to disable SMTP AUTH in sendmail.mc and add your local network to /etc/mail/access with RELAY privs.

If external clients do need to be able to relay you do need SMTP AUTH. In the simple case your sendmail.mc needs to include:

define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl

and you need to build a new sendmail.cf and restart sendmail. /usr/lib/sasl2/Sendmail.conf needs to contain "pwcheck_method:saslauthd" and the saslauthd service needs to be running.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
atheraAuthor Commented:
When I first looked at the sendmail.mc last week (plain vanila)
it had
define(`confAUTH_OPTIONS', `A')dnl
I added
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
so that has been there.

today I checked /usr/lib/sasl2/Sendmail.conf it contains "pwcheck_method:saslauthd"

But when I did a ps aux saslauthd running so I started it and authentication works now BUT still NO SENDY :-(

When I try to send Thunderbird/Netscape Mail respond

An error occured while sending mail. The mail server responded 5.7.1 xxx@yyy.com. Relaying denied. IP (xx.xx.xx.xx) name possibly forged. Make sure your email is correct in the prefs.




0
 
jlevieCommented:
Did you configure Thunderbird to authenticate to the SMTP server? That's a separate choice from authentication for reading mail.
0
 
atheraAuthor Commented:
Yes of course
0
 
jlevieCommented:
Okay, doesn't hurt to ask...

I just set up SMTP AUTH on a FC3 box. What I did was to to edit sendmail.mc and include:

TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl

and I commented out the line that restricts sendmail to only listen on the localhost IP. Next I built a new sendmail.cf (cd /etc/mail; make) and restarted sendmail (service sendmail restart). Then I checked to be sure that it was offering PLAIN and LOGIN as AUTH methods with:

chimera> telnet 192.168.0.57 25
Trying 192.168.0.57...
Connected to 192.168.0.57.
Escape character is '^]'.
220 localhost.localdomain ESMTP Sendmail 8.13.1/8.13.1; Thu, 3 Mar 2005 14:25:04 -0600
EHLO entropy-free.net
250-localhost.localdomain Hello chimera.dynetics.com [192.168.0.6], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
QUIT

and it is as evidenced by "250-AUTH LOGIN PLAIN". The next step was to enable saslauthd (service saslauthd start).

using thunderbird I configured it to authenicate to the mail server. On the "Outgoing Server (SMTP) Settings" I made sure that "Use name and password" was checked, the correct login name was filled in and "Use secure connection" was no.

I watched the tail end of /var/log/maillog and attempted a send from thunderbird (which prompted for a password) and saw:

Mar  3 14:32:26 localhost sendmail[5694]: AUTH=server, relay=[192.168.0.57], authid=levie, mech=PLAIN, bits=0
Mar  3 14:32:26 localhost sendmail[5694]: j23KWQE6005694: from=<Jim.Levie@xxxxx.com>, size=370, class=0, nrcpts=1, msgid=<4227745A.5070309@dynetics.com>, proto=ESMTP, daemon=MTA, relay=[192.168.0.57]
Mar  3 14:32:27 localhost sendmail[5696]: j23KWQE6005694: to=<jim@entrophy-free.net>, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=120370, relay=praetorian.entrophy-free.net. [216.78.168.29], dsn=2.0.0, stat=Sent (j23KWQeB010980 Message accepted for delivery)
 
praetorian.entrophy-free.net isn't on the local network, so it did relay as expected.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now