Ibrahim Bazarwala
asked on
How to check smtp authentication is working or not ?
Hi experts,
I am using Linux Enterprise server 3.0 and running sendmail server.How would I know whether smtp authentication is working or not.Even if I dont create saslpasswd2 -c newuser, the users are able to log on.
This are the details of my configured files
I)telnet 192.168.0.252 25
220 localhost.localdomain ESMTP Sendmail 8.12.10/8.12.10; Mon, 28 May 2007 08:15
:55 +0300
ehlo abc.xyz.com
250-localhost.localdomain Hello oracle6.0.168.192.in-addr. arpa [192.168.0.5] (ma
y be forged), pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
II) vi /usr/lib/sasl2/Sendmail.co nf
pwcheck_method: sasldb
III) contents of sendmail.mc file
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISM S', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
IV)chkconfig --list saslauthd
saslauthd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
V)
ps -ef | grep saslauthd
root 4974 1 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4975 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4978 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4979 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4980 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 20202 20091 0 08:06 pts/0 00:00:00 grep saslauthd
VI) sasldblistusers2 | grep rasheed
rasheed@linux: userPassword
I followed this document
http://kbase.redhat.com/faq/FAQ_43_2471.shtm
Also please guide how to use this python
I am using Linux Enterprise server 3.0 and running sendmail server.How would I know whether smtp authentication is working or not.Even if I dont create saslpasswd2 -c newuser, the users are able to log on.
This are the details of my configured files
I)telnet 192.168.0.252 25
220 localhost.localdomain ESMTP Sendmail 8.12.10/8.12.10; Mon, 28 May 2007 08:15
:55 +0300
ehlo abc.xyz.com
250-localhost.localdomain Hello oracle6.0.168.192.in-addr.
y be forged), pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
II) vi /usr/lib/sasl2/Sendmail.co
pwcheck_method: sasldb
III) contents of sendmail.mc file
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISM
IV)chkconfig --list saslauthd
saslauthd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
V)
ps -ef | grep saslauthd
root 4974 1 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4975 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4978 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4979 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 4980 4974 0 May21 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a
pam
root 20202 20091 0 08:06 pts/0 00:00:00 grep saslauthd
VI) sasldblistusers2 | grep rasheed
rasheed@linux: userPassword
I followed this document
http://kbase.redhat.com/faq/FAQ_43_2471.shtm
Also please guide how to use this python
Now that you can finish the test, you can see if auth is working.
Try sending a message both with the auth and without.
Try sending a message both with the auth and without.
ASKER
Thanx for quick response.This is what is got
[root@linux root]# python
Python 2.2.3 (#1, Aug 8 2003, 08:44:02)
[GCC 3.2.3 20030502 (Red Hat Linux 3.2.3-13)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import base64
>>> print base64.encodestring(''\000 waleed\000 waleed'')
File "<stdin>", line 1
print base64.encodestring(''\000 waleed\000 waleed'')
^
SyntaxError: invalid token
[root@linux root]# python
Python 2.2.3 (#1, Aug 8 2003, 08:44:02)
[GCC 3.2.3 20030502 (Red Hat Linux 3.2.3-13)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import base64
>>> print base64.encodestring(''\000
File "<stdin>", line 1
print base64.encodestring(''\000
^
SyntaxError: invalid token
ASKER
Ignore the above comment.I was copying and paste from ur comment.
I did the same as described by u. While telnetting i get this error
auth plain AHdhbGVlZAB3YWxlZWQ=504 5.3.3 AUTH mechanism plain not available
I did the same as described by u. While telnetting i get this error
auth plain AHdhbGVlZAB3YWxlZWQ=504 5.3.3 AUTH mechanism plain not available
Hrm... something seems off... are you sure you rebuilt and restarted sendmail ?
sendmail.mc:
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISM S', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
But the 250 doesn't list those :
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
Do this at a root prompt :
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
service saslauthd restart
service sendmail restart
and re-try that auth plain bit
sendmail.mc:
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISM
But the 250 doesn't list those :
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
Do this at a root prompt :
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
service saslauthd restart
service sendmail restart
and re-try that auth plain bit
ASKER
Its already done.
So you re-ran the m4 command and it is still erroring ?
ASKER
yes
lets see what sendmail currently has configured ... can you run
sendmail -d0.1
Execute the following commands.. after entering the sendmail -O command below, the server will start adding extra logging
Type the commands that the telnet section had after doing the sendmail command below ...
service sendmail stop
sendmail –O LogLevel=14 –bs -Am
service sendmail start
finally, can you check for the following file in the same place you have the sendmail.mc file
site.config.m4
The following command might make it easier as it might be an a subdirectory:
find . -name site.config.m4 -exec cat {} \;
sendmail -d0.1
Execute the following commands.. after entering the sendmail -O command below, the server will start adding extra logging
Type the commands that the telnet section had after doing the sendmail command below ...
service sendmail stop
sendmail –O LogLevel=14 –bs -Am
service sendmail start
finally, can you check for the following file in the same place you have the sendmail.mc file
site.config.m4
The following command might make it easier as it might be an a subdirectory:
find . -name site.config.m4 -exec cat {} \;
ASKER
What steps should be taken for backup before doing the above procedure ?
Only the first line of the above comment I able to understood.
I did this
#sendmail -d0.1
Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS
USERDB USE_LDAP_INIT
============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = localhost
(canonical domain name) $j = localhost.localdomain
(subdomain name) $m = localdomain
(node name) $k = linux
========================== ========== ========== ==========
Recipient names must be specified
Only the first line of the above comment I able to understood.
I did this
#sendmail -d0.1
Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS
USERDB USE_LDAP_INIT
============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = localhost
(canonical domain name) $j = localhost.localdomain
(subdomain name) $m = localdomain
(node name) $k = linux
==========================
Recipient names must be specified
The next set makes no changes... it simply runs sendmail in a local session and dumps the output to your terminal so we can see what it going on and the find command checks to see of the existance of site.config.m4 and displays it to the terminal
ASKER
I didn't understand ur above comment.
Execute the following commands.. after entering the sendmail -O command below, the server will start adding extra logging
Type the commands that the telnet section had after doing the sendmail command below ...
service sendmail stop
sendmail –O LogLevel=14 –bs -Am
service sendmail start
finally, can you check for the following file in the same place you have the sendmail.mc file
site.config.m4
The following command might make it easier as it might be an a subdirectory:
find . -name site.config.m4 -exec cat {} \;
Can u please give more precise steps.Like step 1,step 2 , step 3
Execute the following commands.. after entering the sendmail -O command below, the server will start adding extra logging
Type the commands that the telnet section had after doing the sendmail command below ...
service sendmail stop
sendmail –O LogLevel=14 –bs -Am
service sendmail start
finally, can you check for the following file in the same place you have the sendmail.mc file
site.config.m4
The following command might make it easier as it might be an a subdirectory:
find . -name site.config.m4 -exec cat {} \;
Can u please give more precise steps.Like step 1,step 2 , step 3
Here is a breakdown of the commands :)
Step 1 : Stop the existing sendmail process run as a service
service sendmail stop
Step 2: Issue the date command so we can see where in the logs to cut from:
date
Step 3: Execute sendmail manually, turning up the log level to its highest
sendmail -O LogLevel=14 -bD
Step 4: In another window, Run the commands that the Redhat document showed telnet windowin another window:
telnet 127.0.0.1 25
ehlo test
auth plain AHJvb3QAcmVkaGF0 (Put in the username/password auth string we created above with the python script) ie. a real user)
Step 5: Stop that sendmail we ran with a cntrl-c
Step 6: Restart sendmail
service sendmail start
Step 7: Show the output - Paste the output of the following file starting with where the date command above shows
cat /var/log/maillog
Step 8 : Paste the contents of /etc/mail/sendmail.mc
Step 1 : Stop the existing sendmail process run as a service
service sendmail stop
Step 2: Issue the date command so we can see where in the logs to cut from:
date
Step 3: Execute sendmail manually, turning up the log level to its highest
sendmail -O LogLevel=14 -bD
Step 4: In another window, Run the commands that the Redhat document showed telnet windowin another window:
telnet 127.0.0.1 25
ehlo test
auth plain AHJvb3QAcmVkaGF0 (Put in the username/password auth string we created above with the python script) ie. a real user)
Step 5: Stop that sendmail we ran with a cntrl-c
Step 6: Restart sendmail
service sendmail start
Step 7: Show the output - Paste the output of the following file starting with where the date command above shows
cat /var/log/maillog
Step 8 : Paste the contents of /etc/mail/sendmail.mc
ASKER
This is the output our maillog file after 10:44 (logged in by telnetting through user oracle)
May 30 10:44:32 linux sendmail[5575]: daemon invoked without full pathname; kill -1 won't work
May 30 10:44:32 linux sendmail[5575]: starting daemon (8.12.10): SMTP
May 30 10:44:32 linux sendmail[5575]: STARTTLS: ServerCertFile missing
May 30 10:44:32 linux sendmail[5575]: started as: sendmail -O LogLevel=14 -bD
May 30 10:44:34 linux imapd[5577]: imap service init from 192.168.4.2
May 30 10:44:45 linux imapd[5577]: Login user=sharqest host=[192.168.4.2]
May 30 10:44:45 linux imapd[5577]: Command stream end of file, while reading line user=sharqest host=[192.168.4.2]
May 30 10:44:47 linux sendmail[5580]: NOQUEUE: connect from linux [127.0.0.1]
May 30 10:44:47 linux sendmail[5580]: AUTH: available mech=GSSAPI DIGEST-MD5 CRAM-MD5 ANONYMOUS, allowed mech=DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
May 30 10:44:47 linux sendmail[5580]: l4U7il7g005580: Milter: no active filter
May 30 10:44:51 linux imapd[5581]: imap service init from 192.168.0.118
May 30 10:44:51 linux imapd[5581]: Login user=hesham host=[192.168.0.118]
May 30 10:44:51 linux imapd[5581]: Command stream end of file, while reading line user=hesham host=[192.168.0.118]
May 30 10:44:51 linux imapd[5583]: imap service init from 192.168.0.118
May 30 10:44:51 linux imapd[5583]: Login user=hesham host=[192.168.0.118]
May 30 10:45:52 linux imapd[5589]: imap service init from 192.168.0.118
May 30 10:45:52 linux imapd[5589]: Login user=hesham host=[192.168.0.118]
May 30 10:45:52 linux imapd[5589]: Command stream end of file, while reading line user=hesham host=[192.168.0.118]
May 30 10:45:52 linux imapd[5591]: imap service init from 192.168.0.118
May 30 10:45:52 linux imapd[5591]: Login user=hesham host=[192.168.0.118]
May 30 10:45:54 linux sendmail[5604]: alias database /etc/aliases rebuilt by oracle
May 30 10:45:54 linux sendmail[5604]: NOQUEUE: SYSERR(root): /etc/aliases: line 117: missing colon
May 30 10:45:54 linux sendmail[5604]: /etc/aliases: 77 aliases, longest 817 bytes, 2178 bytes total
May 30 10:45:55 linux sendmail[5611]: starting daemon (8.12.10): SMTP+queueing@01:00:00
May 30 10:45:55 linux sm-msp-queue[5620]: starting daemon (8.12.10): queueing@01:00:00
May 30 10:46:08 linux imapd[5624]: imap service init from 192.168.2.10
May 30 10:46:18 linux imapd[5624]: Login user=abbas host=[192.168.2.10]
May 30 10:46:19 linux imapd[5624]: Command stream end of file, while reading line user=abbas host=[192.168.2.10]
THIS IS THE CONTENTS OF sendmail.mc file
divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl # make -C /etc/mail
dnl #
include(`/usr/share/sendma il-cf/m4/c f.m4')dnl
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST',`redha t.lab.doma in.com')
dnl #
define(`confDEF_USER_ID',` `8:12'')dn l
dnl define(`confAUTO_REBUILD') dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LI ST',true)d nl
define(`confDONT_PROBE_INT ERFACES',t rue)dnl
define(`PROCMAIL_MAILER_PA TH',`/usr/ bin/procma il')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS' , `authwarnings,novrfy,noexp n,restrict qrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
define(`confAUTH_OPTIONS', `A p')dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISM S', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl # make -C /usr/share/ssl/certs usage
dnl #
dnl define(`confCACERT_PATH',` /usr/share /ssl/certs ')
dnl define(`confCACERT',`/usr/ share/ssl/ certs/ca-b undle.crt' )
dnl define(`confSERVER_CERT',` /usr/share /ssl/certs /sendmail. pem')
dnl define(`confSERVER_KEY',`/ usr/share/ ssl/certs/ sendmail.p em')
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SEN DMAIL',`gr oupreadabl ekeyfile') dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN ', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa',` dnl')dnl
FEATURE(`smrsh',`/usr/sbin /smrsh')dn l
FEATURE(`mailertable',`has h -o /etc/mail/mailertable.db') dnl
FEATURE(`virtusertable',`h ash -o /etc/mail/virtusertable.db ')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain) dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail,`', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipie nts')dnl
EXPOSED_USER(`root')dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp, Name=MTA')
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submi ssion, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps , Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl # NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl # a kernel patch
dnl #
dnl DAEMON_OPTIONS(`port=smtp, Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvab le_domains ')dnl
dnl #
dnl FEATURE(`relay_based_on_MX ')dnl
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
LOCAL_DOMAIN(`localhost.lo caldomain' )dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS(`mydomain.co m')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelop e)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_ domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhos t)dnl
dnl MASQUERADE_DOMAIN(localhos t.localdom ain)dnl
dnl MASQUERADE_DOMAIN(mydomain alias.com) dnl
dnl MASQUERADE_DOMAIN(mydomain .lan)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
THIS IS WHAT I AM GETTING BY DOINT TELNET 127.0.0.0
telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to linux (127.0.0.1).
Escape character is '^]'.
220 localhost.localdomain ESMTP Sendmail 8.12.10/8.12.10; Wed, 30 May 2007 10:44:47 +0300
ehlo mail.alhasawi.com
250-localhost.localdomain Hello linux [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
auth plain AG9yYWNsZQBvcmFjbGU=
504 5.3.3 AUTH mechanism plain not available
Connection closed by foreign host.
May 30 10:44:32 linux sendmail[5575]: daemon invoked without full pathname; kill -1 won't work
May 30 10:44:32 linux sendmail[5575]: starting daemon (8.12.10): SMTP
May 30 10:44:32 linux sendmail[5575]: STARTTLS: ServerCertFile missing
May 30 10:44:32 linux sendmail[5575]: started as: sendmail -O LogLevel=14 -bD
May 30 10:44:34 linux imapd[5577]: imap service init from 192.168.4.2
May 30 10:44:45 linux imapd[5577]: Login user=sharqest host=[192.168.4.2]
May 30 10:44:45 linux imapd[5577]: Command stream end of file, while reading line user=sharqest host=[192.168.4.2]
May 30 10:44:47 linux sendmail[5580]: NOQUEUE: connect from linux [127.0.0.1]
May 30 10:44:47 linux sendmail[5580]: AUTH: available mech=GSSAPI DIGEST-MD5 CRAM-MD5 ANONYMOUS, allowed mech=DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
May 30 10:44:47 linux sendmail[5580]: l4U7il7g005580: Milter: no active filter
May 30 10:44:51 linux imapd[5581]: imap service init from 192.168.0.118
May 30 10:44:51 linux imapd[5581]: Login user=hesham host=[192.168.0.118]
May 30 10:44:51 linux imapd[5581]: Command stream end of file, while reading line user=hesham host=[192.168.0.118]
May 30 10:44:51 linux imapd[5583]: imap service init from 192.168.0.118
May 30 10:44:51 linux imapd[5583]: Login user=hesham host=[192.168.0.118]
May 30 10:45:52 linux imapd[5589]: imap service init from 192.168.0.118
May 30 10:45:52 linux imapd[5589]: Login user=hesham host=[192.168.0.118]
May 30 10:45:52 linux imapd[5589]: Command stream end of file, while reading line user=hesham host=[192.168.0.118]
May 30 10:45:52 linux imapd[5591]: imap service init from 192.168.0.118
May 30 10:45:52 linux imapd[5591]: Login user=hesham host=[192.168.0.118]
May 30 10:45:54 linux sendmail[5604]: alias database /etc/aliases rebuilt by oracle
May 30 10:45:54 linux sendmail[5604]: NOQUEUE: SYSERR(root): /etc/aliases: line 117: missing colon
May 30 10:45:54 linux sendmail[5604]: /etc/aliases: 77 aliases, longest 817 bytes, 2178 bytes total
May 30 10:45:55 linux sendmail[5611]: starting daemon (8.12.10): SMTP+queueing@01:00:00
May 30 10:45:55 linux sm-msp-queue[5620]: starting daemon (8.12.10): queueing@01:00:00
May 30 10:46:08 linux imapd[5624]: imap service init from 192.168.2.10
May 30 10:46:18 linux imapd[5624]: Login user=abbas host=[192.168.2.10]
May 30 10:46:19 linux imapd[5624]: Command stream end of file, while reading line user=abbas host=[192.168.2.10]
THIS IS THE CONTENTS OF sendmail.mc file
divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl # make -C /etc/mail
dnl #
include(`/usr/share/sendma
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST',`redha
dnl #
define(`confDEF_USER_ID',`
dnl define(`confAUTO_REBUILD')
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LI
define(`confDONT_PROBE_INT
define(`PROCMAIL_MAILER_PA
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS'
define(`confAUTH_OPTIONS',
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
define(`confAUTH_OPTIONS',
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISM
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl # make -C /usr/share/ssl/certs usage
dnl #
dnl define(`confCACERT_PATH',`
dnl define(`confCACERT',`/usr/
dnl define(`confSERVER_CERT',`
dnl define(`confSERVER_KEY',`/
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SEN
dnl #
dnl define(`confTO_QUEUEWARN',
dnl define(`confTO_QUEUERETURN
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa',`
FEATURE(`smrsh',`/usr/sbin
FEATURE(`mailertable',`has
FEATURE(`virtusertable',`h
FEATURE(redirect)dnl
FEATURE(always_add_domain)
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail,`',
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipie
EXPOSED_USER(`root')dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp,
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submi
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl # NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl # a kernel patch
dnl #
dnl DAEMON_OPTIONS(`port=smtp,
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvab
dnl #
dnl FEATURE(`relay_based_on_MX
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
LOCAL_DOMAIN(`localhost.lo
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS(`mydomain.co
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelop
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_
dnl #
dnl MASQUERADE_DOMAIN(localhos
dnl MASQUERADE_DOMAIN(localhos
dnl MASQUERADE_DOMAIN(mydomain
dnl MASQUERADE_DOMAIN(mydomain
MAILER(smtp)dnl
MAILER(procmail)dnl
THIS IS WHAT I AM GETTING BY DOINT TELNET 127.0.0.0
telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to linux (127.0.0.1).
Escape character is '^]'.
220 localhost.localdomain ESMTP Sendmail 8.12.10/8.12.10; Wed, 30 May 2007 10:44:47 +0300
ehlo mail.alhasawi.com
250-localhost.localdomain Hello linux [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
auth plain AG9yYWNsZQBvcmFjbGU=
504 5.3.3 AUTH mechanism plain not available
Connection closed by foreign host.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will give it a look.
Thanx for the efforts.
Thanx for the efforts.
Additionally, I think we have come across the solution to your initial problem !
In your sendmail.mc file, you have
define(`confAUTH_OPTIONS', `A p')dnl
change it to :
define(`confAUTH_OPTIONS', `A p y')dnl
The letter 'y' prohibits anonymous logins, which is why your people could send without authentication!
In your sendmail.mc file, you have
define(`confAUTH_OPTIONS',
change it to :
define(`confAUTH_OPTIONS',
The letter 'y' prohibits anonymous logins, which is why your people could send without authentication!
ASKER
Thanx .
<which is why your people could send without authentication>
Here users are authenticated in the outlook express ,but only from the username and password while adding user.
<which is why your people could send without authentication>
Here users are authenticated in the outlook express ,but only from the username and password while adding user.
ASKER
I will give a look at the above comment(Date:05.30.2007 at 12:26PM ASTExpert Comment) when my server will be ofline.
ASKER
I will install it in virtual pc and will give it a look.
ASKER
Thanx for patience.
Do you see where it says 'root and redhat' below ? Put your username/password in there. forexample, if your username is 'ibu1' and your password is 'hifrashii'
type : python
type : import base64
type : print base64.encodestring(''\000
type : ctrl-d
Output: AGlidTEAaGlmcmFzaGlp
it will output a string of characters, and that is what you use in the next section where is says
auth plain AGlidTEAaGlmcmFzaGlp