Solved

Where to get a version of sendmail for AIX7 that was compiled with SASL, and does AUTH

Posted on 2015-01-28
24
360 Views
Last Modified: 2015-02-10
I have been unsuccessful at locating a "ready to run" version of sendmail compiled with SASL support. I need this to be able to offer AUTH authentication. Does anyone know where to obtain such.

I have already installed the SASL libraries and tried unsuccessfully to compile a new sendmail. There seems to be no end to the errors that occur, when trying to compile and build a new sendmail.

If anyone has any other suggestions, I am open to most anything at this point.
0
Comment
Question by:carlmd
  • 10
  • 7
  • 4
  • +1
24 Comments
 
LVL 9

Accepted Solution

by:
Trenton Knew earned 166 total points
ID: 40575458
what I did at my company was configured a postfix mail relay server on an old spare computer, (you can also build it in a virtual machine).  It's basically an Ubuntu server with Postfix set up in a relay configuration.  Postfix should probably support the protocols you need, and you can set it up to only relay mail from your AIX box.  If configured correctly, AIX sends email to the postfix's server's SMTP server on port 25, and won't even need to authenticate.  Postfix can then connect to the mail server using the authentication protocols you need and forward the message.  

We also needed to do this because we were on Office365 and needed TLS encryption and some other protocols that sendmail and some of our copiers didn't support.  This configuration has been working for me for a year now with very little incident.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 40575691
sendmail with sasl works great.

can you post your sendmail.mc file?
0
 
LVL 61

Expert Comment

by:gheist
ID: 40576142
AIX sendmail has all features. Just check around m4 templates.
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577207
The version of sendmail that comes with AIX does not have SASL support.

Version AIX7.1/8.14.4
 Compiled with: DNSMAP LDAPMAP LDAP_REFERRALS LOG MAP_REGEX MATCHGECOS
                MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6
                NETUNIX NEWDB NIS NISPLUS PIPELINING SCANF USERDB USE_LDAP_INIT
                USE_TTYPATH XDEBUG

If it did, is would show SASL in this list.

From my research, IBM did not deliver a version with this enabled due to export restrictions. You are supposed to recompile and load a new version of Sendmail that includes SASL support to get it.

As I indicated above, I have installed the SASL libraries but cannot seem to successfully compile sendmail with this.

My understanding is that until you do that, the mc file and m4 won't make any difference because the support is not there.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40577297
Install a small linux box. AIX is not flexible when you swap /usr/lib/sendmail
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577328
Don't have the choice to install a Linux box. I have several AIX systems, and need to find a solution on that platform.

Also, regarding Postfix, no version available that will run on AIX7. So cannot try that.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40577404
So you have no choice. Use plaintext password authentication or IP-based access lists, Whichever hurts less.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 40577432
Are you interested in compiling from source?
0
 
LVL 61

Expert Comment

by:gheist
ID: 40577441
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577472
Jan...   I have been trying to compile from source on AIX but have not been successful. Error after error...
0
 
LVL 28

Assisted Solution

by:Jan Springer
Jan Springer earned 166 total points
ID: 40577510
Ugh.  That's ugly.  IBM doesn't appear to support SASL and doesn't have either the libraries or headers to compile from source which leaves you with no encryption options.
0
 
LVL 9

Expert Comment

by:Trenton Knew
ID: 40577512
@carlmd... what's the reason you can't spin up a linux/postfix box?  you don't have the hardware available for it?  This is  not a bad solution.  All it does is relay mail on behalf of your AIX boxes.  It's fairly easy to set up too.

I wasn't suggesting compiling or installing postfix directly on AIX.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 28

Expert Comment

by:Jan Springer
ID: 40577516
or even better:  linux+sendmail+sasl
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 168 total points
ID: 40577713
postfix or exim will be faster... dont try qmail at home....
my exim no sasl, so disregard it.
http://www.bullfreeware.com/affichage.php?id=280

AIX is more or less brought ot instrumentation level of old RHEL for RPM.
One way to compile would be getting centos sendmail source RPM and heap of its dependencies and build sendmail with sasl.
Interested to try?
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579415
gheist: I already have the source for sendmail-8.14.9 and that is what I have been using in trying build sendmail with sasl on AIX7.

If your idea is different then that, I would be willing to give it a try.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40579425
My idea is to get rpmbuild running and compile sources of redhat(centos) source RPMs (They support PPC, so odds are high in the end it will compile fine and make you a nice set of RPMs to install on system.
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579437
Just to be clear...

To start, you want me to download and install the rpm-build package on my AIX7 system, correct?

then what...
0
 
LVL 61

Expert Comment

by:gheist
ID: 40579468
Yessir....
and install CentOS 5 and add yum-utils to comfortably download missing RPMs...
First is easy...
EL5# yumdownloader --resolve --source sendmail sendmail-cf
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579480
I can't install CentOS, all I have to work with are AIX7 systems.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40579493
OK, browse centos mirror with lynx or wget, probably w3m is easier, just that having configured CentOS (in a desktop VM) is somewhat faster to download package and requirements...

build should be done as unprivileged user

mkdir SOURCES SPECS
rpm2cpio whatever.src.rpm | pax -r
now move all sources/patches to SOURCES/ and spec file(s) to SPECS
run rpmbuild -ba SPECS/sendmail.spec

it says what is missing to build (sasl-devel etc)
Go build that.
rinse, repeat until success.
0
 
LVL 9

Expert Comment

by:Trenton Knew
ID: 40579980
from my understanding. AIX is UNIX/BSD based, not linux.  have you actually installed centos packages on it before?
0
 
LVL 61

Expert Comment

by:gheist
ID: 40580037
No, but i build RPMs without any problem (though not ones competing with AIX default services)

AIX has nothing to do with BSD. It is offshoot of ATT UNIX, but network stack is based on Mentat Streams, not BSD stack.
0
 
LVL 20

Author Closing Comment

by:carlmd
ID: 40600435
No real answer here, points awarded for effort.

Thanks..
0
 
LVL 61

Expert Comment

by:gheist
ID: 40600901
The real answer is that IBM does not want you to change sendmail
Once you get working sendmail of centos/rhel sources you can wipe out sendmail BFF and install your homebrew RPM with all features needed.
It sounds and is complicated and time-consuming.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Automapping, a wonderful feature with Exchange 2010 (SP2 onwards I believe), allows additional/Shared mailboxes that a user has access to be automatically mapped on Outlook client, simplifying the process by adding them while Outlook launches. Ho…
Nearly six years ago I was hired by a company to be their senior server engineer. One of my first projects was to implement Exchange Server 2007 on a Windows Server 2008 Single Copy Cluster for high availability. That was the easy part; read on to l…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now