Solved

Where to get a version of sendmail for AIX7 that was compiled with SASL, and does AUTH

Posted on 2015-01-28
24
367 Views
Last Modified: 2015-02-10
I have been unsuccessful at locating a "ready to run" version of sendmail compiled with SASL support. I need this to be able to offer AUTH authentication. Does anyone know where to obtain such.

I have already installed the SASL libraries and tried unsuccessfully to compile a new sendmail. There seems to be no end to the errors that occur, when trying to compile and build a new sendmail.

If anyone has any other suggestions, I am open to most anything at this point.
0
Comment
Question by:carlmd
  • 10
  • 7
  • 4
  • +1
24 Comments
 
LVL 9

Accepted Solution

by:
Trenton Knew earned 166 total points
ID: 40575458
what I did at my company was configured a postfix mail relay server on an old spare computer, (you can also build it in a virtual machine).  It's basically an Ubuntu server with Postfix set up in a relay configuration.  Postfix should probably support the protocols you need, and you can set it up to only relay mail from your AIX box.  If configured correctly, AIX sends email to the postfix's server's SMTP server on port 25, and won't even need to authenticate.  Postfix can then connect to the mail server using the authentication protocols you need and forward the message.  

We also needed to do this because we were on Office365 and needed TLS encryption and some other protocols that sendmail and some of our copiers didn't support.  This configuration has been working for me for a year now with very little incident.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 40575691
sendmail with sasl works great.

can you post your sendmail.mc file?
0
 
LVL 61

Expert Comment

by:gheist
ID: 40576142
AIX sendmail has all features. Just check around m4 templates.
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577207
The version of sendmail that comes with AIX does not have SASL support.

Version AIX7.1/8.14.4
 Compiled with: DNSMAP LDAPMAP LDAP_REFERRALS LOG MAP_REGEX MATCHGECOS
                MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6
                NETUNIX NEWDB NIS NISPLUS PIPELINING SCANF USERDB USE_LDAP_INIT
                USE_TTYPATH XDEBUG

If it did, is would show SASL in this list.

From my research, IBM did not deliver a version with this enabled due to export restrictions. You are supposed to recompile and load a new version of Sendmail that includes SASL support to get it.

As I indicated above, I have installed the SASL libraries but cannot seem to successfully compile sendmail with this.

My understanding is that until you do that, the mc file and m4 won't make any difference because the support is not there.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40577297
Install a small linux box. AIX is not flexible when you swap /usr/lib/sendmail
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577328
Don't have the choice to install a Linux box. I have several AIX systems, and need to find a solution on that platform.

Also, regarding Postfix, no version available that will run on AIX7. So cannot try that.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40577404
So you have no choice. Use plaintext password authentication or IP-based access lists, Whichever hurts less.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 40577432
Are you interested in compiling from source?
0
 
LVL 61

Expert Comment

by:gheist
ID: 40577441
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577472
Jan...   I have been trying to compile from source on AIX but have not been successful. Error after error...
0
 
LVL 28

Assisted Solution

by:Jan Springer
Jan Springer earned 166 total points
ID: 40577510
Ugh.  That's ugly.  IBM doesn't appear to support SASL and doesn't have either the libraries or headers to compile from source which leaves you with no encryption options.
0
 
LVL 9

Expert Comment

by:Trenton Knew
ID: 40577512
@carlmd... what's the reason you can't spin up a linux/postfix box?  you don't have the hardware available for it?  This is  not a bad solution.  All it does is relay mail on behalf of your AIX boxes.  It's fairly easy to set up too.

I wasn't suggesting compiling or installing postfix directly on AIX.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 28

Expert Comment

by:Jan Springer
ID: 40577516
or even better:  linux+sendmail+sasl
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 168 total points
ID: 40577713
postfix or exim will be faster... dont try qmail at home....
my exim no sasl, so disregard it.
http://www.bullfreeware.com/affichage.php?id=280

AIX is more or less brought ot instrumentation level of old RHEL for RPM.
One way to compile would be getting centos sendmail source RPM and heap of its dependencies and build sendmail with sasl.
Interested to try?
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579415
gheist: I already have the source for sendmail-8.14.9 and that is what I have been using in trying build sendmail with sasl on AIX7.

If your idea is different then that, I would be willing to give it a try.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40579425
My idea is to get rpmbuild running and compile sources of redhat(centos) source RPMs (They support PPC, so odds are high in the end it will compile fine and make you a nice set of RPMs to install on system.
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579437
Just to be clear...

To start, you want me to download and install the rpm-build package on my AIX7 system, correct?

then what...
0
 
LVL 61

Expert Comment

by:gheist
ID: 40579468
Yessir....
and install CentOS 5 and add yum-utils to comfortably download missing RPMs...
First is easy...
EL5# yumdownloader --resolve --source sendmail sendmail-cf
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579480
I can't install CentOS, all I have to work with are AIX7 systems.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40579493
OK, browse centos mirror with lynx or wget, probably w3m is easier, just that having configured CentOS (in a desktop VM) is somewhat faster to download package and requirements...

build should be done as unprivileged user

mkdir SOURCES SPECS
rpm2cpio whatever.src.rpm | pax -r
now move all sources/patches to SOURCES/ and spec file(s) to SPECS
run rpmbuild -ba SPECS/sendmail.spec

it says what is missing to build (sasl-devel etc)
Go build that.
rinse, repeat until success.
0
 
LVL 9

Expert Comment

by:Trenton Knew
ID: 40579980
from my understanding. AIX is UNIX/BSD based, not linux.  have you actually installed centos packages on it before?
0
 
LVL 61

Expert Comment

by:gheist
ID: 40580037
No, but i build RPMs without any problem (though not ones competing with AIX default services)

AIX has nothing to do with BSD. It is offshoot of ATT UNIX, but network stack is based on Mentat Streams, not BSD stack.
0
 
LVL 20

Author Closing Comment

by:carlmd
ID: 40600435
No real answer here, points awarded for effort.

Thanks..
0
 
LVL 61

Expert Comment

by:gheist
ID: 40600901
The real answer is that IBM does not want you to change sendmail
Once you get working sendmail of centos/rhel sources you can wipe out sendmail BFF and install your homebrew RPM with all features needed.
It sounds and is complicated and time-consuming.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This short article will present "How to import ICS Calendar onto Office 365 Calendar". I was searching for free (or not free) tools to convert ICS to CSV without success. The only tools I found & working well were online tools...this was too hard to…
Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now