Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Where to get a version of sendmail for AIX7 that was compiled with SASL, and does AUTH

Posted on 2015-01-28
24
Medium Priority
?
517 Views
Last Modified: 2015-02-10
I have been unsuccessful at locating a "ready to run" version of sendmail compiled with SASL support. I need this to be able to offer AUTH authentication. Does anyone know where to obtain such.

I have already installed the SASL libraries and tried unsuccessfully to compile a new sendmail. There seems to be no end to the errors that occur, when trying to compile and build a new sendmail.

If anyone has any other suggestions, I am open to most anything at this point.
0
Comment
Question by:carlmd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
  • 4
  • +1
24 Comments
 
LVL 9

Accepted Solution

by:
Trenton Knew earned 498 total points
ID: 40575458
what I did at my company was configured a postfix mail relay server on an old spare computer, (you can also build it in a virtual machine).  It's basically an Ubuntu server with Postfix set up in a relay configuration.  Postfix should probably support the protocols you need, and you can set it up to only relay mail from your AIX box.  If configured correctly, AIX sends email to the postfix's server's SMTP server on port 25, and won't even need to authenticate.  Postfix can then connect to the mail server using the authentication protocols you need and forward the message.  

We also needed to do this because we were on Office365 and needed TLS encryption and some other protocols that sendmail and some of our copiers didn't support.  This configuration has been working for me for a year now with very little incident.
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40575691
sendmail with sasl works great.

can you post your sendmail.mc file?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40576142
AIX sendmail has all features. Just check around m4 templates.
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
LVL 20

Author Comment

by:carlmd
ID: 40577207
The version of sendmail that comes with AIX does not have SASL support.

Version AIX7.1/8.14.4
 Compiled with: DNSMAP LDAPMAP LDAP_REFERRALS LOG MAP_REGEX MATCHGECOS
                MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6
                NETUNIX NEWDB NIS NISPLUS PIPELINING SCANF USERDB USE_LDAP_INIT
                USE_TTYPATH XDEBUG

If it did, is would show SASL in this list.

From my research, IBM did not deliver a version with this enabled due to export restrictions. You are supposed to recompile and load a new version of Sendmail that includes SASL support to get it.

As I indicated above, I have installed the SASL libraries but cannot seem to successfully compile sendmail with this.

My understanding is that until you do that, the mc file and m4 won't make any difference because the support is not there.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40577297
Install a small linux box. AIX is not flexible when you swap /usr/lib/sendmail
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577328
Don't have the choice to install a Linux box. I have several AIX systems, and need to find a solution on that platform.

Also, regarding Postfix, no version available that will run on AIX7. So cannot try that.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40577404
So you have no choice. Use plaintext password authentication or IP-based access lists, Whichever hurts less.
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40577432
Are you interested in compiling from source?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40577441
0
 
LVL 20

Author Comment

by:carlmd
ID: 40577472
Jan...   I have been trying to compile from source on AIX but have not been successful. Error after error...
0
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 498 total points
ID: 40577510
Ugh.  That's ugly.  IBM doesn't appear to support SASL and doesn't have either the libraries or headers to compile from source which leaves you with no encryption options.
0
 
LVL 9

Expert Comment

by:Trenton Knew
ID: 40577512
@carlmd... what's the reason you can't spin up a linux/postfix box?  you don't have the hardware available for it?  This is  not a bad solution.  All it does is relay mail on behalf of your AIX boxes.  It's fairly easy to set up too.

I wasn't suggesting compiling or installing postfix directly on AIX.
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40577516
or even better:  linux+sendmail+sasl
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 504 total points
ID: 40577713
postfix or exim will be faster... dont try qmail at home....
my exim no sasl, so disregard it.
http://www.bullfreeware.com/affichage.php?id=280

AIX is more or less brought ot instrumentation level of old RHEL for RPM.
One way to compile would be getting centos sendmail source RPM and heap of its dependencies and build sendmail with sasl.
Interested to try?
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579415
gheist: I already have the source for sendmail-8.14.9 and that is what I have been using in trying build sendmail with sasl on AIX7.

If your idea is different then that, I would be willing to give it a try.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40579425
My idea is to get rpmbuild running and compile sources of redhat(centos) source RPMs (They support PPC, so odds are high in the end it will compile fine and make you a nice set of RPMs to install on system.
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579437
Just to be clear...

To start, you want me to download and install the rpm-build package on my AIX7 system, correct?

then what...
0
 
LVL 62

Expert Comment

by:gheist
ID: 40579468
Yessir....
and install CentOS 5 and add yum-utils to comfortably download missing RPMs...
First is easy...
EL5# yumdownloader --resolve --source sendmail sendmail-cf
0
 
LVL 20

Author Comment

by:carlmd
ID: 40579480
I can't install CentOS, all I have to work with are AIX7 systems.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40579493
OK, browse centos mirror with lynx or wget, probably w3m is easier, just that having configured CentOS (in a desktop VM) is somewhat faster to download package and requirements...

build should be done as unprivileged user

mkdir SOURCES SPECS
rpm2cpio whatever.src.rpm | pax -r
now move all sources/patches to SOURCES/ and spec file(s) to SPECS
run rpmbuild -ba SPECS/sendmail.spec

it says what is missing to build (sasl-devel etc)
Go build that.
rinse, repeat until success.
0
 
LVL 9

Expert Comment

by:Trenton Knew
ID: 40579980
from my understanding. AIX is UNIX/BSD based, not linux.  have you actually installed centos packages on it before?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40580037
No, but i build RPMs without any problem (though not ones competing with AIX default services)

AIX has nothing to do with BSD. It is offshoot of ATT UNIX, but network stack is based on Mentat Streams, not BSD stack.
0
 
LVL 20

Author Closing Comment

by:carlmd
ID: 40600435
No real answer here, points awarded for effort.

Thanks..
0
 
LVL 62

Expert Comment

by:gheist
ID: 40600901
The real answer is that IBM does not want you to change sendmail
Once you get working sendmail of centos/rhel sources you can wipe out sendmail BFF and install your homebrew RPM with all features needed.
It sounds and is complicated and time-consuming.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question