Thursday, May 19, 2011

FEDORA SENDMAIL SASLAUTHD

I configured a FEDORA 14 server with : SMTPAUTH and STARTTLS
I could send e-mails from a Windows Mobile 6.1 smartphone,
but with Thunderbird there was an error ;

On the Windows Mobile smartphone , the advanced settings were checked :
[ x ] Send/receive when I click send
[ x ] Require SSL for Incoming email
[ x ] Require SSL for Outgoing email
[ x ] Outgoing server requires authentication

In the end I changed MECH=shadow instead of MECH=pam , and
the problem was gone !



/etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd


# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
# MECH=pam
MECH=shadow
# Options sent to the saslauthd. If the MECH is other than "pam" uncomment the next line.
# DAEMONOPTS=--user saslauth
# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS=




http://www.howtoforge.com/howto_sendmail_smtp_auth_tls
http://www.screaming-penguin.com/node/4214
http://www.madboa.com/geek/sendmail-auth/
http://blog.mikezhang.com/2005/01/11/using-smtp-auth-and-starttls-with-sendmail




/etc/mail/sendmail.mc 

dnl ### do SMTPAUTH
define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl


dnl ### do STARTTLS
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/cacert.pem')dnl
define(`confSERVER_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/sendmail.pem')dnl
DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL, M=s')dnl




the full sendmail.mc 
~ ~ ~ 

divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
dnl # do STARTTLS
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/cacert.pem')dnl
define(`confSERVER_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/sendmail.pem')dnl
DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL, M=s')dnl
DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
FEATURE(`delay_checks')
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl
FEATURE(`dnsbl',`list.dsbl.org', `"550 Mail from " $&{client_addr} " BLOCKED/DSBL; see http://www.dsbl.org/listing [dsbl.org]?" $&{client_addr}')dnl
FEATURE(`dnsbl',`bl.spamcop.net', `"550 Mail from " $&{client_addr} " BLOCKED/COP; see http://www.spamcop.net/w3m?action=checkblock&ip= [spamcop.net]" $&{client_addr}')dnl
FEATURE(`dnsbl',`cbl.abuseat.org')dnl
FEATURE(`dnsbl',`dnsbl.sorbs.net',`"554 Rejected " $&{client_addr} " Found in dnsbl.sorbs.net"',`t')dnl
FEATURE(`dnsbl', `bhnc.njabl.org', `"550 Mail from " $&{client_addr} " BLOCKED/BHNC; see http://www.njabl.org/lookup [njabl.org]?" $&{client_addr}')dnl
FEATURE(`dnsbl', `dul.ru', `Use mail relays of your ISP')dnl
FEATURE(`enhdnsbl',`multi.uribl.com', `"Spam blocked see: http://lookup.uribl.com/?"$&{client_addr}', `t')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/run/milter-greylist/milter-greylist.sock')
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MASQUERADE_AS(`grampa.com')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl MAILER(cyrusv2)dnl
define(`confMAX_MESSAGE_SIZE',`12000000')dnl
INPUT_MAIL_FILTER(`clamav',`S=local:/var/run/clamav-milter/clamav.sock, F=, T=S:4m;R:4m')dnl
define(`confINPUT_MAIL_FILTERS',`clamav')

No comments:

Post a Comment