Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems

Joe Auty joe at netmusician.org
Mon Feb 13 13:52:34 PST 2006 

Hey Greg,

Sorry if this completely throws a monkey wrench into your plans, but  
I feel inspired to interject since I once had a nearly identical  
setup as you...

I switched to Postfix and Courier-IMAP since I found that performance  
of large mailboxes in IMAP-UW was pretty poor, especially over web- 
based email where messages are not cached. I switched to Postfix  
because it is so much more simple and straight forward than Sendmail.  
You should have no problems switching to Postfix, since it is  
basically Sendmail with a nicer wrapper/configuration.

Just food for thought.


On Feb 13, 2006, at 4:25 PM, Kirk Davis wrote:

> Hi Greg,
>
>> I'm trying to set up a FreeBSD 6.0 box as a mail server, and while
>> everything seems to be working OK for the most part, I have
>> run into two
>> issues that I cannot resolve (I'm new to BSD, please bear
>> with me). Install
>> went as follows:  Installed via FTP last night along with
>> "src - Sources for
>> everything",
>>
>> IMAP-UW was compiled via ports with WITH_SSL_AND_PLAINTEXT
>> enabled (same for
>> cclient), OpenSSL, Cyrus-SASL2 & Cyrus-SASL2-saslauthd were
>> compiled via
>> ports with no flags.
>>
>> Sendmail was installed with the base install and recompiled
>> (after SASL2 was
>> up and running) with the following options added to make.conf:
>>
>> # SASL (cyrus-sasl v2) sendmail build flags...
>> SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2
>> SENDMAIL_LDFLAGS=-L/usr/local/lib
>> SENDMAIL_LDADD=-lsasl2
>> # Adding to enable alternate port (smtps) for sendmail...
>> SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL
>>
>> I followed the instructions I found at
>> http://www.bsdconspiracy.net/howto/sendmail.html, and had no
>> problems with
>> the install except for Sendmail.  After recompiling sendmail,
>> I added the
>> following lines to the mail.server.mc file:
>>
>> define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl
>> TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
>> define(`CERT_DIR', `/etc/mail/certs')dnl
>> define(`confCACERT_PATH', `CERT_DIR')dnl
>> define(`confCACERT', `CERT_DIR/mycert.pem')dnl
>> define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
>> define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
>> define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
>> define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
>> DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
>
> This is your problem.  The above line sets up the Sendmail daemon to
> listen on port 25 but the standard mc file distributed with FreeBSD  
> also
> sets up a DAEMON port (it's at the end of the MC file).
>
> Here is what my DAEMON_OPTIONS lines look like.  These should be the
> only DAEMON_OPTIONS lines in the mc file.
> dnl Enable for both IPv4 and IPv6 (optional)
> DAEMON_OPTIONS(`Name=IPv4, Family=inet')
> DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
> DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
>
>
>> DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
>>
>> After running (in /etc/mail) "make clean", "make cf", "make
>> install", "make
>> restart", SMTP no longer works, and I find the following in
>> maillog and
>> messages
>>
>> Feb 12 20:25:55 mail sm-mta[1213]: daemon IPv4: problem
>> creating SMTP socket
>> Feb 12 20:26:00 mail sm-mta[1213]: NOQUEUE: SYSERR(root):
>> opendaemonsocket:
>> daemon IPv4: cannot bind: Address already in use
>>
>> When I try and stop sendmail, I get a message that the pid
>> for Sendmail
>> cannot be found.  I end up killing the missing Sendmail daemon using
>> KSysGuard
>>
>> If I remove this line - "DAEMON_OPTIONS(`Port=smtp,
>> Name=MTA')dnl" from the
>> mail.server.mc file, make cf, make install, make restart,
>> sendmail starts
>> normally.  When trying to access from another machine on my
>> network, I can
>> only connect on port 25 without a secure connection (I'm
>> using Thunderbird
>> for this), although SMTP-AUTH is working correctly.
>
> Have you tried to setup your mail client to connect to port 465?  This
> is the smtps (SMTP SSL) port.
>
>
>> Any ideas on what I might need to do to get SSL / SMTP-AUTH
>> working on SMTP?
>>   I took a look at the instructions in the handbook, but they
>> were written
>> for SASL1.  Running netstat shows smtps listening on 465, but
>> when I try to
>> telnet to that port, the server drops the connection.
>
> Hmm... It should connect but you will not see anything since it is
> expecting an SSL connection.
>
>> My second problem is rather simple, after I create an IMAP
>> folder, I am
>> unable to delete it using a remote client.  Thunderbird
>> responds with "The
>> mail server responded: RENAME failed: Can't create mailbox node
>> /home/User/Trash/: File exists.  Nothing shows up in any of
>> the server logs
>> though.
>
> I have not seen this problem although I have it setup for an office of
> Outlook users.  I would check the permissions on the folders in the  
> user
> home directory.  This is where the IMAP user forlders are by  
> default.  I
> usually setup the clients to use the base imap if Mail and then  
> create a
> Mail directory in the user home directory.  That way the mail folders
> don't get messed up with the user stuff.
>
>>
>> Hopefully this is the right list for these questions, if not,
>> could someone
>> please direct me to the correct one?  Any advice anyone can
>> give me on
>> either of these problems would be greatly appreciated.
>>
>
> ---- Kirk
> Kirk Davis
> Senior Network Analyst, ITS
> Edmonton Public Schools
> 1-780-429-8308
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions- 
> unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list