Sendmail question

Matthew Seaman m.seaman at infracaninophile.co.uk
Thu Jul 26 20:11:49 UTC 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Dylan Smith wrote:
> Eric Crist wrote:
>> On Jul 26, 2007, at 4:54 AMJul 26, 2007, Dylan Smith wrote:
>>
>>> I am currently on the last stages of setting up a FreeBSD 6.2-STABLE
>>> File and Network Application Server. One of my last tasks is to
>>> simple forward all mail from root out through my isp's SMTP(requires
>>> authentication) server and to an email account i have elsewhere. That
>>> is to say i have no purpose for a mail server other than to handle
>>> mail from things like periodic and to move that mail elsewhere.
>>>
>>> Can this be easily accomplished? If so are there any guides/how-to's?
>>> I have done a search around my usual BSD sites and books and found
>>> nothing that is easily modified to my circumstances.

>> It can be done, but it's a PITA with Sendmail.  Look into
>> /usr/ports/mail/ssmtp.  We use it on our systems here where we need to
>> simply get root's email off the box.  Simple configuration file, works
>> well.

> Thanks for that little suggestion.
> Would this mean that i could just disable sendmail
> totally(sendmail_enable="none")?

Hmmm... no one seems to have cottoned onto the 'requires
authentication' statement in the original message.  As far as I can
tell, ssmtp only allows authentication via the use of cryptographic
certificates -- which is probably the most secure way of doing
authentication but also tends not to be supported on many mail
systems.

If you need support for most client-side mail auth mechanisms, then
sendmail is probably the least effort to set up -- and it is not
really that hard to do IMHO.

All you need to do is:

   * Make sure /etc/rc.conf contains

       sendmail_enable="NO"

     Which might seem a bit odd, but actually gives you a setup with
     no sendmail listening on port 25 (so no incoming mail), but
     with everything it needs to send outgoing mail.

   * edit /etc/mail/aliases to direct the root e-mails to where ever
     you want them to go to.

   * run 'make' in /etc/mail to rebuild the aliases.db file and copy
     the default sendmail configuration to `hostname`.mc etc.
     (`hostname` there means "whatever the hostname command
     outputs" on your machine.)

   * edit `hostname`.mc and change the line that says:

        dnl define(`SMART_HOST', `your.isp.mail.server')

     Take out the 'dnl' part and change your.isp.mail.server to the
     hostname of your ISP's mail server.

     For security reasons (ie. to stop people being able to
     trivially find out the login and password details) you should
     also change this line at the end of the file from:

    define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')

     to

    define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy,goaway')

     Then run:

        make all install restart

     to generate the .cf files, move them into place and restart the
     running sendmail.

   * edit /etc/mail/access to add the login details for your ISP's
     mail server.  Look for the section titled "Providing SMTP AUTH
     Data when sendmail acts as Client" in the file
     /usr/share/sendmail/cf/README for details. In short if all
     you have is a username and password then add a line like:

        AuthInfo:your.isp.mail.server "U:user" "P:password"

     Then type 'make' one last time.

That's all really, apart from testing.

	Cheers,

	Matthew

- --
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGqP/w8Mjk52CukIwRCN4DAJwOSF8eqb4WGQytrKu7kcCq9q5iSQCfRAT2
oI9pogQUepmf5yzQJMegrPk=
=bj1y
-----END PGP SIGNATURE-----

More information about the freebsd-questions mailing list