Sendmail Question; unable to send mail as normal user
Frank Staals
frankstaals at gmx.net
Tue Aug 8 08:26:06 UTC 2006
Greg Groth wrote:
>> Hmm I guess that sould be the problem then:
>>
>> root at Fstaals$ telnet localhost 25
>> Trying ::1...
>> Trying 127.0.0.1...
>> Connected to localhost.eu.org
>> Escape character is '^]'.
>> 220 Fstaals.net ESMTP Sendmail 8.13.3/8.13.3; Mon, 7 Aug 2006
>> 20:31:30 +0200 (CE
>> ST)
>> EHLO localhost
>> 250-Fstaals.net Hello localhost.eu.org [127.0.0.1], pleased to meet you
>> 250-ENHANCEDSTATUSCODES
>> 250-PIPELINING
>> 250-8BITMIME
>> 250-SIZE
>> 250-DSN
>> 250-ETRN
>> 250-DELIVERBY
>> 250 HELP
>>
>> I compiled sendmail with the following options:
>>
>> root at Fstaals$ cat /etc/make.conf
>> # SASL (cyrus-sasl v2) sendmail build flags...
>> SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2
>> SENDMAIL_LDFLAGS=-L/usr/local/lib
>> SENDMAIL_LDADD=-lsasl2
>> # Adding to enable alternate port (smtps) for sendmail...
>> SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL
>> # added by use.perl 2006-03-02 22:35:07
>> PERL_VER=5.8.8
>> PERL_VERSION=5.8.8
>>
>> What should I do fix this ? Appart from those lines in /etc/make.conf
>> I didn't change anything regarding to the build of sendmail
>>
>> Regards,
>>
>
> Need more info. How did you recompile Sendmail? For instance, I did
> a minimal install, updated my ports, installed cvsup-without-gui &
> fastest-cvsup, cvsupped my sources, ran a buildworld to get the base
> system up to date, then added the following to make.conf:
>
>
<snip> <Example>
>
> In the instances I had a screwup in which I could not resolve, I've
> made the following bonehead moves:
>
> 1. Ran make installworld without dropping to single-user mode
> 2. cvsupped to the wrong source tree due to my ignorance of the tags
> in the cvsup file.
>
> My latest misadventures with getting PLAIN LOGIN working were on
> systems where I did everything correctly, but installed a number of
> ports prior to messing with the MTA. This included Apache, PHP,
> MySQL, Squirrelmail, XOrg, KDE-lite, and whatever dependencies were
> needed. The same issue occured with trying to get PLAIN AUTH working
> with Postfix, and on a second box with Sendmail. I ended up
> reinstalling, and focused on getting the MTA and SASL2 working
> immediately after getting the system up to date, and had no issues.
>
> IMHO, worry about getting PLAIN LOGIN working before messing with
> compiling SSL support into Sendmail. In my experience, configuring
> SSL can be a pain, making sure everything is where it's supposed to be.
>
> Best regards,
> Greg Groth
>
>
Basically it would be the following:
Installed FreeBSD 5.3-RELEASE, minimal install ; manually added the
extra stuff I wanted. Installed a lot of the usual stuff: Apache, php,
smnmpd. Then some time ago I decided I also wanted to run a mailserver
so Installed imap-uw and cyrus-sasl2-saslauthd. Added:
# SASL (cyrus-sasl v2) sendmail build flags...
SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2
SENDMAIL_LDFLAGS=-L/usr/local/lib
SENDMAIL_LDADD=-lsasl2
# Adding to enable alternate port (smtps) for sendmail...
SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL
to /etc/make.conf rebuild world and updated to 5.4-STABLE, manually
rebuild sendmail :
cd /usr/src/usr.sbin/sendmail
make clean
make depend
make
make install
Made SSL certificates:
mkdir /etc/mail/certs
cd /etc/mail/certs
openssl dsaparam 1024 -out dsa1024.pem
openssl req -x509 -nodes -newkey dsa:dsa1024.pem -out mycert.pem -keyout
mykey.pem
rm dsa1024.pem
chmod -R 600 /etc/mail/certs/*
Checked if 'pwcheck_method: saslauthd' was in my
/usr/local/lib/sasl2/Sendmail.conf
then:
cd /etc/mail/
make all
added the following to HOSTNAME.mc :
define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl
TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
define(`CERT_DIR', `/etc/mail/certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
ran a :
make all install restart
Then basically my mailserver thingy stopped for a while ( not enough
time etc ) without realy finishing it up. When I continued last week I
tested what worked; I found out I could send mail as root ( with mail
<e-mail-address ) but not as user. I decided I also wanted spamassasin
and that it would probably be best if I did that immediately so I
Installed spamassasin ( spamass-milter ) and made sure both spamassasin
and spamd started at boot. Manually started both daemons. Then added the
following to /etc/mail/HOSTNAME.mc
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock,
F=, T=C:15m;S:4m;R:4m;E:10m')
define(`confINPUT_MAIL_FILTERS', `spamassassin')
I also fixed a syntax error in my HOSTNAME.mc file ( something went
wrong with the ` ) then ran a
make all install restart
/etc/rc.d/sendmail restart
tested if sasl was working ( which worked fine ) :
testsaslauthd -u <user> -p <password>
At this point I was able to send mail from localhost ( by using mail
<mail-address> ) but still I wans't able to send e-mail from a remote
host; so I googled and added the 'mech_list: login plain' to
/usr/local/lib/sasl2/Sendmail.conf . Now I was able to send e-mail from
a remote box to a user on my server but not to other people.
That would be my situation. Last: these are the references I used during
my install:
http://www.puresimplicity.net/~hemi/freebsd/sendmail.html << For the
part I did a long time ago
http://dfwlpiki.dfwlp.org/index.php/Deploying_a_FreeBSD_Server#Configuring_Mail_Services
<< Mainly for the Spamassasin thing, the basic sendmail install and
config was the same as on the first guide I used to install sendmail
I'm not sure what would be best; maybe I should completely reinstall
sendmail, but if other daemons like apache etc. cause sendmail not to
work correctly I would have to reinstall my intire server, what I would
dislike.
Anyway, thanks for your help so far allready :)
Regards,
--
-Frank Staals
More information about the freebsd-questions
mailing list