(still) problems with email/ssl and t-online.de/telekom.de

Sat Mar 29 14:08:08 UTC 2014

On 2014-03-29 15:15, Johannes-Maria Kaltenbach wrote:
> Hello,
>
> On Sat, Mar 29, 2014 at 04:18:36AM +0100, Ondra Knezour wrote:
>> You are probably looking for authinfo feature?
>>
>> See https://www.dnsexit.com/support/mailrelay/sendmail.html for example.
>
> yes, it is probably the authinfo feature but I was not able
> to do it correctly. I created an authinfo file (and .db) right
> from the start as mentioned in the link
> http://www.dawoodfall.net/index.php/en/relaying-sendmail-a-ssl
> which was sent to me by Christian Schmidt.
> For easier reference I copy here the link you sent me:
>
>    from https://www.dnsexit.com/support/mailrelay/sendmail.html:
> | For Sendmail V8.12 and above
> | 1. Set your authorization informations by putting the following line \
> |    to /etc/mail/authinfo file:
> |
> | AuthInfo:relay.dnsexit.com "U:USERNAME" "P:PASSWORD" "M:PLAIN"
> |         Note: Replace USERNAME and PASSWORD with the DNSEXIT mail \
> |         relay username and PASSWORD.
> |
> | 2. Add following lines to /etc/mail/sendmail.mc (check if apropriate \
> |    settings doesn't already exists):
> |
> | define(`SMART_HOST', `relay.dnsexit.com')
> | FEATURE(`authinfo')
> |
> | 3. Update sendmail.cf and access.db files:
> |
> | # cd /etc/mail
> | # m4 sendmail.mc >sendmail.cf
> | # makemap hash authinfo < authinfo
> |
> |
> | 4. Reload or restart sendmail:
> | # /etc/init.d/sendmail restart
>
>
> I created an authinfo file with
>
> | AuthInfo:relay-domain  "U:johannes-maria" "P:PASSWORD" "M:PLAIN"
> and with
> | AuthInfo:relay-domain:2525  "U:johannes-maria" "P:PASSWORD" "M:PLAIN"
> and with both

That file should live in /etc/mail/auth/
So sendmail can find it.

> where PASSWORD was replaced by the password I use for getting
> my mails (with this user name and password [base64-encoded] I was
> able to get a connection via telnet as shown in my last email
> and at the end of this email).
>
> I have the U: and P: part in plain ascii but I also tried it
> base64-encoded, but this didn't help either.
> I also inlcuded a "I: johannes-maria at t-online.de",
> | AuthInfo:relay-domain "I: johannes-maria at t-online.de" "U:...
> (as in http://www.dawoodfall.net/index.php/en/relaying-sendmail-a-ssl)
>
> I also tried securesmtp.t-online.de instead of relay-domain.
>
> In each step I created authinfo.db and restarted sendmail.
>
> I don't have an access.db; is this neccessary in my case?
> [and if: what should it contain?]
>
> At first I got the following error message in /var/log/maillog:
> | hash map "authinfo": unsafe map file /etc/mail/authinfo.db: Permission denied
> After changing the owner of /etc/mail/authinfo.db to smmsp this
> message didn't occur again; is this the (or a) correct way to
> do it?
>
>
> I have a
> | FEATURE(`authinfo')
> in my .mc file and added
>
> | define(`SMART_HOST', `relay-domain')
> and alternatively
> | define(`SMART_HOST', `relay-domain:2525')
>
> [with relay-domain:
>    stunnel /usr/local/etc/stunnel/stunnel.conf -c -d relay-domain:2525
> ]
>
> But then I always got something like
> | sendmail[7815]: s2TB4Ilq007815: from=jmk, size=53, class=0, nrcpts=1, \
> |  msgid=<201403291104.s2TB4Ilq007815 at jmk.org>, relay=root at localhost
> | sendmail[7815]: s2TB4Ilq007815: timeout waiting for input from \
> |  relay-domain.org. during client greeting
> | sendmail[7815]: s2TB4Ilq007815: to=johannes-maria at t-online.de, \
> |  ctladdr=jmk (1001/1001), delay=00:05:10, xdelay=00:05:10, mailer=relay, \
> |  pri=30053, relay=relay-domain.org. [62.157.140.133], dsn=4.0.0, \
> |  stat=Deferred: Operation timed out with relay-domain.org.
> in /var/log/maillog,i. e. relay-domain.org. [62.157.140.133] instead
> of relay-domain [127.0.0.1] or localhost [127.0.0.1].
> [I have
>   127.0.0.1    localhost
>   127.0.0.1    relay-domain
> in /etc/hosts]
>
>
> Then I changed this to
> | define(`SMART_HOST', `securesmtp.t-online.de:465')
> which gives me now in /var/log/maillog:
>
> | sendmail[18888]: s2TDUkhM018888: from=jmk, size=53, class=0, nrcpts=1, \
> |  msgid=<201403291330.s2TDUkhM018888 at jmk.org>, relay=root at localhost
> | sendmail[18888]: STARTTLS=client, relay=sfwdallmx.t-online.de., \
> |  version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, \
> |  bits=256/256
> | sendmail[18888]: s2TDUkhM018888: to=johannes-maria at t-online.de, \
> |  ctladdr=jmk (1001/1001), delay=00:00:09, xdelay=00:00:09, mailer=relay, \
> |  pri=30053, relay=sfwdallmx.t-online.de. [194.25.134.46], dsn=5.0.0, \
> |  stat=Service unavailable
> | sendmail[18888]: s2TDUkhM018888: s2TDUkhN018888: DSN: Service unavailable
> | sm-mta[18890]: s2TDUt7C018890: from=<>, size=1909, class=0, nrcpts=1, \
> |  msgid=<201403291330.s2TDUkhN018888 at jmk.org>, proto=ESMTP, daemon=IPv4, \
> |  relay=localhost [127.0.0.1]
>
>
> I still get the message
> | sm-mta[18879]: auxpropfunc error invalid parameter supplied
> in /var/log/messages after each (re)start of sendmail.
> I don't know what it means, how to fix it, and if it's related
> to my mail problem.
>
>
>
> Thanks in advance,
> Johannes-Maria
>
>
>
> | # telnet relay-domain 2525
> | Trying 127.0.0.1...
> | Connected to relay-domain.
> | Escape character is '^]'.
> | 220 fwd14.t-online.de T-Online ESMTP receiver fmsad15465 ready. \
> |   / T-Online ESMTP receiver securesmtp.t-online.de ready.
> | EHLO localhost
> | 250-fwd14.t-online.de ready.
> | 250-SIZE 52428800
> | 250-8BITMIME
> | 250-AUTH=LOGIN PLAIN
> | 250-AUTH LOGIN PLAIN
> | 250-ENHANCEDSTATUSCODES
> | 250 HELP
> | MAIL From: <johannes-maria at t-online.de>
> | 530 5.7.0 Authentication required.
> | AUTH PLAIN ...
> | 235 2.5.0 Authentication successful. / Authentifizierung erfolgreich.
> | quit
> | 221 2.0.0 fwd14.t-online.de closing. / Verbindung wird getrennt.
> | Connection closed by foreign host.
>
>
>
>
>
>
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
>