SOLVED: WAS Re: sendmail status and auth advice
Anton Shterenlikht
as at cmplx.uk
Mon Jul 10 15:34:23 UTC 2017
Matthew Seaman matthew at FreeBSD.org
Mon Jul 10 12:56:18 UTC 2017
>
>Authentication setup in sendmail hasn't changed for quite some time, so
>the old docs you may find online are probably still relevant. One
>problem you'll find is that the vast majority of the stuff you'll find
>about sendmail authentication is talking about sendmail acting as the
>server end of the authentication, whereas you want it to behave as the
>client end. If I recall correctly that needs authinfo settings in
>/etc/mail/access, or (recommended) you need to add FEATURE(`authinfo')
>to your .mc file to create a dedicated file.
Yes, "Using sendmail as a client with AUTH",
http://www.sendmail.org/~ca/email/auth.html#authclientinfo
has the required info, apart from:
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
which is mentioned here:
https://unix.stackexchange.com/questions/132711/using-port-587-with-sendmail
>I'd advise you to get hold of a copy of the O'Reilly Sendmail book --
>that's a pretty comprehensive guide on everything you need to know about
>configuring sendmail.
I have this book in the library, in fact I ordered it, but...
it's a complete monster to read.
>Another surprisingly useful guide is
>/usr/share/sendmail/cf/README -- it covers a remarkably large amount of
>stuff.
Agreed.
For what I need, one can go straight to SMTP AUTHENTICATION section.
>If you are trying to configure sendmail to pretend to be a mail client
>and submit messages by port 587 then in general you don't need a local
>SSL certificate. Unless, of course, your service provider has
>configured things to require one, but office365 doesn't do that.
Yes, this is indeed what I'm trying to do, which, as I found out
is called "Using sendmail as a client with AUTH".
>However, normal sysadminly paranoia suggests that you definitely want
>STARTTLS to happen before sendmail tries to send any passwords around.
>I know it is possible to enforce that from the sendmail client end, but
>I've forgotten exactly how since I stopped using sendmail for anything
>significant mail-wize.
This I haven't figured out yet.
Thanks
Anton
More information about the freebsd-questions
mailing list