SMTP AUTH for Sendmail

From Gruff Goat Wiki
Jump to: navigation, search

Standard installation of FreeBSD include Sendmail. However this Sendmail version is not ready for SMTP_AUTH usage. This page logs enabling SMTP_AUTH for Sendmail.

Preparation

  • Update the ports tree
 cvsup -g -L 2 /root/ports-supfile
  • Update the source tree
 cvsup -g -L 2 /root/secure-supfile

Cyrus-SASL

  • Make install Cyrus SASL port from /usr/ports/security/cyrus-sasl2
  • Review /usr/ports/security/cyrus-sasl2/files/Sendmail.README
  • Add the following lines to /etc/make.conf
 SENDMAIL_CFLAGS+=	-I/usr/local/include -DSASL=2
 SENDMAIL_LDFLAGS+=	-L/usr/local/lib
 SENDMAIL_LDADD+=	-lsasl2

Build and install Sendmail

The compile of sendmail should not have any problems if /usr/src has not been changed extensively and the shared libraries it needs are available.

 cd /usr/src/usr.sbin/sendmail
 make cleandir
 make obj
 make
 make install

It is possible that the build and install of just Sendmail will fail. In this case, you will need to build and install world.

Client Sendmail

Assumption: Sendmail 8.12 or later

  • Create a file a file to store your client authorization information.
 mkdir /etc/mail/auth
 touch /etc/mail/client-info
 echo 'AuthInfo:smtp.server "U:root" "I:user" "P:pass"' >> /etc/mail/client-info

The smpt.server should be the mail server you connect to and I: and P: should be your connection username and password. U set to root usually works fine as this is the system user that Sendmail runs under.

  • Hash the client-info file and protect the password.
 cd /etc/mail/auth
 makemap hash client-info < client-info
 chmod -R 600 /etc/mail/auth
  • Edit your sendmail.mc file. Please backup your originals before proceding. Many of these lines may already exist in your mc file and just need to be verified and have the leading dnl removed. Use you favorite text editor in place of edit.
 cd /etc/mail
 cp freebsd.mc freebsd.mc.OLD
 cp sendmail.cf sendmail.cf.OLD
 edit freebsd.mc          # Note: Leading ` is different from trailing '
   define(`SMART_HOST',`smtp.server')dnl
   define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
   FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
   FEATURE(`no_default_msa')dnl
   DAEMON_OPTIONS(`Port=587, Name=MSA, M=E')dnl
 end edit
  • Generate the sendmail.cf
 m4 /usr/share/sendmail/cf/m4/cf.m4 freebsd.mc > sendmail.cf
  • Restart Sendmail
 /etc/rc.d/sendmail restart
  • Test your configuration

Server Sendmail

References


--Gary 00:03, 11 Aug 2005 (CDT)