v1pEr
n00b
Joined: 20 Apr 2009
Posts: 63
|
 Posted: Thu Dec 30, 2010 12:56 pm Post subject: authenticated SMTP on sendmail |
 |
|
I have a dovecot + sendmail + fetchmail combination running for over a year now. Until now this was only used to fetch mails from several accounts and providers (such as hotmail, yahoo, gmail and gmx) and delever it to a local user. The mails could then be read with a webmail application (roundcube in this case). Mails are not sent by the local accounts but "in the name of" the other providers.
Example:
local user userOne fetches mail from accountOne@hotmail.com, accountOne@yahoo.com and accountOne.gmail.com and is delivered to his local mailbox.
When userOne logs in to the webmail he can send mails from accountOne@hotmail.com, accountOne@yahoo.com and accountOne.gmail.com (so NOT from userOne@domain).
What I want to do now is send and receive these emails also with IMAP and SMTP. I have the IMAP part working by configuring dovecot but I have problems getting the SMTP to work.
So what I want is that users can send from any domain to any domain with my MTA as relay, but only if there is valid authentication.
Also, my ISP (this particular box is running at home) does not allow any connections on ports 1->1024 so IMAP is running on port 9930 instead of 993 and I want SMTP to listen on port 2500.
Following this guide I found that I needed to add this to my sendmail.mc
| Code: | define('confAUTH_OPTIONS', 'A')dnl
TRUST_AUTH_MECH('LOGIN PLAIN')dnl
define('confAUTH_MECHANISMS', 'LOGIN PLAIN')dnl
DAEMON_OPTIONS('Port=2500, Name=MSA, M=Ea')dnl |
This is how it looks now:
| Code: |
divert(-1)
divert(0)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail-procmail.mc,v 1.2 2004/12/07 01:59:31 g2boojum Exp $')dnl
OSTYPE(linux)dnl
DOMAIN(generic)dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`local_lmtp',`/usr/sbin/mail.local')dnl
FEATURE(`local_procmail')dnl
dnlFEATURE(promiscuous_relay)
define('confAUTH_OPTIONS', 'A')dnl
TRUST_AUTH_MECH('LOGIN PLAIN')dnl
define('confAUTH_MECHANISMS', 'LOGIN PLAIN')dnl
DAEMON_OPTIONS('Port=2500, Name=MSA, M=Ea')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
|
My /etc/conf.d/saslauthd already looks fine so I didn't change it:
| Code: | # Config file for /etc/init.d/saslauthd
# Initial (empty) options.
SASLAUTHD_OPTS=""
# Specify the authentications mechanism.
# **NOTE** For a list see: saslauthd -v
# Since 2.1.19, add "-r" to options for old behavior,
# ie. reassemble user and realm to user@realm form.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r"
SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam"
# Specify the hostname for remote IMAP server.
# **NOTE** Only needed if rimap auth mechanism is used.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost"
# Specify the number of worker processes to create.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -n 5"
# Enable credential cache, set cache size and timeout.
# **NOTE** Size is measured in kilobytes.
# Timeout is measured in seconds.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -c -s 128 -t 30" |
When I try to send an email however, I get the following error, even though authentication was used:
| Quote: | | Relaying denied. Proper authentication required |
I see the same error popping up in my /etc/mail/current logs, but no extra information:
| Code: |
Dec 30 13:51:25 [sm-mta] oBUCpPtr002628: ruleset=check_rcpt, arg1=<xxx@gmx.com>, relay=ns353374.ovh.net [91.121.94.74], reject=550 5.7.1 <xxx@gmx.com>... Relaying denied. Proper authentication required.
Dec 30 13:51:25 [sm-mta] oBUCpPtr002628: lost input channel from ns353374.ovh.net [91.121.94.74] to Daemon0 after rcpt
Dec 30 13:51:25 [sm-mta] oBUCpPtr002628: from=<xxx@gmx.com>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=Daemon0, relay=ns353374.ovh.net [91.121.94.74]
|
What am I doing wrong? I've got the feeling I'm close, but can't identify the problem on my own. |
|
Networking & Security
