Can't seem to disable STARTTLS in Fedora sendmail

Wayne Johnson wdtj at yahoo.com
Fri Jan 30 21:25:20 UTC 2004 

Hmm.  I was unaware that Comcast was now requiring a userid/password. 
I'll try this.

Thanks.

--- Alexander Dalloz <alexander.dalloz at uni-bielefeld.de> wrote:
> Am Fr, den 30.01.2004 schrieb Wayne Johnson um 20:32:
> > We have a new Fedora system that is suppose to send it's mail (using
> > sendmail, no flames PLEASE!), to smtp.comcast.net.  When we attempt
> to
> > send it from a local account, we get an error back that the user is
> > invalid.  Strange, but it works find for mail being relayed from/for
> > other windows machines.  
> 
> [ snip ]
> 
> The following may help. MSGID
> <pan.2003.12.09.20.06.13.406002 at SPAMmindspring.com> on
> comp.mail.sendmail 9th December 2003
> 
> ### quote ###
> 
> I'll be the first to admit I'm not even close to an expert on sendmail.
> I've just spent hours and hours working on this, so I thought I'd share
> my
> solution. Hopefully it will save time and trouble for someone else.
> 
> My setup:
>  sendmail 8.12.8, running on Red Hat Linux 8.0 This box is the outgoing
>  mail server for my home network (which uses the fake domain name
>  homenet.local).
> My goal:
>  Have my server forward all its outgoing mail to my ISP's SMTP server
> (smtp.comcast.net), which requires a username and password.
> 
>  Below are my relevant configuration files, with some notes on each
> one.
> 
> Here are the active lines from my sendmail.mc:
> 
> divert(-1)dnl
> 
> include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`setup for Red
> Hat
> Linux')dnl OSTYPE(`linux')dnl
> 
> define(`SMART_HOST',`smtp.comcast.net') dnl #
> define(`confDEF_USER_ID',``8:12'')dnl define(`confTRUSTED_USER',
> `smmsp')dnl dnl define(`confAUTO_REBUILD')dnl
> define(`confTO_CONNECT', `1m')dnl
> define(`confTRY_NULL_MX_LIST',true)dnl
> define(`confDONT_PROBE_INTERFACES',true)dnl
> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
> define(`ALIAS_FILE',
> `/etc/aliases')dnl dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
> define(`UUCP_MAILER_MAX', `2000000')dnl define(`confUSERDB_SPEC',
> `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS',
> `authwarnings,novrfy,noexpn,restrictqrun')dnl
> define(`confAUTH_OPTIONS',
> `A')dnl
> 
> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
> LOGIN
> PLAIN')dnl FEATURE(`authinfo')dnl
> 
> define(`confCACERT_PATH',`/usr/share/ssl/certs')
> define(`confCACERT',`/usr/share/ssl/certs/ca.crt')
> define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
> define(`confCLIENT_CERT',`/usr/share/ssl/certs/user.crt')
> define(`confCLIENT_KEY',`/usr/share/ssl/certs/user.key')
> 
> dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
> 
> dnl define(`confTO_QUEUEWARN', `4h')dnl dnl
> define(`confTO_QUEUERETURN',
> `5d')dnl dnl define(`confQUEUE_LA', `12')dnl
> dnl define(`confREFUSE_LA', `18')dnl
> define(`confTO_IDENT', `0')dnl
> dnl FEATURE(delay_checks)dnl
> FEATURE(`no_default_msa',`dnl')dnl
> FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`mailertable',`hash -o
> /etc/mail/mailertable.db')dnl FEATURE(`virtusertable',`hash -o
> /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl
> FEATURE(always_add_domain)dnl
> FEATURE(use_cw_file)dnl
> FEATURE(use_ct_file)dnl
> 
> FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
> FEATURE(`relay_hosts_only')dnl
> FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
> FEATURE(`blacklist_recipients')dnl
> EXPOSED_USER(`root')dnl
> dnl #
> DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl dnl #
> dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl dnl #
> dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl dnl #
> dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
> dnl
> #
> FEATURE(`accept_unresolvable_domains')dnl dnl #
> dnl FEATURE(`relay_based_on_MX')dnl
> dnl #
> dnl # Also accept email sent to "localhost.localdomain" as local email.
> dnl #
> LOCAL_DOMAIN(`localhost.localdomain')dnl dnl #
> dnl # The following example makes mail from this host and any
> additional
> dnl # specified domains appear to be sent from mydomain.com dnl #
> MASQUERADE_AS(`comcast.net')dnl
> dnl #
> dnl # masquerade not just the headers, but the envelope as well dnl #
> FEATURE(masquerade_envelope)dnl
> dnl #
> dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com
> as
> well dnl #
> dnl FEATURE(masquerade_entire_domain)dnl dnl #
> dnl MASQUERADE_DOMAIN(localhost)dnl
> dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl dnl
> MASQUERADE_DOMAIN(homenet.local)dnl MAILER(smtp)dnl
> MAILER(procmail)dnl
> 
> Note:
> -After editing this file, run m4 sendmail.mc > sendmail.cf and then
> /etc/rc.d/init.d/sendmail restart
> -If the server doesn't need to accept incoming email, then change the
> following line 
> from..
> DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
> to..
> DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
> 
> 
> This is my authinfo file:
> 
> Authinfo:smtp.comcast.net "U:myusername" "I:myusername" "P:mypa55word"
> "R:"
> 
> Notes:
> - This is a plaintext file, that contains the ISP's mailserver's
> password,
> so it shouldn't be world-readable.
> 
> 
> Here's my access file:
> 
> # by default we allow relaying from localhost...
> localhost.localdomain		RELAY
> localhost			RELAY
> 127.0.0.1			RELAY
> workstation1.homenet.local	RELAY
> workstation2.homenet.local	RELAY
> 
> # Uncomment the line below to disable TLS
> # Try_TLS:smtp.comcast.net    NO
> 
> Note:
>  - After editing this file, run makemap hash access < access and then
> /etc/rc.d/init.d/sendmail restart
>  - I found disabling TLS was useful during troubleshooting, as I could
> use
>  ethereal (packet sniffer) to monitor exactly what the servers were
> saying
>  to each other.
> 
> Hope this helps,
> 
>  George Lane
>  Atlanta
> 
> ### quote end ###
> 
> Alexander
> 
> 
> -- 
> Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
> Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel
> 2.4.22-1.2149.nptl
> Sirendipity 22:15:54 up 4:31, 7 users, 0.28, 0.26, 0.41 
>                    [ Γνωθι σ'αυτον - gnothi seauton ]
> 
> 
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list


=====
---
Wayne Johnson,             | There are two kinds of people: Those 
3943 Penn Ave. N.          | who say to God, "Thy will be done," 
Minneapolis, MN 55412-1908 | and those to whom God says, "All right, 
(612) 522-7003             | then,  have it your way." --C.S. Lewis

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/

More information about the fedora-list mailing list