Can't seem to disable STARTTLS in Fedora sendmail
Wayne Johnson
wdtj at yahoo.com
Fri Jan 30 21:25:20 UTC 2004
Hmm. I was unaware that Comcast was now requiring a userid/password.
I'll try this.
Thanks.
--- Alexander Dalloz <alexander.dalloz at uni-bielefeld.de> wrote:
> Am Fr, den 30.01.2004 schrieb Wayne Johnson um 20:32:
> > We have a new Fedora system that is suppose to send it's mail (using
> > sendmail, no flames PLEASE!), to smtp.comcast.net. When we attempt
> to
> > send it from a local account, we get an error back that the user is
> > invalid. Strange, but it works find for mail being relayed from/for
> > other windows machines.
>
> [ snip ]
>
> The following may help. MSGID
> <pan.2003.12.09.20.06.13.406002 at SPAMmindspring.com> on
> comp.mail.sendmail 9th December 2003
>
> ### quote ###
>
> I'll be the first to admit I'm not even close to an expert on sendmail.
> I've just spent hours and hours working on this, so I thought I'd share
> my
> solution. Hopefully it will save time and trouble for someone else.
>
> My setup:
> sendmail 8.12.8, running on Red Hat Linux 8.0 This box is the outgoing
> mail server for my home network (which uses the fake domain name
> homenet.local).
> My goal:
> Have my server forward all its outgoing mail to my ISP's SMTP server
> (smtp.comcast.net), which requires a username and password.
>
> Below are my relevant configuration files, with some notes on each
> one.
>
> Here are the active lines from my sendmail.mc:
>
> divert(-1)dnl
>
> include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`setup for Red
> Hat
> Linux')dnl OSTYPE(`linux')dnl
>
> define(`SMART_HOST',`smtp.comcast.net') dnl #
> define(`confDEF_USER_ID',``8:12'')dnl define(`confTRUSTED_USER',
> `smmsp')dnl dnl define(`confAUTO_REBUILD')dnl
> define(`confTO_CONNECT', `1m')dnl
> define(`confTRY_NULL_MX_LIST',true)dnl
> define(`confDONT_PROBE_INTERFACES',true)dnl
> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
> define(`ALIAS_FILE',
> `/etc/aliases')dnl dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
> define(`UUCP_MAILER_MAX', `2000000')dnl define(`confUSERDB_SPEC',
> `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS',
> `authwarnings,novrfy,noexpn,restrictqrun')dnl
> define(`confAUTH_OPTIONS',
> `A')dnl
>
> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
> LOGIN
> PLAIN')dnl FEATURE(`authinfo')dnl
>
> define(`confCACERT_PATH',`/usr/share/ssl/certs')
> define(`confCACERT',`/usr/share/ssl/certs/ca.crt')
> define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
> define(`confCLIENT_CERT',`/usr/share/ssl/certs/user.crt')
> define(`confCLIENT_KEY',`/usr/share/ssl/certs/user.key')
>
> dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
>
> dnl define(`confTO_QUEUEWARN', `4h')dnl dnl
> define(`confTO_QUEUERETURN',
> `5d')dnl dnl define(`confQUEUE_LA', `12')dnl
> dnl define(`confREFUSE_LA', `18')dnl
> define(`confTO_IDENT', `0')dnl
> dnl FEATURE(delay_checks)dnl
> FEATURE(`no_default_msa',`dnl')dnl
> FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`mailertable',`hash -o
> /etc/mail/mailertable.db')dnl FEATURE(`virtusertable',`hash -o
> /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl
> FEATURE(always_add_domain)dnl
> FEATURE(use_cw_file)dnl
> FEATURE(use_ct_file)dnl
>
> FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
> FEATURE(`relay_hosts_only')dnl
> FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
> FEATURE(`blacklist_recipients')dnl
> EXPOSED_USER(`root')dnl
> dnl #
> DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl dnl #
> dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl dnl #
> dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl dnl #
> dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
> dnl
> #
> FEATURE(`accept_unresolvable_domains')dnl dnl #
> dnl FEATURE(`relay_based_on_MX')dnl
> dnl #
> dnl # Also accept email sent to "localhost.localdomain" as local email.
> dnl #
> LOCAL_DOMAIN(`localhost.localdomain')dnl dnl #
> dnl # The following example makes mail from this host and any
> additional
> dnl # specified domains appear to be sent from mydomain.com dnl #
> MASQUERADE_AS(`comcast.net')dnl
> dnl #
> dnl # masquerade not just the headers, but the envelope as well dnl #
> FEATURE(masquerade_envelope)dnl
> dnl #
> dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com
> as
> well dnl #
> dnl FEATURE(masquerade_entire_domain)dnl dnl #
> dnl MASQUERADE_DOMAIN(localhost)dnl
> dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl dnl
> MASQUERADE_DOMAIN(homenet.local)dnl MAILER(smtp)dnl
> MAILER(procmail)dnl
>
> Note:
> -After editing this file, run m4 sendmail.mc > sendmail.cf and then
> /etc/rc.d/init.d/sendmail restart
> -If the server doesn't need to accept incoming email, then change the
> following line
> from..
> DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
> to..
> DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
>
>
> This is my authinfo file:
>
> Authinfo:smtp.comcast.net "U:myusername" "I:myusername" "P:mypa55word"
> "R:"
>
> Notes:
> - This is a plaintext file, that contains the ISP's mailserver's
> password,
> so it shouldn't be world-readable.
>
>
> Here's my access file:
>
> # by default we allow relaying from localhost...
> localhost.localdomain RELAY
> localhost RELAY
> 127.0.0.1 RELAY
> workstation1.homenet.local RELAY
> workstation2.homenet.local RELAY
>
> # Uncomment the line below to disable TLS
> # Try_TLS:smtp.comcast.net NO
>
> Note:
> - After editing this file, run makemap hash access < access and then
> /etc/rc.d/init.d/sendmail restart
> - I found disabling TLS was useful during troubleshooting, as I could
> use
> ethereal (packet sniffer) to monitor exactly what the servers were
> saying
> to each other.
>
> Hope this helps,
>
> George Lane
> Atlanta
>
> ### quote end ###
>
> Alexander
>
>
> --
> Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
> Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel
> 2.4.22-1.2149.nptl
> Sirendipity 22:15:54 up 4:31, 7 users, 0.28, 0.26, 0.41
> [ ÎνÏθι Ï'αÏ
Ïον - gnothi seauton ]
>
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
=====
---
Wayne Johnson, | There are two kinds of people: Those
3943 Penn Ave. N. | who say to God, "Thy will be done,"
Minneapolis, MN 55412-1908 | and those to whom God says, "All right,
(612) 522-7003 | then, have it your way." --C.S. Lewis
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/
More information about the fedora-list
mailing list