SMTP AUTH En Sendmail, Ayuda please!!!
Alberto Seoane
alguien me podría indicar como configurar smtp auth con sendmail,
o algún enlace donde se explique cómo hacer esto. Hasta ahora sólo
he encontrado alguna información para hacer esto en RedHat y SUSE
pero al intentar hacerlo en Debian no me cuadra na de na.
Gracias por anticipado!!! :-)
--
To UNSUBSCRIBE, email to debian-user-s...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Erick Lopez Carreon
> Hola a todos,
> alguien me podría indicar como configurar smtp auth con sendmail,
> o algún enlace donde se explique cómo hacer esto. Hasta ahora sólo
> he encontrado alguna información para hacer esto en RedHat y SUSE
> pero al intentar hacerlo en Debian no me cuadra na de na.
>
> Gracias por anticipado!!! :-)
>
Hola:
En Debian,como es usual, es muy claro lo que hay que hacer
leiste el mensaje relativo a autentificacion cuando instalaste Sendmail?
Si no puedes hacerlo instalando sendmail en una maquina de prueba.
Basicamente la autentificacion confia en la implementacion de Cyrus
sasl, asi que sendmail debe estar compilado con soporte para SASL, en
Debian lo esta.
verificalo con
sendmail -d0.1
Luego necesitaras sasl instalado preguntale a apt para saber que
necesitas.
Instala lo necesario sigue las instrucciones que la misma instalacion de
sedmail te da y listo :)
Prueba conun telnet a tu MTA y debes ver AUTH,lo que quiere decir que tu
mailserver ya realiza autentificacion.
Luego a configurar los MUA.
Saludos!
Gotzon Astondoa
Suponiendo que Sendmail ya funcione bien estos son los pasos que seguí
yo:
Instalar la versión 2 de SASL:
# apt-get install sasl2-bin
Crear directorio:
# mkdir /etc/mail/sasl
Lanzar configurador de Sendmail:
urano:/etc/mail# sendmailconfig
Configure sendmail with the existing /etc/mail/sendmail.conf? [Y] y
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Writing configuration to /etc/mail/sendmail.conf.
Writing /etc/cron.d/sendmail.
Configure sendmail with the existing /etc/mail/sendmail.mc? [Y] y
Updating sendmail environment ...
Checking for installed MDAs...
chown: getting attributes of `/etc/mail/smrsh': No such file or directory
Created template file /etc/mail/sasl/sasl.m4
Edit this file if you wish to change the default SASL setup.
Ah, you're setup with SASL2 !
Unfortunately, there is no automagic way to migrate to /etc/sasldb2 :(
You'll want to make sure /etc/default/saslauthd is setup to start,
and has at least MECHANISMS="pam" !
If you find out what more is needed, please let me know!
To enable sendmail to use SASLS, you need to:
1) Add this line to /etc/mail/sendmail.mc and optionally
to /etc/mail/submit.mc:
include(`/etc/mail/sasl/sasl.m4')dnl
2) Run sendmailconfig
3) Restart sendmail
SASL2 is now minimally setup, there are a few ways to handle users:
*) Allow only shell users (default)
You're all set, nothing else to do !
*) Allow users other than shell
Add users via /usr/sbin/saslpasswd2 and make sure that the
realm you used matches what your users specify in their
netscape/outlook/mutt/etc profiles.
If you need to authorize sendmail as a sender, also update
/etc/mail/default-auth-info and rerun /usr/share/sendmail/update_auth.
Creating/Updating SSL(for TLS) information
cp: cannot create regular file `/etc/mail/tls/starttls.m4': No such file or
directory
Adding DOMAIN(debian-mta) to /etc/mail/sendmail.mc
Checking {sendmail,submit}.mc and related databases...
Creating /etc/mail/databases...
Creating /etc/mail/databases...
Creating /etc/mail/Makefile...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Writing configuration to /etc/mail/sendmail.conf.
Writing /etc/cron.d/sendmail.
Disabling HOST statistics file(/var/lib/sendmail/host_status).
Creating /etc/mail/sendmail.cf...
*** WARNING: FEATURE(`relay_mail_from') may cause your system to act as open
relay. Use SMTP AUTH or STARTTLS instead.
/etc/mail/sendmail.mc:34: m4: Cannot open
/usr/share/sendmail/cf/feature/relay_local_domain.m4: No such file or
directory
Creating /etc/mail/submit.cf...
/etc/mail/submit.mc:18: m4: Cannot open /usr/share/sendmail-cf/m4/cf.m4: No
such file or directory
Informational: confCT_FILE no data: /etc/mail/trusted-users
Updating /etc/mail/access...
Updating /etc/mail/mailertable...
Updating /etc/mail/virtusertable...
Updating /etc/mail/aliases...
/etc/mail/aliases: 15 aliases, longest 13 bytes, 211 bytes total
Warning: These messages were issued while creating sendmail.cf
make sure they are benign before starting sendmail!
Errors in generating sendmail.cf
*** WARNING: FEATURE(`relay_mail_from') may cause your system to act as open
relay. Use SMTP AUTH or STARTTLS instead.
/etc/mail/sendmail.mc:34: m4: Cannot open
/usr/share/sendmail/cf/feature/relay_local_domain.m4: No such file or
directory
Errors in generating submit.cf
/etc/mail/submit.mc:18: m4: Cannot open /usr/share/sendmail-cf/m4/cf.m4: No
such file or directory
Reload the running sendmail now with the new configuration? [Y] n
Editar el fichero de configuración de Sendmail:
# vi /etc/mail/sendmail.mc
Añadir al fichero la siguiente línea:
include(`/etc/mail/sasl/sasl.m4')dnl
Editar el fichero de autenticación de sasl:
# vi /etc/default/saslauthd
Y hacer que quede como sigue:
# This needs to be uncommented before saslauthd will be run automatically
START=yes
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="pam"
Arrancar el demonio sasl:
# /etc/INIT.d/saslauthd start
Lanzar configurador de Sendmail:
urano:/etc/mail# sendmailconfig
Se puede comprobar que realmente funciona del siguiente modo:
#telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 urano.conetion.com ESMTP Sendmail 8.12.11/8.12.11; Mon, 5 Jul 2004
16:01:53 +0200
ehlo asier
250-urano.conetion.com Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-DELIVERBY
250 HELP
quit
221 2.0.0 urano.conetion.com closing connection
Connection closed by foreign host.
La línea que debe salir es: 250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
Suerte.