Re: SMTP AUTH En Sendmail, Ayuda please!!!
Hola:
Suponiendo que Sendmail ya funcione bien estos son los pasos que seguí
yo:
Instalar la versión 2 de SASL:
# apt-get install sasl2-bin
Crear directorio:
# mkdir /etc/mail/sasl
Lanzar configurador de Sendmail:
urano:/etc/mail# sendmailconfig
Configure sendmail with the existing /etc/mail/sendmail.conf? [Y] y
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Writing configuration to /etc/mail/sendmail.conf.
Writing /etc/cron.d/sendmail.
Configure sendmail with the existing /etc/mail/sendmail.mc? [Y] y
Updating sendmail environment ...
Checking for installed MDAs...
chown: getting attributes of `/etc/mail/smrsh': No such file or directory
Created template file /etc/mail/sasl/sasl.m4
Edit this file if you wish to change the default SASL setup.
Ah, you're setup with SASL2 !
Unfortunately, there is no automagic way to migrate to /etc/sasldb2 :(
You'll want to make sure /etc/default/saslauthd is setup to start,
and has at least MECHANISMS="pam" !
If you find out what more is needed, please let me know!
To enable sendmail to use SASLS, you need to:
1) Add this line to /etc/mail/sendmail.mc and optionally
to /etc/mail/submit.mc:
include(`/etc/mail/sasl/sasl.m4')dnl
2) Run sendmailconfig
3) Restart sendmail
SASL2 is now minimally setup, there are a few ways to handle users:
*) Allow only shell users (default)
You're all set, nothing else to do !
*) Allow users other than shell
Add users via /usr/sbin/saslpasswd2 and make sure that the
realm you used matches what your users specify in their
netscape/outlook/mutt/etc profiles.
If you need to authorize sendmail as a sender, also update
/etc/mail/default-auth-info and rerun /usr/share/sendmail/update_auth.
Creating/Updating SSL(for TLS) information
cp: cannot create regular file `/etc/mail/tls/starttls.m4': No such file or
directory
Adding DOMAIN(debian-mta) to /etc/mail/sendmail.mc
Checking {sendmail,submit}.mc and related databases...
Creating /etc/mail/databases...
Creating /etc/mail/databases...
Creating /etc/mail/Makefile...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Writing configuration to /etc/mail/sendmail.conf.
Writing /etc/cron.d/sendmail.
Disabling HOST statistics file(/var/lib/sendmail/host_status).
Creating /etc/mail/sendmail.cf...
*** WARNING: FEATURE(`relay_mail_from') may cause your system to act as open
relay. Use SMTP AUTH or STARTTLS instead.
/etc/mail/sendmail.mc:34: m4: Cannot open
/usr/share/sendmail/cf/feature/relay_local_domain.m4: No such file or
directory
Creating /etc/mail/submit.cf...
/etc/mail/submit.mc:18: m4: Cannot open /usr/share/sendmail-cf/m4/cf.m4: No
such file or directory
Informational: confCT_FILE no data: /etc/mail/trusted-users
Updating /etc/mail/access...
Updating /etc/mail/mailertable...
Updating /etc/mail/virtusertable...
Updating /etc/mail/aliases...
/etc/mail/aliases: 15 aliases, longest 13 bytes, 211 bytes total
Warning: These messages were issued while creating sendmail.cf
make sure they are benign before starting sendmail!
Errors in generating sendmail.cf
*** WARNING: FEATURE(`relay_mail_from') may cause your system to act as open
relay. Use SMTP AUTH or STARTTLS instead.
/etc/mail/sendmail.mc:34: m4: Cannot open
/usr/share/sendmail/cf/feature/relay_local_domain.m4: No such file or
directory
Errors in generating submit.cf
/etc/mail/submit.mc:18: m4: Cannot open /usr/share/sendmail-cf/m4/cf.m4: No
such file or directory
Reload the running sendmail now with the new configuration? [Y] n
Editar el fichero de configuración de Sendmail:
# vi /etc/mail/sendmail.mc
Añadir al fichero la siguiente línea:
include(`/etc/mail/sasl/sasl.m4')dnl
Editar el fichero de autenticación de sasl:
# vi /etc/default/saslauthd
Y hacer que quede como sigue:
# This needs to be uncommented before saslauthd will be run automatically
START=yes
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="pam"
Arrancar el demonio sasl:
# /etc/INIT.d/saslauthd start
Lanzar configurador de Sendmail:
urano:/etc/mail# sendmailconfig
Se puede comprobar que realmente funciona del siguiente modo:
#telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 urano.conetion.com ESMTP Sendmail 8.12.11/8.12.11; Mon, 5 Jul 2004
16:01:53 +0200
ehlo asier
250-urano.conetion.com Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-DELIVERBY
250 HELP
quit
221 2.0.0 urano.conetion.com closing connection
Connection closed by foreign host.
La línea que debe salir es: 250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
Suerte.
----- Original Message -----
From: "Erick Lopez Carreon" <erick@fsl.org.mx>
To: <segmentation_fault@telefonica.net>
Cc: "Debian Spanish" <debian-user-spanish@lists.debian.org>
Sent: Saturday, July 10, 2004 8:36 PM
Subject: Re: SMTP AUTH En Sendmail, Ayuda please!!!
> On Fri, 2004-07-09 at 07:50, Alberto Seoane wrote:
> > Hola a todos,
> > alguien me podría indicar como configurar smtp auth con sendmail,
> > o algún enlace donde se explique cómo hacer esto. Hasta ahora sólo
> > he encontrado alguna información para hacer esto en RedHat y SUSE
> > pero al intentar hacerlo en Debian no me cuadra na de na.
> >
> > Gracias por anticipado!!! :-)
> >
>
> Hola:
>
> En Debian,como es usual, es muy claro lo que hay que hacer
>
> leiste el mensaje relativo a autentificacion cuando instalaste Sendmail?
>
> Si no puedes hacerlo instalando sendmail en una maquina de prueba.
>
> Basicamente la autentificacion confia en la implementacion de Cyrus
> sasl, asi que sendmail debe estar compilado con soporte para SASL, en
> Debian lo esta.
>
> verificalo con
> sendmail -d0.1
>
> Luego necesitaras sasl instalado preguntale a apt para saber que
> necesitas.
>
>
> Instala lo necesario sigue las instrucciones que la misma instalacion de
> sedmail te da y listo :)
>
>
> Prueba conun telnet a tu MTA y debes ver AUTH,lo que quiere decir que tu
> mailserver ya realiza autentificacion.
>
> Luego a configurar los MUA.
>
> Saludos!
>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: