Date: Sat, 5 Jan 2008 17:04:56 -0700 From: Andrew Falanga <af300wsm@gmail.com> To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: freebsd-questions@freebsd.org Subject: Re: My sendmail appears to be fixed, advice needed though Message-ID: <200801051704.56462.af300wsm@gmail.com> In-Reply-To: <20080105220659.GE53175@kobe.laptop> References: <200801051308.53420.af300wsm@gmail.com> <20080105220659.GE53175@kobe.laptop>
next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday 05 January 2008 15:06:59 Giorgos Keramidas wrote: > On 2008-01-05 13:08, Andrew Falanga <af300wsm@gmail.com> wrote: > > Hi everybody, > > Sorry for this flurry of e-mail from me over the last few days. This > > has been highly frustrating. > > You should post *more* details, not less. One of the things which was > missing from the older posts (or at least, one thing which I didn't see) > was a *FULL* copy of your local *.mc configuration file. > > > Basically, the instructions for setting up SSL and Authentication (from > > http://www.puresimplicity.net/~hemi/freebsd/sendmail.html) instruct to > > have the following lines in the <hostname>.mc file: > > > > define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl > > TRUST_AUTH_MECH(`PLAIN LOGIN')dnl > > define(`CERT_DIR', `/etc/mail/certs')dnl > > define(`confCACERT_PATH', `CERT_DIR')dnl > > define(`confCACERT', `CERT_DIR/mycert.pem')dnl > > define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl > > define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl > > define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl > > define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl > > DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl > > DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl > > > > I deleated this line: > > DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl > > That doesn't sound right. I think it's because you have the options > listed above *after* the MAILER() calls. This means that the options > are not `set' at the time the MAILER() calls generate your > configuration. So you probably end up with several instances of the > `MTA' and `TLSMTA' daemon definitions in the final `sendmail.cf' file. > > This could very well be the explanation of why your Sendmail *is* > listening on port :25 and it *also* tries to listen again, logging the > failures in syslog. > > > Is this a viable fix or will I be missing something? I was able to > > telnet to port 25 and send mail that way. I cannot relay without > > logging in, so I think it's fixed. > > See my previous post about moving MAILER() calls to the end of the file, > and give it another spin. You are *very* close to figuring it all out > and having a fully working setup, AFAICT :) > > Regards, > Giorgos Glad to see that I'm on the right track. I think, after seeing the full contents of my whitbap.mc file, you'll see that the problem is that put these lines *after* the MAILER lines. At any rate, here's the full whitbap.mc file and sorry for not posting it completely before: whitbap# cat whitbap.mc divert(-1) # # Copyright (c) 1983 Eric P. Allman # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgement: # This product includes software developed by the University of # California, Berkeley and its contributors. # 4. Neither the name of the University nor the names of its contributors # may be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # # This is a generic configuration file for FreeBSD 5.X and later systems. # If you want to customize it, copy it to a name appropriate for your # environment and do the modifications there. # # The best documentation for this .mc file is: # /usr/share/sendmail/cf/README or # /usr/src/contrib/sendmail/cf/README # divert(0) VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.30.2.2 2006/08/23 03:31:00 gshapiro Exp $') OSTYPE(freebsd6) DOMAIN(generic) FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access') FEATURE(blacklist_recipients) FEATURE(local_lmtp) FEATURE(mailertable, `hash -o /etc/mail/mailertable') FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') dnl Uncomment to allow relaying based on your MX records. dnl NOTE: This can allow sites to use your server as a backup MX without dnl your permission. dnl FEATURE(relay_based_on_MX) dnl DNS based black hole lists dnl -------------------------------- dnl DNS based black hole lists come and go on a regular basis dnl so this file will not serve as a database of the available servers. dnl For that, visit dnl http://directory.google.com/Top/Computers/Internet/Abuse/Spam/Blacklists/ dnl Uncomment to activate Realtime Blackhole List dnl information available at http://www.mail-abuse.com/ dnl NOTE: This is a subscription service as of July 31, 2001 dnl FEATURE(dnsbl) dnl Alternatively, you can provide your own server and rejection message: dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', `"550 Mail from " $&{client_addr} " rejected, see http://mail-abuse.org/cgi-bin/lookup?" $&{client_addr}') dnl Dialup users should uncomment and define this appropriately dnl define(`SMART_HOST', `your.isp.mail.server') dnl Uncomment the first line to change the location of the default dnl /etc/mail/local-host-names and comment out the second line. dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw') define(`confCW_FILE', `-o /etc/mail/local-host-names') dnl Enable for both IPv4 and IPv6 (optional) DAEMON_OPTIONS(`Name=IPv4, Family=inet') DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O') define(`confBIND_OPTS', `WorkAroundBrokenAAAA') define(`confNO_RCPT_ACTION', `add-to-undisclosed') define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy') FEATURE(`no_default_msa') MAILER(local) MAILER(smtp) MAILER(dovecot) define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl define(`CERT_DIR', `/etc/mail/certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/whitbap_cert.pem')dnl define(`confSERVER_CERT', `CERT_DIR/whitbap_cert.pem')dnl define(`confSERVER_KEY', `CERT_DIR/whitbap_key.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/whitbap_cert.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/whitbap_key.pem')dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801051704.56462.af300wsm>