From owner-freebsd-questions@freebsd.org Sun Jun 28 21:10:09 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A970198FD30 for ; Sun, 28 Jun 2015 21:10:09 +0000 (UTC) (envelope-from news@mips.inka.de) Received: from mail.inka.de (quechua.inka.de [IPv6:2001:7c0:407:1001:217:a4ff:fe3b:e77c]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 690DF18AB for ; Sun, 28 Jun 2015 21:10:09 +0000 (UTC) (envelope-from news@mips.inka.de) Received: from mips.inka.de (news@[127.0.0.1]) by mail.inka.de with uucp (rmailwrap 0.5) id 1Z9Jq2-0001Su-2Z; Sun, 28 Jun 2015 23:10:06 +0200 Received: from lorvorc.mips.inka.de (localhost [127.0.0.1]) by lorvorc.mips.inka.de (8.14.9/8.14.9) with ESMTP id t5SKawh4028751 for ; Sun, 28 Jun 2015 22:36:58 +0200 (CEST) (envelope-from news@lorvorc.mips.inka.de) Received: (from news@localhost) by lorvorc.mips.inka.de (8.14.9/8.14.9/Submit) id t5SKaw4b028750 for freebsd-questions@freebsd.org; Sun, 28 Jun 2015 22:36:58 +0200 (CEST) (envelope-from news) To: freebsd-questions@freebsd.org From: Christian Weisgerber Newsgroups: list.freebsd.questions Subject: Sendmail: SMTP auth and smart host? Date: Sun, 28 Jun 2015 20:36:58 +0000 (UTC) Lines: 110 Message-ID: X-Trace: lorvorc.mips.inka.de 1435523818 28164 ::1 (28 Jun 2015 20:36:58 GMT) X-Complaints-To: usenet@mips.inka.de User-Agent: slrn/1.0.2 (FreeBSD) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Jun 2015 21:10:09 -0000 I'm trying to add a very standard piece of configuration to my sendmail setup: Send all mail to a smart host and use SMTP client authentication for talking to the smart host. There are many examples, howtos, tutorials, etc. about this all over the net, e.g. https://www.dnsexit.com/support/mailrelay/sendmail.html Define the smart host, set the authentication information in the access database, and sendmail will automagically use it for SMTP AUTH. Alas, the magic doesn't happen: ------------------------------------------------------------------------ naddy@unix-ag.uni-kl.de... Connecting to [127.0.0.1] via relay... 220 lorvorc.mips.inka.de ESMTP Sendmail 8.14.9/8.14.9; Sun, 28 Jun 2015 22:01:07 +0200 (CEST) >>> EHLO lorvorc.mips.inka.de 250-lorvorc.mips.inka.de Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-EXPN 250-VERB 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-DELIVERBY 250 HELP >>> VERB 250 2.0.0 Verbose mode >>> MAIL From: SIZE=27 250 2.1.0 ... Sender ok >>> RCPT To: >>> DATA 250 2.1.5 ... Recipient ok 354 Enter mail, end with "." on a line by itself >>> . 050 ... Connecting to mail.inka.de. via relay... 050 220 mail.inka.de ESMTP Exim - mail ready at Sun, 28 Jun 2015 22:01:07 +0200 050 >>> EHLO lorvorc.mips.inka.de 050 250-mail.inka.de Hello dslb-188-104-157-230.188.104.pools.vodafone-ip.de [188.104.157.230] 050 250-SIZE 67108864 050 250-8BITMIME 050 250-PIPELINING 050 250-STARTTLS 050 250 HELP 050 >>> STARTTLS 050 220 TLS go ahead 050 >>> EHLO lorvorc.mips.inka.de 050 250-mail.inka.de Hello dslb-188-104-157-230.188.104.pools.vodafone-ip.de [188.104.157.230] 050 250-SIZE 67108864 050 250-8BITMIME 050 250-PIPELINING 050 250-AUTH PLAIN LOGIN 050 250 HELP 050 >>> MAIL From: SIZE=382 050 250 OK 050 >>> RCPT To: 050 >>> DATA 050 550 relay not permitted 050 503-All RCPT commands were rejected with this error: 050 503-relay not permitted 050 503 Valid RCPT command must precede DATA 050 >>> RSET 050 250 Reset OK 050 ... Connecting to local... 050 ... Sent 250 2.0.0 t5SK17H8027901 Message accepted for delivery naddy@unix-ag.uni-kl.de... Sent (t5SK17H8027901 Message accepted for delivery) Closing connection to [127.0.0.1] >>> QUIT 221 2.0.0 lorvorc.mips.inka.de closing connection ------------------------------------------------------------------------ As the -v output shows, sendmail simply never attempts to use client authentication. _Something_ must be wrong or missing, but I don't see it. sendmail.mc: ------------------------------------------------------------------------ OSTYPE(freebsd6) MASQUERADE_AS(`mips.inka.de') FEATURE(accept_unresolvable_domains) FEATURE(access_db) FEATURE(allmasquerade) FEATURE(masquerade_envelope) FEATURE(local_procmail) FEATURE(use_cw_file) define(`ALIAS_FILE', `/etc/mail/aliases,-o /etc/mail/aliases.newsgate') define(`LUSER_RELAY', `local:dev-null') define(`SMART_HOST', `[mail.inka.de]') define(`UUCP_MAILER_MAX', 0) DAEMON_OPTIONS(`Name=IPv4, Family=inet') DAEMON_OPTIONS(`Name=IPv6, Family=inet6') MAILER(local) MAILER(smtp) MAILER(../../../../local/share/sendmail/bsmtp) MAILER(uucp) ------------------------------------------------------------------------ access database: ------------------------------------------------------------------------ AuthInfo:mail.inka.de "U:xxxx" "I:xxxx" "P:yyyy" "M:PLAIN" ------------------------------------------------------------------------ (Meanwhile I'm sending this by UUCP... because it works.) -- Christian "naddy" Weisgerber naddy@mips.inka.de