Date: Mon, 10 Jul 2017 15:34:21 GMT From: Anton Shterenlikht <as@cmplx.uk> To: freebsd-questions@freebsd.org Subject: SOLVED: WAS Re: sendmail status and auth advice Message-ID: <201707101534.v6AFYLeA021478@jail0199.vps.exonetric.net> In-Reply-To: <201707101210.v6ACACeW010883@jail0199.vps.exonetric.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Seaman matthew at FreeBSD.org Mon Jul 10 12:56:18 UTC 2017 > >Authentication setup in sendmail hasn't changed for quite some time, so >the old docs you may find online are probably still relevant. One >problem you'll find is that the vast majority of the stuff you'll find >about sendmail authentication is talking about sendmail acting as the >server end of the authentication, whereas you want it to behave as the >client end. If I recall correctly that needs authinfo settings in >/etc/mail/access, or (recommended) you need to add FEATURE(`authinfo') >to your .mc file to create a dedicated file. Yes, "Using sendmail as a client with AUTH", http://www.sendmail.org/~ca/email/auth.html#authclientinfo has the required info, apart from: define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl which is mentioned here: https://unix.stackexchange.com/questions/132711/using-port-587-with-sendmail >I'd advise you to get hold of a copy of the O'Reilly Sendmail book -- >that's a pretty comprehensive guide on everything you need to know about >configuring sendmail. I have this book in the library, in fact I ordered it, but... it's a complete monster to read. >Another surprisingly useful guide is >/usr/share/sendmail/cf/README -- it covers a remarkably large amount of >stuff. Agreed. For what I need, one can go straight to SMTP AUTHENTICATION section. >If you are trying to configure sendmail to pretend to be a mail client >and submit messages by port 587 then in general you don't need a local >SSL certificate. Unless, of course, your service provider has >configured things to require one, but office365 doesn't do that. Yes, this is indeed what I'm trying to do, which, as I found out is called "Using sendmail as a client with AUTH". >However, normal sysadminly paranoia suggests that you definitely want >STARTTLS to happen before sendmail tries to send any passwords around. >I know it is possible to enforce that from the sendmail client end, but >I've forgotten exactly how since I stopped using sendmail for anything >significant mail-wize. This I haven't figured out yet. Thanks Anton
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201707101534.v6AFYLeA021478>