From owner-freebsd-questions@FreeBSD.ORG Mon Jun 1 16:56:33 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0B59BF60 for ; Mon, 1 Jun 2015 16:56:33 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from ms-10.1blu.de (ms-10.1blu.de [178.254.4.101]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BB69C1991 for ; Mon, 1 Jun 2015 16:56:32 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from [93.104.5.228] (helo=localhost.unixarea.de) by ms-10.1blu.de with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1YzT0n-0004Jt-3o; Mon, 01 Jun 2015 18:56:29 +0200 Received: from localhost.my.domain (c720-r276659 [127.0.0.1]) by localhost.unixarea.de (8.14.9/8.14.9) with ESMTP id t51GuRFJ002411 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 1 Jun 2015 18:56:27 +0200 (CEST) (envelope-from guru@unixarea.de) Received: (from guru@localhost) by localhost.my.domain (8.14.9/8.14.9/Submit) id t51GuQHC002410; Mon, 1 Jun 2015 18:56:26 +0200 (CEST) (envelope-from guru@unixarea.de) X-Authentication-Warning: localhost.my.domain: guru set sender to guru@unixarea.de using -f Date: Mon, 1 Jun 2015 18:56:26 +0200 From: Matthias Apitz To: Aryeh Friedman Cc: FreeBSD Mailing List Subject: Re: best options for a *WORKING* MTA Message-ID: <20150601165626.GA2379@c720-r276659> Reply-To: Matthias Apitz Mail-Followup-To: Matthias Apitz , Aryeh Friedman , FreeBSD Mailing List References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Operating-System: FreeBSD 11.0-CURRENT r269739 (i386) User-Agent: Mutt/1.5.23 (2014-03-12) X-Con-Id: 51246 X-Con-U: 0-guru X-Originating-IP: 93.104.5.228 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Jun 2015 16:56:33 -0000 El día Monday, June 01, 2015 a las 12:48:46PM -0400, Aryeh Friedman escribió: > I have tried every which way I can find in the handbook and/or on the net > to get a working mail server and the best I can do get the default sendmail > to answer on localhost only (postfix seems to be completely broken). > Where can I find a good *SIMPLE* set of instructions on how to set up a > working mail server to accept mail for my domain? attached below is mine which works fine for years for my domain 'unixarea.de' and MX host of the ISP smtp.1blu.de matthias $Id: sendmail.txt,v 1.4 2014/10/05 14:51:32 guru Exp $ how to enable AUTH in SMTP (required since 2010 for my outbound mail): we need the follwing ports and a recompiled 'sendmail' with some config; details are described here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html - install port security/cyrus-sasl2 - config line in /usr/local/lib/sasl2/Sendmail.conf pwcheck_method: saslauthd - install port security/cyrus-sasl2-saslauthd, - edit /etc/rc.conf: saslauthd_enable="YES" - restart daemon with # /usr/local/etc/rc.d/saslauthd start - recompile sendmail with /etc/make.conf set to SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 # cd /usr/src/lib/libsmutil # make cleandir && make obj && make # cd /usr/src/lib/libsm # make cleandir && make obj && make # cd /usr/src/usr.sbin/sendmail # make cleandir && make obj && make && make install - configure sendmail with the lines in /etc/mail/current.Sisis.de.mc: # added by guru # define(`SMART_HOST', `smtp.1blu.de')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl FEATURE(`masquerade_envelope') FEATURE(`accept_unresolvable_domains') FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl # MAILER(local) MAILER(smtp) # added by guru # MASQUERADE_AS(`unixarea.de') # dnl set SASL options TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl # # end of adds - run make and move the config as: # mv current.Sisis.de.cf sendmail.cf # mv current.Sisis.de.submit.cf submit.cf # /etc/rc.d/sendmail onerestart AUTH for SMTP is described in http://www.sendmail.org/~ca/email/auth.html - config AUTH in (create) /etc/mail/auth/client-info as: AuthInfo:smtp.1blu.de "U:root" "I:YYYYYYYYYYYYY" "P:XXXXXXXXXXXXX" see: http://www.sendmail.org/documentation/configurationReadme The RHS for an AuthInfo: entry in the access map should consists of a list of tokens, each of which has the form: "TDstring" (including the quotes). T is a tag which describes the item, D is a delimiter, either ':' for simple text or '=' for a base64 encoded string. Valid values for the tag are: U user (authorization) id I authentication id P password R realm M list of mechanisms delimited by spaces - build the database # cd /etc/mail/auth # makemap hash client-info < client-info # chmod 0600 client-info all should be fine now; - to test SSL: $ openssl s_client -connect smtp.1blu.de:25 -starttls smtp # /etc/rc.d/sendmail restart # printf "To: guru@unixarea.de\nSubject: test\n\ntest\n" | /usr/sbin/sendmail -t # tail -f /var/log/maillog Oct 5 16:46:13 unixarea sm-mta[2805]: STARTTLS=client, relay=smtp.1blu.de., version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 Oct 5 16:46:14 unixarea sm-mta[2805]: s95Ek5j4002803: to=, ctladdr= (1001/0), delay=00:00:08, xdelay=00:00:08, mailer=relay, pri=30342, relay=smtp.1blu.de. [178.254.4.101], dsn=2.0.0, stat=Sent (OK id=1Xan4f-0007Lv-Qu) -- Matthias Apitz, guru@unixarea.de, http://www.unixarea.de/ +49-170-4527211 +49-176-38902045 "Wenn der Mensch von den Umständen gebildet wird, so muß man die Umstände menschlich bilden." "Si el hombre es formado por las circunstancias entonces es necesario formar humanamente las circunstancias", Karl Marx in Die heilige Familie / La sagrada familia (MEW 2, 138)