From owner-freebsd-questions@FreeBSD.ORG Tue Aug 8 08:26:06 2006 Return-Path: X-Original-To: questions@FreeBSD.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 557D416A4E5 for ; Tue, 8 Aug 2006 08:26:06 +0000 (UTC) (envelope-from frankstaals@gmx.net) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 6AD3C43D58 for ; Tue, 8 Aug 2006 08:25:03 +0000 (GMT) (envelope-from frankstaals@gmx.net) Received: (qmail invoked by alias); 08 Aug 2006 08:24:50 -0000 Received: from ip176-173-59-62.adsl.versatel.nl (EHLO [192.168.2.5]) [62.59.173.176] by mail.gmx.net (mp033) with SMTP; 08 Aug 2006 10:24:50 +0200 X-Authenticated: #25365336 Message-ID: <44D84A4D.4050801@gmx.net> Date: Tue, 08 Aug 2006 10:24:45 +0200 From: Frank Staals User-Agent: Thunderbird 1.5.0.4 (X11/20060706) MIME-Version: 1.0 To: Greg Groth References: <44D3C56A.60806@gmx.net> <44D77B38.7020002@gmx.net> <44D785C6.10605@gregs-garage.com> <44D78A85.8000301@gmx.net> <44D7924D.3050605@gregs-garage.com> In-Reply-To: <44D7924D.3050605@gregs-garage.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: questions@FreeBSD.org Subject: Re: Sendmail Question; unable to send mail as normal user X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Aug 2006 08:26:06 -0000 Greg Groth wrote: >> Hmm I guess that sould be the problem then: >> >> root@Fstaals$ telnet localhost 25 >> Trying ::1... >> Trying 127.0.0.1... >> Connected to localhost.eu.org >> Escape character is '^]'. >> 220 Fstaals.net ESMTP Sendmail 8.13.3/8.13.3; Mon, 7 Aug 2006 >> 20:31:30 +0200 (CE >> ST) >> EHLO localhost >> 250-Fstaals.net Hello localhost.eu.org [127.0.0.1], pleased to meet you >> 250-ENHANCEDSTATUSCODES >> 250-PIPELINING >> 250-8BITMIME >> 250-SIZE >> 250-DSN >> 250-ETRN >> 250-DELIVERBY >> 250 HELP >> >> I compiled sendmail with the following options: >> >> root@Fstaals$ cat /etc/make.conf >> # SASL (cyrus-sasl v2) sendmail build flags... >> SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 >> SENDMAIL_LDFLAGS=-L/usr/local/lib >> SENDMAIL_LDADD=-lsasl2 >> # Adding to enable alternate port (smtps) for sendmail... >> SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL >> # added by use.perl 2006-03-02 22:35:07 >> PERL_VER=5.8.8 >> PERL_VERSION=5.8.8 >> >> What should I do fix this ? Appart from those lines in /etc/make.conf >> I didn't change anything regarding to the build of sendmail >> >> Regards, >> > > Need more info. How did you recompile Sendmail? For instance, I did > a minimal install, updated my ports, installed cvsup-without-gui & > fastest-cvsup, cvsupped my sources, ran a buildworld to get the base > system up to date, then added the following to make.conf: > > > > In the instances I had a screwup in which I could not resolve, I've > made the following bonehead moves: > > 1. Ran make installworld without dropping to single-user mode > 2. cvsupped to the wrong source tree due to my ignorance of the tags > in the cvsup file. > > My latest misadventures with getting PLAIN LOGIN working were on > systems where I did everything correctly, but installed a number of > ports prior to messing with the MTA. This included Apache, PHP, > MySQL, Squirrelmail, XOrg, KDE-lite, and whatever dependencies were > needed. The same issue occured with trying to get PLAIN AUTH working > with Postfix, and on a second box with Sendmail. I ended up > reinstalling, and focused on getting the MTA and SASL2 working > immediately after getting the system up to date, and had no issues. > > IMHO, worry about getting PLAIN LOGIN working before messing with > compiling SSL support into Sendmail. In my experience, configuring > SSL can be a pain, making sure everything is where it's supposed to be. > > Best regards, > Greg Groth > > Basically it would be the following: Installed FreeBSD 5.3-RELEASE, minimal install ; manually added the extra stuff I wanted. Installed a lot of the usual stuff: Apache, php, smnmpd. Then some time ago I decided I also wanted to run a mailserver so Installed imap-uw and cyrus-sasl2-saslauthd. Added: # SASL (cyrus-sasl v2) sendmail build flags... SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 # Adding to enable alternate port (smtps) for sendmail... SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL to /etc/make.conf rebuild world and updated to 5.4-STABLE, manually rebuild sendmail : cd /usr/src/usr.sbin/sendmail make clean make depend make make install Made SSL certificates: mkdir /etc/mail/certs cd /etc/mail/certs openssl dsaparam 1024 -out dsa1024.pem openssl req -x509 -nodes -newkey dsa:dsa1024.pem -out mycert.pem -keyout mykey.pem rm dsa1024.pem chmod -R 600 /etc/mail/certs/* Checked if 'pwcheck_method: saslauthd' was in my /usr/local/lib/sasl2/Sendmail.conf then: cd /etc/mail/ make all added the following to HOSTNAME.mc : define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl define(`CERT_DIR', `/etc/mail/certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/mycert.pem')dnl define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl ran a : make all install restart Then basically my mailserver thingy stopped for a while ( not enough time etc ) without realy finishing it up. When I continued last week I tested what worked; I found out I could send mail as root ( with mail -p At this point I was able to send mail from localhost ( by using mail ) but still I wans't able to send e-mail from a remote host; so I googled and added the 'mech_list: login plain' to /usr/local/lib/sasl2/Sendmail.conf . Now I was able to send e-mail from a remote box to a user on my server but not to other people. That would be my situation. Last: these are the references I used during my install: http://www.puresimplicity.net/~hemi/freebsd/sendmail.html << For the part I did a long time ago http://dfwlpiki.dfwlp.org/index.php/Deploying_a_FreeBSD_Server#Configuring_Mail_Services << Mainly for the Spamassasin thing, the basic sendmail install and config was the same as on the first guide I used to install sendmail I'm not sure what would be best; maybe I should completely reinstall sendmail, but if other daemons like apache etc. cause sendmail not to work correctly I would have to reinstall my intire server, what I would dislike. Anyway, thanks for your help so far allready :) Regards, -- -Frank Staals