Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 2 Dec 2003 00:02:05 -0800 (PST)
From:      Dan Strick <strick@covad.net>
To:        freebsd-questions@freebsd.org
Cc:        dan@mist.nodomain
Subject:   sendmail and SMTP client-side authentication
Message-ID:  <200312020802.hB282549000478@mist.nodomain>
next in thread | raw e-mail | index | archive | help 
(Please forgive me if you see this twice.  I think I may have
accidentally already emailed this without a subject, but I am
not sure.  Sendmail is giving me a very hard time these days.)

My ISP assigns my IP address dynamically.  For this and other
reasons I have to relay all my outgoing email through my ISP's
SMTP email relay.  I tried to enable sendmail SMTP client-side
authentication on my FreeBSD 4.9 system by adding this line to
my sendmail.mc file:

	FEATURE(`authinfo', `text -o -k0 -v1 /etc/mail/authinfo')

and creating the file /etc/mail/authinfo with these contents:

	AuthInfo:mail.covad.net         "U:userid" "P:password"

(of course "userid" and "password" are not the real values).

When my sendmail connects to the email relay, the email relay says
(in SMTP speak):

	250-covad.net
	250-AUTH LOGIN PLAIN
	250-AUTH=LOGIN PLAIN

but there is no obvious exchange of authentication information
and my ISP's email relay sometimes rejects my attempts to submit
email for relay.  This is a typical SMTP rejection message:

    553 sorry, that domain isn't allowed to be relayed thru this MTA (#5.7.1)

Sometimes my email gets through.  I don't know why.

When I send email via Netscape, Netscape does authenticate itself
to the email relay.

Note: I did do a "make sendmail.cf" in /etc/mail after changing
the .mc file and I did restart the sendmail daemons before sending
the rejected email.  The authinfo file belongs to root:wheel and
has mode 640.  I also tried it with mode 644 just in case.  I also
tried creating the file /etc/mail/access with the same contents and
doing "makemap hash /etc/mail/access".  The sendmail.mc file
contains the standard line:

	FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')

Can someone who knows how this is supposed to work help me out?

Is there an SMTP authentication protocol that protects the
authentication information from network snoopers?

Dan Strick
strick@covad.net

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312020802.hB282549000478>