From owner-freebsd-questions@FreeBSD.ORG Thu Mar 8 16:06:52 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DCCED106566B for ; Thu, 8 Mar 2012 16:06:51 +0000 (UTC) (envelope-from kamolpat@dmaccess.net) Received: from irpkscout4.truemail.co.th (irpkscout4.truemail.co.th [203.144.173.144]) by mx1.freebsd.org (Postfix) with ESMTP id 600DC8FC13 for ; Thu, 8 Mar 2012 16:06:50 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApIBAPbVWE86CKP4/2dsb2JhbAAMN7hdERMBLCUYDQEBBxgDAgECAVgGAgEBiBGsUwGNe4oogyABBYMgBIhQhSOXaoJvgUoG X-IronPort-AV: E=Sophos;i="4.73,552,1325437200"; d="scan'208";a="469463106" Received: from ppp-58-8-163-248.revip2.asianet.co.th (HELO [192.168.1.2]) ([58.8.163.248]) by irp4.truemail.co.th with ESMTP; 08 Mar 2012 22:56:04 +0700 Message-ID: <4F58D68D.2060700@dmaccess.net> Date: Thu, 08 Mar 2012 22:55:57 +0700 From: kamolpat User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: freebsd-questions@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-PCToolsMIME: Updated by PC Tools Mime Parser 1.0.0.4 Cc: Subject: question about SMTP-authentication X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Mar 2012 16:06:52 -0000 To whom it may concern: Hello, may I need your help about SMTP authentication? Problems: ========= SMTP-authen doesn't functioning, when I use ThunderBird I try to set authentication method as Kerberos/GSSAPI or Encrypted password, it doesn't work. Background: =========== I'm intermediate FreeBSD sysadmin. I used to run only normal mail service in my company, which use POP3 on myserver and SMTP from ISP. Now my ISP always get problem, so I prefer to set SMTP service on my server and provide to staffs in company. However to set pure SMTP is not safe, then I prefer to use SMTP-authenicate. Setup Reference ============== 1. I read the how to setup from FreeBSD Handbook (online)-> Chapter 29 Electronic Mail -> 29.10 SMTP Authentication from freebsd.org 2. setup for cyrus-sasl2 was fine (setup via usr/ports/security/cyrus-sasl2) 3. setup for openssl was 90% fine (setup via port) reference to FreeBSD Handbook (online)->Chapter 15 Security -> 15.8 OpenSSL accept the "STARTTLS" line doesn't appear as mention on the last part of article. Raw info for considers ==================== from /var/log/maillog ------------------------------- revip2.asianet.co.th is my provider , the dmaccess.co.th is my server Mar 8 22:35:35 ns1 sendmail[18640]: q28MZZ4l018640: ppp-58-8-163-248.revip2.asianet.co.th [58.8.163.248] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4 Mar 8 22:37:29 ns1 sendmail[18644]: q28MbSv3018644: ruleset=check_rcpt, arg1=, relay=ppp-58-8-163-248.revip2.asianet.co.th [58.8.163.248], reject=550 5.7.1 , size=778, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=ppp-58-8-163-248.revip2.asianet.co.th [58. Mar 8 22:38:31 ns1 sendmail[18646]: q28McVl2018646: ppp-58-8-163-248.revip2.asianet.co.th [58.8.163.248] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4 Mar 8 22:39:55 ns1 sendmail[18650]: q28MdsOC018650: ppp-58-8-163-248.revip2.asianet.co.th [58.8.163.248] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4 Mar 8 22:40:57 ns1 sendmail[18688]: q28MevLw018688: ppp-58-8-163-248.revip2.asianet.co.th [58.8.163.248] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4 Mar 8 22:42:05 ns1 sendmail[18689]: q28Mffbd018689: ppp-58-8-163-248.revip2.asianet.co.th [58.8.163.248] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4 from /etc/mail/freebsd.mc -------------------------------------- dnl set SASL options TRUST_AUTH_MECH (`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confAUTH_MECHANISMS',`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl dnl SSL Options define(`confCACERT_PATH',`/etc/ssl')dnl define(`confCACERT',`/etc/ssl/dm_new.crt')dnl define(`confSERVER_CERT',`/etc/ssl/dm_new.crt')dnl define(`confSERVER_KEY',`/etc/ssl/dm_ca.key')dnl define(`confTLS_SRV_OPTIONS',`V')dnl MAILER(local) MAILER(smtp) Thanks in advance Kamolpat E-mail message checked by Internet Security (7.0.0.508) Database version: 6.19420 http://www.pctools.com/en/internet-security/