SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The error message you provide is not in my sendmail configuration. So it may be a customized error.
Apart from checking that Sendmail.conf is configured correctly and in the correct place, another thing to check is /etc/mail/access and see if your being rejected by any RBLs (if your Sendmail config is checking against them) -- that being the case, put a:
1.3.4 OK
in /etc/mail/access and rebuild the map. This is probably not your issue, though I've been bitten by it. It seems that Sendmail doesn't have rules to override an RBL check when the connection is AUTHenticated (and it should).
I hope you can figure out your problem - if you find the answer, post it here. Someone else may benefit from it, too.
I'm having trouble with authentication after following this guide.
I've configured sendmail in such manner before on other machines and it was working.
Now I've done the same thing again, but I just can't get the mail out from a different location.
-X log:
Quote:
02179 >>> 220 server.domain.com ESMTP Sendmail 8.14.3/8.14.3; Sat, 29 May 2010 10:05:34 +0200
02179 <<< EHLO [Client Local IP]
02179 >>> 250-server.domain.com Hello client-internet-domain.com [Client Internet IP], pleased to meet you
02179 >>> 250-ENHANCEDSTATUSCODES
02179 >>> 250-PIPELINING
02179 >>> 250-8BITMIME
02179 >>> 250-SIZE
02179 >>> 250-DSN
02179 >>> 250-STARTTLS
02179 >>> 250-DELIVERBY
02179 >>> 250 HELP
02179 <<< STARTTLS
02179 >>> 220 2.0.0 Ready to start TLS
02179 <<< EHLO [Client Local IP]
02179 >>> 250-server.domain.com Hello client-internet-domain.com [Client Internet IP], pleased to meet you
02179 >>> 250-ENHANCEDSTATUSCODES
02179 >>> 250-PIPELINING
02179 >>> 250-8BITMIME
02179 >>> 250-SIZE
02179 >>> 250-DSN
02179 >>> 250-AUTH LOGIN PLAIN
02179 >>> 250-DELIVERBY
02179 >>> 250 HELP
02179 <<< AUTH PLAIN yadda yadda(I edited)
02179 >>> 535 5.7.0 authentication failed
02179 <<< AUTH LOGIN
02179 >>> 334 yadda yadda(I edited)
02179 <<< yadda yadda(I edited)
02179 >>> 334 yadda yadda(I edited)
02179 <<< yadda yadda(I edited)
02179 >>> 535 5.7.0 authentication failed
02179 <<< QUIT
02179 >>> 221 2.0.0 server.domain.com closing connection
The normal /var/log/maillog shows nothing special, just a connection from client and an "did not issue MAIL/EXP..." message after failed login attempt.
The .mc config file:
Quote:
dnl# This is the default sendmail .mc file for Slackware. To generate
dnl# the sendmail.cf file from this (perhaps after making some changes),
dnl# use the m4 files in /usr/share/sendmail/cf like this:
dnl#
dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc
dnl# cd /usr/share/sendmail/cf
dnl# sh Build config.cf
dnl#
dnl# You may then install the resulting .cf file:
dnl# cp config.cf /etc/mail/sendmail.cf
dnl#
include(`../m4/cf.m4')
VERSIONID(`X-Shells.org Sendmail Configuration')dnl
OSTYPE(`linux')dnl
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
dnl# Uncomment the line below to send outgoing mail through an external server:
define(`SMART_HOST',`mail.siol.net')
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA, M=Ea')dnl
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/cacert.pem')dnl
define(`confSERVER_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confAUTH_OPTIONS', `A p y')dnl
dnl# Enable the line below to use smrsh to restrict what sendmail can run:
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`authinfo',`hash -o /etc/mail/authinfo.db')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
dnl FEATURE(`accept_unresolvable_domains')dnl
EXPOSED_USER(`root')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl
saslauthd is running with option -a shadow, to read users from /etc/shadow.
saslauthd shows no errors at startup, no erros in log at startup, no errors while I try to send mail. Plain normal. I've ran out of ideas what to do, so I'm turning to you, if you would be so kind to help me out.
Best regards,
Tux-Slack
P.S: one more thing, is it possible to use LDAP to authenticate users with sendmail? If so, how?
I am trying to setup AUTH on my server and when I try to send mail from outside of the server its not working.
Here is my config:
Quote:
dnl# This is the default sendmail .mc file for Slackware. To generate
dnl# the sendmail.cf file from this (perhaps after making some changes),
dnl# use the m4 files in /usr/share/sendmail/cf like this:
dnl#
dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc
dnl# cd /usr/share/sendmail/cf
dnl# sh Build config.cf
dnl#
dnl# You may then install the resulting .cf file:
dnl# cp config.cf /etc/mail/sendmail.cf
dnl#
include(`../m4/cf.m4')
VERSIONID(`default setup for Slackware Linux')dnl
OSTYPE(`linux')dnl
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
dnl# Uncomment the line below to send outgoing mail through an external server:
dnl define(`SMART_HOST',`mail.example.com')
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/cacert.pem')dnl
define(`confSERVER_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/sendmail.pem')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/sendmail.pem')dnl
define(`confAUTH_OPTIONS', `A y')dnl
dnl# Enable the line below to use smrsh to restrict what sendmail can run:
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
dnl FEATURE(`accept_unresolvable_domains')dnl
EXPOSED_USER(`root')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
I made the file /usr/lib64/sasl2/Sendmail.conf and saslauthd is running with option -a shadow.
I followed the directions.....Did I miss something??
Can anyone please help me out with this please?
UPDATE: I solved the problem. I needed to make the Sendmail.conf in /etc/sasl2, all is working fine now.
Last edited by infamy; 09-18-2011 at 08:37 AM.
Reason: UPDATE: I solved the problem. I needed to make the Sendmail.conf in /etc/sasl2, all is working fine now.
Yes I know this guide is quite old, but it's still relevant. I have used this guide as a guideline and ended up hours troubleshooting what was wrong. So I really hope this helps somebody else.
My 2 cents for this guide: it's pretty complete and I used it as a base for my setup.
However, there is some wrong information in this that will probably have you searching like a madman for what's wrong.
I tested and at first it looked like I was able to send mail from my domain to other domains.
The only exception was hotmail.
In my mail I found this:
Code:
Mar x 13:50:38 nonono sendmail[15768]: s25Co22n015752: AUTH=client, available mechanisms do not fulfill requirements
Mar x 13:50:38 nonono sendmail[15768]: AUTH=client, relay=mx1.hotmail.com., temporary failure, connection abort
I really couldn't figure what I did wrong. So I started adding SPF, ... Still not fixed.
Then I took a tcpdump capture:
Code:
220 SNT0-MC1-F47.Snt0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found at http://privacy.microsoft.com/en-us/anti-spam.mspx.
EHLO mailhost.example.com
250-SNT0-MC1-F47.Snt0.hotmail.com (3.19.0.77) Hello [x.x.x.x]
250-SIZE 36909875
250-PIPELINING
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-AUTH LOGIN
250-AUTH=LOGIN
250 OK
QUIT
221 SNT0-MC1-F47.Snt0.hotmail.com Service closing transmission channel
It is clear that it's actually the client (so my sendmail server) is ending the connection. Without even trying to send the mail.
Let me explain the log message:
Code:
AUTH=client: this means that sendmail is acting as a client here (so sendmail connects to hotmail mail servers
available mechanisms do not fulfill requirements: well if you test using telnet and send the ehlo command you see lines like this:
- AUTH LOGIN
- AUTH=LOGIN
This means that you can authenticate with the LOGIN mechanism only. So first of all your sendmail install needs to know how to handle this LOGIN mechanism. Make sure it is compiled in sendmail. If it can handle this mechanism, it will actually look in the database if it has entries for this domain.
So the second line matches for any mail server. However the authentication method (M does not match. So sendmail has no credentials and just aborts the connection.
Remove this line. If there isn't one then sendmail will just try to send the mail without trying to authenticate.
I already removed this line from the config file. However it seemed that I forgot to recreate the hashmap with makemap. After a restart my mails arrived.
Note that if you are using smarthost functionality this might never be a problem as in the end you always have to authenticate against one mail relay server.
I really appreciate your guide. Thank you for your efforts.
Just one sidenote: please, if you don't know what something does, please don't just ignore it. I would have tested it with and without this to see if I actually need it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
does not match. So sendmail has no credentials and just aborts the connection.
hi
