Sendmail with SMTP AUTH

Introduction

This document explain how to install sendmail with Cyrus SASL (Simple Authentication and Security Layer) to use SMTP AUTH.

Installation

Prerequisites

You should have a basic knowledge of UNIX.

The server should allow incoming connections to the SMTP service which will be listening on TCP port 25.

Installing Cyrus SASL

Download the Cyrus SASL2 source code from the Cyrus ftp site.

Extract the files from the downloaded file (cyrus-sasl-2.1.21.tar.gz for example).
Change the current directory to where the SASL2 source code was extracted.
Enter the following command:

./configure --enable-cram --enable-digest --enable-plain --enable-login \
--disable-krb4 --disable-gssapi --without-saslauthd

make

make install

The SASL2 library and plugins are now installed. The next step is to configure SASL2 for sendmail.

Configuring SASL

Enter the following commands:

echo "pwcheck_method: auxprop" > /usr/lib/sasl2/Sendmail.conf

echo "auxprop_plugin: sasldb" >> /usr/lib/sasl2/Sendmail.conf

Create the SASL user and set the password in the /etc/sasldb file with the following command:
saslpasswd username
You will be prompted to enter the user's password

You can get a list of SASL users by typing the following command:
sasldblistusers

Installing sendmail

Download the sendmail source code from the Sendmail website.

Extract the files from the downloaded file.
Change the current directory to where the sendmail source code was extracted.
Create a site.config.m4 file in devtools/Site and add the following entries:
APPENDDEF(`confENVDEF', `-DSASL=20121') APPENDDEF(`conf_sendmail_LIBS', `-lsasl2') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') APPENDDEF(`confINCDIRS', `-I/usr/local/include')

note: The number 20121 is derived from the version of the SASL2 library. If you are using cyrus-sasl-2.1.10, the number would be 20110.
Enter the following command:

sh Build
If there are no errors, you may continue with the installation.
If you are installing sendmail 8.12.x or 8.13.x
- Verify whether you have a user smmsp. Create the user if it does not exist. The user should not be assigned a login shell.
- Verify whether you have a group called smmsp.
Enter the following command:

sh Build install

The sendmail binary is now installed. The next step is to configure sendmail.

Configuring sendmail

The main configuration file for sendmail in the /etc/mail/sendmail.cf. Starting with version 8.12, sendmail uses the /etc/mail/submit.cf configuration file for mail submission. The .cf files are complex to understand. It is recommended that you create a .mc configuration file and use the M4 (macro processor) to generate the .cf file.

There are some sample .mc configuration files in the cf/cf/ directory of the sendmail source code. Alternatively, you can use one of the sample configuration files available from this website . You should edit the .mc file with a UNIX text editor such as vi .

Change the current directory to cf/cf directory.
Copy your .mc configuration file to the current directory as sendmail.mc .
Modify the sendmail.mc and add the following entries after the DOMAIN(generic)dnl entry:

define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl

Add the following entries after the MAILER lines of your sendmail.mc :

LOCAL_CONFIG
ESASL_PATH=/usr/local/lib/sasl2

To generate the sendmail.cf, enter the following command:

sh Build sendmail.cf

To install the sendmail.cf as /etc/mail/sendmail.cf and submit.cf as /etc/mail/submit.cf, enter the following command:
sh Build install-cf

If you already have sendmail installed and configured, you can generate a new sendmail.cf file by using the following command:

m4 path_to/m4/cf.m4 config.mc > sendmail.cf

The directory for the sendmail cf/cf.m4 file depends on the operating system you are using. You can find more information here.

You can now start sendmail.

Verifying whether sendmail is running with SMTP AUTH enabled

You can verify whether sendmail is running by running the following command:

telnet localhost 25

You will see the sendmail banner which shows the version of sendmail you are using.

Type ehlo localhost

You should see a line with the following:

250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5

Type quit to exit and return to the shell.

Feedback

If you have any comments, you can contact the author here.

http://www.elandsys.com/resources/sendmail/smtpauth.html

search
Home » Resources » Sendmail » SMTP AUTH
Products Solutions How to Buy Support Resources Sendmail Contact us	Sendmail with SMTP AUTH Introduction This document explain how to install sendmail with Cyrus SASL (Simple Authentication and Security Layer) to use SMTP AUTH. Installation Prerequisites You should have a basic knowledge of UNIX. The server should allow incoming connections to the SMTP service which will be listening on TCP port 25. Installing Cyrus SASL Download the Cyrus SASL2 source code from the Cyrus ftp site. Extract the files from the downloaded file (cyrus-sasl-2.1.21.tar.gz for example). Change the current directory to where the SASL2 source code was extracted. Enter the following command: ./configure --enable-cram --enable-digest --enable-plain --enable-login \ --disable-krb4 --disable-gssapi --without-saslauthd make make install The SASL2 library and plugins are now installed. The next step is to configure SASL2 for sendmail. Configuring SASL Enter the following commands: echo "pwcheck_method: auxprop" > /usr/lib/sasl2/Sendmail.conf echo "auxprop_plugin: sasldb" >> /usr/lib/sasl2/Sendmail.conf Create the SASL user and set the password in the /etc/sasldb file with the following command: saslpasswd username You will be prompted to enter the user's password You can get a list of SASL users by typing the following command: sasldblistusers Installing sendmail Download the sendmail source code from the Sendmail website. Extract the files from the downloaded file. Change the current directory to where the sendmail source code was extracted. Create a site.config.m4 file in devtools/Site and add the following entries: APPENDDEF(`confENVDEF', `-DSASL=20121') APPENDDEF(`conf_sendmail_LIBS', `-lsasl2') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') APPENDDEF(`confINCDIRS', `-I/usr/local/include') note: The number 20121 is derived from the version of the SASL2 library. If you are using cyrus-sasl-2.1.10, the number would be 20110. Enter the following command: `sh Build` If there are no errors, you may continue with the installation. If you are installing sendmail 8.12.x or 8.13.x Verify whether you have a user smmsp. Create the user if it does not exist. The user should not be assigned a login shell. Verify whether you have a group called smmsp. Enter the following command: `sh Build install` The sendmail binary is now installed. The next step is to configure sendmail. Configuring sendmail The main configuration file for sendmail in the /etc/mail/sendmail.cf. Starting with version 8.12, sendmail uses the /etc/mail/submit.cf configuration file for mail submission. The .cf files are complex to understand. It is recommended that you create a .mc configuration file and use the M4 (macro processor) to generate the .cf file. There are some sample .mc configuration files in the cf/cf/ directory of the sendmail source code. Alternatively, you can use one of the sample configuration files available from this website . You should edit the .mc file with a UNIX text editor such as vi . Change the current directory to cf/cf directory. Copy your .mc configuration file to the current directory as sendmail.mc . Modify the sendmail.mc and add the following entries after the DOMAIN(generic)dnl entry: define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl Add the following entries after the MAILER lines of your sendmail.mc : LOCAL_CONFIG ESASL_PATH=/usr/local/lib/sasl2 To generate the sendmail.cf, enter the following command: sh Build sendmail.cf To install the sendmail.cf as /etc/mail/sendmail.cf and submit.cf as /etc/mail/submit.cf, enter the following command: sh Build install-cf If you already have sendmail installed and configured, you can generate a new sendmail.cf file by using the following command: m4 path_to/m4/cf.m4 config.mc > sendmail.cf The directory for the sendmail cf/cf.m4 file depends on the operating system you are using. You can find more information here. You can now start sendmail. Verifying whether sendmail is running with SMTP AUTH enabled You can verify whether sendmail is running by running the following command: telnet localhost 25 You will see the sendmail banner which shows the version of sendmail you are using. Type ehlo localhost You should see a line with the following: 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 Type quit to exit and return to the shell. Feedback If you have any comments, you can contact the author here. http://www.elandsys.com/resources/sendmail/smtpauth.html
© 2003-2006 Eland Systems All rights reserved \| About us \| Privacy \| Site map \|