View Full Version : Sendmail + SMTP + SSL
9th August 2004, 12:11 AM
I'm working on a Fedora Core 2 box and I'm trying to get my sendmail configured for my SMTP relay. I would like the SMTP relay to only allow SMTP connections over SSL and would like sendmail to accept authenticated SMTP SSL logins. I have dovecot up and running for my IMAP dameon and I have successfully setup the SSL certs with dovecot and now once I get this issue with sendmail resolved, my email system will be intact.
Please anyone out there have any suggestions?
Note: I've googled for hours and have followed what most people have done already but my sendmail is still allowing non secure + non auth connections from both inside and outside the lan. I want it to only accept secure + auth connections, which it currently does. However, I want it to reject non secure +/- no auth connections.
9th August 2004, 12:35 AM
did you try www.linuxquestions.org ??
i really have little experience with server and network but you may find a thread there that could help you or just wait for one of the moderators to respond you in a better way.....i believe crackers has experience in servers... :rolleyes:
9th August 2004, 12:38 AM
I've tried everywhere! I'm making progress now, I have it requiring atleast 128 bit encryption and it is validating the SMTP user/pass against the box passwd/shadow which is fine, however the SMTP is still allowing anonymous relay even though it's over a SSL.
9th August 2004, 12:39 AM
well thats' good :D
9th August 2004, 01:18 AM
Okay this is what I have based off of what I've seen from other sites running sendmail
define(`confAUTH_OPTIONS', `A p')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
-If I add VERIFY to ENCR, whenever I try my username/password (from the UNIX system) it denies me giving me error 403 not authenticated even though I'm sending the correct username/password.
-If I add PERM to ENCR, it has no affect compared to leaving it out.
My SMTP connection is forcing the 128-bit enc properly however it is not forcing the user to authenticate. It will still allow anonymous access which I want to prevent but I do want authorized users to be able to access the sendmail smtp server from outside the network if they have the proper privelages (aka username in /etc/passwd and password in /etc/shadow). PLEASE HELP :(
9th August 2004, 09:38 PM
After researching more and talking to a local guru I discovered my problem. My /etc/mail/access file was incorrect and was allowing mydomain.com relay without AUTH. Therefore, removing that along with all the localhost entries and making my access file to strictly enforce ENC and let salsauthd to do the AUTH.
Thus my resulting access file:
and also note the following sendmail.mc change:
define(`confAUTH_OPTIONS', `A p y')dnl
Hope this helps someone! This made me server require AUTH for every SMTP connection and it forces atleast 128-bit encryption. :-)
3rd September 2004, 07:13 AM
with that magic u did, can you relay from yer server (where sendmail is running, 127.0.0.1)? I mean, without autenticating yerself?
Also, can you relay mail to yahoo and alike? Do the comon web mail servers like yahoo, hotmail, etc, allow encrypted connections? on self signed certs?
19th November 2004, 06:32 PM
Hi to all,my problem is this,I have a hotmail e-mail account and I can access it with Windows XP Professional O.S.I have Fedora Core 3 dual booting with it.I have been trying to access my hotmail account via Kmail and Sendmail.The servers I have been using after a search on the web are smtp.email.msn.com and pop3.email.msn.com .But when I use Kmail to access my e-mals,a dialouge box comes up and says that it could not connect to pop3.email.msn.com.
can anybody help me with this one?
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.