Hello,

I am running;

Red Hat Linux release 7.1
sendmail-8.11.6-2.7.1.4RS

Currently i have SMTP outgoing mail server disabled. Pls advice how i can enable the smtp Mail-Auth so that only authenticated users can relay mails though my server and no one else can.

Also, pls let me know how do i disable the SMTP_AUTH and stop mail relay when i want to.

Also, MOST IMPORTANTLY, i hear the SMTP_AUTH is an ALL or NONE feature, is there anyway i can configure Sendmail to allow only selected users hosted on my server to be able to relay mails while the others cannot.

Thanks in advace for your responses.

Originally posted by hostchamp
Hello,

I am running;

Red Hat Linux release 7.1
sendmail-8.11.6-2.7.1.4RS

Currently i have SMTP outgoing mail server disabled. Pls advice how i can enable the smtp Mail-Auth so that only authenticated users can relay mails though my server and no one else can.

Also, pls let me know how do i disable the SMTP_AUTH and stop mail relay when i want to.

Also, MOST IMPORTANTLY, i hear the SMTP_AUTH is an ALL or NONE feature, is there anyway i can configure Sendmail to allow only selected users hosted on my server to be able to relay mails while the others cannot.

Thanks in advace for your responses.

It's not "all or none", the person/people that said that don't know how to configure sendmail. Visit the sendmail web site and try a search or two on groups.google.com.

I don't see a problem with letting all users send mail via your smtp server. If they spam, just cut the account (and they lose relay rights too).

To give you a little hint, use the "sasldb" option rather then system accounts (via PAM etc). Either way, you'll have to re-compile sendmail and while your doing such, maybe add a spam blacklist or two.

What is "sasldb" option? how is it different from system accounts?

Originally posted by hostchamp
What is "sasldb" option? how is it different from system accounts?

It's a database of accounts that can relay. In order to use SMTP Auth, you have to configure sendmail to use sasl. Sasl can use system accounts, or it's own database. Since you want to limit accounts that can relay, you would use the sasldb option. More info can be found on the sendmail site.

okay great, u mean only those system accounts which i want allow relaying can be given access to relay by speciying it in the sasl db?

okay i was able to get sendmail to work with smtp_auth and to allow system users to relay mails, now do i get sasldb to specify only few selected users to have the authority to relay thourgh my server and not all system account holders.

the elf if you can help?

If you're using sendmail, then god help you. It's about the most insane and complicated thing to configure in the world. Not to mention the fact that it's a big 'ol security hazzard (new security flaws come out quite often for sendmail).

I'd advise grabbing Qmail or one of the QM distributions which include qmailadmin and the like. It's a Lot easier to set up, a LOT easier to deal with "forwarding", a LOT easier to deal with default messages, multiple domains, and more...

gotta agree there with wolfstream.

the problem is i already host lot of domains and cannot move to QMAIL now cos i am not sure if i can convert all local domains and virtusertable table entries to qmail.

Try this: http://www.cse.fau.edu/~valankar/popb4smtp/popb4smtp-1.3.tar.gz

(Readme at http://www.cse.fau.edu/~valankar/popb4smtp/README )

It will monitor QPopper, ipop3d and UWIMAP connections, and authorize the IP to relay mail for some specified number of minutes. I've been using it with pretty good luck. It hangs every few weeks, but it's a more than adequate solution.

- Jason

The elf, i followed the tutorial at http://mike.nerdfest.org/linux/sendmail-sasl-howto
for configuring sendmail with sasldb.

I am on RH7.1, sendmail-8.11.6-2.7.1.4RS, cyrus-sasl-1.5.24-22.7 .

Can me tell me what the following line would do to sendmail.mc?
define(`confDEF_AUTH_INFO', `/etc/mail/default-auth-info')dnl

Also, in my case what the "default-auth-info" should be replaced with as i do not see that file inside my /etc/mail?

Also, I do not understand the following;

==============================
cd ../..
cd devtools/Site
vi site.config.m4
------- START OF site.config.m4 -------
APPENDDEF(`confENVDEF', `-DSASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
------- END OF site.config.m4 -------
==============================

I believe the above applies to SUN servers since i do not have any "devtools/Site" folder, pls let me know what should i replace "devtools/Site" and site.config.m4 with?

the tutorial says;

Compile sendmail with the correct options, i.e., add

APPENDDEF(`confENVDEF', `-DSASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')

to your site.config.m4 (or OS specific) file in devtools/Site.

Now where is the site.config.m4 file???