HPE Community
Operating System - HP-UX
1752397 Members
6173 Online
108788 Solutions
New Discussion юеВ

Re: sendmail auth file permissions

 
Fred Ruffet
Honored Contributor

тАО01-06-2010 09:35 AM

тАО01-06-2010 09:35 AM

Re: sendmail auth file permissions

Shalom SEP,

I have not looked at .mc files as long as it seems strange in HP-UX. But it should be possible to manage all this with .cf file.

TTr,

I have tried authinfo with almost all possible arrangements :
AuthInfo:server.name "I:ident" "P:passwd" "M:PLAIN LOGIN"
AuthInfo:server.name "U:root" "I:ident" "P:passwd" "M:LOGIN"
AuthInfo:server.name "U:root" "I:ident" "P:passwd" "M:PLAIN LOGIN"
AuthInfo:server.name:587 "U:root" "I=base64ident" "P=base64passwd" "M:PLAIN LOGIN"
...
and so on

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Reply
Fred Ruffet
Honored Contributor

тАО01-06-2010 09:36 AM

тАО01-06-2010 09:36 AM

Re: sendmail auth file permissions

TTr,

no, I didn't configure TLS.

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Reply
TTr
Honored Contributor

тАО01-06-2010 10:17 AM

тАО01-06-2010 10:17 AM

Re: sendmail auth file permissions

I am thinking TLS might be a prerequisite for auth because without encryption, auth is pointles, hence the error message that you get. I don't have access to my external sendmail servers right now but see if these links can offer some help.
http://www.linuxquestions.org/questions/linux-software-2/sendmail-authentication-for-smarthost-relay-354488/ (note the sendmail version differences here)

http://www.linuxquestions.org/questions/linux-software-2/sendmail-seems-not-to-use-default-auth-info-367231/

http://www.docs.hp.com/en/5992-3190/ar01s06.html

Search for TLS here and elsewhere as well.
0 Kudos
Reply
Sameer_Nirmal
Honored Contributor

тАО01-06-2010 10:36 AM

тАО01-06-2010 10:36 AM

Re: sendmail auth file permissions

Assuming Sendmail version is 8.13.3

Sendmail support of SMTP authentication is based on SASL. The systems also needs to have OpenSSL. If LOGIN auth is needed, it needs to be added in the sendmail.cf file.


http://docs.hp.com/en/5991-6611/5991-6611.pdf
0 Kudos
Reply
Fred Ruffet
Honored Contributor

тАО01-07-2010 12:40 AM

тАО01-07-2010 12:40 AM

Re: sendmail auth file permissions

TTr,

I don't think TLS nor any encryption is needed. As a proof, have a look at this test I made on the same server (names have been changed to protect the innocents) :
root@rp3410:/#telnet smtp.auth.myisp.com 587
Trying...
Connected to smtp.auth.myisp.com.
Escape character is '^]'.
220 smtp03.myisp.net ESMTP ISP; Wed, 6 Jan 2010 11:11:47 +0100
ehlo mydomain.com
250-smtp03.myisp.net Hello mail.mydomain.com [xxx.xxx.xxx.xxx], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 21000000
250-DSN
250-AUTH PLAIN LOGIN
250-DELIVERBY
250 HELP
auth login
334 VXNlcm5hbWU6
myloginconvertedtobase64
334 UGFzc3dvcmQ6
mypassinbase64
235 2.0.0 OK Authenticated
MAIL FROM: root@mydomain.com
250 2.1.0 root@mydomain.com... Sender ok
RCPT TO: testaddress@elsewhere.fr
250 2.1.5 testaddress@elsewhere.fr... Recipient ok
data
354 Enter mail, end with "." on a line by itself
test message
.
250 2.0.0 o06ABl82003471 Message accepted for delivery
quit
221 2.0.0 smtp03.myisp.net closing connection
Connection closed by foreign host.

AUTH whith LOGIN only consists of a kind of chat and conversion in base64 of authentication. I agree to tell it's not secured at all, and it's not the point. This kind of connection protects them from spammers, I think.

It reminds me of the times of 56k modems and dial-up connections...

My map file is used as long as this command gives me a good answer :
echo '/map authinfo AuthInfo:smtp.myisp.com' | /usr/sbin/sendmail -bt

Regards,

Fred
--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Reply
Fred Ruffet
Honored Contributor

тАО01-07-2010 01:20 AM

тАО01-07-2010 01:20 AM

Re: sendmail auth file permissions

Sameer,

Yes I have upgraded sendmail to 8.13.3 in order to implement AUTH. sendmail.cf has been modified this way, but I may miss a point in configuration... And even looking at docs, I don't know what point.

Regards,

Fred


--

"Reality is just a point of view." (P. K. D.)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.