BladeSystem Forums have moved here
To make BladeSystem information easier to find, we have moved the BladeSystem forums here, to Servers and Operating Systems.
System Administration
Showing results for 
Search instead for 
Do you mean 

Configure Linux for smtp auth

Go to Solution
Respected Contributor

Configure Linux for smtp auth

We need to configure Linux with smtp auth to send mails from our server.

Please share ateps for the same.


Tried editing but still unable to do the same.

Recipient address rejected: Access denied ....Our mail guy saying you need to configure sendmail with authentication .


[root@yumSRV ~]# uname -a
Linux yumSRV 2.6.32-279.el6.x86_64 #1 SMP Wed Jun 13 18:24:36 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux

Honored Contributor

Re: Configure Linux for smtp auth

Based on your kernel version number, you seem to be running RHEL 6.3.

Any changes to will only take effect if both these conditions are true:

  • the sendmail-cf package is installed, and
  • you have run "make" in /etc/mail directory after editing

This is because is not actually used by sendmail directly: instead, it is used by the m4 macro processor to create a new, using bits and pieces of configuration provided by the sendmail-cf package.


The "standard" way to create a new is to run something like "m4 >" in the directory that contains the contents of the sendmail-cf package, but RedHat has made this easier for you. Running "make" in /etc/mail will do the right thing automatically.


(If you have previously edited directly, it is better to move all your customizations to instead. Your old modified will be renamed to, so you can compare it to the new one to see the differences.)


This page from has the steps for configuring authentication for Sendmail:

Please look at the chapter titled "Using sendmail as a client with AUTH".

Note that in step 6 you should use the RedHat specific procedure instead of standard procedure:

6. Generate

  # cd /etc/mail
  # make


Respected Contributor

Re: Configure Linux for smtp auth

Hi Matti ,


We have tried make option too.

Even then its the same , recipient address rejected .  



sendmailcf package also is installed.

Anything to be done at Mail server end ?

They are saying you just have to configure smtp with authentication , we have given our login credentials, even after configuring the same , its still ecipient address rejected .  ( whitelisting done for that server too from where we are sending mails )

Honored Contributor

Re: Configure Linux for smtp auth

Authentication without encryption is just a way to give away your login credentials to anyone who might be snooping your network traffic. Most ISPs today recognize that this is a bad idea.


So, you will probably have to make sure your sendmail will attempt encrypted connections whenever the remote server will support them.


You can verify this requirement by doing some simple tests. First, use telnet to open a plain unencrypted connection to the mail server's SMTP port:

[root@yumSRV ~]# telnet your-mailserver 25

 The response should include a line like this:

220 <> ESMTP <mail_server_software_info>

 You should type a response like this (replace <> with the actual fully-qualified DNS hostname of your yumSRV host):


 The next response is the important one. It will probably include multiple lines, each starting with result code "250".

For each line except the last one, the result code will have a minus sign after it; for the last line, there will be a space character instead. After that, each line will have some keywords. If authentication is supported (without encryption), there will be a line with the "AUTH" keyword and the list of supported authentication types. For example, this line indicates that DIGEST-MD5 and CRAM-MD5 authentication types are supported:


 If there is no line with the AUTH keyword, but instead a line like this:


then the mail server supports TLS encryption and probably will not allow any (or only a very limited set of) authentication options unless an encrypted session is established first.

Type "quit" and press Enter to end the connection to the mail server.


With the OpenSSL command line tools, you can actually test an encrypted connection too.

Instead of using the telnet command, run this command:

[root@yumSRV ~]# openssl s_client -connect your-mailserver:25 -starttls smtp

 Now, you'll first get a lot of SSL/TLS information from OpenSSL, and then a response from the mail server. The mail server's response will probably be prefixed with the result code "250", and it might be shorter than with the telnet test.

When I tried this with my mail server, the response was just:

250 DSN

 You should again type a response like this:


 Again, the mail server will output a multi-line response. If the response now includes a line with the AUTH keyword, you have confirmed that the server will only accept authentication if encryption is used too.


Example: when an encrypted connection is used, my mail server will accept a wider variety of authentication types:

250 DSN
ehlo my.full.hostname
250-SIZE 102400000
250 DSN


If you get an error message from OpenSSL when trying to establish an encrypted connection, it might mean that the mail server requires your host to have a SSL certificate too. Please post the error message for further analysis in that case.


If the unencrypted EHLO response from the mail server does not include the STARTTLS keyword, then the mail server will not accept encrypted connections in port 25; another port should be used instead for encrypted connections. You can try port 465 (the port for SSL-encrypted SMTP connections) instead. Note that the -starttls option should not be used here:

# openssl s_client your-mailserver:465
[... information about the SSL certificate...]
220 <> ESMTP <mail-server-software-info>
ehlo <>
250-SIZE 102400000
250 DSN

 Or if connections to port 465 are refused, you can try connecting to port 587. Like port 25, traffic to port 587 can be plaintext or encrypted, and the available authentication types can depend on whether encryption is used or not. The protocol is basically identical to SMTP in port 25, so use commands like these to establish a connection and then proceed as with port 25:

[root@yumSRV ~]# telnet your-mailserver 587


[root@yumSRV ~]# openssl s_client -connect your-mailserver:587 -starttls smtp


You should attempt to find out:

  • which port(s) are available for SMTP traffic in your mail server: just 25 or maybe 465 and/or 587 too?
  • does the mail server require encryption before allowing authentication in ports 25 or 587? (the port 465 will always require encryption)
  • which authentication type(s) are supported by the mail server?
  • is certificate-based authentication required by the mail server? (unlikely but possible)

Once you know these things, it will be much easier to suggest the necessary configuration changes.