[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sendmail POP ssl sasl

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: sendmail POP ssl sasl
From: Erik <ethorsson_(_at_)_neoprimitive_(_dot_)_net>
Date: Fri, 15 Apr 2005 20:01:27 -0500

OK.  Thanks to all who wrote me offlist to offer assistance.  

To begin (again), I'm trying to make this work with the stock OpenBSD sendmail and popa3d.  Is it even possible with popa3d?  Everyone seems to recommend installing dovecot or cyrus-imapd. 

So, based on all the helpful suggestions from fellow listmembers, and these docs...

http://www.sendmail.org/~ca/email/auth.html
http://www.jonfullmer.com/smtpauth/
http://www.dorkzilla.org/~dlg/sendmail/
http://www.artran.co.uk/computers/sendmailBSD.html
http://student.science.uva.nl/~talerven/software/add-popa3d-user/pop3-ssl-using-popa3d-HOWTO
http://rrm3.livejournal.com/4484.html

...I've generated certificates, recompiled sendmail with SASL support, copied the config file(s) to /etc/mail/, restarted sendmail, set up users with saslpasswd2, and started saslauthd (# /usr/local/sbin/saslauthd -a getpwent).

Something (looks like TLS) is working now as evidenced by /var/log/maillog...

(edited)
Apr 15 17:35:27 mailserver sm-mta[27976]: STARTTLS=server, relay=something.cable.mindspring.com [x.x.x.x], version=TLSv1/SSLv3, verify=NO, cipher=DHE-DSS-AES256-SHA, bits=256/256
Apr 15 17:35:28 mailserver sm-mta[27976]: AUTH=server, relay=user-0cceg0m.cable.mindspring.com [x.x.x.x], authid=ethorsson, mech=CRAM-MD5, bits=0
Apr 15 17:35:28 mailserver sm-mta[27976]: j3FMZROg027976: from=<ethorsson_(_at_)_neoprimitive_(_dot_)_net>, size=1979, class=0, nrcpts=1, msgid=<42603388_(_dot_)_5010606_(_at_)_neoprimitive_(_dot_)_net>, proto=ESMTP, daemon=MTA, relay=something.cable.mindspring.com [x.x.x.x]
Apr 15 17:35:36 mailserver sm-mta[20217]: j3FMZROg027976: to=<myfriend_(_at_)_gmail_(_dot_)_com>, ctladdr=<ethorsson_(_at_)_neoprimitive_(_dot_)_net> (1000/10), delay=00:00:08, xdelay=00:00:08, mailer=esmtp, pri=31979, relay=gsmtp171.google.com. [64.233.171.27], dsn=2.0.0, stat=Sent (OK 1113600897)

I'm using Mozilla Thunderbird as a mail client.  In Tools | Accounts | Outgoing Server (SMTP), I now have "TLS" selected.  And am able to relay (send mail) from my remote client.  The first time I connected this way, I was prompted to accept the certificate from the server.  I see "mech=CRAM-MD5" in the above.  Does this mean the password/mail transaction is being encrypted? 

But when I set my Tools | Accounts | Server Settings to "Use secure authentication" and I try to retrieve my mail, I get "Mail server does not support secure authentication." 

Additionally, here's this...

# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 something.something.net ESMTP Sendmail 8.13.0/8.13.0; Fri, 15 Apr 2005 17:52:33 -0500 (EST)
ehlo localhost
250-something.something.net Hello root_(_at_)_localhost_(_dot_)_something_(_dot_)_net [IPv6:::1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH CRAM-MD5 DIGEST-MD5
250-STARTTLS
250-DELIVERBY
250 HELP


Any additional advice or comments would be greatly appreciated!  

If anyone would like, I can forward my step-by-step notes of what I did.

Thanks, all.  Sorry to cruft up the list with this, but all the how-tos stop after you get to this point, so I don't know exactly how to test my configuration, or set up clients.

Rawk.

-E

References:
- sendmail POP ssl sasl
  - From: Erik
- Re: sendmail POP ssl sasl
  - From: Alex McKenzie

Prev by Date: Online Account Problem
Next by Date: cvs error with gnu/usr.bin/gcc/INSTALL in OPENBSD_3_7
Previous by thread: Re: sendmail POP ssl sasl
Next by thread: OpenBSD and Active Directory again
Index(es):
- Date
- Thread

Visit your host, monkey.org