On Saturday 05 January 2008 15:06:59 Giorgos Keramidas wrote:
> On 2008-01-05 13:08, Andrew Falanga <[EMAIL PROTECTED]> wrote:
> > Hi everybody,
> > Sorry for this flurry of e-mail from me over the last few days.  This
> > has been highly frustrating.
>
> You should post *more* details, not less.  One of the things which was
> missing from the older posts (or at least, one thing which I didn't see)
> was a *FULL* copy of your local *.mc configuration file.
>
> > Basically, the instructions for setting up SSL and Authentication (from
> > http://www.puresimplicity.net/~hemi/freebsd/sendmail.html) instruct to
> > have the following lines in the <hostname>.mc file:
> >
> > define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl
> > TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
> > define(`CERT_DIR', `/etc/mail/certs')dnl
> > define(`confCACERT_PATH', `CERT_DIR')dnl
> > define(`confCACERT', `CERT_DIR/mycert.pem')dnl
> > define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
> > define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
> > define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
> > define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
> > DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
> > DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
> >
> > I deleated this line:
> > DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
>
> That doesn't sound right.  I think it's because you have the options
> listed above *after* the MAILER() calls.  This means that the options
> are not `set' at the time the MAILER() calls generate your
> configuration.  So you probably end up with several instances of the
> `MTA' and `TLSMTA' daemon definitions in the final `sendmail.cf' file.
>
> This could very well be the explanation of why your Sendmail *is*
> listening on port :25 and it *also* tries to listen again, logging the
> failures in syslog.
>
> > Is this a viable fix or will I be missing something?  I was able to
> > telnet to port 25 and send mail that way.  I cannot relay without
> > logging in, so I think it's fixed.
>
> See my previous post about moving MAILER() calls to the end of the file,
> and give it another spin.  You are *very* close to figuring it all out
> and having a fully working setup, AFAICT :)
>
> Regards,
> Giorgos

Glad to see that I'm on the right track.  I think, after seeing the full 
contents of my whitbap.mc file, you'll see that the problem is that put these 
lines *after* the MAILER lines.  At any rate, here's the full whitbap.mc file 
and sorry for not posting it completely before:

whitbap# cat whitbap.mc
divert(-1)
#
# Copyright (c) 1983 Eric P. Allman
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
#    must display the following acknowledgement:
#       This product includes software developed by the University of
#       California, Berkeley and its contributors.
# 4. Neither the name of the University nor the names of its contributors
#    may be used to endorse or promote products derived from this software
#    without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#

#
#  This is a generic configuration file for FreeBSD 5.X and later systems.
#  If you want to customize it, copy it to a name appropriate for your
#  environment and do the modifications there.
#
#  The best documentation for this .mc file is:
#  /usr/share/sendmail/cf/README or
#  /usr/src/contrib/sendmail/cf/README
#

divert(0)
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.30.2.2 2006/08/23 
03:31:00 gshapiro Exp $')
OSTYPE(freebsd6)
DOMAIN(generic)

FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(blacklist_recipients)
FEATURE(local_lmtp)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

dnl Uncomment to allow relaying based on your MX records.
dnl NOTE: This can allow sites to use your server as a backup MX without
dnl       your permission.
dnl FEATURE(relay_based_on_MX)

dnl DNS based black hole lists
dnl --------------------------------
dnl DNS based black hole lists come and go on a regular basis
dnl so this file will not serve as a database of the available servers.
dnl For that, visit
dnl http://directory.google.com/Top/Computers/Internet/Abuse/Spam/Blacklists/

dnl Uncomment to activate Realtime Blackhole List
dnl information available at http://www.mail-abuse.com/
dnl NOTE: This is a subscription service as of July 31, 2001
dnl FEATURE(dnsbl)
dnl Alternatively, you can provide your own server and rejection message:
dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', `"550 Mail from " 
$&{client_addr} " rejected, see http://mail-abuse.org/cgi-bin/lookup?"; 
$&{client_addr}')

dnl Dialup users should uncomment and define this appropriately
dnl define(`SMART_HOST', `your.isp.mail.server')

dnl Uncomment the first line to change the location of the default
dnl /etc/mail/local-host-names and comment out the second line.
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
define(`confCW_FILE', `-o /etc/mail/local-host-names')

dnl Enable for both IPv4 and IPv6 (optional)
DAEMON_OPTIONS(`Name=IPv4, Family=inet')
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')

define(`confBIND_OPTS', `WorkAroundBrokenAAAA')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')
FEATURE(`no_default_msa')
MAILER(local)
MAILER(smtp)
MAILER(dovecot)

define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl
TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
define(`CERT_DIR', `/etc/mail/certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/whitbap_cert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/whitbap_cert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/whitbap_key.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/whitbap_cert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/whitbap_key.pem')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl


Andy
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to