Hi,
I need to configure a mail relay with no local delivery and smtp
authentication for connections from outside the lan. For this, i
needed to use sasl and enable the support in sendmail. so i started out
with the base materials required. i installed krb4-1.2 and krb5-1.2.6.
then i configured sasl as follows
env LDFLAGS="-ldb -lpam -lkrb4 -lkrb5 -lgssapi_krb5 -ldes425" \
CPPFLAGS="-I/usr/include -I/usr/local/include \
-I/usr/local/BerkeleyDB.3.3/include -I/usr/local/BerkeleyDB/include \
-I/usr/local/include/gssapi -I/usr/local/include/kerberosIV" \
LIBS="-L/usr/lib -L/usr/local/lib -L/usr/local/BerkeleyDB.3.3/lib \
-L/usr/local/BerkeleyDB/lib -R/usr/local/lib -R/usr/lib \
-R/usr/local/BerkeleyDB.3.3/lib -R/usr/local/BerkeleyDB/lib" ./configure
\
--prefix=/usr/local --with-openssl=/usr/local/ssl --enable-shared \
--enable-login --with-dbpath=/etc/sasldb --disable-anon
I installed cyrus-sasl 1.5.28 after compilation and then compiled
sendmail with the support for SASL.
I checked the sendmail executable for SASL support and the support was
there.
i created a sendmail.mc as follows
define(`confPRIVACY_FLAGS', ``authwarnings,noexpn,novrfy'')dnl
FEATURE(`local_procmail', `/opt/local/bin/procmail')
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`relay_entire_domain')dnl
FEATURE(`virtusertable', `hash -T<TMPF> /etc/mail/virtusers')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`delay_checks')dnl
define(`confRUN_AS_USER',`smmsp')
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN')dnl
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN')dnl
define(`confMAX_QUEUE_RUN_SIZE', `40000')dnl
define(`confMAX_MESSAGE_SIZE', `10000000')dnl
define(`confCHECKPOINT_INTERVAL',`3')dnl
define(`confTO_INITIAL',`40s')dnl
define(`confTO_CONNECT',`30s')dnl
define(`confTO_ICONNECT',`15s')dnl
define(`confTO_HOSTSTATUS',`1h')dnl
define(`confQUEUE_LA',`4')dnl
define(`confREFUSE_LA',`8')dnl
define(`confMAX_DAEMON_CHILDREN',`60')dnl
define(`confCONNECTION_RATE_THROTTLE',`16')dnl
define(`confSEPARATE_PROC', `False')dnl
define(`confEIGHT_BIT_HANDLING',`pass8')dnl
define(`confSINGLE_THREAD_DELIVERY', `False')dnl
define(`confCW_FILE',`/etc/mail/local-host-names')dnl
define(`confTO_IDENT', `0')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN GSSAPI
KERBEROS_V4')
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN GSSAPI KERBEROS_V4')dnl
define(`confDEF_AUTH_INFO', `/etc/mail/authinfo')dnl
define(`confLOG_LEVEL',`10')dnl
DOMAIN(generic)dnl
MAILER(smtp)dnl
i built the sendmail.cf and then start sendmail and when i did a telnet
on port 25,
I got the message
AUTH LOGIN GSSAPI
Why are the other authentication mechanisms not visible? I tried using
sasldb, but saslpasswd creates a file called /etc/sasldb.db and
sasldblistusers gives me an error saying /etc/sasldb does not exist. i
tried creating a symbolic link but that too did not work. also, for the
mail relay, how do i deny/allow relaying for certain domains. where does
the smtp auth come into place? how can i force that every user has to be
authenticated before relaying the mail? how can i grant access to users
on my network? do i have to create users in sasldb for all users in my
local network?
Please help me !!!!
sorry for the long mail.
thank you
Regards
Rahul
--
---------------------------------------------------
the bug stops here
---------------------------------------------------
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
