Sendmail with SMTP AUTH

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

The purpose of this SMTP AUTH is to block spammer to use your mail server to be a spam server and only authenticated user will be able to send email out from your mail server. The following guide will show you how to enable the Authentication module and is using plain text during the authentication.

In this guide, I will not go details into the basic sendmail configuration as I assume you’re familiar with the basic sendmail setup. I will more concentrate on the SMTP AUTH module and this guide can be applied to either Centos 4.x or Centos 5.x.

Requirement :

sendmail
sendmail-cf
cyrus-sasl
cyrus-sasl-devel
cyrus-sasl-lib
cyrus-sasl-plain
cyrus-sasl-md5

1. First you need to have sendmail installed either the service is started or stopped. Edit the sendmail.mc file under the “/etc/mail” folder.

cd /etc/mail
vi sendmail.mc

2. Un-comment the following lines:-

define(`confAUTH_OPTIONS’, `A’)dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
define(`confAUTH_MECHANISMS’, `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl

Eg.

define(`confAUTH_OPTIONS’, `A’)dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS’, `A p’)dnl
dnl #
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl # Please remember that saslauthd needs to be running for AUTH.
dnl #
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
define(`confAUTH_MECHANISMS’, `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl

by default the “confAUTH_OPTIONS” is already un-commented, just leave it and un-comment the remaining 2 lines.

3. After made the changes, you need to create the new sendmail.cf file using the configuration from the

sendmail.mc. Run the following command to generate the new sendmail.cf file:

make -C /etc/mail

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

4. After generating the new sendmail.cf, you edit the basic setting for sendmail and start the sendmail service:-

/sbin/service sendmail start

make sure you can see the “OK” when the service starting.

5. Now you can test the sendmail see if the server is using the SMTP AUTH module by doing a telnet to port 25.

telnet localhost 25

if you can see like the screenshot below with this line “250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN” means its working.

6. But that’s not all, you still not able to send email out from your server even you have keyin the correct username and password due to the saslauthd authenticator is not started. To do that start the saslauthd services:-

/sbin/service saslauthd start

7. Now you can try to use any email client to test send email to the server without using the SMTP AUTH on the client side and you will get the following error.

just enable the “SMTP AUTH” option in the email client and you can send the email out to the mail server.

8. Make sure both of the services is auto start when the server boot up:-

/sbin/chkconfig –level 2345 sendmail on
/sbin/chkconfig –level 2345 saslauthd on

9. That’s all, you have done the SMTP AUTH for sendmail. Please drop me a comment if you found any error during your implementation and I’ll glad to help out.

Source : sendmail.org

3 thoughts on “Sendmail with SMTP AUTH”

Leave a Reply

Your email address will not be published. Required fields are marked *

*