[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Quick tip: set up smtp server can relay, auth over SSL on redhat 8

To: terrence@xxxxxxxxxxxxxxxxxxxxxxxx
Subject: Quick tip: set up smtp server can relay, auth over SSL on redhat 8
From: Terrence Miao <terrence@xxxxxxxxxxxxxx>
Date: Sun, 11 May 2003 20:41:56 +1000
User-agent: Mutt/1.4i

set up smtp server can relay, auth over SSL on redhat 8

[root@igloo mail]# pwd
/etc/mail

[root@igloo mail]# cat access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain           RELAY
localhost                       RELAY
127.0.0.1                       RELAY
smtp.unimacq.edu.au             RELAY

[root@igloo mail]# diff access access.orig 
10d9
< smtp.unimacq.edu.au           RELAY

[root@igloo mail]# diff sendmail.mc sendmail.mc.orig 
43,44c43,44
< TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
< define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
---
> dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
49,52c49,52
< define(`confCACERT_PATH',`/usr/share/ssl/certs')
< define(`confCACERT',`/usr/share/ssl/certs/unimacq-ca.pem')
< define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
< define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
---
> dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
> dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
> dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
85c85
< dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
---
> DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

[root@igloo mail]# cat /usr/share/ssl/certs/unimacq-ca.pem
-----BEGIN CERTIFICATE-----
MIICkzCCAfygAwIBAgICCJYwDQYJKoZIhvcNAQEEBQAwUzELMAkGA1UEBhMCQVUx
JDAiBgNVBAoTG1RoZSBVbml2ZXJzaXR5IG9mIE1lbGJvdXJuZTEeMBwGA1UECxMV
Q2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTAyMDYwNDE0MDAwMFoXDTMyMTIzMDE0
MDAwMFowUzELMAkGA1UEBhMCQVUxJDAiBgNVBAoTG1RoZSBVbml2ZXJzaXR5IG9m
IE1lbGJvdXJuZTEeMBwGA1UECxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIGfMA0G
CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDuPy1yB3VZoTWbjYdzlgBjPaicXYkXfjAi
Aeec7iKY9Sep9HVdIkKHw8MsF5F78536Tdv6Fw6Whxe/nqKC6U/ItC7+Zu8kjcic
PwGcpXBxmqcZHu+xeQ49OZH+pvY5KF1gnGYbGzdBN8M3qoCnnQlvTDWVLQHwwBxs
uhXWtLOSpQIDAQABo3YwdDARBglghkgBhvhCAQEEBAMCAAcwDwYDVR0TAQH/BAUw
AwEB/zAdBgNVHQ4EFgQUuLfyk70XCaFflqH4mDu5fLr2cWgwHwYDVR0jBBgwFoAU
uLfyk70XCaFflqH4mDu5fLr2cWgwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
BAUAA4GBACgH4zmpyEAcVamTcNcbd/he4X3lKjA8Y8ztAYCJgaYz9uXomDMzvJ9H
i7YR77pCqyiS0PHhT1AkXmvbnYp11I7XEb3+/U1dAQA3ckMAbX1ERVARs836UfRZ
SJpPEq5tksB8YlK65a/lfffDq4Wd/Mrt4O3XyOfWFHmsljVit318
-----END CERTIFICATE-----

[root@igloo mail]# cat /usr/share/ssl/certs/sendmail.pem
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQCYVBK2Y7Ch7ESquP1eNdSXarRSLNj7hnWuS53WRIO/hiLxE+dh
......
gDKPVqkqKyOe0iJU0LNJUg8fMwyEYiAPJypmaFVA3YX8
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDUDCCArmgAwIBAgIBADANBgkqhkiG9w0BAQQFADB+MQswCQYDVQQGEwJBVTEk
MCIGA1UEChMbVGhlIFVuaXZlcnNpdHkgb2YgTWVsYm91cm5lMSEwHwYDVQQDExhp
Z2xvby5pdHMudW5pbWVsYi5lZHUuYXUxJjAkBgkqhkiG9w0BCQEWF3RlcnJlbmNl
QHVuaW1lbGIuZWR1LmF1MB4XDTAyMTIyMTAxMTIwNloXDTAzMTIyMTAxMTIwNlow
fjELMAkGA1UEBhMCQVUxJDAiBgNVBAoTG1RoZSBVbml2ZXJzaXR5IG9mIE1lbGJv
dXJuZTEhMB8GA1UEAxMYaWdsb28uaXRzLnVuaW1lbGIuZWR1LmF1MSYwJAYJKoZI
hvcNAQkBFhd0ZXJyZW5jZUB1bmltZWxiLmVkdS5hdTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAmFQStmOwoexEqrj9XjXUl2q0UizY+4Z1rkud1kSDv4Yi8RPn
YTcaYE5nO0zRTzAEU6MAg1nBGKZpomaphTPHOaqo0Er1XBIhVQ8TJLbXse7fEza5
EODP58Owa7iRSvRmvlRoRsFbBqstoWaKPX/6VzahUBzzvDgQGHLC4r3469kCAwEA
AaOB3TCB2jAdBgNVHQ4EFgQUgQk794F1weAZrmcRpykdfyJaLjowgaoGA1UdIwSB
ojCBn4AUgQk794F1weAZrmcRpykdfyJaLjqhgYOkgYAwfjELMAkGA1UEBhMCQVUx
JDAiBgNVBAoTG1RoZSBVbml2ZXJzaXR5IG9mIE1lbGJvdXJuZTEhMB8GA1UEAxMY
aWdsb28uaXRzLnVuaW1lbGIuZWR1LmF1MSYwJAYJKoZIhvcNAQkBFhd0ZXJyZW5j
ZUB1bmltZWxiLmVkdS5hdYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUA
A4GBAHlk6Otyt5WcSe3tzMO7xmYZW2ihfMPrmE6Mz2NffS1dxpQT36kF4WyWKygL
BFtxN2ucAKTQq5dk5yehESxtyYadzTEV1wQmfMy18dibXISIdtjbxJNa8NsLVhwS
afdSoJrdhYanE7xXoD13R2XOQIgBRakRIw17Q55Y5fYdGLWN
-----END CERTIFICATE-----

[root@igloo mail]# make -C /etc/mail
make: Entering directory `/etc/mail'
make: Leaving directory `/etc/mail'

[root@igloo mail]# saslpasswd steves
Password:
Again (for verification): 

[root@igloo mail]# ls -al /etc/sasldb
-rw-------    1 root     root        12461 May 11 20:00 /etc/sasldb

[root@igloo mail]# sasldblistusers
user: steves realm: igloo mech: PLAIN
user: steves realm: igloo mech: CRAM-MD5
user: steves realm: igloo mech: DIGEST-MD5

[root@igloo mail]# /etc/rc.d/init.d/sendmail stop 
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                   [  OK  ]

[root@igloo mail]# /etc/rc.d/init.d/sendmail start
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]

For netscape 6.x above and Mozilla:
----------------------------------

Mail & Newsgroups Account Settings -> Outgoing Server (SMTP)

Server Name: igloo.its.unimacq.edu.au
[x] Use name and password:
	User Name: steves
Use secure connection (SSL):
	[ ] Never  [ ] When available  [x] Always

Prev by Date: tips of installation oracle 9i (9.2.0) on redhat linux 7.1
Next by Date: Sendmail AUTH SSL and IMAP SSL Howto <http://www.opensourcedigest.org/issue2/sendmail-auth-howto.html>
Previous by thread: tips of installation oracle 9i (9.2.0) on redhat linux 7.1
Next by thread: Sendmail AUTH SSL and IMAP SSL Howto <http://www.opensourcedigest.org/issue2/sendmail-auth-howto.html>
Index(es):
- Main
- Thread