我想要带有 sendmail 和 dovecot 的 cinfugiure centos 6.4 服务器到 SMTP-AUTH ,我配置了 saslauthd 和 sendmail,但是 SMTP-AUTH 不起作用,实际配置是
[root@server sasl2]# rpm -qa | grep sendmail sendmail-8.14.4-8.el6.x86_64 sendmail-cf-8.14.4-8.el6.noarch
[root@server sasl2]# sendmail -d0.1 -bv
Version 8.14.4
Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
TCPWRAPPERS USERDB USE_LDAP_INIT
============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = server
(canonical domain name) $j = server.itzena.cz
(subdomain name) $m = itzena.cz
(node name) $k = server.itzena.cz
========================================================
Recipient names must be specified
[root@server sasl2]# grep -v ^dnl /etc/mail/sendmail.mc
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
[root@server sasl2]# saslauthd -v
saslauthd 2.1.23
authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap
[root@server sasl2]# cat /etc/sasl2/Sendmail.conf
pwcheck_method:saslauthd
mech_list: PLAIN LOGIN
[root@server sasl2]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 server.itzena.cz ESMTP Sendmail 8.14.4/8.14.4; Sat, 6 Jul 2013 14:58:49 +0200
ehlo localhost
250-server.itzena.cz Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
我有未注释的行
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
但如果
[root@server ~]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 server.itzena.cz ESMTP Sendmail 8.14.4/8.14.4; Sun, 7 Jul 2013 09:17:08 +0200
ehlo localhost
250-server.itzena.cz Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
AUTH LOGIN
503 5.3.3 AUTH not available
您当前的 m4 中有两条相互矛盾的行:
假设其中第二个优先,该
p标志告诉 sendmail 除非加密到位,否则不要提供身份验证,这意味着您需要启动并运行 TLS 才能提供身份验证。这是与我的邮件服务器的一对可比较的对话。第一个是明文,使用telnet:因为它是纯文本连接,所以不提供身份验证。现在我将尝试使用
openssl来建立启用 TLS 的连接:请注意如何
AUTH提供选项。我注意到除了告诉 sendmail 只提供AUTH加密是否到位之外,您还没有配置 TLS;您需要先配置它,然后才能测试是否提供了 AUTH。在 sendmail 下配置 TLS 超出了这个问题的范围,但是 SF 上已经有答案可以帮助解决这个问题。打开
/etc/mail/sendmail.mc.寻找说:
通过删除“dnl”取消注释它们。
保存文件并使用 重新启动 sendmail
service sendmail restart。如果这不起作用,您在尝试进行身份验证时会看到什么?