devhen.wordpress.com

HOWTO: Sendmail SMTP Auth May 1, 2006

These notes are designed to help a Linux geek setup SMTP auth on a Linux + sendmail server. Without proper SMTP auth settings your server is liable to be used by spammers and spam bots to send out copious amounts of unwanted mail. This can get your server’s IP blacklisted and can really eat up your resources. Needless to say, we need to avoid this. Start by editing your sendmail.mc file (found in /etc/mail). I use the following commands, try replacing the corresponding lines in your mc file with these ones: (Note that lines beginning with ‘dnl’ are essentially considered comments and are ignored)

define(`confAUTH_OPTIONS’, `A’)
dnl
dnl Accept PLAIN and LOGIN authentications.dnl
TRUST_AUTH_MECH(`LOGIN PLAIN’)dnl
define(`confAUTH_MECHANISMS’, `LOGIN PLAIN’)dnl

Now you need to rebuild your sendmail.cf file from the .mc file you’ve just edited:

make sendmail.cf -C /etc/mail

Next we need to make sure saslauthd is running and configured correctly. Edit your saslauthd configuration file (/etc/sysconfig/saslauthd) and replace shadow with pam for the MECH variable like so:

# Mechanism to use when checking passwords. Run “saslauthd -v” to get a list
# of which mechanism your installation was compiled to use.
MECH=pam

Restart sendmail and saslauthd

/etc/rc.d/init.d/sendmail restart
/etc/rc.d/init.d/saslauthd restart

and don’t forget to configure your email clients to use authentication when sending outgoing mail.

For more information and some tips on installing a certificate for secure SMTP connections, try this article:

http://www.madboa.com/geek/sendmail-auth/

Read on for a full copy of my sendmail.mc file.

(more…)