SendmailRelayGmailCentos: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
* http://www.phinesolutions.com/sendmail-gmail-smtp-relay-howto.html | * http://www.phinesolutions.com/sendmail-gmail-smtp-relay-howto.html | ||
* http://elliotli.blogspot.com/2007/08/gmail-fetchmail-and-sendmail-on.html | * http://elliotli.blogspot.com/2007/08/gmail-fetchmail-and-sendmail-on.html | ||
===Setup certs=== | ===Setup certs=== | ||
< | <syntaxhighlight lang=bash> | ||
# mkdir /etc/mail/certs | # mkdir /etc/mail/certs | ||
# chmod 700 /etc/mail/certs | # chmod 700 /etc/mail/certs | ||
| Line 13: | Line 14: | ||
# openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 3650 | # openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 3650 | ||
# chmod 600 /etc/mail/certs/* | # chmod 600 /etc/mail/certs/* | ||
</ | </syntaxhighlight> | ||
===Setup client info=== | ===Setup client info=== | ||
< | <syntaxhighlight lang=bash> | ||
# mkdir /etc/mail/auth | # mkdir /etc/mail/auth | ||
# chmod 700 /etc/mail/auth | # chmod 700 /etc/mail/auth | ||
# vi /etc/mail/auth/client-info | # vi /etc/mail/auth/client-info | ||
</ | </syntaxhighlight> | ||
Add this to the file, changing username and password to gmail login info. | Add this to the file, changing username and password to gmail login info. | ||
< | <syntaxhighlight lang=bash> | ||
AuthInfo:smtp.gmail.com "U:root" "I:username" "P:password" "M:PLAIN" | AuthInfo:smtp.gmail.com "U:root" "I:username" "P:password" "M:PLAIN" | ||
AuthInfo:smtp.gmail.com:587 "U:root" "I:username" "P:password" "M:PLAIN" | AuthInfo:smtp.gmail.com:587 "U:root" "I:username" "P:password" "M:PLAIN" | ||
</ | </syntaxhighlight> | ||
Make hash of client-info | Make hash of client-info | ||
< | <syntaxhighlight lang=bash> | ||
# makemap -r hash client-info.db < client-info | # makemap -r hash client-info.db < client-info | ||
# chmod 600 /etc/mail/auth/* | # chmod 600 /etc/mail/auth/* | ||
</ | </syntaxhighlight> | ||
===/etc/mail/sendmail.mc=== | ===/etc/mail/sendmail.mc=== | ||
< | <syntaxhighlight lang=bash> | ||
divert(-1)dnl | divert(-1)dnl | ||
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl | include(`/usr/share/sendmail-cf/m4/cf.m4')dnl | ||
| Line 130: | Line 133: | ||
#MAILER(procmail)dnl | #MAILER(procmail)dnl | ||
#MAILER(cyrusv2)dnl | #MAILER(cyrusv2)dnl | ||
</ | </syntaxhighlight> | ||
===Build sendmail config=== | ===Build sendmail config=== | ||
< | <syntaxhighlight lang=bash> | ||
# cd /etc/mail; make | # cd /etc/mail; make | ||
</ | </syntaxhighlight> | ||
===Restart sendmail=== | ===Restart sendmail=== | ||
< | <syntaxhighlight lang=bash> | ||
# /etc/init.d/sendmail restart | # /etc/init.d/sendmail restart | ||
</ | </syntaxhighlight> | ||
===Send a test message=== | ===Send a test message=== | ||
< | <syntaxhighlight lang=bash> | ||
echo "This is a test email..." | mail -s "Test Email" [email protected] | echo "This is a test email..." | mail -s "Test Email" [email protected] | ||
</ | </syntaxhighlight> | ||
===Debug=== | ===Debug=== | ||
< | <syntaxhighlight lang=bash> | ||
# tail -f /var/log/maillog | # tail -f /var/log/maillog | ||
</ | </syntaxhighlight> | ||
Latest revision as of 01:52, 25 January 2018
Configure sendmail in Centos5 with a gmail smtp relay. Information pulled from;
- http://www.linuxha.com/other/sendmail/gmail.html
- http://www.phinesolutions.com/sendmail-gmail-smtp-relay-howto.html
- http://elliotli.blogspot.com/2007/08/gmail-fetchmail-and-sendmail-on.html
Setup certs
# mkdir /etc/mail/certs
# chmod 700 /etc/mail/certs
# cp /etc/pki/tls/certs/ca-bundle.crt /etc/mail/certs
# cd /etc/mail/certs
# openssl req -new -x509 -keyout cakey.pem -out cacert.pem -days 3650
# openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 3650
# chmod 600 /etc/mail/certs/*
Setup client info
# mkdir /etc/mail/auth
# chmod 700 /etc/mail/auth
# vi /etc/mail/auth/client-info
Add this to the file, changing username and password to gmail login info.
AuthInfo:smtp.gmail.com "U:root" "I:username" "P:password" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:root" "I:username" "P:password" "M:PLAIN"
Make hash of client-info
# makemap -r hash client-info.db < client-info
# chmod 600 /etc/mail/auth/*
/etc/mail/sendmail.mc
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl # cert stuff
define(`CERT_DIR', `/etc/mail/certs')
define(`confCACERT_PATH', `CERT_DIR')
define(`confCACERT', `CERT_DIR/ca-bundle.crt')
define(`confCRL', `CERT_DIR/ca-bundle.crt')
define(`confSERVER_CERT', `CERT_DIR/sendmail.pem')
define(`confSERVER_KEY', `CERT_DIR/sendmail.pem')
define(`confCLIENT_CERT', `CERT_DIR/sendmail.pem')
define(`confCLIENT_KEY', `CERT_DIR/sendmail.pem')
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvable_domains')dnl
dnl #
dnl FEATURE(`relay_based_on_MX')dnl
dnl #
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl #
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
MASQUERADE_AS(`drewserv.drewrents.readytoinvade.com')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
FEATURE(masquerade_envelope) FEATURE(genericstable, `hash -o /etc/mail/genericstable')
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')
define(`SMART_HOST',`smtp.gmail.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
MAILER(local)dnl
MAILER(smtp)dnl
#MAILER(procmail)dnl
#MAILER(cyrusv2)dnl
Build sendmail config
# cd /etc/mail; make
Restart sendmail
# /etc/init.d/sendmail restart
Send a test message
echo "This is a test email..." | mail -s "Test Email" [email protected]
Debug
# tail -f /var/log/maillog