SendmailRelayGmailCentos: Difference between revisions

From DrewWiki
Jump to navigation Jump to search
(New page: 1. Setup certs <pre> # mkdir /etc/mail/certs # cp /etc/pki/tls/certs/ca-bundle.crt /etc/mail/certs # cd /etc/mail/certs # openssl req -new -x509 -keyout cakey.pem -out cacert.pem -days 365...)
 
No edit summary
Line 1: Line 1:
1. Setup certs
===1. Setup certs===
<pre>
<pre>
# mkdir /etc/mail/certs
# mkdir /etc/mail/certs
Line 7: Line 7:
# openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 3650
# openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 3650
</pre>
</pre>
2. Setup client info
 
===2. Setup client info===
<pre>
<pre>
# mkdir /etc/mail/auth  
# mkdir /etc/mail/auth  
Line 21: Line 22:
# makemap -r hash client-info.db < client-info
# makemap -r hash client-info.db < client-info
</pre>
</pre>
3. /etc/mail/sendmail.mc
 
===3. /etc/mail/sendmail.mc===
<pre>
<pre>
divert(-1)dnl
divert(-1)dnl
Line 120: Line 122:
#MAILER(cyrusv2)dnl
#MAILER(cyrusv2)dnl
</pre>
</pre>
4. Build sendmail config
 
===4. Build sendmail config===
<pre>
<pre>
# cd /etc/mail; make
# cd /etc/mail; make
</pre>
</pre>
5. Restart sendmail
 
===5. Restart sendmail===
<pre>
<pre>
# /etc/init.d/sendmail restart
# /etc/init.d/sendmail restart
</pre>
</pre>
6. Send a test message;
 
===6. Send a test message;===
<pre>
<pre>
echo "This is a test email..." | mail -s "Test Email" [email protected]
echo "This is a test email..." | mail -s "Test Email" [email protected]
</pre>
</pre>
7. Debug
 
===7. Debug===
<pre>
<pre>
# tail -f /var/log/maillog
# tail -f /var/log/maillog
</pre>
</pre>

Revision as of 20:08, 5 April 2009

1. Setup certs

# mkdir /etc/mail/certs
# cp /etc/pki/tls/certs/ca-bundle.crt /etc/mail/certs
# cd /etc/mail/certs
# openssl req -new -x509 -keyout cakey.pem -out cacert.pem -days 3650
# openssl req -nodes -new -x509 -keyout sendmail.pem -out sendmail.pem -days 3650

2. Setup client info

# mkdir /etc/mail/auth 
# vi /etc/mail/auth/client-info

Add this to the file, changing username and password to gmail login info.

AuthInfo:smtp.gmail.com "U:root" "I:username" "P:password" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:root" "I:username" "P:password" "M:PLAIN"

Make hash of client-info

# makemap -r hash client-info.db < client-info

3. /etc/mail/sendmail.mc

divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl

define(`confDEF_USER_ID', ``8:12'')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl

dnl # cert stuff
define(`CERT_DIR', `/etc/mail/certs')
define(`confCACERT_PATH', `CERT_DIR')
define(`confCACERT', `CERT_DIR/ca-bundle.crt')
define(`confCRL', `CERT_DIR/ca-bundle.crt')
define(`confSERVER_CERT', `CERT_DIR/sendmail.pem')
define(`confSERVER_KEY', `CERT_DIR/sendmail.pem')
define(`confCLIENT_CERT', `CERT_DIR/sendmail.pem')
define(`confCLIENT_KEY', `CERT_DIR/sendmail.pem')

define(`confTO_IDENT', `0')dnl

FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl

dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl

dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvable_domains')dnl
dnl #
dnl FEATURE(`relay_based_on_MX')dnl
dnl # 
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl # 
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
MASQUERADE_AS(`drewserv.drewrents.readytoinvade.com')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl

FEATURE(masquerade_envelope) FEATURE(genericstable, `hash -o /etc/mail/genericstable')
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain') 

define(`SMART_HOST',`smtp.gmail.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl

MAILER(local)dnl
MAILER(smtp)dnl
#MAILER(procmail)dnl
#MAILER(cyrusv2)dnl

4. Build sendmail config

# cd /etc/mail; make

5. Restart sendmail

# /etc/init.d/sendmail restart

6. Send a test message;

echo "This is a test email..." | mail -s "Test Email" [email protected]

7. Debug

# tail -f /var/log/maillog