Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 12th July 2011, 11:29
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Default Howto configure Centos 5 + sendmail as a simple SMTP relay for Gmail

If you use your own domain with gmail some mail clients display your email address as "someone@yourdomain.com on behalf of someone@gmail.com". To avoid this Google allow you to use your own sendmail to relay outgoing mail. The longer explanation is here

I have a VPS server with plain Centos 5.5 - the basic install, including sendmail and saslauth that I'd like to use for this purpose.

There's a lot of howtos explaining howto setup a fully fledged mail system with dovecot or whatever, but I just need the most basic sendmail for this purpose.

I've set everything up and sendmail is now listening on the various optional ports:

Code:
# netstat -ptan | grep sendmail
tcp        0      0 0.0.0.0:587                 0.0.0.0:*                   LISTEN      12270/sendmail: acc
tcp        0      0 0.0.0.0:465                 0.0.0.0:*                   LISTEN      12270/sendmail: acc
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      12270/sendmail: acc


I'm pretty sure everything is setup right, including certificates (how can I verify they are ok?). I've created a standard Linux user (useradd) for authentication - that ought to work with PAM right? So why can't I authenticate with this user?

Code:
# grep -v ^dnl /etc/mail/sendmail.mc
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
define(`confLOG_LEVEL', `90')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
DAEMON_OPTIONS(`Port=smtp,Name=MTA')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
But when I add my server to Gmail they say: "We are having trouble authenticating with your other mail service. Please try a different port or connection option. If you continue to experience difficulties, please contact your other email provider for further instructions.", and when I look in the logfile I get following:

Code:
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-vpsxxx.xxx.net Hello mail-vw0-f44.google.com [209.85.212.44], pleased to meet you
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-ENHANCEDSTATUSCODES
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-PIPELINING
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-8BITMIME
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-SIZE
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-DSN
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-AUTH EXTERNAL
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-DELIVERBY
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250 HELP
Jul 12 07:23:02 localhost sendmail[30074]: STARTTLS=read, info: fds=7/4, err=2
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: <-- QUIT
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 221 2.0.0 vpsxxx.xxx.net closing connection
Jul 12 07:23:02 localhost sendmail[30074]: STARTTLS=server, SSL_shutdown not done
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: in background, pid=30074
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: mail-vw0-f44.google.com [209.85.212.44] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: dropenvelope, e_flags=0x4001, OpMode=d, pid=30074
Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: unlock
Jul 12 07:23:02 localhost sendmail[30074]: NOQUEUE: finis, pid=30074
Any idea what I'm doing wrong here?

I mean, obviously there's a problem with that STARTTLS thing, but what? It is certainly supported by the server:

Code:
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 vpsxxx.xxx.net ESMTP Sendmail 8.13.8/8.13.8; Tue, 12 Jul 2011 09:57:12 GMT
ehlo there
250-vpsxxx.xxx.net Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP

Last edited by peterpallesen; 12th July 2011 at 12:07.
Reply With Quote
Sponsored Links
  #2  
Old 14th July 2011, 19:19
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Oh well. At least I'm not the only one who don't know ...
Reply With Quote
  #3  
Old 15th July 2011, 10:33
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

The problem is that you use Sendmail which is really hard to configure - you need to be a real expert to do this. It is years ago that I last worked with Sendmail (using Postfix instead).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 15th July 2011, 11:04
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Hm, actually I'm quite comfortable with Sendmail (even if I hit a snag this time) but unfamiliar with Postfix. Any howto you can recommend with Postfix proving this solution? Any searches for Postfix and Gmail comes up with a stack of solutions for the opposite problem (using gmail's smtp servers to relay mail).
Reply With Quote
  #5  
Old 16th July 2011, 06:08
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Ok, so I removed sendmail and installed postfix, that was easy enough, but didn't bring me any further than before.

The thing is, as I explained in the first post, this is supposed to be an outgoing relay for Gmail only, in order to get rid of the "send on behalf of" annoyance in Gmail. Many howto's discuss how to setup postfix with dovecot or cyrus-imap, but as there will not be any incoming mail to this server I don't want to have this unnecessary software installed.

I have cyrus-sasl installed and it is (default) configured to use pam. This is fine with me as pam is supposed to be able to handle authentication through /etc/password (/etc/shadow) - but I can't find anywhere explaining how to configure this to work.
Reply With Quote
  #6  
Old 16th July 2011, 12:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Take a look here:
http://www.howtoforge.com/forums/sho...d.php?p=105989
http://ubuntu-tutorials.com/2008/11/...-smtpgmailcom/
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 16th July 2011, 20:02
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Thanks but that again address the opposite of what I need.

This explains how to relay your own mail through Google's smtp server.

I want to route Gmail through my own server as explained in my first post.
Reply With Quote
  #8  
Old 20th July 2011, 11:30
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Default

I'm still trying to setup this mailserver to act as a mail relay for Gmail.

There must be at least 10,000 howto's on the internet explaining how to relay your outgoing mail through gmail. I can see how this could be handy for those with a Linux on a PC with dynamic IP where they need a "real" smtp server to relay the outgoing mail, but I have the opposite problem. I want to avoid Gmails "sent on behalf of" which frankly is lame, and relay my outgoing mail through my vps server.

I changed to postfix as recommended, as I was advised that sendmail was too complicated, but I frankly don't see postfix being any less complicated than sendmail.

I have both setup as simple mail servers, able to handle outgoing mail originating on the server (i.e. through web forms etc) and it is correctly blocking relaying of mail that shouldn't be relayed.

What I need is a simple howto explaining how to configure standard saslauth (using the standard cyrus saslauth as it comes with Centos) so that I can relay my gmail through my own smtp server.

There are bits and pieces everywhere but it's like trying to watch a large painting through a toilet paper roll.
Reply With Quote
  #9  
Old 20th July 2011, 11:50
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Here is one that seems to make an attempt.

It appears to be from 2004.

19 pages, with arrows, highlights, boxes, cross-references and written by a German (I don't have a problem with Germans but they tend to be a tad verbose and this one is certainly no exception)

The first 9 pages goes with small talk about why we want to do this, and how to compile sendmail and saslauth from scratch. Have these guys not heard of yum?

Finally on page 11 we start getting a little meat - http://postfix.state-of-mind.de/patr...iguration.html - but check it out, endless yatter with multicolored boxes adding to the confusion.

How about just explaining in simple text what you need to add to which files and then let that be it?
Reply With Quote
  #10  
Old 20th July 2011, 12:24
peterpallesen peterpallesen is offline
Junior Member
 
Join Date: Jun 2011
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
 
Default

Here's another, slightly better one: http://thomer.com/howtos/postfix_sasl.html. It's only from 2009 but alas, was made for Debian.

But, alas, it doesn't work either. For a start it doesn't even listen on port 587 (TLS).
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
SquirrelMail login not working glenneh Installation/Configuration 13 9th April 2011 20:01
Problems connecting my HTC Desire outgoing mail client to Postfix and ISP Config 2 j.smith1981 Server Operation 6 12th July 2010 19:07
Centos 5.2 + ISPConfig 3 tutorial - Problem with email tanakskool Server Operation 1 3rd June 2009 16:22
Need help relay smtp based on perfect server 5.1 c0l3s HOWTO-Related Questions 3 20th October 2008 13:13
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47


All times are GMT +2. The time now is 18:55.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.