From owner-freebsd-questions@FreeBSD.ORG Thu Jul 26 20:11:49 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 568D916A420 for ; Thu, 26 Jul 2007 20:11:49 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id C9CC713C4DA for ; Thu, 26 Jul 2007 20:11:48 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost.infracaninophile.co.uk [IPv6:::1]) by smtp.infracaninophile.co.uk (8.14.1/8.14.1) with ESMTP id l6QKBSbY079055; Thu, 26 Jul 2007 21:11:30 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Authentication-Results: smtp.infracaninophile.co.uk from=m.seaman@infracaninophile.co.uk; sender-id=permerror; spf=permerror X-SenderID: Sendmail Sender-ID Filter v0.2.14 smtp.infracaninophile.co.uk l6QKBSbY079055 Message-ID: <46A8FFF0.3050809@infracaninophile.co.uk> Date: Thu, 26 Jul 2007 21:11:28 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.5 (X11/20070721) MIME-Version: 1.0 To: Dylan Smith References: <46A86F40.1040208@lightray.org> <3342A9B9-056E-4C5A-852F-BAC2039E27CC@gmail.com> <46A88E7F.80907@lightray.org> In-Reply-To: <46A88E7F.80907@lightray.org> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (smtp.infracaninophile.co.uk [IPv6:::1]); Thu, 26 Jul 2007 21:11:40 +0100 (BST) X-Virus-Scanned: ClamAV 0.91.1/3779/Thu Jul 26 20:33:22 2007 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.9 required=5.0 tests=AWL,BAYES_00, DKIM_POLICY_SIGNSOME,DKIM_POLICY_TESTING,DK_POLICY_SIGNSOME,NO_RELAYS autolearn=ham version=3.2.1 X-Spam-Checker-Version: SpamAssassin 3.2.1 (2007-05-02) on happy-idiot-talk.infracaninophile.co.uk Cc: Eric Crist , freebsd-questions@freebsd.org Subject: Re: Sendmail question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jul 2007 20:11:49 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dylan Smith wrote: > Eric Crist wrote: >> On Jul 26, 2007, at 4:54 AMJul 26, 2007, Dylan Smith wrote: >> >>> I am currently on the last stages of setting up a FreeBSD 6.2-STABLE >>> File and Network Application Server. One of my last tasks is to >>> simple forward all mail from root out through my isp's SMTP(requires >>> authentication) server and to an email account i have elsewhere. That >>> is to say i have no purpose for a mail server other than to handle >>> mail from things like periodic and to move that mail elsewhere. >>> >>> Can this be easily accomplished? If so are there any guides/how-to's? >>> I have done a search around my usual BSD sites and books and found >>> nothing that is easily modified to my circumstances. >> It can be done, but it's a PITA with Sendmail. Look into >> /usr/ports/mail/ssmtp. We use it on our systems here where we need to >> simply get root's email off the box. Simple configuration file, works >> well. > Thanks for that little suggestion. > Would this mean that i could just disable sendmail > totally(sendmail_enable="none")? Hmmm... no one seems to have cottoned onto the 'requires authentication' statement in the original message. As far as I can tell, ssmtp only allows authentication via the use of cryptographic certificates -- which is probably the most secure way of doing authentication but also tends not to be supported on many mail systems. If you need support for most client-side mail auth mechanisms, then sendmail is probably the least effort to set up -- and it is not really that hard to do IMHO. All you need to do is: * Make sure /etc/rc.conf contains sendmail_enable="NO" Which might seem a bit odd, but actually gives you a setup with no sendmail listening on port 25 (so no incoming mail), but with everything it needs to send outgoing mail. * edit /etc/mail/aliases to direct the root e-mails to where ever you want them to go to. * run 'make' in /etc/mail to rebuild the aliases.db file and copy the default sendmail configuration to `hostname`.mc etc. (`hostname` there means "whatever the hostname command outputs" on your machine.) * edit `hostname`.mc and change the line that says: dnl define(`SMART_HOST', `your.isp.mail.server') Take out the 'dnl' part and change your.isp.mail.server to the hostname of your ISP's mail server. For security reasons (ie. to stop people being able to trivially find out the login and password details) you should also change this line at the end of the file from: define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy') to define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy,goaway') Then run: make all install restart to generate the .cf files, move them into place and restart the running sendmail. * edit /etc/mail/access to add the login details for your ISP's mail server. Look for the section titled "Providing SMTP AUTH Data when sendmail acts as Client" in the file /usr/share/sendmail/cf/README for details. In short if all you have is a username and password then add a line like: AuthInfo:your.isp.mail.server "U:user" "P:password" Then type 'make' one last time. That's all really, apart from testing. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGqP/w8Mjk52CukIwRCN4DAJwOSF8eqb4WGQytrKu7kcCq9q5iSQCfRAT2 oI9pogQUepmf5yzQJMegrPk= =bj1y -----END PGP SIGNATURE-----