From owner-freebsd-questions@FreeBSD.ORG Thu Mar 8 17:34:29 2012 Return-Path: Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2BC6410656D2 for ; Thu, 8 Mar 2012 17:34:29 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id A2B068FC1C for ; Thu, 8 Mar 2012 17:34:28 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [IPv6:2001:8b0:151:1:fa1e:dfff:feda:c0bb]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.5/8.14.5) with ESMTP id q28HYA8x060426 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Thu, 8 Mar 2012 17:34:12 GMT (envelope-from matthew@FreeBSD.org) X-DKIM: OpenDKIM Filter v2.5.0 smtp.infracaninophile.co.uk q28HYA8x060426 Authentication-Results: smtp.infracaninophile.co.uk/q28HYA8x060426; dkim=none (no signature); dkim-adsp=none Message-ID: <4F58ED8A.7050602@FreeBSD.org> Date: Thu, 08 Mar 2012 17:34:02 +0000 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: kamolpat References: <4F58D68D.2060700@dmaccess.net> In-Reply-To: <4F58D68D.2060700@dmaccess.net> X-Enigmail-Version: 1.3.5 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig7F3F0FF1A75AB9314EA56679" X-Virus-Scanned: clamav-milter 0.97.3 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk Cc: freebsd-questions@FreeBSD.org Subject: Re: question about SMTP-authentication X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Mar 2012 17:34:29 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig7F3F0FF1A75AB9314EA56679 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 08/03/2012 15:55, kamolpat wrote: > Setup Reference > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > 1. I read the how to setup from FreeBSD Handbook (online)-> Chapter 29= > Electronic Mail -> 29.10 SMTP Authentication from freebsd.org > 2. setup for cyrus-sasl2 was fine (setup via > usr/ports/security/cyrus-sasl2) > 3. setup for openssl was 90% fine (setup via port) reference to FreeBSD= > Handbook (online)->Chapter 15 Security -> 15.8 OpenSSL > accept the "STARTTLS" line doesn't appear as mention on the last > part of article. >=20 Did you rebuild sendmail with the right flags so that it would enable all the SASL bits? Apart from that you seem to have done all the right stuff that I can see. You need to add this to /etc/make.conf: SENDMAIL_CFLAGS=3D-I/usr/local/include -DSASL=3D2 SENDMAIL_LDFLAGS=3D-L/usr/local/lib SENDMAIL_LDADD=3D-lsasl2 and then rebuild sendmail -- assuming you have system sources installed: # cd /usr/src/usr.sbin/sendmail # make clean # make # make install If you haven't got the system sources installed, then you can get them easily enough with csup(1) or freebsd-update(8) or several other ways. Or you could just install sendmail from ports -- obviously, make sure to choose the option to enable SASL in the config dialogue. If you use the ports sendmail, so long as you set up mailer.conf(5) to point to the ports version -- like so: lucid-nonsense:/etc/mail:% cat mailer.conf # $FreeBSD: stable/8/etc/mail/mailer.conf 93858 2002-04-05 04:25:14Z gshapiro $ # # Execute the "real" sendmail program, named /usr/local/sbin/sendmail # sendmail /usr/local/sbin/sendmail send-mail /usr/local/sbin/sendmail mailq /usr/local/sbin/sendmail newaliases /usr/local/sbin/sendmail hoststat /usr/local/sbin/sendmail purgestat /usr/local/sbin/sendmail and put the following in /etc/make.conf so it uses the latest configuration file bits: SENDMAIL_CF_DIR=3D /usr/local/share/sendmail/cf MAKEMAP=3D /usr/local/sbin/makemap then the ports sendmail is pretty much a drop-in replacement for the system one, and you can use all the config bits in /etc/mail in exactly the same way as normal. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey --------------enig7F3F0FF1A75AB9314EA56679 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk9Y7ZEACgkQ8Mjk52CukIzWaACeJgcUIEWcSA3UmsGSUOhe6AE9 qLUAnj7dAT62+RBcPi1/9cficeFB91UO =qrOe -----END PGP SIGNATURE----- --------------enig7F3F0FF1A75AB9314EA56679--