Best Way to Control Relaying?

Muhammad Nauman nauman at worldcall.net.pk
Fri May 19 06:50:26 IST 2006 

> Julian Field wrote:
>> Alex Neuman van der Hans wrote:
>>>
>>> 3. Make sure saslauthd is running (and set to run on startup) with:
>>> chkconfig saslauthd on
>>> service saslauthd start
>> One thing worth mentioning. There's a mistake (in my view) in RedHat's 
>> supplied configuration of saslauthd.
>>
>> In /etc/sysconfig/saslauthd, they have set
>> MECH=shadow
>> with the result that only /etc/passwd and /etc/shadow will be used to 
>> search for usernames and passwords.
>>
>> If you use any other mechanism, you will probably want to change this to
>> MECH=pam

After A long Reading and Work i did managed to Make the SMTP AUTH Work as i 
can see it in my maillog:

May 18 13:08:55 mailserver [4145]: AUTH=server, 
relay=abc.xyz.com[192.168.1.25], authid=nauman, mech=LOGIN, bits
=0

But then again - i was having problem that - it was not asking for 
authentation from all the users  , just those who have ticked the option in 
outlook.

so i started playing around to stop anoymous logins - which were still 
relaying without authentication

define(`confAUTH_OPTIONS', `A p y')dnl

and in this process i even re-compiled sendmail - with Sh Build -c

I  Have my  devtools/Site/site.config.m4 as :

dnl Milter
APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE')
APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')

and i rebuit my sendmail and verified it as :

[root at root]# sendmail -d0.1 -bv
Version 8.13.5
 Compiled with: DNSMAP LOG MATCHGECOS MILTER MIME7TO8 MIME8TO7
                NAMED_BIND NETINET NETUNIX NEWDB PIPELINING SASLv2 SCANF 
USERDB
                XDEBUG

[root at root]# /etc/init.d/saslauthd status
saslauthd (pid 3235 3234 3233 3232 3228) is running...

and then coming to the Sendmail.mc

define(`confAUTH_OPTIONS', `A p y')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl

and now when i telnet localhost 25 :

it do'nt ask any AUTH LOGIN :

220  ESMTP
EHLO mailserver
250-localhost.localdomain Hello abc.xyz.com [192.168.1.3], pleased to
 meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DELIVERBY
250 HELP

I NEED TO DO it - and i want it working Fully fine - i cant find - where i m 
going Wrong - IF any one can HELP it would be great .

So far as AUTH MECH - i will stick to the shadow methord  !


Thanks and regards,
M.Nauman Habib
Network Engineer
ICT Department
WorldCALL Multimedia Pvt Ltd
16-S Gulberg II Lahore, Pakistan
Off: 92 (42) 5877051-55
Cell : 0321-4311830


-- 
This message has been scanned for viruses and
dangerous content by WorldCall Scanner, and is
believed to be clean.

More information about the MailScanner mailing list