dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2966
share rss forum feed

Hooper
Premium
join:2001-10-22
Castle Rock, CO

Sendmail smarthost with Authentication

I am going a little crazy here and maybe someone here can help me out. I am running RH9 with the default sendmail package that was included when installing (service running as smmsp). I am trying to get sendmail to send all outgoing email through my ISP's email server.

This is what I have in my sendmail.cf after using m4 to compile from sendmail.mc

# "Smart" relay host (may be null)
DSsmtp.1and1.com

# list of authentication mechanisms
O AuthMechanisms=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN

# SMTP AUTH flags
O AuthOptions=A

# authinfo list database: contains info for authentication as client
Kauthinfo hash /etc/mail/auth/client-info

The problem is that I can't seem to makemap the access database from the client-info file properly due to conflicts between sendmail service permissions and root permissions.

[root@asterisk auth]# makemap hash client-info < client-info
makemap: error opening type hash map client-info: Permission denied

If I change the permissions to 777 on the auth directory and client-info file, I was able to makemap the client-info.db file but then I get the following errors when sending:

The original message was received at Fri, 8 Apr 2005 19:18:34 -0400
from localhost.localdomain [127.0.0.1]

----- The following addresses had permanent fatal errors -----
<info@bcalumni.org>
(reason: 550 won't deliver to <info@bcalumni.org>)

----- Transcript of session follows -----
451 4.0.0 hash map "authinfo": unsafe map file /etc/mail/auth/client-info.db: Permission
denied
... while talking to smtp.1and1.com.:
>>> DATA
<<< 550 won't deliver to <info@bcalumni.org>
550 5.1.1 <info@bcalumni.org>... User unknown
<<< 554 no valid recipients
I guess the problem here is that sendmail runs as smmsp and I am trying to makemap as root. I have to believe someone else has run into this problem before. I have looked at the other posts here and googled but can't seem to get around this makemap problem.

Any thoughts on getting around this or an easier way to do this?

--
Area Code & Exchange Lookup


justin
..needs sleep
Australian
join:1999-05-28
kudos:15
I thought sendmail was supposed to make its own maps on the fly if you let it. Otherwise, make it however, then chown it to smmsp and fix the permissions.


cowboy
So Much For Subtlety
Premium
join:2000-03-14
Louisville, KY
no, sendmail will not automagically make any maps.

I'm curious as the the extant permissions of the source and .db files the original poster has - something seems amiss!

you might be able to get by by using the -s flag to makemap (ignore safety checks).

Otherwise, you'll wind up chown;makemap;chown
--
Richard Nelson

Hooper
Premium
join:2001-10-22
Castle Rock, CO

1 edit
reply to justin
said by justin:

I thought sendmail was supposed to make its own maps on the fly if you let it. Otherwise, make it however, then chown it to smmsp and fix the permissions.
I tried removing the client-info.db file and letiing sendmail create it... but still get the the unsafe map file error.

I have already chown'ed client-info and client-info.db to smmsp.root as well as the auth directory.

The real question is what should the permissions be set to on the auth directory and the client-info file and client-info.db file after I makemap the db.

Hooper
Premium
join:2001-10-22
Castle Rock, CO

1 edit
reply to Hooper
Yes! got it working.

Had to chown root.root the auth directory, then had to chmod the auth directory to 700 as root. Then makemap client-info and the db file was created with the proper permissions.

Edit:
Don't forget to chown the the client-info file to root.root and then chmod 600 client-info also.