Sendmail and smarthost and authenticated submission on port 587

Today I came across a small and interesting thing. One of our customer have been upgrading from suse to centos, and that also changed the mailer from postfix to sendmail. I consider myself a quite skilled sendmail person but this was a new one.

The system itself is a dumb system and we should forward everyting to a smart host. But we need to do that over port 587 and authenticated.

So some googeling and reading I came up with the following:

First you need to install the sendmail-cf package

And the we need to modify the /etc/mail/sendmail.mc file and add the following (den xxx lines is there so you only have to remove the dnl first on the line:

The first line specify the hostname of the smarthost. Line 2 and 3 tells sendmail to use port 587 for submission instead of the normal 25. And the fourth line specify that the authentication information should be from the authinfo.db file.

We now have to make the sendmail.cf file:

We now have the new sendmail.cf file in /etc/mail that sendmail can use.

We then have to create the file – start bu creating /etc/mail/authinfo:

Where you set the username and password to what you should use.

We then need to make a sendmail map of it:

Second line makes it a bit more secure by making it readable for root only. And then we use the makemap to make the authinfo.db file. We can now restart sendmail and all should work.

 

4 thoughts on “Sendmail and smarthost and authenticated submission on port 587

  1. I’m a relative newbie with sendmail. I’ve followed your instructions (and many others) to set up a connection to a smarthost (fastmail.fm in my case) but just cannot get anything to work. All I get is
    ‘Deferred: Connection timed out with mail.messagingengine.com’
    as the status in my mail queue and very little of any help in any of the mail logs. I’ve no idea if the error is in sendmail config, wrong authentication info or what 🙁 I’m using Webmin to manage my mail server if that’s of any help.

    Is there any chance of a little help with this please ?

    Regards
    Paul Mapp

  2. Its hard do help without a lot more info.

    First you can make sure (with telnet) that you actually can connect to the ip adress and port that you are connecting to.

    Then you can continue to config sendmail and get that to work.

  3. Can you explain the two lines in authinfo? Why does it need two lines with identical information, except the ispdomain? What is ispdomain.net – the name of the mailserver like smtp.ispdomain.net?

    Then you use authinfo.db (with ending .db) in sendmail.mc, and create a file with name authinfo (no .db). Is that intentional or just a typo?

  4. Hi there, and its nice with a real comment compared to al the spam.

    The easiest thing to explain is the authinfo.db. The file is a berkley db file created with the makemap command, so ith created from the authinfo file.

    And yes – you can probably use only one line in the authinfo file, the first one with the ispdom.net added. I’m not sure exactly when it defaults back to the second one, so you can try without that.

Leave a Reply

Your email address will not be published. Required fields are marked *