Http://dev.firnow.com/course/6_system/linux/Linuxjs/2008618/126266.html
Reprinted Note:> after a lot of days of Sendmail and SMTP, I finally found this article is good. Article , Corresponding to my sendmail8.13 version, operating system redflag 2.6.18. Although I cannot find the original version, I am very grateful to the author of this article !!
========================================== ==========================================
How to configure the Sendmail mail server with SMTP and POP3 Authentication
There are hundreds of articles about Sendmail on the Internet, and few of them are successfully followed. Some of them are inaccurate. I would like to share with you the method that is completely feasible after I have tested the experiment environment.
1. Software preparation
Operating System: centos5.0
I chose centos5, the latest operating system, instead of redhat9, which has not been updated for a long time and is risky for enterprises. Upgrade your system.
All of the following software comes with centos5 and does not need to be downloaded.
Email system:
Sendmail8.13
Sendmail-cf-8.13
M4-1.4
POP3 Certification: dovecot-1.0
SMTP authentication:
Cyrus-sasl-2.1
Cyrus-sasl-md5-2.1
Cyrus-sasl-plain-2.1
Cyrus-sasl-lib-2.1
SASL here, I would like to say, some people on the Internet said "The sendmail-8.13 already contains the cyrus-sasl function, there is no need to install cyrus-sasl"
Big Brother and big sister do not use cyrus-sasl for certification ..... sendmail officially said that the RPM package of Sendmail already supports the cyrus-sasl authentication method by default. That is to say, Sendmail will automatically create the relevant authentication configuration file in the cyrus-sasl working directory, and listen to port 25, you do not need to manually set up the configuration file and listening port. When a request enters port 25, Sendmail will automatically find the/usr/lib/sasl2/sendmail. conf read authentication method. I will explain it in detail below.
2. Install software
Rpm-IVH installs all the above software on the CD.
3. Authentication Configuration
POP3:
On the Internet, modify the/etc/Dovecot. conf file and remove the # protocols = IMAP IMAPs POP3 pop3s in line 1. Actually, no. It has enabled these services by default. Unless you only want to use Dovecot-auth authentication, you can change it to protocols = none. Otherwise, you do not need to change it.
SMTP:
Note: SMTP is a little troublesome.
How it works:
After the user requests to enter port 25, Sendmail calls the saslauthd Process Of cyrus-sasl. saslauthd requires the other party to enter the user name and password of the local system user, saslauthd will go to the/etc/shadow file of the system, confirm the password, open, and tell Sendmail that this user is valid and can use the mail service to send emails.
At this time, go to/usr/lib/sasl2/and check that Sendmail has prepared a sendmail. conf file, which specifies: pwcheck_method = saslauthd, indicating that saslauthd must be called during Sendmail authentication.
To implement the above functions, you must set saslauthd Of cyrus-sasl and specify the authentication method for it.
First, enter/etc/sysconfig/, open the saslauthd script, and find the 7th rows:
Mech =
No matter what is written after the equal sign, we should change it:
Mech = shadow
Save
In this way, saslauthd will go to the shadow file to authenticate the user.
In fact, saslauthd can also use its own user name and password database for verification, but this is not convenient, but also create a user, it is better to directly use the system's own user name and password.
4. configure Sendmail.
Configure the email server name:
Open/etc/mail/Local-host-names
Add the email address after your. For example, I am a otto@linuxedentest.com.
Then, you need to add the following in the second line of the local-host-names file:
Linuxedentest.com
Save
Of course
You can also set the mailbox alias for local-host-names.
After modification, add the MX mark to your DNS server and add the mark to resolve the DNS name and address. The specific method is to check the BIND setting method, or the win2003 DNS setting method.
Configure Sendmail. MC:
Open the/etc/mail/sendmail. Mc file,
Find:
DNL trust_auth_mech ('external DIGEST-MD5 login plain ') DNL
DNL define ('confauth _ mechanisms ', 'external gssapi DIGEST-MD5 CRAM-MD5 login plain') DNL
Remove the preceding DNL comment and change it:
Trust_auth_mech ('external DIGEST-MD5 CRAM-MD5 login plain ') DNL
Define ('confauth _ mechanisms ', 'external gssapi DIGEST-MD5 CRAM-MD5 login plain') DNL
The above two sentences mean:
Mail users who pass authentication through external, login, plain, CRAM-MD5, or DIGEST-MD5, ignore the settings in the access file.
Confauth_mechanic ISMs to determine the authentication method supported by the system. In the login plain mode, outlook is mostly used.
If the calculation is not complete, find:
DNL daemon_options ('port = SMTP, ADDR = 127.0.0.1,) DNL
Changed:
Daemon_options ('port = SMTP, ADDR = 0.0.0.0,) DNL
In this way, all IP addresses can use our email server through the SMTP port.
-----------------------------------------------------------
Do not change it.
DNL daemon_options ('port = Submission, name = MSA, M = EA ') DNL
This sentence! Maintain the annotation status.
In the above sentence, many articles on the Internet say that port = submission should be changed to Port = 25, which means that all users are forced to perform authentication on port 25.
I don't know how to set up SMTP authentication in the previous versions of Sendmail. Sendmail8.13 does not need to be set. In this case, Sendmail means that after the comment is canceled, once port 25 is redirected or blocked, or port 25 cannot be opened, authenticate the user immediately using the 587 backup port.
Originally, Sendmail has opened port 25 (Port = SMTP), but you still have port = 25 here, and changed the backup port to port 25, this is not for the SM-client of Sendmail to recognize
Is the main process of the process and Sendmail snatching ports ....
-----------------------------------------------------------
So far, save sendmail. MC
Use M4 to regenerate the sendmail. cf file
# M4/etc/mail/sendmail. MC>/etc/mail/sendmail. cf
Start the Dovecot process:
/Etc/init. d/Dovecot start
Start the saslauthd process:
/Etc/init. d/saslauthd start
Start the Sendmail process:
/Etc/init. d/sendmail start
Add these processes to the startup script:
Chkconfig Dovecot on
Chkconfig saslauthd on
Chkconfig Sendmail on
OK. All settings are complete. You can authenticate and send and receive emails normally.
If there is any inaccuracy in this article, please submit your approval ~~~
==================================================================== ==========================================
SMTP Test method:
The following sh # indicates input in shell, c Indicates input in client, and s indicates information returned by server.
Sh # telnet <email server address/IP> <port (usually 25)>
S: 220 localhost. localdomain ESMTP Sendmail 8.13.8/8.13.8; Sun, 18 May 2008 01:55:03 + 0800
C: EHLO <Name> (Helo + name is not used for authentication)
S: 250-localhost.localdomain Hello zhangzb.nec-as.nec.com.cn [172.28.90.9], pleased to meet you
S: 250-enhancedstatuscodes
S: 250-pipelining
S: 250-8bitmime
S: 250-size
S: 250-dsn
S: 250-etrn
S: 250-auth gssapi DIGEST-MD5 CRAM-MD5 login Plain
S: 250-deliverby
S: 250 help
C: AUTH LOGIN
S: 334 vxnlcm5hbwu6
Note: {enter username and passwd first, and the two must enter the encode base64 code. The conversion method is as follows:
Sh # Perl-mmime: base64-e 'print encode_base64 ("username ")'
(Note that "print" is a single quotation mark, and "username" is replaced with the word you need)
}
C: MQ = (this is my User name: 1)
S: 334 ugfzc3dvcmq6
C: MQ = (password, also 1)
S: 235 2.0.0 OK authenticated
C: mail from: <XXXX @ XXXX> (after some servers are configured, the real mailbox suffix is required. The specific method is unknown)
S: 250 2.1.0 <XXXX @ XXXX>... sender OK
C: rcpt to: <XXXX @ XXXX> (target email address)
S: 250 2.1.5 <XXXX @ XXXX>... recipient OK
C: Data
S: 354 enter mail, end with "." on a line by itself
C: <Add email content here> 〉
C:. (point)
S: 250 2.0.0 m4hht3sj005640 message accepted for delivery
C: Quit
<Mail Send successful> 〉