Sendmail relay authentication

sendmailsmtp

I'm trying to set up my sendmail to authenticate against a relay (comcast). I'm not seeing any attempts to authenticate at all. I'm trying to just debug how authentication works, and can't connect all the pieces…

I have, in my .mc file:

define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`SMART_HOST', `relay:smtp.comcast.net.')dnl
define(`confAUTH_MECHANISMS', `PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/client-info')dnl

And in my /etc/mail/client-info:

AuthInfo:*.comcast.net "U:root" "I:comcast_user" "P:comcast_password"

Now, I know everything is fine with the u/p, as I could authenticate directly through SMTP, using telnet.

There are two things I don't understand.

  1. When AuthInfo records are searched for, they are matched by the target hostname. How? Does it it use the map key (something I would expect), or uses the so-called "Domain" ("R:" parameter that I don't set in my auth-info line)

  2. What is "U:", really? Sendmail README (http://www.sendmail.org/m4/smtp_auth.html) says it's "user(authoraztion id)", and "I:" is "authentication ID". That suggests that my username should be in "U:", actually, but http://www.sendmail.org/~ca/email/auth.html says that "I:" is your remote user name.

The session looks like this:

[root@manticore]/etc/mail# sendmail -qf -v
Warning: Option: AuthMechanisms requires SASL support (-DSASL)

Running /var/spool/mqueue/p97CgcWq023273 (sequence 1 of 399)
my@email.com... Connecting to smtp.comcast.net. port 587 via relay...
220 omta19.westchester.pa.mail.comcast.net comcast ESMTP server ready
>>> EHLO my.host.name
250-omta19.westchester.pa.mail.comcast.net hello [my.ip.add.res], pleased to meet you
250-HELP
250-AUTH LOGIN PLAIN
250-SIZE 15728640
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-STARTTLS
250 OK
>>> STARTTLS
220 2.0.0 Ready to start TLS
>>> EHLO my.host.name
250-omta19.westchester.pa.mail.comcast.net hello [my.ip.add.res], pleased to meet you
250-HELP
250-AUTH LOGIN PLAIN
250-SIZE 15728640
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 OK
>>> MAIL From:<> SIZE=2183
550 5.1.0 Authentication required
MAILER-DAEMON... aliased to postmaster
postmaster... aliased to root
root... aliased to my@email.com
postmaster... aliased to root
root... aliased to my@email.com
>>> RSET
250 2.0.0 OK


[root@manticore]/etc/mail# sendmail -d0.1
Version 8.14.3
 Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
                NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SCANF
                SOCKETMAP STARTTLS TCPWRAPPERS USERDB XDEBUG

Thanks,
Pawel.

Best Answer

if FEATURE(`authinfo') is used, then the hostname in the map entry must match exactly the hostname of the ISP mailserver

See at your SMART_HOST + client-info

What is "U:", really?

Well, SMTP Authentication states in pure English

U user (authorization) id

I authentication id

...

User or authentication id must exist as well as the password. All other entries have default values. If one of user or authentication id is missing, the existing value is used for the missing item.

Related Topic