Configuring Sendmail to Use a Smart Host

I needed to configure a sendmail server that had a dynamic IP address to route email out through an SMTP server belonging to an ISP, since otherwise some email servers might reject email from that sendmail server. Some email servers will compare a sending email server's IP address to lists of addresses known to be assigned by ISP's as dynamic IP addresses. By doing so, ISP's hope to block spam from home user's PCs that have been compromised and put to use as zombie systems by spammers.

The steps below can be taken on a Linux system running sendmail to have it send email via a "smart host" server. In essence, instead of the sendmail server sending email directly to other email servers, it transmits all email to another server, the "smart host", which handles the task of transmitting the received email to the recipients' servers.

In /etc/mail/sendmail.mc, look for the following section:

dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST', `smtp.your.provider')dnl
dnl #

Remove the dnl from the beginning of the dnl define(`SMART_HOST', `smtp.your.provider')dnl line and replace smtp.your.provider with the smart host you will be using, e.g. mail.example.com.

define(`SMART_HOST', `mail.example.com')dnl

In /etc/mail/access add the following line, substituting the actual SMTP server you will need to use for mail.example.com and your actual username and password on the smart host server for myloginname and mypasswd:

Authinfo:mail.example.com "U:myloginname" "P:mypasswd" "M:Plain"

Then regenerate the /etc/mail/access.db file with makemap hash /etc/mail/access </etc/mail/access. Regenerate /etc/mail/sendmail.cf with m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf. Then restart sendmail with service sendmail restart or /etc/init.d/sendmail restart.

Once you have taken the above steps, you can send a test message from the system. Sending one to a test email address on another system that will allow you to view the message headers is ideal. At the destination, look at the message headers for the email you sent. You should see it passing through the smart host.

When I sent out a test message after making the changes above, the message didn't reach the destination. I checked the mail queue with mailq and saw the message had not gone out because of an "AUTH failure".

# mailq
                /var/spool/mqueue (1 request)
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
m43M1HT8032701       31 Sat May  3 18:01 <johnsmith@myserver.com>
                 (Deferred: Temporary AUTH failure)
                                         <melvin@example.com>

I had sendmail attempt to send the queued message immediately and display information on its progress with sendmail -q 0 -v (the -v provides "verbose" information).

# sendmail -q 0 -v

Running /var/spool/mqueue/m43M1HT8032701 (sequence 1 of 1)
<melvin@example.com>... Connecting to smtp.atlanticbb.net. via relay...
220 ECHO Labs SMTP Service - MX01
>>> EHLO myserver.com
250-BL-106 says EHLO to 72.45.13.244:1097
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-AUTH=LOGIN
250 AUTH LOGIN
>>> QUIT
221 BL-106 closing connection
<melvin@example.com>... Deferred: Temporary AUTH failure
Closing connection to smtp.atlanticbb.net.

In this case I was using smtp.atlanticbb.net as the smart host. I could see it supports an AUTH type of "LOGIN", but I didn't see "PLAIN" listed. I edited /etc/mail/access, replacing "M:Plain" with "M:Login".

Authinfo:smtp.atlanticbb.net "U:myloginname" "P:mypasswd" "M:Login"

I then ran makemap hash /etc/mail/access < /etc/mail/access again. Then when I had sendmail process the mail queue immediately again, the message was successfully transmitted.

# sendmail -q 0 -v

Running /var/spool/mqueue/m43M1HT8032701 (sequence 1 of 1)
<melvin@example.com>... Connecting to smtp.atlanticbb.net. via relay...
220 ECHO Labs SMTP Service - MX02
>>> EHLO myserver.com
250-BL-206 says EHLO to 72.45.13.244:2430
250-8BITMIME
250-PIPELINING
250-AUTH=LOGIN
250-AUTH LOGIN
250 ENHANCEDSTATUSCODES
>>> AUTH LOGIN
334 VXNlcm4hcWU6
>>> bW9vbnBvbW40
334 UGFzc2dvdmQ6
>>> MVN0b2A1Njd=
235 Authed. Go on.
>>> MAIL From:<jsmith@myserver.com>
250 MAIL FROM accepted
>>> RCPT To:<melvin@example.com>
>>> DATA
250 Recipient Accepted - Will relay per rbIP
354 continue.  finished with "\r\n.\r\n"
>>> .
250 OK D4/2C-23466-1B9EC184
<melvin@example.com>... Sent (OK D4/2C-23466-1B9EC184)
Closing connection to smtp.atlanticbb.net.
>>> QUIT
221 BL-206 closing connection

[/network/email/sendmail] permanent link

Alpine on CentOS

I've been using Pine from the University of Washington as my email client for a long time. Pine is an acronym for Program for Internet News & Email. But Pine is no longer under development. The University of Washington has developed a successor package, Alpine, which it has released under the Apache License. When I set up a CentOS 5.1 system, I decided to install Alpine on it.

Alpine is available through RPMForge, a repository for Linux packages in the RPM format. To install Alpine, I downloaded the rpmforge-release package from RPMforge/Using and then installed it with rpm.

# rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

That placed two new files, mirrors-rpmforge and rpmforge.repo in /etc/yum.repos.d. I installed the yum-priorities plugin as described in RPMForge Packages and Yum Priorites and set the RPMForge repository to a lower priority than the default CentOS repository.

I installed Alpine with yum install alpine.

1. Alpine E-Mail Client Released -- Don't Call it a Comeback
   By Michael Calore
   December 21, 2007
   Wired Blogs
2. Alpine Messaging System
   University of Washington
3. RPMForge

[/network/email/clients/alpine] permanent link

RPMForge Packages and Yum Priorites

I wanted to be able to use yum to install packages from the RPMForge repository. Instructions for installing RPMForge support on a CentOS Linux system can be found at Installing RPMforge.

First, install the yum-priorities package with yum install yum-priorities. This plugin allows repositories to have different priorities. Packages in a repository with a lower priority can't be overridden by packages from a repository with a higher priority even if the repository with the higher priority has a later version of the package. As the Installing RPMForge webpage states you should "Beware that some packages are newer than the official CentOS version and you should not blindly install those packages. Before you replace a CentOS package you should make sure that will not break anything important. In most cases you can revert any mistakes but it is best to avoid the mess." By usng the yum-priorities plugin, you help avoid that problem.

Next verify that yum-priorities is enabled by ensuring that the following lines are present in /etc/yum/pluginconf.d/priorities.conf :

[main]
enabled = 1

The yum repository information is stored in /etc/yum.repos.d.

cd /etc/yum.repos.d
# ls -l
total 16
-rw-r--r-- 1 root root 2049 Nov 22 20:32 CentOS-Base.repo
-rw-r--r-- 1 root root  622 Nov 22 20:32 CentOS-Media.repo

I added priority=1 as the last line in the following sections of CentOS-Base.repo:

[base]
[updates]
[extras]

I added priority=2 as the last line in the [centosplus] section, which now contains the following lines:

[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
priority=2

I installed the rpmforge-release package with rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm, which created two new files mirrors-rpmforge and rpmforge.repo in /etc/yum.repos.d. I edited rpmforge.repo and added priority = 11 at the end of the file.

Repositories with lower priority numbers are considered to have a higher priority than than those with higher numbers. E.g. if repository A has priority=4 associated with it while repository B has priority=5 associated with it, repository A has a higher priority than repository B.

References:

1. Installing RPMForge
   CentOS Wiki
2. yum-plugin-priorities
   CentOS Wiki

[/os/unix/linux/centos] permanent link