/var/net/sys/admin/blog
| More

1. Wonder why you can’t send email from your linux server?

2. Is your mail server or 3rd party email hosting provider requires authentication for your outgoing server to send out emails successfully?

3. Are you using a default sendmail email client on your linux box and wonder why your getting maillog errors such as this:

——-sample sendmail maillog error from my nagios server—————
Oct  2 17:03:54 nms sendmail[25657]: n9293qiw025655: to=<nagios@freelinuxtutorials.com>,

ctladdr=<root@nms.freelinuxtutorials.com> (0/0), dela0928, relay=smtp.freelinuxtutorials.com.

[216.200.145.17], dsn=5.1.1, stat=User unknown
Oct  2 17:03:54 nms sendmail[25657]: n9293qiw025655: n9293siw025657: DSN: User unknown
Oct  2 17:03:54 nms sendmail[25657]: n9293siw025657: to=<root@nms.freelinuxtutorials.com>,

delay=00:00:00, xdelay=00:00:00, mailer=local
Oct  2 17:07:24 nms sendmail[25953]: n9297NHS025953: from=root, size=0,, nrcpts=0,

relay=root@localhost
Oct  2 17:08:22 nms sendmail[26153]: n9298Ml4026153: from=nagios, size=462,, nrcpts=1,

msgid=<200910020908.n9298Ml4026153@
Oct  2 17:08:22 nms sendmail[26154]: n9298Me6026154: from=<nagios@nms.freelinuxtutorials.com>, size=720,

class=0, nrcpts=1, msgid=<20091oto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1] (may be forged)

——————————————

4. Is your Sendmail as your default MTA cannot send out emails to a mail server authenticated SMTP?

If you have these four(4) issues, then you need to set your Sendmail as SMTP AUTH client

Here’s how to do it:

1. On a RPM based distro such as Fedora, CentOS or RHEL, the default locations of sendmail configuration

files are in /etc/mail.

Important config files as follow:
a. sendmail.cf
b. sendmail.mc
c. access
d. authinfo
e. trusted users
f. mailertable
g. virtusertable

Issue the command :

[root@nms mail]# sendmail -d0.1 -bv
Version 8.14.3
Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
TCPWRAPPERS USERDB USE_LDAP_INIT

============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = nms
(canonical domain name) $j = nms.freelinuxtutorials.com
(subdomain name) $m = freelinuxtutorials.com
(node name) $k = nms.freelinuxtutorials.com
========================================================

Recipient names must be specified

As you can see above, your sendmail have SASL and STARTTLS, which are requirement for client usage

2. Add an MX record lookup on your sendmail.mc config for the smart host
Ex:

define(`SMART_HOST’, `smtp.freelinuxtutorials.com’)

This is to define specifically the SMTP server you want your server to communicate with

3. Configure sendmail.mc for “authinfo”.

FEATURE(`authinfo’,`hash /etc/mail/authinfo.db’)

4. Configure lines in the sendmail.mc if there’s certificate related entries (Optional). You can just
take out the  “dn1” prefix to uncomment

dnl define(`confCACERT_PATH’, `/etc/pki/tls/certs’)dnl
dnl define(`confCACERT’, `/etc/pki/tls/certs/ca-bundle.crt’)dnl
dnl define(`confSERVER_CERT’, `/etc/pki/tls/certs/sendmail.pem’)dnl
dnl define(`confSERVER_KEY’, `/etc/pki/tls/certs/sendmail.pem’)dnl

5. You can leave this as default if it is not required
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
dnl define(`confAUTH_MECHANISMS’, `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl

6. Configure an “authinfo”, the credentials to login should be define here.
Let say you have an email address
darwin@freelinuxtutorials.com with password “iwashere”, then line should look like this

AuthInfo:smtp.freelinuxtutorials.com “U:nagios” “I:darwin@freelinuxtutorials.com” “P:iwashere” “M:LOGIN

PLAIN”

7. Make the authinfo.db by invoking this command

makemap hash /etc/mail/authinfo < /etc/mail/authinfo

8. the command “m4” should be use to create sendmail.cf from a modified sendmail.mc config, such as this

m4 sendmail.mc > sendmail.cf

9. Restart sendmail service

service sendmail restart

or

/etc/init.d/sendmail restart

10. Check your logs (/etc/maillog) or (/var/log/maillog) to see for errors or warnings. You can use tail command to see the output

#tail -f /var/log/maillog

Testing:

1. Run a map test to verify that the authinfo db is correctly setup and being address to sendmail config

[root@nms mail]# echo ‘/map authinfo AuthInfo:smtp.freelinuxtutorials.com’ | /usr/sbin/sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> map_lookup: authinfo (AuthInfo:smtp.freelinuxtutorials.com) returns “U:nagios”

“I:darwin@freelinuxtutorials.com” “P:iwashere” “M:LOGIN PLAIN” (0) >

2. Send a test mail and check the logs.

A successful log as follows:

Oct  2 17:10:02 nms sendmail[26348]: n929A23w026348: to=nagios@freelinuxtutorials.com, ctladdr=nagios

(502/502), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30477, relay=[127.0.0.1] [127.0.0.1],

dsn=2.0.0, stat=Sent (n929A2BT026349 Message accepted for delivery)

Extra tip: You can set your SMTP log level to 20 for debugging purposes
in sendmail.mc:

define(`confLOG_LEVEL’, `20′)dnl

A sample log will give something like this:

11:17:21 totsp sendmail[27587]: n1338jTQ388214: MAIL From: SIZE=29 AUTH=root@nms.freelinuxtutorials.com

Just drop a comment if you have clarifications. Enjoy!

Share

17 Responses to “Configure Sendmail for SMTP Authentication”

  1. sendmail client with AUTH - The UNIX and Linux Forums

    on February 7 2012

    […] The smtp server need SMTP AUTH in order to send email with SMTP. I configure and follow this link . Sendmail as SMTP Authentication | Free Linux Tutorials I try to send email using sendmail to this smtp server but failure with AUTH . [root@localhost […]

  2. mahi

    on April 6 2012

    I have facing issue of dsn=5.6.0, stat=Data format error
    Apr 6 15:40:19 sendmail[15823]: q36AAH8l015821: q36AAJ8l015823: DSN: Data format error.

    Why such error come.

    Any pointers will be helpful.

    Thanks,
    Mahesh Shinde.

  3. freelinu

    on April 7 2012

    hi mahi,
    this error somehow tells that the source has an invalid domain name
    mostly that error is related to DNS…
    pls. check your /etc/hosts file or DNS 🙂

  4. Linux Topics – Tutorials « Zeeshan Ahmad Bhatti

    on December 29 2012

    […] Configure Sendmail for SMTP Authentication […]

  5. Horatio

    on April 7 2013

    I’ve had authenticated mail working with my mail provider for a while.
    Recently, the mail provider has introduced SSL in conjunction with the existing authentication.
    Do you have any experience of configuring this? I’ve tried what seems like umpteen setups and still no joy. I’m currently getting a ‘dsn 5.1.1 – user unknown’.
    I’m running Fedora 16, and sendmail has SSL compiled in.

    Any thoughts on what the config should look like?

  6. sachin

    on May 7 2013

    Hi,

    Is it possible to use authentication via client certificates only and not using username/password?

    Is it possible?

    regards

  7. sachin

    on May 7 2013

    Why do we need the authinfo when we are using the certificates for authentication?

  8. Dhanabalan

    on July 20 2018

    Hi great, i have used this help, its works, thanks

  9. independent home valuation

    on August 3 2018

    I ϲouldn’t resist commenting. Verʏ well written!

  10. Maynard

    on August 9 2018

    Please let me know if уou’re looking for a author fߋr your site.
    Yoᥙ һave some really great articles and I feel I woulԁ be a ɡood asset.
    If ʏou evwr want to take some of thе load off, I’d really lіke to write ѕome articlles fⲟr yоur blog in eexchange f᧐r a link bafk tо
    mine. Pⅼease shoot mе an e-mail if interested.
    Many thanks!

  11. DTCDXEOILPNLHPIBQUC

    on September 1 2018

    Definitely, what a fantastic blog and revealing posts, I will bookmark your site.All the Best!

  12. NWUVYJBHHPWYXVKQQC

    on September 1 2018

    Excellent post. I was checking constantly this blog and I’m impressed! Very useful info specially the last part 🙂 I care for such information much. I was seeking this particular information for a long time. Thank you and good luck.

  13. Https://enflaca.me/alimentos-transgenicos/

    on October 20 2018

    https://enflaca.me/alimentos-transgenicos/

    Sendmail as SMTP Authentication | Free Linux Tutorials

  14. Gregory

    on November 2 2018

    Wow, superb weblog layout! Ꮋow lengthy һave
    you eνeг been running a blog for? ʏⲟu made blogging ⅼоok easy.

    The total glance of y᧐ur site is fantastic,
    ⅼet ɑlone the content material!

  15. Ilse

    on November 2 2018

    I like tһe helpful informatiߋn yoᥙ provide to your
    articles. Ӏ’ll bookmaark ʏour blog and test gain rigһt heгe
    regularly. I am qᥙite certɑin I wіll be toⅼd a lot of new stuff proper here!

    Good luck for tһe foⅼlowing!

  16. Groat Road Service

    on November 2 2018

    It’s а pity yoᥙ don’t haνe a donate button!
    І’d certainly donate to tһis fantastic blog! I guess for noԝ i’ll settle for book-marking
    and adding yoᥙr RSS feed to my Google account.
    I lоok forward to neᴡ upodates and will share this website with my Facebook group.
    Chaat ѕoon!

  17. Lenora

    on November 3 2018

    I amm in fact delighhted tо glance at thiѕ blog posts wich conzists off plenty оf hrlpful
    facts, thanks for providing ѕuch statistics.

Comment RSS · TrackBack URI

Leave a comment

Name: (Required)

E-mail: (Required)

Website:

Comment:

 

About FLT

This site is dedicated to everyone who likes to learn and explore the beautiful world of Linux. If you have comments and suggestions, please feel free to email at freelinuxtutorials@gmail.com. I am happy to serve and share things esp. that is free and enjoyable as Linux.