[ale] sendmail relay to gmail smtp server

Harry Putnam reader at newsguy.com
Tue Dec 27 11:25:53 EST 2011


First let me say, I'm not interested in switching mta's, in case
someone wants to post the common response to sendmail
questions... `Hey switch to SOME MTA, its much easier'.

I want to use gmails' smtp server as Smart Host for my single user
debian box running sendmail-8.14.4

I'm hooked up to an ISP called direcpath.tv in Atlanta that uses gmail
smtp servers for its clients with addresses like reader at direcpath.tv

They have terrible to non-existent support and no support of linux/sendmail

They use smtp.gmail.com But before I get into the extra complication
of their direcpath.tv overlay, and since I do have a normal gmail
account I thought I'd first try to get the authentication for smtp
working for that username.  hputnam3 at gmail.com

So after dozens of small edits and restarts and makemaps ... cutting
to the chase:

/etc/mail/authinfo

(password obfuscated)
,----
| Athinfo:smtp.gmail.com "U:root" "I:hputnam3 at gmail.com" "P:??XX??" "M: LOGIN PLAIN"
| Athinfo:smtp.gmail.com:587 "U:root" "I:hputnam3 at gmail.com" "P:??XX??" "M: LOGIN PLAIN"
`----

-------        ---------       ---=---       ---------      -------- 

And I think what are the most relevant sendmail.mc settings (the whole
*mc is inlined at the end).

/etc/mail/sendmail.mc

,----
| define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
| define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
| 
| FEATURE(`authinfo', `hash /etc/mail/authinfo')dnl 
| 
| define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
| TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
| 
| define(`SMART_HOST',`smtp.gmail.com')dnl
`----

(And for the record, I did try bracketing the Smart Host like:
 define(`SMART_HOST',`[smtp.gmail.com]')dnl)

I have some old masquerade settings that I doubt are causing a
problem. I do have an account with them too.  I think the error would
be different if they were causing problems, but here those are:

(Note, that removing those only gets the same error messages)
,----
| MASQUERADE_AS(`newsguy.com')dnl
| FEATURE(`allmasquerade')dnl
| FEATURE(`masquerade_envelope')dnl
| dnl # [HP 111006_211813  Testing local_no_masquerade #]dnl
| FEATURE(`local_no_masquerade')dnl
`----

-------        ---------       ---=---       ---------      -------- 

Relevant verbose smtp logs:
,----
| 050 >>> EHLO reader.local.lan
| 050 250-mx.google.com at your service, [65.50.57.227]
| 050 250-SIZE 35882577
| 050 250-8BITMIME
| 050 250-AUTH LOGIN PLAIN XOAUTH
| 050 250 ENHANCEDSTATUSCODES
| 050 >>> MAIL From:<reader at newsguy.com> SIZE=563 AUTH=<>
| 050 530-5.5.1 Authentication Required. Learn more at                              
| 050 530 5.5.1 http://mail.google.com/support/bin/answer.py?answer=14257 py4sm63515568igc.2
`----

The `learn more' address give just above is not all that helpfull.

-------        ---------       ---=---       ---------      -------- 

I think these are the sendmail logs that contain the relevant error:

(I'm not sure if the `verify=FAIL' means what it suggests)

,----
| Dec 26 21:41:38 reader sm-mta[24243]: STARTTLS=client,
| relay=smtp.gmail.com, version=TLSv1/SSLv3, verify=FAIL,
| cipher=RC4-SHA, bits=128/12
| 
| Dec 26 21:41:38 reader sm-mta[24243]: pBR2fbLX024243:
|   to=<reader at newsguy.com>, ctladdr=<reader at reader.local.lan>
|   (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30563,
|   relay=smtp.gmail.com [209.85.225.109], dsn=5.0.0, 
|   stat=Service unavailable
| 
| Dec 26 21:41:38 reader sm-mta[24243]: pBR2fbLX024243: pBR2fbLY024243: DSN: Service unavailable
`----

-------        ---------       ---=---       ---------      -------- 

Full sendmail.mc

divert(-1)dnl
divert(0)dnl
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: current.mc,v 1.13 2011/12/26 17:38:01 reader Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
undefine(`confHOST_STATUS_DIRECTORY')dnl        #DAEMON_HOSTSTATS=

define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl

FEATURE(`authinfo', `hash /etc/mail/authinfo')dnl 
FEATURE(`access_db',`hash -T<TMPF> /etc/mail/access.db')dnl
define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`SMART_HOST',`smtp.gmail.com')dnl
FEATURE(`access_db',`hash -T<TMPF> /etc/mail/access.db')dnl

FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MTA-v4, Port=smtp, Addr=127.0.0.1')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl
define(`confPRIVACY_FLAGS', `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`greet_pause', `1000')dnl 1 seconds
FEATURE(`delay_checks', `friend', `n')dnl
define(`confBAD_RCPT_THROTTLE',`3')dnl
FEATURE(`conncontrol', `nodelay', `terminate')dnl
FEATURE(`ratecontrol', `nodelay', `terminate')dnl
include(`/etc/mail/m4/dialup.m4')dnl
include(`/etc/mail/m4/provider.m4')dnl

FEATURE(`always_add_domain')dnl
MASQUERADE_AS(`newsguy.com')dnl
FEATURE(`allmasquerade')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`local_no_masquerade')dnl

EXPOSED_USER(`root')dnl

MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(procmail)dnl
MAILER(`smtp')dnl



More information about the Ale mailing list