[ale] sendmail relay to gmail smtp server

Jay Lozier jslozier at gmail.com
Tue Dec 27 16:47:21 EST 2011


Harry

On 12/27/2011 11:25 AM, Harry Putnam wrote:
> First let me say, I'm not interested in switching mta's, in case
> someone wants to post the common response to sendmail
> questions... `Hey switch to SOME MTA, its much easier'.
>
> I want to use gmails' smtp server as Smart Host for my single user
> debian box running sendmail-8.14.4
>
> I'm hooked up to an ISP called direcpath.tv in Atlanta that uses gmail
> smtp servers for its clients with addresses like reader at direcpath.tv
>
> They have terrible to non-existent support and no support of linux/sendmail
>
> They use smtp.gmail.com But before I get into the extra complication
> of their direcpath.tv overlay, and since I do have a normal gmail
> account I thought I'd first try to get the authentication for smtp
> working for that username.  hputnam3 at gmail.com
>
> So after dozens of small edits and restarts and makemaps ... cutting
> to the chase:
>
> /etc/mail/authinfo
>
> (password obfuscated)
> ,----
> | Athinfo:smtp.gmail.com "U:root" "I:hputnam3 at gmail.com" "P:??XX??" "M: LOGIN PLAIN"
> | Athinfo:smtp.gmail.com:587 "U:root" "I:hputnam3 at gmail.com" "P:??XX??" "M: LOGIN PLAIN"
> `----
>
> -------        ---------       ---=---       ---------      --------
>
> And I think what are the most relevant sendmail.mc settings (the whole
> *mc is inlined at the end).
>
> /etc/mail/sendmail.mc
>
> ,----
> | define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
> | define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
> |
> | FEATURE(`authinfo', `hash /etc/mail/authinfo')dnl
> |
> | define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> | TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> |
> | define(`SMART_HOST',`smtp.gmail.com')dnl
> `----
>
> (And for the record, I did try bracketing the Smart Host like:
>   define(`SMART_HOST',`[smtp.gmail.com]')dnl)
>
> I have some old masquerade settings that I doubt are causing a
> problem. I do have an account with them too.  I think the error would
> be different if they were causing problems, but here those are:
>
> (Note, that removing those only gets the same error messages)
> ,----
> | MASQUERADE_AS(`newsguy.com')dnl
> | FEATURE(`allmasquerade')dnl
> | FEATURE(`masquerade_envelope')dnl
> | dnl # [HP 111006_211813  Testing local_no_masquerade #]dnl
> | FEATURE(`local_no_masquerade')dnl
> `----
>
> -------        ---------       ---=---       ---------      --------
>
> Relevant verbose smtp logs:
> ,----
> | 050>>>  EHLO reader.local.lan
> | 050 250-mx.google.com at your service, [65.50.57.227]
> | 050 250-SIZE 35882577
> | 050 250-8BITMIME
> | 050 250-AUTH LOGIN PLAIN XOAUTH
> | 050 250 ENHANCEDSTATUSCODES
> | 050>>>  MAIL From:<reader at newsguy.com>  SIZE=563 AUTH=<>
> | 050 530-5.5.1 Authentication Required. Learn more at
> | 050 530 5.5.1 http://mail.google.com/support/bin/answer.py?answer=14257 py4sm63515568igc.2
> `----
>
> The `learn more' address give just above is not all that helpfull.
>
> -------        ---------       ---=---       ---------      --------
>
> I think these are the sendmail logs that contain the relevant error:
>
> (I'm not sure if the `verify=FAIL' means what it suggests)
>
> ,----
> | Dec 26 21:41:38 reader sm-mta[24243]: STARTTLS=client,
> | relay=smtp.gmail.com, version=TLSv1/SSLv3, verify=FAIL,
> | cipher=RC4-SHA, bits=128/12
> |
> | Dec 26 21:41:38 reader sm-mta[24243]: pBR2fbLX024243:
> |   to=<reader at newsguy.com>, ctladdr=<reader at reader.local.lan>
> |   (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30563,
> |   relay=smtp.gmail.com [209.85.225.109], dsn=5.0.0,
> |   stat=Service unavailable
> |
> | Dec 26 21:41:38 reader sm-mta[24243]: pBR2fbLX024243: pBR2fbLY024243: DSN: Service unavailable
> `----
>
> -------        ---------       ---=---       ---------      --------
>
> Full sendmail.mc
>
> divert(-1)dnl
> divert(0)dnl
> define(`_USE_ETC_MAIL_')dnl
> include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
> VERSIONID(`$Id: current.mc,v 1.13 2011/12/26 17:38:01 reader Exp $')
> OSTYPE(`debian')dnl
> DOMAIN(`debian-mta')dnl
> undefine(`confHOST_STATUS_DIRECTORY')dnl        #DAEMON_HOSTSTATS=
>
> define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
> define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
>
> FEATURE(`authinfo', `hash /etc/mail/authinfo')dnl
> FEATURE(`access_db',`hash -T<TMPF>  /etc/mail/access.db')dnl
> define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`SMART_HOST',`smtp.gmail.com')dnl
> FEATURE(`access_db',`hash -T<TMPF>  /etc/mail/access.db')dnl
>
> FEATURE(`no_default_msa')dnl
> DAEMON_OPTIONS(`Family=inet,  Name=MTA-v4, Port=smtp, Addr=127.0.0.1')dnl
> DAEMON_OPTIONS(`Family=inet,  Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl
> define(`confPRIVACY_FLAGS', `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
> define(`confCONNECTION_RATE_THROTTLE', `15')dnl
> define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
> FEATURE(`use_cw_file')dnl
> FEATURE(`greet_pause', `1000')dnl 1 seconds
> FEATURE(`delay_checks', `friend', `n')dnl
> define(`confBAD_RCPT_THROTTLE',`3')dnl
> FEATURE(`conncontrol', `nodelay', `terminate')dnl
> FEATURE(`ratecontrol', `nodelay', `terminate')dnl
> include(`/etc/mail/m4/dialup.m4')dnl
> include(`/etc/mail/m4/provider.m4')dnl
>
> FEATURE(`always_add_domain')dnl
> MASQUERADE_AS(`newsguy.com')dnl
> FEATURE(`allmasquerade')dnl
> FEATURE(`masquerade_envelope')dnl
> FEATURE(`local_no_masquerade')dnl
>
> EXPOSED_USER(`root')dnl
>
> MAILER_DEFINITIONS
> MAILER(`local')dnl
> MAILER(procmail)dnl
> MAILER(`smtp')dnl
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
Using Gmail direct (settings from Thunderbird)
     pop settings - port: 995; pop: mail pop.googlemail.com; security: 
SSL/TLS; Authentication: normal password
     smtp settings - port: 465; smtp: smtp.googlemail.com; security: 
SSL/TLS; Authentication: normal password

-- 
Jay Lozier
jslozier at gmail.com



More information about the Ale mailing list