Need help configuring smart_host relaying

The answer is probably staring me in the face, but I've reached the end
of my admittedly short rope.

Problem:  I need to set up my sendmail as a client to my (new) ISP's
outbound mailserver with SSL authentication.

I've created an authinfo file and authinfo.db map with the following
entry:  AuthInfo outbound.mail.ISP:465 "I:my-id" "P:password"
I've tried adding "M:LOGIN" and have added
fine(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN
PLAIN')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
to my host.mc file.

Result in all cases is I get a time-out message
stat=Deferred: Operation timed out with outbound.mail.ISP

I'll happily post my .mc file, but don't think it'd help much at this point.

Any suggestions/dope slaps would be appreciated.

Bob Melson

-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/17/2013 1:24:29 AM
comp.mail.sendmail 13472 articles. 1 followers. jfretby (35) is leader. Post Follow

37 Replies
290 Views

Similar Articles

[PageSpeed] 0

Bob Melson <amia9018@mypacks.net> wrote:
> The answer is probably staring me in the face, but I've reached the end
> of my admittedly short rope.
>
> Problem:  I need to set up my sendmail as a client to my (new) ISP's
> outbound mailserver with SSL authentication.
>
> I've created an authinfo file and authinfo.db map with the following
> entry:  AuthInfo outbound.mail.ISP:465 "I:my-id" "P:password"
> I've tried adding "M:LOGIN" and have added
> fine(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN
> PLAIN')dnl
> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> to my host.mc file.
>
> Result in all cases is I get a time-out message
> stat=Deferred: Operation timed out with outbound.mail.ISP
>
> I'll happily post my .mc file, but don't think it'd help much at this point.
>
> Any suggestions/dope slaps would be appreciated.

Do you want SMTP authentication (login+password) 
or SSL authentication (client certificate)?

Push delivery of queued messages in verbose mode with map lookups
tracing. As root execute:
  sendmail -d38.20 -v -q

It should help you to narrow problem area.
0
anfi2 (1425)
2/17/2013 8:17:48 AM
Andrzej Adam Filip wrote:
> sendmail -d38.20 -v -q

First, the results of the command above:
strider# sendmail -d38.20 -v -q
regex_map_init: mapname 'badmx', args '-a<BADMX>
^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
^(127\.|10\.|0\.0\.0\.0)'
regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
seq_map_parse(aliases.files, )

Running /var/spool/mqueue/r1H3rvdB073817 (sequence 1 of 1)
r1H3rvdB073817: locked

I have successfully configured my browser's emailer (SeaMonkey)with
SSL/TLS connection security using a normal password and am able to send
emails through the direct connect.  I'm unable to duplicate the
"connect" via sendmail, however.  So, I *think* the answer to your
question is that I want login+password.

Thanks for your reply, above, and for any other help you might be able
to offer.

Bob Melson

-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/17/2013 6:14:41 PM
Bob Melson <amia9018@mypacks.net> wrote:
> Andrzej Adam Filip wrote:
>> sendmail -d38.20 -v -q
>
> First, the results of the command above:
> strider# sendmail -d38.20 -v -q
> regex_map_init: mapname 'badmx', args '-a<BADMX>
> ^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
> regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
> regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
> ^(127\.|10\.|0\.0\.0\.0)'
> regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
> seq_map_parse(aliases.files, )
>
> Running /var/spool/mqueue/r1H3rvdB073817 (sequence 1 of 1)
> r1H3rvdB073817: locked
>
> I have successfully configured my browser's emailer (SeaMonkey)with
> SSL/TLS connection security using a normal password and am able to send
> emails through the direct connect.  I'm unable to duplicate the
> "connect" via sendmail, however.  So, I *think* the answer to your
> question is that I want login+password.
>
> Thanks for your reply, above, and for any other help you might be able
> to offer.

[ If you can not push queened messages then ]
Try to send a new test message in verbose mode as root:

#!/bin/sh
# replace the email address in To: header below with a valid one

/usr/sbin/sendmail -d38.20 -v -oi <<END
To: john.doe@example.net
Subject: test

test
END
0
anfi2 (1425)
2/17/2013 6:54:18 PM
Andrzej Adam Filip wrote:

> 
> [ If you can not push queened messages then ]
> Try to send a new test message in verbose mode as root:
> 
> #!/bin/sh
> # replace the email address in To: header below with a valid one
> 
> /usr/sbin/sendmail -d38.20 -v -oi <<END
> To: john.doe@example.net
> Subject: test
> 
> test
> END
> 

No joy, I get:
strider# sendmail -d38.20 -v -oi <<END
? To: melsonr@earthlink.net
? Subject: test
?
? test
? END
openmap()	dequote:dequote NULL: valid
Recipient names must be specified
closemaps: closing dequote (NULL)

Part of the frustration is that the my previous ISP didn't require the
use of SSL/TLS as the connection security and the sendmail configuration
was pretty straightforward.  Silly me, I thought I could merely add the
missing bits for a secure connect and login - after all, I can do that
with my browser's mailer - and be good to go.  No such luck.  I have, to
this point, tried every combination of "mechanism" in my authinfo file
and all have timed out.  Here, by the way, is my *current* authinfo file:

AuthInfo:outbound.my.ISP:465 "U:my_addr" "I:my_addr" "P:my_password"
"M:LOGIN"

Could it be that the port specification should go elsewhere?  If so, where?

Thanks again.



-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/17/2013 7:21:14 PM
My omission/mistake

#!/bin/sh
# -bt 
# replace the email address in To: header below with a valid one

/usr/sbin/sendmail -d38.20 -Am -v -i -t <<END
To: john.doe@example.net
Subject: test
 
test
END
0
anfi2 (1425)
2/17/2013 8:36:55 PM
Andrzej Adam Filip wrote:
> My omission/mistake
> 
> #!/bin/sh
> # -bt 
> # replace the email address in To: header below with a valid one
> 
> /usr/sbin/sendmail -d38.20 -Am -v -i -t <<END
> To: john.doe@example.net
> Subject: test
>  
> test
> END
> 
OK, here are the results:

sendmail -d38.20 -Am -v -i -t <<END
? To: melsonr@earthlink.net
? Subject: test
?
? test
? END
regex_map_init: mapname 'badmx', args '-a<BADMX>
^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
^(127\.|10\.|0\.0\.0\.0)'
regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
seq_map_parse(aliases.files, )
openmap()	dequote:dequote NULL: valid
openmap()	host:host NULL: valid
getcanonname(earthlink.net), trying dns
getcanonname(earthlink.net), found
melsonr@earthlink.net... Connecting to outbound.att.net via smtp...
melsonr@earthlink.net... Deferred: Operation timed out with outbound.att.net
closemaps: closing host (NULL)
closemaps: closing dequote (NULL)

Looking at that and considering all the other evidence, it seems to me
that the problem is a timeout on the connection.  That suggests that
either the port specification is wrong in the authinfo file or that the
connection is being refused because it's not SSL/TLS.  So the questions
appear to be (1) is the port specification correct; if not where should
I specify it: or (2) how to get the SSL/TLS mechanism into sendmail.
I'll have to see what build options for SSL/TLS I have for a new build
of sendmail or see how to get them configured into the existing
sendmail.  BTW, I'm running sendmail 8.14.6 on FreeBSD 8.3/AMD64.

Thanks for your help so far.  I'm thinking it's not a simple matter,
after all.

Bob Melson



-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/17/2013 9:20:41 PM
Bob Melson <amia9018@mypacks.net> wrote:
> Andrzej Adam Filip wrote:
>> My omission/mistake
>> 
>> #!/bin/sh
>> # -bt 
>> # replace the email address in To: header below with a valid one
>> 
>> /usr/sbin/sendmail -d38.20 -Am -v -i -t <<END
>> To: john.doe@example.net
>> Subject: test
>>  
>> test
>> END
>> 
> OK, here are the results:
> [...]
> melsonr@earthlink.net... Connecting to outbound.att.net via smtp...
> melsonr@earthlink.net... Deferred: Operation timed out with outbound.att.net
> [...]
>
> Looking at that and considering all the other evidence, it seems to me
> that the problem is a timeout on the connection.  That suggests that
> either the port specification is wrong in the authinfo file or that the
> connection is being refused because it's not SSL/TLS.  So the questions
> appear to be (1) is the port specification correct; if not where should
> I specify it: or (2) how to get the SSL/TLS mechanism into sendmail.
> I'll have to see what build options for SSL/TLS I have for a new build
> of sendmail or see how to get them configured into the existing
> sendmail.  BTW, I'm running sendmail 8.14.6 on FreeBSD 8.3/AMD64.
>
> Thanks for your help so far.  I'm thinking it's not a simple matter,
> after all.

I would dare to bet that most of the hard part is behind you.

Your outgoing connections to port 25 may be blocked by a firewall.
=> you may make sendmail use another port to relay to the smart host.
[ From my location all 3 port of outbound.att.net are accessible ]

Can you telnet smtp (25), submission (587) and smtps (465) port on 
outbound.att.net?
  telnet  outbound.att.net 25
You should get smtp server greeting message except smtps case.

P.S.
How to contact another "smtp like" port  (submission) is described in
sendmail FAQ.
0
anfi2 (1425)
2/18/2013 9:26:20 AM
On 02/17/2013 03:20 PM, Bob Melson wrote:
> sendmail -d38.20 -Am -v -i -t<<END
> ? To: melsonr@earthlink.net
> ? Subject: test
> ?
> ? test
> ? END
> regex_map_init: mapname 'badmx', args '-a<BADMX>
> ^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
> regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
> regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
> ^(127\.|10\.|0\.0\.0\.0)'
> regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
> seq_map_parse(aliases.files, )
> openmap()	dequote:dequote NULL: valid
> openmap()	host:host NULL: valid
> getcanonname(earthlink.net), trying dns
> getcanonname(earthlink.net), found
> melsonr@earthlink.net... Connecting to outbound.att.net via smtp...
> melsonr@earthlink.net... Deferred: Operation timed out with outbound.att.net
> closemaps: closing host (NULL)
> closemaps: closing dequote (NULL)
>
> Looking at that and considering all the other evidence, it seems to me
> that the problem is a timeout on the connection.  That suggests that
> either the port specification is wrong in the authinfo file or that the
> connection is being refused because it's not SSL/TLS.  So the questions
> appear to be (1) is the port specification correct; if not where should
> I specify it: or (2) how to get the SSL/TLS mechanism into sendmail.
> I'll have to see what build options for SSL/TLS I have for a new build
> of sendmail or see how to get them configured into the existing
> sendmail.  BTW, I'm running sendmail 8.14.6 on FreeBSD 8.3/AMD64.

It's a lot easier to use port 587 (submission) than port 465(smtps).  A
connection on port 587 starts in the clear and immediately uses STARTTLS
to switch to encrypted if the remote server supports that, and sendmail
will handle that automagically.  A connection on port 465 must use SSL
for the initial connection, and sendmail _cannot_ do that by itself.

If you cannot use port 587 and must use port 465, I can tell you how to
do that (it's fairly complex -- uses stunnel to carry the connection),
but it certainly shouldn't be your first choice.

-- 
Bob Nichols         AT comcast.net I am "RNichols42"
0
2/18/2013 4:00:44 PM
Andrzej Adam Filip wrote:

> I would dare to bet that most of the hard part is behind you.
> 
> Your outgoing connections to port 25 may be blocked by a firewall.
> => you may make sendmail use another port to relay to the smart host.
> [ From my location all 3 port of outbound.att.net are accessible ]
> 
> Can you telnet smtp (25), submission (587) and smtps (465) port on 
> outbound.att.net?
>   telnet  outbound.att.net 25
> You should get smtp server greeting message except smtps case.
> 
> P.S.
> How to contact another "smtp like" port  (submission) is described in
> sendmail FAQ.
> 
telnet to outbound.my.ISP 25 just hangs.
telnet to outbound.my.ISP 587 responds with the expected "220" message
telnet to outbound.my.ISP 465 responds with a "connected" message but no
"220"

I'll have to check the FAQ out.

Thanks again for your help.

Bob Melson


-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/18/2013 4:50:59 PM
Robert Nichols wrote:
> On 02/17/2013 03:20 PM, Bob Melson wrote:
>> sendmail -d38.20 -Am -v -i -t<<END
>> ? To: melsonr@earthlink.net
>> ? Subject: test
>> ?
>> ? test
>> ? END
>> regex_map_init: mapname 'badmx', args '-a<BADMX>
>> ^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
>> regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
>> regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
>> ^(127\.|10\.|0\.0\.0\.0)'
>> regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
>> seq_map_parse(aliases.files, )
>> openmap()    dequote:dequote NULL: valid
>> openmap()    host:host NULL: valid
>> getcanonname(earthlink.net), trying dns
>> getcanonname(earthlink.net), found
>> melsonr@earthlink.net... Connecting to outbound.att.net via smtp...
>> melsonr@earthlink.net... Deferred: Operation timed out with
>> outbound.att.net
>> closemaps: closing host (NULL)
>> closemaps: closing dequote (NULL)
>>
>> Looking at that and considering all the other evidence, it seems to me
>> that the problem is a timeout on the connection.  That suggests that
>> either the port specification is wrong in the authinfo file or that the
>> connection is being refused because it's not SSL/TLS.  So the questions
>> appear to be (1) is the port specification correct; if not where should
>> I specify it: or (2) how to get the SSL/TLS mechanism into sendmail.
>> I'll have to see what build options for SSL/TLS I have for a new build
>> of sendmail or see how to get them configured into the existing
>> sendmail.  BTW, I'm running sendmail 8.14.6 on FreeBSD 8.3/AMD64.
> 
> It's a lot easier to use port 587 (submission) than port 465(smtps).  A
> connection on port 587 starts in the clear and immediately uses STARTTLS
> to switch to encrypted if the remote server supports that, and sendmail
> will handle that automagically.  A connection on port 465 must use SSL
> for the initial connection, and sendmail _cannot_ do that by itself.
> 
> If you cannot use port 587 and must use port 465, I can tell you how to
> do that (it's fairly complex -- uses stunnel to carry the connection),
> but it certainly shouldn't be your first choice.
> 
OK, I *can* see port 587 on outbound.att.net (telnet returns the
expected "220" greeting); telnet on 465 gives a "connected to" return
but no "220".

The reason I'm battling with 465 is that that's what AT&T *told* me to
use for outbound emails - not something I'd do on my own, believe me.
I've never used STARTTLS before and would appreciate the hand holding
you offer above.

Question:  you say that 587 starts in the clear but shifts to STARTTLS
if the remote server requires it.  That suggests I'd have to have all
the certificates/keys/etc already configured on my side.  Assuming that
to be true, can I reasonably "get away with" self-certification?

Thanks for your comments and any help you might be able to provide

Bob Melson

-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/18/2013 5:00:58 PM
Bob Melson <amia9018@mypacks.net> wrote:
> [...]
> Question:  you say that 587 starts in the clear but shifts to STARTTLS
> if the remote server requires it.  
> That suggests I'd have to have all the certificates/keys/etc already
> configured on my side.  Assuming that to be true, can I reasonably
> "get away with" self-certification?
>
> Thanks for your comments and any help you might be able to provide

AFAIK most servers offering SSL/STARTTLS do not require _client_
certificates => most likely you will not need a certificate for
_outgoing_ connections.

Sendmail FAQ
3.39 How do I send using an alternate port?

Connections to SMART_HOST by default use relay mailer but you may
specify it directly -> IMHO it is a "better style" for modified relay
mailer.

define(`SMART_HOST',`relay:outbound.example.net')
0
anfi2 (1425)
2/18/2013 7:30:06 PM
In article <6PydnWm_EdfXw7_MnZ2dnUVZ_qqdnZ2d@earthlink.com>, Bob Melson says...
>The reason I'm battling with 465 is that that's what AT&T *told* me to
>use for outbound emails - not something I'd do on my own, believe me.
>I've never used STARTTLS before and would appreciate the hand holding
>you offer above.
>
>Question:  you say that 587 starts in the clear but shifts to STARTTLS
>if the remote server requires it.  That suggests I'd have to have all
>the certificates/keys/etc already configured on my side.  Assuming that
>to be true, can I reasonably "get away with" self-certification?

It's only the use of port 465 for outgoing mail that gets complicated.

You don't need to set up anything beyond your authinfo in order to use
port 587. The use of STARTTLS is automatic, in fact you would have to
do something special to avoid it. Your authinfo is what identifies you
to the server. No certificate is required. Just specify the port number
in your *_MAILER_ARGS, set up your authinfo, and you're good to go.

    define(`RELAY_MAILER_ARGS',`TCP $h 587')dnl
    define(`ESMTP_MAILER_ARGS',`TCP $h 587')dnl
    define(`SMART_HOST', `smtp.wherever.which')dnl
    FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl

and in /etc/mail/auth/client-info:
    AuthInfo:smtp.wherever.what "U:root" "I:myIDatISP" "P:mypassword"

-- 
Bob Nichols AT comcast.net I am "RNichols42"

0
2/18/2013 7:46:38 PM
Robert Nichols wrote:
> On 02/17/2013 03:20 PM, Bob Melson wrote:
>> sendmail -d38.20 -Am -v -i -t<<END
>> ? To: melsonr@earthlink.net
>> ? Subject: test
>> ?
>> ? test
>> ? END
>> regex_map_init: mapname 'badmx', args '-a<BADMX>
>> ^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
>> regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
>> regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
>> ^(127\.|10\.|0\.0\.0\.0)'
>> regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
>> seq_map_parse(aliases.files, )
>> openmap()    dequote:dequote NULL: valid
>> openmap()    host:host NULL: valid
>> getcanonname(earthlink.net), trying dns
>> getcanonname(earthlink.net), found
>> melsonr@earthlink.net... Connecting to outbound.att.net via smtp...
>> melsonr@earthlink.net... Deferred: Operation timed out with
>> outbound.att.net
>> closemaps: closing host (NULL)
>> closemaps: closing dequote (NULL)
>>
>> Looking at that and considering all the other evidence, it seems to me
>> that the problem is a timeout on the connection.  That suggests that
>> either the port specification is wrong in the authinfo file or that the
>> connection is being refused because it's not SSL/TLS.  So the questions
>> appear to be (1) is the port specification correct; if not where should
>> I specify it: or (2) how to get the SSL/TLS mechanism into sendmail.
>> I'll have to see what build options for SSL/TLS I have for a new build
>> of sendmail or see how to get them configured into the existing
>> sendmail.  BTW, I'm running sendmail 8.14.6 on FreeBSD 8.3/AMD64.
> 
> It's a lot easier to use port 587 (submission) than port 465(smtps).  A
> connection on port 587 starts in the clear and immediately uses STARTTLS
> to switch to encrypted if the remote server supports that, and sendmail
> will handle that automagically.  A connection on port 465 must use SSL
> for the initial connection, and sendmail _cannot_ do that by itself.
> 
> If you cannot use port 587 and must use port 465, I can tell you how to
> do that (it's fairly complex -- uses stunnel to carry the connection),
> but it certainly shouldn't be your first choice.
> 
OK, having tried all the variations suggested WRT port 587, I'm still at
the point where I get a timeout on the connect to outbound.att.net, as
shown above
Here's my .mc file:
divert(-1)
include(`/usr/local/share/sendmail/cf/m4/cf.m4')
dnl include(`/usr/share/sendmail/cf/m4/cf.m4')
define(`confDEF_USER_ID',``8:14'')
VERSIONID(`freebsd strider.rgmhome.net')
dnl Cwstrider.rgmhome.net localhost rgmhome.homeunix.net
strider.homeunix.net
OSTYPE(`bsd4.4')
undefine(`UUCP_RELAY')
undefine(`BITNET_RELAY')
define(`confEBINDIR',`/usr/local/libexec')dnl
dnl define(`confEBINDIR',`/usr/libexec')dnl
FEATURE(virtusertable)
FEATURE(always_add_domain)
dnl FEATURE(use_cw_file)
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
FEATURE(nocanonify)
FEATURE(nouucp,`reject')
define(`confTO_QUEUEWARN', `5m')
dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')dnl
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(relay_hosts_only)
FEATURE(`access_db')dnl
FEATURE(`block_bad_helo')dnl
strider.mc: unmodified: line 1
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
FEATURE(nocanonify)
FEATURE(nouucp,`reject')
define(`confTO_QUEUEWARN', `5m')
dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')dnl
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(relay_hosts_only)
FEATURE(`access_db')dnl
FEATURE(`block_bad_helo')dnl
FEATURE(`badmx')dnl
FEATURE(`greet_pause',`3000')dnl
FEATURE(`require_rdns')dnl
FEATURE(`local_procmail')dnl
FEATURE(`delay_checks')dnl
FEATURE(blacklist_recipients)
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')
FEATURE(redirect)
MASQUERADE_AS(`att.net')
MASQUERADE_DOMAIN(`strider.rgmhome.net')
FEATURE(allmasquerade)
FEATURE(masquerade_entire_domain)
FEATURE(masquerade_envelope)
FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl
FEATURE(local_lmtp)
FEATURE(`accept_unresolvable_domains')
FEATURE(dnsbl, `ipwhois.rfc-ignorant.org',`"550 Mail from "
$&{client_addr} " refused. Rejected for bad WHOIS info on IP of your
SMTP server
 - see http://www.rfc-ignorant.org/"')
FEATURE(`enhdnsbl',`bl.spamcop.net',`554 SPAM Blocked; see
http://spamcop.net/bl.shtml?$&{client_addr}')
FEATURE(`enhdnsbl',`dnsbl.njabl.org',`"550 Mail from host
"$&{client_addr}" delivery refused -- see
http://njabl.org/"',`',`127.0.0.2',`127.
0.0.4',`127.0.0.8',`127.0.0.9')dnl
FEATURE(`enhdnsbl',`zen.spamhaus.org',`',`',`127.0.0.2',`127.0.0.4',`127.0.0.5',`127.0.0.6',`127.0.0.7',`127.0.0.8',`127.0.0.10',`127.0.0.11
')dnl
FEATURE(`enhdnsbl',`cbl.abuseat.org',`',`',`127.0.0.2')dnl
MAILER(local)
MAILER(smtp)
Cwlocalhost
Cwrgmhome.net
Dmrgmhome.net
Cwrgmhome.homeunix.net
Dmrgmhome.homeunix.net
Cwstrider.homeunix.net
Dmstrider.homeunix.net
define(`confDOMAIN_NAME',`rgmhome.net')
define(RELAY_HOST, relay:outbound.att.net)
define(SMART_HOST, smtp:outbound.att.net)
dnl define(RELAY_MAILER, TCP)
define(`RELAY_MAILER_ARGS',`TCP $h 587')
define(`ESMTP_MAILER_ARGS',`TCP $h 587')
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock,
F=, T=C:15m;S:4m;R:4m;E:10m')
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name},
{if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_ENVRCPT',`r, v, Z')dnl
---- cut and paste didn't work quite as expected; ignore the line wraps,
please
And my authinfo/client-info file:
AuthInfo:outbound.att.net:587 "U:root""I:melson.r@att.net"  "P:my-password"

I get the same connection timeout for port 465, which I suppose
shouldn't be surprising since I don't have STARTTLS configured into
sendmail.  Whatever, I'm now officially at my wit's end.

I very much appreciate the help you and Andrej have given up to this
point but have to wonder where we go from here as nothing suggested
seems to have worked.

Bob Melson



-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/18/2013 9:47:56 PM
On 02/18/2013 03:47 PM, Bob Melson wrote:
[deleted]

You can't just tack things on to the end of sendmail.mc and expect it
to work.  There is a required ordering.  The general rules (from
README.cf) are that the order should be:

	VERSIONID
	OSTYPE
	DOMAIN
	FEATURE
	local macro definitions
	MAILER
	LOCAL_CONFIG
	LOCAL_RULE_*
	LOCAL_RULESETS

But, local macro definitions that affect a FEATURE() should be before
that feature.

Everything you have except the "Cw" and "Dm" local ruleset lines needs
to come _before_ the MAILER declarations,

But, if you really have a sendmail that was built without STARTTLS
support, none of this is going to work.  Note that just because you
don't have the various certs and keys defined to allow sendmail to offer
STARTTLS on incoming connections (I don't) doesn't mean that it can't
utilize that feature on an outgoing connection (Mine does).  You can see
whether "ldd /usr/lib/sendmail" lists "libcrypto.so" as one of the
libraries.

Here is a revision of your sendmail.mc with the lines ordered, I
believe, properly.  Let's see how that works.  (I think I undid all the
extraneous line wraps.)

divert(-1)
include(`/usr/local/share/sendmail/cf/m4/cf.m4')
dnl include(`/usr/share/sendmail/cf/m4/cf.m4')
define(`confDEF_USER_ID',``8:14'')
VERSIONID(`freebsd strider.rgmhome.net')
dnl Cwstrider.rgmhome.net localhost rgmhome.homeunix.net
strider.homeunix.net
OSTYPE(`bsd4.4')
undefine(`UUCP_RELAY')
undefine(`BITNET_RELAY')
define(`confEBINDIR',`/usr/local/libexec')dnl
dnl define(`confEBINDIR',`/usr/libexec')dnl
define(RELAY_HOST, relay:outbound.att.net)
define(SMART_HOST, smtp:outbound.att.net)
dnl define(RELAY_MAILER, TCP)
define(`RELAY_MAILER_ARGS',`TCP $h 587')
define(`ESMTP_MAILER_ARGS',`TCP $h 587')
FEATURE(virtusertable)
FEATURE(always_add_domain)
dnl FEATURE(use_cw_file)
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
FEATURE(nocanonify)
FEATURE(nouucp,`reject')
define(`confTO_QUEUEWARN', `5m')
dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')dnl
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(relay_hosts_only)
FEATURE(`access_db')dnl
FEATURE(`block_bad_helo')dnl
strider.mc: unmodified: line 1
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
FEATURE(nocanonify)
FEATURE(nouucp,`reject')
define(`confTO_QUEUEWARN', `5m')
dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')dnl
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(relay_hosts_only)
FEATURE(`access_db')dnl
FEATURE(`block_bad_helo')dnl
FEATURE(`badmx')dnl
FEATURE(`greet_pause',`3000')dnl
FEATURE(`require_rdns')dnl
FEATURE(`local_procmail')dnl
FEATURE(`delay_checks')dnl
FEATURE(blacklist_recipients)
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')
FEATURE(redirect)
MASQUERADE_AS(`att.net')
MASQUERADE_DOMAIN(`strider.rgmhome.net')
FEATURE(allmasquerade)
FEATURE(masquerade_entire_domain)
FEATURE(masquerade_envelope)
FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl
FEATURE(local_lmtp)
FEATURE(`accept_unresolvable_domains')
FEATURE(dnsbl, `ipwhois.rfc-ignorant.org',`"550 Mail from "$&{client_addr} " 
refused. Rejected for bad WHOIS info on IP of your SMTP server - see 
http://www.rfc-ignorant.org/"')
FEATURE(`enhdnsbl',`bl.spamcop.net',`554 SPAM Blocked; see 
http://spamcop.net/bl.shtml?$&{client_addr}')
FEATURE(`enhdnsbl',`dnsbl.njabl.org',`"550 Mail from host "$&{client_addr}" 
delivery refused -- see 
http://njabl.org/"',`',`127.0.0.2',`127.0.0.4',`127.0.0.8',`127.0.0.9')dnl
FEATURE(`enhdnsbl',`zen.spamhaus.org',`',`',`127.0.0.2',`127.0.0.4',`127.0.0.5',`127.0.0.6',`127.0.0.7',`127.0.0.8',`127.0.0.10',`127.0.0.11')dnl
FEATURE(`enhdnsbl',`cbl.abuseat.org',`',`',`127.0.0.2')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, 
T=C:15m;S:4m;R:4m;E:10m')
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, 
{if_addr}')dnl
define(`confMILTER_MACROS_ENVRCPT',`r, v, Z')dnl
MAILER(local)
MAILER(smtp)
Cwlocalhost
Cwrgmhome.net
Dmrgmhome.net
Cwrgmhome.homeunix.net
Dmrgmhome.homeunix.net
Cwstrider.homeunix.net
Dmstrider.homeunix.net
define(`confDOMAIN_NAME',`rgmhome.net')


-- 
Bob Nichols         AT comcast.net I am "RNichols42"
0
2/19/2013 1:01:34 AM
Bob:

Thanks.  Believe it or not, the .mc file worked just fine before this,
tho' I must acknowledge a clean-up was long overdue and was on my list
of things to do.

I chuck it into place and give it a shot.

Bob Melson

Bob wrote:
> On 02/18/2013 03:47 PM, Bob Melson wrote:
> [deleted]
> 
> You can't just tack things on to the end of sendmail.mc and expect it
> to work.  There is a required ordering.  The general rules (from
> README.cf) are that the order should be:
> 
>     VERSIONID
>     OSTYPE
>     DOMAIN
>     FEATURE
>     local macro definitions
>     MAILER
>     LOCAL_CONFIG
>     LOCAL_RULE_*
>     LOCAL_RULESETS
> 
> But, local macro definitions that affect a FEATURE() should be before
> that feature.
> 
> Everything you have except the "Cw" and "Dm" local ruleset lines needs
> to come _before_ the MAILER declarations,
> 
> But, if you really have a sendmail that was built without STARTTLS
> support, none of this is going to work.  Note that just because you
> don't have the various certs and keys defined to allow sendmail to offer
> STARTTLS on incoming connections (I don't) doesn't mean that it can't
> utilize that feature on an outgoing connection (Mine does).  You can see
> whether "ldd /usr/lib/sendmail" lists "libcrypto.so" as one of the
> libraries.
> 
> Here is a revision of your sendmail.mc with the lines ordered, I
> believe, properly.  Let's see how that works.  (I think I undid all the
> extraneous line wraps.)
> 
> divert(-1)
> include(`/usr/local/share/sendmail/cf/m4/cf.m4')
> dnl include(`/usr/share/sendmail/cf/m4/cf.m4')
> define(`confDEF_USER_ID',``8:14'')
> VERSIONID(`freebsd strider.rgmhome.net')
> dnl Cwstrider.rgmhome.net localhost rgmhome.homeunix.net
> strider.homeunix.net
> OSTYPE(`bsd4.4')
> undefine(`UUCP_RELAY')
> undefine(`BITNET_RELAY')
> define(`confEBINDIR',`/usr/local/libexec')dnl
> dnl define(`confEBINDIR',`/usr/libexec')dnl
> define(RELAY_HOST, relay:outbound.att.net)
> define(SMART_HOST, smtp:outbound.att.net)
> dnl define(RELAY_MAILER, TCP)
> define(`RELAY_MAILER_ARGS',`TCP $h 587')
> define(`ESMTP_MAILER_ARGS',`TCP $h 587')
> FEATURE(virtusertable)
> FEATURE(always_add_domain)
> dnl FEATURE(use_cw_file)
> dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
> FEATURE(nocanonify)
> FEATURE(nouucp,`reject')
> define(`confTO_QUEUEWARN', `5m')
> dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
> LOGIN PLAIN')dnl
> dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> FEATURE(relay_hosts_only)
> FEATURE(`access_db')dnl
> FEATURE(`block_bad_helo')dnl
> strider.mc: unmodified: line 1
> dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
> FEATURE(nocanonify)
> FEATURE(nouucp,`reject')
> define(`confTO_QUEUEWARN', `5m')
> dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
> LOGIN PLAIN')dnl
> dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> FEATURE(relay_hosts_only)
> FEATURE(`access_db')dnl
> FEATURE(`block_bad_helo')dnl
> FEATURE(`badmx')dnl
> FEATURE(`greet_pause',`3000')dnl
> FEATURE(`require_rdns')dnl
> FEATURE(`local_procmail')dnl
> FEATURE(`delay_checks')dnl
> FEATURE(blacklist_recipients)
> GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')
> FEATURE(redirect)
> MASQUERADE_AS(`att.net')
> MASQUERADE_DOMAIN(`strider.rgmhome.net')
> FEATURE(allmasquerade)
> FEATURE(masquerade_entire_domain)
> FEATURE(masquerade_envelope)
> FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl
> FEATURE(local_lmtp)
> FEATURE(`accept_unresolvable_domains')
> FEATURE(dnsbl, `ipwhois.rfc-ignorant.org',`"550 Mail from
> "$&{client_addr} " refused. Rejected for bad WHOIS info on IP of your
> SMTP server - see http://www.rfc-ignorant.org/"')
> FEATURE(`enhdnsbl',`bl.spamcop.net',`554 SPAM Blocked; see
> http://spamcop.net/bl.shtml?$&{client_addr}')
> FEATURE(`enhdnsbl',`dnsbl.njabl.org',`"550 Mail from host
> "$&{client_addr}" delivery refused -- see
> http://njabl.org/"',`',`127.0.0.2',`127.0.0.4',`127.0.0.8',`127.0.0.9')dnl
> FEATURE(`enhdnsbl',`zen.spamhaus.org',`',`',`127.0.0.2',`127.0.0.4',`127.0.0.5',`127.0.0.6',`127.0.0.7',`127.0.0.8',`127.0.0.10',`127.0.0.11')dnl
> 
> FEATURE(`enhdnsbl',`cbl.abuseat.org',`',`',`127.0.0.2')dnl
> INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock,
> F=, T=C:15m;S:4m;R:4m;E:10m')
> define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name},
> {if_name}, {if_addr}')dnl
> define(`confMILTER_MACROS_ENVRCPT',`r, v, Z')dnl
> MAILER(local)
> MAILER(smtp)
> Cwlocalhost
> Cwrgmhome.net
> Dmrgmhome.net
> Cwrgmhome.homeunix.net
> Dmrgmhome.homeunix.net
> Cwstrider.homeunix.net
> Dmstrider.homeunix.net
> define(`confDOMAIN_NAME',`rgmhome.net')
> 
> 


-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/19/2013 7:16:58 AM
Bob Melson <amia9018@mypacks.net> wrote:
> Robert Nichols wrote:
>> On 02/17/2013 03:20 PM, Bob Melson wrote:
>>> sendmail -d38.20 -Am -v -i -t<<END
>>> ? To: melsonr@earthlink.net
>>> ? Subject: test
>>> ?
>>> ? test
>>> ? END
>>> regex_map_init: mapname 'badmx', args '-a<BADMX>
>>> ^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
>>> regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
>>> regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
>>> ^(127\.|10\.|0\.0\.0\.0)'
>>> regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
>>> seq_map_parse(aliases.files, )
>>> openmap()    dequote:dequote NULL: valid
>>> openmap()    host:host NULL: valid
>>> getcanonname(earthlink.net), trying dns
>>> getcanonname(earthlink.net), found
>>> melsonr@earthlink.net... Connecting to outbound.att.net via smtp...
>>> melsonr@earthlink.net... Deferred: Operation timed out with
>>> outbound.att.net
>>> closemaps: closing host (NULL)
>>> closemaps: closing dequote (NULL)
>>>
>>> Looking at that and considering all the other evidence, it seems to me
>>> that the problem is a timeout on the connection.  That suggests that
>>> either the port specification is wrong in the authinfo file or that the
>>> connection is being refused because it's not SSL/TLS.  So the questions
>>> appear to be (1) is the port specification correct; if not where should
>>> I specify it: or (2) how to get the SSL/TLS mechanism into sendmail.
>>> I'll have to see what build options for SSL/TLS I have for a new build
>>> of sendmail or see how to get them configured into the existing
>>> sendmail.  BTW, I'm running sendmail 8.14.6 on FreeBSD 8.3/AMD64.
>> 
>> It's a lot easier to use port 587 (submission) than port 465(smtps).  A
>> connection on port 587 starts in the clear and immediately uses STARTTLS
>> to switch to encrypted if the remote server supports that, and sendmail
>> will handle that automagically.  A connection on port 465 must use SSL
>> for the initial connection, and sendmail _cannot_ do that by itself.
>> 
>> If you cannot use port 587 and must use port 465, I can tell you how to
>> do that (it's fairly complex -- uses stunnel to carry the connection),
>> but it certainly shouldn't be your first choice.
>> 
> OK, having tried all the variations suggested WRT port 587, I'm still at
> the point where I get a timeout on the connect to outbound.att.net, as
> shown above
> Here's my .mc file:
> divert(-1)
> include(`/usr/local/share/sendmail/cf/m4/cf.m4')
> dnl include(`/usr/share/sendmail/cf/m4/cf.m4')
> define(`confDEF_USER_ID',``8:14'')
> VERSIONID(`freebsd strider.rgmhome.net')
> dnl Cwstrider.rgmhome.net localhost rgmhome.homeunix.net
> strider.homeunix.net
> OSTYPE(`bsd4.4')
> undefine(`UUCP_RELAY')
> undefine(`BITNET_RELAY')
> define(`confEBINDIR',`/usr/local/libexec')dnl
> dnl define(`confEBINDIR',`/usr/libexec')dnl
> FEATURE(virtusertable)
> FEATURE(always_add_domain)
> dnl FEATURE(use_cw_file)
> dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
> FEATURE(nocanonify)
> FEATURE(nouucp,`reject')
> define(`confTO_QUEUEWARN', `5m')
> dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
> LOGIN PLAIN')dnl
> dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> FEATURE(relay_hosts_only)
> FEATURE(`access_db')dnl
> FEATURE(`block_bad_helo')dnl
> strider.mc: unmodified: line 1
> dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
> FEATURE(nocanonify)
> FEATURE(nouucp,`reject')
> define(`confTO_QUEUEWARN', `5m')
> dnl define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
> LOGIN PLAIN')dnl
> dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> FEATURE(relay_hosts_only)
> FEATURE(`access_db')dnl
> FEATURE(`block_bad_helo')dnl
> FEATURE(`badmx')dnl
> FEATURE(`greet_pause',`3000')dnl
> FEATURE(`require_rdns')dnl
> FEATURE(`local_procmail')dnl
> FEATURE(`delay_checks')dnl
> FEATURE(blacklist_recipients)
> GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')
> FEATURE(redirect)
> MASQUERADE_AS(`att.net')
> MASQUERADE_DOMAIN(`strider.rgmhome.net')
> FEATURE(allmasquerade)
> FEATURE(masquerade_entire_domain)
> FEATURE(masquerade_envelope)
> FEATURE(`authinfo', `hash /etc/mail/auth/client-info')dnl
> FEATURE(local_lmtp)
> FEATURE(`accept_unresolvable_domains')
> FEATURE(dnsbl, `ipwhois.rfc-ignorant.org',`"550 Mail from "
> $&{client_addr} " refused. Rejected for bad WHOIS info on IP of your
> SMTP server
>  - see http://www.rfc-ignorant.org/"')
> FEATURE(`enhdnsbl',`bl.spamcop.net',`554 SPAM Blocked; see
> http://spamcop.net/bl.shtml?$&{client_addr}')
> FEATURE(`enhdnsbl',`dnsbl.njabl.org',`"550 Mail from host
> "$&{client_addr}" delivery refused -- see
> http://njabl.org/"',`',`127.0.0.2',`127.
> 0.0.4',`127.0.0.8',`127.0.0.9')dnl
> FEATURE(`enhdnsbl',`zen.spamhaus.org',`',`',`127.0.0.2',`127.0.0.4',`127.0.0.5',`127.0.0.6',`127.0.0.7',`127.0.0.8',`127.0.0.10',`127.0.0.11
> ')dnl
> FEATURE(`enhdnsbl',`cbl.abuseat.org',`',`',`127.0.0.2')dnl
> MAILER(local)
> MAILER(smtp)
> Cwlocalhost
> Cwrgmhome.net
> Dmrgmhome.net
> Cwrgmhome.homeunix.net
> Dmrgmhome.homeunix.net
> Cwstrider.homeunix.net
> Dmstrider.homeunix.net
> define(`confDOMAIN_NAME',`rgmhome.net')
> define(RELAY_HOST, relay:outbound.att.net)
> define(SMART_HOST, smtp:outbound.att.net)
> dnl define(RELAY_MAILER, TCP)
> define(`RELAY_MAILER_ARGS',`TCP $h 587')
> define(`ESMTP_MAILER_ARGS',`TCP $h 587')
> INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock,
> F=, T=C:15m;S:4m;R:4m;E:10m')
> define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name},
> {if_name}, {if_addr}')dnl
> define(`confMILTER_MACROS_ENVRCPT',`r, v, Z')dnl
> ---- cut and paste didn't work quite as expected; ignore the line wraps,
> please
> And my authinfo/client-info file:
> AuthInfo:outbound.att.net:587 "U:root""I:melson.r@att.net"  "P:my-password"
>
> I get the same connection timeout for port 465, which I suppose
> shouldn't be surprising since I don't have STARTTLS configured into
> sendmail.  Whatever, I'm now officially at my wit's end.
>
> I very much appreciate the help you and Andrej have given up to this
> point but have to wonder where we go from here as nothing suggested
> seems to have worked.

Beside correcting sequence of mc lines (as suggested in another reply:

Part to replace:
define(RELAY_HOST, relay:outbound.att.net)
define(SMART_HOST, smtp:outbound.att.net)
dnl define(RELAY_MAILER, TCP)
define(`RELAY_MAILER_ARGS',`TCP $h 587')
define(`ESMTP_MAILER_ARGS',`TCP $h 587')

New Part:
define(`SMART_HOST', `relay:outbound.att.net')
define(`RELAY_MAILER_ARGS',`TCP $h 587')

[You have used unmodified smtp mailer ("smtp" mailer != "esmtp" mailer)]

P.S.
Your mc file does require cleanup anyway.
0
anfi2 (1425)
2/19/2013 8:59:49 AM
Gents,

I really am grateful for your help and interest.  Unfortunately,
however, nothing seems to work and, in fact, Bob Nichol's "revised" .mc
file broke the email system completely (nothing in, nothing out).  So,
for the moment, I'm going to shelve this and maybe come back to it at a
later date.

Many sincere thanks for your help.

Bob Melson


-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/19/2013 5:37:45 PM
Bob Melson <amia9018@mypacks.net> wrote:
> I really am grateful for your help and interest.  Unfortunately,
> however, nothing seems to work and, in fact, Bob Nichol's "revised" .mc
> file broke the email system completely (nothing in, nothing out).  So,
> for the moment, I'm going to shelve this and maybe come back to it at a
> later date.

Have you tried to merely replace smtp mailer with relay mailer in SMART_HOST?
0
anfi2 (1425)
2/19/2013 6:51:33 PM
On 02/19/2013 11:37 AM, Bob Melson wrote:
> I really am grateful for your help and interest.  Unfortunately,
> however, nothing seems to work and, in fact, Bob Nichol's "revised" .mc
> file broke the email system completely (nothing in, nothing out).  So,
> for the moment, I'm going to shelve this and maybe come back to it at a
> later date.

Looking back at that file, I find that I missed several places that the
line wrapping in what you had posted incorrectly broke, or in some cases
_joined_ lines.  Sorry about that.  If you can post or send me an
uncorrupted copy of the file, I can try again.

-- 
Bob Nichols         AT comcast.net I am "RNichols42"
0
2/19/2013 10:15:43 PM
Andrzej Adam Filip wrote:
> Bob Melson <amia9018@mypacks.net> wrote:
>> I really am grateful for your help and interest.  Unfortunately,
>> however, nothing seems to work and, in fact, Bob Nichol's "revised" .mc
>> file broke the email system completely (nothing in, nothing out).  So,
>> for the moment, I'm going to shelve this and maybe come back to it at a
>> later date.
> 
> Have you tried to merely replace smtp mailer with relay mailer in SMART_HOST?
> 
Yes, with no effect.

What seems to be the case is that I can reach the outbound server but am
failing to authenticate.  That's why I went chasing the SASL and STARTLS
rabbit.  From everything I've seen after googling for all possible
combinations of smart_host/client/authentication, it should be a piece
of cake .. except it isn't.  All the setups that work seem to go to port
587, while my provider insists on 465 and, in my innocence, I suspect
that's at the root of the problem.  Their tech support is unable to help
and I refuse to go to the pay-for-support site/service recommended
because it's both expensive and unreliable.

Thank you once again for trying to help.  I genuinely appreciate it.

Bob Melson

-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/19/2013 10:23:51 PM
Robert Nichols wrote:
> On 02/19/2013 11:37 AM, Bob Melson wrote:
>> I really am grateful for your help and interest.  Unfortunately,
>> however, nothing seems to work and, in fact, Bob Nichol's "revised" .mc
>> file broke the email system completely (nothing in, nothing out).  So,
>> for the moment, I'm going to shelve this and maybe come back to it at a
>> later date.
> 
> Looking back at that file, I find that I missed several places that the
> line wrapping in what you had posted incorrectly broke, or in some cases
> _joined_ lines.  Sorry about that.  If you can post or send me an
> uncorrupted copy of the file, I can try again.
> 

Bob,

I really do appreciate all the help you've given.  I'll forward a copy
of the .mc to your email address, tho' I expect it'll make little to no
difference.  As I told Andrej in reply to his last, I can get to the
outbound server on the *required* port 465 but am failing to
authenticate.  All the successful solutions I've found by googling for
all combinations of smart_host/authentication/client/sendmail appear to
be going to port 587, which my ISP doesn't seem to accept.  So the
problem would appear to be one of authentication.

After a last swing, I really am going to hang it up and accept what I
have - outbound from seamonkey-mailer, inbound as a pulldown using
fetchmail/sendmail/procmail.

Bob Melson

-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/19/2013 10:46:50 PM
Bob Melson <amia9018@mypacks.net> wrote:
> Andrzej Adam Filip wrote:
>> Bob Melson <amia9018@mypacks.net> wrote:
>>> I really am grateful for your help and interest.  Unfortunately,
>>> however, nothing seems to work and, in fact, Bob Nichol's "revised" .mc
>>> file broke the email system completely (nothing in, nothing out).  So,
>>> for the moment, I'm going to shelve this and maybe come back to it at a
>>> later date.
>> 
>> Have you tried to merely replace smtp mailer with relay mailer in SMART_HOST?
>> 
> Yes, with no effect.
>
> What seems to be the case is that I can reach the outbound server but am
> failing to authenticate.  That's why I went chasing the SASL and STARTLS
> rabbit.  From everything I've seen after googling for all possible
> combinations of smart_host/client/authentication, it should be a piece
> of cake .. except it isn't.  All the setups that work seem to go to port
> 587, while my provider insists on 465 and, in my innocence, I suspect
> that's at the root of the problem.  Their tech support is unable to help
> and I refuse to go to the pay-for-support site/service recommended
> because it's both expensive and unreliable.
>
> Thank you once again for trying to help.  I genuinely appreciate it.

Make sendmail send a test message in verbose mode to port 587 using the
script I have posted already.

Try to locate the next problem. The script should show:
* transcript of SMTP session (before and after STARTTLS)
* authinfo map lookup(s)
0
anfi2 (1425)
2/19/2013 10:47:46 PM
Andrzej Adam Filip wrote:
> Bob Melson <amia9018@mypacks.net> wrote:
>> Andrzej Adam Filip wrote:
>>> Bob Melson <amia9018@mypacks.net> wrote:
>>>> I really am grateful for your help and interest.  Unfortunately,
>>>> however, nothing seems to work and, in fact, Bob Nichol's "revised" .mc
>>>> file broke the email system completely (nothing in, nothing out).  So,
>>>> for the moment, I'm going to shelve this and maybe come back to it at a
>>>> later date.
>>>
>>> Have you tried to merely replace smtp mailer with relay mailer in SMART_HOST?
>>>
>> Yes, with no effect.
>>
>> What seems to be the case is that I can reach the outbound server but am
>> failing to authenticate.  That's why I went chasing the SASL and STARTLS
>> rabbit.  From everything I've seen after googling for all possible
>> combinations of smart_host/client/authentication, it should be a piece
>> of cake .. except it isn't.  All the setups that work seem to go to port
>> 587, while my provider insists on 465 and, in my innocence, I suspect
>> that's at the root of the problem.  Their tech support is unable to help
>> and I refuse to go to the pay-for-support site/service recommended
>> because it's both expensive and unreliable.
>>
>> Thank you once again for trying to help.  I genuinely appreciate it.
> 
> Make sendmail send a test message in verbose mode to port 587 using the
> script I have posted already.
> 
> Try to locate the next problem. The script should show:
> * transcript of SMTP session (before and after STARTTLS)
> * authinfo map lookup(s)
> 
OK - here's the session transcript:
sendmail -d38.20 -Am -v -i -t <<END
? To:melsonr@earthlink.net
? Subject:testing
?
? test
? END
regex_map_init: mapname 'badmx', args '-a<BADMX>
^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$'
regex_map_init: compile '^(([0-9]{1,3}\.){3}[0-9]){0,1}\.$' 0x7
regex_map_init: mapname 'BadMXIP', args '-a<BADMXIP>
^(127\.|10\.|0\.0\.0\.0)'
regex_map_init: compile '^(127\.|10\.|0\.0\.0\.0)' 0x7
seq_map_parse(aliases.files, )
openmap()	dequote:dequote NULL: valid
openmap()	host:host NULL: valid
getcanonname(earthlink.net), trying dns
getcanonname(earthlink.net), found
melsonr@earthlink.net... Connecting to outbound.att.net via relay...
220 smtp107.sbc.mail.mud.yahoo.com ESMTP
>>> EHLO rgmhome.net
250-smtp107.sbc.mail.mud.yahoo.com
250-AUTH LOGIN PLAIN XYMCOOKIE
250-PIPELINING
250-SIZE 41697280
250 8BITMIME
openmap()	macro:macro NULL: valid
macro_map_lookup(macro, {TLS_Name})
hash_map_open(access, /etc/mail/access, 0)
openmap()	hash:access /etc/mail/access: valid
db_map_lookup(access, TLS_Srv:outbound.att.net)
db_map_lookup(access, TLS_Srv:att.net)
db_map_lookup(access, TLS_Srv:net)
db_map_lookup(access, TLS_Srv:68.142.198.51)
db_map_lookup(access, TLS_Srv:68.142.198)
db_map_lookup(access, TLS_Srv:68.142)
db_map_lookup(access, TLS_Srv:68)
db_map_lookup(access, TLS_Srv:)
hash_map_open(authinfo, /etc/mail/authinfo, 0)
openmap()	hash:authinfo /etc/mail/authinfo: valid
db_map_lookup(authinfo, AuthInfo:outbound.att.net)
db_map_lookup(authinfo, AuthInfo:68.142.198.51)
db_map_lookup(authinfo, AuthInfo:)
>>> MAIL From:<root@att.net> SIZE=47
530 authentication required - for help go to
http://help.yahoo.com/sbc/dsl/mail/pop/pop-11.html
switch_map_open(aliases, aliases, 0)
	switch_map_find => 1
		files
	map_stack[0] = sequence:aliases.files
openmap()	switch:aliases aliases: valid
seq_map_lookup(aliases, root)
openmap()	sequence:aliases.files NULL: valid
seq_map_lookup(aliases.files, root)
impl_map_open(Alias0, /etc/mail/aliases, 0)
hash_map_open(Alias0, /etc/mail/aliases, 0)
impl_map_lookup(Alias0, @)
db_map_lookup(Alias0, @)
openmap()	implicit:Alias0 /etc/mail/aliases: valid
impl_map_lookup(Alias0, root)
db_map_lookup(Alias0, root)
/root/dead.letter... Saved message in /root/dead.letter
Closing connection to outbound.att.net
>>> QUIT
221 Service Closing transmission
closemaps: closing aliases.files (NULL)
closemaps: closing authinfo (/etc/mail/authinfo)
db_map_close(authinfo, /etc/mail/authinfo, 1000321)
closemaps: closing Alias0 (/etc/mail/aliases)
impl_map_close(Alias0, /etc/mail/aliases, 10012a3)
db_map_close(Alias0, /etc/mail/aliases, 10012a3)
closemaps: closing access (/etc/mail/access)
db_map_close(access, /etc/mail/access, 1000321)
closemaps: closing host (NULL)
closemaps: closing aliases (aliases)
closemaps: closing dequote (NULL)
closemaps: closing macro (NULL)



-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/19/2013 11:02:31 PM
Bob Melson <amia9018@mypacks.net> wrote:
> [...]
> melsonr@earthlink.net... Connecting to outbound.att.net via relay...
> 220 smtp107.sbc.mail.mud.yahoo.com ESMTP
> >>> EHLO rgmhome.net
> 250-smtp107.sbc.mail.mud.yahoo.com
> 250-AUTH LOGIN PLAIN XYMCOOKIE
> 250-PIPELINING
> 250-SIZE 41697280
> 250 8BITMIME
> [...]
> >>> MAIL From:<root@att.net> SIZE=47
> 530 authentication required - for help go to
> http://help.yahoo.com/sbc/dsl/mail/pop/pop-11.html
> [...]

The remote host:
a) does not offer STARTTLS (switching to encrypted connection)
b) offers SMTP AUTH methods [LOGIN PLAIN] sendmail it unwilling 
   (in default configurations) to use over not encrypted connections

You can force sendmail to send password in "plain text" but trying SMTPS
based sending would be a better choice in this case.

How many messages per day do you expect to send out?

BTW att.net in "MAIL From:<root@att.net>" is the right domain?
0
anfi2 (1425)
2/19/2013 11:57:22 PM
Bob Melson <amia9018@mypacks.net> wrote:
> [...]
> melsonr@earthlink.net... Connecting to outbound.att.net via relay...
> 220 smtp107.sbc.mail.mud.yahoo.com ESMTP
>>>> EHLO rgmhome.net
> 250-smtp107.sbc.mail.mud.yahoo.com
> 250-AUTH LOGIN PLAIN XYMCOOKIE
> 250-PIPELINING
> 250-SIZE 41697280
> 250 8BITMIME
> [...]
> db_map_lookup(authinfo, AuthInfo:outbound.att.net)
> db_map_lookup(authinfo, AuthInfo:68.142.198.51)
> db_map_lookup(authinfo, AuthInfo:)
>>>> MAIL From:<root@att.net> SIZE=47
> 530 authentication required - for help go to
> http://help.yahoo.com/sbc/dsl/mail/pop/pop-11.html
> [...]

Remove :465 from your authinfo entry (as reported in the opening post):
outbound.mail.ISP:465 "I:my-id" "P:password"
0
anfi2 (1425)
2/20/2013 1:05:52 AM
Andrzej Adam Filip wrote:

> The remote host:
> a) does not offer STARTTLS (switching to encrypted connection)
> b) offers SMTP AUTH methods [LOGIN PLAIN] sendmail it unwilling 
>    (in default configurations) to use over not encrypted connections
> 
> You can force sendmail to send password in "plain text" but trying SMTPS
> based sending would be a better choice in this case.
> 
> How many messages per day do you expect to send out?
> 
> BTW att.net in "MAIL From:<root@att.net>" is the right domain?
> 

How many emails?  Probably somewhere between 20-40 on a heavy day.  This
is a home account and traffic is really variable but on the low side.

SMTPS?  Huh?  Seems this is deprecated, from what I just read.

In reply to your later message (remove 465 from authinfo), I did so,
with no effect when sending a message.  The remote system either
complains because of no authentication or just resets the connection.


-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/20/2013 1:50:38 AM
Bob Melson <amia9018@mypacks.net> wrote:
> [...]
> In reply to your later message (remove 465 from authinfo), I did so,
> with no effect when sending a message.  The remote system either
> complains because of no authentication or just resets the connection.

<quote>
db_map_lookup(authinfo, AuthInfo:outbound.att.net)
db_map_lookup(authinfo, AuthInfo:68.142.198.51)
db_map_lookup(authinfo, AuthInfo:)
</quote>

1) Sendmail looks for "AuthInfo:outbound.att.net" key in authinfo map
2) It does not find the value/entry because it asks later for
   "AuthInfo:68.142.198.51" and  "AuthInfo:"
=> correct the authinfo entry
0
anfi2 (1425)
2/20/2013 10:08:20 AM
Andrzej Adam Filip wrote:
> Bob Melson <amia9018@mypacks.net> wrote:
>> [...]
>> In reply to your later message (remove 465 from authinfo), I did so,
>> with no effect when sending a message.  The remote system either
>> complains because of no authentication or just resets the connection.
> 
> <quote>
> db_map_lookup(authinfo, AuthInfo:outbound.att.net)
> db_map_lookup(authinfo, AuthInfo:68.142.198.51)
> db_map_lookup(authinfo, AuthInfo:)
> </quote>
> 
> 1) Sendmail looks for "AuthInfo:outbound.att.net" key in authinfo map
> 2) It does not find the value/entry because it asks later for
>    "AuthInfo:68.142.198.51" and  "AuthInfo:"
> => correct the authinfo entry
> 

That's the address AT&T specified.

The problem, I think, is twofold:  first, that port 587 doesn't offer
STARTTLS authentication and, second, that they (AT&T) are relying on the
use of XYMCOOKIE on port 465 - and that's a Yahoo "special" feature for
mail security.

This is not, as it turns out, a problem with a simple solution.

With my most sincere thanks to you and Bob Nichols, I'm going to drop it
for now and take the issue up with AT&T and, if I fail to get what I
consider an acceptable resolution, will return to my previous ISP.

Thanks very much once again.

Bob Melson

-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/20/2013 4:44:58 PM
Bob Melson <amia9018@mypacks.net> wrote:
> Andrzej Adam Filip wrote:
>> Bob Melson <amia9018@mypacks.net> wrote:
>>> [...]
>>> In reply to your later message (remove 465 from authinfo), I did so,
>>> with no effect when sending a message.  The remote system either
>>> complains because of no authentication or just resets the connection.
>> 
>> <quote>
>> db_map_lookup(authinfo, AuthInfo:outbound.att.net)
>> db_map_lookup(authinfo, AuthInfo:68.142.198.51)
>> db_map_lookup(authinfo, AuthInfo:)
>> </quote>
>> 
>> 1) Sendmail looks for "AuthInfo:outbound.att.net" key in authinfo map
>> 2) It does not find the value/entry because it asks later for
>>    "AuthInfo:68.142.198.51" and  "AuthInfo:"
>> => correct the authinfo entry
>> 
>
> That's the address AT&T specified.
>
> The problem, I think, is twofold:  
> first, that port 587 doesn't offer STARTTLS authentication 

STARTTLS is not authentication, it is encryption.

> and, second, that they (AT&T) are relying on the use of XYMCOOKIE on
> port 465 - and that's a Yahoo "special" feature for mail security.
>
> This is not, as it turns out, a problem with a simple solution.
>
> With my most sincere thanks to you and Bob Nichols, I'm going to drop it
> for now and take the issue up with AT&T and, if I fail to get what I
> consider an acceptable resolution, will return to my previous ISP.

As I understand the debug output you provided:
Your sendmail 
1) makes connection to outbound.att.net:587
2) searches for authinfo data to use in PLAIN or LOGIN authentications
3) does not try to authenticate because it finds no appropriate entry
0
anfi2 (1425)
2/20/2013 6:05:01 PM
Andrzej Adam Filip wrote:

> As I understand the debug output you provided:
> Your sendmail 
> 1) makes connection to outbound.att.net:587
> 2) searches for authinfo data to use in PLAIN or LOGIN authentications
> 3) does not try to authenticate because it finds no appropriate entry
> 
That's pretty much it.  outbound:587 provides LOGIN PLAIN and XYMCOOKIE,
outbound:465 just sits there and does nothing (this on a telnet session
to outbound on each of the ports.  Since AT?&T *requires* use of 465,
anything further would appear to be pretty much a case of spinning
my/our wheels.  I don't like it - it seems far too restrictive at the
very least - but I also don't like to go tilting at windmills, either.
(I do understand that STARTTLS is an encryption method - X.509, IIRC -
but its absence on outbound hints that there can be no secure password
exchange and, by extension, no connect.)

Once again, thanks for your help.  I've learned a lot (and relearned
much I had forgotten!).  I'll just have to be satisfied with what I have.

Bob Melson


-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/20/2013 6:23:23 PM
Bob Melson <amia9018@mypacks.net> wrote:
> Andrzej Adam Filip wrote:
>
>> As I understand the debug output you provided:
>> Your sendmail 
>> 1) makes connection to outbound.att.net:587
>> 2) searches for authinfo data to use in PLAIN or LOGIN authentications
>> 3) does not try to authenticate because it finds no appropriate entry
>> 
> That's pretty much it.  outbound:587 provides LOGIN PLAIN and XYMCOOKIE,
> outbound:465 just sits there and does nothing (this on a telnet session
> to outbound on each of the ports.  

Outbound:465 wants you to start SSL negotiation/session.

On Linux/Debian there is telnet-ssl package providing telnet client
implementation capable to (also) establish SSL session. 

> Since AT?&T *requires* use of 465, anything further would appear to be
> pretty much a case of spinning my/our wheels.
>  I don't like it - it seems far too restrictive at the very least -
> but I also don't like to go tilting at windmills, either.  (I do
> understand that STARTTLS is an encryption method - X.509, IIRC - but
> its absence on outbound hints that there can be no secure password
> exchange and, by extension, no connect.)
> Once again, thanks for your help.  I've learned a lot (and relearned
> much I had forgotten!).  I'll just have to be satisfied with what I have.

Do you have openssl program installed?
YES=> you can make sendail use openssl in new custom mailer definition
to handle smtps connection. [It seems to be acceptable solution for <100
outgoing messages per day].
Test command:
openssl s_client -verify 2 -ssl3 -quiet -connect outbound.att.net:465

Another option may be (transparent) stunnel proxy.

0
anfi2 (1425)
2/20/2013 7:40:35 PM
Andrzej Adam Filip wrote:
> Bob Melson <amia9018@mypacks.net> wrote:
>> Andrzej Adam Filip wrote:
>>
>>> As I understand the debug output you provided:
>>> Your sendmail 
>>> 1) makes connection to outbound.att.net:587
>>> 2) searches for authinfo data to use in PLAIN or LOGIN authentications
>>> 3) does not try to authenticate because it finds no appropriate entry
>>>
>> That's pretty much it.  outbound:587 provides LOGIN PLAIN and XYMCOOKIE,
>> outbound:465 just sits there and does nothing (this on a telnet session
>> to outbound on each of the ports.  
> 
> Outbound:465 wants you to start SSL negotiation/session.
> 
> On Linux/Debian there is telnet-ssl package providing telnet client
> implementation capable to (also) establish SSL session. 
> 
>> Since AT?&T *requires* use of 465, anything further would appear to be
>> pretty much a case of spinning my/our wheels.
>>  I don't like it - it seems far too restrictive at the very least -
>> but I also don't like to go tilting at windmills, either.  (I do
>> understand that STARTTLS is an encryption method - X.509, IIRC - but
>> its absence on outbound hints that there can be no secure password
>> exchange and, by extension, no connect.)
>> Once again, thanks for your help.  I've learned a lot (and relearned
>> much I had forgotten!).  I'll just have to be satisfied with what I have.
> 
> Do you have openssl program installed?
> YES=> you can make sendail use openssl in new custom mailer definition
> to handle smtps connection. [It seems to be acceptable solution for <100
> outgoing messages per day].
> Test command:
> openssl s_client -verify 2 -ssl3 -quiet -connect outbound.att.net:465
> 
> Another option may be (transparent) stunnel proxy.
> 
openssl is installed but not configured, i.e., no local certificate.

strider# openssl s_client -verify 2 -ssl3 -quiet -connect
outbound.att.net:465
verify depth is 2
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006
VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public
Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006
VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public
Primary Certification Authority - G5
verify error:num=27:certificate not trusted
verify return:1
depth=1 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use
at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server
CA - G3
verify return:1
depth=0 /C=US/ST=Michigan/L=Southfield/O=AT&T Services, Inc./OU=att.net
Mail/CN=outbound.att.net
verify return:1
220 smtp111.sbc.mail.mud.yahoo.com ESMTP


-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/20/2013 8:01:33 PM
Bob Melson <amia9018@mypacks.net> wrote:
> Andrzej Adam Filip wrote:
>> Bob Melson <amia9018@mypacks.net> wrote:
>>> Andrzej Adam Filip wrote:
>>>
>>>> As I understand the debug output you provided:
>>>> Your sendmail 
>>>> 1) makes connection to outbound.att.net:587
>>>> 2) searches for authinfo data to use in PLAIN or LOGIN authentications
>>>> 3) does not try to authenticate because it finds no appropriate entry
>>>>
>>> That's pretty much it.  outbound:587 provides LOGIN PLAIN and XYMCOOKIE,
>>> outbound:465 just sits there and does nothing (this on a telnet session
>>> to outbound on each of the ports.  
>> 
>> Outbound:465 wants you to start SSL negotiation/session.
>> 
>> On Linux/Debian there is telnet-ssl package providing telnet client
>> implementation capable to (also) establish SSL session. 
>> 
>>> Since AT?&T *requires* use of 465, anything further would appear to be
>>> pretty much a case of spinning my/our wheels.
>>>  I don't like it - it seems far too restrictive at the very least -
>>> but I also don't like to go tilting at windmills, either.  (I do
>>> understand that STARTTLS is an encryption method - X.509, IIRC - but
>>> its absence on outbound hints that there can be no secure password
>>> exchange and, by extension, no connect.)
>>> Once again, thanks for your help.  I've learned a lot (and relearned
>>> much I had forgotten!).  I'll just have to be satisfied with what I have.
>> 
>> Do you have openssl program installed?
>> YES=> you can make sendail use openssl in new custom mailer definition
>> to handle smtps connection. [It seems to be acceptable solution for <100
>> outgoing messages per day].
>> Test command:
>> openssl s_client -verify 2 -ssl3 -quiet -connect outbound.att.net:465
>> 
>> Another option may be (transparent) stunnel proxy.
>> 
> openssl is installed but not configured, i.e., no local certificate.
>
> strider# openssl s_client -verify 2 -ssl3 -quiet -connect
> outbound.att.net:465
> verify depth is 2
> depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006
> VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public
> Primary Certification Authority - G5
> verify error:num=20:unable to get local issuer certificate
> verify return:1
> depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006
> VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public
> Primary Certification Authority - G5
> verify error:num=27:certificate not trusted
> verify return:1
> depth=1 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use
> at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server
> CA - G3
> verify return:1
> depth=0 /C=US/ST=Michigan/L=Southfield/O=AT&T Services, Inc./OU=att.net
> Mail/CN=outbound.att.net
> verify return:1
> 220 smtp111.sbc.mail.mud.yahoo.com ESMTP

1) create openssl wrapper script named e.g. /usr/local/bin/smtps
It is needed to ignore STDERR output and change exit codes as sendail likes

#!/bin/sh
/usr/bin/openssl  s_client -verify 2 -ssl3 -quiet -connect $1:465 2>/dev/null || exit 75

2) Get esmtp mailer definition from your sendail.cf

echo =M | sendail -bt | grep esmtp

3) Insert it after MAILER_DEFINITIONS line in your sendail.mc with the
following changes
3a) change mailer name to smtps 
Mesmtp -> Msmtps
3b) change mailer part to you openssl wrapper script
P=[IPC] -> P=/usr/local/bin/smtps
3c) change arguments
A=TCP $h -> A=smtps $h

4) make SMART_HOST use smtps mailer
define(`SMART_HOST',`smtps:outbound.att.net')

P.S.
A) Check elsewhere if openssl option are right/safe.
   I am not openssl expert.
B) It is a quick&dirty initial implementation [working prototype]
   [I may write clean cf/mailer/smtps.m4 in a few weeks]
0
anfi2 (1425)
2/20/2013 9:18:43 PM
Andrzej Adam Filip wrote:

> 1) create openssl wrapper script named e.g. /usr/local/bin/smtps
> It is needed to ignore STDERR output and change exit codes as sendail likes
> 
> #!/bin/sh
> /usr/bin/openssl  s_client -verify 2 -ssl3 -quiet -connect $1:465 2>/dev/null || exit 75
> 
> 2) Get esmtp mailer definition from your sendail.cf
> 
> echo =M | sendail -bt | grep esmtp
> 
> 3) Insert it after MAILER_DEFINITIONS line in your sendail.mc with the
> following changes
> 3a) change mailer name to smtps 
> Mesmtp -> Msmtps
> 3b) change mailer part to you openssl wrapper script
> P=[IPC] -> P=/usr/local/bin/smtps
> 3c) change arguments
> A=TCP $h -> A=smtps $h
> 
> 4) make SMART_HOST use smtps mailer
> define(`SMART_HOST',`smtps:outbound.att.net')
> 
> P.S.
> A) Check elsewhere if openssl option are right/safe.
>    I am not openssl expert.
> B) It is a quick&dirty initial implementation [working prototype]
>    [I may write clean cf/mailer/smtps.m4 in a few weeks]
> 

I'll give it a try in a couple of days.  I've had issues with AT&T as a
result of all the previous "playing", so want to let it rest for just a
bit.  I *will* give it a try, though, and let you know.

Bob Melson


-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/21/2013 2:10:06 AM
Bob Melson <amia9018@mypacks.net> wrote:
> Andrzej Adam Filip wrote:
>
>> 1) create openssl wrapper script named e.g. /usr/local/bin/smtps
>> It is needed to ignore STDERR output and change exit codes as sendail likes
>> 
>> #!/bin/sh
>> /usr/bin/openssl  s_client -verify 2 -ssl3 -quiet -connect $1:465 2>/dev/null || exit 75
>> 
>> 2) Get esmtp mailer definition from your sendail.cf
>> 
>> echo =M | sendail -bt | grep esmtp
>> 
>> 3) Insert it after MAILER_DEFINITIONS line in your sendail.mc with the
>> following changes
>> 3a) change mailer name to smtps 
>> Mesmtp -> Msmtps
>> 3b) change mailer part to you openssl wrapper script
>> P=[IPC] -> P=/usr/local/bin/smtps
>> 3c) change arguments
>> A=TCP $h -> A=smtps $h
>> 
>> 4) make SMART_HOST use smtps mailer
>> define(`SMART_HOST',`smtps:outbound.att.net')
>> 
>> P.S.
>> A) Check elsewhere if openssl option are right/safe.
>>    I am not openssl expert.
>> B) It is a quick&dirty initial implementation [working prototype]
>>    [I may write clean cf/mailer/smtps.m4 in a few weeks]
>> 
>
> I'll give it a try in a couple of days.  I've had issues with AT&T as a
> result of all the previous "playing", so want to let it rest for just a
> bit.  I *will* give it a try, though, and let you know.

IHO it would be safer to use outgoing stunnel proxy
[ 127.0.0.1:X -> outbound.att.net:smtps ]. I have not 
tested smtps-openssl mailer in practice, some small/"small"
problems are possible.

Required stunnel configuration is described in Postfix FAQ:
  http://www.postfix.org/TLS_README.html#client_smtps
0
anfi2 (1425)
2/21/2013 9:36:52 AM
On 02/21/2013 03:36 AM, Andrzej Adam Filip wrote:
> Required stunnel configuration is described in Postfix FAQ:
>    http://www.postfix.org/TLS_README.html#client_smtps

The description in that README is basically what I used to use to make
port 465 work with smtp.comcast.net as my smart host.  If you like, I
can dig out my backups from 2007 and send the relevant files, but I
think the only thing not in that README was the init.d script to start
an stunnel daemon listening on a local port (I used 127.0.0.25 port
465), and I'm not sure how relevant that would be on the BSD 4.4 that
you list as OSTYPE in your sendmail.mc.

-- 
Bob Nichols         AT comcast.net I am "RNichols42"
0
2/22/2013 9:24:24 PM
Robert Nichols wrote:
> On 02/21/2013 03:36 AM, Andrzej Adam Filip wrote:
>> Required stunnel configuration is described in Postfix FAQ:
>>    http://www.postfix.org/TLS_README.html#client_smtps
> 
> The description in that README is basically what I used to use to make
> port 465 work with smtp.comcast.net as my smart host.  If you like, I
> can dig out my backups from 2007 and send the relevant files, but I
> think the only thing not in that README was the init.d script to start
> an stunnel daemon listening on a local port (I used 127.0.0.25 port
> 465), and I'm not sure how relevant that would be on the BSD 4.4 that
> you list as OSTYPE in your sendmail.mc.
> 
Thanks to you both for the hint/hand-holding.  I'm going to let it rest
for a bit:  all the previous "playing" with test mails, etc., caused my
email, both in- and out-bound, to be blocked and I don't want to cause
the same thing to happen a 2d time.  That said, I *will* try it out in
the not distant future, just not in the next few days.

Again, my sincere thanks to you both for all the help you've given.

Bob Melson

-- 
Robert G. Melson | Rio Grande Microsolutions | El Paso, Texas
-----
Any man who thinks he can be happy and prosperous by letting the
Government take care of him, better take a closer look at the
American Indian. -- Henry Ford
0
amia9018 (43)
2/22/2013 10:01:08 PM
Reply:

Similar Artilces:

Sendmail mail relay configuration on AIX
I am having real trouble in getting sendmail configured to act as a relay o= n AIX. All I want to be able to do is send mail from the Unix box via a ma= il gateway. In older versions of AIX it was simply change the DS value in = the sendmail.cf file and away you go, but in 7.1 this simply doesn't work. = If I run "sendmail -v myemail@myhost.com" it will sit there forever, same = with mailx. I know that I can talk to the relay server and send mail to it, but how do = I get sendmail on AIX to do this for me?: Here is the manual run showing what I'm trying to do: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D root@aixdb2: / # telnet aixmail 25 Trying... Connected to aixmail.fsc.uk. Escape character is '^]'. 220 aixmail.fsc.uk ESMTP Sendmail Thu, 3 Nov 2011 15:45:05 GMT helo aixmail mailserver (setting up the communication,'ehlo' works as well) 250 aixmail.fsc.uk Hello aixdb2.fsc.uk [10.200.200.22], pleased to meet you mail from: something@anything.com mailbox (don't forget on mailrelay could be some restricions) 250 2.1.0 something@anything.com... Sender ok=A0=A0 rcpt to: mail_address@anything.com=A0=A0 250 2.1.5 mail_address@anything.com... Recipient ok data subject: test message this is a test message from aixdb2 .. 250 2.0.0 pA3Fj5mf586210 Message accepted for delivery quit =3D=3D=3D=3D=3D=3D=3D=...

help on configuring intranet mail using sendmail
I am trying to configure sendmail for my Intranet. following are my requirements : 1) Users within should be able to send and receive. 2) the usersname@hostname.domain.com should be converted to username@domainname.com 3) they should also be able to send mail to any user in the world having a email-id. i have redhat9 and i am planning to use sendmail for the same. any other mail software will be required? i have a valid domainname, ipaddress. suggestions on the same using m4 sendmail macro required. regards, ...

Need help with sendmail type relay problem
Hello, Hope I don't make this too confusing... And hope I find someone who knows exactly what to do, but here is my situation. mybox: mybox.blahblah.com redhat 7.1, sendmail 8.11.6-23.71, listserv lite = Used as a mailinglist server this boxes name is registered and was working flawlessly before moving to a DMZ mailfilter box: All internal email goes through this mailfilter box and the domain name is also registered and this box is also on the DMZ. mail.blahblah.com Before the change to the DMZ: mybox was not relaying any mail because it didn't need to. Since everything was being ...

Pls help: relay mail to 2nd sendmail on localhost
Hi, all, I'm setting 2 sendmail daemons (8.12.11): 1. listen to port 25 and accept incoming mail and add headers after examining the mail data, then relay the mail to 2nd sendmail daemon running on the same host. Following lines are added to my mc file: define(`SMART_HOST', `relay:localhost') define(`RELAY_MAILER_ARGS', `TCP $h 8025') 2. listen to port 19000 for accepting mail from sendmail mentioned above to further process the header added. Following lines are added to my mc file: FEATURE(`no_default_msa',`dnl') DAEMON_OPTIONS(`Port=8025,Addr=127.0.0.1,Name...

need help with spamassassin setting it up as a mail relay server
Hi there! I have been looking into ways to stop spam coming into our clients mailboxes for quite some time now. I was wondering what would be involved in setting up a mail relay server on a redhat9 platform running spamassassin, and have it configured so it simply scans and relays mail from the internet to warious mail servers which our clients have. The linux box won't need any mailboxes or user accounts, since it simply passes on the mail to the relevant mail servers. I have about 5 Exchange 5.5/2000/2003 mail servers, and 3 Domino mail servers, all in one city. The ideal would be t...

Help needed with fetchmail/sendmail, some mail is delivered to postmaster
Some incoming mail is misdirected to postmaster. It appears that this happens only with some mails (not all) originating from some mailing lists (not all). Of interest is the last line in the headers, X-Fetchmail-Warning: recipient address members@beverley-soaring.org.au didn't match any local name. This is certaily true, as it is the name of the list. The question is however, where did fetchmail get this from, as the for header within the message already states postmaster@localhost (as retrieved by fetchmail from the ISP, or with telnet to port 110). Was that X-Fetchmail-Warning really ad...

Help needed for basic sendmail configuration for a home user
I've a small home network, with a couple of SPARCs running Solaris 10 update 6 and a laptop running Solaris Express. I read and send email using Thunderbird, and never use the command line utilities for mail. One of the SPARCs is just a web server - I never even bother to read email on that. I now wish to set up Bugzilla (bug tracking software) which needs to be able to send an e-mail to someone to let them subscribe. Bugzilla does this by using some perl modules, which rely on sendmail. So needless to say I need to get sendmail configured on the web server (Sun Ultra 60 running S...

Need Milter+capturing Outgoing mail in SENDMAIL. HELP~
Dear all, any one out there have done the milter+sendmail for monitoring outgoing mail? please advice, THANKS! lim wrote: > Dear all, > any one out there have done the milter+sendmail for monitoring outgoing mail? > please advice, > > THANKS! milter-spamc can do this. See the -a option. -- Anthony C Howe +33 6 11 89 73 78 http://www.snert.com/ ICQ: 7116561 AIM: Sir Wumpus "...simplicity is a goal of good design, it is never the starting point." - Dan Geer ...

Problems with outbound mail getting relaying denied...help needed
Hello everyone. Just rolled out our corporate mail server last night. For the most part, everything is going well. But having problems with some mail getting relaying denied when being sent to a couple of domains it appears.... Mail leaves as the following: user --> internal mail server --> mail gateway --> internet Here is the log on the internal mail server: May 4 08:50:12 corpmail sm-mta[2403]: i44FoCSA002403: from=<rmansolino@courtesymortgage.com>, size=983, class=0, nrcpts=1, msgid=<5.1.0.14.2.20040504085936.03ab5e80@corpmail.courtesymortgage.com>, proto=ES...

Need help with help need
Friends and wormbots: I am looking for some intrepid souls to try out and comment on a perl script I wrote. (What, perl in SAS-L and it's not David Cassell ?) The script takes the SAS help files apart and does some analysis (orphans, linkrot and duplicates) and inserts back links. What do back links do ? It ensures every page in the help system has a link to every page that links to it. (Actually only the the subset of the help system represented by the modules you choose to play with [there are over 140 help modules]) 1,000 lines of perl that sprouted out of a two line seed (or should...

Help! Tired configuring sendmail
Connectivity: Dial-Up (PPP) to local ISP with dynamic IP Our domain : mycompany.com Real Internet Mail server(real MX to): mail.mycompany.com Smart Host for relaying: mail.mycompany.com SMTP Authorization User ID: staff@mycompany.com / Password : mypass There are two POP mailboxes @ MX server - #1 One mailbox gets mail for staff (this is an alias for multiple adresses) at all staff @ our head quater- say 10 email addresses are being collected in one box at Mail service Provider. This is referred as POP BOX above as User Id of "staff" @ POP server: mail.mycompany.com thus mail f...

Need configuration help
I'm using a godaddy dedicated server and a separate email hosting service for my email. I have the MX entries set up so that all email is sent to the separate hosting service. When setting things up, I enabled the mail server on the dedicated server and set up a mailbox called "info" When I send email to info@example.com, it goes to my hosted email service. When the web application running on the server sends an email to info@example.com, it stays on the local server's mailbox. I'd prefer to have the outgoing email NOT stay on the server. Unfortunately, about 300 ema...

Sendmail relay Exchange SMTP delivery message
I used EX2003 for Main mail system. I have bind IP port 6036 SMTP for send out message. Also I have setup Linux Fax server . When ifax server received fax after via PORT 6036 connect to Exchange SMTP deviery message to e-mail. Our linux fax server and exchange 2003 server setup in same subnet and same geatway. Our fax server using sendmail. The maillog and sendmail.mc as below, can you help me. sendmail.mc [root@pfhkifax mail]# more sendmail.mc divert(-1)dnl dnl # dnl # This is the sendmail macro config file for m4. If you make changes to dnl # /etc/mail/sendmail.mc, you will need to re...

How do I configure Sendmail to reject all mail to domains not in /etc/mail/access file?
Hi. I've got a serious spam problem on one my server which is running Sendmail 8.13.1. I've been struggling with iptables, although efficient but not manageable in the long run. The problem really is bad scripts made by users on their webpages, but it is impossible for me to debug these. So this is why I'm looking for information on how to block all @domain.tld's while maintaining the ability to send mail to certain specified domains in the /etc/mail/access file. Thus far, I've also been adding domain.tld in local-host-names and relaying all @domain.tld to a local...

Need configuration help
As our database runs, there are occasions where someone in the organization should be notified about significant events, such as automatically advising the Design Engineer when a new part has been added or the Production Manager when some other event has happened. For these notes I use a little Instant Messaging system I built into our database, that I call TMail. It allows quick messages to be sent around from person to person, without having to leave the database. As this same code (but different backend) is running in three different companies, I cannot, should not, hardwire the IDs of the...

help configuring sendmail
In my university we have several outstations which are connected to the Internet through different ISPs. One thing is common about all these is that the ISP gives them a private number, something like 10.0.0.1. Now when I try to setup sendmail from these places they are not allowed to send the mail as they do not have valid ip number. So, I tried to relay the mail through the server at the main campus which has a valid IP number, but even than they can not send the mail. If someone can help me I shall be very grateful. I have read the sendmail howto and have added the ip number of the clients ...

Need help with Sendmail
all, I need some help with Sendmail. First, I am getting the following error messages: SYSERROR: returntosender: cannot select queue for postmaster. SYSERROR: losing ./qfi4HC92jA011822 savemail panic. SYSERROR: cannot save rejected email anywhere SYSERROR: to=root, delay=4+18:00:45,xdelay=00:00:00, mailer=relay, pri=9307454, relay=localhost.www.melveston.com., dns=4.0.0, state=Deferred: Connection refused by localhost.meslveston.com. Based on my intuition, based on the error messages above, the system is working as it should. I am using CGI programs to send emails out based on some condi...

need help with configuration
Hi guys, I need your help on port forwarding on CISCOrouter, I am new to configuring CISCO router, any way I did configuer my router, now I can internet and send and recieve mail, so this part is good. I did try to open these ports on the router; 25 ,22,443,4002 and I did forward these ports to one of my servers. but when I try to telnet any of these port I get no anserw at all or when I try to access my server (SBS 2003) with remote desktop (port 4002)no connection is made. I send you a copy of the router configuration,maybe some of you can see some mistake in it. Please let me know where ...

Help me fast please! Cisco 3005 VPN, need help with fully mesh configuration
Hi! I�ve got a Cisco 3005 VPN concentrator, a couple of lan2lan connections and some "ordinary" vpn connections by 3002 Hw clients. My problem is when connected with 3002 HW client i can connect to all my internal recources but not the recources "on the other side of lan2lan", i believe that i must put fully mesh on in the 3005 but how? Best regards Jonas ...

Help Help Help Help Help
please,help us . we have a seious problem, we are designing a radio controlled car that is guided by the PC, to send the data wireless between the PC and the Car and vice versa. we use 2 transmitter/reciever circuits from 2 seperate radio controlled car each running with a different frequency (27 MHz & 40 MHz)and modify the functionality of each to do the disered work. but on mounting a transmitter(40MHz) and reciever(27MHz) on the car, and attach another transmitter(27MHz) and reciever(40MHz) to the PC; we found that on sending signals from the car to the PC on the transmitter & rec...

Need help with help
Running GIMP 2.6.7 on 32-bit Gentoo linux I know about RTFM, but clicking on "Help" is futile. Step 1) I get an error box that says... > help Messge > Could not open 'http://docs.gimp.org/2.6/en/gimp-help.xml' > for reading: Operation not supported > Perhaps you are missing GIO backends and need to install GVFS What is it talking about? Step 2) I open up that URL with Firefox 3.0.14 and I get a bunch of gibberish like,,, This XML file does not appear to have any style information associated with it. The document tree is shown below. &...

Need help configuring router
I am still fairly new to configuring routers and would appreciate any assistance. I have a PTP wireless network consisting of Cisco 350 series bridges at several locations. On the inside of each bridge sits a Linksys router with an IP address of 192.168.1.x, 192.168.2.x, etc. The outside interface on each bridge has an IP address of 10.25.25.10, 10.25.25.20, etc. I have purchased a Cisco 1711 security access router and need to config to route traffic from each location back to a central location (192.168.1.0 network) to access a records system housed on a server on that network. Would somebody...

help!help!help!help!
I am a student.I am going to make a simulation of a robot (FANUC Robot M-16iB) under the matlab\simulink environment . It is a normal 6DOF robot.I want to realize any angle and any speed (under the max speed) and any position and orientation control. As I just starting to do this new field,I have no experience about it. Can you give me some simulation demo or examples for 6DOF robot? I am very eager to get these.Please write back to me as soon as possible,thank you! Sincerely, Connie&#12288;&#12288;&#12288;&#12288;&#12288;&#12288;&#12288; zhanglijuan920@sohu.c...

Mail Rules
I'm trying to keep correspondence (to and from) with one of my kids in the same folder in Mail. I've got a rule established to put incoming messages ("If any of the following conditions are met: "If From contains <Kid's name> perform the following action: Move message to mailbox <Kid's name>." Also part of that rule is "If Any Recipient contains <Kid's name> perform the following action: Move message to mailbox <Kid's name>." The first part works -- incoming goes into Kid's folder. The second part (outgoing) doesn't work so much -- outgoing mail is going into my Sent Mail folder; if I highlight the message there and "apply rules" it goes to the Kid's folder. I'd like the sent mail to just go there without me having to apply the rule manually. What am I doing wrong? BTW, I've also tried it with "If To contains <Kids' name> . . . . " No difference. I also tried another rule (separate) for the outgoing messages to Kid. No difference. Thanks for any insights. -- -Barb, Mother Superior, HOSSSPoJ http://www.jamlady.eboard.com http:/http://www.caringbridge.org/visit/amytaylor/ Melba's Jammin' <barbschaller@earthlink.net> wrote: > I'm trying to keep correspondence (to and from) with one of my kids in > the same folder in Mail. > > I've got a rule established to put incoming messages ("If any...

Web resources about - Need help configuring smart_host relaying - comp.mail.sendmail

Configuring Your Xcode Project for Distribution
Describes the common workflows to develop, test, and distribute your app.

Installing and configuring Graphite
Here are some notes I jotted down while installing and configuring Graphite, which isn't a trivial task, although the official documentation ...

Configuring Android Data Binding Just Got Easier
The [Android Data Binding Guide](https://developer.android.com/tools/data-binding/guide.html) was recently updated with a new way to configure ...

Hands on: Configuring Apple's NetBoot service, Part 1
NetBoot allows admins to use the same network-based image for Macs throughout a network; here are some tips and tricks for making it work for ...

Configuring a secure Ubuntu Linux Virtual Private Server
... acid which is a web based application to be able to view snort alerts $ sudo apt-get install acidbase Select No when it prompts you for configuring ...

Custom Configuring Java Apps: Extending log4j
Creating an extended, server-side version of a log4j Logger that automatically configures itself and adds printf -like logging methods to the ...

T-Mobile networks start configuring themselves, thanks to Eden Rock
T-Mobile US has tapped Eden Rock Communications , a Seattle-area wireless networking startup, to add some self-awareness to its networks. Eden ...


Why NASA Is Re-Configuring Part of the International Space Station
NASA robotics flight controllers are preparing for moving day at the International Space Station.

Configuring two wireless routers with one SSID (network name) at home for free roaming - Scott Hanselman ...
Scott Hanselman on Programming, User Experience, The Zen of Computers and Life in General

Resources last updated: 3/10/2016 4:33:33 PM