If you use your own domain with gmail some mail clients display your email address as "[email protected] on behalf of [email protected]". To avoid this Google allow you to use your own sendmail to relay outgoing mail. The longer explanation is here I have a VPS server with plain Centos 5.5 - the basic install, including sendmail and saslauth that I'd like to use for this purpose. There's a lot of howtos explaining howto setup a fully fledged mail system with dovecot or whatever, but I just need the most basic sendmail for this purpose. I've set everything up and sendmail is now listening on the various optional ports: Code: # netstat -ptan | grep sendmail tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 12270/sendmail: acc tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 12270/sendmail: acc tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 12270/sendmail: acc I'm pretty sure everything is setup right, including certificates (how can I verify they are ok?). I've created a standard Linux user (useradd) for authentication - that ought to work with PAM right? So why can't I authenticate with this user? Code: # grep -v ^dnl /etc/mail/sendmail.mc divert(-1)dnl include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`setup for linux')dnl OSTYPE(`linux')dnl define(`confLOG_LEVEL', `90')dnl define(`confDEF_USER_ID', ``8:12'')dnl define(`confTO_CONNECT', `1m')dnl define(`confTRY_NULL_MX_LIST', `True')dnl define(`confDONT_PROBE_INTERFACES', `True')dnl define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl define(`ALIAS_FILE', `/etc/aliases')dnl define(`STATUS_FILE', `/var/log/mail/statistics')dnl define(`UUCP_MAILER_MAX', `2000000')dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl define(`confAUTH_OPTIONS', `A p')dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl define(`confTO_IDENT', `0')dnl FEATURE(`no_default_msa', `dnl')dnl FEATURE(`smrsh', `/usr/sbin/smrsh')dnl FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl FEATURE(use_ct_file)dnl FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl FEATURE(`blacklist_recipients')dnl EXPOSED_USER(`root')dnl DAEMON_OPTIONS(`Port=smtp,Name=MTA')dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl FEATURE(`accept_unresolvable_domains')dnl LOCAL_DOMAIN(`localhost.localdomain')dnl MAILER(smtp)dnl MAILER(procmail)dnl But when I add my server to Gmail they say: "We are having trouble authenticating with your other mail service. Please try a different port or connection option. If you continue to experience difficulties, please contact your other email provider for further instructions.", and when I look in the logfile I get following: Code: Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-vpsxxx.xxx.net Hello mail-vw0-f44.google.com [209.85.212.44], pleased to meet you Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-ENHANCEDSTATUSCODES Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-PIPELINING Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-8BITMIME Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-SIZE Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-DSN Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-AUTH EXTERNAL Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250-DELIVERBY Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 250 HELP Jul 12 07:23:02 localhost sendmail[30074]: STARTTLS=read, info: fds=7/4, err=2 Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: <-- QUIT Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: --- 221 2.0.0 vpsxxx.xxx.net closing connection Jul 12 07:23:02 localhost sendmail[30074]: STARTTLS=server, SSL_shutdown not done Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: in background, pid=30074 Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: mail-vw0-f44.google.com [209.85.212.44] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: dropenvelope, e_flags=0x4001, OpMode=d, pid=30074 Jul 12 07:23:02 localhost sendmail[30074]: p6C7N2qv030074: unlock Jul 12 07:23:02 localhost sendmail[30074]: NOQUEUE: finis, pid=30074 Any idea what I'm doing wrong here? I mean, obviously there's a problem with that STARTTLS thing, but what? It is certainly supported by the server: Code: # telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 vpsxxx.xxx.net ESMTP Sendmail 8.13.8/8.13.8; Tue, 12 Jul 2011 09:57:12 GMT ehlo there 250-vpsxxx.xxx.net Hello localhost.localdomain [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-STARTTLS 250-DELIVERBY 250 HELP
The problem is that you use Sendmail which is really hard to configure - you need to be a real expert to do this. It is years ago that I last worked with Sendmail (using Postfix instead).
Hm, actually I'm quite comfortable with Sendmail (even if I hit a snag this time) but unfamiliar with Postfix. Any howto you can recommend with Postfix proving this solution? Any searches for Postfix and Gmail comes up with a stack of solutions for the opposite problem (using gmail's smtp servers to relay mail).
Ok, so I removed sendmail and installed postfix, that was easy enough, but didn't bring me any further than before. The thing is, as I explained in the first post, this is supposed to be an outgoing relay for Gmail only, in order to get rid of the "send on behalf of" annoyance in Gmail. Many howto's discuss how to setup postfix with dovecot or cyrus-imap, but as there will not be any incoming mail to this server I don't want to have this unnecessary software installed. I have cyrus-sasl installed and it is (default) configured to use pam. This is fine with me as pam is supposed to be able to handle authentication through /etc/password (/etc/shadow) - but I can't find anywhere explaining how to configure this to work.
Take a look here: http://www.howtoforge.com/forums/showthread.php?p=105989 http://ubuntu-tutorials.com/2008/11/11/relaying-postfix-smtp-via-smtpgmailcom/
Thanks but that again address the opposite of what I need. This explains how to relay your own mail through Google's smtp server. I want to route Gmail through my own server as explained in my first post.
I'm still trying to setup this mailserver to act as a mail relay for Gmail. There must be at least 10,000 howto's on the internet explaining how to relay your outgoing mail through gmail. I can see how this could be handy for those with a Linux on a PC with dynamic IP where they need a "real" smtp server to relay the outgoing mail, but I have the opposite problem. I want to avoid Gmails "sent on behalf of" which frankly is lame, and relay my outgoing mail through my vps server. I changed to postfix as recommended, as I was advised that sendmail was too complicated, but I frankly don't see postfix being any less complicated than sendmail. I have both setup as simple mail servers, able to handle outgoing mail originating on the server (i.e. through web forms etc) and it is correctly blocking relaying of mail that shouldn't be relayed. What I need is a simple howto explaining how to configure standard saslauth (using the standard cyrus saslauth as it comes with Centos) so that I can relay my gmail through my own smtp server. There are bits and pieces everywhere but it's like trying to watch a large painting through a toilet paper roll.
Here is one that seems to make an attempt. It appears to be from 2004. 19 pages, with arrows, highlights, boxes, cross-references and written by a German (I don't have a problem with Germans but they tend to be a tad verbose and this one is certainly no exception) The first 9 pages goes with small talk about why we want to do this, and how to compile sendmail and saslauth from scratch. Have these guys not heard of yum? Finally on page 11 we start getting a little meat - http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_configuration.html - but check it out, endless yatter with multicolored boxes adding to the confusion. How about just explaining in simple text what you need to add to which files and then let that be it?
Here's another, slightly better one: http://thomer.com/howtos/postfix_sasl.html. It's only from 2009 but alas, was made for Debian. But, alas, it doesn't work either. For a start it doesn't even listen on port 587 (TLS).