sendmail と SMTP 認証
2010-11-22 作成 福島
2011-05-31 更新 福島
TOP > tips > sendmail-sasl 
・sendmail ソース tar ボールの展開

$ tar xzf sendmail.8.13.8.tar.gz
$ cd sendmail-8.13.8

・コンパイル条件のカスタマイズ

sendmail-8.13.8$ cat > devtools/Site/site.config.m4



APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')


・コンパイル&インストール

sendmail-8.13.8$ ./Build -c
sendmail-8.13.8$ su
sendmail-8.13.8# ./obj.Linux.2.4.18-3.i586/sendmail/sendmail -d0.1 -bv root



Version 8.13.8
 Compiled with: DNSMAP LOG MATCHGECOS MILTER MIME7TO8 MIME8TO7
                NAMED_BIND NETINET NETUNIX NEWDB PIPELINING SASL SCANF USERDB
                XDEBUG

============ SYSTEM IDENTITY (after readcf) ============
      (short domain name) $w = mail
  (canonical domain name) $j = mail.example.com
         (subdomain name) $m = example.com
              (node name) $k = mail
========================================================

root... deliverable: mailer local, user root
※"Compiled with:" に SASL があること。

sendmail-8.13.8# ./Build install
sendmail-8.13.8# exit
sendmail-8.13.8$

・sendmail.cf の作成

sendmail-8.13.8$ cd cf/cf
sendmail-8.13.8/cf/cf$ vi mydomain.mc

〜 省略 〜
TRUST_AUTH_MECH(`LOGIN PLAIN')
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')
〜 省略 〜
※ SMTP 認証の種類を追加する。

sendmail-8.13.8/cf/cf$ m4 ./mydomain.mc > sendmail.cf
sendmail-8.13.8/cf/cf$ su
sendmail-8.13.8/cf/cf# mv sendmail.cf /etc/mail/.

・sendmail の起動

sendmail-8.13.8/cf/cf# /etc/rc.d/init.d/sendmail start
sendmail-8.13.8/cf/cf# exit
sendmail-8.13.8/cf/cf$ cd
$ 

・SMTP 認証の確認

$ cat /etc/sysconfig/saslauthd

# Directory in which to place saslauthd's listening socket, pid file, and so
# on.  This directory must already exist.
SOCKETDIR=/var/run/saslauthd

# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=pam

# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS=

$ chkconfig --list saslauthd

saslauthd       0:off   1:off   2:on    3:on    4:on    5:on    6:off

$ ps ax | grep saslauthd | grep -v grep

10293 ?        Ss     0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10294 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10295 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10297 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10298 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam

$ perl -MMIME::Base64 -e 'print encode_base64("user\0user\0password");'

dXNlcgB1c2VyAHBhc3N3b3Jk
※ SMTP 認証用のユーザ ID とパスワードを MIME 符号に変換しておく。

$ telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 22 Nov 2010 01:27:11 +0900
ehlo localhost
250-mail.example.com Hello mail [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
auth plain dXNlcgB1c2VyAHBhc3N3b3Jk
235 2.0.0 OK Authenticated
mail from: from-user@example.com
250 2.1.0 from-user@example.com... Sender ok
rcpt to: to-user@example.com
250 2.1.5 to-user@example.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
test1
.
250 2.0.0 oALGRBPW005402 Message accepted for delivery
quit
221 2.0.0 mail.example.com closing connection
Connection closed by foreign host.

http://www.rbl.jp/svcheck.php