cyrus-sasl aus den Ports installieren.
cyrus-imap aus den Ports installieren und konfigurieren.
# su # cd # wget ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.11.4.tar.gz # tar xzfv sendmail.8.11.4.tar.gz # cd sendmail-8.11.4/devtools/Site # vi site.config.m4 APPENDDEF(`conf_sendmail_ENVDEF', `-DTCPWRAPPERS') APPENDDEF(`conf_sendmail_LIBS', `-lwrap')" APPENDDEF(`conf_sendmail_ENVDEF', `-DNETINET6') APPENDDEF(`conf_libmilter_ENVDEF', `-DNETINET6') APPENDDEF(`conf_mail_local_ENVDEF', `-DQUEUE_ONLY') APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_O_T') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_1') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_TOREK') APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto') APPENDDEF(`conf_sendmail_ENVDEF', `-I/usr/local/include/sasl') APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_UNSAFE_SASL -D_FFR_SASL_OPTS') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') APPENDDEF(`conf_sendmail_LIBS', `-lsasl') define(`confSTDIO_TYPE', `portable') APPENDDEF(`confENVDEF', `-U_FFR_TLS_TOREK -DSFIO') APPENDDEF(`confINCDIRS', `-I/usr/local/include/sfio') APPENDDEF(`confINCDIRS', `-I/usr/local/include') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') APPENDDEF(`confLIBS', `-lsfio') APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER=1') APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_MILTER=1') APPENDDEF(`confMAPDEF', `-DLDAPMAP') APPENDDEF(`confLIBS', `-lldap -llber') # cd ../.. # sh Build # sh Build install # cd cf/cf # vi config.mc divert(-1) # Config file VERSIONID(`$Id: sendmail-sasl.html,v 1.2 2001/10/08 16:05:52 mic Exp $')dnl OSTYPE(bsd4.4)dnl DOMAIN(generic)dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')dnl define(`confPRIVACY_FLAGS', `authwarnings,needmailhelo,noexpn,novrfy')dnl define(`confTO_CONNECT', `1m')dnl define(`confTO_QUEUERETURN', `4d')dnl define(`confTO_QUEUEWARN', `4h')dnl define(`ALIAS_FILE', `/etc/mail/aliases')dnl define(`confAUTH_MECHANISMS',`CRAM-MD5 DIGEST-MD5 LOGIN PLAIN')dnl define(`CYRUS_MAILER_FLAGS', `SA5@w|')dnl define(`CYRUS_BB_MAILER_FLAGS', `S')dnl define(`confLOCAL_MAILER', `cyrus')dnl define(`CYRUS_MAILER_PATH',`/usr/local/cyrus/bin/deliver')dnl define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl define(`confCACERT_PATH', `/etc/mail/certs/netbase')dnl define(`confCACERT', `CERT_DIR/DEIN_CERTIFICATE_DIR/CAcert.pem')dnl define(`confSERVER_CERT', `CERT_DIR/DEIN_CERTIFICATE_DIR/cert.pem')dnl define(`confSERVER_KEY', `CERT_DIR/DEIN_CERTIFICATE_DIR/key.pem')dnl TRUST_AUTH_MECH(`LOGIN PLAIN')dnl FEATURE(`domaintable')dnl FEATURE(`genericstable')dnl FEATURE(`mailertable')dnl FEATURE(`redirect')dnl FEATURE(`use_cw_file')dnl FEATURE(`access_db')dnl FEATURE(`blacklist_recipients')dnl FEATURE(`virtusertable')dnl FEATURE(`dnsbl')dnl FEATURE(`delay_checks')dnl MAILER(local)dnl MAILER(`smtp') MAILER(`cyrus') LOCAL_RULE_0 R$=N $: $#local $: $1 R$=N < @ $=w . > $: $#local $: $1 Rbb + $+ < @ $=w . > $#cyrusbb $: $1 # m4 ../m4/cf.m4 config.mc >> config.cf # cp config.cf /etc/mail/sendmail.cf # cd /etc/mail # /usr/src/crypto/openssl/apps/CA.pl -newca # /usr/src/crypto/openssl/apps/CA.pl -newreq # /usr/src/crypto/openssl/apps/CA.pl -sign # mkdir /etc/mail/DEIN_CERTIFICATE_DIR # cp demoCA/cacert.pem DEIN_CERTIFICATE_DIR/CAcert.pem # cp newcert.pem DEIN_CERTIFICATE_DIR/cert.pem # cp newreq.pem DEIN_CERTIFICATE_DIR/key.pem # chmod 400 DEIN_CERTIFICATE_DIR/key.pem # kill -1 `cat /var/run/sendmail.pid`
# cd cyrus-sasl-xxxx # ./configure --enable-login # make # make install # ln -s /usr/local/lib/sasl /usr/lib/sasl # cd /usr/local/lib/sasl # vi Sendmail.conf
pwcheck_method: passwd sasldb
# cd sendmail-xxxx # cd devtools/Site # vi site.config.m4
APPENDDEF(`confENVDEF', `-DSASL') APPENDDEF(`confMAPDEF', `-DLDAPMAP') APPENDDEF(`conf_sendmail_LIBS', `-lsasl') APPENDDEF(`confLIBS', `-lldap -llber') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib') APPENDDEF(`confINCDIRS', `-I/usr/local/include')
# cd ../../cf/cf # vi config.mc
divert(-1) # # Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # By using this file, you agree to the terms and conditions set # # # This is a generic configuration file for 4.4 BSD-based systems, # including 4.4-Lite, BSDi, NetBSD, and FreeBSD. # It has support for local and SMTP mail only. If you want to # customize it, copy it to a name appropriate for your environment # and do the modifications there. # divert(0)dnl VERSIONID(`$Id: sendmail-sasl.html,v 1.2 2001/10/08 16:05:52 mic Exp $')dnl OSTYPE(bsd4.4)dnl DOMAIN(generic)dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')dnl define(`confPRIVACY_FLAGS', `authwarnings,needmailhelo,noexpn,novrfy')dnl define(`confTO_CONNECT', `1m')dnl define(`confTO_QUEUERETURN', `4d')dnl define(`confTO_QUEUEWARN', `4h')dnl define(`confAUTH_MECHANISMS',`CRAM-MD5 DIGEST-MD5 LOGIN PLAIN')dnl TRUST_AUTH_MECH(`CRAM-MD5 DIGEST-MD5 LOGIN PLAIN')dnl FEATURE(`domaintable')dnl FEATURE(`genericstable')dnl FEATURE(`mailertable')dnl FEATURE(`redirect')dnl FEATURE(`use_cw_file')dnl FEATURE(`access_db')dnl FEATURE(`blacklist_recipients')dnl FEATURE(`virtusertable')dnl FEATURE(`dnsbl')dnl FEATURE(`delay_checks')dnl MAILER(local)dnl MAILER(smtp)dnl
# sh Build config.cf
oder: was auch geht: # m4 ../m4/cf.m4 config.mc > config.cf
# cd ../.. # sh Build # sh Build install # vi /etc/make.conf
NO_SENDMAIL=true
Das verhindert, dass bei einem neu kompilieren des gesamten Systems das gerade erzeugte Sendmail vom FreeBSD-Sendmail ueberschrieben wird.
# cp cf/cf/config.cf /etc/mail/sendmail.cf # cp /etc/aliases /etc/mail/ # newaliases # kill -1 `cat /var/run/sendmail.pid`
# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.t0.or.at. Escape character is '^]'. 220 chuck.t0.or.at ESMTP Sendmail 8.10.1/8.10.1; Mon, 17 Apr 2000 18:31:54 +0200 (CEST) ehlo localhost 250-chuck.t0.or.at Hello localhost.t0.or.at [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-SIZE 250-DSN 250-ONEX 250-ETRN 250-XUSR 250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN PLAIN 250 HELP quit
Wenn man 250-AUTH mit den dazugehoerigen Mechanismen bekommt, dann hats geklappt!
Manchmal ist es recht praktisch zu wissen, mit welchen Optionen das Sendmail kompiliert wurde. Dies erreicht man mit folgendem Befehl:
# sendmail -d0.1 -bt < /dev/null
Version 8.10.1
Compiled with: LDAPMAP MAP_REGEX LOG MATCHGECOS MIME7TO8 MIME8TO7
NAMED_BIND NETINET NETUNIX NEWDB NIS QUEUE SASL SCANF SMTP
USERDB XDEBUG
============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = chuck
(canonical domain name) $j = chuck.t0.or.at
(subdomain name) $m = t0.or.at
(node name) $k = chuck.t0.or.at
========================================================
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Unterstuetzte sasl-Clients:
Die Referenz schlechthin: Die Newsgroup fuer alle notwendigen Fragen:$Id: sendmail-sasl.html,v 1.2 2001/10/08 16:05:52 mic Exp $