# sendmail and SMTP AUTH



## Scooby-Doo (Dec 5, 2012)

Hello all.

I am trying to get my machine to send mail through my ISP's smtp server. I have referred to a number of how-to's, namely section 29.10-SMTP Authentication, and the link at the bottom of that section - "Using sendmail as a client with AUTH." I have added the lines to files and followed the steps as instructed:

/etc/mail/auth/client-info file:


```
AuthInfo:smtpout.secureserver.net "U:root" "I:user@account.com" "P:mypassword"
```

hostname.mc file:


```
define(`SMART_HOST',`smtpout.secureserver.net')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 80')dnl
```

Then in /etc/mail did *make all install* and finally restarted sendmail.

Unfortunately, none of my test messages (using mail or mutt) are reaching their destination. I am a total rookie at this and so have no idea if the messages are reaching the smtp server or if I have even made the correct changes.

I was able to get it going with ssmtp but that required sendmail to be disabled. However, I've been using fetchmail to download my mail which required sendmail to be active (I think?). So that's why I figured I'd have to use SMTP AUTH if I wanted to continue using fetchmail.

BTW, I added the 4th line in the hostname.mc file above to specify port 80 because I had to specify that port when I was using ssmtp (though I'm not sure if it's necessary here).

Anything to help me get this going would be greatly appreciated!


----------



## GFED (Dec 10, 2012)

I'm having the same problem... even after going through the steps here http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html and installing cyrus and recompiling sendmail. Only thing I see wrong in your configuration is the port 80 should be 465 or 587. I've exhausted Google search in looking for a working tutorial that will enable outgoing mail on my freebsd server.


----------



## usdmatt (Dec 10, 2012)

I'm not in a position to try this at the moment but it would be nice to know how to do it so I'll give a few possible pointers. Documentation on this stuff is barely available and I can't find anything on the correct format for the auth-info file.

Anyway, I do believe you have to enable SASL support as mentioned in the handbook although the handbook instructions are mainly aimed at allowing users to auth using Sendmail as the server, not Sendmail as the client.

I'm not sure whether that RELAY_MAILER_ARGS works or not but smtpout.secureserver.net does appear to be listening on port 25 so you may be able to remove that (if you have no firewall blocking port 25).

You need the FEATURE(`authinfo'... line but the client-info file needs to be turned into a hash.


```
# cd /etc/mail
# makemap hash client-info < client-info
```

I really can't find anything concrete on the format of this file, but the page below suggests that U: should be the smtp username, which you currently have in the I: field. I have no idea what I: is used for (or whether the page below is right).
http://cri.ch/linux/docs/sk0009.html

So basically what I would suggest to try is:

Rebuild Sendmail with SASL support, basically following the handbook to the word
As well as the extra sendmail config specified in the handbook, add the authinfo feature and smart host
Make the client-info file containing the SMTP user & password in U/P fields and run makemap
Restart Sendmail and hope


----------



## kpa (Dec 10, 2012)

I'm pretty sure the U: is the user name of the sending process, in this case root since the smtp client part of sendmail runs as root. The I: is the account name on the relay host and the P: is the password.


----------



## wblock@ (Feb 21, 2013)

Almost every document on the web is either years outdated, or happily answers questions that have not been asked, like how to set up sendmail to receive smtpauth.

Things I'm fairly sure about: Sendmail 8.14 does not need a separate file, just put the auth info in /etc/mail/access:


```
AuthInfo:your.isp.mail.server "U:username" "I:userauthname" "P:password" "M:method"
```

The difference between U: and I: is not clear to me.  Trial and error could show that, but comparing tcpdump(1) output from Thunderbird and sendmail shows that Thunderbird sends AUTH LOGIN and sendmail does not.

I think SASL is needed if you want sendmail to accept smtpauth.  But I don't know about that, or whether extra features are needed in the mc file.


----------



## wblock@ (Feb 21, 2013)

Further testing got it working.  security/cyrus-sasl2 does need to be installed, along with the changes to /etc/make.conf and the .mc file shown in the Handbook chapter.


----------

