eccerr0r Watchman
Joined: 01 Jul 2004 Posts: 9679 Location: almost Mile High in the USA
|
Posted: Wed Apr 24, 2013 3:14 pm Post subject: Sendmail SASL over START-TLS |
|
|
Has anyone gotten this working?
What I have:
I run sendmail on my server. It works for sending and receiving mail on this machine, and will relay just fine as long as the source is on my subnet or localhost. My machine has a true static IP and has forward/reverse DNS matching.
I'm tryiing to run dovecot as a IMAP server. This seems to work, I can login and get my mail, however...
What I'd like:
I'd like to be able to start an SSL session and authenticate when I'm using my cellphone or laptop when I'm out and about. I can't send mail through my server as it notices my remote clients having the wrong IP address. With authentication I'd like remote users to be able to also relay mail. However anyone not on my subnet should still be allowed to send mail to my own mail server without authentication.
What I don't want:
I could just disable relay checking... but I don't want my machine to be a spam hub :)
Anyone have a sendmail.mc that seems to work?
Currently I'm just using my openvpn certificate but later I'll make sendmail have its own certificate signed by my CA. (And of course I could just VPN into my network and send mail that way, but what's the fun in that?)
Code: | dnl These are for authentication so that remote clients can use our sendmail
define(`confAUTH_OPTIONS', `A p y')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN EXTERNAL DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN EXTERNAL DIGEST-MD5 CRAM-MD5')dnl
define(`CERT_DIR',`/etc/openvpn/default') dnl
define(`confCACERT_PATH',`/etc/openvpn/default')dnl
define(`confCACERT',`/etc/openvpn/default/ca.crt')dnl
define(`localCERT', `/etc/openvpn/default/server.crt')dnl
define(`localKEY', `/etc/openvpn/default/server.key')dnl
define(`confCLIENT_CERT',`localCERT')dnl
define(`confCLIENT_KEY',`localKEY')dnl
define(`confSERVER_CERT',`localCERT')dnl
define(`confSERVER_KEY',`localKEY')dnl
dnl define(`confCRL',`/etc/openvpn/default/ca.crl')dnl
|
_________________ Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|