sendmail と SMTP 認証
2010-11-22 作成 福島
2011-05-31 更新 福島
TOP > tips > sendmail-sasl
・sendmail ソース tar ボールの展開
$ tar xzf sendmail.8.13.8.tar.gz $ cd sendmail-8.13.8
・コンパイル条件のカスタマイズ
sendmail-8.13.8$ cat > devtools/Site/site.config.m4
APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl')
・コンパイル&インストール
sendmail-8.13.8$ ./Build -c sendmail-8.13.8$ su sendmail-8.13.8# ./obj.Linux.2.4.18-3.i586/sendmail/sendmail -d0.1 -bv root
Version 8.13.8
 Compiled with: DNSMAP LOG MATCHGECOS MILTER MIME7TO8 MIME8TO7
                NAMED_BIND NETINET NETUNIX NEWDB PIPELINING SASL SCANF USERDB
                XDEBUG

============ SYSTEM IDENTITY (after readcf) ============
      (short domain name) $w = mail
  (canonical domain name) $j = mail.example.com
         (subdomain name) $m = example.com
              (node name) $k = mail
========================================================

root... deliverable: mailer local, user root
※"Compiled with:" に SASL があること。 sendmail-8.13.8# ./Build install sendmail-8.13.8# exit sendmail-8.13.8$
・sendmail.cf の作成
sendmail-8.13.8$ cd cf/cf sendmail-8.13.8/cf/cf$ vi mydomain.mc
〜 省略 〜
TRUST_AUTH_MECH(`LOGIN PLAIN')
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')
〜 省略 〜
※ SMTP 認証の種類を追加する。 sendmail-8.13.8/cf/cf$ m4 ./mydomain.mc > sendmail.cf sendmail-8.13.8/cf/cf$ su sendmail-8.13.8/cf/cf# mv sendmail.cf /etc/mail/.
・sendmail の起動
sendmail-8.13.8/cf/cf# /etc/rc.d/init.d/sendmail start sendmail-8.13.8/cf/cf# exit sendmail-8.13.8/cf/cf$ cd $
・SMTP 認証の確認
$ cat /etc/sysconfig/saslauthd
# Directory in which to place saslauthd's listening socket, pid file, and so
# on.  This directory must already exist.
SOCKETDIR=/var/run/saslauthd

# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=pam

# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS=
$ chkconfig --list saslauthd
saslauthd       0:off   1:off   2:on    3:on    4:on    5:on    6:off
$ ps ax | grep saslauthd | grep -v grep
10293 ?        Ss     0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10294 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10295 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10297 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
10298 ?        S      0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
$ perl -MMIME::Base64 -e 'print encode_base64("user\0user\0password");'
dXNlcgB1c2VyAHBhc3N3b3Jk
※ SMTP 認証用のユーザ ID とパスワードを MIME 符号に変換しておく。 $ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 22 Nov 2010 01:27:11 +0900
ehlo localhost
250-mail.example.com Hello mail [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
auth plain dXNlcgB1c2VyAHBhc3N3b3Jk
235 2.0.0 OK Authenticated
mail from: from-user@example.com
250 2.1.0 from-user@example.com... Sender ok
rcpt to: to-user@example.com
250 2.1.5 to-user@example.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
test1
.
250 2.0.0 oALGRBPW005402 Message accepted for delivery
quit
221 2.0.0 mail.example.com closing connection
Connection closed by foreign host.
http://www.rbl.jp/svcheck.php