[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensolaris-discuss
Subject:    Re: [osol-discuss] [osol-help] Sendmail
From:       Hugh McIntyre <lists () mcintyreweb ! com>
Date:       2010-09-30 16:06:35
Message-ID: 4CA4B58B.9070401 () mcintyreweb ! com
[Download RAW message or body]

Kartik Vashishta wrote:
> I just got off the phone with the email admin here. Seems they have
> shut off the relaying feature (anti-spam effort). Only mailbox
> accounts can send and recieve mail. So looks like im not going to be
> able to use this or any internal mail server
> 
> I would like to try to
> configure my  server to route mail via an external ip while
> still using my local (internal) nameservers anyone know how i can do this? Thanks again

In general the local (internal) nameservers should not affect this.

I think you have three options if you want sendmail on a Solaris box to 
send mail via an Internet-connected mailserver:

1. If your Solaris box has a valid and predictable hostname via IP->name 
lookup which is within the domain the mail server supports (i.e. a 
static IP address with host sol.domain.com where the mailserver is for 
domain.com) then standard anti-relay setups should work without 
username/password.  But if you're connecting from a home DSL/cable 
connection via DHCP this probably won't work.  Note that this is the 
mail server's name lookup, not just the local Solaris box.

2. You can recompile sendmail with SASL support, because it's not 
enabled by default, and then use SASL config to configure the 
username/password that the mailserver needs.

3. If the email admin can configure the remote email server to allow 
authenticated TLS connections as well as the usual SASL 
(username/password) then you can use this, which is what I'm using here.

    - Notes on the Solaris setup from John Beck are here:
      http://blogs.sun.com/jbeck/entry/how_to_set_up_sendmail

    - In my case the remote mail server is running postfix and has
      "smtpd_recipient_restrictions = ..., permit_tls_clientcerts, ...",
      together with also configuring the necessary certificates.

The TLS case (3) requires the mail admin to install a SSL certificate 
for your host though, as well as you configuring this at the sending 
end, so your admin may or may not be willing to do this.

Hugh.
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
[prev in list] [next in list] [prev in thread] [next in thread]