Linux Sendmail automation and Comcast.net, How to setup?
Did you face this issue “550 5.7.1 [BL21] Connections not accepted from IP addresses on Spamhaus PBL”?
Follow the note, you will resolve the issue. I got it working in 10 minutes!
Yahoo says (http://help.yahoo.com/l/au/yahoo7/mail/postmaster/550-bl21.html) “In our continuing efforts to protect our users from unsolicited email, Yahoo! Mail does not accept SMTP connections from dynamic or residential IP addresses, as determined by the Spamhaus PBL. If you are seeing this error message, please do not retry sending your message using the same IP address. Instead, please contact your ISP for information on which SMTP server you are authorized to use for your outbound email.
If you think that your IP address has been listed in error, you or your email administrator should contact Spamhaus. Once your IP is de-listed by Spamhaus, Yahoo! Mail will automatically unblock your IP within 48 hours”.
Recently Comcast changed it’s sending mail port from port 25 to port 587 for some (???) end users. It got a little long and detracted from the main subject of this page.
I’m now also able to use Gmail with sendmail. This is my current working setup.
Now for Sendmail, it’s a lot more complicated than just changing a mail sending port number from 25 to 587. There are things to check and lots of little configuration changes to make. Before you start wondering why are you going through this exercise remember that with power comes responsibility. Sendmail is very power. So lets start with the files you will need to change:
* /etc/mail/auth/client-info
This is where the files are on my Linux box (Fedora FC 6). Changes I made to /etc/mail/sendmail.mc (added to the end of the file):
define(`SMART_HOST’,`smtp.comcast.net’)
define(`RELAY_MAILER_ARGS’, `TCP $h 587′)
define(`ESMTP_MAILER_ARGS’, `TCP $h 587′)
define(`confAUTH_MECHANISMS’, `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
FEATURE(`authinfo’,`hash /etc/mail/auth/client-info’)dnl
FEATURE(`no_default_msa’,`dnl’)dnl
FEATURE(`smrsh’,`/usr/sbin/smrsh’)dnl
FEATURE(`mailertable’,`hash -o /etc/mail/mailertable.db’)dnl
FEATURE(`virtusertable’,`hash -o /etc/mail/virtusertable.db’)dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
MASQUERADE_AS(`comcast.net’)dnl
FEATURE(masquerade_envelope) FEATURE(genericstable, `hash -o /etc/mail/genericstable’)
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain’)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
Later I’ll explain the virtusertable and mailertable entries. I needed all of that so other devices throughout my network can send email to my local machines or to users on the internet.
Changes I made to /etc/mail/submit.mc (added to the end of the file):
If you don’t have an /etc/mail/auth directory, as root, create one like this:
# chmod 700 /etc/mail/auth
You won’t have the next client-info files so you’ll have to create it (with you favorite Unix editor). Change the permissions on the client-info file like this:
So as user_id@comcast.net I made the following entry in /etc/mail/auth/client-info:
AuthInfo:smtp.comcast.net “U:smmsp” “I:user_id” “P:password” “M:PLAIN”
AuthInfo:smtp.comcast.net:587 “U:smmsp” “I:user_id” “P:password” “M:PLAIN”
Remember to replace user_id with your Comcast email ID (your email addresse without the @comcast.net) and password with your email password. Also make sure that the client-info file has tight permissions so nobody can read your password.
How to compile it into a db file:
# makemap -r hash client-info.db < client-info
And finally make sure your running the latest cf files since your mc file changes:
# make
And lastly restart sendmail:
Changing the sender on outgoing email
One of the things I wanted to do was to correct the sender’s email address that was being used on outgoing email. I frequently have processes that send email and run as ‘other’ users on my server. What I’d like to see is instead of this:
* cookie!cookie!asterisk@comcast.net
I’d rather see this:
* ncherry@linuxha.com
That way if the mail ends up in the wrong place at least the person can reply and let me know that my mail was accidently received by them. The good news is that it’s not hard to do with Sendmail. Just add these lines to your /etc/mail/sendmail.mc file:
Now edit the /etc/mail/genericsdomain file and add the entries you want changed, like this:
cookie!cookie!asterisk ncherry@linuxha.com
Now compile it into a db file:
# makemap -r hash genericstable.db < genericstable
And finally make sure your running the latest cf files since your mc file changes:
# make
And lastly restart sendmail:
# service restart sendmail
Linux, Sendmail and Gmail
So far I haven’t attempted this with Gmail. I did have Sendmail working with my 1 and 1 web service for this site. Unfortunately when my home server crashed and it took out something (yes I have it backed up). You’ll need to use the alternate port 587 or 456, you need to have TLS correctly setup (I think this is my current problem with 1 and 1) and you’ll need to correctly setup your AuthInfo files. This means you’ll have to have OpenSSL installed, which I think is normally installed with most Linux distributions.
|
Incoming Mail (POP3) Server – requires SSL: |
pop.gmail.com
Use SSL: Yes |
|
Outgoing Mail (SMTP) Server – requires TLS: |
smtp.gmail.com (use authentication) Use Authentication: Yes Use STARTTLS: Yes (some clients call this SSL) Port: 465 or 587 |
| Account Name: | your Gmail username (including @gmail.com) |
| Email Address: | your full Gmail email address (username@gmail.com) |
| Password: | your Gmail password |
Notes:
For now this was a rush job to get this out while I still remember what I did. I’d also like to have a backup (Gmail) so if I run into further problems I can use Gmail instead. Lastly I’ll try to document what I did to change the return address from ncherry!cookie!cookie@comcast.net to ncherry@comcast.net. That really annoyed me for a while. I’m guessing that many others haven’t run into this problem as they’re probably not using UUCP. I’m not really using it but I do use .uucp as my home local domain. I have a DNS that resolves the entire .uucp domain (that’s in my home 
.
Latest:
* The SMTP Server is: smtp.comcast.net
* Click the click here for advanced sending options button. The port number should be 465 and the only boxes that should be checked are SMTP Server Requires Authentication and Save Password
Under Receiving Mail,the port number should be 110
Thanks, this was just the information I was looking for.
Take another look at the genericsdomain information you show. You “say” to edit the genericsdomain file, but then to turn the genericstable file into a hash. That was enough to confuse me. Cheers. Henk