Setting up SMTP-AUTH in Gentoo
The following sets up SMTP-AUTH for sendmail on a sendmail system using SASL. To start with, I found this bug on gentoo.org which discussing a few missing steps I included in here. I presume this issue will eventually be fixed in the sendmail ebuild. http://bugs.gentoo.org/144060
- emerge sendmail, include USE flags with "ssl sasl"
- create a pem file /etc/ssl/certs/sendmail.pem
- add the following to sendmail.mc
define(`confAUTH_OPTIONS', `A')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
define(`confCACERT_PATH', `/etc/ssl/certs')dnl
define(`confCACERT', `/etc/ssl/certs/sendmail.pem')dnl
define(`confSERVER_CERT', `/etc/ssl/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/ssl/certs/sendmail.pem')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
DAEMON_OPTIONS(`Port=smtps, Name=SSLMTA, M=s')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
- sometimes have to change SSLMTA to TLSMTA inside of DAEMON_OPTIONS
- add the Sendmail.conf for sasl in /etc/sasl2/Sendmail.conf
pwcheck_method: saslauthd
mech_list: login plain
- add the pam config in /etc/pam.d/smtp
# created by me
auth required pam_nologin.so
auth include system-auth
account include system-auth
- rc-update add saslauthd default
- rc-update add sendmail default