3

I need to setup sendmail daemon as a simple store-and-forward mechanism to forward mails to our ISP.

I need to connect to the ISP SMTP server on port 465 using SSL/TLS and a username/password for authentication. This particular ISP (GoDaddy) does not - afaiu - support STARTTLS, only plain vanilla SSL/TLS. There's no proxy in order to connect to Internet.

What I want to achieve is to have an internal always-on SMTP that can accept e-mail even when our connection to Internet is down, the ISP is malfunctioning or whatever. The internal SMTP server would then hang onto the e-mail until it can be delivered to the external SMTP server. Also the internal SMTP server can be setup old-fashioned way on incoming side so that it will accept unencrypted and unauthenticated connections from internal net. This allows old applications that are only able to send e-mails this way (my company has an old Perl app that does this) through the internal SMTP server.

The sendmail I work with has the following abilities out-of-the-box:

Version 8.14.5+Sun
 Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
                MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB NIS
                PIPELINING SCANF STARTTLS TCPWRAPPERS USERDB USE_LDAP_INIT
                XDEBUG

I've been through a lot of blogs/mail lists but surprisingly haven't been able to find what I'm looking for. You would think that my use case is pretty common these days, but no.

These are problems that I have with the instructions I can find on the Net:

  • They are just plain old. Nothing wrong with that but many of them start out with "this is how you roll your own sendmail" or similar. I believe modern sendmail implementations (like the one I work with) are ok as installed.

  • They tell you how to setup a smart host but assume you connect to that host unencrypted and unauthenticated on port 25. I believe it is many years since anyone has operated an externally exposed SMTP server like that. Perhaps such example is not void in modern days but it confuses me what part of it I can use.

  • They do not adequately distinguish between the receiving side (incoming SMTP connection) and the sending side (outgoing SMTP connections) of the sendmail daemon. I don't care much about the receiving side. It is by default only open for incoming connections from localhost and that is fine with me. I do not need any form of authentication or encryption on the incoming side. (there are about a dozen methods I can protect the sendmail daemon so it only accepts connections from localhost, from a specific IP range or similar -- all that I know how to do, no worries). It is only the sendmail daemon's outgoing connections where I need to use SSL/TLS and username/password.

Anyone can point me in the right direction?

I'll be happy to post a full example once finished.

unixhacker2010
  • 557
  • i recommend to use postfix as MTA, and dovecot as MDA. – PersianGulf Sep 03 '12 at 18:48
  • Yeah, well, I'm forced to use sendmail as the applications that my company hosts (Wikis, CMS, etc) send their e-mail through sendmail, i.e. they call the sendmail executable when they send out their mail. – unixhacker2010 Sep 04 '12 at 08:56
  • 1
    You don't forced because : qmail, postfix and so on , they have sendmail command for compatibility with applications.So, you can use qmail , postfix , exim and etc.sendmail just a command name, careful to don't confuse to MTA name.each MTA has a sendmail command. – PersianGulf Sep 04 '12 at 16:52
  • forget exim at first, between qmail and postfix , choose postfix , i was qmail admin , for 2 years, it has problem for process management but postfix has a good process management as a master and master.cf is its configuration file. – PersianGulf Sep 08 '12 at 22:01

0 Answers0