Tuesday, March 17, 2009

GMail as smarthost for Solaris Sendmail

In this article, I am publishing my experience with gmail as smarthost configuration for a Solaris box at home.

I tried this one on a X86 based Solaris 10 box at home.

VERY IMPORTANT: READ IT CAREFULLY!: Please note that this is NOT a professional installation/configuration or even standard way of configuration of email for any "professional" use. During this experiment, I found that yahoo mail does not support mails from such source. If this is the case, then I doubt that many other mail sites also will not accept mails from this kind of setup. However, I could send mails to other gmail users. With that said, this may be a solution for gmail users but not for any other users... rest you may try and let me know :-)



# ping gmail.com
gmail.com is alive

# cat /etc/resolv.conf
nameserver 192.168.1.1

# ifconfig -a
lo0: flags=2001000849 mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000
sfe0: flags=1000843 mtu 1500 index 2
        inet 192.168.1.2 netmask ffffff00 broadcast 192.168.15.255
        ether 0:e0:18:87:98:df

# /usr/sbin/dig -t mx gmail.com

; <<>> DiG 9.3.4-P1 <<>> -t mx gmail.com
;; global options:  printcmd
;; connection timed out; no servers could be reached


# cat /etc/hosts
#
# Internet host table
#
127.0.0.1       localhost
::1     localhost
192.168.1.2  hawaii.tstserver.com     hawaii  loghost


# echo "nameserver     208.67.222.222" >> /etc/resolv.conf
# echo "nameserver     208.67.220.220"  >> /etc/resolv.conf

# /usr/sbin/dig -t mx gmail.com

; <<>> DiG 9.3.4-P1 <<>> -t mx gmail.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1309
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;gmail.com.                     IN      MX

;; ANSWER SECTION:
gmail.com.              2671    IN      MX      5 gmail-smtp-in.l.google.com.
gmail.com.              2671    IN      MX      10 alt1.gmail-smtp-in.l.google.com.
gmail.com.              2671    IN      MX      20 alt2.gmail-smtp-in.l.google.com.
gmail.com.              2671    IN      MX      30 alt3.gmail-smtp-in.l.google.com.
gmail.com.              2671    IN      MX      40 alt4.gmail-smtp-in.l.google.com.

;; Query time: 34 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Mar 16 21:27:59 2009
;; MSG SIZE  rcvd: 150


# echo "DIG command output is now as it should be"
DIG command output is now as it should be

NOTE: Take the backup of /etc/mail original directory (just in case if you want to restore original settings):

# cp -pr /etc/mail /export/home/admin_stuff/mail-BAK

# svcs -a | grep -i mail
online         13:21:20 svc:/network/smtp:sendmail
 
# ps -eaf | grep -i mail
    root   624     1   0 13:21:25 ?           0:01 /usr/lib/sendmail -bd -q15m
   smmsp   625     1   0 13:21:25 ?           0:00 /usr/lib/sendmail -Ac -q15m

# cd /etc/mail

# ls -l
-rw-r--r--   1 root     bin         1423 Feb 28  2008 aliases
-rw-r-----   1 root     smmsp      40960 Aug 10  2008 aliases.db
drwxr-xr-x   9 root     mail         512 Aug 10  2008 cf
-rw-r--r--   1 root     bin         5449 Dec 21  2006 helpfile
-r--r--r--   1 root     bin        39953 Feb 28  2008 local.cf
-rw-r--r--   1 root     bin            0 Feb 28  2008 local-host-names
-rw-r--r--   1 root     bin          163 Jan 21  2005 Mail.rc
-rw-r--r--   1 root     bin         1839 Feb 28  2008 mailx.rc
lrwxrwxrwx   1 root     root          11 Aug 10  2008 main.cf -> sendmail.cf
-r--r--r--   1 root     bin        39875 Feb 28  2008 sendmail.cf
lrwxrwxrwx   1 root     root           8 Aug 10  2008 sendmail.hf -> helpfile
-r--r--r--   1 root     bin        40259 Oct 31 23:46 submit.cf
lrwxrwxrwx   1 root     root          11 Aug 10  2008 subsidiary.cf -> sendmail.cf
-rw-r--r--   1 root     bin            5 Feb 28  2008 trusted-users

# cd cf/cf/
# pwd
/etc/mail/cf/cf
 
# ls -l
total 264
-r--r--r--   1 root     mail       39953 Aug  8  2007 local.cf
-r--r--r--   1 root     mail        1814 Dec 21  2006 local.mc
lrwxrwxrwx   1 root     root          11 Aug 10  2008 main.cf -> sendmail.cf
lrwxrwxrwx   1 root     root          11 Aug 10  2008 main.mc -> sendmail.mc
-r--r--r--   1 root     mail        3298 Dec 21  2006 Makefile
-r--r--r--   1 root     mail       39875 Aug  8  2007 sendmail.cf
-r--r--r--   1 root     mail        1187 Jan 21  2005 sendmail.mc
-r--r--r--   1 root     mail       40216 Aug  8  2007 submit.cf
-r--r--r--   1 root     mail         843 Jan 21  2005 submit.mc
lrwxrwxrwx   1 root     root          11 Aug 10  2008 subsidiary.cf -> sendmail.cf
lrwxrwxrwx   1 root     root          11 Aug 10  2008 subsidiary.mc -> sendmail.mc

Add the following lines in /etc/mail/cf/cf/local.mc file.

# ----------FOLLOWING IS ADDED FOR GMAIL CONFIGURATION ------------------------
define(`SMART_HOST',`smtp.gmail.com')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/CAcert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
# --------------END OF SPECIAL CONFIGURATION FOR GMAIL ------------------------

# mkdir /etc/mail/auth
# touch /etc/mail/auth/client-info
 
# cat /etc/mail/auth/client-info
AuthInfo:smtp.gmail.com "U:root" "I:somemailid@gmail.com" "P:password_of_somemailid"
 
# cd /etc/mail/auth

# pwd
/etc/mail/auth

# ls -l
-rw-r--r--   1 root     root          75 Mar 16 22:39 client-info

# /usr/sbin/makemap hash client-info < client-info
 
# ls -l
-rw-r--r--   1 root     root          75 Mar 16 22:39 client-info
-rw-r-----   1 root     root       24576 Mar 16 22:40 client-info.db

# chown -R root:mail /etc/mail/auth
# chmod 700 /etc/mail/auth
# chmod 600 /etc/mail/auth/*
# ls -l
-rw-------   1 root     mail          75 Mar 16 22:39 client-info
-rw-------   1 root     mail       24576 Mar 16 22:40 client-info.db

# mkdir /etc/mail/certs
# cd /etc/mail/certs
# pwd
/etc/mail/certs

# /usr/sfw/bin/openssl dsaparam 1024 -out dsa1024.pem
Generating DSA parameters, 1024 bit long prime
This could take some time
.....+++++++++++++++++++++++++++++++++++++++++++++++++++*
.+............+.+.........+.........+.............+..........+........+..........+.......................+.+.+......+....+.+..+.. 
.+................+..+.....+...+........+........+.+.......+..........+............+...........+........................+......+. 
....+............+.................+.....+..+.+...+.................+..+...+.+..............+..................+.+....+..+......+ 
..+..................+.....+.+...+.................+.....+.............+..........+..+.....+.+................................... 
..........+........+............+.....+.........+++++++++++++++++++++++++++++++++++++++++++++++++++*

# ls -l
-rw-r--r--   1 root     root         455 Mar 16 22:46 dsa1024.pem

# /usr/sfw/bin/openssl req -x509 -nodes -days 3650 -newkey dsa:dsa1024.pem -out /etc/mail/certs/mycert.pem -keyout /etc/mail/certs/mykey.pem
Generating a 1024 bit DSA private key
writing new private key to '/etc/mail/certs/mykey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Unconfigured OpenSSL Installation]:PRIVATE HOME INSTALLATION
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
 
# ls -l
-rw-r--r--   1 root     root         455 Mar 16 22:46 dsa1024.pem
-rw-r--r--   1 root     root        1322 Mar 16 22:49 mycert.pem
-rw-r--r--   1 root     root         668 Mar 16 22:49 mykey.pem
 
# rm dsa1024.pem
# chown -R root:mail .
# chmod 700 .
# chmod 600 *
# pwd
/etc/mail/certs

# ls -l
-rw-------   1 root     mail        1322 Mar 16 22:49 mycert.pem
-rw-------   1 root     mail         668 Mar 16 22:49 mykey.pem
 
# pwd
/etc/mail/certs
# cd ..
# ls -l
-rw-r--r--   1 root     bin         1423 Feb 28  2008 aliases
-rw-r-----   1 root     smmsp      40960 Aug 10  2008 aliases.db
drwx------   2 root     mail         512 Mar 16 22:40 auth
drwx------   2 root     mail         512 Mar 16 22:50 certs
drwxr-xr-x   9 root     mail         512 Aug 10  2008 cf
-rw-r--r--   1 root     bin         5449 Dec 21  2006 helpfile
-r--r--r--   1 root     bin        39953 Feb 28  2008 local.cf
-rw-r--r--   1 root     bin            0 Feb 28  2008 local-host-names
-rw-r--r--   1 root     bin          163 Jan 21  2005 Mail.rc
-rw-r--r--   1 root     bin         1839 Feb 28  2008 mailx.rc
lrwxrwxrwx   1 root     root          11 Aug 10  2008 main.cf -> sendmail.cf
-r--r--r--   1 root     bin        39875 Feb 28  2008 sendmail.cf
lrwxrwxrwx   1 root     root           8 Aug 10  2008 sendmail.hf -> helpfile
-r--r--r--   1 root     bin        40259 Oct 31 23:46 submit.cf
lrwxrwxrwx   1 root     root          11 Aug 10  2008 subsidiary.cf -> sendmail.cf
-rw-r--r--   1 root     bin            5 Feb 28  2008 trusted-users




# pwd
/etc/mail/cf/cf

# /usr/ccs/bin/make
test ! -f sendmail.cf || /usr/bin/mv sendmail.cf sendmail.cf.prev
/usr/ccs/bin/m4 ../m4/cf.m4 sendmail.mc > sendmail.cf
 
# /usr/ccs/bin/make install
 
# ls -ltr
total 354
-r--r--r--   1 root     mail        1187 Jan 21  2005 sendmail.mc
-r--r--r--   1 root     mail         843 Jan 21  2005 submit.mc
-r--r--r--   1 root     mail        3298 Dec 21  2006 Makefile
-r--r--r--   1 root     mail        1814 Dec 21  2006 local.mc
-r--r--r--   1 root     mail       39875 Aug  8  2007 sendmail.cf.prev
-r--r--r--   1 root     mail       40216 Aug  8  2007 submit.cf
-r--r--r--   1 root     mail       39953 Aug  8  2007 local.cf
lrwxrwxrwx   1 root     root          11 Aug 10  2008 main.cf -> sendmail.cf
lrwxrwxrwx   1 root     root          11 Aug 10  2008 main.mc -> sendmail.mc
lrwxrwxrwx   1 root     root          11 Aug 10  2008 subsidiary.cf -> sendmail.cf
lrwxrwxrwx   1 root     root          11 Aug 10  2008 subsidiary.mc -> sendmail.mc
-rw-r--r--   1 root     root       40016 Mar 16 22:55 sendmail.cf

# pwd
/etc/mail/cf/cf

# /etc/init.d./sendmail stop
# /etc/init.d/sendmail start  # echo "Test" | mailx -s "Test" somegmailuser@gmail.com



Hurrah! Its working!!! I got the mail at somegmailuser@gmail.com from my system's command line.
Posted by Unix Geek at 9:46 AM
Labels: , , , ,

2 comments:

Anonymous said...

Thanks for your instructions.
Fyi: I could not follow them on OpenSolaris 2009.06 (with Sendmail 8.14). It seems to be looking for file /etc/mail/feature/authinfo.m4 which doesn't exist.

August 25, 2009 at 2:46 PM
Anonymous said...

Thanks! It helped.
...now looking to make it also x-reply-to and "from".

Tanks one more time.

November 19, 2010 at 2:05 PM

Post a Comment

Subscribe to: Post Comments (Atom)