Tuesday, March 17, 2009

GMail as smarthost for Solaris Sendmail

In this article, I am publishing my experience with gmail as smarthost configuration for a Solaris box at home.

I tried this one on a X86 based Solaris 10 box at home.

VERY IMPORTANT: READ IT CAREFULLY!: Please note that this is NOT a professional installation/configuration or even standard way of configuration of email for any "professional" use. During this experiment, I found that yahoo mail does not support mails from such source. If this is the case, then I doubt that many other mail sites also will not accept mails from this kind of setup. However, I could send mails to other gmail users. With that said, this may be a solution for gmail users but not for any other users... rest you may try and let me know :-)



# ping gmail.com
gmail.com is alive

# cat /etc/resolv.conf
nameserver 192.168.1.1

# ifconfig -a
lo0: flags=2001000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
sfe0: flags=1000843 mtu 1500 index 2
inet 192.168.1.2 netmask ffffff00 broadcast 192.168.15.255
ether 0:e0:18:87:98:df

# /usr/sbin/dig -t mx gmail.com

; <<>> DiG 9.3.4-P1 <<>> -t mx gmail.com
;; global options: printcmd
;; connection timed out; no servers could be reached


# cat /etc/hosts
#
# Internet host table
#
127.0.0.1 localhost
::1 localhost
192.168.1.2 hawaii.tstserver.com hawaii loghost


# echo "nameserver 208.67.222.222" >> /etc/resolv.conf
# echo "nameserver 208.67.220.220" >> /etc/resolv.conf

# /usr/sbin/dig -t mx gmail.com


; <<>> DiG 9.3.4-P1 <<>> -t mx gmail.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1309
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;gmail.com. IN MX

;; ANSWER SECTION:
gmail.com. 2671 IN MX 5 gmail-smtp-in.l.google.com.
gmail.com. 2671 IN MX 10 alt1.gmail-smtp-in.l.google.com.
gmail.com. 2671 IN MX 20 alt2.gmail-smtp-in.l.google.com.
gmail.com. 2671 IN MX 30 alt3.gmail-smtp-in.l.google.com.
gmail.com. 2671 IN MX 40 alt4.gmail-smtp-in.l.google.com.

;; Query time: 34 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Mar 16 21:27:59 2009
;; MSG SIZE rcvd: 150


# echo "DIG command output is now as it should be"
DIG command output is now as it should be

NOTE: Take the backup of /etc/mail original directory (just in case if you want to restore original settings):

# cp -pr /etc/mail /export/home/admin_stuff/mail-BAK

# svcs -a | grep -i mail
online 13:21:20 svc:/network/smtp:sendmail

# ps -eaf | grep -i mail
root 624 1 0 13:21:25 ? 0:01 /usr/lib/sendmail -bd -q15m
smmsp 625 1 0 13:21:25 ? 0:00 /usr/lib/sendmail -Ac -q15m

# cd /etc/mail

# ls -l

-rw-r--r-- 1 root bin 1423 Feb 28 2008 aliases
-rw-r----- 1 root smmsp 40960 Aug 10 2008 aliases.db
drwxr-xr-x 9 root mail 512 Aug 10 2008 cf
-rw-r--r-- 1 root bin 5449 Dec 21 2006 helpfile
-r--r--r-- 1 root bin 39953 Feb 28 2008 local.cf
-rw-r--r-- 1 root bin 0 Feb 28 2008 local-host-names
-rw-r--r-- 1 root bin 163 Jan 21 2005 Mail.rc
-rw-r--r-- 1 root bin 1839 Feb 28 2008 mailx.rc
lrwxrwxrwx 1 root root 11 Aug 10 2008 main.cf -> sendmail.cf
-r--r--r-- 1 root bin 39875 Feb 28 2008 sendmail.cf
lrwxrwxrwx 1 root root 8 Aug 10 2008 sendmail.hf -> helpfile
-r--r--r-- 1 root bin 40259 Oct 31 23:46 submit.cf
lrwxrwxrwx 1 root root 11 Aug 10 2008 subsidiary.cf -> sendmail.cf
-rw-r--r-- 1 root bin 5 Feb 28 2008 trusted-users

# cd cf/cf/
# pwd

/etc/mail/cf/cf

# ls -l
total 264
-r--r--r-- 1 root mail 39953 Aug 8 2007 local.cf
-r--r--r-- 1 root mail 1814 Dec 21 2006 local.mc
lrwxrwxrwx 1 root root 11 Aug 10 2008 main.cf -> sendmail.cf
lrwxrwxrwx 1 root root 11 Aug 10 2008 main.mc -> sendmail.mc
-r--r--r-- 1 root mail 3298 Dec 21 2006 Makefile
-r--r--r-- 1 root mail 39875 Aug 8 2007 sendmail.cf
-r--r--r-- 1 root mail 1187 Jan 21 2005 sendmail.mc
-r--r--r-- 1 root mail 40216 Aug 8 2007 submit.cf
-r--r--r-- 1 root mail 843 Jan 21 2005 submit.mc
lrwxrwxrwx 1 root root 11 Aug 10 2008 subsidiary.cf -> sendmail.cf
lrwxrwxrwx 1 root root 11 Aug 10 2008 subsidiary.mc -> sendmail.mc

Add the following lines in /etc/mail/cf/cf/local.mc file.

# ----------FOLLOWING IS ADDED FOR GMAIL CONFIGURATION ------------------------
define(`SMART_HOST',`smtp.gmail.com')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/CAcert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
# --------------END OF SPECIAL CONFIGURATION FOR GMAIL ------------------------

# mkdir /etc/mail/auth
# touch /etc/mail/auth/client-info

# cat /etc/mail/auth/client-info

AuthInfo:smtp.gmail.com "U:root" "I:somemailid@gmail.com" "P:password_of_somemailid"

# cd /etc/mail/auth

# pwd

/etc/mail/auth

# ls -l
-rw-r--r-- 1 root root 75 Mar 16 22:39 client-info

# /usr/sbin/makemap hash client-info < client-info

# ls -l

-rw-r--r-- 1 root root 75 Mar 16 22:39 client-info
-rw-r----- 1 root root 24576 Mar 16 22:40 client-info.db

# chown -R root:mail /etc/mail/auth
# chmod 700 /etc/mail/auth
# chmod 600 /etc/mail/auth/*
# ls -l

-rw------- 1 root mail 75 Mar 16 22:39 client-info
-rw------- 1 root mail 24576 Mar 16 22:40 client-info.db

# mkdir /etc/mail/certs
# cd /etc/mail/certs
# pwd

/etc/mail/certs

# /usr/sfw/bin/openssl dsaparam 1024 -out dsa1024.pem
Generating DSA parameters, 1024 bit long prime
This could take some time
.....+++++++++++++++++++++++++++++++++++++++++++++++++++*
.+............+.+.........+.........+.............+..........+........+..........+.......................+.+.+......+....+.+..+..
.+................+..+.....+...+........+........+.+.......+..........+............+...........+........................+......+.
....+............+.................+.....+..+.+...+.................+..+...+.+..............+..................+.+....+..+......+
..+..................+.....+.+...+.................+.....+.............+..........+..+.....+.+...................................
..........+........+............+.....+.........+++++++++++++++++++++++++++++++++++++++++++++++++++*

# ls -l
-rw-r--r-- 1 root root 455 Mar 16 22:46 dsa1024.pem

# /usr/sfw/bin/openssl req -x509 -nodes -days 3650 -newkey dsa:dsa1024.pem -out /etc/mail/certs/mycert.pem -keyout /etc/mail/certs/mykey.pem
Generating a 1024 bit DSA private key
writing new private key to '/etc/mail/certs/mykey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Unconfigured OpenSSL Installation]:PRIVATE HOME INSTALLATION
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:

# ls -l
-rw-r--r-- 1 root root 455 Mar 16 22:46 dsa1024.pem
-rw-r--r-- 1 root root 1322 Mar 16 22:49 mycert.pem
-rw-r--r-- 1 root root 668 Mar 16 22:49 mykey.pem

# rm dsa1024.pem
# chown -R root:mail .
# chmod 700 .
# chmod 600 *
# pwd

/etc/mail/certs

# ls -l
-rw------- 1 root mail 1322 Mar 16 22:49 mycert.pem
-rw------- 1 root mail 668 Mar 16 22:49 mykey.pem

# pwd
/etc/mail/certs
# cd ..
# ls -l

-rw-r--r-- 1 root bin 1423 Feb 28 2008 aliases
-rw-r----- 1 root smmsp 40960 Aug 10 2008 aliases.db
drwx------ 2 root mail 512 Mar 16 22:40 auth
drwx------ 2 root mail 512 Mar 16 22:50 certs
drwxr-xr-x 9 root mail 512 Aug 10 2008 cf
-rw-r--r-- 1 root bin 5449 Dec 21 2006 helpfile
-r--r--r-- 1 root bin 39953 Feb 28 2008 local.cf
-rw-r--r-- 1 root bin 0 Feb 28 2008 local-host-names
-rw-r--r-- 1 root bin 163 Jan 21 2005 Mail.rc
-rw-r--r-- 1 root bin 1839 Feb 28 2008 mailx.rc
lrwxrwxrwx 1 root root 11 Aug 10 2008 main.cf -> sendmail.cf
-r--r--r-- 1 root bin 39875 Feb 28 2008 sendmail.cf
lrwxrwxrwx 1 root root 8 Aug 10 2008 sendmail.hf -> helpfile
-r--r--r-- 1 root bin 40259 Oct 31 23:46 submit.cf
lrwxrwxrwx 1 root root 11 Aug 10 2008 subsidiary.cf -> sendmail.cf
-rw-r--r-- 1 root bin 5 Feb 28 2008 trusted-users




# pwd
/etc/mail/cf/cf

# /usr/ccs/bin/make
test ! -f sendmail.cf || /usr/bin/mv sendmail.cf sendmail.cf.prev
/usr/ccs/bin/m4 ../m4/cf.m4 sendmail.mc > sendmail.cf

# /usr/ccs/bin/make install

# ls -ltr
total 354
-r--r--r-- 1 root mail 1187 Jan 21 2005 sendmail.mc
-r--r--r-- 1 root mail 843 Jan 21 2005 submit.mc
-r--r--r-- 1 root mail 3298 Dec 21 2006 Makefile
-r--r--r-- 1 root mail 1814 Dec 21 2006 local.mc
-r--r--r-- 1 root mail 39875 Aug 8 2007 sendmail.cf.prev
-r--r--r-- 1 root mail 40216 Aug 8 2007 submit.cf
-r--r--r-- 1 root mail 39953 Aug 8 2007 local.cf
lrwxrwxrwx 1 root root 11 Aug 10 2008 main.cf -> sendmail.cf
lrwxrwxrwx 1 root root 11 Aug 10 2008 main.mc -> sendmail.mc
lrwxrwxrwx 1 root root 11 Aug 10 2008 subsidiary.cf -> sendmail.cf
lrwxrwxrwx 1 root root 11 Aug 10 2008 subsidiary.mc -> sendmail.mc
-rw-r--r-- 1 root root 40016 Mar 16 22:55 sendmail.cf

# pwd
/etc/mail/cf/cf

# /etc/init.d./sendmail stop
# /etc/init.d/sendmail start # echo "Test" | mailx -s "Test" somegmailuser@gmail.com




Hurrah! Its working!!! I got the mail at somegmailuser@gmail.com from my system's command line.

2 comments:

Anonymous said...

Thanks for your instructions.
Fyi: I could not follow them on OpenSolaris 2009.06 (with Sendmail 8.14). It seems to be looking for file /etc/mail/feature/authinfo.m4 which doesn't exist.

rezdm said...

Thanks! It helped.
...now looking to make it also x-reply-to and "from".

Tanks one more time.