?

Log in

No account? Create an account
entries friends calendar profile Feren's dART gallery Previous Previous Next Next
Hmmm. - Paint It Black
Living the American dream one heartbreaking piece at a time
feren
feren
Hmmm.
You know, I'm a horrible, horrible geek. I'm just not happy unless I have my fingers dirty, my sleeves rolled up and my hands in some sort of project -- it doesn't matter if that project is a car engine rebuild, a computer overhaul, pulling single-mode fiber or something else, I feel compelled to keep myself busy. Tonight's project of choice is Sendmail, and overhauling it so that I can allow people to relay their SMTP traffic through me without becomming some spammer's bitch. I was able to locate a couple documents and followed them closely. It seemed like everything worked just fine! There's just... one.... teensy little problem: I can't for the life of me figure out why it isn't actually working. I turned on AUTH, I turned on STARTTLS, I got all my certificates in a row, AUTH PLAIN shows up as an extended option...

... and the damn thing still won't let me relay. When I base-64 encode my username and password I get a string that looks okay. I get a challenge that looks okay. I pass it to the Sendmail connection with the proper syntax (the syntax looks okay too)... and whammo, failure.


# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 panther.black-panther.us ESMTP Sendmail 8.12.10/8.12.10; Tue, 28 Oct 2003 22:57:51 -0500
ehlo localhost
250-panther.black-panther.us Hello root@localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH PLAIN
250-STARTTLS
250-DELIVERBY
250 HELP
AUTH PLAIN AGZlcmVuBzhhdWcuIXU=
535 5.7.0 authentication failed


All I get from /var/log/maillog is

Oct 28 22:50:33 panther sendmail[3723]: STARTTLS=server, relay=blah.blah.com [www.xxx.yyy.zzz], version=TLSv1/SSLv3, verify=NOT, cipher=RC4-MD5, bits=128/128
Oct 28 22:50:33 panther sendmail[3723]: h9T3oXRo003723: ruleset=check_rcpt, arg1=<jolsen@devry.com>, relay=blah.blah.com [www.xxx.yyy.zzz], reject=550 5.7.1 <jolsen@devry.com>... Relaying denied. Proper authentication required.
Oct 28 22:50:33 panther sendmail[3723]: h9T3oXRo003723: from=<feren@black-panther.us>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=blah.blah.com [www.xxx.yyy.zzz]


I just don't get it. Ah well. It's not terribly important, but it would be nice to get SMTP AUTH working for relays so that I can stop opening up my server to half of Southern Minnesota, ya know?

In other news I went to another real estate agent today (one who happens to be local to my complex no less), and asked her to list options for me in the Wheeling/Buffalo Grove/Vernon Hills area. I wasn't terribly surprised when the answer was "townhouse, condo or coach home?" I'm not enthused about any of those choices -- I've spent the last seven years sharing walls with other people, I would like it to stop now please. I guess this means I'm back to looking at Lansing... but I'll continue to have this agent research options for me in the Northwest Suburbs to see what I might find. You never know, I might like a townhouse. While I seriously doubt it would ever happen (lightning is more likely to strike first) I can't know for certain if I don't at least look.

The epic search continues!

I woke up this morning with a buzz rolling 'round in my brain

Current Mood: geeky geeky
Current Music: My brain full of Sendmail and SASL

3 thoughts or Leave a thought
Comments
rustitobuck From: rustitobuck Date: October 28th, 2003 08:17 pm (UTC) (Link)
I run a ValueWeb server for a client who is not computer literate. So I think, if I have her use her own mailserver, she doesn't have to keep changing her SMTP host every time she uses a different way to connect her laptop to the internet. I used POP-before-SMTP, which permits relaying for 30 minutes from any address that completes a successful POP transaction. That way, no matter where she is, she can send mail. Or so I thought.

Found her a $5.99/month dialup service for when she's away from her DSL.

You guessed it. They block port 25. You can connect to their SMTP server (which works OK) or nothing at all.

Damnit.
feren From: feren Date: October 28th, 2003 08:21 pm (UTC) (Link)
[You guessed it. They block port 25. You can connect to their SMTP server (which works OK) or nothing at all.]

Let me guess, Earthlink?

I applaud them for taking steps to control the flood of spam that's been coming out of dial-up pools, but I wish they'd document it a little better that they went ahead and did such a thing. When Roho, Kestral and I first moved into this apartment our DSL provider did the same thing. We were confused as hell until I realized that I couldn't reach ANYTHING on TCP/25. Then it was just a matter of trying to get the techs to tell us what server we SHOULD be using as our smart host....
points From: points Date: October 28th, 2003 09:04 pm (UTC) (Link)
Postfix, with Dracd and pop/imap compiled support? That's what I was using back on the old vfocus. :) Only took an hour or two to set it all up, plus squirrelmail and encryption.
3 thoughts or Leave a thought