Saturday, July 4, 2009

The easiest way to setup the most unsecure sendmail service in linux

Yes, the easiest way, and yes, the most unsecure, i mean it.

I hope this blog will help you. This is what I've found after 2 days of reading and frustration of trying to set up sendmail server/client for whole day.

And trust me, never setup sendmail on Friday... @@

--- Setup Sendmail ---

-- Server --
#vi /etc/mail/
= Replace with your mail server's IP.

DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')dnl
DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')dnl

## and...
= find "relay_based_on_MX" and comment or replace it with "loose_relay_check"

dnl #FEATURE(`relay_based_on_MX')dnl

# then..
echo "Connect:192.168.2 RELAY" >> /etc/mail/access

-- Client --
# find following line in and change it.
[root@bb ~]# grep mail000 /etc/mail/
define(`SMART_HOST', `mail0001.test')dnl


= check if sendmail is listening to port 25
netstat -ant | grep LISTEN | grep 25

= check local or the service connect by telneting the port
telnet mail0001 25

= check sendmail status
service sendmail status

--- Links ---
-- Howto --

-- Masquerading --

-- Mail Relay --

Here is the story be hide this post. Has any one found that the documentation of sendmail is a mess?? I always found it overwhelm, all the tutorial gives you some options that you may not even understand. That's why, I think it's good to setup the most basic one and then build stuffs on top of it. Making a service work is more important than any thing after all. Well... the worst thing about the way I setup is someone may use you mail server to send spam.... well... u lose some resources cos people may use it to send spam but, you can setup other options once you make sure every thing is working.

When I read this page again, I found that the reason why I could send it, it`s because I have already accept all my internal network. After doing more configuring with sendmail, I realize it wasn`t a fully open relay. I now have SSL configured with sendmail and dovecot. I may post the tutorial later, once I`m sure that`s really working and it`s the simplest way to do.

No comments: