Saturday, July 4, 2009

The easiest way to setup the most unsecure sendmail service in linux

Yes, the easiest way, and yes, the most unsecure, i mean it.

I hope this blog will help you. This is what I've found after 2 days of reading and frustration of trying to set up sendmail server/client for whole day.

And trust me, never setup sendmail on Friday... @@



--- Setup Sendmail ---

-- Server --
#vi /etc/mail/sendmail.mc
= Replace 192.168.168.1 with your mail server's IP.

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
DAEMON_OPTIONS(`Port=smtp,Addr=192.168.168.1, Name=MTA')dnl

## and...
= find "relay_based_on_MX" and comment or replace it with "loose_relay_check"

dnl #FEATURE(`relay_based_on_MX')dnl
FEATURE('loose_relay_check')dnl

# then..
echo "Connect:192.168.2 RELAY" >> /etc/mail/access

-- Client --
# find following line in sendmail.mc and change it.
[root@bb ~]# grep mail000 /etc/mail/sendmail.mc
define(`SMART_HOST', `mail0001.test')dnl


-- MAKE SURE --

= check if sendmail is listening to port 25
netstat -ant | grep LISTEN | grep 25

= check local or the service connect by telneting the port
telnet mail0001 25

= check sendmail status
service sendmail status


--- Links ---
-- Howto --
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch21_:_Configuring_Linux_Mail_Servers

-- Masquerading --
http://www.brandonhutchinson.com/Sendmail_masquerading.html

-- Mail Relay --
http://www.sendmail.org/m4/anti_spam.html

PS:
Here is the story be hide this post. Has any one found that the documentation of sendmail is a mess?? I always found it overwhelm, all the tutorial gives you some options that you may not even understand. That's why, I think it's good to setup the most basic one and then build stuffs on top of it. Making a service work is more important than any thing after all. Well... the worst thing about the way I setup is someone may use you mail server to send spam.... well... u lose some resources cos people may use it to send spam but, you can setup other options once you make sure every thing is working.

20090723
When I read this page again, I found that the reason why I could send it, it`s because I have already accept all my internal network. After doing more configuring with sendmail, I realize it wasn`t a fully open relay. I now have SSL configured with sendmail and dovecot. I may post the tutorial later, once I`m sure that`s really working and it`s the simplest way to do.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)