Posts tagged ·

sendmail

·...

May 28, 2010 10:08 am

How to configure sendmail to contact remote SMTP server on an alternate port other than 25?

Comments Off
by    in AIX

 Technote (FAQ)
 
Question
How to configure sendmail to contact remote SMTP server on an alternate port other than 25?
 
Answer
By default, sendmail will attempt to contact an SMTP server to deliver an email on well known port 25. If the mail server is listening on a different port, then you'll need to use the following procedure to direct sendmail to the new port number.
sendmail will use the smtp entries in /etc/services to determine which port to contact an STMP server.
So if you want to use port 587, then just edit the /etc/services file and change the smtp entries to this:
smtp                    587/tcp         # Simple Mail Transfer
smtp                    587/udp         # Simple Mail Transfer

After updating the /etc/services file, try a mail test to see if sendmail is able to complete its handshake with the remote server.

Here's how you to send an email in verbose mode:
# echo /etc/motd | mail -v joeblow@yahoo.com

If you have further questions, please contact IBM AIX Support.
 
 
 
tags: , ,
Comments Off
May 21, 2010 10:27 am

How to configure sendmail to use mail aliases on an LDAP server?

Comments Off
by    in AIX

 Technote (FAQ)
 
Question
How to configure sendmail on AIX 5.3 TL6 or later to use mail aliases on an LDAP server?
 
Answer
Environment: AIX 5.3 TL6 and later; ITDS LDAP client v5.2 and later
Description: This document shows you how to configure mail aliases on an LDAP server and then how to configure sendmail.cf to use LDAP aliases.

****************************************************************************
1. Upgrade to AIX 5.3 TL6 or later

****************************************************************************
2. Install IBM Tivoli Directory Server (ITDS) LDAP client software

Any recent version of ITDS client software will do. I have tested with ITDS v5.2 through v6.1.
ITDS software can be downloaded from here:
http://www14.software.ibm.com/webapp/download/search.jsp?go=y&rs=ldap&sb=r&loc=1&S_TACT=103BGW01&S_CMP=campaign

To see if ITDS client software is installed, use the 'lslpp' command and look for the following:

ITDS v5.x:
ldap.client.rte

ITDS v6.0:
idsldap.clt32bit60.rte
idsldap.clt64bit60.rte

ITDS v6.1:
idsldap.clt32bit61.rte
idsldap.clt64bit61.rte

****************************************************************************
3. Add LDAP alias entries on LDAP server and verify you can search for it without bindDN or password

I used the following ldif file to import my test alias onto the LDAP server:
# cat myalias.ldif
dn: ou=aliases,cn=aixdata
ou: aliases
objectClass: organizationalUnit

dn: mail=tuvo1,ou=aliases,cn=aixdata
mail: tuvo1
cn: tuvo1
objectClass: mailGroup
objectClass: top
mgrpRFC822MailMember: mrtuvo@gmail.com

Since the mailgroup object classes and the mail attributes were not yet defined on the server, I also had to add them first.
I used the ldif files below:
# cat mailattr.ldif
dn: cn=schema
changetype: modify
add: attributeTypes
attributeTypes: ( mgrpRFC822MailMember-oid NAME 'mgrpRFC822MailMember' SYNTAX
1.3.6.1.4.1.1466.115.121.1.15{64} SINGLE-VALUE )

# cat mailgroup.ldif
dn: cn=schema
changetype: modify
add: objectclasses
objectClasses: ( 2.16.840.1.113730.3.2.4 NAME 'mailGroup' DESC 'mail group attr
' SUP top STRUCTURAL MUST mail MAY ( cn $ mgrpRFC822MailMember ) )

Now that my mail alias has been defined on the LDAP server, I need to enable Anonymous ACL so that I can search for it without a password.
Here's the ldif file I used to enable Anonymous ACL for the entire cn=aixdata tree:
# cat acl.ldif
dn: ou=aliases,cn=aixdata
changetype: modify
add: aclentry
aclentry: group:CN=ANYBODY:system:rsc:critical:rwsc:sensitive:rwsc:normal:rwsc:restricted:rwsc

Here's the ldapadd command I ran to import the ldif data files above:
# ldapadd -h <ldapserver> -D <bindDN> -w <bindPwd> -f ./<myldif.file>

Here's an example of an ldapsearch and the output of one alias entry:
# ldapsearch -h reptilebso -b cn=aixdata -s sub "(&(objectClass=mailGroup)(mail=*))"
mail=tuvo1,ou=aliases,cn=aixdata
mail=tuvo1
cn=tuvo1
objectClass=mailGroup
objectClass=top
mgrpRFC822MailMember=mrtuvo@gmail.com

In the above alias entry, "tuvo1" is aliased to "mrtuvo@gmail.com".
I.e. when you mail to tuvo1, it will be sent to "mrtuvo@gmail.com".

****************************************************************************
4. Configure sendmail.cf to use LDAP aliases

Look for this line in your sendmail.cf file:
O AliasFile=/etc/mail/aliases

Modify it to also use LDAP for mail aliases:
O AliasFile=/etc/mail/aliases,ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember -h reptilebso -b "ou=aliases,cn=aixdata"

Note:
-h flag is LDAP server hostname or IP
-b is baseDN for your LDAP mail aliases

****************************************************************************
5. Test your LDAP mail alias

Here's a 'mail -v' session showing that mail sent to "tuvo1" is being aliased to "mrtuvo@gmail.com":

# mail -v tuvo1
Subject: test
test message
.
Cc:
Warning: .cf file is out of date: sendmail AIX5.3/8.13.4 supports version 10, .cf file is version 9
tuvo1... aliased to mrtuvo@gmail.com
mrtuvo@gmail.com... Connecting to netmail1.austin.ibm.com. via relay...
220 austin.ibm.com ESMTP Sendmail 8.13.8/8.12.10; Fri, 15 Feb 2008 10:44:42 -0600
>>> EHLO bonesbso.austin.ibm.com
250-austin.ibm.com Hello bonesbso.austin.ibm.com [9.3.58.72], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH CRAM-MD5
250-DELIVERBY
250 HELP
>>> MAIL From:<root@bonesbso.austin.ibm.com> SIZE=38
250 2.1.0 <root@bonesbso.austin.ibm.com>... Sender ok
>>> RCPT To:<mrtuvo@gmail.com>
>>> DATA
250 2.1.5 <mrtuvo@gmail.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 m1FGigPt049814 Message accepted for delivery
mrtuvo@gmail.com... Sent (m1FGigPt049814 Message accepted for delivery)
Closing connection to netmail1.austin.ibm.com.
>>> QUIT
221 2.0.0 austin.ibm.com closing connection


****************************************************************************
6. FAQs

***
Q1: I have done the above but when I try to test, I get this error below. What's wrong?

# mail -v tuvo1
dlopen() failed to load /usr/ldap/lib/libldap.a
: No such file or directory
ldap_exist(): Could not load module /usr/ldap/lib/libldap.a.
System error: No such file or directory

A1: sendmail currently looks for LDAP client library at /usr/ldap/lib/libldap.a.
This used to be true on older versions of LDAP client code.
You just need to make a soft link from /usr/ldap/lib/libldap.a to the new location and name of the library.

Here's what you need to link /usr/ldap/lib/libldap.a to for various versions of ITDS:

ITDS v5.2:
/usr/ldap/lib/libibmldapn.a

ITDS v6.0:
/opt/IBM/ldap/V6.0/lib/libibmldapn.a

ITDS v6.1:
/opt/IBM/ldap/V6.1/lib/libibmldapn.a

So, for example, if you were using ITDS v5.2, you would see this output below:
# ls -l /usr/ldap/lib/libldap.a
lrwxrwxrwx ... /usr/ldap/lib/libldap.a -> /usr/ldap/lib/libibmldap.a

***
Q2: I also have LDAP integrated login configured and working.
Does sendmail use the secldapclntd or ldap.cfg to retrieve LDAP mail aliases?

A2: No. sendmail does not use the LDAP integrated login code, secldapcltnd, or ldap.cfg.
***
Q3: I am using ITDS v6.x, how do I make links to the ITDS libraries?
A3: Here's an example for ITDS v6.2:
# cd /opt/IBM/ldap/V6.2/bin
# ./idslink -i -g -l 32 -f
 
 
 
tags: , , ,
Comments Off
April 16, 2010 2:48 pm

Starting the sendmail daemon in AIX.

Comments Off
by    in AIX

 Technote (FAQ)
 
Question
Why will sendmail not stay active.
 
Answer
There are only a couple of reasons why the sendmail daemon will not stay active.

1. Not using the correct command to start the daemon.

=============================================

The correct command to start sendmail is as follows:

#startsrc -s sendmail -a "-bd -q30m"

To check if daemon is active.

#lssrc -s sendmail

If the -bd flag is not specified, then sendmail will start up and die right away.

2. If you have verified that the correct start up command is being used, then it could be corruption, or incorrect entry in the configuration file.

====================================================================================

If sendmail.cf corruption is suspected bring a new configuration, from the following directory. But first back up your original.

cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.og

cp /usr/lpp/bos.net/inst_root/etc/mail/sendmail.cf /etc/mail/sendmail.cf

Now try to start sendmail again.

#startsrc -s sendmail -a "-bd -q30m"

3. Another program running on port 25.

================================

To check if there is another program taking up sendmail's port, run the following.

#netstat -an |grep *.25

If you get a line that reads as follows:


tcp4 0 0 *.25 *.* LISTEN

Then there is another program taking up port 25 and not allowing sendmail to start. If this is the

case then kill the program and start the default AIX sendmail.

 
 
 
tags: ,
Comments Off
Older Posts »