relayhost when authentication is required

Colin McGregor colinmc151-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Thu Aug 31 18:24:33 UTC 2006 

--- Matt Price <matt.price-H217xnMUJC0sA/PxXw9srA at public.gmane.org> wrote:
> hi folks, 
> 
> i run postfix on my home computers and use sendmail
> for all my mail
> programs (evolution, mutt, thunderbird, whatever). 
> both machines run ubuntu
> dapper and postfix 2.2.10.  
> 
> with our old ip i just added a 'relayhost' line in
> main.cf and my mail was
> sent out fine.  however our new evil isp
> (rogers/yahoo) requires
> authentication first.  so outgoing mail generates
> these log messages (sorry
> for thewrap!):
> 
> ug 31 12:46:07 localhost postfix/master[15806]:
> daemon started -- version
> 2.2.10, configuration /etc/postfix
> Aug 31 12:46:50 localhost postfix/pickup[15809]:
> 8522440409E: uid=1000
> from=<matt.price-H217xnMUJC0sA/PxXw9srA at public.gmane.org>
> Aug 31 12:46:50 localhost postfix/cleanup[15908]:
> 8522440409E:
> message-id=<1157042810.5232.3.camel at localhost>
> Aug 31 12:46:50 localhost postfix/qmgr[15810]:
> 8522440409E:
> from=<matt.price-H217xnMUJC0sA/PxXw9srA at public.gmane.org>, size=436, nrcpt=2
> (queue active)
> Aug 31 12:46:51 localhost postfix/smtp[15910]:
> 8522440409E:
> to=<moptop99-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>,
>
relay=smtp-rog.mail.yahoo2.akadns.net[206.190.36.18],
> delay=1,
> status=bounced (host
> smtp-rog.mail.yahoo2.akadns.net[206.190.36.18] said:
> 530 authentication required - for help go to
> http://help.yahoo.com/help/us/mail/pop/pop-11.html
> (in reply to MAIL FROM
> command))
> 
> 
> i assume i need some mechanism for sending out my
> password to their server,
> but don't know how to do it.  does anyone have this
> setup or something
> similar working?
> 
> thanks,
> 
> matt

Your problem sounds basicly like the the one I
encountered earlier this month, here is the answer I
came up with and posted to the list. There was a small
error in the answer I posted and what is below has
been edited appropriately...

Colin.

Date:	 Fri, 18 Aug 2006 22:19:18 -0400 (EDT)
From:	"Colin McGregor" <colinmc151-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org>  View
Contact Details View Contact Details
Subject:	Re: [TLUG]: Exim4, Debian and Rogers...
To:	tlug-lxSQFCZeNF4 at public.gmane.org

Ok to answer my own question, you can send e-mail
using exim4, Debian and Rogers. You don't need to do
any wierdness regarding ports. There are two nasty
little issues that can bite you hard (at least they
bit me hard :-( ). Here is what you need in various
files (with e-mail addresses/passwords changed).

In /etc/email-addresses you need a line like the
following for every local Linux box login that you
want to be able to send e-mail:

<<local login name>>: <<RogersID>>@rogers.com

More than one <<local login name>> can point to the
same <<RogersID>>, i.e.: I have root and my normal
user login pointing at the same <<RogersID>> .

In /etc/exim4/exim4.conf.template your need to remove
(or comment out) the following bit:

plain:
  driver = plaintext
  public_name = PLAIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
 client_send = "${if !eq{$tls_cipher}{}{\
                    ^${extract{1}{::}\
                    
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
                   ^${extract{2}{::}\                 
   
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
                 }fail}"
.else
  client_send =
"^${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
 .endif

Then put the follow in:

plain:
  driver = plaintext
  public_name = PLAIN
 client_send = "^<<RogersID>>@rogers.com^<<Password>>"

Next you need the following in
/etc/exim4/update-exim4.conf.conf:

dc_eximconfig_configtype='smarthost'
dc_other_hostnames=''
dc_local_interfaces='127.0.0.1'
dc_readhost='rogers.com'
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost='smtp-rog.mail.yahoo2.akadns.net'
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname='true'
dc_mailname_in_oh='true'

While I suspect it isnt't required I put the following
into: /etc/exim4/passwd.client

smtp-rog.mail.yahoo2.akadns.net:<<RogersID>>@rogers.com:<<Password>>

The two things in the above that gave me grief were
the dc_smarthost name and the "plain:" bit. There is a
bug in some versions of exim4 I gather that will choke
on CNAMEs, like the smtp.broadband.rogers.com name you
find in the Rogers documentation, the
'smtp-rog.mail.yahoo2.akadns.net' is the currently
correct replacement (yes, it may be subject to change
without notice, sigh). By default exim4 wants to send
the RogersID/Password encrypted, but due to problems
at the Rogers/Yahoo end of things it will only with
plain text (BAD NEWS!). Get any of the above wrong and
you will be facing a pile of cryptic error messages
and rotten documentation :-( .

Now, the reason for putting up with the above is that
exim4 when working with fetchmail (which is another
pile of unholy @#$%) makes your Linux act/seem like it
is mail server on the Internet, allowing the likes of
Procmail (which is a toxic waste dump unto itself) to
think all is right with the universe.

Why do it? Well, it is an interesting challenge, and
in my case, I am writing a magazine article on
Procmail for a magazine (which will pay some $$ :-) ).


Colin McGregor

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list