Setting up automounts, milters, IPv6, etc.

Philip Prindeville philipp_subx at redfish-solutions.com
Tue Sep 27 18:40:16 UTC 2005


Hi.

I was hoping to get some pointers on how to do the following sysadmin 
chores:

* I'm running sendmail+cyrus, and I'd like to configure a milter with 
some simple
  rules (for instance, don't accept email from sites that don't have 
IN-ADDR.ARPA
  records)

* I'd also like to set up autofs, but it seems to be failing...  I tried 
to set up an example
   /home mountpoint like the auto.master man page suggests, but they 
don't give an
   example of what /etc/auto.home would look like (and just coping 
auto.net into it
   doesn't work).  Suggestions?

* I tried to edit /etc/sysconfig/network to have "NETWORK_IPV6=no" but 
it still
   wants to bring up IPV6 networking anyway:

eth0      Link encap:Ethernet  HWaddr 00:11:09:04:D5:2A
          inet addr:192.168.1.5  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::211:9ff:fe04:d52a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5049 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5354 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1446018 (1.3 MiB)  TX bytes:475699 (464.5 KiB)
          Interrupt:177 Base address:0xc000

   is this a bug?  What am I missing?

* Lastly, when I start up my mail UA, it complains about the certificate 
coming from
   the host being signed localhost.localdomain...  Is there a 
walk-through on how to set
   up the various certificates required for using SSL/TLS for sending 
email from a
   client?  How do I set up certificates for individual users, for instance?

/var/log/messages.1:Sep 19 19:30:30 mail sendmail[23081]: unable to open 
Berkeley db /etc/sasldb2: No such file or directory
...
Sep 27 12:29:30 mail sendmail[5896]: NOQUEUE: connect from [192.168.1.5]
Sep 27 12:29:30 mail sendmail[5896]: AUTH: available mech=DIGEST-MD5 
ANONYMOUS CRAM-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 
LOGIN PLAIN
Sep 27 12:29:30 mail sendmail[5896]: j8RITUIv005896: Milter: no active 
filter
Sep 27 12:29:30 mail sendmail[5896]: STARTTLS=server, 
relay=[192.168.1.5], version=TLSv1/SSLv3, verify=NO, 
cipher=DHE-RSA-AES256-SHA, bits=256/256
Sep 27 12:29:30 mail sendmail[5896]: STARTTLS=server, cert-subject=, 
cert-issuer=, verifymsg=ok
Sep 27 12:29:30 mail sendmail[5896]: AUTH: available mech=LOGIN 
DIGEST-MD5 PLAIN ANONYMOUS CRAM-MD5, allowed mech=EXTERNAL GSSAPI 
DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Sep 27 12:29:31 mail sendmail[5896]: j8RITUIw005896: AUTH failure 
(CRAM-MD5): user not found (-20) SASL(-13): user not found: no secret in 
database
Sep 27 12:29:31 mail sendmail[5896]: AUTH=server, relay=[192.168.1.5], 
authid=philipp, mech=PLAIN, bits=0
Sep 27 12:29:31 mail sendmail[5896]: j8RITUIw005896: 
from=<philipp at redfish-solutions.com>, size=72799, class=0, nrcpts=1, 
msgid=<43398F8A.50903 at redfish-solutions.com>, proto=ESMTP, 
daemon=MTA-v4, relay=[192.168.1.5]

   similarly, I can't send email using SSL when connecting to my 
sendmail server...
   (but TLS seems to work).

* Ditto for Cyrus.  I can't use secure authentication:

Sep 27 12:38:42 mail imaps[5986]: starttls: TLSv1 with cipher AES256-SHA 
(256/256 bits reused) no authentication

   I'm using Thunderbird, if that makes any difference.

Any guidance appreciated.

Thanks,

-Philip





More information about the fedora-list mailing list