Question 195022 in Debian Question posted in
The oficial documentation can be found here.

Debian – Configuring sendmail to talk to an SMTP server using port 465 and TLS

How do I do this please?

I recently changed email providers and they require me to use port 465 and TLS with userid/password authentication.

Previously I was connecting to a different smtp server on port 587 using STARTTLS (I think).

I have tried to change sendmail.mc to work with the new server:

divert(-1)dnl
#-----------------------------------------------------------------------------
# $Sendmail: debproto.mc,v 8.15.2 2020-03-08 00:39:49 cowboy Exp $
#
# Copyright (c) 1998-2010 Richard Nelson.  All Rights Reserved.
#
# cf/debian/sendmail.mc.  Generated from sendmail.mc.in by configure.
#
# sendmail.mc prototype config file for building Sendmail 8.15.2
#
# Note: the .in file supports 8.7.6 - 9.0.0, but the generated
#   file is customized to the version noted above.
#
# This file is used to configure Sendmail for use with Debian systems.
#
# If you modify this file, you will have to regenerate /etc/mail/sendmail.cf
# by running this file through the m4 preprocessor via one of the following:
#   * make   (or make -C /etc/mail)
#   * sendmailconfig
#   * m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# The first two options are preferred as they will also update other files
# that depend upon the contents of this file.
#
# The best documentation for this .mc file is:
# /usr/share/doc/sendmail-doc/cf.README.gz
#
#-----------------------------------------------------------------------------
divert(0)dnl
#
#   Copyright (c) 1998-2005 Richard Nelson.  All Rights Reserved.
#
#  This file is used to configure Sendmail for use with Debian systems.
#
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.15.2-18 2020-03-08 00:39:49 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
undefine(`confHOST_STATUS_DIRECTORY')dnl        #DAEMON_HOSTSTATS=
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
dnl #
dnl # General defines
dnl #
dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot()
dnl #   into this directory before writing files.
dnl #   If *all* your user accounts are under /home then use that
dnl #   instead - it will prevent any writes outside of /home !
dnl #   define(`confSAFE_FILE_ENV',             `')dnl
dnl #
dnl # Daemon options - restrict to servicing LOCALHOST ONLY !!!
dnl # Remove `, Addr=' clauses to receive from any interface
dnl # If you want to support IPv6, switch the commented/uncommentd lines
dnl #
FEATURE(`no_default_msa')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MTA-v4, Port=smtps, M=s, Addr=127.0.0.1')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl
dnl #
dnl # Be somewhat anal in what we allow
define(`confPRIVACY_FLAGS',dnl
`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
dnl #
dnl # Define connection throttling and window length
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
dnl #
dnl # Features
dnl #
dnl # use /etc/mail/local-host-names
FEATURE(`use_cw_file')dnl
dnl #
dnl # The access db is the basis for most of sendmail's checking
FEATURE(`access_db', , `skip')dnl
dnl #
dnl # The greet_pause feature stops some automail bots - but check the
dnl # provided access db for details on excluding localhosts...
FEATURE(`greet_pause', `1000')dnl 1 seconds
dnl #
dnl # Delay_checks allows sender<->recipient checking
FEATURE(`delay_checks', `friend', `n')dnl
dnl #
dnl # If we get too many bad recipients, slow things down...
define(`confBAD_RCPT_THROTTLE',`3')dnl
dnl #
dnl # Stop connections that overflow our concurrent and time connection rates
FEATURE(`conncontrol', `nodelay', `terminate')dnl
465FEATURE(`ratecontrol', `nodelay', `terminate')dnl
dnl #
dnl # If you're on a dialup link, you should enable this - so sendmail
dnl # will not bring up the link (it will queue mail for later)
dnl define(`confCON_EXPENSIVE',`True')dnl
dnl #
dnl # Dialup/LAN connection overrides
dnl #
include(`/etc/mail/m4/dialup.m4')dnl
include(`/etc/mail/m4/provider.m4')dnl
dnl #
dnl # Masquerading options
FEATURE(`always_add_domain')dnl
MASQUERADE_AS(`perdrix.co.uk')dnl
FEATURE(`allmasquerade')dnl
FEATURE(`masquerade_envelope')dnl
dnl #
dnl # Default Mailer setup
define(`SMART_HOST', `smtp.ionos.co.uk')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 465')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 465')dnl
define(`confAUTH_OPTIONS', `A p y')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash -o /etc/mail/auth/client-info.db')dnl
MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(`smtp')dnl

but that doesn’t work – it gets a connection reset from smtp.ionos.co.uk and the mail stays in the pending queue forever 🙁

This is when I see when I try to test sendmail:

echo "Subject: sendmail test" | sendmail -v [email protected]
[email protected]... Connecting to [127.0.0.1] via relay...
220 charon.home ESMTP Sendmail 8.15.2/8.15.2/Debian-18; Mon, 26 Jun 2023 06:49:41 +0100; (No UCE/UBE) logging access from: localhost(OK)-localhost [127.0.0.1]
>>> EHLO charon.home
250-charon.home Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<[email protected]> SIZE=23 [email protected]
250 2.1.0 <[email protected]>... Sender ok
>>> RCPT To:<[email protected]>
>>> DATA
250 2.1.5 <[email protected]>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
050 <[email protected]>... Connecting to smtp.ionos.co.uk. port 465 via relay...
050 <[email protected]>... Deferred: Connection reset by smtp.ionos.co.uk.
250 2.0.0 35Q5nfKb090974 Message accepted for delivery
[email protected]... Sent (35Q5nfKb090974 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 charon.home closing connection

I’ve tried all sorts of stuff and after six hours I am still tearing my hair trying to get this to play 🙁

Guidance most gratefully received …

Thanks
David

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Thank you for the suggestion to try port 587.

    Here's the result of changing sendmail.mc as follows:

    DAEMON_OPTIONS(`Family=inet,  Name=MTA-v4, Port=smtp, Addr=127.0.0.1')dnl

    and

    dnl # Default Mailer setup
define(`SMART_HOST', `smtp.ionos.co.uk')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_OPTIONS', `A p y')dnl

    I then rebuilt the config and started sendmail.

    This is what I got:

    Jun 27 10:29:32 charon sm-mta[348044]: 35R9TWRn348044: from=<[email protected]>, size=797, class=0, nrcpts=1, msgid=<[email protected]>, bodytype=7BIT, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:32 charon sm-msp-queue[348038]: 35R7016q328725: [email protected], ctladdr=root (0/0), delay=02:29:31, xdelay=00:00:00, mailer=relay, pri=750536, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWRn348044 Message accepted for delivery)
Jun 27 10:29:32 charon sm-mta[348044]: 35R9TWRp348044: from=<[email protected]>, size=967, class=0, nrcpts=1, msgid=<[email protected]>, bodytype=7BIT, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R701G9328726: [email protected], ctladdr=root (0/0), delay=02:29:33, xdelay=00:00:02, mailer=relay, pri=750706, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWRp348044 Message accepted for delivery)
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWRr348044: <[email protected]>... User unknown
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R6e1R1326321: [email protected], delay=02:49:33, xdelay=00:00:00, mailer=relay, pri=842526, relay=[127.0.0.1] [127.0.0.1], dsn=5.1.1, stat=User unknown
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWRr348044: from=<>, size=3190, class=0, nrcpts=0, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R6e1R1326321: 35R9TWnk348038: return to sender: User unknown
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWRt348044: <[email protected]>... User unknown
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R9TWnk348038: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=34214, relay=[127.0.0.1] [127.0.0.1], dsn=5.1.1, stat=User unknown
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWRt348044: from=<>, size=4214, class=0, nrcpts=0, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R6e1R1326321: Saved message in /var/lib/sendmail/dead.letter
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWRv348044: from=<>, size=2698, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R3e1pR303373: [email protected], delay=05:49:33, xdelay=00:00:00, mailer=relay, pri=1652104, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWRv348044 Message accepted for delivery)
Jun 27 10:29:34 charon sm-mta[348057]: 35R9TWRv348044: to=<[email protected]>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=32884, dsn=2.0.0, stat=Sent
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWRx348044: from=<>, size=2698, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R3e1pS303373: [email protected], delay=05:49:33, xdelay=00:00:00, mailer=relay, pri=1652104, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWRx348044 Message accepted for delivery)
Jun 27 10:29:34 charon sm-mta[348059]: 35R9TWRx348044: to=<[email protected]>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=32884, dsn=2.0.0, stat=Sent
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWS1348044: from=<[email protected]>, size=1491, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:34 charon sm-msp-queue[348038]: 35R2QPFT294367: [email protected], delay=07:03:09, xdelay=00:00:00, mailer=relay, pri=2011334, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWS1348044 Message accepted for delivery)
Jun 27 10:29:34 charon sm-mta[348044]: 35R9TWS3348044: from=<[email protected]>, size=1051, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:35 charon sm-msp-queue[348038]: 35QNZgct272189: to=<[email protected]>, [email protected] (0/0), delay=09:53:53, xdelay=00:00:01, mailer=relay, pri=2820806, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWS3348044 Message accepted for delivery)
Jun 27 10:29:35 charon sm-mta[348044]: 35R9TWS5348044: from=<[email protected]>, size=1051, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:35 charon sm-msp-queue[348038]: 35QNZgXc272209: to=<[email protected]>, [email protected] (0/0), delay=09:53:53, xdelay=00:00:00, mailer=relay, pri=2820806, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWS5348044 Message accepted for delivery)
Jun 27 10:29:35 charon sm-mta[348044]: 35R9TWS7348044: from=<>, size=2412, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:35 charon sm-msp-queue[348038]: 35QJ01QW238562: to=root, delay=14:29:33, xdelay=00:00:00, mailer=relay, pri=3991829, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWS7348044 Message accepted for delivery)
Jun 27 10:29:35 charon sm-mta[348067]: 35R9TWS7348044: to=<[email protected]>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=32598, dsn=2.0.0, stat=Sent
Jun 27 10:29:35 charon sm-mta[348044]: 35R9TWS9348044: from=<[email protected]>, size=791, class=0, nrcpts=1, msgid=<[email protected]>, bodytype=7BIT, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Jun 27 10:29:35 charon sm-msp-queue[348038]: 35QF01Hw199234: [email protected], ctladdr=root (0/0), delay=18:29:34, xdelay=00:00:00, mailer=relay, pri=5070530, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (35R9TWS9348044 Message accepted for delivery)
Jun 27 10:33:32 charon sm-mta[348046]: 35R9TWRn348044: to=<[email protected]>, ctladdr=<[email protected]> (0/0), delay=00:04:00, xdelay=00:04:00, mailer=relay, pri=120797, relay=smtp.ionos.co.uk. [213.165.67.99], dsn=4.0.0, stat=Deferred: Connection timed out with smtp.ionos.co.uk.
Jun 27 10:33:34 charon sm-mta[348056]: 35R9TWRp348044: to=<[email protected]>, ctladdr=<[email protected]> (0/0), delay=00:04:02, xdelay=00:04:00, mailer=relay, pri=120967, relay=smtp.ionos.co.uk. [213.165.67.99], dsn=4.0.0, stat=Deferred: Connection timed out with smtp.ionos.co.uk.
Jun 27 10:33:34 charon sm-mta[348062]: 35R9TWS1348044: to=<[email protected]>, delay=00:04:00, xdelay=00:04:00, mailer=relay, pri=121491, relay=smtp.ionos.co.uk. [213.165.67.99], dsn=4.0.0, stat=Deferred: Connection timed out with smtp.ionos.co.uk.
Jun 27 10:33:35 charon sm-mta[348064]: 35R9TWS3348044: to=<[email protected]>, ctladdr=<[email protected]> (0/0), delay=00:04:01, xdelay=00:04:00, mailer=relay, pri=121051, relay=smtp.ionos.co.uk. [213.165.67.99], dsn=4.0.0, stat=Deferred: Connection timed out with smtp.ionos.co.uk.
Jun 27 10:33:35 charon sm-mta[348066]: 35R9TWS5348044: to=<[email protected]>, ctladdr=<[email protected]> (0/0), delay=00:04:00, xdelay=00:04:00, mailer=relay, pri=121051, relay=smtp.ionos.co.uk. [213.165.67.99], dsn=4.0.0, stat=Deferred: Connection timed out with smtp.ionos.co.uk.
Jun 27 10:33:35 charon sm-mta[348070]: 35R9TWS9348044: to=<[email protected]>, ctladdr=<[email protected]> (0/0), delay=00:04:00, xdelay=00:04:00, mailer=relay, pri=120791, relay=smtp.ionos.co.uk. [213.165.67.99], dsn=4.0.0, stat=Deferred: Connection timed out with smtp.ionos.co.uk.

    So one step forward I think, but not connecting.


  2. 0

    Sendmail smart host requiring SMTP AUTH: use port 587 (msa) instead of 465 (smtps) WHENEVER POSSIBLE [2023-06-27]

    Try to smart host via port 587 (msa/submission) instead of 465 (smtps).

    1. smtp.ionos.co.uk seems to service port 587.
      telnet smtp.ionos.co.uk 587 gets SMTP greeting message.
    2. smtp.ionos.co.uk seems to offer SMTP AUTH over connections to port 587
      after STARTTLS (turning on encryption)
      It can be tested with tools like telnet-ssl provided on linux/debian.
      telnet-ssl supports connection to smtps and STARTTLS

    EXPLANATION:
    AFAIK making sendmail support support outgoing connections to smtps port(encryption started automatically before starting SMTP) is more complicated.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search