This writeup describes how to configure Sendmail to use passwd-based SMTP AUTH under FreeBSD. It was written based on my experiences with FreeBSD 4.7-RELEASE, Sendmail 8.12.6 and Cyrus-SASL 1.5.27. YMMV
Install the Sendmail Source Distribution:
The first step is to make sure the necessary source distributions are installed. You'll
need the contrib
, lib
and usbin
source packages. If you've already got
those installed, skip ahead and install Cyrus-SASL. Otherwise, follow the steps below:
# su
(enter your root password)
# /stand/sysinstall
Choose Configure
, then Distributions
, then
src
. Select contrib
, lib
and usbin
,
then press OK
and install the packages.
Install Cyrus-SASL:
Make sure you've updated your ports collection recently, then do this:
# cd /usr/ports/security/cyrus-sasl
# make install clean
From the menu that appears, select pwcheck
(and any other
authentication methods you want to play around with).
Configure Sendmail:
Edit /usr/local/lib/sasl/Sendmail.conf
(create it if it doesn't
already exist) and add this line:
pwcheck_method: passwd
Next, edit /etc/make.conf
(create it if it doesn't already exist), and
add these lines:
SENDMAIL_CFLAGS=-I/usr/local/include/sasl1 -DSASL
(that's "sasl1" as in "sas-L-one")
SENDMAIL_LDFLAGS=-L/usr/local/lib
SENDMAIL_LDADD=-lsasl
Recompile Sendmail:
# cd /usr/src/lib/libsm
# make cleandir
# make obj
# make
# cd /usr/src/lib/libsmutil
# make cleandir
# make obj
# make
# cd /usr/src/usr.sbin/sendmail
# make cleandir
# make obj
# make
# make install
Edit Sendmail Configuration:
Your Sendmail configuration file is probably /etc/mail/<hostname>.mc
,
where "<hostname>" is the host name of your computer. If that's not the case, then you
can just edit /etc/mail/freebsd.mc
. Add the following lines to the
file:
dnl SASL Options
TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl
define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl
define(`confDEF_AUTH_INFO', `/etc/mail/auth-info')dnl
And to put the configuration changes into effect:
# cd /etc/mail
# make
# cp <hostname>.cf sendmail.cf
(replace <hostname> with the name of your Sendmail config file)
One last command:
# killall -HUP sendmail
And we're done! You should now have a working installation of Sendmail with support for passwd-based
SMTP authentication. Enjoy!