尽管身份验证成功,Sendmail仍会被拒绝

我没有很多维护邮件服务器的经验,但尽管如此,我必须将sendmail配置为我的一台服务器的MTA.我有一个问题,即sendmail响应尝试将邮件发送到外部域的MUA:

“继承被拒绝.需要进行适当的身份验证.”

真正的问题是身份验证正在运行,并且对经过身份验证的用户拒绝中继.这是一个日志,显示成功的身份验证但拒绝中继.

注意:已从日志中删除敏感信息(用户名,IP的…). “myusername”是MUA使用的用户名,MYIP是MUA连接到sendmail的IP地址.

sendmail[31285]: p4GLALtU031285: <-- STARTTLS
sendmail[31285]: p4GLALtU031285: --- 220 2.0.0 Ready to start TLS
sendmail[31285]: STARTTLS=server, get_verify: 0 get_peer: 0x0
sendmail[31285]: STARTTLS=server, relay=MYDOMAIN [MYIP], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-CAMELLIA256-SHA, bits=256/256
sendmail[31285]: STARTTLS=server, cert-subject=, cert-issuer=, verifymsg=ok
sendmail[31285]: AUTH: available mech=PLAIN ANONYMOUS LOGIN, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
sendmail[31285]: STARTTLS=read, info: fds=7/4, err=2
sendmail[31285]: p4GLALtU031285: <-- EHLO [127.0.0.1]
sendmail[31285]: p4GLALtV031285: --- 250-example.com Hello MYDOMAIN [MYIP], pleased to meet you
sendmail[31285]: p4GLALtV031285: --- 250-ENHANCEDSTATUSCODES
sendmail[31285]: p4GLALtV031285: --- 250-PIPELINING
sendmail[31285]: p4GLALtV031285: --- 250-8BITMIME
sendmail[31285]: p4GLALtV031285: --- 250-SIZE
sendmail[31285]: p4GLALtV031285: --- 250-DSN
sendmail[31285]: p4GLALtV031285: --- 250-ETRN
sendmail[31285]: p4GLALtV031285: --- 250-AUTH LOGIN PLAIN
sendmail[31285]: p4GLALtV031285: --- 250-DELIVERBY
sendmail[31285]: p4GLALtV031285: --- 250 HELP
sendmail[31285]: STARTTLS=read, info: fds=7/4, err=2
sendmail[31285]: p4GLALtV031285: <-- AUTH PLAIN XXXXXXXXXXXXXXXXXXXXX==
sendmail[31285]: p4GLALtV031285: --- 235 2.0.0 OK Authenticated
sendmail[31285]: AUTH=server, relay=MYDOMAIN [MYIP], authid=myusername, mech=PLAIN, bits=0
sendmail[31285]: STARTTLS=read, info: fds=7/4, err=2
sendmail[31285]: p4GLALtV031285: <-- MAIL FROM:<myusername@example.com> SIZE=382
sendmail[31285]: p4GLALtV031285: --- 250 2.1.0 <myusername@example.com>... Sender ok
sendmail[31285]: STARTTLS=read, info: fds=7/4, err=2
sendmail[31285]: p4GLALtV031285: <-- RCPT TO:<test@gmail.com>
sendmail[31285]: p4GLALtV031285: --- 550 5.7.1 <test@gmail.com>... Relaying denied. Proper authentication required.

为什么sendmail会回复“235 2.0.0 OK Authenticated”,然后说“继续拒绝.需要进行适当的身份验证.”?我觉得我在这里缺少一些重要的东西.

这是sendmail.mc文件的相关部分:

define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN'i)dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

这是/ etc / mail / access.它在安装后处于默认状态

# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# If you want to use AuthInfo with "M:PLAIN LOGIN", make sure to have the
# cyrus-sasl-plain package installed.
#
# By default we allow relaying from localhost...
Connect:localhost.localdomain           RELAY
Connect:localhost                       RELAY
Connect:127.0.0.1                       RELAY
最佳答案
谢谢您的意见.问题已经解决,解决方案是愚蠢和令人尴尬的.感谢AlexD我做了:

grep AuthMech sendmail.cf

得到了这个:

C{TrustAuthMech}EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAINi

那封信“我”在那里做什么?我不是sendmail专家,但我认为这不是指定“PLAIN”身份验证的正确方法.我检查了.mc文件,字母“i”在这里:

TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN'i)dnl

删除它,重建配置,重新启动服务器,就是这样.一切都按预期工作.

转载注明原文:尽管身份验证成功,Sendmail仍会被拒绝 - 代码日志