I've just sorted the problem - seems the solution is smart hosts - read
below - all this is quoted from the saintly
http://www.dslreports.com/forum/remark,8732573~mode=full
YIPEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE!
------------------------------------------------------------ ------------------------------------------------------------ --
setting up Sendmail using new auth requirements
I thought I would share the results of my experimentation in getting
Sendmail to work with outgoing.verizon.net. Specifically, the
configuration I have established will work for Sendmail 8.12.8; it may
work with others too, but this is the one that comes with Red Hat Linux
9. I would also be interested if anyone has any ideas for additions or
corrections. If it passes review here after a while, I guess I'll
suggest that it be added to the Verizon FAQ.
As you know, in an attempt to reduce spam, Verizon began requiring all
outbound customer email to issue a MAIL FROM: during the SMTP session
with a local (e.g., [at] verizon.net) address. Subsequently, they also
required that you authenticate using your Verizon user ID and password
as well. Many other broadband providers have blocked all outbound
connections on the default SMTP TCP port except for their relays, and
it may be only a matter of time before Verizon does this too.
For most users (who use something like Mozilla, Internet Explorer,
Eudora, etc.), this is not a problem because those MUAs (mail user
agents) have configuration dialogs and fancy stuff like that which
already "know" how to interact with ESMTP servers that require
authentication. Sendmail's documentation does explain it, but it is
very general and doesn't cover how exactly to set up this for the
simple case of the Verizon server.
The first thing that's required is to tell Sendmail that it should use
a "smart host." A smart host is a mail server that takes all one's
outbound mail and delivers it to the final recipients on behalf of
one's copy of Sendmail. While it is advantageous to send mail
autonomously (without a smart host), Verizon may administer their
networks sometime in the future to make this impossible. One does this
by adding the following to one's sendmail.mc file and rebuilding the
configuration with M4:
define(`SMART_HOST', `outgoing.verizon.net')
Those of you who have worked with M4 before know that string literals
are expressed differently than in most compiler or interpreter
programs. Whereas most programs use the same open and close marks (such
as quote or apostrophe), M4 strings start with a backquote and end with
apostrophe, so be careful when editing. Alternately, if you don't like
to use M4 or you don't have all of Sendmail's M4 support files on your
computer, and you'd like to edit sendmail.cf directly, the macro
definition ("D") for the smart host is "S". So typically there is a
line with just "DS" on it; you can change this to
"DSoutgoing.verizon.net". This is what the above define() should
produce after processing sendmail.mc with M4.
The next part is harder if you don't use M4 and you don't use the
access.db file already (because I don't know what is generated in
sendmail.cf for the access map. You need to add the following macro
call to your sendmail.mc:
FEATURE(`access_db')
This sets up Sendmail to use a hash table file called
/etc/mail/access.db. It is built using makemap, typically from
/etc/mail/access. Red Hat for example makes this a bit easier by
providing a Makefile, so all one has to do is change one's working
directory to /etc/mail and type in make as the superuser (root). Since
this feature is so heavily used, even if your sendmail.cf was built
with M4 by somebody else (such as Red Hat), chances are they included
this feature already.
Next, you must edit that file named access to add an "AuthInfo:" key.
These hash file input files are simple text files, with one entry per
line, the lookup key on the left, some whitespace, and the key's value
on the right. So you need to add a line like the following:
AuthInfo:outgoing.verizon.net "U:youruserid [at] verizon.net"
"I:youruserid [at] verizon.net" "P:yourmailpassword" "M:PLAIN"
The quote marks are required. Having both "U" and "I" subkeys seems to
be a Sendmail requirement (says so right in the README.cf file),
although they worked for me when they were the same. I'm not sure if
the domain ( [at] verizon.net) part is required, but again, it worked for me
like this. The M subkey is the authentication mechanism, and so far,
Verizon is using just plain text. Remember: at least your password, and
probably your username too, is case sensitive. If your password happens
to have some strange characters (e.g. Ctrl chars), instead of using
"P:" you can use "P=" and insert the base64 encoding of your password.
Now all you have to do is make sure your sendmail.cf corresponds to
your sendmail.mc (Red Hat 9 users can just make -C /etc/mail to
automatically invoke M4), make sure your access.db corresponds to your
access, and restart Sendmail (Red Hat et. al., service sendmail
restart).
If you don't have a Makefile, the commands go some thing like this as
the superuser:
cd /etc/mail
m4 sendmail.mc >sendmail.cf
makemap hash access.db <access
You can check your result with a Telnet client like this (assuming your
Sendmail is on the local host and you have access to email somewhere
else):
telnet localhost smtp
mail from:<youruserid [at] verizon.net>
rcpt to:<yourid [at] yahoo.com>
data
To: yourid [at] yahoo.com
Subject: test of Sendmail smart host
testing...
..
quit
Only bare addresses (no names or anything else) with "<" before and ">"
after are acceptable here. The "." on a line by itself (no spaces
around it either) is important. This tells Verizon's MTA (mail
transport agent) that the message is done. Similarly, the totally blank
line between "Subject: ..." and "testing" is necessary; it ends the
mail headers and begins the mail body. Usually, right after Sendmail is
through collecting the "message" from you, it should make a connection
to "outgoing.verizon.net". In a little while, this little test message
should show up in the inbox of whatever address you typed in after
"rcpt to:".
------------------------------------------------------------ ---------
