Hi all,

I'm fairly new to linux/unix administartion and I'm trying to set-up the ability to read my mail (!). This weekend I successfully figured out how to update the MX records using zoneedit.com and have got xinetd and the sendmail daemon running. Email is coming in and I am able to log in to my server and check and send email via pine.

I'm using RH9 and here are various parts of (what I think) are the relevant files:

/etc/hosts.allow

# I'm trying all these flavors because I
# don't know which one works...
in.xinetd: .austin.rr.com .tx.swbell.net
in.smtpd: .austin.rr.com .tx.swbell.net
in.sendmail: .austin.rr.com .tx.swbell.net
pop3: .austin.rr.com .tx.swbell.net
ipop3: .austin.rr.com .tx.swbell.net
ipop3d: .austin.rr.com .tx.swbell.net

/etc/xinetd.d/ipop3

service pop3
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/sendmail -f tracer@axiomfire.com -t
server_args = -t
log_on_success += PID HOST DURATION USERID
log_on_failure += PID HOST USERID
only_from = 0.0.0.0
disable = no
}

/etc/mail/sendmail.mc

# a few dozen lines down...
dnl #
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
dnl #

Also, with my current setup, I can't send mail with an external client to anyone but a user of the system. I get the message 'Relaying denied'.

Any help to get me on my feet with system administration would be very helpful. I have scoured man pages and googled many a series of keywords trying to find the answer. I know I must be missing something really simple, but crucial.

My guess might be that sendmail doesn't function as a pop3 daemon? I saw something about ipop3d, but I tried to run it and still had no luck.

Thanks a lot!
--Tracy

Okay, you've got a couple of problems.

1. You're confusing sending mail and retrieving mail. You use SMTP (which will talk to sendmail) to send mail, and POP3 (which, as you've guessed, has nothing to do with sendmail) to retrieve mail.

2. Sendmail is correctly saying that it won't allow an external user (e.g. your mail client) to send mail to anyone not local. Trying to do so is called relaying, and allowing it is a bad idea, as it allows anyone to send mail via your server (think spam.)

To solve 1), you'll need a POP server, which it sounds like you've installed, but will allow you to retrieve mail.

To solve 2, you need to enable relaying by *YOUR CLIENT ALONE*. The common way to do this is called "pop before smtp", and if you search the web, you'll see lots of how-to docs.

As a side note, if you are a newbie to the whole mailserver thing, I'd *strongly* recommend ditching sendmail and installing postfix. See http:www.postfix.org. Sendmail configuration will make you crazy...not to mention that it's a disaster security wise.

_________________
The irony is that Bill Gates claims to be making a stable operating system and Linus Torvalds claims to be trying to take over the world.
-- seen on the net

As Steve says, sendmail is not a POP3 server. I think qpopper is probably the most popular POP3 server. Googling for it should turn up lots of instructions.



If it is convenient, you should probably use your ISP SMTP server to send mail instead of your Linode. That bypasses this problem completely. If you must relay from your Linode, you have a few choices:

1. Use SASL authenticated SMTP. This requires support in your mail client to send a username and password before relaying. Most mail clients support this now. This is what I would recommend. I don't know the specifics for sendmail - like Steve, I use Postfix - but Googling for 'sasl sendmail' or 'sendmail auth' turns up links like http://www.sendmail.org/~ca/email/auth.html

2. As Steve says, you can use POP before SMTP. This is a bit of a kludge that allows relaying after seeing a valid POP3 login. This works...but because vanilla POP3 transmits usernames and passwords in the clear it is a security risk. You can set up APOP or other encryption layers to avoid this, but it might be more trouble than authenticated SMTP.

3. Tunnel over ssh. An ssh connection can pass access to a port on your local machine to a port on the remote machine. The remote machine will accept the connection as local to it and relay mail.

What you should definitely *NOT* do is configure your mail server to relay from anyone. While this will work, you will be found and exploited by spammers in a matter of days, if not hours. Your Linode and perhaps other Linodes in your IP block could be blacklisted, and we don't want that to happen. If you're new at this sort of thing, point an open relay tester like http://www.abuse.net/relay.html at your server after you make any configuration changes to make sure you aren't vulnerable.

For beginners at Linux administration, I would again recommend O'Reilly Safari, which I summarized at http://www.linode.com/forums/viewtopic.php?t=273 There is a two week free trial, which is a fair amount of time to get things up and running.

Roy

Thanks for all the help. I've got my system up and running now with postfix and qpopper, while using my ISP to send email. qpopper definitely was easy to set-up with APOP, as was postfix's installation script.

--T