/ 中存储网

sendmail邮件服务器配置加密与认证

2014-07-13 20:21:42 来源:中存储网

sendmail邮件服务器的加密与认证

对于邮件服务器,有 许多客户机/服务器协议没有验证能力,sasl就是用于加强或增加这类协议的一种通用方法。当你设定sasl时,你必须决定两件事;一是用于交换“标识信 息”(或称身份证书)的验证机制;一是决定标识信息存储方法的验证架构。sasl验证机制规范client与server之间的应答过程以及传输内容的编 码法,sasl验证架构决定服务器本身如何存储客户端的身份证书以及如何核验客户端提供的密码。如果客户端能成功通过验证,服务器端就能确定用户的身份,并借此决定用户具有怎样的权限。对sendmail而言,所谓的“权限”指的就是转发服务的访问权。你也可以决定通过验证的用户在转发邮件时,是否要使用特 定的寄件人地址。

搭建邮件服务器 

邮件服务器正常使用一般需安装如下软件:

sendmail-8.13.8-2.el5.i386.rpm

1. 安装sendmail-cf

 [root@localhost Server]# rpm -ivh sendmail-cf-8.13.8-2.el5.i386.rpm

2.  查看sendmail运行的端口

[root@localhost mail]# netstat -tupln |grep sendmail

tcp        0      0 127.0.0.1:25    0.0.0.0:*   LISTEN      2674/sendmail: acce

3.  编辑sendmail.mc文件

[root@localhost Server]# cd /etc/mail 

[root@localhost mail]# vim sendmail.mc

116 DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl

4.  重启sendmail服务

[root@localhost mail]# service sendmail restart

Shutting down sm-client:                                   [ OK ]

Shutting down sendmail:                                    [ OK ]

Starting sendmail:                                         [ OK ]

Starting sm-client:                                        [ OK ]

5.  再次查看sendmail运行的端口

[root@localhost mail]# netstat -tupln |grep sendmail

tcp        0      0 0.0.0.0:25     0.0.0.0:*      LISTEN      3299/sendmail: acce

6.  在该域组内添加两个用户

[root@localhost mail]# useradd user1

[root@localhost mail]# useradd user2

[root@localhost mail]# echo "123" |passwd --stdin user1

[root@localhost mail]# echo "123" |passwd --stdin user2

7.  设置中继

[root@localhost mail]# vim access

在access文件中添加如下

10 Connect:192.168.2.100                   RELAY

8. 重启sendmail服务

[root@localhost mail]# service sendmail restart

9.   测试能否给192.168.2.100 发/收邮件

[root@localhost mail]# telnet 192.168.2.100 25

Trying 192.168.2.100...

Connected to 192.168.2.100 (192.168.2.100).

Escape character is '^]'.

mail from:aaa@aaa.com

220 localhost.localdomain ESMTP Sendmail 8.13.8/8.13.8; Wed, 21 Mar 2012 11:53:43 +0800

250 2.1.0 aaa@aaa.com... Sender ok

rcpt to:aa@163.com

250 2.1.5 aa@163.com... Recipient ok (will queue)

quit

可以发/收邮件

10.在local-host-names文件中添加本地域名

[root@localhost mail]# vim local-host-names

bj.com

11修改access文件

[root@localhost mail]# vim access

Connect:192.168.2                         RELAY

sh.com                                  RELAY

bj.com                                  OK

12.DNS服务器的配置

bj架设自己的dns服务

1.安装有关dns服务器的主要软件包

[root@localhost Server]# rpm -ivh bind-9.3.6-4.P1.el5.i386.rpm

[root@localhost Server]# rpm -ivh bind-chroot-9.3.6-4.P1.el5.i386.rpm          

[root@localhost Server]# rpm -ivh caching-nameserver-9.3.6-4.P1.el5.i386.rpm

2.复制named.caching-nameserver.conf文件并命名为named.conf

[root@localhost Server]# cd /var/named/chroot/etc/

[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf

3.编辑name.conf文件

[root@localhost etc]# vim named.conf

15    listen-on port 53 { any; };

27     allow-query     { any; };

 28    allow-query-cache { any; };

36 view localhost_resolver {

 37   match-clients      { any; };

 38   match-destinations { any; };

 39    recursion yes;

 40     include "/etc/named.rfc1912.zones";

4.编辑区域声明文件(正/反方向解析)

[root@localhost etc]# vim named.rfc1912.zones

复制15-19 并修改

20 zone "bj.com" IN {

 21    type master;

 22     file "bj.com.db";

 23     allow-update { none; };

 24 };

   

复制44-48行 添加如下:

50 zone "2.168.192.in-addr.arpa" IN {

 51         type master;

 52         file "192.168.2.db";

 53         allow-update { none; };

 54 };

          

                                                                                                                                                 
5.生成数据库文件

[root@localhost etc]# cd ../var/named/

[root@localhost named]# cp -p localhost.zone bj.com.db

[root@localhost named]# cd /var/named/chroot/var/named/

[root@mail named]# cp -p named.local 192.168.2.db

                                                                                                                                                 
6.编辑数据库文件

[root@localhost named]# vim bj.com.db

 

   

[root@mail named]# vim 192.168.2.db

  

100 IN                  PTR                     mail.bj.com.

101 IN                     PTR                     mail.sh.com.

                                                                                                                                             
7.设置开机自动启动dns,并启动dns服务

[root@localhost named]# chkconfig named on

[root@localhost etc]# service named start

Starting named:                                            [ OK ]

8.设置dns指向

[root@localhost etc]# vim /etc/resolv.conf

nameserver 192.168.2.100

9.编辑network文件

[root@localhost named]# vim /etc/sysconfig/network

HOSTNAME=mail.bj.com

10编辑hosts文件.

[root@localhost named]# vim /etc/hosts

127.0.0.1               mail.bj.com localhost.localdomain localhost

11.重启系统

[root@localhost named]# init 6

12.查看dns和sendmail服务器的状态

[root@mail ~]# service named status

server is up and running

named (pid 2378) is running...

[root@mail ~]# service sendmail status

sendmail (pid 2704) is running...

13.检测dns能否解析

[root@mail ~]# nslookup

> set q=any

> mail.bj.com

Server:               192.168.2.100

Address: 192.168.2.100#53

 

Name:      mail.bj.com

Address: 192.168.2.100

 

14.使用Windows测试内部邮件的发送

使用Outlook Express 步骤如下:

 

 

 

完成user1账户的创建

创建邮件并发送:

 

发送后在sendmail服务器日志上查看

[root@mail ~]# tail -f /var/log/maillog

Mar 21 17:03:22 mail sendmail[3336]: q2L93MSd003336: from=<user1@bj.com>, size=409, class=0, nrcpts=1, msgid=<AA961B346B454E0884074973A8AA3E43@usergsc>, proto=SMTP, daemon=MTA, relay=[192.168.2.10]

Mar 21 17:03:22 mail sendmail[3339]: q2L93MSd003336: to=<user1@bj.com>, ctladdr=<user1@bj.com> (500/500), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30566, dsn=2.0.0, stat=Sent

可以看出已经成功发送!!!

14.为邮件服安装接受邮件服务器(dovecot)

[root@mail ~]# yum install -y dovecot

15.编辑dovecot文件

[root@mail ~]# vim /etc/dovecot.conf

修改如下:

 20 #protocols = imap imaps pop3 pop3s

 21 protocols = imap pop3

16.设置dovecot服务为开机自动启动,并重启该服务

[root@mail ~]# chkconfig dovecot on

[root@mail ~]# service dovecot restart

Stopping Dovecot Imap:                                     [ OK ]

Starting Dovecot Imap:                                     [ OK ]

17.查看运行该服务的端口

[root@mail ~]# netstat -tupln |grep dov

tcp        0      0 :::110        :::*              LISTEN      3507/dovecot       

tcp        0      0 :::143        :::*              LISTEN      3507/dovecot   

18.检测邮件能否正常接收

 

 

[root@mail ~]# tail -f /var/log/maillog

Mar 21 17:40:02 mail dovecot: Dovecot v1.0.7 starting up

Mar 21 17:40:02 mail dovecot: Generating Diffie-Hellman parameters for the first time. This may take a while..

Mar 21 17:40:09 mail dovecot: Killed with signal 15

Mar 21 17:40:09 mail dovecot: Dovecot v1.0.7 starting up

Mar 21 17:40:09 mail dovecot: Generating Diffie-Hellman parameters for the first time. This may take a while..

Mar 21 17:45:41 mail dovecot: pop3-login: Login: user=<user1>, method=PLAIN, rip=::ffff:192.168.2.10, lip=::ffff:192.168.2.100

可以看出users1能正常接受邮件!!!

邮件服务器的加密与认证

查看编译信息

[root@mail ~]# sendmail -d0.1 -bv

Version 8.13.8

 Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX

                   MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6

                   NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS

                   TCPWRAPPERS USERDB USE_LDAP_INIT

 

============ SYSTEM IDENTITY (after readcf) ============

      (short domain name) $w = mail

 (canonical domain name) $j = mail.bj.com

         (subdomain name) $m = bj.com

              (node name) $k = mail.bj.com

========================================================

 

Recipient names must be specified

[root@mail ~]# telnet 127.0.0.1 25

Trying 127.0.0.1...

Connected to mail.bj.com (127.0.0.1).

Escape character is '^]'.

220 mail.bj.com ESMTP Sendmail 8.13.8/8.13.8; Fri, 23 Mar 2012 15:54:24 +0800

EHLO 127.0.0.1

250-mail.bj.com Hello mail.bj.com [127.0.0.1], pleased to meet you

250-ENHANCEDSTATUSCODES

250-PIPELINING

250-8BITMIME

250-SIZE

250-DSN

250-ETRN

250-DELIVERBY

250 HELP

QUIT

发送邮件服务器

starttls(smtp+ssl)

建立服务器证书

[root@mail ~]# cd /etc/pki/CA/

[root@mail CA]# cd ..

[root@mail pki]# vim tls/openssl.cnf

45 dir             = /etc/pki/CA           # Where everything is kept

88 countryName             = optional

 89 stateOrProvinceName     = optional

 90 organizationName        = optional

[root@mail CA]# mkdir crl certs netcerts

[root@mail CA]# touch index.txt serial

[root@mail CA]# echo "01" >serial

创建CA私钥

[root@mail CA]# openssl genrsa 1024 >private/cakey.pem

Generating RSA private key, 1024 bit long modulus

..............................................++++++

........................................++++++

e is 65537 (0x10001)

[root@mail CA]# chmod 600 private/*

创建ca证书

[root@mail CA]# openssl req -new -key private/cakey.pem -x509 -out cacert.pem -days 3650

Country Name (2 letter code) [GB]:CN

State or Province Name (full name) [Berkshire]:BEIJING

Locality Name (eg, city) [Newbury]:BEIJING

Organization Name (eg, company) [My Company Ltd]:SECCENTER

Organizational Unit Name (eg, section) []:tec

Common Name (eg, your name or your server's hostname) []:rootca.net.net

Email Address []:

创建钥匙

[root@mail CA]# cd /etc/mail

[root@mail mail]# mkdir certs

[root@mail mail]# cd certs/

[root@mail certs]# openssl genrsa 1024 >sendmail.key

Generating RSA private key, 1024 bit long modulus

........++++++

...........................++++++

e is 65537 (0x10001)

请求文件

[root@mail certs]# openssl req -new -key sendmail.key -out sendmail.csr

Country Name (2 letter code) [GB]:CN

State or Province Name (full name) [Berkshire]:HENAN

Locality Name (eg, city) [Newbury]:ZHENGZHOU

Organization Name (eg, company) [My Company Ltd]:ZZDX

Organizational Unit Name (eg, section) []:tec

Common Name (eg, your name or your server's hostname) []:mail.bj.com

Email Address []:

证书

[root@mail certs]# openssl ca -in sendmail.csr -out sendmail.cert

Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y

编辑sendmail.mc文件

[root@mail mail]# pwd

/etc/mail

[root@mail mail]# vim sendmail.mc

60 define(`confCACERT_PATH', `/etc/mail/certs')dnl

 61 define(`confCACERT', `/etc/mail/certs/cacert.pem')dnl

 62 define(`confSERVER_CERT', `/etc/mail/certs/sendmail.cert')dnl

 63 define(`confSERVER_KEY', `/etc/mail/certs/sendmail.key')dnl

134 DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

设置钥匙权限

[root@mail certs]# chmod 600 sendmail.key

拷贝cacert.pem到当前目录下

[root@mail certs]# pwd

/etc/mail/certs

[root@mail certs]# cp /etc/pki/CA/cacert.pem ./

重启sendmail服务

[root@mail mail]# service sendmail restart

Shutting down sm-client:                                   [ OK ]

Shutting down sendmail:                                    [ OK ]

Starting sendmail:                                         [ OK ]

Starting sm-client:                                        [ OK ]

查看一下

[root@mail certs]# telnet 127.0.0.1 25

Trying 127.0.0.1...

Connected to mail.bj.com (127.0.0.1).

Escape character is '^]'.

220 mail.bj.com ESMTP Sendmail 8.13.8/8.13.8; Fri, 23 Mar 2012 18:17:34 +0800

EHLO 127.0.0.1

250-mail.bj.com Hello mail.bj.com [127.0.0.1], pleased to meet you

250-ENHANCEDSTATUSCODES

250-PIPELINING

250-8BITMIME

250-SIZE

250-DSN

250-ETRN

250-STARTTLS

250-DELIVERBY

250 HELP

测试

北京外部邮件客户机测试

用户user1选上安全连接ssl

 

 

发送邮件和接受邮件时打开日志监控并打开抓包工具,得到如下信息

[root@mail certs]# tail -f /var/log//maillog

Mar 23 19:08:08 mail sendmail[4219]: STARTTLS=server, relay=[192.168.2.3], version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128

Mar 23 19:08:08 mail sendmail[4219]: q2NB88dj004219: from=<user1@bj.com>, size=1196, class=0, nrcpts=1, msgid=<B1896E86FE044F089D3715128ED98012@201106201040>, proto=SMTP, daemon=MTA, relay=[192.168.2.3]

Mar 23 19:08:09 mail sendmail[4220]: q2NB88dj004219: to=<user1@bj.com>, ctladdr=<user1@bj.com> (500/500), delay=00:00:01, xdelay=00:00:00, mailer=local, pri=31415, dsn=2.0.0, stat=Sent

Mar 23 19:08:44 mail dovecot: pop3-login: Login: user=<user1>, method=PLAIN, rip=::ffff:192.168.2.3, lip=::ffff:192.168.2.100

Mar 23 19:08:44 mail dovecot: POP3(user1): Disconnected: Logged out top=0/0, retr=1/1494, del=1/1, size=1477

[root@mail Server]# tshark -ni etho -R "tcp.dsport eq 110"

130.317087 192.168.2.3 -> 192.168.2.100 TCP 2446 > 110 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=3

130.317398 192.168.2.3 -> 192.168.2.100 TCP 2446 > 110 [ACK] Seq=1 Ack=1 Win=372296 Len=0

130.319027 192.168.2.3 -> 192.168.2.100 POP Request: USER user1

130.319511 192.168.2.3 -> 192.168.2.100 POP Request: PASS 123

130.406052 192.168.2.3 -> 192.168.2.100 POP Request: STAT

130.435409 192.168.2.3 -> 192.168.2.100 POP Request: LIST

130.439985 192.168.2.3 -> 192.168.2.100 POP Request: RETR 1

可以看出发送邮件时已经采用ssl进行加密,接受时还是采用明文pop3接受北抓包工具截获到帐号和密码

dovecot接收服务器实现安全接受(pops)

钥匙请求文件

[root@mail certs]# mkdir -pv /etc/dovecot/certs

mkdir: created directory `/etc/dovecot'

mkdir: created directory `/etc/dovecot/certs'

[root@mail certs]# cd /etc/dovecot/certs/

[root@mail certs]# openssl genrsa 1024 >dovecot.key

Generating RSA private key, 1024 bit long modulus

..................++++++

......................++++++

e is 65537 (0x10001)

产生请求

[root@mail certs]# openssl req -new -key dovecot.key -out dovecot.csr

Country Name (2 letter code) [GB]:CN

State or Province Name (full name) [Berkshire]:HENAN

Locality Name (eg, city) [Newbury]:ZHENGZHOU

Organization Name (eg, company) [My Company Ltd]:ZZDX

Organizational Unit Name (eg, section) []:tec

Common Name (eg, your name or your server's hostname) []:pop3.bj.com

Email Address []:

请求证书

[root@mail certs]# openssl ca -in dovecot.csr -out dovecot.cert

Certificate Details:

        Serial Number: 2 (0x2)

        Validity

            Not Before: Mar 23 13:04:19 2012 GMT

            Not After : Mar 23 13:04:19 2013 GMT

        Subject:

            countryName               = CN

            stateOrProvinceName       = HENAN

            organizationName          = ZZDX

            organizationalUnitName    = tec

            commonName                = pop3.bj.com

Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y

修改权限

[root@mail certs]# chmod 600 *

编辑dovecot.conf文件

[root@mail certs]# vim /etc/dovecot.conf

21 protocols = imap pop3 imaps

 94 ssl_cert_file = /etc/dovecot/certs/dovecot.cert

 95 ssl_key_file = /etc/dovecot/certs/dovecot.key

重启服务

[root@mail certs]# service dovecot restart

Stopping Dovecot Imap:                                     [ OK ]

Starting Dovecot Imap:                                     [ OK ]

查看运行端口

[root@mail certs]# netstat -tupln |grep dov

tcp        0      0 :::993                      :::*                        LISTEN      4328/dovecot       

tcp        0      0 :::110                      :::*                        LISTEN      4328/dovecot       

tcp        0      0 :::143                      :::*                        LISTEN      4328/dovecot 

测试接受邮件时是否加密

 

 

发送和接收邮件时查看到的日志和抓取到的信息如下

[root@mail certs]# tail -f /var/log/maillog

Mar 23 21:52:23 mail sendmail[4377]: STARTTLS=server, relay=[192.168.2.3], version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128

Mar 23 21:52:23 mail sendmail[4377]: q2NDqNw5004377: from=<user2@bj.com>, size=1179, class=0, nrcpts=1, msgid=<E198C88DE29A412893A4F7F067040E51@201106201040>, proto=SMTP, daemon=MTA, relay=[192.168.2.3]

Mar 23 21:52:23 mail sendmail[4384]: q2NDqNw5004377: to=<user2@bj.com>, ctladdr=<user2@bj.com> (501/501), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31398, dsn=2.0.0, stat=Sent

Mar 23 21:52:24 mail dovecot: imap-login: Login: user=<user2>, method=PLAIN, rip=::ffff:192.168.2.3, lip=::ffff:192.168.2.100, TLS

[root@mail Server]# tshark -ni eth0 -R "tcp.dstport eq 993"

345.571410 192.168.2.3 -> 192.168.2.100 TCP 3032 > 993 [ACK] Seq=292 Ack=836 Win=371464 Len=0

345.573477 192.168.2.3 -> 192.168.2.100 TLSv1 Application Data

345.574578 192.168.2.3 -> 192.168.2.100 TLSv1 Application Data

345.667520 192.168.2.3 -> 192.168.2.100 TLSv1 Application Data

345.673284 192.168.2.3 -> 192.168.2.100 TLSv1 Application Data

345.674900 192.168.2.3 -> 192.168.2.100 TLSv1 Application Data

可以看出邮件已成功发送和接收并没有被截获信息,实现了安全性的收发

邮件证书认证sasl

由于邮件服务器能够让所有用户发送邮件,这并不安全,为了解决这一现状,我们采用sasl

是一种双方通信的规则,是合法帐号才可以发送

环境

[root@mail Server]# rpm -qa |grep sasl

cyrus-sasl-lib-2.1.22-5.el5

cyrus-sasl-2.1.22-5.el5

cyrus-sasl-devel-2.1.22-5.el5

cyrus-sasl-plain-2.1.22-5.el5

[root@mail Server]# chkconfig --list |grep sasl

saslauthd           0:off 1:off 2:off 3:off 4:off 5:off 6:off

启动该服务,并设置为开机自动启动

[root@mail Server]# service saslauthd start

Starting saslauthd:                                        [ OK ]

[root@mail Server]# chkconfig saslauthd on

编辑sendmail.mc文件

[root@mail Server]# vim /etc/mail/sendmail.mc

39 define(`confAUTH_OPTIONS', `A y')dnl

52 TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

 53 define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

重启服务

[root@mail Server]# service sendmail restart

Shutting down sm-client:                                   [ OK ]

Shutting down sendmail:                                    [ OK ]

Starting sendmail:                                         [ OK ]

Starting sm-client:                                        [ OK ]

查看

[root@mail Server]# telnet 127.0.0.1

Trying 127.0.0.1...

telnet: connect to address 127.0.0.1: Connection refused

telnet: Unable to connect to remote host: Connection refused

[root@mail Server]# telnet 127.0.0.1 25

Trying 127.0.0.1...

Connected to mail.bj.com (127.0.0.1).

Escape character is '^]'.

220 mail.bj.com ESMTP Sendmail 8.13.8/8.13.8; Fri, 23 Mar 2012 23:24:43 +0800

EHLO 127.0.0.1

250-mail.bj.com Hello mail.bj.com [127.0.0.1], pleased to meet you

250-ENHANCEDSTATUSCODES

250-PIPELINING

250-8BITMIME

250-SIZE

250-DSN

250-ETRN

250-AUTH LOGIN PLAIN

250-STARTTLS

250-DELIVERBY

250 HELP

强制验证

[root@mail Server]# vim /etc/mail/sendmail.mc

116 DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA M=Ea')dnl

重启服务

[root@mail Server]# service sendmail restart

测试

用客户机user2给root用户发送邮件,查看出的日志如下

 

编码帐号: 

[root@mail ~]# echo -n "root" |openssl base64

cm9vdA==

[root@mail ~]# echo -n "redhat" |openssl base64

cmVkaGF0

[root@mail ~]# telnet 127.0.0.1 25

Trying 127.0.0.1...

Connected to mail.bj.com (127.0.0.1).

Escape character is '^]'.

220 mail.bj.com ESMTP Sendmail 8.13.8/8.13.8; Sat, 24 Mar 2012 00:25:25 +0800

EHLO 127.0.0.1

250-mail.bj.com Hello mail.bj.com [127.0.0.1], pleased to meet you

250-ENHANCEDSTATUSCODES

250-PIPELINING

250-8BITMIME

250-SIZE

250-DSN

250-ETRN

250-AUTH LOGIN PLAIN

250-STARTTLS

250-DELIVERBY

250 HELP

AUTH LOGIN cm9vdA==

334 UGFzc3dvcmQ6

cmVkaGF0

235 2.0.0 OK Authenticated

MAIL FROM:user2@bj.com     

250 2.1.0 user2@bj.com... Sender ok

RCPT TO:root@bj.com

250 2.1.5 root@bj.com... Recipient ok

DATA

354 Enter mail, end with "." on a line by itself

111111111111111111

.

250 2.0.0 q2NGPPNd003329 Message accepted for delivery

 

[root@mail certs]# tail -f /var/log//maillog

Mar 23 23:39:38 mail dovecot: imap-login: Login: user=<user2>, method=PLAIN, rip=::ffff:192.168.2.3, lip=::ffff:192.168.2.100, TLS

Mar 23 23:40:15 mail sendmail[4768]: STARTTLS=server, relay=[192.168.2.3], version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128

Mar 23 23:40:15 mail sendmail[4768]: AUTH=server, relay=[192.168.2.3], authid=user2, mech=LOGIN, bits=0

Mar 23 23:40:15 mail sendmail[4768]: q2NFeFoM004768: from=<user2@bj.com>, size=1199, class=0, nrcpts=1, msgid=<81A4F08C96004DC891735E1C529BFAA1@201106201040>, proto=ESMTP, daemon=MTA M=Ea, relay=[192.168.2.3]

Mar 23 23:40:15 mail sendmail[4772]: q2NFeFoM004768: to=<root@bj.com>, ctladdr=<user2@bj.com> (501/501), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31442, dsn=2.0.0, stat=Sent

Mar 23 23:40:15 mail dovecot: imap-login: Login: user=<user2>, method=PLAIN, rip=::ffff:192.168.2.3, lip=::ffff:192.168.2.100, TLS


sendmail-cf-8.13.8-2.el5.i386.rpm

sendmail-doc-8.13.8-2.el5.i386.rpm

m4-1.4.5-3.el5.1.i386.rpm(默认已安装)