Part 3: AIX Sendmail - Out of the Box
I probably should have started with this - in terms of 1, 2, 3 and more. And, actually, now months later as I start to re-write all this - I did.
Rewrite? Yes, sadly, I opened a document to work on it, thought it was part XYZ that I was writing, and overwrote all the prior pieces. And, a few weeks later - when I wnet back to finish everything up - I saw what I had done. New work gets in the way - so finally, back to this - as I start from scratch on a test server, to slowly work through the steps again - and re-create or create anew - the steps leading to a robust SENDMAIL for AIX.
So - you have installed AIX (5.3 through 7.2) - and what do you have? Read on...
Sendmail on AIX – OOB (Out of the Box)
By default sendmail is configured to be active on port 25 (only)
and without any form of encryption. Through AIX 7.1 the fileset
containing the base program is bos.net.tcp.client. Starting with AIX
7.2 the base files are in the fileset bos.net.tcp.sendmail. The files
for customizing the configuration are in bos.net.tcp.adt.
What does AIX sendmail support after first boot?
The two “simple” commands – to review what sendmail is
accepting and supporting are to telnet to port 25 and issue the SMTP
command EHLO and from the command line get some debug info.
Accepting
root@x072:[/home/root]telnet
localhost 25
Trying...
Connected
to loopback.
Escape
character is '^]'.
220
x072.home.local ESMTP Sendmail Thu, 1 Aug 2019 20:11:31 GMT
ehlo
x.y.z
250-x072.home.local
Hello loopback [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250
HELP
quit
221
2.0.0 x072.home.local closing connection
Connection
closed.
Key Features (via debug)
root@x072:[/home/root]sendmail_ssl
-d0.1 </dev/null
Version AIX7.2/8.14.4
Compiled with: DNSMAP LDAPMAP LDAP_REFERRALS LOG MAP_REGEX MATCHGECOS
MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6
NETUNIX NEWDB NIS NISPLUS PIPELINING SCANF STARTTLS USERDB
USE_LDAP_INIT XDEBUG
Discussion
The paragraph accepting shows that a key feature “STARTTLS” is
not available. Part 2 shows how to activate STARTTLS. In short,
the default sendmail binary does not have the STARTTLS feature. That
feature is available in the alternate binary sendmail_ssl
root@x072:[/home/root]sendmail_ssl -d0.1
</dev/null
Version AIX7.1/8.14.4
Compiled with: DNSMAP LDAPMAP
LDAP_REFERRALS LOG MAP_REGEX MATCHGECOS
MILTER MIME7TO8 MIME8TO7
NAMED_BIND NDBM NETINET NETINET6
NETUNIX NEWDB NIS NISPLUS
PIPELINING SCANF STARTTLS USERDB
USE_LDAP_INIT XDEBUG
Note: in closing - the sendmail version - BASE - is sendmail-8.14.4. The last version released as "easily available" OOS version of sendmail is version 8.15.2
|