TUTORIAL Install Comcast As SendMail SMTP Gateway on Port 587

[wardmundy]

True to form, Comcast has recently taken to screwing its customers by shutting down port 25 on your cable modem. This means you not only can't run your own SMTP server on a box such as PBX in a Flash, but you can't even connect through a mail client to Comcast's SMTP server to send mail on port 25. To find out whether they've done it to you, issue the following command. If it times out, you lose. Otherwise, you're still OK. Type quit to exit.
[SIZE=-1]
telnet cutedgesystems.com 25[/SIZE]

Configuring SendMail to handle the change was painful so I thought I'd document the steps for those of you that get screwed next. When you complete the following steps, outbound emails (including voicemails that have been configured for delivery by email in FreePBX) will be sent from your PBX in a Flash server through SendMail to Comcast's secure server on port 587. You will need your Comcast username and password to complete this install. In the alternative, you might wish to first try enabling smtp.comcast.net as a smart relay host directly in SendMail. It takes about 10 seconds!

This tutorial is for PBX in a Flash systems only and assumes you already have performed the email fixup steps outlined in this Nerd Vittles tutorial. If not, do that first. Then log into your server as root and issue the following commands in order:

cd /etc/mail
hostname -f > genericsdomain
touch genericstable
makemap -r hash genericstable.db < genericstable
mv sendmail.mc sendmail.mc.orig
wget http://incrediblepbx.com/sendmail.mc.comcast
cp -p sendmail.mc.comcast sendmail.mc
mkdir -p auth
chmod 700 auth
cd auth
echo AuthInfo:smtp.comcast.net \"U:smmsp\" \"I:user_id\" \"P:password\" \"M:PLAIN\" > client-info
echo AuthInfo:smtp.comcast.net:587 \"U:smmsp\" \"I:user_id\" \"P:password\" \"M:PLAIN\" >> client-info

# Stop here and edit client-info (nano -w client-info) in both lines.
# Replace user_id with your Comcast account name
# Replace password with your real password
# Be sure to replace the double-quotes shown above if they don't appear in the file!!!
# Save your changes (Ctrl-X, Y, then Enter)

chmod 600 client-info
makemap -r hash client-info.db < client-info
cd ..
make
service sendmail restart

NOTE: On Ubuntu, Debian, and Raspberry Pi, you may get errors restarting SendMail. If so, execute the following commands and then press Enter for all of the default settings in the last step:

sed -i 's|sendmail-cf|sendmail\/cf' /etc/mail/sendmail.mc
sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.mc
sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/Makefile
sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.cf
sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/databases
sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.mc.gmail
sed -i 's|sendmail-cf|sendmail\/cf|' /etc/mail/sendmail.cf.errors
sendmailconfig

Now you should be back in business. The process is similar to use Gmail as your outbound SMTP server, and I'll document that for everyone... soon. Special thanks to Linux Home Automation for all the helpful information.

WARNING: This design has not been tested with direct exposure of SendMail to the Internet and should NOT be used without a firewall blocking inbound port 25 and 587 traffic. If you don't heed this advice, you may risk turning your server into an Internet mail relay host in which case you'll probably lose (what's left of) your Comcast account for aiding and abetting the proliferation of...

 

[jroper]

Hi

Note that port 25 and port 587 are closed by default on PiaF in IPtables, but an firewall rarely hurts.

Joe

 

[marc1]

The process is similar to use Gmail as your outbound SMTP server, and I'll document that for everyone... soon.

Great info here Ward.

Although Gmail is a great service, there are many other providers. It might be helpful if you kept these instructions generic.

Also, noticed another user accomplished the same thing PostFix.

 

[marc1]

[FONT=monospace]w[/FONT]get http://pbxinaflash.com/source/sendmail/sendmail.mc.comcast

should be

[FONT=monospace]w[/FONT]get http://pbxinaflash.net/source/sendmail/sendmail.mc.comcast

 

[wardmundy]

Thanks. Fixed it. Sorry.

 

[newvoiper]

I tried the steps in the 1st post in this thread, but no love from Comcast. I think they changed something yet again because my iPhone cannot send outgoing mail through the same Comcast account. Would going through each step in the post about enabling a Gmail account to send messages, likely to work now, or will I mess up the config files on my box because of going through the above steps already?

 

[wardmundy]

Double-check /etc/mail/auth/client-info and be sure you have the double quotes everywhere they belong. Reread post #1 for details. If not, fix problems and redo steps below #comments above.

 

[newvoiper]

Thanks for the quick response! Here is /etc/mail/auth/client-info: (I had to add the double quotes in when I was initially following the directions):

AuthInfo:smtp.comcast.net "U:smmsp" "I:myuserid" "P:mypassword "MLAIN"
AuthInfo:smtp.comcast.net:587 "U:smmsp" "I:myuserid" "P:mypassword" "MLAIN"

Genericstable and a number of the other files are empty, and the make statement returned "make: Nothing to be done for `all'.".

Here is the /etc/mail/auth/client-info directory:
ll
total 268
-rw-r--r-- 1 root root 355 Mar 31 2010 access
-rw-r----- 1 root root 12288 Dec 12 23:27 access.db
drwx------ 2 root root 4096 Dec 19 18:29 auth
-rw-r--r-- 1 root root 0 Mar 31 2010 domaintable
-rw-r----- 1 root root 12288 Dec 12 23:27 domaintable.db
-rw-r--r-- 1 root root 15 Dec 19 18:22 genericsdomain
-rw-r--r-- 1 root root 0 Dec 19 18:22 genericstable
-rw-r----- 1 root root 12288 Dec 19 18:22 genericstable.db
-rw-r--r-- 1 root root 5521 Mar 31 2010 helpfile
-rw-r--r-- 1 root root 64 Mar 31 2010 local-host-names
-rw-r--r-- 1 root root 0 Mar 31 2010 mailertable
-rw-r----- 1 root root 12288 Dec 12 23:27 mailertable.db
-rw-r--r-- 1 root root 1048 Mar 31 2010 Makefile
-rw-r--r-- 1 root root 58290 Mar 31 2010 sendmail.cf
-rw-r--r-- 1 root root 7427 Jan 23 2008 sendmail.mc
-rw-r--r-- 1 root root 7205 Mar 31 2010 sendmail.mc.orig
-r--r--r-- 1 root root 41371 Mar 31 2010 submit.cf
-rw-r--r-- 1 root root 940 Mar 31 2010 submit.mc
-rw-r--r-- 1 root root 127 Mar 31 2010 trusted-users
-rw-r--r-- 1 root root 0 Mar 31 2010 virtusertable
-rw-r----- 1 root root 12288 Dec 12 23:27 virtusertable.db

I'm afraid I cannot see the problem to fix. Maybe I chose the wrong character for the double quotes?

The tail of mail log looks like this, but there is no mail generated:

Dec 23 15:17:13 pbx sendmail[24644]: xxxxxxx: from=asterisk, size=637, class=0, nrcpts=1, msgid=<[email protected]>, relay=asterisk@localhost
Dec 23 15:17:13 pbx sendmail[24645]: xxxxxxx: from=<[email protected]>, size=767, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA, relay=pbx.dyndns.org [127.0.0.1]
Dec 23 15:17:13 pbx sendmail[24644]: xxxxxxx: to="702" <[email protected]>, ctladdr=asterisk (101/102), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30637, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (xxxxxxx Message accepted for delivery)
Dec 23 15:17:14 pbx sendmail[24647]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=RC4-MD5, bits=128/128
Dec 23 15:17:15 pbx sendmail[24647]: xxxxxxx: to=<[email protected]>, ctladdr=<[email protected]> (101/102), delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=120767, relay=gmail-smtp-in.l.google.com. [209.85.225.27], dsn=2.0.0, stat=Sent (OK 1293135435 35si18558608ibi.95)

What would you try to get the mail working if it was your server? & by the way, thanks in ernest for all the work to put PBIAF together and promote it with the carefully written blogs...

 

[wardmundy]

AuthInfo:smtp.comcast.net "U:smmsp" "I:myuserid" "P:mypassword" "MLAIN"

 

[newvoiper]

Thank you for the suggestion, Ward. I got excited that simply adding the " would be the end of my problem but unfortunately, now that I am back home to view the file, the client-info file has the correct number of ": In my zeal to make the password disappear for the forum post, I inadvertantly deleted the " along with the last character of my actual password after I pasted it into the forum. So, client-info has the correct number of ", and I am lost identifying the problem to fix. If it was yours, would you be looking at trying with gmail instead of comcast, or continue troubleshooting sendmail with comcast? Before trying to authenticate to use comcast smtp server, my PBIAF asterisk inbox contained e-mailed error messages from comcast saying I must use their smtp server. Since following the above instructions, there no longer e-mailed error messages to identify the problem, so I feel really lost now how to troubleshoot. I posted the tail of mail log above....

 

[Astrosmurfer]

I have no idea what you are doing but the provided log entry is telling:

Dec 23 15:17:15 pbx sendmail[24647]: xxxxxxx:  to=<[email protected]>, ctladdr=<[email protected]>  (101/102), delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=120767,  [B]relay=gmail-smtp-in.l.google.com[/B]. [209.85.225.27], dsn=2.0.0, [B]stat=Sent  (OK[/B] 1293135435 35si18558608ibi.95)

Look at the relay and stat fields at the end of the line. The log says that the message was successfully sent via a GMail account.

 

[newvoiper]

Thank you for pointing out the relay and stat fields in the log entry. My configuration was set up to use the comcast credentials, to send the mail to my gmail account. So perhaps the gmail in the relay field is more indicative of the destination than the source?

I gave up on comcast and switched to the gmail instructions and script from Ward's post and happily have it working now. The only rub getting it to work was that I needed " instead of the / currently shown in those instructions. I am so happy that it works! Thank you both for helping.