Directory Enabled Horde: Part III

Now that we can log into Horde (authenticated against the IMAP server), read our mail, and store our preferences in the DSA; what about sending mail? In this short episode we'll setup Horde to send mail via authenticated SMTP. Authenticating as the user who is sending the mail is critical in a corporate enviroment for auditing and security purposes.

Log into Horde and go into the Administrative section, select the "Horde" application and then the "Mailer" tab. For the "What method should we use for sendmail mail?" select "Use a SMTP server". Enter the appropriate information into the "The server to connecto to", "The port to connect to", and the "The local hostname/domain" fields. For "SMTP authentication" select the strongest authentication method that your SMTP server supports. In the case of Whitemice Consulting we select "DIGEST-MD5". I recommend DIGEST-MD5 as it never transmits the password over the wire.

Then enter a username and password into the "username" and "password" field. Don't worry about this as we are going to replace them. Now click "Generate Horde Configuration". You should be greeted with a "Successfully saved the backup configuration file ..../horde/config/conf.php.bak" message.

At this point the horde/config/conf.php must be edited. This is because Horde does not currently support authenticating as the user to the SMTP server directly. But adding this feature is trivial. Search for the username you entered looking for a ['mailer']['params']['username'] settings. When you find it, edit the file in the following manner:


$conf['mailer']['params']['username'] = Auth::getBareAuth();
$conf['mailer']['params']['password'] = Auth::getCredential('password');
#$conf['mailer']['params']['username'] = 'awilliam';
#$conf['mailer']['params']['password'] = '******';


The above snippet shows the original two lines generated by the administrative application as commented out and replaced with calls to the static Auth object. This object contains the required information as soon as the user is logged in so the above hack works.

Now when you attempt to send a mail Horde will authenticate to the SMTP server with your own identity. You'll find entries in your maillog like:

Sep 5 20:30:42 estate1 sendmail[821]: AUTH=server, relay=[10.77.1.3], authid=awilliam, mech=DIGEST-MD5, bits=0
Sep 5 20:30:42 estate1 milter-greylist: User awilliam authenticated, bypassing greylisting
Sep 5 20:30:42 estate1 sendmail[821]: j860UgK5000821: from=, size=656, class=0, nrcpts=1, msgid=, proto=ESMTP, daemon=MTA, relay=[10.77.1.3]
Sep 5 20:30:42 estate1 sendmail[821]: j860UgK5000821: Milter add: header: X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-1.4 (estate1.whitemice.org [192.168.3.1]); Mon, 05 Sep 2005 20:30:42 -0400 (EDT)
Sep 5 20:30:42 estate1 sendmail[821]: j860UgK5000821: Milter accept: message
Sep 5 20:30:48 estate1 sendmail[824]: AUTH=client, relay=mail.morrison.iserv.net., mech=, bits=0
Sep 5 20:30:49 estate1 sendmail[824]: j860UgK5000821: to=, delay=00:00:07, xdelay=00:00:07, mailer=esmtp, pri=120656, relay=mail.morrison.iserv.net. [206.114.45.106], dsn=2.0.0, stat=Sent (j860Um3C028163 Message accepted for delivery)
Sep 5 20:30:49 estate1 sendmail[824]: j860UgK5000821: done; delay=00:00:07, ntries=1

... identifying the user who sent the message.

In the next installment I'll cover setting up both a shared and a personal address book within the Dit.

Part I:Installing Horde
Part II:Setting up preferences
Part III:Sending Authenticated Mail