sendmail setup
chip at wiegand.org
chip at wiegand.org
Fri Sep 3 19:56:43 PDT 2004
Thanks Giorgos,
That's a lot of info. Is all of that really necessary to allow just one
machine to send mail thru the bsd box to the net? I know the
sendmail people tightened up the app alot. I suppose that's a
good thing. Just seems like a lot of work to do something that seems to
be simple.
Regards,
Chip
On Sat, 4 Sep 2004 04:11:19 +0300
Giorgos Keramidas <keramida at ceid.upatras.gr> wrote:
> On 2004-09-03 16:57, chip at wiegand.org wrote:
> > Could someone please just explain what is needed to make it send
> > mail out to the world from just one machine on the lan. It can't be
> > as hard as it appears to be.
>
> The setup of my workstation at work to forward outgoing email to the
> mail gateway available to all the machines of the internal network is
> the following:
>
>
> Sendmail options in rc.conf
> ===========================
>
> The following options are in my `/etc/rc.conf' file:
>
> % grep sendmail /etc/rc.conf
> sendmail_enable="NO"
> sendmail_outbound_enable="NO"
> sendmail_submit_enable="YES"
> sendmail_submit_flags="-L sm-mta -bd -q5m
> -ODaemonPortOptions=Addr=localhost"
> sendmail_msp_queue_enable="YES" sendmail_msp_queue_flags="-L
> sm-msp -Ac -q30m"%
>
> The two enabled sendmail processes have the following function:
>
> submit
> This listens on 127.0.0.1:25 and allows local processes
> (including the msp_queue process) to post messages. It uses
> sendmail.cf as its configuration file and can forward all your
> outgoing messages to the mail gateway of your LAN (see the
> SMART_HOST option below).
>
> msp_queue
> This sendmail process scans periodically the messages in the
> queue/var/spool/clientmqueue and makes sure they don't get stuck
> there.
>
>
> The genericstable address rewriting rules
> =========================================
>
> The file /etc/mail/genericstable contains the following:
>
> % cat /etc/mail/genericstable
> keramida at internal-host.internal.domain keramida at ceid.upatras.gr
> %
>
> Thus, all messages posted by user `keramida' on my workstation will
> have their address rewritten to keramida at ceid.upatras.gr, which is
> certainly more useful to the rest of the world than my internal
> workstation address.
>
>
> The mailertable message routing table
> =====================================
>
> I want all my company email routed through our VPN to the internal
> email server, instead of travelling through the Internet to reach the
> same server's external interface. To accomplish this I use a
> mailertable with the following entries:
>
> % cat /etc/mail/mailertable
> .company.com smtp:internal-mx.company.com
> company.com smtp:internal-mx.company.com
> %
>
> Custom envelope from addresses
> ==============================
>
> Some times I run scripts under my uid that want to "fake" their
> envelope from address. Thus, I have created a file called
> /etc/mail/trusted-users with a list of usernames that are allowed to
> set their envelope from address with sendmail -f user at host without
> having a warning added automagically by Sendmail in their header:
>
> % cat /etc/mail/trusted-users
> keramida
> %
>
>
> The local hostnames
> ===================
>
> The file local-host-names as you already mentioned contains the list
> of hostnames that my workstation should consider `local' and attempt
> to deliver to a local user:
>
> % cat /etc/mail/local-host-names
> internal-host.internal.domain
> internal-host
> %
>
> I've added both the `internal-host' and
> `internal-host.internal.domain' names, in case some locally running
> program tries to send mail using only the hostname and not the fully
> qualified domain name of the workstation in the local LAN.
>
>
> The hostname.mc file
> ====================
>
> The Makefile in /etc/mail will look for a file called `hostname.mc'
> where hostname is the short host name of your machine and use that as
> the source for generating `sendmail.cf'. If this file does not exist
> `freebsd.mc' is copied to `hostname.mc' and the rest of the Makefile
> works as before.
>
> The differences of my hostname.mc file from the freebsd.mc installed
> by FreeBSD 6.0-CURRENT are:
>
> +FEATURE(genericstable, `hash -o /etc/mail/genericstable')
> -dnl define(`SMART_HOST', `your.isp.mail.server')
> +define(`SMART_HOST', `smtp.internal.domain')
> +FEATURE(masquerade_entire_domain)
> +FEATURE(masquerade_envelope)
> +MASQUERADE_AS(`company.com')
> +MASQUERADE_DOMAIN(`internal.domain')
> +FEATURE(use_cw_file)
> define(`confCW_FILE', `-o /etc/mail/local-host-names')
> +FEATURE(use_ct_file)
> +define(`confCT_FILE', `-o /etc/mail/trusted-users')
> -DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
>
> After what I wrote above the changes and their reasoning should be
> easy to understand, except these few lines:
>
> +FEATURE(masquerade_entire_domain)
> +FEATURE(masquerade_envelope)
> +MASQUERADE_AS(`company.com')
> +MASQUERADE_DOMAIN(`internal.domain')
>
> -DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
>
> The first one is to make sure that all email sent from my workstation
> (or forwarded from my workstation, in case I enable an internal SMTP
> server later) will use @company.com addresses.
>
> The second one is because I've removed IPv6 support from my kernel and
> I don't like having Sendmail bother me about failed IPv6 connection
> attempts.
>
>
> The Final Steps
> ===============
>
> * Make sure you don't have different map types defined in your
> hostname.mc and in the Makefile of `/etc/mail' (i.e. a hardwired
> map type of `btree' in hostname.mc for the access.db table and a
> default map type of `hash' in Makefile).
>
> * Update the generated files of /etc/mail:
>
> # cd /etc/mail
> # make && make install && make restart
>
> * That's all.
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list