Sendmail: sub-domain masquerade as top level

Jonathan McKeown jonathan+freebsd-questions at hst.org.za
Fri Jan 4 00:03:50 PST 2008 

On Friday 04 January 2008 01:11, Jerahmy Pocott wrote:
> On 04/01/2008, at 12:59 AM, Barry Byrne wrote:
> >> -----Original Message-----
> >> From: owner-freebsd-questions at freebsd.org
> >> [mailto:owner-freebsd-questions at freebsd.org] On Behalf Of
> >> Jerahmy Pocott
> >>
> >> I'm having an issue with getting sendmail to masquerade
> >> as the top level domain when the host is a sub domain.

> > You don't say what you've tried already. I use postfix these days,
> > but from
> > memory, something like the following should work for you:
> >
> > MASQUERADE_AS(`domain.com')
> > MASQUERADE_DOMAIN(`sub.domain.com')
>
> Sorry, I should have mentioned what I had tried:
>
> I have tried the above and the above in combination with
> FEATURE(`masquerade_entire_domain') and pretty much
> every combination of those statements all to no effect.
>
> For some reason when the masquerade domain is the top
> level of the actual domain, it won't change it even with those
> options set..

This is from my live .mc file, which definitely works:

MASQUERADE_AS(`hst.org.za')dnl
MASQUERADE_DOMAIN(`hst.org.za')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`masquerade_entire_domain')dnl
MASQUERADE_EXCEPTION(`lists.hst.org.za barley.hst.org.za akima.hst.org.za')dnl

My understanding is this. First of all, bear in mind that a domain name may 
refer to a group of hosts (I'll call this a zone by analogy with BIND), or a 
single host (a FQDN).

MASQUERADE_AS gives the FQDN to be used when masquerading. It is applied to 
the domain names of the local mail host only - so if the only change is on 
your mailserver to go from mailserver.example.com to example.com, this should 
be all you need.

MASQUERADE_DOMAIN adds additional FQDNs to the list of domain names to be 
masqueraded - if you need to masquerade other hosts within your zone.

FEATURE(`masquerade_entire_domain') switches MASQUERADE_DOMAIN to affect whole 
zones instead of FQDNs of single hosts. As I read cf/README, you need both 
these options to masquerade a whole zone, as well as the first option to 
specify what to masquerade as.

The last of the five lines exempts some hosts from masquerading because they 
handle their own mail. Not doing this can cause some... interesting breakage.

Jonathan

More information about the freebsd-questions mailing list