Date: Wed, 20 May 1998 19:51:02 +0200 From: Andreas Klemm <andreas@klemm.gtn.com> To: Peter Hawkins <thepish@FreeBSD.ORG>, Tim Vanderhoek <ac199@hwcn.org> Cc: Matthew Hunt <mph@pobox.com>, Warner Losh <imp@village.org>, cvs-committers@FreeBSD.ORG, ports@FreeBSD.ORG Subject: /etc/mail ? ( was: Re: cvs commit: src/share/mk Makefile ) Message-ID: <19980520195102.C1152@klemm.gtn.com> In-Reply-To: <Pine.BSF.3.96.980521001652.16670B-100000@dana.clari.net.au>; from Peter Hawkins on Thu, May 21, 1998 at 12:20:54AM %2B1000 References: <Pine.BSF.3.96.980520035519.222B-100000@localhost> <Pine.BSF.3.96.980521001652.16670B-100000@dana.clari.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit On Thu, May 21, 1998 at 12:20:54AM +1000, Peter Hawkins wrote: > I guess it's Satoshi's call if he wishes to keep /etc/make.conf as the main > or only place for user configuration. I think it's not a bad idea - in > the spirit of rc.conf... Yeah ! Btw, what about a "central" /etc/mail directory, which contains -rw-r--r-- 1 root wheel 9959 5 Mär 17:40 README lrwxrwxrwx 1 root wheel 10 22 Apr 04:21 aliases -> ../aliases -rw-r--r-- 1 root wheel 85 5 Mär 17:40 genericstable -rw-r--r-- 1 root wheel 16384 5 Mär 17:40 genericstable.db -rw-r--r-- 1 root wheel 8142 5 Mär 17:40 linux.mc -rw-r--r-- 1 root wheel 166 5 Mär 17:40 linux.nullclient.mc -rw-r--r-- 1 root wheel 1460 5 Mär 17:40 mailertable -rw-r--r-- 1 root wheel 16384 5 Mär 17:40 mailertable.db -rw-r--r-- 1 root wheel 0 5 Mär 17:39 sendmail.st -rw-r--r-- 1 root wheel 73 5 Mär 17:40 virtusertable -rw-r--r-- 1 root wheel 16384 5 Mär 17:40 virtusertable.db The linux.mc is a very well documented master configuration file, which contains lot's of nicely documented things. Looks for me like our /etc/rc.conf for the system. Additionally they merged in Claus Aßmann's check rulesets. See http://www.informatik.uni-kiel.de/%7Eca/email/check.html The features of this anto spam package are explained in the linux.mc file and can easily be enabled. Any chance to get this sendmail stuff this way into a /etc/mail /etc/mail/system.mc /usr/share/sendmail/cf/... I'll attach the linux.mc file, so you see what I mean. Perhaps we can copy something interesting from them ? -- Andreas Klemm http://www.FreeBSD.ORG/~andreas What gives you 90% more speed, for example, in kernel compilation ? http://www.FreeBSD.ORG/~fsmp/SMP/akgraph-a/graph1.html "NT = Not Today" (Maggie Biggs) ``powered by FreeBSD SMP'' --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename=README Copyright (c) 1997 S.u.S.E. GmbH Fuerth, Germany. Author: Florian La Roche <florian@suse.de> simple sendmail configurations: =============================== sendmail is the default mail transfer agent (MTA) for SuSE Linux. It decides what to do with email: transfer it over the network, store it on the local disk or hand it over to other transfer- programs like UUCP. /etc/sendmail.cf is the main sendmail configuration file. If you have a simple setup, you can edit /etc/rc.config and run /sbin/SuSEconfig to have a working /etc/sendmail.cf. Before setting up sendmail, you should make sure that the DNS (domain name system) data is correctly configured. DNS maps hostnames to IP-adresses. For email you should make sure that your wanted email adresse has a valid MX (mail exchanger) record in the DNS data. Just use "host my.host.com" to find out about your DNS data: $ host my.host.com my.host.com address 192.168.0.14 my.host.com mail is handled (pri=10) by my.host.com my.host.com mail is handled (pri=100) by mail-relay.host.com If you don't see anything about mail delivery, please ask your responsible DNS admin. These parameters in /etc/rc.config can be used to configure sendmail: - SENDMAIL_LOCALHOST="localhost host.domain.com www.domain.com" sendmail has to decide what email is delivered locally and what has to be send over the network to another host. Per default only email to the full hostname (FQDN) is stored in local mail-folders. If you need to accept additional email names, just add them here. Example: Your computer is known as "host.domain.com" and is also WWW server for the additional hostname "www.domain.com". Use the following parameters in rc.config: SENDMAIL_TYPE=yes SENDMAIL_LOCALHOST="localhost host.domain.com www.domain.com" - FROM_HEADER="domain.com" If you do not want your outgoing email to have your full hostname as sender address, you can specify any other hostname here. Example: Your machine is called foo.bar.com and you want your email sender address to look like hugo@bar.com, you have the following parameter set in rc.config: FROM_HEADER="bar.com" - SENDMAIL_SMARTHOST="mail-server.provider.com" For all non-local email, sendmail will contact the destination host given by DNS. So it will try to establish connections all over the internet. If you have a dialup-connection or your machine is not running all the time, you should pass all outgoing email to an email- server which tries to deliver your email to the destination host. (This parameter gives a transport method and also the name of the next destination host.) Example 1: You have a dialup-connection and your provider has the host "mail-server.provider.com" as main mail-server. Use the following parameter in rc.config: SENDMAIL_SMARTHOST="smtp:mail-server.provider.com" Example 2: You are a UUCP site and all (non-local) outgoing email should be sent to your UUCP server called "uucp.server.com": SENDMAIL_SMARTHOST="uucp-dom:uucp.server.com" - SENDMAIL_NOCANONIFY=no sendmail will look at all email hostnames and replace them by their full hostnames. If you only have a dialup-connection and you always use full hostnames for sending email, you can disable this "canonification" of the hostname: SENDMAIL_NOCANONIFY=yes - SENDMAIL_EXPENSIVE=no sendmail will immediately try to deliver your email to the next destination host. With SENDMAIL_EXPENSIVE=yes all email that should be sent with smtp to the next host will be kept in your local mail-queue. - SENDMAIL_ARGS="-bd -q30m -om" You normally have sendmail runing with these standard parameters: "-q30m" will look every 30 minutes to re-try sending failed email. "-bd" will start sendmail in daemon mode and sendmail will accept email over the network from other hosts. Dialup-hosts might leave out "-q30m" and run "sendmail -q" e.g. in the evening as cron-job or as part of your dialup scripts. SENDMAIL_ARGS="-bd -q30m -om" (default setting) SENDMAIL_ARGS="-bd -q120m -om" (email delivery every 2 hours) SENDMAIL_ARGS="-bd -om" (no queue runs at all) sendmail.cf supports some more external database files. The default configuration uses /etc/aliases, /etc/mail/mailertable, /etc/mail/genericstable and /etc/mail/virtusertable. These files are normal text files that are converted with "makemap" to the real database files (ending in .db). /sbin/SuSEconfig will automatically call "makemap" if you have changed one of these files.) For all outgoing email, sendmail will use the destination hostname and look into /etc/mail/mailertable to see how this email should be transported to the next destination. Please read that file for some examples on email-routing. If your email is stored locally, then it is normally stored in your mail-folder in /var/spool/mail/<login-name>. If sendmail cannot imediately deliver email (e.g. because of network problems), it will store it in the queue directory /var/mqueue (this directory is often /var/spool/mqueue on other hosts). Per default sendmail will re-try to deliver the email every 30 minutes. background information about general email things: ================================================== Our sendmail package is configured to use /usr/bin/procmail for local email delivery into /var/spool/mail. So please read "man procmailrc", "man procmailex" and "man procmail" for more infos about this very fine program. The SMTP protocol is used to transfer emails over the network to another host. SMTP exchanges the sender and the recipient of the email and then the complete email with header and body. These sender/recipient addresses are called "envelope from" and "envelope to". sendmail will base all email delivery decisions on the envelope information and not on the information given in the email header. Please note this small difference and also see that the "From:" line in the email header is not used for further email delivery. (If you have a ".forward" file that forwards your email to a new destination, the "From:" line in your email header will remain unchanged, but the envelope information is changed to your new address.) Once the email is stored in your mail-folder in /var/spool/mail, the information about envelope addresses is lost. This is the reason, why you cannot use POP to fetch email for a complete domain as POP reads a normal mail-folder without any envelope information. Here is a simple model about what DNS does. It is not really the truth, but is a quit good model to learn about the difficulties with configuring email. All IP packets are routed by their IP adresses. Whenever you give any program a hostname, this will first be translated by a DNS server or by /etc/hosts into an IP address. DNS uses two translation tables. One is used for normal hostname lookups like e.g. "telnet host.com" and one is used only for email. So "telnet" might open a connection to a different host than sending email to that address. This is the reason you should never configure sendmail to use /etc/hosts for hostname translations. Please take the trouble of setting up a DNS server if you want to deliver email to several machines. If you really don't want to do that, use /etc/mail/mailertable to specify a destination IP address for each host without valid DNS data. Here is a bit more detailed information about DNS tables: - One table is used to give you a mapping from all IP addresses to a hostname. This is called a "reverse mapping" as you normally only want to get an IP address from a hostname. - You have tables that translate a hostname into one or more IP adresses. These are called "a(ddress) records". - You can have entries pointing to other a-records. These are called alias names or "CNAME" by DNS. (The alias names point to the canonical name, CNAME.) background information for more complex sendmail configurations: ================================================================ If you want to create your own /etc/sendmail.cf, you can set SENDMAIL_TYPE=no in /etc/rc.config. /usr/share/sendmail contains m4 macro files that are often used to generate a sendmail.cf file. (This is also done by /sbin/SuSEconfig for the simple configurations with rc.config.) /etc/mail/linux.mc is a sample file with lots of comments about possible configurations. Change it to your local needs and call "m4 /etc/mail/linux.mc > /etc/sendmail.cf". Please look at the available docu files in /usr/share/sendmail and /usr/doc/packages/sendmail. Maybe also look at http://www.sendmail.org/. I really recommend reading the sendmail book by O'Reilly for complex email setups. This readme is much too small to learn you everything about email :-) anti-spam support in this sendmail package: =========================================== Check the following pages for the newest information about anti-spam measures: - http://www.sendmail.org/antispam.html - http://spam.abuse.net/ - http://maps.vix.com/rbl/ - http://www.informatik.uni-kiel.de/%7Eca/email/check.html You can do the following things against email spam: - Stop relaying email for non-local hosts so your site is not mis-used to deliver spam email to other hosts. - Refuse to deliver email to local users from a list of well-known spam-sites. - Refuse email all emails that do not have a valid MX record. Use a "temporary failure, please try again" so that email is not lost if we cannot get the DNS data due to network problems. This sendmail package has anti-spam support from Claus Aßmann that is available from http://www.informatik.uni-kiel.de/%7Eca/email/check.html. The source files are in http://www.informatik.uni-kiel.de/%7Eca/email/ rules/check.tar. The anti-spam support is added to the m4 configuration of sendmail in /usr/share/sendmail/hack. The documentation from the author is in /usr/share/sendmail/README.check. I have added a sample configuration with lots of comments to "linux.mc". --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=genericstable # # map outgoing sender addresse from foo to bar@domain.com: # foo bar@domain.com # --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="linux.mc" dnl Copyright (c) 1997 S.u.S.E. GmbH Fuerth, Germany. dnl Author: Florian La Roche <florian@suse.de> dnl dnl dnl "dnl" starts a comment until the next newline charcter dnl putting words into `'-pairs disables macro expansion dnl include(`/usr/share/sendmail/m4/cf.m4') VERSIONID(`linux setup for SuSE')dnl OSTYPE(`linux')dnl dnl dnl put some statistics about email into this file (man mailstats) dnl define(`STATUS_FILE', `/etc/mail/sendmail.st')dnl dnl dnl use this user id if we do not use some specific local user dnl (e.g. for delivering error messages) dnl define(`confDEF_USER_ID', `daemon:daemon')dnl dnl dnl we use procmail for all local mail delivery dnl define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl dnl dnl store emails in this dir before they are given to the next host dnl define(`QUEUE_DIR', `/var/mqueue')dnl dnl dnl enable this to send all error messages also to this address dnl define(`confCOPY_ERRORS_TO', `Postmaster')dnl dnl dnl do not send MIME error messages dnl dnl define(`confMIME_FORMAT_ERRORS', `False')dnl dnl dnl the default max message size for UUCP is only 100k and too small... dnl define(`UUCP_MAILER_MAX', `2000000')dnl dnl dnl if you have a modem and you use dial on demand, specify the time dnl until you have a working connection. sendmail will then retry to dnl establish a connection. dnl dnl define(`confDIAL_DELAY', `10s')dnl dnl dnl timeout before a warning message is sent to the sender telling them dnl that the message has been deferred dnl dnl define(`confTO_QUEUEWARN', `4h')dnl dnl dnl timeout before a message is returned as undeliverable dnl dnl define(`confTO_QUEUERETURN', `5d')dnl dnl dnl we will accept incoming email until a load of 18 and we will try dnl to deliver email until the load hits 12 dnl define(`confQUEUE_LA', `12')dnl define(`confREFUSE_LA', `18')dnl dnl dnl you probably always want to disable the SMTP expn and verfy commands dnl with "noexpn" and "noverfy". dnl if you have lots of users, you might want to add "restrictmailq" and dnl "restrictrunq", but normally they can be left out. dnl "authwarnings" warns about all people that e.g. use "sendmail -bs" dnl and adds X-Authentication-Warning: headers. pine users might want to dnl disable this. dnl "noreceipts" ignores all Return-Receipt-To: headers. dnl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn')dnl dnl dnl create the dir /var/mqueue/.hoststat and sendmail will write dnl status information about the destination hosts into it. this should dnl speed up email delivery on big email servers. dnl dnl define(`confHOST_STATUS_DIRECTORY', `.hoststat')dnl dnl dnl enable the userdb lookup (userdb is not recommended, please look at dnl genericstable/virtusertable instead. userdb was never really intended dnl for setting the sender email name. so please don't use it for that.) dnl dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl dnl dnl these users are allowed to modify the email sender address. or dnl you can enable reading this list from an external file. dnl define(`confTRUSTED_USERS', `mdom wwwrun')dnl dnl dnl define(`confCT_FILE', `/etc/mail/sendmail.ct')dnl dnl FEATURE(`use_ct_file')dnl dnl dnl you can specify a smarthost either here or in /etc/mail/mailertable dnl dnl define(`SMART_HOST', `smtp:mail.smarthost.de')dnl dnl define(`SMART_HOST', `uucp-dom:otheruucphost')dnl dnl define(`MAIL_HUB', `smtp:host.your.domain')dnl dnl define(`LOCAL_RELAY', `smtp:host.your.domain')dnl dnl dnl enable the following two lines, if you have a dialup connection dnl and want to queue all email until "sendmail -q" is started. dnl dnl define(`confCON_EXPENSIVE', `True')dnl dnl define(`SMTP_MAILER_FLAGS',`e')dnl dnl dnl sendmail will give all hostnames to your DNS server and replace the dnl names with the FQDN ones. as nearly all email-programs use the full dnl hostname and you will probably also just use full hostnames as dnl destination addresses, you could disable this "feature". dnl this is also used for dial-on-demand connections where we don't want dnl to trigger a connection just for a DNS query. dnl dnl FEATURE(`nodns')dnl dnl FEATURE(`nocanonify')dnl dnl dnl if you really have to disable DNS lookups and only want to use /etc/hosts, dnl you have to create the file /etc/service.switch with the two lines dnl "hosts files" and "aliases files" in it. dnl please configure a real DNS server and do not use this mis-feature. dnl you might instead also use /etc/mail/mailertable with IP addresses. dnl dnl define(`confSERVICE_SWITCH_FILE', `/etc/service.switch')dnl dnl define(`confHOSTS_FILE', `/etc/hosts')dnl dnl dnl just add the local domain if the email address doesn't have one dnl FEATURE(`always_add_domain')dnl dnl dnl specify the sender email address for all outgoing mail from the local dnl machine. most people also want to use "masquerade_envelope" to also dnl change the envelope addresses. dnl use "allmasquerade" to also change the recipient addresse. don't use dnl this feature, if you don't have the full /etc/aliases and the full dnl /etc/passwd on your host. dnl dnl MASQUERADE_AS(`newdomain.com')dnl dnl FEATURE(`masquerade_envelope')dnl dnl FEATURE(`allmasquerade')dnl dnl dnl use procmail for local mail delivery. the exact pathname is given above. dnl FEATURE(`local_procmail')dnl dnl dnl this table is used for all outgoing mail. just look at it for examples. dnl FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl dnl dnl you can use these tables for additional sendmail features dnl (mapping of email names) dnl FEATURE(`genericstable', `hash -o /etc/mail/genericstable.db')dnl FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl dnl dnl these mailers are available. per default only smtp is used. you have dnl to add entries to /etc/mail/mailertable to enable one of the other dnl mailers. dnl MAILER(`local')dnl MAILER(`procmail')dnl MAILER(`smtp')dnl MAILER(`uucp')dnl MAILER(`bsmtp')dnl MAILER(`fido')dnl dnl dnl "use_ip" is a list of IP addresses that are allowed to relay mail. dnl "use_names" is a list of domain names that are allowed to relay mail. dnl If your host accepts non-local email as relay for other sites, use dnl "use_relayto" to specify those sites. dnl To ban unauthorized relay, you have to use one or more of "use_ip", dnl "use_names" and "use_relayto". Always add the line with "check_rcpt4". dnl dnl HACK(`use_ip',`/etc/mail/LocalIP')dnl dnl HACK(`use_names', `/etc/mail/LocalNames')dnl dnl HACK(`use_relayto', `/etc/mail/RelayTo')dnl dnl HACK(`check_rcpt4')dnl dnl dnl "check_rcpt5" can be used instead of "check_rcpt4" to also allow dnl email relay based on the envelope from address. The format of the file dnl is "user@address.domain allow" or "another.domain allow". dnl dnl HACK(`check_rcpt5', `hash -a@ALLOWED /etc/mail/allow.db')dnl dnl dnl ban local email delivery from well-known spam sites. dnl the format of the database file is: dnl junk.domain "Error-Code Error-Text" dnl spammer@address.domain "Error-Code Error-Text" dnl D.X.Y.Z "Error-Code Error-Text" dnl C.X.Y "Error-Code Error-Text" dnl B.X "Error-Code Error-Text" dnl A "Error-Code Error-Text" dnl junk.domain JUNK dnl spammer@address.domain SPAMMER dnl cyberpromo.com "571 Sorry, Spamford, no e-mail from your place." dnl honey@sweeties.com "571 Honey, you're a spammer, go away." dnl If the RHS is JUNK or SPAMMER, a default error text is used. dnl "check_relay3" uses the IP addresses: full address, or class a, b or c. dnl ACCEPT_SOME activates a backdoor: all entries must have the form dnl "user@address OK" or "domain OK". dnl dnl define(`_ACCEPT_SOME_',`hash -o /etc/mail/accept.db')dnl dnl HACK(`check_mail3', `btree -a@JUNK /etc/mail/junk.db')dnl dnl HACK(`check_relay3', `btree -a@JUNK /etc/mail/junk.db')dnl dnl dnl sendmail only accepts emails as local that use the FQDN. if you want dnl to accpect further hostnames as local email, add them here or put dnl them into a sendmail.cw file. dnl dnl define(`confCW_FILE', `/etc/mail/sendmail.cw')dnl dnl FEATURE(use_cw_file)dnl dnl alternate names: dnl Cw localhost www.domain.com --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="linux.nullclient.mc" include(`/usr/share/sendmail/m4/cf.m4') VERSIONID(`linux setup for SuSE')dnl OSTYPE(`linux')dnl FEATURE(`nullclient', `mailhub.domain.com')dnl FEATURE(nocanonify)dnl --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=mailertable # Copyright (c) 1997 S.u.S.E. GmbH Fuerth, Germany. # Author: Florian La Roche <florian@suse.de> # # sendmail will look for all non-local email into this file to determine # the transport way to the next host. the destination hostname is used # to find an entry in this file. # # all uucp examples will use normal domain addressing for email. # this should be used by nearly everyone today. # # this will send all email via uucp to an attached uucp host. # a uucp server should have an entry for each attached uucp host. #uuhost.domain.com uucp-dom:uuhost # # to configure one uucp host that needs to send all non-local mail # to a uucp-server called "uuserver", we just configure a smarthost entry: #. uucp-dom:uuserver # # hosts sending email should be running all the day. if other hosts # are down, they can try in regular intervals to deliver email. # if you want to work on a machine that is not turned on all the time, # you can fetch email from the main email hub and send all outgoing # email directly to your local email hub for further delivery. # that is called a smarthost-entry: #. smtp:mailhub.domain.com # # send all email for a special host to another host or to a specific IP: #host.sub.org smtp:host.domain.com #host.sub.org smtp:[192.168.0.1] # # send email for all hosts below .sub.org to another host: #.sub.org smtp:host.domain.com # # send all email for a specific host to one local user called "foo": #host.sub.org local:foo # --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=virtusertable # # map incoming email from foo@domain.com to bar # foo@domain.com bar # --MGYHOYXEY6WxJCY8-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980520195102.C1152>