Date: Sat, 4 Sep 2004 04:11:19 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: chip@wiegand.org Cc: freebsd-questions@freebsd.org Subject: Re: sendmail setup Message-ID: <20040904011119.GB26236@gothmog.gr> In-Reply-To: <20040903165714.31990153.chip@wiegand.org> References: <20040903165714.31990153.chip@wiegand.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2004-09-03 16:57, chip@wiegand.org wrote:
> Could someone please just explain what is needed to make it send mail
> out to the world from just one machine on the lan. It can't be as hard
> as it appears to be.
The setup of my workstation at work to forward outgoing email to the
mail gateway available to all the machines of the internal network is
the following:
Sendmail options in rc.conf
===========================
The following options are in my `/etc/rc.conf' file:
% grep sendmail /etc/rc.conf
sendmail_enable="NO"
sendmail_outbound_enable="NO"
sendmail_submit_enable="YES"
sendmail_submit_flags="-L sm-mta -bd -q5m -ODaemonPortOptions=Addr=localhost"
sendmail_msp_queue_enable="YES"
sendmail_msp_queue_flags="-L sm-msp -Ac -q30m"
%
The two enabled sendmail processes have the following function:
submit
This listens on 127.0.0.1:25 and allows local processes (including
the msp_queue process) to post messages. It uses sendmail.cf as
its configuration file and can forward all your outgoing messages
to the mail gateway of your LAN (see the SMART_HOST option below).
msp_queue
This sendmail process scans periodically the messages in the queue
/var/spool/clientmqueue and makes sure they don't get stuck there.
The genericstable address rewriting rules
=========================================
The file /etc/mail/genericstable contains the following:
% cat /etc/mail/genericstable
keramida@internal-host.internal.domain keramida@ceid.upatras.gr
%
Thus, all messages posted by user `keramida' on my workstation will have
their address rewritten to keramida@ceid.upatras.gr, which is certainly
more useful to the rest of the world than my internal workstation address.
The mailertable message routing table
=====================================
I want all my company email routed through our VPN to the internal email
server, instead of travelling through the Internet to reach the same
server's external interface. To accomplish this I use a mailertable with
the following entries:
% cat /etc/mail/mailertable
.company.com smtp:internal-mx.company.com
company.com smtp:internal-mx.company.com
%
Custom envelope from addresses
==============================
Some times I run scripts under my uid that want to "fake" their envelope
from address. Thus, I have created a file called /etc/mail/trusted-users
with a list of usernames that are allowed to set their envelope from
address with sendmail -f user@host without having a warning added
automagically by Sendmail in their header:
% cat /etc/mail/trusted-users
keramida
%
The local hostnames
===================
The file local-host-names as you already mentioned contains the list of
hostnames that my workstation should consider `local' and attempt to
deliver to a local user:
% cat /etc/mail/local-host-names
internal-host.internal.domain
internal-host
%
I've added both the `internal-host' and `internal-host.internal.domain'
names, in case some locally running program tries to send mail using only
the hostname and not the fully qualified domain name of the workstation in
the local LAN.
The hostname.mc file
====================
The Makefile in /etc/mail will look for a file called `hostname.mc' where
hostname is the short host name of your machine and use that as the source
for generating `sendmail.cf'. If this file does not exist `freebsd.mc' is
copied to `hostname.mc' and the rest of the Makefile works as before.
The differences of my hostname.mc file from the freebsd.mc installed by
FreeBSD 6.0-CURRENT are:
+FEATURE(genericstable, `hash -o /etc/mail/genericstable')
-dnl define(`SMART_HOST', `your.isp.mail.server')
+define(`SMART_HOST', `smtp.internal.domain')
+FEATURE(masquerade_entire_domain)
+FEATURE(masquerade_envelope)
+MASQUERADE_AS(`company.com')
+MASQUERADE_DOMAIN(`internal.domain')
+FEATURE(use_cw_file)
define(`confCW_FILE', `-o /etc/mail/local-host-names')
+FEATURE(use_ct_file)
+define(`confCT_FILE', `-o /etc/mail/trusted-users')
-DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
After what I wrote above the changes and their reasoning should be easy to
understand, except these few lines:
+FEATURE(masquerade_entire_domain)
+FEATURE(masquerade_envelope)
+MASQUERADE_AS(`company.com')
+MASQUERADE_DOMAIN(`internal.domain')
-DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
The first one is to make sure that all email sent from my workstation (or
forwarded from my workstation, in case I enable an internal SMTP server
later) will use @company.com addresses.
The second one is because I've removed IPv6 support from my kernel and I
don't like having Sendmail bother me about failed IPv6 connection attempts.
The Final Steps
===============
* Make sure you don't have different map types defined in your
hostname.mc and in the Makefile of `/etc/mail' (i.e. a hardwired map
type of `btree' in hostname.mc for the access.db table and a default
map type of `hash' in Makefile).
* Update the generated files of /etc/mail:
# cd /etc/mail
# make && make install && make restart
* That's all.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040904011119.GB26236>