From owner-freebsd-questions@FreeBSD.ORG Mon Nov 14 13:55:17 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 31BBF16A41F for ; Mon, 14 Nov 2005 13:55:17 +0000 (GMT) (envelope-from hans@nieser.net) Received: from smtp-vbr6.xs4all.nl (smtp-vbr6.xs4all.nl [194.109.24.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64CD343D49 for ; Mon, 14 Nov 2005 13:55:15 +0000 (GMT) (envelope-from hans@nieser.net) Received: from [192.168.1.10] (nieser.net [194.109.160.131]) by smtp-vbr6.xs4all.nl (8.13.3/8.13.3) with ESMTP id jAEDtE9s048190 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 14 Nov 2005 14:55:14 +0100 (CET) (envelope-from hans@nieser.net) Message-ID: <43789742.4070804@nieser.net> Date: Mon, 14 Nov 2005 14:55:14 +0100 From: Hans Nieser User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051106) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: multipart/mixed; boundary="------------090904080203010205010300" X-Virus-Scanned: by XS4ALL Virus Scanner Subject: How to redirect mail sent to root to external mailbox? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2005 13:55:17 -0000 This is a multi-part message in MIME format. --------------090904080203010205010300 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi list, I operate several servers, one of which is at home, behind NAT. The local network is configured to use the domainname "nieser.local.", which obviously only exists on the local (forwarding) nameserver. To be able to send e-mail from this machine (which would normally be rejected by any MTA because of the non-existent 'from' domainname ) I have configured sendmail to masquerade e-mail sent from the "royen.nieser.local" machine as "royen.nieser.net" which resolves to the external IP adress of the DSL gateway device (which has smtp forwarded to the royen.nieser.local machine). The above setup *mostly* (see below) works, e-mail that I send from the server has it's "royen.nieser.local" hostname properly substituted with "royen.nieser.net"). Now, to make monitoring all the servers I operate easier, I wanted to forward all mail sent to root (including the periodic output), by putting "root: h.nieser@xs4all.nl" in the /etc/mail/aliases file, as the comments in this file suggested: # Pretty much everything else in this file points to "root", so # you would do well in either reading root's mailbox or forwarding # root's email from here. But here's the weird thing, the periodic mail doesn't get masqueraded and therefore gets rejected by the remote MTA. The "rejected" message which gets sent back to the root account, however, *does* get masqueraded properly and subsequently forwarded to the e-mail I specified in the /etc/mail/aliases file! Also, when I ssh to the royen machine and type "periodic daily" on the commandline, the mail it generates DOES get masqueraded correctly... What's going on here? I'm having a real hard time getting my head around this because of all the redirecting and forwarding and perhaps lack of in-depth knowledge of smtp/sendmail... I have my sendmail configuration attached (also mirrored at http://nieser.net/files/sendmail/1/ ). I'd rather keep the nieser.local/nieser.net domainnames seperate and use masquerading because the whole NAT setup is confusing enough for me as it is, having the same domainname resolve to different adresses for the LAN and the Internet would probably drive me mad. Can anyone assist? PS: The domainnames used in my problem description above may not actually resolve as I've tried to simplify my problem by using more logical names. --------------090904080203010205010300 Content-Type: text/plain; name="aliases" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="aliases" root@royen:/etc/mail# cat aliases # $FreeBSD: src/etc/mail/aliases,v 1.20 2004/06/30 16:47:08 maxim Exp $ # @(#)aliases 5.3 (Berkeley) 5/24/90 # # Aliases in this file will NOT be expanded in the header from # Mail, but WILL be visible over networks. # # >>>>>>>>>> The program "newaliases" must be run after # >> NOTE >> this file is updated for any changes to # >>>>>>>>>> show through to sendmail. # # # See also RFC 2142, `MAILBOX NAMES FOR COMMON SERVICES, ROLES # AND FUNCTIONS', May 1997 # Pretty much everything else in this file points to "root", so # you would do well in either reading root's mailbox or forwarding # root's email from here. root: h.nieser@xs4all.nl # Basic system aliases -- these MUST be present MAILER-DAEMON: postmaster postmaster: root # General redirections for pseudo accounts _pflogd: root bin: root bind: root daemon: root games: root kmem: root mailnull: postmaster man: root news: root nobody: root operator: root pop: root proxy: root smmsp: postmaster sshd: root system: root toor: root tty: root usenet: news uucp: root # Well-known aliases -- these should be filled in! # manager: # dumper: # BUSINESS-RELATED MAILBOX NAMES # info: # marketing: # sales: # support: # NETWORK OPERATIONS MAILBOX NAMES abuse: root # noc: root security: root # SUPPORT MAILBOX NAMES FOR SPECIFIC INTERNET SERVICES ftp: root ftp-bugs: ftp hostmaster: root webmaster: root www: webmaster # NOTE: /var/msgs and /var/msgs/bounds must be owned by sendmail's # DefaultUser (defaults to mailnull) for the msgs alias to work. # # msgs: "| /usr/bin/msgs -s" # bit-bucket: /dev/null # dev-null: bit-bucket aphax: hans --------------090904080203010205010300 Content-Type: text/plain; name="royen.nieser.local.mc" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="royen.nieser.local.mc" root@royen:/etc/mail# cat royen.nieser.local.mc divert(-1) # # Copyright (c) 1983 Eric P. Allman # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgement: # This product includes software developed by the University of # California, Berkeley and its contributors. # 4. Neither the name of the University nor the names of its contributors # may be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # # This is a generic configuration file for FreeBSD 5.X and later systems. # If you want to customize it, copy it to a name appropriate for your # environment and do the modifications there. # # The best documentation for this .mc file is: # /usr/share/sendmail/cf/README or # /usr/src/contrib/sendmail/cf/README # divert(0) VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.29 2003/12/24 21:15:09 gshapiro Exp $')OSTYPE(freebsd5) DOMAIN(generic) MASQUERADE_AS(`royen.nieser.net') FEATURE(`masquerade_envelope') MASQUERADE_EXCEPTION_FILE(`/etc/mail/masq-except-domains') FEATURE(access_db, `hash -o -T /etc/mail/access') FEATURE(blacklist_recipients) FEATURE(local_lmtp) FEATURE(mailertable, `hash -o /etc/mail/mailertable') FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') dnl Uncomment to allow relaying based on your MX records. dnl NOTE: This can allow sites to use your server as a backup MX without dnl your permission. dnl FEATURE(relay_based_on_MX) dnl DNS based black hole lists dnl -------------------------------- dnl DNS based black hole lists come and go on a regular basis dnl so this file will not serve as a database of the available servers. dnl For that, visit dnl http://directory.google.com/Top/Computers/Internet/Abuse/Spam/Blacklists/ dnl Uncomment to activate Realtime Blackhole List dnl information available at http://www.mail-abuse.com/ dnl NOTE: This is a subscription service as of July 31, 2001 dnl FEATURE(dnsbl) dnl Alternatively, you can provide your own server and rejection message: dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', `"550 Mail from " $&{client_addr} " rejected, see http://mail-abuse.org/cgi-bin/lookup?" $&{client_addr}') dnl Dialup users should uncomment and define this appropriately dnl define(`SMART_HOST', `your.isp.mail.server') dnl Uncomment the first line to change the location of the default dnl /etc/mail/local-host-names and comment out the second line. dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw') define(`confCW_FILE', `-o /etc/mail/local-host-names') dnl Enable for both IPv4 and IPv6 (optional) DAEMON_OPTIONS(`Name=IPv4, Family=inet') DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O') define(`confBIND_OPTS', `WorkAroundBrokenAAAA') define(`confNO_RCPT_ACTION', `add-to-undisclosed') define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy') MAILER(local) MAILER(smtp) --------------090904080203010205010300 Content-Type: text/plain; name="royen.nieser.local.submit.mc" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="royen.nieser.local.submit.mc" root@royen:/etc/mail# cat royen.nieser.local.submit.mc divert(-1) # # Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # # # # This is the FreeBSD configuration for a set-group-ID sm-msp sendmail # that acts as a initial mail submission program. # # divert(0)dnl VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.submit.mc,v 1.1 2003/10/19 00:03:13 gshapiro Exp $') define(`confCF_VERSION', `Submit')dnl define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet define(`confTIME_ZONE', `USE_TZ')dnl define(`confDONT_INIT_GROUPS', `True')dnl define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl dnl dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] FEATURE(`msp', `[127.0.0.1]')dnl --------------090904080203010205010300--