Date: Mon, 28 Jun 1999 14:16:25 -0700 (PDT) From: David Wolfskill <dhw@whistle.com> To: isp@FreeBSD.ORG, mcambria@lucent.com Subject: Re: sendmail masquerading unregistered domain Message-ID: <199906282116.OAA22229@pau-amma.whistle.com> In-Reply-To: <75ADD7496F0BD211ADC000104B8846CF5630F9@rerun.lucentctc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>From: "Cambria, Mike" <mcambria@lucent.com> >Date: Mon, 28 Jun 1999 10:57:20 -0400 >I've read the archives about using an .m4 file to setup sendmail to allow my >unregistered domain to send/receive email via my ISP. There is still one >thing I do not understand. >The Masquerading and Relaying page at www.sendmail.org ><http://www.sendmail.org>; reads as if I need to enable masquerading via >MASQUERADE_AS(host.domain) first, before I can use >MASQUERADE_DOMAIN(my.unregistered.domain) Yes. >The issue for me is that I don't want my system to masquerade as anything. >I only want the unregistered domain to masquerade as the "FreeBSD system" an >be converted to the domain known to the ISP. >... >There is no need for this system to "look like" another domain. So I don't >need to set MASQUERADE_AS(isp.com). That wouldn't be appropriate anyway. >Nor do I want to, the ISP would put all >mail in one mailbox. I *do* want the other systems on my LAN, using the >unregistered domain for email between them, to be able to send and receive >mail to/from the ISP. For mail not local to the unregistered domain, I need >the unregistered domain to become mypc.ISP.com (e.g. user@myfamily.com ><mailto:user@myfamily.com> becomes user@mypc.ISP.com ><mailto:user@mypc.ISP.com> for windows, user@pcname.myfamily.com ><mailto:user@pcname.myfamily.com> becomes user@mypc.ISP.com ><mailto:user@mypc.ISP.com> for other FreeBSD systems) Right. >... >The only thing I can think of is to use MASQUERADE_AS(mypc.ISP.com) even Yes. >though mail already uses this. Since this is very new to me, I'm looking >for a bit of advice at this point. I would be surprised if your configuration "already uses this" unless it has already deviated from "out-of-the-box." >Am I even on the right track? Have I properly understood what I've read so >far? Is there a better way of dealing with email? <RANT> There are issues that you don't address in the above. Basically, IMHO -- and representing no one but myself, and based in large part on my experiences as a customer of an ISP -- using a single POP maildrop is a rather hideous way to implement email connectivity for a set of multiple users (or roles). One of the basic issues is that in order to have the mail delivered to the POP maildrop, the ISP's MTA needs to perform "local" delivery. By design, this process removes and destroys envelope information. (Some ISPs implement local hacks to try to circumvent this to some extent, but it's rather like having a corporate mail center where the first thing that's done with incoming mail is rip open the envelope & throw it away... then try to deliver the content based on what's in the message. If you're really lucky, the mail center staff will have stuck a Post-It on the letter/whatever with a clue as to some part of what the envelope had written on it.) You may want to give some thought as to what happens to a message that is sent (from the outside world), addressed to "user0@mypc.ISP.com", with a Bcc: for "user1@mypc.ISP.com". (In at least one case with which I am familiar, what will happen is that the ISP will generate 2 copies of the same message (same Message-ID) in the POP mailbox... with different added-in headers (Post-It notes, to use the above analogy). Among other "interesting" effects, this means that there will be 2 instantiations of the message logged in /var/log/maillog, using the same Message-ID, intended for different people, but with the same To: and Cc: headers. It's the added-in header that shows the "real" intended recipient -- and I would expect multiple recipients being specified on the added-in header to be, at best, quite rare. Please note that it is not rare for messages of such length to be sent via email that sending 2 copies instead of 1 (addressed to both recipients) can be Very Annoying.) And, of course, that also means that using such techniques as RBL-blocking spammers via your own SMTP daemon aren't likely to be all that effective, since the spammer's SMTP dialog wasn't with your daemon anyway. :-( And if you try to send mail directly from your own system, you may be so unlucky as to find that you're in a netblock has been added to the MAPS DUL (http://maps.vix.com/dul/), in which case you either get to not send mail to folks who use said list as a means of rejecting mail, or you get to send your mail (to these folks, at least) only through your ISP. </RANT> >I am using FreeBSD 3.1-Release at the moment. Little of the above is peculiar to the OS in question; as long as you're using sendmail 8.x, you can (and, IMHO, should) use the "m4" configuration mechanism for sendmail. Or consider the use of a different MTA, I suppose, but I happen to use sendmail myself. Cheers, david -- David Wolfskill dhw@whistle.com UNIX System Administrator voice: (650) 577-7158 pager: (888) 347-0197 FAX: (650) 372-5915 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906282116.OAA22229>