Date: Tue, 23 Jun 1998 23:51:47 +0100 (BST) From: David Marsh <drmarsh@bigfoot.com> To: patl@phoenix.volant.org Cc: freebsd-questions@FreeBSD.ORG (FreeBSD-Questions List) Subject: Re: sendmail: How do I make sendmail 'fake' my 'online' mail address? (fwd) Message-ID: <199806232251.XAA02175@bigfoot.com> In-Reply-To: <ML-3.3.898460330.1183.patl@asimov> from "patl@phoenix.volant.org" at "Jun 21, 98 01:18:50 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > I've managed to get sendmail to masquerade as 'bigfoot.com' successfully, > > so hopefully (this is my first message with this new user: using dm worked > > similarly) this will 'assemble' a correct return-address, using the drmarsh > > from my *local* login, and the bigfoot.com from the MASQUERADE_AS line in > > my .mc file. > > > > > > My question is: is it possible to 'order' sendmail to insert a From: field > > of your own choosing, rather than have it do its > > too-smart-for-its-own-good method of actually assembling one from your local > > login name and the 'masquerade' domain? > > > > This would allow me to send mail when logged in as 'dm' (less typing, you > > see) which would be send with a _correct_ From: field. > > You -REALLY- don't want to do this in sendmail (or any other Mail Transfer > Agent.) In retrospect, you're absolutely right. I was simply attempting to follow the hints in the FAQ entry. This would (again in retrospect!) be a seriously bad idea in the event of (say) one of my friends having an account on my machine, and using a different ISP for their email. > It should always correctly identify itself as your host in your > domain. And most knowlegable email gurus agree that header rewriting is > generally a Bad Idea. (Some claim it is downright evil.) Which host do you mean here? I have an (obviously) bogus 'domain' for my machine, just for the purpose of giving it a name (which is currently appearing in my news headers, more manual reading in order, I think ;-) but I don't have a static IP address with my ISP, and so I'm allocated a random dialup-xxx.zetnet.co.uk address each time I connect. > In particular, I suspect that BigFoot.com would object strongly to your > machine masquerading as one of theirs... And even if they never find "I was only obeying orders" ;-) > Not to mention how badly you'd lose if you ever added another local > user that -didn't- use bigfoot.com... Very good point! I was initially going for the quick-and-dirty 'hope its works' "solution" just to restore my own email access rather than worrying about what would happen in the event of having more users at my end. > > [Actually, I now seem to have got around this problem, but I'm not sure if > > my solution is the right one: > > > > I've set the FROM and REPLYTO environment variables to contain my 'real' > > online email address, and for double paranoia, I've also included the > > same address in the From: header in my ~dm/.elm/elmheaders file. > > > > This /seems/ to have got around my mixture of personalities ;-) ] > > You've hit on the correct approach - configure your Mail User Agent(s) > to insert a correct Reply-to: header. If you also configure it to > set From: to a non-local address, you should probably make sure that > it adds a Sender: header with your local address. (IIRC the RFCs are > a bit vague on this particular situation; but it seems to fit within > the usage of Sender; and it should help bypass filters that might > otherwise classify your messages as forgeries.) OK, I'll add that to my list of elmheaders. > > My other problem is that I don't seem able to send mail from the localhost > > to either of my online incarnations (dmarsh@zetnet.. or drmarsh@bigfoot..) > > In either case, the message is bounced back. [snip] > > > > > > Anyway, here's the pertinant part of my .mc file (initial comment fluff > > snipped). > > I replaced sendmail with Exim long ago, partially because Exim > configuration is so much easier. But I'll take a stab at this. I may consider looking into this, once I get sendmail working properly at any rate! > > include(`../m4/cf.m4') > > VERSIONID(`@(#)trek.squelch.localnet.mc $Revision: 1.01, 1998-06-12 $') > > OSTYPE(bsd4.4)dnl > > DOMAIN(generic)dnl > > MAILER(local)dnl > > MAILER(smtp)dnl > > Cw trek.squelch.localnet > > This is not a legitimate Fully Qualified Domain Name - there is no > 'localnet' top-level domain. You should have a legitimate FQDN. I just copied that from the FAQ example (which used bsd.home instead as their bogus 'local domain'). > Either your own domain name, or your hostname within zetnet.co.uk. > ZetNet should be able to tell you whether they have set up the > necessary DNS records to show your host within their domain. Sorry, as I hinted at above, and forgot to mention previously, I only have a dynamically-assigned (choice of an) 'online' hostname. > > Cw bigfoot.com > > This is a forgery. It will fail any sort of verification performed > by the receiving MTA. OK. I was simply attempting to generate the header field I wanted for replies, no malicious uses were intended. > > Cw zetnet.co.uk > > IIRC, this should be your complete host name. Since you are > not handling all mail for zetnet.co.uk, it should probably be > Cw <yourhost>.zetnet.co.uk As I don't have the same hostname each time I login (it's something /like/ dialup-xxx.zetnet.co.uk, I'll need to check), how would I get around this? > > MASQUERADE_AS(`bigfoot.com')dnl > > This is intended to be used on a central mail server to make all > mail from within the domain appear to come from the domain itself > instead of from individual machines. It is -NOT- intended to be > used to pretend to be from another domain entirely. Ah. Again it's based on my reading of the FAQ! Maybe the FAQ entry is a little unclear. I take it I should remove this line completely? > > FEATURE(masquerade_envelope)dnl > > EXPOSED_USER(root) > > FEATURE(mailertable, `hash -o /etc/mailertable')dnl > > FEATURE(nodns)dnl > > FEATURE(nouucp)dnl > > define(`confCW_FILE', `-o /etc/sendmail.cw')dnl > > define(SMART_HOST, `mail.zetnet.co.uk') > > Dm bigfoot.com > > define(`confDOMAIN_NAME', `bigfoot.com')dnl Do you have any idea which (if any) of these lines I should or must remove? Presumably the masquerade_envelope isn't needed if I don't have the MASQUERADE_AS line? I'm rather unsure about: > > Dm bigfoot.com > > define(`confDOMAIN_NAME', `bigfoot.com')dnl as well, but again I merely transcribed these from the FAQ. Thanks very much for your help, it's given me something to work on. I'll try to strip out the bad lines and remake my sendmail.conf, but if anybody has any ideas as to which of the above lines are or aren't needed, I'd be very grateful. Many thanks, Dave. -- David Marsh,drmarsh@bigfoot.com | http://squelch.home.ml.org/ | Glasgow/Glaschu, Scotland. *If urgent, phone: +44 141 400-0577.* | >> CYCLEWAY: cycle activism GB/IE: http://squelch.home.ml.org/cycleway/ << >> includes bikes on public transport, and cycle organisation directories << To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806232251.XAA02175>