From owner-freebsd-questions@FreeBSD.ORG Sat Sep 4 01:13:17 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E0F9416A4CE for ; Sat, 4 Sep 2004 01:13:17 +0000 (GMT) Received: from aiolos.otenet.gr (aiolos.otenet.gr [195.170.0.23]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9DCD43D1D for ; Sat, 4 Sep 2004 01:13:15 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.gr (patr530-a202.otenet.gr [212.205.215.202]) i841DAv6001702; Sat, 4 Sep 2004 04:13:11 +0300 Received: from gothmog.gr (gothmog [127.0.0.1]) by gothmog.gr (8.13.1/8.13.1) with ESMTP id i841BLMk026552; Sat, 4 Sep 2004 04:11:21 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.gr (8.13.1/8.13.1/Submit) id i841BJNA026551; Sat, 4 Sep 2004 04:11:19 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Sat, 4 Sep 2004 04:11:19 +0300 From: Giorgos Keramidas To: chip@wiegand.org Message-ID: <20040904011119.GB26236@gothmog.gr> References: <20040903165714.31990153.chip@wiegand.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040903165714.31990153.chip@wiegand.org> Phone: +30-2610-312145 Mobile: +30-6944-116520 cc: freebsd-questions@freebsd.org Subject: Re: sendmail setup X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Sep 2004 01:13:18 -0000 On 2004-09-03 16:57, chip@wiegand.org wrote: > Could someone please just explain what is needed to make it send mail > out to the world from just one machine on the lan. It can't be as hard > as it appears to be. The setup of my workstation at work to forward outgoing email to the mail gateway available to all the machines of the internal network is the following: Sendmail options in rc.conf =========================== The following options are in my `/etc/rc.conf' file: % grep sendmail /etc/rc.conf sendmail_enable="NO" sendmail_outbound_enable="NO" sendmail_submit_enable="YES" sendmail_submit_flags="-L sm-mta -bd -q5m -ODaemonPortOptions=Addr=localhost" sendmail_msp_queue_enable="YES" sendmail_msp_queue_flags="-L sm-msp -Ac -q30m" % The two enabled sendmail processes have the following function: submit This listens on 127.0.0.1:25 and allows local processes (including the msp_queue process) to post messages. It uses sendmail.cf as its configuration file and can forward all your outgoing messages to the mail gateway of your LAN (see the SMART_HOST option below). msp_queue This sendmail process scans periodically the messages in the queue /var/spool/clientmqueue and makes sure they don't get stuck there. The genericstable address rewriting rules ========================================= The file /etc/mail/genericstable contains the following: % cat /etc/mail/genericstable keramida@internal-host.internal.domain keramida@ceid.upatras.gr % Thus, all messages posted by user `keramida' on my workstation will have their address rewritten to keramida@ceid.upatras.gr, which is certainly more useful to the rest of the world than my internal workstation address. The mailertable message routing table ===================================== I want all my company email routed through our VPN to the internal email server, instead of travelling through the Internet to reach the same server's external interface. To accomplish this I use a mailertable with the following entries: % cat /etc/mail/mailertable .company.com smtp:internal-mx.company.com company.com smtp:internal-mx.company.com % Custom envelope from addresses ============================== Some times I run scripts under my uid that want to "fake" their envelope from address. Thus, I have created a file called /etc/mail/trusted-users with a list of usernames that are allowed to set their envelope from address with sendmail -f user@host without having a warning added automagically by Sendmail in their header: % cat /etc/mail/trusted-users keramida % The local hostnames =================== The file local-host-names as you already mentioned contains the list of hostnames that my workstation should consider `local' and attempt to deliver to a local user: % cat /etc/mail/local-host-names internal-host.internal.domain internal-host % I've added both the `internal-host' and `internal-host.internal.domain' names, in case some locally running program tries to send mail using only the hostname and not the fully qualified domain name of the workstation in the local LAN. The hostname.mc file ==================== The Makefile in /etc/mail will look for a file called `hostname.mc' where hostname is the short host name of your machine and use that as the source for generating `sendmail.cf'. If this file does not exist `freebsd.mc' is copied to `hostname.mc' and the rest of the Makefile works as before. The differences of my hostname.mc file from the freebsd.mc installed by FreeBSD 6.0-CURRENT are: +FEATURE(genericstable, `hash -o /etc/mail/genericstable') -dnl define(`SMART_HOST', `your.isp.mail.server') +define(`SMART_HOST', `smtp.internal.domain') +FEATURE(masquerade_entire_domain) +FEATURE(masquerade_envelope) +MASQUERADE_AS(`company.com') +MASQUERADE_DOMAIN(`internal.domain') +FEATURE(use_cw_file) define(`confCW_FILE', `-o /etc/mail/local-host-names') +FEATURE(use_ct_file) +define(`confCT_FILE', `-o /etc/mail/trusted-users') -DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O') After what I wrote above the changes and their reasoning should be easy to understand, except these few lines: +FEATURE(masquerade_entire_domain) +FEATURE(masquerade_envelope) +MASQUERADE_AS(`company.com') +MASQUERADE_DOMAIN(`internal.domain') -DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O') The first one is to make sure that all email sent from my workstation (or forwarded from my workstation, in case I enable an internal SMTP server later) will use @company.com addresses. The second one is because I've removed IPv6 support from my kernel and I don't like having Sendmail bother me about failed IPv6 connection attempts. The Final Steps =============== * Make sure you don't have different map types defined in your hostname.mc and in the Makefile of `/etc/mail' (i.e. a hardwired map type of `btree' in hostname.mc for the access.db table and a default map type of `hash' in Makefile). * Update the generated files of /etc/mail: # cd /etc/mail # make && make install && make restart * That's all.