Date: Fri, 3 Sep 2004 20:04:10 -0700 From: chip@wiegand.org To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: freebsd-questions@freebsd.org Subject: Re: sendmail setup Message-ID: <20040903200410.7102cc8b.chip@wiegand.org> In-Reply-To: <20040904011119.GB26236@gothmog.gr> References: <20040903165714.31990153.chip@wiegand.org> <20040904011119.GB26236@gothmog.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks Giorgos, That's a lot of info. Is all of that really necessary to allow just one machine to send mail thru the bsd box to the net? I know the sendmail people tightened up the app alot. I suppose that's a good thing. Just seems like a lot of work to do something that seems to be simple. Regards, Chip On Sat, 4 Sep 2004 04:11:19 +0300 Giorgos Keramidas <keramida@ceid.upatras.gr> wrote: > On 2004-09-03 16:57, chip@wiegand.org wrote: > > Could someone please just explain what is needed to make it send > > mail out to the world from just one machine on the lan. It can't be > > as hard as it appears to be. > > The setup of my workstation at work to forward outgoing email to the > mail gateway available to all the machines of the internal network is > the following: > > > Sendmail options in rc.conf > =========================== > > The following options are in my `/etc/rc.conf' file: > > % grep sendmail /etc/rc.conf > sendmail_enable="NO" > sendmail_outbound_enable="NO" > sendmail_submit_enable="YES" > sendmail_submit_flags="-L sm-mta -bd -q5m > -ODaemonPortOptions=Addr=localhost" > sendmail_msp_queue_enable="YES" sendmail_msp_queue_flags="-L > sm-msp -Ac -q30m"% > > The two enabled sendmail processes have the following function: > > submit > This listens on 127.0.0.1:25 and allows local processes > (including the msp_queue process) to post messages. It uses > sendmail.cf as its configuration file and can forward all your > outgoing messages to the mail gateway of your LAN (see the > SMART_HOST option below). > > msp_queue > This sendmail process scans periodically the messages in the > queue/var/spool/clientmqueue and makes sure they don't get stuck > there. > > > The genericstable address rewriting rules > ========================================= > > The file /etc/mail/genericstable contains the following: > > % cat /etc/mail/genericstable > keramida@internal-host.internal.domain keramida@ceid.upatras.gr > % > > Thus, all messages posted by user `keramida' on my workstation will > have their address rewritten to keramida@ceid.upatras.gr, which is > certainly more useful to the rest of the world than my internal > workstation address. > > > The mailertable message routing table > ===================================== > > I want all my company email routed through our VPN to the internal > email server, instead of travelling through the Internet to reach the > same server's external interface. To accomplish this I use a > mailertable with the following entries: > > % cat /etc/mail/mailertable > .company.com smtp:internal-mx.company.com > company.com smtp:internal-mx.company.com > % > > Custom envelope from addresses > ============================== > > Some times I run scripts under my uid that want to "fake" their > envelope from address. Thus, I have created a file called > /etc/mail/trusted-users with a list of usernames that are allowed to > set their envelope from address with sendmail -f user@host without > having a warning added automagically by Sendmail in their header: > > % cat /etc/mail/trusted-users > keramida > % > > > The local hostnames > =================== > > The file local-host-names as you already mentioned contains the list > of hostnames that my workstation should consider `local' and attempt > to deliver to a local user: > > % cat /etc/mail/local-host-names > internal-host.internal.domain > internal-host > % > > I've added both the `internal-host' and > `internal-host.internal.domain' names, in case some locally running > program tries to send mail using only the hostname and not the fully > qualified domain name of the workstation in the local LAN. > > > The hostname.mc file > ==================== > > The Makefile in /etc/mail will look for a file called `hostname.mc' > where hostname is the short host name of your machine and use that as > the source for generating `sendmail.cf'. If this file does not exist > `freebsd.mc' is copied to `hostname.mc' and the rest of the Makefile > works as before. > > The differences of my hostname.mc file from the freebsd.mc installed > by FreeBSD 6.0-CURRENT are: > > +FEATURE(genericstable, `hash -o /etc/mail/genericstable') > -dnl define(`SMART_HOST', `your.isp.mail.server') > +define(`SMART_HOST', `smtp.internal.domain') > +FEATURE(masquerade_entire_domain) > +FEATURE(masquerade_envelope) > +MASQUERADE_AS(`company.com') > +MASQUERADE_DOMAIN(`internal.domain') > +FEATURE(use_cw_file) > define(`confCW_FILE', `-o /etc/mail/local-host-names') > +FEATURE(use_ct_file) > +define(`confCT_FILE', `-o /etc/mail/trusted-users') > -DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O') > > After what I wrote above the changes and their reasoning should be > easy to understand, except these few lines: > > +FEATURE(masquerade_entire_domain) > +FEATURE(masquerade_envelope) > +MASQUERADE_AS(`company.com') > +MASQUERADE_DOMAIN(`internal.domain') > > -DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O') > > The first one is to make sure that all email sent from my workstation > (or forwarded from my workstation, in case I enable an internal SMTP > server later) will use @company.com addresses. > > The second one is because I've removed IPv6 support from my kernel and > I don't like having Sendmail bother me about failed IPv6 connection > attempts. > > > The Final Steps > =============== > > * Make sure you don't have different map types defined in your > hostname.mc and in the Makefile of `/etc/mail' (i.e. a hardwired > map type of `btree' in hostname.mc for the access.db table and a > default map type of `hash' in Makefile). > > * Update the generated files of /etc/mail: > > # cd /etc/mail > # make && make install && make restart > > * That's all. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040903200410.7102cc8b.chip>