From owner-freebsd-doc@FreeBSD.ORG Wed Mar 24 01:30:14 2004 Return-Path: Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CCB3916A4CF for ; Wed, 24 Mar 2004 01:30:14 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id B5F4343D31 for ; Wed, 24 Mar 2004 01:30:14 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i2O9UEbv053072 for ; Wed, 24 Mar 2004 01:30:14 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i2O9UEDw053071; Wed, 24 Mar 2004 01:30:14 -0800 (PST) (envelope-from gnats) Resent-Date: Wed, 24 Mar 2004 01:30:14 -0800 (PST) Resent-Message-Id: <200403240930.i2O9UEDw053071@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Marc Silver Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 46A4816A4CE for ; Wed, 24 Mar 2004 01:23:16 -0800 (PST) Received: from riffraff.plig.net (riffraff.plig.net [195.40.6.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5453D43D45 for ; Wed, 24 Mar 2004 01:23:15 -0800 (PST) (envelope-from marcs@draenor.org) Received: from localhost (localhost [127.0.0.1]) by riffraff.plig.net (Postfix) with ESMTP id 867E3FA2D1 for ; Wed, 24 Mar 2004 09:23:14 +0000 (GMT) Received: from riffraff.plig.net ([127.0.0.1]) by localhost (riffraff.plig.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 39010-01-9 for ; Wed, 24 Mar 2004 09:23:08 +0000 (GMT) Received: from bsd.int.draenor.org (unknown [196.34.86.10]) by riffraff.plig.net (Postfix) with ESMTP id DF7D5FA2BA for ; Wed, 24 Mar 2004 09:23:03 +0000 (GMT) Received: by bsd.int.draenor.org (Postfix, from userid 1332) id D2D0D1CC2C; Wed, 24 Mar 2004 11:22:49 +0200 (SAST) Message-Id: <20040324092249.D2D0D1CC2C@bsd.int.draenor.org> Date: Wed, 24 Mar 2004 11:22:49 +0200 (SAST) From: Marc Silver To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: docs/64648: minor update to mail chapter X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Marc Silver List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Mar 2004 09:30:14 -0000 >Number: 64648 >Category: docs >Synopsis: minor update to mail chapter >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Mar 24 01:30:14 PST 2004 >Closed-Date: >Last-Modified: >Originator: Marc Silver >Release: FreeBSD 5.2.1-RELEASE-p3 i386 >Organization: >Environment: System: FreeBSD bsd.hidedomain.com 5.2.1-RELEASE-p3 FreeBSD 5.2.1-RELEASE-p3 #4: Thu Mar 18 11:00:49 SAST 2004 root@:/usr/src/sys/i386/compile/BSD i386 >Description: The mail chapter of the handbook is somewhat fuzzy (imho) when describing certain things, and contains out of date information from the sendmail FAQ. >How-To-Repeat: Read the mail chapter of the handbook. >Fix: This fix updates the sendmail FAQ information, and also contains some grammatical changes to the chapter, as well as some minor docbook changes. Apply the patch... --- chapter.sgml-orig Tue Mar 23 15:57:59 2004 +++ chapter.sgml Wed Mar 24 11:18:54 2004 @@ -49,7 +49,7 @@ Where basic sendmail configuration - files are located in FreeBSD. + files are located in &os;. @@ -113,8 +113,8 @@ - Properly set up the DNS information for your mail host - (). + Properly set up the DNS information + for your mail host (). @@ -133,8 +133,8 @@ are: the user program, the server daemon, DNS, a - remote or local mailbox, and of course, the - mailhost itself. + remote or local mailbox, and of course, the mailhost itself. The User Program @@ -142,15 +142,16 @@ This includes command line programs such as mutt, pine, elm, - and mail, and GUI programs such as - balsa, + and mail, and GUI programs + such as balsa, xfmail to name a few, and something more sophisticated like a WWW browser. These programs simply pass off the email transactions to the local mailhost, either by calling one of the server - daemons available, or delivering it over TCP. - + daemons available, or delivering it over + TCP. + Mailhost Server Daemon @@ -171,44 +172,69 @@ exim - This is usually sendmail (by - default with FreeBSD) or one of the other mail server daemons such - as qmail, - postfix, or - exim. There are others, but those are - the most widely used. - - The server daemon usually has two functions—it looks - after receiving incoming mail and delivers outgoing mail. It is - not responsible for allowing you to collect mail using protocols - such as POP or IMAP to - read your email, nor does it allow connecting to local - mbox or Maildir mailboxes. You may require - an additional daemon for - that. - - Be aware that some older versions of - sendmail have some serious security - problems, however as long as you run a current version of it you - should not have any problems. As always, it is a good idea to - stay up-to-date with any software you run. + &os; ships with sendmail by + default, but also support numerous other mail server daemons, + just some of which include: + + + + postfix; + + + + exim; + + + + qmail; + + + + The server daemon usually has two functions—it is + responsible for receiving incoming mail as well as delivering + outgoing mail. It is not responsible for + the collection of mail using protocols such as + POP or IMAP to read email, + nor does it allow connecting to local mbox + or Maildir mailboxes. You may require an additional daemon for that. + + + Older versions of sendmail have + some serious security issues which may result in an attacker + gaining local and/or remote access to your machine. Make sure + that you are running a current version to avoid these + problems. Optionally, install an alternative + MTA from the &os; + Ports Collection. + Email and DNS - The Domain Name System (DNS) and its daemon - named play a large role in the delivery of - email. In order to deliver mail from your site to another, the - server daemon will look up the site in the DNS to determine the - host that will receive mail for the destination. - - It works the same way when you have mail sent to you. The DNS - contains the database mapping hostname to an IP address, and a - hostname to mailhost. The IP address is specified in an A record. - The MX (Mail eXchanger) record specifies the mailhost that will - receive mail for you. If you do not have an MX record for your - hostname, the mail will be delivered directly to your host. + The Domain Name System (DNS) and its daemon + named play a large role in the delivery of + email. In order to deliver mail from one site to another, the + server daemon looks up the remote site in DNS + to determine the host that will receive mail for the + destination. This process also occurs when mail is sent from a + remote host to your mail server. + + DNS is responsible for mapping hostnames + to IP addresses, as well as for storing information specific to + mail delivery, known as MX records. The MX (Mail eXchanger) + record specifies which host, or hosts, will recieve mail for a + particular domain. If you do not have an MX record for your + hostname or domain, the mail will be delivered directly to your + host provided you have an A record pointing your hostname to + your IP address. + + You may view the MX records for any domain by using the + &man.host.1; command, as seen in the example below: + + &prompt.user; host -t mx &os;.org +&os;.org mail is handled (pri=10) by mx1.&os;.org @@ -219,14 +245,15 @@ Receiving mail for your domain is done by the mail host. It - will collect mail sent to you and store it for reading or pickup - in either mbox or Maildir format, depending - on your configuration. Mail can then be remotely accessed using - either POP or IMAP, or - alternatively by using a mail user agent that is locally - installed on the mail host itself which will directly - communicate with the mailbox. This means that should you only - wish to read mail locally, you are not required to install a + collects all mail sent to your domain and stores it either in + mbox (the default method for storing mail) + or Maildir format, depending on your configuration. Once mail + has been stored, it may either be read locally using + applications such as &man.mail.1; or + mutt, or remotely accessed and + collected using protocols such as POP or + IMAP. This means that should you only wish + to read mail locally, you are not required to install a POP or IMAP server. @@ -327,7 +354,7 @@ Mailboxes may be accessed locally by directly utilizing MUA's on the server on which the mailbox resides. This can be done using applications such as - mutt or mail. + mutt or &man.mail.1;. @@ -359,9 +386,9 @@ &man.sendmail.8; is the default Mail Transfer Agent (MTA) in - FreeBSD. sendmail's job is to accept - mail from Mail User Agents (MUA) and deliver it - to the appropriate mailer as defined by its configuration file. + &os;. sendmail's job is to accept mail + from Mail User Agents (MUA) and deliver it to + the appropriate mailer as defined by its configuration file. sendmail can also accept network connections and deliver mail to local mailboxes or deliver it to another program. @@ -493,7 +520,7 @@ mail servers. When this file is updated, you need to run - make in /etc/mail/ to + &man.make.1; in /etc/mail/ to update the database. @@ -532,7 +559,7 @@ through a &unix; pipe. When this file is updated, you need to run - make in /etc/mail/ to + &man.make.1; in /etc/mail/ to update the database. @@ -632,27 +659,26 @@ change mta - As already mentioned, FreeBSD comes with - sendmail already installed as your - MTA (Mail Transfer Agent). Therefore by default it is - in charge of your outgoing and incoming mail. - - However, for a variety of reasons, some system - administrators want to change their system's MTA. These - reasons range from simply wanting to try out another MTA to - needing a specific feature or package which relies on another - mailer. Fortunately, whatever the reason, FreeBSD makes it - easy to make the change. + As already mentioned, &os; comes with + sendmail already installed as your MTA + (Mail Transfer Agent). Therefore by default it is in charge of + your outgoing and incoming mail. + + However, for a variety of reasons, some system administrators + want to change their system's MTA. These reasons range from + simply wanting to try out another MTA to needing a specific + feature or package which relies on another mailer. Fortunately, + whatever the reason, &os; makes it easy to make the change. Install a New MTA You have a wide choice of MTAs available. A good starting point is the - FreeBSD Ports Collection where + &os; Ports Collection where you will be able to find many. Of course you are free to use any MTA you want from any location, as long as you can make - it run under FreeBSD. + it run under &os;. Start by installing your new MTA. Once it is installed it gives you a chance to decide if it really fulfills your @@ -679,7 +705,7 @@ used to disable it is subtly different. - FreeBSD 4.5-STABLE before 2002/4/4 and Earlier + <title>&os; 4.5-STABLE before 2002/4/4 and Earlier (Including 4.5-RELEASE and Earlier) Enter: @@ -694,7 +720,7 @@ - FreeBSD 4.5-STABLE after 2002/4/4 + <title>&os; 4.5-STABLE after 2002/4/4 (Including 4.6-RELEASE and Later) In order to completely disable @@ -735,11 +761,11 @@ Running Your New MTA on Boot You may have a choice of two methods for running your - new MTA on boot, again depending on what version of FreeBSD + new MTA on boot, again depending on what version of &os; you are running. - FreeBSD 4.5-STABLE before 2002/4/11 + <title>&os; 4.5-STABLE before 2002/4/11 (Including 4.5-RELEASE and Earlier) Add a script to @@ -763,10 +789,10 @@ - FreeBSD 4.5-STABLE after 2002/4/11 + <title>&os; 4.5-STABLE after 2002/4/11 (Including 4.6-RELEASE and Later) - With later versions of FreeBSD, you can use the + With later versions of &os;, you can use the above method or you can set mta_start_script="filename" @@ -795,7 +821,7 @@ you will need to make sure that software trying to execute standard sendmail binaries such as /usr/bin/sendmail actually executes - your chosen mailer instead. Fortunately, FreeBSD provides + your chosen mailer instead. Fortunately, &os; provides a system called &man.mailwrapper.8; that does this job for you. @@ -872,12 +898,12 @@ BIND Traditionally, this was allowed by BSD BIND resolvers. However the current version of BIND - that ships with FreeBSD no longer provides default abbreviations + that ships with &os; no longer provides default abbreviations for non-fully qualified domain names other than the domain you are in. So an unqualified host mumble must either be found as mumble.foo.bar.edu, or it will be searched - for in the root domain. + role="fqdn">mumble.foo.bar.edu, or it will be + searched for in the root domain. This is different from the previous behavior, where the search continued across This is answered in the sendmail FAQ as follows: - I am getting Local configuration error messages, such as: + I'm getting these error messages: -553 relay.domain.net config error: mail loops back to myself +553 MX list for domain.net points back to relay.domain.net 554 <user@domain.net>... Local configuration error How can I solve this problem? -You have asked mail to the domain (e.g., domain.net) to be -forwarded to a specific host (in this case, relay.domain.net) -by using an MX record, but the relay machine does not recognize -itself as domain.net. Add domain.net to /etc/mail/local-host-names -(if you are using FEATURE(use_cw_file)) or add Cw domain.net -to /etc/mail/sendmail.cf. +You have asked mail to a domain (e.g., domain.net) to be forwarded to a +specific host (in this case, relay.domain.net) by using an MX record, +but the relay machine doesn't recognize itself as domain.net. Add +domain.net to /etc/mail/local-host-names [known as /etc/sendmail.cw +prior to version 8.10] (if you are using FEATURE(`use_cw_file')) or add +"Cw domain.net" to your configuration file. + +There are a couple of additional cases where you don't actually want +local delivery, and thus adding domain.net to class w is not the right +fix: + + When relay.domain.net should just be acting as a forwarder, e.g. + a firewall/gateway box. The proper fix could be to set up a + mailertable entry for domain.net. + + When relay.domain.net is a secondary (etc.) MX, and the MX + mistakenly points to a CNAME or other "non-canonical" name [this + gives "config error: mail loops back to me (MX problem?)"]. The + proper fix is to point the MX at the actual name, a + "work-around" to add the MX target to class w. + +IMPORTANT: When making changes to your configuration file, be sure you +kill and restart the sendmail daemon (for any change in the +configuration, not just this one): + +kill -HUP `head -1 /var/run/sendmail.pid` +Note: You can also get this error message (MX loops ...) when two +sendmail systems talk to each other, and both have the same value of $j. +The best solution is "don't do that." The sendmail FAQ can be found at and is @@ -939,8 +988,8 @@ - You want to connect a FreeBSD box on a LAN to the - Internet. The FreeBSD box will be a mail gateway for the LAN. + You want to connect a &os; box on a LAN to the + Internet. The &os; box will be a mail gateway for the LAN. The PPP connection is non-dedicated. UUCP @@ -1007,12 +1056,13 @@ # local config error. OwTrue -That way a remote site will deliver straight to you, without trying -the customer connection. You then send to your customer. Only works for -hosts, so you need to get your customer to name their mail -machine customer.com as well as -hostname.customer.com in the DNS. Just put an A record in -the DNS for customer.com. +That way a remote site will deliver straight to you, without trying the +customer connection. You then send to your customer. Only works for +hosts, so you need to get your customer to name their +mail machine customer.com as well as +hostname.customer.com in the DNS. +Just put an A record in the DNS for +customer.com. @@ -1024,7 +1074,7 @@ - In default FreeBSD installations, + In default &os; installations, sendmail is configured to only send mail from the host it is running on. For example, if a POP server is available, then users @@ -1084,23 +1134,24 @@ Out of the box, you should be able to send email to external - hosts as long as you have set up + hosts as long as you have set up /etc/resolv.conf or are running your own name server. If you would like to have mail for your host - delivered to the MTA (e.g., sendmail) on your own FreeBSD host, there are two methods: + delivered to the MTA (e.g., sendmail) + on your own &os; host, there are two methods: Run your own name server and have your own domain. For example, FreeBSD.org + role="domainname">&os;.org Get mail delivered directly to your host. This is done by - delivering mail directly to the current DNS name for your - machine. For example, example.FreeBSD.org. + delivering mail directly to the current + DNS name for your machine. For example, + example.&os;.org. @@ -1115,13 +1166,14 @@ MX record - Make sure that the (lowest-numbered) MX record in your DNS points to your - host's IP address. + Make sure that the (lowest-numbered) MX record in your + DNS points to your host's IP + address. - Make sure there is no MX entry in your DNS for your - host. + Make sure there is no MX entry in your + DNS for your host. @@ -1131,39 +1183,40 @@ Try this: &prompt.root; hostname -example.FreeBSD.org -&prompt.root; host example.FreeBSD.org -example.FreeBSD.org has address 204.216.27.XX +example.&os;.org +&prompt.root; host example.&os;.org +example.&os;.org has address 204.216.27.XX If that is what you see, mail directly to - yourlogin@example.FreeBSD.org should work without + yourlogin@example.&os;.org should work without problems (assuming sendmail is - running correctly on example.FreeBSD.org). + running correctly on example.&os;.org). If instead you see something like this: - &prompt.root; host example.FreeBSD.org -example.FreeBSD.org has address 204.216.27.XX -example.FreeBSD.org mail is handled (pri=10) by hub.FreeBSD.org + &prompt.root; host example.&os;.org +example.&os;.org has address 204.216.27.XX +example.&os;.org mail is handled (pri=10) by hub.&os;.org All mail sent to your host (example.FreeBSD.org) will end up being + role="fqdn">example.&os;.org) will end up being collected on hub under the same username instead of being sent directly to your host. - The above information is handled by your DNS server. The DNS - record that carries mail routing information is the - Mail eXchange entry. If - no MX record exists, mail will be delivered directly to the host by - way of its IP address. + The above information is handled by your + DNS server. The DNS + record that carries mail routing information is the + Mail eXchange entry. + If no MX record exists, mail will be delivered directly to the + host by way of its IP address. The MX entry for freefall.FreeBSD.org at one time looked like + role="fqdn">freefall.&os;.org at one time looked like this: - freefall MX 30 mail.crl.net + freefall MX 30 mail.crl.net freefall MX 40 agora.rdrop.com -freefall MX 10 freefall.FreeBSD.org +freefall MX 10 freefall.&os;.org freefall MX 20 who.cdrom.com As you can see, freefall had many MX entries. @@ -1186,7 +1239,7 @@ server) you need to have any mail sent to various workstations directed to it. Basically, you want to claim any mail for any hostname in your domain (in this case *.FreeBSD.org) and divert it to your mail + role="fqdn">*.&os;.org) and divert it to your mail server so your users can receive their mail on the master mail server. @@ -1197,27 +1250,28 @@ The mailhost you will be using must be the designated mail exchanger for each workstation on the network. This is done in - your DNS configuration like so: + your DNS configuration like so: - example.FreeBSD.org A 204.216.27.XX ; Workstation - MX 10 hub.FreeBSD.org ; Mailhost + example.&os;.org A 204.216.27.XX ; Workstation + MX 10 hub.&os;.org ; Mailhost This will redirect mail for the workstation to the mailhost no matter where the A record points. The mail is sent to the MX host. - You cannot do this yourself unless you are running a DNS - server. If you are not, or cannot run your own DNS server, talk - to your ISP or whoever provides your DNS. + You cannot do this yourself unless you are running a + DNS server. If you are not, or cannot run + your own DNS server, talk to your ISP or + whoever provides your DNS. If you are doing virtual email hosting, the following - information will come in handy. For this example, we - will assume you have a customer with his own domain, in this - case customer1.org, and you want - all the mail for customer1.org - sent to your mailhost, mail.myhost.com. The entry in your DNS - should look like this: + information will come in handy. For this example, we will + assume you have a customer with his own domain, in this case + customer1.org, and you want + all the mail for customer1.org sent to your mailhost, + mail.myhost.com. The entry in your + DNS should look like this: customer1.org MX 10 mail.myhost.com @@ -1258,10 +1312,11 @@ SMTP with UUCP - The sendmail configuration that ships with FreeBSD is - designed for sites that connect directly to the Internet. Sites - that wish to exchange their mail via UUCP must install another - sendmail configuration file. + The sendmail configuration that + ships with &os; is designed for sites that connect directly to the + Internet. Sites that wish to exchange their mail via UUCP must + install another sendmail configuration + file. Tweaking /etc/mail/sendmail.cf manually is an advanced topic. sendmail version 8 generates config files @@ -1271,9 +1326,9 @@ /usr/src/usr.sbin/sendmail/cf. If you did not install your system with full sources, the - sendmail configuration set has been broken out into a separate source - distribution tarball. Assuming you have your FreeBSD source code - CDROM mounted, do: + sendmail configuration set has been + broken out into a separate source distribution tarball. Assuming + you have your &os; source code CDROM mounted, do: &prompt.root; cd /cdrom/src &prompt.root; cat scontrib.?? | tar xzf - -C /usr/src/contrib/sendmail @@ -1322,12 +1377,12 @@ The lines containing accept_unresolvable_domains, nocanonify, and - confDONT_PROBE_INTERFACES features will - prevent any usage of the DNS during mail delivery. The + confDONT_PROBE_INTERFACES features will prevent + any usage of the DNS during mail delivery. The UUCP_RELAY clause is needed to support UUCP delivery. Simply put an Internet hostname there that is able to - handle .UUCP pseudo-domain addresses; most likely, you will - enter the mail relay of your ISP there. + handle .UUCP pseudo-domain addresses; most likely, you will enter + the mail relay of your ISP there. Once you have this, you need an /etc/mail/mailertable file. If you have @@ -1597,7 +1652,7 @@ pwcheck_method: passwd This method will enable sendmail - to authenticate against your FreeBSD passwd + to authenticate against your &os; passwd database. This saves the trouble of creating a new set of usernames and passwords for each user that needs to use SMTP authentication, and keeps the login @@ -1711,7 +1766,7 @@ way they interact with email; this gives users increased functionality and flexibility. &os; contains support for numerous mail user agents, all of which can be easily installed - using the FreeBSD Ports Collection. + using the &os; Ports Collection. Users may choose between graphical email clients such as evolution or balsa; console based clients such as @@ -2224,12 +2279,12 @@ and places each list in it's own mailbox. :0 -* ^Sender:.owner-freebsd-\/[^@]+@FreeBSD.ORG +* ^Sender:.owner-freebsd-\/[^@]+@&os;.ORG { LISTNAME=${MATCH} :0 * LISTNAME??^\/[^@]+ - FreeBSD-${MATCH} + &os;-${MATCH} } @@ -2243,4 +2298,4 @@ sgml-always-quote-attributes: t sgml-parent-document: ("../book.sgml" "part" "chapter") End: ---> \ No newline at end of file +--> >Release-Note: >Audit-Trail: >Unformatted: