From owner-freebsd-questions  Thu Jun  3 20:56:16 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from tertius.nobletec.com (nobletec.ne.mediaone.net [24.128.83.127])
	by hub.freebsd.org (Postfix) with ESMTP id 4D82714D91
	for <freebsd-questions@freebsd.org>; Thu,  3 Jun 1999 20:56:05 -0700 (PDT)
	(envelope-from johnm@tertius.nobletec.com)
Received: from tertius.nobletec.com (localhost [127.0.0.1])
	by tertius.nobletec.com (8.9.3/8.9.3) with ESMTP id XAA01244;
	Thu, 3 Jun 1999 23:55:56 -0400 (EDT)
	(envelope-from johnm@tertius.nobletec.com)
Message-Id: <199906040355.XAA01244@tertius.nobletec.com>
X-Mailer: exmh version 1.6.9 8/22/96
To: durham@w2xo.pgh.pa.us
Cc: johnm@nobletec.com, freebsd-questions@freebsd.org
Subject: RE: sendmail check_rcpt fix
Mime-Version: 1.0
Content-Type: text/plain
Date: Thu, 03 Jun 1999 23:55:56 -0400
From: John Meneghini <johnm@nobletec.com>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Jim,

*THANK YOU* for posting this.  Yes, I too was going crazy.  And your
post, which I found in the FreeBSD mail archive, saved the day.  

The only problem I had was that when I cut and paste the text from
your email into my sendmail.cf file, it apparently converted the tabs
into spaces.  The sendmail program balked at this and crashed, but it
was pretty obvious what was wrong:

 Jun  3 17:54:04 tertius sendmail[1307]: restarting /usr/sbin/sendmail on 
signal
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 980: invalid rewrite line "R^A+                     ^A: 
^A(dequote "" ^A&$ ^A) ^A| ^A1" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 981: invalid rewrite line "R0 ^A| ^A*                
^A@ ok                   no client addr: directly invoked" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 982: invalid rewrite line "R^A= ^A* ^A| ^A*    ^A@ ok   
                from here" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 984: invalid rewrite line "R^A* ^A| ^A*               
^A: ^A>3 ^A2" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 986: invalid rewrite line "R^A+                     
^A:^A>removelocal ^A1" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 988: invalid rewrite line "R^A*<@^A+>^A*              
^A#error ^A@ 5.7.1 ^A: 550 we do not relay" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 993: invalid rewrite line "R^A*<@^A=w.>^A*            
^A: ^A>removelocal ^A>3 ^A1 ^A3" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 994: invalid rewrite line "R^A*<@^A*>^A*              
^A@ ^A1<@^A2>^A3" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 996: invalid rewrite line "R^A-                     ^A: 
^A>3 ^A(dequote ^A1 ^A)" (tab expected)
 Jun  3 17:54:05 tertius sendmail[1307]: NOQUEUE: SYSERR(root): 
/etc/sendmail.cf: line 997: invalid rewrite line "R^A*<@^A*>^A*              
^A: ^A>removelocal ^A1<@^A2>^A3" (tab expected)

It should also be noted that, depending upon your configurations, you
will need to add your localhost IP address to the /etc/mail/LocalIP
file.  Else you may see something like the following:

 Jun  3 23:46:14 tertius sendmail[1190]: XAA01190: ruleset=check_rcpt, arg1=<John.Meneghini@digital.com>, relay=localhost [127.0.0.1], reject=550 <John.Meneghini@digital.com>... we do not relay
 Jun  3 23:46:14 tertius sendmail[1190]: XAA01190: from=<johnm@tertius.nobletec.com>, size=0, class=0, pri=0, nrcpts=1, proto=ESMTP, relay=localhost [127.0.0.1]
 Jun  3 23:47:43 tertius sendmail[1201]: XAA01201: ruleset=check_rcpt, arg1=<John.Meneghini@digital.com>, relay=localhost [127.0.0.1], reject=550 <John.Meneghini@digital.com>... we do not relay
 Jun  3 23:47:43 tertius sendmail[1201]: XAA01201: from=<johnm@tertius.nobletec.com>, size=0, class=0, pri=0, nrcpts=1, proto=ESMTP, relay=localhost [127.0.0.1]

Otherwise, your instuctions where clear and precise.  For others who
may be interested, the information that Jim posted can also be found
at:

    http://www.sendmail.org/~ca/email/relayingdenied.html

and

    http://www.sendmail.org/~ca/email/check.html#check_rcpt

I am running with this rule set now and am (finally) sending email
from my private lan through the SMTP relay on my FreeBSD gateway
machine.

Thanks again, Jim, for thinking of others and posting this
information. 

/John

------------------------------------------------------------------------------ 
Date:      Tue, 20 Apr 1999 11:52:13 GMT
From:      "James C. Durham" <durham@w2xo.pgh.pa.us>
To:        freebsd-questions@freebsd.org
Subject:   sendmail check_rcpt fix
Message-ID:  <199904201152.LAA20066@w2xo.pgh.pa.us>

Maybe this has been posted, but I didn't see it and
it drove me nuts for a while.

The "check_rcpt" ruleset as shipped with the
sendmail.cf file that comes with the 3.1-RELEASE
appears to be broken. It does not allow machines
on a local LAN with unregistered IP addresses to
relay mail through a server running 3.1-RELEASE with
the stock sendmail.cf file. The mail is rejected with
"relaying denied" from the check_rcpt ruleset.

The fix I applied was to install a suggested check_rcpt
ruleset from sendmail.org and create two new files in
/etc/mail, "/etc/mail/LocalIP" and "/etc/mail/RelayTo".
The first contains the unregistered IP addresses of
machines on you LAN behind a firewall that are allowed
to relay mail. The second is just null, but must exist.

The ruleset is:

Scheck_rcpt
# first: get client addr
R$+                     $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $*                $@ ok                   no client addr: directly 
invoked
R$={LocalIP}$* $| $*    $@ ok                   from here
# not local, check rcpt
R$* $| $*               $: $>3 $2
# remove local part, maybe repeatedly
R$+                     $:$>removelocal $1
# still something left?
R$*<@$+>$*              $#error $@ 5.7.1 $: 550 we do not relay

Sremovelocal
# remove RelayTo part (maybe repeatedly)
# R$*<@$*$={RelayTo}.>$*        $>3 $1 $4
R$*<@$=w.>$*            $: $>removelocal $>3 $1 $3
R$*<@$*>$*              $@ $1<@$2>$3
# dequote local part
R$-                     $: $>3 $(dequote $1 $)
R$*<@$*>$*              $: $>removelocal $1<@$2>$3

##################################################

you must also put definitions for the two files near the
beginning of the sendmail.cf file. ie;

F{LocalIP} /etc/mail/LocalIP

F{RelayTo} /etc/mail/RelayTo

Hope this helps someone with the same problem.

regards,

Jim Durham

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message






















To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message