So I'm trying to setup sendmail 8.11 on Solaris 10 .
This MTA will receive mail from public internet, it's on our DMZ.
This server will answer email for approximately 200 domains. All mail
does not end up at the same host internally, it is split out to 3
different mail environments.
I'm assuming I need to user a mailertable, and possibly relay-
domains.
I'm also confused a bit about what the submit.cf/.mc is used for? it
looks just like the sendmail.cf/mc?
Any assistance would be greatly appreciated.
-Don
Welcome.
> So I'm trying to setup sendmail 8.11 on Solaris 10.
You might want to look in to upgrading to at least 8.13.x as your 8.11
is extremely old. (I don't remember 8.11 and I've been working with
Sendmail for 5+ years.)
> This MTA will receive mail from public internet, it's on our DMZ.
> This server will answer email for approximately 200 domains. All
> mail does not end up at the same host internally, it is split out to
> 3 different mail environments.
*nod*
Are you going to do any spam / virus filtering with milters?
Are you going to be using this system as an outbound relay too?
> I'm assuming I need to user a mailertable, and possibly
> relay-domains.
Yes, you are correct.
> I'm also confused a bit about what the submit.cf/.mc is used for? it
> looks just like the sendmail.cf/mc?
If I recall correctly, submit is used when a local user / program
submits mail to to the mail server on the system verses when the server
is acting as a destination mail server and / or a mail relay for other
servers.
> Any assistance would be greatly appreciated.
*nod*
See if that helps and ask any questions you may have.
Grant. . . .
Thanks for the reply Grant.
This system will not be doing any virus\spam filtering. An external
service will deliver clean mail to us. So we should in theory only
receive external mail from one class c ip range.
From sendmail it will relay to the internal network.
I was mistaken on the version we are using Version 8.13.8+Sun
Initially for testing I'll be sending directly out to the public
internet but long term mail will be delivered to the spam vendor and
they will deliver it to intended recipient.
That's good to know about the submit.cf...I no longer need to mess
with that.
It seems when I run the m4 to update the cf file that the output does
not look like many examples I have seen.
I'm doing this.
sudo /usr/ccs/bin/m4 myconf.mc > sendmail.cf
It seems like the m4 just takes out all the CRLF and nothing
else...the cf that is created
When I try and load that config it doesn't work...
-Don
> I'm new to sendmail and UNIX but not new to email. I administer a
> Lotus Domino and MS Exchange environment.
>
> So I'm trying to setup sendmail 8.11 on Solaris 10 .
>
> This MTA will receive mail from public internet, it's on our DMZ.
> This server will answer email for approximately 200 domains. All mail
> does not end up at the same host internally, it is split out to 3
> different mail environments.
>
> I'm assuming I need to user a mailertable, and possibly relay-
> domains.
You assumptions are "no longer valid". They had been perfectly
valid before "dictionary recipient" spam era. Now-days *professional*
"Internet email gateway" *MUST* reject messages addressed to non
existing internal mailboxes in reply to "RCPT TO:". Otherwise it will
act as "trash redirector" sending bounces caused by spam with faked
envelope sender to non existing mailboxes.
[ See http://www.backscatterer.org/ ]
I would suggest you using FEATURE(`ldap_routing') to make the gateway
know which recipients and valid and which internal mail server handles
them [ it can use standard sendmail maps (hash/dbm) instead of LDAP].
http://www.sendmail.org/m4/ldap_routing.html
Solution based on LDAP would allow you to
* easily add additional gateways
* make (some) internal servers send directly messages to recipients in
"shared company wide" domain
> I'm also confused a bit about what the submit.cf/.mc is used for? it
> looks just like the sendmail.cf/mc?
submit.cf is used when local user send email by executing "sendmail"
program. It hardly ever requires tuning. It sends messages to
127.0.0.1:25, it has been added to avoid traditional "set root id"
installation now days considered a security risk.
--
[pl>en Andrew] Andrzej Adam Filip : an...@priv.onet.pl : an...@xl.wp.pl
Watch your mouth, kid, or you'll find yourself floating home.
-- Han Solo