Unknown users not being rejected at RCPT TO:
Baurzhan Ismagulov
I use Cyrus v2 to serve two domains and have the same problem as
described here:
I have no problem listing all users in those domains in virtusertable.
So, I've tried removing the "define(`confLOCAL_MAILER', `cyrusv2')dnl"
line and adding the settings described in
http://anfi.homeunix.net/sendmail/localNalias.html .
However, I had the following problems:
1. virtusertable entries like "us...@domain.com user@CYRUSV2" are causing
mail to be returned with the message "554 5.0.0 MX list for
cyrusv2.domain.com. points back to mx.domain.com". My ISP uses wildcard
DNS records (not sure whether they are called so), i.e.,
cyrusv2.domain.com has A x.y.z.t and mx.domain.com has A x.y.z.t.
2. Undefining cyrusv2 as the default mailer results in e-mails accepted
and delivered for users in /etc/passwd, like sy...@domain.com. I'm
really reluctant to adding all of them to the access_db.
How can I solve these problems?
Thanks in advance,
--
Baurzhan Ismagulov
http://www.kz-easy.com/
Andrzej Filip http://anfi.homeunix.net/
> Hello all,
>
> I use Cyrus v2 to serve two domains and have the same problem as
> described here:
>
> http://groups.google.com/group/comp.mail.sendmail/browse_frm/thread/94b1f595325c3dc6/7b4ba2e4544b69dc?lnk=gst&q=postmaster+notify+user+unknown&rnum=13#7b4ba2e4544b69dc
>
> I have no problem listing all users in those domains in virtusertable.
> So, I've tried removing the "define(`confLOCAL_MAILER', `cyrusv2')dnl"
> line and adding the settings described in
> http://anfi.homeunix.net/sendmail/localNalias.html .
>
> However, I had the following problems:
>
> 1. virtusertable entries like "us...@domain.com user@CYRUSV2" are causing
> mail to be returned with the message "554 5.0.0 MX list for
> cyrusv2.domain.com. points back to mx.domain.com". My ISP uses wildcard
> DNS records (not sure whether they are called so), i.e.,
> cyrusv2.domain.com has A x.y.z.t and mx.domain.com has A x.y.z.t.
Have you added CYRUSV2 to P class (list)?
#v+
LOCAL_CONFIG
CPCYRUS CYRUSV2 LOCAL
#v-
http://anfi.homeunix.net/sendmail/localNalias.html
> 2. Undefining cyrusv2 as the default mailer results in e-mails accepted
> and delivered for users in /etc/passwd, like sy...@domain.com. I'm
> really reluctant to adding all of them to the access_db.
>
> How can I solve these problems?
>
> Thanks in advance,
--
[pl>en: Andrew] Andrzej Adam Filip : an...@priv.onet.pl : an...@xl.wp.pl
Before You Ask: http://anfi.homeunix.net/sendmail/B4UAsk-Sendmail.html
http://anfi.homeunix.net/sendmail/ [orkut,linkedin,xing]
Baurzhan Ismagulov
On 2007-02-11, Andrzej Filip http://anfi.homeunix.net/ <an...@onet.eu> wrote:
>> 1. virtusertable entries like "us...@domain.com user@CYRUSV2" are causing
>> mail to be returned with the message "554 5.0.0 MX list for
>> cyrusv2.domain.com. points back to mx.domain.com". My ISP uses wildcard
>> DNS records (not sure whether they are called so), i.e.,
>> cyrusv2.domain.com has A x.y.z.t and mx.domain.com has A x.y.z.t.
>
> Have you added CYRUSV2 to P class (list)?
D'oh! They were commented out since my last attempt as "dnl
#LOCALCONFIG". So, I removed the "dnl" part :) . It works now, thanks
much!
Any ideas about the one below?
>> 2. Undefining cyrusv2 as the default mailer results in e-mails accepted
>> and delivered for users in /etc/passwd, like sy...@domain.com. I'm
>> really reluctant to adding all of them to the access_db.
With kind regards,
Andrzej Filip http://anfi.homeunix.net/
> [...]
> Any ideas about the one below?
>
>>> 2. Undefining cyrusv2 as the default mailer results in e-mails accepted
>>> and delivered for users in /etc/passwd, like sy...@domain.com. I'm
>>> really reluctant to adding all of them to the access_db.
>
> With kind regards,
You may:
* use one of recipes describes at
http://anfi/homeunix.net/sendmail/#cyrus e.g. RTCyrus3
*OR*
* keep cyrus as local mailer [define(`confLOCAL_MAILER', `cyrusv2')] and
use the recipe below '---'
(inspired by a query from support at civeng adelaide edu au and tested
by the same person - to be published this week, I hope).
RTCyrus3 is concentrated on supporting cyrus imap virtual domains,
the solution below is best fit for cyrus used as local mailer.
-------------------------------------------------------------------
I suggest you to use LUSER_RELAY with *modified* check of existing
accounts/mailboxes.
1) In sendmail.mc
1A) add F=5 flag to cyrusv2 mailer flags (it turns on processing of post
aliases rule set in which LUSER_RELAY is handled)
MODIFY_MAILER_FLAGS(`CYRUSV2',`+5')dnl
1B) add LUSER_RELAY to sendmail.mc (relay for unknown local users)
define(`LUSER_RELAY',`error:nouser User unknown')dnl
2) In generated sendmail.cf change definition of map (database lookup
spec) used to check local user existence (single line change)
[ it can not be changed via sendmail.mc so far ]
Change
Kuser user -m -a<>
into
Kuser hash -m -a<> /etc/mail/user
3) list valid cyrus mailboxes
3A) In /etc/mail/user file list cyrus mailboxes
mailbox_name_1 OK
mailbox_name_2 OK
3B) compile "user" file using makemap
makemap hash user < user
4) You can test sendmail-test.cf using the commands below
echo "5 mailbox_name" | sendmail -bt -d60.5
sendmail -C sendmail-test.cf -d60.5 -bv mailbo...@your.domain
Check also behaviour for mailbox_name+detal
Kees Theunissen
> 2) In generated sendmail.cf change definition of map (database lookup
> spec) used to check local user existence (single line change)
> [ it can not be changed via sendmail.mc so far ]
>
> Change
> Kuser user -m -a<>
> into
> Kuser hash -m -a<> /etc/mail/user
It *can* be changed via sendmail.mc.
It is a little ugly but it works on my Slackware Linux 10.2
with GNU m4 1.4.2.
A define of `Kuser' will do the trick:
define(`Kuser',``Kuser hash -m -a<> /etc/mail/user
# Kuser'')dnl
$ diff test.cf /etc/mail/sendmail.cf
19c19
< ##### built by root@pcict9 on Tue Feb 13 23:41:44 CET 2007
---
> ##### built by root@pcict9 on Fri Jun 30 17:24:07 CEST 2006
89,90c89
< Kuser hash -m -a<> /etc/mail/user
< # Kuser user -m -a<>
---
> Kuser user -m -a<>
Regards,
Kees.
--
Kees Theunissen.
Andrzej Filip http://anfi.homeunix.net/
I stand corrected. Thank you for your simple *after* 'hack' :-)
Baurzhan Ismagulov
On 2007-02-13, Andrzej Filip http://anfi.homeunix.net/ <an...@onet.eu> wrote:
> * keep cyrus as local mailer [define(`confLOCAL_MAILER', `cyrusv2')] and
> use the recipe below '---'
> -------------------------------------------------------------------
> I suggest you to use LUSER_RELAY with *modified* check of existing
> accounts/mailboxes.
Thanks much, this works great!
Andrzej Filip http://anfi.homeunix.net/
> Hello Andrzej and Kees,
>
> On 2007-02-13, Andrzej Filip http://anfi.homeunix.net/ <an...@onet.eu> wrote:
>> * keep cyrus as local mailer [define(`confLOCAL_MAILER', `cyrusv2')] and
>> use the recipe below '---'
>> -------------------------------------------------------------------
>> I suggest you to use LUSER_RELAY with *modified* check of existing
>> accounts/mailboxes.
>
> Thanks much, this works great!
Could post two sentences about you cyrus-sendmail installation?
e.g. I would like to know why have you decided not to use RTCyrus2/3?
[ querying cyrus imapd directly in "real time" using socket map ]
Baurzhan Ismagulov
I haven't checked the news for a long time, sorry.
On Sat, Feb 17, 2007 at 02:50:51AM +0100, Andrzej Filip http wrote:
> > On 2007-02-13, Andrzej Filip http://anfi.homeunix.net/ <an...@onet.eu> wrote:
> >> * keep cyrus as local mailer [define(`confLOCAL_MAILER', `cyrusv2')] and
> >> use the recipe below '---'
> >> -------------------------------------------------------------------
> >> I suggest you to use LUSER_RELAY with *modified* check of existing
> >> accounts/mailboxes.
> >
> > Thanks much, this works great!
>
> Could post two sentences about you cyrus-sendmail installation?
>
> e.g. I would like to know why have you decided not to use RTCyrus2/3?
> [ querying cyrus imapd directly in "real time" using socket map ]
I just moved an old working config to a new server. At that moment I
didn't know about RTCyrus. I stumbled upon it reading your sendmail
pages (very useful stuff, thanks much!) and was very excited, but never
had time to look at it. Can I use it with stock sendmail 8.13.8 without
patching any configs / source files?
I'm also curious about open-sendmail, perhaps you could spend a couple
of words about it -- is it a fork, or a patchset, what are the
distinguishing features, sendmail compatibility goals, etc.?
Andrzej Adam Filip
> Hello Andrzej,
> I haven't checked the news for a long time, sorry.
>
> On Sat, Feb 17, 2007 at 02:50:51AM +0100, Andrzej Filip http wrote:
>> [...]
> I just moved an old working config to a new server. At that moment I
> didn't know about RTCyrus. I stumbled upon it reading your sendmail
> pages (very useful stuff, thanks much!) and was very excited, but never
> had time to look at it. Can I use it with stock sendmail 8.13.8 without
> patching any configs / source files?
*Patching* the sources is not necessary, recompilation may be necessary
if sendmail provided by your distribution is not compiled with socket
map support.
#v+
To check if sendmail is compiles with socket map support use:
/usr/sbin/sendmail -bt -d0.1 </dev/null | grep SOCKETMAP
#v-
> I'm also curious about open-sendmail, perhaps you could spend a couple
> of words about it -- is it a fork, or a patchset, what are the
> distinguishing features, sendmail compatibility goals, etc.?
http://open-sendmail.sourceforge.net/ *currently* is a set of patches to
m4 files sendmail uses to generate sendmail.cf
[ copied from http://anfi.homeunix.net/sendmail/ and ]
[ http://groups.google.com/group/cyrus-sendmail ]
I decided it would be a good idea to try to keep features not included
(yet?) in sendmail.org distribution in one place.
> With kind regards,
--
[pl>en: Andrew] Andrzej Adam Filip : an...@priv.onet.pl : an...@xl.wp.pl
[Sir Stafford Cripps] has all the virtues I dislike and none of the
vices I admire.
-- Winston Churchill