Re: aaaargghh.. sendmail again
Bernt Hansson
>
> N machines on a "ficticious net "fred.com" (not the real name).
>
> neet to get email out to the real world. via connected server
> mailgate.real.domain. (ficticious name)
>
> They pass it forward to a server on their net "server.ficticious.net"
> which uses the "Smarthost" option in Sendmail to
> forward them on to mailgate.real.domain,
> however mailgaet will not accept the mail unless the "sender"
> resolves to something real. I have no control over that machine.
You have to tell the admin of your smarthost to take your mail.
Julian Elischer
N machines on a "ficticious net "fred.com" (not the real name).
neet to get email out to the real world. via connected server
mailgate.real.domain. (ficticious name)
They pass it forward to a server on their net "server.ficticious.net"
which uses the "Smarthost" option in Sendmail to
forward them on to mailgate.real.domain,
however mailgaet will not accept the mail unless the "sender"
resolves to something real. I have no control over that machine.
I am trying to alter the sendmail config on server.ficticious.net
so that it rewrites the sender (both envelope and header)
to be from mum...@registered.domain.
the sendmail m4 config file now has:
divert(0)
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.10.2.17 2002/11/14
03:21:18 keramida Exp $')
OSTYPE(freebsd4)
DOMAIN(generic)
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(blacklist_recipients)
FEATURE(local_lmtp)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')
FEATURE(genericstable, `hash -o /etc/mail/senders.db')
FEATURE(masquerade_entire_domain)
FEATURE(local_no_masquerade)
FEATURE(masquerade_envelope)
define(`SMART_HOST', `mailgate.vicor-nb.com')
MASQUERADE_AS(`registered.domain')
MASQUERADE_DOMAIN(`ficticious.net')
MASQUERADE_DOMAIN(`server.ficticious.net')
where /etc/mail/senders.db
contains: the 'has' version of:
root j...@registered.domain
ro...@server.ficticious.net jr...@registered.domain
So, by 2 different methods I'm trying to get the mail to say its coming from
registered.domain but it isn't doing it, leaving it as comig from
server.ficticious.net
is there a trick to this?
Julian Elischer
direct or indirect.
>
Giorgos Keramidas
Hi Julian,
Have you also tried sending email from a non-root account? The root
user is "exposed" by default in Sendmail. This means that the root user
will *NOT* be masqueraded or remapped through genericstable. You can
see that the root user is exposed by looking at the {E} class:
gothmog:/etc/mail# grep '{E}' sendmail.cf
C{E}root
Try sending email from a different local user or remove the root user
from the {E} class (by manually editing sendmail.cf and restarting
Sendmail).
Giorgos Keramidas
> > That's funny. I can see root in the E class even in the standard freebsd.cf
> > generated from the freebsd.mc file we have in src/etc/sendmail:
>
> Aha, DOMAIN(generic) has the EXPOSED_USER() call. That is what is
> adding it in.
Very true. Is that correct though, or should we remove it from the
generic.m4 file of FreeBSD?
It would be nice to have all the existing options of DOMAIN(generic), like
confFORWARD_PATH or confMAX_HEADERS_LENGTH, without having to duplicate
them in freebsd.mc (or the local equivalent) but without also exposing
automatically usernames like 'root'.
Gregory Neil Shapiro
Gregory Neil Shapiro
> user is "exposed" by default in Sendmail. This means that the root user
> will *NOT* be masqueraded or remapped through genericstable. You can
> see that the root user is exposed by looking at the {E} class:
>
> gothmog:/etc/mail# grep '{E}' sendmail.cf
> C{E}root
That hasn't be the case since 8.10.0, released more than five years ago.
Giorgos, you should update your configuration.
8.10.0/8.10.0 2000/03/01
CONFIG: Removed root from class E; use EXPOSED_USER(`root')
to get the old behavior. Suggested by Joe Pruett
of Q7 Enterprises.
Gregory Neil Shapiro
> so that it rewrites the sender (both envelope and header)
> to be from mum...@registered.domain.
>
> the sendmail m4 config file now has:
Your config plus the addition of FEATURE(allmasquerade) in case some of
the local addresses are Cc'ed on mail going out of your domain should do
the job.
However, since you are sending this question, it looks like that isn't
the case.
What is the output of:
# sendmail -Am -bt
> /tryflags es
> /try relay some...@fictious.domain
(where that address is replaced with the actual one that isn't working)
Feel free to send the debug output from the above command to me directly
if you are worried about revealing confidential info to the mailing list
at large.
Giorgos Keramidas
That's funny. I can see root in the E class even in the standard freebsd.cf
generated from the freebsd.mc file we have in src/etc/sendmail:
% gothmog:/etc/mail# cp /usr/src/etc/sendmail/freebsd.mc .
% gothmog:/etc/mail# cp /usr/src/etc/sendmail/freebsd.submit.mc .
% gothmog:/etc/mail# make freebsd.cf
% /usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ /usr/share/sendmail/cf/m4/cf.m4 freebsd.mc > freebsd.cf
% gothmog:/etc/mail# grep '{E}' freebsd.cf
% C{E}root
I must be doing something wrong.
Gregory Neil Shapiro
> generic.m4 file of FreeBSD?
No, I don't want to diverge from Sendmail's source any more than we
already have for a variety of reasons.
Giorgos Keramidas
That's ok :-)
Just to summarize then, the solution to Julian's problem then is either
one of:
a) Manually edit the generated sendmail.cf and remove the C{E}root line.
b) Avoid using DOMAIN(generic) and manually copy over whatever seems
interesting from generic.m4 into his local sendmail.mc file and then
regenerate sendmail.cf from that .mc file.
I'd probably go for choise (b), because it doesn't require remembering
local "hacks" like "open that file in your editor, remove that line, add
this one, etc."
Julian Elischer
On Tue, 5 Jul 2005, Gregory Neil Shapiro wrote:
>> I am trying to alter the sendmail config on server.ficticious.net
>> so that it rewrites the sender (both envelope and header)
>> to be from mum...@registered.domain.
>>
>> the sendmail m4 config file now has:
>
> Your config plus the addition of FEATURE(allmasquerade) in case some of
> the local addresses are Cc'ed on mail going out of your domain should do
> the job.
the documentatio suggests that allmasquerade willalso cause some of the
recipients to be rewritten. I'm not sure if I want that.
However I'll try it and see if it helps.
Julian Elischer
thanks all.
Julian Elischer
Giorgos Keramidas wrote:
> On 2005-07-05 19:31, Gregory Neil Shapiro <gsha...@freebsd.org> wrote:
>
>>>Very true. Is that correct though, or should we remove it from the
>>>generic.m4 file of FreeBSD?
>>
>>No, I don't want to diverge from Sendmail's source any more than we
>>already have for a variety of reasons.
this turned out to be the problem.
>
>
> That's ok :-)
>
> Just to summarize then, the solution to Julian's problem then is either
> one of:
>
> a) Manually edit the generated sendmail.cf and remove the C{E}root line.
>
> b) Avoid using DOMAIN(generic) and manually copy over whatever seems
> interesting from generic.m4 into his local sendmail.mc file and then
> regenerate sendmail.cf from that .mc file.
>
> I'd probably go for choise (b), because it doesn't require remembering
> local "hacks" like "open that file in your editor, remove that line, add
> this one, etc."
generic.m4 is really small so I just included all of it except the
offending line..
thanks..
>
Lane
Why not run BIND on mailgate and set /etc/resolv.conf to use nameserver
localhost, and named.conf to use any required forwarders?
This way you can monkey with the local DNS config and not have to do anything
special with sendmail.
Or ... maybe the problem is really over my head, and I just can't accept the
fact :)
lane