festive
asked on
Native sendmail.cf for Solaris
Greetings sendmail gods:
UPDATED:
I have bit the bullet and changed the hostname to
mailman.batman.com and installed a modified copy of
the subsidiary.cf file as sendmail.cf.
Everything works fine except when LOCAL UNIX USERS
send email. The mail is reported to come from
"user@mailman.batman.com", not "user@batman.com".
I will award "500" points to anyone who can help me solve this.
************************** ********** **********
Original Message:
I have a system that is configured with Native Solaris mail (110615-04). My problem:
I have a TLD (Top Level Domain), eg
batman.com
mail works fine in and out.
the problem is due to the fact that the system name is "batman.com".
by default (and a bloody stupid one too) sendmail allows relaying to subdomain traffic (ie .COM) - which is clearly undesirable.
The question:
without changing the hostname, how do i get relaying to stop for the .com domain?
I would also prefer not to muck about with m4 - hacking the sendmail.cf is preferred.
(the cf file is based on "main.cf")
UPDATED:
I have bit the bullet and changed the hostname to
mailman.batman.com and installed a modified copy of
the subsidiary.cf file as sendmail.cf.
Everything works fine except when LOCAL UNIX USERS
send email. The mail is reported to come from
"user@mailman.batman.com",
I will award "500" points to anyone who can help me solve this.
**************************
Original Message:
I have a system that is configured with Native Solaris mail (110615-04). My problem:
I have a TLD (Top Level Domain), eg
batman.com
mail works fine in and out.
the problem is due to the fact that the system name is "batman.com".
by default (and a bloody stupid one too) sendmail allows relaying to subdomain traffic (ie .COM) - which is clearly undesirable.
The question:
without changing the hostname, how do i get relaying to stop for the .com domain?
I would also prefer not to muck about with m4 - hacking the sendmail.cf is preferred.
(the cf file is based on "main.cf")
Missed this one.
http://www.sendmail.org/%7Eca/email/chk-cf.html
http://www.sendmail.org/%7Eca/email/chk-cf.html
ASKER
read the URL's - not really what I was looking for:
I need to just remove relay capability from ".com"
when I start sendmail with a -d flag it lists .com as a subdomain - is there a way to override this behaviour.
ie how can we TELL sendmail that the host is actually "mail.batman.com" and that we accept mail for "users@batman.com" but not "users@spammer.com"
I had all of this working fine before the domain changed to a TLD (ie .com)
I need to just remove relay capability from ".com"
when I start sendmail with a -d flag it lists .com as a subdomain - is there a way to override this behaviour.
ie how can we TELL sendmail that the host is actually "mail.batman.com" and that we accept mail for "users@batman.com" but not "users@spammer.com"
I had all of this working fine before the domain changed to a TLD (ie .com)
Take a look at this link. Apology, I do not have access to Solaris box to take a peek.
http://www.kempston.net/solaris/configsendmail.html
There a link at Sendmail's website that might be related: http://www.sendmail.org/vendor/sun/
If I can recall, toward the top of the config file, there is a keyword, something that talks about "if the machine cannot identify it's dns domain". I do not have the reference off hand.
"The $m macro contains the name of the parent domain. "
http://www.kempston.net/solaris/configsendmail.html
There a link at Sendmail's website that might be related: http://www.sendmail.org/vendor/sun/
If I can recall, toward the top of the config file, there is a keyword, something that talks about "if the machine cannot identify it's dns domain". I do not have the reference off hand.
"The $m macro contains the name of the parent domain. "
OK. got it from this site: http://www.cisco.com/univercd/cc/td/doc/product/voice/uone/srvprov/r43s/infrastr/appxb.htm
# my official domain name
# ... define this only if sendmail cannot automatically determine your domain
#Dj$w.Foo.COM
Maybe you might want to change it to
-------
# my official domain name
# ... define this only if sendmail cannot automatically determine your domain
#Dj$w.Foo.COM
Djbatman.com
# my official domain name
# ... define this only if sendmail cannot automatically determine your domain
#Dj$w.Foo.COM
Maybe you might want to change it to
-------
# my official domain name
# ... define this only if sendmail cannot automatically determine your domain
#Dj$w.Foo.COM
Djbatman.com
ASKER
ok - I have bit the bullet and changed my fqdn
to mailhost.batman.com
I can receive mail for the domain ok and when sending through the system (as an authorised relay) it works.
the problem (hopefully the last) is that from the UNIX
system (ie the mailhost) if messages are sent out -
they are incorrectly addressed (ie they appear to come
from "user@mailhost.batman.com"
how do I get sendmail to strip off the "mailhost" (or hostname) bit and correctly send mail.
(whilst leaving the relay bits and others ok).
to mailhost.batman.com
I can receive mail for the domain ok and when sending through the system (as an authorised relay) it works.
the problem (hopefully the last) is that from the UNIX
system (ie the mailhost) if messages are sent out -
they are incorrectly addressed (ie they appear to come
from "user@mailhost.batman.com"
how do I get sendmail to strip off the "mailhost" (or hostname) bit and correctly send mail.
(whilst leaving the relay bits and others ok).
You can use DM (Domain Masquerading).
Look for DM keyword;
----
# who I masquerade as (null for no masquerading) (see also $=M)
DM
And change it to:
----
# who I masquerade as (null for no masquerading) (see also $=M)
DMbatman.com
and restart sendmail.
Look for DM keyword;
----
# who I masquerade as (null for no masquerading) (see also $=M)
DM
And change it to:
----
# who I masquerade as (null for no masquerading) (see also $=M)
DMbatman.com
and restart sendmail.
ASKER
I already had this set to batman.com
- no luck.
still being addressed as from "user@mailhost.batman.com"
- no luck.
still being addressed as from "user@mailhost.batman.com"
This is strange, I've tested on my machine Rh7.2 sendmail 8.11.6. Suppose the version/platform is different, but that should not be affecting the DM.
Try adding these, and rememeber to hash out (#) the exisingting DM, or C{M}, if there is any.
----
DMbatman.com
C{M}batman.com
And restart sendmail:
/etc/init.d/sendmail stop
/etc/init.d/sendmail start
Try adding these, and rememeber to hash out (#) the exisingting DM, or C{M}, if there is any.
----
DMbatman.com
C{M}batman.com
And restart sendmail:
/etc/init.d/sendmail stop
/etc/init.d/sendmail start
ASKER
Tried - same result.
it only happens on the local mailserver
ie it is not hiding it's local hostname :-(
why is the local host name being picked up?
running sendmail -d gives:
System Identity after readcf
short domain name $w = mailhost
canonical domain name $j = mailhost.batman.com
subdomain name $m = batman.com
node name $k = mailhost
hence anything that goes out from the local host
is being addressed as coming from: $j or $k$m
There is an entry within Ruleset 96 that states:
"Handle special cases for local names"
and contains:
R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain
This is the last bit that I need to get working..
it only happens on the local mailserver
ie it is not hiding it's local hostname :-(
why is the local host name being picked up?
running sendmail -d gives:
System Identity after readcf
short domain name $w = mailhost
canonical domain name $j = mailhost.batman.com
subdomain name $m = batman.com
node name $k = mailhost
hence anything that goes out from the local host
is being addressed as coming from: $j or $k$m
There is an entry within Ruleset 96 that states:
"Handle special cases for local names"
and contains:
R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain
This is the last bit that I need to get working..
which user did you test your mail. Normall, root would not have their masqueraded. Try to send mail using other login.
Notice this option:
C{E}root
Notice this option:
C{E}root
ASKER
tried it as an untrusted / unlisted user...
same deal.
same deal.
Hmm...
Either we are stucked... or we had to wait for other "experts".
Personally, at this point, I would just do an "init 6" (reboot) and see if anything good comes out. -- if you can afford to restart the machine. I knew, this is too radical, but who knows.
Either we are stucked... or we had to wait for other "experts".
Personally, at this point, I would just do an "init 6" (reboot) and see if anything good comes out. -- if you can afford to restart the machine. I knew, this is too radical, but who knows.
ASKER
I will double the points (ie to 500) for anyone who has done this on Solaris 8 and can share this little secret:
ie
how to hide the local user@machine.domain for local UNIX users behind user@domain.
Note: All other users work fine: sendmail.cf file is based on subsidiary.cf
This is really irritating and the last bit i need to do to fix the problem.
ie
how to hide the local user@machine.domain for local UNIX users behind user@domain.
Note: All other users work fine: sendmail.cf file is based on subsidiary.cf
This is really irritating and the last bit i need to do to fix the problem.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I just hate to answer my own questions - but this may be useful to any poor unfortunates that have to do this themselves:
The biggest problem is that all of the resources are either out of date or for generic sendmail.
Solaris Sendmail appears very different.
To Recap:
************************** ********** ********** ********** **
Telling your Solaris Sendmail Server to hide it's actual
hostname.
************************** ********** ********** ********** **
eg you have a server called mailhost.mydomain.com
and your mail addresses are address@mydomain.com
and when you send email from the local UNIX system
it goes out addressed as from user@mailhost.mydomain.com
and you want it to be user@mydomain.com
Here is what you do:
ensure that your hostnames are correct:
you can check this with: sendmail -d
this will display the host, dns and node names etc
edit your /etc/mail/sendmail.cf file as usual.
locate the line "SEnvFromSMTP=11"
underneath it will be a line that is commented:
"change to mail server" and should start with:
R$+ and contain the word "Canonify2".
within this line: replace the ${ms} with $m
likewise - locate the line "SHdrFromSMTP=31"
underneath it will be a line that is commented:
"change to mail server" and should start with:
R$+ and contain the word "Canonify2".
within this line: replace the ${ms} with $m
restart sendmail and voila - all is well.
The biggest problem is that all of the resources are either out of date or for generic sendmail.
Solaris Sendmail appears very different.
To Recap:
**************************
Telling your Solaris Sendmail Server to hide it's actual
hostname.
**************************
eg you have a server called mailhost.mydomain.com
and your mail addresses are address@mydomain.com
and when you send email from the local UNIX system
it goes out addressed as from user@mailhost.mydomain.com
and you want it to be user@mydomain.com
Here is what you do:
ensure that your hostnames are correct:
you can check this with: sendmail -d
this will display the host, dns and node names etc
edit your /etc/mail/sendmail.cf file as usual.
locate the line "SEnvFromSMTP=11"
underneath it will be a line that is commented:
"change to mail server" and should start with:
R$+ and contain the word "Canonify2".
within this line: replace the ${ms} with $m
likewise - locate the line "SHdrFromSMTP=31"
underneath it will be a line that is commented:
"change to mail server" and should start with:
R$+ and contain the word "Canonify2".
within this line: replace the ${ms} with $m
restart sendmail and voila - all is well.
ASKER
Even though you did not resolve the problem
you were the only one willing to risk life
and limb delving into the bowels of sendmail.
I appreciate your input.
Maybe I will see you in the Solaris Forum :-)
Thanks
Festive
you were the only one willing to risk life
and limb delving into the bowels of sendmail.
I appreciate your input.
Maybe I will see you in the Solaris Forum :-)
Thanks
Festive
festive,
I just came back from a two days gateway (weekend).
The information is certainly very new to me. I knew that Sun's version on Sendmail (and most other products) are a bit "tuned-up" to Sun's specific.
Anyhow, it is very useful. Perhaps you might want to share with us the URL maybe.
In most scenario, the DM option should have done the work.
Anyway, I certainly would appreciate the pts (even though I don't feel 100% entitled to it). For appreciatin: Gracias.
cheers.
I just came back from a two days gateway (weekend).
The information is certainly very new to me. I knew that Sun's version on Sendmail (and most other products) are a bit "tuned-up" to Sun's specific.
Anyhow, it is very useful. Perhaps you might want to share with us the URL maybe.
In most scenario, the DM option should have done the work.
Anyway, I certainly would appreciate the pts (even though I don't feel 100% entitled to it). For appreciatin: Gracias.
cheers.
ASKER
There was no URL - that is the problem :-(
I have found this by scouring the web.
all of the existing stuff at kempston and sunsolve
are for the older versions.
if ever you need help with this - I am a wizard now
(although it was a close call!)
I have found this by scouring the web.
all of the existing stuff at kempston and sunsolve
are for the older versions.
if ever you need help with this - I am a wizard now
(although it was a close call!)
http://www.sendmail.org/%7Eca/email/check.html#check_rcpt
http://www.sendmail.org/~ca/email/chk-relay-map.html
I hope this is applicable to you scenario.
Good luck.