Sendmail and Splunk
Posted on 2008-11-03
Hi, I'm a relatively fresh Linux admin and I'm trying to get Splunk to send alerts out through sendmail. When I check /var/log/mail.log, I can see
"Nov 3 14:00:01 roi-compliance-01 sm-mta: mA3J01kR007448: <email@example.com>... User unknown
Nov 3 14:00:01 roi-compliance-01 sm-mta: mA3J01kR007448: from=<splunk@localhost>, size=1537, class=0, nrcpts=0, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]"
I also get "User unknown" when I run "sendmail -bv firstname.lastname@example.org."
How can I configure sendmail to simply forward email along to our Exchange server? I tried adding "define(`SMART_HOST',`mail.theroi.com')" to sendmail.mc, however "m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf" gives me "-bash: /etc/mail/sendmail.cf: Permission denied"
Any help would be greatly appreciated!