Ensurepass

17. Sendmail
17.1 Packages
1. sendmail
Contains the actual binaries and configuration files.
2. sendmail-cf
This package is required if you every want to reconfigure sendmail.
3. sendmail-doc
Contains documentation about sendmail.
Examples for the various configuration files are provided in /usr/share/doc/sendmail/README.cf.
17.2 Configuration Files
1. /etc/sendmail.cf
o Primary configuration file for sendmail.
o It’s recommended that you don’t edit this file by hand.
o Edit /etc/mail/sendmail.mc instead and regenerate /etc/sendmail.cf from it.
o mv /etc/sendmail.cf /etc/sendmail.cf.old
o m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
o
2. /etc/mail/sendmail.mc
o Used to generate /etc/sendmail.cf (see above).
o Easier to configure than /etc/sendmail.cf
o Default Redhat /etc/mail/sendmail.mc:
o divert(-1)
o dnl This is the sendmail macro config file. If you make changes to this file,
o dnl you need the sendmail-cf rpm installed and then have to generate a
o dnl new /etc/sendmail.cf by running the following command:
o dnl
o dnl m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
o dnl
o include(`/usr/share/sendmail-cf/m4/cf.m4′)
o VERSIONID(`linux setup for Red Hat Linux’)dnl
o OSTYPE(`linux’)
o define(`confDEF_USER_ID’,“8:12”)dnl
o undefine(`UUCP_RELAY’)dnl
o undefine(`BITNET_RELAY’)dnl
o define(`confAUTO_REBUILD’)dnl
o define(`confTO_CONNECT’, `1m’)dnl
o define(`confTRY_NULL_MX_LIST’,true)dnl
o define(`confDONT_PROBE_INTERFACES’,true)dnl
o define(`PROCMAIL_MAILER_PATH’,`/usr/bin/procmail’)dnl
o define(`ALIAS_FILE’, `/etc/aliases’)dnl
o dnl define(`STATUS_FILE’, `/etc/mail/statistics’)dnl
o define(`UUCP_MAILER_MAX’, `2000000′)dnl
o define(`confUSERDB_SPEC’, `/etc/mail/userdb.db’)dnl
o define(`confPRIVACY_FLAGS’, `authwarnings,novrfy,noexpn,restrictqrun’)dnl
o define(`confAUTH_OPTIONS’, `A’)dnl
o dnl TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
o dnl define(`confAUTH_MECHANISMS’, `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN’)dnl
o dnl define(`confTO_QUEUEWARN’, `4h’)dnl
o dnl define(`confTO_QUEUERETURN’, `5d’)dnl
o dnl define(`confQUEUE_LA’, `12′)dnl
o dnl define(`confREFUSE_LA’, `18′)dnl
o dnl FEATURE(delay_checks)dnl
o FEATURE(`no_default_msa’,`dnl’)dnl
o FEATURE(`smrsh’,`/usr/sbin/smrsh’)dnl
o FEATURE(`mailertable’,`hash -o /etc/mail/mailertable.db’)dnl
o FEATURE(`virtusertable’,`hash -o /etc/mail/virtusertable.db’)dnl
o FEATURE(redirect)dnl
o FEATURE(always_add_domain)dnl
o FEATURE(use_cw_file)dnl
o FEATURE(use_ct_file)dnl
o FEATURE(local_procmail,`’,`procmail -t -Y -a $h -d $u’)dnl
o FEATURE(`access_db’,`hash -o /etc/mail/access.db’)dnl
o FEATURE(`blacklist_recipients’)dnl
o EXPOSED_USER(`root’)dnl
o dnl This changes sendmail to only listen on the loopback device 127.0.0.1
o dnl and not on any other network devices. Comment this out if you want
o dnl to accept email over the network.
o DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA’)
o dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires
o dnl a kernel patch
o dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6′)
o dnl We strongly recommend to comment this one out if you want to protect
o dnl yourself from spam. However, the laptop and users on computers that do
o dnl not have 24×7 DNS do need this.
o FEATURE(`accept_unresolvable_domains’)dnl
o dnl FEATURE(`relay_based_on_MX’)dnl
o MAILER(smtp)dnl
o MAILER(procmail)dnl
o Cwlocalhost.localdomain
o
o sendmail.mc options:
o define(‘confDEF_USER_ID’,”8:12″) # Specifies user (8) and group (12) to run sendmail as
o OSTYPE(‘linux’) # Imports OS specific information
o undefine(‘UUCP_RELAY’) # Disable UUCP relaying
o undefine(‘BITNET_RELAY’) # Disable bitnet relaying
o define(‘confAUTO_REBUILD’) # Rebuild /etc/aliases automatically
o define(‘confTO_CONNECT’,’1m’) # Set time limit for SMTP connections to 1 minute
o define(‘confTRY_NULL_MX_LIST’,true) # If no mx record exists, contact host directly
o define(‘confDONT_PROBE_INTERFACES,true) # ????
o define(‘PROCMAIL_MAILER_PATH’,’/usr/bin/procmail’) # Specify location of procmail
o FEATURE(‘smrsh’,’/usr/sbin/smrsh’) # Specify location of sendmail restricted shell
o
o ### Enable virtusertable, mailertable, and access and specify their locations:
o ###
o FEATURE(`virtusertable’,`hash -o /etc/mail/virtusertable.db’)dnl
o FEATURE(`mailertable’,`hash -o /etc/mail/mailertable.db’)dnl
o FEATURE(`access_db’,`hash -o /etc/mail/access.db’)dnl
o
o FEATURE(redirect) # ???
o FEATURE(always_add_domain) # Append local hostname to locally delivered e-mail
o FEATURE(use_cw_file) # Read aliases to use from /etc/mail/local-host-names
o FEATURE(local_procmail) # Use procmail as the local MDA
o
o FEATURE(‘blacklist_reipients’) # Allows e-mail to be blocked based on destination
o FEATURE(‘accept_unresolvable_domains’) # Accept e-mail even if the reverse lookup of
o # the sender’s domain doesn’t work
o FEATURE(‘rbl’) # Iplements Realtime Blackhole List to fight spam.
o FEATURE(‘relay_based_on_MX’) # Automatically allow relaying if sendmail server
o # is listed as the target domain’s MX record.
o # This appears to only work if the hostname is set
o # to the same value as the MX record.
o FEATURE(domaintable) # Enable use of domaintable
o FEATURE(mailertable) # Enable use of mailertable
o
o ### The following sets a “smart host” that all of your mail will be relayed through.
o define(SMART_HOST,mail.yourdomain.com)
o
o ### The following line tells sendmail to only listen on the localhost interface.
o DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA’)
o
o ### The following 3 allow a host to masquerade as another host. Useful for hiding
o ### internal machine names from the outside world. Note that any user specified in
o ### an “EXPOSED_USER” (e.g. root), will not have their e-mail address masqueraded.
o MASQUERADE_AS(yourdomain.net) # Specifies domain to use in FROM and envelope addresses.
o FEATURE(allmasquerade) # Turn on masquerading for all e-mail
o FEATURE(masquerade_envelope) # Masquerade the envelope address also
o
3. /etc/aliases (& /etc/aliases.db)
o Contains aliases for e-mail addresses. For example, it allows you to send mail destined for user ‘daemon’ to ‘root’.
o Only local names may be aliased.
o Example /etc/aliases:
o daemon: root # Messages sent to user daemon are redirected to root
o root: steve # Messages sent to root are redirected to steve
o webmaster: steve bob sue # Messages sent to webmaster are redirected to steve, bob and sue
o steve@foo.com: bob # This entry is invalid unless the local host name is foo.com
o # or foo.com is listed in /etc/mail/local-host-names
o
o After editing /etc/aliases, you must regenerate /etc/aliases.db with the newaliases command.
4. /etc/mail/access (& /etc/mail/access.db)
o Controls which hosts are allowed to use sendmail.
o Example /etc/mail/access:
o localhost.localdomain RELAY #
o localhost RELAY ### These 3 permit the localhost to relay
o 127.0.0.1 RELAY #
o
o 10.22 REJECT # Reject mail from any host with an IP that starts with 10.22
o nobody@ REJECT # Rejects any mail addressed to user ‘nobody’ regardless
o # of the domain it’s sent to.
o foo.com OK # Accept mail from foo.com (not for relaying) even
o # if other rules might reject it
o bar.com REJECT # Reject all mail from bar.com and send message to sender
o foobar.com DISCARD # Like REJECT, except sender doesn’t receive a message
o
o # The following sends the specfied RFC error code back to the sender along with the
o # message specified after it.
o someone.com 550 We don’t accept your mail.
o
o After editing /etc/mail/access, you must regenerate /etc/mail/access.db by going into /etc/mail and typing make.
5. /etc/mail/mailertable (& /etc/mail/mailertable.db)
o Useful for overriding DNS or if DNS isn’t available.
o Allows you to perform domain translation.
o Can specify the deliver agent.
o Example /etc/mail/mailertable
o foo.net smtp:bar.net # Forward mail addressed to foot.net to bar.net
o foobar.net smtp:[192.168.1.20] # Forward mail addressed to foobar.com to the host at 192.168.1.20
o
o Regenerate /etc/mail/mailertable.db by going to /etc/mail and typing make.
6. /etc/mail/virtusertable (& /etc/mail/virtusertable.db)
o Allows you to map multiple virtual domains and users to other addresses.
o Example /etc/mail/virtusertable:
o webmaster@foo.com steve # Mail sent to webmaster@foo.com is redirected to local user steve
o postmaster@bar.com steve@foo.com # Mail sent to postmaster@bar.com is redirected to steve@foo.com
o
o @somedomain.com joe@foo.com # Mail addressed to _any_ user at somedomain.com is redirected
o # to joe@foo.com
o @foobar.com %1@bar.com # Mail addressed to a user at foobar.com is redirected to the same
o # user at barr.com.
o
o Regenerate /etc/mail/virtualusertable.db by going to /etc/mail and typing make.
7. /etc/mail/domaintable (& /etc/mail/domaintable.db)
o Allows an old domain to be mapped to a new one.
o Example /etc/mail/domaintable:
o NEED TO FIND MORE INFO ABOUT domaintable
o
o Regenerate /etc/mail/domaintable.db by going to /etc/mail and typing make.
8. /etc/mail/local-host-names
o This file must contain the sendmail server’s machine name and any aliases. Sendmail must be restarted after changing this file in order for it to take effect.
o Example:
o foo.com
o bar.com
o foobar.com
o
Specifies that foo.com, bar.com, and foobar.com are all local domains.
9. /usr/share/sendmail-cf/cf/
Contains various sample configuration files for sendmail.
10. /etc/mail/helpfile
This file contains the help information that is display when someone uses the SMTP “help” command during an SMTP session.
11. /etc/mail/statistics
Stores statistics about processed mail.
17.3 A Simple Client Configuration
1. Configures client machines to send mail to a central smart host.
2. Masquerades their mail domain as the mail domain of the smart host.
3. Example:
Host workstation.somedomain.com needs to be able to send mail to the outside world. However, we want mail coming from workstation.somedomain.com to have a from address of user@somedomain.com, not user@workstation.somedomain.com. The central mail hub for the somedomain.com is mail.somedomain.com.
Make these changes in /etc/sendmail.cf on workstation.somedomain.com.
o The DR line specifies sendmail’s forwarding agent for unqualified domain names. Change it to:
o DRmail.somedomain.com
o
o The DH line specifies which host all local e-mail traffic should be forwarded to. Change it to:
o DHmail.somedomain.com
o
o The DS line specifies the smart relay host. Change it to:
o DSmail.somedomain.com
o
o The DM specifies what the client should masquerade as. Change it to:
o DMsomedomain.com
o
The smart host mail.somedomain.com will also need to be configured to allow relaying from subnets that the client machines exist on.
17.4 Debugging Sendmail
1. mail -v
Shows information about message delivery while it’s being processed.
2. debug mode
To enable debug mode, run sendmail with the “-d” option and specify a debug # after it.
3. Display Queue Contents
Type: mailq or sendmail -bp
4. Running the Queue
Type: sendmail -q
5. Hostname Problems
In order to make sure sendmail is identifying the hostname of your machine correctly, type:
sendmail -d0 < /dev/null If sendmail thinks your hostname is localhost, check to see if /etc/hosts is configured correctly. Try removing all hostnames except for localhost and try again. Download the Ensurepass Latest 2013 RHCE EX300 Practise Test PDF to pass RHCE EX300 exam.

Comments are closed.