BBS水木清华站∶精华区
寄信人: microcat (流浪猫~一线曙光)
标 题: Sun sendmail Faq
发信站: BBS 水木清华站 (Sun Jun 27 07:59:19 1999)
来 源: 202.117.82.6
【 以下文字转载自 microcat 的信箱 】
【 原文由 所发表 】
1.0 About Sun Sendmail
1.0: About Sun's Sendmail
=========================
This PSD documents a wide variety of information concerning Sendmail,
as implemented in the SunOS and Solaris operating systems. It is
intended as both an introduction to Sendmail, and as a guide to the
most common problems. There are many more complete references to
Sendmail, a few of which are noted in section 7.0.
Because all network configurations are different, the setup that sun
provides will suit 80 - 90 percent of a System Administrators needs.
The other 10 - 20 percent will require some modification or
customization to the administrator's sendmail.cf.
This Tip sheet basically applies to both Solaris and SunOS sendmail.
The only differences will be different paths for the sendmail.cf and
new functionality defined within the sendmail.cf for Solaris.
1.1: Sendmail Clients And Servers
---------------------------------
Sun provides a basic client/server framework for Sendmail. There are
two sendmail.cf files found in /etc/mail called main.cf and
subsidiary.cf.
The MAIN.CF file is for machines designated as mailhosts and provides
all the Sendmail rules needed to route mail onto the Internet.
The SUBSIDIARY.CF file is for machines that will only route mail
directly to interal hosts and that will send outbound mail to the
designated mailhost. The subsidiary.cf file is the default sendmail.cf
file when the system is installed.
Sun also provides two versions of Sendmail for all versions of SunOS
and Solaris earlier than 2.5 that do not have the latest Solaris sendmail
V8 patch installed. sendmail and sendmail.mx executables can
be found in /usr/lib:
SENDMAIL should be used on clients and other machines that have no
need to access MX records.
SENDMAIL.MX should be used when trying to route mail to addresses that
are DNS MX records. Typically, sendmail.mx will be installed on all
mail servers.
Under Solaris 2.5, or with the latest Soalris sendmail V8 patch
installed, there is only one version of sendmail, which
combines the functionality of the former sendmail and sendmail.mx
programs.
1.2: Sendmail Mailers
---------------------
In sendmail, a "mailer" defines the manner in which sendmail
tries to deliver mail. Some mailers are standard: for example, the
"local" mailer always delivers to local users, while the "prog"
mailer
always delivers to local programs. However, Sun sendmail also defines
a special mailer which is used for all non-local mail. This is done
with the 'DM' line in the sendmail.cf. For example, the following line
defines a mailer for delivery within the local domain, to be "ether":
DMether
The following three mailers are the ones most typically used for
non-local mail:
ddn: short for Data Defense Network, an old version of the Internet.
This mailer should be used in any sendmail.cf which is expected to
talk directly to the Internet, rather than acting as a client to a
mailhost. It negotiates connections via SMTP, and also fully
qualifies domain names, so that they will be correct out on the Internet.
Typically, ddn will be used on a main.cf machine, which means
directly attached to the Internet.
ether: This mailer is very similar to ddn, but it intended only for
"internal" networks within a single domain name.
It connects via SMTP directly to hosts within the local domain.
It delivers "external" mail by forwarding it on to a
"mailhost",
which general serves as a mail relay to other domains and/or the
Internet. Thus, the ether mailer lets the mailhost deal with
any complexities. Typically, ether will be used on all subsidiary
hosts, but of course the ether mailer is also found in the main.cf,
so that a mailhost knows how to route mail within the local domain.
smartuucp: This mailer is only necessary if the local network is
connected to external networks via UUCP. Typically, smartuucp will be
used on a main.cf machine, provided it has a UUCP connection. A
variant of smartuucp exists, called just uucp. It will not fully
domainize names, and should not be used unless you must be compatible
with (very) old UUCP standards.
1.3: Sendmail Version
---------------------
All versions of SunOS, and Solaris earlier than 2.3 support sendmail
version 5.
Solaris 2.5, and versions of Solaris 2.3 and 2.4 which have the
sendmail V8 sendmail patch installed, support sendmail version 8.6.10,
as modified by Sun. Without the sendmail patches, Solaris 2.3 and 2.4
will only run at sendmail V5.
Sendmail version 8.7 or greater can be acquired from the public
domain, but it is not supported by SunService.
Generally, you will find the version that most sendmail hosts are
using, by connecting directly to the SMTP port 25 with either
the "mconnect" command on Sun's or telnet to port 25. Here are
two examples on mconnect to a 2.3 unpatched host, and telnet to
port 25 on a 2.5.1 host:
$ mconnect omni
connecting to host omni (129.151.26.1), port 25
connection open
220 omni.omnilab.com Sendmail 5.0/SMI-SVR4 ready at Wed, 19 Feb 1997
mercedes[hackley]:telnet cascades 25
Trying 129.151.26.160...
Connected to cascades.
Operating in single character mode
Remote character echo
Escape character is '^]'.
Connected to cascades.
Escape character is '^]'.
220 cascades.omnilab.com Sendmail SMI-8.6/SMI-SVR4 ready at Wed, 19 Feb 1997
Reminder: Type in "quit" to get out of SMTP port 25.
1.4: A Few Words on Sendmail Rules
----------------------------------
The heart of sendmail is the rulesets defined in the sendmail.cf.
These are what determine how from addresses are rewritten, how to
addresses are rewritten, and what mailers should be used. Most
administrators will not have to work with these, except in the very
minimal ways described in Section 3.0. If you don't think you'll need
to get into the rulesets, skip ahead to Section 2.0.
For those administrators with special needs, the way rules work is
described a little bit here. For more information, you should consult
the references listed in Section 7.0. This information is provided to
you, in the hope that you can learn how to write rule sets on your
own if it is not sufficient, SunService can not help you further, but
you can get help from Sun Consulting, as is described in Sections 8.0
and 9.0.
1.4.1: The Parts of a Sendmail Rule
-----------------------------------
A typical sendmail rule has four parts:
Rlhs rhs comments
The letter R defines the line as a rule (there are also macros, mailer
defintions and lots of other stuff in the sendmail.cf).
The lhs (left hand side) is a conditional test. If the From/To address
matches the lhs, then the rhs is applied.
The rhs (right hand side) is a rule that describes what action should
be taken.
The comments describe what the rule line is doing.
There are a lot of weird variables in the sendmail rulesets. The most
important ones follow.
lhs:
$* matches zero or more tokens
$- matches exactly one token
$+ matches one or more tokens
$=letter matches any token which is equal to $letter
ie: $=m matches your domain name
(A token is one "part" of the sendmail address, seperated by a
"." or
a "@". For example, in the example "joe@machine.test.com", joe,
@,
machine, ., test, . and com are tokens.)
rhs:
$@ action for the RHS is rewrite-and-return
$>num action for the RHS is rewrite using the num ruleset
$# action for the RHS is final delivery, via the listed Mailer
$letter equal to the Defined variable (ie $m matches what Dm is set to)
$number equal to the $numberth $*, $- or $+ on the lhs
Sendmail rules are grouped into rulesets. A Marker as following starts
off each ruleset:
S#
For example, ruleset 11 would be started with the following line:
S11
1.4.2: Examples of Sendmail Rules
---------------------------------
Below are two quick examples of rules, each taken from main.cf.
First, the 'tack on our domain' rule:
R$+<@$+>$* $@$1<@$2.$m>$3 tack
on our domain
The following Define is also relevent:
Dmtest.com
The above rule will match anything in the form
"something<@something>maybe".
The format is a little funny with <s and >s because the address has
already been rewritten a few times. For example, assume we have the
following address:
joe@machine
By the time we get to this rule, the address will have been rewritten
as follows:
joe<@machine>
The above lines successfully matches the lhs of our rule, and the
following numerical variables are set:
$1 = "joe"
$2 = "machine"
$3 = ""
In addition, we already have the following set:
$m = "test.com"
Since the lhs starts off with $@, sendmail knows to do a db
replacement, and:
$1<@$2.$m>$3
becomes:
joe<@machine.test.com>
As you can see, this rule tacks on a domain name, when the address is
already of the form user@machine (for example, when mail comes to a
mailhost, from a mail client).
Our second example, is the 'tack on our full name' rule:
R$+ $@$1<@$w.$m> tack on our
full name
This will match anything except "". However, because of the way
earlier rulesets are set up, anything that is not of just the form
'joe' or 'joe.smith' (ie no @) will have already been
rewritten-and-returned. Assume that $w is set to mailhub and $m is set
to test.com. In this case, if we get the following address as input:
joe
It will be output as:
joe<@mailhub.test.com>
1.4.3: Which Rulesets are Used
------------------------------
There are lots of rulesets in the sendmail.cf, and it come be somewhat
overwhelming to try and find the correct one if if you don't know
where to look.
It's been noted previously that the rulesets are applied to From
addresses AND to To addresses. The To address is typically used to
figure out where to send the mail to, while the From address is
sometimes rewritten in some manner (for example, the From address
'joe' might be changed to 'joe@machine' for internal mail and to
'joe@domain' for external mail). The From and To addresses are sent to
different rulesets, so that these different rules may be applied.
The From (or Sender) address goes through the following rulesets:
3,1,S,4.
The To (or Recipient) address goes through the following rulesets:
3,2,R,4.
R and S are special rulesets that depend upon which Mailer you are
using. For example, smartuucp and ddn process addresses in different
ways. To figure out what R and S are set to, first look for the line
that starts off 'DM'. This defines your external mailer:
DMddn
Then, look for a line that reads "Mmailer-name". For example, Mddn:
Mddn, P=[TCP], F=msDFMuCX, S=22, R=22, A=TCP $h, E=\r
As you can see, this line sets S and R each to ruleset 22.
Almost every single rule that a typical administrator cares about is
defined in the S and R rulesets. If you want to make a change to the
way that one specific mailer deals with addresses, you should put it
in S or R. Likewise, if you want to figure out how addresses get
rewritten, you should usually look in S and R.
Another example follows:
Mlocal, P=/bin/mail, F=flsSDFMmnP, S=10, R=20, A=mail -d $u
You'll recall that earlier it was stated that 'local' is used to do
local mail delivery. Here, you can see that one final rule rewrite
gets done before that local mail delivery. The Sender address goes
through rule 10, while the Recipient address goes through rule 20.
1.4.4: Important Defines
------------------------
In the above examples, several defined variables ($w, $m, etc) were
mentioned. The most important ones are:
$k mailbox machine name (ie nfs-host)
$w machine name (ie mailhub)
$m domain name (ie test.com)
$M default mailer (ie ddn)
2.0 Debugging Sendmail
2.1: Debugging using SMTP port 25
---------------------------------
If you are having troubles with sendmail on a particular machine, you
can connect to it on port 25 to examine how it is functioning.
The following determines that sendmail is up and running:
$ telnet localhost 25
Trying 127.0.0.1 ...
Connected to localhost.
Escape character is '^]'.
220 rainbow.Corp.Sun.COM Sendmail SMI-8.6/SMI-SVR4 ready at Tue, 12 Mar 1996
10:19:57 -0800
This also tells you what sendmail has its name set to (rainbow.corp.sun.com)
and what version of sendmail you are running (SMI-8.6/SMI-SVR4).
Once you have connected to the sendmail port, you may use the 'expn'
SMTP command to examine the expansion of addresses, such as you might
want to see when debugging mail alias problems.
$ telnet localhost 25
...
expn postmaster
250 < root >
expn appel
250 Shannon Appel < appel@rainbow.Corp.Sun.COM >
Note: on suns, the command 'mconnect <machine>' does the same thing as
'telnet <machine> 25' and may be used as a sort of shorthand. Be aware
that this command is not standard though.
There are several SMTP commands available. Use the HELP command to
find out what commands the sendmail host supports. Note that most
mail locations directly attached to the Internet have disabled
the EXPN (EXPaNd alias) and VRFY (VeRiFY user).
2.1 How to use SMTP commands to send mail directly to port 25
Folks, we use this all the time to debug mail problems with
our customers. The command sequence to use is:
helo sending-hostname
mail from: yourname@yourdomain.com (yourname@yourdomain.com is the
sender)
rcpt to: user@destination (user@destination is where you want the mail to
go)
data
(put in Subject: and body of email message here)
. (this is a period on a line by itself)
quit
For example:
$ telnet test 25
Trying 192.151.24.1...
Connected to test.
Escape character is '^]'.
220 test.East.Sun.COM Sendmail SMI-8.6/SMI-SVR4 ready at Wed, 19 Feb 1997
18:01:20 -0500
helo mercedes
250 sunesc.East.Sun.COM Hello mercedes [192.151.24.64], pleased to meet you
mail from: hackley@east.sun.com
250 hackley@east.sun.com... Sender ok
rcpt to: user@testhack.com
250 user@testhack.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
Subject: Testing from Sun Service Network Support, please ignore
testing...
.
250 SAA13622 Message accepted for delivery
quit
221 sunesc.East.Sun.COM closing connection
Connection closed by foreign host.
For those of you have used mailx -v or /usr/lib/sendmail -v to
debug sendmail, you will recognize the stand SMTP command sequence.
2.2: /usr/ucb/mail -v, mailx -v or /usr/lib/sendmail -v
---------------------
The older /usr/ucb version of mail has a verbose flag, which may be
used to determine exactly what mail is doing. It is useful if you are
getting bounces, or mail is not getting through, and you'd like a
slightly more expansive analysis.
The Solaris mailx command also has a -v switch, as does /usr/lib/sendmail
It is particular helpful because, for outgoing mail, it will show you
where mail is going, and how it is communicating:
rainbow% mailx -v test@test.com
Subject: test
this is a test of outgoing mail.
^D
EOT
rainbow% test@test.com... Connecting to mailhost (ether)...
220 Corp.Sun.COM Sendmail 5.x/SMI-5.3 ready at Tue, 12 Mar 1996 10:26:26
-0800
>>> HELO rainbow.Corp.Sun.COM
250 Corp.Sun.COM Hello rainbow.Corp.Sun.COM (rainbow-bb.Corp.Sun.COM),
pleased
to meet you
>>> MAIL From:<appel@rainbow>
250 <appel@rainbow>... Sender ok
>>> RCPT To:<test@test.com>
250 <test@test.com>... Recipient ok
>>> DATA
354 Enter mail, end with "." on a line by itself
>>> .
250 Ok
>>> QUIT
221 Corp.Sun.COM closing connection
test@test.com... Sent (Ok)
In the above example, we see that the "ether" mailer is being used,
and that our local machine is connect to mailhsot.
/usr/ucb/mail, mailx, or sendmail in the verbose mode will often give
you hints for easy sendmail problems, particularly "bounce" messages
If it is insufficient, sendmail itself provides
some much more robust verbose functionality.
2.3: Sendmail Debug Functions
-----------------------------
When debugging, consider the information provided by running sendmail
in verbose mode, and in debug mode
2.3.1 sendmail verbose mode mode:
This is an example of running sendmail interactive on a "subsidiary"
machine. Below in "{}" are comments of useful information.
$ /usr/lib/sendmail -v jane@foo.com this is a test
. (or CTRL/D)
jane@foo.com... Connecting to mailhost via ether...
{The machine we are sending mail to^^^^^^^ ^^^^^the mailer
used}
Trying 129.151.21.1... connected.
{The connection to machine "mailhost" completed}
220 sunesc.East.Sun.COM Sendmail 4.1/SMI-4.1 ready at Wed, 30
Aug 95 09:33:49 EDT >>> HELO
doghouse.East.Sun.COM
{I identify myself: defined by the macro Dj$w.$m}
250 sunesc.East.Sun.COM Hello doghouse.East.Sun.COM, pleased to
meet you>>> MAIL From:<valante@doghouse>
{Here is the address that will show in the mail's "from" line or
"to" line when someone replies to it}
250 <valante@doghouse>... Sender ok >>> RCPT
To:<jane@foo.com>
250 <jane@foo.com>... Recipient ok
{The person receiving the mail is a valid address. NOTE: This is
valid for the machine connected to, but may not be a valid final
address. Running sendmail -v from the machine you are connecting
to may give an error and will identify the real problem.}
>>> DATA 354 Enter mail, end with "." on a line by
itself >>>
. 250 Mail accepted >>> QUIT 221 sunesc.East.Sun.COM
delivering mail jane@foo.com... Sent
{The mail has been sent to sunesc and is now the responsibility of the
sunesc to deliver or relay the mail to the destination}
2.3.2 sendmail debug mode to get basic sendmail info
To find out what some basic macros, user debug level 0.1:
$ /usr/lib/sendmail -bt -d0.1 < /dev/null
Version SMI-8.6
SYSTEM IDENTITY (after readcf):
(short domain name) $w = mercedes
(canonical domain name) $j = $w.$m
(subdomain name) $m = East.Sun.COM
(node name) $k = mercedes
This is very helpful in debugging "mail loops back to myself" problems,
which are caused by improper definition of $j.
2.3.3 sendmail debug to test address rulesets
To find where in a rule is matching, and how mail is being
routed, use debug level 21.12. In this case, we are looking to
check on how the "From" address is being rewritten:
doghouse -> /usr/lib/sendmail -bt -d21.12
Version 5.x
ADDRESS TEST MODE
Enter <ruleset> <address>
> 3,11 glen
rewrite: ruleset 3 input: "glen"
-----trying rule: $* "<" ">" $*
----- rule fails
... It runs thru the rules ...
rewrite: ruleset 11 input: "glen"
-----trying rule: $* "<" "@" $+ ">" $*
----- rule fails
-----trying rule: $=D
----- rule fails
-----trying rule: $+
-----rule matches: $@ $1 "<" "@" "doghouse"
">"
rewritten as: "glen" "<" "@"
"doghouse" ">"
rewrite: ruleset 11 returns: "glen" "<" "@"
"doghouse" ">"
This tells me that in ruleset 11 it matches:
R$+ $@$1<@$k> tack on my mbox
hostname
And Here is were the address ^^^^^^ is getting rewritten.
2.3.4 The MOST COMMON input to address ruleset debug mode
Folks, when we troubleshoot sendmail problems, we find the
most helpful ruleset rewriting modes are:
1. TO DEBUG WHERE MAIL IS GOING TO NEXT, WITH WHICH MAILER:
3,0,4 user@wherever.you.want
2. To DEBUG YOUR "From" ADDRESS WITH THE "ddn" MAILER:
3,22,4 user@sending.address
3. TO DEBUG YOUR "From" ADDRESS WITH THE "ether" MAILER:
3,11,4 user@sending.address
3.0 Common How Tos
3.1: How To Set Up a Sun As An Internet Mailhost
-------------------------------------------------------------
When setting up a Sendmail mailhost on the Internet, you should follow
the listed steps to ensure that the most basic configuration needs are
met. Other modification may be necessary to customize to your specific
environment.
1) Install the correct sendmail and sendmail.cf for a mailhost:
mv /usr/lib/sendmail /usr/lib/sendmail.nonmx
cp /usr/lib/sendmail.mx /usr/lib/sendmail
cp /etc/mail/main.cf /etc/mail/sendmail.cf
Note: Under Solaris 2.5 and higher, the first two steps, involving
/usr/lib, are not necessary. Same holds try for sendmail v8 patches
on 2.3. and 2.4.
2) In the /etc/mail/sendmail.cf file, change the following:
a. Comment out the line:
Dj$m
b. Uncomment the line:
Dj$w.$m
c. Change the DM macro from "smartuucp" to ddn:
DMddn
d. Define the Dm macro. Look for an example about "podunk.edu" and
a blank line). Put this anywhere that blank line:
Dm"Your domain name"
example:
Dmfoo.bar.com
NOTE: Dm NO SPACE AFTER THE "m" AND YOUR DOMAIN.
e. Comment out this line:
R$*<@$*.$+>$* $#$M $@$R $:$1<@$2.$3>$4
user@any.domain
f. Uncomment this line:
#R$*<@$*.$+>$* $#ddn $@ $2.$3 $:$1<@$2.$3>$4
user@any.domain
Hint: in vi, search for ddn
g. If your host receives mail for multiple domains, add a "Cm" entry
after the "Dm" in Step "d.". NOTE THERE IS A SPACE AFTER
the "Cm"!
e.g.
Cm mydomain.com testdomain.com
h. If your host is receiving mail under different names for "local"
delivery, often you need to define those hosts in a "Cw" line:
e.g.
Cw www another-name and-another
3) Verify that DNS is working properly. Running the command "nslookup
sun.com" should return
Name: sun.com
Address: 192.9.9.1
In Solaris, dns must be defined in /etc/nsswitch.conf. In SunOS, NIS
must be running to use DNS.
4) Verify that the hosts file has been changed so that the machine is
identified as "mailhost".
The hosts file should look like:
xxx.xxx.xxx.xxx doghouse mailhost loghost
5) Remember to stop and restart the sendmail daemon if any changes
have been made to the sendmail.cf file.
To stop sendmail:
/etc/init.d/sendmail stop
To start sendmail:
/etc/init.d/sendmail start
When all of this is complete, the mailhost should be able to correctly
deliver its own mail to the internet, and in addition it should be
able to accept mail from mailer clients, and pass that on to the
internet.
3.2: How To Set Up a Sun As A Mail Client
-----------------------------------------
Once you have set up a mailhost on your network, creating any number
of mail clients is relatively simple. By default, everything should be
setup correctly. The non-mx sendmail is default on Solaris previous to
2.5, as is the subsidiary.cf, and these are the items that you want to
use.
STEP #1 (SunOS 4.x or Solaris 2.3/2.4 without the V8 patch ONLY)
1a: cd /usr/lib
1b: ls -l sendmail*
1c: if "sendmail" is smaller than the "sendmail.mx" file
you have the non-mx version of sendmail, go to STEP #2.
1d: is there a "sendmail.nomx" in the directory? If so,
copy it to "sendmail" and go to STEP #2. If not, you
wind up with the mx version of sendmail, which will work.
STEP #2 (All version of sendmail)
Gather the following information:
- your domain name that will be used with email (try the
command, "domainname").
- are you using NIS (YP) or NIS+ (nisplus)?
- The name of your mailhost (it might be "mailhost").
STEP #3
copy the /etc/mail/subsidiary.cf to /etc/mail/sendmail.cf (Solaris)
copy the /usr/lib/sendmail.subsidiary.cf to /etc/sendmail.cf (SunOS)
STEP #4
Edit sendmail.cf
4a. If your mailhost has a name OTHER THAN "mailhost", change the
lines:
DRmailhost
CRmailhost
to reflect the name of the mailhost. Note NO SPACE between
DR and the name of the mailhost!!
4.b If you are not using NIS nor NIS+, *OR* if your
mail domain is different than the output from "domainname",
insert the line anyplace after the commented entry about
"podunk.edu":
Dmmaildomain.com
where "maildomain.com" is the name of your mail domain. Note
NO SPACE between Dm and the name of your mail domain!!!!
You don't need a "Cm" line, but if you feel better about that,
go ahead and put it in. Unlike "Dm", you put a space after
"Cm" e.g.
Cm maildomain.com
STEP #5
stop and restart sendmail! Usually it runs as:
/usr/lib/sendmail -bd -q1h
STEP #6
Test using mailx -v or /usr/lib/sendmail -v as discussed in
an earlier section of this Tips sheet.
Additional note about the mailhost or mail server:
Often times, customers just go in to their naming
service (/etc/hosts, NIS, NIS+ or DNS) and make sure that themail
server has the alternative name 'mailhost'. See if you
can ping it from your client:
rainbow% ping mailhost
corpmail2 is alive
...thats it!!
3.3: How to Force Sendmail to Rewrite Sender Addresses for Internal Email
-------------------------------------------------------------------------
By default, mail sent from mail clients (running subsidiary.cf) to
other machines in the same DOMAIN appears with the following Sender
Address:
user@machine
e.g.
user@rainbow
This procedure can be used to change the "From" address of the
mail to user@domain e.g. user@yourdomain.com .
Looking at your sendmail.cf, you will typically see that it is
running the ether mailer:
$ grep ^DM sendmail.cf
DMether
And the Mether line reveals that the following S and R rules are used
(see Section 1.4 and 2.3 for more info on sendmail rulesets if you like):
$ grep ^Mether sendmail.cf
Mether, P=[TCP], F=msDFMuCX, S=11, R=21, A=TCP $h
Since we want to change the way that the Sender address is rewritten,
we must consult rule 11, which reads:
S11
R$*<@$+>$* $@$1<@$2>$3 already
ok
R$=D $@$1<@$w> tack on my
hostname
R$+ $@$1<@$k> tack on my mbox
host
It is common for sysadmins to want to replace user@machine ($1<@$w> or
$1<@$k>) with user@domain ($1<@$m>). In ether, the last two
lines
would be changed to the following:
R$=D $@$1<@$m> tack on my
hostname
R$+ $@$1<@$m> tack on my mbox
host
CAREFUL: There are tabs seperating some of these fields!!!
When these changes have been made, all mail sent with the "ether"
mailer will appear inthe format:
user@domain
e.g.
user@yourdomain.com
TIP:
Some admins might instead want to use $1<@$w.$m>, which would make
mail appear as:
user@machine.domain
Note that these changes only affect mail sent from an internal user to
another internal user.
If you're confused about the $w and $k, remember that:
/usr/lib/sendmail -bt -d0.1 < /dev/null
Will list out their values. It so happens that:
$w is the machine name,
$m is the domainname,
$k is the mailbox hostname where you have mounted /var/mail from
(as is noted in Section 1.4.4)
To test this out, either send some mail, or you can use address test mode
to see if it works or not:
/usr/lib/sendmail -bt -d21.12
> 3,11,4 user
...stuff spits out
rewrite: ruleset 4 returns: user @ mydomain . com
3.4: How to Force Sendmail to Rewrite Sender Addresses for External Email
-------------------------------------------------------------------------
This procedure is used for "site hiding" where you want the address
for all mail coming thru your mail gateway to read:
user@domain
e.g.
user@mydomain.com
Typically, a mailhost uses the ddn mailer. Consulting the Mddn line,
you will see that it uses rule 22 for the Sender address. This reads:
S22
R$*<@LOCAL>$* $:$1
R$-<@$-> $:$>3${Z$1@$2$} invert
aliases
R$*<@$+.$*>$* $@$1<@$2.$3>$4 already
ok
R$+<@$+>$* $@$1<@$2.$m>$3 tack on
our domain
R$+ $@$1<@$w.$m> tack on our
full name
The last two are relevent. The 'tack on our domain' line matches mail
of the format 'user@machine' and converts it to 'user@machine.domain'
(this rule is used when mail arrives on the mailhost from a client).
The 'tack on our full name' line matches mail of the format 'user' and
converts it to 'usr@machine.domain' This particular rule is used when mail
originates on the mailhost).
Note: Technically, it's an over simplification to say that $+<@$+>
matches user@machine, since it could match user@anything, but since
the line BEFORE it ($*<@$+.$*>) matches user@machine.domain, and then
applies $@, which causes a rewrite and then an EXIT from the ruleset,
nothing but user@machine ever gets down to the $+<@$+> rule. Similar
logic applies to why $+ only matches user.
Many administrators wish to make outgoing mail just read user@domain.
You can accomplish this by changing the last two lines as follows:
R$+<@$+>$* $@$1<@$m>$3 tack on
our domain
R$+ $@$1<@$m> tack on our full
name
Note this is only affects mail that is sent to external domains.
That's it! Test by sending out email.
Address test mode to use (note: mail relayed from another sun machine
comes in user@host, so you might also want to test that):
/usr/lib/sendmail -bt -d21.12
> 3,22,4 user
...stuff spits out
rewrite: ruleset 4 returns: user @ East . Sun . COM
(CTRL/D to exit)
/usr/lib/sendmail -bt -d21.12
> 3,22,4 user@host
...stuff spits out
rewrite: ruleset 4 returns: user @ East . Sun . COM
(CTRL/D to exit)
3.5: How To Route Mail Througha Firewall
----------------------------------------
There are many ways to implement sending mail thru a firewall based
--
决不灌水。
BBS水木清华站∶精华区