Candidates should be able to manage a Sendmail configuration including email aliases, mail quotas and virtual-mail domains. This objective includes configuring internal mail relays and monitoring SMTP servers.
Key files, terms and utilities include:
/etc/aliases |
sendmail.cw |
virtusertable |
genericstable |
References: the file cf.REAME.txt from the
sendmail distribution. Also available on the web at sendmail.org.
Sendmail uses a configuration file usually called
/etc/mail/sendmail.cf. Creating this file
by hand is probably the most difficult task a system
administrator can encounter. Fortunately, this file can be
generated by using the m4 configuration tools.
A simple mc file may look something like this:
divert(-1) # # This is a sample configuration for mailserver.company.com # divert(0) include(`/usr/share/sendmail/sendmail.cf/m4/cf.m4')dnl VERSIONID(`@(#)sendmail.mc 1.0 (company.com) 19/1/02') OSTYPE(`linux')dnl DOMAIN(`company.com')dnl MAILER(local)dnl MAILER(smtp)dnl
This file consists of the following parts:
divert(-1) # # This is a sample configuration for mailserver.company.com # divert(0)
The divert(-1) tells m4 to ignore the following text until the next divert. This serves as a comment for your own notes.
include(`/usr/share/sendmail/sendmail.cf/m4/cf.m4')dnl
This is the standard include file needed to generate the
cf file. One of the things this will do, is set
CF_DIR, which is the base
directory for the m4 files.
VERSIONID(`@(#)sendmail.mc 1.0 (company.com) 19/1/02')
This defines the version number of your mc file. It will
create a comment header in the generated
sendmail.cf for reference.
OSTYPE(`linux')dnl
This simply includes the file
$CF_DIR/ostype/linux.m4. Each operating
system has its own quirks, such as the location of the
alias or help files. You can see a list of the available
operating system types by looking in the directory
$CF_DIR/ostype/. Choose the name which
best matches your operating system.
DOMAIN(`company.com')dnl
Like the OSTYPE() command, the
DOMAIN(company.com) command simply
includes the contents of the file
$CF_DIR/domain/company.com. This can be
used to create global settings for all mc files for your
domain. This line and the associated file are optional,
but recommended if you are creating more than one
configuration for your domain.
MAILER(local)dnl MAILER(smtp)dnl
These are the mailers to include in the sendmail configuration. In this example, we are including the local and prog mailer and the smtp family of mailers.
This is, of course, just the beginning for most configurations. You will probably want to add features by using the FEATURE macro. For example, the .mc line:
FEATURE(`use_cw_file')
tells sendmail that you want to have it read
/etc/mail/sendmail.cw as a list of
alternate names for this host. The FEATURE
may contain a single optional parameter – for example:
FEATURE(`use_cw_file', `dbm /etc/mail/alternate_names')
Some other features are:
use_cw_file
Read the file
/etc/mail/sendmail.cw
(also /etc/mail/local-host-names)
to get alternate names for this host. This could be useful,
for example, for a host MXed for a dynamic set of
other hosts. If the set is static, however, just including the
line “Cw<name1> <name2>
...” (where the names are
fully qualified domain names) is probably
better. The actual filename can be overridden by
redefining confCW_FILE
(e.g., “define (`confCW_FILE',
`/etc/alternate_file')”)
use_ct_file
Read the file
/etc/mail/sendmail.ct to get the
names of users who will be “trusted”:
that is, able to set their envelope from address using
-f without generating a warning message. The actual
filename can be overridden by redefining
confCT_FILE.
nouucpalways_add_domainInclude the local-host domain even on locally delivered mail. Normally it is not added on unqualified names. However, if you use a shared message store, but do not use the same user-name space everywhere, you may need the host name on local names.
masquerade_entire_domain
If masquerading is enabled (using
MASQUERADE_AS) and
MASQUERADE_DOMAIN is
set, this feature will cause addresses to be rewritten
such that the masquerading domains are
hidden. All hosts within the masquerading
domains will be changed to the masquerade name (used
in MASQUERADE_AS). For
example, if you have:
MASQUERADE_AS(masq.com) MASQUERADE_DOMAIN(foo.org) MASQUERADE_DOMAIN(bar.com)
then *.foo.org and *.bar.com are converted to masq.com. Without this feature, only foo.org and bar.com are masqueraded.
masquerade_envelopeThis feature instructs sendmail to masquerade the envelope sender and recipient, as well as those in the headers.
genericstable
This feature will cause certain addresses originating
locally (i.e., that are unqualified) or a domain listed
in $=G to be looked
up in a map and turned into another
(“generic”) form. This can change both
the domain name and the user name and is similar to
the userdb function. The same types of addresses
as for masquerading are looked up (only header
sender addresses unless the
“allmasquerade”
and/or “masquerade_envelope”
features are invoked). Qualified addresses must have a domain
in the list of names given by the macros
GENERICS_DOMAIN or
GENERICS_DOMAIN_FILE (analogous
to MASQUERADE_DOMAIN and
MASQUERADE_DOMAIN_FILE).
The argument of
FEATURE(`genericstable')
may be the map definition; the default map definition
is:
hash -o /etc/genericstable
The key for this table is either the full address or
the unqualified username (the former is tried first);
the value is the new user address. If the new user
address does not include a domain, it will be
qualified in the standard manner, i.e., using
$j or the masquerade
name. Note that the address to be looked up must be
fully qualified. For local mail, it is necessary to use
FEATURE(`always_add_domain')
for the addresses to be qualified.
virtusertableThis is a domain-specific form of aliasing, allowing multiple virtual domains to be hosted on one machine. If, for example, the virtuser table contained:
info@foo.com foo-info info@bar.com bar-info @baz.org jane@elsewhere.net
then mail addressed to info@foo.com will be sent to
the address foo-info, mail addressed to info@bar.com
will be delivered to bar-info, and mail addressed to
anyone at baz.org will be sent to
jane@elsewhere.net. The username from the original
address is passed as
%1 allowing:
@foo.org %1@elsewhere.com
meaning someone@foo.org will be sent to someone@elsewhere.com.
All the host names on the left-hand side (foo.com, bar.com and baz.org) must be in the list of alternate names for this host (see “use-cw-file”). The default map definition is:
hash -o /etc/virtusertable
A new definition can be specified as the second argument of the FEATURE macro, such as:
FEATURE(`virtusertable', `dbm -o /etc/mail/virtusers')
mailertableA “mailer table” can be used to override routing for particular domains.
Keys in this database are fully qualified domain names or partial domains preceded by a dot – for example, “vangogh.CS.Berkeley.EDU” or “.CS.Berkeley.EDU”. Values must be of the form:
mailer:domain
where “mailer” is the internal mailer name, and “domain” is where to send the message. These maps are not reflected in the message header. As a special case, the forms:
local:user
will forward to the indicated user using the local mailer,
local:
will forward to the original user in the e-mail address using the local mailer, and
error:code message
will give an error message with the indicated code and message.
smrsh
Use the SendMail Restricted SHell (smrsh)
(probably provided with your distribution) instead of
/bin/sh for sending mail to
a program. This improves the ability of the local
system administrator to control what is run via
e-mail. If an argument is provided, it is used as the
pathname to smrsh; otherwise, the path defined by
confEBINDIR is used
for the smrsh binary – by default,
/usr/lib/sm.bin/smrsh is assumed.
The commands that can be run are limited to the
programs in the smrsh directory. Initial pathnames on
programs are stripped, so forwarding to
/usr/bin/vacation,
/home/server/mydir/bin/vacation
and vacation all actually forward
to /usr/lib/sm.bin/vacation.
To add a program, simply create a link in
/usr/lib/sm.bin/ to the program
executable.
The mail aliases for sendmail (and many other unix mailers)
are in the file /etc/mail/aliases (or
/etc/aliases).
The file contains lines of the form:
name: alias1, alias2, alias3, ...
Where name is the name to
alias and alias# are the
aliases for that name. alias#
can be another alias, a local username, a local filename, a
command, an include file or an external address.
usernameThe username must exist on the system. If you want to be able to send E-mail to full names, you can use this to map the full names to user names:
ben.mesman: bmesman g.g.a.m.de.vries: gerrit
/path/nameThe message will be appended to the specified file. This can also be used to drop all messages to a user:
somebody: /dev/null
|commandThe specified command will receive the messages on standard input. This could be used to handle mailing lists.
:include: /path/name
The names in the file /path/name
will be the addresses for the alias. The filename must
start with a “/”. If you put (all)
usernames, one per line, in a file you could have an
alias:
all: :include: /etc/mail/allusers
All users in /etc/mail/allusers
will receive mail for all@company.com. Note that it is
not necessary to update the aliases database, with
newaliases, when the file
/etc/mail/allusers is changed.
user@domainYou can also redirect mail to an E-mail address outside your domain, by specifying the E-mail address here.
The aliases file is just the raw data
file. Sendmail uses the binary file
/etc/mail/aliases.db to do the alias
substitution. This file is created from
/etc/mail/aliases with the command
newaliases. This command should be executed
each time the aliases file is changed for
the change to take effect.
After aliasing has been done, valid recipients who have a
.forward file in their home directory
have messages forwarded to the list of users defined in that
file. When all this is done, sendmail hands the mail to the
local delivery agent, usually procmail, for delivery.