Monday, September 21, 2009

SENDMAIL Notes 8: Sendmail Macro File Derivatives


Derivatives in Sendmail.mc Configuration file:

#grep -i ^O sendmail.cf

    It returns the "options" that enabled in the sendmail.cf file

Options & Features in sendmail.mc:
Editing the sendmail.mc file:
    Any Options that enables inside the sendmai.mc or submit.mc should be specified after the DOMAIN(generic)dnl option
    Any rules that defines should come after the MAILER option inside the sendmail.mc/submit.mc file

Increasing the verbositry of Log Level of sendmail:
  Default level is 9.

define(`confLOG_LEVEL', `10')dnl

Now export the sendmail.cf file from sendmail.mc

#./Build install-cf
or
#m4  ../m4/cf.m4 sendmail.mc > sendmail.cf
Restart the sendmail
# kill -HUP `head -1 /var/run/sendmail.pid`


Maximun msg size:
Default is undefined

define(`confMAX_MESSAGE_SIZE', `4096')dnl
    Recompile the sendmail.cf file
    Restart the sendmail service

    This will resize the maximum msg size to 4K

Configuring the Maximum Recipients for MSG:

define(`confMAX_RCPTS_PER_MESSAGE', `1')dnl
    Recompile the sendmail.cf file
    Restart the sendmail

Editing the sendmail.cf file directly for maximum recipients per msg by enabling the following option

O MaxRecipientsPerMessage=1

    If client tries more than given number of recipients in the mail address it throws error
": Too many recipients". The msgs are queued for later delivery

Masquerading in sendmail:
    Masquerading changes the mail headers.A message header is the part of the message that contains information about a specific aspect of the message. This option should define prior to the mailer derivative.

MASQUERADE_AS(`mail1.jithu.com')
or
MASQUERADE_AS(`jithu.com')

    MASQUERADE_AS option is used to rewrite the host part of the mail address.  This will masquerade the msgs originated from the host to reflect as mail1.jithu.com
    For example:- mail send from host1.domain.com will be masqueraded as
    From:- kiran@mail1.jithu.com
    So if the recipient replies to msg will send to the host mail1.jithu.com

Masquerade the envelope:
    This will masquerade the mail envelope.Envelope is what appears initially.The sender and recipient addresses used in the SMTP transaction are called the Message Envelope. In other words A message envelope is the structure that encapsulates the component parts of a message: the message body and the message headers.

FEATURE(`masquerade_envelope')

    Now the m4 will search for the masquerade_envelope.m4 inside the features directory in source folder while compiling to create the sendmail.cf. This will change the envelope address to mail1.jithu.com as defined in MASQUERADE_AS.
But the message coming from root will not be masqueraded as for other normal users.
   
Exposed users to exclude the masquerade:
    This will exclude a given user from masquerading. root user is excluded by default from masquerading.

EXPOSED_USER(`jithu kiran joe paul')dnl
Or
EXPOSED_USER(`jithu')dnl
Or
EXPOSED_USER_LIST(`path to user list')dnl # user list should be one user per line

    So here the mail  for the users defined will be having the exact host details in the mail Headres as well as mail envelop.

Enabling the mail server to relay mails from any where:

FEATURE(`promiscuous_relay')
#compile and restart the sendmail service

    This option will allows to relay mails from anywhere, i.e, configures our system as open relay. This option should not be enabled in the production environment. If this is enabled any one can send mail using this sendmail server. Spammers will exploit this option certainly.This will make m4 to find the file named promiscuous_relay.m4 in features folder and will add the contents in to the sendmail.cf file

Masquerade Domains:
    Default masquerading behavior of sendmail is, only masquerading the host part of the mail generated locally and it won't masquerade the mails that generated from other systems.So including the option of masquerade domains will masquerade the hostname part of the mail for all other hosts that sendmail relays.

FEATURE(`masquerade_entire_domain')

    This will enable the masquerading of mails send by all the servers/hosts that sendmail relays. The host part of the mail address is now re-written to the address as mentioned in MASQUERADE_AS(`jithu.com'). The exposed users are excluded in this option, that means the root user mail will not be masqueraded.

MASQUERADE_DOMAIN(`mail1.fazi.com')

    This derivative says that any mail coming form host mail1.fazi.com should be masqueraded as defined in MASQUERADE_AS(`jithu.com'). We can add 'n' number of hosts seperated by in this derivative.
This option is valid upon the position of FEATURE(`masquerade_entire_domain'), which masquerades entire mails send by any hosts.


For Example:-  
          If FEATURE(`masquerade_entire_domain') is set Before to MASQUERADE_AS(`jithu.com') then all the hosts are masqueraded.
If FEATURE(`masquerade_entire_domain') is set after MASQUERADE_AS(`jithu.com') then the undefined hosts will not be masqueraded.

Masquerading Options Explained:

FEATURE(always_add_domain)dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`allmasquerade')dnl
MASQUERADE_AS(`my-site.com')dnl
MASQUERADE_DOMAIN(`my-site.com.')dnl
MASQUERADE_DOMAIN(localhost)dnl
MASQUERADE_DOMAIN(localhost.localdomain)dnl


  • The MASQUERADE_AS directive makes all mail originating on bigboy appear to come from a server within the domain my-site.com by rewriting the email header.
  • The MASQUERADE_DOMAIN directive makes mail relayed via bigboy from all machines in the another-site.com and localdomain domains appear to come from the MASQUERADE_AS domain of my-site.com. Using DNS, sendmail checks the domain name associated with the IP address of the mail relay client sending the mail to help it determine whether it should do masquerading or not.
  • FEATURE masquerade_entire_domain makes sendmail masquerade servers named *my-site.com, and *another-site.com as my-site.com. In other words, mail from sales.my-site.com would be masqueraded as my-site.com. If this wasn't selected, then only servers named my-site.com and my-othersite.com would be masqueraded. Use this with caution when you are sure you have the necessary authority to do this.
  • FEATURE allmasquerade makes sendmail rewrite both recipient addresses and sender addresses relative to the local machine. If you cc: yourself on an outgoing mail, the other recipient sees a cc: to an address he knows instead of one on localhost.localdomain.                 
Note: Use FEATURE allmasquerade with caution if your mail server handles email for many different domains and the mailboxes for the users in these domains reside on the mail server. The allmasquerade statement causes all mail destined for these mailboxes to appear to be destined for users in the domain defined in the MASQUERADE_AS statement. In other words, if MASQUERADE_AS is my-site.com and you use allmasquerade, then mail for peter@another-site.com enters the correct mailbox but sendmail rewrites the To:, making the e-mail appear to be sent to peter@my-ste.com originally.
  • FEATURE always_add_domain always masquerades email addresses, even if the mail is sent from a user on the mail server to another user on the same mail server.
  • FEATURE masquerade_envelope rewrites the email envelope just as MASQUERADE_AS rewrote the header.

No comments:

Post a Comment

tag ur valuable ideas below