Configuring Sendmail 8.x (Berkeley)

Charles Gagnon

Copyright © 1995-2001 Charles Gagnon, unixrealm.com

Date: 2001/08/20 01:45:50

Introduction

Here is a text that documents the installation of the public domain version of Sendmail. At the time the article was write, sendmail-8.9.3 was the latest available. This sample configuration was done on a simple Network running mostly Sun Solaris boxes. Two main servers are involved, one is called the mail server and the other one the mail host.

Basics

Sendmail is known as a MTA (Mail Transfer Agent). By opposition to an MUA (Mail User Agent), who will allow a user to compose, send, reply, forward and store mail, the MTA will take care of transporting the mail, from machines to machines, choosing the perfect route each time on specific user wants to be reached.

Sendmail is a lot like a post-office. When you send (snail) mail, the first step is always delivering the envelope to the local post office. Once there, the envelope will go from post-office to post-office until it reaches its destination. Sendmail does the same thing.

Information is also available at URL:http://www.sendmail.org/.

Anybody who wants to install and configure sendmail should definitely read the Sendmail FAQ:

• URL:http://www.sendmail.org/faq/

Servers and workstations involved

Here is a brief description of the machines used in my example as well as their roles in the mail delivery process.

mail host

The mail host normally has the live connection to the Internet (in cases where the rest of the network is hidden behind a firewall for example) and it receives the mail and delivers it directly to the mail server through the Ethernet connection, if the recipients is local. All other email messages are sent to the Internet. Is also know as a mail relay machine.

mail server

The mail server delivers every messages appearing as “local” in /var/mail/\$username (on most Unix systems anyway). The mail server is also the SMTP server and POP server for mail clients. It could, for example, run a popd daemon to allow client POP connections. Clients will normally deliver all their “local” messages to the mail server and “non-local” messages the mail host using POP, NFS, SMTP, SMB over the ethernet network.

clients

Could be anything on the network that needs to receive/read/send or process mail in any way. The reading could be done directly in /var/mail/\$username through NFS for example. It could also be accomplished using POP or IMAP from various mail client packages.

Example 1. Schema of the mail delivery process

      It forwards all                 It delivers
      the non local messages          local mail in
      to the internet                 /var/mail/\$username
 
      -------------                  ---------------
 -----| Mail Host |------------------| Mail Server |
 INet |  Relay    |     Ethernet     | Mail Hub    |
      -------------                  ---------------
 
                                     Mail client get
                                     their mail using
                                     NFS, SMB, pop over
                                     the ethernet network

== Installation ==

”’Sendmail Installation Steps”’

# The installation of Sendmail is pretty straight forward. First, you need to download and compile the latest sendmail. The source code can be downloaded from:
#* [ftp://ftp.sendmail.org/pub/sendmail/ URL:ftp://ftp.sendmail.org/pub/sendmail/ ]
#* [ftp://ftp.cs.berkeley.edu/ucb/sendmail/ URL:ftp://ftp.cs.berkeley.edu/ucb/sendmail/ ]
# Extract the tar archive in a directory somewhere and ‘cd’ to that directory.
# Use the ./Build.sh shell script to compile sendmail and accessories for you environment.
# Change directory to (where-sendmail-src-is)/cf/cf and proceed to creating your own sendmail.mc. The sendmail.mc is the source file that will be used to create the final sendmail.cf. The .mc file is written for the M4 macro processing language.
Although I cannot re-write the O’Reilly book on Sendmail (known as the bat book), I wanted to a least give exemples of sendmail.mc and sendmail.cf files used in previous installations I did over the years.

”’Example 2. A mailsvr.mc file use for any central mail server”’

 divert(0)
 include(`../m4/cf.m4')dnl
 VERSIONID(`@(#)mailsvr.mc	1.02 (Basit) 97/07/24')dnl
 OSTYPE(solaris2.ml)dnl
 FEATURE(local_procmail)dnl
 FEATURE(smrsh,/usr/lib/smrsh)dnl
 FEATURE(access_db, dbm -o /etc/mail/access)dnl
 FEATURE(rbl)dnl
 DOMAIN(YourDomain.COM)dnl
 define(`LOCAL_MAILER_PATH', `/opt/local/bin/procmail')dnl
 define(`LOCAL_MAILER_FLAGS', `Phsfn')dnl
 define(`LOCAL_MAILER_ARGS', `procmail  -Y -a $h -d $u')dnl
 define(`ALIAS_FILE',`/etc/mail/aliases,nis:mail.aliases')dnl
 define(`confSMTP_LOGIN_MSG',`$j mailer ready at $b')dnl
 define(`confMIME_FORMAT_ERRORS',`False')dnl
 MAILER(local)dnl
 MAILER(smtp)dnl
 
 LOCAL_RULESETS
 # Kludgey Melissa virus checking routine.
 HSubject: $>Check_Subject
 D{MPat}Important Message From
 D{MMsg}This message may contain the Melissa virus.
 
 SCheck_Subject
 R${MPat} $*		$#error $: 553 ${MMsg}
 RRe: ${MPat} $*		$#error $: 553 ${MMsg}

OSTYPE(solaris2)dnl defines the type of OS you are using. DOMAIN(YourDomain.COM)dnl defines the name of the local domain. A series of statement are added to one: use procmail as the local delivery agent instead of the default and two: use smrsh (the sendmail restricted shell) to protect the machine sendmail is running on. I also added a statement that tell sendmail is should the read the local /etc/mail/aliases file first and than refer the NIS mail.aliases map (my environment was using NIS). Finally, a LOCAL_RULESET was added to proctect the network against the Melissa Virus who was a popular mail virus at the time this was written. Even though I no longuer need the LOCAL_RULESET, I left the statement in the example in order to demonstrate what could be done with those statements.

Example 3. A relay.mc file used for any mail relay box

divert(0)
include(`../m4/cf.m4')dnl
VERSIONID(`@(#)relay.mc	1.02 (Basit) 97/07/24')dnl
OSTYPE(solaris2.ml)dnl
FEATURE(smrsh,/usr/lib/smrsh)dnl
FEATURE(access_db, dbm -o /etc/mail/access)dnl
FEATURE(rbl)dnl
DOMAIN(YourDomain.COM)dnl
define(`MAIL_HUB',smtp:[1])dnl
define(`LOCAL_RELAY',smtp:[2])dnl
define(`SMART_HOST',smtp:[3])dnl
define(`confSMTP_LOGIN_MSG',`$j mailer ready at $b')dnl
define(`confMIME_FORMAT_ERRORS',`False')dnl
MAILER(local)dnl
MAILER(smtp)dnl

One significant difference here is the use of the MAIL_HUB, LOCAL_RELAY and SMART_HOST statements. These basically indicate that everything sent to the sendmail process should be forwarded to the inside mail server. Since this server could potentially be sitting outside of the firewall protection, no user information will be available on this server. The messages will be sorted once they reach the internal server.

Other sample configurations are available from these locations:

• mailsvr.mc
• mailsvr.cf
• relay.mc

Bibliography

This article has no bibliography at this time.