Difference between revisions of "Configure sendmail masquerading"

From Peter Pap's Technowiki
Jump to: navigation, search
(Created page with " The common issue we can run into is that when Solaris sends email, by default it will use the hostname of the sending server as the senders domain. So an email from the apps u...")
 
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
 
 
The common issue we can run into is that when Solaris sends email, by default it will use the hostname of the sending server as the senders domain.  So an email from the apps user on the host host.myinternalomain.com will have a sender address of apps@host.myinternaldomain.com.  The issue with this is that some mail servers will reject this email as it will not be able to resolve the domain host.myinternaldomain.com.  Sendmail logs may show something like this:
 
The common issue we can run into is that when Solaris sends email, by default it will use the hostname of the sending server as the senders domain.  So an email from the apps user on the host host.myinternalomain.com will have a sender address of apps@host.myinternaldomain.com.  The issue with this is that some mail servers will reject this email as it will not be able to resolve the domain host.myinternaldomain.com.  Sendmail logs may show something like this:
  
Jan 15 05:37:56 smtp43bo-a1-inf sendmail[3349]: r0F5a3FZ003346: to=<kylie@xxx.xxx.xxx>, ctladdr=<apps@host.myinternaldomain.com> (502/502), delay=00:01:53, xdelay=00:01:52, mailer=esmtp, pri=122682, relay=xxx.xxx.xxx.xxx. [xx.xx.xx.xx], dsn=4.1.8, stat=Deferred: 450 4.1.8 <apps@host.myinternaldomain.com>: Sender address rejected: Domain not found
+
Jan 15 05:37:56 mailrelay sendmail[3349]: r0F5a3FZ003346: to=<kylie@xxx.xxx.xxx>, ctladdr=<apps@host.myinternaldomain.com> (502/502), delay=00:01:53, xdelay=00:01:52, mailer=esmtp, pri=122682, relay=xxx.xxx.xxx.xxx. [xx.xx.xx.xx], dsn=4.1.8, stat=Deferred: 450 4.1.8 <apps@host.myinternaldomain.com>: Sender address rejected: Domain not found
  
 
There are two ways to fix this:
 
There are two ways to fix this:
Line 23: Line 21:
  
 
         FEATURE(allmasquerade)dnl
 
         FEATURE(allmasquerade)dnl
 
 
         FEATURE(masquerade_envelope)dnl
 
         FEATURE(masquerade_envelope)dnl
 
 
         FEATURE(`msp', `mailrelay.myinternaldomain.com')dnl
 
         FEATURE(`msp', `mailrelay.myinternaldomain.com')dnl
 
 
         MASQUERADE_AS(mydomain.com)dnl
 
         MASQUERADE_AS(mydomain.com)dnl
 
 
         EXPOSED_USER(`root')dnl
 
         EXPOSED_USER(`root')dnl
  

Latest revision as of 05:07, 28 July 2014

The common issue we can run into is that when Solaris sends email, by default it will use the hostname of the sending server as the senders domain. So an email from the apps user on the host host.myinternalomain.com will have a sender address of apps@host.myinternaldomain.com. The issue with this is that some mail servers will reject this email as it will not be able to resolve the domain host.myinternaldomain.com. Sendmail logs may show something like this:

Jan 15 05:37:56 mailrelay sendmail[3349]: r0F5a3FZ003346: to=<kylie@xxx.xxx.xxx>, ctladdr=<apps@host.myinternaldomain.com> (502/502), delay=00:01:53, xdelay=00:01:52, mailer=esmtp, pri=122682, relay=xxx.xxx.xxx.xxx. [xx.xx.xx.xx], dsn=4.1.8, stat=Deferred: 450 4.1.8 <apps@host.myinternaldomain.com>: Sender address rejected: Domain not found

There are two ways to fix this:

   Create a DNS domain called host.myinternaldomain.com.
   Get the sending server to masquerade as a different domain, eg. mydomain.com, that is resolvable in the real world.

Obviously, option one is difficult and ugly! Options 2 is easy and this is how you do it:

1.Log on to your server and go to the mail config directory

       cd /etc/mail/cf/cf

2. Delete this line from submit.mc:

       FEATURE(`msp', `[127.0.0.1]')dnl

Add these lines to submit.mc at the end of the file:

       FEATURE(allmasquerade)dnl
       FEATURE(masquerade_envelope)dnl
       FEATURE(`msp', `mailrelay.myinternaldomain.com')dnl
       MASQUERADE_AS(mydomain.com)dnl
       EXPOSED_USER(`root')dnl

EXPOSED_USER isn't necessary. I like it so that when my hosts send log messages as root, it will still give me their host domain, i.e. emails for root are still sent as root@host.myinternalomain.com and I can see which host sent them!

3. Compile a new submit.cf file and install it

       /usr/ccs/bin/make submit.cf
       cd /etc/mail
       cp /etc/mail/cf/cf/submit.cf .


4. Restart the sendmail client:

       svcadm restart sendmail-client


Now all email, except for root, will go out as username@mydomain.com, in this example.