Sendmail and masq
David Benigni
dbenigni at lutron.com
Wed Apr 28 16:59:11 UTC 2004
>> Accessible to the internet is a Fedora Cora 1 machine running
sendmail for
>> a particular domain. So, it has a MX record for that domain.
>>
>> Inside our firewall I have a Red Hat 7.3 machine that runs sendmail
locally
>> that has access out of the firewall on port 25.
>Does that now mean the RH 7.3 Sendmail host is protected by the
firewall
>settings, so that from outside your net connections on port 25 will
go
>direct to the Fedora host running Sendmail? Or does the RH 7.3
Sendmail
>can directly talk to other MTAs outside your net? I suspect former,
but
>am not sure.
The former is true. Realistically, the 7.3 host never gets incoming
mail, just outgoing. And it speaks directly to the MTA on each host.
>> The 7.3 box just Whenever the 7.3 box sends mail out as root, its
return address
>> is root at localhost.localdomain. The 7.3 is not in the same domain as
the Fedora
>> machine. The mail leaves the 7.3 box and gets to the Fedora
machine. At the
>> point where it hits the Fedora machine the return address is
rewritten as the domain
>> of the Fedora machine.
> Do not test mailing using user root! First, it is a bad habit to use
> root for something else than administration. Do not use it for
testing
> purposes or things for which you easily and better can use a normal
user
> account. Second, root is an exposed user, see your sendmail.mc for
that
> entry and the Sendmail documentation for comments:
>
http://people.freenet.de/slgig/cfreadme_en/masquerading_relaying.html.
> So as root's mail is not masqueraded coming from the RH 7.3 host. I
> suspect that all other user address are masqueraded with the other
> domain.
I don't use root except for admin tasks. LogWatch comes from root
however. Thats how I noticed the issue.
> What I do not understand because lack of information is: why do the
mail
> from Sendmail on RH 7.3 does get to the Sendmail on FC1? I suspect
> because either it is addressed to a user address on the FC1 machine
or
> because on RH 7.3 you defined the FC1 Sendmail to be the SMART_HOST
> (either in sendmail.mc or in mailertable). So the question is then
to
> where the email is addressed, whether for a recpient on the FC1 host
or
> to outside.
Mail gets to the FC1 via emailing the local using, not by SMART_HOST.
So, it is address to a user on the FC1 host, not outside.
> Suspecting the sendmail.mc being for the Fedora Sendmail host, you
did
> not set up any other things like genericstable? I suspect you leaved
the
> LOCAL_DOMAIN(`localhost.localdomain')dnl
>untouched in sendmail.mc. It would explain some guesses.
Yes this is true. The exposed_user and local_domain have not be
touched on the FC1 machine. The sendmail.mc included was from the FC1
machine.
> Your original reason for mailing, was that a problem or just
wondering?
> If you have a Sendmail setup difficulty I fear you have to be more
> precise again about what you want and what's not working as
expected.
> Alexander
The original reason what I thought this was a problem, but it makes
sense now. All the masq'ing is from the root account. Thanks for the
help.
Dave
More information about the fedora-list
mailing list