Sendmail and masq

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Tue Apr 27 16:55:57 UTC 2004


Am Di, den 27.04.2004 schrieb David Benigni um 16:59:

> Sorry for the confusion.  Here is the configuration that I have:

It's ok, communication is not always that straight, with question ->
best fitting answere.

> Accessible to the internet is a Fedora Cora 1 machine running sendmail for 
> a particular domain.  So, it has a MX record for that domain.
> 
> Inside our firewall I have a Red Hat 7.3 machine that runs sendmail locally
> that has access out of the firewall on port 25.

Does that now mean the RH 7.3 Sendmail host is protected by the firewall
settings, so that from outside your net connections on port 25 will go
direct to the Fedora host running Sendmail? Or does the RH 7.3 Sendmail
can directly talk to other MTAs outside your net? I suspect former, but
am not sure.

> The 7.3 box just Whenever the 7.3 box sends mail out as root, its return address
> is root at localhost.localdomain.  The 7.3 is not in the same domain as the Fedora
> machine.  The mail leaves the 7.3 box and gets to the Fedora machine.  At the
> point where it hits the Fedora machine the return address is rewritten as the domain
> of the Fedora machine.

Do not test mailing using user root! First, it is a bad habit to use
root for something else than administration. Do not use it for testing
purposes or things for which you easily and better can use a normal user
account. Second, root is an exposed user, see your sendmail.mc for that
entry and the Sendmail documentation for comments:
http://people.freenet.de/slgig/cfreadme_en/masquerading_relaying.html.
So as root's mail is not masqueraded coming from the RH 7.3 host. I
suspect that all other user address are masqueraded with the other
domain.

What I do not understand because lack of information is: why do the mail
from Sendmail on RH 7.3 does get to the Sendmail on FC1? I suspect
because either it is addressed to a user address on the FC1 machine or
because on RH 7.3 you defined the FC1 Sendmail to be the SMART_HOST
(either in sendmail.mc or in mailertable). So the question is then to
where the email is addressed, whether for a recpient on the FC1 host or
to outside.

> In the sendmail.mc file here are the changes I have made:

The sendmail.mc on FC1? not of the RH 7.3 host?

> define(`confSMTP_LOGIN_MSG',`$j Sendmail; $b')dnl
> define(`confSMTP_LOGIN_MSG',`$j Sendmail; $b')dnl
> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confCACERT_PATH',`/usr/share/ssl/certs')
> define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
> define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
> DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl

Suspecting the sendmail.mc being for the Fedora Sendmail host, you did
not set up any other things like genericstable? I suspect you leaved the

LOCAL_DOMAIN(`localhost.localdomain')dnl

untouched in sendmail.mc. It would explain some guesses.

> Hopefully I explained this a bit better.
> 
> THanks!
> 
> Dave

Your original reason for mailing, was that a problem or just wondering?
If you have a Sendmail setup difficulty I fear you have to be more
precise again about what you want and what's not working as expected.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2188.nptl
Sirendipity 18:32:26 up 17:21, 11 users, 0.43, 0.32, 0.30 
                   [ Γνωθι σ'αυτον - gnothi seauton ]
             my life is a planetarium - and you are the stars
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040427/ccfe5c0e/attachment-0001.sig>


More information about the fedora-list mailing list