[TriLUG] Sendmail Config Question

Jon Carnes jonc at nc.rr.com
Wed Apr 23 20:14:52 EDT 2003 

You might want to just treat everything as though it were a virtual
domain.  For that to work, you would have to have a secondary name for
sending the foo at haht.com mail into the inside of HAHT.

Something like foo at haht.com ==> foo at exchange.haht.com
               foo.bar at haht.com ==> foo at exchange.haht.com

Then have the MX for the domain exchange.haht.com point to the interior
appliance that is doing your spam filtering.

The main disadvantage is that you need to define all the users here (and
their various aliases) - of course you have to do that *somewhere*
anyway.


On Wed, 2003-04-23 at 18:18, Jaimie Livingston wrote:
> HELO,

cute ;-)

> 
> I need some Sendmail config help, and I am not finding the available
> docs all that useful, most likely due to inexperience on my part.
> 
> I want to change the configuration of a sendmail server that is the
> primary MX for haht.com and also provides some virtual hosting for a
> few other domains. Currently, the server relays mail using the "smart"
> relay host option in sendmail.cf thru a firewall into another SMTP
> server. I would like to change the configuration to do the following:
> 
> 1) relay SMTP traffic for approved domains in relay-domains
>    (relay-domains currently includes haht.com, as well as the other
> approved domains)

This is a no-brainer.  Put these domains in your /etc/mail/access file
with keyword RELAY.

Don't put *any* of them in /etc/mail/local-host-names (unless you want
to process them via the virtusertable).

If you want to by-pass DNS lookups (and using SmartRelay) you can add
routes in the /etc/mail/mailertable.

> 2) resolve aliases for a subset of @haht.com addresses 
>    (i.e. jaimiel at haht.com to jlivingston at haht.com)

Why do you care about this (on this server)?  This server is only acting
as a relay to move mail into your other server.  Shouldn't this be done
at the other (exchange) server?

The internal server should be able to handle all your aliasing.

If not, then your best bet is to treat it like a virtual host (as
pointed out above).  Virtual hosts don't need real accounts on the box.

BTW: you can put real accounts on the box and simply use the
/bin/nologin shell (yah, you know that...)

> 3) relay/forward @haht.com messages to another SMTP server
>    (for anti-virus and anti-spam filtering)

You can use the virtual hosting trick, or setup a route in the
mailertable, or use the smartrelay trick.

> 
> The version of Sendmail being used is 8.12.9.
> 
> The current configuration does #1 and #3, but does not do #2. 
> 
> I have experimented a little bit with the aliases file, the
> virtualuser file, and the Smart relay option in sendmail.cf, but I
> have not been successful getting all three requirements working. 
> 
> #1 seems easy enough.
> #2 only works if I don't relay using the "Smart" relay host option in
> sendmail.cf. Unfortunately, messages to @haht.com addresses not found
> in the aliases file bounce.
> 
> #3 works if I relay using the "Smart" relay host option in
> sendmail.cf, but Sendmail won't resolve aliases for @haht.com
> addresses using either the aliases file or the virtualusertable.
> 
> I don't want to create user shell accounts on this server.
> 
> Can this be done?
> 
> Thanks in advance.
> 
> Jaimie
> 
> P.S. - While I generally appreciate alternatives (postfix,
> spamassassin, procmail, or <your_choice_here>), my options in this
> instance are constrained by outside factors. I have to use Sendmail, I
> have to use the av/as product that is in place, and I don't have the
> option to rebuild the system. I would appreciate it if evangelising
> could be kept to a minimum.

Take care and good Luck - Jon

More information about the TriLUG mailing list