[TriLUG] sendmail jujitsu with virtual hosts
Aaron S. Joyner
aaron at joyner.ws
Fri Sep 22 09:25:38 EDT 2006
Scott Lundgren wrote:
> hi all,
>
> I'm having to touch sendmail configuration files for the first time
> in a long while, and while I'm at it I want to know if something is
> possible.
>
> The server a.domain.tld has apache 2.2 and sendmail (no idea what
> version) on solaris 9.
> The server hosts virtually the websites of other subdomains of
> domain.tld (b.domain.tld, www.c.domain.tld, and www.d.domain.tld).
> The subdomains are properly set up in DNS to be aliased to a.domain.tld.
> The server does not receive mail
> The server does send email out via apache for the websites hosted a
> b.domain.tld and www.c.domain.tld.
> Currently when sending out a message on behalf of the hosts named
> above it comes from apache at a.domain.tld
>
> What I would like to do is when apache sends out email it is sent
> from donotreply at b.domian.tld and donotreply at www.c.domain.tld
> respectively. From rereading docs it seems by setting Cw in
> sendmail.cf to a.domain.tld and creating a virtusers table mapping
> the local user apache to donotreplay at each host this should be
> possible.
>
> Is this not possible?
> Is my approach correct or is there a simpler/better way to achieve
> this ?
> What I'm lost as is how will sendmail know which virtuser to send the
> message out as ?
>
> thanks,
> SL
>
> ps: no I can not install a different mail server or OS no matter how
> much either/both pain me.
So I don't have time this morning to chase down the ins and outs of how,
but this is definitely possible. It's going to require a little more
than what you've listed above, though. You can create a mapping for
what domain to masquerade as, and assign mail based on source domain to
that mapping accordingly. I believe the better sendmail lingo for
mapping there is "class", but I'm hesitant to say class because I'm not
100% certain you need to setup your own class manually to do this. I've
done some similar things at work recently, so I'll have a look when I
get into the office to refresh my memory and if no one else has beat me
to it I'll post an update with better details. You might also try
googling around for "hide source address" or "masquerade source
address". Another simple option would be put Apache in the list of
trusted senders (which allows apache to send mail as any user) and
modify the application to send mail as donotreply@, or if you can't
modify the app make /usr/sbin/sendmail a symlink to a simple shell
script that does. Alternately, you could get even more amusing, and run
apache as the user "donotreply". :) This is as easy as changing the
username in /etc/passwd and maybe an init script or two. :)
Aaron S. Joyner
More information about the TriLUG
mailing list