[TriLUG] sendmail jujitsu with virtual hosts

Aaron S. Joyner aaron at joyner.ws
Fri Sep 22 09:25:38 EDT 2006


Scott Lundgren wrote:

> hi all,
>
> I'm having to touch sendmail configuration files for the first time  
> in a long while, and while I'm at it I want to know if something is  
> possible.
>
> The server a.domain.tld has apache 2.2 and sendmail (no idea what  
> version) on solaris 9.
> The server hosts virtually the websites of other subdomains of  
> domain.tld (b.domain.tld, www.c.domain.tld, and www.d.domain.tld).
> The subdomains are properly set up in DNS to be aliased to a.domain.tld.
> The server does not  receive mail
> The server does send email out via apache for the websites hosted a  
> b.domain.tld and www.c.domain.tld.
> Currently when sending out a message on behalf of the hosts named  
> above it comes from apache at a.domain.tld
>
> What I would like to do is when apache sends out email it is sent  
> from donotreply at b.domian.tld and donotreply at www.c.domain.tld  
> respectively. From rereading docs it seems by setting Cw in  
> sendmail.cf to a.domain.tld and creating a virtusers table mapping  
> the local user apache to donotreplay at each host this should be  
> possible.
>
> Is this not possible?
> Is my approach correct or is there a simpler/better way to achieve  
> this ?
> What I'm lost as is how will sendmail know which virtuser to send the  
> message out as ?
>
> thanks,
> SL
>
> ps: no I can not install a different mail server or OS no matter how  
> much either/both pain me. 

So I don't have time this morning to chase down the ins and outs of how, 
but this is definitely possible.  It's going to require a little more 
than what you've listed above, though.  You can create a mapping for 
what domain to masquerade as, and assign mail based on source domain to 
that mapping accordingly.  I believe the better sendmail lingo for 
mapping there is "class", but I'm hesitant to say class because I'm not 
100% certain you need to setup your own class manually to do this.  I've 
done some similar things at work recently, so I'll have a look when I 
get into the office to refresh my memory and if no one else has beat me 
to it I'll post an update with better details.  You might also try 
googling around for "hide source address" or "masquerade source 
address".  Another simple option would be put Apache in the list of 
trusted senders (which allows apache to send mail as any user) and 
modify the application to send mail as donotreply@, or if you can't 
modify the app make /usr/sbin/sendmail a symlink to a simple shell 
script that does.  Alternately, you could get even more amusing, and run 
apache as the user "donotreply".  :)  This is as easy as changing the 
username in /etc/passwd and maybe an init script or two.  :)

Aaron S. Joyner



More information about the TriLUG mailing list