Re: aaaargghh.. sendmail again
On Tuesday 05 July 2005 19:46, Julian Elischer wrote: > N machines on a "ficticious net "fred.com" (not the real name). > > neet to get email out to the real world. via connected server > mailgate.real.domain. (ficticious name) > > They pass it forward to a server on their net "server.ficticious.net" > which uses the "Smarthost" option in Sendmail to > forward them on to mailgate.real.domain, > however mailgaet will not accept the mail unless the "sender" > resolves to something real. I have no control over that machine. > > I am trying to alter the sendmail config on server.ficticious.net > so that it rewrites the sender (both envelope and header) > to be from [EMAIL PROTECTED] > > the sendmail m4 config file now has: > > divert(0) > VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.10.2.17 2002/11/14 > 03:21:18 keramida Exp $') > OSTYPE(freebsd4) > DOMAIN(generic) > > FEATURE(access_db, `hash -o -T /etc/mail/access') > FEATURE(blacklist_recipients) > FEATURE(local_lmtp) > FEATURE(mailertable, `hash -o /etc/mail/mailertable') > FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') > FEATURE(genericstable, `hash -o /etc/mail/senders.db') > > FEATURE(masquerade_entire_domain) > FEATURE(local_no_masquerade) > FEATURE(masquerade_envelope) > > define(`SMART_HOST', `mailgate.vicor-nb.com') > > MASQUERADE_AS(`registered.domain') > MASQUERADE_DOMAIN(`ficticious.net') > MASQUERADE_DOMAIN(`server.ficticious.net') > > where /etc/mail/senders.db > contains: the 'has' version of: > > root[EMAIL PROTECTED] > [EMAIL PROTECTED] [EMAIL PROTECTED] > > > > > So, by 2 different methods I'm trying to get the mail to say its coming > from registered.domain but it isn't doing it, leaving it as comig from > server.ficticious.net > > > is there a trick to this? > > ___ Why not run BIND on mailgate and set /etc/resolv.conf to use nameserver localhost, and named.conf to use any required forwarders? This way you can monkey with the local DNS config and not have to do anything special with sendmail. Or ... maybe the problem is really over my head, and I just can't accept the fact :) lane ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
Giorgos Keramidas wrote: On 2005-07-05 19:31, Gregory Neil Shapiro <[EMAIL PROTECTED]> wrote: Very true. Is that correct though, or should we remove it from the generic.m4 file of FreeBSD? No, I don't want to diverge from Sendmail's source any more than we already have for a variety of reasons. this turned out to be the problem. That's ok :-) Just to summarize then, the solution to Julian's problem then is either one of: a) Manually edit the generated sendmail.cf and remove the C{E}root line. b) Avoid using DOMAIN(generic) and manually copy over whatever seems interesting from generic.m4 into his local sendmail.mc file and then regenerate sendmail.cf from that .mc file. I'd probably go for choise (b), because it doesn't require remembering local "hacks" like "open that file in your editor, remove that line, add this one, etc." generic.m4 is really small so I just included all of it except the offending line.. thanks.. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
I'll be trying the various suggestions I got tomorrow thanks all. On Wed, 6 Jul 2005, Giorgos Keramidas wrote: On 2005-07-05 19:31, Gregory Neil Shapiro <[EMAIL PROTECTED]> wrote: Very true. Is that correct though, or should we remove it from the generic.m4 file of FreeBSD? No, I don't want to diverge from Sendmail's source any more than we already have for a variety of reasons. That's ok :-) Just to summarize then, the solution to Julian's problem then is either one of: a) Manually edit the generated sendmail.cf and remove the C{E}root line. b) Avoid using DOMAIN(generic) and manually copy over whatever seems interesting from generic.m4 into his local sendmail.mc file and then regenerate sendmail.cf from that .mc file. I'd probably go for choise (b), because it doesn't require remembering local "hacks" like "open that file in your editor, remove that line, add this one, etc." ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
On Tue, 5 Jul 2005, Gregory Neil Shapiro wrote: I am trying to alter the sendmail config on server.ficticious.net so that it rewrites the sender (both envelope and header) to be from [EMAIL PROTECTED] the sendmail m4 config file now has: Your config plus the addition of FEATURE(allmasquerade) in case some of the local addresses are Cc'ed on mail going out of your domain should do the job. the documentatio suggests that allmasquerade willalso cause some of the recipients to be rewritten. I'm not sure if I want that. However I'll try it and see if it helps. However, since you are sending this question, it looks like that isn't the case. What is the output of: # sendmail -Am -bt /tryflags es /try relay [EMAIL PROTECTED] (where that address is replaced with the actual one that isn't working) Feel free to send the debug output from the above command to me directly if you are worried about revealing confidential info to the mailing list at large. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
On 2005-07-05 19:31, Gregory Neil Shapiro <[EMAIL PROTECTED]> wrote: > > Very true. Is that correct though, or should we remove it from the > > generic.m4 file of FreeBSD? > > No, I don't want to diverge from Sendmail's source any more than we > already have for a variety of reasons. That's ok :-) Just to summarize then, the solution to Julian's problem then is either one of: a) Manually edit the generated sendmail.cf and remove the C{E}root line. b) Avoid using DOMAIN(generic) and manually copy over whatever seems interesting from generic.m4 into his local sendmail.mc file and then regenerate sendmail.cf from that .mc file. I'd probably go for choise (b), because it doesn't require remembering local "hacks" like "open that file in your editor, remove that line, add this one, etc." ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
> Very true. Is that correct though, or should we remove it from the > generic.m4 file of FreeBSD? No, I don't want to diverge from Sendmail's source any more than we already have for a variety of reasons. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
On 2005-07-05 19:10, Gregory Neil Shapiro <[EMAIL PROTECTED]> wrote: > > That's funny. I can see root in the E class even in the standard freebsd.cf > > generated from the freebsd.mc file we have in src/etc/sendmail: > > Aha, DOMAIN(generic) has the EXPOSED_USER() call. That is what is > adding it in. Very true. Is that correct though, or should we remove it from the generic.m4 file of FreeBSD? It would be nice to have all the existing options of DOMAIN(generic), like confFORWARD_PATH or confMAX_HEADERS_LENGTH, without having to duplicate them in freebsd.mc (or the local equivalent) but without also exposing automatically usernames like 'root'. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
> That's funny. I can see root in the E class even in the standard freebsd.cf > generated from the freebsd.mc file we have in src/etc/sendmail: Aha, DOMAIN(generic) has the EXPOSED_USER() call. That is what is adding it in. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
On 2005-07-05 19:00, Gregory Neil Shapiro <[EMAIL PROTECTED]> wrote: > > Have you also tried sending email from a non-root account? The root > > user is "exposed" by default in Sendmail. This means that the root user > > will *NOT* be masqueraded or remapped through genericstable. You can > > see that the root user is exposed by looking at the {E} class: > > > > gothmog:/etc/mail# grep '{E}' sendmail.cf > > C{E}root > > That hasn't be the case since 8.10.0, released more than five years ago. > Giorgos, you should update your configuration. > > 8.10.0/8.10.0 2000/03/01 > CONFIG: Removed root from class E; use EXPOSED_USER(`root') > to get the old behavior. Suggested by Joe Pruett > of Q7 Enterprises. That's funny. I can see root in the E class even in the standard freebsd.cf generated from the freebsd.mc file we have in src/etc/sendmail: % gothmog:/etc/mail# cp /usr/src/etc/sendmail/freebsd.mc . % gothmog:/etc/mail# cp /usr/src/etc/sendmail/freebsd.submit.mc . % gothmog:/etc/mail# make freebsd.cf % /usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ /usr/share/sendmail/cf/m4/cf.m4 freebsd.mc > freebsd.cf % gothmog:/etc/mail# grep '{E}' freebsd.cf % C{E}root I must be doing something wrong. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
> Have you also tried sending email from a non-root account? The root > user is "exposed" by default in Sendmail. This means that the root user > will *NOT* be masqueraded or remapped through genericstable. You can > see that the root user is exposed by looking at the {E} class: > > gothmog:/etc/mail# grep '{E}' sendmail.cf > C{E}root That hasn't be the case since 8.10.0, released more than five years ago. Giorgos, you should update your configuration. 8.10.0/8.10.0 2000/03/01 CONFIG: Removed root from class E; use EXPOSED_USER(`root') to get the old behavior. Suggested by Joe Pruett of Q7 Enterprises. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
On 2005-07-05 17:46, Julian Elischer <[EMAIL PROTECTED]> wrote: > > N machines on a "ficticious net "fred.com" (not the real name). > > neet to get email out to the real world. via connected server > mailgate.real.domain. (ficticious name) > > They pass it forward to a server on their net "server.ficticious.net" > which uses the "Smarthost" option in Sendmail to > forward them on to mailgate.real.domain, > however mailgaet will not accept the mail unless the "sender" > resolves to something real. I have no control over that machine. > > I am trying to alter the sendmail config on server.ficticious.net > so that it rewrites the sender (both envelope and header) > to be from [EMAIL PROTECTED] > > the sendmail m4 config file now has: > divert(0) > VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.10.2.17 2002/11/14 > 03:21:18 keramida Exp $') > OSTYPE(freebsd4) > DOMAIN(generic) > > FEATURE(access_db, `hash -o -T /etc/mail/access') > FEATURE(blacklist_recipients) > FEATURE(local_lmtp) > FEATURE(mailertable, `hash -o /etc/mail/mailertable') > FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') > FEATURE(genericstable, `hash -o /etc/mail/senders.db') > > FEATURE(masquerade_entire_domain) > FEATURE(local_no_masquerade) > FEATURE(masquerade_envelope) > > define(`SMART_HOST', `mailgate.vicor-nb.com') > > MASQUERADE_AS(`registered.domain') > MASQUERADE_DOMAIN(`ficticious.net') > MASQUERADE_DOMAIN(`server.ficticious.net') > where /etc/mail/senders.db > contains: the 'has' version of: > > root[EMAIL PROTECTED] > [EMAIL PROTECTED] [EMAIL PROTECTED] > So, by 2 different methods I'm trying to get the mail to say its > coming from registered.domain but it isn't doing it, leaving it as > comig from server.ficticious.net Hi Julian, Have you also tried sending email from a non-root account? The root user is "exposed" by default in Sendmail. This means that the root user will *NOT* be masqueraded or remapped through genericstable. You can see that the root user is exposed by looking at the {E} class: gothmog:/etc/mail# grep '{E}' sendmail.cf C{E}root Try sending email from a different local user or remove the root user from the {E} class (by manually editing sendmail.cf and restarting Sendmail). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
> I am trying to alter the sendmail config on server.ficticious.net > so that it rewrites the sender (both envelope and header) > to be from [EMAIL PROTECTED] > > the sendmail m4 config file now has: Your config plus the addition of FEATURE(allmasquerade) in case some of the local addresses are Cc'ed on mail going out of your domain should do the job. However, since you are sending this question, it looks like that isn't the case. What is the output of: # sendmail -Am -bt > /tryflags es > /try relay [EMAIL PROTECTED] (where that address is replaced with the actual one that isn't working) Feel free to send the debug output from the above command to me directly if you are worried about revealing confidential info to the mailing list at large. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
Bernt Hansson wrote: Julian Elischer skrev: N machines on a "ficticious net "fred.com" (not the real name). neet to get email out to the real world. via connected server mailgate.real.domain. (ficticious name) They pass it forward to a server on their net "server.ficticious.net" which uses the "Smarthost" option in Sendmail to forward them on to mailgate.real.domain, however mailgaet will not accept the mail unless the "sender" resolves to something real. I have no control over that machine. You have to tell the admin of your smarthost to take your mail. "I have no control over that machine" direct or indirect. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: aaaargghh.. sendmail again
Julian Elischer skrev: N machines on a "ficticious net "fred.com" (not the real name). neet to get email out to the real world. via connected server mailgate.real.domain. (ficticious name) They pass it forward to a server on their net "server.ficticious.net" which uses the "Smarthost" option in Sendmail to forward them on to mailgate.real.domain, however mailgaet will not accept the mail unless the "sender" resolves to something real. I have no control over that machine. You have to tell the admin of your smarthost to take your mail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"