Re: Sendmail Masqurading and root mails
On Mon, 03 Aug 2009 11:22:37 +1000, Danny Carroll f...@dannysplace.net wrote: I've added the following to the default sendmail mc file: MASQUERADE_AS(`mypublicdomain.com')dnl FEATURE(masquerade_envelope)dnl MASQUERADE_DOMAIN(beasie.lan)dnl Recompiled the cf files and restarted sendmail. Here is the kicker. If I log in as a normal user it masquerades just fine. If I simply su - to root, the masquerading works fine and the mail is sent as the original logged in user. But if I log in as root via the console then it does not alter the messages. The `root' user is excluded from masquerading since 8.10. The `generic.m4' domain configuration file includes: keram...@kobe:/usr/share/sendmail/cf/domain$ fgrep EXPOSE generic.m4 EXPOSED_USER(`root') keram...@kobe:/usr/share/sendmail/cf/domain$ You can copy this file and remove the EXPOSED_USER line. Or you can edit `generic.m4' directly. If you go the copy route, make sure to check for updates in `generic.m4' whenever you installworld, and merge the changes to your domain specific configuration file. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sendmail Masqurading and root mails
On Mon, 03 Aug 2009 15:11:28 +1000, Danny Carroll f...@dannysplace.net wrote: Jeffrey Goldberg wrote: I found the answer to your problem here: http://www.grok.org.uk/docs/smroot.html The file that is being included which has the EXPOSED_USER(`root') line lives at /usr/share/sendmail/cf/domain/generic.m4 It seems your google-fu is much better than mine. Thanks so much for your help. There are a *lot* of details like this in your system. It just takes a bit of experience to look for the ``right option name'' and a bit of time to read through the file: /usr/share/sendmail/cf/README The part that hints at the default expose option for the `root' user reads: : Normally only header addresses are masqueraded. If you want to : masquerade the envelope as well, use : : FEATURE(`masquerade_envelope') : : There are always users that need to be exposed -- that is, their : internal site name should be displayed instead of the masquerade name. : Root is an example (which has been exposed by default prior to 8.10). : You can add users to this list using : : EXPOSED_USER(`usernames') There's a great amount of information in that README file. I often find by re-reading it that there are still details I was missing so far :-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sendmail Masqurading and root mails
On Aug 2, 2009, at 8:22 PM, Danny Carroll wrote: MASQUERADE_AS(`mypublicdomain.com')dnl FEATURE(masquerade_envelope)dnl MASQUERADE_DOMAIN(beasie.lan)dnl Recompiled the cf files and restarted sendmail. Here is the kicker. If I log in as a normal user it masquerades just fine. If I simply su - to root, the masquerading works fine and the mail is sent as the original logged in user. But if I log in as root via the console then it does not alter the messages. I found the answer to your problem here: http://www.grok.org.uk/docs/smroot.html The file that is being included which has the EXPOSED_USER(`root') line lives at /usr/share/sendmail/cf/domain/generic.m4 Just make a copy of that file, call it beasie.m4, remove the EXPOSE_USER directive from your copy and then change DOMAIN(generic) to DOMAIN(beasie) in your mail .mc file. Cheers, -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sendmail Masqurading and root mails
On Aug 2, 2009, at 8:22 PM, Danny Carroll wrote:
I've added the following to the default sendmail mc file:
MASQUERADE_AS(`mypublicdomain.com')dnl
FEATURE(masquerade_envelope)dnl
MASQUERADE_DOMAIN(beasie.lan)dnl
Recompiled the cf files and restarted sendmail.
Here is the kicker. If I log in as a normal user it masquerades just
fine.
If I simply su - to root, the masquerading works fine and the
mail is
sent as the original logged in user.
But if I log in as root via the console then it does not alter the
messages.
By default sendmail does not MASQUERADE root (figuring that you get
root mail from several of your machines and want to see which machine
it is from). In the old days there was a feature
NO_MASQUERADE_ROOT, but looking through cf/README I see that that is
one of the many things that have changed since I last seriously worked
with sendmail.
Now sendmail has a class of exposed users. These are usernames for
which masquerading shouldn't take place. By default, root is in there.
There is an .mc file directive
EXPOSED(`username')
which, according to the documentation, adds usernames to the list that
shouldn't be masqueraded. Unfortunately, I don't see a mechanism for
removing members from the E (Exposed) class.
You could try
EXPOSED()
or
EXPOSED(`')
to see if either will remove things in the E class.
The offending line in the generated .cf file is
C{E}root
if you still end up with that, then root will not get masqueraded.
So if the above doesn't work, there probably is a clean way of
clearing a class from the .mc file, but I don't know what it is.
Hopefully others will be able to answer.
In the worst case, you could manually edit the generated .cf file, to
remove the
C{E}root
line, but that is not really a road I would recommend going down.
At the risk of suggesting something that you probably know you should
do in the long run, but would take a lot of tedious work to set up,
you should probably move away from having your private network be .lan.
Instead use .private.mypublicdomain.com and set up a local (on your
private network) nameserver for that private subdomain.
Sorry I couldn't be of more help.
Cheers,
-j
--
Jeffrey Goldberghttp://www.goldmark.org/jeff/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sendmail Masqurading and root mails
Jeffrey Goldberg wrote: I found the answer to your problem here: http://www.grok.org.uk/docs/smroot.html The file that is being included which has the EXPOSED_USER(`root') line lives at /usr/share/sendmail/cf/domain/generic.m4 Just make a copy of that file, call it beasie.m4, remove the EXPOSE_USER directive from your copy and then change DOMAIN(generic) to DOMAIN(beasie) in your mail .mc file. Cheers, It seems your google-fu is much better than mine. Thanks so much for your help. -D ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
