[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sendmail

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Sendmail
From: Andrew Shugg <andrew_(_at_)_neep_(_dot_)_com_(_dot_)_au>
Date: Thu, 16 Nov 2000 20:12:19 +0800
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

Craig Barraclough said:
> Are there any sendmail guru's out there that can explain the difference
> between
> a) putting domain in /etc/mail/local-host-names or as Cwdomain_name

This is a flat-file list of hosts/domains that are alternative names for
the server.  This is not for relaying but is suitable for being an MX.
Mail destined to one of these alternative names will hence be accepted.
Enabled by 'FEATURE(use_cw_file)'.

> b) putting domain in /etc/mail/relay-domains

Another flat-file list.  The server will allow relaying to and from
domains listed here.  You don't need to specifically enable it.

> c) putting domain in /etc/mail/access

A map (needs to be built to a .db file with makemap) defining a set of
simple rules governing incoming mail.  Based on hostname or domain, mail
can be accepted, dropped, or rejected, and relaying can be permitted.
Add 'FEATURE(access_db)dnl' to sendmail.mc to enable this, or the line
'Kaccess hash -o /etc/mail/access' to sendmail.cf if for some terrible
reason you're not using the MC file.

I use (c) and am not quite sure why (b) is still around as AFAIK (c)
replaces its functionality completely.  *shrug*  However (b) is a
default thing and (c) has to be enabled.

> What I want to do:
> 1) receive mail for DomainA (this will be the highest priority MX)

System is presumably something like 'mail.A.dom' and you wish to receive
mail addressed to '@A.dom'?  Put 'A.dom' in '/etc/mail/sendmail.cw'.

> 2) act as a seconday mail server for DomainB if the primary mail server is
> down (second highest priority MX)

According to sendmail.org, do not put 'B.dom' in your sendmail.cw - you
instead need to add it to the access list with the 'accept' keyword.

Refer to the FAQ, ref:

  http://www.sendmail.org/faq/section4.html#4.14

Note that if the primary does go down for more than a brief period of
time (say, their machine room was bombed or something), you would want
to simply queue the mail for 'B.dom' rather than attempting to deliver it.
The Bat book has a good section on this (23.7.1), and there is hopefully
something on sendmail.org as well but I do not recall seeing it.

> 3) allow certain IPs internally and externally to send mail via this server
> (regardless of from and to addresses)

Add the IP addresses to '/etc/mail/access' and rebuild like so:

  su makemap hash /etc/mail/access < /etc/mail/access

A sample access file could be:

  B.dom		ACCEPT
  192.168.1.4	RELAY
  10.1.10.1	RELAY
  spam.com	REJECT
  broken.com	DISCARD

The coverage of same on sendmail.org is pretty good (once your head has
cleared, I know what you mean about information overload).  You might
also like to have a poke around on sendmail.net, for news, interviews
and articles relating to Sendmail.

Andrew.

--
Andrew Shugg <andrew_(_at_)_neep_(_dot_)_com_(_dot_)_au>                   http://www.neep.com.au/

"Just remember, Mr Fawlty, there's always someone worse off than yourself."
"Is there?  Well I'd like to meet him.  I could do with a good laugh."

Follow-Ups:
- Re: Sendmail
  - From: Claus Assmann

Prev by Date: Wireless LAN setup
Next by Date: disable ssh/login for individual an account?
Previous by thread: Re: Wireless LAN setup
Next by thread: Re: Sendmail
Index(es):
- Date
- Thread

Visit your host, monkey.org