sendmail Cookbook

Larger Cover

sendmail Cookbook

By Craig Hunt

Publisher: O'Reilly Media

Released: December 2003

Pages: 408

More often than not, the words "sendmail configuration" strike dread in the hearts of sendmail and system administrators--and not without reason. sendmail configuration languages are as complex as any other programming languages, but used much more infrequently--only when sendmail is installed or configured. The average system administrator doesn't get enough practice to truly master this inscrutable technology.

Fortunately, there's help. The sendmail Cookbook provides step-by-step solutions for the administrator who needs to solve configuration problems fast. Say you need to configure sendmail to relay mail for your clients without creating an open relay that will be abused by spammers. A recipe in the Cookbook shows you how to do just that. No more wading through pages of dense documentation and tutorials and creating your own custom solution--just go directly to the recipe that addresses your specific problem.

Each recipe in the sendmail Cookbook outlines a configuration problem, presents the configuration code that solves that problem, and then explains the code in detail. The discussion of the code is critical because it provides the insight you need to tweak the code for your own circumstances.

The sendmail Cookbook begins with an overview of the configuration languages, offering a quick how-to for downloading and compiling the sendmail distribution. Next, you'll find a baseline configuration recipe upon which many of the subsequent configurations, or recipes, in the book are based. Recipes in the following chapters stand on their own and offer solutions for properly configuring important sendmail functions such as:

Delivering and forwarding mail
Relaying
Masquerading
Routing mail
Controlling spam
Strong authentication
Securing the mail transport
Managing the queue
Securing sendmail

sendmail Cookbook is more than just a new approach to discussing sendmail configuration. The book also provides lots of new material that doesn't get much coverage elsewhere--STARTTLS and AUTH are given entire chapters, and LDAP is covered in recipes throughout the book. But most of all, this book is about saving time--something that most system administrators have in short supply. Pick up the sendmail Cookbook and say good-bye to sendmail dread.

Chapter 1 Getting Started
1. Introduction
2. Downloading the Latest Release
3. Installing sendmail
4. Compiling sendmail to Use LDAP
5. Adding the regex Map Type to sendmail
6. Compiling sendmail with SASL Support
7. Compiling sendmail with STARTTLS Support
8. Compiling in STARTTLS File Paths
9. Building a sendmail Configuration
10. Testing a New Configuration
11. Logging sendmail
Chapter 2 Delivery and Forwarding
1. Introduction
2. Accepting Mail for Other Hosts
3. Fixing the Alias0 Missing Map Error and Creating Simple Aliases
4. Reading Aliases via LDAP
5. Configuring Red Hat 7.3 to Read Aliases from a NIS Server
6. Configuring Solaris 8 to Read Aliases from a NIS Server
7. Forwarding to an External Address
8. Creating Mailing Lists
9. Migrating Ex-Users to New Addresses
10. Delivering Mail to a Program
11. Using Program Names in Mailing Lists
12. Allowing Nonlogin Users to Forward to Programs
13. Fixing a .forward Loop
14. Enabling the User Database
Chapter 3 Relaying
1. Introduction
2. Passing All Mail to a Relay
3. Passing Outbound Mail to a Relay
4. Passing Local Mail to a Mail Hub
5. Passing Apparently Local Mail to a Relay
6. Passing UUCP Mail to a Relay
7. Relaying Mail for All Hosts in a Domain
8. Relaying Mail for Individual Hosts
9. Configuring Relaying on a Mail Exchanger
10. Loading Class $=R via LDAP
11. Relaying Only Outbound Mail
Chapter 4 Masquerading
1. Introduction
2. Adding Domains to All Sender Addresses
3. Masquerading the Sender Hostname
4. Eliminating Masquerading for the Local Mailer
5. Forcing Masquerading of Local Mail
6. Masquerading Recipient Addresses
7. Masquerading at the Relay Host
8. Limiting Masquerading
9. Masquerading All Hosts in a Domain
10. Masquerading Most of the Hosts in a Domain
11. Masquerading the Envelope Address
12. Rewriting the From Address with the genericstable
13. Rewriting Sender Addresses for an Entire Domain
14. Masquerading with LDAP
15. Reading the genericstable via LDAP
Chapter 5 Routing Mail
1. Introduction
2. Routing Mail to Special Purpose Mailers
3. Sending Error Messages from the mailertable
4. Disabling MX Processing to Avoid Loops
5. Routing Mail for Local Delivery
6. Reading the mailertable via LDAP
7. Routing Mail for Individual Virtual Hosts
8. Routing Mail for Entire Virtual Domains
9. Reading the virtusertable via LDAP
10. Routing Mail with LDAP
11. Using LDAP Routing with Masquerading
Chapter 6 Controlling Spam
1. Introduction
2. Blocking Spam with the access Database
3. Preventing Local Users from Replying to Spammers
4. Reading the access Database via LDAP
5. Using a DNS Blackhole List Service
6. Building Your Own DNS Blackhole List
7. Whitelisting Blacklisted Sites
8. Filtering Local Mail with procmail
9. Filtering Outbound Mail with procmail
10. Invoking Special Header Processing
11. Using Regular Expressions in sendmail
12. Identifying Local Problem Users
13. Using MILTER
14. Bypassing Spam Checks
15. Enabling Spam Checks on a Per-User Basis
Chapter 7 Authenticating with AUTH
1. Introduction
2. Offering AUTH Authentication
3. Authenticating with AUTH
4. Storing AUTH Credentials in the authinfo File
5. Limiting Advertised Authentication Mechanisms
6. Using AUTH to Permit Relaying
7. Controlling the AUTH= Parameter
8. Avoiding Double Encryption
9. Requiring Authentication
10. Selectively Requiring Authentication
Chapter 8 Securing the Mail Transport
1. Introduction
2. Building a Private Certificate Authority
3. Creating a Certificate Request
4. Signing a Certificate Request
5. Configuring sendmail for STARTTLS
6. Relaying Based on the CA
7. Relaying Based on the Certificate Subject
8. Requiring Outbound Encryption
9. Requiring Inbound Encryption
10. Requiring a Verified Certificate
11. Requiring TLS for a Recipient
12. Refusing STARTTLS Service
13. Selectively Advertising STARTTLS
14. Requesting Client Certificates
Chapter 9 Managing the Queue
1. Introduction
2. Creating Multiple Queues
3. Using qf, df, and xf Subdirectories
4. Defining Queue Groups
5. Assigning Recipients to Specific Queues
6. Using Persistent Queue Runners
7. Using a Queue Server
8. Setting Protocol Timers
Chapter 10 Securing sendmail
1. Introduction
2. Limiting the Number of sendmail Servers
3. Limiting the Number of Network Accessible Servers
4. Updating to Close Security Holes
5. Patching to Close Security Holes
6. Disabling Delivery to Programs
7. Controlling Delivery to Programs
8. Disabling Delivery to Files
9. Bypassing User .forward Files
10. Controlling Delivery to Files
11. Running sendmail Non-Set-User-ID root
12. Setting a Safe Default User ID
13. Defining Trusted Users
14. Identifying the sendmail Administrator
15. Limiting the SMTP Command Set
16. Requiring a Valid HELO
17. Restricting Command-Line Options
18. Denying DoS Attacks

Colophon

Title:

sendmail Cookbook

By:

Craig Hunt

Publisher:

O'Reilly Media

Formats:

Print
Ebook
Safari Books Online

Print:

December 2003

Ebook:

February 2009

Pages:

408

Print ISBN:

978-0-596-00471-2

| ISBN 10:

0-596-00471-0

Ebook ISBN:

978-0-596-10383-5

| ISBN 10:

0-596-10383-2

Colophon

Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The animal on the cover of sendmail Cookbook is a common European bat (Pipistrellus pipistrellus). Pipistrelles are the most common bat in Britain and are abundant throughout Europe and Asia, although they are reportedly endangered in Germany and Austria. Among the world's smallest bats, Pipistrelles have a body length of 35 to 45 millimeters (about 1.5 inches) and a wingspan of 190 to 250 millimeters (about 9 inches). These tiny mammals have a voracious appetite, consuming up to 3,000 insects a night when the weather is warm. Averse to the cold, their behavior during winter months is mostly unknown. There has been a marked decline in the number of pipistrelles due to modern agricultural practices, including the use of insecticides and the illegal disturbance of their habitats by builders. Marlowe Shaeffer was the production editor and proofreader for sendmail Cookbook. Derek Di Matteo was the copyeditor. Reg Aubry, Claire Cloutier, and Emily Quill provided quality control. Jamie Peppard provided production assistance. Tom Dinse wrote the index.

Ellie Volckhausen designed the cover of this book, based on a series design by Edie Freedman. The cover image is a 19th-century engraving from the Dover Pictorial Archive. Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe's ITC Garamond font.

David Futato designed the interior layout. This book was converted to FrameMaker 5.5.6 by Julie Hawks with a format conversion tool created by Erik Ray, Jason McIntosh, Neil Walls, and Mike Sierra that uses Perl and XML technologies. The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont's TheSans Mono Condensed. The illustrations that appear in the book were produced by Robert Romano and Jessamyn Read using Macromedia FreeHand 9 and Adobe Photoshop 6. The tip and warning icons were drawn by Christopher Bing. This colophon was written by Marlowe Shaeffer.

Description

Table of Contents

Product Details

About the Author

Colophon

Recommended for You

Chapter 1 Getting Started

Introduction

Downloading the Latest Release

Installing sendmail

Compiling sendmail to Use LDAP

Adding the regex Map Type to sendmail

Compiling sendmail with SASL Support

Compiling sendmail with STARTTLS Support

Compiling in STARTTLS File Paths

Building a sendmail Configuration

Testing a New Configuration

Logging sendmail

Chapter 2 Delivery and Forwarding

Introduction

Accepting Mail for Other Hosts

Fixing the Alias0 Missing Map Error and Creating Simple Aliases

Reading Aliases via LDAP

Configuring Red Hat 7.3 to Read Aliases from a NIS Server

Configuring Solaris 8 to Read Aliases from a NIS Server

Forwarding to an External Address

Creating Mailing Lists

Migrating Ex-Users to New Addresses

Delivering Mail to a Program

Using Program Names in Mailing Lists

Allowing Nonlogin Users to Forward to Programs

Fixing a .forward Loop

Enabling the User Database

Chapter 3 Relaying

Introduction

Passing All Mail to a Relay

Passing Outbound Mail to a Relay

Passing Local Mail to a Mail Hub

Passing Apparently Local Mail to a Relay

Passing UUCP Mail to a Relay

Relaying Mail for All Hosts in a Domain

Relaying Mail for Individual Hosts

Configuring Relaying on a Mail Exchanger

Loading Class $=R via LDAP

Relaying Only Outbound Mail

Chapter 4 Masquerading

Introduction

Adding Domains to All Sender Addresses

Masquerading the Sender Hostname

Eliminating Masquerading for the Local Mailer

Forcing Masquerading of Local Mail

Masquerading Recipient Addresses

Masquerading at the Relay Host

Limiting Masquerading

Masquerading All Hosts in a Domain

Masquerading Most of the Hosts in a Domain

Masquerading the Envelope Address

Rewriting the From Address with the genericstable

Rewriting Sender Addresses for an Entire Domain

Masquerading with LDAP

Reading the genericstable via LDAP

Chapter 5 Routing Mail

Introduction

Routing Mail to Special Purpose Mailers

Sending Error Messages from the mailertable

Disabling MX Processing to Avoid Loops

Routing Mail for Local Delivery

Reading the mailertable via LDAP

Routing Mail for Individual Virtual Hosts

Routing Mail for Entire Virtual Domains

Reading the virtusertable via LDAP

Routing Mail with LDAP

Using LDAP Routing with Masquerading

Chapter 6 Controlling Spam

Introduction

Blocking Spam with the access Database

Preventing Local Users from Replying to Spammers

Reading the access Database via LDAP

Using a DNS Blackhole List Service

Building Your Own DNS Blackhole List

Whitelisting Blacklisted Sites

Filtering Local Mail with procmail

Filtering Outbound Mail with procmail

Invoking Special Header Processing

Using Regular Expressions in sendmail

Identifying Local Problem Users