O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

sendmail Cookbook

Book Description

More often than not, the words "sendmail configuration" strikedread in the hearts of sendmail and system administrators--and notwithout reason. sendmail configuration languages are as complex asany other programming languages, but used much moreinfrequently--only when sendmail is installed or configured. Theaverage system administrator doesn't get enough practice to trulymaster this inscrutable technology. Fortunately, there's help. Thesendmail Cookbook provides step-by-step solutions for theadministrator who needs to solve configuration problems fast. Sayyou need to configure sendmail to relay mail for your clientswithout creating an open relay that will be abused by spammers. Arecipe in the Cookbook shows you how to do just that. No morewading through pages of dense documentation and tutorials andcreating your own custom solution--just go directly to the recipethat addresses your specific problem. Each recipe in thesendmail Cookbook outlines a configuration problem, presentsthe configuration code that solves that problem, and then explainsthe code in detail. The discussion of the code is critical becauseit provides the insight you need to tweak the code for your owncircumstances. The sendmail Cookbook begins with an overviewof the configuration languages, offering a quick how-to fordownloading and compiling the sendmail distribution. Next, you'llfind a baseline configuration recipe upon which many of thesubsequent configurations, or recipes, in the book are based.Recipes in the following chapters stand on their own and offersolutions for properly configuring important sendmail functionssuch as:

  • Delivering and forwarding mail

  • Relaying

  • Masquerading

  • Routing mail

  • Controlling spam

  • Strong authentication

  • Securing the mail transport

  • Managing the queue

  • Securing sendmail

  • sendmail Cookbook is more than just a new approach todiscussing sendmail configuration. The book also provides lots ofnew material that doesn't get much coverage elsewhere--STARTTLS andAUTH are given entire chapters, and LDAP is covered in recipesthroughout the book. But most of all, this book is about savingtime--something that most system administrators have in shortsupply. Pick up the sendmail Cookbook and say good-bye tosendmail dread.

    Table of Contents

    1. Dedication
    2. Preface
      1. Introduction
      2. Using This Cookbook
      3. Audience
      4. Organization
      5. Software Versions
      6. Conventions
      7. We’d Like to Hear from You
      8. Acknowledgments
    3. 1. Getting Started
      1. Introduction
      2. 1.1. Downloading the Latest Release
      3. 1.2. Installing sendmail
      4. 1.3. Compiling sendmail to Use LDAP
      5. 1.4. Adding the regex Map Type to sendmail
      6. 1.5. Compiling sendmail with SASL Support
      7. 1.6. Compiling sendmail with STARTTLS Support
      8. 1.7. Compiling in STARTTLS File Paths
      9. 1.8. Building a sendmail Configuration
      10. 1.9. Testing a New Configuration
      11. 1.10. Logging sendmail
    4. 2. Delivery and Forwarding
      1. Introduction
      2. 2.1. Accepting Mail for Other Hosts
      3. 2.2. Fixing the Alias0 Missing Map Error and Creating Simple Aliases
      4. 2.3. Reading Aliases via LDAP
      5. 2.4. Configuring Red Hat 7.3 to Read Aliases from a NIS Server
      6. 2.5. Configuring Solaris 8 to Read Aliases from a NIS Server
      7. 2.6. Forwarding to an External Address
      8. 2.7. Creating Mailing Lists
      9. 2.8. Migrating Ex-Users to New Addresses
      10. 2.9. Delivering Mail to a Program
      11. 2.10. Using Program Names in Mailing Lists
      12. 2.11. Allowing Nonlogin Users to Forward to Programs
      13. 2.12. Fixing a .forward Loop
      14. 2.13. Enabling the User Database
    5. 3. Relaying
      1. Introduction
      2. 3.1. Passing All Mail to a Relay
      3. 3.2. Passing Outbound Mail to a Relay
      4. 3.3. Passing Local Mail to a Mail Hub
      5. 3.4. Passing Apparently Local Mail to a Relay
      6. 3.5. Passing UUCP Mail to a Relay
      7. 3.6. Relaying Mail for All Hosts in a Domain
      8. 3.7. Relaying Mail for Individual Hosts
      9. 3.8. Configuring Relaying on a Mail Exchanger
      10. 3.9. Loading Class $=R via LDAP
      11. 3.10. Relaying Only Outbound Mail
    6. 4. Masquerading
      1. Introduction
      2. 4.1. Adding Domains to All Sender Addresses
      3. 4.2. Masquerading the Sender Hostname
      4. 4.3. Eliminating Masquerading for the Local Mailer
      5. 4.4. Forcing Masquerading of Local Mail
      6. 4.5. Masquerading Recipient Addresses
      7. 4.6. Masquerading at the Relay Host
      8. 4.7. Limiting Masquerading
      9. 4.8. Masquerading All Hosts in a Domain
      10. 4.9. Masquerading Most of the Hosts in a Domain
      11. 4.10. Masquerading the Envelope Address
      12. 4.11. Rewriting the From Address with the genericstable
      13. 4.12. Rewriting Sender Addresses for an Entire Domain
      14. 4.13. Masquerading with LDAP
      15. 4.14. Reading the genericstable via LDAP
    7. 5. Routing Mail
      1. Introduction
      2. 5.1. Routing Mail to Special Purpose Mailers
      3. 5.2. Sending Error Messages from the mailertable
      4. 5.3. Disabling MX Processing to Avoid Loops
      5. 5.4. Routing Mail for Local Delivery
      6. 5.5. Reading the mailertable via LDAP
      7. 5.6. Routing Mail for Individual Virtual Hosts
      8. 5.7. Routing Mail for Entire Virtual Domains
      9. 5.8. Reading the virtusertable via LDAP
      10. 5.9. Routing Mail with LDAP
      11. 5.10. Using LDAP Routing with Masquerading
    8. 6. Controlling Spam
      1. Introduction
      2. 6.1. Blocking Spam with the access Database
      3. 6.2. Preventing Local Users from Replying to Spammers
      4. 6.3. Reading the access Database via LDAP
      5. 6.4. Using a DNS Blackhole List Service
      6. 6.5. Building Your Own DNS Blackhole List
      7. 6.6. Whitelisting Blacklisted Sites
      8. 6.7. Filtering Local Mail with procmail
      9. 6.8. Filtering Outbound Mail with procmail
      10. 6.9. Invoking Special Header Processing
      11. 6.10. Using Regular Expressions in sendmail
      12. 6.11. Identifying Local Problem Users
      13. 6.12. Using MILTER
      14. 6.13. Bypassing Spam Checks
      15. 6.14. Enabling Spam Checks on a Per-User Basis
    9. 7. Authenticating with AUTH
      1. Introduction
      2. 7.1. Offering AUTH Authentication
      3. 7.2. Authenticating with AUTH
      4. 7.3. Storing AUTH Credentials in the authinfo File
      5. 7.4. Limiting Advertised Authentication Mechanisms
      6. 7.5. Using AUTH to Permit Relaying
      7. 7.6. Controlling the AUTH= Parameter
      8. 7.7. Avoiding Double Encryption
      9. 7.8. Requiring Authentication
      10. 7.9. Selectively Requiring Authentication
    10. 8. Securing the Mail Transport
      1. Introduction
      2. 8.1. Building a Private Certificate Authority
      3. 8.2. Creating a Certificate Request
      4. 8.3. Signing a Certificate Request
      5. 8.4. Configuring sendmail for STARTTLS
      6. 8.5. Relaying Based on the CA
      7. 8.6. Relaying Based on the Certificate Subject
      8. 8.7. Requiring Outbound Encryption
      9. 8.8. Requiring Inbound Encryption
      10. 8.9. Requiring a Verified Certificate
      11. 8.10. Requiring TLS for a Recipient
      12. 8.11. Refusing STARTTLS Service
      13. 8.12. Selectively Advertising STARTTLS
      14. 8.13. Requesting Client Certificates
    11. 9. Managing the Queue
      1. Introduction
      2. 9.1. Creating Multiple Queues
      3. 9.2. Using qf, df, and xf Subdirectories
      4. 9.3. Defining Queue Groups
      5. 9.4. Assigning Recipients to Specific Queues
      6. 9.5. Using Persistent Queue Runners
      7. 9.6. Using a Queue Server
      8. 9.7. Setting Protocol Timers
    12. 10. Securing sendmail
      1. Introduction
      2. 10.1. Limiting the Number of sendmail Servers
      3. 10.2. Limiting the Number of Network Accessible Servers
      4. 10.3. Updating to Close Security Holes
      5. 10.4. Patching to Close Security Holes
      6. 10.5. Disabling Delivery to Programs
      7. 10.6. Controlling Delivery to Programs
      8. 10.7. Disabling Delivery to Files
      9. 10.8. Bypassing User .forward Files
      10. 10.9. Controlling Delivery to Files
      11. 10.10. Running sendmail Non-Set-User-ID root
      12. 10.11. Setting a Safe Default User ID
      13. 10.12. Defining Trusted Users
      14. 10.13. Identifying the sendmail Administrator
      15. 10.14. Limiting the SMTP Command Set
      16. 10.15. Requiring a Valid HELO
      17. 10.16. Restricting Command-Line Options
      18. 10.17. Denying DoS Attacks
    13. About the Author
    14. Colophon
    15. Copyright