Masquerading domains with Sendmail
This article outlines the method I used to get sendmail to rewrite the sender domain, in order to get around the classic problem where a server has a local hostname and has to deliver mail to a real-world recipient domain. The server in this example is called ildipiben.tyknet.cn.dom and all mail for root is forwarded to my real-world reachable email address thomas@example.com. That means that I receive mail from the not-resolvable sender address root@ildipiben.tyknet.cn.dom which can be a problem if the receiving server uses anti-spam measures, like checking if the sender domain is real.
I only use mail from the server ildipiben.tyknet.cn.dom for system messages from crontab and the like, but it could easily be a server running some sort of application that sends mail through sendmail.
Configuring Masquerading
Sendmail calls the rewriting of the sender domain to something other than the machines hostname masquerading. You cannot just write a couple of lines in /etc/mail/sendmail.cf which is the main sendmail configuration file. To know why you just have to look inside the file, the syntax is so retarded you have to wonder who thought it up. Anyway, masquerading is something you have to configure in a .mc file, then you compile a new sendmail.cf which you copy to /etc/mail/sendmail.cf and overwrite the existing one.
Make a new .mc file
First make a copy of the default freebsd.mc file by running the following commands:
$ sudo cp /usr/src/etc/sendmail/freebsd.mc /usr/src/etc/sendmail/freebsd-masq.mc
'Note: If you already have a non-standard .mc file that your current sendmail.cf file is built from, you need to add the new line to that .mc file and not a copy of the default .mc file, or you will loose your other changes!
It doesn't matter what you call the new .mc file. Open it up in an editor and add the following lines in the bottom (replacing example.com with your own domain, of course):
MASQUERADE_AS(example.com) FEATURE(masquerade_envelope) FEATURE(`masquerade_entire_domain')
This will make the following changes to sendmail behaviour:
- MASQUERADE_AS will rewrite the sender domain if it is the same as the servers hostname: root@ildipiben.tyknet.cn.dom becomes root@example.com
- masquerade_envelope will rewrite the envelope sender as well as the header. This is required for my purposes at least.
- masquerade_entire_domain will rewrite the sender domain to example.com if it is a subdomain of the servers hostname: root@jail1.ildipiben.tyknet.cn.dom also becomes root@example.com. This can be left out if you have no subdomains of the hostname of the server.
You are now ready to compile a new sendmail.cf configuration file, using the .mc file you just created as a basis.
Compiling the new sendmail.cf file
To compile the new configuration file, enter the following command while still in /usr/src/etc/sendmail:
$ pwd /usr/src/etc/sendmail $ sudo make freebsd-masq.cf rm -f freebsd-masq.cf m4 -D_CF_DIR_=/usr/src/etc/sendmail/../../contrib/sendmail/cf/ /usr/src/etc/sendmail/../../contrib/sendmail/cf/m4/cf.m4 /usr/src/etc/sendmail/freebsd-masq.mc > freebsd-masq.cf chmod 444 freebsd-masq.cf $
There should be a new file in the current directory called freebsd-masq.cf that you can now copy to /etc/mail/sendmail.cf (backup the exising one before you overwrite it). Then restart sendmail and try sending a mail:
$ sudo cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.orig $ sudo cp /usr/src/etc/sendmail/freebsd-masq.cf /etc/mail/sendmail.cf $ sudo /etc/rc.d/sendmail restart Stopping sendmail_submit. $ echo "testing 1 2 3" | mail -s "testing sender masquerading in sendmail" thomas@example.com $
Obviously you need to replace my email address with your own. Then go see if you received a mail, and if not, check /var/log/maillog to see what's going on.
--Tykling 15:20, 7 July 2009 (UTC)
