PHWinfo - Afficher un message

16/01/2007, 18h25

Grant Taylor wrote:
> Foxbird wrote:
> > I've seen plenty of posts on suggestions for making this work, and I've
> > got sendmail blindly forwarding all mail for the domain to exchange,
> > but I'd like to check the recipient at the boundry. I've tried the
> > access map and virtuser methods, and neither of them seem to work for
> > this particular instance. In short, sendmail either forwards it like it
> > did before, or denies the relay (complaining about a failed name lookup
> > of the host I'm using as a test).
>
> What you are wanting to do is configure Sendmail to relay messages for
> specific domain(s) to your internal mail server(s).
>
> 1) Add the domain(s) that you want to relay messages for to your
> relay-domains (class R) file.
>
> 2) Add entries in your Access DB for each valid recipient. I.e:
> To:valid@domain.tld OK
>
> 3) Add a catch all entries for the domain(s) in question to REJECT
> messages. I.e:
> To:domain.tld REJECT
>
> 4) Set up a mailertable entry to tell Sendmail to relay messages for
> the domain(s) to the internal mail server(s). I.e:
> domain.tld relay:mailbox.domain.tld
>
> 5) Remove any stale config from any files not listed above.
>

Grant,

I'd love it if that were the case, but it doesn't seem to be so. I've
done all that you mentioned, but this particular configuration causes
sendmail to forward everything destined to domain.tld. As a recap,
here's the current content of the various files you mentioned.

1) class R (/etc/mail/relay-domains)
domain.tld

2) access map (/etc/mail/access)
To:user@domain.tld OK
To:domain.tld REJECT

3) mailertable (/etc/mail/mailertable)
domain.tld smtp[mailbox.domain.tld]

4) /etc/mail/local-host-names
[empty]

5) the sendmail.mc file
divert(0)dnl
VERSIONID(`$Id: generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp
$')
OSTYPE(linux)dnl
define(`confBAD_RCPT_THROTTLE', `3')dnl
define(`confTO_IDEN', `0s')dnl
define(`confMILTER_LOG_LEVEL', `1')dnl
FEATURE(stickyhost)dnl
define(`confDOUBLE_BOUNCE_ADDRESS', `')dnl
define(`confPRIVACY_FLAGS',`goaway,noreceipts,nobo dyreturn')dnl
define(`confDELIVERY_MODE', `q')dnl
undefine(`ALIAS_FILE')dnl
define(`confFORWARD_PATH')dnl
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dnl
undefine(`DECNET_RELAY')dnl
INPUT_MAIL_FILTER(`mimedefang',
`S=unix:/var/spool/MIMEDefang/mimedefang.sock, F=T, T=S:1m;R:1m')
FEATURE(`mailertable', `hash /etc/mail/mailertable')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable')dnl
FEATURE(`use_cw_file')dnl
MAILER(smtp)dnl

Now, when sending mail to baduser@domain.tld (which should be denied),
it's accepting the mail, processing it, and forwarding it on to the
host specified in the mailertable. Obviously, looking at the map this
shouldn't be happening, but it seems to be that it is. I read somewhere
that the R class causes it to ignore the information in the access map,
which seems to be the case. If I could make this problem go away, it'd
do what I want, but it doesn't seem to want to agree with this
configuration.

- Foxbird

16/01/2007, 18h25	#6
Foxbird Messages: n/a Hébergeur:	Re: Sendmail as a gateway Grant Taylor wrote: > Foxbird wrote: > > I've seen plenty of posts on suggestions for making this work, and I've > > got sendmail blindly forwarding all mail for the domain to exchange, > > but I'd like to check the recipient at the boundry. I've tried the > > access map and virtuser methods, and neither of them seem to work for > > this particular instance. In short, sendmail either forwards it like it > > did before, or denies the relay (complaining about a failed name lookup > > of the host I'm using as a test). > > What you are wanting to do is configure Sendmail to relay messages for > specific domain(s) to your internal mail server(s). > > 1) Add the domain(s) that you want to relay messages for to your > relay-domains (class R) file. > > 2) Add entries in your Access DB for each valid recipient. I.e: > To:valid@domain.tld OK > > 3) Add a catch all entries for the domain(s) in question to REJECT > messages. I.e: > To:domain.tld REJECT > > 4) Set up a mailertable entry to tell Sendmail to relay messages for > the domain(s) to the internal mail server(s). I.e: > domain.tld relay:mailbox.domain.tld > > 5) Remove any stale config from any files not listed above. > Grant, I'd love it if that were the case, but it doesn't seem to be so. I've done all that you mentioned, but this particular configuration causes sendmail to forward everything destined to domain.tld. As a recap, here's the current content of the various files you mentioned. 1) class R (/etc/mail/relay-domains) domain.tld 2) access map (/etc/mail/access) To:user@domain.tld OK To:domain.tld REJECT 3) mailertable (/etc/mail/mailertable) domain.tld smtp[mailbox.domain.tld] 4) /etc/mail/local-host-names [empty] 5) the sendmail.mc file divert(0)dnl VERSIONID(`$Id: generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp $') OSTYPE(linux)dnl define(`confBAD_RCPT_THROTTLE', `3')dnl define(`confTO_IDEN', `0s')dnl define(`confMILTER_LOG_LEVEL', `1')dnl FEATURE(stickyhost)dnl define(`confDOUBLE_BOUNCE_ADDRESS', `')dnl define(`confPRIVACY_FLAGS',`goaway,noreceipts,nobo dyreturn')dnl define(`confDELIVERY_MODE', `q')dnl undefine(`ALIAS_FILE')dnl define(`confFORWARD_PATH')dnl undefine(`UUCP_RELAY')dnl undefine(`BITNET_RELAY')dnl undefine(`DECNET_RELAY')dnl INPUT_MAIL_FILTER(`mimedefang', `S=unix:/var/spool/MIMEDefang/mimedefang.sock, F=T, T=S:1m;R:1m') FEATURE(`mailertable', `hash /etc/mail/mailertable')dnl FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access')dnl FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable')dnl FEATURE(`use_cw_file')dnl MAILER(smtp)dnl Now, when sending mail to baduser@domain.tld (which should be denied), it's accepting the mail, processing it, and forwarding it on to the host specified in the mailertable. Obviously, looking at the map this shouldn't be happening, but it seems to be that it is. I read somewhere that the R class causes it to ignore the information in the access map, which seems to be the case. If I could make this problem go away, it'd do what I want, but it doesn't seem to want to agree with this configuration. - Foxbird