sendmail configuration

Thomas Mondoshawan Tate plug-discuss@lists.PLUG.phoenix.az.us
Thu, 16 Aug 2001 07:27:54 -0700 

--ikeVEW9yuYc//A+q
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Aug 16, 2001 at 12:07:06AM -0700, John (EBo) David wrote:
> Thomas Mondoshawan Tate wrote:
> >=20
> > I had to do this very thing with my own sendmail configuration. There s=
hould
> > be a set of files in /etc/mail called access and relay-domains, along w=
ith
> > corresponding access.db and relay-domains.db files. These contain the r=
ules
> > for who can access the mail server, etc. The first two (without the .db
> > extension) are plain text files. You'll need to edit the access file an=
d add
> > a line that says "<yourdomain> RELAY" (no anglebrackets). After editing=
 that,
> > do a "makemap hash /etc/mail/access.db < /etc/mail/access". This will r=
ebuild
> > the database. Restart sendmail and test it with a mail client on the new
> > domain.
>=20
> Thanks Thomas,
>=20
>   As it turns out, I do not have either access or relay-domains in
> /etc/mail. =20
>=20
>=20
> I've also crawled around /usr/lib/mail and took a gander at the
> configuration definitions. and found that I have the feature
> "relay_entire_domain" defined in
> /usr/lib/mail/domain/<Qualified_domain_name>.m4.  I am thinking that I
> should probably try changing it to "relay_hosts_only" as the definitions
> read:
>=20
> relay_entire_domain
>                 By default, only hosts listed as RELAY in the access db
>                 will be allowed to relay.  This option also allows any
>                 host in your domain as defined by the 'm' class ($=3Dm).
>=20
> relay_hosts_only
>                 By default, names that are listed as RELAY in the access
>                 db and class 'R' ($=3DR) are domain names, not host names.
>                 For example, if you specify ``foo.com'', then mail to or
>                 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com
>                 will all be accepted for relaying.  This feature changes
>                 the behaviour to lookup individual host names only.
>=20
> I've tried this too, and think that I have forgotten some magical
> step...  I remember that there was one magical step that took me hours
> to find in the docs, and was a one line (ad to do XYZ do bal)...  But
> like I said, it has been a year...

If you change that m4 file, you'll have to go through the whole Sendmail
reconfiguration again to rebuild the configuration file -- that's the hard
way to do it, but it should work. If you pull down the tarball distribution
of sendmail, they explain how to do it in detail in the cf/README file. I
believe it involves editing a file called sendmail.mc that contains your
site configuration and running it through m4 like this
"m4 cf.m4 sendmail.mc > newsendmail.cf"

There is a _much_ easier way to reconfigure Sendmail -- through that
access.db file I was referring to earlier. Look for a "Kaccess" statement in
the beginning of the sendmail.cf file -- that's going to tell you where it =
is.
That file happens to be that "access db" that they were referencing in the =
two
options you mentioned above, and if you can find it, just follow the
directions I mentioned before.

--
Thomas "Mondoshawan" Tate
phoenix@psy.ed.asu.edu
http://tank.dyndns.org/presence

--ikeVEW9yuYc//A+q
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7e9hqYp5mUsPGjjwRAnDLAJ9gyYd1HerKLcFZu/xsOoD5TnBlZACeOzui
HcCtCxVcIEDVflSdnIELC5M=
=/Lbq
-----END PGP SIGNATURE-----

--ikeVEW9yuYc//A+q--