Sendmail Installation & Configuration: (26 Jan 2006) S

advertisement
Sendmail Installation & Configuration: (26 Jan 2006)
SMTP (Simple Mail Transfer Protocol)
Email Primer:
An email address: emailId@domainà bms@iitk.ac.in à bms is email Id &
iitk.ac.in is domain
Mail client: A system from where a sender (person) can send an email using any email
client like mail, mh, elm, pine, Netscape messenger, Mozilla, Outlook Express, Eudora,
Horde, Squirrelmail etc.
Mail host: It is able to decode any address and reroutes the mail within the domain.
Relay Host: It manages communication with network outside the domain. If you want a
local mail system for your organization then relay host is not required. A good system for
relay host is a router to internet.
Gateway: It is a system between differing communication networks, like a mail from a
Unix user must pass through a gateway to reach a VMS user.
Mail Server: A mail storage system. This server keeps all mail boxes in /var/spool/mail
(Linux) or /var/mail (Solaris)
Standard Practice:
Practically only one machine can act as: (Mailhost + MailRelay+ MailServer).
Another configuration: Use separate servers for incoming & outgoing mails.
Email Address resolution:
When email sender sends an email.
Destination address will be match with sender’s local aliases kept in
.mailrc|.addressbook (pine uses it)|.elm/aliases.text etc.
In second step it will try to expand/resolve destination address using local
/etc/mail/aliases
In third step it will try to expand/resolve the address using NIS aliases (If NIS is
running and aliases are kept in NIS database)
In fourth step it will use /etc/mail/aliases of mailhost to expand the destination
Address.
At last it will refer .procmailrc/.forward file of destination user for mail
redirection.
Mail Processing:
Message is composed by any mail client program.
Message is collected by this client program and passed to sendmail.
Message is routed. Sendmail acts as a MTA (Message Transfer Agent) and it
routes the message to final destination through other MTAs.
The sendmail daemon analyzes the address.
If address is local. It performs the aliasing if necessary and passes the
message to program /usr/bin/mail (procmail) for delivery.
If address is not local.The message is routed to another MTA, where entire
process (analyzing the address, aliasing and delivery if local or routing if not local) is re
done.
If sendmail is not able to route the mail because the receiving MTA is not
responding, the message is stored in a mail queue located in /var/spool/mqueue
subdirectory. The queue is automatically run at specified interval (default is one hour in
case of solaris)
sendmail –bd –q30m & à queue will be cleared every 30 minutes
sendmail will try to send the queued message up to a certain limit (default is 3
days).
Message is delivered: The message is stored by /usr/bin/mail in the user’s
mailbox /var/mail/login_name on the mail server.
Now recipient can read the mail through any mail client program of his choice.
Sendmail Installation and Configuration:
Steps for installation & configuration of a Linux PC as mail server:
1.
2.
Load latest linux (RedHat/Mandrake/Fedora etc.)
Restrict ssh/sftp access: edit /etc/ssh/sshd_config file
Add following line:
AllowUsers *@172.27.17.46 *@172.27.17.45 root@172.27.16.12 root@172.27.17.55 root@172.27.17.90
*@172.27.18.1 chandan@172.27.17.55 nadeem@172.27.17.90 root@172.30.2.98 root@deepak.cse.iitk.ac.in
root@deepak1.cse.iitk.ac.in *@172.27.17.165
3.
4.
5.
6.
Explaination for above line is, allow any user from machine 172.27.17.46, allow root from
deepak.cse.iitk.ac.in etc.
Stop all daemons except sendmail,dovekot, nfs {mailbox export for backup}, nis & sshd
Configure /etc/resolv.conf, /etc/nsswitch.conf, /etc/hosts, /etc/auto.master, /etc/auto.misc
If recipient is not a valid user & it is not present in /etc/mail/aliases, it means it is an invalid
recipient and mail will bounce back.
Implement quota system for all the users to avoid unwanted mail flooding.
Steps for sendmail installation: {In most of the Linux Systems SendMail
RPM format}
If sendmail is not installed in the system, get latest Sendmail from site:
www.sendmail.org
1. Uncompress the latest sendmail tar.gz file.
2. cd <Uncomress sendmail source directory>
3. ./configure
4. make
5. make install
Steps for sendmail configuration:
is available in
•
•
Intranet SendMail Configuration
Internet SendMail Configuration
Setup DOMAIN, domain name masquerading (if needed), mailertable etc. in sendmail.mc. Also do not forget to
comment the following line in the same file. If you are not commenting this line, this mail server will not accept mail from
any other system.
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
1. run m4 to generate sendmail from sendmail.mc
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
or equivalent command is:
make sendmail.cf
2.
Create mailertable as per requirement & run
make to create dbm/hash database file for
mailertable as follows from /etc/mail directory:
make mailertable {One must prefer this command only}
or { for dbm database file}
makemap dbm mailertable < mailertable
or if you are using hash
makemap dbm mailertable < mailertable
3. Then create a file named 'access' & run following command to create access.db
file:
make access.db
4. Add local users aliases in /etc/aliases
5. Run /bin/newaliases to update alias database files.
6. Restart the sendmail as:
service sendmail restart
or
cd /etc/rc.d/init.d
./sendmail restart
{If one has done any changes in any configuration files like aliases, access,
mailertable, sendmail.mc etc., sendmail daemon must be restarted. During restart script
will take care if any changed done in any configuration file and it will automatically
create respective .db file for the same and finally starts the sendmail service.}
7. Test mail server configurationit by testing following test suit:
• from local user à to other local user
• from local user à to user of other department/section
• from local user à to remote user
• reply from local user
• reply from user of other department/section
• reply from remote user
Sample files used in Intranet Sendmail Server:
/etc/mail/access file: {By default sendmail will relay the message for any IP which is not mentoned in this file}
localhost.localdomain
RELAY
localhost
RELAY
127.0.0.1
RELAY
#
172.27.16
RELAY
172.27.17
RELAY
172.27.18
RELAY
172.27.19
RELAY
172
REJECT
/etc/mail/domaintable: {Keep it blank}
/etc/mail/hack: {This file has to be included in sendmail.cf after generating sendmail.cf from sendmail.mc}
CPREDIRECT
# Following entries are made to optimize.
# If new domains come and even if we do NOT add them here
# by default(last line in mailertable) they are forwarded to
# main Relay system mail.iitk.ac.in
CPMUSEUM BITNET IUNET
CPAERO ARPA COOP INFO NATO NAME
CPBIZ COM EDU GOV INT MIL NET ORG
CPAD AE AF AG AI AL AM AN AO AQ AR AS AT AU AW AZ BA BB BD BE BF BG BH BI BJ
BM
CPBN BO BR BS BT BV BW BY BZ CA CC CF CG CH CI CK CL CM CN CO CR CS CU CV CX
CY
CPCZ DE DJ DK DM DO DZ EC EE EG EH ER ES ET FI FJ FK FM FO FR FX GA GB GD GE
GF
CPGH GI GL GM GN GP GQ GR GS GT GU GW GY HK HM HN HR HT HU ID IE IL IN IO IQ
IR
CPIS IT JM JO JP KE KG KH KI KM KN KP KR KW KY KZ LA LB LC LI LK LR LS LT LU
LV
CPLY MA MC MD MG MH MK ML MM MN MO MP MQ MR MS MT MU MV MW MX MY
MZ NA NC NE NF
CPNG NI NL NO NP NR NT NU NZ OM PA PE PF PG PH PK PL PM PN PR PS PT PW PY QA
RE
CPRO RU RW SA SB SC SD SE SG SH SI SJ SK SL SM SN SO SR ST SU SV SY SZ TC TD TF
CPTG TH TJ TK TM TN TO TP TR TT TV TW TZ UA UG UK UM US UY UZ VA VC VE VG VI
VN
CPVU WF WS YE YT YU ZA ZM ZR ZW
/etc/mail/helpfile:
{No Change}
/etc/mail/local-host-names: {Here mail.iiitdm.in is internet mail gateway}
# local-host-names - include all aliases for your machine here.
iiitdm.in
/etc/mail/mailertable:
.
smtp:mail.iiitdm.in
/etc/mail/sendmail.mc:
divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl # make -C /etc/mail
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
define(`confMAX_MESSAGE_SIZEE',`15728640')dnl
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTO_CONNECT',`1m')dnl
define(`confTO_QUEUERETURN',`5d')dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE',`/etc/mail/aliases')dnl
define(`consSMTP_LOGIN_MSG',`$j $b')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`nouucp',`reject')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`always_add_domain',`iiitdm.in')dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
MASQUERADE_AS(`iiitdm.in')dnl
MASQUERADE_DOMAIN(`iiitdm.in')dnl
EXPOSED_USER(`root')dnl
MAILER(`smtp')dnl
MAILER(`procmail')dnl
/etc/mail/submit.mc: { No Change}
divert(0)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')
VERSIONID(`linux setup for Red Hat Linux')dnl
define(`confCF_VERSION', `Submit')dnl
define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
define(`confTIME_ZONE', `USE_TZ')dnl
define(`confDONT_INIT_GROUPS', `True')dnl
define(`confPID_FILE', `/var/run/sm-client.pid')dnl
dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')
FEATURE(`use_ct_file')dnl
dnl
dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1]
FEATURE(`msp', `[127.0.0.1]')dnl
/etc/mail/trusted-users: { No Change}
/etc/mail/virtusertable: { No Change}
Sample files used in Intranet Sendmail Server:
/etc/mail/access file: {Used during mail receive}
172.27.16.2
172.27.16
172.27.17
172.27.18
172.27.19
RELAY
REJECT
REJECT
REJECT
REJECT
/etc/mail/domaintable:
{No Change} {Used during mail delivery}
/etc/mail/helpfile:
{No Change}
/etc/mail/local-host-names:
{Used during mail receive}
# local-host-names - include all aliases for your machine here.
iiitdm.in
/etc/mail/mailertable:
{No Change, No Entry}
/etc/mail/sendmail.mc: {Used during mail delivery}
divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl # make -C /etc/mail
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
define(`confMAX_MESSAGE_SIZE',`5242880')dnl
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTO_CONNECT',`1m')dnl
define(`confTO_QUEUERETURN',`5d')dnl
define(`ALIAS_FILE',`/etc/aliases')dnl
define(`MAIL_HUB',`smtp:mailhost.iiitdm.in')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`nouucp',`reject')dnl
FEATURE(`always_add_domain',`iiitdm.in')dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`use_cw_file')dnl
/etc/mail/submit.mc: { No Change}
divert(0)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')
VERSIONID(`linux setup for Red Hat Linux')dnl
define(`confCF_VERSION', `Submit')dnl
define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
define(`confTIME_ZONE', `USE_TZ')dnl
define(`confDONT_INIT_GROUPS', `True')dnl
define(`confPID_FILE', `/var/run/sm-client.pid')dnl
dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')
FEATURE(`use_ct_file')dnl
dnl
dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1]
FEATURE(`msp', `[127.0.0.1]')dnl
/etc/mail/trusted-users: { No Change}
/etc/mail/virtusertable: { No Change}
IMAP/POP Configuration: {dovecot is used here for IMAP/POP requestes}
/etc/mail/dovcot.conf:
protocols = imap imaps pop3 pop3s
imap_listen = [::]
pop3_listen = [::]
login_dir = /var/run/dovecot-login
login = imap
login = pop3
default_mail_env = mbox:/var/mail/%u.mbox:INBOX=/var/mail/%u:INDEX=/var/mail-index/%u
mbox_locks = fcntl
auth = default
auth_mechanisms = plain
auth_userdb = passwd
auth_passdb = pam
auth_user = root
{Make sure Authentication method is using NIS with out MD5 & shadow}
{mail.index is to speedup mailbox loading}
How to use Pine (Help):
Starting pine:
Writing a message:
Listing Messages:
Viewing Message:
pine
c {Now start writing message. After completion of
message hit ^x (to send message)}
^j in attachment field, then ^t to select the file from your
home directory.
i
go to message using up/down arrow keys and hit <return>
Forwarding Message:
f
File Attachment:
Replying Message:
To Cancel sending:
Delete messaging:
Undelete message:
Saving Message:
Quit pine:
r
^c
d {It will mark message as deleted, It will delete on exit}
u
s
q
Menu up/down Traveling:
Using Address Book:
< or >
On pine Main Menu, Select Address Book option and
follow options shown on the screen. Like use @ to add new
address/alias, use d to delete address/alias, for editing,
select the address and hit <return>
<HOMEDIR>/.pinerc {sample file can be downloaded
from web.cse.iitk.ac.in( Under “User Configuration Files”
heading)
Configuration file:
Download