Configuring sendmail 8.9 with m4-macros

http://www.free-x.ch/pub/sendmail-m4.html

Georg Wagner

29. November 1999

Abstract

There exist two possibilities to configure sendmail: the first is to edit the sendmail.cf file directly, the second to use a m4-macro file. Most people - including me - are using both methods depending on the their know how. Recently I took the effort to get a single point for applying my changes to the configuration of sendmail: the m4-macro file.

1 Introduction

I am using a dialup-account to connect to my ISP. My provider's domain is datacomm.ch whereas my domain at home is internal.ch¹ with a 192.168.x.x-network; the machine has the name mymachine. I will refer to my local username as login. My username at the ISP is g.wagner. This means my internal address is login@mymachine.internal.ch and my external address is g.wagner@datacomm.ch.

2 Configuring sendmail

First change to the directory ../cf/cf and create a copy of generic.bsd4.4.mc:

: # cp generic.bsd4.4.mc mymachine.mc

Before you start editing your newly created file, some possible pitfalls with the macro language m4 should be mentioned:

m4 uses forward- and backward-quotes
The #-character does not have a special meaning to m4. If you are writing a comment you should do it in the following way²:
# `your comment here'
to prevent the possible interpretation of some words in your comment as a macro.

2.1 Structure of the mc-file

The mc-file has the following structure:

: VERSIONID
OSTYPE
DOMAIN
FEATURE
Local Macros
MAILER
LOCAL_RULESETS

2.2 Basic entries in mymachine.mc

After the header you should have the entries below the line with divert(0):

: VERSIONID(`$Id$'³)dnl
OSTYPE(bsd4.4)dnl
DOMAIN(generic)dnl
FEATURE(relay_entire_domain)dnl⁴
MAILER(local)dnl
MAILER(smtp)dnl

These entries are already sufficient to get a simple forwarding sendmail configuration.

2.3 Masquerading

The first problem I want to solve, is to masquerade the internal username and the internal domain.

Add the lines

: MASQUERADE_AS(datacomm.ch)⁵dnl
FEATURE(allmasquerade)dnl
FEATURE(masquerade_envelope)dnl⁶
FEATURE(nocanonify)dnl
define(`confUSERDB_SPEC', `/etc/mail/user.db')dnl
Cwmymachine.internal.ch⁷

in front of the line with MAILER(local). Now you have to populate the user database:

: makemap hash /etc/mail/user.db < ./user

where the file user contains lines like:

: login⁸:mailname g.wagner@datacomm.ch> ⁹
g.wagner@datacomm.ch:maildrop login

2.4 Anti-Spam measures

Relaying

Since version 8.9 of sendmail the default is not to (ab)use your machine as mail relay. This is also the reason for the relay_entire_domain entry in Section 2.2.

To allow your mail to be relayed at your provider's mailserver add a line like:

define(`SMART_HOST', 'smtp.datacomm.ch')dnl

Rejecting spam

Using the acess database

If you want to maintain a spammer database of your own you can use the feature:

: FEATURE(access_db, hash -o /etc/mail/access.db)dnl

Add this entry between the DOMAIN and MAILER directives. Be sure to create the access database using the commands:

: cd /etc/mail
/usr/sbin/makemap hash access.db < ./access

Where access is a file which you fill with lines like:

: spammer@hotmail.com REJECT
baddomain.com REJECT
....

Using the Realtime Blackhole List

As alternative, if you don't want to maintain your own access database, you can use the Realtime Blackhole list. If you don't know what the Realtime Blackhole list is, have a look at http://maps.vix.com/rbl. This is the simplest mechanism for blocking spam. Just add the line:

: FEATURE(rbl)dnl

to your mymachine.mc file.

Setting the privacy flags

Don't allow remote user to ask for any informations on your smtp port:

: define(`confPRIVACY_FLAGS', `goaway')dnl

3 Generating and Installing the sendmail.cf-file

You should now have a mymachine.mc file containing the lines:

: VERSIONID(`$Id$')dnl> OSTYPE(bsd4.4)dnl
DOMAIN(generic)dnl
FEATURE(relay_entire_domain)dnl¹⁰
MASQERADE_AS(datacomm.ch)dnl
FEATURE(allmasquerade)dnl
FEATURE(masquerade_envelope)dnl
FEATURE(nocanonify)dnl
FEATURE(rbl)dnl
define(`confUSERDB_SPEC', `/etc/mail/user.db')dnl
define(`SMART_HOST', 'smtp.datacomm.ch')dnl
define(`confPRIVACY_FLAGS', `goaway')dnl
Cwmymachine.internal.ch
MAILER(local)dnl
MAILER(smtp)dnl

With the following commands you can change your current sendmail configuration:

: m4 ../m4/cf.m4 mymachine.mc > mymachine.cf
cp /etc/sendmail.cf /etc/sendmail.cf.old
cp mymachine.cf /etc/sendmail.cf
ps -aux| grep sendmail
kill -HUP <PID>

4 Conclusion

I am not responsible if you spoil your configuration in applying the described actions to your sendmail configuration. Make backups of every file before you start. The mc-file was tested on my private machine and seams to be working so far.

If you have any remarks, corrections or additions please send them to me.

Footnotes:

¹Changed for security reasons

²enclosed in forward- and backward-quotes

³Put an appropriate header for RCS or CVS here

⁴Only neccessary if your internal domain has several machines from were mail will be send.

⁵Insert your providers name here.

⁶Some mailers reject a message when the envelope address is not resolvable.

⁷Tell sendmail who we are. You could use the confCW_FILE instead.

⁸Insert your local username here.

⁹Insert your user name at your provider's domain here.

¹⁰Only neccessary if your internal domain has several machines from were mail will be send.

File translated from T_EX by T_TH, version 2.53.
On 30 Nov 1999, 12:26.