I had one heck of a time finding out how to use the new sendmail m4 configuration format on a collection of systems that consisted of dumb mail clients, a central, internally connected mail hub, and a bastion host that asks as the gateway between the internet and our internal, isolated network.

A working set of configuration files are placed here as a starting point for anyone else attempting to do the same thing. I would appreciate any suggestions, recommendations, and improvements.

Bob Van Cleef: vancleef@garg.com
04/13/1998

The Client

client.m4

The keys features of the m4 file are:

MASQUERADE_AS(`DOMAINNAME.COM')

These features are used to get rid of any internal hostnames on the user addresses. They do not change the Received-by: headers, just the user's addresses. Substitued your domain name for the DOMAINNAME.COM string. The full collection of features were required to prevent local host information from being added to internal addresses on the Cc: line.

FEATURE(`allmasquerade')

FEATURE(`masquerade_envelope')

FEATURE(`always_add_domain')

FEATURE(nullclient, MAILHOST.$m)

This strips things down and forces all mail to be forwarded to the local mail hub. Substitute the hostname of your mail hub for MAILHOST.

FEATURE(`nocanonify')

This prevents the client from attempting an initial DNS lookup on every single address that is submitted. Since you are supposed to be sitting behind a firewall, the DNS lookup on the addresses of accounts outside the firewall will fail -- after a long timeout -- causing the mail to be undelivered.

The Mail Hub

mailhub.m4

MASQUERADE_AS(`DOMAINNAME.COM')

These features are used to get rid of any internal hostnames on the user addresses. They do not change the Received-by: headers, just the user's addresses. Substitued your domain name for the DOMAINNAME.COM string. The full collection of features were required to prevent local host information from being added to internal addresses on the Cc: line.

FEATURE(`allmasquerade')

FEATURE(`masquerade_envelope')

FEATURE(`always_add_domain')

FEATURE(`use_cw_file')

This is used to allow us to recognized multiple hostnames, such as mail, mailhost, pop, relay, etc...

FEATURE(`virtusertable')

This is used to allow us to support mulitple domain names.

FEATURE(`nocanonify')

This prevents the client from attempting an initial DNS lookup on every single address that is submitted. Since you are supposed to be sitting behind a firewall, the DNS lookup on the addresses of accounts outside the firewall will fail -- after a long timeout -- causing the mail to be undelivered.

define(`SMART_HOST', `esmtp:RELAYHOST')

define(`confFALLBACK_MX',`RELAYHOST')

See page 278 in the Bat Book - RELAYHOST is the name of your firewall bastion host.

LOCAL_CONFIG
Cw DOMAINNAME.com DOMAINNAME2.com DOMAINNAME3.com

an alternate to the CW file.

LOCAL_NET_CONFIG
# hmm...outsmart the smart host? Deliver local domain mail directly.
# Book - page 278 and cf/README
# unqualified hostnames
R$* < @ $* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3

# hostname with local domain
R$* < @ $* .$m > $* $#esmtp $@ $2.$m $: $1 < @ $2.$m > $3
R$* < @ $* .$m . > $* $#esmtp $@ $2.$m . $: $1 < @ $2.$m . > $3

These are almost straight out of the book. Don't forget the TAB that is required in front of the $#esmtp as a field separator.

The Relay Host

relayhost.m4

This is the key to the puzzle, and was the last thing to slip into place. Many thanks to per@@erix.ericsson.se -- Per Hedeland -- for the final e-mail message that gave me the last pieces of the puzzle.

FEATURE(`mailertable')

## makemap hash /etc/mailertable < /etc/mailertable
The mailer table maps domain names to a delivery agent. The key is to place the delivery agent in square brackets to prevent MX look ups on the host name.

domainname.com esmtp:[mail.domainname.com]

If you don't, the relay host will keep looping back to itself because all external MX pointers point to it!

define(`LOCAL_MAILER_PATH', /bin/false)
define(`LOCAL_SHELL_PATH', /bin/false)

Finally, you may want to tighten security a bit on the firewall, by disallowing local mail delivery. This requires that you add an alias in the form of user@domain.com for every account, such as root and postmaster, that may get mail that originates on the bastion host.

define(`confRUN_AS_USER', nobody)

and having it run as an unprivileged user most of the time.

(don't to the latter if you don't do the former though, local mail delivery may not work correctly in that case).

Another excellent source of information was the anti-relay page at http://hexadecimal.uoregon.edu/antirelay/. That is where these items came from:

define(`confRELAYS', `')
define(`confCR_FILE', `-o /usr/local/etc/sendmail.cR')
define(`RELAY_TO_DOMAIN', `hash -o /usr/local/etc/relay_to_domain')
define(`RELAY_TO_IP', `hash -o /usr/local/etc/relay_to_ip')
define(`RELAY_FROM_DOMAIN', `hash -o /usr/local/etc/relay_from_domain')
define(`RELAY_FROM_IP', `hash -o /usr/local/etc/relay_from_ip')
define(`RELAY_ERROR', `5.5.1')
define(`RELAY_MESSAGE', `"551 Relaying denied"')

HACK(relaycontrol)