Alexander Dalloz <alexander.dalloz@xxxxxxxxxxxxxxxx> writes: [...] > Is newsguy.com your domain? I ask because of the central and important > comment on masquerading from the cf/README: No, as is explained further along, my `domain' is a home made one: local.net0 > "The masquerade name is not normally canonified, so it is important that > it be your One True Name, that is, fully qualified and not a CNAME. > However, if you use a CNAME, the receiving side may canonify it for you, > so don't think you can cheat CNAME mapping this way." > (http://www.sendmail.org/m4/masquerading_relaying.html) This confuses me to no end: First the README shows: `MASQUERADE_AS(`host.domain')' (It shows `host' where first part of domain name should be). As I understand it the naming convention is: host.domain.designator = reader.local.net0 Using my FQDN that would be `reader.net0' rather than `reader.local.com' So I've assumed it really wants `network.domain'. If one uses ones `One True Name', in this case `1ocal.net0' (I guess it means the last part of my fqdn?) then it is not masquerading as something else. But the paragraph just proceeding the one you quoted says in part: You can have your host masquerade as another using MASQUERADE_AS(`host.domain') This causes mail being sent to be labeled as coming from the indicated host.domain, rather than $j. But `$j' is my fqdn (reader.local.net0). Clearly the intent is to parade as something you are not. So inserting `local.net0' there would not accomplish that goal it seems. >> My assumption was that the `Smart_host' at the other end of my >> sendmails outgoing activity required a resolvable host as source IP to >> avoid bouncing. I thought by setting some genericstable vars I could >> make it appear to be a resolvable host name. > It makes not much sense to offer a smart host which requires a > resolvable FQDN. How should people at home with DSL, modem or ISDN > connection mail throught their ISP's smart host? It is the task of the > ISP's smart host to jump into this gap and offer such linked users the > ability to use their own MTA without the risk that many if not most of > the recipient MTAs reject mail coming from them, just because they have > no resolvable FQDN. What you say does make sense, and shows a major flaw in my picture of what is happening and how it all works. > Whether the contacting host announces himself with a resolvable FQDN at > HELO/EHLO depends from settings of the real hostname, the domain name > (if set in sendmail.mc) and from masquerading settings (if are defined). > Genericstable does only rewrite the sender envelope address. Ok, that is more I didn't understand (about genericstable). >> It is not an internet FQDN, just my own made up domain for my local >> lan. Therefore will never be resovable by dns lookups. > > Important is that your bogus (internal) FQDN is internally resolvable. > Using a > >> My attempt at using generics tables consisted of adding: >> (see sendmail2.mc below for the full settings) >> >> FEATURE(`genericstable')dnl >> FEATURE(`generics_entire_domain')dnl >> >> And to /etc/mail/genericstable: >> reader reader@xxxxxxxxxxx > > --> GENERICS_DOMAIN(`local.net0')dnl > > belongs to the set, else the genericstable feature would not know for > which domains to look for rewriting. OK, I can see how that might help and have even tried it as I recall. You may notice it appears in the posted sendmail1.mc. IE the one that causes bounces. >> Building the hash and restarting sendmail. > > Maybe my misunderstanding at this point and just to clear out: if you > only change map files (the text files from which hashes/.db files are > generated) you do not need to restart Sendmail. That is one sense of > using these hash files. If you reread that you'll see I'm describing a chain of events: 1) edit *.mc and generate sendmail.cf 2) build genericstable 3) restart sendmail It was point 1 that required the restart. [...] >> >From /var/log/messages [...] > Please check what following prints out: > echo "$=M" | /usr/lib/sendmail -bt -d0 Version 8.13.1 Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB USE_LDAP_INIT ============ SYSTEM IDENTITY (after readcf) ============ (short domain name) $w = reader (canonical domain name) $j = reader.local.net0 (subdomain name) $m = local.net0 (node name) $k = reader.local.net0 ======================================================== ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> > echo "$=G" | /usr/lib/sendmail -bt # echo "$=G" | /usr/lib/sendmail -bt ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> > local.net0 > The hosts file looks perfect. OK, I got something right... >> ===== >> sendmail1.mc > > [ ... ] > >> FEATURE(`genericstable')dnl >> FEATURE(`generics_entire_domain')dnl >> GENERICS_DOMAIN(`local.net0')dnl > > [ ... ] > >> === >> sendmail2.mc > > [ ... ] > >> FEATURE(`genericstable')dnl >> GENERICS_DOMAIN(`local.net0')dnl > > [ ... ] > >> LOCAL_DOMAIN(`localhost.localdomain')dnl >> MASQUERADE_AS(`newsguy.com')dnl >> FEATURE(masquerade_envelope)dnl > > [ ... ] > > There is missing: > > MASQUERADE_DOMAIN(`localhost')dnl > MASQUERADE_DOMAIN(`localhost.localdomain')dnl > MASQUERADE_DOMAIN(`reader.local.net0')dnl > > Both commands from above for class{M} and class{G} have to show proper > settings. Maybe, but sendmail2.mc which contains only MASQUERADE_AS(`newsguy.com')dnl FEATURE(masquerade_envelope)dnl (concerning masquerading) Is the one that works. The other (sendmail1.mc) does not. So that leaves some questions. But first let me input some further information. I've now noticed that I can put just about anything in that field MASQUERADE_AS(`whizbang.net')dnl is currently in sendmail.cf and it works ok. I'll send this message that way and there will be no bounce. So I'm re-evaluating what that actually does. Its not doing what I thought at all but is still doing something. So removing all generics language I'll run a test with the following *.mc. Note it contains two masquerade entries: MASQUERADE_AS(`whizbang.net')# [HP 08/12/04 13:38 Not used since]dnl FEATURE(masquerade_envelope)# [HP 08/12/04 13:38 Not used since]dnl If I remove either one of them my mail bounces immediately. Sorry to include another full *.mc but it seems the only way to avoid any misunderstanding or confusion about what is or is not present in it. So with all generics stuff removed with this *mc in place my mail goes thru, can you tell me what the masquerade stuff is doing that allows my mail to go thru, as you see it is set to `whizbang.net': divert(-1)dnl include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`setup for Red Hat Linux')dnl OSTYPE(`linux')dnl define(`SMART_HOST',`smtp.newsguy.com') define(`confDEF_USER_ID',``8:12'')dnl define(`confTO_CONNECT', `1m')dnl define(`confTRY_NULL_MX_LIST',true)dnl define(`confDONT_PROBE_INTERFACES',true)dnl define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl define(`ALIAS_FILE', `/etc/aliases')dnl define(`STATUS_FILE', `/var/log/mail/statistics')dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl define(`confAUTH_OPTIONS', `A')dnl define(`confTO_IDENT', `0')dnl FEATURE(`no_default_msa',`dnl')dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`virtusertable')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl FEATURE(use_ct_file)dnl FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl FEATURE(`blacklist_recipients')dnl FEATURE(`accept_unresolvable_domains')dnl LOCAL_DOMAIN(`localhost.localdomain')dnl MASQUERADE_AS(`whizbang.net')# [HP 08/12/04 13:38 Not used since]dnl FEATURE(masquerade_envelope)# [HP 08/12/04 13:38 Not used since]dnl MAILER(smtp)dnl MAILER(procmail)dnl
