file:///C|/mynapster/Downloads/warez/tcpip/ch09_08.htm Previous: 9.7 Mail Servers Chapter 9 Configuring Network Servers Next: 10. sendmail 9.8 Summary This chapter covers several important TCP/IP network services. Network File System (NFS) is the leading TCP/IP file-sharing protocol. It allows server systems to share directories with clients that are then used by the clients as if they were local disk drives. NFS uses trusted hosts and UNIX UIDs and GIDs for authentication and authorization. pcnfsd provides password-based user authentication and NFS-based printer sharing for non-UNIX clients. NFS-based printer sharing is not the only type of printer sharing available on a TCP/IP network. It is also possible to use the Line Printer Daemon (LPD). This software is originally from BSD UNIX but is widely available. The lpd program reads the printer definitions from the printcap file. Network Information Service (NIS) is a server that distributes several system administrations databases. It allows central control of and automatic distribution of important system configuration information. Bootstrap Protocol provides a wide range of configuration values to its client. Each implementation of BOOTP has a different configuration file and command syntax. The CMU BOOTP server stores configuration parameters in the /etc/bootptab file and uses a syntax very similar to the /etc/printcap syntax. Dynamic Host Configuration Protocol (DHCP) extends BOOTP to provide the full set of configuration parameters defined in the Requirements for Internet Hosts RFC. It also provides for dynamic address allocation, which allows a network to make maximum use of a limited set of addresses. Large networks use distributed boot servers to avoid overloading a single server and to avoid sending boot parameters through IP routers. The configuration files on distributed boot servers are kept synchronized through file transfer, NFS file sharing, or the Remote File Distribution Program (rdist). Post Office Protocol (POP) and Internet Message Access Protocol (IMAP) servers allow email to be stored on the mail server until the user is ready to read it. In the next chapter, we take a closer look at configuring an electronic mail system as we explore sendmail. file:///C|/mynapster/Downloads/warez/tcpip/ch09_08.htm (1 of 2) [2001-10-15 09:18:35] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. file:///C|/mynapster/Downloads/warez/tcpip/ch09_08.htm Previous: 9.7 Mail Servers TCP/IP Network Administration Next: 10. sendmail 9.7 Mail Servers Book Index 10. sendmail [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/ch09_08.htm (2 of 2) [2001-10-15 09:18:35] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] sendmail Previous: 9.8 Summary Chapter 10 Next: 10.2 Running sendmail as a Daemon 10. sendmail Contents: sendmail's Function Running sendmail as a Daemon sendmail Aliases The sendmail.cf File sendmail Configuration Rewriting the Mail Address Modifying a sendmail.cf File Testing sendmail.cf Summary Users have a love-hate relationship with email; they love to use it, and hate when it doesn't work. It's the system administrator's job to make sure it does work. That is the job we tackle in this chapter. sendmail is not the only mail transport program. MMDF (Multichannel Memorandum Distribution Facility) predates sendmail and is still used today. There are also variations of basic sendmail, such as IDA sendmail, that are widely used. But plain sendmail is the most widely used mail transport program, and it's the one we cover. This entire chapter is devoted to sendmail, and an entire book is easily devoted to the subject. [1] In part this is because of email's importance, but it is also because sendmail has a complex configuration. [1] See sendmail, by Costales and Allman (O'Reilly & Associates), for a book-length treatment of sendmail. The variety of programs and protocols used for email complicates configuration and support. SMTP sends email over TCP/IP networks. Another program sends mail between users on the same system. Still another sends mail between systems on UUCP networks. Each of these mail systems - SMTP, UUCP, and local mail - has its own delivery program and its own mail addressing scheme. All of this can cause confusion for mail users and for system administrators. file:///C|/mynapster/Downloads/warez/tcpip/ch10_01.htm (1 of 3) [2001-10-15 09:18:35] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] sendmail 10.1 sendmail's Function sendmail eliminates some of the confusion caused by multiple mail delivery programs. It does this by routing mail for the user to the proper delivery program based on the email address. It accepts mail from a user's mail program, interprets the mail address, rewrites the address into the proper form for the delivery program, and routes the mail to the correct delivery program. sendmail insulates the end user from these details. If the mail is properly addressed, sendmail will see that it is properly passed on for delivery. Likewise, for incoming mail, sendmail interprets the address and either delivers the mail to a user's mail program or forwards it to another system. Figure 10.1 illustrates sendmail's special role in routing mail between the various mail programs found on UNIX systems. Figure 10.1: Mail is routed through sendmail In addition to routing mail between user programs and delivery programs, sendmail: ● Receives and delivers SMTP (internet) mail ● Provides system-wide mail aliases, which allow mailing lists Configuring a system to perform all of these functions properly is a complex task. In this chapter we discuss each of these functions, look at how they are configured, and examine ways to simplify the task. First, we'll see how sendmail is run to receive SMTP mail. Then we'll see how mail aliases are used, and how sendmail is configured to route mail based on the mail's address. file:///C|/mynapster/Downloads/warez/tcpip/ch10_01.htm (2 of 3) [2001-10-15 09:18:35] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] sendmail Previous: 9.8 Summary TCP/IP Network Administration Next: 10.2 Running sendmail as a Daemon 9.8 Summary Book Index 10.2 Running sendmail as a Daemon [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/ch10_01.htm (3 of 3) [2001-10-15 09:18:35] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] 10.2 Running sendmail as a Daemon Previous: 10.1 sendmail's Function Chapter 10 sendmail Next: 10.3 sendmail Aliases 10.2 Running sendmail as a Daemon To receive SMTP mail from the network, run sendmail as a daemon during system startup. The sendmail daemon listens to TCP port 25 and processes incoming mail. In most cases the code to start sendmail is already in one of your boot scripts. If it isn't, add it. The following code is from the Slackware Linux /etc/rc.d/rc.M startup script: # Start the sendmail daemon: if [ -x /usr/sbin/sendmail ]; then echo "Starting sendmail daemon (/usr/sbin/sendmail -bd -q 15m) ." /usr/sbin/sendmail -bd -q 15m fi First, this code checks for the existence of the sendmail program. If the program is found, the code displays a startup message on the console and runs sendmail with two command-line options. One option, the -q option, tells sendmail how often to process the mail queue. In the sample code, the queue is processed every 15 minutes (-q15m), which is a good setting to process the queue frequently. Don't set this time too low. Processing the queue too often can cause problems if the queue grows very large, due to a delivery problem such as a network outage. For the average desktop system, every hour (-q1h) or half hour (-q30m) is an adequate setting. The other option relates directly to receiving SMTP mail. The option (-bd) tells sendmail to run as a daemon and to listen to TCP port 25 for incoming mail. Use this option if you want your system to accept incoming TCP/IP mail. The Linux example is a simple one. Some systems have a more complex startup script. Solaris 2.5, which dedicates the entire /etc/init.d/sendmail script to starting sendmail, is a notable example. The mail queue directory holds mail that has not yet been delivered. It is possible that the system went down while the mail queue was being processed. Versions of sendmail prior to sendmail V8, such as the version that comes with Solaris 2.5, create lock files when processing the queue. Therefore lock files may have been left behind inadvertently and should be removed during the boot. Solaris checks for the existence of the mail queue directory and removes any lock files found there. If a mail queue directory doesn't exist, it creates one. The additional code found in some startup scripts is not required when running sendmail V8. All you really need is the sendmail command with the -bd option. file:///C|/mynapster/Downloads/warez/tcpip/ch10_02.htm (1 of 2) [2001-10-15 09:18:36] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] 10.2 Running sendmail as a Daemon Previous: 10.1 sendmail's Function TCP/IP Network Administration Next: 10.3 sendmail Aliases 10.1 sendmail's Function Book Index 10.3 sendmail Aliases [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/ch10_02.htm (2 of 2) [2001-10-15 09:18:36] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] 10.3 sendmail Aliases Previous: 10.2 Running sendmail as a Daemon Chapter 10 sendmail Next: 10.4 The sendmail.cf File 10.3 sendmail Aliases It is almost impossible to exaggerate the importance of mail aliases. Without them, a sendmail system could not act as a central mail server. Mail aliases provide for: ● Alternate names (nicknames) for individual users ● Forwarding of mail to other hosts ● Mailing lists sendmail mail aliases are defined in the aliases file. [2] The basic format of entries in the aliases file is: [2] The location of the file is defined in the "Options" section of the sendmail configuration file. alias: recipient[, recipient, .] alias is the name to which the mail is addressed, and recipient is the name to which the mail is delivered. recipient can be a username, the name of another alias, or a full email address containing both a username and a hostname. Including a hostname allows mail to be forwarded to a remote host. Additionally, there can be multiple recipients for a single alias. Mail addressed to that alias is delivered to all of the recipients, thus creating a mailing list. Aliases that define nicknames for individual users can be used to handle frequently misspelled names. You can also use aliases to deliver mail addressed to special names, such as postmaster or root, to the real users that do those jobs. Aliases can also be used to implement simplified mail addressing, especially when used in conjunction with MX records. [3] This aliases file from almond shows all of these uses: [3] Chapter 8, Configuring DNS Name Service , discusses MX records. # special names postmaster: clark root: norman file:///C|/mynapster/Downloads/warez/tcpip/ch10_03.htm (1 of 3) [2001-10-15 09:18:36] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] 10.3 sendmail Aliases # accept firstname.lastname@nuts.com rebecca.hunt: becky@peanut jessie.mccafferty: jessie@walnut anthony.resnick: anthony@pecan andy.wright: andy@filbert # a mailing list admin: kathy, david@peanut, sara@pecan, becky@peanut, craig, anna@peanut, jane@peanut, christy@filbert owner-admin: admin-request admin-request: craig The first two aliases are special names. Using these aliases, mail addressed to postmaster is delivered to the local user clark, and mail addressed to root is delivered to norman. The second set of aliases is in the form of firstname and lastname. The first alias in this group is rebecca.hunt. Mail addressed to rebecca.hunt is forwarded from almond and delivered to becky@peanut. Combine this alias with an MX record that names almond as the mail server for nuts.com, and mail addressed to rebecca.hunt@nuts.com is delivered to becky@peanut.nuts.com. This type of addressing scheme allows each user to advertise a consistent mailing address that does not change just because the user's account moves to another host. Additionally, if a remote user knows that this firstname.lastname addressing scheme is used at nuts.com, he can address mail to Rebecca Hunt as rebecca.hunt@nuts.com without knowing her real email address. The last two aliases are for a mailing list. The alias admin defines the list itself. If mail is sent to admin, a copy of the mail is sent to each of the recipients (kathy, david, sara, becky, craig, anna, jane, and christy). Note that the mailing list continues across multiple lines. A line that starts with a blank or a tab is a continuation line. The owner-admin alias is a special form used by sendmail. The format of this special alias is owner- listname where listname is the name of a mailing list. The person specified on this alias line is responsible for the list identified by listname. If sendmail has problems delivering mail to any of the recipients in the admin list, an error message is sent to owner-admin. The owner-admin alias points to admin-request as the person responsible for maintaining the mailing list admin. Aliases in the form of listname-request are commonly used for administrative requests, such as subscribing to a list, for manually maintained mailing lists. Notice that we point an alias to another alias, which is perfectly legal. The admin-request alias resolves to craig. sendmail does not use the aliases file directly. The aliases file must first be processed by the newaliases command. newaliases is equivalent to sendmail with the -bi option, which causes sendmail to build the aliases database. newaliases creates the database files that are used by sendmail when it is searching for aliases. Invoke newaliases after updating the aliases file to make sure that sendmail is able to use the new aliases. [4] [4] If the D option is used (see Appendix E, A sendmail Reference), sendmail automatically rebuilds the aliases database - even if newaliases is not run. file:///C|/mynapster/Downloads/warez/tcpip/ch10_03.htm (2 of 3) [2001-10-15 09:18:36] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [Chapter 10] 10.3 sendmail Aliases 10.3.1 Personal mail forwarding In addition to the mail forwarding provided by aliases, sendmail allows individual users to define their own forwarding. The user defines her personal forwarding in the .forward file in her home directory. sendmail checks for this file after using the aliases file and before making final delivery to the user. If the .forward file exists, sendmail delivers the mail as directed by that file. For example, say that user kathy has a .forward file in her home directory that contains kathy@podunk.edu. The mail that sendmail would normally deliver to the local user kathy is forwarded to kathy's account at podunk.edu. Use the .forward file for temporary forwarding. Modifying aliases and rebuilding the database takes more effort than modifying a .forward file, particularly if the forwarding change will be short-lived. Additionally, the .forward file puts the user in charge of his own mail forwarding. Mail aliases and mail forwarding are handled by the aliases file and the .forward file. Everything else about the sendmail configuration is handled in the sendmail.cf file. Previous: 10.2 Running sendmail as a Daemon TCP/IP Network Administration Next: 10.4 The sendmail.cf File 10.2 Running sendmail as a Daemon Book Index 10.4 The sendmail.cf File [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/ch10_03.htm (3 of 3) [2001-10-15 09:18:36] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [...]... contains the correct mailer definitions to run sendmail in a TCP/IP network environment You shouldn't need to modify any mailer definitions Previous: 10.4 The sendmail.cf File 10.4 The sendmail.cf File TCP/IP Network Administration Book Index Next: 10.6 Rewriting the Mail Address 10.6 Rewriting the Mail Address [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical... it is because of the difficult syntax of the sendmail.cf configuration language Previous: 10.3 sendmail Aliases 10.3 sendmail Aliases TCP/IP Network Administration Book Index Next: 10.5 sendmail Configuration 10.5 sendmail Configuration [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] Please purchase PDF Split-Merge on www.verypdf.com to remove... Step The directory also contains a few prototype files designed to be easily modified and used for other operating systems We will modify the tcpproto.mc file, which is for systems that have direct TCP/IP network connections and no direct UUCP connections, to run on our Linux system 10.4.1.1 Building a sendmail.cf with m4 macros The prototype files that come with the sendmail tar are not "ready to run."... programs, always called prog This definition is found in most configurations A definition for TCP/IP mail delivery, here called smtp A definition for an Extended SMTP mailer, here called esmtp A definition for an SMTP mailer that handles unencoded 8-bit data, here called smtp8 A definition for a mailer that relays TCP/IP mail through an external mail relay host, here called relay A close examination of... systems, NIS maps and NIS+ tables are built with standard commands that come with those operating systems The syntax for using those maps within sendmail is different (see Table 10-4) Networking Personal Computers with TCP/IP, by Craig Hunt (O'Reilly & Associates) provides an example of using a NIS map inside of sendmail Assume that the data shown above has been put in a file named realnames The following... your sendmail.cf file Frequently information relating to uucp, to alias hostnames, and to special domains for mail routing is defined in class statements If your system has a uucp connection as well as a TCP/IP connection, pay particular attention to the class definitions But in any case, check the class definitions carefully and make sure they apply to your configuration Please purchase PDF Split-Merge . Chapter 9 Configuring Network Servers Next: 10. sendmail 9.8 Summary This chapter covers several important TCP/IP network services. Network File System (NFS). Mail Servers TCP/IP Network Administration Next: 10. sendmail 9.7 Mail Servers Book Index 10. sendmail [ Library Home | DNS & BIND | TCP/IP | sendmail