Chapter NINETEEN. An Introduction to sendmail

Chapter NINETEEN. An Introduction to sendmail

Chapter Syllabus

19.1 Basic Checks to Ensure That sendmail Is Installed and Working

19.2 Using sendmail without Using DNS

19.3 Mail Aliases

19.4 Masquerading or Site Hiding and Possible DNS Implications

19.5 A Simple Mail Cluster Configuration

19.6 Building Your Own sendmail.cf File

19.7 Monitoring Mail Queue

In this chapter, we introduce sendmail . The world of sendmail is vast, due primarily to the configurability of sendmail . The extent of its configurability can be demonstrated by the expanse of the documentation available for sendmail . The bible for sendmail is undoubtedly the O'Reilly and Associates book (called sendmail , funnily enough) that currently (in its 3rd edition) runs to a weighty 1,232 pages. Thankfully, the sendmail configuration file ( /etc/mail/sendmail.cf ) works well out of the box on HP-UX. We don't need to do much to get sendmail off the ground. We don't get into the format and rewriting of rulesets here; that's more the job of a specialized mail-administrator. We are going to look at some interesting features of sendmail , including looking at building our own sendmail.cf file, which includes additional features that allow us to protect our email systems against things like spamming .

sendmail starts automatically on HP-UX and acts as an MTA (Mail Transport Agent) as well as an MDA (Mail Delivery Agent). This is the job most people associate sendmail with: routing and delivering email. sendmail can be ran as an MUA (Mail User Agent), which simply means that it reads and writes your individual email messages. Most people will not use sendmail as an MUA because it is cumbersome and not user friendly. Programs such as mailx and elm are far easier to navigate. The only people I know who use sendmail as an MUA are sad, lonely individuals who don't get out much.

root@hpeos003[]

sendmail -v root

WARNING: local host name (hpeos003) is not qualified; fix $j in config file

hello from me


.

root... Connecting to local...

root... Sent

root@hpeos003[]

root@hpeos003[]

mail

From root@hpeos003 Thu Oct 23 13:41:54 BST 2003

Received: (from root@localhost)

        by hpeos003 (8.11.1 (Revision 1.5) /8.9.3) id

h9JCfm803218

        for root; Thu, 23 Oct 2003 13:41:48 +0100 (BST)

Date: Thu, 23 Oct 2003 13:41:48 +0100 (BST)

From: root@hpeos003

Message-Id: <200310231241.h9JCfm803218@hpeos003>



hello from me



?

q

root@hpeos003[]

The warning message you saw above is one of the things we want to sort out. We are looking at the following tasks :

1. Basic checks to ensure that sendmail is installed and working.

2. Using sendmail without using DNS.

3. Mail aliases.

4. Masquerading or site hiding.

5. A simple mail cluster configuration.

6. Other diagnostic tools.

Let's get started.

19.1 Basic Checks to Ensure That sendmail Is Installed and Working

The current version of sendmail for HP-UX is version 8.11.1. This is the version you need to support IPv6. There are lots of additional features with this version of sendmail as well as support for IPv6, including the following:

• Multiple queue directories

• Enhanced status codes as defined by RFC 2034

• ClientPort options

• DaemonPort Options

• IPv6 support (only on 11i)

• Spam control using Message Submission Agent

• SMTP authentication

• Virtual hosting

• LDAP-based routing

• Improved anti-spam features

• New configuration options

• New command line options

You can get this version of sendmail as a free download from http://software.hp.com ”Security and Manageability. The simplest test to ensure that sendmail is installed and working is to see if the sendmail process is running:

root@hpeos003[]

ps -ef  grep sendmail

root  2854     1  0 13:35:09 ?         0:01 sendmail: accepting connections

root@hpeos003[]

By default, sendmail starts in daemon mode ( -bd ) and processes the mail queue every 30 seconds ( -q30m ). If you want to change the parameters passed to sendmail , e.g., the frequency of checking the mail queue, you have to edit the startup script /sbin/init.d/sendmail . Later, we will not run the daemon, because some of our machines will be mail clients . Another test to ensure that the daemon is running is simply to telnet to port 25 on our local machine. If the daemon is running, it should be listening for incoming mail on port 25.

root@hpeos003[]

telnet localhost 25

Trying...

Connected to localhost.

Escape character is '^]'.

220 hpeos003 ESMTP Sendmail 8.11.1 (Revision 1.5) /8.9.3; Sun, 19 Oct 2003

16:04:18 +0100 (BST)

helo hp.com

250 hpeos003 Hello localhost [127.0.0.1], pleased to meet you

quit

221 2.0.0 hpeos003 closing connection

Connection closed by foreign host.

root@hpeos003[]

If you install the 8.11.1 version of sendmail , the actual binaries are installed in a directory under /usr/ contrib /sendmail . The original binaries are symbolic links to files under /usr/contrib/sendmail :

root@hpeos003[]

ll /usr/sbin/sendmail

lrwxr-xr-x   1 root       sys             39 Oct  1 21:03 /usr/sbin/sendmail -> /

usr/contrib/sendmail/usr/sbin/sendmail

root@hpeos003[]

ll /usr/contrib/sendmail/usr/sbin

total 2980

-r-xr-xr-x   1 bin        bin           9878 Apr  5  2003 expand_alias

-r-xr-xr-x   1 bin        bin          16384 Apr  5  2003 idlookup

-r-xr-xr-x   1 bin        bin           1179 Apr  5  2003 killsm

-r-xr-xr-x   1 bin        bin          20480 Apr  5  2003 mailstats

-r-xr-xr-x   1 bin        bin         442368 Apr  5  2003 makemap

-r-xr-xr-x   1 bin        bin            184 Apr  5  2003 mtail

-r-xr--r--   1 bin        bin             42 Apr  5  2003 owners

-r-sr-sr-t   1 root       mail       1015808 Jun 30 11:57 sendmail

-r-x--x--x   1 bin        bin          16384 Apr  5  2003 smrsh

root@hpeos003[]

As you can see, the sendmail binary is a SUIG/SGID program with the sticky-bit set. This is another check to make sure that it is installed and working correctly. Now that we know it's running, we can start looking at some of the configuration options.