ProblemYou have been asked to configure sendmail to masquerade the header sender address on all mail sent to external hosts , without adding the masquerade hostname to mail delivered by the local mailer. SolutionAdd the local_no_masquerade feature, the MASQUERADE_AS macro, and the EXPOSED_USER macro to the sendmail configuration. Here are examples of these configuration commands: dnl Masquerade the From address as wrotethebook.com MASQUERADE_AS(`wrotethebook.com') dnl Users whose mail is not masqueraded EXPOSED_USER(root) dnl Don't masquerade addresses for the local mailer FEATURE(`local_no_masquerade') Build and install the new sendmail.cf file, and then restart sendmail. These steps are shown in Recipe 1.8. DiscussionThe hostname defined on the MASQUERADE_AS command line is stored in the sendmail.cf $M macro. sendmail rewrites the hostname in the From : address to the value found in the $M macro if the original hostname is listed in class $=w or class $=M . By default, class $=w contains all of the names and addresses of the local host. Thus, mail sent from the local host is masqueraded using the value from $M . This is exactly what you want when mail is sent to an external host, but it might not be exactly what you want when the local mailer delivers the mail locally. Some tests show how local mail is handled by the MASQUERADE_AS macro. First, we run two tests using the configuration defined in Recipe Recipe 4.2 (i.e., masquerading without the l ocal_no_masquerade feature): # sendmail -bt -Crecipe4.2.cf ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> > /tryflags HS > /try local alana Trying header sender address alana for mailer local canonify input: alana Canonify2 input: alana Canonify2 returns: alana canonify returns: alana 1 input: alana 1 returns: alana HdrFromL input: alana MasqHdr input: alana MasqHdr returns: alana HdrFromL returns: alana final input: alana final returns: alana Rcode = 0, addr = alana > /try local alana@chef.wrotethebook.com Trying header sender address alana@chef.wrotethebook.com for mailer local canonify input: alana @ chef . wrotethebook . com Canonify2 input: alana < @ chef . wrotethebook . com > Canonify2 returns: alana < @ chef . wrotethebook . com . > canonify returns: alana < @ chef . wrotethebook . com . > 1 input: alana < @ chef . wrotethebook . com . > 1 returns: alana < @ chef . wrotethebook . com . > HdrFromL input: alana < @ chef . wrotethebook . com . > MasqHdr input: alana < @ chef . wrotethebook . com . > MasqHdr returns: alana < @ wrotethebook . com . > HdrFromL returns: alana < @ wrotethebook . com . > final input: alana < @ wrotethebook . com . > final returns: alana @ wrotethebook . com Rcode = 0, addr = alana@wrotethebook.com > /quit Two valid local addresses are processed as header sender addresses for the local mailer. The first address is the local address for the username alana without any host part. In this case, the address goes in as alana, is processed, and comes out as alana . This is fine. Local addresses do not need a hostname part for delivery. Any local user receiving mail from alana can reply to that address and the mail will be successfully delivered by the local mailer. The second address, alana@chef.wrotethebook.com , is also a valid local address for alana because chef.wrotethebook.com is the name of the local host. This time, however, the address is changed to alana@wrotethebook.com by the header sender process. If a local user replies to alana@wrotethebook.com , the local mailer does not deliver the mail locally; instead, it is sent to the mail exchanger for wrotethebook.com by the esmtp mailer. Final delivery becomes the responsibility of the mail exchanger. After adding the configuration lines shown in the Solution section, and building and installing the sendmail.cf file, the test results are different: # sendmail -bt ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> > =SHdrFromL R< @ > MAILER-DAEMON R@ < @ $* > MAILER-DAEMON R$+ $: $> AddDomain > /tryflags HS > /try local alana Trying header sender address alana for mailer local canonify input: alana Canonify2 input: alana Canonify2 returns: alana canonify returns: alana 1 input: alana 1 returns: alana HdrFromL input: alana HdrFromL returns: alana final input: alana final returns: alana Rcode = 0, addr = alana > /try local alana@chef.wrotethebook.com Trying header sender address alana@chef.wrotethebook.com for mailer local canonify input: alana @ chef . wrotethebook . com Canonify2 input: alana < @ chef . wrotethebook . com > Canonify2 returns: alana < @ chef . wrotethebook . com . > canonify returns: alana < @ chef . wrotethebook . com . > 1 input: alana < @ chef . wrotethebook . com . > 1 returns: alana < @ chef . wrotethebook . com . > HdrFromL input: alana < @ chef . wrotethebook . com . > HdrFromL returns: alana < @ chef . wrotethebook . com . > final input: alana < @ chef . wrotethebook . com . > final returns: alana @ chef . wrotethebook . com Rcode = 0, addr = alana@chef.wrotethebook.com > /quit Processing alana as a header sender address yields the same result as before. The address goes in as alana and comes out as alana . However, this time the process is different ”the MasqHdr ruleset is not called by the HdrFromL ruleset. The difference is more clearly seen in the processing of the alana@chef.wrotethebook.com address, which also goes through the process unchanged. A reply to the header sender address for either alana or alana@chef.wrotethebook.com is handled as local mail and delivered by the local mailer. Using local_no_masquerade reduces overhead by keeping local mail local, but the impact of having some local mail go through an external host is probably not too large. The local_no_masquerade feature also ensures that all mail from local users addressed to local users is handled in the same way. Consistency is an advantage of this feature. Recipe 4.4 shows the opposite approach to obtaining consistency, which is to force masquerading of all sender addresses. See AlsoRecipe 4.2 and Recipe 4.4 describe similar recipes. The sendmail book covers MASQUERADE_AS in 4.4.2, EXPOSED_USER in 4.4.1, and local_no_masquerade in 4.8.20. The "Address Masquerading" section of Linux Sendmail Administration , by Craig Hunt (Sybex), is a tutorial on masquerading. The cf/README file covers masquerading in the section Masquerading and Relaying . |