Recipe 4.4 Forcing Masquerading of Local Mail

Problem

You have been asked to configure sendmail to masquerade all header sender addresses, even those processed by the local mailer that lack a hostname part.

Solution

Create a sendmail configuration that combines the always_add_domain feature used in Recipe 4.1 with the MASQUERADE_AS and EXPOSED_USER macros used in Recipe 4.2. Examples of these commands are:

 dnl Masquerade the From address as wrotethebook.com MASQUERADE_AS(`wrotethebook.com') dnl Users whose mail is not masqueraded EXPOSED_USER(root) dnl Add the domain name to all addresses FEATURE(`always_add_domain') 

Build and install the new sendmail.cf file, and restart sendmail as described in Recipe 1.8.

Discussion

The always_add_domain feature is not specific to masquerading. When always_add_domain is used without the MASQUERADE_AS macro, sendmail uses the fully qualified name of the local host found in the $j macro to create the hostname part of the sender address. ^[4] However, for this recipe we want to masquerade the hostname portion of the address; so the MASQUERADE_AS macro is used together with the always_add_domain feature in the recipe. After completing this recipe, running a sendmail -bt test produces the following result:

^[4] Recipe 4.1 shows the effect of always_add_domain when used without masquerading.

 #  sendmail -bt  ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> >  /tryflags HS  >  /try local alana  Trying header sender address alana for mailer local canonify           input: alana Canonify2          input: alana Canonify2        returns: alana canonify         returns: alana 1                  input: alana 1                returns: alana HdrFromL           input: alana AddDomain          input: alana AddDomain        returns: alana < @ *LOCAL* > MasqHdr            input: alana < @ *LOCAL* > MasqHdr          returns: alana < @ wrotethebook . com . > HdrFromL         returns: alana < @ wrotethebook . com . > final              input: alana < @ wrotethebook . com . > final            returns: alana @ wrotethebook . com Rcode = 0, addr = alana@wrotethebook.com >  /try local alana@chef  Trying header sender address alana@chef for mailer local canonify           input: alana @ chef Canonify2          input: alana < @ chef > Canonify2        returns: alana < @ chef . wrotethebook . com . > canonify         returns: alana < @ chef . wrotethebook . com . > 1                  input: alana < @ chef . wrotethebook . com . > 1                returns: alana < @ chef . wrotethebook . com . > HdrFromL           input: alana < @ chef . wrotethebook . com . > AddDomain          input: alana < @ chef . wrotethebook . com . > AddDomain        returns: alana < @ chef . wrotethebook . com . > MasqHdr            input: alana < @ chef . wrotethebook . com . > MasqHdr          returns: alana < @ wrotethebook . com . > HdrFromL         returns: alana < @ wrotethebook . com . > final              input: alana < @ wrotethebook . com . > final            returns: alana @ wrotethebook . com Rcode = 0, addr = alana@wrotethebook.com >  /try local alana@chef.wrotethebook.com  Trying header sender address alana@chef.wrotethebook.com for mailer local canonify           input: alana @ chef . wrotethebook . com Canonify2          input: alana < @ chef . wrotethebook . com > Canonify2        returns: alana < @ chef . wrotethebook . com . > canonify         returns: alana < @ chef . wrotethebook . com . > 1                  input: alana < @ chef . wrotethebook . com . > 1                returns: alana < @ chef . wrotethebook . com . > HdrFromL           input: alana < @ chef . wrotethebook . com . > AddDomain          input: alana < @ chef . wrotethebook . com . > AddDomain        returns: alana < @ chef . wrotethebook . com . > MasqHdr            input: alana < @ chef . wrotethebook . com . > MasqHdr          returns: alana < @ wrotethebook . com . > HdrFromL         returns: alana < @ wrotethebook . com . > final              input: alana < @ wrotethebook . com . > final            returns: alana @ wrotethebook . com Rcode = 0, addr = alana@wrotethebook.com >  /quit  

This test shows that local user addresses of all possible formats ( user , user @ host , and user @ host . domain ) are all rewritten into exactly the same format. The masquerade hostname stored in the $M macro is added to addresses that have no host part, and it is used to replace the hostname on addresses that do have a host part. Thus, the addresses alana , alana@chef , and alana@chef.wrotethebook.com all come out of the local mailer header sender address process rewritten to alana@wrotethebook.com . This consistency ensures that a reply to mail from Alana, regardless of how the original sender address was formatted, is handled in exactly the same way. In this case, all replies to mail from Alana will go to the mail exchanger first.

The goal of this recipe is to force sendmail to masquerade all sender addresses. At first glance, the allmasquerade feature might appear to be the correct choice for this recipe. However, the allmasquerade feature affects recipient addresses, and, in this recipe, we wish to rewrite only sender addresses. Recipe 4.5 covers masquerading the recipient address using the allmasquerade feature.

See Also

Recipe 4.1, Recipe 4.2, Recipe 4.3, and Recipe 4.5 provide information on related configurations. Recipe 3.1 covers the nullclient configuration. Recipe 3.3 covers the MAIL_HUB macro. The sendmail book covers the always_add_domain feature in 4.8.5 and the allmasquerade feature in 4.8.4.