Other Support Files

The other side of configuring Sendmail is setting up how it will deliver mail and who it will allow to use its services. The rest of the Sendmail module is devoted to these options, and you are likely to spend more time on these pages than on the Options page. These pages configure all of the other files that Sendmail relies on to tell it how to do its job, including the aliases, access, domaintable, mailertable, relay-domains, and virtusertable files.

Mail Aliases

Sendmail provides a means to direct mail to a given recipient under an alias. For example, it is possible to have mail sent to Postmaster delivered to root. It is also possible to direct mail, to several addresses, into a file, to feed it to a program, or provide an automatic reply. These aliases are stored in a file called aliases that is usually located in /etc.

Address

This is simply the address that will be the alias. When mail is sent to this address, the action defined in Alias to option below will be performed. The alias does not contain the domain name. For example, joesalias instead of joesalias@swelltech.com.

Enabled

Here you may mark an alias as enabled or disabled. A disabled address will be preceded by a # in the aliases and will appear in italics in the list of aliases in the Webmin display.

Alias to

Here you define what Sendmail does when it receives a message for this aliased address. There are several options for this, and they are selected from the dropdown list. Email address is simply another email address to deliver the mail to. Addresses in a file causes the mail to be sent to every address named in the file provided in the text entry field - this allows you to more easily allow users to create their own aliases without giving them access to the /etc/aliases file. Write to file will cause Sendmail to write every mail sent to the address to a file chosen in the text entry field. Feed to program is interesting, in that it allows you to direct mail to any program on your system, thus you could write a script or a program (or find one already written) to provide any number of services based on the email received. Or it could file your mail in a database, or customer service system, or any number of other useful things. Finally, Autoreply from file simply sends a mail automatically back to the sender containing whatever is in the file listed in the text field.

The rest of the page is devoted to a listing of existing aliases. As mentioned above, enabled entries are in plain text, while disabled entries are in italics. Clicking an alias allows you to edit, delete, or add destinations to an alias. Clicking Manually edit /etc/aliased provides a simple text editor field wherein you can manually edit or view your aliases file. Be careful, as the format and entries will not be checked by Webmin for correctness. If you make a mistake your Sendmail may complain loudly (in the logs) and stop working.

Local Domains

This page configures the sendmail.cw file and allows you to choose what domains Sendmail will accept local mail delivery for. By default Sendmail only accepts delivery for the local host. In order to accept mail for a whole domain, or a number of domains, they must be listed here. Also, the domains must have a DNS MX record that points to the server where your Sendmail is running. Sendmail can handle mail for any number of domains; however, setting up virtual hosting with Sendmail is a little tricky. A good document that describes the technique can be found on the Virtual Hosting With Sendmail [http://www.sendmail.org/virtual-hosting.html ] page. Virtual hosting is also discussed briefly in the tutorial section of this chapter.

Domain Masquerading

The Domain Masquerading page provides access to the domain masquerading features of Sendmail. This allows you to make all outgoing messages appear to be from the same domain. When a domain masquerading rule is in place, Sendmail will replace the From address of all outgoing mail to appear to come from the domain to be masqueraded as. Also see the Local Domains page for more as well as a helpful link regarding virtual hosting in Sendmail.

Trusted Users

Ordinarily, Sendmail will not allow a user to claim to be a different user. However, if listed here, users will be trusted to claim they are another user or from another domain. Care should be taken when using this option, as it is one of the safeguards against spoofed email addresses.

Address Mapping

An Address mapping is similar to an alias, except they are able to handle domain information, as needed by virtual domains. To create an address mapping, all you must do is enter the address or domain to act upon. And a send to action to perform on each message as it is received by Sendmail. For example, if I host the domain penguinfeet.org on my swelltech.com server, then I must set up a method for mail sent to sysadmin@penguinfeet.org to make it into my mailbox at joe. So, I would create a map wherein the Mail for address is sysadmin@penguinfeet.org and the Send to address is joe.

Domain Routing

This option provides a special type of gateway in which your server accepts mail for a domain or host, but then passes it on to another specific mail server. This can be of use in environments where one or more subdomains have their own mail server that is behind a firewall and cannot directly deliver or receive mail on its own. Also, this allows Sendmail to provide gateway/proxy/translation services, if the other mail server does not support common transports and protocols. This use is in decline, as the vast majority of mail servers (even the few not running Sendmail) now speak the common protocols. These domains should not be listed in Local Domains, as then the server would accept the mail for local delivery, which is not what is desired in this case. You should still have a DNS MX record that points to the Sendmail server for each of the domains listed here, so that mail will be sent first to this system, where it then will handle it in whatever way is defined.

Mail for

This field allows you to enter a host or domain for which Sendmail will accept mail. It will not deliver the mail locally, but will instead pass it on to another server.

Delivery

Here you select how Sendmail will deliver the mail for the selected domain. The most common method is SMTP; however, Sendmail supports a wide range of delivery methods.

Send to

This should be the mail server where mail for this domain should be forwarded to. Checking the Ignore MX for SMTP delivery box will cause Sendmail to ignore MX entries in the DNS server for the domain and send to an explicitly selected server.

Outgoing Addresses (Generics)

Here you define mappings that Sendmail will use to modify the From addresses of outgoing mail (either from local users or from other hosts for delivery to other servers). This can be useful if you host multiple domains on the same mail server and want mail from some users to be addressed as though coming from those other domains. You must also include any domains to be remapped on the Outgoing Domains page, before Sendmail will perform any remappings on an address. Also, this mapping will not affect mail delivered to local users unless your .cf contains support for FEATURE(‘always_add_domain').

Mail from

Here you enter a username or full email address for a user to remap.

Change to

Here you enter the address to change the above address into.

Manually edit/etc/mail/genericstable

Clicking this provides a simple text entry field, where all genericstable mappings are listed. You may edit them manually here. Take care, however, as manually edited entries are not checked by Webmin for grammatical correctness.

Outgoing Domains

By default Sendmail only performs Outgoing Address translations on mail from local users (users in the same domain as the Sendmail server). Any outside domains to be remapped must be entered here.

Domain Mapping

This feature allows you to remap all To and >From addresses for a domain to another domain. This is useful if, for example, your company changes names and you'd like all mail to be changed from mailuser@oldname.com to mailuser@newname.com. This change will affect all mail that is delivered to, relayed through, or sent out from your server. Use of this should be limited to your domains.

Spam Control

On this page, you may configure any number of rules, with the purpose of preventing spammers from using your system and network resources for their evil purposes. Though this is just the tip of the iceberg for the spam control features provided by recent Sendmail versions, it does provide you with a very good means of preventing spam on your network. The first and primary goal is to prevent anyone from outside of your network from using your server as a relay for spam. Luckily, in recent versions of Sendmail, the default is to refuse to relay from any host not on your local network. This makes your job a little easier, because all you must do is allow mail relaying from your trusted hosts and domains. Here also, you can add rules to explicitly disallow mail from some known spammers. For example, if your users began receiving large batches of unsolicited commercial email ( UCE, affectionately known as spam) from the bigdumbspammers.com (not a real domain at the time of this writing) and the administrators of this domain either don't care or are active participants in the spamming, you could simply block them from sending mail to any of our clients. You would enter the domain name and select Reject or provide an error message by using the Error code.

For more on spam control topics in Sendmail, the Allowing controlled SMTP relaying in Sendmail [http://www.sendmail.org/tips/relaying.html] page provides more documentation for several of the new Sendmail features to prevent spam, such as using The Realtime Blackhole List [http://mail-abuse.org/rbl/], which provides a blacklist of known spammers and open relays. Also, it may be worthwhile to visit The Mail Abuse Prevention System [http://mail-abuse.org/] for more on ways to fight spam.

Relay Domains

Any local domains that you would like to allow relaying to should be listed here. Any incoming mail that is not for a local user and not for one of these listed domains will be rejected by Sendmail. If your Sendmail is providing mail service for several domains in a virtual hosting fashion, those domains should be listed here also.

Mail Queue

This page provides access to the mail queue. Depending on your configuration, your queue may be a fleeting thing, or it may fill until it is flushed periodically or manually. Usually, if you have full-time Net access and a full-time DNS server, you will use the background mode of delivering mail. In this case, mail will only be in the queue for a few seconds or minutes before being sent out to the recipient servers. However, in the event of a transient delivery failure (a non-permanent error), the message will remain in the queue until the message is discarded (due to permanent error) or successfully sent. Any message in the queue may be viewed by clicking the message ID. Also, messages may be deleted from the queue. Finally, it is possible to manually flush the queue, and Sendmail will attempt to deliver all messages in the queue immediately.

User Mailboxes

A great feature of the Webmin Sendmail module is the ability to read mail via a Web interface. While not a full-featured mail client (even as web-based clients go), it is a quick and easy way to check messages for accounts that ordinarily do not get checked by a user. For example, on my system, I receive daily backup reports from my backup system, so I check them periodically via the Webmin interface just to look out for problems.

To check mail for root simply click the name. From there you'll be presented with a list of all of that user's emails. Clicking the message will display it. From the User Email page it is also possible to delete messages and to compose a new message (Figure 11-2).

Figure 11-2: User Email