General
cancel
Showing results for 
Search instead for 
Did you mean: 

Can't relay mail due to hostname as part of domain side

Rich Kloempken
Contributor

Can't relay mail due to hostname as part of domain side

We are currently migrating our perfectly working HP-UX servers into a new network which requires the use of a mail relay host. I have configured the DS macro in the sendmail.cf file to include the name of the relay and the relay was configured to accept mail from our DNS domain. However, we are still not able to pass mail to the Internet through the relay. The messaging team is telling us that the relay is blocking the messages because the hostname is in the sender address, ie, 'root@earth.company.com'. They are requiring us to remove the hostname and create the sender format of 'root@company.com'. This will not work, as when you have 100 HP systems sending error messages to pagers, you need to have the identity of the box name to identify which HP server experienced the error.

One suggestion I have gotten is to configure sendmail to reformat the sender address from 'root@earth.company.com' to 'root.earth@company.com', thus moving the hostname to the left side of the address.

My questions are: Can this be done with via sendmail? IF so, how? Can it be done selectively by user? ... Doing it globally may be incompatible with an application we have on one of the systems.

Any other ideas are welcome.

Thank you in advance.
Fixing bugs only reveals larger bugs that were hidden by the current bug
4 REPLIES

Re: Can't relay mail due to hostname as part of domain side

Hi Rich,

We are using mail relay host here. We are in somewhat the same situation.

Our sender address at the From: looks like 'root@company.com'. Whenever I need to know from which server the message come from I have to look at the following:

Received: from earth.company.com ([10.40.4.19])by dns.company.com (8.8.8+Sun/8.8.8) with SMTP id RAA22401 for ; Fri, 8 Jun 2002 17:19:10 -0400 (EDT)

The 'Received: from' is defined in the Format Header of the sendmail.cf. Ours, on the HP box look like this:
HReceived: $?sfrom $s $.$?_($?s$|from $.$_) $.by $j$?r with $r$. ($v/$Z) id $i$?u for $u$.; $b

That was just an idea.

chris
"On two occasions, I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures,will the right answers come out?' -- Charles Babbage
benoit Bruckert
Honored Contributor

Re: Can't relay mail due to hostname as part of domain side

Hi,
I have an idea,
You can masquerade your host.domain.com to domain.com
And for your user, you can remap all users from your server to user.host...
For this :
Masquerade :
in your mc file :
MASQUERADE_AS(`domain.com')dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`masquerade_envelope')dnl

which create in cf file :
DMdomain.com,
you will have to specify also which hosts are masquerade (see CM).

For mapping outgoing users :
in cf file :
# Generics table (mapping outgoing addresses)
Kgenerics hash -o /etc/mail/genericstable
which is in mc file :
FEATURE(`genericstable',`hash -o /etc/mail/genericstable')dnl

in this file you specify the new name of the user :
for example :
root root.earth

this means that root will appear as root.earth.

Warning be careful with root, because this user is offently not masqueraded , check for the proper config for this specific user (CM,CL,CO,... directive in cf file...)

Hope it will help
Une application mal pansée aboutit à une usine à gaze (GHG)
Fabrice Meynard
Frequent Advisor

Re: Can't relay mail due to hostname as part of domain side

Hi Rich,

it can also depend of your sendmail version (what /usr/sbin/sendmail, the line version.c). If you use sendmail 8.9.3, you must configure sendmail to allow relay. it can be done with /usr/newconfig/etc/mail/cf/cf/gen_cf and follow instructions. If you are using sendmail 8.8.6, relay is allow by default (be carreful in this case with security).
Once you allow relay, allow to relay all domains (once again be carreful with spamming) or define a database where you declare all domains you allow. This configuration is done in file /etc/mail/access witch must be modify by makemap as this will become a database file. All details are to http://www.sendmail.org/m4/anti-spam.html
At this point, if you still unable to relay emails, it can be you provider who doesn't allow adresses witch domain is not @company.com.
In this case, ask your provider more flexibility. If he doesn't want, have a look to file aliases (/etc/mail/aliases) where you define an alias for each user. In this case, masquerade your domain name in sendmail.cf in macro DM (DMalias), define your aliases, remap alias file with command aliases.
Have a look to class CE (in sendmail.cf) to allow root to be masquerade.

Hope this helps,
Regards,
Fabrice
Christopher Caldwell
Honored Contributor

Re: Can't relay mail due to hostname as part of domain side

The rule is the domain portion of the from address [whatever@a.b.com or whatever@b.com] must be resolvable in a public DNS.

The problem comes when you split DNS for security purposes (i.e. none of our "internal domains are resolvable on the Internet). Everytime we want to send mail to the Internet, we have to make sure the domain in the From portion of the address can be resolved.

There's a couple of ways to do this:
1) easy, non-scaleable way - use the -f flag when sending mail in a script using sendmail or -r when using mailx. Note that the from address can even be something that doesn't make sense - e.g. you@microsoft.com when you don't serve mail for microsoft.com.

2) harder way - use the generics table to rewrite outbound mail. Rewrite the domain portion of the using the genericstable. The generics table takes pairs of values (rewrite left column to right column). To get this going in sendmail, edit the sendmail.cf file, search for generics - make sure the generics rule sets are uncommented - restart sendmail.

3) you could also make sure the from portion of the address are resolvable in DNS, but as I mention earlier, that solution has security implications.