General
cancel
Showing results for 
Search instead for 
Did you mean: 

Changing the "return path" on sending email

TheJuiceman
Super Advisor

Changing the "return path" on sending email

Hey gang,

I need to find a way to set the return path when sending out emails. The problem we are having is that when an email fails, the error message is trying to send to the return path of the message. The problem is that the return path is not a legitimate email address (as it is being assembled from user ID's instead of actual email addresses). How can I change this? Hopefully the following will explain this better....

This is the heading from a typical email...

X-Apparently-To: recipient@yahoo.com via 12.34.567.89; Wed, 21 Apr 2010 11:31:17 -0700
Return-Path:
X-YMailISG: .....
X-Originating-IP: [98.76.54.321]
Authentication-Results: mta1067.mail.sk1.yahoo.com from=ourdomain.com; domainkeys=neutral (no sig); from=ourdomain.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO ourdomain.com) (98.76.54.321) by mta1067.mail.sk1.yahoo.com with SMTP; Wed, 21 Apr 2010 11:31:17 -0700
Received: from ourserver.ourdomain.com ([xx.xxx.xx.xxx]) by ourdomain.com with ESMTP; Wed, 21 Apr 2010 14:31:09 -0400
Received: from ourserver.ourdomain.com (smmsp@localhost [127.0.0.1]) by ourserver.ourdomain.com (@(#)Sendmail version 8.13.3 - Revision 1.007 - 3 February 2010/8.13.3) with ESMTP id o3LIUu58014637 for ; Wed, 21 Apr 2010 14:30:56 -0400 (EDT)
Received: (from root@localhost) by ourserver.ourdomain.com (@(#)Sendmail version 8.13.3 - Revision 1.007 - 3 February 2010/8.13.3/Submit) id o3LIUuQA014636 for recipient@yahoo.com; Wed, 21 Apr 2010 14:30:56 -0400 (EDT)
Date: Wed, 21 Apr 2010 14:30:56 -0400 (EDT)
From: Me Add sender to Contacts
Message-Id: <201004211830.o3LIUuQA014636@ourserver.ourdomain.com>
Content-Length: 3

If you look above, the "Return-Path:" is "user@our.domain.com". However, that is not a true address. The "user" is the login ID for the user. Their actual address would be something like "firstname.lastname@ourdomain.com".

Due to this problem, whenever a message fails to send to a recipient, no notification of the error is received to the sender.

Since the "From" is being set, the recipient can reply to the message and send a reply to the correct address.

Whenever a problem with an email occurs (invalid address, etc), the path is incorrect to notify the sender that there was a problem (due to the Return-Path)

How can I correct this problem? Thanks.
19 REPLIES
Steven E. Protter
Exalted Contributor

Re: Changing the "return path" on sending email

Shalom,

There is no way for a message to be returned back to a system if the system is a sender.

If the above scenario is true, your system is trying to send an email to yahoo. Any bounce is not going to make it through a Corporate firewall back to the system. For very good reasons your server infrastructure should not be receiving let alone processing inbound mail.

A way around this is to have the sender be an actual email user on your domain.

I create a mailbox called system@mydomain.com and that is the sending user on outbound system mails.

If these are really users then you can set up the following files to create outbound mail addresses that are meaningful:

/etc/mail/geneticstable
/etc/mail/virtusertable

These will translate inbound and outbound system email addresses to something that can be bounced to.

user@system.domain.com
becomes
user@domain.com

You would then need to use the m4 macro generator to generate a new sendmail.cf file.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
TTr
Honored Contributor

Re: Changing the "return path" on sending email

How do you send the emails out (from the HP-UX servers)? The mailx program has the -r option. Others mail programs may have similar settings. You may be able to use sendmail tables as well.
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

>>I create a mailbox called system@mydomain.com and that is the sending user on outbound system mails.<<

This is an intriguing idea. How did you set up your mail to use a single email user?

Also, what would be required to create the genericstable/virtusertable? This may be another viable solution if the first is not doable.

Thank you for your help.
TTr
Honored Contributor

Re: Changing the "return path" on sending email

You did not say if you are using mailx. That would be a simple solution. If you want to look into using tables, the genericstable is for mapping outgoing users. (The virtusertable is for incoming users but in your case it applies to the main domain.com incoming mail server - is it the groupwise from your other posting? - and not the inside HP-UX servers)

You may already have the genericstable feature available, look in /etc/mail/sendmail.cf and see if you have a line
#Kgenerics dbm -o /etc/mail/genericstable
If yes, uncomment it and restart sendmail. Then you must build the genericstable file/map using a textfile and the makedbm command.
TTr
Honored Contributor

Re: Changing the "return path" on sending email

Actually I was out of sequence in the steps above. Restart sendmail at the end after creating the map and uncommenting the map-line in sendmail.cf
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

Thank you for the responses. But maybe I did not post the question correctly.

Setting the "From" is not the issue. I need to set the "Return-Path". The Return-Path is where any errors will try to go if the mail is unsuccessful. However, messages are being sent using the login ID versus the users full name. This, being the user's ID, is an invalid address so the error message never makes it back to the source.

Even if I were able to set ALL outgoing messages to have a Return-Path from a particular place (like say "mail-errors@ourdomain.com"), then we can set up an mailbox specifically to catch failed messages.

How can I set a Return-Path on outgoing messages? Thanks again for your help!!!
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

Is there a way to hardcode a return path so that all error messages will return to a particular email address? Thanks
Steven Schweda
Honored Contributor

Re: Changing the "return path" on sending email

> You did not say if you are using mailx.

Did you ever say exactly which program you
were using?

I haven't used sendmail for many years, so I
know nothing, but, so far as I can tell, ...

The Return-Path in the header is defined in
the sendmail configuration file
(sendmail.cf). Around here, that seems to
look like:

H?P?Return-Path: <$g>

where "$g" is (I'm told) "The sender address
relative to the recipient.". (And if I knew
what "H?P?" did, I might really be
dangerous.) So, if I wanted a different
Return-Path in a header, I'd attack this.
Replacing "$g" with a constant should be
easy. Other, more interesting things should
be possible. I assume that the headers
you're seeing agree with the stuff specified
in your current configuration file.

sendmail seems to have a "-Cfile" option,
which might let you damage your own copy of a
configuration file, instead of the normal
one.

My general plan would be to alter a sendmail
configuration file, so that it would put the
desired data into a header, and then use
sendmail itself to send the message (using
that altered configuration file).
(Naturally, I've always used a program like
mailx to do that, so I know nothing, but I
gather that, with enough command-line
options, sendmail can be persuaded to do the
job.) What with all the improved security
features of a modern sendmail (about which I
know nothing), there may be some restrictions
on who can do what in this neighborhood, but
I assume that there may be some path through
that thicket which would let you create an
e-mail header with all the phony stuff in it
which anyone could possibly want.

http://www.sendmail.org/doc/sendmail-current/doc/op/op.pdf

(It even seems to explain "H?P?".)

Naturally, "DO NOT EDIT THIS FILE! Only edit
the source .mc file." But if I could figure
out m4, too, I'd probably be making big money
somewhere, instead of wasting my time here.
But feel free to look at the ".mc" file, and
see if it's easier to damage that one. If
you dare.
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

I edited the H?P? entry, just to see if it would work/break/whatever. No effect. I'm open to ideas. Thanks
Steven Schweda
Honored Contributor

Re: Changing the "return path" on sending email

> I edited the H?P? entry, just to see if it
> would work/break/whatever.

And this change looked like what, exactly?
And then you did what, exactly?

> No effect.

When you did what, exactly?

> I'm open to ideas.

I'm open to a clear description of what
you're doing.

If a sendmail daemon is running, then I
wouldn't expect it to notice a change in its
configuration file until it got whacked
(gently or roughly).

> > You did not say if you are using mailx.
>
> Did you ever say exactly which program you
> were using?

Still wondering...

> [...] I assume that [...]

Allowing me to assume anything makes this
venture less likely to succeed.

If I were psychic _and_ a sendmail expert,
then we might have a better chance at
progress. But I'm neither, so you may need
to help some.
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

> I edited the H?P? entry, just to see if it
> would work/break/whatever.

> No effect.

>>When you did what, exactly?

In place of the variable I put in a hard coded address. After restarted sendmail, it did not break it but did not effect how mail was being handled either.

> I'm open to ideas.

>>I'm open to a clear description of what
you're doing.

>>If a sendmail daemon is running, then I
wouldn't expect it to notice a change in its
configuration file until it got whacked
(gently or roughly).

With the change, sendmail was restarted. I am restarting sendmail with each modification made.

> > You did not say if you are using mailx.
>
> Did you ever say exactly which program you
> were using?

>>>Still wondering...

We are typically using sendmail to send out mail. Mailx is used as well....sometimes even Rmail. It does not matter the mechanism, the result is the same. I can force the "From" and even a "Return-Path" but it still returns error messages to the AUTH user set up to the relay (which is on a Groupwise mail server). For example...say the AUTH user is "auth-user". I send out a message to "you@there.com" from "me@here.com". If the message fails to deliver for some reason, the bounce back is going to "auth-user@here.com" instead of the originator "me@here.com". This is happening if I use sendmail, rmail, elm, mailx, whatever. This happens even if I set the return path (I can even see the return path in the header on successful emails to be what I want (ie "me@here.com"), but the error messages for failed messages still go to the AUTH user (ie "auth-user@here.com")). I need a way to set the error path so that it will return to the originator, not the AUTH user.

I don't know how else to say this.

Thank you for your help. I hope this explains it better.


Rita C Workman
Honored Contributor

Re: Changing the "return path" on sending email

I didn't read all the responses, but if I understand you:

UNIX-userid is not a real email address.

OK...have you tried this old trick:

On UNIX box
cd /etc/mail
vi userdb (a file you are creating)
Add the following 2 lines for each user
rworkman:mailname Rita Workman
r_workman@mydomain.com:maildrop rworkman

My HPUX login=rworkman, my real life email is viewed to be r_workman@mydomain.com.

OK....

Now when your done putting in the 2 lines for each user, then save the file.
Run this:

makemap btree /etc/mail/userdb.db < /etc/mail/userdb

Go into your /etc/mail/sendmail.cf file and take OUT the "#" on this line:
UserDatabaseSpec=/etc/mail/userdb.db

Stop and then restart sendmail
/sbin/init.d/sendmail stop
/sbin/init.d/sendmail start


It's how we have messages sent to 'root' rerouted to come to my regular Outlook mail...

Kindest regards,
Rita
Rita C Workman
Honored Contributor

Re: Changing the "return path" on sending email

We also found it handy to have all the batch jobs run by ApplA batch-processing-id sent to this person and all the batch jobs run by ApplB batch-processing-id to that person...

and so on.

We don't set up for 'every' user, just specific ones. Once we did a master userdb file on one box, copied it to the rest and ran the makemap command;start/stop sendmail, and done.

/rcw
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

Hi Rita,

Thank you, also, for your help. The userdb option works for internal emails (those going to our domain) but not to outside addresses.

If a message originates on our system is destined to an address ON our domain, but fails to send, the bounce-back goes to the userdb entry.

If a message originates on our system is destined to an address OUTSIDE our domain, but fails to send, the bounce-back still goes to the AUTH user address.

Any thoughts? Thanks
Rita C Workman
Honored Contributor

Re: Changing the "return path" on sending email

hmmm...would likely require editing things to change the header information of the email.

But - let me play with it. May not be able to figure something out, but it's always fun to try.

Give a couple days maybe....

Thanks,
Rita
Rita C Workman
Honored Contributor

Re: Changing the "return path" on sending email

OK...here's what I just tried.

Took UNIX account 'fnsw'. Created the flip to change the From address, so that all mail on the UNIX box for 'fnsw' would go to my hotmail.com account (i.e. outside mail).

Logged in as 'fnsw' on UNIX box.
Sent email to my work internal mail, rita.workman@workdomain.com from the UNIX box via command line using elm.

[Our UNIX boxes will send mail via smtprelay through Exchange].

Got my email from fnsw internally to my internal work email (rita.workman@workdomain.com).
It shows the From as @hotmail.com.
..so far so good...

So, from my internal account, I did a reply and it now went to my hotmail.com account.

OK...now let's do a return mail on this same mail again so from hotmail I'm just doing a reply to mail. Still the same email, not putting in address, just replying.

Got it....

Looks like it went inside & outside to me, back and forth just fine.

And it all started with the switch of address on userdb changing the From address from fnsw.server.local to .hotmail.com
-------------------------------------------
Now since there is no public address out there as fnsw.workdomain.com or fnsw.server.local, the outside world could not send to fnsw! That's an obvious and as it should be.
But for any mail where it orignites on the UNIX box and you change the From address you should be able to do this - in most cases!.

I would NOT attempt to do this with certain accounts, like root or oracle or such. Because there are parts of the mail header record that doing a From address change like this can NOT change the actual system 'from' name. In other words, 'root' would still show up in the header record somewhere. And spam filters can see it. It will disregard most traces of strange names...but 'root' is one that even partial suppression using this userdb option, spam filters will react and could create issues with external mail, blacklisting your domain.

Of course all of this depends if I went in the right direction of what your trying to do.

Kindest regards and thanks for giving me someting to play around with...

Rita
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

Hi Rita,

Thanks for taking the time to play with my problem.

Let me clarify by saying the emails going out WORK!!! They deliver as they should, if the address is right, the recipient server is not down, etc.

By setting the return path, a reply to a successfully sent message will return to the proper originator, as hoped.

The problem occurs when there is a sending error. The bounce-back message is the problem. If a message is sent to a bogus address outside of our domain, the bounce-back message stating the error is going to the AUTH user and not the originator. This only seems to be happening if a message is sent to a bogus address outside our domain. Sending to a bogus address inside the domain will cause the bounce-back message to go to the userdb address (or the set return path address if userdb isn't used).

How can I get the error messages that are sent outside our domain to bounce-back to the originator's address and not the authenicated user's address?

Could I ask what happens when you send a message to a bogus address both inside and outside your domain?

Thanks again for your help.
Rita C Workman
Honored Contributor

Re: Changing the "return path" on sending email

Didn't want you to think I forgot about this...

Sent test emails to bogus address, but had missed that the setting on Timeout_queuereturn was still set to default of (5d) or 5 days. So I'm going to have to give it a couple more days to see if they come back - and to who.

According to sendmail.cf they should return to sender. What remains is to see if on the return, will acknowledge the settings in the userdb.db file and send it to my Exchange address or the loginid.

Will post back around Wednesday on this..

Regards,
Rita
TheJuiceman
Super Advisor

Re: Changing the "return path" on sending email

I have not been able to get very far with this. Decided to scrap using a relay and use some scripting to handle errors. Thanks everyone for the help.