- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- sendmail 8.13 masquerade nightmare
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-06-2008 09:24 AM
тАО03-06-2008 09:24 AM
sendmail 8.13 masquerade nightmare
This machine is hpux.domain.com. The outside world knows nothing of hpux.domain.com and that's the way we want it. So sender addresses on mail to external addressses must masquerade as "domain.com". Recipient addresses should be untouched. For that, I added this to sendmail.mc:
MASQUERADE_AS(`domain.com')dnl
MASQUERADE_DOMAIN(`hpux.domain.com')dnl
FEATURE(`masquerade_envelope')dnl
Result: Mail to an alias that translates to an external address gets the correct sender domain. Mail sent directly to an external address does NOT have the correct sender domain.
So I added those same three lines to to submit.mc. Result:
Mail sent directly to an external address has the correct sender domain. Aliases and local delivery is broken - all mail to simple addresses attempts to deliver to "address@domain.com".
I tried this:
FEATURE(`local_no_masquerade')dnl
in both sendmail.mc and submit.mc, but it didn't help. It's as if the `allmasquerade' feature was turned on - but it's not. And there's no directive to turn it off that I can add to submit.mc.
My hope was to make changes only to the .mc files. If I have to go tweak the resulting .cf file, then I might as well not bother with .mc at all and go attack the learning curve for changing .cf files.
I'm reading the .mc documentation at sendmail.org but so far haven't found the magic bullet for this. Anyone?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-06-2008 02:30 PM
тАО03-06-2008 02:30 PM
Re: sendmail 8.13 masquerade nightmare
a) There are no details on HP-UX version and
exact Sendmail version you run.
You said Sendmail 8.13, but that release
has number of subversions and patches.
Masquerading is actually easy in normal
circumstances.
Be aware of the following bug report for
Sendmail 8.13.3 on HP-UX:
Identifier: QXCR1000556385
Legacy ID: JAGaf83753
Component Version: B.11.1 and B.11.23
Title: Sendmail 8.13.3 masquerade does not work
Maybe you are hit by the same issue.
How old is your version of sendmail?
b) Run these couple of tests:
# sendmail -bt -d0.13
# sendmail -bt
> /tryflags HS
> /try esmtp localuser@hpux.domain.com
For "tryflags", you can use the following tests:
HS (header sender address)
ES (envelope sender address)
HR (header recipient address)
ER (envelope recipient address)
c) It might be helpful to add the line in
.mc:
FEATURE(masquerade_entire_domain)dnl
I also prefer to use:
MASQUERADE_DOMAIN_FILE(`/etc/mail/masquerade-domains.txt`)dnl
instead of MASQUERADE_DOMAIN...
I am not at my workplace today so I cannot
log into any HP-UX server to give you
simpler method of editing the sendmail.cf
directly. I often do that as well (I do not
worry about .mc files for simple config
changes)...
Cheers,
VK2COT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-06-2008 02:58 PM
тАО03-06-2008 02:58 PM
Re: sendmail 8.13 masquerade nightmare
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-06-2008 04:53 PM
тАО03-06-2008 04:53 PM
Re: sendmail 8.13 masquerade nightmare
Unless you work at HP, you will not find it
on Google.
Google is not a "know-it-all" place.
In fact, for security and privacy reasons
I do not allow Google or any other major
Web site to put cookies on my computer so
I use these sites in very limited fashion.
I suggest you contact HP representatives
through your maintenance contract, or
apply the latest patches, or even
install an open-source Sendmail 8.14.2.
Cheers,
VK2COT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-06-2008 06:36 PM
тАО03-06-2008 06:36 PM
Re: sendmail 8.13 masquerade nightmare
As for your paranoia over cookies, enjoy it if it makes you happy.
Meanwhile I went searching in the patch database after uploading my inventory, and despite the fact that I have Sendmail 8.13.3 installed, it recommended a patch for 8.9.3. I don't plan on seeing what that does for my problem.
This whole exercise of updating Sendmail is taking far more time than justified. I'm looking for a specific fix, patch, or change to .mc or .cf file that will solve the problem I've outlined. If a newer version of sendmail is a *known* fix, then I need a .depot for HP-UX 11.11 - I don't have time to figure out anything less. If there isn't an easy fix I'm probably going to forget the whole thing and go back to 8.9.3.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2008 04:19 AM
тАО03-11-2008 04:19 AM
Re: sendmail 8.13 masquerade nightmare
define(`_MASQUERADE_ENVELOPE_')dnl
define(`MASQUERADE_NAME')dnl
MASQUERADE_AS(`____.com')dnl
FEATURE(`allmasquerade')dnl Masquerade recipient and sender addresses
~
I have found no problem with the results.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2008 06:45 AM
тАО03-11-2008 06:45 AM
Re: sendmail 8.13 masquerade nightmare
On the assumption that you were talking about building submit.cf with it, I added the commands you mention to my submit.mc and the results were the same as before.
My sendmail version identifies itself as "Sendmail @(#)Sendmail version 8.13.3 - Revision 2.005 - 12 January 2007/8.13.3". I would guess that is newer than "WTEC JAGag15759 9/28/2006".
Here's my sendmail.mc:
divert(0)dnl
VERSIONID(`$Id: generic-hpux10.mc,v 8.13 2001/05/29 17:29:52 ca Exp $')
OSTYPE(hpux11)dnl
DOMAIN(generic)dnl
define(`_X400_UUCP_')dnl
define(`_MASQUERADE_ENVELOPE_')dnl
define(`MASQUERADE_NAME')dnl
define(`confTRY_NULL_MX_LIST',`T')dnl
define(`LUSER_RELAY',`name_of_luser_relay')dnl
define(`DATABASE_MAP_TYPE',`dbm')dnl
define(`_CLASS_U_')dnl
define(`SMART_HOST',`otherhost.domain.com')dnl
TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5')dnl
MASQUERADE_AS(`domain.com')dnl
MASQUERADE_DOMAIN(`hpux.domain.com')dnl
FEATURE(`masquerade_envelope')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(openmail)dnl
MAILER(uucp)dnl
And here's submit.mc:
(I tried it with and without 'allmasquerade', no difference)
divert(0)dnl
VERSIONID(`$Id: submit.mc,v 8.13 2003/09/10 22:12:48 ca Exp $')
define(`_MASQUERADE_ENVELOPE_')dnl
define(`MASQUERADE_NAME')dnl
define(`confCF_VERSION', `Submit')dnl
define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
define(`confTIME_ZONE', `USE_TZ')dnl
define(`confDONT_INIT_GROUPS', `True')dnl
define(`SMART_HOST',`otherhost.domain.com')dnl
MASQUERADE_AS(`domain.com')dnl
dnl
dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1]
FEATURE(`msp', `[127.0.0.1]')dnl