tags:

views:

2673

answers:

3
+2  Q: 

Configuring sendmail behind a firewall

I'm setting up a server which is on a network behind a firewall and I want programs on this computer to be able to use sendmail to send emails to any email address. We have an SMTP server running on this network (let's call it mailrelay.example.com) which is how we're supposed to get outgoing emails through the firewall.

So how do I configure sendmail to send all mail through mailrelay.example.com? Googling hasn't given me the answer yet, and has only revealed that sendmail configuration is extremely complex and annoying.

+4  A: 

http://www.elandsys.com/resources/sendmail/smarthost.html

Sendmail Smarthost

A smarthost is a host through which outgoing mail is relayed. Some ISPs block outgoing SMTP traffic (port 25) and require their users to send out all mail through the ISP's mail server. Sendmail can be configured to use the ISP's mail server as the smart host.

Read the linked article for instruction for how to set this up.

Espo  2008-09-04 15:11:39
+2  A: 

@Espo: Thanks for the great advice on where to start. Your link would have been better if I had been configuring sendmail for its first use instead of taking an existing configuration and making this small change. However, once I knew to look for stuff on "SmartHost", I found an easier way.

All I had to do was edit my /etc/mail/sendmail.cf file to change

DS

to

DSmailrelay.example.com

then restart sendmail and it worked.

Eli Courtwright  2008-09-04 15:30:32
+3  A: 

@eli: modifying sendmail.cf directly is not usually recommended, since it is generated by the macro compiler.

Edit /etc/mail/sendmail.mc to include the line:

  define(`SMART_HOST',`mailrelay.example.com')dnl

After changing the sendmail.mc macro configuration file, it must be recompiled to produce the sendmail configuration file.

  # m4 /etc/mail/sendmail.mc > /etc/sendmail.cf

And restart the sendmail service (Linux):

  # /etc/init.d/sendmail restart

As well as setting the smarthost, you might want to also disable name resolution configuration and possibly shift your sendmail to non-standard port, or disable daemon mode.

Disable Name Resolution

Servers that are within fire-walled networks or using Network Address Translation (NAT) may not have DNS or NIS services available. This creates a problem for sendmail, since it will use DNS by default, and if it is not available you will see messages like this in mailq:

  host map: lookup (mydomain.com): deferred)

Unless you are prepared to setup an appropriate DNS or NIS service that sendmail can use, in this situation you will typically configure name resolution to be done using the /etc/hosts file. This is done by enabling a 'service.switch' file and specifying resolution by file, as follows:

1: Enable service.switch for sendmail Edit /etc/mail/sendmail.mc to include the lines:

  define(`confSERVICE_SWITCH_FILE',`/etc/mail/service.switch')dnl

2: Configure service.switch for files Create or modify /etc/mail/service.switch to refer only to /etc/hosts for name resolution:

  # cat /etc/mail/service.switch
  hosts files

3: Recompile sendmail.mc and restart sendmail for this setting to take effect.

Shift sendmail to non-standard port, or disable daemon mode

By default, sendmail will listen on port 25. You may want to change this port or disable the sendmail daemon mode altogether for various reasons: - if there is a security policy prohibiting the use of well-known ports - if another SMTP product/process is to be running on the same host on the standard port - if you don't want to accept mail via smtp at all, just send it using sendmail

1: To shift sendmail to use non-standard port. Edit /etc/mail/sendmail.mc and modify the "Port" setting in the line:

  DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')

For example, to get sendmail to use port 125:

  DAEMON_OPTIONS(`Port=125,Addr=127.0.0.1, Name=MTA')

This will require sendmail.mc to be recompiled and sendmail to be restarted.

2: Alternatively, to disable sendmail daemon mode altogether (Linux) Edit /etc/sysconfig/sendmail and modify the "DAEMON" setting to:

  DAEMON=no

This change will require sendmail to be restarted.

tardate  2008-09-20 10:05:40

related questions

VS2005 C# Programmatically change connection string contained in app.config
Apache Fall Back When PHP Fails
Help Understanding .Net Configuration Options
WCF service configuration file question regarding <baseAddresses>
WCF Configuration without a config file
How to change "Generate Method Stub" to throw NotImplementedException in VS?
How many app.config files are you allowed to have per AppDomain?
Override WebClientProtocol.Timeout via web.config
How to use p4merge as the merge/diff tool for Mercurial?
How do you prevent the IIS default site web.config file being inherited by virtual directories?
Apache - how do I build individual and/or all modules as shared modules
Convert Web.config from .NET 2.0 to 3.5
Software Deployment in a Virtual Environment
Java configuration framework
Programmatically encrypting a config-file in .NET
Is there a way to get a System.Configuration.Configuration instance based on arbitrary xml?
How do I run (unit) tests in different folders/projects separately in Visual Studio?
Impersonation in IIS 7.0
Enterprise Library CacheFactory.GetCacheManager Throws Null Ref
User authentication on Resin webserver
Are there any decent free JAVA data plotting libraries out there?
Using ConfigurationManager to load config from an arbitrary location
ConfigurationManager.AppSettings Performance Concerns
what's in your .bashrc ?