Installation guide

ManualsBrandsPythonQ ManualsIndustrial248-8XX

211

212

213

214

215

216

217

218

219

220

Chapter 15. Email 215

In this situation, the sendmail server needs to masquerade the machine names on the company network

so that their return address is user@bigcorp.com instead of user@devel.bigcorp.com.

To do this, add the following lines to /etc/mail/sendmail.mc.

FEATURE(always_add_domain)dnl

FEATURE(‘masquerade_entire_domain’)

FEATURE(‘masquerade_envelope’)

FEATURE(‘allmasquerade’)

MASQUERADE_AS(‘bigcorp.com.’)

MASQUERADE_DOMAIN(‘bigcorp.com.’)

MASQUERADE_AS(bigcorp.com)

After generating a new sendmail.cf using m4, this conﬁguration will make all mail from inside the

network appear as if it were sent from bigcorp.com.

15.3.5. Stopping Spam with Sendmail

Email spam can be deﬁned as unnecessary and unwanted email received by a user who never requested

the communication. It is a disruptive, costly, and widespread abuse of Internet communication stan-

dards.

Sendmail has made it relatively easy to block new spamming techniques being employed to send

junk email using your system. It even blocks many of the more usual spamming methods by default.

You would need to consciously activate them by changing your /etc/mail/sendmail.mc ﬁle in a

particular way to make your system susceptible.

For example, forwarding of SMTP messages, also referred to as SMTP relaying, has been disabled

by default since Sendmail version 8.9. Before this change occurred, Sendmail would direct your mail

host (x.org) to accept messages from one party (y.com) and send them to a different party (z.net).

Now, however, you have to speciﬁcally tell Sendmail to permit a domain to relay mail through your

domain. Simply edit the /etc/mail/relay-domains ﬁle and restart Sendmail by typing the ser-

vice sendmail restart command as root to activate the changes.

However, many times, your users may be bombarded with spam from other servers throughout the In-

ternet that are beyond your control. In these instances, you can use Sendmail’s access control features

available through the /etc/mail/access ﬁle. As root, add the domains that you would like to block

or speciﬁcally allow access, such as in this example:

badspammer.com 550 Go away and do not spam us anymore

tux.badspammer.com OK

10.0 RELAY

Because /etc/mail/access.db is a database, you need to use makemap to activate your

changes by recreating the database map. This is easily done by running the makemap hash

/etc/mail/access

/etc/mail/access command as root.

This example shows that any email sent from badspammer.com would be blocked with a 550

RFC-821 compliant error code and message back to the spammer, except for email sent from the

tux.badspammer.com sub-domain, which would be accepted. The last line shows that any email

sent from the 10.0.*.* network can be relayed through your mail server.

As you might expect, this example only scratches the surface of what Sendmail can do in terms of

allowing or blocking access. See the /usr/share/doc/sendmail/README.cf for more detailed

information and examples.