SendMail Help 2006-08-19 - By brad.mugleston@(protected)
Back
On Wed, 16 Aug 2006, Rick Stevens wrote:
> On Tue, 2006-08-15 at 20:42 -0600, brad.mugleston@(protected) wrote:
> > > want to designate a "mail hub" which receives mail from all of your
> > > internal machines and sends it out on behalf of them.
> > >
> > > For security reasons, I recommend a mail hub (only it is exposed to the
> > > internet, centralizes virus and spam filtering, etc.). So, on all
> > > of the machines EXCEPT the mail hub, make sure you have:
> > >
> > > define(`SMART_HOST', `name-of-mail-hub-machine')dnl
> > >
> > > in the sendmail.mc file. You also should decide if you want the hub
> > > to receive mail on behalf of all your machines. If so, also define
> > > the MASQUERADE_AS macro:
> > >
> > > define(`MASQUERADE_AS', `host.domain.tld')dnl
> > >
> > > Now, as to firewalls, only the mail hub needs to talk to the internet
> > > over port 25. The rest of the machines in your network will use port
> > > 25 to talk to the mail hub. So, the firewall rules on the router should
> > > permit the mail hub port 25 access to the internet and should block all
> > > others. Do NOT block port 25 on any of the internal machines (either
> > > through iptables or Windows firewalls).
> > >
> >
> > OK, sounds good to me BUT I need some translations.
> >
> >
> > Lets make it simple - two machines named LHOST and LCLIENT.
> > LHOST is my mail server and LCLIENT is the machine I'm sitting
> > at.
> >
> > First, what file holds these names and on what physical machine
> > (both for XP and Linux)
>
> The "define(`SMART_HOST', `LHOST')dnl" would be
> put in your LCLIENT's "/etc/mail/submit.mc" file under Linux, after
> which you must restart sendmail via "service sendmail restart".
>
> Under Windows, just modify the SMTP server setting of Outschnook or
> whatever to point at "LHOST".
>
> The "MASQUERADE_AS(`host.domain.tld')dnl" bit would be put
> in LHOST's /etc/mail/sendmail.mc and /etc/mail/submit.mc files. Again,
> you must restart sendmail via "service sendmail restart".
>
> > Second I'm taking it that "name-of-mail-hub-machine" would be
> > LHOST
>
> Correct.
>
> >
> > for the masquerade command - I may be confused (like normal) but
> > right now my LHOST machine is receiving all of my mail -if your
> > talking about from the Internet. BUT if your talking about
> > receiving it from the other machines then I need this command but
> > what does "host.domaine.tld" translate into?
>
> The "MASQUERADE_AS" would make all outgoing mail look like it's coming
> from the mail hub machine, not the individual machines on your network.
> Without it, the "From" lines in headers might show up as "user@(protected)".
> With it, the "From" lines would show up as "user@(protected)".
>
> As to the format, I screwed up. The actual format (as I show above) is
>
> MASQUERADE_AS(`host.domain.tld')dnl
>
> The "host.domain.tld" would translate to the FQDN of your LHOST machine.
> For example, if your domain is "bmug.com" and your LHOST host name is
> "mailhub", then "host.domain.tld" is "mailhub.bmug.com".
>
> > I'm probably in over my head but I'm use to that.
>
> Sendmail can be a bear to configure at times simply because it's so
> flexible. With flexibility comes complexity, which is why O'Reilly's
> "bat book" is over 1200 pages in length and costs about $60 US. It's
> also why people who truly grok sendmail can charge kilobucks for
> configuring mail systems for large companies.
>
> You might find one of the other mail systems such as postfix or qMail
> easier to configure. The odds are you will never use the advanced
> features of sendmail--few people do. I did, but I ran a virtual mail
> service with 10,000 domains and 85,000 users. We sold off that
> business for the most part, but I still have about 400 domains and over
> 1500 users and we still do about 30,000 messages a day.
>
> BTW, I HATE mail administration! :-p
>
> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
> - Rick Stevens, Senior Systems Engineer rstevens@(protected) -
> - VitalStream, Inc. http://www.vitalstream.com -
> - -
> - Okay, who put a "stop payment" on my reality check? -
> -- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- --
Rick,
As always your a great help - this weekend has gotten more than a
little busy but I'll let you know if I can get it to work.
Brad
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Redhat-install-list mailing list
Redhat-install-list@(protected)
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@(protected)
Subject: unsubscribe
|
|
