1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
HOWTO use drac with your MTA:
For postfix:
------------
The Debian postfix package can use drac out-of-the box, with only a simple
change to the default configuration file; simply add 'btree:/var/lib/drac/dracd'
to your mynetworks variable in /etc/postfix/main.cf thusly:
mynetworks = 127.0.0.0/8
btree:/var/lib/drac/dracd
If your configuration differs significantly from the Debian default, other
methods are discussed at length at:
http://www.stahl.bau.tu-bs.de/~hildeb/postfix/postfix_drac.shtml
For Exim:
---------
The hostlist "relay_from_hosts" should include:
net-dbmnz;/var/lib/drac/dracd.db
To change this setting, run:
dpkg-reconfigure exim4-config
and include the above when asked about "Machines to relay mail for:".
For sendmail:
-------------
(from http://mail.cc.umanitoba.ca/drac/mta.html)
For sendmail 8.9.x, add the following to your .mc file under LOCAL_CONFIG...
# dynamic relay authorization control map
Kdrac btree /etc/drac/dracd
and the following under LOCAL_RULESETS...
SLocal_check_rcpt
# allow recent POP/IMAP mail clients to relay
R$* $: $&{client_addr}
R$+ $: $(drac $1 $: ? $)
R? $@ ?
R$+ $@ $#OK
If you are using the DUL to block connections from dial-up IP addresses, you will need to add the same four rules to the SLocal_check_relay ruleset in your .mc file to allow DRAC-authenticated users to connect.
Tabs are required between the two sides of these rules!
Then, you can re-make the .cf file, install it, and restart the sendmail SMTP daemon.
Mike McHenry contributes the following information for a complex sendmail configuration...
I have some updated sendmail rules for sendmail 8.11.0 that may or may not help people out. These rules are tuned for a full email server running all of the relay checks and spam filtering features of the new sendmail. First I will include an example sendmail.mc file and then I will show where the drac configs need to be manually patched in to the resulting sendmail.cf file.
EXAMPLE MC FILE:
OSTYPE(`linux')dnl
define(`confAUTO_REBUILD')dnl
define(`confCONNECTION_RATE_THROTTLE',40)dnl
define(`confMAX_HOP',30)dnl
define(`confMAX_MESSAGE_SIZE',10000000)dnl
define(`confPRIVACY_FLAGS',`authwarnings,needmailhelo')dnl
define(`confQUEUE_LA',5)dnl
define(`confREFUSE_LA',10)dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTO_IDENT',0s)dnl
define(`confTO_QUEUEWARN', `12h')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`STATUS_FILE',`/etc/mail/sendmail.st')dnl
define(`ALIAS_FILE',`/etc/mail/aliases')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
MAILER(`smtp')dnl
FEATURE(`local_procmail', `/usr/bin/procmail')dnl
FEATURE(`always_add_domain')dnl
define(`MASQUERADE_NAME',`domain.com.')dnl
FEATURE(`limited_masquerade')dnl
define(`confCW_FILE',` /etc/mail/sendmail.cw')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`redirect')dnl
FEATURE(`virtusertable',` hash -o /etc/mail/virtusertable')dnl
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(dnsbl, `rbl.maps.vix.com', `Rejected - see
http://www.mail-abuse.org/rbl/')dnl
FEATURE(dnsbl, `dul.maps.vix.com', `Dialup - see
http://www.mail-abuse.org/dul/')dnl
FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see
http://www.mail-abuse.org/rss/')dnl
LOCAL_CONFIG
# dynamic relay authorization control map
Kdrac btree -o /etc/drac/dracd
Manually patch into the resulting sendmail.cf the following chunks of code:
At the END of SLocal_check_rcpt right before the last "catch-all" reject insert the following chunk of code (ignore the final reject code that follows the DRAC code chunk)...
# allow recent POP/IMAP mail clients to relay
R$* $: $&{client_addr}
R$+ $: $(drac $1 $: ? $)
R? $:
R$+ $@ RELAYFROM
# anything else is bogus
R$* $#error $@ 5.7.1 $: "550 Relaying denied"
Also, if you are making use of the MAPS DUL lists you will need to add a check for DRAC in SBasic_check_relay to allow your customers to relay mail even if they are coming from a dialup outside of your control. Add the following before the first MAPS checks in the sendmail.cf (ignore the MAPS lines following the DRAC code chunk)...
# allow recent POP/IMAP mail clients to relay
R$* $: $&{client_addr}
R$+ $: $(drac $1 $: ? $)
R? $:
R$+ $@ RELAYFROM
# DNS based IP address spam list rbl.maps.vix.com
R$* $: $&{client_addr}
That's it! Fine-tune to suit your needs and restart sendmail.
|
