http://ubuntuforums.org/showthread.php?t=135397

Re: Path of Sendmail
Open synaptic and search for sendmail. Then install it from there.

Sendmail will then be found in /usr/sbin/sendmail

; For Win32 only.
;sendmail_from = me@localhost.com

; For Unix only. You may supply arguments as well (default: “sendmail -t -i”).
sendmail_path = /usr/sbin/sendmail -t -i

or possibly:
sendmail_path = /usr/sbin/sendmail -i -t
or
sendmail_path = /usr/lib/sendmail -i -t

MY PHP.INI file is located in /etc/php5/apache2

I go into TERMINAL and type

sudo gedit
It prompts me for the root password
and then I am in gedit with superadmin rights and I can navigate to the php.ini file and change it. The very first thing I ever did was to open php.ini and do SAVE AS to original.php.ini so I can always revert back to the default.

http://ubuntuforums.org/showthread.php?t=331137

NOTE: THE synaptic mgr install of POSTFIX will remove SENDMAIL.
what worked for me was:
apt-get install postfix

and then edit php.ini
Relevant lines in /etc/php5/apache2/php.ini:

[mail function]
; For Win32 only.
SMTP = localhost
smtp_port = 25

; For Win32 only.
;sendmail_from = me@example.com

; For Unix only. You may supply arguments as well (default: “sendmail -t -i”).
sendmail_path = /usr/sbin/sendmail -t -i

and edited /etc/postfix/main.cf and put my correct external smtp server
relayhost = smtpauth.earthlink.net

restart the services that had configuration changes

During the postfix installation, I chose the Internet Configuration. If you hover the mouse over the choice field, a tool tip will explain all the choices. I noticed that it offered me bryan-desktop as a name for the system, so I stuck with that, since it might be required, and I have no idea how to find the name of my system.

Now all I need to do is TERMINAL sudo gedit

and edited /etc/postfix/main.cf and put my correct external smtp server
example – relayhost = smtpauth.earthlink.net

(but mine will I THINK be smpt.gmail.com

restart the services that had configuration changes

OF COURSE, the first thing I do when I gedit main.cf is to
SAVE AS original.main.cf, close, and reopen main.cf

When I make the above mentioned chage to the file, I find:

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

AND HERE IS WHAT I FIND IN THE README FILE, NONE OF WHICH SEEMS VERY HELPFUL:

There are some significant differences between the Debian Postfix packages,
and the source from upstream:

1. The Debian install is chrooted by default.
2. Dynamically loadable map support.
3. For policy reasons:
a. SASL configuration goes in /etc/postfix/sasl
b. myhostname=/path/to/file is supported (and used) in main.cf
4. smtp_line_length_limit defaults to 0, instead of 990, in absolute
violation of the RFC. Note that mailers in the path will still
potentially split the line, though. This will be removed at some
point in the future.
5. IPV6 support is enabled: postfix listens on ipv6/ipv4 by default,
(see: inet_protocols)
6. TLS/SASL support is enabled.
7. rmail comes from sendmail, not from postfix.
8. The upstream main.cf is delivered as /usr/share/postfix/main.cf.dist,
rather than cluttering /etc/postfix/main.cf with comments.

Known caveats:
1. The dynamically loadable modules are not found in the chroot.
Therefore, proxy maps may require you to copy the appropriate shared
object into the chroot if you chroot the proxy service in master.cf.
2. Some map types (and SASL support) require some extra configuration
(beyond what upstream indicates) to run inside the chroot. The simplest
solution for the maps is to use the proxy service, which is not chrooted.
SASL is a bit more complex, and is on the TODO list…
3. Note that the chrooted daemons open /dev/log before chrooting, so if your
syslog daemon is restarted, the daemons will be unable to reconnect to the
syslog socket, and hence being unable to log. The postfix package provides
a config snipped for the rsyslog daemon in /etc/rsyslog.d/postfix.conf to
also open a socket in /var/log/postfix/dev. For other syslog daemons, you
will also have to restart postfix after restarting the syslog daemon, or
configure it to open an additional socket.
a. For sysklogd (the default in Debian versions prior to Lenny), add
SYSLOG=”-a /var/spool/postfix/dev/log” to /etc/default/syslog.
b. For inetutils-syslogd, add SYSLOGD_OPTS=”-a /var/spool/postfix/dev/log” to
/etc/default/inetutils-syslogd.

HERE IS A LINK THAT LOOKS MORE HELPFUL

http://behindmyscreen.newsvine.com/_news/2006/12/31/501615-configuringubuntu-postfix-and-gmail-in-101-easy-steps

Send mail trong ASP.NET sử dụng C# Class dùng để gửi mail tới 1 hay nhiều người, có cho phép đính kèm tệp tin vào email…

Việc gửi mail là 1 công việc thường ngày và viết ra 1 chương trình gửi mail thật đơn giản nhưng không phải ai cũng biết. Mình xin giới thiệu với các bạn class Email này.

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Net.Mail;

namespace EmailClass
{
public class Email
{
public string Send_Email(string SendFrom,string SendTo, string Subject, string Body)
{
try
{
System.Text.RegularExpressions.Regex regex = new System.Text.RegularExpressions.Regex(@”\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*”);

bool result = regex.IsMatch(to);
if (result == false)
{
return “Địa chỉ email không hợp lệ.”;
}
else
{
System.Net.Mail.SmtpClient smtp = new SmtpClient();
System.Net.Mail.MailMessage msg = new MailMessage(SendFrom,SendTo,Subject,Body);
msg.IsBodyHtml = true;
smtp.Host = “smtp.gmail.com”;//Sử dụng SMTP của gmail
smtp.Send(msg);
return “Email đã được gửi đến: ” + SendTo + “.”;
}
}
catch
{
return “”;
}
}

public string Send_Email_With_Attachment(string SendTo, string SendFrom, string Subject, string Body, string AttachmentPath)
{
try
{
System.Text.RegularExpressions.Regex regex = new System.Text.RegularExpressions.Regex(@”\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*”);

string from = SendFrom;
string to = SendTo;
string subject = Subject;
string body = Body;

bool result = regex.IsMatch(to);

if (result == false)
{
return “Địa chỉ email không hợp lệ.”;
}
else
{
try
{
MailMessage em = new MailMessage(from, to,subject, body);
Attachment attach = new Attachment(AttachmentPath);

em.Attachments.Add(attach);
em.Bcc.Add(from);
System.Net.Mail.SmtpClient smtp = new SmtpClient();
smtp.Host = “smtp.gmail.com”;//Ví dụ xử dụng SMTP của gmail
smtp.Send(em);
return “”;
}
catch (Exception ex)
{
return ex.Message;
}
}
}

catch (Exception ex)
{
return ex.Message;
}
}

public string Send_Email_With_BCC_Attachment(string SendTo, string SendBCC, string SendFrom, string Subject, string Body, string AttachmentPath)
{
try
{
System.Text.RegularExpressions.Regex regex = new System.Text.RegularExpressions.Regex(@”\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*”);
string from = SendFrom;
string to = SendTo; //Danh sách email được ngăn cách nhau bởi dấu “;”
string subject = Subject;
string body = Body;
string bcc = SendBCC;

bool result = true;
String[] ALL_EMAILS = to.Split(‘;’);

foreach (string emailaddress in ALL_EMAILS)
{
result = regex.IsMatch(emailaddress);
if (result == false)
{
return “Địa chỉ email không hợp lệ.”;
}
}

if (result == true)
{
try
{
MailMessage em = new MailMessage(from, to, subject, body);
Attachment attach = new  Attachment(AttachmentPath);
em.Attachments.Add(attach);
em.Bcc.Add(bcc);

System.Net.Mail.SmtpClient smtp = new SmtpClient();
smtp.Host = “smtp.gmail.com”;//Ví dụ xử dụng SMTP của gmail
smtp.Send(em);

return “”;
}
catch (Exception ex)
{
return ex.Message;
}
}
else
{
return “”;
}
}
catch (Exception ex)
{
return ex.Message;
}
}
}
}

# mailq
Prints the mail queue’s contents, same as /usr/lib/sendmail –bp

Rebuilds the aliases database file, same as /usr/lib/sendmail –bi  

Prints persistent host status info, same as /usr/lib/sendmail -bh  

Purges (zeroes) persistent host status info, same as /usr/lib/sendmail -bH  

Runs in daemon mode, same as /usr/lib/sendmail –bd –q30  

Quickly print the total number of messages within mail queue

Purges the mail queue without timing out any messages. Useful if the mail server has been down longer than the queuereturn value set in the cf.

Prints only undeliverable addresses from in the mail list foolist. Great for use in a shell script to remove badd addresses from a mailing list.

Command Line Switches  

-B 7bit 
Causes sendmail to clear the high-bit of every incoming byte.
-B 8bitmime 
Causes sendmail to preserve the high-bit or every incoming byte.
-ba
Uses ARPAnet/Grey-Book protocols to transfer mail.
-bD 
Runs as daemon, like –bd, but does not fork and does not detach from controlling terminal.
-bd
Runs as daemon, forks and detaches.
-bH 
Purges (zeroes) persistent host status info.
bh 
Prints persistent host status info.
bi 
Initializes the aliases database.
-bm 
Causes sendmail to read and send message (this is the default)
-bp
Prints the contents of the mail queue.
-bs
Runs sendmail on standard I/O.  
-bt
Runs sendmail in rule testing mode.
-bv

• -d0 – Shows general config
• -d0.1 – Prints version
• -d.04 – Prints local hostname and any aliases for it.
• -d0.15 – Prints the list of delivery agents declared
• -d0.20 – Prints address of each network interface
• -d8 – Traces most DNS lookups
• -d8.1 – Prints failure of low level MX searches.
• -d8.2 – Prints calls to getcanonname
• -d8.3 – Traces dropped local hostnames
• -d8.5 – Shows hostnames tried in getcanonname
• -d8.8 – Shows when MX lookups return the wrong type.
• -d11 – Traces delivery agent calls
• -d11.1 – Traces arguments passed to the delivery agent
• -d11.2 – Prints the user ID that the delivery agent is invoked as
• -d21 – Traces rewriting of addresses
• -d21.1- Traces general ruleset rewriting
• -d21.2 – Traces use of $& macro
• -d21.3 – Shows $> subroutines called
• -d21.4 – Displays result of rewrite
• -d21.15 – Shows $digit replacement
• -d21.35 – shows token by token LHS matching
• -d27 – Traces aliasing
• -d27.1 – Traces general aliasing
• -d27.2 – Traces :include: files, alias self-references, and errors on home
• -d27.3 – Traces the ~/.forward path and the alias wait
• -d27.4 – Prints “not safe” when a file is unsafe to trust
• -d27.9 – Shows uid/gid changes when reading :include: files
• -d35 – Traces macros
• -d35.9 shows macro values as they are defined
• -d35.14 – Shows macro names being converted to integer id’s
• -d35.24 – Shows macro expansion
• -d37 – Traces options and class macros
• -d37.1 – Traces the setting of options
• -d37.8 – Traces the adding of words to a class
• -d41 – Traces the queue
• -d41.1 – Traces queue ordering
• -d41.2 – Shows failure to open qf files
• -d41.49 – Shows skipped queue files
• -d41.50 – Show every file in queue

-F  
Set senders full name
-f

• never – Never return the info
• success – Return on successful delivery
• failure – Return on failure
• delay – Return on delayed delivery

-n 
Supresses aliasing  
-O
Set an option (long name)
-o 
Set an option (short name)
-pUUCP:test 
Sets protocol in $r macro to UUCP and $s macro to test  
-q30m
Sets queue processing to every 30 min  
-qR@here.com 
Processes the queue once delivering only mail to @here.com 
-R hdrs
bounces only the headers  
-R full
Bounces headers and body
-s
Sets SaveFromLine option to true
-T 5d
Sets Timeout.queuereturn option to 5 days  
-t
Gathers a list of recipients from messages headers  
-U 
make this the initial MUA to MTA submission  
-V test123456 
Sets the DSN ENVID string to test123456  
-v 
Runs sendmail in verbose mode  
-X /var/tmp/trace.mail
Logs both sides of smtp transactions to trace.mail file.  

Rule Testing Mode (/usr/lib/sendmail –bt)


?
Prints help .
DrUUCP
Defines macro r as UUCP
=S5
Prints the contents of ruleset 5
=M
Displays list of delivery agents
${name} 
Prints the value of macro name.
$=w 
prints the contents of the class macro w
/mx here.com 
Returns the MX records for here.com in the order they will be utilized  
/parse foo
Parses the value of the address foo, returns the value of crackaddr(), and the final parsed address including the delivery agent.
/try local foo
Rewrites the address foo based on the rules for local delivery
/tryflags HS 
Sets the flags used by /parse and /try to H for header and S for sender, can also use E for envelope and R for recipient
/canon foo
Transforms the hostname foo into its canonical form  
/map aliases foo
Looks up foo in the aliases database  
3,0 – me@foo 
Runs the address me@foo through rulesets 3 and 0

Con Mutt e’ possibile inviare e ricevere posta con GMail via terminale (tramite Fetchmail). Per farlo occorre installare i pacchetti che ci servono (oltre a quelli soliti): gsasl e libsasl2-modules-gssapi-mit (se non ricordo male).

Ora eseguite mutt da terminale:
$ mutt
poi modificate il file ~/.muttrc:
$ nano ~/.muttrc
scrivendo queste righe (modificate in base ai vostri dati):

---8<---
set imap_user = "USERNAME@gmail.com"
set imap_pass = "PASSWORD"

set smtp_url = "smtp://USERNAME@smtp.gmail.com:587/"
set smtp_pass = "PASSWORD"
set from = "USERNAME@gmail.com"
set realname = "NOME COGNOME"

set folder = "imaps://imap.gmail.com:993"
set spoolfile = "+INBOX"
set postponed="+[Gmail]/Drafts"

set header_cache=~/.mutt/cache/headers
set message_cachedir=~/.mutt/cache/bodies
set certificate_file=~/.mutt/certificates

set move = no
---8<---

State attenti perche’ in questo file c’e’ la vostra password di GMail, quindi date un:
$ chmod 700 .muttrc
per impedire agli altri utenti di leggere il file.

Oltre ai pacchetti che ho indicato sopra, sono necessari anche sendmail, procmail, fetchmail, ma di solito sono gia’ presenti nella nostra distribuzione GNU/Linux. Magari prossimamente cerchero’ di fare un post con una guida passo a passo sulla configurazione di Fetchmail e Mutt.

[^] torna su | post<li> | 

Sendmail is probably the worst mail server application ever written. Not even worth to mention that is the award-winner of the TOP-10 buggiest program ever written from decades (I believe that sendmail is #1 on the list). I hate it by heart! I still don’t understand why SUN engineers still supports the sendmail on their Solaris OS. Postfix or Qmail should be used instead (Qmail is the best option but due to license restrictions Postfix can be used). Long time ago I used to work with my Qmail high-availability project (qmail-nmx).

In either case here is my piece of advice when you’re installing Solaris 10: Disable sendmail completely from your system!

In order to help you out with this I am including here the procedures that I always do once got Solaris 10 installed:

# svcadm disable -s sendmail
# svcs sendmail

As output from the last command you should see the following:
STATE [...] FMRI
disabled [...] svc:/network/smtp:sendmail

Done!

Voltamos mais uma vez com o espaço de biografias que como sabem trará nao só pessoal Angolano mas também estrangeiro. O ‘visado’ desta vez é Wietse zweitze Venema, que por ser uma figura ilustre é aqui trazida.

Holandês de nacionalidade, Formado em Física pela universidade de Groeningen na Holanda é entretanto na universidade de Eindhoven onde se destaca no departamento de computação e matematica.

Venema como é conhecido fica famoso apôs publicar com Dan Farmer o polemico software security administrator tool for analyzing networks (que sinceramente possui iniciais claramente antibiblicas) que mereceu protestos de meio mundo temerosos de que a mesma pudesse ser usada com sucesso para encontrar falhas de segurança em qualquer sistema informatico.

Venema entretanto nao para: Numa altura em que o servidor de email mais usado era o sendmail e também o mais atacado por causa de inumeras falhas de segurança, ele publica um outro servidor baseado no sendmail mas mais seguro, o Postfix largamente mais utilizado que o primeiro.

Venema publica ainda o TCPWrapper outro programa usado mundialmente e depois o Coroner Toolkit novamente com Dan Farmer. Existem muitas outras ferramentas e papers publicados por Venema que provaram-no com um dos mais proeminentes especialistas de segurança da decada de 90.

Venema hoje trabalha fruto do seu trabalho, na IBM nos Estados Unidos num dos seus centros de pesquisa, anda meio sumido mas aparece sempre em conferencias de software livre.

Sendmail SMTP AUTH

      SMTP Auth support allows to relay mails based on the smtp authentication when the client or users IP is getting changed(For a Roaming user).

Inorder to enable the smtp-auth support in sendmail the following packages are needed.

1. cyrus-sasl    
2. cyrus-sasl-plain (For Plain Authentication)
3. cyrus-sasl-devel (Some devel libs are needed by sendmail)
4. cyrus-sasl-crammd5 (For CRAM MD5 auth)
5. cyrus-sasl-digestmd5
6. cyrus-sasl-otp
7. cyrus-sasl-gssapi

      cyrus-libraries are needed for SMTP-AUTH. After installation the above packages the cyrus-libs will be installed in   /usr/lib

Note:-
      If the distribution is not supporting the cyrus package, then we have to download it compile with all the auth mechanism and install.

Now we need to compile the sendmail with cyrus and install the binaries.

Compiling & installing the sendmail for SMTP AUTH:

Got to the following directory

# cd sendmail-8.14.2/devtools/Site

    Note:-
        The Top Level Build Script (which creates the sendmail binaries) while compiling will consult the Site directory and if it finds the site.config.m4 it will include the contents for compiling. So this file is used to include additional variables or modules or extend the features sendmail. For enabling such features we have to include some derivatives in the site.config.m4.

To test the existing sendmail has SMTP-AUTH enabled:

# telnet localhost 25
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 centos.com ESMTP Sendmail 8.14.2/8.14.2; Thu, 1 Oct 2009 17:41:53 +0400
ehlo localhost
250-centos.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-DELIVERBY
250 HELP

    If the SMTP-AUTH was enabled we could see an extra out put of 250-AUTH for the command ehlo localhost

The other way of testing the sendmail for the feature of SMTP-AUTH is

# sendmail -v -d0.10

    This will echo to shell all the feature of sendmail in debug mode. here look for the sasl in output.

Now we will create some derivatives in the site.config.m4 file and compile & install sendmail again to enable the SMTP-AUTH in sendmail.

APPENDDEF(`confENVDEF’, `-DSASL=2′)
#This will tell sendmail to include the support sasl version 2
APPENDDEF(`conf_sendmail_LIBS’, `-lsasl2′)
#This will tell sendmail to use the given libraries that can be found in the lib directory as mentioned in the next derivative
APPENDDEF(`confLIBDIRS’, `-l/usr/lib’)
APPENDDEF(`conf_INCDIRS’,`-I/usr/include/sasl’)
#This will tell sendmail the location of the header files

  # Now save the configuration. re-compile the binary.

    Remove the obj.Linux.2.6.18-128.el5.i686 directory before compiling the sendmail again. Now run the build script

# cd sendmail-8.14.2
# ./Build

    Check the build process to find the sasl2 has been including or not. The build process has to complete successfully
Before copying the sendmail binary to /usr/sbin location we will check whether the new compiled binary has the the option of sendmail SMTP-AUTH
To check this navigate to following directory

# cd sendmail-8.14.2/obj.Linux.2.6.18-128.el5.i686/sendmail
# ./sendmail -v -d0.10

    Here we should get an output similar to

Compiled with: DNSMAP LOG MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETUNIX NEWDB PIPELINING SASLv2 SCANF USERDB XDEBUG

Now copy this sendmail binary to the path of running sendmail

# cp sendmail /usr/sbin

    Now we have the new binaries. verify the permission of the binaries

# chown root:smmsp /usr/sbin/sendmail
# chmod g+s /usr/sbin/sendmail

    So this will make the sendmail to execute as the user group (smmsp)
To verify

# ls -ltr /usr/sbin
-r-xr-sr-x 1 root smmsp   678197 Oct  1 18:54 sendmail

Now configure the sendmail.mc file to include the smtp-auth

# cd sendmail-8.14.2/cf/cf
# vi sendmail.mc
TRUST_AUTH_MECH(`LOGIN PLAIN GSSAPI DIGEST-MD5′)dnl
define(`confAUTH_MECHANISMS’, `LOGIN PLAIN GSSAPI DIGEST-MD5′)dnl

    TRUST_AUTH_MECH this will tell sendmail to trust the authentication mechanisms can use for relaying.
    configuration auth mechanism tells sendmail that these are the authentication mechanisms that have been configured.
    This will make sendmail to hands over the authentication to cyrus libs.

Note:-
    Sendmail hands over the control to cyrus libraries for authentication. Cyrus-libs will check the passwd file or ldap for authentication.

# recompile and restart the sendmail service

Testing the SMTP-AUTH support is turned on

[root@centos ~]# telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 centos.com ESMTP Sendmail 8.14.2/8.14.2; Fri, 2 Oct 2009 17:18:57 +0400
ehlo localhost     
250-centos.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-AUTH LOGIN PLAIN DIGEST-MD5
250-DELIVERBY
250 HELP

    Here we are looking for the line “250-AUTH LOGIN PLAIN DIGEST-MD5″

Now have to configure cyrus to accept the request of sendmail

# cd /usr/lib/sasl2
# vi smtp.conf
or
# vim /etc/sasl2/sendmail.conf

pwcheck_method: saslauthd

# mv smtp.conf Sendmail.conf
    We have to rename the smtp.conf to Sendmail.conf . In filename Sendmail.conf S is capital.

Now start the saslauthd service

# service saslauthd start

    Now test the auth mechanism by connecting MUA like evolution,thunder bird or outlook

If we are getting any errors like -  AUTH failure (PLAIN): user not found (-20) SASL(-13): user not found: Password verification failed
Try uninstalling all the packages and reinstall one bye one will sort out the issues.

SENDMAIL CONTENT SCANNING:

Configuring the full functional content scanning using Mailscanner, Clamav and Spamassassin

Initially we will configure the clamav antivirus.

CLAMAV ANTIVIRUS:

Installation of CLAMAV Antivirus:

Download the Source code of the software

# wget http://sourceforge.net/projects/clamav/files/clamav/0.95.2/clamav-0.95.2.tar.gz/download
# tar -zxvf clamav-0.95.2.tar.gz
# cd clamav-0.95.2

    The clamav relies upon mainly the following packages. So have to install the packages prior to compiling and installation of clamav. so install the following packages prior to compiling.

1. zlibs It needs zlib-1.2.2 atleast
    zlibs-devel
2. bzip2
    bzip2-libs
    bzip2-devel
3. gmp
4. curl
    curl-devel

Add the following user and group.

#groupadd clamav
#useradd -g clamav -s /sbin/nologin clamav

Now Compile the clamav

# ./configure
# make
# make install

    This will copy the binaries to the standard location. Normaly to /usr/local/*. Now type clam can see the new binaries that installed by make-install.

Configuring CLAMAV Antivirus:

#cd /usr/loca/etc

it will contain 2 files clamd.conf (this is read by clamd deamon) and freshclam.conf (Reads by the update tool).

For starting the clamd daemon, have to edit the following parameters in clamd.conf

#vim clamd.conf
#comment out the Example
#Example

#vim freshclam.conf
#comment out the Example
#Example

    Now create the log file to log by freshclam.

#touch /var/log/freshclam.log
#chmod 600 /var/log/freshclam.log
#chown clamav.clamav /var/log/freshclam.log

Now update the virus database and start the freshclam daemon.

#freshclam
#/usr/loca/bin/freshclam -d

    This runs the freshclam as a daemon. Add the freshclam entry to the cron job to update daily twice or thrice. And any update regarding the virus signatures will be logged to /var/log/freshclam.log.

It is time to start the clamd daemon now.

#/usr/local/sbin/clamd
#ps -ef |grep clam

    this will show both (freshclam and clamd) daemon runns.

Adding clamd daemon to init startup(This part is optional).

#cd clamav-ver/contrib/init
#vim clamd

    Change the path parameters to suite the installation. and place it in init directory.

#cp clamd /etc/init.d

Now start configuring the Spamassassin

SPAMASSASSIN:

Installation:
Download the Source code of the software

# wget http://www.bizdirusa.com/mirrors/apache/spamassassin/source/Mail-SpamAssassin-3.2.5.tar.bz2
# tar -jxvf Mail-SpamAssassin-3.2.5.tar.bz2
# cd Mail-SpamAssassin-3.2.5

We need the following packages for compiling the spamassassin:
1. HTML::Parser

Install the pre-requiesties using cpanel.

#cpanel
>install HTML::Parser

or
Download from cpan.org and compile and install

#tar -zxvf HTML-Parser-version.gz
# cd HTML-Parser-version
# perl Makefile.pl
# make
# make install

The spamassassin uses the perl for compiling

#perl Makefile.PL

    This will prompt us certain details.
1.mail address of admin for whom can send mail about the spam report.
2.network test
3.Checks for all the dependencies of modules. if script exits by any failed dependencies install it.

# make
# make install

    This wil setup the spamassassin with all of the rules in /usr/share/spamassassin. The installed bnaries will  be /usr/binspamc(The client binaries) & /usr/bin/spamd(spamassassin daemon binaries).

Now we can install the init scripts from the source code.

#cd Mail-SpamAssassin-3.2.5/spamd
# ./redhat-rc-script.sh start

    This will start the daemon. So copy the file to /etc/init.d/ and rename it if we need to run as init daemon.

Now start the spamd

# spamd -d -c -m5 -H

    This starts the spamassassin daemon and runs in background.

Its time to install and configure the Mailscanner

MAILSCANNER:
Installation:
    mailscanner need not to have clamd or spamassassin running to initialize or run the service.In fact it just need the perl modules that required to start.
Download the source code of the software.

#wget http://www.mailscanner.info/files/4/tar/MailScanner-install-4.75.11-1.tar.gz
#tar -zxvf MailScanner-install-4.75.11-1.tar.gz
# cd MailScanner-install-4.75.11-1
    it contains perl modules and install script
#./install.sh

    This installs the mailscanner in /opt directory. And mailscanner creates a new queue directory struchure in /var/spool (MailScanner, mqueue.in)

/var/spool/MailScanner
    This is a temperory directory userd for processing the msgs.
/var/spool/mqueue.in

    After starting the Mailscanner daemon we need to update the sendmail configuration to reflect the new queue structure. The new queue structure is implemented for the new two sendmail daemons. One for processing the inbound msgs i.e, the standard MTA which will accepts the mail on port 25 process the msgs and places those msgs in to queue in queue only mode. Those msgs are then re-routed in to the directory mqueue.in (we will be altering the sendmail configuration to queue msgs to mqueue.in not to deliver them).From there Mailscanner that had configured to check the mqueue.in for all 5 sec will scan the mqueue.in by consulting clamav, spamassassin and other mailicious contents and then places the msg in to mqueue directory. From here the second instance of the sendmail will deliver the msg to the destination.

    port25 sendmail(1) recieves msg -> Place the msg in mqueue.in -> Mailscanner scans and places in mqueue -> sendmail(2) will deliver the msg from mqueue to destination.

Configuring MailScanner:

#cd /opt/MailScanner
    This is a symbolic link created by for the installed version of MailScanner.
# cd /opt/MailScanner/etc
    This file contains the main configuration of MailScanner.

Edit the main configuration to change some key settings to start the MailScanner.

# vi MailScanner.conf
%org-name% = kiranjith
%org-long-name% = Kiran’s School for Linux Lovers
%web-site% = kiranjith83.blogspot.com
Max Children = 5
#by default mailscanner will launch upto 5 process to handle the mails in the mqueue.in. This can be increased according to the msg queue.
Run As User = root
# has to specify the mailscanner to run as.
Queue Scan Interval = 5
# this tells the mailscanner to check the mqueue.in directory in every 5 sec for a new msg.
Incoming Queue Dir = /var/spool/mqueue.in
#This is the directory where the 1st sendmail instance will put the incoming mails for scanning.
Outgoing Queue Dir = /var/spool/mqueue
#This is the directory where the mailscanner will place the scanned mails for 2nd instance of the sendmail to deliver.
Incoming Work Dir = /var/spool/MailScanner/incoming
#This is the directory where mailscanner process the msgs.
Quarantine Dir = /var/spool/MailScanner/quarantine
#In this directory MailScanner places the msgs which is infected by Virus.
Restart Every = 14400
#Every 14400 sec the child process will get restarted
MTA = sendmail
#This specifies the current mta running in the system.
Sendmail = /usr/lib/sendmail
#path to sendmail which used to deliver the error generated on scanning
Max Normal Queue Size = 800
# this tells mailscanner to stop scanning if the mail queue is this much big
#Note:- TNEF Module is needed to scan the content send from MS Outlook.
Virus Scanning = yes
# This enables the virus scanning
Virus Scanners = clamav
#sets the virus scanner to clamav.
Use SpamAssassin = yes
# makes mailscanner to invoke the spamassassin
Always Include SpamAssassin Repot = yes
#this invokes mailscanner to involve the result of spamassassin.
# The SpamAssassin returns a score for the scanned msg and mailscanner will make a decission upon this score. This will invoke both clamav and spamassassin.
Always Include SpamAssassin Report = yes
# This will include the spamassassin repot in the mail header.

/opt/MailScanner/spam.assassin.prefs.conf

            This file consists of the rules for the spamassassin, eg:-,the white list, Black list, Spam score threshold.

/opt/MailScanner/virus.scanners.conf

            This file contains the preferences of Virus scanner.

/opt/MailScanner/mcp

            This Directory is contains the rules of mail contents (rules about the extension of the mail attachment)

/opt/MailScanner/bin

            This directory contains the executables to run and check the mailscanner service.

#./check_mailscanner

            This will launch the mailscanner service

#ps -ef |grep -i mailscanner

            This will show the mailscanner configuration

Sendmail Integrating with MailScanner:

            By default the sendmail will be running as MSP as queue directory /var/spool/cilentmqueue and as MTA that binds to the default port of 25.

#/usr/sbin/sendmail -L sm-msp-queue -Ac -q30m
#/usr/sbin/sendmail -L sm-mta -bd -q30m

            These are the default deamon options that runs sendmail. So we have to change the deamon options or change the init script of sendmail with the following options.

#kill any existing sendmail deamons

Now create a sendmail start script

#vim sendmail_startup.sh
#!/bin/bash
sendmail=/usr/sbin/sendmail
#Run the sendmail as MSP program.
$sendmail -L sm-msp-queue -Ac -q30m
#Run the sendmail MTA for inbound (To accept the mail and keep in /var/spool/mqueue.in directory in queueonly mode)
$sendmail -L sm-mta-inbound -bd   -OprivacyOptions=noetrn   -OdeliveryMode=queueonly   -OqueueDirectory=/var/spool/mqueue.in  -OPidFile=/var/run/sendmail-in.pid  -q30m
#Define the Outbound MTA for delivery msg from /var/spool/mqueue directory,which has been scanned by and placed by MailScanner. The inervel should be short for delivering the mail ASAP.
$sendmail -q1m

Save and execute the script.

#ps -ef |grep sendmail

            This will show the 3 sendmail process running

Check the mail logs

# tail /var/log/maillog

If the sendmail installation is RPM Based. Then follow this

Change Commands That Start Sendmail. Currently, your copy of sendmail will be started by a script such as /etc/init.d/mail or /etc/rc.d/init.d/sendmail. Somewhere in this script will be the command to start sendmail itself. This should look like this:

—————
sendmail −bd −q15m
————–
You should change this to the following two lines:
————-
sendmail −bd  -OprivacyOptions=noetrn   -OdeliveryMode=queueonly   -OqueueDirectory=/var/spool/mqueue.in  -OPidFile=/var/run/sendmail-in.pid -q30m
sendmail -q1m
————-

This first starts the copy of sendmail that provides SMTP service, building the work queue for MailScanner. It then starts the copy of sendmail that delivers the output from MailScanner. You also might need to change the commands used to shut down sendmail as it now needs to find 2 copies and kill them both.

Note:-
            The spamd and clamd deamons are not needed to be running. It is just to ensure the configuration files working or not.

   
    It is a type of mail relaying. It is useful when using the virtual domains. for example if you want to forward mails to internal protected server in DMZ zone after the content scanning, mailertable can provide a solution rather than using the smarthost or nullclient.

Configuring the Mailer Table:

Configure the following in the server which is configured to recieve the mails through MX record.
Create the /etc/mail/mailertable

#vim /etc/mail/mailertable

(The format is as follows
Left Column                                      
domain name                                       
(To which domian it accepts          
the mail for)

Right Column
Routing Rules:
(Specify the mailer type(smtp or local):
user@domain or FQDN of host))

kiran.com        smtp:internalhost.kiran.com
jithu.com        smtp:jeo@mail1.jithu.com

    Here any mail that comes to domain kiran.com will be forwarded to internalhost.kiran.com and all the mail comes to domain jithu.com will forward to the user jeo at host mail1.jithu.com.

For Example:
This used primarily in the following scenario.
We have the mailertable enabled server facing the internet configured with MX record and all the mail scanning softwares. And other servers will be inside the network. So the mailertable enabled server recieves the mail primarly, scans the mail and forwards to respective servers according to the configuration in mailertable. So all the mails for a domain can be accepted by a single system and after scanning the mails can be redirected to respective sub-domains.

Now create the db file of mailertable

#makemap hash mailertable < mailertable

Now configure the sendmail for the Feature of mailertable

FEATURE(`mailertable’)dnl

    This will enable the mailertable support in sendmail.

#compile and restart the sendmail

Basic Virtual Domains

    Sendmail allows to host multiple domains in single instance. The Basic Virtual Domain can be created using local-host-name file. When sendmail receives mail, it needs a way of determining whether it is responsible for the mail it receives. It uses the /etc/mail/local-host-names file to do this. This file has a list of hostnames and domains for which sendmail responsible for mail.
For example, if this mail server was to accept mail for the domains kiran.com and jithu.com then the file would look like this:

# cat  /etc/mail/local-host-names
kiran.com
jithu.com

In this case, remember to modify the MX record of the jithu.com DNS zonefile point to kiran.com. Here is an example (Remember each “.” is important):

jithu.com. MX 10 mail.kiran.com.

    So if we send mail to the user “user1″ for both the domain (user1@kiran.com & user1@jithu.com),because of the MX record pointed the mail will reach the same server and as we have configured the local-host-name file sendmail will accept the mail for both the domains. The mail will be delivered to the same user user1 which is a local user.
Note:
    The mail server will default acceptance of mail for its FQDN defined without the entry in local-host-names.

Virtual users and virtual domains:

    This is defined using the virtual user table feature in sendmail configuration.The file used is virtusertable in /etc/mail. While defining the virtusertable the domain name should not exist in local-host-names.
    The /etc/mail/virtusertable file contains a set of simple instructions on what to do with received mail. The first column lists the target email address and the second column lists the local user’s mail box, a remote email address, or a mailing list entry in the /etc/aliases file to which the email should be forwarded.
If there is no match in the virtusertable file, sendmail checks for the full email address in the /etc/aliases file.

Defining the virtual domains and users (Keep in mind that the exact MX record has been added to respective domains):

FEATURE(`virtusertable’)dnl
VIRTUSER_DOMAIN_FILE(`-o /etc/mail/virtuserdomain’)dnl

    FEATURE(`virtusertable’)dnl expects to existance of the database  vrtusertable in /etc/mail.
    VIRTUSER_DOMAIN_FILE(`-o /etc/mail/virtuserdomain’) it looks up the various domains that supported by sendmail in this given path.

#compile configuration and restart the sendmail service

Now create the virtuserdomain file – this will tell the sendmail a list of domains that sendmail has to recieve mails

#edit /etc/mail/virtuserdomain
kiran.com
jithu.com

Now create the virtusertable database – it contains the mapping of virtual users/domains to mail box or remote mail box

#create/edit    /etc/mail/virtusertable
user1@kiran.com        kiran@someotherdomain
user2@jithu.com        jithu
 
#makemap hash virtusertable < virtusertable

#Now restart the sendmail service

    Now if we sendmail to user1@kiran.com from anywhere it will be redirected to kiran@someotherdomain and mail send to user2@jithu.com will be send to the local mail box of user jithu.

Other options in virtusertable:

@fazi.com    jithu
@jithuki.com    kiran
@mydomain.com    mailuser@remotedomain.com

    This will redirect all the mails that came to @fazi.com to user jithu, and all the mails send to domain jithuki.com to local user kiran. Any mail comes to mydomain.com will be redirected to mailuser@remotedomain.com

Sendmail Smart Host
      Smarthost is a smtp server that forwards the non local mails to another server that has proper DNS resolution.

DEFINING THE SMARTHOST:

    Define this derivative in the Host mail configuration where we have to forward the mail to another server.

define(`SMART_HOST’, `192.168.1.30′)
or
define(`SMART_HOST’, `isp.mailserver.com’)

      The Smart host entry can be either IP address or with Hostname

#recompile the sendmail.cf and restart the sendmail service in hosts

Now go to main mailserver (isp.mailserver.com):
Permit the host in Relay

#vi /etc/mail/access
add the ip address of the smarthost
#makemap hash acess < access

Now if we send mail from the Host to internet the message will be Relayed through isp.mailserver.com to internet.Verify the logs on each servers. All the details of the mail relays will be found in the msg headers(through which hosts the mail has be relayed).

NULL CLIENT CONFIGURATION:

      In contrast with SMARTHOST, NULL CLIENT CONFIGURATION will redirect all mails including local msgs, not just the remote mails to the defined server.This is used where in the situation that need to make the server to just send the msgs and not to receive any msgs.

Define the Following in the HOST that needed to be configured as NULL CLIENT.
first comment the SMART_HOST definition. Add the following in sendmail.mc

FEATURE(`nullclient’, `isp.mailserver.com’)
#recompile the sendmail.cf and restart the mail service

      This will make the host to forward all the mails to the server isp.mailserver.com. Test this by running sendmail in debugging mode

#sendmail -d -i

Note:- In server (isp.mailserver.com) has to define the access to relay this host.
       Now try sending msgs from host, this will make all the mail to relay through isp.mailserver.com.
Note:
      As we are defining the Null client, since it is not setup to receive mail we have to make sure that the mail envelop will be re-written.Because in case of any reply or bouncing the host will not be accepting the mail.

Default configuration of the sendmail Denies the Relay from other hosts.
But the following option makes the sendmail to run as open relay

FEATURE(`promiscuous_relay’)

    This option allows for any clients to connect to our SMTP and can send mail to any destination.

Testing a Open relay:
Try to connect to the Server from outside of the network and follow the procedure.
The Following Example shows the server that denies the Open Relay:

[root@kiran ~]# telnet 192.168.10.2 25
Trying 192.168.10.2…
Connected to fazi.com (192.168.10.2).
Escape character is ‘^]’.
220 centos.com ESMTP Sendmail 8.14.2/8.14.2; Wed, 23 Sep 2009 06:35:20 +0400
Mail from: kiran@domain.com
250 2.1.0 kiran@domain.com… Sender ok
Rcpt To: kiran@anotherdomain.com
550 5.7.1 kiran@anotherdomain.com… Relaying denied
quit
221 2.0.0 centos.com closing connection
Connection closed by foreign host.
[root@kiran ~]#

The Follwoing Example Shows the server that allows Open relay:

[root@kiran ~]# telnet 192.168.10.2 25
Trying 192.168.10.2…
Connected to fazi.com (192.168.10.2).
Escape character is ‘^]’.
220 centos.com ESMTP Sendmail 8.14.2/8.14.2; Wed, 23 Sep 2009 06:43:14 +0400
Helo domain.com
250 centos.com Hello mail1.kiran.com [192.168.10.1], pleased to meet you
Mail From:kiran@domain.com
250 2.1.0 kiran@domain.com… Sender ok
Rcpt To:kiran@anydomain.com
250 2.1.5 kiran@anydomain.com… Recipient ok
Data
354 Enter mail, end with “.” on a line by itself
This is to test the Open relay
.
250 2.0.0 n8N2hEOp009181 Message accepted for delivery
Quit
221 2.0.0 centos.com closing connection
Connection closed by foreign host.
[root@kiran ~]#

    The destination of the mail should be resolvable to sendmail for any kind of relay.

Relay in Sendmail:
    Relay in sendmail can be achieved by 2 common ways

1. Using the Relay-domains.
2. Using the access database.

1. Using relay-domains file:
    This is very easy way to implementing the relay access.
Edit sendmail.mc

RELAY_DOMAIN_FILE(`/etc/mail/relay-domains’)

    The file path to the relay-domains can be any where. Sendmail refer this while getting a new mail from any host.
/etc/mail/relay-domains file can contain each IP Address of the hosts on each line (Hostname of FQDN is permissible here and this has to be resolved properly).
Example:-

192.168.1.1
10.0.0.1
172.16.0.1
    Compile and Restart the sendmail service

RELAY_DOMAIN_FILE(`-o /etc/mail/relay-domains’)

    Here the “-o” option makes the sendmail to loading the Relay Domain File as optional. This means if the file is not present still the sendmail starts the daemon.

2. Using the Access DB:
    It extends the functionality of relay domains, defined by two columns.
Left Hand Side Column:
Users
Hosts
Ip Address
Right hand Side Column:
Relay
Reject
Discard
To enable this have to turn on the following feature.

FEATURE(`access_db’, `hash -o -T /etc/mail/access’)dnl

    The Feature enables the access db for Relay. hash is the type of database, “-o” makes the sendmail to run even if the access db file is not found, i.e makes the file optional. -T this allows access db to return the smtp errors to client and next to this we have the database location.

Now Create the access_db file:

#vi /etc/mail/access
connect:192.168.1.2    RELAY
connect:192.168.10.9    REJECT
#makemap hash access < access

    If any errors are generated re-compile the makemap by ./Bulid && ./Build install from the source directory.

    Here from the ip 192.168.1.2 sendmail will relay mail to outer world and from 192.168.10.9 will reject the relay to outer world This will make the sendmail to reject all the inbound mail traffic from the host 192.168.10.9.
Any update to the access doesn’t need sendmail reload to take effect. Because for each query sendmail makes query to the access.db file.

Other rules in access file:

From:kiran@mail1.kiran.com    REJECT
To:jithu@    RELAY

    As defined in this rule the msg send from user kiran@mail1.kiran.com will be rejected.We can specify in the second column REJECT,RELAY,OK or 550 errors too.
    In To:jithu@ REJECT any mail send to user jithu will be REJECTED.
    To parse this rule in access db file by sendmail we have to enable the following Macro Feature in the sendmail.cf file.

FEATURE(`relay_mail_from’)

    This FEATURE has to define after the FEATURE(`access_db’).This will enable the sendmail to parse the access.db to check the permission of Relay in user basis.i.e, it checks the mail envelop for relay.

    Now compile the sendmail.cf file and restart the service.

    This will show the warning about the open relay. so use this option carefully.

Derivatives in Sendmail.mc Configuration file:

#grep -i ^O sendmail.cf

    It returns the “options” that enabled in the sendmail.cf file

Options & Features in sendmail.mc:
Editing the sendmail.mc file:
    Any Options that enables inside the sendmai.mc or submit.mc should be specified after the DOMAIN(generic)dnl option
    Any rules that defines should come after the MAILER option inside the sendmail.mc/submit.mc file

Increasing the verbositry of Log Level of sendmail:
  Default level is 9.

define(`confLOG_LEVEL’, `10′)dnl

Now export the sendmail.cf file from sendmail.mc

#./Build install-cf
or
#m4  ../m4/cf.m4 sendmail.mc > sendmail.cf
Restart the sendmail
# kill -HUP `head -1 /var/run/sendmail.pid`

Maximun msg size:
Default is undefined

define(`confMAX_MESSAGE_SIZE’, `4096′)dnl
    Recompile the sendmail.cf file
    Restart the sendmail service

    This will resize the maximum msg size to 4K

Configuring the Maximum Recipients for MSG:

define(`confMAX_RCPTS_PER_MESSAGE’, `1′)dnl
    Recompile the sendmail.cf file
    Restart the sendmail

Editing the sendmail.cf file directly for maximum recipients per msg by enabling the following option

O MaxRecipientsPerMessage=1

    If client tries more than given number of recipients in the mail address it throws error
“: Too many recipients”. The msgs are queued for later delivery

Masquerading in sendmail:
    Masquerading changes the mail headers.A message header is the part of the message that contains information about a specific aspect of the message. This option should define prior to the mailer derivative.

MASQUERADE_AS(`mail1.jithu.com’)
or
MASQUERADE_AS(`jithu.com’)

    MASQUERADE_AS option is used to rewrite the host part of the mail address.  This will masquerade the msgs originated from the host to reflect as mail1.jithu.com
    For example:- mail send from host1.domain.com will be masqueraded as
    From:- kiran@mail1.jithu.com
    So if the recipient replies to msg will send to the host mail1.jithu.com

Masquerade the envelope:
    This will masquerade the mail envelope.Envelope is what appears initially.The sender and recipient addresses used in the SMTP transaction are called the Message Envelope. In other words A message envelope is the structure that encapsulates the component parts of a message: the message body and the message headers.

FEATURE(`masquerade_envelope’)

    Now the m4 will search for the masquerade_envelope.m4 inside the features directory in source folder while compiling to create the sendmail.cf. This will change the envelope address to mail1.jithu.com as defined in MASQUERADE_AS.
But the message coming from root will not be masqueraded as for other normal users.
   
Exposed users to exclude the masquerade:
    This will exclude a given user from masquerading. root user is excluded by default from masquerading.

EXPOSED_USER(`jithu kiran joe paul’)dnl
Or
EXPOSED_USER(`jithu’)dnl
Or
EXPOSED_USER_LIST(`path to user list’)dnl # user list should be one user per line

    So here the mail  for the users defined will be having the exact host details in the mail Headres as well as mail envelop.

Enabling the mail server to relay mails from any where:

FEATURE(`promiscuous_relay’)
#compile and restart the sendmail service

    This option will allows to relay mails from anywhere, i.e, configures our system as open relay. This option should not be enabled in the production environment. If this is enabled any one can send mail using this sendmail server. Spammers will exploit this option certainly.This will make m4 to find the file named promiscuous_relay.m4 in features folder and will add the contents in to the sendmail.cf file

Masquerade Domains:
    Default masquerading behavior of sendmail is, only masquerading the host part of the mail generated locally and it won’t masquerade the mails that generated from other systems.So including the option of masquerade domains will masquerade the hostname part of the mail for all other hosts that sendmail relays.

FEATURE(`masquerade_entire_domain’)

    This will enable the masquerading of mails send by all the servers/hosts that sendmail relays. The host part of the mail address is now re-written to the address as mentioned in MASQUERADE_AS(`jithu.com’). The exposed users are excluded in this option, that means the root user mail will not be masqueraded.

MASQUERADE_DOMAIN(`mail1.fazi.com’)

    This derivative says that any mail coming form host mail1.fazi.com should be masqueraded as defined in MASQUERADE_AS(`jithu.com’). We can add ‘n’ number of hosts seperated by in this derivative.
This option is valid upon the position of FEATURE(`masquerade_entire_domain’), which masquerades entire mails send by any hosts.

For Example:-  
          If FEATURE(`masquerade_entire_domain’) is set Before to MASQUERADE_AS(`jithu.com’) then all the hosts are masqueraded.
If FEATURE(`masquerade_entire_domain’) is set after MASQUERADE_AS(`jithu.com’) then the undefined hosts will not be masqueraded.

Masquerading Options Explained:

FEATURE(always_add_domain)dnl
FEATURE(`masquerade_entire_domain’)dnl
FEATURE(`masquerade_envelope’)dnl
FEATURE(`allmasquerade’)dnl
MASQUERADE_AS(`my-site.com’)dnl
MASQUERADE_DOMAIN(`my-site.com.’)dnl
MASQUERADE_DOMAIN(localhost)dnl
MASQUERADE_DOMAIN(localhost.localdomain)dnl

• The MASQUERADE_AS directive makes all mail originating on bigboy appear to come from a server within the domain my-site.com by rewriting the email header.
• The MASQUERADE_DOMAIN directive makes mail relayed via bigboy from all machines in the another-site.com and localdomain domains appear to come from the MASQUERADE_AS domain of my-site.com. Using DNS, sendmail checks the domain name associated with the IP address of the mail relay client sending the mail to help it determine whether it should do masquerading or not.
• FEATURE masquerade_entire_domain makes sendmail masquerade servers named *my-site.com, and *another-site.com as my-site.com. In other words, mail from sales.my-site.com would be masqueraded as my-site.com. If this wasn’t selected, then only servers named my-site.com and my-othersite.com would be masqueraded. Use this with caution when you are sure you have the necessary authority to do this.
• FEATURE allmasquerade makes sendmail rewrite both recipient addresses and sender addresses relative to the local machine. If you cc: yourself on an outgoing mail, the other recipient sees a cc: to an address he knows instead of one on localhost.localdomain.                 

Note: Use FEATURE allmasquerade with caution if your mail server handles email for many different domains and the mailboxes for the users in these domains reside on the mail server. The allmasquerade statement causes all mail destined for these mailboxes to appear to be destined for users in the domain defined in the MASQUERADE_AS statement. In other words, if MASQUERADE_AS is my-site.com and you use allmasquerade, then mail for peter@another-site.com enters the correct mailbox but sendmail rewrites the To:, making the e-mail appear to be sent to peter@my-ste.com originally.

• FEATURE always_add_domain always masquerades email addresses, even if the mail is sent from a user on the mail server to another user on the same mail server.
• FEATURE masquerade_envelope rewrites the email envelope just as MASQUERADE_AS rewrote the header.

M4 configuration in Sendmail
    M4 is a Macro program which allows to define key value pairs i.e names with values, such as configuration options with values and responsible for expanding the values to syntax that sendmail that recognizes.
eg:- sendmail.mc(Human readable config file) file is the input taken by M4 to create sendmail.cf(sendmail readable) file.

Generation Of Sendmail Configuration Files:
    If u are installing the sendmail from the source code all the configuration examples and M4 files that needed while converting the “*.mc” file will be present inside the directory /sendmail-8.14.2/cf. and if you are using the rpm based binaries all the configurations example and M4 files that needed while converting the “*.mc” file will be present inside /usr/share/sendmail-cf
The following is the basic configurations that needed by sendmail in sendmail.mc file to start with

divert(-1)
divert(0)dnl
VERSIONID(`$Id: generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp $’)
OSTYPE(linux)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
MAILER(smtp)dnl

/sendmail-8.14.2/cf or /usr/share/sendmail-cf directory:
    m4/:  directory contains the files that is used for compiling M4 with sendmail config file while running the Build script from the sub-directory cf/ (or #m4 sendmail.mc > sendmail.cf)
    README.txt: file contains all the derivatives that can be understood ( M4 preprocessor )by sendmail inside this directory.
    cf/:  In /sendmail-8.14.2/cf or /usr/share/sendmail-cf “cf/” is the sub-directory which contains the M4 configuration files. generic-linux.mc & generic-linux.cf are the two config files that is used for generation of sendmail.cf file. These configuration file is enough to create a minimum level of sendmail server on Linux distros.
    sendmail.mc file is used by MTA and submit.cf file is used by MSP.

Basic Derivatives and struchure of sendmail.mc:
dnl = delete through new line
    This tells the M4 deamon to delete any superfluous or excessive new lines after creation of subsequent derivatives for mc files to cf file.

VERSIONID(`$Id: generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp $’)

    Using this derivative M4 creates the version information of the sendmail as well the OS.

OSTYPE(linux)dnl

    It says to the m4 program to navigate to the ostype directory and find the file called linux.m4 and include the contents while generating the sendmail.cf file.M4 expands this session and produces the sendmail.cf. linux.m4 contains the basic path to sendmail binaries, other utilities like procmail-the local mailer and version of OS

DOMAIN(generic)dnl

    sendmail-8.14.2/cf/domain is the directory which contains the generic.m4 file.This file is included by M4 while the generation of the “*.cf” file. The domain folder contains the basic configurations of domain examples. The generic.m4 file is used, if we have any domain routing needs such as how to handle the msgs based on a domian or a sub-domain, masqurading etc. It contains the derivatives for
    .forward file path
    maximum mail Header Length.
    use of cw file etc.

MAILER(local)dnl   &
MAILER(smtp)dnl

    sendmail-8.14.2/cf/mailer is the directory which contains the M4 for local,smtp as well as procmail.
    Here every mailer has their own defnitions. inlcudes the path of program and the rules.
    local mailer permits the redirection of the msgs in to programs.

Running

`./Build install-cf`

inside the cf directory to create the configuration file is equal to
In source:

[root@centos cf]# pwd
/root/sendmail/sendmail-8.14.2/cf/cf
[root@centos cf]# m4  ../m4/cf.m4 sendmail.mc

In RPM based:

#m4 sendmail.mc > sendmail.cf

    Remote mail involves the usage of SMTP thus sendmail needs the name resolution to route the mails. For this sendmail uses DNS or uses /etc/hosts.
Find the FQDN of a host

 # hostname -f

    If the FQDN (which can retrieve the ip to query) is used to send the mail, then sendmail bypasses the MX record.

Sendmail DNS Usage:
Using FQDN:
    Sendmail performs the DNS lookup for the defined host address and gets the IP address and then delivers the msg to the destination.Remote hosts either accepts the mail or Routes the mail using any local mailer or Relays to another destination upon the configuration.
For example:

#sendmail -v kiran@mail1.india.mydomain.com

In this above example sendmail will use the ‘A’ record for the given address. Because the exact address of the mail server is given here for the “domain mydomain.com”

Using MX:
    MX is a special type of DNS record called as Mail Exchanger Record.When mail server actualy query a Domain for direct mail, they query the dns server for the MX record and once found sendmail will attempt to direct the mail to destination according to the priority of MX record.
   
Normally an “A” record is enough to get the IP address of the host for sendmail to send the mail.But MX is used because to distinguish/identify the  mail servers in the given domain
For Example:-

#sendmail -v kiran@mydomain.com

    In this case sendmail has to get the ip address of the mail server for the domain “mydomain.com” to route the mail. So sendmail does a “MX” record query upon the given domain.
(So in nameserver the MX record entry for mail1.india is added to the domain mydomain.com; Make sure that we have a ‘A’ record created for the same MX record)
    This means any the mail comes to kiran@mydomain.com will be routed to mail1.india.mydomain.com to process with.

Backup MX & Priority in MX:

    mydomain.com.    14000    IN    MX    20    mail2.india.mydomain.com.
    mydomain.com.    14000    IN    MX    10    mail1.india.mydomain.com.

    In this entry in dns with respect to the MX record the host which primarily contacts the server which has priority 10. Incase of unavailable of server which has priority 10 then the MTA will contact the server which has priority 20.
If a backup MX server is running make sure that the user mail box is located in the backup mail server as well.

Das Programm “sendEmail” versendet emails auf der Kommandozeile per smtp via TLS-Verschlüsselung und kommt dabei ohne Mailserver aus.

Lizenz: GFDL 1.2

Wer auf der Kommandozeile bzw. scriptgesteuert emails versenden will, der tut dies meist mit Hilfe eines Mailservers. Ein Mailserver wie sendmail ist jedoch nur mit einem nicht unerheblichen Aufwand aufzusetzen und zu warten. Darüberhinaus kann er – gerade auf Servern – ein Sicherheitsrisiko bedeuten.

In diese Bresche springt das Programm “sendEmail”, mit dem auch Dateianhänge versandt werden können. Der Einsatzbereich dieses kleinen Programms, das in perl geschrieben ist, ist vielfältig. So könnten z.B. Warnmails an den Administrator versandt werden, wenn:
- sich der Speicherplatz einer Festplatte seiner Maximalkapazität nähert
- bestimmte Schlüsselbegriffe in den Logdateien auftauchen
- ein Passwort mehrmals falsch eingegeben wurde

Geübte Shellscripter können mit “sendEmail” (immer das große “E” benutzen!) den Eintritt eines beliebigen Ereignisses mit dem Versand einer email verknüpfen. Die folgenden Informationen gelten für ein System “Ubuntu Jaunty Jackalope” und einen email-Account bei web.de, sollten jedoch auch grundsätzlich für andere Systeme gelten.

Installation:
Neben “sendEmail” werden folgende Pakete benötigt:
libio-socket-ssl-perl, libnet-ssleay-perl, perl
Unter Ubuntu werden alle benötigten Pakete  aus den Paketquellen installiert:

sudo apt-get install sendEmail libio-socket-ssl-perl libnet-ssleay-perl perl

Infos zur Installation des Tarballs finden sich auf der sendEmail Homepage.

Mails senden:
Zum Versenden einer Mail muss man sich zunächst für einen SMTP-fähigen email-Account mit TLS-Unterstützung registriert haben. Eine reguläre email-Adresse bei web.de erfüllt diesen Zweck. Dabei bitte beachten, dass das Passwort zwar verschlüsselt übertragen wird, jedoch in der Bash-History bzw. im Shellscript im Klartext aufzufinden sind. Eine eigene Email-Adresse nur zu diesem Zweck zu registrieren, scheint also empfehlenswert. Im folgenden Beispiel wird die fiktive Adresse “username@web.de” verwendet. Die Mail wird per SMTP an web.de gesendet und von hier an die Empfangsadresse weitergeleitet.
Am folgenden Beispiel soll verdeutlicht werden, wie “sendEmail” eine mail versendet:

sendEmail -v -f username@web.de -s smtp.web.de:25 -xu username -xp totalgeheim -t adminempfaenger@gmx.de -o tls=yes -u “Betreff: Test!” -m “Hallo, dies ist ein Test!”

Die Optionen im Einzelnen:
-v   verbose: geschwätziger Modus (hilfreich zur Fehlersuche)
-f    from: die Absenderadresse, von der die mail versandt werden soll (hier: username@web.de)
-s    server&port: Der zuständige SMTP-Server samt Portangabe
-xu    username: Der Benutzername. (Manche Provider erwarten hier die komplette Emailadresse)
-xp    password (SMTP): bei web.de das reguläre Benutzerpasswort
-t    to: Empfängeradresse
-cc    Kopie der Mail senden an: 2. Emailadresse
-bcc    Versteckte Kopie der Mail senden an: 2. Emailadresse
-o    hier: tls=yes – sorgt für eine verschlüsselte TLS-Übertragung
-u    subject: Betreffzeile
-m    message: Inhalt der Email
-a    attachement: Pfad zu Dateianhang, der mitgesendet werden soll

Weiterführende Infos:
Mit einem gmx-Account ist es mir nicht gelungen, mit sendEmail mails zu versenden (“Segmentation fault”). Wer weiß woran es hapert, kann gerne einen Kommentar hinterlassen. Ach ja: sendEmail scheint im Moment nur TLS, nicht aber SSL zu unterstützen.
Ein schönes (englischsprachiges) Beispiel, wie man sich täglich Logdateien per email aus einer Kombination von sendEmail, shellscripting und cronjob senden lassen kann, ist in diesem Tutorial beschrieben, das kürzlich erschienen ist. Die sendEmail Homepage mit allen Optionen und mehr Informationen ist hier: sendEmail Homepage

    Aliases is used to handle mails to a non existing address. This will allow to redirect the msgs destined to a given name to a real user.
eg:-

postmaster: kiran@domain.com,jrkiran@domain.com

    So when a mail comes in sendmail will check the aliases db for the aliases defined for new msgs, and according to the aliases defined sendmail attempts to deliver the msgs to the delivery agent by adding or modifying the headers of the msg with aliases defined in aliase db.

The Aliases File:
Default Aliases in system:

MAILER-DAEMON:  postmaster
postmaster:    root

When a msg is bounced or problem delivering a msg the destination of the msg will be MAILER-DAEMON.
i.e, if a mail is send to a non existing user then the mail header is modified to MAILER-DAEMON as user.
This means the problem msg or bounced msg has to go some where, and sendmail delivers it to MAILER-DAEMON.
MAILER-DAEMON is aliased to postmaster, and postmaster aliased to root – hence the mail is delivered to root.

Aliases File is case insensitive:
The aliases defined in sendmail is case insensitive.
After changing the aliases no need to restart or reload the sendmail  service because in each and every request sendmail consults the db of aliases.

Types of aliases defined

There are 5 types of aliases:

1. 1-to-1 Aliases.(1 alias map to one local username)
eg:-

postmaster:    root
bin:    root
support:    kiran

    2. 1-to-many or 1-to-lists
eg:-

info:    kiran,jithu,rinz
sales:    hr,joe,nick

    3. using include directive in aliases file.
This will allow aliases to include the list from separate file
eg:-

finance:    :include:/full/path/to/list.list

“users or mail address in the list file can be separated by comma.”
    4. File Redirection Aliases – Re-route the message to file
eg:-

abuse:    root,/var/log/abuse/mail
help:    /var/log/help

    All mail send to the user abuse will be re – routed in to /var/log/abuse/mail. This will help to collect the evidences of mail that is routed for given aliases. The file should not have the execute permission. Else sendmail will fail to write to this file
5.Redirecting the E-mail to PIPE (redirecting the output to an application)
    when a mail comes we can send the output to certain commands. for example if mail comes for the user john and the is in vacation then we can redirect the mail to the program “vacation” to send the automated reply.
eg:-

kiran:    “|/usr/bin/vacation kiran”

Creating a aliases
Add entry

#vim /etc/mail/aliase
support:    kiran

Update db

#newaliases

Test the aliase file

#sendmail -bi

Test the aliase

# sendmail -bv support
kiran… deliverable: mailer local, user kiran

    This means aliases support is deliverable, and it uses mailer local, and user who ultimately get msg.

Vacation Program
To enable the vacation program for an user called fazi install the vacation program that comes along with the sendmail binary.

Create a forward file

# vim ~/.forward
\fazi, “|/usr/bin/vacation -t0 fazi”

Now create the msg that needed to be auto reply.

# vim ~/.vacation.msg
Hi Thanks for you mail !
hai i am on vacation
will ping you once i’m back

This will invoke an automated reply to the sender including the msg body from the file .vacation.msg.

Mail logging configuration in syslog.conf

#grep -i mail /etc/syslog.conf
# Log anything (except mail) of level info or higher.
*.info;mail.none;authpriv.none;cron.none            /var/log/messages
# Log all the mail messages in one place.
mail.*          ;     -/var/log/maillog