Linux Sendmail Administration Craig Hunt SYBEX® San Francisco Paris Düsseldorf Soest London Linux Sendmail Administration Craig Hunt Associate Publisher: Dick Staron Contracts and Licensing Manager: Kristine O’Callaghan Acquisitions and Developmental Editors: Maureen Adams, Tom Cirtin Editor: Suzanne Goraj Production Editor: Liz Burke Technical Editors: Randolph Russell, James Eric Gunnett Book Designer: Bill Gibson Electronic Publishing Specialist: Nila Nichols Proofreaders: Jennifer Campbell, Nelson Kim, Yariv Rabinovitch, Nanette Duffy, Nancy Riddiough, Laurie O’Connell, Andrea Fox Indexer: Nancy Guenther Cover Designer: Ingalls & Associates Cover Illustrator: Ingalls & Associates Copyright © 2001 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, includ- ing but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher. Library of Congress Card Number: 2001087202 ISBN: 0-7821-2737-1 SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries. Screen reproductions produced with FullShot 99. FullShot 99 © 1991-1999 Inbit Incorporated. All rights reserved.FullShot is a trademark of Inbit Incorporated. Netscape Communications, the Netscape Communications logo, Netscape, and Netscape Navigator are trademarks of Netscape Communications Corporation. Netscape Communications Corporation has not authorized, sponsored, endorsed, or approved this publica- tion and is not responsible for its content. Netscape and the Netscape Communications Corporate Logos are trademarks and trade names of Netscape Communications Corporation. All other product names and/or logos are trademarks of their respective owners. TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer. The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book. Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 To Sara, David, and Rebecca, who make me proud every day. Foreword You may already be familiar with the Craig Hunt Linux Library. If you are, you know it is a library of books for professional system administrators that focuses directly on Linux. The reason for creating such a high quality library is simple: Linux and the professionals who administer Linux systems deserve it. The goal of the library is to provide highly tech- nical books that are clear, accurate, and complete. Creating comprehensive, concise books that focus on only Linux and that have a consis- tent structure has had a serendipitous side effect. These books tell the story of the under- lying technology, whether it is DNS, Samba, or Sendmail, in a clear and organized manner. This turns out to be particularly important for Sendmail. Sendmail is an essential component of every Linux distribution. Yet a fog of confusion has surrounded Sendmail and particularly Sendmail configuration. Books about Sendmail have done little to alle- viate this situation. Some books become so enmeshed in the minutiae of Sendmail con- figuration syntax that they become little more than giant reference books that are about as useful as reading a dictionary. Others are too superficial; they lack details needed to help the professional system administrator. What is needed is a balance between enough detail and too much detail. Linux Sendmail Administration cuts through the fog by presenting the story of Sendmail in a clear, organized manner. Reference material is where it should be, in an appendix. The content of the book respects the reader’s technical skills, providing all of the infor- mation you need in a form that you can use. At last! A true Sendmail tutorial. Craig Hunt December 2000 Acknowledgments I have now written my third book for Sybex, which, frankly, I never thought would hap- pen. I thought writing Linux Network Servers 24seven , my first book for Sybex, would be a one-shot deal. But then came the opportunity to write a series of books all focused on Linux. As much as I love writing, I love writing about Linux even more. To add to the joy of this project, the people at Sybex have been wonderful. Like the other books, this one has been written with the support of some excellent people. I have been surprised by the consistent quality of the people I work with because the cast of characters has changed. It is perfectly normal for different books to have different edi- tors, but fate has been a bigger player in these changes than management. Guy Hart- Davis, the Associate Publisher who first listened to my proposals for this library, inherited a large home in England and went off to be “Lord of the Manor.” (Like everyone else at Sybex, I’m dying to go to England to visit him.) By great good luck, Neil Edde took over as Associate Publisher for the Linux Library. Neil is the person who introduced me to Sybex. He was the first person to hear my ideas about the Linux Library and to encourage me to propose them to Sybex. I couldn’t have a better publisher than Neil. Maureen Adams, who started as the Acquisition Editor for this series, has been promoted to Mom. She left the project to give birth to Emma. Now instead of baby-sitting me, she is sitting with a real baby. I’d call that a major promotion! Tom Critin, who took over as Acquisition Editor, is a career publishing professional. Tom’s no-nonsense style helps him deal with me and the other authors in the Craig Hunt Linux Library. Tom deserves special thanks for understanding that the technical quality and not the production schedule was the most important factor in creating this library. The Production Editor for this book was Liz Burke—my thanks to Liz for her flexibility in working around my schedule. Suzanne Goraj was the Editor. I want to thank her for respecting my writing style while still doing a great job of improving my grammar. Randy Russell and Eric Gunnett were the Technical Editors. Their suggestions were very helpful in creating a more accurate book. Randy has a particularly fine eye for technical details. I would like to thank all of the production people and artists for their hard work: Nila Nichols, Jennifer Campbell, Nancy Guenther, Nelson Kim, Yariv Rabinovitch, Nanette Duffy, Nancy Riddiough, Laurie O’Connell, and Andrea Fox. I’d also like to thank Karen Ruckman of KJR Design in Washington, D.C. Karen is a pro- fessional photographer and designer. I can attest to the fact that she is one of the best. Only the best of photographers could make my mug look presentable enough for the cover of a book. Twelve-hour days. No vacations. Not even weekends off. When the schedule gets tight and deadlines loom, I’m not the easiest person to live with. Kathy, thanks for living with me. Contents at a Glance Introduction . . . . . . . . . . . . . . . . . . . . . . . xvii Part 1 How Things Work 1 Chapter 1 Internet Mail Protocols . . . . . . . . . . . . . . . . . . . . . . 3 Chapter 2 Understanding E-Mail Architecture . . . . . . . . . . . . . . . . . .31 Chapter 3 Running Sendmail . . . . . . . . . . . . . . . . . . . . . . .51 Part 2 Essential Configuration 79 Chapter 4 Creating a Basic Sendmail Configuration . . . . . . . . . . . . . . . .81 Chapter 5 Understanding a Vendor’s Configuration . . . . . . . . . . . . . . . 107 Chapter 6 Using Sendmail Databases . . . . . . . . . . . . . . . . . . . 137 Part 3 Advanced Configuration 177 Chapter 7 The sendmail.cf File . . . . . . . . . . . . . . . . . . . . . . 179 Chapter 8 Understanding Rewrite Rules . . . . . . . . . . . . . . . . . . . 219 Chapter 9 Special m4 Configurations . . . . . . . . . . . . . . . . . . . . 247 Part 4 Maintaining a Healthy Server 267 Chapter 10 Testing Sendmail . . . . . . . . . . . . . . . . . . . . . . . 269 Chapter 11 Stopping Spam . . . . . . . . . . . . . . . . . . . . . . . 299 Chapter 12 Sendmail Security . . . . . . . . . . . . . . . . . . . . . . 321 Appendices 359 Appendix A m4 Macro Command Reference . . . . . . . . . . . . . . . . . . 361 Appendix B The sendmail Command . . . . . . . . . . . . . . . . . . . . 395 Appendix C Sendmail Variables, Options, and Flags . . . . . . . . . . . . . . . 411 Index . . . . . . . . . . . . . . . . . . . . . . . . . . 435 Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . xvii Part 1 How Things Work 1 Chapter 1 Internet Mail Protocols . . . . . . . . . . . . . . . 3 The Internet Protocol Suite . . . . . . . . . . . . . 4 A Simple Mail Transport Protocol . . . . . . . . . . . 4 Using SMTP through telnet . . . . . . . . . . . . 6 SMTP Response Codes . . . . . . . . . . . . . 9 Observing SMTP with Verbose Mode . . . . . . . . 11 A Basic Mail Message . . . . . . . . . . . . . . . 13 Message Headers . . . . . . . . . . . . . . . 13 Multipurpose Internet Mail Extensions . . . . . . . . . 15 The Content-Type Header . . . . . . . . . . . . 16 The Content-Transfer-Encoding Header . . . . . . . . 19 Extended SMTP . . . . . . . . . . . . . . . . . 20 Extended Service Keywords . . . . . . . . . . . 21 Mailbox Protocols . . . . . . . . . . . . . . . . 22 Post Office Protocol . . . . . . . . . . . . . . 22 Internet Mail Access Protocol . . . . . . . . . . . 25 In Sum . . . . . . . . . . . . . . . . . . . . 29 Chapter 2 Understanding E-Mail Architecture. . . . . . . . . . . 31 The Role of DNS . . . . . . . . . . . . . . . . . 33 Processing MX Records . . . . . . . . . . . . . 35 The Components of Mail Architecture . . . . . . . . . . 36 Formal Definitions . . . . . . . . . . . . . . . 36 Sample Mail Architectures . . . . . . . . . . . . 39 Sendmail’s Roles. . . . . . . . . . . . . . . . . 41 A Message Submission Agent . . . . . . . . . . . 42 A Message Transfer Agent . . . . . . . . . . . . 46 A Client . . . . . . . . . . . . . . . . . . 49 In Sum . . . . . . . . . . . . . . . . . . . . 49 Contents x Chapter 3 Running Sendmail . . . . . . . . . . . . . . . . 51 Running Sendmail at Start-Up . . . . . . . . . . . . 51 On a BSD-Style Linux System . . . . . . . . . . 53 On a System V–Style Linux System. . . . . . . . . 54 Controlling Sendmail with Signals . . . . . . . . . 59 Installing Sendmail . . . . . . . . . . . . . . . 61 Installing Sendmail with dpkg . . . . . . . . . . 61 Locating RPM Software. . . . . . . . . . . . . 62 Installing Sendmail with RPM . . . . . . . . . . 66 X Tools for Installing Sendmail . . . . . . . . . . 68 Cleaning Up after RPM . . . . . . . . . . . . . 69 Downloading and Compiling Sendmail . . . . . . . . . 71 Known Problems . . . . . . . . . . . . . . . 74 Configuration Compatibility . . . . . . . . . . . 75 In Sum . . . . . . . . . . . . . . . . . . . . 76 Part 2 Essential Configuration 79 Chapter 4 Creating a Basic Sendmail Configuration . . . . . . . . 81 The cf Directory Structure . . . . . . . . . . . . . 82 Little-Used Directories . . . . . . . . . . . . . 83 The domain Directory . . . . . . . . . . . . . 85 The cf Subdirectory . . . . . . . . . . . . . . 85 The ostype Directory . . . . . . . . . . . . . 88 The mailer Directory. . . . . . . . . . . . . . 89 The feature Directory . . . . . . . . . . . . . 90 The m4 Directory . . . . . . . . . . . . . . . 90 The m4 Macro Language. . . . . . . . . . . . . . 91 Controlling m4 Output . . . . . . . . . . . . . 92 The Basic Commands . . . . . . . . . . . . . 94 A Sample Macro Configuration File. . . . . . . . . 97 Building a Simple m4 Configuration File . . . . . . . 99 More m4 Commands . . . . . . . . . . . . . 102 In Sum . . . . . . . . . . . . . . . . . . 105 Contents xi Chapter 5 Understanding a Vendor’s Configuration. . . . . . . . . 107 The Generic Linux Configuration . . . . . . . . . . . 108 The Linux OSTYPE File . . . . . . . . . . . . . 109 The Generic DOMAIN File . . . . . . . . . . . . 112 Adding Support for the .REDIRECT Pseudo-Domain. . . . 114 Adding Support for Local Host Aliases . . . . . . . . 115 Protecting the root Account from Masquerading . . . . . 117 The Essential Mailers . . . . . . . . . . . . . . 118 The Red Hat Configuration . . . . . . . . . . . . . 122 Modifying the Red Hat Configuration . . . . . . . . . . 131 In Sum . . . . . . . . . . . . . . . . . . . . 135 Chapter 6 Using Sendmail Databases . . . . . . . . . . . . . 137 Adding Database Support . . . . . . . . . . . . . . 138 Database Compiler Options . . . . . . . . . . . . 138 Configuration Options . . . . . . . . . . . . . 142 The Cr, Cw, and Ct Files . . . . . . . . . . . . . . 144 The relay-domains File . . . . . . . . . . . . . 145 The local-host-names File . . . . . . . . . . . . 147 The aliases Database . . . . . . . . . . . . . . . 149 Defining Personal Mail Aliases . . . . . . . . . . . 153 The User Database . . . . . . . . . . . . . . . . 154 The access Database . . . . . . . . . . . . . . . 156 The Address Field . . . . . . . . . . . . . . . 157 The Action Field . . . . . . . . . . . . . . . 159 The virtusertable . . . . . . . . . . . . . . . . . 161 Defining a Virtual Domain . . . . . . . . . . . . 161 Defining virtusertable Delivery Addresses . . . . . . . 163 The mailertable . . . . . . . . . . . . . . . . . 166 The genericstable . . . . . . . . . . . . . . . . 169 Little-Used Databases . . . . . . . . . . . . . . . 171 The makemap Command . . . . . . . . . . . . . . 172 In Sum . . . . . . . . . . . . . . . . . . . . 174 [...]... the role these things play in mail delivery The role that Sendmail plays in you mail architecture The interaction between Sendmail and DNS How Sendmail is run to collect inbound mail How to control Sendmail at startup and how to control it with signals How to install the Sendmail binaries with RPM How to compile Sendmail for a Linux system Linux Library Part 1 How Things Work Part 1 This page intentionally... know to master Sendmail and illustrates that Sendmail, while not simple, is less complex than you might imagine Who Should Buy This Book This book is for anyone who is building a network mail server using Linux and Sendmail The book doesn’t assume that you know much about Sendmail But it does assume that you have a good understanding of computers and IP networks, and of Linux system administration. .. for Sendmail information It provides detailed instruction about how a Sendmail server is built on a Linux platform Examples of compiling, installing, and configuring Sendmail to run with Linux are provided Security features specific to Linux are covered Information about Linux that is overlooked by other Sendmail books is provided here Even administrators of Unix systems will find this book a useful companion... chapters: Chapter 4, “Creating a Basic Sendmail Configuration,” Chapter 5, “Understanding a Vendor’s Configuration,” and Chapter 6, “Using Sendmail Databases.” Chapter 4: Creating a Basic Sendmail Configuration Sendmail requires a configura- tion that is compatible with the version of Sendmail that is installed The configuration is built from the m4 library delivered with the Sendmail source code distribution... databases are used to customize Sendmail Frequently, the key to getting Sendmail to do what you want is in one of these databases and not in the Sendmail configuration file The chapter covers the purpose, structure, and syntax of every Sendmail database Part 3: Advanced Configuration Part 3 examines the sendmail. cf file, explains address rewriting, and describes optional Sendmail configurations that are... the sendmail. cf file Chapter 8 explains the purpose and syntax of Sendmail rewrite rules Chapter 9 describes many advanced m4 features Chapter 7: The sendmail. cf File The m4 macros create the sendmail. cf file that con- tains the actual Sendmail configuration This chapter explains the structure of that file and the syntax of the commands it contains An example of directly editing and testing the sendmail. cf... start with Linux System Administration by Vicki Stanfield and Roderick W Smith (Sybex, 2001) and Linux xviii Introduction Network Servers 24seven by Craig Hunt (Sybex, 1999) Those books will provide you with all the background you need Linux system administrators will find this book invaluable as their primary resource for Sendmail information It provides detailed instruction about how a Sendmail server... e-mail architecture The tasks performed by Sendmail in delivering the mail and the roles of POP and IMAP are explained Chapter 3: Running Sendmail The sendmail command and when and how it is invoked are covered, as are downloading, compiling, and installing Sendmail Part 2: Essential Configuration Part 2 covers the basic configuration skills needed by every Sendmail administrator It is composed of three... systems have been in existence Unfortunately, the name Sendmail strikes fear in the hearts of many system administrators Sendmail has a reputation for being unnecessarily complex and arcane The thousand-page books written about Sendmail do little to alleviate this fear I hope that this book will Much of the complexity in Sendmail is historical in nature Sendmail has been around for almost 20 years It includes... Reference This appendix provides a summary of the m4 macros that are available to build a custom Sendmail configuration Appendix B: The sendmail Command This appendix is a reference for the large number of command line options available for the sendmail command Appendix C: Sendmail Variables, Options, and Flags Sendmail stores configuration values in specific macro variables and class variables It defines . Linux Sendmail Administration Craig Hunt SYBEX® San Francisco Paris Düsseldorf Soest London Linux Sendmail Administration Craig. or Sendmail, in a clear and organized manner. This turns out to be particularly important for Sendmail. Sendmail is an essential component of every Linux