Hello, there is a problem when using sendmail to certain destinations, basically the recipient will reject the incoming message because the user@local.domain.com is used as the sender (Return-Path), they would verify local.domain.com is not a valid DNS record which is true because it is a local machine.
However the "From:" field in the custom header contains a valid address and host in DNS, let's say popeye@spinach.com .
Why does sendmail use @local.domain.com instead of using @spinach.com ? I have a feeling this is solely down to the Return-Path because when I used the command "sendmail -t < header.txt -f popeye@spinach.com " it was received fine but that is abit of a hack fix.
I then tried setting "Return-Path: popeye@spinach.com " in the custom header.txt but it seemed to be keep overriding to user@local.domain.com again. So I proceeded to the look inside sendmail.cf, changed the Return-Path setting:
From:-
H?P?Return-Path: <$g>
To:-
H?P?Return-Path: <$f>
Refreshed sendmail, and triggered another message... however this made no difference it seems.
The recipient receives this message in the logs when rejecting:
Here is what we get in our logs, I highlighted the important part:
Received Time: 30 Sep 2009 08:51:41 (GMT -0400)
MID: 44444444
Message Size: 3150 (Byte)
Subject: TEST EMAIL
Envelope Sender: user@local.ourdomain.com
Envelope Recipients: user.name@recipientdomain.com
Message ID Header: <200909301234.asdf1234567@local.ourdomain.com>
IronPort Host: GATEWAY01 (123.123.123.123)
SMTP Auth User ID: N/A
Sending Host Summary
Reverse DNS Hostname: None (unverified)
IP Address: 123.123.123.123
SBRS Score: not enabled
Processing Details
MAIL POLICY "Corporate Email" MATCHED THESE RECIPIENTS: user.name@recipientdomain.com
30 Sep 2009 08:51:41 (GMT -0400) Protocol SMTP interface OutboundInterface (IP 123.123.123.123) on incoming connection (ICID 123321123) from sender IP 123.123.123.123. Reverse DNS host None verified 0.
30 Sep 2009 08:51:41 (GMT -0400) (ICID 123321123) RELAY sender group RELAYLIST match 123.123.123/24 SBRS not enabled
30 Sep 2009 08:51:41 (GMT -0400) Start message 44444444 on incoming connection (ICID 123321123).
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 enqueued on incoming connection (ICID 123321123) from user@local.ourdomain.com .
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 on incoming connection (ICID 123321123) added recipient (user.name@recipientdomain.com).
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 contains message ID header '<200909301251.n8UCpfZV1003650@local.ourdomain.com>'.
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 original subject on injection: TEST EMAIL
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 (3150 bytes) from user@local.ourdomain.com ready.
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 matched per-recipient policy Corporate Email for outbound mail policies.
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 scanned by Anti-Virus engine Sophos. Interim verdict: CLEAN
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 scanned by Anti-Virus engine. Final verdict: Negative
30 Sep 2009 08:51:41 (GMT -0400) Message 44444444 queued for delivery.
30 Sep 2009 08:51:42 (GMT -0400) SMTP delivery connection (DCID 55555555) opened from IronPort interface 147.179.184.137 to IP address 204.248.176.91 on port 25.
30 Sep 2009 08:51:42 (GMT -0400) (DCID 55555555) Delivery started for message 44444444 to user.name@recipientdomain.com .
30 Sep 2009 08:51:42 (GMT -0400) (DCID 55555555) Message 44444444 to user.name@recipientdomain.com delayed. Reason: 4.1.0 - Unknown address error ('450', ['<user@local.ourdomain.com>: Sender address rejected: Domain not found']) [('from', 'popeye@spinach.com')]
30 Sep 2009 08:51:42 (GMT -0400) Message 44444444 to user.name@recipientdomain.com pending until Wed Sep 30 08:52:42 2009 as per bounce profile Default.
30 Sep 2009 08:52:43 (GMT -0400) SMTP delivery connection (DCID 77777777) opened from IronPort interface 147.179.184.137 to IP address 204.248.176.91 on port 25.
30 Sep 2009 08:52:43 (GMT -0400) (DCID 77777777) Delivery started for message 44444444 to user.name@recipientdomain.com .
30 Sep 2009 08:52:43 (GMT -0400) (DCID 77777777) Message 44444444 to user.name@recipientdomain.com delayed. Reason: 4.1.0 - Unknown address error ('450', ['<user@local.ourdomain.com>: Sender address rejected: Domain not found']) [('from', 'popeye@spinach.com')]
30 Sep 2009 08:52:43 (GMT -0400) Message 44444444 to user.name@recipientdomain.com pending until Wed Sep 30 08:54:47 2009 as per bounce profile Default.
30 Sep 2009 08:54:50 (GMT -0400) (DCID 53198980) Delivery started for message 44444444 to user.name@recipientdomain.com .
30 Sep 2009 08:54:50 (GMT -0400) (DCID 53198980) Message 44444444 to user.name@recipientdomain.com delayed. Reason: 4.1.0 - Unknown address error ('450', ['4.1.8 <user@local.ourdomain.com>: Sender address rejected: Domain not found']) [('from', 'popeye@spinach.com')]
30 Sep 2009 08:54:50 (GMT -0400) Message 44444444 to user.name@recipientdomain.com pending until Wed Sep 30 09:01:08 2009 as per bounce profile Default.
Thanks for any help you can provide.
Additionally, adding the server address to public DNS is not going to happen for security reasons.
The answer is having sendmail deliver the message with the sender as @spinnach.com (perferably the same as the From: ), instead of the machine address user@local.
if postfix is an option for you, I wrote this tutorial:
http://tech.gate.io/blogpost34
your problem is the "from" field
if you want, I have a sendmail solution too which I can post tomorrow
this one has the advantage, that "from" field is rewritten to
From: hostname <username@domainyoulike.com>
for AIX, you have to run "newaliases" after postfix the installation, then it'll work fine
I'm not sure that the problem is the "From:" field because it is showing the correct address? I don't think I would be allowed to install postfix....
shoudn't it be
from=<user@ourdomain.com
instead of
from=<user@local.ourdomain.com
?
Yeah... now I'm confused because it shows the correct From: address when it is sent to me (I'm CCing myself).
The sendmail.cf is showing $g's, perhaps changing the $g to $f might help... or maybe I'm going into the totally wrong direction.
H?F?From: $?x$x <$g>$|$g$.
in the mc file:
FEATURE(masquerade_entire_domain)
FEATURE(masquerade_envelope)
MASQUERADE_AS(`external.domain')
MASQUERADE_DOMAIN(`hostname.domain.local')
in the sendmail.cf file, comment
#CL root
#C {E}root
so that the masquerading works for root too
funksen:
in the mc file:
FEATURE(masquerade_entire_domain)
FEATURE(masquerade_envelope)
MASQUERADE_AS(`external.domain')
MASQUERADE_DOMAIN(`hostname.domain.local')
in the sendmail.cf file, comment
#CL root
#C {E}root
so that the masquerading works for root too
Thanks for the reply, but what would that do? Is there any disadvantages to using masquerading? Would it be bad if there is no sendmail.mc file?
you don't really need the mc file, sendmail make generates the cf file from the mc file
you could try to add these lines manually to sendmail.cf
#CL root
#C{E}root
C{w}localhost.localdomain
C{M}local.ourdomain.com
# who I masquerade as (null for no masquerading) (see also $=M)
DMourdomain.com
but editing the cf file manually may not work when doing big changes like that
funksen:
you don't really need the mc file, sendmail make generates the cf file from the mc file
you could try to add these lines manually to sendmail.cf
#CL root
#C{E}root
C{w}localhost.localdomain
C{M}local.ourdomain.com
# who I masquerade as (null for no masquerading) (see also $=M)
DMourdomain.com
but editing the cf file manually may not work when doing big changes like that
I have not tried this yet but I will do, just need to get access to the sendmail.cf (it is restricted to certain privileges). I take it there is no way to get the sender address the same as what is set for the "From:" field?
Is there a way to masquerade on specific ID's instead of all outgoing mail?
funksen
October 14, 2009, 12:07pm
12
this can be done with a genericstable
FEATURE(generics_entire_domain)
FEATURE(genericstable, `hash -o /etc/mail/genericstable')
GENERICS_DOMAIN(`hostname.domain.local')
with this method, you can specify any emailsubstitution
an entry can look like:
apache appuser@external.doma in
makemap -v hash genericstable < genericstable
but you don't have the mc file, so probably you have to install additional sendmail packages, I can't tell you how the final .cf file looks like with this changes