Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora User (http://www.linux-archive.org/fedora-user/)
-   -   Sendmail help sought (http://www.linux-archive.org/fedora-user/326463-sendmail-help-sought.html)

Timothy Murphy 02-15-2010 02:40 PM
Sendmail help sought
 
I'm puzzled by MASQUERADE_AS and MASQUERADE_DOMAIN in sendmail.mc .

I'm using KMail (under Fedora-12) on my laptop to send and receive email.

I send my email through my ISP, as defined by
define(`SMART_HOST', `smtp.eircom.net')dnl
in /etc/sendmail.mc on the laptop.

I collect my email on my desktop from my ISP and other sources,
by running fetchmail as cron.d jobs.
I run dovecot IMAP on the desktop,
and read the email on my laptop as IMAP.

Should I set MASQUERADE_AS and/or MASQUERADE_DOMAIN
on laptop and/or desktop?
Currently I have them both set on both machines to my ISP,
MASQUERADE_AS(`eircom.net')dnl
MASQUERADE_DOMAIN(eircom.net)dnl
but I'm not sure if this is necessary, or wise.

Any enlightenment gratefully received.

--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Tim 02-15-2010 04:11 PM
Sendmail help sought
 
On Mon, 2010-02-15 at 15:40 +0000, Timothy Murphy wrote:
> Should I set MASQUERADE_AS and/or MASQUERADE_DOMAIN
> on laptop and/or desktop?

Only if you need to, or want to, rewrite addresses to fake them as being
those addresses, when the originally were not. My mail set up is quite
similar to your description, and I've never needed to do that.

One problem with such simple masquerading is when you send out a mail
using a local LAN address, it fakes your local domain to be the ISP's
domain, and that constructed address happens to be the same address as
someone else on your ISP.

--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.



--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Mail Lists 02-15-2010 05:37 PM
Sendmail help sought
 
On 02/15/2010 12:11 PM, Tim wrote:
> On Mon, 2010-02-15 at 15:40 +0000, Timothy Murphy wrote:
>> Should I set MASQUERADE_AS and/or MASQUERADE_DOMAIN
>> on laptop and/or desktop?

It is not necessary tho its not a bad idea. Your sendmail is merely
acting as a client to your ISP's sendmail - so as long as your ISP
sendmail is happy (on correct net, authorized etc) all is fine.

> One problem with such simple masquerading is when you send out a mail
> using a local LAN address, it fakes your local domain to be the ISP's
> domain, and that constructed address happens to be the same address as
> someone else on your ISP.

That is -not- correct. The outside world will see the ISP sendmail
outbound MX and it will have a unique and reversable IP. The internal IP
may show up in a received line and plays zero roll at all. It is not a
problem in any way.



gene

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Tim 02-16-2010 02:35 AM
Sendmail help sought
 
Tim:
>> One problem with such simple masquerading is when you send out a mail
>> using a local LAN address, it fakes your local domain to be the ISP's
>> domain, and that constructed address happens to be the same address as
>> someone else on your ISP.

Gene:
> That is -not- correct. The outside world will see the ISP sendmail
> outbound MX and it will have a unique and reversable IP. The internal IP
> may show up in a received line and plays zero roll at all. It is not a
> problem in any way.

I'm not talking about IP addresses, I mean email addresses. Presume
that I am tim@localhost on my machine, and I masquerade my mail to
change localhost to the domain name of my ISP (e.g. example.com), and I
(now) send out my mail as tim@example.com, to save me from configuring
my mail clients. But, *I* shouldn't do that, because I am not user
"tim" on my ISP, some other person has that ISP mail account.

In general, you can masquerade with your own domain names quite freely
(swap an non-public internal domain for a real external domain name),
but you shouldn't simply use someone else's domain (such as your ISP's).

Even if you happen to use the same username as your ISP, it's still
potentially a problem, because you can start sending out mail from other
addresses (postmaster, root, etc.), which you won't be authorised to do.

Masquerading has to be done with due care, as with just about all
aspects of running a mail server attached to the public internet.

--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.





--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Timothy Murphy 02-16-2010 01:21 PM
Sendmail help sought
 
Tim wrote:

> I'm not talking about IP addresses, I mean email addresses. Presume
> that I am tim@localhost on my machine, and I masquerade my mail to
> change localhost to the domain name of my ISP (e.g. example.com), and I
> (now) send out my mail as tim@example.com, to save me from configuring
> my mail clients. But, *I* shouldn't do that, because I am not user
> "tim" on my ISP, some other person has that ISP mail account.

That is exactly my problem.
I am "tim" on my own machines, but "gayleard@eircom.net" to my ISP.

> Masquerading has to be done with due care, as with just about all
> aspects of running a mail server attached to the public internet.

I must admit I am still not clear about the purpose of masquerading.
What is a concrete situation where it might make sense?

Incidentally, I don't think I am running a mail SERVER
as I understand that term.
I collect all my email from external mail servers with fetchmail .


--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Mikkel 02-16-2010 03:33 PM
Sendmail help sought
 
On 02/16/2010 08:21 AM, Timothy Murphy wrote:
> Tim wrote:
>
>> I'm not talking about IP addresses, I mean email addresses. Presume
>> that I am tim@localhost on my machine, and I masquerade my mail to
>> change localhost to the domain name of my ISP (e.g. example.com), and I
>> (now) send out my mail as tim@example.com, to save me from configuring
>> my mail clients. But, *I* shouldn't do that, because I am not user
>> "tim" on my ISP, some other person has that ISP mail account.
>
But you can configure it so that tim@localhost gets mapped to
gayleard@eircom.net bu your mail server. It is also possible to map
all users except for specific ones to all go out as
gayleard@eircom.net. Normally root does not get changed. I don't
remember if postmaster does.

> That is exactly my problem.
> I am "tim" on my own machines, but "gayleard@eircom.net" to my ISP.
>
>> Masquerading has to be done with due care, as with just about all
>> aspects of running a mail server attached to the public internet.
>
> I must admit I am still not clear about the purpose of masquerading.
> What is a concrete situation where it might make sense?
>
You have a local network network that sends all outside mail through
one mail server. The internal mail address may be something like
lab1.foo.net, but mail headed for the Internet must be from foo.net
or even bar.net in order for return messages to reach the proper
mail server.

For a home network, you may want different local accounts to go out
through different ISP's mail servers.

The need for running a masquerading mail server on a home system has
become rare with the use of always on broadband connections. Also.
mail clients like Thunderbird send the outgoing messages directly to
the proper mail server without any name re-writing being necessary.
For home networks, there is seldom a need for the local mail server
to connect ot the Internet at all.

> Incidentally, I don't think I am running a mail SERVER
> as I understand that term.
> I collect all my email from external mail servers with fetchmail .
>
>
By default, Fedora runs Sendmail to handle locally generated mail
from things like cron jobs. Depending how you have Fetchmail set up,
it may also handle delivering the messages that Fetchmail gets.
Fetchmail can be configured to rewrite fetched mail to a local mail
address.

One final note - for most home networks, Sendmail is overkill - you
don't need most of the features. You may want to look into one of
the lighter alternatives.

Mikkel
--

Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


All times are GMT. The time now is 08:05 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.