Presentation is loading. Please wait.

Presentation is loading. Please wait.

Configuring Linux Mail Servers Objectives –This chapter will show you how to install and use Mailservers Contents –An Overview Of How Sendmail Works –Sendmail.

Published byJemimah Stanley Modified over 9 years ago

Similar presentations

Presentation on theme: "Configuring Linux Mail Servers Objectives –This chapter will show you how to install and use Mailservers Contents –An Overview Of How Sendmail Works –Sendmail."— Presentation transcript:

1 Configuring Linux Mail Servers Objectives –This chapter will show you how to install and use Mailservers Contents –An Overview Of How Sendmail Works –Sendmail configruation files –Relaying –Sendmail Masquerading –Using Sendmail to Change the Sender's Email Address Practical –Setting up mailserver

2 Getting SENDMAIL Installing Sendmail –You will need to make sure that the sendmail, sendmail-cf and m4 software RPMs are installed. rpm –ivh sendmail-8.12.8-4.i386.rpm(The client/server) rpm –ivh sendmail-cf-8.12.8-4.i386.rpm(Config files) rpm –ivh sendmail-devel-8.12.8-4.i386.rpm(Optional) rpm –ivh sendmail-doc-8.12.8-4.i386.rpm(Optional) Starting/Stopping Sendmail –You can use the chkconfig command to get Sendmail configured to start at boot: –To start/stop/restart sendmail after booting –You need to restart sendmail after changing sendmail.cf # chkconfig sendmail on # service sendmail start # service sendmail stop # service sendmail restart # service sendmail start # service sendmail stop # service sendmail restart

3 The /etc/mail/sendmail.mc File How to Put Comments in sendmal.mc –The sendmail.mc file doesn't use the "#" for commenting, but instead uses the string "dnl". Configuring the DNS for sendmail –Make Your Mail Server The Mail Server For Your Domain in DNS Disabled statements due to "dnl" commenting dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') Incorrectly disabled statement # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') Active statement DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') Disabled statements due to "dnl" commenting dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') Incorrectly disabled statement # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') Active statement DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') IN MX 10mail.my-site.com # host mail.my-site.com mail.my-site.com has address 192.168.0.1 # host mail.my-site.com mail.my-site.com has address 192.168.0.1

4 Sendmail & name resolution All hosts that are not the nameserver should have /etc/resolv.conf file like this: And incorrectly configured resolv.conf –file can lead to errors like this when running the m4 The /etc/hosts File must have loopback address domain my-site.com nameserver 192.168.0.1 domain my-site.com nameserver 192.168.0.1 WARNING: local host name (smallfry) is not qualified; fix $j in config file 127.0.0.1 bigboy.my-site.com bigboy localhost.localdomain \ localhost

5 How To Configure Linux Sendmail All Linux mail clients in your home or company need to know which server is the mail server. –In /etc/mail/sendmail.mc file: Converting From a Mail Client to a Mail Server –Determine Which NICs Sendmail Is Running On –We can verify that sendmail is running by first using the pgrep command define(`SMART_HOST',`mail.my-site.com') # pgrep sendmail 22131 # netstat -an | grep :25 | grep tcp tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN # pgrep sendmail 22131 # netstat -an | grep :25 | grep tcp tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN

6 Convert the sendmail client to server Edit sendmail.mc To Make Sendmail Listen On All Interfaces dnl This changes sendmail to only listen on the loopback device 127.0.0.1 dnl and not on any other network devices. Comment this out if you want dnl to accept email over the network. -> dnl DAEMON_OPTIONS(`Port=smtp,Addr=mail.my-site.com, Name=MTA') dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires dnl a kernel patch dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6') dnl We strongly recommend to comment this one out if you want to protect dnl yourself from spam. However, the laptop and users on computers that do dnl not have 24x7 DNS do need this. -> dnl FEATURE(`accept_unresolvable_domains')dnl dnl FEATURE(`relay_based_on_MX')dnl dnl This changes sendmail to only listen on the loopback device 127.0.0.1 dnl and not on any other network devices. Comment this out if you want dnl to accept email over the network. -> dnl DAEMON_OPTIONS(`Port=smtp,Addr=mail.my-site.com, Name=MTA') dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires dnl a kernel patch dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6') dnl We strongly recommend to comment this one out if you want to protect dnl yourself from spam. However, the laptop and users on computers that do dnl not have 24x7 DNS do need this. -> dnl FEATURE(`accept_unresolvable_domains')dnl dnl FEATURE(`relay_based_on_MX')dnl

7 Convert the sendmail client to server Comment out the "SMART_HOST" Entry In sendmail.mc Regenerate The sendmail.cf File & Restart sendmail –This step can be accomplished by running the script we created at the beginning of the chapter. Now Make Sure Sendmail Is Listening On All Interfaces dnl define(`SMART_HOST',`mail.my-site.com') # netstat -an | grep :25 | grep tcp tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN # netstat -an | grep :25 | grep tcp tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN #./smmake

8 A General Guide To Using The sendmail.mc File Primary rule, nice and clean sendmail.mc with comments –Masquerade rewrites all mail from hosts to coming from domain –FEATURE adds functionallity to sendmail dnl ***** Customised section 1 start ***** Dnl FEATURE(delay_checks)dnl FEATURE(masquerade_envelope)dnl FEATURE(allmasquerade)dnl FEATURE(masquerade_entire_domain)dnl dnl dnl ***** Customised section 1 end ***** dnl ***** Customised section 1 start ***** Dnl FEATURE(delay_checks)dnl FEATURE(masquerade_envelope)dnl FEATURE(allmasquerade)dnl FEATURE(masquerade_entire_domain)dnl dnl dnl ***** Customised section 1 end *****

9 Sendmail feature files The /etc/mail/relay-domains File The /etc/mail/access File –Keywords include RELAY, REJECT, OK (not ACCEPT) and DISCARD The /etc/mail/local-host-names File –Also recieve mail from my other site –In DNS we need to enter: my-other-site.com my-site.com my-other-site.com my-site.com localhost.localdomain RELAY localhost RELAY 127.0.0.1 RELAY 192.168.1.16 RELAY 192.168.1.17 RELAY 192.168.2 RELAY my-site.com RELAY localhost.localdomain RELAY localhost RELAY 127.0.0.1 RELAY 192.168.1.16 RELAY 192.168.1.17 RELAY 192.168.2 RELAY my-site.com RELAY my-site.com my-other-site.com my-site.com my-other-site.com my-other-site.com. MX 10 mail.my-site.com.

10 Which User Should Really Receive The Mail? The /etc/mail/virtusertable file The /etc/aliases File Allways run command newaliases after working with aliases webmaster@my-other-site.com webmasters @my-other-site.com marc sales@my-site.com sales@my-other-site.com paul@my-site.com paul finance@my-site.com paul @my-site.com error:nouser User unknown webmaster@my-other-site.com webmasters @my-other-site.com marc sales@my-site.com sales@my-other-site.com paul@my-site.com paul finance@my-site.com paul @my-site.com error:nouser User unknown... manager: root abuse: root # trap decode to catch security attacks decode: root # Person who should get root's mail root: marc,webmaster@my-site.com # My mailing list file admin-list: ":include:/home/mailings/admin-list"... manager: root abuse: root # trap decode to catch security attacks decode: root # Person who should get root's mail root: marc,webmaster@my-site.com # My mailing list file admin-list: ":include:/home/mailings/admin-list"

11 Sendmail Masquerading Explained If you want your mail to appear to come from –user@mysite.com and not user@bigboy.mysite.com You can in that case: a)Configure your email client, such as Outlook Express, to set your email address to user@mysite.comuser@mysite.com b)Set up masquerading to modify the domain name of all traffic originating from and passing trough your mail server Configuring masquerading –This can be solved by editing your sendmail.mc configuration file and adding some masquerading commands: FEATURE(always_add_domain)dnl FEATURE(`masquerade_entire_domain')dnl FEATURE(`masquerade_envelope')dnl FEATURE(`allmasquerade')dnl MASQUERADE_AS(`my-site.com')dnl MASQUERADE_DOMAIN(`my-site.com.')dnl MASQUERADE_DOMAIN(localhost)dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl FEATURE(always_add_domain)dnl FEATURE(`masquerade_entire_domain')dnl FEATURE(`masquerade_envelope')dnl FEATURE(`allmasquerade')dnl MASQUERADE_AS(`my-site.com')dnl MASQUERADE_DOMAIN(`my-site.com.')dnl MASQUERADE_DOMAIN(localhost)dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl

12 Sendmail Masquerading Explained Testing Masquerading –You should also tail the /var/log/maillog file to verify that the masquerading is operating Other Masquerading Notes –By default, user "root" will not be masqueraded. This is achieved with the: –in /etc/mail/sendmail.mc mail -v username EXPOSED_USER(`root')dnl

13 Using Sendmail to Change the Sender's Email Address Add these statements to your /etc/mail/sendmail.mc –In order to rewrite emails origin address, you need some features: –In /etc/mail/sendmail.mc Create a /etc/mail/generics-domains Create your /etc/mail/genericstable FEATURE(`genericstable',`hash -o /etc/mail/genericstable.db')dnl GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl FEATURE(`genericstable',`hash -o /etc/mail/genericstable.db')dnl GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl my-site.com my-other-site.com bigboy.my-site.com my-site.com my-other-site.com bigboy.my-site.com #linux-username username@new-domain.com alert security-alert@my-site.com peter urgent-message@my-site.com #linux-username username@new-domain.com alert security-alert@my-site.com peter urgent-message@my-site.com

14 Fighting SPAM, add features RFC-Ignorant valid IP address checker. Easynet open proxy list. The Open Relay Database open mail relay list. Spamcop spammer blacklist. Spamhaus spammer blacklist. FEATURE(`dnsbl', `ipwhois.rfc-ignorant.org',`"550 Mail from " $&{client_addr} " refused. Rejected for bad WHOIS info on IP of your SMTP server - see http://www.rfc-ignorant.org/"') FEATURE(`dnsbl', `proxies.blackholes.easynet.nl', `"550 5.7.1 ACCESS DENIED to OPEN PROXY SERVER "$&{client_name}" by easynet.nl DNSBL (http://proxies.blackholes.easynet.nl/errors.html)"', `')dnl FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending server misconfiguration - see http://www.ordb.org/faq/\#why_rejected"')dnl FEATURE(`dnsbl', `bl.spamcop.net', `"450 Mail from " $`'&{client_addr} " refused - see http://spamcop.net/bl.shtml"') FEATURE(`dnsbl',`sbl.spamhaus.org',`Rejected - see http://spamhaus.org/')dn

15 Spamassassin Downloading & Installing Spamassassin Starting Spamassassin Configuring Procmail for Spamassassin Startup Spamassassin –Combine spamassasin with sendmail features cp /etc/mail/spamassassin/spamassassin-spamc.rc /etc/procmailrc # /etc/init.d/spamassassin start # chkconfig --level 35 spamassassin on # rpm –ivh spamassassin-2.60-2.i386.rpm.

Download ppt "Configuring Linux Mail Servers Objectives –This chapter will show you how to install and use Mailservers Contents –An Overview Of How Sendmail Works –Sendmail."

Similar presentations

DMZ (De-Militarized Zone)

DMZ (De-Militarized Zone)
DMZ (De-Militarized Zone)

DMZ (De-Militarized Zone)
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
SYSTEM ADMINISTRATION Chapter 19

SYSTEM ADMINISTRATION Chapter 19
Web Server Administration

Web Server Administration
Web Server Administration Chapter 4 Name Resolution.

Web Server Administration Chapter 4 Name Resolution.
DNS server & Client Objectives Contents

DNS server & Client Objectives Contents
Configuring a Web Server. Overview  Understand how a Web server works  Install IIS (Internet Information Services) and Apache Web servers  Examine.

Configuring a Web Server. Overview  Understand how a Web server works  Install IIS (Internet Information Services) and Apache Web servers  Examine.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
DNS Setup DNS CONFIGURATION. DNS Configuration DNS Setup named daemon is used A DNS Server may be caching/master/slave server The named.ca file has information.

DNS Setup DNS CONFIGURATION. DNS Configuration DNS Setup named daemon is used A DNS Server may be caching/master/slave server The named.ca file has information.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
中華技術學院 Linux 課程 中華技術學院 Linux 課程 Chap Four : Mail 王俊城RHCE/RHCX.

中華技術學院 Linux 課程 中華技術學院 Linux 課程 Chap Four : Mail 王俊城RHCE/RHCX.
23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.
UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.

UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.
Linux Operations and Administration

Linux Operations and Administration
Sendmail configuration and installation Presented by kathleen.

Sendmail configuration and installation Presented by kathleen.
1 Linux Networking and Security Chapter 3. 2 Configuring Client Services Configure DNS name resolution Configure dial-up network access using PPP Understand.

1 Linux Networking and Security Chapter 3. 2 Configuring Client Services Configure DNS name resolution Configure dial-up network access using PPP Understand.
Mail Server Setup MAIL SERVER SETUP.

Mail Server Setup MAIL SERVER SETUP.
Linux+ Guide to Linux Certification, Third Edition

Linux+ Guide to Linux Certification, Third Edition

Similar presentations

Ads by Google