Sendmail - Setup as Smart_Host
I will go through a basic setup of Sendmail as a smart host. The goal is to relay all mail outgoing from an internal OpenBSD server to a gateway that will then send out the email on the server’s behalf. No inbound email traffic is permitted to the internal OpenBSD server only the outside world sees the gateway as the mail server. I’m by no means a Sendmail expert, the steps I explain here is what I’ve learned on my own and with the assistance of dhartmei and NicM in IRC EFNet #OpenBSD channel and cannonball in IRC Freenode #sendmail channel.
Setup
- Make a copy of openbsd-localhost.mc, “cp usr/share/sendmail/cf/openbsd-localhost.mc /usr/share/sendmail/cf/openbsd-localhost-smarthost.mc”.
- Edit openbsd-localhost-smarthost.mc and add this statement without double quotes “include(`/usr/share/sendmail/m4/cf.m4′)dnl”.
- Edit openbsd-localhost-smarthost.mc and add this statement without double quotes “define(`SMART_HOST’,`input_host_here’)dnl”. Note: if an IP address is used enclose the IP address with square brackets.
- Compile configuration file without double quotes, “sudo m4 /usr/share/sendmail/cf/openbsd-localhost-smarthost.mc > /etc/mail/localhost.cf”. If you receieve “permission denied”, try this instead “sudo ksh -c ‘m4 /usr/share/sendmail/cf/openbsd-localhost-smarthost.mc > /etc/mail/localhost.cf’”.
- Shutdown Sendmail (kill). Without double quotes do “sudo kill ‘head -n1 /var/run/sendmail.pid’”.
- Start Sendmail as started previously, “sendmail -L sm-mta -C/etc/mail/localhost.cf -bd -q30m”. You can see how sendmail was started by executing without double quotes “grep sendmail /etc/rc.conf*”. In my case it returned /etc/rc.conf:sendmail_flags=”-L sm-mta -C/etc/mail/localhost.cf -bd -q30m”.
openbsd-localhost-smarthost.mc example
divert(-1) # # Copyright (c) 1998 Sendmail, Inc. All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # # # # This configuration only runs sendmail on the localhost interface. # This allows mail on the local host to work without accepting # connections from the net at large. # divert(0)dnl include(`/usr/share/sendmail/m4/cf.m4')dnl VERSIONID(`@(#)openbsd-localhost-smarthost.mc $Revision: 1.4 $') OSTYPE(openbsd)dnl FEATURE(nouucp, `reject')dnl FEATURE(`accept_unresolvable_domains')dnl FEATURE(`no_default_msa')dnl define(`SMART_HOST',`[10.10.8.1]')dnl MAILER(local)dnl MAILER(smtp)dnl DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Name=MTA')dnl DAEMON_OPTIONS(`Family=inet6, address=::1, Name=MTA6, M=O')dnl DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Port=587, Name=MSA, M=E')dnl DAEMON_OPTIONS(`Family=inet6, address=::1, Port=587, Name=MSA6, M=O, M=E')dnl CLIENT_OPTIONS(`Family=inet6, Address=::')dnl CLIENT_OPTIONS(`Family=inet, Address=0.0.0.0')dnl dnl dnl Some broken nameservers will return SERVFAIL (a temporary failure) dnl on T_AAAA (IPv6) lookups. define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
