How To – Setup Sendmail for Masquerading and as a SMTP Smart Host

Posted on by

Background Knowledge

I have multiple OpenBSD web servers some internal and some public (accessible via the Internet) that uses Sendmail. However on the network there is only one publicly known email server. Therefore I require to Sendmail to function as follows, route all email through an SMTP smart host and when routing mail to the SMTP smart host change the email address hostname (masquerade). For example an email sender of “root@foobar.example.com” would be changed to “root@example.com”.

I’m by no means a Sendmail expert, the steps I explain here is what I’ve learned on my own and with the assistance of Zerberus in IRC Freenode #sendmail channel.

Solution

Alter Sendmail’s configuration file adding the following lines. Refer to Sendmail Configuration Readme for further explanation and How To – Setup Sendmail as a Smart_Host for details on how this process is achieved.

FEATURE(genericstable)dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`example.com')dnl
MASQUERADE_AS(`example.com')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
MASQUERADE_DOMAIN(`foobar.example.com')dnl
define(`SMART_HOST',`[10.10.15.1]')dnl

You will also need to edit Sendmail’s genericstable as follows. On OpenBSD this is located under “/var/mail/genericstable”.

@foobar.example.com  %1@example.com

Example Configuration File (mc)

divert(-1)
#
# Copyright (c) 1998 Sendmail, Inc.  All rights reserved.
# Copyright (c) 1983 Eric P. Allman.  All rights reserved.
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#

#
#  This configuration only runs sendmail on the localhost interface.
#  This allows mail on the local host to work without accepting
#  connections from the net at large.
#

divert(0)dnl
include(`/usr/share/sendmail/m4/cf.m4')dnl
VERSIONID(`@(#)openbsd-localhost-smarthost.mc $Revision: 1.4 $')
OSTYPE(openbsd)dnl
FEATURE(nouucp, `reject')dnl
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`no_default_msa')dnl
FEATURE(genericstable)dnl
FEATURE(generics_entire_domain)dnl
GENERICS_DOMAIN(`example.com')dnl
MASQUERADE_AS(`example.com')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
MASQUERADE_DOMAIN(`foobar.example.com')dnl
define(`SMART_HOST',`[10.10.15.1]')dnl
DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Name=MTA')dnl
DAEMON_OPTIONS(`Family=inet6, address=::1, Name=MTA6, M=O')dnl
DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Port=587, Name=MSA, M=E')dnl
DAEMON_OPTIONS(`Family=inet6, address=::1, Port=587, Name=MSA6, M=O, M=E')dnl
CLIENT_OPTIONS(`Family=inet6, Address=::')dnl
CLIENT_OPTIONS(`Family=inet, Address=0.0.0.0')dnl
dnl
dnl Some broken nameservers will return SERVFAIL (a temporary failure)
dnl on T_AAAA (IPv6) lookups.
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
MAILER(local)dnl
MAILER(smtp)dnl

Source: How To – Setup Sendmail as a Smart_Host
Source: Sendmail – Masquerading and Relaying
Source: Sendmail Configuration Readme

Comments are closed.