[nSLUG] Sendmail configuration

Jon Watson me at jonwatson.ca
Thu Mar 20 10:10:13 ADT 2008


Hi,

On Wed, Mar 19, 2008 at 11:30 PM, Ian Campbell <ian at slu.ms> wrote:

>
>
> > A second common check involves verifying the bar.com in different ways.
> It
> > typically involves a reverse DNS lookup in that the receiving mail
> server
> > checks to see if the ip of bar.com matches the IP of the server that has
> > connected to it. I think there are generally also different checks
> involving
> > SPF records which can 'authorize' another various other servers to
> deliver
> > mail for bar.com. Some domain verifications only check to see if
> > bar.comexists and don't concern themselves with what server is
> > connected to them.
>
> Mercifully most people don't actually do the check you suggested at
> the start of that paragraph, otherwise it would break when I sent this
> email (address is slu.ms, sending mailserver is calvin.axolotl.ca.)
>

True, this method is rather draconian, but as a web host I've seen it in use
fairly often. In the scenario you describe where the domain of the email
address does not match the server name, those draconian servers would likely
want to see an SPF record allowing calvin.axolotl.ca as an 'authorized
sender' of email for the domain slu.ms. Or they may be configured by
complete curmudgeons and not even be told to look for SPF records. I know of
several servers on the net that, before accepting mail, will check if the
sending server will accept email to the postmaster address. If the sending
server does not, it will reject the incoming email. These guys configure
their servers that way because acceptance of the postmaster address is
required as per the RFC (name, number escapes me now) which is technically
required, but bouncing your users emails over it is a little over the top
IMHO.


> If that's not a problem you can solve, sending mail from it directly
> is probably a bad idea. Either relay mail through your ISP's
> mailservers, or setup a mailserver somewhere else and send through
> that.
>

I agree with this as the 'least work' solution. It's likely that whatever
mailer you're using can be configured to use a smarthost and you can plunk
your ISPs server in there. Although most ISPs these days will only accept
email from computers on their network so if that isn't the case you may
again run into troubles. Email has become such a hassle :)


> I'm pretty sure his problem is mainly that he didn't properly specify
> a From address, so Sendmail is just filling in
> $process_owners_username@$hostname as the from address... and since
> Sendmail isn't setup properly, it's using localhost.localdomain.
>

I've actually been down this road once before and I was unable to find a
switch for sendmail that allowed me to specify a from address. Seems like a
glaring omission and perhaps I am just blind, but I gave up and ended up
using Clean Code's Email app at http://www.cleancode.org/projects/email to
solve it. It's a nice little app with lots of features.

Jon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/mailman/private/nslug/attachments/20080320/aaed14ae/attachment-0001.html>


More information about the nSLUG mailing list