urgrue wrote: > i have several domains on my mail server, and it seems somewhere along > the way sendmail decided to stop allowing the sending of mail by users > that dont (in its opinion) exist. > > problem is, sendmail doesnt seem to think a user exists if his domain > (as given in the MAIL FROM: line) is anything but sendmail's own > hostname. so, how do i disable this check?
Unless you're using either FEATURE(relay_mail_from) or FEATURE(relay_local_from) (and you shouldn't be), sendmail doesn't use the envelope sender address (from the "MAIL From:" command) to determine whether or not to relay mail. In most cases, the determining factors are the envelope recipient address (in the "RCPT To:" command) and the client's IP address or the hostname to which it resolves. Unlike the envelope sender address, these two factors can't easily be forged. The usual rules for mail received via SMTP are: a) if the recipient domain is in class w or in class R, the message is accepted regardless of the sender. b) if the client's IP address or the IP address to which it resolves are in class R, the message is accepted regardless of the recipient. If FEATURE(relay_entire_domain) is used, any subdomain of those listed in classes w and R is acceptable, otherwise it must be an exact match. Class w is typically initialised from /etc/mail/local-host-names (plus the result of gethostname()), while class R is typically initialised from /etc/mail/relay-domains. > i guess what i mean is, how do i make all users trusted_users by > default? > i have use_ct_file DISABLED in my .mc file but it still behaves as > "dont trust by default"... First, the notion of a "trusted" user only applies when mail originates locally, i.e. by running "sendmail" directly and feeding it a message on stdin; it doesn't apply when mail is received via SMTP. In that situation, the user is determined using getpwuid(getuid()). Second, the only benefit of being a trusted user is that you can set the sender address using the -f switch without sendmail adding an X-Authentication-Warning header. Conversely, the only disadvantage of not being trusted is that using -f will add the warning header. -- Glynn Clements <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
