Sendmail 89x and previous versions do not really support logging of all email

Sendmail 89x and previous versions do not really

This preview shows page 70 - 73 out of 152 pages.

Sendmail 8.9.x (and previous versions) do not really support logging of all email very nicely (something required in today's world for legal reasons by many companies). This is one feature being worked on for the release of Sendmail 8.10.x. Until then there are 2 ways of
Image of page 70
71 logging email, the first is somewhat graceful and logs email coming IN to users on a per user basis. The second method is not graceful and involves a simple raw log of all SMTP transactions into a file, you would have to write some sort of processor (probably in perl) to make the log useful. Mail (incoming SMTP connections to be more precise) is first filtered by the access file, in here we can REJECT mail from certain domains/IP’s, and RELAY mail from certain hosts (i.e. your internal network of windows machines). Any local domains you actually host mail for will need to go into sendmail.cw . Assuming mail has met the rules and is queued for local delivery the next file that gets checked is virtusertable, this is a listing of email addresses mapped to the account name/other email address. i.e.: [email protected] alias-seifried [email protected] listuser @seifried.org mangled-emails The last rule is a catch all so mangled email addresses do not get bounced, and instead sent to a mailbox. Then the aliases file is checked, if an entry is found it does what it says to, otherwise it attempts to deliver the mail to a local users mailbox, my aliases file entry for seifried is: alias-seifried: seifried, "/var/backup-spool/seifried" This way my email gets delivered to my normal mailbox, and to a backup mailbox (in case I delete an email I really didn't mean to), or god forbid, Outlook decides to puke someday and hose my mailboxes. This would also be useful for corporations, as you now have a backup of all incoming email on a per user basis, and can allow them (or not) to access the file containing the backed up mail. One caveat, when using a catch all rule for a domain (i.e. @seifried.org ) you must create an alias for EACH account, and for mailing lists. Otherwise when it looks through the list and doesn't find a specific entry (for say [email protected]) it will send it to the mailbox specified by the catch all rule. For this reason alone you might not wish to use a catch all rule. The second method is very simple, you simply start sendmail with the -X option and specify a file to log all transactions to. This file will grow very large very quickly, I would NOT recommend using this method to log email unless you absolutely must. Firewalling sendmail is straightforward, it runs on port 25, tcp: ipfwadm -I -a accept -P tcp -S 10.0.0.0/8 -D 0.0.0.0/0 25 ipfwadm -I -a accept -P tcp -S some.trusted.host -D 0.0.0.0/0 25 ipfwadm -I -a deny -P tcp -S 0.0.0.0/0 -D 0.0.0.0/0 25 or ipchains -A input -p tcp -j ACCEPT -s 10.0.0.0/8 -d 0.0.0.0/0 25 ipchains -A input -p tcp -j ACCEPT -s some.trusted.host -d 0.0.0.0/0 25 ipchains -A input -p tcp -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 25 QMAIL
Image of page 71
72 Qmail (like postfix) was created as a direct response to perceived flaws in Sendmail. Qmail is GPL with a no binary distribution clause meaning you must install it from source code. Very
Image of page 72
Image of page 73

You've reached the end of your free preview.

Want to read all 152 pages?

  • Spring '12
  • JRUNG
  • Linux kernel, log files

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes