Let me say first that unless this is just for local use, I do not recommend this at all. It's going to be very difficult for you to keep Sendmail up to date and secure on older SCO Unix.
Also, I don't recommend mixing a mailserver function with an application server. You can do free or inexpensive email on Linux systems with far more ease and security.
That all noted, should you find yourself in the unfortunate position of needing to know something about this, here is a pile of stuff related to Sendmail on SCO Unix. There's also some Linux notes mixed in..
SCO and sendmail have an unfortunate history. Most SCO systems were configured with MMDF - sendmail was available, but mmdf was more often used.
When sendmail was used, it was often an older version, rife with security problems, and troublesome to replace. That hasn't changed. Compiling any app on SCO is likely to be difficult and sendmail is of course no exception. Searching for pre-built sendmail binaries is often the easiest path.
Sometimes SCO patches update sendmail somewhat (for example, RS506A for SCO 5.0.6 updated sendmail to 8.11.0) and checking SCO Downloads might get you somewhere too.
Assuming you have a reasonably current binary, your next problem is getting a proper .mc file (see Sendmail Basics for an introduction to Sendmail).
While helping a customer with a sendmail issue I was reminded that stock SCO doesn't include a suitable .mc file. This customer wants to rewrite the user names so that when mail goes out it appears to come from a completely different name. That appears to be possible with the "genericstable" feature of 8.8 and up:
You'd add
FEATURE(`genericstable', `dbm /etc/mail/genericstable')dnl) to your .mc file.
You'd create "yourlist" containing lines like: fred fred_jones@wherever.com
and then
makemap dbm /etc/mail/genericstable < yourlist
then remake the cf as usual. But without a starting .cf, you can't do much.
If you can't find anything better, start with this imperfect version:
divert(-1) # # Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # By using this file, you agree to the terms and conditions set forth in the LICENSE # file which can be found at the top level of the sendmail distribution. # # Written for SCO OpenServer 5.0.x June 10th, 2002 Matt Lewis divert(0)dnl include(`/usr/local/sendmail-8.11.0/cf/m4/cf.m4') #This defines local variables for OpenServer VERSIONID(`$Id: sco-generic.mc,v 8.16 1999/04/24 05:37:43 gshapiro Exp $')dnl OSTYPE(`sco3.2') define(`ALIAS_FILE',`/usr/lib/mail/aliases')dnl FEATURE(`access_db',`hash /usr/lib/mail/access')dnl #Listing of hosts we relay for define(`confCR_FILE',`/usr/lib/mail/relay-domains')dnl MASQUERADE_AS(`testdomain.com')dnl # Needed to fix error with /usr/lib/uucp/ permission on SCO OpenServer 8..x define(`confDONT_BLAME_SENDMAIL',`GroupWritableDirPathSafe')dnl # Cut down on spam set Max recipents to 15 define(`confMAX_RCPTS_PER_MESSAGE',`15')dnl # File containing hosts we accept mail for locally define(`confCW_FILE',`/usr/lib/mail/local-host-names')dnl FEATURE(use_cw_file)dnl #This is important takes care of Wild Card MX records and a problem with OpenServer resolve define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')dnl MAILER(smtp)dnl
From a newsgroup post
From: dowagiac_2000@yahoo.com (Matt Lewis) Subject: Re: MMDF to Sendmail 8.11.0 howto SCO Openserver 5.0.x sco-generic.mc file Date: 19 Oct 2002 09:29:23 -0700 Here is the sco-generic.mc file in full that I put at then end of my original article. This includes smrsh and a few other security items the original did not. Copy and past below into a file and call it sco-generic.mc move this to /usr/local/sendmail-8.11.0/cf/cf. Then run m4 sco-generic.mc > /usr/lib/sendmail.cf as per instructions in previous posting. divert(-1) # # Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # divert(0)dnl dnl #################### Setup ################################## include(`/usr/local/sendmail-8.11.0/cf/m4/cf.m4') VERSIONID(`$Id: sco-generic.mc,v 1.00 2002/07/12 ML Exp $')dnl OSTYPE(`sco3.2')dnl dnl ################### Network Specific ######################## MASQUERADE_AS(`test.testdomain.com')dnl dnl ################### Server Specific ######################### dnl # Commonly used Files define(`ALIAS_FILE',`/usr/lib/mail/aliases')dnl define(`confCR_FILE',`/usr/lib/mail/relay-domains')dnl define(`confCW_FILE',`/usr/lib/mail/local-host-names')dnl define(`STATUS_FILE',`/usr/lib/mail/statistics')dnl dnl # SCO Openserver Specific variables and options dnl # Needed to fix error with /usr/lib/uucp/ permission on SCO OpenServer define(`confDONT_BLAME_SENDMAIL',`GroupWritableDirPathSafe')dnl dnl # Options to correct deficient bind setup under SCO Openserver. define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')dnl dnl ################## Features ################################ FEATURE(`access_db',`hash /usr/lib/mail/access')dnl FEATURE(`use_cw_file')dnl FEATURE(`masquerade_envelope')dnl dnl # Restricted Shell for security FEATURE(`smrsh') dnl ################# Parameters ############################### EXPOSED_USER(`root') define(`confHOST_STATUS_DIRECTORY',`/usr/adm/sendmail')dnl define(`confMAX_DAEMON_CHILDREN',`25')dnl define(`confMAX_MESSAGE_SIZE',`15000000')dnl define(`confMAX_RCPTS_PER_MESSAGE',`50')dnl define(`confPRIVACY_FLAGS',`goaway')dnl define(`confBAD_RCPT_THROTTLE',`10')dnl dnl ################# Mailer Definitions ####################### MAILER(`local')dnl MAILER(`smtp')dnl dnl ################ Local Rulesets ############################ dnl # Ruleset to block incoming mail by searching subject for blocked words dnl # or phrases dnl # Note: Multi word entries in blocked_subjects file must have dnl # spaces replaced by "." Exa. "this is it" becomes "this.is.it" dnl # Any changes to blocked_subjects file require a restart or HUP of dnl # Sendmail. exa (kill -HUP "pid of sendmail") LOCAL_CONFIG F{MRej} /usr/lib/mail/blocked_subjects LOCAL_RULESETS HSubject: $>CheckSubject D{MMsg} Mail blocked. SCheckSubject R$* $={MRej}$* $#error $: 550 ${MMsg}
Taken from a newsgroup post
From: Bela Lubkin (belal@sco.com) Subject: Re: Sendmail 8.12 SCO OS5.0.7 by mail.ut.sco.com with SMTP; 20 May 2003 07:48:11 -0000 Date: 2003-05-20 00:49:04 PST [moved from comp.unix.sco.misc] Steve Burger wrote: > I had sendmail 8.12 compiled and running of 5.0.6 and was using "virtual > domains" to receive mail for multiple domains as per the How-to at > sendmail.org. > > Since upgrading to 5.0.7 I have gone back to 8.11 and I can not get my > virtual domains working again. > > If I generate sendmail.cf with m4, sendmail complains that the feature > is not implemented. > > If I try to build 8.12.9 I get the following compilation errors. > > When using OpenServer Development System. > cc -b elf -O -I. -I../../include -DNEWDB -DMAP_REGEX -DNDBM -c conf.c > "conf.c", line 2391: error: identifier redeclared: setproctitle > "conf.c", line 2615: warning: type does not match prototype: pid > "conf.c", line 3920: warning: type does not match prototype: uid > "conf.c", line 4445: warning: type does not match prototype: uid OSR507 introduces support for setproctitle() as a system call. It is prototyped in an appropriate header file. Looking at some rather old (8.6.10, to be exact) sendmail source, I see that it decides whether to compile conf.c:setproctitle() according to a define `HASSETPROCTITLE', which is in turn set by a series of OS-specific #ifdefs in conf.h. If this is still done the same way in current sendmail, you need to tweak conf.h to define HASSETPROCTITLE. ... Ok, in later versions it looks like you need to change conf.h from: # define SPT_TYPE SPT_SCO to: # define SPT_TYPE SPT_BUILTIN Most programs use a `configure` script that dynamically figures this stuff out instead of having it hard-coded according to "known" properties of operating systems... > When using the UDK. > nt.c > cc -b elf -o t-event t-event.o libsm.a -ldb -lresolv > -lsocket -lndbm > -lprot -lcurses -lm -lx -lgen > UX:ld: ERROR: libdb.so: cannot link OpenServer object into Intel iABI target I don't think you _can_ say "-b elf" to the UDK compiler; the fact that this didn't just error out suggests you've got your tools rather severely mixed together. I would concentrate on the native build if I were you. >Bela<
From: bv@wjv.comREMOVE (Bill Vermillion) Subject: Re: sendmail buffer overflow fix for 8.11.6 Date: Tue, 11 Mar 2003 17:25:32 GMT In article <3e6d5502.430532140@news.alterdial.uu.net>, Deepak Thadani <deepak@REMOVEsysintegrators.comME> wrote: >Hi all, > >I just recompiled my sendmail 8.11.6 (on SCO OSR 5.0.5) with the >patch from sendmail.org for the latest buffer flow vulnerability, and >things are looking good and it's running fine. >While I was at it, I also compiled 8.12.8, however I wanted to know, >before I install 8.12.8, are there a list of significant changes >between 8.11.6 and 8.12.8? I've checked the sendmail.org site and I >don't find any real feature comparisons between versions of sendmail. Release notes 'knows all - tells all'. The most significant change - and it can catch you if you don't add new users before running it - is that sendmail no longer runs SUID root by default. It runs SGID 'smmsp' - and that user needs to be added along with 'mailnull' user. It will create a 'clientmqueue' directory in addition to the standars 'mqueue' There are also now two .cf files, the sendmail.cf and the submit.cf The latter is used for tranmitting and the former is for receiving. That means you can run sendmail in send only, receive only, both, or none. It also does some severechecking on world and group writeable files/directories and will not run if they are not correct. I had to fix an OS/X for friend of mine this way. There are lots of other changes but those are the only ones you need to watch out for if you install in the default mode. >Is there a site/page or reference document I can read which will show >a feature by feature comparison between various sendmail versions? Nothing in sendmail is one page :-) The one site that has the information is www.sendmail.org. The closest you'll come are the release notes and if you stick with current you'll see starting with the 8.12.0 notes all the changes that have been made. It is a LOT of information - 99% of which won't affect most people. The above are what you really need to know about. Bill
Date: Fri, 27 Apr 2001 11:45:40 -0400 From: Tony Lawrence <tony@aplawrence.com> Subject: Re: Replacing MMDF with sendmail on SCO > > I would like to replace MMDF on our scobox, with sendmail as the > MTA. How should I go about doing this?
Basically, you remove mmdf and then install sendmail using custom. You have to "drill down" to find MMDF inside your OS listing, and you need your install cd to install sendmail (again drilling down to find it).
SCO TA 107593 covers the mechanics of that, but skips two important points:
1) Make a copy of your mmdf aliases files first, because
removing mmdf loses those.
2) You'll probably want to run "cnvtmbox" on usr mailboxes
during the switch
Also see this longer description: How to convert from mmdf to 8.11 sendmail osr5, which also includes a sco.generic.mc file.
In the process of doing some testing of a mail server, I noticed a piece of spam mail delivered to an address that no one should have known about. This disturbed me greatly, because the only place that address appeared was in the mail alias file on my server. Had my server been compromised?
Well, no, but as they say "mistakes had been made". After I had checked everything I could, I was reasonably sure that I hadn't been hacked, which meant that sendmail had to have coughed up that information through a VRFY command. But I have VRFY turned off.. or did I?
Well, no, I didn't. I THOUGHT I had, but I misunderstood the configuration on my hosted server and had put the options in the wrong file. Amazingly, that was a long, long time ago and I swear I remember testing this, but when I tried it again, my sendmail happily spit back alias addresses.
Ooops. Well, easily fixed. I replaced
O PrivacyOptions=authwarnings
in sendmail.cf with
O PrivacyOptions=goaway,restrictmailq,restrictqrun
"goaway" expands to "authwarnings, noexpn, novrfy, needmailhelo, needexpnhelo,needvrfyhelo".
Test your server by telneting to it on port 25 and try "vrfy yourname". If it doesn't reject you, you don't have these options set.
[root@kerio bin]# telnet aplawrence.com 25 Trying 64.226.42.29... Connected to aplawrence.com (64.226.42.29). Escape character is '^]'. 220 vps.pcunix.com ESMTP SMTP Ready; Sun, 19 Sep 2004 14:32:19 GMT vrfy tony 252 2.5.2 Cannot VRFY user; try RCPT to attempt delivery (or try finger) expn root 502 5.7.0 Sorry, we do not allow this operation quit 221 2.0.0 vps.pcunix.com closing connection Connection closed by foreign host.
From a newsgroup post:
From: Steve Fabac <smfabac@att.net> Subject: Re: sendmail problem on 5.0.4 on SW Bell ADSL line Date: Sun, 03 Jun 2001 23:16:47 +0100 Bill Vermillion wrote: > > In article <3B1459D9.F66AD487@att.net>, Steve Fabac <smfabac@att.net> wrote: > >I have a client running SCO 5.0.4 Ent. with sse022 (sendmail 8.8.8) > >that begin complaining about long delivery times for their outgoing > >e-mail. They reported a 5 hour delay between the time they sent the > >email and the recipient receiving it. (No, I have not asked the client > >to have the recipient forward me the email so that I can check the > >headers ... yet.) > > >To try to avoid the seeming delay in the swbell mail server, I > >commented out the "smart host" directive in sendmail.cf that > >specified "mail.swbell.net" > > >Mail to smfabac@swbell.net then fails with > > >> Mail Queue (1 request) > >> --Q-ID-- --Size-- -----Q-Time----- ------------Sender/Recipient------------ > >> CAA29561 34 Fri Jun 1 02:55 smf > >> (smfabac@swbell.net... reply: read error from swbell.net.) > >> smfabac@swbell.net > > >But if I send the message addressed to smfabac@mail.swbell.net > >it gets off the machine and is delivered!!! > > No need for exclamation points there, as that is exactly the > expected behaviour if you so not have SmartHost and DO NOT have > a local DNS server. > > By commenting out 'SmartHost' - which will lookup the > proper MX records, you now have to deliver mail to an explicit > email address, as you have just found. That's why it's > called a "SmartHost". > -- > Bill Vermillion - bv @ wjv . com You're right Bill, I found that sendmail is not using DNS on the client's machine due to the existence of /etc/service.switch. Some time in the past before the client was connected to the internet, I had followed the SCO technical article to create /etc/service.switch to prevent sendmail from using the nonexistent DNS service for intra-company e-mail. When the system was connected to the internet, I reconfigured /usr/lib/sendmail.cf and dropped the OI-DNSRCH but did not remove /etc/service.switch. Well, I fought getting e-mail off the machine until I set mail.swbell.net as the "smart host." Then, all non local e-mail was relayed through swbell.net. I found this when I executed /usr/lib/sendmail -bt and issued /mx swbell.net and received the following response > With /etc/service.switch set to: > hosts files /dns > > # /usr/lib/sendmail -bt > WARNING: writable directory /usr > WARNING: writable directory /usr/spool > WARNING: writable directory /usr/spool/mqueue > ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) > Enter <ruleset> <address> > /mx swbell.net > > getmxrr(swbell.net) returns 0 value(s): > > > > After removing service.switch or changing it to: > hosts files dns > > # /usr/lib/sendmail -bt > WARNING: writable directory /usr > WARNING: writable directory /usr/spool > WARNING: writable directory /usr/spool/mqueue > ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) > Enter <ruleset> <address> > /mx swbell.net > > getmxrr(swbell.net) returns 3 value(s): > mta1.rcsntx.swbell.net. > mta2.rcsntx.swbell.net. > mta3.rcsntx.swbell.net. > > Problem solved.
Strangely enough, SCO's sendmail looks to MMDF's mmdftailor file for its mail separator characters, and will surround messages with Control-A's if these aren't set:
MMBXPREF "" MMBXSUFF ""
From a Newsgroup post
From: rja.carnegie@excite.com (Robert Carnegie) Subject: Re: Sendmail 8.9.3 - PPP - Trouble sending encoded binaries Date: 2 Aug 2001 03:57:25 -0700 "Jadon" <stroma@uq.net.au> wrote in message news:<Km2a7.2959$257.121294@ozemail.com.au>... > Thx for your replies, but I will try and explain myself a little more. > > A.txt -- 75K Simple text file > B.bin -- 25K Binary file > C.bin -- 75K Binary File > > A.txt.uue -- 100K uuencoded version of A.txt > B.bin.uue -- 40K uuencoded version of B.bin > C.bin.uue -- 100K uuencoded version of C.bin > > Sending the above on my sco box with the command. > > mail -s test blaa.com.au < file > > A.txt.uue will work fine > B.bin.uue will work fine > C.bin.uue will fail after 5 mins or so with an I/O error > > I dont believe it is a problem with my ISP as if I connect through windows, > and send large mails they only fail with a message if they are larger than > 4MB. > I have check the uuencoded files for '+++' type commands and there are none. > > Jadon Oh, one and a half more thoughts (and another afterthought) - this is really bugging me. Thought #1: somewhere along the line, the system may object to mail messages that contain a large binary file _and nothing else_. So perhaps uuencode /bin/binary /bin/binary | mail -s"Binary" user@spurious.com.au won't work; ( echo "Here comes a binary file for you!" echo # I'm not sure if a blank line is required here, but it's neat # man vi # would place a _lot_ of text in the message body itself ;-) uuencode /bin/binary /bin/binary ) | mail -s"Binary" user@spurious.com.au might work... This is still quite a stretch; the connection simply dying without much of an error message (you said "with error 0"?) isn't respectable behaviour for an ISP's mail server hypothetically rejecting a message... The half-thought - if you're sending messages into your mailbox _at_ the ISP, there is probably an overall total size limit on storage. At some point, the mailbox is going to be full, and the server won't accept more messages for that address. The lack of error message at this point still isn't polite, but it might account for irregular results sending A.text.uue versus C.bin.uue; when you sent A the mailbox was empty, when you sent C the mailbox was full or nearly full, so A was accepted and C was not. Perhaps. The afterthought - you can use OpenServer's "split -b" (see "man split") to divide up a "binary" file into smaller pieces, and then uuencode each piece separately and - perhaps - send them all in the same e-mail message. To reassemble the pieces at the Windows command prompt, for instance, copy /b binarypart1+binarypart2+binarypart3 binary_original There are utilities that can handle this sort of situation automatically at the receiving end; these tools are used for exchanging dirty pictures on Usenet binary newsgroups, so if you want to pursue that, go ahead... Or if the system only chokes on recognised uuencoded data, you could substitute - uuencode .... | mail ... (message body starts with "begin 755 /bin/sh", or whatever, which is automatically recognised as the start of a uuencoded file) with ( echo -n "menachem " uuencode .... ) | mail ... (so now the message body starts "menachem begin 755 /bin/sh" ;-) This, like another of my suggestions, would require manual extraction of the data and use of a separate uudecode tool at the receiving end - potentially a considerable nuisance. Two more fractional thoughts. A particularly eccentric ISP might ban particular types of binary file, such as MP3 and other audio data files, to reduce heavy casual use of bandwidth and copyright violation. About half of ISPs who receive threatening letters from music company lawyers seem to be easily scared into abusing their paying customers at the behest of money-grabbing un-creative parasites. Let me say that I don't have very strong views on intellectual property rights, one way or the other, since my own intellectual capital is limited...(?) When you receive this you may have already ruled out lunatic ISP server configuration issues anyway (unless they're _all_ mad...) Lastly - I noticed that my /bin/sh, uuencoded, has a lot of white space (byte 00 00 00 00 00...) Compressing the file with a suitable tool (compatible with something at the other end) - gzip or bzip2, q.v. - would fix that, if it's an issue in _your_ binary files. But since you suspect a size limit, you should already have considered compression...?
From a newsgroup post
From: rodsmith@speaker.rodsbooks.com (Rod Smith) Subject: Re: Sendmail & SPAM? Date: Wed, 26 Dec 2001 16:54:01 GMT In article <tnvyxbbagmdhnapbapbz.goy8hh0.pminews@news1.lig.bellsouth.net>, "Gail Koontz" <gail.koontz@quancon.com> writes: > The following quoted material came from my ISP. I confess to knowing nothing > about sendmail. Is this sort of thing possible? Is it dangerous or just > annoying? What precisely do you mean by "this sort of thing?" There are several "things" mentioned in this message. Perhaps the context of the paragraphs you've quoted would help, but from what you've quoted, it's unclear to me why they sent this message, or even if they have a clue what they're talking about.... > --------------------------------------------------------------------- > QCIS has received, over the past several months, reports from some of our > subscribers whereby the subscriber has received a SPAM-type e-mail message > and the subscriber's e-mail address does NOT appear in the "To:" section of > the offending message. Our early investigation of this unusual event This is very easy to do and not at all unusual in spam. It's important to distinguish between the message envelope and the message headers, though. The envelope is something that's processed by the mail server, and it normally contains the true recipient address, but it's stripped from the message by the time it's received. (The mail server often pushes this information into headers, though.) The headers are easily forged, but appear in mail messages. For instance, here's a simple transaction I performed on my local network: $ telnet speaker 25 Trying 192.168.1.1... Connected to speaker.rodsbooks.com (192.168.1.1). Escape character is '^]'. 220 speaker.rodsbooks.com ESMTP Postfix HELO nessus.rodsbooks.com 250 speaker.rodsbooks.com MAIL FROM:<foo@nessus.rodsbooks.com> 250 Ok RCPT TO:<rodsmith@rodsbooks.com> 250 Ok DATA 354 End data with <CR><LF>.<CR><LF> From:<bogus@bogus.invalid> To:<nobody@nowhere.invalid> Message text. . 250 Ok: queued as 02C492B8D6 The envelope specifies the RCPT TO address as rodsmith@rodsbooks.com (my true address on the target system), but the header specifies the To: address as nobody@nowhere.invalid. The message arrived OK. Here's the header, as revealed by my mail reader: From foo@nessus.rodsbooks.com Wed Dec 26 11:16:57 2001 Return-Path: <foo@nessus.rodsbooks.com> Delivered-To: rodsmith@rodsbooks.com Received: from nessus.rodsbooks.com (nessus.rodsbooks.com [192.168.1.3]) by speaker.rodsbooks.com (Postfix) with SMTP id 02C492B8D6 for <rodsmith@rodsbooks.com>; Wed, 26 Dec 2001 11:16:08 -0500 (EST) From: <bogus@bogus.invalid> To: <nobody@nowhere.invalid> Message-Id: <20011226161609.02C492B8D6@speaker.rodsbooks.com> Date: Wed, 26 Dec 2001 11:16:09 -0500 (EST) The MAIL FROM and RCPT TO envelope entries got shoved into the Return-Path: and Delivered-To: headers, but the From: and To: headers mirror the bogus From: and To: headers I typed in the test. (In fact, even the MAIL FROM/Return-Path: header is bogus, although the hostname is valid on my local network, although not on the Internet at large.) In sum, the To: header is 100% unreliable in determining the true recipient(s) of the message. Your ISP should know this, but the comment that the To: header not matching the true recipient is "unusual" suggests that they don't. > lead us > to believe that these types of messages were distributed by a listserver, > which collected (by either buying and/or copying our subscriber's e-mail > addresses from one or ore sources) our subscriber's e-mail address. Using listservers and hijacking mailing lists are both common tactics used by spammers, but the fact that the To: header was bogus doesn't lead logically to this conclusion. I used Telnet to generate the bogus To: header in the preceding example, for instance. There's plenty of specialized spam software (often called "spamware") that'll do this, as well. > Currently QCIS is working on investigating the possibility of an e-mail > program, which uses the "sendmail" platform (UNIX-based listservers) to send > SPAM-type e-mail messages, which - once accepted by our UNIX- based e-mail > servers, have the ability to erase our subscriber's e-mail address from the > "To:" field of the message. It's possible that a spammer is using sendmail or a modified version of sendmail to do this, and it's even possible that the ISP has evidence of this. If so, it's certainly not cause for concern about your own local copy of sendmail, though; it's the SPAMMER'S copy of sendmail that's sending the spam -- or at least, you've presented no evidence that your own sendmail has been in any way compromised. (Spammers do sometimes hijack misconfigured mail servers, known as "open relays," to send their spam, but the message you've quoted doesn't explicitly mention this possibility.) > With never-seen-before virii recently being > unleashed on the Internet, we are now beginning to see computer programs, > written for financial gain or to be financially crippling.... True, but this has been true for a long time, and I'm not sure how it fits in with the previous statements. In sum, this message from your ISP is at best confusing for lack of context. At worst, it reveals a serious misunderstanding of how SMTP e-mail works on the part of the writer. In neither case does it mean that you need to modify your Linux configuration. That said, though, e-mail server configuration *IS* a real concern for anybody who runs one. You should keep up with security updates (I don't know of any recent ones for sendmail, but I've not been following it all that closely), and if your server is accessible from the outside world, ensure that it's not configured as an open relay. (See https://mail-abuse.org/tsi/ for more on this issue. AFAIK, all recent Linux distributions ship with mail servers that are configured to NOT function as open relays.)
From a newsgroup post
From: "Stan & Julie Rock" <stanrock@uswest.net> Subject: Re: send mail Date: Sat, 5 Jan 2002 19:27:04 -0800 Yeah, but it costs some money. Its the commerical version. You can check it out at www.sendmail.com. The free version doesn't have a GUI. There are setup scripts out there that can help you once you've installed the tar ball, rpm, or deb... Stan "Mr Bill" <freecadcam@hotmail.com> wrote in message news:HVMZ7.63857$5W5.22813640@typhoon.ne.mediaone.net... > Is there a graphic interface for send mail that is easy to install for a new > person > >
In the same thread, someone else made this suggestion:
From: Erik de Castro Lopo <nospam@mega-nerd.com> Subject: Re: send mail Date: Sun, 06 Jan 2002 20:44:56 +1100 Look for install-sendmail on https://freshmeat.net/ Its not a GUI, but a commandline program which asks you questions and then generates the config files. YOu might also want to have a look at Postfix which is many orders of magnitude easier to set up than Sendmail. It doesn't have a GUI, but the config file is very easy to follow with lots of comments and examples.
From a newsgroup post
From: "Brian K. White" <brian@aljex.com> Subject: Re: command prompt SENDING MAIL Date: Sat, 23 Feb 2002 21:36:51 GMT "Stephen Younger" <StephenYounger@kingsroadtyres.co.uk> wrote in message news:zwod8.2662$5o.1572023@newsr2.u-net.net... > Hi all, > > I currently am using the following command to send print files from of > Openserver 5 > > cat invoice.rep | mail -s "Invoices for today" stephen@xx.com > > This copies the contents of the file (invoice.rep) into the message body, > but with different email packages/versions being used the formatting is > sometimes totally distorted. > > What I want to really do is attached the file or even better multiple files > to the message, so the receiver sees them as attachments. > > I know you can do this from within scomail, but I need to be able to do this > at the command prompt and it will all be done within shell scripts. > > Any help would be much appreciated. > > Best regards > > Stephen Younger I wrote the following shell script to do this. It is somewhat less than half-baked at the moment, but as it happens, all the stuff I have not gotten around to doing to it, are pretty unneccesary, else, I'd have finished adding the features. :) basically, the idea is to take in text from any app that already prints, and send it as email, and to insure the text gets displayed in the users mail client in a fixed-width font, without trying to engage in the utterly futile and thankless hell of convincing other people to change the settings in their mail clients.... just send the mail as html and the only "html" is that the whole mail is just wrapped in <pre> </pre> so if a user does get the mail and is not using a fancy email client that understands html, very minimal harm done. in order for the mail to show up properly formatted and *not* require the user to open an attachment, the script writes it's own mail headers, so that it can include a "content-type: text/html" and it feeds the final product in to sendmail* instead of mail (*) there is a dummy "sendmail" that works with this even on sco boxes that have MMDF and not sendmail installed, don't worry about that. It actually works on both sco and linux and the only thing you have to do is change the path to sendmail in the script. usage: your-application >/tmp/textfile reptmail H /tmp/textfile user@host.com "subject line text" requirements: unpcl and ibm2ascii scripts, found in the same place below (they also work on both sco and linux) a head.html and a tail.html which are used to dress-up the email a little more than having *just* <pre> </pre>. samples also provided below. see: https://www.aljex.com/bkw/filepro/ scroll down to "reptmail" (pronounced "report-mail", as in, it emails reports) of course it can easily just be edited to not require unpcl or head/tail html. unpcl just strips out hplaser pcl ecape codes, ibm2ascii translates ibm line-drawing characters to plain-ascii approximations. this lets 95% of the already existing reports generated from my application to be fed in without making any changes to the application. and cat head.html ... cat tail.html can be reduced to echo '<html><body><pre>' ... echo '</pre></body></html>'
From a newsgroup post
Date: Sat, 20 Mar 1999 14:59:03 -0500 From: Fred Percynski <fredp@dlpco.net> Mike, The following works for our customers who use UUCP and Sendmail. It sounds like it should work for your problem. Add this to your sendmail.cf file: # Force Sendmail not to resolve host names O ServiceSwitchFile=/etc/nsswitch.conf Then create the file /etc/nsswitch.conf and populate it with: # ServiceSwitchFile to tell Sendmail not to use DNS hosts /etc/hosts Hope it helps! Fred Mike Hawkins wrote: > > Hi people, > > I am attempting to confgure sendmail on SCO openserver enterprise to send > mail to an ISP through a dial on demand modem connection. At this time, > mail is sent everytime a user sends an email. If the email is addressed > locally, ppp raises the modem connection. This I definitely want to stop > happening. If the user sends mail externally then I want the mail to be > held until a script (which I will write) raises the connection at which > point sendmail should dump all externally addressed queued messages to the > ISP server. Also, the script will send an ETRN queue message. I've tested > the ETRN script and it works just fine. I'll schedule it with cron. > > I would love to disable DNS lookups by removing it altogether from the > resolv.conf but I can't because other services (eg: squid proxy) must have > DNS resolving available. > > Here is my sendmail config, hosts, resolv.conf and named.boot. > > Bind is set up to act as a cache DNS. Maybe it's not quite right but I > think it works OK. Hosts has some redundant entries but apart from that it > seems ok and resolv.conf seems OK to me as well. But I do know that > sendmail.cf is probably out of kilter. If anyone can offer suggestions it > would be much appreciated. > > The main issue is stopping the link from coming up when a local email is > sent. That's a real pain and is costing the customer a fortune in local > calls. Queueing externally addressed emails for a periodic send is next on > my wish list. >
From a newsgroup post
From: Jean-Pierre Radley <jpr@jpr.com> Subject: Re: How Can I Block Latest Worm-Generated SPAM? Date: 19 Sep 2003 16:11:00 -0400 Lucky Leavell typed (on Fri, Sep 19, 2003 at 06:21:32PM +0000): | I know I am one of very many hapless souls receiving message after message | totaling around 150K/message purporting to be M$ patches or undeliverable | or some such muck. When receiving similar SPAM generated by SoBig.F, it | all (for me) came from one IP address so it was fairly easy to insert a | statement in my .maildelivery file to eliminate it but today's has no | discernible pattern I can see. | | Any suggestions on how to stem the flow other than closing port 25 which | would only defer the problem? My email server is UW7.1.0 with PTF7130e | installed. I even though about rejecting any messages with attachments but | am not sure how to do that with sendmail. | | The main headache it is causing me today is that it takes so much of my | very limited bandwidth that the only thing I can do is send | (hopefully!) and receive (definately!) email. Everything else, including | pings time out with Unknown Host. I hate sendmail and run smail here. It pipes incoming main to Chip Salzenburg's 'deliver'; ~part~ of my /usr/local/lib/deliver.sys reads: #!/bin/ksh # /usr/local/lib/deliver.sys # 1.4 JPR 18Sep03 typeset -l TO=`header -f To -f Cc -f Apparently-To -f Sender $HEADER` ID=`header -f Message-ID $HEADER` typeset -l FR=`header -f From $HEADER | sed ' s/.*<\(.*\)>.*/\1/ s/[("].*[)"]// s/ //g'` typeset -l CT=`header -f Content-Type $HEADER | sed 's/;.*//'` typeset -l CN=`header -f Control $HEADER` IP=`header -f Received $HEADER | sed -n '1s.*\\[\\(.*\\)].*\\1p'` : ${IP:=localhost} USER=$1 # Configure the email server to block or remove email that contains file # attachments that are commonly used to spread viruses, such as .vbs, .bat, # .exe, .pif and .scr files. for X in EXE BAT PIF SCR VBS do grep -iq "^Content-.*name=.*\.$X" $BODY && echo "A .$X file mailed by $FR\nto $TO\nvia $IP\nwas dumped in the garbage."| mutt -s "Dumped .$X file" $USER && /usr/local/bin/addfilter $IP && echo DROP && exit done /usr/local/bin/addfilter collects IP addresses which an overnight cron job adds to my local RBL list.
The days of being helpful in mail server dialogues are long behind us. Today, it's common not to give out any information - even taking it so far as to not identify what software the mail server is running.
But back when this was written, mail servers were more trusting and a number of "features" helped other machines identify who they should be sending mail to. Of course spammers latched on to that very quickly.
From a newsgroup post
From: kbs=cusm@shady.com (Kevin Smith) Newsgroups: comp.unix.sco.misc Subject: Re: SPAMMERS LOOKING AT MY ALIAS FILE Date: 12 Jan 2000 23:15:03 -0500 In article <1b7o7sgdl2701gbnv1uj9mr20esiki7k0d@4ax.com> jeffl@comix.santa-cruz.ca.us writes: >On Tue, 11 Jan 2000 23:12:07 -0600, "Terry Shows" ><terry.shows@csstn.com> wrote: > >>I am using MMDF as my mail transfer agent. I just got a SPAM addressed to >>an unusual alias I have set up in my alias.n file in the table directory of >>mmdf. As far as I can tell, the SPAMMER either read my alias file >>(somehow), or issued a bunch of verify requests to the SMTPD daemon until >>they had some hits, then recorded the hits and sent the email out. >>does anybody know how to protect from this? My alias.n file has a lot of >>addresses that I do NOT want spammed. > >telnet comix.santa-cruz.ca.us 25 >220 comix.comix.santa-cruz.ca.us Server SMTP (Complaints/bugs to: >postmaster) >expn root >250 Superuser <root@comix.comix.santa-cruz.ca.us> >expn postmaster >250 <postmaster@comix.comix.santa-cruz.ca.us> >expn bozos >250 <bozos@comix.comix.santa-cruz.ca.us> >expn jeffl >250 Jeff Liebermann <jeffl@comix.comix.santa-cruz.ca.us> >quit > >Hmmm... This was to my 3.2v4.2 SMTP which doesn't seem to expand >aliases. I think (not sure) that 3.2v5.0.5 will expand aliases. If >they manage to figure out that you're running a mailing list, and use >the EXPN command with that mailing list, it may (not sure) belch all >the users inside. I'll try it when I put the RAM back into my >3.2v5.0.5 machine. Chances are they were just guessing unless you have 'public' on the ALIAS line in mmdftailor for alias-n. The 'public' keyword allows someone connecting (as in Jeff's example) to see what the alias will expand to. I.e. ALIAS table=alias-n, nobypass, public I think this is a checkbox in the gui configurator. Without 'public' expn just echos the same address back to you (with your hostname if you left it off) as in Jeff's example. See 'man mmdftailor'
I'd use Perl to do this today - either directly with opening "mail" or "sendmail" (see Why I love Perl for examples) or by using one of the many mail related Perl modules available from CPAN.
Simple scripts like this have no error trapping capability and (as Steve points out) can fall into unexpected traps themselves.
As to attachments specifically, see How can I send attachments from the command line? and also CleanCode Email.
From: Tony Lawrence <t...@aplawrence.com< Subject: Re: mail script Date: 2000/01/12 Message-ID: <387C65C7.BB9519EA@aplawrence.com<#1/1 tt wrote: < < Hello < < I have to make script that sends some log files to myself via sendmail, < so can anybody help me with script syntax? SUBJECT="Here's your logs `date`" SENDTO="bill tom ellen jack somebody@somewhereelse.com" FILE=/var/syslog mail -s "$SUBJECT" $SENDTO < $FILE Is that what you want? From: Steve Wertz <swertz@swertz.scruznet.com> Subject: Re: mail script Newsgroups: comp.unix.sco.programmer,comp.unix.sco.misc Message-ID: <S1yf4.1697$pb2.146443@tw11.nn.bcandid.com> NNTP-Posting-Host: 165.227.38.87 X-Trace: tw11.nn.bcandid.com 947825906 165.227.38.87 (Thu, 13 Jan 2000 21:58:26 MST) NNTP-Posting-Date: Thu, 13 Jan 2000 21:58:26 MST Organization: bCandid - Powering the world's discussions - https://bCandid.com Date: Fri, 14 Jan 2000 04:58:27 GMT X-Mozilla-Status: 8010 X-Mozilla-Status2: 00000000 In comp.unix.sco.misc tt <teppot@usa.net> wrote: > Hello > I have to make script that sends some log files to myself via sendmail, > so can anybody help me with script syntax? Tony posted the more traditional way. If you insist on using 'sendmail', a quick look at the man-page suggests I do something like this: 517$ echo "."|/usr/lib/sendmail -bm swertz < /usr/adm/messages Sometimes people wonder "where did the rest of my mail message go", only to find that somewhere in the message was a line that started with and contained only a single dot/period (which truncates a message in mail/mailx, regardless of '[un]set dot' in your ~/.mailrc').
From a newsgroup post
From - Thu Feb 24 13:01:29 2000 From: John Schmidt <js@saltmine.radix.net> Newsgroups: comp.unix.sco.misc Subject: Re: Problem with .forward Date: Thu, 24 Feb 2000 10:59:38 -0500 Organization: RadixNet Internet Services Lines: 19 References: <38B4FC22.1BA12BD8@aplawrence.com> NNTP-Posting-Host: saltmine.radix.net Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII In-Reply-To: <38B4FC22.1BA12BD8@aplawrence.com> X-No-Archive: yes Xref: news.randori.com comp.unix.sco.misc:55252 X-Mozilla-Status: 8011 X-Mozilla-Status2: 00000000 On Thu, 24 Feb 2000, Tony Lawrence wrote: <snip> > Somebody new joins the company. Wants their mail forwarded > to their worldnet address. So I put that address in their > .forward, but the ISP rejects it, saying "sorry, no UCE" -in > other words, the ISP sees that as spam. > > I'm not clear on what, if anything, I can do about that. Instead of directly forwarding to the user, change their .forward to pipe to an external perl script. In the script, just accept each message on <STDIN>, parse the headers, and use the Mail::Mailer module to remail it using their own ISP's SMTP server.
We'd call this archiving today and because it is often a legal requirement now, most mailservers can optionally perform this - the Kerio mail server I sell has this, for example.
That logall.c source is still available and there are milters and procmail recipes available.
From a newsgroup post
From: bill@wjv.com (Bill Vermillion) Subject: Re: copies of outgoing mail In article <lT3m7.555665$lq1.115824201@typhoon.austin.rr.com>, Juan Salinas <jasalinas@satx.rr.com> wrote: >My boss has asked to get copies of all outgoing mail >form all employees. I don't like it because of privacy issues, but >I have to do it. How do you setup sendmail to send a bcc or cc >to any other account? Well sendmail is a transport agent and the Bcc and Cc are part of a user agent which passes the data to sendmail [or what other mail your may have]. My selective article archive shows that Danny Aldham posted about a program called logall.c - just about a year ago in this newsgroup. I don't recall if I've seen him posting lately. Sendmail does have a debugging flag -X <logfilename> but that logs all parts of a sendmail connenction, the hand shake, all the header information, all prepended by the process ID of the program at that time. Really ugly. If you handle a lot of mail you might want a dedicated HD for just the logfiles :-) Fabio Giannotti <fabiog@venmar.com> wrote: > Running 5.0.5 with sendmail 8.8.8. > Does anyone know how to do sendmail.cf "magic" to allow the server to keep a > copy of all inbound and outbound mail? > (Client needs this for legal CYA reasons...) We have been using a shim called logall.c written by Axel Reinhold , <axel@freakout.db> , that is compiled into sendmail.If you would like a copy let me know, and I can e-mail it to you.
I was pleasanly surprised that exim is still being worked on as late as 2011 (or so say the docs, anyway.)
Exim is free, apparently still supporting the developer by book sales.
From a newsgroup post
From: Tony Earnshaw <tearnshaw@landis.nl> Newsgroups: comp.unix.sco.misc Subject: Re: sendmail Date: Sat, 13 May 2000 13:53:09 +0200 Jean-Pierre Radley wrote: > I can't abide sendmail. :-))))))))))) Exim! Exim is a Sendmail dropin that I've used for years. www.exim.org. Philip Hazel, Sendmail's creator, is a man who you in particular would take to your heart: a good, patient, altruistic man, who would be about due for beatification. If he were of the faith and His Holiness an Exim user.
From: Tony Lawrence <tony@aplawrence.com> Newsgroups: comp.unix.sco.misc Subject: Re: Sendmail/Fetchmail and holidays Iain Sharp wrote: > > Is there any way to set the kind of 'I am away until XX/XX/YY, if > urgent please ring etc etc' automatic return message on a mail system > using Sendmail (SCO 5.0.6)? On just about any system, you can use Procmail to do this sort of thing and more. There may be a "vacation" port at Skunkware (gotta run- haven't the time to look), but it would gusually use procmail anyway so its worth learning- procmail home page (find it in a sec with Google) has dozens and dozens of useful examples, including vacation messages.
I suspect he was creating loops as described at Sendmail's forwarding docs. The leading "\" tells Sendmail not to expand any .forward at the specified address.
Though why it worked for the first makes no sense..
From a newsgroup post
Date: Wed, 12 Sep 2001 06:04:10 -0400 From: - bill - <bill@TechServsys-garbage.com> Newsgroups: comp.unix.sco.misc Subject: Re: .forward Bill Vermillion wrote: > > In article <3b9de3ca$0$18888$2c3e98f8@news.voyager.net>, > - bill - <bill@TechServsys-garbage.com> wrote: > >Bill Vermillion wrote: > >> > >> In article <3b9cc68f$0$42872$2c3e98f8@news.voyager.net>, > >> - bill - <bill@TechServsys-garbage.com> wrote: > >> >scohelp (Sendmail administration) describes setting up a .forward file > >> >that contains a list of addresses to which mail should be forwarded. In > >> >5.0.5 (Sendmail 8.8.d with oss637a) my testing shows that it forwards to > >> >only the first address listed. Am I misreading the doc or ... > >> > >> Or misconfiguring the .forward file? > >> > >> Care to show us what you have? You don't have that user aliased > >> to something else do you. That would mean the .forward file would > >> not be seen. > >> > >> -- > >> Bill Vermillion - bv @ wjv . com > > > >spam trap user abcde@TechServSys.com > >no alias > > >here is my .forward file in the home directory of abcde > >bill@TechServSys.comx > >william@HoundsofHeaven.comx > > I'm running sendmail and all my .forward files for > multiple users are of the form > > \bill@somehwhere.com > \larry@yesterday.com > \manny@nowhere.com > \moe@today.com > > Bill > > -- > Bill Vermillion - bv @ wjv . com adding the backslash works like a charm. Now, where did you learn that as the documentation on 5.0.5 doesn't say to use the backslash. --
From a newsgroup post
From: Steve Fabac <smfabac@worldnet.att.net> Newsgroups: comp.unix.sco.misc Subject: Re: Primary DNS server, NAT, and sendmail configuration problems. Date: Sat, 29 Jul 2000 00:13:44 +0100 Steve Fabac wrote: > > Tony Earnshaw wrote: > > > > Steve Fabac wrote: > > > > > Good information but still doesn't help me duplicate your configuration. Snip > > Since my last post, the IDSL line was brought on-line and > I have removed the named.conf file in /etc and killed named. > I have installed the /etc/resolv.conf that points to the ISP's > DNS server and have had the ISP hosting the client's web site > to update their DNS records so that company.com points to the > public IP address of the IDSL router. > > Browsing the internet works ok and e-mail to some sites works, > but e-mail to att.net and swbell.net fails. > > The odd thing is that if I telnet to port 25 on the mail host > for swbell (returned by dig MX swbell.net) I can interactively > enter HELO, MAIL FROM:, and RCPT TO: using the account names > on company.com and my mail address at swbell.net and the mail > is accepted and delivered to target address. If I try "telnet > swbell.net 25" I get connected to a web server and not the mail > host(s) machine. > > If I use mail -s "testing" smfabac@swbell.net, the message > hangs up in /usr/spool/mqueue and is returned to me as undeliverable. > > As I pointed out in my first posting, I have two clients on same > ISP with IDSL connections. Both running SCO 5.0.5 Enterprise and > both setup the same way (/etc/resolv.conf, sendmail.cf, etc. > modified with the appropriate company information). > > One client can send mail without problems to att.net and swbell.net. > the other client (company.com) can not. > > The only difference between the two sites, is the bad site was setup > with a primary dns server (now disabled) while the IDSL line was > inoperable. The other company's sendmail.cf and resolve.conf was setup > after the IDSL line was working and DNS was never attempted on their > system. > > I am pulling my hair over this one. It looks like sendmail at the > "bad" site is not correctly getting the MX record for swbell.net > or att.net. Sending e-mail addressed to smfabac@mta1.rcsntx.swbell.net > works from the "bad" site, but smfabac@swbell.net does not. > > Any suggestions? > > Steve Fabac > S.M. Fabac & Associates Found it!!!! This system was setup with the "service.switch" modification in SCO TA107669 created on 07 April 1997 , last updated on 18 January 2000 This modification was applied to the system some months back to try to resolve the apparent problem with SCO 5.0.5 with 3Com 3C905 NIC and Digi MPI 3.0. When I began working on this client to reconfigure the system for internet mail. I edited the sendmail.cf file and changed the line OI-DNSRCH back to just OI. I then removed the lines in sendmail.cf that refer to /etc/service.switch. BUT I DID NOT remove /etc/service.switch. Even without the line in sendmail.cf that referred to /etc/service.switch, SCO's version 8.8.8 will still find the /etc/service.switch file and then it failed to resolve the MX records for att.net and swbell.net I hope this post helps some one else fighting the same problem.
From a newsgroup post
From: richard@ starjump.org (Richard Thomas) Newsgroups: comp.unix.sco.misc Subject: Re: Default Route being invoked by unknown process On Mon, 07 Jun 1999 22:32:13 GMT, BobD@dial.pipex.com (Bob Dawson) wrote: >We have a 5.0.4 system with supplement loaded as a server in a small network of >approx 20 PC's. We have installed a 3com ISDN Lan Modem, and set this up as a >default route, so that request outside the network go via this to the Internet. > >We have enabled DNS on our server, and declared the IP addresses of our PC's, >and other peripheral devices (one or two test servers, and a Specialix MTS). > >For some unknown reason, the amount of times the ISDN line comes up is >excessive, and it appears that some proces on the server cannot resolve an IP >address, so it looks to the default gateway to try to resolve it, hence the line >comes up. Tracking down this errant proces is proving something of a headache, >and I wonder if others have experienced a similar problem, and have a solution >in identifying the culprit. <snip> Are you running sendmail? If so, the domain parts of any messages sent are checked in DNS as soon as they are sent by default. If you have the external mailer prog (the one used for internet addresses) flagged as an expensive mailer, and sendmail set to queue "expensive" mail for later delivery, you get the following "interesting" situation: 1. User sends email to an address that isn't in the local DNS 2. Sendmail tries to lookup address in DNS 3. DNS refers query to external server 4. Internet connection opened (modem, ISDN or whatever) 5. Address verified 6. Message is sent to sendmail queue 7. When sendmail processes its queue (once an hour by default), internet connection is opened again and message is sent To stop spurious connections while retaining periodic connection to send email, find the line in sendmail.cf that tells it to do the lookup, comment it out, and restart sendmail. (Clue: it's in Ruleset 3, and it has a set of square brackets in the rewriting rule!!). The downside of this fix is that domain errors in addresses won't be spotted and returned to the user until the queue is run (up to 59 minutes from when the message was sent). Of course, if you aren't running sendmail, this won't help you, but hopefully it's a usefull addition to the dejanews archive.
Before milters, the only choice for archiving sendmail mail messages was "-x", which (as noted below) created very large log files.
From a newsgroup post
Newsgroups: comp.unix.sco.misc From: bill@wjv.com (Bill Vermillion) Subject: Re: How to save ALL inbound and outbound mail Date: Mon, 18 Sep 2000 16:40:29 GMT In article <39C28972.6EC08990@aplawrence.com>, Tony Lawrence <tony@aplawrence.com> wrote: >Fabio Giannotti wrote: >> Hello all, >> Running 5.0.5 with sendmail 8.8.8. >> Does anyone know how to do sendmail.cf "magic" to allow the >> server to keep a copy of all inbound and outbound mail? >> (Client needs this for legal CYA reasons...) >When you start the daemon, add "-X >/var//log/monster_maill_log". You'll need to stop sendmail >fairly often to compress and rotate those logs; they will >get monstrous.. I do this at several client sites probably >for the same reasons your client wants to do it- we keep a >few days on the server and the rest can be had from tape if >ever needed.. Thanks for that pointer Tony. So many programs - so many flags. I just tried it and I saw why it gets 'monstrous'. It logs the file incoming and delivery too. That's all the handshake headers and 2 copies of the message. I just sent a 1 line email message - plain text - 43 characters long. The log file is 3512. Monstrous is almost an understatement. Looking at it I had a small thought. Besides compressing and rotating the logs, you could pre-process them by doing something as grep "<<<" <logfile.name> > incoming.messages and grep ">>>" <logfile.name> > outgoing.messages, of course using part of the date command to give you dated message files. That would make things a trifle bit more manageable. Thanks for expanding my knowledge base. Bill -- Bill Vermillion - bv @ wjv . com > > >> I am trying to go with Tony's solution of -X logfile, but am > >> having a little problem. > > >> On a test system with low volume, it works great. However, on the > >> real system with fairly heavy volume, it does not log anything, > >> and I keep getting the following error in syslog: > > >> NOQUEUE: SYSERR(root) opendaemon socket: server SMTP socket > >> wedged: exiting > > > >I've only used this on Linux systems with high volume.. > > I have noticed while testing the -X you suggested, that mail > delivery delay on a local station increases. Besides copying the > message three times there is the overhead of inserting all the > tracing information, process ID, etc., before each line in the > log file. > > I guess what is needed is something like a simple tee function so > the message is just copied to two places instead of processing the > message on a line by line basis. Fabio didn't say just how large > his mail volume was - just that it was large. > > I wonder what something such as sar would say on disk useage and > CPU time during this. I suspect the mail handler just got too busy > logging. The logfile is 7 times larger than the mail message in > the user mailbox. > > > -- > Bill Vermillion - bv @ wjv . com Update to all who helped with this problem. For safety (read: being afraid of new releases) reasons, I will probably go with Roberto's script (Thanks Roberto!), but I also found out the following: It turns out that Sendmail versions 8.10 and higher provide a hook that allow you to write macros to do all sorts of things to mail as it passes through the system. The sample macro they give you, of course, is to save a copy of all email going through the system! So, my question NOW is: Has anyone compiled Sendmail 8.10 or better on OpenServer 5.x, and if so, can I get a copy of it and how well does in work? ... The command/macro/whatever is called "milter" and it has a related "LIBMILTER" associated with it. Keep in mind I have no idea what I'm talking about. ;-) Fabio 1. I've been following this thread for some time and finally took the bull by the horns and wrote a buncha scripts that get the job done. The end result is that I have a copy of ALL outgoing/incoming mail in a single repository this is fully mail "readable" in full mail format. 2. If any one is interested, drop me a line a aplcom@cyberway.com.sg and I'll email you whichever of the scripts you need. Below is a description of my problem, the environment I use and the solution that I came up with. Enjoy. Rgds. Otto. ======================================================= I'm contracted to a company that doesn't want to spend a whole load of cash on maintaining a complex email system nor the cash to have a permenant ISP link up. So I had to come up with a method to have full scale email but at a very CHEAP price. a/ We are using SCO 5.0.5, fetchmail 5.2.7, sendmail 8.8.8 (all as originally bought/received from SCO) b/ Basic hardware setup with a K7-650, 16Gb ultra scsi, 24 GB dat backup (Microlite), 32 port Specialix RIO, 48 port ethernet 10/100 . c/ We have a hosted web and email site. I have instructed our hosted web site to capture ALL incoming mail into a single account (rootbag). d/ On system boot, sendmail is started from /etc/rc2.d/P86sendmail with the following params (-bd -X /usr/adm/log/mailogd) - I have found that this setting will deliver ALL local mail but queue (/usr/spool/mgueue) all outgoing mail not local to my server. e/ Every 30 minutes cron wakes up a script called pppgo: PPPGO - shell script that establishes and verifies ppp link via modem to our ISP performs fetchmail to retrieve the mailbag into account rootbag makes/stores a copy of the mailbag into account (mailin) runs a shell script called maildist to distribute all mail in rootbag to all valid users runs sendmail (-v -q -X /usr/adm/log/maillog) runs a shell script to store ALL outgoing mail into account (mailout) closes the ppp link and goes to sleep inits all the maillog files!!! (this way kept to a VERY reasonable size - a few K) MAILDIST - Shell script that reads all the mail in rootbag and distributes to all valid users as defined in /etc/passwd. If not found in /etc/passwd gets mailed to our accounts executive who then decides who the mail is really for. MAILOUT - Shell script that read the sendmail logs and creates a file similar to rootbag but contains properly formatted email in proper SCO mail format and pops it all into an account called mailout. Mailout can then be read by any mail reader - we use outlook express.
From a newsgroup post
Newsgroups: comp.unix.sco.misc From: bill@wjv.com (Bill Vermillion) Subject: Re: Sendmail and relaying Date: Wed, 18 Oct 2000 14:23:52 GMT In article <sur3pjh0gv1a20@corp.supernews.com>, Brian <moncho@inyc.com> wrote: >OSR 5.0.6 with Sendmail 8.9.3 >Trying to do the following; >Send internet email from b.chu.com to a.chu.com through dial-up PPP >account at isp.com to any mail account on the internet. Looking at your output messages sendmail is doing exactly as it supposed to be doing. By sending mail from b.chu.com through a.chu.com to isp.com you are trying to use a.chu.com as a relay. By default relaying is denied in 8.9.3. But the b.chu.com in your access list - this is assuming you have a K pointer in sendmail.cf to an access database. You put in the domains to relay and the ones to reject. >Internal network >a.chu.com - 10.1.1.2 - This is the relay that calls the ISP. > Sendmail is configured to relay any non-local messages to > isp.com But is is NOT configured to act as a relay point between two other mailers. Alternatively you could have your MX records for you domain all just point to a.chu.com and not run sendmail on the other machine.
From a newsgroup post
From: David Mabo <dmabo@adptx.com> Newsgroups: comp.unix.sco.misc Subject: Re: Sendmail - Virtual Email addresses Date: Thu, 09 Nov 2000 05:11:17 GMT Rob Servis wrote: > > If I were a sendmail guru, I wouldn't have to ask this ... since I'm not, > maybe someone out there can answer. > > 2 things I've noticed about aliases for virtual domains on SCO5.0.x: > > 1. Unlike normal aliases - you cannot specify multiple recipients on the > alias. I can answer this - it takes 2 forwards - one to a machine name, and then that can do the multiple forwards: virtual entry: xx@domain1.com list@domain2.com aliases list: user1,user2,user3 > 2. Unlike other sendmail implementations on Linux, FreeBSD, etc. that use > /etc/mail/domainalias to do aliases, you cannot specify a wildcard forward > for all names at a particular domain. > > The sendmail.cf code as it exists for virtual domains on 5.0.5 looks like > this: > > # handle virtual aliases > R$+ < @ $+ . > $: $1 < @ $2 > . > R$+ < @ $+ > $* $: $(valiases $1@$2 $: $1 < @ $2 > $3 $) > R$+ < @ $+ > $* $: $(valiases $2 $: $1 < @ $2 > $3 $) > R$+ < @ $+ > . $: $1 < @ $2 . > > > What would have to change support 1 & 2.
From a newsgroup post
Date: Wed, 31 Oct 2001 13:30:10 -0500 From: Bob Troester <bob@agr.state.vt.us> Subject: Re: Virus Scan/Content Filtering Software Try https://www.amavis.org/ for one method of gluing sendmail to a virus scanner - the method I've been using quite happily for several months. The current version of AMaViS is written in perl (and requires a bunch of CPAN modules), the very newest has been "daemonized" to run faster but requires the sendmail Milter function to operate - I haven't tried that yet. The actual (commercial) antivirus scanner I use is NAI McAfee uvscan - McAfee provides a version for several unices, including SCO OS5. The perl version of AMaViS and uvscan can occupy a 266MHz Pentium 100% when a flurry of email hits a departmental-sized site, otherwise there's no noticeable load. There are some other methods out there, some of which are very simple scripts - the problem they all have is in extracting and converting any attachments to the point where the antivirus program can scan them (McAfee can scan a zip archive, for instance, so the glue program doesn't really have to unzip the file first, although AMaViS does.) Scott O'Connell wrote: > Is there any software available that can interface with sendmail and do > content filtering/virus scanning on an SCO Openserver based machine? >
From a newsgroup post
From: Roberto Zini <fred@strhold.it> Subject: Re: Sendmail Date: Thu, 01 Feb 2001 09:25:23 +0100 timford@my-deja.com wrote: > > Hello, > I have a unix machine running Sco 5.0.6. I have installed > Sendmail, from the 5.0.6 cd. The version is 8.9.3. I have my box > masquerading as another domain. This box will only be used to send > email. I want to be able to map my username to the name of my exchange > account, so that the reply will be back to my exchange account. If I > login as Tim, on my unix machine, I want the sender to look as tford > instead of Tim@this domain. Any suggestion is welcomed. Thanks in > advance. > > Sent via Deja.com > https://www.deja.com/ Hi ! I'm not a great Sendmail expert but a while ago I faced a similar problem when a customer wanted to "masquerade" all the messages from an Internet connected OS5 box as they were from a single, well defined users. As an example, any message composed on the server by whoever had to appear as if it was from a single, pre-defined user such as "foo@coyote.com" To do the trick, I modified sendmail.cf as follows: 1) I've created a Dm macro containing the dummy email address, as follows Dmfoo@coyote.com 2) I've modified the S11 rule as follows : S11 ### # This is the key R$+$: < $M > ### R$+$: $>51 $1 sender/recipient common R$* :;<@> $@ $1 :; list:; special case R$*$@ $>61 $1 qualify unqual'ed names ... ... Don't touch the rest of the rule. 3) The same goes with rule S31, as follows : S31 ### # This is the key R$+$: < $M > ### R$+$: $>51 $1 sender/recipient common R$* :; <@> $@ $1 :; list:; special case ... ... The effect of the above changes should be noticed when sendmail actually sends the message; in fact, if you log in as (eg) fred@strhold.it and compose a message, mailq will report the message being queued as it was from "fred@strhold", as in the following example : Mail Queue (1 request) --Q-ID-- --Size-- ----Q-Time-----------------Sender/Recipient------------ MAA22338 402 Fri Nov 5 12:51 <fred@strhold.it> <test@dummy.foo> This is expected; when sendmail will actually try to send the message it'll expand the above macro thus giving the expected results, as depicted in the following excerpt from a "sendmail -q -v" run : Running MAA22338 (sequence 1 of 1) Connecting to ..... >>> MAIL From:<foo@coyote.com> SIZE=45 250 <foo@coyote.com>... Sender ok >>> RCPT To:<test@dummy.foo> 250 <test@dummy.foo>... Recipient ok >>> DATA 354 Enter mail, end with "." on a line by itself >>> . 250 Q AA22338 Message accepted for delivery Please notice that the above trick was done with Sendmail 8.8.8 (the one which originally comes with SCO OS 5.0.5) which has been updated with SCO OS 5.0.6 so I can't assure you that it'll work under that platform.
Some other resources here:
Sendmail Theory and Practice Book
Sendmail Performance Tuning Book by Nick Christensen
GETTING A MAC TO "PHONE HOME" WITH AN E-MAIL - NO SENDMAIL, NO POSTFIX
Got something to add? Send me email.
More Articles by Anthony Lawrence © 2013-07-14 Anthony Lawrence
A C program is like a fast dance on a newly waxed dance floor by people carrying razors. (Waldi Ravens)
Printer Friendly Version
Sendmail on older SCO Unix Copyright © July 2013 Tony Lawrence
Have you tried Searching this site?
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.
Contact us
Printer Friendly Version