Security Consulting
  Unix Administration     Firewall     Intrusion Detection     Network Security     Hacking     MORE     HOME    

Sendmail Tips

  • Ever wondered why your newly set options in site.config.m4 are not read? Try:
      sh Build -c
    in your sendmail-directory.
  • If you are using the access_db feature, it might be that you did not make the entries correctly! When you specify subnets of IP addresses, don't add the trailing dot!!!
  • This one caused me quite some headaches: If you have any definition in the .mc - file for the sendmail.cf, be sure you do not write anything like:
      # FEATURE(xxxx)dnl
    As this is not going to do what you expect. It is not a commented thing. The feature will still be active!!!! Take it out, or escape it, according to the README-File in you /cf directory!!!
  • A quite useful command:
      memstats
      mailq -v
      • sendmail -bp Shows the mail queue
      sendmail -d0.1 Shows the domain name
  • To test sendmail you can do a telnet on port 25 and issue the following commands:
      HELO test.com
      MAIL FROM: test@test.com
      RCPT TO: x@y.com
      DATA
      THIS IS THE EMAIL
      .
  • Use the aliases:
      nobody: /dev/null appends all mail to nobody to the file /dev/null
      ftphelp: |/usr/bin/sendhelp runs the mail through sendhelp

    sendmail.mc

    Just some hints and ideas: 
    define(`confTO_IDENT', `0s')dnl
define(`confPRIVACY_FLAGS', `goaway, authwarnings, noexpn, novrfy, noetrn, noverb, noreceipts')dnl
define(`confSMTP_LOGIN_MSG',`')dnl
define(`confCOPY_ERRORS_TO',`postmaster')dnl
define(`HELP_FILE',`/etc/mail/emptyhelp')dnl

dnl Anti SPAM
FEATURE(access_db)
FEATURE(`dnsbl', `relays.ordb.org', `Rejected - see http://security.raffy.ch/rejected/')dnl
FEATURE(`blacklist_recipients')
FEATURE(enhdnsbl)

    config error: mail loops back to me (MX problem?)

    Mostly this is not what it sais. Don't bother looking in the DNS configuration. Go and check the sendmail.cf file and see whether all your localdomains are entered as Cw or you have the Fw directive which gives a file for the localdomains!

    Checking aliases

  • You can check if your aliases or virtualusertable is working correctly by:
      sendmail -bt
      # make sure the domain is in class w:
$=w
# is the map working?
/map virtuser joe@yourdomain.com
# is the rewriting working?
3,0 joe@yourdomain.com



    • CopyLeft (l) 2003 by Raffael Marty