Tutorial:Hardware

How To Set Up A
Linux Mail Hub
A mail hub is a machine that sits on your LAN, acting as the interface between your users and the
Internet. It processes all mail, ensuring that messages sent from users get transmitted and that
incoming items are distributed to the correct user. Linux, the free version of Unix, allows you to
set up a Unix-based mail hub on an old Intel box for minimum outlay and maximum flexibility.

By Paul Dunne

I n this article, we will cover setting

up a Linux machine to act as a mail
hub for the local network, allowing
workstations to send and receive In-
Configuring
Tackling the sendmail configura-
tion process from scratch is tough. The
main configuration file, sendmail.cf, is
figuration files themselves. They have
.mc suffixes, and must be run through
M4 to become complete. The resulting
output should have a .cf suffix.
ternet mail without themselves being The /ostype directory contains
directly connected to the outside world. designed to be easy for the sendmail definitions describing a particular op-
Before you try doing this, you program to read. Unfortunately, this erating system type. These should al-
should already know how to install means that it’s somewhat cryptic to ways be referenced using the OSTYPE
Linux and connect that Linux machine mere humans. Fortunately, it is a task macro in the .mc file.
to the Internet. [If you don’t, we’ll be that rarely has to be done from the The /domain directory contains
covering it in a future issue of PCNA - Ed.] beginning. The sendmail distribution definitions describing a particular do-
includes several sample sendmail.cf main, referenced using the DOMAIN
files, one or other of which can be macro in the .mc file. The /mailer di-
Sendmail adapted to most configurations with a rectory holds descriptions of mailers,
Although the sendmail utility comes few changes. Any modern Linux dis- referenced using the MAILER macro
ready-built with almost any Linux dis- tribution will include these sample in the .mc file.
tribution you care to name, there are files in its sendmail installation. In the /sh directory are the shell
advantages to knowing how to com- Recent versions of sendmail have files used when building the .cf file
pile it yourself. Firstly, a widely-used, introduced an important simplifica- from the .mc file in the cf subdirectory,
important program such as sendmail tion into the configuration process, by while /feature holds special features
inevitably attracts a lot of attention from shifting the user intervention from di- that you might want to include. They
hackers. Updates to the program incor- rect editing of the sendmail configura- should be referenced using the FEA-
porating fixes for the latest security tion file to making changes to files of TURE macro.
holes are regularly being made avail- M4 macros, which is easier and more In /hack you’ll find local hacks
able. These updates are available as immediately understandable. from Berkeley (the home of sendmail),
patches against the source code, which In this section, we will consider use of no more than voyeuristic interest, if
you need to add and then re-compile. of the M4 macros. The section on con- that. And in /siteconfig is the site con-
(You can get sendmail precompiled, of figuring a sendmail client that con- figuration, ie, tables of locally-con-
course, but it’s safer to compile your nects to our mail hub will deal directly nected UUCP sites.
own from source code that doesn’t ap- with the /etc/sendmail.cf file, as that
pear to have been hacked.) process is sufficiently simple to be eas-
ily accomplished without the aid of the
Typical File
There is a sendmail Web page at
www.sendmail.org, and many sites mir- M4 macros. The root of the configuration proc-
ror the source code from there. Once ess is what might be called the base .mc
you have the source, extract it into a Generating A Config file. This forms the starting-point for
directory (/usr/src/sendmailx.x.xx) M4 directives which invoke other
and cd into the src directory therein. In The sendmail configuration appa- macro files. All of the definitions in our
there is a makesendmail shell script that ratus is in the /cf subdirectory. Within base .mc file in turn reference other .mc
will do all the work for you. It is easiest this, the /m4 directory contains sup- files. Order is important: follow that
to do the configuration in the source port routines, which should not be given here.
directory, before actually installing the changed. In what follows, I shall simply clar-
binary and configuration files. The /cf directory contains the con- ify what I have done here. For the full

Issue 89 (November 1997) Page 15

PC Network Advisor File: T1402.1
Tutorial:Hardware

information, see the README in the with UUCP addresses at all”. local and prog mailers. You will almost
cf/ subdirectory. There’s another feature, nullclient. always need these; the only exception
This could be used to do what we will is if you relay all your mail to another
VERSIONID(’@(#)yourcompany.mc do later on by hand, ie, generate a site. This mailer is included automat-
8.5 (Berks) 10/8/97’) stripped-down configuration file that ically.
OSTYPE(mklinux) FEATURE(nouucp) does nothing but forward all mail to a SMTP is the Simple Mail Transport
MAILER(local) MAILER(smtp) central hub via a local SMTP-based Protocol mailer. This does not hide
network. The argument is the name of hosts behind a gateway or another
The first line is for housekeeping, that hub. other such hack; it assumes a world
and puts the version line into the out- where everyone is running the name
put file, so you can keep track of changes. MAILER server. This file actually defines four
The MAILER macros use macro mailers: “smtp” for regular (old-style)
OSTYPE files to specify rules to handle one or SMTP to other servers, “esmtp” for ex-
The first macro defines our operat- more mailers. Here, we invoke defini- tended SMTP to other servers, “smtp8"
ing system. You must define an oper- tions for a local mailer and an SMTP to do SMTP to other servers without
ating system environment, or the mailer. There are fewer mailers sup- converting 8-bit data to MIME (essen-
configuration file build will fail. For us, ported in this version than the pre- tially, this is your statement that you
the OS is of course Linux; we use the vious version, owing mostly to a know the other end is 8-bit clean even
file in ostypes called mklinux.mc. This simpler world. As a general rule, put if it doesn’t say so), and ”relay” for
contains details such as default file lo- the MAILER definitions last in your transmission to our RELAY_HOST,
cations and other OS-specific material. .mc file, and always put MAILER- LUSER_RELAY or MAILER_HUB.
It should not need to be changed. (smtp) before MAILER(uucp) - several
features and definitions will modify sendmail.cf
FEATURE the definition of mailers, and the SMTP The final sendmail configuration
The only feature we use is nouucp, mailer modifies the UUCP mailer. file is produced by invoking M4 with
which says “don’t do anything special The “local” parameter specifies the the .mc file given above as its argu-

### Defined Macros (1) ### Header Declarations (4)

# The name of the mail hub HFrom: $q
DRwotan.dunne.com HReceived: by $j id $i; $b
# The hub as it is known to the outside world H?x?Full-Name: $?x$x$.
DHtiny1.demon.co.uk H?D?Date: $a
# The local official domain name H?M?Message-Id: <$t.$i@$j>
Dj$w
# Our domain name ### Priorities (5)
DDdunne.com Pspecial-delivery=100
# Identity of the error message sender Pfirst-class=0
DnMailer-Daemon Plist=-30
# Look of the Unix From line Pbulk=-60
DlFrom $g $d Pjunk=-100
# The characters that separate address components
Do.:%@!^=/[] ### Mailer Delivery Agent Definitions (6)
# Default form for the sender’s address # Mailer to forward all mail to the hub machine
Dq<$g> Mhub, P=[IPC], S=10, R=0, F=xmDFMuCX, A=IPC $h
# Sendmail requires these, but we won’t use them
### Defined Classes (2) Mlocal, P=/bin/mail, S=0, R=0, F=lsDFMShP, A=deliver $u
# All possible names for local machine Mprog, P=/bin/sh, S=0, R=0, F=lsDFMeu, A=sh -c $u
Cw localhost donner
### The Rules Sets (7)
### Options (3) S0 select delivery agent
# default delivery mode (in background) R@$+ $#error $: Missing user name
Odbackground R$+ $#hub $@$R $:$1 forward to hub
# temporary file permissions—-0600 for secure mail
OF0600 S3 preprocessing for all rule sets
# default UID & GID R$*<>$* $n handle <> error addresses
Ou1 R$*<$*<$*>$*>$* $2<$3>$4 de-nest brackets
Og1 R$*<$*>$* $2 basic RFC822 parsing
# level at which to syslog errors
OL9 S10 rewrite the sender for the hub
# Wait for SMTP replies. R$- $@$1@$H user -> user@hub
Or1h R$-@$w $@$1@$H user@local -> user@hub
# default messages to old style R$-@$=w $@$1@$H user@othernames -> user@hub
OoTrue R$-@$=w.$D $@$1@$H user@domain -> user@hub
# Replace unquoted spaces with a dot
OB. S1 dummy ruleset 1 (unused)

Figure 1 - A sample sendmail.cf file.

File: T1402.2
PC Network Advisor Issue 89 (November 1997) Page 16
 Tutorial:Hardware

Linux Mail Hub

ment. The command looks like this: Starting Sendmail deserved, particularly with version 8,
which solved a lot of the problems that
m4 m4/cf.m4 config.mc > config.cf You will most likely want to have previous versions did have. Much of
the sendmail daemon started every sendmail’s security is down to the sys-
where config.mc is the macro file time the machine boots up. This is tem administrator. Some specific
we’ve developed above, and config.cf done by adding a line to the appropri- points to watch for are:
the output - the sendmail configura- ate rc file in /etc/rc.d. The exact con-
tion file - which will end up as figuration of /etc/rc.d varies between ● Make sure the aliases file isn’t wri-
/etc/sendmail.cf. Linux distributions (I suppose if you table except by trusted system per-
are conservative, you may just have a sonnel. This includes both the text
simple BSD-style set-up, with only and database version.
A Sendmail Installation /etc/rc and /etc/rc.local), so I can’t ● Make sure that other files that send-
Having completed the configura- give exact instructions that are guaran- mail reads, such as the mailertable,
tion, log in as root and type “make teed to be applicable. The easiest thing are only writable by trusted system
install” to install the new sendmail - is probably to put it in /etc/rc.d/rc.lo- personnel.
having remembered to back up your cal. The line should look like this: ● The queue directory should not be
old program in case anything should world writable.
if [ -x /usr/sbin/sendmail ]
be out of order. The following are the
echo “sendmail”
files installed by sendmail. /usr/sbin/sendmail -bd -q1h Clients
fi
/usr/sbin/sendmail Providing email service to other
This is the actual sendmail pro- machines in the network can be done
This checks to see if the file is there,
gram. There may be a symbolic link in in two ways. The first is to use SMTP
then tells the system console what it’s
sendmail’s historic location, /usr/lib, to act as a mail hub that sends and
doing, and starts up sendmail in
pointing here, but /usr/sbin/ is now receives Internet (and optionally local)
daemon mode (-bd), and sets it to proc-
the actual location. mail on behalf of the other machines.
ess the mail queue every hour (-q1h).
Secondly, a POP service can be set up,
/etc/sendmail.cf where local users use client software
This is the configuration file that we The Mail Queue on their computers to collect their mail
generated. via the POP3 protocol, and send mail
The mail queue lives in /var/spool-
via SMTP to the server.
/usr/bin/newaliases /mqueue (unless you have changed
the default, which you really should
This is a symbolic link to /etc/aliases
not). All mail messages are held as two
/usr/sbin/sendmail. When invoked
files here, one file being named
by this name, sendmail will rebuild the Users on the local network must be
dfXXXnnnnn, the other qfXXXnnnnn,
aliases database. identifiable by the sendmail process
where XXX is a three-letter sequence,
running on the server machine. In the
/var/spool/mqueue nnnnn a five-number sequence, both
case of POP mailboxes, this is done by
being used simply to give every mes-
This is the post office, where in-go- creating a normal user account. In the
sage a unique identifier. The qf file is
ing and outgoing mail is kept awaiting case of Linux clients collecting mail
the queue control file, containing the
delivery. It should have mode 700, to through sendmail themselves, this is
email message header and various
prevent inquisitive users from peeking done by adding the appropriate alias
processing information; the df file is
at other users’ mail. to /etc/aliases. For example, on my
the data file, and contains the body of
local network, any mail arriving at my
/etc/aliases the email message. There are other
mail server (tiny1.demon.co.uk) for
files, but they are transient and usually
This is the systemwide aliases file. “bob” is sent on to [email protected]
of interest only to sendmail.
dunne.com on my Internet network by
/usr/lib/sendmail.hf the following line in /etc/aliases:
This is the help file for sendmail. Logging
bob: [email protected]
/etc/sendmail.st Sendmail uses the syslog(8) facility.
Usually, this is set up to log all send-
This optional file can be used by The simplest way to make sure that
mail messages to /var/log/maillog,
sendmail to record statistics. mail comes back to the right place is to
which by default will record all mail
set the Reply-To header in all outgoing
/usr/bin/mailq that passes through sendmail.
mail to point to the account on the mail
This is a symbolic link to hub, not the originating machine. This
/usr/sbin/sendmail. When invoked Security can be done in the options settings of
under this name, sendmail prints the your POP3 mailer, or will be handled
Sendmail has a reputation as a secu-
contents of the mail queue. for you by sendmail on a Linux client.
rity nightmare, but this is largely un-

Issue 89 (November 1997) Page 17

PC Network Advisor File: T1402.3
Tutorial:Hardware

The Sendmail.cf File W, which holds a list of alternative host The seventh part is the heart of
names for the machine (that is, other sendmail, the rule sets. These define
Now, let’s examine the sendmail.cf than the FQDN). the re-writing of addresses. The basic
file itself - it’s listed in Figure 1. This file The third section specifies sendmail idea here is that there are two sides, a
can be kept quite simple when its only options. These can be given on the right-hand side and a left-hand side,
task is to relay all mail to another ma- command line, but as there are rather where the RHS is a pattern to match
chine for further processing. Here is a a lot, it makes more sense to have them against input, and the LHS is the trans-
minimal sendmail.cf file for installing in the file. formation to effect upon the input if a
on Linux boxes that talk to the mail The fourth part specifies what match is made. LHS and RHS are sepa-
hub. There isn’t the space for a full headers must be in every mail mes- rated by tabs; comments are in the
run-down on the syntax of the file. For sage. These are the headers that send- third column.
the full gen, consult the irreplaceable mail will add if the MUA has not
book Sendmail, published by O’Reilly already done so.
& Associates.
Windows
The fifth section is a set of priority
Sendmail commands are usually settings. Sendmail will by default proc- Under Windows I use Eudora Lite,
one letter in length, and must be at the ess the mail in its queue in order of which is a freeware, cut-down version
beginning of a line. Generally, there is decreasing priority, beginning with of Eudora Pro. It is a fine email client
no space between a command and its “special-delivery”. The level of prior- in its own right and is available from
arguments. ity is set by the MUA with the “Prece- www.qualcomm.com. Setting it up is
The first part, Macros, shows vari- dence:” header. simply a matter of pointing it at the
ables (macros in sendmail parlance) The sixth section defines a set of mail hub, then telling it the POP user
being defined by use of the D, Define mailers that sendmail will use to actu- name and password. One glitch I
Macro, command. All the macros de- ally deliver mail. Remember, sendmail found was that not all options are
fined here are explained by comments is a Mail Transport Agent - it doesn’t saved to EUDORA.INI. Specifically, I
on the line before them - a wise practise do the delivery itself. These lines all had to set UseWinSock=1 and
which should not be confined to exam- begin with M. Local and prog are man- UseDialup=0 by editing the ini file, as
ple files. datory. The real work here is done by changing these options from the menu
The second section, Classes, is for a the special mailer [IPC], which invokes had no effect.
special type of variable, a class, that can internal sendmail routines rather than
hold multiple values. The command an external mailer program, to send all
here is C. The class we are defining is mail to a “smart host” using SMTP.

Editing /etc/sendmail.cf By Hand

So, you have an existing sendmail installation and don’t want to go to the
bother of fussing about with getting the sendmail source, figuring out M4,
etc? Well, while I can’t hope to cover all the details of the sendmail configu-
ration file syntax here, I can tell you the minimum changes you need to make
to transform a generic sendmail.cf into one you can use.
Because of the complexity of this file, I will list here only the things that are PCNA
absolutely essential to change. I will presume that there is already a suitable
sendmail.cf on the machine (provided either by the Linux distribution, or
from the sendmail sources).
The W macro contains any other names that this host is known by, besides
the FQDN. For example:
Cwlocalhost wotan.dunne.com
The S macro can contain the name of a smart relay host, to which all non-local
mail is forwarded without further ado. Some sites can deliver mail to the
local network, but cannot look up hosts on the Internet with DNS. Usually
such sites are connected to the outside world with UUCP. To ensure delivery
of all mail, such sites need to forward all non-local mail over the UUCP link
to a smart (or well-connected) host. The Author
These are all the changes you absolutely have to make. The other parameters Paul Dunne ([email protected]
change how sendmail behaves, but should work on your site without co.uk) is a freelance writer and
modification. Unix/Internet consultant.

File: T1402.4
PC Network Advisor Issue 89 (November 1997) Page 18
 Recent Reviews from Tech Support Alert

Reviews of the Best Windows Backup Software

In this detailed comparative review, we checked out eighteen backup software
utilities designed for home or SOHO use. Many of the products reviewed
were disappointing. However 6 products passed our tests with flying colors
and 2 of these were so impressive, they were awarded our “Editor’s Choice.”

Suppliers of Cheap Inkjet Printer Cartridges Reviewed and Rated

With hundreds of companies all claiming to have the “cheapest and best inkjet
printer cartridges,” our editors decided to put their claims to the test. Not
unexpectedly, many suppliers flunked but we did manage to come up with a
number of web sites that sell good quality inkjet printer cartridges at heavily
discounted prices.

The Best Anti Trojan Software

Our editors took a close look at the 6 leading anti-trojan/trojan remover
software utilities. Unfortunately, they found only 2 products that were effective
in their ability to detect and remove dangerous modern polymorphic and
process injecting trojans.

The 46 Best Ever Freeware Utilities

This is our Editor, Ian “Gizmo” Richards, personal selection of the best
freeware utilities. He’s hunted down some real gems, many of which perform
better than expensive commercial products.

Tech Support Alert

http://www.techsupportalert.com