How to Fix a Cranky Sun Mail System

Paul Pomes - <ppomes@Qualcomm.com>

Here's a file I put together for local use that appears close to your 
situation.  Comments welcome.

Paul Pomes
====

		How to Fix a Cranky Sun Mail System.


1) Kill the existing sendmail daemon process.

   ps waux | grep sendmail
   kill <pid>	where <pid> is the process id of the daemon.

[Step 2 is only required prior to SunOS 5.5 (aka Solaris 2.5)]
2) Replace the default sendmail executable with the Sun-supplied version
   that understands use of the DNS.  Zap any frozen config file present.

   cd /usr/lib
   cp sendmail sendmail.nomx
   chmod 755 sendmail.nomx
   cp sendmail.mx sendmail
   chmod 4511 sendmail
   rm -f /usr/lib/sendmail.fc /etc/sendmail.fc /etc/mail/sendmail.fc

3) Establish a /etc/resolv.conf file to direct DNS queries to a server.
   The values of "domain" and the "nameserver" lines depends critically
   on where you are.  At the University of Illinois the value of domain
   is typically your department or office name combined with "uiuc.edu".
   Long names, e.g., Personnel Services Office, are typically abbreviated
   (pso.uiuc.edu).  Examples: math.uiuc.edu, life.uiuc.edu, ncsa.uiuc.edu.

   Some institutions have a one domain fits all name.  An example of
   this is the US Army Corps of Engineers, Construction Engineering
   Research Lab locally known as US Army CERL.  Army policy specifies
   that domain names must use their official acronym with the "army.mil"
   domain.  So CERL's domain name is "cecer.army.mil".  Adding a fourth
   domain to distinguish internal departments and divisions would have
   made the names overly long.  Thus all CERL hosts are named
   foo.cecer.army.mil.

   Selecting nameservers must be done in consultation with your local
   network expert.  At the University of Illinois (and ONLY here please)
   the following values can be used.  Let's repeat that - only University
   of Illinois hosts should be using our nameservers.

   domain foo.uiuc.edu		(replace foo with your official domain)
   nameserver 128.174.5.59
   nameserver 128.174.5.50
   nameserver 128.174.5.58

   At US Army CERL, use the following:

   domain cecer.army.mil
   nameserver 129.229.20.254
   nameserver 129.229.1.5

   N.B., Sun's resolver code is based on BIND v4.8.1 and suffers from several
   problems.  Chief among those is zero fault tolerance.  If the first listed
   nameserver is unreachable or dead, the resolver won't try any of the
   subsequently listed servers.  Re-compiling both sendmail and libresolv.a
   from modern sources is the only fix for this.

[SunOS 5.x: make sure you have dns in the hosts line in /etc/nsswitch.conf]

4) Copy the "main" sendmail.cf base file to sendmail.cf.
   Under Sun-OS 4.X use

   cp /usr/lib/sendmail.main.cf /etc/sendmail.cf

   Under Sun-OS 5.X use

   cd /etc/mail
   cp main.cf sendmail.cf


   Now that the base work has been done you have a choice: death or chi-chi.
   No, that's another sick joke.  Let's stick to Suns and retain what shreds
   of dignity we can.  Onward.

   The next set of steps involve changes to the sendmail.cf file.  Invoke the
   editor of your choice on /etc/sendmail.cf or /etc/mail/sendmail.cf.

5) Change the value of the $j greeting macro.  Macros are defined with
   lines beginning with 'D'.  Thus the $j macro is defined on a line
   beginning with 'Dj'.  Change sendmail.cf (nee main.cf) to look like

   # my official hostname
   # You have two choices here.  If you want the gateway machine to identify
   # itself as the DOMAIN, use this line:
   #Dj$m
   # If you want the gateway machine to appear to be INSIDE the domain, use:
   #Dj$w.$m
   # Unless you are using sendmail.mx (or have a fully-qualified hostname), use:
   Dj$w

   (Comment out the Dj$m entry and enable the Dj$w entry.)

6) Select the proper mailer for forwarding to a smarter relay.  In the
   case of a site connected to the Internet, this is the "ddn" mailer.
   Change to:

   # major relay mailer - typical choice is "ddn" if you are on the
   # Defense Data Network (e.g. Arpanet or Milnet)
   #DMsmartuucp
   DMddn

7) Select the smarter relay to handle messages to unknown destinations.
   This MUST be selected on a per-site basis.

   At the University of Illinois *ONLY*

   # major relay host: use the $M mailer to send mail to other domains
   DRux1.cso.uiuc.edu
   CRux1.cso.uiuc.edu

   At the US Army CERL *ONLY*

   # major relay host: use the $M mailer to send mail to other domains
   DRmax.cecer.army.mil
   CRmax.cecer.army.mil

8) Configure your domain names.  Replace the foo.bar.uiuc.edu names below
   with your host's FQDN.

   #################################################
   #
   #	General configuration information
    ...
   # Example:				(bogus examples, ignore)
   # DmCS.Podunk.EDU
   # Cm cs cs.Podunk.EDU
   Dwfoo.bar.uiuc.edu
   Dmfoo.bar.uiuc.edu

9) Change the ddn mailer rules in ruleset 0 according to the comments there.
   Ruleset 0 is labelled by a line containing only "S0".  About 40 lines
   further down are the following rulesets.

   # Pass other valid names up the ladder to our forwarder
   #R$*<@$*.$=T>$*	$#$M    $@$R $:$1<@$2.$3>$4	user@domain.known

   # Replace following with above to only forward "known" top-level domains
   #R$*<@$*.$+>$*	$#$M    $@$R $:$1<@$2.$3>$4	user@any.domain

   # if you are on the DDN, then comment-out both of the the lines above
   # and use the following instead:
   R$*<@$*.$+>$*	$#ddn $@ $2.$3 $:$1<@$2.$3>$4	user@any.domain

   Follow the comments and comment out the second rule that forwards
   only "known" domains and enable the following rule that uses the "ddn"
   mailer.


[SunOS 5.x: make sure you have OI set]
   Write the sendmail.cf file back out and leave the editor.  Now test the
   changes by using sendmail in test mode.

10) Test address recognition.  Invoke sendmail in address test mode:

   /usr/lib/sendmail -bt

   Run the following address forms through one at a time.  The leading 0
   is the starting ruleset.  Each address should resolve to "user" using
   the "local" mailer.  Replace "foo" and "bar.uiuc.edu" with the name
   of your host and domain.

   0 user
   0 user@foo
   0 user@foo.bar.uiuc.edu

11) Verify out-going addresses are correct.  Use the -v option to Berkeley
   mail to check that the return addresses are correct.  If -v doesn't
   work with your mailer, use sendmail direct.

   Mail -v nobody@ucbvax.berkeley.edu < /dev/null
      or
   /usr/lib/sendmail -v nobody@ucbvax.berkeley.edu < /dev/null

[ucbvax.berkeley.edu does no longer exist, try something else,
e.g., nobody@informatik.uni-kiel.de]

12) Fire up sendmail in daemon mode.

   /usr/lib/sendmail -bd -q1h

13) Test in-bound mail.  From another host, verify that mail sent to a
   user that has no forwarding set up, either via /etc/aliases or
   .forward file, actually arrives.  Telnet to the SMTP port and verify
   that the greeting message uses the fully qualified domain name.

   telnet foo.bar.uiuc.edu 25

   quit