cf/README for sendmail 8.12.3

Eric Allman of the Sendmail Consortium

MASQUERADING AND RELAYING

You can have your host masquerade as another using

MASQUERADE_AS(`host.domain')

This causes mail being sent to be labeled as coming from the indicated host.domain, rather than $j. One normally masquerades as one of one's own subdomains (for example, it's unlikely that Berkeley would choose to masquerade as an MIT site). This behaviour is modified by a plethora of FEATUREs; in particular, see masquerade_envelope, allmasquerade, limited_masquerade, and masquerade_entire_domain.

The masquerade name is not normally canonified, so it is important that it be your One True Name, that is, fully qualified and not a CNAME. However, if you use a CNAME, the receiving side may canonify it for you, so don't think you can cheat CNAME mapping this way.

Normally the only addresses that are masqueraded are those that come from this host (that is, are either unqualified or in class {w}, the list of local domain names). You can augment this list, which is realized by class {M} using

MASQUERADE_DOMAIN(`otherhost.domain')

The effect of this is that although mail to user@otherhost.domain will not be delivered locally, any mail including any user@otherhost.domain will, when relayed, be rewritten to have the MASQUERADE_AS address. This can be a space-separated list of names.

If these names are in a file, you can use

MASQUERADE_DOMAIN_FILE(`filename')

to read the list of names from the indicated file (i.e., to add elements to class {M}).

To exempt hosts or subdomains from being masqueraded, you can use

MASQUERADE_EXCEPTION(`host.domain')

This can come handy if you want to masquerade a whole domain except for one (or a few) host(s). If these names are in a file, you can use

MASQUERADE_EXCEPTION_FILE(`filename')

Normally only header addresses are masqueraded. If you want to masquerade the envelope as well, use

FEATURE(`masquerade_envelope')

There are always users that need to be "exposed" -- that is, their internal site name should be displayed instead of the masquerade name. Root is an example (which has been "exposed" by default prior to 8.10). You can add users to this list using

EXPOSED_USER(`usernames')

This adds users to class {E}; you could also use

EXPOSED_USER_FILE(`filename')

You can also arrange to relay all unqualified names (that is, names without @host) to a relay host. For example, if you have a central email server, you might relay to that host so that users don't have to have .forward files or aliases. You can do this using

define(`LOCAL_RELAY', `mailer:hostname')

The ``mailer:'' can be omitted, in which case the mailer defaults to "relay". There are some user names that you don't want relayed, perhaps because of local aliases. A common example is root, which may be locally aliased. You can add entries to this list using

LOCAL_USER(`usernames')

This adds users to class {L}; you could also use

LOCAL_USER_FILE(`filename')

If you want all incoming mail sent to a centralized hub, as for a shared /var/spool/mail scheme, use

define(`MAIL_HUB', `mailer:hostname')

Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY and MAIL_HUB and you have FEATURE(`stickyhost'), unqualified names will be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB.

Note: there is a (long standing) bug which keeps this combination from working for addresses of the form user+detail. Names in class {L} will be delivered locally, so you must have aliases or .forward files for them.

For example, if you are on machine mastodon.CS.Berkeley.EDU and you have FEATURE(`stickyhost'), the following combinations of settings will have the indicated effects:

email sent to....ericeric@mastodon.CS.Berkeley.EDU
LOCAL_RELAY set tomail.CS.Berkeley.EDU(delivered locally)
mail.CS.Berkeley.EDU(no local aliasing)(aliasing done)
MAIL_HUB set tomammoth.CS.Berkeley.EDUmammoth.CS.Berkeley.EDU
mammoth.CS.Berkeley.EDU(aliasing done)(aliasing done)
Both LOCAL_RELAY andmail.CS.Berkeley.EDUmammoth.CS.Berkeley.EDU
MAIL_HUB set as above(no local aliasing)(aliasing done)

If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and MAIL_HUB act identically, with MAIL_HUB taking precedence.

 

If you want all outgoing mail to go to a central relay site, define SMART_HOST as well.

Briefly:

  • LOCAL_RELAY applies to unqualified names (e.g., "eric").
  • MAIL_HUB applies to names qualified with the name of the local host (e.g., "eric@mastodon.CS.Berkeley.EDU").
  • SMART_HOST applies to names qualified with other hosts or bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU" or "eric@[127.0.0.1]").

However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY, DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you really want absolutely everything to go to a single central site you will need to unset all the other relays -- or better yet, find or build a minimal config file that does this.

For duplicate suppression to work properly, the host name is best specified with a terminal dot:

define(`MAIL_HUB', `host.domain.')
      note the trailing dot ---^