i switched to postfix years ago. to be sure it has its fanboys. i found
it to be just as cryptic in its own way.
i came back to sendmail. far lighter weight if that matters to you. my
config does outgoing auth for delivery via isp. here's my setup:
dnsinternal=(intra.mydomainname.com)
smmasquhide=intra.mydomainname.com
smmasqushow=mydomainname.com
sendmailocal=mydomainname.com
sendmailoutvia=smtpauth.myisp.net
dnsexternal=()
dnsmeext=("${dnsexternal[@]}" "${dnsinternal[@]}" "${sendmailocal[@]}")
AUTH_OPTIONS='A p'
cf=/etc/mail/sendmail.cf
mc=/etc/mail/sendmail.mc
(sed -e "s/+AUTH_OPTIONS+/$AUTH_OPTIONS/"\
-e "s/+smmasquhide+/$smmasquhide/"\
-e "s/+smmasqushow+/$smmasqushow/"\
-e "s/+sendmailoutvia+/$sendmailoutvia/"\
-e "s/+sendlocalmailto+/$sendlocalmailto/" $mc
echo "Cw${dnsmeext[@]}")|m4>$cf
*/etc/mail/sendmail.cf*:
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
OSTYPE(`linux')dnl
define(`confSMTP_LOGIN_MSG',`')dnl Delete all the program and version
information out of the SMTP header
define(`HELP_FILE',`')dnl Enhance security by not offering version numbers
in the HELP output
define(`LOCAL_RELAY',`+sendlocalmailto+')
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confERROR_MODE',`m')
define(`confDIAL_DELAY',`60s')
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`confDEAD_LETTER_DROP',`/var/mail/DEAD_LETTER_DROP')
dnl ne(`confLOG_LEVEL', `20')dnl verbose
undefine(`BITNET_RELAY')
undefine(`UUCP_RELAY')
FEATURE(nouucp,reject)
define(`confPRIVACY_FLAGS',
`authwarnings,novrfy,noexpn,restrictqrun,restrictmailq,restrictexpand,needmailhelo,noreceipts')
# AUTH_OPTIONS A allows relaying if the user authenticates
# AUTH_OPTIONS p disallows plaintext authentication (PLAIN/LOGIN) on
non-TLS links
define(`confAUTH_OPTIONS',`+AUTH_OPTIONS+')dnl
TRUST_AUTH_MECH( `EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN')dnl
define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl
define(`SMART_HOST',`+sendmailoutvia+')
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confCLIENT_CERT', `/etc/pki/tls/certs/localhost.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/localhost.crt')dnl
define(`confCLIENT_KEY', `/etc/pki/tls/private/localhost.key')dnl
define(`confSERVER_KEY', `/etc/pki/tls/private/localhost.key')dnl
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl define(`confDONT_BLAME_SENDMAIL', `groupreadablekeyfile')dnl
dnl #
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`virtuser_entire_domain')
FEATURE(redirect)dnl
FEATURE(use_ct_file)dnl
define(`confMAX_DAEMON_CHILDREN',`25')dnl maximum child processes that can
be spawned by the server
define(`confCONNECTION_RATE_THROTTLE',`5')dnl connections the server can
receive per second
define(`confMIN_FREE_BLOCKS',`19200')dnl 75mb
dnl # The -t option was retrying delivery if e.g. the user runs over his
quota. caused problems with fetchmail.
dnl URE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(local_procmail,`',`procmail -Y -a $h -d $u')dnl
FEATURE(`access_db')dnl
FEATURE(`authinfo')dnl /etc/mail/authinfo
FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl', `list.dsbl.org',`Message from $&{client_addr}
rejected - see http://dsbl.org')
FEATURE(`dnsbl', `relays.ordb.org',`"550 Email rejected due to
sending server misconfiguration - see http://www.ordb.org/faq"')
FEATURE(`dnsbl', `dnsbl.njabl.org',`Message from $&{client_addr}
rejected - see http://njabl.org')
FEATURE(`dnsbl',`blackholes.brainerd.net',`Message from $&{client_addr}
rejected - see http://blackholes.brainerd.net')
dnl the following rejected a message from sherry's surfbest.net, likely
they unwittingly hosted a spammer, nevertheless i removed it
dnl URE(`dnsbl', `sbl.spamhaus.org',`Message from $&{client_addr}
rejected - see http://www.spamhaus.org/SBL')
dnl the following 2 were causing long wait before "220 ESMTP", hence
receive timeouts on pomcoweb from earthlink and verizon, though other
senders were more patient
dnl URE(`dnsbl', `dialups.visi.com',`Message from $&{client_addr}
rejected - see http://dialups.visi.com')
dnl URE(`dnsbl', `dialups.mail-abuse.org',`Message from $&{client_addr}
rejected - see http://mail-abuse.org/dul/enduser.htm')
dnl #
dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery
uncomment
dnl # the following 2 definitions and activate below in the MAILER section
the
dnl # cyrusv2 mailer.
dnl define(`confLOCAL_MAILER', `cyrusv2')dnl
dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl
dnl #
FEATURE(`no_default_msa')
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl accept port 25
unencrypted smtp from localhost only
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl accept port 587
authenticated esmtp
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587
followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express
can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl # For this to work your OpenSSL certificates must be configured.
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl accept unresolvable domains else fetchmail keeps retrying, bogging and
breaking named
FEATURE(`accept_unresolvable_domains')dnl
dnl URE(`nocanonify')
dnl URE(`limited_masquerade')
FEATURE(`allmasquerade')dnl masq recipient addresses, doesn't appear to
work for g at georgia.nvpf.org
FEATURE(`masquerade_envelope')
MASQUERADE_DOMAIN(`+smmasquhide+')
MASQUERADE_AS(+smmasqushow+)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl MAILER(cyrusv2)dnl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20120618/d598ddd8/attachment-0001.html>