send-only for sendmail

 In Data Centers, Enterprise IT Solutions, HP-UX, System Administration

If you do not have sendmail running on your system, then you will need to set it up.
The ability to handle email is mandatory for reliable server operations.
The most secure way to do this will be to use sendmail‘s”send only” mode.
Your system will try to notify sysadmins about issues but it cannot receive any email.

There are 2 ways to do this:

1) manually configure all necessary files;
2) Using the gen_cf utility to configure the necessary files.
Before starting this process, make a backup of all of the files in the /etc/mail directory.
The easiest was to do this is:

   tar -cvf /var/tmp/etc_mail_backup.tar /etc/mail

Here are both methods:

Using the gen_cf script:

Start by moving to the special newconfig directory structure.
This is required as the script is not very user friendly.

   # cd /usr/newconfig/etc/mail/cf/cf

Run the gen_cf script with a full path name ($PWD is a shortcut)

# $PWD/gen_cf
  ------------------------------------------------------------------------
  Sendmail Configuration File generator :
  ------------------------------------------------------------------------
  1: General Features
  2: Relay Options
  3: Anti Spamming Options
  4: Security Options
  5: Generate sendmail.cf
  6: Generate submit.cf
  7: Verify permissions for the sendmail files
  8: Correct permissions for the sendmail files
  9: Create User and Queue for MSP
  10: Help
  ------------------------------------------------------------------------
  0: Exit from selection
  ------------------------------------------------------------------------

Select 1 (General Features), then 8 (Send only)

------------------------------------------------------------------------
  General Features
  ------------------------------------------------------------------------
  1. Delay checks
  2: No default MSA
  3: LDAP Routing
  4: Mailertable
  5: Genericstable
  6: Domaintable
  7: Virtusertable
  8: Send only
  9: Receive only
  10: Queue Groups
  11: Accept unresolvable domains
  12: Accept unqualified senders
  ------------------------------------------------------------------------
  0: Main Menu
  ------------------------------------------------------------------------
  8
  Options: send_only

The interface for the menu is very primitive. Press return after the send_only line.
Then select 0 (letter o) to return to the previous menu.

Now select 5 to Generate sendmail.cf
Press return to wake up the program if needed.

Then repeat the above steps but select submit.cf rather than sendmail.cf.

And finally, run the gen_cf script again, and this time select 9 (Create User and Queue for MSP)
When prompted for creation of the user and group, answer affirmative.

Now move the generated files into place:

  # mv sendmail.cf.gen /etc/mail/sendmail.cf
  # mv submit.cf.gen /etc/mail/submit.cf

Edit the /etc/rc.config.d/mailsrvrs file to look like this:

 export SENDMAIL_SERVER=0
 export SENDMAIL_SERVER_NAME=
 export SENDMAIL_RECVONLY=0
 export SENDMAIL_SENDONLY=1

Restart sendmail:

# /sbin/init.d/sendmail stop
Stopping /sbin/init.d/sendmail...
Shutting down sendmail [Done]
Shutting down sm-client [Done]
 
# /sbin/init.d/sendmail start
Starting /sbin/init.d/sendmail...
Starting sendmail : send only [Done]
Starting sm-client : send only [Done]

The task is now complete.
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Manually configure sendmail for send-only

1) Make sure that sendmail is not running by issuing the command:

   # /sbin/init.d/sendmail stop

2) To make sure that we start off with the most current sendmail.cf file, copy the default file from /usr/newconfig/etc/mail to /etc/mail:

   # cp -p /usr/newconfig/etc/mail/sendmail.cf /etc/mail

3) Edit /etc/mail/sendmail.cf
Change the line that contains DaemonPortOption from this:

  O DaemonPortOptions=Name=MTA

To this:

  O DaemonPortOptions=Name=MTA, Addr=127.0.0.1
4) Check for the /etc/mail/submit.cf file
 If your /etc/mail directory does not contain a file called submit.cf, you will need to copy it from the /usr/newconfig/etc/mail directory:

   # cp -p /usr/newconfig/etc/mail/submit.cf /etc/mail

If you already have a submit.cf file in the /etc/mail directory you can try using it first. If it works, keep it. If it does not work, copy the file from /usr/newconfig/etc/mail as above and try it. If it works, the use the ‘diff‘ command to see what the differences in the files are so you can customize your new submit.cf appropriately.
5) Modify the /etc/rc.config.d/mailservs file
There are 2 lines in the /etc/rc.confi.d/mailservs file that need to be modified.
Change the following lines from this:

  export SENDMAIL_SERVER=1
  export SENDMAIL_SENDONLY=0

To this:

  export SENDMAIL_SERVER=0
  export SENDMAIL_SENDONLY=1

6) Add the user ‘smmsp‘ to the system. This user is required when running sendmail in “send only” mode. To do this we will use the ‘gen_cf‘ command.
Start ‘gen_cf‘ by running:

  # /usr/newconfig/etc/mail/cf/cf/gen_cf

From the menu that is displayed, choose #9Create User and Queue for MSP“.
Just follow the prompts for this selection. Once it complete you can exit from the menu.

7) Now you should be able to start sendmail in “send only” mode by issuing the command

 # /sbin/init.d/sendmail start]
 Starting /sbin/init.d/sendmail...
 Starting sendmail : send only [Done]
 Starting sm-client : send only [Done]

If sendmail does not start correctly there will be errors either on the screen or in the /var/adm/syslog/mail.log file.

8) If sendmail started correctly, you are now finished. You should now send a test e-mail via either the sendmail or mailx command to make sure that sendmail is functioning correctly.

sendmail.cf in corporate email environments:

There may be additional set up that needs to be done to allow your HP-UX server to successfully send mail. It is possible that you will need to set up a relay server in the sendmail.cf file. A relay server is where mail is sent from the HP-UX server so that it can be processed and delivered by a corporate email server such as MS Exchange.

By default, any e-mail sent from the system will be sent with a “from” address of root@hostname.mydomain. Since most corporate environments do not publish internal hostnames, such email may be rejected as spam since the hostname is unknown on the Internet. If you wish have e-mail appear to be from your normal corporate domain you will need to modify the sendmail “DM“, maybe “C{M}” and C{E}. The DM line controls the domain that will show up in the “from” address of an e-mail. For example:

 DMmydomain.com
 C{M}mydomain.com
 C{E}mydomain.com
 

Will cause all e-mail, except from root, to have a “from” address with mydomain.com domain. If you wish for “root” e-mail to show the same domain name as all other users, comment the “C{E}root” line out. That way, e-mail messages from the root user will show to be from root@mydomain.com. You may also need to set up your corporate e-mail server (Exchange?) to act as a mail relay for your HP-UX server(s). Specify the relay server with the DS directive:

DSemail.mydomain.com

or use square brackets […] to reference an IP address.

DS[12.34.56.78]

Another fix is to masquerade the actual server’s hostname with a valid Internet name. This will allow email sent to outside addresses to make it through

Other fixes:

If you see a message in the /var/adm/syslog/mail.log file saying that sendmail cannot determine the host’s domain name, you can edit the Dj directive, something like this:

 #Dj$w.Foo.COM   <-- example
 Djserviceitdirect.com

As always, any changes to the sendmail config files must be followed with a sendmail stop and start.

Recent Posts

Leave a Comment

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt
IT Asset Management