BIND/Sendmail Notes
I'll probably revise this page later, but here are some BIND 9.1.2 samples for the moment - you should still read the other notes below for an overview first.
(just tacked on .912 on the end of files so I could post them quickly - but they don't have .912 in my 'real' setup - in case it's not obvious)
/etc/named.conf
jdog.hosts
jdog.rev
named.local
root.cache
(Of course you want to create your own root.cache file with dig)
I set this up when I was playing around with SuSE Linux on my machines at home... but it should be fairly obvious where things might differ with other distributions (in a nutshell... where your sendmail cf files are - so you can build a custom configuration).
Just for trivia (don't laugh at my machine names) - I'm telling you what I set up at home - just to point out I *do* have a mixed bag of computers and it doesn't particularly matter.
My machines: (all set up with fictitious 'home.org' domain)
sonny
Sun Sparc 10 - dual processors ;-) running RedHat Linux (sparc)
set up as DNS/mail server
192.168.0.3
speedy
p166 running NT Workstation 4.0
acting as gateway/proxy server - until I get DSL/figure out ipchains
192.168.0.10
pokey
pII 400 running SuSE Linux - configured as null client
192.168.0.4
celly
Celeron 400 running SuSE Linux - configured as null client
192.168.0.2
rusty
pIII 500 running SuSE Linux - configured as null client
192.168.0.1
(IP's are consistent with a typical Class C LAN without *real* fixed addresses)
very similar to DNS/bind lab... with different machine names/IP's
the relevant 'change/addition' for sendmail was the inclusion of an 'MX' record to specify the mail handler for the domain
I checked the nameserver... and MX entry after running 'nslookup'
(set type=MX tells nslookup to return MX entries with output)
(domain name by itself returns records for domain)
In order for the MX stuff to work... you need to add something like the following to the existing DNS entries -
IN MX 10 sonny.home.org.
home.org preference=10, mail exchanger = sonny.home.org
home.org nameserver = sonny.home.org
sonny.home.org internet address = 192.168.0.3
add the following to /etc/resolv.conf on 'all' machines
search home.org nameserver 192.168.0.3
The proxy server running on speedy maps incoming/outgoing traffic correctly with the outside world.
The point is: machines on the internet only see my 'gateway/firewall/proxy server machine, but it is possible to map incoming requests to machines on the internal network... and it is possible for all of my internal machines to access the internet through the gateway - while still remaining 'hidden' to the outside world. Each request is passed to the gateway/firewall/proxy server... which then fetches a particular page, etc... and gives it back (or not) to the requesting client.
Of course This is an extreme over-simplification of the actual details - but the overview is probably worth something.
All traffic appears as though it is originating from the gateway machine... and an external machine has no idea how many/which machines I have on my internal network.
When I get my internet connection... my ISP gives me a *real* IP address. The internal machines see the gateway as 192.168.0.10, but to the outside world, the gateway machine is 209.162.x.x (depending on which IP my ISP gave me)
For RedHat... I grabbed:
sendmail-8.9.3-15.sparc.rpm
sendmail-cf-8.9.3-15.sparc.rpm
(The sendmail-cf is important for generating a new config file... since it contains several .m4 and .mc files needed for the m4 macros we need)
For SuSE... the m4/mc stuff is included in their sendmail rpm (not a separate package)
On SuSE... I created a null.mc file in /usr/share/sendmail/cf
include(./m4/cf.m4)
OSTYPE(linux)
FEATURE(nullclient, sonny.home.org)
MASQUERADE_AS(home.org)
(and ran 'm4 null.mc > /etc/sendmail.cf')
restart sendmail on pokey so changes take effect.
(/etc/rc.d/init.d/sendmail restart)
On RedHat... I created a host.mc file in /usr/lib/sendmail-cf/cf
include(./m4/cf.m4)
OSTYPE(linux)
define('PROCMAIL_MAILER_PATH', '/usr/bin/procmail')
FEATURE(always_add_domain)
FEATURE(use_cw_file)
FEATURE(local_procmail)
MAILER(local)
MAILER(smtp)
(and ran 'm4 host.mc > /etc/sendmail.cf')
restart sendmail on sonny so changes take effect.
(/etc/rc.d/init.d/sendmail restart)
Relaying is denied by default with sendmail 8.9.x? - so in order to relay messages for the other machines on your network... you need to add them to /etc/sendmail.cw - along with a few other entries:
/etc/sendmail.cw on sonny looks like:
sonny.home.org
pokey.home.org
rusty.home.org
celly.home.org
home.org
The last entry (home.org) is important for a jbyrne@home.org address to map correctly to a local account on the mail server.
If you look at the null.mc file - I set up the mail hub as 'sonny.home.org'... but I actually want to 'masquerade' as 'home.org' from all of the clients.
This gives you the typical behavior you see in most places... hiding specific machine names when you send mail... and just tacking on the domain name.
We do need to add the individual client machines to /etc/sendmail.cw... because in a typical SMTP session... the client 'identifies' as 'root@pokey.home.org' even though it also lets the server knows it wants to masquerade as 'home.org'.
I think I have the basic theory right ;-)
The most important part is adding the MX record to the nameserver tables... and making sure all the machines use that nameserver for resolving machine names/addresses.
Also... since relaying is denied by default... the server needs to have the appropriate Cw entries to accept/forward mail from other machines on the network *and* recognize itself as 'home.org' for proper local delivery of mail addressed as 'jbyrne@home.org', etc...