在防火墙后配置sendmail
[英]Configuring sendmail behind a firewall
问题描述
I'm setting up a server which is on a network behind a firewall and I want programs on this computer to be able to use sendmail to send emails to any email address. 
我正在设置一个位于防火墙后面的网络上的服务器,我希望这台计算机上的程序能够使用sendmail将电子邮件发送到任何电子邮件地址。 We have an SMTP server running on this network (let's call it mailrelay.example.com) which is how we're supposed to get outgoing emails through the firewall. 我们在这个网络上运行一个SMTP服务器(让我们称之为mailrelay.example.com),这就是我们应该通过防火墙接收外发电子邮件的方式。
So how do I configure sendmail to send all mail through mailrelay.example.com? 那么如何配置sendmail通过mailrelay.example.com发送所有邮件? Googling hasn't given me the answer yet, and has only revealed that sendmail configuration is extremely complex and annoying. 谷歌搜索还没有给我答案,并且只透露sendmail配置非常复杂和烦人。
3 个解决方案
解决方案1
13 已采纳 2008-09-20 10:05:40
@eli: modifying sendmail.cf directly is not usually recommended, since it is generated by the macro compiler. @eli:通常不建议直接修改sendmail.cf,因为它是由宏编译器生成的。
Edit /etc/mail/sendmail.mc to include the line: 编辑/etc/mail/sendmail.mc以包含该行:
define(`SMART_HOST',`mailrelay.example.com')dnl
After changing the sendmail.mc macro configuration file, it must be recompiled to produce the sendmail configuration file. 更改sendmail.mc宏配置文件后,必须重新编译它以生成sendmail配置文件。
# m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
And restart the sendmail service (Linux): 并重新启动sendmail服务(Linux):
# /etc/init.d/sendmail restart
As well as setting the smarthost, you might want to also disable name resolution configuration and possibly shift your sendmail to non-standard port, or disable daemon mode. 除了设置smarthost之外,您可能还想禁用名称解析配置,并可能将sendmail转移到非标准端口,或禁用守护程序模式。
Disable Name Resolution 禁用名称解析
Servers that are within fire-walled networks or using Network Address Translation (NAT) may not have DNS or NIS services available. 在防火墙网络内或使用网络地址转换(NAT)的服务器可能没有可用的DNS或NIS服务。 This creates a problem for sendmail, since it will use DNS by default, and if it is not available you will see messages like this in mailq: 这会给sendmail带来问题,因为它默认会使用DNS,如果它不可用,你会在mailq中看到这样的消息:
host map: lookup (mydomain.com): deferred)
Unless you are prepared to setup an appropriate DNS or NIS service that sendmail can use, in this situation you will typically configure name resolution to be done using the /etc/hosts file. 除非您准备设置sendmail可以使用的适当DNS或NIS服务,否则在这种情况下,您通常会使用/ etc / hosts文件配置名称解析。 This is done by enabling a 'service.switch' file and specifying resolution by file, as follows: 这是通过启用“service.switch”文件并按文件指定解析来完成的,如下所示:
1: Enable service.switch for sendmail Edit /etc/mail/sendmail.mc to include the lines: 1:为sendmail启用service.switch编辑/etc/mail/sendmail.mc以包含以下行:
define(`confSERVICE_SWITCH_FILE',`/etc/mail/service.switch')dnl
2: Configure service.switch for files Create or modify /etc/mail/service.switch to refer only to /etc/hosts for name resolution: 2:为文件配置service.switch创建或修改/etc/mail/service.switch以仅引用/ etc / hosts进行名称解析:
# cat /etc/mail/service.switch
hosts files
3: Recompile sendmail.mc and restart sendmail for this setting to take effect. 3:重新编译sendmail.mc并重启sendmail以使此设置生效。
Shift sendmail to non-standard port, or disable daemon mode 将sendmail转移到非标准端口,或禁用守护程序模式
By default, sendmail will listen on port 25. You may want to change this port or disable the sendmail daemon mode altogether for various reasons: - if there is a security policy prohibiting the use of well-known ports - if another SMTP product/process is to be running on the same host on the standard port - if you don't want to accept mail via smtp at all, just send it using sendmail 默认情况下,sendmail将侦听端口25.您可能希望更改此端口或完全禁用sendmail守护程序模式,原因如下: - 如果存在禁止使用已知端口的安全策略 - 如果是另一个SMTP产品/进程将在标准端口上的同一主机上运行 - 如果您根本不想通过smtp接受邮件,只需使用sendmail发送它
1: To shift sendmail to use non-standard port. 1:将sendmail转移到使用非标准端口。 Edit /etc/mail/sendmail.mc and modify the "Port" setting in the line: 编辑/etc/mail/sendmail.mc并修改行中的“端口”设置:
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
For example, to get sendmail to use port 125: 例如,要使sendmail使用端口125:
DAEMON_OPTIONS(`Port=125,Addr=127.0.0.1, Name=MTA')
This will require sendmail.mc to be recompiled and sendmail to be restarted. 这将需要重新编译sendmail.mc并重新启动sendmail。
2: Alternatively, to disable sendmail daemon mode altogether (Linux) Edit /etc/sysconfig/sendmail and modify the "DAEMON" setting to: 2:或者,完全禁用sendmail守护程序模式(Linux)编辑/ etc / sysconfig / sendmail并将“DAEMON”设置修改为:
DAEMON=no
This change will require sendmail to be restarted. 此更改将要求重新启动sendmail。
解决方案2
5 2008-09-04 15:11:39
http://www.elandsys.com/resources/sendmail/smarthost.html http://www.elandsys.com/resources/sendmail/smarthost.html
Sendmail Smarthost
A smarthost is a host through which outgoing mail is relayed.
Read the linked article for instruction for how to set this up. 阅读链接文章,了解如何进行设置。
解决方案3
3 2008-09-04 15:30:32
@Espo: Thanks for the great advice on where to start. @Espo:感谢您从何处着手。 Your link would have been better if I had been configuring sendmail for its first use instead of taking an existing configuration and making this small change. 如果我第一次使用sendmail而不是采用现有配置并进行这一小改动,那么你的链接会更好。 However, once I knew to look for stuff on "SmartHost", I found an easier way. 然而,一旦我知道在“SmartHost”上寻找东西,我就找到了一种更简单的方法。
All I had to do was edit my /etc/mail/sendmail.cf file to change 我所要做的就是编辑我的/etc/mail/sendmail.cf文件进行更改
DS
to 至
DSmailrelay.example.com
then restart sendmail and it worked. 然后重新启动sendmail,它工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.