Appreciate life and record it

SendMail

 1133  3    
SendMail

SendMail

介绍

sendmail于1983年Eric Allman随BSD4.1c首次发行, sendmail的配置复杂度较高,后来 逐渐被postfix, microsoft exchange server, exim等替代

配置 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

rpm -ql sendmail|grep etc
/etc/NetworkManager/dispatcher.d/10-sendmail
/etc/mail
/etc/mail/Makefile
/etc/mail/access
/etc/mail/access.db
/etc/mail/aliasesdb-stamp
/etc/mail/domaintable
/etc/mail/domaintable.db
/etc/mail/helpfile
/etc/mail/local-host-names
/etc/mail/mailertable
/etc/mail/mailertable.db
/etc/mail/make
/etc/mail/sendmail.cf
/etc/mail/sendmail.mc
/etc/mail/submit.cf
/etc/mail/submit.mc
/etc/mail/trusted-users
/etc/mail/virtusertable
/etc/mail/virtusertable.db
/etc/pam.d/smtp
/etc/pam.d/smtp.sendmail
/etc/sasl2/Sendmail.conf
/etc/smrsh
/etc/sysconfig/sendmail

rpm看下,sendmail的相关配置主要位于/etc/mail文件夹里面 简单看了下,基本上是一些宏来设定变量,配置确实相对比较杂乱,而且官网目前都无法访问 不过rpm -ql sendmail的时候还看到了一些readme文档,大家一般下载完就可以打开看下,也许 只是因为配置文件比较开放,所以可定制化的东西更多呢

1
2
3
4
5
6
7

[root@cf-prod-ops mail]# rpm -ql sendmail|grep -i doc
/usr/share/doc/sendmail-8.14.7
/usr/share/doc/sendmail-8.14.7/FAQ
/usr/share/doc/sendmail-8.14.7/KNOWNBUGS
/usr/share/doc/sendmail-8.14.7/LICENSE
/usr/share/doc/sendmail-8.14.7/README
/usr/share/doc/sendmail-8.14.7/RELEASE_NOTES.gz

查看FAQ和README,README的建议如下

  1. The vast majority of queries about sendmail are answered in the README files noted below.
  2. Read this README file, especially this introduction, and the DIRECTORY PERMISSIONS sections.
  3. Read the INSTALL file in this directory.

  4. Read sendmail/README, especially:

    1. the introduction
    2. the BUILDING SENDMAIL section
    3. the relevant part(s) of the OPERATING SYSTEM AND COMPILE QUIRKS section

    You may also find these useful:

    1. sendmail/SECURITY
    2. devtools/README
    3. devtools/Site/README
    4. libmilter/README
    5. mail.local/README
    6. smrsh/README

说明sendmail的readme介绍部分,build生成文件部分,和操作系统相关的部分 sendmail的安全文档 mail.local相关,smrsh,cf/README等等

配置允许relay的地址/etc/mail/access 

1
2
3
4

liuliancao.com                550 We do not accept mail from liuliancao
another.source.of.spam          REJECT
blog.liu.com   OK
192.168.10.32                          RELAY

改完以后需要在/etc/mail里面执行make更新数据库

配置local-host-names

这里就是邮件服务对应的域名配置,比如

1
2

liuliancao.com
mail.liuliancao.com

配置虚拟用户

当用户不存在的时候或者需要映射的时候

1
2
3
4
5
6
7
8
9

# A domain-specific form of aliasing, allowing multiple virtual domains to be
# hosted on one machine.
#
# info@foo.com  foo-info # 发给info@foo.com的转到local user的foo-info
# info@bar.com  bar-info # 发给info@bar.com的转到local user的bar-info
# joe@bar.com   error:nouser 550 No such user here # 发给joe@bar.com的返回没有这个用户
# jax@bar.com   error:5.7.0:550 Address invalid # 发给jax@bar.com的返回error 500, 地址非法
# @baz.org      jane@liuliancao.com # 发给baz.org的都发给 jane@liuliancao.com
# @foo.org      %1@liuliancao.com # 发给foo.org的都变成发到liuliancao.com

比如发给谁对应变成谁,返回550和额外信息等

解决实际问题

部署prometehus监控的时候发现

1
2

Sep 23 16:30:26 xxx sendmail[11498]: 18M9Ln79004292: to=<xxx@xxx.com>, delay=23:08:37,
xdelay=00:00:00, mailer=esmtp, pri=2200090, relay=mx3.qiye.aliyun.com., dsn=4.0.0, stat=Deferred: Connection timed out with mx3.qiye.aliyun.com.

这里需要分析下是timeout,sendmail认为应该访问对应的dns域名的MX记录,但实际确实timeout,如果发信应该访问smtp对应域名才对哈,这里我不是很确认 由于时间问题我还是计划切到postfix上面,配置smtp、ssl等会更方便一点 Postfix