Routing outbound mail through secondary IP address

I have a box that's multi-homed, with several IP addresses.

For mail that is passing through the machine, I'm having no problems
with DAEMON_OPTIONS (via use of M=bh) to ensure that messages submitted
on one of the secondary domains are showing the domain and IP address
used for submission (rather than the primary domain and IP address).

However, I'm having problems figuring out how to make this
differentiation locally.

I have one application that runs on a secondary domain, and needs to be
configured to send outbound mail, where there's no reference to the
primary/default domain. Essentially, that's invoking sendmail from a
command prompt.

If I invoke sendmail with -Mjseconddomain.com that's getting me
messages that are delivered that show the second domain in the
Return-Path: and the Message-Id:, but the messages are still showing the
primary IP address, and Received: headers are showing entries from both
the secondary IP address, then the primary IP address, and when the
remote server is receiving the message, that's adding a Received: that
shows the primary domain (and presumably that my server has sent a HELO
with the primary domain).

What setting do I need to submit and then relay from the secondary domain?

Smith

Re: Routing outbound mail through secondary IP address

"NFN Smith" wrote in message
news:0NsYi.921$ck5.867@newsfe09.phx...
> I have a box that's multi-homed, with several IP addresses.
>
> For mail that is passing through the machine, I'm having no problems
> with DAEMON_OPTIONS (via use of M=bh) to ensure that messages submitted
> on one of the secondary domains are showing the domain and IP address
> used for submission (rather than the primary domain and IP address).
>
> However, I'm having problems figuring out how to make this
> differentiation locally.
>
> I have one application that runs on a secondary domain, and needs to be
> configured to send outbound mail, where there's no reference to the
> primary/default domain. Essentially, that's invoking sendmail from a
> command prompt.
>
> If I invoke sendmail with -Mjseconddomain.com that's getting me
> messages that are delivered that show the second domain in the
> Return-Path: and the Message-Id:, but the messages are still showing the
> primary IP address, and Received: headers are showing entries from both
> the secondary IP address, then the primary IP address, and when the
> remote server is receiving the message, that's adding a Received: that
> shows the primary domain (and presumably that my server has sent a HELO
> with the primary domain).
>
> What setting do I need to submit and then relay from the secondary domain?

1) For the received header, you need to define your own version of the
_REC_BY_ macro field. You will need to replace $j with ${if_name}.
2) Submit the message by using the IP (or name) of the domain instead of
allowing it to go to through 127.0.0.1 or the command line interface.

Warning: If you also have IPv6, watch out for the problem that M=b can
cause should there be messages forwarded through your box that come in via
IPv6 but can't be delivered further because the forwarded destination is
IPv4 only.

Re: Routing outbound mail through secondary IP address

D. Stussy wrote:

>>
>> What setting do I need to submit and then relay from the secondary domain?
>
> 1) For the received header, you need to define your own version of the
> _REC_BY_ macro field. You will need to replace $j with ${if_name}.

OK, that should be fine.

> 2) Submit the message by using the IP (or name) of the domain instead of
> allowing it to go to through 127.0.0.1 or the command line interface.
>

Right. That's what I'm trying to do. I should have been more specific
in my request -- what specific macro do I need for that one? I've
${daemon_addr}a.b.c.d and that's not getting me what I want.

> Warning: If you also have IPv6, watch out for the problem that M=b can
> cause should there be messages forwarded through your box that come in via
> IPv6 but can't be delivered further because the forwarded destination is
> IPv4 only.
>

Good to know about, although I'm only doing IPv4.

Thanks.

Smith

Re: Routing outbound mail through secondary IP address

Following up on my own post:

NFN Smith wrote:
> D. Stussy wrote:
>
>>> What setting do I need to submit and then relay from the secondary domain?
>> 1) For the received header, you need to define your own version of the
>> _REC_BY_ macro field. You will need to replace $j with ${if_name}.
>
> OK, that should be fine.
>
>> 2) Submit the message by using the IP (or name) of the domain instead of
>> allowing it to go to through 127.0.0.1 or the command line interface.
>>
>
> Right. That's what I'm trying to do. I should have been more specific
> in my request -- what specific macro do I need for that one? I've
> ${daemon_addr}a.b.c.d and that's not getting me what I want.

I'm still struggling here, having spent a bunch of time with
GoogleGroups, sendmail.org pages and the Bat Book.

Specifically -- how do I specify the IP address (or domain) that I'm
using, when submitting locally?

Smith

Re: Routing outbound mail through secondary IP address

NFN Smith writes:

> I have a box that's multi-homed, with several IP addresses.
>
> For mail that is passing through the machine, I'm having no problems
> with DAEMON_OPTIONS (via use of M=bh) to ensure that messages
> submitted on one of the secondary domains are showing the domain and
> IP address used for submission (rather than the primary domain and IP
> address).
>
> However, I'm having problems figuring out how to make this
> differentiation locally.
>
> I have one application that runs on a secondary domain, and needs to
> be configured to send outbound mail, where there's no reference to the
> primary/default domain. Essentially, that's invoking sendmail from a
> command prompt.
>
> If I invoke sendmail with -Mjseconddomain.com that's getting me
> messages that are delivered that show the second domain in the
> Return-Path: and the Message-Id:, but the messages are still showing
> the primary IP address, and Received: headers are showing entries from
> both the secondary IP address, then the primary IP address, and when
> the remote server is receiving the message, that's adding a Received:
> that shows the primary domain (and presumably that my server has sent
> a HELO with the primary domain).
>
> What setting do I need to submit and then relay from the secondary domain?

Have you considered using SGID "sendmail wrapper" script making sendmail
use non default submit.cf?
It should allow you to define in submit-seconddomain.cf:
* $j (this host name)
* IP address of interface of seconddomain.com to use by MSA for
submission to local MTA
FEATURE(`msp', `[aaa.bbb.ccc.ddd]')dnl

OR if you are brave and ready to be an alpha tester:
msp.mc may be modified to allow setting $j and ${MTAHost} based on UID
(taken from $_) of user submitting the message
[default settings + "exceptions table"]

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Open-Sendmail: http://open-sendmail.sourceforge.net/

Re: Routing outbound mail through secondary IP address

Andrzej Adam Filip wrote:

>> What setting do I need to submit and then relay from the secondary domain?
>
> Have you considered using SGID "sendmail wrapper" script making sendmail
> use non default submit.cf?
> It should allow you to define in submit-seconddomain.cf:
> * $j (this host name)
> * IP address of interface of seconddomain.com to use by MSA for
> submission to local MTA
> FEATURE(`msp', `[aaa.bbb.ccc.ddd]')dnl

Ah! That makes sense. In fact, I had forgotten that I'm already
partially doing this with normal options. In my submit.mc, I'm doing:

> FEATURE(`msp', esyscmd(hostname | awk '{print "["$1"]"}' | tr -d
'\012'))dnl

Perhaps a big kludgy, but it works well for me in handling mail on a
server with multiple domains.

The one thing I'm missing now is simply -- how do I specify a
non-default submit.mc file from the command line?


>
> OR if you are brave and ready to be an alpha tester:
> msp.mc may be modified to allow setting $j and ${MTAHost} based on UID
> (taken from $_) of user submitting the message
> [default settings + "exceptions table"]
>

A little more "bleeding edge" than I need for this one... :-)

Thanks.

Smith

Re: Routing outbound mail through secondary IP address [about bleeding edges]

NFN Smith writes:

> Andrzej Adam Filip wrote:
>> [...]
>> OR if you are brave and ready to be an alpha tester:
>> msp.mc may be modified to allow setting $j and ${MTAHost} based on UID
>> (taken from $_) of user submitting the message [default settings +
>> "exceptions table"]
>>
>
> A little more "bleeding edge" than I need for this one... :-)

[ Setting $j may be more tricky than I had thought. ]

Have you ever heard phrase "A piece of great work needed by nobody"?
Kawał solidnej, nikomu niepotrzebnej roboty.
I have heard it enough times to ask *first* ;-)

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Open-Sendmail: http://open-sendmail.sourceforge.net/

Re: Routing outbound mail through secondary IP address

NFN Smith wrote:

>
> The one thing I'm missing now is simply -- how do I specify a
> non-default submit.mc file from the command line?


I'm still missing this one...

Thanks

Smith

Re: Routing outbound mail through secondary IP address

NFN Smith writes:

> NFN Smith wrote:
>
>>
>> The one thing I'm missing now is simply -- how do I specify a
>> non-default submit.mc file from the command line?
>
> I'm still missing this one...

sendmail -C /.../submit-2.cf

*BUT*
AFAIK -C is "unsafe" so sendmail will refuse to change group id
=> you may use special "SGID wrapper script" or trivial C program



chown root:smmsp _script_path_
chmod 2555 _script_path_

P.S.
Exim offers selecting configuration file based on executing user_id
Know your "competitors"! ;-)

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl
Open-Sendmail: http://open-sendmail.sourceforge.net/