# Sendmail not taking envelope from address

## chroweb

I'm trying to setup sendmail so that it'll relay from the local machine to my mail server. The problem is that I can't send mail as a specified user. I want to send as user "someuser" but my logged in user is being forced on the from line. My user is "sc" and I want to send as "someuser@company.com" but it keeps overriding it. Here's how I'm trying to send mail:

(Please note that company.com, someuser and sc are all made up. The mail server at mail.company.com is correctly setup and it's FQDN is valid as well as the reverse lookups. The IP 10.0.0.1 is not the real mailserver IP. All logs and so on have been edited as such.)

```

sc@localhost ~# /usr/sbin/sendmail -t -oi  <<EOF

> From: someuser@company.com

> To: testaccount@company.com

> Subject: test 123

>

> This is a test

>

> EOF

```

Now, in this packet dump, notice it tries to send as "sc@company.com"... I got that working by messing with sendmail.mc and adding a MASQUERADE command, it used to be from someuser@localhost.localdomain. Now, sc isn't a real user on the server I'm relaying at (company.com)... which is why in my compose I put "from: someuser@company.com".

Here is a packet dump of the local machine to the mailserver:

```

SMTP Response: 220 company.com ESMTP CommuniGate Pro 4.1.8 is glad to see you!

SMTP Command: EHLO localhost.localdomain

SMTP Response: 250-dhcp.company.com host name is unknown localhost.localdomain

SMTP Command: MAIL From:<someuser@company.com> SIZE=539

SMTP Response: 573 sc@company.com unknown user account

SMTP Command: QUIT

SMTP Response: 221 company.com CommuniGate Pro SMTP closing connection

```

Here is the relevant stuff from /var/log/maillog:

```

Jul 30 10:24:50 localhost sendmail[6990]: j6UHOo1O006990: from=<sc@localhost.localdomain>, size=324, class=0, nrcpts=1, msgid=<200507301724.j6UHOobH006989@localhost.localdomain>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]

Jul 30 10:24:50 localhost sendmail[6989]: j6UHOobH006989: to=testaccount@company.com, ctladdr=sc (500/500), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30091, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (j6UHOo1O006990 Message accepted for delivery)

Jul 30 10:24:52 localhost sendmail[6992]: ruleset=try_tls, arg1=mail.company.com, relay=mail.company.com, reject=550 5.7.1 <testaccount@company.com>... do not try TLS with mail.company.com [10.0.0.1]

Jul 30 10:24:52 localhost sendmail[6992]: j6UHOo1O006990: to=<testaccount@company.com>, ctladdr=<sc@localhost.localdomain> (500/500), delay=00:00:02, xdelay=00:00:02, mailer=relay, pri=120324, relay=mail.company.com. [10.0.0.1], dsn=5.0.0, stat=Service unavailable

Jul 30 10:24:52 localhost sendmail[6992]: j6UHOo1O006990: forward /home/sc/.forward.localhost: World writable directory

Jul 30 10:24:52 localhost sendmail[6992]: j6UHOo1O006990: forward /home/sc/.forward: World writable directory

Jul 30 10:24:52 localhost sendmail[6992]: j6UHOo1O006990: j6UHOq1O006992: DSN: Service unavailable

Jul 30 10:24:52 localhost sendmail[6992]: j6UHOq1O006992: to=<sc@localhost.localdomain>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31563, dsn=2.0.0, stat=Sent

```

Here is the /etc/mail/sendmail.mc:

```

divert(-1)dnl

dnl #

dnl # This is the sendmail macro config file for m4. If you make changes to

dnl # /etc/mail/sendmail.mc, you will need to regenerate the

dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is

dnl # installed and then performing a

dnl #

dnl #     make -C /etc/mail

dnl #

include(`/usr/share/sendmail-cf/m4/cf.m4')dnl

VERSIONID(`setup for Red Hat Linux')dnl

OSTYPE(`linux')dnl

dnl #

dnl # default logging level is 9, you might want to set it higher to

dnl # debug the configuration

dnl #

dnl define(`confLOG_LEVEL', `9')dnl

dnl #

dnl # Uncomment and edit the following line if your outgoing mail needs to

dnl # be sent out through an external mail server:

dnl #

define(`SMART_HOST',`mail.company.com')

dnl #

define(`confDEF_USER_ID',``8:12'')dnl

dnl define(`confAUTO_REBUILD')dnl

define(`confTO_CONNECT', `1m')dnl

define(`confTRY_NULL_MX_LIST',true)dnl

define(`confDONT_PROBE_INTERFACES',true)dnl

define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl

define(`ALIAS_FILE', `/etc/aliases')dnl

define(`STATUS_FILE', `/var/log/mail/statistics')dnl

define(`UUCP_MAILER_MAX', `2000000')dnl

define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl

define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl

define(`confAUTH_OPTIONS', `A')dnl

dnl #

dnl # The following allows relaying if the user authenticates, and disallows

dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links

dnl #

dnl define(`confAUTH_OPTIONS', `A p')dnl

dnl #

dnl # PLAIN is the preferred plaintext authentication method and used by

dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do

dnl # use LOGIN. Other mechanisms should be used if the connection is not

dnl # guaranteed secure.

dnl # Please remember that saslauthd needs to be running for AUTH.

dnl #

dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

dnl #

dnl # Rudimentary information on creating certificates for sendmail TLS:

dnl #     cd /usr/share/ssl/certs; make sendmail.pem

dnl # Complete usage:

dnl #     make -C /usr/share/ssl/certs usage

dnl #

dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')

dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')

dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')

dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')

dnl #

dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's

dnl # slapd, which requires the file to be readble by group ldap

dnl #

dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl

dnl #

dnl define(`confTO_QUEUEWARN', `4h')dnl

dnl define(`confTO_QUEUERETURN', `5d')dnl

dnl define(`confQUEUE_LA', `12')dnl

dnl define(`confREFUSE_LA', `18')dnl

define(`confTO_IDENT', `0')dnl

dnl FEATURE(delay_checks)dnl

FEATURE(`no_default_msa',`dnl')dnl

FEATURE(`smrsh',`/usr/sbin/smrsh')dnl

FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl

FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl

FEATURE(redirect)dnl

dnl FEATURE(always_add_domain)dnl

FEATURE(use_cw_file)dnl

FEATURE(use_ct_file)dnl

dnl #

dnl # The following limits the number of processes sendmail can fork to accept

dnl # incoming messages or process its message queues to 12.) sendmail refuses

dnl # to accept connections once it has reached its quota of child processes.

dnl #

dnl define(`confMAX_DAEMON_CHILDREN', 12)dnl

dnl #

dnl # Limits the number of new connections per second. This caps the overhead

dnl # incurred due to forking new sendmail processes. May be useful against

dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address

dnl # limit would be useful but is not available as an option at this writing.)

dnl #

dnl define(`confCONNECTION_RATE_THROTTLE', 3)dnl

dnl #

dnl # The -t option will retry delivery if e.g. the user runs over his quota.

dnl #

FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl

FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl

FEATURE(`blacklist_recipients')dnl

EXPOSED_USER(`root')dnl

dnl #

dnl # The following causes sendmail to only listen on the IPv4 loopback address

dnl # 127.0.0.1 and not on any other network devices. Remove the loopback

dnl # address restriction to accept email from the internet or intranet.

dnl #

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

dnl #

dnl # The following causes sendmail to additionally listen to port 587 for

dnl # mail from MUAs that authenticate. Roaming users who can't reach their

dnl # preferred sendmail daemon due to port 25 being blocked or redirected find

dnl # this useful.

dnl #

dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl

dnl #

dnl # The following causes sendmail to additionally listen to port 465, but

dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed

dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't

dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS

dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps

dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.

dnl #

dnl # For this to work your OpenSSL certificates must be configured.

dnl #

dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

dnl #

dnl # The following causes sendmail to additionally listen on the IPv6 loopback

dnl # device. Remove the loopback address restriction listen to the network.

dnl #

dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl

dnl #

dnl # enable both ipv6 and ipv4 in sendmail:

dnl #

dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')

dnl #

dnl # We strongly recommend not accepting unresolvable domains if you want to

dnl # protect yourself from spam. However, the laptop and users on computers

dnl # that do not have 24x7 DNS do need this.

dnl #

FEATURE(`accept_unresolvable_domains')dnl

dnl #

dnl FEATURE(`relay_based_on_MX')dnl

dnl #

dnl # Also accept email sent to "localhost.localdomain" as local email.

dnl #

LOCAL_DOMAIN(`localhost.localdomain')dnl

dnl #

dnl # The following example makes mail from this host and any additional

dnl # specified domains appear to be sent from mydomain.com

dnl #

MASQUERADE_AS(`company.com')dnl

dnl #

dnl # masquerade not just the headers, but the envelope as well

dnl #

FEATURE(masquerade_envelope)dnl

dnl #

dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well

dnl #

FEATURE(masquerade_entire_domain)dnl

dnl #

MASQUERADE_DOMAIN(localhost)dnl

MASQUERADE_DOMAIN(localhost.localdomain)dnl

dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl

dnl MASQUERADE_DOMAIN(mydomain.lan)dnl

MAILER(smtp)dnl

MAILER(procmail)dnl

```

Any pointers would be welcome. Thanks in advance.

----------

## Pete M

chroweb try this

Add these lines to sendmail.mc

```
FEATURE(`genericstable',`hash -o /etc/mail/genericstable.db')dnl

GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl
```

Put them here

```
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl

FEATURE(redirect)dnl

dnl FEATURE(always_add_domain)dnl

FEATURE(use_cw_file)dnl

FEATURE(use_ct_file)dnl

FEATURE(`genericstable',`hash -o /etc/mail/genericstable.db')dnl

GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl
```

Create  /etc/mail/generics-domains file

Add to it

```
company.com
```

Create  /etc/mail/genericstable file

Add to it

```
sc     someuser@company.com
```

Generate a genericstable.db with this command

```
/usr/sbin/makemap hash /etc/mail/genericstable.db < /etc/mail/genericstable
```

Generate sendmail.cf, I assume you know how to do this

Restart Sendmail

Now mail sent from "sc@company.com" should arrive as "someuser@company.com"

Pete

----------

## chroweb

Hey, thanks for the information!

Unfortunately sendmail is still doing the same thing. Is there a command you can run to see what translations are going on?

----------

## Pete M

chroweb

All you can do is up the log level in sendmail.mc

```
define(`confLOG_LEVEL', `15')dnl
```

The machine you are on does'nt have a FQDN try adding

```
localhost.localdomain
```

To /etc/mail/generics-domains

and

```
sc     someuser@localhost.localdomain 
```

To  /etc/mail/genericstable file

Then the MASQUERADE_AS(`company.com')dnl should change the domain name

Don't forget to generate "genericstable.db" and "sendmail.cf"

After looking more closely at your log you also need to change the permissions on /home/sc/.forward.localhost and /home/sc/.forward

Sorry I can't give you a definate answer still learning sendmail myself

Pete

----------

## chroweb

 *Pete M wrote:*   

> chroweb
> 
> The machine you are on does'nt have a FQDN try adding
> 
> ```
> ...

 

That did it. Thanks a lot for your help.  :)

----------

## Pete M

chroweb

Now we've both learn't something new about sendmail

Glad it helped

Pete

----------

