Hiding hostnames in mail-headers
2007-12-25 7:21:00
Yesterday I've asked about setting up mailing so that the real machine
a mail comes from will be hidden to the outside world. Here's my original
question:
# I'm about to set up mailing in one of our sub-domains. What I want to
# end with is the following:
#
# Mail should be adressed to <user>@<domain>, instead of <user>@<host>.
#
# An example:
#
# User 'joe' works at machine 'ws1.edvz.univie.ac.at'. However this fact
# should be hidden from the outside world; i.e. somewone should be able
# to address mail to "joe@edvz.univie.ac.at" or even "joe@univie.ac.at".
# Naturally mail should finally arrive at 'joe' on his machine
# 'ws1.edvz.univie.ac.at". When joe replies to the mail it should appear
# to the recipient as if it came from "joe@edvz.univie.ac.at" not
# "joe@ws1.edvz.univie.ac.at".
#
# I've seen numerous examples of such mail-addresses in the past. Does anybody
# out there have an idea how to get that working?
#
# Are modifications necessary in the nameserver (MX-records)? Or should
# changes be done to the senmail-config?
#
# This all should work under SunOS 4.1.1.
#
Basically there seem to be two solutions:
You may either include a 'Reply-To:'-line in your mail-header. However in the
'From:'-field there will still be the real machine the mail came from.
The second approach is to change the sendmail-configuration (e.g. rewriting
rules); details following.
THANKS VERY MUCH TO ALL WHO REPLIED -- AND THAT YOU'VE DONE IT SO
QUICKLY!! It's a real great list!
Ewald JENISCH NIC-Handle: EJ51
University Computer Center; University of Vienna, Austria
E-Mail: z00ejr01@awiuni11.bitnet or z00ejr01@helios.edvz.univie.ac.at
Snail-Mail: Universitaetsstrasse 7; A-1010 Vienna, Austria, Europe
------------------------------ < Cut here > ------------------------------
Russell Mosemann (mosemann@unl.edu):
I don't think you should mess with where the mail came from. If you
want the reply to go to a certain place, like the domain, then you
should include a Reply-To: line in the mail header. Current mailers
should recognize it and send mail to that address when someone does a
'r'eply. I use this in my mail header.
Since a machine will not have the same name as the domain, you will
need to put MX records in the name server for that machine to receive
the mail. On the mail gateway, either that person needs to have an
account (and a .forward) or he needs to be in the alias list with the
machine where he wants to receive mail.
You can change the sendmail.cf on the mail gateway so that it appears
that mail came from the domain if mail is sent from that machine.
However, I don't think you want to do that on all the other computers
which send mail out.
------------------------------ < Cut here > ------------------------------
Michael Helm (mike@fionn.lbl.gov):
Just a few ideas, you'll probably get much better ones...
For inbound mail, it would be a good idea to have a real machine
at DOMAIN.this.that, because there are still many machines out there
that aren't set up to use MX records. If you have a machine set up
this way, the mail will still go thru (this machine may have to
deal with extra aliases &c, tho).
For outbound mail, you need rewriting rules to get rid of the
host name in sendmail.cf. I suggest you use the Sun default
setup wherever possible, where workstation mail is forwarded to
"mailhost" for delivery, & gets "mailhosts" name in its headers.
See the 4.1.1 administrator manual for details. You can adapt
this setup for situations where it isn't automatically applied
(I believe that if a workstation NFS-mounts its mail spool area,
workstation mail is forwarded, & I think this comes out of the
default setup).
------------------------------ < Cut here > ------------------------------
VINCE@UCONNVM:
I had to fight to get this for my subnet, but it is not hard to do.
Basically you just need to have domainanme in the Cm macro.
For example, we have in sendmail.cf
Dm cc.math.uconn.edu
Cm math.uconn.edu math
and this allows you to receive mail addressed to your domain.
You can also hide hosts in From: in outgoing mail. Now the hard part
is to get your hosts to send mail addressed to user@domain to send it to you.
I don't know how to do this. Please let me know if you find out.
For us, it only works from some machines, not others.
------------------------------ < Cut here > ------------------------------
Kevin Sheehan (synergy!kevin@Sun.COM):
Why don't you send mail to Postmaster@Sun.COM and ask them for the
details of how they do it? Addresses from within Sun are rewritten to
come from one of the subdomains within sun, and lose the machine name.
They are also switching to First.Lastname on the outgoing mail to hid
login ids as well.
------------------------------ < Cut here > ------------------------------
Joe Young <jfy@cis.ksu.edu>:
The way I implemented hiding department hosts was expanding our set of
aliases to include every user in our department, each alias pointing to
the machine on which the person sent mail. Then in our sendmail configuration
for outgoing mail we rewrite the sender's From: address, if the mail originated
on the local machine (ie. only a username) with rules like the following:
R$*<@$+>$* $@$1<@$2>$3
R$+ $@$1<@$B.$C> # where $B="cis" and $C="ksu.edu"
The greatest headache about doing things this way, is making sure that the
alias files on all the machines are consistent and up to date.
Comments
Got something to say?
You must be logged in to post a comment.
