BrianFrance.com

Home: Software : Sendmail


I figured out how to get Sendmail to use Postgres to read ALL of it configuration information.

It is also configured to support Milters, TLS, SASL authentication (via Postgres of course) and supports not having user accounts on the machine.

Original patches are from Blue Lab's. I tried to contact them about bug fixes and minor changes to support the local-host-names file, but never heard back.
For more information on Blue Lab's visit their web site: http://blue-labs.org/software/sm-pgsql/

Here is how I did it:
  • openssl-0.9.x
  • cyrus-sasl-2.x
  • sendmail-8.13.x
  • postgresql-7.x
1) SASL support via cyrus-sasl version 2.x
   ./configure --with-pgsql --enable-sql --enable-login

   /usr/lib/sasl2/Sendmail.conf
     log_level: 7
     pwcheck_method: auxprop
     auxprop_plugin: sql
     sql_engine: pgsql
     sql_user: [db_user]
     sql_passwd: [db_password]
     sql_hostnames: [db_host]:[db_port]
     sql_database: [db_name]
     sql_statement: SELECT [password_field] FROM [table_name] WHERE [domain_field]='%r' and [username_field] ='%u'
     sql_verbose: true
2) Database - Postgres
   You will need to enable plpgsql on the database you are using for the sendmail configuration data:
     createlang -U postgres plpgsql [db_name]

    Load the table:
      psql [db_name] < schema.txt

    This file doesn't have any user restrictions setup.
    Please review and make security changes as needed.
3) Sendmail
    This patch was build using sendmail 8.13.2.  This is the Blue Labs patch with a few changes:
      1) Bug fix in the pgsql_map_lookup code (off by one buffer over run fix)
      2) Added support for query results larger than MAXNAME for local-host-names support
      3) Escapes input string because it is user data
      4) Bug fix in the pgsql_map_lookup code (memory leak)

    From within the sendmail directory (email if you are interested in the patch):
      patch -p0 < bjf.patch 

   Edit your devtools/Site/site.config.m4 file and add the needed lines from pgsql-build.mc file.
     make

   Generate your sendmail.cf file and add the needed lines from pgsql-config.mc file.
     cd cf/cf
     edit generic-[platform].mc
     make generic-[platform].cf
Add/Edit/Removing information from the database will update sendmail immediately, but if you Add/Edit/Remove anything from the hostnamestable you will need to HUP or restart sendmail. This is the only table that is loaded at start up and is static, everything else is dynamic (on the fly) lookups.

Here are some helpful .mc commands.

The command below will force a domain on incoming "rctp to" address (still allows postmaster and <>).
If you don't want your sendmail listening on 587, then just remove the second DAEMON_OPTIONS line.

define(`_REQUIRE_QUAL_RCPT_')

FEATURE(no_default_msa)
DAEMON_OPTIONS(`M=r')
DAEMON_OPTIONS(`Port=587, Name=MSA, M=Er')


© 2001-2017 Brian J. France, All Rights Reserved. brian@brianfrance.com