Speed-up update for Sendmail

Speed-up update of Sendmail-Linux Enterprise Application-Linux server application information. For details, refer to the following section. As a mail service software, Sendmail has always been widely used by IT manufacturers. However, Since Sendmail was designed to provide users with mail sending and receiving services, network security has not been taken too much into consideration. Therefore, this will provide an opportunity for cyber hackers to attack others' email servers in the future, which we usually call "Email Forwarding ".

Email hackers exploit the Sendmail vulnerability to send their personal emails to their destinations through others' email servers without the SMTP fortification vulnerability on some servers to satisfy their own desires; furthermore, the use of others' email servers to send "spam" to any external address is not only causing huge losses to others' network maintenance, it also brings inconvenience to the receiver.

As Sendmail has always been a standard background process of the mail server and adopted by the majority of server manufacturers, at this stage, we want to use other software to replace Sendmail as the mail service, it seems that it is difficult to get close to thirst. It is imperative to upgrade Sendmail to prevent "Email Forwarding.

In view of the limited space, we will only describe the implementation of Sendmail. For details about the principles of Sendmail, please refer to the relevant documentation.

1. Obtain Sendmail

Generally, you can upgrade sendmail to sendmail.8.9.3 to prevent the email server from forwarding.

TIPS: Go to the latest sendmail version at the following WWW or FTP sites:

Http://www.sendmail.org

Ftp://ftp.ncic.ac.cn

Ftp://ftp.pku.ac.cn

Ftp://ftp.tsinghua.edu.cn

The source code file of sendmail is sendmail..8.9.3.tar.gz.

After sending sendmail.8.9.3.tar.gz, You Can unpackage the file using the gunzip and tar commands.

Ii. Generate Sendmail

This is an important step in the sendmail upgrade process. It will generate the sendmail executable file.

1. Go to the/src directory under the current directory and edit the Makefile. m4 file.

Set: MAPDEF = ifdef ('confmapdef ', 'confmapdef ')

Change to: MAPDEF = ifdef ('confmapdef ', 'confmapdef', 'ndbm ')

2. Run./Build in the/src directory to compile.

TIPS: during compilation, the following prompt message may appear: sh groff not found.

You can comment out the groff lines in the Makefile. m4 file:

# NROFF = ifdef ('confnroff', 'confnroff', 'groff-tascii ')

To install the compilation result directly to the default directory, you can run the following command:

./Build install.

If gcc not found or cc not found occurs, you can perform the following soft connection in/usr/bin:

Actual location of ln-s/usr/bin/gcc, or actual location of ln-s/usr/bin/cc.

If the above information still appears, you need to reinstall the gcc or cc compiler.

3. Generate the configuration file sendmail. cf

1. Go to the cf/cf directory under the sendmail-8.9.3 directory and edit the tcpproto. mc file:

Source code:

Divert (0) dnl

VERSIONID ('@ tcpproto. mc 8.10 (Berkeley) 5/19/1998 ')

OSTYPE (* Your OS Type)

DOMAIN (* Your Domain Name)

FEATURE (access_db, dbm-o/etc/mail/access)

FEATURE (blacklist_recipients)

FEATURE (nouucp)

MAILER (local)

MAILER (smtp)

TIPS: Enter "Your system Type" (for example, solaris2) in * Your OS Type, which can be found in the/cf/ostype directory under the sendmail-8.9.3 directory.

Enter Your Domain Name in the * Your Domain Name field and enclose it in single quotes (for example, 'cstnet .net.cn ')

The FEATURE (blacklist_recipients) can also be omitted.

2. Go to the cf/domain directory under the sendmail-8.9.3 directory and rename the file "generic. m4" to "your domain name. m4" (for example: cstnet.net.cn. m4 ).

3. compile and generate the sendmail. cf file with m4. Run the following command in the sendmail-8.9.3/cf Directory: m4 ../m4/cf. m4 tcpproto. mc> sendmail. cf should not cause any error during m4 compilation.

4. restart sendmail

Before restarting sendmail, you need to do some configuration work:

1. Check whether the sendmail. cw and aliases files exist in the/etc directory. If not, create the two files: touch/etc/sendmail. cw/etc/aliases

2. check whether the/etc/mail directory exists. If not, create this directory and create a text file access under this directory. This file is very important, it is used to control the IP addresses that can be used to send emails from this email server. This file will be described later.

3. In the sendmail-8.9.3/makemap directory, run./Build, at this time in the current directory will generate a obj. xxx directory, under this directory, has generated the makemap executable file.

TIPS: at this time, you can make a soft connection to makemap under/usr/bin for future use: actual location of Ln-s/usr/bin/makemap

4. Next, we will describe the format of the access File: explanation on the left and right
Explanation on the left
159.226.8.5 the RELAY must be in uppercase, indicating that the 159.226.8.5 host is allowed to send and receive emails through this email server. Other IP addresses are in the same format.
159.226.8 RELAY must be capitalized, indicating that the 159.226.8 C can send and receive emails through the mail server. The format of other network segments is the same.
* The aaa@cstnet.net.cn OK, relay OK, or RELAY must be capitalized to allow the aaa@cstnet.net.cn to send and receive messages through this mail server.
* @ Cstnet.net.cn OK, relay OK, or RELAY must be capitalized, indicating that the domain name cstnet.net.cn is allowed to send and receive emails through this email server.
Note: The * format is often not valid during the actual upgrade process. In general, do not use it.

TIPS: In the m4 compilation project, the prompt message "m4 not found" may appear. In this case, enter the complete m4 path (for example,/usr/bin/m4 .. /m4/cf. m4 tcpproto. mc> sendmail. cf.

If m4 is not found, you need to reinstall the m4 compiler.

In this case, you can copy the generated sendmail. cf file to the/etc directory for future use.

5. Use makemap (as mentioned above) to generate a library file using the text file/etc/mail/access:

Makemap dbm/etc/mail/access
After running, the access. dir and access. pag library files will be generated under the/etc/mail/directory.

6. Start Sendmail.

Run:/usr/lib/sendmail-bd-q15m

If sendmail is in the default directory, run sendmail-bd-q15m.

If sendmail. cf is no longer in the default directory, run:/usr/lib/sendmail-bd-q15m-C "actual location of sendmail. cf ".

5. upgrade and maintenance

When you need to add/delete some users and allow/prohibit them from forwarding emails through the email server, you only need to modify the/etc/mail/access text file in the above format and execute:

Makemap-dbm/etc/mail/access