Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞
Speed-up update of Sendmail-Linux Enterprise Application-Linux server application information. For details, refer to the following section. As a mail service software, Sendmail has always been widely used by IT manufacturers. However, Since Sendmail was designed to provide users with mail sending and receiving services, network security has not been taken too much into consideration. Therefore, this will provide an opportunity for cyber hackers to attack others' email servers in the future, which we usually call "Email Forwarding ".
Email hackers exploit the Sendmail vulnerability to send their personal emails to their destinations through others' email servers without the SMTP fortification vulnerability on some servers to satisfy their own desires; furthermore, the use of others' email servers to send "spam" to any external address is not only causing huge losses to others' network maintenance, it also brings inconvenience to the receiver.
As Sendmail has always been a standard background process of the mail server and adopted by the majority of server manufacturers, at this stage, we want to use other software to replace Sendmail as the mail service, it seems that it is difficult to get close to thirst. It is imperative to upgrade Sendmail to prevent "Email Forwarding.
In view of the limited space, we will only describe the implementation of Sendmail. For details about the principles of Sendmail, please refer to the relevant documentation.
1. Obtain Sendmail
Generally, you can upgrade sendmail to sendmail.8.9.3 to prevent the email server from forwarding.
TIPS: Go to the latest sendmail version at the following WWW or FTP sites:
The source code file of sendmail is sendmail..8.9.3.tar.gz.
After sending sendmail.8.9.3.tar.gz, You Can unpackage the file using the gunzip and tar commands.
Ii. Generate Sendmail
This is an important step in the sendmail upgrade process. It will generate the sendmail executable file.
1. Go to the/src directory under the current directory and edit the Makefile. m4 file.
To install the compilation result directly to the default directory, you can run the following command:
If gcc not found or cc not found occurs, you can perform the following soft connection in/usr/bin:
Actual location of ln-s/usr/bin/gcc, or actual location of ln-s/usr/bin/cc.
If the above information still appears, you need to reinstall the gcc or cc compiler.
3. Generate the configuration file sendmail. cf
1. Go to the cf/cf directory under the sendmail-8.9.3 directory and edit the tcpproto. mc file:
Divert (0) dnl
VERSIONID ('@ tcpproto. mc 8.10 (Berkeley) 5/19/1998 ')
OSTYPE (* Your OS Type)
DOMAIN (* Your Domain Name)
FEATURE (access_db, dbm-o/etc/mail/access)
TIPS: Enter "Your system Type" (for example, solaris2) in * Your OS Type, which can be found in the/cf/ostype directory under the sendmail-8.9.3 directory.
Enter Your Domain Name in the * Your Domain Name field and enclose it in single quotes (for example, 'cstnet .net.cn ')
The FEATURE (blacklist_recipients) can also be omitted.
2. Go to the cf/domain directory under the sendmail-8.9.3 directory and rename the file "generic. m4" to "your domain name. m4" (for example: cstnet.net.cn. m4 ).
3. compile and generate the sendmail. cf file with m4. Run the following command in the sendmail-8.9.3/cf Directory: m4 ../m4/cf. m4 tcpproto. mc> sendmail. cf should not cause any error during m4 compilation.
4. restart sendmail
Before restarting sendmail, you need to do some configuration work:
1. Check whether the sendmail. cw and aliases files exist in the/etc directory. If not, create the two files: touch/etc/sendmail. cw/etc/aliases
2. check whether the/etc/mail directory exists. If not, create this directory and create a text file access under this directory. This file is very important, it is used to control the IP addresses that can be used to send emails from this email server. This file will be described later.
3. In the sendmail-8.9.3/makemap directory, run./Build, at this time in the current directory will generate a obj. xxx directory, under this directory, has generated the makemap executable file.
TIPS: at this time, you can make a soft connection to makemap under/usr/bin for future use: actual location of Ln-s/usr/bin/makemap
4. Next, we will describe the format of the access File: explanation on the left and right
Explanation on the left
188.8.131.52 the RELAY must be in uppercase, indicating that the 184.108.40.206 host is allowed to send and receive emails through this email server. Other IP addresses are in the same format.
159.226.8 RELAY must be capitalized, indicating that the 159.226.8 C can send and receive emails through the mail server. The format of other network segments is the same.
* The email@example.com OK, relay OK, or RELAY must be capitalized to allow the firstname.lastname@example.org to send and receive messages through this mail server.
* @ Cstnet.net.cn OK, relay OK, or RELAY must be capitalized, indicating that the domain name cstnet.net.cn is allowed to send and receive emails through this email server.
Note: The * format is often not valid during the actual upgrade process. In general, do not use it.
TIPS: In the m4 compilation project, the prompt message "m4 not found" may appear. In this case, enter the complete m4 path (for example,/usr/bin/m4 .. /m4/cf. m4 tcpproto. mc> sendmail. cf.
If m4 is not found, you need to reinstall the m4 compiler.
In this case, you can copy the generated sendmail. cf file to the/etc directory for future use.
5. Use makemap (as mentioned above) to generate a library file using the text file/etc/mail/access:
After running, the access. dir and access. pag library files will be generated under the/etc/mail/directory.
6. Start Sendmail.
If sendmail is in the default directory, run sendmail-bd-q15m.
If sendmail. cf is no longer in the default directory, run:/usr/lib/sendmail-bd-q15m-C "actual location of sendmail. cf ".
5. upgrade and maintenance
When you need to add/delete some users and allow/prohibit them from forwarding emails through the email server, you only need to modify the/etc/mail/access text file in the above format and execute:
This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or
reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or
complaint, to email@example.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
and provide relevant evidence. A staff member will contact you within 5 working days.