Need some help with setting up sendmail properly

[zenx]

Hi all,

Just registered on the forums (so far I found all the answers form other's posts) - so this is my first post here

I have a bit of problem setting up SendMail properly, been trying for a few days now so about time to ask for some help

What I'd like to do is: set up a mail server that relays based on the access.db and also relays from any host that isn't in the access.db but has supplied valid credentials and with SSL. - This is a mixed mail server, needs to work both with LAN computers and outside computers (probably most of them with dynamic IP's - reason for relaying based on authentication..)
Also have a MX record pointing at my server

I have sasl and starttls set up.. so been playing with my sendmail m4 file to try and create a proper cf for sendmail

In human language:
So far I managed to set up sendmail for sending (aka. I can send mail with it to other domains.., even from LAN or WAN computers) but it doesn't seem to work the other way around - when I send a mail form another address to my server it doesn't show up at all, and I get the delivery delay in 4 hours on the address I sent it from - I think that's understandable enough, if not lemme know

also if I do a sendmail -v someuser@somdomain.com locally
I get a bit too much relaying-around so I suppose my sendmail.cf suxx big time

I know you can't help me based on that info but if anyone has done this before then tell me what to post based on which you can help me..

Ceers and thanks in advance,
ZenX

[zenx]

An update on that

I manged to make an almost proper configuration.. problems that are left open are:

What option I need to add/remove in the sendmail.mc for sendmail to accept SSL connections
And what other file(s) do I need to modify to set up relaying based on authentication (I think a part of that is done in sendmail.mc aswell.. but I don't know what to change at this point..)

My server works atm with relaying only based on access.db (though I think my sendmail.cf should allow more..)

So here's my sendmail.mc which is almost 100% manual work.. not a template.. I checked a million sites and tried combining all options listed there to make it work, someone please check it if it contains any security risks, and tell me the modifications needed to solve my problems listed above.. thanks in advance.. hope someone can help me soon..

divert(-1)dnl
divert(0)dnl
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
include(`/etc/mail/tls/starttls.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.13.8-3 2006-12-08 20:21:10 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS
FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confAUTH_OPTIONS', `A p')dnl
define(`confCACERT_PATH',`/etc/mail/tls')dnl
define(`confCACERT',`/etc/mail/tls/ca-bundle.crt')dnl
define(`confSERVER_CERT',`/etc/mail/tls/sendmail.pem')dnl
define(`confSERVER_KEY',`/etc/mail/tls/sendmail.pem')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`access_db', , `skip')dnl
FEATURE(`greet_pause', `1000')dnl 1 seconds
FEATURE(`delay_checks', `friend', `n')dnl
FEATURE(`mailertable')dnl
FEATURE(`virtusertable')dnl
define(`confBAD_RCPT_THROTTLE',`3')dnl
FEATURE(`conncontrol', `nodelay', `terminate')dnl
FEATURE(`ratecontrol', `nodelay', `terminate')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(`always_add_domain')dnl
FEATURE(redirect)dnl
Cw <mydomain>
FEATURE(`smrsh')dnl
MASQUERADE_AS(`<mydomain>')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl

OQ/var/spool/mqueue
O QueueDirectory=/var/spool/mqueue
MAILER_DEFINITIONS
MAILER(`smtp')dnl
MAILER(`procmail')dnl


Cheers,
ZenX

[zenx]

Hi,

the server is working now.. but I have a huge problem..
Might have misconfigured / forgot something cuz most of the mail I send ends up in spam folders..

The problem seems to be that the IP address of the client computer sending the mail is transmitted in the header (I have IP-s in the 10.0.0.1-20 range) so it's fair enough for any mail server to consider a mail with a source address "10.0.0.3" to be spam

any ideas on how to correct this pls?.. tried a bunch of settings..

Here's a sample mail header my server sends, the part where the problem is:

Received: from <my server's external IP> (EHLO localhost.localdomain) (<my server's external IP> )
by mta134.mail.re1.yahoo.com with SMTP; Fri, 12 Sep 2008 08:59:50 -0700
Received: from <Name of client comp. in my local netwok> ([10.0.0.4])
by localhost.localdomain (8.13.8/8.13.8/Debian-3) with ESMTP id m8CJ0tH2015153


Looks nasty, ehh?
Help would be appreciated.. thx in advance