Chia sẻ: Thanh Cong | Ngày: | Loại File: PDF | Số trang:50

0
93
lượt xem
21

Mô tả tài liệu

Tham khảo tài liệu 'tcp/ip network administration- p10', công nghệ thông tin, quản trị mạng phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả

Chủ đề:

Bình luận(0)

Lưu

## Nội dung Text: TCP/IP Network Administration- P10

1. file:///C|/mynapster/Downloads/warez/tcpip/ch10_08.htm specified by S, and ruleset 4. The mailer definition for smtp in our sample configuration defines two rulesets for S - 11 and 31. [23] The first ruleset is used for rewriting the sender address in the "envelope" and the second is used to rewrite the sender address in the message header. [23] Many versions of sendmail define only one ruleset each for S and R. Based on the information in Figure 10.4 and in the S field of the smtp mailer, we know that the rulesets that process the message header sender address are 3, 1, 31 and 4. So we run sendmail with the -bt option and enter 3,1,31,4 craig at the command prompt. This command processes the sender address through each of these rulesets in succession. We also know that the envelope sender address is processed by rulesets 3, 1, 11, and 4. To test that, we enter 3,1,11,4 craig. The results of these tests are exactly the same as those shown in the example above. The value of the M macro rewrites the hostname in the message sender address just as we wanted. The hostname in the envelope sender address is not rewritten. Usually this is acceptable. However, we want to create exactly the same configuration as in the m4 example. The FEATURE(masquerade_envelope) command used in the m4 example causes the envelope sender address to be rewritten. Therefore, we want this configuration to also rewrite it. The only difference between how the message and envelope addresses are processed is that one goes through ruleset 31 and the other goes through ruleset 11. The tests show that both rulesets call ruleset 51 and then ruleset 61. They diverge at that point because ruleset 31 calls ruleset 93 and ruleset 11 calls ruleset 94. The tests also show that ruleset 93 provides the address rewrite that we want for the message sender address, while the envelope sender address is not processed in the manner we desire by ruleset 94. The test.cf code for rulesets 94, 11, and 31 is shown below: ################################################################### ### Ruleset 94 -- convert envelope names to masquerade form ### ################################################################### S94 #R$+$@ $>93$1 R$* < @ *LOCAL* >$* $:$1 < @ $j . >$2 # # envelope sender rewriting # S11 R$+$: $>51$1 sender/recipient common R$* :;$@ list:; special case R$*$: $>61$1 qualify unqual'ed names R$+$: $>94$1 do masquerading # # header sender and masquerading header recipient rewriting # S31 R$+$: $>51$1 sender/recipient common R:; $@ list:; special case Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. file:///C|/mynapster/Downloads/warez/tcpip/ch10_08.htm (7 of 10) [2001-10-15 09:18:44] 2. file:///C|/mynapster/Downloads/warez/tcpip/ch10_08.htm R$* $*$@ $1$2 pass null host through R< @ $* >$* $@ < @$1 > $2 pass route-addr through R$* $:$>61 $1 qualify unqual'ed names R$+ $:$>93 $1 do masquerading Clearly, ruleset 94 does not do what we want and ruleset 93 does. A quick inspection of ruleset 94 shows that it does not contain a single reference to macro M. Yet the comment on the line in ruleset 11 that calls it indicates that ruleset 94 should "do masquerading." The first line of ruleset 94 calls ruleset 93, but it is commented out. Our solution is to uncomment the first line of ruleset 94 so that it now calls ruleset 93, which is the ruleset that really does the masquerade processing. Debugging a sendmail.cf file is more of an art than a science. Deciding to edit the first line of ruleset 94 to call ruleset 93 is little more than a hunch. The only way to verify the hunch is through testing. We run sendmail -bt -Ctest.cf again to test the addresses craig, craig@peanut, and craig@localhost through rulesets 3, 1, 11, and 4. All tests run successfully, rewriting the various input addresses into craig@nuts.com. We then retest by sending mail via sendmail -v -t -Ctest.cf. Only when all of these tests run successfully do we really believe in our hunch and move on to the next task, which is to rewrite the user part of the email address into the user's first and last names. 10.8.2 Using Key Files in sendmail The last feature we added to the m4 source file was FEATURE(genericstable), which adds a database process to the configuration that we use to convert the user portion of the email address from the user's login name to the user's first and last names. To do the same thing here, create a text file of login names and first and last names and build a database with makemap. [24] [24] See the m4 section for more information about makemap. # cat realnames dan Dan.Scribner tyler Tyler.McCafferty pat Pat.Stover willy Bill.Wright craig Craig.Hunt # makemap dbm realnames < realnames Once the database is created, define it for sendmail. Use the K command to do this. To use the database that we have just built, insert the following lines into the Local Information section of the sendmail.cf file: # define a database to map login names to firstname.lastname Krealnames dbm /etc/realnames The K command defines realnames as the internal sendmail name of this database. Further, it identifies that this is a database of type dbm and that the path to the database is /etc/realnames. sendmail adds the correct filename extensions to the pathname depending on the type of the database, so you don't need to worry about it. Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. file:///C|/mynapster/Downloads/warez/tcpip/ch10_08.htm (8 of 10) [2001-10-15 09:18:44] 3. file:///C|/mynapster/Downloads/warez/tcpip/ch10_08.htm Finally, we add a new rule that uses the database to rewrite addresses. We add it to ruleset 11 and ruleset 31 immediately after the lines in those rulesets that call ruleset 93. This way, our new rule gets the address as soon as ruleset 93 finishes processing it. # when masquerading convert login name to firstname.lastname R$-$*$:$(realnames$1 $)$3 user=>first.last This rule is designed to process the output of ruleset 93, which rewrites the hostname portion of the address. Addresses that meet the criteria to have the hostname part rewritten are also the addresses for which we want to rewrite the user part. Look at the output of ruleset 93 from the earlier test. That address, craig, matches the pattern $-$*. The address has exactly one token (craig) before the literal and zero tokens. The transformation part of this rule takes the first token ($1) from the input address and uses it as the key to the realnames database, as indicated by the$:$(realnames$1 $) syntax. For the sample address craig,$1 is craig. When used as an index into the database realnames shown at the beginning of this section, it returns Craig.Hunt. This returned value is prepended to the literal , and the value of $3, as indicated by the$3 part of the transformation. The effect of this new rule is to convert the username to the user's real first and last names. After adding the new rule to rulesets 11 and 31, a test yields the following results: # sendmail -bt -Ctest.cf ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter > 3,1,11,4 craig rewrite: ruleset 3 input: craig rewrite: ruleset 96 input: craig rewrite: ruleset 96 returns: craig rewrite: ruleset 3 returns: craig rewrite: ruleset 1 input: craig rewrite: ruleset 1 returns: craig rewrite: ruleset 11 input: craig rewrite: ruleset 51 input: craig rewrite: ruleset 51 returns: craig rewrite: ruleset 61 input: craig rewrite: ruleset 61 returns: craig < @ *LOCAL* > rewrite: ruleset 93 input: craig < @ *LOCAL* > rewrite: ruleset 93 returns: craig < @ nuts . com . > rewrite: ruleset 11 returns: Craig . Hunt < @ nuts . com . > rewrite: ruleset 4 input: Craig . Hunt < @ nuts . com . > rewrite: ruleset 4 returns: Craig . Hunt @ nuts . com > 3,1,31,4 craig rewrite: ruleset 3 input: craig rewrite: ruleset 96 input: craig rewrite: ruleset 96 returns: craig rewrite: ruleset 3 returns: craig rewrite: ruleset 1 input: craig Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. file:///C|/mynapster/Downloads/warez/tcpip/ch10_08.htm (9 of 10) [2001-10-15 09:18:44]
5. [Chapter 10] 10.9 Summary Previous: 10.8 Testing Chapter 10 Next: 11. Troubleshooting sendmail sendmail.cf TCP/IP 10.9 Summary sendmail sends and receives SMTP mail, processes mail aliases, and interfaces between user mail agents and mail delivery agents. sendmail is started as a daemon at boot time to process incoming SMTP mail. sendmail aliases are defined in the /etc/aliases file. The rules for interfacing between user agents and mail delivery agents can be complex. sendmail uses the sendmail.cf file to define these rules. Configuring the sendmail.cf file is the most difficult part of setting up a sendmail server. The file uses a very terse command syntax that is hard to read. Sample sendmail.cf files are available to simplify this task. Most systems come with a sample file and others are available with the sendmail V8 software distribution. The sendmail V.8 sample files must first be processed by the m4 macro processor. Once the proper sample file is available very little of it needs to be changed. Almost all of the changes needed to complete the configuration occur at the beginning of the file and are used to define information about the local system, such as the hostname and the name of the mail relay host. sendmail provides an interactive testing tool that is used to check the configuration before it is installed. This chapter concludes our study of TCP/IP servers configuration, our last configuration task. In the next chapter we begin to look at the ongoing tasks that are part of running a network once it has been installed and configured. We begin this discussion with troubleshooting. Previous: 10.8 Testing TCP/IP Network Next: 11. Troubleshooting sendmail.cf Administration TCP/IP 10.8 Testing sendmail.cf Book Index 11. Troubleshooting TCP/IP [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. file:///C|/mynapster/Downloads/warez/tcpip/ch10_09.htm [2001-10-15 09:18:44]
6. [Chapter 11] Troubleshooting TCP/IP Previous: 10.9 Summary Chapter 11 Next: 11.2 Diagnostic Tools 11. Troubleshooting TCP/IP Contents: Approaching a Problem Diagnostic Tools Testing Basic Connectivity Troubleshooting Network Access Checking Routing Checking Name Service Analyzing Protocol Problems Protocol Case Study Simple Network Management Protocol Summary Network administration tasks fall into two very different categories: configuration and troubleshooting. Configuration tasks prepare for the expected; they require detailed knowledge of command syntax, but are usually simple and predictable. Once a system is properly configured, there is rarely any reason to change it. The configuration process is repeated each time a new operating system release is installed, but with very few changes. In contrast, network troubleshooting deals with the unexpected. Troubleshooting frequently requires knowledge that is conceptual rather than detailed. Network problems are usually unique and sometimes difficult to resolve. Troubleshooting is an important part of maintaining a stable, reliable network service. In this chapter, we discuss the tools you will use to ensure that the network is in good running condition. However, good tools are not enough. No troubleshooting tool is effective if applied haphazardly. Effective troubleshooting requires a methodical approach to the problem, and a basic understanding of how the network works. We'll start our discussion by looking at ways to approach a network problem. 11.1 Approaching a Problem To approach a problem properly, you need a basic understanding of TCP/IP. The first few chapters of Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. file:///C|/mynapster/Downloads/warez/tcpip/ch11_01.htm (1 of 4) [2001-10-15 09:18:45]
9. [Chapter 11] Troubleshooting TCP/IP plugs, connectors, cables, and switches. Small things can cause big problems. Previous: 10.9 Summary TCP/IP Network Next: 11.2 Diagnostic Tools Administration 10.9 Summary Book Index 11.2 Diagnostic Tools [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. file:///C|/mynapster/Downloads/warez/tcpip/ch11_01.htm (4 of 4) [2001-10-15 09:18:45]