sendmail works with domain names and name services to deliver and route mail. This section covers the following topics:
For more information, see How to Verify Mailhost Entries in DNS and Administering Mail Alias Files.
The standard sendmail.cf file uses mail domains to determine whether mail is delivered directly or through a mail host. Intradomain mail is delivered through a direct SMTP connection, while interdomain mail is forwarded to a mail host.
In a secure network, only a few selected hosts are authorized to generate packets that are targeted to external destinations. Even if a host has the IP address of the remote host that is external to the mail domain, the establishment of an SMTP connection is not guaranteed. The standard sendmail.cf assumes the following conditions:
The current host is not authorized to send packets directly to a host outside the mail domain
The mail host is capable of forwarding the mail to an authorized host that can transmit packets directly to an external host. The mail host can possibly be an authorized host
With these assumptions, the mail host is responsible for delivering or forwarding interdomain mail.
The sendmail program imposes various requirements on name services. To improve your understanding of these requirements, this section first describes the relationship of mail domains to name service domains and then describes the various requirements.
The mail domain name must be a suffix of the name service domain. For example, if the domain name of the name service is A.B.C.D, the mail domain name could be one of the following values:
The mail domain name is identical to the name service domain when it is first established. As the network grows, the name service domain can be divided to make the name service more manageable. However, the mail domain remains undivided to provide consistent aliasing.
The sendmail program requires that the following host table or map in a name service be set up to support three types of gethostbyname() queries:
mailhost – Some name service configurations satisfy this requirement automatically.
Full host name – Many name service configurations satisfy this requirement. For example, smith.admin.example.com is the full host name.
Short host name – The sendmail program must connect to the mail host in order to forward external mail. To determine if a mail address is within the current mail domain, gethostbyname() is invoked with the full host name. If the entry is found, the address is considered internal. For example, if smith.admin.example.com is the full host name, then smith is the short host name.
gethostbyname() with a short host name is used as an argument in NIS and DNS support, so this requirement is automatically satisfied.
Note the following additional requirements for efficient sendmail services within a name service:
gethostbyname() with full host name argument and short host name argument should yield consistent results. For example, gethostbyname(smith.admin.example.com) should return the same result as gethostbyname(smith), if both functions are called from the mail domain admin.example.com.
For all name service domains under a common mail domain, gethostbyname() with a short host name should yield the same result. For example, if the mail domain smith.admin.example.com is given, gethostbyname(smith) should return the same result when the call originates from either the sales.admin.example.com domain or the eng.admin.example.com domain. The mail domain name is usually shorter than the name service domain, which gives this requirement special implications for various name services.
For more information, see the gethostbyname(3C) man page.
The sendmail program works with NIS and DNS as follows:
Mail domain name – If you are setting up NIS as the primary name service, sendmail automatically strips the first component of the NIS domain name and uses the result as the mail domain name. For example, sales.admin.example.com becomes admin.example.com.
Mail host name – You must have a mailhost entry in the NIS host map. When the DNS forwarding feature is turned on, queries that NIS cannot resolve are forwarded to DNS. Hence, you do not need a mailhost entry in the NIS host map.
Multiple NIS domains in one mail domain – All NIS host maps under a common mail domain should have the same set of host entries. For example, the host map in the sales.admin.example.com domain should be the same as the host map in the eng.admin.example.com. Otherwise, one address might work in one NIS domain but fail in the other NIS domain.
For more information, see How to Verify Mailhost Entries in DNS and Administering Mail Alias Files.