Sendmail之SMART_HOST設定

話說Sendmail是大學時候看過的東西，對它還真是越來越陌生。

Smart Host是一種email message transfer agent，簡單來說就是一台中繼的Mail Server，凡是User要送出的信，並不會直接送給收件者的Mail Server，而是先送到該中繼點，再由Smart Host送給收件者的Mail Server，如下圖所示。


透過 sendmail 的sendmail.mc 設定，讓外寄的信都轉送到該SMART HOST(我的SMART HOST是1.1.1.3)，為了避免外寄來的信都轉給該主機的User，必須加上FEATURE(stickyhost)。
所以請將以下兩行加入/etc/mail/sendmail.mc 中，建議用copy and paste，避免符號寫錯。

...
FEATURE(stickyhost)
define(`SMART_HOST', `relay.dnsexit.com') 
...

接著執行更新

# m4 sendmail.mc > sendmail.cf
# /etc/init.d/sendmail restart

接著利用mail這個指令，與/var/log/mail.log進行check與deubg。

brook@vista:~$ mail --debug-line-info --debug-level=30 rene3210@gmail.com -s "brook"
Cc:
in
sendmail.c:112: sendmail (/usr/sbin/sendmailn
mu_auth.c:255: Getting auth info for UID 1000
mu_auth.c:195: Trying generic...
mu_auth.c:198: generic yields 38=Function not implemented
mu_auth.c:195: Trying system...
mu_auth.c:198: system yields 0=Success
mu_auth.c:206: source=system, name=brook, passwd=x, uid=1000, gid=1000, gecos=BROOK,,,, dir=/home/brook, shell=/bin/bash, mailbox=/var/mail/brook, quota=0, change_uid=1
mu_auth.c:255: Getting auth info for UID 1000
mu_auth.c:195: Trying generic...
mu_auth.c:198: generic yields 38=Function not implemented
mu_auth.c:195: Trying system...
mu_auth.c:198: system yields 0=Success
mu_auth.c:206: source=system, name=brook, passwd=x, uid=1000, gid=1000, gecos=BROOK,,,, dir=/home/brook, shell=/bin/bash, mailbox=/var/mail/brook, quota=0, change_uid=1
mailer.c:454: mu_mailer_send_message(): using From: brook@vista
progmailer.c:188: Sending headers...
progmailer.c:221: Sending body...
progmailer.c:269: /usr/sbin/sendmail exited with: 0

brook@vista:~$ tail -f /var/log/mail.log
May  2 21:35:44 vista sendmail[383]: My unqualified host name (vista) unknown; sleeping for retry
May  2 21:36:44 vista sendmail[383]: unable to qualify my own domain name (vista) -- using short name
May  2 21:36:44 vista sendmail[383]: t42DaiZa000383: from=brook@vista, size=85, class=0, nrcpts=1, msgid=<201505021336.t42DaiZa000383@vista>, relay=brook@localhost
May  2 21:36:44 vista sm-mta[388]: t42DaiNp000388: from=<brook@vista>, size=364, class=0, nrcpts=1, msgid=<201505021336.t42DaiZa000383@vista>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
May  2 21:36:44 vista sendmail[383]: t42DaiZa000383: to=<rene3210@gmail.com>, ctladdr=brook@vista (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30085, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (t42DaiNp000388 Message accepted for delivery)
May  2 21:36:45 vista sm-mta[390]: t42DaiNp000388: to=<rene3210@gmail.com>, ctladdr=<brook@vista> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=120364, relay=[1.1.1.3] [1.1.1.3], dsn=2.0.0, stat=Sent (<201505021336.t42DaiZa000383@vista> [InternalId=109168394] Queued mail for delivery)

關於FEATURE(stickyhost)的說明

Beginning with V8.7 sendmail, addresses with and without a host part that resolve to local delivery are handled in the same way. For example, user and user@local.host are both looked up with the User Database (userdb on page 942) and processed by the localaddr rule set 5 (The localaddr Rule Set 5 on page 700). This processing can result in those addresses being forwarded to other machines.

user               ← not sticky
user@local.host    ← sticky

如果該Smart Host想要開放給其他Mail Server做relay用，請在/etc/mail/access做設定，如我要開放給jpr-Version-M4610這台機器做relay用，設定畫面如下。
接著執行

# makemap -v hash /etc/mail/access.db < /etc/mail/access
# /etc/init.d/sendmail restart

參考資料：
1. SMART_HOST, http://www.codemud.net/~thinker/GinGin_CGI.py/show_id_doc/237
2. https://www.dnsexit.com/support/mailrelay/sendmail.html

安裝Gerrit

Gerrit，是一種以GIT作為底層的code review system，它使用網頁介面，讓團隊進行review，決定是否能夠提交，退回或是繼續修改。
可以由此download, https://gerrit-releases.storage.googleapis.com/index.html 。

安裝步驟可以參考裡面的Documentation，

1. 先建立database

我是採用mysql，其他db的設定可以參考Gerrit的Document。

  CREATE USER 'gerrit2'@'localhost' IDENTIFIED BY 'secret';
  CREATE DATABASE reviewdb;
  GRANT ALL ON reviewdb.* TO 'gerrit2'@'localhost';
  FLUSH PRIVILEGES;

2. Initialize the Site

基本上gerrit2會跳出對話框，將問題的資訊填完就可以安奘成功了。

gerrit2@vista:~$ ls
examples.desktop  gerrit-2.11.war
gerrit2@vista:~$ java -jar gerrit-2.11.war init -d review_site
Using secure store: com.google.gerrit.server.securestore.DefaultSecureStore

*** Gerrit Code Review 2.11
***

Create '/home/gerrit2/review_site' [Y/n]?

*** Git Repositories
***

Location of Git repositories   [git]:

*** SQL Database
***

Database server type           [h2]: mysql

Gerrit Code Review is not shipped with MySQL Connector/J 5.1.21
**  This library is required for your configuration. **
Download and install it now [Y/n]?
Downloading http://repo2.maven.org/maven2/mysql/mysql-connector-java/5.1.21/mysql-connector-java-5.1.21.jar ... OK
Checksum mysql-connector-java-5.1.21.jar OK
Server hostname                [localhost]:
Server port                    [(mysql default)]:
Database name                  [reviewdb]:
Database username              [gerrit2]:
gerrit2's password             :
              confirm password :

*** Index
***

Type                           [LUCENE/?]:

*** User Authentication
***

Authentication method          [OPENID/?]:

*** Review Labels
***

Install Verified label         [y/N]?

*** Email Delivery
***

SMTP server hostname           [localhost]:
SMTP server port               [(default)]:
SMTP encryption                [NONE/?]:
SMTP username                  :

*** Container Process
***

Run as                         [gerrit2]:
Java runtime                   [/usr/lib/jvm/java-7-openjdk-amd64/jre]:
Copy gerrit-2.11.war to /home/gerrit2/review_site/bin/gerrit.war [Y/n]?
Copying gerrit-2.11.war to /home/gerrit2/review_site/bin/gerrit.war

*** SSH Daemon
***


Listen on address              [*]:
Listen on port                 [29418]:

Gerrit Code Review is not shipped with Bouncy Castle Crypto SSL v151
  If available, Gerrit can take advantage of features
  in the library, but will also function without it.
Download and install it now [Y/n]?
Downloading http://www.bouncycastle.org/download/bcpkix-jdk15on-151.jar ... OK
Checksum bcpkix-jdk15on-151.jar OK

Gerrit Code Review is not shipped with Bouncy Castle Crypto Provider v151
** This library is required by Bouncy Castle Crypto SSL v151. **
Download and install it now [Y/n]?
Downloading http://www.bouncycastle.org/download/bcprov-jdk15on-151.jar ... OK
Checksum bcprov-jdk15on-151.jar OK
Generating SSH host key ... rsa... dsa... done

*** HTTP Daemon
***

Behind reverse proxy           [y/N]?
Use SSL (https://)             [y/N]?
Listen on address              [*]:
Listen on port                 [8080]: 6267
Canonical URL                  [http://localhost:6267/]:

*** Plugins
***

Installing plugins.
Install plugin download-commands version v2.11 [y/N]?
Install plugin reviewnotes version v2.11 [y/N]?
Install plugin singleusergroup version v2.11 [y/N]?
Install plugin replication version v2.11 [y/N]?
Install plugin commit-message-length-validator version v2.11 [y/N]?
Initializing plugins.
No plugins found with init steps.

Execute now [Y/n]?
Initialized /home/gerrit2/review_site
Executing /home/gerrit2/review_site/bin/gerrit.sh start
Starting Gerrit Code Review: OK
Waiting for server on localhost:6267 ... OK

3. Start/Stop Daemon

可以透過review_site/bin/gerrit.sh將deamon進行開關，通常我會在rc5.d中建立link到該script中

review_site/bin/gerrit.sh start
review_site/bin/gerrit.sh stop
review_site/bin/gerrit.sh restart

4. Setup Administrator

可以用Web開啟gerrit並且設定第一個User，即Adminstrator。

基本上我是自己建立一個OpenID，你可以選擇其他認證方式。








參考資料： Gerrit Document

Table Of Content for tag "tools"

tools - admin

• lvm設定步驟
• cachefilesd
• module-init-tools
• Introduction cpufreq

tools - devel

• git - push to non-bare repository
• 用一張圖來為 Git 快速入門 (流程圖解)
• git筆記
• vmware的timekeeping問題
• doxygen
• indent - format your code