{"id":20622337,"url":"https://github.com/smoeding/puppet-sendmail","last_synced_at":"2025-04-15T12:33:39.420Z","repository":{"id":29653427,"uuid":"33195132","full_name":"smoeding/puppet-sendmail","owner":"smoeding","description":"Manage the Sendmail MTA using Puppet","archived":false,"fork":false,"pushed_at":"2023-11-27T09:37:41.000Z","size":688,"stargazers_count":1,"open_issues_count":1,"forks_count":11,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-05-08T16:04:38.030Z","etag":null,"topics":["puppet","sendmail"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/smoeding.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-03-31T16:02:54.000Z","updated_at":"2021-11-27T09:42:26.000Z","dependencies_parsed_at":"2023-11-11T15:23:55.895Z","dependency_job_id":"4c0003b8-a916-4acb-9428-53f0d95ec084","html_url":"https://github.com/smoeding/puppet-sendmail","commit_stats":{"total_commits":468,"total_committers":6,"mean_commits":78.0,"dds":"0.012820512820512775","last_synced_commit":"b2af52ecf9d338de7e25370da6f6ef37dfaa1cb7"},"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smoeding%2Fpuppet-sendmail","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smoeding%2Fpuppet-sendmail/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smoeding%2Fpuppet-sendmail/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smoeding%2Fpuppet-sendmail/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/smoeding","download_url":"https://codeload.github.com/smoeding/puppet-sendmail/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248405938,"owners_count":21098103,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["puppet","sendmail"],"created_at":"2024-11-16T12:22:21.220Z","updated_at":"2025-04-15T12:33:39.395Z","avatar_url":"https://github.com/smoeding.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# sendmail\n\n[![Build Status](https://github.com/smoeding/puppet-sendmail/actions/workflows/CI.yaml/badge.svg)](https://github.com/smoeding/puppet-sendmail/actions/workflows/CI.yaml)\n[![Puppet Forge](http://img.shields.io/puppetforge/v/stm/sendmail.svg)](https://forge.puppetlabs.com/stm/sendmail)\n[![License](https://img.shields.io/github/license/smoeding/puppet-sendmail.svg)](https://raw.githubusercontent.com/smoeding/puppet-sendmail/master/LICENSE)\n\n#### Table of Contents\n\n1. [Overview](#overview)\n2. [Module Description - What the module does and why it is useful](#module-description)\n3. [Setup - The basics of getting started with sendmail](#setup)\n    * [What sendmail affects](#what-sendmail-affects)\n    * [Setup requirements](#setup-requirements)\n    * [Beginning with sendmail](#beginning-with-sendmail)\n4. [Usage - Configuration options and additional functionality](#usage)\n5. [Reference - An under-the-hood peek at what the module is doing and how](#reference)\n5. [Limitations - OS compatibility, etc.](#limitations)\n6. [Development - Guide for contributing to the module](#development)\n\n## Overview\n\nInstall and manage the Sendmail MTA.\n\n## Module Description\n\nSendmail is a powerful mail transfer agent, and this modules provides an easier way to generate and manage the main Sendmail configuration files `/etc/mail/sendmail.mc` and `/etc/mail/submit.mc`. It also manages entries in various Sendmail database files (e.g. `/etc/mail/access` and `/etc/mail/mailertable`).\n\n## Setup\n\n### What sendmail affects\n\n* The module installs the operating system package to run the Sendmail MTA and possibly some other packages (make, m4, ...) to support it.\n* In a default installation almost all the managed files are in the `/etc/mail` directory. A notably exception is the `/etc/aliases` file.\n* The module may generate a new `/etc/mail/sendmail.mc` which is the source for `/etc/mail/sendmail.cf`. This file is the main Sendmail configuration file and it affects how Sendmail operates.\n\n\u003e **WARNING**: Make sure to understand and test everything in these files before putting it in production. You alone are accountable for deploying a safe mailer configuration. If you do not know how to configure Sendmail without this module, then you should not assume you can do it with it.\n\n### Setup Requirements\n\nThe sendmail module uses a custom Augeas lense so the Puppet configuration setting `pluginsync` must be enabled. It also requires the Puppetlabs modules `stdlib`, `concat`, `augeas_core` and `mailalias_core`.\n\n### Beginning with Sendmail\n\nDeclare the Sendmail class to install and run Sendmail with the default parameters.\n\n```puppet\nclass { 'sendmail': }\n```\n\nThis installs the necessary packages and starts the Sendmail service. With this setup Sendmail will send messages to other hosts and also accept mail for the local host.\n\nSendmail has a lot of configuration knobs and a complete setup may need more than just a few parameters. So it is probably a good idea to encapsulate your Sendmail settings by using the roles and profiles pattern.\n\n## Usage\n\nThe Sendmail module provides classes and defined types to individually manage many of the configuration parameters used in the `sendmail.mc` file. This offers the possibility to manage even complex and unusual configurations with Puppet. The main Sendmail class also has parameters to directly enable certain configuration items without the need to provide a complete user defined `sendmail.mc` configuration.\n\n### I need a couple of macros and features in my Sendmail setting\n\nNormally the configuration of Sendmail is done by adding `define` statements to the main `sendmail.mc` configuration file. The `m4` macro processor is used to convert the settings into a `sendmail.cf` file that Sendmail understands.\n\nThe same mechanism is used to add features like greylisting, virtual user setups or DNS blacklists. Sendmail uses the `feature` statement in the `sendmail.mc` configuration to enable the features.\n\nWith the Sendmail module these settings are defined by adding resources using the `sendmail::mc::define` or `sendmail::mc::feature` defined types.\n\n```puppet\n# Manage Sendmail and set a smart host and the maximum message size\nclass { 'sendmail':\n  smart_host       =\u003e 'relay.example.com',\n  max_message_size =\u003e '32MB',\n}\n\n# Set maximum number of daemon processes\nsendmail::mc::define { 'confMAX_DAEMON_CHILDREN':\n  expansion =\u003e '8',\n}\n\n# Include ratecontrol feature with parameters\nsendmail::mc::feature { 'ratecontrol':\n  args =\u003e [ 'nodelay', 'terminate', ],\n}\n\n# Enable access_db feature\nsendmail::mc::feature { 'access_db': }\n\n# Manage access_db entries in hiera\nclass { 'sendmail::access': }\n\n# Manage aliases file using a template\nclass { 'sendmail::aliases':\n  content =\u003e template('site/aliases.erb'),\n}\n```\n\nSee `REFERENCE.md` for the complete list of available types that can be used.\n\n### Most hosts do not need to receive mail\n\nUse the `sendmail::nullclient` class to create a setup where no mail can be received from the outside and all local mail is forwarded to a central mail hub. This configuration is appropriate for the majority of satellite hosts.\n\n```puppet\nclass { 'sendmail::nullclient':\n  mail_hub =\u003e '[192.168.1.1]',\n}\n```\n\n### I already have a working config and like to keep it\n\nDisable the internal management of the sendmail configuration files by setting the parameters `manage_sendmail_mc` or `manage_submit_mc` to `false`:\n\n```puppet\nclass { 'sendmail':\n  manage_sendmail_mc =\u003e false,\n  manage_submit_mc   =\u003e false,\n}\n```\n\n\u003e **Note**: These settings also disable the automatic generation of the `sendmail.cf` and `submit.cf` files. You will have to do that yourself if you change one of the files.\n\n### I am behind a firewall and need to forward outgoing mail to a relay host\n\nUse the `smart_host` parameter to set the host where all outgoing mail should be forwarded to.\n\n```puppet\nclass { 'sendmail':\n  smart_host =\u003e 'relay.example.com',\n}\n```\n\n### I have a host that should not receive any mail from the outside\n\nYou can use the `enable_ipv4_daemon` and `enable_ipv6_daemon` parameters to prevent Sendmail from listening on all available network interfaces. Use the `sendmail::mc::daemon_options` defined type to explicitly define the addresses to use.\n\n```puppet\nclass { 'sendmail':\n  enable_ipv4_daemon =\u003e false,\n  enable_ipv6_daemon =\u003e false,\n}\n\nsendmail::mc::daemon_options { 'MTA-v4':\n  addr   =\u003e '127.0.0.1',\n  family =\u003e 'inet',\n  port   =\u003e 'smtp',\n}\n```\n\n### Transport layer encryption (TLS) is a must in my setup\n\nThe Sendmail class has a comprehensive set of TLS related parameters. The following configuration creates a simple TLS enabled setup. Remember to adjust the pathnames to your setup.\n\n```puppet\nclass { 'sendmail':\n  ca_cert_file     =\u003e '/etc/mail/tls/my-ca-cert.pem',\n  server_cert_file =\u003e '/etc/mail/tls/server.pem',\n  server_key_file  =\u003e '/etc/mail/tls/server.key',\n  client_cert_file =\u003e '/etc/mail/tls/server.pem',\n  client_key_file  =\u003e '/etc/mail/tls/server.key',\n  cipher_list      =\u003e 'HIGH:!MD5:!eNULL',\n}\n```\n\n\u003e **Note**: The Sendmail module does not manage any X.509 certificates or keys.\n\n### All my users are managed using LDAP\n\nA complex configuration like this is supported by using the provided defined types as building blocks. The following example configuration reflects a setup that is actually in use.\n\n```puppet\nsendmail::mc::define { 'confLDAP_CLUSTER':\n  expansion =\u003e 'example.net',\n}\n\nsendmail::mc::define { 'confLDAP_DEFAULT_SPEC':\n  expansion =\u003e '-H ldapi:/// -w 3 -b dc=example,dc=net',\n}\n\nsendmail::mc::ldaproute_domain { 'example.net': }\n\n$ldap_filter = '(\u0026(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))'\n\nsendmail::mc::feature { 'ldap_routing':\n  args =\u003e [\n    \"ldap -1 -T\u003cTMPF\u003e -v mailHost -k ${ldap_filter}\",\n    \"ldap -1 -T\u003cTMPF\u003e -v mailRoutingAddress -k ${ldap_filter}\",\n    'bounce',\n    'preserve',\n    'nodomain',\n    'tempfail',\n  ]\n}\n\nsendmail::mc::feature { 'virtusertable':\n  args =\u003e \"ldap -1 -T\u003cTMPF\u003e -v uid -k ${ldap_filter}\",\n}\n```\n\n## Reference\n\nSee the included `REFERENCE.md`.\n\n## Limitations\n\nThe Sendmail module is currently developed and tested on:\n* Debian 11 (Bullseye)\n\n## Development\n\nSendmail is a powerful tool with many configuration options. The module includes configuration options I considered useful or needed for my own environment.\n\nYou may open Github issues for this module if you need additional configuration file options currently not available.\n\nFeel free to send pull requests for new features.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmoeding%2Fpuppet-sendmail","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsmoeding%2Fpuppet-sendmail","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmoeding%2Fpuppet-sendmail/lists"}