Here’s a copy of a message I sent to Mac Managers mailing list … it
looks like it applies to your situation:
The Problem (short version)
Sending email (ultimately via sendmail) works when running as a normal
user or sudo’d admin/root user, but doesn’t work when running via the
real root user (e.g., when run via cron). The failure resulted from the
email being sent from user@system.domain.com rather than from
user@domain.com, as it was written … but this only occurred when
sending via real root user. The failure was always a returned outgoing
email with:
reason: 553 system.domain.com does not exist
which is true because “system” is behind a firewall and is not
DNS-resolvable.
The Solution
No one identified the problem, but one person (thanks Joseph) did suggest
sending email directly via sendmail (I’d provided a small /bin/mail-based
script to illustrate the problem). While that was not a solution, it did
make it easier to troubleshoot, since it was a more direct interaction.
After all too many hours of reading, trying, failing, repeating as
required, I discovered that the solution is rather simple (thus
qualifying it as “normal UNIX configuration”):
I have a very basic sendmail setup (see
Radar – O’Reilly) and only
had to add the following to my sendmail config file, myconfig.mc in my
case (i.e., the ???.mc file used to build the sendmail.cf file, using the
m4 processor):
FEATURE(domaintable', hash -o /etc/mail/domaintable’)dnl
…then I created the file /etc/mail/domaintable and added the entry:
system.domain.com domain.com
…then I stopped sendmail, rebuilt the sendmail artifacts, and restarted
sendmail, using the script listed below. After that, things seem to be
working correctly.
[the good thing about UNIX is that you can do almost anything with it …
if you have enough time]
Side Note:
I’d tried many other features that, according to the sendmail
documentation, would appear to work in this situation. Among the things
I tried were various incarnations of masquerading features. I suspect
this is why it worked for all but the real root user. It’s interesting
to note that there’s a line of documentation that indicates that this
stuff doesn’t apply to the “exposed users,” a term for which I couldn’t
find a clear definition, but seemed to map to the “trusted users.” I
even tried eliminating the trusted users, but root always seemed to be
mysteriously inserted as a trusted user. I’m guessing that this is the
reason that none of the other approaches worked (and I think I tried all
other things before trying the domaintable … yes, I know Murphy quite
well).
I hope this helps save someone else some time.
The script I use to rebuild sendmail:
#!/bin/sh
if NOT using (in myconfig.mc):
define(confDONT_BLAME_SENDMAIL', GroupWritableDirPathSafe’)dnl
then do this (and don’t use Apple’s “Fix Disk Permissions”):
chmod go-w / /etc /etc/mail /var /var/spool /var/spool/mqueue
do this once:
sudo niutil -create . /locations/sendmail
sudo niutil -createprop . /locations/sendmail sendmail.cf
/etc/mail/sendmail.cf
get the template config file once
sudo cp -p /usr/share/sendmail/conf/cf/generic-darwin.mc
/etc/mail/myconfig.mc
then make all changes to /etc/mail/myconfig.mc
prior to running this script, get Admin/root capabilities
sudo -s
stop sendmail
echo “Stopping mail services”
/usr/bin/killall sendmail
sleep 3
whenever changes are made, regenerate databases and sendmail config file:
for MAP in access domaintable genericstable mailertable virtusertable
do
if test /etc/mail/${MAP} -nt /etc/mail/${MAP}.db
then
echo “Regenerating ${MAP}.db”
/usr/sbin/makemap hash /etc/mail/${MAP} < /etc/mail/${MAP}
sleep 1
fi
done
if test /etc/mail/aliases -nt /etc/mail/aliases.db
then
echo “Regenerating aliases.db”
/usr/bin/newaliases
sleep 1
fi
if test /etc/mail/myconfig.mc -nt /etc/mail/sendmail.cf
then
echo “Regenerating sendmail.cf”
/usr/bin/m4 /usr/share/sendmail/conf/m4/cf.m4 /etc/mail/myconfig.mc >
/tmp/sendmail.cf
sleep 1
/bin/mv /etc/mail/sendmail.cf /etc/mail/sendmail.cf.previous
/bin/mv /tmp/sendmail.cf /etc/mail/sendmail.cf
fi
start sendmail
/System/Library/StartupItems/Sendmail/Sendmail start
sleep 3
bderm@derman.com