From Newsgroup: comp.mail.sendmail

I have 2 domains: domain.a and domain.b

For some strange reason (and this is rather new behavior), a mail sent to user@domain.b shows up in my email client as user@domain.a
I checked the headers and it really says:

To: user@domain.a

But the received header is ok:

Received: from bla.bla.here
by my-mail-server (8.18.1/8.18.1) with ESMTPS id xxxx
(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
for <user@domain.b>; Wed, 30 Jul 2025 20:42:40 +0200

I have been using sendmail for over 20 years and I've never seen this before. This is new, even though I haven't changed the config (at least not when this started happening).

I have searched for a few days on the net and read sendmail documentation, but somehow I couldn't find an answer. It's rather strange, since this wasn't happening before.

domaintable mailertable virtusertable are empty.
Both domains are in the local-host-names and in /etc/hosts

My config is available (until 2025-08-27 20:41:26 UTC) here: https://evermeet.cx/paste/sendmail_mc.QiBS.txt

I can only suspect that maybe an update of the packages changed the behavior, even though the config wasn't changed by the update or me. Or maybe a fix in a package brought a misconfig to light, which also seems weird since I pretty much
used that config for a very long time.
I don't have any other explanations.

I'd appreciate any help, pointers, dark magic spells, ... ;-)

Cheers,
K. C.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

Helmut K. C. Tessarek wrote:

I have 2 domains: domain.a and domain.b

Those are not in DNS.

For some strange reason (and this is rather new behavior), a mail sent to user@domain.b shows up in my email client as user@domain.a

Most likely you changed DNS entries (CNAME?)
but we can't check that.

Read about host name canonification in the docs,
e.g., TUNING and cf/README.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

Thanks for the reply.

On 2025-07-31 01:58, Claus A|fmann wrote:

Those are not in DNS.

Of course not. These were examples. ;-) I didn't want to post my real domains and I thought that this issue was a known situation for sendmail experts.
But I guess it shouldn't matter. Here are the real ones:

evermeet [dot] cx
evermeet [dot] ca

So, if I send a mail to the ca domain, I receive an email with the cx domain in
the to field.
As I mentioned before, this behavior is rather new. I can't say when exactly it
started, but I think less than half a year.
The last time I changed the config was in 2021 (and the only change back then was adding dnsbl - 2 FEATURE lines added).

Most likely you changed DNS entries (CNAME?)
but we can't check that.

No, I didn't. I updated the DNS 2 months ago to add a new TXT entry for the new
DKIM key. Nothing else.

Read about host name canonification in the docs,
e.g., TUNING and cf/README.

Thanks, I will have a look. Tomorrow that is. I have to get some sleep now...

But if anything else comes to mind, please let me know.

Cheers,
K. C.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-07-31 01:58, Claus A|fmann wrote:

Most likely you changed DNS entries (CNAME?)
but we can't check that.

Read about host name canonification in the docs,
e.g., TUNING and cf/README.

I've read up on the topics you suggested and I am still not closer to understanding what is going on.

If you run dig against me 2 domains the result is in both cases an A record and
not a CNAME one.
I have tested with sendmail -bt and Canonify2 already returns the cx domain.

So I don't know why canonification is even happening.

I really whish I had changed something, because then I would only have to revert
it, but I keep track of changes meticulously. e.g. my /etc/mail is a git repo and the changes in DNS I put in a note.

I can try to add

FEATURE(`nocanonify', `canonify_hosts')

to my sendmail.mc later tonight when there's less traffic. But if that works, I
will be even more confused. Did a package update change the behavior or fix a bug that would not canonify without specifying nocanonify?

Anyhoo, let's see what happens. I'll post my findings then.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-07-31 18:04, Helmut K. C. Tessarek wrote:

FEATURE(`nocanonify', `canonify_hosts')

Adding FEATURE(`nocanonify', `canonify_hosts') or
FEATURE(`nocanonify') fixes the issue. The "To" field is no longer rewritten.

I still do not understand why this feature is now necessary, when it has been working without it for over 15 years. It makes me rather nervous.
Is there any way to find out?


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

Helmut K. C. Tessarek wrote:

Is there any way to find out?

You would have to find out what changed in any relevant configuration
(DNS, cf, all files/maps used by cf, OS, ...)
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

Is there any way to find out?

You would have to find out what changed in any relevant configuration
(DNS, cf, all files/maps used by cf, OS, ...)

Given that Helmut also mentioned "the new DKIM key", I'd like to add
"all your milter'ed extensions" to this list explicitly.

Martin Neitzel
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-08-06 09:54, Martin Neitzel wrote:

You would have to find out what changed in any relevant configuration (DNS, cf, all files/maps used by cf, OS, ...)

Given that Helmut also mentioned "the new DKIM key", I'd like to add
"all your milter'ed extensions" to this list explicitly.

Unfortunately nothing has changed.

As I have pointed out, I am using git to keep track of my entire /etc/mail directory (and others). The last change was adding dnsbl in 2021 which wouldn't
change the "to:" field to be rewritten - miraculously starting years later. Adding the new DKIM keys to the DNS as TXT records and changing the opendkim config file to add those new keys cannot be it either. I have done so the past 10 years in an interval of 2 years.

What changed over the years were the sendmail binaries by updating its package via dnf.

So for some strange reason I cannot determine (since my config hasn't changed) canonification started to happen.
I wanted to know if there is some sort of trace to find out why it is happening.
(I was able to use "sendmail -bt" to see that it is happening, but not why.)

Why is sendmail doing canonification? It hasn't done so in the last 20 years.

If you check my DNS records, they are A records, not CNAMEs.
It didn't start because I added a new DKIM key. Nor did it start happening in 2025, because I added 2 lines regarding dnsbl to my sendmail.mc back in 2021. It's the same as telling me my car's right blinker is now activated by my left turn signal, because I had scrambled eggs for breakfast 3 years ago.

Don't get me wrong, I understand that you think my config has changed, but it hasn't. I wish it had.

Cheers,
K. C.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

Helmut K. C. Tessarek wrote:

What changed over the years were the sendmail binaries by updating its package

So you don't compile sendmail yourself, but rely on someone else -
who might change compile time options, apply patches, ...

Maybe there's a changelog for that (or you can compare
the source packages + modifications)?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 06.08.2025 16:40 Uhr Helmut K. C. Tessarek wrote:

What changed over the years were the sendmail binaries by updating
its package via dnf.

You have to tell us more about the OS you are using.
Sendmail also offers ways to show its compile-time options.

sendmail -d0.13
--
kind regards
Marco

Send spam to 1754491238muell@stinkedores.dorfdsl.de

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-08-07 14:55, Marco Moock wrote:

You have to tell us more about the OS you are using.

I am using Fedora 42 Server.

Sendmail also offers ways to show its compile-time options.

sendmail -d0.13

sendmail -d0.13
Version 8.18.1
Compiled with: DANE HAVE_SSL_CTX_dane_enable MAX_TLSA_RR=64 DNSMAP
HES_GETMAILHOST IPV6_FULL LDAPMAP LDAP_NETWORK_TIMEOUT LOG
MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND
NETINET NETINET6 NETUNIX NEWDB=5.3 CDB=1 NIS PIPELINING SASLv2
SCANF SOCKETMAP STARTTLS TLS_EC TLS_VRFY_PER_CTX USERDB
USE_LDAP_INIT
OS Defines: ADDRCONFIG_IS_BROKEN HASFCHOWN HASFCHMOD HASFLOCK
HASGETDTABLESIZE HAS_GETHOSTBYNAME2 HASINITGROUPS HASLSTAT
HASNICE HASRANDOM HASRRESVPORT HASSETREGID HASSETREUID
HASSETRLIMIT HASSETSID HASSETVBUF HASURANDOMDEV HASSTRERROR
HASUNAME HASUNSETENV HASWAITPID IDENTPROTO NEEDSGETIPNODE
REQUIRES_DIR_FSYNC SFS_VFS USE_DOUBLE_FORK USE_SIGLONGJMP Kernel symbols: /boot/vmlinux
Conf file: /etc/mail/submit.cf (default for MSP)
Conf file: /etc/mail/sendmail.cf (default for MTA)
Pid file: /var/run/sendmail.pid (default)
libsm Defines: SM_CONF_LDAP_INITIALIZE SM_CONF_LDAP_MEMFREE
SM_CONF_LONGLONG SM_CONF_MEMCHR SM_CONF_MSG SM_CONF_SEM
SM_CONF_SIGSETJMP SM_CONF_SHM SM_CONF_SSIZE_T SM_CONF_STDBOOL_H
SM_CONF_STDDEF_H SM_CONF_SYS_CDEFS_H SM_CONF_UID_GID
DO_NOT_USE_STRCPY SM_HEAP_CHECK SM_OS=sm_os_linux SM_VA_STD
FFR Defines: _FFR_MILTER_CHECK_REJECTIONS_TOO _FFR_QOS
_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE _FFR_M_ONLY_IPV4
Canonical name: localhost.localdomain
UUCP nodename: atvie01s
a.k.a.: [IPv6:fe80:0:0:0:da9d:67ff:fe6e:190]
Conf file: /etc/mail/submit.cf (selected)
Pid file: /var/run/sm-client.pid (selected)

============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = localhost
(canonical domain name) $j = localhost.localdomain
(subdomain name) $m = localdomain
(node name) $k = atvie01s ========================================================


I am not sure why sendmail uses the localhost.localdomain domain name:

[root@atvie01s 0 ~]# hostname
atvie01s
[root@atvie01s 0 ~]# hostname -f
atvie01s
[root@atvie01s 0 ~]# hostname -s
atvie01s

The machine itself does not have a fqdn, because it is the only machine in a DC's VXLAN. And the domains are set in the sendmail.mc:

https://evermeet.cx/paste/sendmail_mc.6hKd.txt
(available until 2025-09-04 19:26:03 UTC)

This config is now the uncensored version (as opposed to the one in my OP) and it includes the one line I added so that canonification does not happen.

Cheers,
K. C.


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-08-07 01:42, Claus A|fmann wrote:

So you don't compile sendmail yourself, but rely on someone else -
who might change compile time options, apply patches, ...

Yes, I stopped doing that about 10 years ago. I am now upgrading the OS (Fedora
Server) twice a year, and the packages almost every week.
This doesn't mean that there are updates to sendmail every week.

I have never had any issues with distro packages of sendmail on Fedora or Debian.

Although I admit that they _could_ do something fishy by adding patches.

Maybe there's a changelog for that (or you can compare
the source packages + modifications)?

I checked the Fedora source package and I found one patch for sendmail 8.18.1 that added localhost.localdomain to something, even though I don't know what the
rules mean. I don't speak sendmail macros:

https://src.fedoraproject.org/rpms/sendmail/blob/f42/f/sendmail-8.18.1-localdomain.patch

Is this the reason why it started to do canonification?

If so, this patch had a serious side effect and I will open a bug report against
it. They must have had their reason, but on the other side thay can't just break
people's configs. This would be the first time since I've started to use Fedora's sendmail package that they changed the behavior (other than file locations) via a patch.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 07/08/2025 20:33, Helmut K. C. Tessarek wrote:

in a DC's VXLAN. And the domains are set in the sendmail.mc:

https://evermeet.cx/paste/sendmail_mc.6hKd.txt
(available until 2025-09-04 19:26:03 UTC)

Just a thought, this is the sendmail.mc, what about submit.mc as used by
the Mail Submission Program (MSP)?

In my notes I have noted it was there with version 8.12 of sendmail and
is used with options -Ac, -bm, -bs, bt, and -t.

Regards,
Stacey




--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-08-11 12:23, Stacey Marshall wrote:

Just a thought, this is the sendmail.mc, what about submit.mc as used by
the Mail Submission Program (MSP)?

In my notes I have noted it was there with version 8.12 of sendmail and
is used with options -Ac, -bm, -bs, bt, and -t.

Yes, I haven't made it available, because the submit file hasn't changed since 20 years when I originally set it up on RHEL or FC3 (I can't recall).

But the sendmail.mc changed in 2021 when I added the dbsnl. IMO not related to anything but I was sure people would want to see the config anyway.
Also I thought that the submit.mc had nothing to do with receiving external email.
For me it had to do with something that changed (not by me), so it never crossed
my mind to post the submit.mc. But here it is:

https://evermeet.cx/paste/submit_mc.As3j.txt
(avilable until 2025-09-08 19:52:29 UTC)

But I found something that could explain it, as I mentioned in another reply, but I haven't received an answer yet:

I checked the Fedora source package and I found one patch for sendmail 8.18.1 that added localhost.localdomain to something, even though I don't know what the
rules mean. I don't speak sendmail macros:

https://src.fedoraproject.org/rpms/sendmail/blob/f42/f/sendmail-8.18.1-localdomain.patch

Is this the reason why it started to do canonification?

Cheers,
K. C.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 11/08/2025 21:00, Helmut K. C. Tessarek wrote:

Also I thought that the submit.mc had nothing to do with receiving
external email.

Okay, I was aware of
On 06/08/2025 21:40, Helmut K. C. Tessarek wrote:> (I was able to use "sendmail -bt" to see that it is happening, but not

why.)

Possibly the full command used option `-Am` to specify use of
sendmail.cf as looking back over the thread I note you said modifying
that with nocanonify addresses the issue:

On 01/08/2025 06:41, Helmut K. C. Tessarek wrote:

FEATURE(`nocanonify', `canonify_hosts')

Adding FEATURE(`nocanonify', `canonify_hosts') or
FEATURE(`nocanonify') fixes the issue. The "To" field is no longer rewritten.
I still do not understand why this feature is now necessary, when it has been working without it for over 15 years. It makes me rather nervous.
Is there any way to find out?

Coming back to your findings:

But I found something that could explain it, as I mentioned in another reply, but I haven't received an answer yet:

I checked the Fedora source package and I found one patch for sendmail 8.18.1
that added localhost.localdomain to something, even though I don't know
what the
rules mean. I don't speak sendmail macros:

https://src.fedoraproject.org/rpms/sendmail/blob/f42/f/sendmail-8.18.1- localdomain.patch

The language is quite something, and I don't confess to being conversant
with it. That patch is simply a re-wrapping [1] of a previous patch
from 2007, the blame log finds the original patch [2] so I doubt that is
the change your looking for.

1. https://src.fedoraproject.org/rpms/sendmail/c/26448b1eab9386c76266ced5b1b71a765fe6d6d2?branch=f42
2. https://src.fedoraproject.org/rpms/sendmail/c/2174409589dee7e371b97edc650688c6eea6f4f6

Regards,
Stacey

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-08-12 02:37, Stacey Marshall wrote:

The language is quite something, and I don't confess to being conversant
with it. That patch is simply a re-wrapping [1] of a previous patch
from 2007, the blame log finds the original patch [2] so I doubt that is
the change your looking for.

1.
https://src.fedoraproject.org/rpms/sendmail/ c/26448b1eab9386c76266ced5b1b71a765fe6d6d2?branch=f42
2.
https://src.fedoraproject.org/rpms/sendmail/ c/2174409589dee7e371b97edc650688c6eea6f4f6

Thanks for the insight.

Unfortunately, this leads me once again back to square one.
I still have no clue why sendmail started to canonify. This drives me nuts.

Cheers,
K. C.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

Helmut K. C. Tessarek wrote:

So, if I send a mail to the ca domain, I receive an email with the cx domain in
the to field.

Send mail from where and how?
If you send mail from your "localhost.localdomain" host
then the Fedora patch seems to "canonify" it.

BTW:
! Conf file: /etc/mail/submit.cf (selected)
^^^^^^^^^
! (canonical domain name) $j = localhost.localdomain
! I am not sure why sendmail uses the localhost.localdomain domain name:

because your system doesn't have a FQHN:

! [***@atvie01s 0 ~]# hostname -f
! atvie01s


Does the problem happen when you receive mail from external hosts?

BTW: why do you set
MASQUERADE_DOMAIN()
but no
MASQUERADE_AS()
?
--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mail.sendmail

On 2025-08-12 16:24, Claus A|fmann wrote:

Send mail from where and how?
If you send mail from your "localhost.localdomain" host
then the Fedora patch seems to "canonify" it.

External. You can ignore local mails for this issue.
I have a yahoo and gmail account for testing purposes and when sending mail from
those.

BTW:
! Conf file: /etc/mail/submit.cf (selected)
^^^^^^^^^
! (canonical domain name) $j = localhost.localdomain
! I am not sure why sendmail uses the localhost.localdomain domain name:

because your system doesn't have a FQHN:

! [***@atvie01s 0 ~]# hostname -f
! atvie01s

As mentioned before, this is not a mail server in a home LAN or company network.
It is a bare metal server in a DC that runs multiple services. Mail is just one
of them.
There is nothing in that VXLAN, except this one single machine.

Additionally, multiple different domain names point to that machine. 2 of them to the same IP and another domain to another IP. I own 5 IP addresses, and use one physical adapter.

So which FQDN would you have given that machine? Would you have chosen one of the domain names that point to it? If so, which one? Or would you have just used
.lan or .internal? I am really curious. I was asking myself and others this question for years. Nobody (including me) every came up with a proper answer or
explanation.

I seriously didn't know which domain name I should give that server, thus I chose none.

Does the problem happen when you receive mail from external hosts?

I only noticed this issue because of external email. I barely use local email delivery and don't care about the from and to fields as long as the mail arrives.
I am only concerned and care about external email.

BTW: why do you set
MASQUERADE_DOMAIN()
but no
MASQUERADE_AS()
?

Hmm, I can't recall exactly. I had set it like 9 years ago, but something didn't
work as expected. Without MASQUERADE_DOMAIN my mails I sent to external addresses had my hostname in the domain name. e.g.: test@atvie01s.evermeet.cx When I set MASQUERADE_AS the from field was always from that domain, but since I
use this mail server with 2 domains, this was useless. I tried to use 2 MASQUERADE_AS entries, but that didn't work either.
But this was rather long ago, so I am not sure whether my memory can be trusted.
I don't have the reason in the commit message (note to self: add stuff like that
to the commit messages).

I am happy that adding nocanonify to the config fixed the issue. But I am rather
puzzled why it was necessary all of a sudden. I would understand, if I had changed the config or the DNS in a way that resulted in that different behavior.
But since I haven't done so, I am seriously confused.


--- Synchronet 3.21a-Linux NewsLink 1.2