Date: Fri, 22 Sep 2000 22:06:03 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: Nate Williams <nate@yogotech.com>, Warner Losh <imp@village.org>, security@FreeBSD.ORG, Peter Wemm <peter@netplex.com.au> Subject: Re: sendmail default run state Message-ID: <20000922220603.E367@149.211.6.64.reflexcom.com> In-Reply-To: <20000923021119.A35919@mithrandr.moria.org>; from nbm@mithrandr.moria.org on Sat, Sep 23, 2000 at 02:11:19AM %2B0200 References: <20000922215616.A33103@mithrandr.moria.org> <200009100358.e8A3wUG76071@netplex.com.au> <200009100415.e8A4F4G76156@netplex.com.au> <20000910154357.A78311@mithrandr.moria.org> <200009222012.OAA70984@harmony.village.org> <200009230001.SAA20358@nomad.yogotech.com> <20000923021119.A35919@mithrandr.moria.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 23, 2000 at 02:11:19AM +0200, Neil Blakey-Milner wrote:
> On Fri 2000-09-22 (18:01), Nate Williams wrote:
> > > : I personally would really like 'sendmail_outbound_only="YES"' to be the
> > > : default in /etc/defaults/rc.conf, with an option in sysinstall's Network
> > > : Services for turning it on/off.
> > >
> > > I like this a lot. We have several machines in the Village that ARE
> > > NOT FOR EMAIL (caps ment to describe the tone of voice we have when we
> > > talk about them). These machiens generate email all the time, but
> > > should never receive email. We solve this problem with a simple cron
> > > job that runs once a day after the daily/weekly/monthly scripts run to
> > > deal with failures to send those right away.
> >
> > I don't understand the issue. I've got machines, and I just never
> > startup sendmail, but it sends email out just fine using the
> > null-client sendmail setup for 'locally' generated email.
> >
> > This limits the sendmail connections to a known server, and doesn't
> > require sendmail to listen on port 25.
> >
> > What am I missing?
>
> How do you enable nullclient from rc.conf?
You don't need the nullclient setup. sendmail running as a listening
daemon has nothing to do with sending mail in any config. Except...
> What happens if your smarthost server goes down - when does sendmail
> check your queue again?
If the mail does not deliver on the first try, if you tell the daemon
to, it will try again at a later time.
On machines where I don't run a sendmail daemon at all, it checks the
queue next time I type 'sendmail -q' or the daily 'sendmail -q' I run
from cron.
IMHO, all this talk about 'sendmail_outbound_only' and the like is
adding an extra level of obscurity. I think that what would be even
better would just be good comments on the 'sendmail_flags' variable.
How about in /etc/rc.conf or /etc/defaults/rc.conf,
#sendmail_flags="-bd -q30m" # Flags tell sendmail to listen for incoming
# mail and check outgoing queue every 30 min
sendmail_flags="-q30m" # Flag tells sendmail to check outgoing queue
# every 30 min, does not listen for incoming
Just an example, but I really think these changes are so easy with
just tweaking that variable that it is ridiculus to make it more
complex. But for anything truly complex, like changing sendmail.cf, we
just have to let the user fend for themselves. It is beyond the scope
of sysinstall.
--
Crist J. Clark cjclark@alum.mit.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000922220603.E367>