From owner-freebsd-security Sat Sep 23 12:55:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id 7DF3D37B43E for ; Sat, 23 Sep 2000 12:55:05 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13cvNo-000BTq-00; Sat, 23 Sep 2000 21:54:48 +0200 Date: Sat, 23 Sep 2000 21:54:48 +0200 From: Neil Blakey-Milner To: Lyndon Nerenberg Cc: Nate Williams , Warner Losh , security@FreeBSD.ORG, Peter Wemm Subject: Re: sendmail default run state Message-ID: <20000923215447.A44016@mithrandr.moria.org> References: <20000923021119.A35919@mithrandr.moria.org> <200009231941.e8NJfV143262@orthanc.ab.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <200009231941.e8NJfV143262@orthanc.ab.ca>; from lyndon@orthanc.ab.ca on Sat, Sep 23, 2000 at 01:41:31PM -0600 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat 2000-09-23 (13:41), Lyndon Nerenberg wrote: > Neil> How do you enable nullclient from rc.conf? > > Ship the system with two pre-built sendmail configuration files: > > /etc/mail/sendmail.cf.{full,nullclient} > > In rc.conf: > > sendmail_config="full" # Set to "nullclient" if you want to > # forward all local mail to a central > # mail hub. Set sendmail_smarthost > # to the name of your mail hub. > sendmail_smarthost="mail.example.com" > > Change the code fragment in /etc/rc where sendmail is started to: > > rm -f /etc/mail/smarthost > if [ -n "${sendmail_smarthost} ] ; then > echo "${sendmail_smarthost" > /etc/mail/smarthost > fi > if [ -r /etc/mail/sendmail.cf.${sendmail_config} ] ; then > echo -n ' sendmail' > /usr/sbin/sendmail ${sendmail_flags} -C/etc/mail/sendmail.cf.${sendmail_config} > fi > > sendmail.cf.nullclient would have an entry that picked up the smarthost > from the contents of /etc/mail/smarthost. Brilliant! Is that with 'DS-o /etc/mail/smarthost'? Now, if we could make that 'listen' thing (OOAddr=10.1.1.1) take a file, we're set. I'm not so sure about /etc/rc deleting and recreating files in /etc/mail, though, but that's another issue. > Neil> What happens if your smarthost server goes down - when does > Neil> sendmail check your queue again? > > Whenever you tell it to via the -q parameter. E.g.: > > /usr/sbin/sendmail -q20m Yeah - I was commenting on why you want sendmail running with queue running. > It's not that hard. In fact there are quite a few things we could do > to allow for things like a SUBMIT only configuration (listen to port > 587, but not port 25), etc. The problem is they would be very specific > to sendmail. I don't use sendmail for "mail servers" personally, but it makes sense if they're standalone machines that just need to send mail from the machine to a central server. If we can offer this ability in the base system and easy-to-use from rc.conf, that's cool. More complex stuff requires direct sendmail configuration, or installing another MTA. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message