Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 13 Oct 2000 00:46:05 +0200
From:      Neil Blakey-Milner <nbm@mithrandr.moria.org>
To:        Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc:        Peter Wemm <peter@netplex.com.au>, Alan Clegg <abc@bsdi.com>, Valentin Nechayev <netch@lucky.net>, Doug Barton <Doug@gorean.org>, Jordan Hubbard <jkh@winston.osd.bsdi.com>, cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org
Subject:   Re: cvs commit: src/etc inetd.conf
Message-ID:  <20001013004605.A64533@mithrandr.moria.org>
In-Reply-To: <96598.971389628@critter>; from phk@critter.freebsd.dk on Fri, Oct 13, 2000 at 12:27:08AM %2B0200
References:  <200010122222.e9CMMmG35106@netplex.com.au> <96598.971389628@critter>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri 2000-10-13 (00:27), Poul-Henning Kamp wrote:
> >IMHO, having sendmail *off* in rc.conf should mean "no sendmail at all",
> >not having /usr/sbin/sendmail -q still being run behind your back.
> >
> >The daily processing shows the mailq already anyway.  If you don't at least
> >occasionally read them, then you're not using the tools available to you.
> 
> Uhm, and how would you get the mailq output if mail just piles up ?
> 
> I think having rc.conf settings be: "off", "on", and "outgoing only"
> is the solution here.

I sent a suggested configuration file change to security@FreeBSD.org a while back:

---

sendmail_enable="YES" # run the sendmail MTA
sendmail_outboundonly_enable="YES" # don't listen for messages from the network

case ${sendmail_enable} in
[Yy][Ee][Ss])
     case ${sendmail_outbound_enable} in
     [Nn][Oo] | '')
             ;;
     *)
             case ${sendmail_flags} in
             *-bd*)
                     ;;
             *)
                     # don't add -bd if we already have it (necessary?)
                     sendmail_flags="${sendmail_flags} -bd"
                     ;;
             esac
             ;;
     esac
     ;;
esac

---

Or something like the above.

This is from Lyndon Nerenburg:

---

Ship the system with two pre-built sendmail configuration files:

     /etc/mail/sendmail.cf.{full,nullclient}

In rc.conf:

     sendmail_config="full"     # Set to "nullclient" if you want to
                                # forward all local mail to a central
                                # mail hub. Set sendmail_smarthost
                                # to the name of your mail hub.
     sendmail_smarthost="mail.example.com"

Change the code fragment in /etc/rc where sendmail is started to:

     rm -f /var/run/smarthost
     if [ -n "${sendmail_smarthost} ] ; then
        echo "${sendmail_smarthost" > /var/run/smarthost
     fi
     if [ -r /etc/mail/sendmail.cf.${sendmail_config} ] ; then
        echo -n ' sendmail'
        /usr/sbin/sendmail ${sendmail_flags} -C/etc/mail/sendmail.cf.${sendmail_config}
     fi

sendmail.cf.nullclient would have an entry that picked up the smarthost
from the contents of /var/run/smarthost.

---

I think the general concensus was that we could default to
sendmail_outboundonly_enable being "YES", and we can add a toggle to
sysinstall to turn it on and off.  I'd probably leave the
sendmail_config and sendmail_smarthost out, but others may wish to do
it.

I'll send a full patch to whatever is deemed the necessary mailing
list(s) after I wake up.  (suggestions in private, please)

Neil
-- 
Neil Blakey-Milner
nbm@mithrandr.moria.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001013004605.A64533>