Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 31 Aug 2007 10:00:18 -0700
From:      Chuck Swiger <cswiger@mac.com>
To:        L Goodwin <xrayv19@yahoo.com>
Cc:        FreeBSD-Questions List <freebsd-questions@freebsd.org>
Subject:   Re: Configuring FreeBSD 6.2 to use sendmail for sending only
Message-ID:  <BAEBBAB8-91A1-40EC-8F83-5FB1D8AEE6AE@mac.com>
In-Reply-To: <169381.93008.qm@web58104.mail.re3.yahoo.com>
References:  <169381.93008.qm@web58104.mail.re3.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Aug 30, 2007, at 6:14 PM, L Goodwin wrote:
[ ... ]
> Should I be calling "mail" or "sendmail", and which
> mail or sendmail should I invoke if there is more than
> one of either?  Chuck's example calls sendmail in a
> path that does not exist on my system (my sendmail is
> in /usr/sbin/). I usually invoke whichever one is
> first in my path.

As others have said, there is more than one way to do the same task,  
but you asked to run sendmail in particular, rather than something else.

The path I used was that to the actual sendmail binary, rather than  
the /usr/sbin wrapper which (on the particular machine I used,  
anyway) would invoke Postfix instead.  You can find more details from  
"man mailwrapper".

> One more question. Is it ok to run the script (and
> send the email) as user root, or should I create a
> user account with more limited permissions -- if so,
> what limits should I set?

The simple answer is that you should try not to run things as root  
when you can do them as a normal user.  If you wish the email to  
contain arbitrary envelope from-addresses, be aware that only root  
can do so without a warning message unless you use this FEATURE (see / 
usr/share/sendmail/cf/README):

> use_ct_file     Read the file /etc/mail/trusted-users file to get the
>                 names of users that will be ``trusted'', that is,  
> able to
>                 set their envelope from address using -f without  
> generating
>                 a warning message.  The actual filename can be  
> overridden
>                 by redefining confCT_FILE.

Someone else has already provided another example of a controlled  
access email script which checks for the right UID.

-- 
-Chuck

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAEBBAB8-91A1-40EC-8F83-5FB1D8AEE6AE>