From owner-freebsd-questions@FreeBSD.ORG  Tue Aug  5 10:10:34 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 528AC37B401
	for <freebsd-questions@freebsd.org>;
	Tue,  5 Aug 2003 10:10:34 -0700 (PDT)
Received: from pursued-with.net (adsl-66-125-9-242.dsl.sndg02.pacbell.net
	[66.125.9.242])	by mx1.FreeBSD.org (Postfix) with ESMTP id 8D90443F85
	for <freebsd-questions@freebsd.org>;
	Tue,  5 Aug 2003 10:10:33 -0700 (PDT)
	(envelope-from Kevin_Stevens@pursued-with.net)
Received: from babelfish.pursued-with.net (babelfish.pursued-with.net
	[192.168.168.42])
	by pursued-with.net (8.12.8p1/8.12.8) with ESMTP id h75HBvqZ040979
	for <freebsd-questions@freebsd.org>;
	Tue, 5 Aug 2003 10:11:57 -0700 (PDT)
	(envelope-from Kevin_Stevens@pursued-with.net)
Date: Tue, 5 Aug 2003 10:11:57 -0700 (PDT)
From: Kevin Stevens <Kevin_Stevens@pursued-with.net>
To: FreeBSD Questions <freebsd-questions@freebsd.org>
In-Reply-To: <BB552E90.19213%mksmith@noanet.net>
Message-ID: <20030805095446.F40922@babelfish.pursued-with.net>
References: <BB552E90.19213%mksmith@noanet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: Another FreeBSD/sendmail permissions question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Kevin_Stevens@pursued-with.net
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Aug 2003 17:10:34 -0000

Not sure where this goes; I'm also posting it to the sendmail Usenet
group.

I've been having what is apparently a fairly common problem with my
sendmail configuration; every time a message is delivered I get a warning
of the type "Aug  5 00:25:53 babelfish sendmail[39666]: h757PrRD039666:
forward /data/mail/.forward+: Group writable directory".

After doing some research, I've been able to turn off the warning messages
using the DontBlameSendmail option in my .cf file.  However, I'd really
like to understand why the warning is being generated in the first place.

/data/mail is the user directory to which mail is delivered by my IMAP
server after it is moved from /var/mail/imap.

a)  There is no .forward file in /data/mail
b)  The permissions on the /data/mail directory are:
	drwx------  4 imap  wheel  512 Aug  5 10:00 .
c)  The permissions on the *parent* (/data) directory are:
	drwxrwxr-x  18 root  staff       512 Aug  2 13:52 ..
d)  Permissions on /var/mail/USERNAME are:
	-rw-------   1 imap     imap       0 Aug  5 10:03 imap
e)  Permissions on /var/mail are:
	drwxrwxr-x  2 root  mail  512 Aug  5 10:02 .
f)  And on /var are:
	drwxr-xr-x  23 root  wheel  512 May 10 23:23 .

Now, what's confusing to me is that if I remove the group writable
attribute of /data, the messages go away.  WTF?  Why does sendmail care
about the permissions of the *parent* directory?  Is this because someone
in the parent could alter or blow away the /data/mail directory?

I'd think that, if anything, the problem would be the permissions on the
/var/mail directory; but not only is that not where the warning
references; tightening permissions in that area doesn't affect the
warnings.

KeS