Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 8 Jan 2008 13:26:16 -0500
From:      "Philip M. Gollucci" <philip@ridecharge.com>
To:        Jerahmy Pocott <quakenet1@optusnet.com.au>
Cc:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: Sendmail: "exposed" root, why?
Message-ID:  <4783C048.9080403@ridecharge.com>
In-Reply-To: <8EE4A2AA-E15D-4C07-AFBC-061A4595DA82@optusnet.com.au>
References:  <8EE4A2AA-E15D-4C07-AFBC-061A4595DA82@optusnet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
Jerahmy Pocott wrote:
> Hello,
> 
>  From the sendmail documentation:
> 
> "There are always users that need to be "exposed" -- that is,
> their  internal site name should be displayed instead of the
> masquerade name. Root is an example (which has been
> "exposed" by default prior to 8.10)."
> 
> Is there actually any reason why root needs to be "exposed"?
> 
> Root is set to an external address in aliases and it really
> needs to be masqueraded in order to for it to get delivered,
> but would that cause problems with anything?
> 
> How do you stop sendmail from doing this, I don't see any
> directive to NOT expose root, only options to expose other
> addresses as well.. Perhaps there is a better way to send
> system mailed logs to an external address that doesn't send
> them from root?
> 
> Thanks for any info!
There is no directive, but you can edit the resultant .cf file
and remove the line
C{E}root
or root from that line if more than one user.

Be warned, you _will_ break /etc/crontab and periodic scripts mail delivery.

The reason it needs to be exposed is probably these scripts because 
other wise the from address for daily security scripts will be
root@<masquerade> rather than root@machine.domain.  Now, it so happens 
that most of these e-mails have the machine name in the subject or what not.



-- 
------------------------------------------------------------------------
Philip M. Gollucci (philip@ridecharge.com)
o:703.549.2050x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB  B89E 1324 9B4F EC88 A0BF

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4783C048.9080403>