Solved

Version 8.13.6+Sun Sendmail for Solaris 9

Posted on 2006-07-06
6
1,900 Views
Last Modified: 2013-12-17
The version of sendmail running on OS Solaris 9 is showing below.  I created a /etc/mail/aliases and I would like to only mailx to local users only, but the problem is that we are not allow to have the deamon sendmail to run in the server just to use it as a mailer locally.  Okay when I have the deamon sendmail up and running it actually works like a chanp however when I stop the deamon sendmail then the error received in the /var/log/syslog is:

Jul  6 13:32:52 mcusquanmm02 sm-mta[1573]: [ID 801593 mail.info] k66DWqbH001573: from=<snsadmin@mcusquanm
m02.mcdsus.mcds.usmc.mil>, size=381, class=0, nrcpts=1, msgid=<200607061332.k66DWqTP001572@mcusquanmm02.m
cdsus.mcds.usmc.mil>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]

# echo \$Z | /usr/lib/sendmail -bt -d0
Version 8.13.6+Sun
 Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
                MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB NIS
                NISPLUS PIPELINING SCANF USERDB USE_LDAP_INIT XDEBUG

============ SYSTEM IDENTITY (after readcf) ============
      (short domain name) $w = hostname02
  (canonical domain name) $j = hostname.domain.mil
         (subdomain name) $m = domain.mil
              (node name) $k = hostname02
========================================================

ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> 8.13.6
0
Comment
Question by:nlopezzapa07
6 Comments
 

Author Comment

by:nlopezzapa07
ID: 17053617
Questions:

1. How can I have the sendmail turned off but mailing to local users usisng the /etc/mail/aliases.  
2. I have configured the following files:
/etc/resolve.conf
etc
etc
3
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 17055796
1. No. The aliases file is referenced by sendmail (when it has determined an E-Mail is destined for local delivery). Mail User Agents (MUAs) like mail, elm, pine, etc. do not reference it.

2) /etc/resolv.conf configures hostname resolution and has little to do with local E-Mail delivery

Mail User Agents (MUAs), like mail and elm and pine and so forth, don't know how to deliver E-mail. They only know how to create it and submit it to a Mail Transport Agent. The Mail Transport Agent, when the E-Mail is destined for a local mailbox, hands the E-Mail to a Mail Delivery Agent (MDA), such as mail..local or ProcMail, for final delivery. So if you want your mail delivered, you need to be running sendmail (or some other MTA).
0
 

Author Comment

by:nlopezzapa07
ID: 17058132
I would like to ask a question:

Why is it that the previous version of sendmail in 24 servers I have up and running can be sending mail to Outlook inboxes with no sendmail daemon running.  We do not have this issue since the /etc/mail/sendmail.cf is as follow:

# more sendmail.cf
#
# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
#       All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman.  All rights reserved.
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# Copyright (c) 1993, 1997 - 2001
#       Sun Microsystems, Inc.  All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#

######################################################################
######################################################################
#####
#####           SENDMAIL CONFIGURATION FILE
#####
######################################################################
######################################################################

#####  $Id: cfhead.m4,v 8.76.4.16 2001/03/06 22:56:36 ca Exp $  #####
#####  @(#)cf.m4        8.24 (Berkeley) 8/16/95  #####

#####  @(#)remote_mode.m4       1.2 (Sun) 05/01/00  #####
#####  @(#)subsidiary-v7sun.mc  1.8 (Sun) 09/12/01  #####

#####  $Id: solaris8.m4,v 8.1.2.2 2000/08/23 16:10:01 gshapiro Exp $  #####

#####  $Id: local_lmtp.m4,v 8.15 1999/11/18 05:06:22 ca Exp $  #####

#####  @(#)solaris-generic.m4   1.8 (Sun) 01/04/01  #####

#####  $Id: redirect.m4,v 8.15 1999/08/06 01:47:36 gshapiro Exp $  #####

#####  @(#)use_cw_file.m4       8.1 (Berkeley) 6/7/93  #####


#####  @(#)use_ct_file.m4       8.1 (Berkeley) 9/17/95  #####


#####  @(#)accept_unqualified_senders.m4        8.3 (Berkeley) 5/19/98  #####

#####  @(#)accept_unresolvable_domains.m4       8.7 (Berkeley) 5/19/98  #####

#####  @(#)relay_entire_domain.m4       8.7 (Berkeley) 5/19/98  #####

#####  @(#)remote_mode.m4       1.2 (Sun) 05/01/00  #####




#####  $Id: proto.m4,v 8.446.2.5.2.48 2002/05/01 21:28:29 gshapiro Exp $  #####


# level 9 config file format
V9/Sun

# override file safeties - setting this option compromises system security,
# addressing the actual file configuration problem is preferred
# need to set this before any file actions are encountered in the cf file
#O DontBlameSendmail=safe

# default LDAP map specification
# need to set this now before any LDAP maps are defined
#O LDAPDefaultSpec=-h localhost

##################
#   local info   #
##################

Cwlocalhost
# file containing names of hosts for which we receive email
Fw/etc/mail/local-host-names

# my official domain name
# ... define this only if sendmail cannot automatically determine your domain
#Dj$w.Foo.COM

CP.

# "Smart" relay host (may be null)
#DSmailhost$?m.$m$.
DShostnmame.XXXX.XXX.mil.


# operators that cannot be in local usernames (i.e., network indicators)
CO @ % !

# a class with just dot (for identifying canonical names)
C..

# a class with just a left bracket (for identifying domain literals)
C[[




# Hosts for which relaying is permitted ($=R)
FR-o /etc/mail/relay-domains

# arithmetic map
Karith arith

# who I send unqualified names to (null means deliver locally)
DR

# who gets all local email traffic ($R has precedence for unqualified names)
DH

# dequoting map
Kdequote dequote

# class E: names that should be exposed as from this host, even if we masquerade
# class L: names that should be delivered locally, even if we have a relay
# class M: domains that should be converted to $M
# class N: domains that should not be converted to $M
#CL root
C{E}root

# who I masquerade as (null for no masquerading) (see also $=M)
DM

# my name for error messages
DnMAILER-DAEMON


CPREDIRECT

# Configuration version number
DZ8.11.7


###############
#   Options   #
###############

# strip message body to 7 bits on input?
O SevenBitInput=False

# 8-bit data handling
#O EightBitMode=pass8

# wait for alias file rebuild (default units: minutes)
O AliasWait=10

# location of alias file
O AliasFile=dbm:/etc/mail/aliases

# minimum number of free blocks on filesystem
O MinFreeBlocks=100

# maximum message size
#O MaxMessageSize=1000000

# substitution for space (blank) characters
O BlankSub=.

# avoid connecting to "expensive" mailers on initial submission?
O HoldExpensive=False

# checkpoint queue runs after every N successful deliveries
#O CheckpointInterval=10

# default delivery mode
O DeliveryMode=background

# automatically rebuild the alias database?
# NOTE: There is a potential for a denial of service attack if this is set.
#       This option is deprecated and will be removed from a future version.
O AutoRebuildAliases=True

# error message header/file
#O ErrorHeader=/etc/mail/error-header

# error mode
#O ErrorMode=print

# save Unix-style "From_" lines at top of header?
#O SaveFromLine=False

# temporary file mode
O TempFileMode=0600

etc, etc, etc ...



0
Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

 
LVL 34

Expert Comment

by:PsiCop
ID: 17058859
Ugh. Let's try the sendmail.mc. Lot easier to figger out than trying to parse sendmail.cf. So please post the sendmail.mc.
0
 
LVL 6

Expert Comment

by:anfi
ID: 17062904
Sendmail-8.12 installed as non set root id (default installation mode) requires local SMTP daemon running on 127.0.0.1:25 [ http://www.sendmail.org/security/secure-install.html ]

You can:
* install sendmail in older "set root id" way [and invalidate the security precaution]
* start sendmail daemon listening only on loopback interface (127.0.0.1)
  [ search news:comp.mail.sendmail for post with "DAEMON_OPTIONS" and "127.0.0.1" ]
0
 
LVL 2

Accepted Solution

by:
pitoren earned 500 total points
ID: 17089438
Mmm.

You do not need sendmail to be runing as a daemon for sendmail to be used to send mail, either for local or remote delivery - sendmail processes can and often are generated "on demand".

BUT, sendmail version 8.12.x made default the use of the MSP (Message Submission Program)

http://www.sendmail.org/~ca/email/doc8.12/cf/m4/msp.html

You can see this by looking at the processes ("ptree | grep sendmail") running after you run /etc/init.d/sendmail start, you will see 2

1) one with args like "-bd -q15m"
2) another with args which include "-Ac"

The latter process will also be running as the "smmsp" user, use "ptree smsmp" to see it.

With sendmail configured this way you do need something listening somewhere to deal with locally generated mails (from cron, at job, mailx, ...), which does mean a daemon for sendmail.  That "listener" should be configured to listen on just the loopback interface 127.0.1.  I suspect your "rules" disallowing sendmail running on the server were written before sendmail 8.12.  If confgured to listen just on loopback there is really no problem with having sendmail running, and I think it's safer than chnaging things to run as root rather than smsmp.  As you found, there is a problem having it NOT running at all.  anyway, it's a policy choice.

This is just 8.12 onwards, go back to 8.11 and there is msp to complicate things.  But going back to 8.11 on Solaris 9 is hard, impossible if you want to use the sun sendmail pkgs.

K
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

This short article will present "How to import ICS Calendar onto Office 365 Calendar". I was searching for free (or not free) tools to convert ICS to CSV without success. The only tools I found & working well were online tools...this was too hard to…
Automapping, a wonderful feature with Exchange 2010 (SP2 onwards I believe), allows additional/Shared mailboxes that a user has access to be automatically mapped on Outlook client, simplifying the process by adding them while Outlook launches. Ho…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now