Cross Reference: /freebsd-11.0-release/etc/mail/README

Deleted Added

sdiff udiff text old ( 92857 ) new ( 94678 )

full compact

README (92857)	README (94678)
1# $FreeBSD: head/etc/mail/README 92857 2002-03-21 06:09:20Z gshapiro $	1# $FreeBSD: head/etc/mail/README 94678 2002-04-14 19:24:28Z gshapiro $
2 3 Sendmail Processes 4 5As of sendmail 8.12, in order to improve security, the sendmail binary no 6longer needs to be set-user-ID root. Instead, a set-group-ID binary 7accepts command line mail and relays it to a full mail transfer agent via 8SMTP. A group writable client mail queue (/var/spool/client-mqueue/ by 9default) holds the mail if an MTA can not be contacted. 10 11To accomplish this, under the default setup, an MTA must be listening on 12localhost port 25. If the rc.conf sendmail_enable option is set to "NO", 13a sendmail daemon will still be started and bound only to the localhost 14interface in order to accept command line submitted mail. If this is not 15a desirable solution, it can be disabled using the sendmail_submit_enable 16rc.conf option. However, if both sendmail_enable and sendmail_submit_enable 17are set to "NO", you must do one of two things for command line submitted 18mail: 19	2 3 Sendmail Processes 4 5As of sendmail 8.12, in order to improve security, the sendmail binary no 6longer needs to be set-user-ID root. Instead, a set-group-ID binary 7accepts command line mail and relays it to a full mail transfer agent via 8SMTP. A group writable client mail queue (/var/spool/client-mqueue/ by 9default) holds the mail if an MTA can not be contacted. 10 11To accomplish this, under the default setup, an MTA must be listening on 12localhost port 25. If the rc.conf sendmail_enable option is set to "NO", 13a sendmail daemon will still be started and bound only to the localhost 14interface in order to accept command line submitted mail. If this is not 15a desirable solution, it can be disabled using the sendmail_submit_enable 16rc.conf option. However, if both sendmail_enable and sendmail_submit_enable 17are set to "NO", you must do one of two things for command line submitted 18mail: 19
201. Designate an alternative MTA for the submission agent to contact 21 by altering /etc/mail/submit.mc and using 'make submit.cf' in 22 /etc/mail/. Change the FEATURE(msp) line to FEATURE(msp, hostname) 23 where hostname is the fully qualified hostname of the alternative MTA.	201. Designate an alternative host for the submission agent to contact 21 by altering /etc/mail/freebsd.submit.mc (or setting SENDMAIL_SUBMIT_MC 22 in /etc/make.conf to an alternate .mc file) and using 23 'make install-submit-cf' in /etc/mail/. Change the FEATURE(msp) line 24 to FEATURE(msp, hostname) where hostname is the fully qualified hostname 25 of the alternative host.
24 25Or: 26 272. Return to using a set-user-ID root sendmail binary by changing the 28 ownership and permissions on the sendmail binary and removing the 29 /etc/mail/submit.cf file: 30 chown root /usr/libexec/sendmail/sendmail 31 chmod 4755 /usr/libexec/sendmail/sendmail --- 24 unchanged lines hidden ---	26 27Or: 28 292. Return to using a set-user-ID root sendmail binary by changing the 30 ownership and permissions on the sendmail binary and removing the 31 /etc/mail/submit.cf file: 32 chown root /usr/libexec/sendmail/sendmail 33 chmod 4755 /usr/libexec/sendmail/sendmail --- 24 unchanged lines hidden ---