The sendmail program offers over 70 options to choose from. We will cover a few here and the rest in Chapter 34 . Recall that the purpose of our configuration file is to forward all mail to a central mail hub. In keeping with the simplicity of this task, you need to declare only those options shown in Table 13.1 (abstracted from Table 34.4 in Section 34.4, "Alphabetical Table of All Options" ).
We'll describe each of these required options briefly, add them to the client.cf file, and then test them.
We have already described queue directories (in Section 3.1.2, "The Queue Directory" ). Queued mail always looks like authentic mail to sendmail . That is, the sendmail program trusts the mail it finds there, believing that only root placed it there. If the queue directory were world-writable (as /tmp is), anyone could create queued mail and thereby create forged mail messages. To help prevent forged mail, the queue directory should be writable only by root . Unfortunately, for the purpose of our exercises, this would prevent you from sending mail using the client.cf file. You would need to be root , which isn't desirable and may not be possible.
Instead, we will temporarily declare the location of the queue directory to be /tmp . To help you to remember to change the client.cf file later, add a comment now showing the need to make the change and the correct path to use:
O QueueDirectory=/tmp # BEWARE: use /var/spool/mqueue upon release
Note that on some systems,
Mail is usually placed into the queue because it could not be transmitted
attempts to retransmit
each queued message. If the message has not been delivered
after a reasonable interval,
sends a warning to the sender,
informing the sender that the message has not yet been delivered
to try. After a longer interval in the queue,
messages that have not been successfully transmitted are bounced.
O Timeout.queuewarn=4h O Timeout.queuereturn=5d
This tells sendmail to bounce queued mail after 120 hours, which is the same as five days.
Five days may seem like a long time. After all, the mail hub should always be up and always be accepting mail. But suppose the hub crashed on Friday evening and replacement parts weren't available until Thursday morning. In this situation, queued mail on all the clients would start bouncing before the hub was repaired.
In choosing a value for the
There are several modes in which the sendmail program can run. Each determines how sendmail interacts with the program that invoked it. For the client.cf file, you want the user's MUA to execute sendmail for message transmission but to give the appearance that the message was sent almost instantaneously. This prevents users from waiting for their prompt to return whenever the mail hub is busy.
The delivery mode to use is called
to accept a message and then run
in the background (thus allowing the MUA to continue on).
The delivery mode is set with the
recognizes only the
Other possible values for the
program frequently needs to create new files
(such as files in its queue).
The file permissions that are given to each created file are determined by
the value of the
Note that the value must be expressed in octal notation. (See
Again, for security,
tries to avoid running as
whenever possible. When delivering failed mail to your
file, for example, it runs as you. If it finds itself in a situation
in which it must not be
but cannot otherwise decide on a real
assumes the identity of the user
defined by the
The uid under which to run (the number to the left of the colon) is here defined to be 1 (for the user daemon ). The gid under which to run (the number to the right of the colon) is here defined as 1 (for the group daemon ).
The values given to these options may also be names:
At security-conscious sites these are often set to
and the group
Recall that the
The method used by
to record its activities is called
The setting of the
Here, we've chosen a level of 9. This is a middle level, which, in addition to causing serious problems to be logged, also causes statistics such as message size to be logged.
Typically, logged information is written by the system into
a file called
by a means documented in
Section 26.1, "Logging with syslog"
The current standard for specifying multiple recipients is to separate each address from the others with commas. Unfortunately, this has not always been the standard; old software may still exist that separates addresses with spaces:
abe,george,andrew new style abe george andrew old style
To prevent old software from breaking, you need to tell
that the use of spaces is acceptable and that if it finds such old-style lists,
it should replace the
spaces with commas. You tell
this by specifying the
The value is either
true (accept and convert) or false (don't accept). The
Recall from Chapter 8, Addresses and Rules , that any address can be split up into tokens in the workspace. The address is then rewritten according to rules specified in rule sets. After all the tokens have been (possibly) rewritten, they are rejoined to form an address again.
a @ b . c
Then suppose some rule always changed the last two tokens into
the single word
a @ b LOCAL
Here we have four tokens, the last two of which are text. The question becomes: What do we insert between them? Unless you tell sendmail to do otherwise, it always sticks a space between them. Therefore the default is to join these tokens together into this:
Because we set the
To prevent this kind of mishap, we use the
O BlankSub=. # Replace unquoted spaces with a dot.
With this declaration in the configuration file the previous tokens are joined together like this:
When parts of an address are surrounded in full quotation marks, those parts are viewed by sendmail as a single token. Therefore an address like this:
is tokenized like this:
"abe lincoln" @ wash . dc . gov
When these tokens are joined back together, the quoted words