Bug 1634 - Various sendmail suggestions
Summary: Various sendmail suggestions
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: sendmail
Version: 6.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Cristian Gafton
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1999-03-20 01:26 UTC by Mike McHenry
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 1999-03-20 15:08:29 UTC

Attachments (Terms of Use)

Description Mike McHenry 1999-03-20 01:26:30 UTC
The latest build of sendmail could use a couple of changes
to the sendmail.cf file IMHO. Here is what I would suggest
for the redhat.mc file along with some comments.

+define(`confTO_CONNECT', `1m')
+FEATURE(virtusertable',` -o /etc/mail/virtusertable')
-HACK(check_mail3,`hash -a@JUNK /etc/mail/deny')

AUTO_REBUILD: this option will automatically rebuild the
aliases table if the database hashes are out of date with
the text file

TO_CONNECT: this setting relates to the timeout when
connecting to a remote machine. This timeout defaults to an
inordinately large amount under Linux, something like 5-10
minutes. When processing the queue once an hour a couple of
unreachable sites will tie up the entire queue run in
worthless waiting. Setting this option changes this timeout
to a more reasonable setting, 1 minute in this case

TRY_NULL_MX_LIST: in certain cases mail might need to be
delivered to the machine sending the mail. This setting
changes the default behavior of sendmail in skipping any MX
records with a lower preference to itself and allows it to
consider ALL MX records in sendmail outbound email. This is
rather obscure but when it happens it will cause "mail
loops back to myself" errors without this definition.

DONT_PROBE_INTERFACES: when sendmail starts it looks at all
available interfaces and assumes that it should accept
(read "take") mail for any of the interfaces. Take for
example a webserver will multiple IP addresses running
sendmail for outbound mail. Mail sent from the webserver to
any domain hosted on the webserver will NOT be delivered,
even if the domain is NOT listed in sendmail.cw. Obviously
this is not a good thing, in my opinion anything considered
local should be listed in sendmail.cw. This option might
take some consideration though...

SMRSH: Sendmail restricted shell, prevents arbitrary
programs from being executed by sendmail

VIRTUSERTABLE: Adds the capability to do virtual hosting to
the sendmail.cf file, not a problem if
the /etc/mail/virtusertable file does not exist

HACKS: Most of the Claus hacks introduced back in sendmail-
8.8.6 days are incorporated into 8.9.3 in some way.
Removing the hacks and adding FEATUREaccess_db and
FEATUREblacklist_recepients will give equivalent
performance and will adhere better to the way sendmail is
setup. All relaying is handled instead in /etc/mail/relay-
domains or in the access database. Although the new format
is much simpler it is a change that might affect existing
setups so this should be well considered.

With some careful thought it should be possible to design a
new sendmail.cf designed around the new features but still
backwards compatible with the old configurations (IP_ALLOW,
RELAY_ALLOW, etc). Or maybe a quickie script to bring all
the separate files into one unified file when the upgrade
is performed.

One other quick suggestion for
the /etc/rc.d/init.d/sendmail script, this will
automatically build any databases before starting sendmail:

        echo -n "Starting sendmail: "
        for i in virtusertable access domaintable
        if [ -f /etc/mail/$i ] ; then
           echo "Hashing $i for sendmail..."
           makemap hash /etc/mail/$i < /etc/mail/$i
           sleep 1

Comment 1 Jeff Johnson 1999-03-20 15:08:59 UTC
Theses suggestions have been implemented in sendmail-8.9.3-2.

Note You need to log in before you can comment on or make changes to this bug.