Your message dated Wed, 22 Oct 2008 11:21:04 -0700 (PDT)
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#502503: sendmail: trusted user not recognized
has caused the Debian Bug report #502503,
regarding sendmail: trusted user not recognized
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
502503: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502503
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: sendmail
Version: 8.14.3-5
Severity: normal
Trusted users specified by either confTRUSTED_USERS or trusted-users file are
apparently not recognized.
I've used
FEATURE(use_ct_file)dnl
with trusted-users containing majordom
as well as
define(`confTRUSTED_USERS',`majordom')
but whenever mail is sent by majordomo messages like
... sendmail[32069]: m9H6KRGC032069: Authentication-Warning: ...: majordom set
sender to [EMAIL PROTECTED] using -f
continue to appear in the logs and distributed headers. Privacy Options
used are:
O
PrivacyOptions=noexpn,novrfy,noverb,noetrn,needmailhelo,needexpnhelo,needvrfyhelo,nobodyreturn
-- Package-specific info:
Ouput of /usr/share/bug/sendmail/script:
ls -alR /etc/mail:
/etc/mail:
total 298
drwxr-sr-x 8 smmta smmsp 1024 Sep 20 22:53 .
drwxr-xr-x 108 root root 8192 Oct 17 07:36 ..
-rw-r--r-- 1 root root 35 Mar 22 2000 All2Users
-rw-r--r-- 1 root root 41 Mar 22 2000 AllUsers
-rwxr-xr-- 1 root smmsp 10819 Sep 20 22:53 Makefile
-rw------- 1 root root 1073 Sep 20 22:53 access
-rw-r----- 1 smmta smmsp 3072 Sep 20 22:53 access.db
-rw-r--r-- 1 root root 281 Oct 29 2004 address.resolve
-rw-r----- 1 root smmsp 1407 Feb 7 2008 aliases
-rw-r----- 1 smmta smmsp 3072 Sep 20 22:53 aliases.db
-rw-r--r-- 1 root root 3323 Sep 20 22:53 databases
-rw-r----- 1 mail mail 0 Aug 10 2001 dialup.m4
-rw-r--r-- 1 root smmsp 129 Sep 6 12:34 genericstable
-rw-r----- 1 root smmsp 3072 Sep 20 22:53 genericstable.db
-rw-r--r-- 1 root root 9328 Sep 20 2007 greylist.conf
-rw-r--r-- 1 mail mail 5657 Jul 30 2007 helpfile
-rw-r--r-- 1 root root 17 Dec 18 2002 local-host-names
drwxr-sr-x 2 smmta smmsp 1024 Nov 12 2004 m4
drwxr-xr-x 2 root root 1024 Jul 29 09:35 peers
-rw-r----- 1 mail mail 0 Aug 10 2001 provider.m4
-rw-r--r-- 1 root root 15 Jun 17 2002 relay-domains
drwxr-xr-x 2 root smmsp 1024 Oct 29 2004 sasl
-rw-r--r-- 1 root smmsp 31 Feb 3 2005 sendmail.cG
-rw-r--r-- 1 root smmsp 61436 Sep 20 22:53 sendmail.cf
-rw-r--r-- 1 root root 61232 Jul 29 09:35 sendmail.cf.old
-rw-r--r-- 1 root root 12237 Sep 20 22:53 sendmail.conf
-rw-r--r-- 1 root smmsp 2449 Sep 20 22:53 sendmail.mc
-rw-r--r-- 1 root root 764 Dec 18 2002 sendmail.mc2
-rw-r--r-- 1 root root 149 Oct 25 1999 service.switch
-rw-r--r-- 1 root root 180 Oct 25 1999 service.switch-nodns
drwxr-sr-x 2 smmta smmsp 1024 Sep 18 13:41 smrsh
drwxr-xr-x 2 root smmsp 1024 Dec 2 2002 ssl.org
-rw-r--r-- 1 root smmsp 43733 Sep 20 22:53 submit.cf
-rw-r--r-- 1 root root 43738 Jul 29 09:35 submit.cf.old
-rw-r--r-- 1 root smmsp 2064 Sep 20 22:53 submit.mc
-rw-r--r-- 1 root smmsp 38 May 30 2002 suffixusers
drwxr-xr-x 3 smmta smmsp 1024 Nov 12 2004 tls
-rw-r--r-- 1 mail mail 6 Aug 14 2001 trusted-users
/etc/mail/m4:
total 3
drwxr-sr-x 2 smmta smmsp 1024 Nov 12 2004 .
drwxr-sr-x 8 smmta smmsp 1024 Sep 20 22:53 ..
-rw-r----- 1 root smmsp 784 Mar 27 2008 dialup.m4
-rw-r----- 1 root smmsp 0 Aug 10 2001 provider.m4
/etc/mail/peers:
total 3
drwxr-xr-x 2 root root 1024 Jul 29 09:35 .
drwxr-sr-x 8 smmta smmsp 1024 Sep 20 22:53 ..
-rw-r--r-- 1 root root 328 Jul 18 2001 provider
/etc/mail/sasl:
total 2
drwxr-xr-x 2 root smmsp 1024 Oct 29 2004 .
drwxr-sr-x 8 smmta smmsp 1024 Sep 20 22:53 ..
/etc/mail/smrsh:
total 2
drwxr-sr-x 2 smmta smmsp 1024 Sep 18 13:41 .
drwxr-sr-x 8 smmta smmsp 1024 Sep 20 22:53 ..
lrwxrwxrwx 1 root root 22 Nov 12 2004 filter -> /home/frank/bin/filter
lrwxrwxrwx 1 root smmsp 25 Sep 20 2006 filternew ->
/home/frank/bin/filternew
lrwxrwxrwx 1 root smmsp 30 Aug 21 2007 filtervacation ->
/home/frank/bin/filtervacation
lrwxrwxrwx 1 root root 26 Nov 12 2004 mail.local ->
/usr/lib/sm.bin/mail.local
lrwxrwxrwx 1 root root 17 Nov 12 2004 procmail -> /usr/bin/procmail
lrwxrwxrwx 1 root root 25 Jan 14 2005 setuidcall ->
/usr/local/bin/setuidcall
lrwxrwxrwx 1 root smmsp 13 Mar 2 2006 sudo -> /usr/bin/sudo
/etc/mail/ssl.org:
total 12
drwxr-xr-x 2 root smmsp 1024 Dec 2 2002 .
drwxr-sr-x 8 smmta smmsp 1024 Sep 20 22:53 ..
-rw-r--r-- 1 root root 7 Dec 2 2002 no_prompt
-rw------- 1 root root 1444 Dec 2 2002 sendmail-client.cfg
-rw-r--r-- 1 root smmsp 875 Dec 2 2002 sendmail-client.crt
-rw------- 1 root root 668 Dec 2 2002 sendmail-client.csr
-rw-r----- 1 root smmsp 887 Dec 2 2002 sendmail-common.key
-rw------- 1 root root 0 Dec 2 2002 sendmail-common.prm
-rw------- 1 root root 1444 Dec 2 2002 sendmail-server.cfg
-rw-r--r-- 1 root smmsp 875 Dec 2 2002 sendmail-server.crt
-rw------- 1 root root 668 Dec 2 2002 sendmail-server.csr
/etc/mail/tls:
total 17
drwxr-xr-x 3 smmta smmsp 1024 Nov 12 2004 .
drwxr-sr-x 8 smmta smmsp 1024 Sep 20 22:53 ..
-rw-r--r-- 1 root root 7 Apr 22 2002 no_prompt
-rw------- 1 root root 1444 Apr 22 2002 sendmail-client.cfg
-rw-r--r-- 1 root smmsp 875 Jul 26 2002 sendmail-client.crt
-rw------- 1 root root 668 Apr 22 2002 sendmail-client.csr
-rw-r----- 1 root smmsp 887 Apr 22 2002 sendmail-common.key
-rw------- 1 root smmsp 0 Apr 22 2002 sendmail-common.prm
-rw------- 1 root root 1444 Apr 22 2002 sendmail-server.cfg
-rw-r--r-- 1 root smmsp 875 Jul 26 2002 sendmail-server.crt
-rw------- 1 root root 668 Apr 22 2002 sendmail-server.csr
drwxr-xr-x 2 root smmsp 1024 Feb 10 2003 ssl
-rwxr--r-- 1 root root 3271 Sep 20 22:53 starttls.m4
/etc/mail/tls/ssl:
total 12
drwxr-xr-x 2 root smmsp 1024 Feb 10 2003 .
drwxr-xr-x 3 smmta smmsp 1024 Nov 12 2004 ..
-rw-r--r-- 1 root root 7 Feb 10 2003 no_prompt
-rw------- 1 root root 1444 Dec 2 2002 sendmail-client.cfg
-rw-r--r-- 1 root smmsp 875 Dec 2 2002 sendmail-client.crt
-rw------- 1 root root 668 Dec 2 2002 sendmail-client.csr
-rw-r----- 1 root smmsp 887 Dec 2 2002 sendmail-common.key
-rw------- 1 root root 0 Dec 2 2002 sendmail-common.prm
-rw------- 1 root root 1444 Dec 2 2002 sendmail-server.cfg
-rw-r--r-- 1 root smmsp 875 Dec 2 2002 sendmail-server.crt
-rw------- 1 root root 668 Dec 2 2002 sendmail-server.csr
sendmail.conf:
DAEMON_NETMODE="Static";
DAEMON_NETIF="eth0";
DAEMON_MODE="Daemon";
DAEMON_PARMS="";
DAEMON_HOSTSTATS="Yes";
DAEMON_MAILSTATS="No";
QUEUE_MODE="${DAEMON_MODE}";
QUEUE_INTERVAL="10s";
QUEUE_PARMS="";
MSP_MODE="Cron";
MSP_INTERVAL="20m";
MSP_PARMS="";
MSP_MAILSTATS="${DAEMON_MAILSTATS}";
MISC_PARMS="";
CRON_MAILTO="root";
CRON_PARMS="";
LOG_CMDS="No";
HANDS_OFF="No";
AGE_DATA="";
DAEMON_RUNASUSER="No";
DAEMON_STATS="${DAEMON_MAILSTATS}";
MSP_STATS="${MSP_MAILSTATS}";
sendmail.mc:
divert(-1)
divert(0)
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`@(#)sendmail.mc 8.7 (Linux) 3/5/96')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
FEATURE(always_add_domain)dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(redirect)dnl
FEATURE(`nouucp', `reject')dnl
FEATURE(`smrsh')dnl
FEATURE(`genericstable')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see:
http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl
GENERICS_DOMAIN_FILE(`/etc/mail/sendmail.cG')dnl
define(`confTO_QUEUEWARN', `1d')dnl
define(`confTO_QUEUERETURN', `7d')dnl
MAILER(local)dnl
MAILER(smtp)dnl
EXPOSED_USER(`root')
LOCAL_CONFIG
MASQUERADE_AS(rug.nl)dnl
O
PrivacyOptions=needexpnhelo,needmailhelo,needvrfyhelo,nobodyreturn,noexpn,noverb,novrfy
Ct frank
include(`/etc/mail/tls/starttls.m4')dnl
INPUT_MAIL_FILTER(`countrymilter', `S=local:/var/run/countrymilter.sock')
define(`confMILTER_MACROS_ENVFROM', `_')
define(`confINPUT_MAIL_FILTERS', `countrymilter')
submit.mc...
divert(-1)dnl
divert(0)dnl
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: submit.mc, v 8.12.0.Beta19 2001/04/23 12:00:00 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-msp')dnl
FEATURE(`msp')dnl
O
PrivacyOptions=needexpnhelo,needmailhelo,needvrfyhelo,nobodyreturn,noexpn,noverb,novrfy
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages sendmail depends on:
ii sendmail-base 8.14.3-5 powerful, efficient, and scalable
ii sendmail-bin 8.14.3-5 powerful, efficient, and scalable
ii sendmail-cf 8.14.3-5 powerful, efficient, and scalable
ii sensible-mda 8.14.3-5 Mail Delivery Agent wrapper
sendmail recommends no packages.
Versions of packages sendmail suggests:
pn rmail <none> (no description available)
pn sendmail-doc <none> (no description available)
Versions of packages sensible-mda depends on:
ii libc6 2.7-13 GNU C Library: Shared libraries
ii procmail 3.22-16 Versatile e-mail processor
ii sendmail-bin [mail-transport- 8.14.3-5 powerful, efficient, and scalable
-- no debconf information
--- End Message ---
--- Begin Message ---
On Wed, 22 Oct 2008, Frank B. Brokken wrote:
Dear Richard A Nelson, you wrote:
The likely culprit is still what I mentioned in the last mail - the
MSP/MTA split meaning that you'll likely also want to set use_ct_file
in submit.mc.
Interesting.... So I did add FEATURE(use_ct_file)dnl to submit.mc (and now use
(on one line)
define(`confPRIVACY_FLAGS', `noexpn,novrfy,noverb,noetrn,needmailhelo,
needexpnhelo,needvrfyhelo,nobodyreturn')dnl
as well) and the authentication warning has indeed disappeared.
Good ;)
In fact, if you're doing masquerading and milters ... You may also
want to include the masquerading options in submit.mc
I'll check that out as well, and apparenly I missed the docs about
submit.mc. Time for some reading :-)
The ramifications, beyond increased security, of the MSP/MTA split are
not as well documented as they should be :(
use-ct-file and masquerading are the more common of issues that I've
seen thusfar.
But the main problem (and causing me to submit the bugreport) has now been
solved: thanks for your help. AFAIC the bug turned out to be spurious and can
be removed from the bug-report list.
Thanks, hopefully that'll happen as result of this mail
Thanks again for your help. I really appreaciated that!
My pleasure
--
Rick Nelson
<Palisade> how are we going to pronounce '00 or '01 or '02 and so on?
<Deek> Say goodbye to the nineties, say hello to the naughties. :)
--- End Message ---