{RFC} sendmail sxs

Wed, 06 Feb 2002 09:45:53 -0800 

I don't normally do this, but seeing as everyone uses sendmail for something 
else and uses some other feature that no one else uses, I expect to get a big 
benefit from this.
Attached is the *start* of a sendmail sxs. Please review, 
and reply with comments, additions, etc.
I'm hoping to buld out a section of the site for sendmail and all the things 
can be done with it (the various addressing games, anti-virus interfaces, 
spam killer interfaces, etc) so all comments (or even better, small 
write-ups) are welcome.
Please refrain from 'use postfix' and other such 
comments. those programs are getting write-ups in the near future on their 
own merits. we're dealing with "demystifing" sendmail right now. thanks!

-- 
Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778
Admin: Linux StepByStep - http://linux.nf

/* So there I am, in the middle of my `netfilter-is-wonderful'
   talk in Sydney, and someone asks `What happens if you try
   to enlarge a 64k packet here?'.  I think I said something
   eloquent like `fsck'. */
        2.4.3 linux/net/ipv4/netfilter/ip_nat_ftp.c
Title: Sendmail - from the source
Linux Step By Steps

Sendmail - from the source

This document describes installing Sendmail to utilize some of it's neater features, to be a little more secure (we will run Sendmail under a non-root id), and so we have a better understanding of Sendmail itself. Please note that we assume you have already installed Procmail.

Since early in the 11.x series, Sendmail's milter interface has been greatly improved and enhanced. We are going to build Sendmail with its libmilter feature turned on. We do this because the milter interface is the preferred method of enhancing and extending Sendmail. The milter interface can be used to "hook" anti-spam, anti-virus, and many other features into the Sendmail daemon. If you're interested, please see www.milter.org for the latest developments in milter features.

  1. Download the latest source archive from www.sendmail.org and extract it
    • tar zxvf sendmail.8.x.x.tar.gz
  2. Create Sendmail's needed directories, and ensure their proper permissions/ownerships
    • mkdir -p /etc/mail /var/spool/mqueue /var/spool/clientmqueue
    • chmod go-w / /etc /etc/mail /usr /var /var/spool
  3. Add our new user and group for Sendmail to run as
    • groupadd smmsp
    • useradd -G smmsp smmsp
  4. Ensure ownership of needed directories
    • chown root / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue
    • chown smmsp:smmsp /var/spool/clientmqueue
    • chmod 770 /var/spool/clientmqueue
    • chmod 700 /var/spool/mqueue
  5. Configure Sendmail to use the libmilter interface
    • cd sendmail-8.x.x
    • vi devtools/Site/site.config.m4
      • insert the line:
      • APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
      • please note that the above are NOT all single-quotes. they are:
      • backtick,quote,backtick,quote
  6. Build and instal libmilter
    • cd libmilter
    • sh Build && sh Build install
  7. Build the sendmail daemon
    • cd ../sendmail
    • sh Build && sh Build install
      • you should see '-DMILTER' periodically during the compile
  8. Now we need to configure and build the dreaded CF files
    • cd ../cf/cf
    • cp generic-linux.mc config.mc
    • vi config.mc
      • jump down to the line that says 'DOMAIN(generic)dnl'
      • insert the following lines:
        • FEATURE(local_procmail)dnl
        • FEATURE(smrsh,`/usr/sbin/smrsh')dnl
        • FEATURE(nouucp,`reject')dnl
      • This defines procmail as the LDA (local delivery agent)
      • This moves smrsh (Sendmail restricted shell) to a more sensible location
      • This turns off UUCP messaging and generates a 'reject' for anyone who tries to use UUCP
    • sh Build config.cf
    • mv config.cf sendmail.cf && cp sendmail.cf submit.cf /etc/mail
  9. The supporting tools are now built and installed
    • cd ../..
    • sh Build && sh Build install
  10. Final configuration
    • cd /etc
    • ln -sf mail/aliases
    • ln -sf mail/sendmail.cf
    • vi sendmail.cf
      • Find HelpFile and change it to:
        • HelpFile=
      • Find PrivacyOptions and change it to:
        • PrivacyOptions=authwarnings,goaway,noreceipts,noexpn,novrfy,noetrn,needmailhelo,restrictmailq,restrictqrun,restrictexpand
      • Find SmtpGreetingMessage and change it to:
        • SmtpGreetingMessage=
      • Find HostStatusDirectory and uncomment it
    • Rebuild your aliases file
      • newaliases

Decide if you machine is going to accept incoming mail from other systems, or if it is going to only send outbound mail. If you have no need for incoming mail on this machine, edit your sendmail startup script (usually in /etc/rc.d somewhere) and change the sendmail options from:

  • sendmail -bd -q30m
to:
  • sendmail -q30m

This will prevent sendmail from starting up as a listening deamon.

Enjoy!

© Douglas Hunley (doug at linux.nf)

Reply via email to