cvs commit: hints sendmail.txt

timothy at timothy at
Wed Feb 26 15:35:44 PST 2003

timothy     03/02/26 18:35:44

  Modified:    .        sendmail.txt
  Upgraded db, sendmail and removed 'mail' setup.
  Revision  Changes    Path
  1.25      +12 -41    hints/sendmail.txt
  Index: sendmail.txt
  RCS file: /home/cvsroot/hints/sendmail.txt,v
  retrieving revision 1.24
  retrieving revision 1.25
  diff -u -r1.24 -r1.25
  --- sendmail.txt	27 Jan 2003 20:17:55 -0000	1.24
  +++ sendmail.txt	26 Feb 2003 23:35:44 -0000	1.25
  @@ -43,6 +43,7 @@
   0.1.13  edit the initscript to process the failed messages in the clientmqueue.
   0.1.14  thanks to Duncan Webb <duncan AT> for a fix to the
   0.1.15  notes on berkeleydb and added ssl support
  +0.1.16  upgraded db, sendmail and removed group 'mail' setup
  @@ -51,11 +52,7 @@
   	Handles sending and receiving of mail by the SMTP protocol
  -	Latest 'stable' version at time of writing is 8.12.6, you will also
  -        require a patch to that version publicised on the main webpage. I say
  -	'stable' here because the latest version is 8.12.7, which requires a
  -	more recent version of Berkeley DB. Feel free to use that version of
  -	sendmail if you are happy using the more recent Berkeley DB.
  +	Latest stable version at time of writing is 8.12.7.
   	Our local delivery agent (makes sure mail goes to the correct boxes)
  @@ -63,9 +60,8 @@
   Berkeley DB:
   	Sendmail uses this library to store much of it's configuration.
  -	Latest stable version at time of writing is 4.0.14 although
  -	many applications are now porting to the 4.1.x series and
  -	this hint will address that in the future.
  +	Latest stable version at time of writing is 4.1.25 although
  +	requires a patch found at the same location.
   Make sure you run md5sum and check the signatures of the packages!
   The recent sendmail trojan was a lesson to us all!
  @@ -99,15 +95,17 @@
   Berkeley Database:
   You may want to build the database with back-wards compatibility, so that you
  -can use this functionality with older and unmaintained packages.
  +can use this functionality with older and unmaintained packages
   (--enable-compat185). Try passing (--help) to see other API's you may build,
  -such as java, c++ and tcl, in fact you will need c++ and java if you wish
  -to build OpenOffice. This package takes the standard GNUmake environment
  -variables for optimisations and now is the best time to set them;
  +such as java, c++ and tcl. Be warned that if you build Openoffice you may have
  +conflicts as it requires an older version of Berkeley-DB. This package takes
  +the standard GNUmake environment variables for optimisations and now is
  +the best time to set them;
   export CFLAGS='-s -O2 -march=i386 -fomit-frame-pointer'
   unpack db tarball
  +patch -p0 < ../patch. # Apply the patch
   cd build_unix
   ../dist/configure --prefix=/usr --enable-compat185
  @@ -137,16 +135,9 @@
   Sendmail runs on TCP port 25, and by default runs as root. Although Sendmail
   has now gained the respect of the community as being safe to run as root,
   I still do not like having daemons running on open ports as root. So we will
  -create the group/user pair 'smmsp'.
  -This will be quite an out of the ordinary install, as I intend to allow the
  -system administrator to have control over who ultimately can use Sendmail,
  -through a group called 'mail'. Obviously there are ways around this if somebody
  -_really_ wants to send an email (such as telnetting port 25) but it will give
  -a fair deal of control to the systems administrator. Create these groups like
  +create the group/user pair 'smmsp':
   groupadd -g 18 smmsp
  -groupadd -g 19 mail
   useradd -g smmsp -G mail -u 18 smmsp
   Unlike Procmail and most other programs, which use a text based rc file for
  @@ -156,11 +147,6 @@
   then processed by the m4 macro processor to create the 'cf' config file.
   Editing a 'cf' file directly is NOT recommended.
  -A security problem was recently found, apply the patch by typing in the root
  -directory of sendmail
  -patch smrsh/smrsh.c < ../smrsh-20020924.patch
   After unpacking sendmail, in order to avoid a install which we
   may not be able to accomodate, create the config file with the following
   after setting your CFLAGS to what you desire (leaving them blank is also
  @@ -218,6 +204,7 @@
   cp -r cf/domain /etc/mail
   cp -r cf/feature /etc/mail
   cp -r cf/mailer /etc/mail
  +cp -r cf/sh /etc/mail
   cat > cf/cf/ << "EOF"
  @@ -345,22 +332,6 @@
   chmod 1777 /var/mail
   Now run `sendmail -v -bi` to upgrade the sendmail alias list.
  -OK, now we will do the unconventional stuff... you can skip this section if you
  -just want a standard install where anyone can use Sendmail. What we do is create
  -a folder which only has entry permissions set for members of a group 'mail' and
  -move the Sendmail binary into the folder. Then we make a symbolic link from this
  -new location to the default so that nothing is disrupted. You need to be a
  -member of the group 'mail' to be able to access the binary!
  -cd /usr/sbin
  -mkdir sendmailbin
  -mv sendmail sendmailbin/
  -ln -s /usr/sbin/sendmailbin/sendmail /usr/sbin/sendmail
  -chown root.mail sendmailbin
  -chmod o-rwx sendmailbin
  -chown smmsp.smmsp sendmailbin/sendmail
  -chmod 2111 sendmailbin/sendmail
   OK, sendmail is now installed and should be working once we run the startup
   script, speaking of which...
Unsubscribe: send email to listar at
and put 'unsubscribe hints' in the subject header of the message

More information about the hints mailing list