cvs commit: hints sendmail.txt

timothy at linuxfromscratch.org timothy at linuxfromscratch.org
Mon Jan 27 12:17:55 PST 2003


timothy     03/01/27 15:17:55

  Modified:    .        sendmail.txt
  Log:
  Added OpenSSL support for those who want it.
  
  Revision  Changes    Path
  1.24      +73 -21    hints/sendmail.txt
  
  Index: sendmail.txt
  ===================================================================
  RCS file: /home/cvsroot/hints/sendmail.txt,v
  retrieving revision 1.23
  retrieving revision 1.24
  diff -u -r1.23 -r1.24
  --- sendmail.txt	17 Oct 2002 17:32:39 -0000	1.23
  +++ sendmail.txt	27 Jan 2003 20:17:55 -0000	1.24
  @@ -41,6 +41,8 @@
   0.1.12  fix the firewall command line, added note about signature checking
           removed old maintainer email address as it doesn't exist anyway.
   0.1.13  edit the initscript to process the failed messages in the clientmqueue.
  +0.1.14  thanks to Duncan Webb <duncan AT dwebb.ch> for a fix to the submit.mc
  +0.1.15  notes on berkeleydb and added ssl support
   
   HINT:
   
  @@ -49,8 +51,11 @@
   
   Sendmail:  http://www.sendmail.org
   	Handles sending and receiving of mail by the SMTP protocol
  -	Latest stable version at time of writing is 8.12.6, you will also
  -        require a patch to that version publicised on the main webpage.
  +	Latest 'stable' version at time of writing is 8.12.6, you will also
  +        require a patch to that version publicised on the main webpage. I say
  +	'stable' here because the latest version is 8.12.7, which requires a
  +	more recent version of Berkeley DB. Feel free to use that version of
  +	sendmail if you are happy using the more recent Berkeley DB.
   
   Procmail:  http://www.procmail.org
   	Our local delivery agent (makes sure mail goes to the correct boxes)
  @@ -58,7 +63,9 @@
   
   Berkeley DB:  http://www.sleepycat.com/download.html
   	Sendmail uses this library to store much of it's configuration.
  -	Latest stable version at time of writing is 4.0.14
  +	Latest stable version at time of writing is 4.0.14 although
  +	many applications are now porting to the 4.1.x series and
  +	this hint will address that in the future.
   
   Make sure you run md5sum and check the signatures of the packages!
   The recent sendmail trojan was a lesson to us all!
  @@ -74,6 +81,19 @@
   Sylpheed Claws:  http://sourceforge.net/projects/sylpheed-claws
   	GTK+ based email client (when you are at your machine with X running)
   
  +
  +Why you might need this hint
  +============================
  +
  +Sendmail is a mail server for sending and receiving mail. If you do not have
  +a static IP or domain name attached to your machine, you should think again
  +before installing sendmail, read the BLFS book for alternatives. If however
  +you do need a mail server for receiving mail, this is the LFS hint you need.
  +However, if you just wish to send mail locally, don't let this put you off
  +installing sendmail as it is an incredibly powerful package which you may
  +one day wish to use! Sendmail is not a POP3 or IMAP server by itself.
  +
  +
   Building the required packages
   ==============================
   
  @@ -81,10 +101,11 @@
   You may want to build the database with back-wards compatibility, so that you
   can use this functionality with older and unmaintained packages.
   (--enable-compat185). Try passing (--help) to see other API's you may build,
  -such as java and tcl. This package takes the standard GNUmake environment
  -variables for optimisations.
  +such as java, c++ and tcl, in fact you will need c++ and java if you wish
  +to build OpenOffice. This package takes the standard GNUmake environment
  +variables for optimisations and now is the best time to set them;
   
  -export CFLAGS='-s -O2 -march=i686 -fomit-frame-pointer'
  +export CFLAGS='-s -O2 -march=i386 -fomit-frame-pointer'
   
   unpack db tarball
   cd build_unix
  @@ -141,8 +162,11 @@
   patch smrsh/smrsh.c < ../smrsh-20020924.patch
   
   After unpacking sendmail, in order to avoid a user.group install which we
  -may not be able to accomodate, create the config fie with:
  +may not be able to accomodate, create the config file with the following
  +after setting your CFLAGS to what you desire (leaving them blank is also
  +OK, but do not skip the 'sed' script even if they are empty)
   
  +chmod a+w devtools/OS/Linux
   cat > devtools/OS/Linux << "EOF"
   define(`confDEPEND_TYPE', `CC-M')
   define(`confSM_OS_HEADER', `sm_os_linux')
  @@ -151,20 +175,29 @@
   define(`confEBINDIR', `/usr/sbin')
   APPENDDEF(`confLIBSEARCH', `crypt nsl')
   define(`confLD', `ld')
  -define(`confMTCCOPTS', `-D_REENTRANT')
  +define(`confMTCCOPTS', `-D_REENTRANT') 
   define(`confMTLDOPTS', `-lpthread')
   define(`confLDOPTS_SO', `-shared')
   define(`confSONAME',`-soname')
  -define(`confOPTIMIZE',`-s -O3 -march=i686 -fomit-frame-pointer')
  +define(`confOPTIMIZE',`LFSOPTS')
   define(`confMANGRP',`root')
   define(`confMANOWN',`root')
   define(`confSBINGRP',`root')
   define(`confUBINGRP',`root')
   define(`confUBINOWN',`root')
   EOF
  +cp devtools/OS/Linux devtools/OS/Linux.orig
  +sed -e "s:LFSOPTS:${CFLAGS} \-s:g" devtools/OS/Linux.orig \
  + > devtools/OS/Linux
  +
  +If you wish to use OpenSSL support, then also type this (always use up to
  +date releases of OpenSSL!)
  +
  +cat >> devtools/OS/Linux << "EOF"
  +APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -DHASURANDOMDEV')
  +APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto')
  +EOF
   
  -You may notice that the line with `confOPTIMIZE' allows you to specify
  -optimisations, i use this level and have never encountered any problems.
   Now we build some preliminaries:
   
   cd sendmail
  @@ -186,7 +219,6 @@
   cp -r cf/feature /etc/mail
   cp -r cf/mailer /etc/mail
   cat > cf/cf/sendmail.mc << "EOF"
  -VERSIONID(`$Id: sendmail.txt,v 1.23 2002/10/17 17:32:39 timothy Exp $')
   OSTYPE(linux)
   DOMAIN(generic)
   FEATURE(smrsh)
  @@ -202,11 +234,10 @@
   MAILER(smtp)
   EOF
   cat > cf/cf/submit.mc << "EOF"
  -VERSIONID(`$Id: sendmail.txt,v 1.23 2002/10/17 17:32:39 timothy Exp $')
  +FEATURE(`msp')
   define(`confCF_VERSION', `Submit')
  -define(`__OSTYPE__',`')
  +define(`__OSTYPE__',`linux')
   define(`confTIME_ZONE', `USE_TZ')
  -FEATURE(`msp')
   define(`confTRUSTED_USER', `smmsp')
   define(`confRUN_AS_USER', `smmsp:smmsp')
   EOF
  @@ -215,6 +246,7 @@
   to use user smmsp. Berkeley DB support has also been enabled here. For a fuller
   explanation, read your locally stored /etc/mail/README. Sendmail also fork's
   as user smmsp to send mails, this avoids any possible local exploits.
  +
   To add a database lookup of known spammer IP addresses, simply add one of the
   following to you sendmail.cf file to the end of the FEATURE section.
   
  @@ -225,11 +257,20 @@
   To test that your IP lookup for blackholes.mail-abuse.org is working, Russell
   Nelson has put together an auto-responder. His instructions are:
   Send mail to nelson-rbl-test at crynwr.com from the server whose block you are
  -testing. Expect one reply from ns.crynwr.com with the SMTP conversation. If
  -you get another reply from linux.crynwr.com, then your spam filter is broken.
  +testing. Expect one reply from crynwr.com with the SMTP conversation. If
  +you get another reply from crynwr.com, then your spam filter is broken.
  +Please note that the RBL, RSS, and DUL zones are now closed to all but paying
  +customers, so don't expect this to work unless you have organised with them
  +previously, with $/£. Since I have no need of this service I have never checked
  +that it is working correctly... I would appreciate mail with success stories!
  +
  +We will disable SSL connection support as default, as a lot of MTA's implement
  +the protocol incorrectly, but if you are in a situation where SSL connections
  +are an absolute necessity, then I refer you to your locally stored
  +/etc/mail/README file where you may read the section on 'STARTTLS'. You may
  +need to create a 'certs' folder to store certificates.
   
  -If you use a DEC network, then add the following line to your submit.mc
  -define(`_USE_DECNET_SYNTAX_', `1')
  +Now compile the 'cf' files from our 'mc' files
   
   cd cf/cf
   sh Build sendmail.cf
  @@ -418,8 +459,9 @@
   Sylpheed Claws:
   You will need GTK+-1.2 for this one. 'GPG made easy' (www.gnupg.org/gpgme.html)
   and GPG are needed for GPG support. The new 'all in one' aspell for spelling
  -and openssl for SSL.
  -./configure --prefix=/usr/X11R6 --enable-aspell --enable-gpgme --enable-ssl
  +and of course, OpenSSL for SSL.
  +
  +./configure --prefix=/usr/X11R6 --enable-aspell --enable-gpgme --enable-openssl
   make 
   make install    
   
  @@ -433,3 +475,13 @@
   `chown <user>.smmsp`. This does not need to be run recursively, but requires
   that the .forward and .procmailrc files be world readble, or also set
   `chown <user>.smmsp`. I would LOVE to hear the real fix for this.
  +
  +NOTES:
  +
  +Feedback and patches are most welcome! Consider the 'AUTHOR' field mearly a
  +formality for saying 'contact'. This hint is community owned/written and wishes
  +to stay that way.
  +
  +For further reading, I direct you to
  +http://www.sendmail.org/faq
  +and the numerous books available on sendmail.
  
  
  
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe hints' in the subject header of the message



More information about the hints mailing list