From owner-cvs-all Thu Oct 12 15:46:23 2000 Delivered-To: cvs-all@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id 6EE9B37B502 for ; Thu, 12 Oct 2000 15:46:16 -0700 (PDT) Received: (qmail 74765 invoked by uid 1003); 12 Oct 2000 22:46:05 -0000 Date: Fri, 13 Oct 2000 00:46:05 +0200 From: Neil Blakey-Milner To: Poul-Henning Kamp Cc: Peter Wemm , Alan Clegg , Valentin Nechayev , Doug Barton , Jordan Hubbard , cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001013004605.A64533@mithrandr.moria.org> Reply-To: nbm@mithrandr.moria.org References: <200010122222.e9CMMmG35106@netplex.com.au> <96598.971389628@critter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <96598.971389628@critter>; from phk@critter.freebsd.dk on Fri, Oct 13, 2000 at 12:27:08AM +0200 X-Operating-System: FreeBSD 4.1-STABLE i386 X-URL: http://mithrandr.moria.org/~nbm/ Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri 2000-10-13 (00:27), Poul-Henning Kamp wrote: > >IMHO, having sendmail *off* in rc.conf should mean "no sendmail at all", > >not having /usr/sbin/sendmail -q still being run behind your back. > > > >The daily processing shows the mailq already anyway. If you don't at least > >occasionally read them, then you're not using the tools available to you. > > Uhm, and how would you get the mailq output if mail just piles up ? > > I think having rc.conf settings be: "off", "on", and "outgoing only" > is the solution here. I sent a suggested configuration file change to security@FreeBSD.org a while back: --- sendmail_enable="YES" # run the sendmail MTA sendmail_outboundonly_enable="YES" # don't listen for messages from the network case ${sendmail_enable} in [Yy][Ee][Ss]) case ${sendmail_outbound_enable} in [Nn][Oo] | '') ;; *) case ${sendmail_flags} in *-bd*) ;; *) # don't add -bd if we already have it (necessary?) sendmail_flags="${sendmail_flags} -bd" ;; esac ;; esac ;; esac --- Or something like the above. This is from Lyndon Nerenburg: --- Ship the system with two pre-built sendmail configuration files: /etc/mail/sendmail.cf.{full,nullclient} In rc.conf: sendmail_config="full" # Set to "nullclient" if you want to # forward all local mail to a central # mail hub. Set sendmail_smarthost # to the name of your mail hub. sendmail_smarthost="mail.example.com" Change the code fragment in /etc/rc where sendmail is started to: rm -f /var/run/smarthost if [ -n "${sendmail_smarthost} ] ; then echo "${sendmail_smarthost" > /var/run/smarthost fi if [ -r /etc/mail/sendmail.cf.${sendmail_config} ] ; then echo -n ' sendmail' /usr/sbin/sendmail ${sendmail_flags} -C/etc/mail/sendmail.cf.${sendmail_config} fi sendmail.cf.nullclient would have an entry that picked up the smarthost from the contents of /var/run/smarthost. --- I think the general concensus was that we could default to sendmail_outboundonly_enable being "YES", and we can add a toggle to sysinstall to turn it on and off. I'd probably leave the sendmail_config and sendmail_smarthost out, but others may wish to do it. I'll send a full patch to whatever is deemed the necessary mailing list(s) after I wake up. (suggestions in private, please) Neil -- Neil Blakey-Milner nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message