From owner-freebsd-questions@FreeBSD.ORG Tue Jan 8 18:26:19 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7500716A417 for ; Tue, 8 Jan 2008 18:26:19 +0000 (UTC) (envelope-from philip@ridecharge.com) Received: from exhub015-1.exch015.msoutlookonline.net (exhub015-1.exch015.msoutlookonline.net [207.5.72.93]) by mx1.freebsd.org (Postfix) with ESMTP id 71E5113C4D9 for ; Tue, 8 Jan 2008 18:26:19 +0000 (UTC) (envelope-from philip@ridecharge.com) Received: from philip.hq.rws (74.93.213.161) by smtpx15.msoutlookonline.net (207.5.72.103) with Microsoft SMTP Server (TLS) id 8.0.744.0; Tue, 8 Jan 2008 10:26:17 -0800 Message-ID: <4783C048.9080403@ridecharge.com> Date: Tue, 8 Jan 2008 13:26:16 -0500 From: "Philip M. Gollucci" Organization: Ridecharge User-Agent: Thunderbird 2.0.0.6 (X11/20070919) MIME-Version: 1.0 To: Jerahmy Pocott References: <8EE4A2AA-E15D-4C07-AFBC-061A4595DA82@optusnet.com.au> In-Reply-To: <8EE4A2AA-E15D-4C07-AFBC-061A4595DA82@optusnet.com.au> Content-Type: text/plain; charset="ISO-8859-1"; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Questions Subject: Re: Sendmail: "exposed" root, why? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jan 2008 18:26:19 -0000 Jerahmy Pocott wrote: > Hello, > > From the sendmail documentation: > > "There are always users that need to be "exposed" -- that is, > their internal site name should be displayed instead of the > masquerade name. Root is an example (which has been > "exposed" by default prior to 8.10)." > > Is there actually any reason why root needs to be "exposed"? > > Root is set to an external address in aliases and it really > needs to be masqueraded in order to for it to get delivered, > but would that cause problems with anything? > > How do you stop sendmail from doing this, I don't see any > directive to NOT expose root, only options to expose other > addresses as well.. Perhaps there is a better way to send > system mailed logs to an external address that doesn't send > them from root? > > Thanks for any info! There is no directive, but you can edit the resultant .cf file and remove the line C{E}root or root from that line if more than one user. Be warned, you _will_ break /etc/crontab and periodic scripts mail delivery. The reason it needs to be exposed is probably these scripts because other wise the from address for daily security scripts will be root@ rather than root@machine.domain. Now, it so happens that most of these e-mails have the machine name in the subject or what not. -- ------------------------------------------------------------------------ Philip M. Gollucci (philip@ridecharge.com) o:703.549.2050x206 Senior System Admin - Riderway, Inc. http://riderway.com / http://ridecharge.com 1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF Work like you don't need the money, love like you'll never get hurt, and dance like nobody's watching.