freebsd-dev/etc/mail
Gregory Neil Shapiro 4a49265d15 sys.mk no longer includes bsd.own.mk so I need to include it here for
the definition of SHAREMODE.

Submitted by:	Udo Schweigert <Udo.Schweigert@siemens.com>
2002-04-23 17:08:08 +00:00
..
access.sample /etc/mail/sendmail.cw is /etc/mail/local-host-names, now. 2000-11-02 23:40:40 +00:00
aliases Grammar fix for comment 2001-12-30 04:40:18 +00:00
mailer.conf Add the missing hoststat and purgestat commands. These are normally 2002-04-05 04:25:14 +00:00
mailertable.sample Correct $FreeBSD tags to include the (missing) ``:'', restoring the tags 2000-03-18 06:38:23 +00:00
Makefile sys.mk no longer includes bsd.own.mk so I need to include it here for 2002-04-23 17:08:08 +00:00
README Fix up submit.cf alternation instructions in light of new SENDMAIL_SUBMIT_MC 2002-04-14 19:24:28 +00:00
virtusertable.sample /etc/mail/sendmail.cw is /etc/mail/local-host-names, now. 2000-11-02 23:32:31 +00:00

# $FreeBSD$

		Sendmail Processes

As of sendmail 8.12, in order to improve security, the sendmail binary no
longer needs to be set-user-ID root.  Instead, a set-group-ID binary
accepts command line mail and relays it to a full mail transfer agent via
SMTP.  A group writable client mail queue (/var/spool/client-mqueue/ by
default) holds the mail if an MTA can not be contacted.

To accomplish this, under the default setup, an MTA must be listening on
localhost port 25.  If the rc.conf sendmail_enable option is set to "NO",
a sendmail daemon will still be started and bound only to the localhost
interface in order to accept command line submitted mail.  If this is not
a desirable solution, it can be disabled using the sendmail_submit_enable
rc.conf option.  However, if both sendmail_enable and sendmail_submit_enable
are set to "NO", you must do one of two things for command line submitted
mail:

1. Designate an alternative host for the submission agent to contact
   by altering /etc/mail/freebsd.submit.mc (or setting SENDMAIL_SUBMIT_MC
   in /etc/make.conf to an alternate .mc file) and using
   'make install-submit-cf' in /etc/mail/.  Change the FEATURE(msp) line
   to FEATURE(msp, hostname) where hostname is the fully qualified hostname
   of the alternative host.

Or:

2. Return to using a set-user-ID root sendmail binary by changing the
   ownership and permissions on the sendmail binary and removing the
   /etc/mail/submit.cf file:
	chown root /usr/libexec/sendmail/sendmail
	chmod 4755 /usr/libexec/sendmail/sendmail
	rm /etc/mail/submit.cf
   If you install from source, set the SENDMAIL_SET_USER_ID flag in
   /etc/make.conf.

Also, as of 8.12, a new queue-running daemon is started to make sure mail
doesn't remain in the client mail queue.  By default, it simply runs the
client mail queue every 30 minutes.  Its behavior can be adjusted by setting
the sendmail_msp_queue_enable and sendmail_msp_queue_flags rc.conf options.


		Filtering out SPAM from your site

Sendmail now includes excellent tools to block spam.  These tools are
available as FEATUREs that you can add to your site's .mc file.  Proper use
of these FEATUREs will prevent spammer from using your site as a relay as
well as significantly decrease the amount of spam that arrives at your
site.  No set of anti-spam tools will block all spam without blocking some
portion of legitimate mail as well.  Therefore, these FEATUREs are designed
to prevent as much spam as possible without blocking legitimate mail.

These tools are discussed in /usr/share/sendmail/cf/README.  Read the
section entitled "ANTI-SPAM CONFIGURATION CONTROL".  Example usage and
additional tools can be found in /usr/share/sendmail/cf/cf/knecht.mc.