sendmail local daemon mode (PSARC 2008/298)

John Beck jbeck at eng.sun.com
Mon May 5 09:16:55 PDT 2008 

Relevant earlier cases:
* PSARC 2004/368 Secure By Default
* PSARC 2008/042 automated building of sendmail configuration files

I am self-sponsoring this case, which I am marking closed approved
automatic, as the change is coming from upstream (sendmail.org in this
case) and hence is beyond Sun's control.  The interface is Committed
and, since the change is compatible, the release binding is Patch (and
note that a back-port is planned).

Version 8.14.3 of sendmail introduces a new feature: local daemon mode,
indicated by the -bl command line argument.  This mode is like the
previous daemon mode, indicated by -bd, except that incoming connections
are restricted to localhost.  A diff'd man page is in the materials
directory of the case, and for ease of review, the context diffs are
repeated below.  Note that sendmail.org has a different release taxonomy
than we do, hence the code for this is inside #if _FFR_LOCAL_DAEMON ...
#endif blocks (FFR == For Future Release) until version 8.15 comes along;
Solaris Makefiles will define this macro, but an "out of the box" build
would not have the feature enabled.

The use of this new argument will replace the earlier use of "-C
/etc/mail/local.cf" introduced by PSARC 2004/368, which added unneeded
complexity.  Now we can go back to having a single config file for
incoming connections, rather than the overly complex "use local.cf if
config/local_only is in effect; use sendmail.cf otherwise" paradigm.
As a result of this simplification, PSARC 2008/042 is hereby amended:
path_to_local_mc is removed as an interface.  Note that 2008/042 has not
yet been integrated, so there are no compatibility issues introduced by
removing this interface at this time.  As for the local.cf stuff from
PSARC 2004/368, that was an implementation detail that did not rise to
the level of being an interface.

-- John

--- sendmail.1m.old	Fri Apr 18 08:15:34 2008
+++ sendmail.1m.new	Fri Apr 18 08:15:25 2008
@@ -9,8 +9,8 @@
      sendmail - send mail over the internet
 
 SYNOPSIS
-     /usr/lib/sendmail [-Ac] [-Am] [-ba] [-bD] [-bd] [-bi] [-bm]
-	 [-bp] [-bP] [-bs] [-bt] [-bv] [-B type] [-C file]
+     /usr/lib/sendmail [-Ac] [-Am] [-ba] [-bD] [-bd] [-bi] [-bl]
+	 [-bm] [-bp] [-bP] [-bs] [-bt] [-bv] [-B type] [-C file]
 	 [-D logfile] [-d X] [-F fullname] [-f name] [-G]
 	 [-h N] [-L tag] [-M xvalue] [-N notifications] [-n]
 	 [-Ooption =value] [-o xvalue] [-p protocol]
@@ -294,6 +294,12 @@
 	 option.
 
 
+     -bl
+
+	 Runs as a daemon (like -bd) but only accepts loopback
+	 SMTP connections.
+
+
      -bm
 
 	 Delivers mail in the usual way (default).

-- John

http://blogs.sun.com/jbeck

More information about the opensolaris-arc mailing list