On Fri, Feb 10, 2012 at 7:11 PM, Wietse Venema <wie...@porcupine.org> wrote:
> mailer.conf settings work only when:
>
> 1) /usr/sbin/sendmail is a symlink to /usr/sbin/mailwrapper, like this:
>
> lrwxr-xr-x 1 root wheel 21 Feb 17 2011 /usr/sbin/sendmail ->
> /usr/sbin/mailwrapper
Precisely what I have:
lrwxr-xr-x 1 root wheel 21 Feb 8 16:20 /usr/sbin/sendmail ->
/usr/sbin/mailwrapper
>
> AND
>
> 2) Your mail software invokes /usr/sbin/sendmail, instead of
> invoking /usr/libexec/sendmail/sendmail.
>
> What is the configuration of your mail software invokes sendmail?
Here's the relevant line from my mutt config. But mutt throws the
same error that I get when sending from the command line: even though
there is no sendmail process running after a boot with
sendmail_enable="NONE" in rc.conf, something--doesn't it have to be
sendmail?--is trying to drop mail into an unwritable spool that is
owned by the sendmail MSP process.
set sendmail="/usr/sbin/sendmail -oem -oi"
WARNING: RunAsUser for MSP ignored, check group ids (egid=1002, want=25)
collect: Cannot write ./dfq1B0Ut0C054698 (bfcommit, uid=1002, gid=1002):
+Permission denied
queueup: cannot create queue file ./qfq1B0Ut0C054698, euid=1002, fd=-1, fp=0x0:
+Permission denied
At this point I'm going to try a full reinstall of postfix, though,
again, I think the crux of this is in the FreeBSD README:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
As of sendmail 8.12, in order to improve security, the sendmail binary no
longer needs to be set-user-ID root. Instead, a set-group-ID binary
accepts command line mail and relays it to a full mail transfer agent via
SMTP. A group writable client mail queue (/var/spool/clientmqueue/ by
default) holds the mail if an MTA can not be contacted.
To accomplish this, under the default setup, an MTA must be listening on
localhost port 25. If the rc.conf sendmail_enable option is set to "NO",
a sendmail daemon will still be started and bound only to the localhost
interface in order to accept command line submitted mail (note that this
does not work inside jail(2) systems as jails do not allow binding to
just the localhost interface). If this is not a desirable solution, it
can be disabled using the sendmail_submit_enable rc.conf option. However,
if both sendmail_enable and sendmail_submit_enable are set to "NO"
[this is true in my case],
you must do one of two things for command line submitted mail:
1. Designate an alternative host for the submission agent to contact
by altering /etc/mail/freebsd.submit.mc (or setting SENDMAIL_SUBMIT_MC
in /etc/make.conf to an alternate .mc file) and using
'make install-submit-cf' in /etc/mail/. Change the FEATURE(msp) line
to FEATURE(msp, hostname) where hostname is the fully qualified hostname
of the alternative host.
Or:
2. Return to using a set-user-ID root sendmail binary by changing the
ownership and permissions on the sendmail binary and removing the
/etc/mail/submit.cf file:
chown root /usr/libexec/sendmail/sendmail
chmod 4755 /usr/libexec/sendmail/sendmail
rm /etc/mail/submit.cf
If you install from source, set the SENDMAIL_SET_USER_ID flag in
/etc/make.conf.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Wietse
--
Jorge Luis González <jlg.in...@gmail.com>
http://people.umass.edu/jlg/
