how to stop sendmail 100%

ipfreak said:
those console messages only came out every morning 03:00.

i will check tomorrow morning after the changes.
Click to expand...

That's cron runnning at the same time it does on mine, if I'm not using it at the moment. Which means we're in the same timezone. Then it will wait like a good daemon and do it's thing after some idle time.

Then tomorrow morning, if you have your /etc/aliases configured correctly as shown with username@machinename you've got mail:

Code: 
root: jitte@jigoku

I su to root in x11/rxvt-unicode then open editors/leafpad by invoking my command leafpad and up it pops.

Then go look at the mail you have as root, because the usr can't, and read the morning news at /var/mail/root and do it with TCP port 25 blocked with pf.

I rarely do.
 
Last edited by a moderator:
Trihexagonal said:
That's cron runnning at the same time it does on mine, if I'm not using it at the moment. Which means we're in the same timezone. Then it will wait like a good daemon and do it's thing after some idle time.

Then tomorrow morning, if you have your /etc/aliases configured correctly as shown with username@machinename you've got mail:

Code: 
root: jitte@jigoku

I su to root in x11/rxvt-unicode then open editors/leafpad by invoking it by command leafpad and up it pops.

Then go look at the mail you have as root, because the usr can't, and read the morning news at /var/mail/root and do it with TCP port 25 blocked with pf.

I rarely do.
Click to expand...

thanks. i didn't touch /etc/aliases yet since i just built the server. plus at least for now i don't want the sendmail daemon to run at all.
 
ralphbsz said:
It's not "exactly" getting started in periodic, in the sense that the daemon isn't running. Instead, the few periodic scripts I looked at run the sendmail executable(s) to perform various checks. If the system is correctly configured (but with sendmail disabled and left in the default configuration), then you should be able to run a program such as mailq or purgestat (all of which are sendmail in various disguises), and they should be well-behaved, meaning harmless.
Click to expand...
Ain't got no purgestat, neither hoststat. /etc/mail/mailer.conf
Code: 
sendmail        /usr/libexec/dma
mailq           /usr/libexec/dma
ralphbsz said:
On the philosophical question whether sendmail should even be in base: As I said, it is the most powerful, best documented (there are many books about it) and most experienced MTA there is. It is not easy to use, and not always the most secure (it is VERY unforgiving of misconfiguration, but when correctly configured, it's very secure).
Click to expand...
["VERY unforgiving"] This last topic is a very good reason to put it in ports(7) only IMHO. All of the others are highly subjective. ["most powerful, ..."]: others aren't bad, either. Let the admin/user decide. There're respectful alternatives. A minimal MTA like dma(8) in base is perfectly enough.
 
Zirias said:
Well, you actually quoted the answer to your "why?" question, so this is kind of ridiculous.
Click to expand...
There is a lot of things in FreeBSD that were always in BSD and are not used in "common" installations.
That is no reason to take them away. They are just part of BSD. People that call to delete sendmail seem
to have something against sendmail, that seems more to be the reason.
 
ralphbsz said:
On the philosophical question whether sendmail should even be in base: As I said, it is the most powerful, best documented (there are many books about it) and most experienced MTA there is. It is not easy to use, and not always the most secure (it is VERY unforgiving of misconfiguration, but when correctly configured, it's very secure). So I think it passes the "rock stable" test, if the user does their part, of either using it correctly, or making the conscious choice of not using it and executing on that choice (by installing an alternate MTA). And this is *BSD, not a system for sissies, so I expect the user to do their part. Personally, in spite of having configured it a few times (and received help from Eric), I have chosen ssmtp, because it fits my needs better.
Click to expand...
It is not easy to use, but in my experience are other not necessarily easier. As said, it is a small program,
that it has more functionality than needed should be welcomed.

The arguments against it in base sounds me like witch-hunting. Or like the argument on the so called
"secularization" in Germany for demolishing old medieval churches at the beginning of the 19th century:
just because they are not needed. With a similar argument was also demolished in 1805 the oldest,
medieval, church in Hamburg, in its place is today a car parking place. It is a shame, barbarian argumentation.
 
ralphbsz said:
Actually, if sendmail is disabled with "sendmail...=NO" in /etc/rc.conf, then all the periodic checks should (and will) pass with flying colors and without any warning messages, as long as the system is correctly configured.
Click to expand...
Nah, Periodic is completely separated from rc.conf. This becomes obvious when checking periodic(8) but also if you check one of the scripts itself. Say for example /etc/periodic/daily/460.status-mail-rejects. The only thing that script uses externally is /etc/periodic.conf, it does not bother itself with /etc/rc.conf and as far as I can tell none of the periodic scripts do.

This system works independently.
 
hruodr said:
The arguments against it in base sounds me like witch-huntig.
Click to expand...
Personally I have nothing against sendmail being in base.
The only thing I want is a non-deprecated way to disable it.

Regarding "witch hunt", I am thinking of the Zap key, which some distro admins go lengths to make it as difficult as possible to re-enable it.
 
Mjölnir said:
PS If that is it, file in a bug report: The periodic(8) scripts should check for the rc.conf(5) variables that you explicitely disabled.
EDIT PS: I could swear sendmail_enable="NONE" should do. BastilleBSD is not FreeBSD, it's a derivate, so there can be some differences.
Click to expand...
thanks. confirmed your finding! i didn't see those messages in my console.log any more.
 
Mjölnir said:
Such a survey does not show the preference of MTAs, but shows the preference of OS distribution. Then they let run their distribution's default MTA. That's all to that.
Click to expand...
Huh? These are public mail exchangers that you know, send and receive mail. I find it very difficult to believe that anyone operating such a server would just take whatever came installed. Configuring this kind of server is not trivial.

But fine, I'll bite. So you're saying Exim = Linux? What about Postfix?
 
According to /etc/rc.d/sendmail:
Code: 
case ${sendmail_enable} in
[Nn][Oo][Nn][Ee])
        sendmail_enable="NO"
        sendmail_submit_enable="NO"
        sendmail_outbound_enable="NO"
        sendmail_msp_queue_enable="NO"
        ;;
esac
I have these set, like so, in rc.conf. I used to have it set as sendmail_enable="NONE". This was supposed to have been depreciated, but it looks like it was kept in. There was another setting I had to disable as well, to prevent sendmail messages from popping up.


Jose said:
What about Postfix?
Click to expand...
Postfix doesn't have the right license to be included in base. DMA which is from DragonflyBSD is compatible with FreeBSD's base.
 
sidetone said:
Postfix doesn't have the right license to be included in base. DMA which is from DragonflyBSD is compatible with FreeBSD's base.
Click to expand...
Sorry that wasn't clear. I'm not advocating for Postfix in base. I'm in the dma(8) camp.

Mjoelnir was making the claim that there's a nearly 1:1 correspondence between the MTA used and the underlying OS. Assuming Linux is the most popular, and therefore identifies Exim, what OS is identified by Postfix?
 
IIRC the default MTA differs from Linux distro to distro. Of course the admin can decide to use another one, but many, espc. small sites, will just not do that and stick with the default shipped. That's all I meant.
BTW this thread can be set to "solved"? I sent a PM to the OP, but it seems s/he's gone.
 
We need a mail wizard script that asks questions, updates all the config files (that it can) and gives you a report of what was touched plus a checklist for your DNS provider.

I've read sendmail and postfix documentation. They're awful but that's because modern email is so horrible to manage.
 
unitrunker said:
We need a mail wizard script that asks questions, updates all the config files (that it can) and gives you a report of what was touched plus a checklist for your DNS provider.

I've read sendmail and postfix documentation. They're awful but that's because modern email is so horrible to manage.
Click to expand...
File in a request @GSoC, they may write us an AI for that. In the meantime, IMHO it's reasonable to expect a periodic script to check if the user/admin wants to run a full-featured MTA on his/her system.
 
I only use web-based email and have never done any configuration of sendmail on this box but for:
/etc/aliases
root: jitte@jigoku

/etc/rc.conf
sendmail_enable="NO"

/etc/pf.conf
ext_if = "bge0"
netbios_tcp = "{ 22, 23, 25, 80, 110, 111, 123, 512, 513, 514, 515, 6000, 6010 }"

### Default deny everything
block log all

### Block specific ports
block in quick log on $ext_if proto tcp from any to any port $netbios_tcp

### Keep and modulate state of outbound tcp, udp and icmp traffic
pass out on $ext_if proto { tcp, udp, icmp } from any to any modulate state

I get my Security reports and that's all it has, or gets, to do and worries me not.
 
You must log in or register to reply here.
Back
Top