Sendmail: "exposed" root, why?
Philip M. Gollucci
philip at ridecharge.com
Tue Jan 8 10:26:19 PST 2008
Jerahmy Pocott wrote:
> Hello,
>
> From the sendmail documentation:
>
> "There are always users that need to be "exposed" -- that is,
> their internal site name should be displayed instead of the
> masquerade name. Root is an example (which has been
> "exposed" by default prior to 8.10)."
>
> Is there actually any reason why root needs to be "exposed"?
>
> Root is set to an external address in aliases and it really
> needs to be masqueraded in order to for it to get delivered,
> but would that cause problems with anything?
>
> How do you stop sendmail from doing this, I don't see any
> directive to NOT expose root, only options to expose other
> addresses as well.. Perhaps there is a better way to send
> system mailed logs to an external address that doesn't send
> them from root?
>
> Thanks for any info!
There is no directive, but you can edit the resultant .cf file
and remove the line
C{E}root
or root from that line if more than one user.
Be warned, you _will_ break /etc/crontab and periodic scripts mail delivery.
The reason it needs to be exposed is probably these scripts because
other wise the from address for daily security scripts will be
root@<masquerade> rather than root at machine.domain. Now, it so happens
that most of these e-mails have the machine name in the subject or what not.
--
------------------------------------------------------------------------
Philip M. Gollucci (philip at ridecharge.com)
o:703.549.2050x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF
Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
More information about the freebsd-questions
mailing list