Re: Building Sendmail from ports
[ ---8--- Text has been removed! ---8---] But, where will the port install my *.mc and *.cf files? This I can't seem to figure out. I would like to know before I hit 'make install' in the port dir. I would think it will install them into /usr/local/share/sendmail/cf, would that be correct? Hi DAve, When you use the mail/sendmail port, it does install files in /usr/local/share/sendmail. Think of it as the base system's sendmail files in /usr/share/sendmail. Now, the .mc and .cf files are still kept in /etc/mail and not in /usr/local/etc/mail as one could think by using a port. Note that you will find two scripts in /usr/local/etc/rc.d when you install the sendmail port. They are `sendmail.sh.sample' and `sm-client.sh.sample'. But you don't need to use them. The base system's /etc/rc.d/sendmail script handles both the base system's sendmail and the port's sendmail. The key for a pain free mail/sendmail ports usage is to do what you said. That is to edit make.conf(5) and to use special make(1) targets from the mail/sendmail's Makefile. Briefly, here's the way I do things when I update mail/sendmail (YMMV of course) sudo vi /etc/make.conf ## # mail/sendmail port configuration. ## # Do not build and install the base distribution of sendmail. # NO_SENDMAIL= TRUE # Specify where the configuration directory is located. # SENDMAIL_CF_DIR=/usr/local/share/sendmail/cf .if ${.CURDIR:M*/mail/sendmail} SENDMAIL_WITHOUT_IPV6=yes \ SENDMAIL_WITHOUT_NIS=yes \ SENDMAIL_WITH_TLS=yes \ SENDMAIL_WITH_SMTPS=yes \ SENDMAIL_WITH_LDAP=yes \ SENDMAIL_WITH_BERKELEYDB_VER=42 \ SENDMAIL_WITH_SOCKETMAP=yes \ SENDMAIL_WITH_PICKY_HELO_CHECK=yes \ SENDMAIL_WITH_SHARED_MILTER=yes .endif sudo porteasy -uv mail/sendmail sudo porteasy -uv security/openssl sudo porteasy -uv security/gnutls cd /usr/ports/mail/sendmail sudo make # -OR if you don't want to edit make.conf(5), you can run something like this: sudo make -DSENDMAIL_WITHOUT_IPV6 -DSENDMAIL_WITHOUT_NIS -DSENDMAIL_WITH_TLS -DSENDMAIL_WITH_SMTPS \ -DSENDMAIL_WITH_BERKELEYDB_VER=42 -DSENDMAIL_WITH_SOCKETMAP -DSENDMAIL_WITH_PICKY_HELO_CHECK -DSENDMAIL_WITH_SHARED_MILTER sudo make tls-install sudo make install sudo make mailer.conf sudo make clean Now, you might not need the exact same features of Sendmail as I do, of course. But the `make mailer.conf' is quite important. That's going to edit /etc/mail/mailer.conf which instructs the OS to use /usr/local/sbin/sendmail instead of the base system's sendmail. You don't have to change your PATH either. Why? Because if take a look at /usr/sbin/sendmail, it's not a binary, it's a symbolic link to `/usr/sbin/mailwrapper'. Just read the mailwrapper(8) man page and you'll understand how things work. I want to make certain that when I build new sendmail.in.cf and sendmail.out.cf the correct files are used by m4. Currently I run the following when making changes to my *.mc files /usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ /usr/share/sendmail/cf/m4/cf.m4 sendmail.in.mc sendmail.in.cf Take a look at the /etc/mail/Makefile and you'll see that it can determine your _CF_DIR_. But it takes a wrong decision. It uses either /usr/share/sendmail/cf or /usr/src/contrib/sendmail/cf. To work around this, you can edit /etc/mail/Makefile or use the following at the top of your sendmail.mc files: dnl include. dnl Use the following m4 macro file. dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl That's it. If you need any help, don't hesitate to contact me. Have fun :) David -- David Robillard UNIX systems administrator Oracle DBA CISSP, RHCE Sun Certified Security Administrator Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Building Sendmail from ports
David Robillard wrote: [ ---8--- Text has been removed! ---8---] But, where will the port install my *.mc and *.cf files? This I can't seem to figure out. I would like to know before I hit 'make install' in the port dir. I would think it will install them into /usr/local/share/sendmail/cf, would that be correct? Hi DAve, When you use the mail/sendmail port, it does install files in /usr/local/share/sendmail. Think of it as the base system's sendmail files in /usr/share/sendmail. As I expected. Now, the .mc and .cf files are still kept in /etc/mail and not in /usr/local/etc/mail as one could think by using a port. Got that from reading the make files, good to confirm. Note that you will find two scripts in /usr/local/etc/rc.d when you install the sendmail port. They are `sendmail.sh.sample' and `sm-client.sh.sample'. But you don't need to use them. The base system's /etc/rc.d/sendmail script handles both the base system's sendmail and the port's sendmail. I use a custom rc script already due to my split config. The key for a pain free mail/sendmail ports usage is to do what you said. That is to edit make.conf(5) and to use special make(1) targets from the mail/sendmail's Makefile. Briefly, here's the way I do things when I update mail/sendmail (YMMV of course) sudo vi /etc/make.conf ## # mail/sendmail port configuration. ## # Do not build and install the base distribution of sendmail. # NO_SENDMAIL= TRUE # Specify where the configuration directory is located. # SENDMAIL_CF_DIR=/usr/local/share/sendmail/cf .if ${.CURDIR:M*/mail/sendmail} SENDMAIL_WITHOUT_IPV6=yes \ SENDMAIL_WITHOUT_NIS=yes \ SENDMAIL_WITH_TLS=yes \ SENDMAIL_WITH_SMTPS=yes \ SENDMAIL_WITH_LDAP=yes \ SENDMAIL_WITH_BERKELEYDB_VER=42 \ SENDMAIL_WITH_SOCKETMAP=yes \ SENDMAIL_WITH_PICKY_HELO_CHECK=yes \ SENDMAIL_WITH_SHARED_MILTER=yes .endif sudo porteasy -uv mail/sendmail sudo porteasy -uv security/openssl sudo porteasy -uv security/gnutls cd /usr/ports/mail/sendmail sudo make # -OR if you don't want to edit make.conf(5), you can run something like this: sudo make -DSENDMAIL_WITHOUT_IPV6 -DSENDMAIL_WITHOUT_NIS -DSENDMAIL_WITH_TLS -DSENDMAIL_WITH_SMTPS \ -DSENDMAIL_WITH_BERKELEYDB_VER=42 -DSENDMAIL_WITH_SOCKETMAP -DSENDMAIL_WITH_PICKY_HELO_CHECK -DSENDMAIL_WITH_SHARED_MILTER sudo make tls-install sudo make install sudo make mailer.conf sudo make clean Now, you might not need the exact same features of Sendmail as I do, of course. But the `make mailer.conf' is quite important. That's going to edit /etc/mail/mailer.conf which instructs the OS to use /usr/local/sbin/sendmail instead of the base system's sendmail. You don't have to change your PATH either. Saw that in the Makefile. Why? Because if take a look at /usr/sbin/sendmail, it's not a binary, it's a symbolic link to `/usr/sbin/mailwrapper'. Just read the mailwrapper(8) man page and you'll understand how things work. Yep. I want to make certain that when I build new sendmail.in.cf and sendmail.out.cf the correct files are used by m4. Currently I run the following when making changes to my *.mc files /usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ /usr/share/sendmail/cf/m4/cf.m4 sendmail.in.mc sendmail.in.cf Take a look at the /etc/mail/Makefile and you'll see that it can determine your _CF_DIR_. But it takes a wrong decision. It uses either /usr/share/sendmail/cf or /usr/src/contrib/sendmail/cf. Previously I didn't want to change the installed Makefile in /etc/mail, I likely will now. To work around this, you can edit /etc/mail/Makefile or use the following at the top of your sendmail.mc files: dnl include. dnl Use the following m4 macro file. dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl Excellent idea! That's it. If you need any help, don't hesitate to contact me. Have fun :) I appreciate the heads up, thanks! DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: building sendmail-sasl-8.12.10 problems
On Sat, 4 Oct 2003 16:35:41 +0100, Matthew Seaman wrote On Sat, Oct 04, 2003 at 07:13:28AM -0800, Noah wrote: Either that, or ditch the ports version of sendmail, and add the following to your /etc/make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 when I uncomment these entries in /etc/make.conf - I get the folllowing errors during execution of 'make' . [EMAIL PROTECTED] make /etc/make.conf, line 404: Unassociated shell command SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 /etc/make.conf, line 405: Unassociated shell command SENDMAIL_LDFLAGS=-L/usr/local/lib /etc/make.conf, line 406: Unassociated shell command SENDMAIL_LDADD=-lsasl2 make: fatal errors encountered -- cannot continue Check the syntax of your /etc/make.conf file carefully. Make sure those variable assignments don't have any leading whitespace, and particularly that they don't follow an uncommented line ending in one or two colons. make(1) has somehow become convinced that those lines are commands that it should execute rather than variable settings. white space was the issue. thank you for your help. - Noah Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: building sendmail-sasl-8.12.10 problems
On Fri, Oct 03, 2003 at 12:46:12PM -0800, Noah wrote: FreeBSD 4.8-STABLE machine okay I just built sendmail-sasl version 8.12.10 from /usr/ports/mail/sendmail-sasl but my system is complaining that SASL support is required. what am I doing wrong. why isnt SASL support being recognized? sasl2 'PORTVERSION=2.1.15' is in /usr/ports --- make stop make start from /etc/mail --- # make start [/etc/mail] Starting: sendmailWarning: Option: AuthMechanisms requires SASL support (-DSASL) Warning: Option: AuthOptions requires SASL support (-DSASL) sendmail-clientmqueue. --- snip Hmmm... Sounds like you're trying to start up the sendmail from the base system but using the .mc/.cf files with all of the SASL stuff in it. Check the contents of /etc/mail/mailer.conf -- make sure you're starting up the port version of sendmail, which will be /usr/local/sbin/sendmail Either that, or ditch the ports version of sendmail, and add the following to your /etc/make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 plus install the the security/cyrus-sasl2 port. (Read the comments in /etc/make.conf if you prefer to use SASLv1 -- setup is almost identical) That will build you a SASL enabled sendmail from the base system. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html for details of setting up the base system with SASL-ized sendmail using SASLv1. Same instructions work for SASLv2 if you make the obvious substitutions. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: building sendmail-sasl-8.12.10 problems
Hmmm... Sounds like you're trying to start up the sendmail from the base system but using the .mc/.cf files with all of the SASL stuff in it. Check the contents of /etc/mail/mailer.conf -- make sure you're starting up the port version of sendmail, which will be /usr/local/sbin/sendmail Hi, okay I fixed /etc/mail/mailer.conf file and 8.12.10 is now running. Either that, or ditch the ports version of sendmail, and add the following to your /etc/make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 when I uncomment these entries in /etc/make.conf - I get the folllowing errors during execution of 'make' . [EMAIL PROTECTED] make /etc/make.conf, line 404: Unassociated shell command SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 /etc/make.conf, line 405: Unassociated shell command SENDMAIL_LDFLAGS=-L/usr/local/lib /etc/make.conf, line 406: Unassociated shell command SENDMAIL_LDADD=-lsasl2 make: fatal errors encountered -- cannot continue - Noah plus install the the security/cyrus-sasl2 port. (Read the comments in /etc/make.conf if you prefer to use SASLv1 -- setup is almost identical) That will build you a SASL enabled sendmail from the base system. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html for details of setting up the base system with SASL-ized sendmail using SASLv1. Same instructions work for SASLv2 if you make the obvious substitutions. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: building sendmail-sasl-8.12.10 problems
On Sat, Oct 04, 2003 at 07:13:28AM -0800, Noah wrote: Either that, or ditch the ports version of sendmail, and add the following to your /etc/make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 when I uncomment these entries in /etc/make.conf - I get the folllowing errors during execution of 'make' . [EMAIL PROTECTED] make /etc/make.conf, line 404: Unassociated shell command SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 /etc/make.conf, line 405: Unassociated shell command SENDMAIL_LDFLAGS=-L/usr/local/lib /etc/make.conf, line 406: Unassociated shell command SENDMAIL_LDADD=-lsasl2 make: fatal errors encountered -- cannot continue Check the syntax of your /etc/make.conf file carefully. Make sure those variable assignments don't have any leading whitespace, and particularly that they don't follow an uncommented line ending in one or two colons. make(1) has somehow become convinced that those lines are commands that it should execute rather than variable settings. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Re-building sendmail
For an excellent fix for sendmail see: http://www.postfix.org/ I'm actually thinking of going this route. Is the migration that difficult? Any special gotchas for someone who has been using the default sendmail stuff in FreeBSD? -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Amazing Developments http://www.buddydog.org It ain't what you don't know that gets you into trouble. It's what you know for sure that just ain't so. Mark Twain ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re-building sendmail
At 11:16 AM 6/27/2003, Jonathan Arnold wrote: For an excellent fix for sendmail see: http://www.postfix.org/ I'm actually thinking of going this route. Is the migration that difficult? Any special gotchas for someone who has been using the default sendmail stuff in FreeBSD? -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Amazing Developments http://www.buddydog.org It ain't what you don't know that gets you into trouble. It's what you know for sure that just ain't so. Mark Twain I have used Postfix on both FreeBSD and Solaris. No worries and quite easy to set up. There is suppose to be better security in postfix than sendmail. Also should be rather easy to configure in comparison. I think you will like it. I have never migrated, so I cannot offer any comments. --Bob ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re-building sendmail
, 24 2003, 06:06, Bill Campbell : On Tue, Jun 24, 2003 at 12:58:20PM +1000, Martin Ryan wrote: What's the best way to rebuild sendmail with DB4? For an excellent fix for sendmail see: http://www.postfix.org/ Bill Bill, Have you ever had the experience where you ask a question related to some aspect of FreeBSD and some clever individual advises the best fix is to uninstall FreeBSD and install Linux? If so, what's your opinion of people who offer such assistance ? I've had those experiences, and still say that given the security problems and other issues with sendmail, I would strongly recommend replacing it with an MTA that's more secure, easier to configure, and more efficient. When I first connected our systems to the Internet over ten years ago, the CERT advisories on sendmail were about the size of a Manhattan phone book. Over the years, it has proven one of the most common sources of security holes on *ix systems, although BIND had recently been vying for the title. So you might suggest replacing it DJB DNS??? Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``It will be of little avail to the people that the laws are made by men of their own choice if the laws be so voluminous that they cannot be read, or so incoherent that they cannot be understood.'' -James Madison, Federalist Paper #62 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re-building sendmail
On Tue, Jun 24, 2003 at 11:40:52AM +0300, Benzi Mizrahi wrote: áéåí ùìéùé, 24 áéåðé 2003, 06:06, Bill Campbell ëúá: When I first connected our systems to the Internet over ten years ago, the CERT advisories on sendmail were about the size of a Manhattan phone book. Over the years, it has proven one of the most common sources of security holes on *ix systems, although BIND had recently been vying for the title. So you might suggest replacing it DJB DNS??? We did that about two years ago when the BIND 8 holes were appearing hot and heavy. An added benefit of djbdns is the rbldns server which makes it very easy to implement DNS based realtime blackhole lists. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ DOS: n., A small annoying boot virus that causes random spontaneous system crashes, usually just before saving a massive project. Easily cured by UNIX. See also MS-DOS, IBM-DOS, DR-DOS. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re-building sendmail
Martin Ryan [EMAIL PROTECTED] writes: What's the best way to rebuild sendmail with DB4? There's a makefile in /usr/src/usr.sbin/sendmail and there also a sendmail port and I'm not sure which is the recommended way to go. FWIW, I want to get milter-sender going (http://www.snert.com/Software/milter-sender/index.shtml). I think that in the long run, you'll find it easier to go with the port. In the shorter run, it may not matter so much. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re-building sendmail
Folks, What's the best way to rebuild sendmail with DB4? There's a makefile in /usr/src/usr.sbin/sendmail and there also a sendmail port and I'm not sure which is the recommended way to go. FWIW, I want to get milter-sender going (http://www.snert.com/Software/milter-sender/index.shtml). Cheers, Martin -- http://www.fastmail.fm - Access all of your messages and folders wherever you are ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re-building sendmail
On Tue, Jun 24, 2003 at 11:56:09AM +1000, Martin Ryan wrote: Folks, What's the best way to rebuild sendmail with DB4? For an excellent fix for sendmail see: http://www.postfix.org/ Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``Our Foreign dealings are an Open Book, generally a Check Book.'' Will Rogers ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re-building sendmail
What's the best way to rebuild sendmail with DB4? For an excellent fix for sendmail see: http://www.postfix.org/ Bill Bill, Have you ever had the experience where you ask a question related to some aspect of FreeBSD and some clever individual advises the best fix is to uninstall FreeBSD and install Linux? If so, what's your opinion of people who offer such assistance ? -- http://www.fastmail.fm - Faster than the air-speed velocity of an unladen european swallow ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re-building sendmail
On Tue, Jun 24, 2003 at 12:58:20PM +1000, Martin Ryan wrote: What's the best way to rebuild sendmail with DB4? For an excellent fix for sendmail see: http://www.postfix.org/ Bill Bill, Have you ever had the experience where you ask a question related to some aspect of FreeBSD and some clever individual advises the best fix is to uninstall FreeBSD and install Linux? If so, what's your opinion of people who offer such assistance ? I've had those experiences, and still say that given the security problems and other issues with sendmail, I would strongly recommend replacing it with an MTA that's more secure, easier to configure, and more efficient. When I first connected our systems to the Internet over ten years ago, the CERT advisories on sendmail were about the size of a Manhattan phone book. Over the years, it has proven one of the most common sources of security holes on *ix systems, although BIND had recently been vying for the title. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``It will be of little avail to the people that the laws are made by men of their own choice if the laws be so voluminous that they cannot be read, or so incoherent that they cannot be understood.'' -James Madison, Federalist Paper #62 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]