Am Mi, den 27.10.2004 schrieb James McKenzie um 4:05:
> >Simply place a "dnl " in front of the DAEMON_OPTIONS line. This is what
> >the comment above says.
> Does the dnl mean "Do Not Load"? I thought you needed this line, but
> you don't need the address (Addr) parameter. When we set up both linux
> and *NIX, we add this line to prevent being an open proxy. I'm
> definately learning here.
>
> James McKenzie
The dnl is a macro in the context of m4 and from "man m4":
dnl The dnl macro shall cause m4 to discard all input
characters up
to and including the next <newline>.
So it stands for: "do next line" and ignore the rest of this one.
The DAEMON_OPTIONS line is not needed. By default the created
sendmail.cf will have Sendmail bound the MTA to each available address.
So you only need a DAEMON_OPTIONS line if you want to change the
default, i.e. limiting the addresses or changing the port or setting a
specific modifier.
http://people.freenet.de/slgig/op_en/options.html
-->
DaemonPortOptions=options
When setting up a new Sendmail host you always add a DAEMON_OPTIONS line
to the .mc file to prevent being an open proxy? That makes not much
sense. At least an instruction
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
causes nothing specific for the resulting sendmail.cf file. And I don't
really understand in which way you speak about "proxy". Do you instead
mean "open relay"?
Here a practical example where it makes sense to modify the daemon
settings using DAEMON_OPTIONS. On one of my Sendmail MX hosts I am
using:
DAEMON_OPTIONS(`Addr=123.123.123.45, Port=smtp, Name=MTA,
InputMailFilters=milter-sender;clamav;mimedefang')dnl
DAEMON_OPTIONS(`Addr=127.0.0.1, Port=smtp, Name=MTA)dnl
DAEMON_OPTIONS(`Addr=123.123.123.45, Port=submission, Name=MSA,
M=Ea')dnl
First line: I specify a specific IP (one of several on the host) the
Sendmail daemon shall be bound to, bound to port 25 (given by smtp),
specify for which daemon ( here the MTA) and which milters shall be used
for it.
Second line: As I limit the MTA to be bound on a specific IP I have to
explicitly add the loopback address too (127.0.0.1) because else
Sendmail would not listen there and some elementary functionality would
miss.
Third line: I configure the MSA, which is the submission service, to be
bound to a specific IP and change the modifier, which is by default only
"M=E". I set it to be "M=Ea" and this way force authentication on port
587. To be able to change the MSA you have to deactivate the standard
MSA before:
FEATURE(`no_default_msa',`dnl')dnl
This is a specific issue for the submission agent.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp
Serendipity 04:56:54 up 7 days, 1:36, load average: 0.24, 0.36, 0.48
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
