[[ redirected to just current-users, thanks! ]]

[ On Sunday, June 29, 2003 at 20:24:40 (-0400), Andrew Brown wrote: ]
> Subject: Re: daily (& security) mail not delivered
>
> right.  as has been established.  you need to fix your dns so that the
> name of 127.0.0.1 isn't localhost.citi.umich.edu.

Wouldn't it be one hell of a lot better to fix sendmail so that it
doesn't need to look in the DNS (or /etc/hosts) to notice that the name
"localhost" means "The Local Host" and so that it doesn't need to
communicate with itself via the loopback interface?  The way you've
described it as working now is completely insane (and is not necessary
to allow sendmail to continue to run as an un-privileged program -- only
the final local delivery to /var/mail/root need be done by a privileged
program and that will be done by /usr/libexec/mail.local, which is so
privileged)

It would be even smarter to also store mail in /var/mail by group-write
privileges alone with only the initial creation of mailbox spool file
requiring any privilege and that can be done just once at account
creation time -- this way even mail.local would not have to be
super-user, but rather just set-group-id to "mail" (a group-ID unique to
mail.local, of course).

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>