Tuning Configuration Parameters
You can tune several configuration parameters, depending on the requirements of your site. You can set most of these parameters by using an option in the configuration file. For example, the line OT3d sets option T to the value 3d (three days).
Time Values
All time intervals use a syntax of numbers and letters. For example, 10m is 10 minutes, and 2h30m is two and one-half hours.
Table 3-2 lists the time symbols.
Table 3-2 Time Syntax Options|
Code |
Description |
|---|---|
|
s |
Seconds |
|
m |
Minutes |
|
h |
Hours |
|
d |
Days |
|
w |
Weeks |
Queue Interval
The argument to the q flag specifies how often sendmail runs the queue. It is usually set to between 15 minutes (q15m) and 1 hour (q1h).
Read Timeouts
The Or option in the configuration file sets the read timeout. The default read timeout is Or15m. Although it is technically unacceptable within the published protocols, sendmail might time out when reading the standard input or when reading from a remote SMTP server. If your site has problems with read timeouts, set the read timeout to a larger value, like one hour (Or1h), to reduce the chance of several idle daemons piling up on your system.
Message Timeouts
The OT option in the configuration file sets the message timeout. The default message timeout is three days (OT3d). After a message has been in the queue for the message time-out period, the sender is notified that the message could not be delivered.
You can flush messages that have been hanging for a short period by running the queue with a short message timeout. For example, the command
# /usr/lib/sendmail -oT1d -q |
runs the queue and flushes any message that is one day old or older.
Delivery Mode
The Od option in the configuration file sets the delivery mode. The default delivery mode is Odbackground. Delivery modes specify how quickly mail is delivered. Table 3-3shows the legal modes.
Table 3-3 Delivery-Mode Options|
Code |
Description |
|---|---|
|
Delivers interactively (synchronously) |
|
|
Delivers in background (asynchronously) |
|
|
Queues only (does not deliver) |
There are trade-offs. The interactive mode (i) passes the maximum amount of information to the sender, but it is seldom necessary. The queue mode (q) puts the minimum load on your machine, but means that delivery might be delayed for up to the queue interval. The background mode (b), the default, is a good compromise.
Load Limiting
Central mail machines often can be overloaded. The best solution is to dedicate a more powerful machine to handling mail, but the load almost always expands to consume whatever resources are allocated.
The sendmail program enables you to limit the load. The goal of load limiting is to prevent wasting time during loaded periods by attempting to deliver large messages, messages to many recipients, and messages to sites that have been down for a long time.
Use the Ox and OX options to limit the load caused by sendmail. The default is not to set any load limits if no options are used. Both these configuration options take an argument that is an integer load average. For example, if you specify Ox4 and OX8, then the x load limiting will be used when the load is above four, and the X load limiting will be used when the load is above eight. When the load is above the value specified in the X option, the SMTP server does not accept connections from the network (locally originated mail and other mail like UUCP are not affected). The x option has a more subtle effect, controlling whether messages are queued for later delivery or delivered immediately. The general idea is always to deliver "small" messages immediately and to defer "large" messages for delivery during off-peak periods.
The Oq option specifies the maximum size of a message that is delivered immediately. The "size" of the message includes not only the number of bytes in the message but also the penalty for a large number of recipients and for unsuccessful delivery attempts. The penalty per recipient is option value y, by default set to 1000. The penalty per delivery attempt is the option value z, by default set to 9000. The size limit also depends on the current load, so that more and more messages are queued as the load goes higher. If the load is one above the x threshold, then the limit is halved; if the load is two above the threshold, the limit is divided by three, and so on. Note that this limit also applies to messages being delivered when processing the queue.
Log Level
You can adjust the level of logging for sendmail. Table 3-4shows the levels.
Table 3-4 Log-Level Codes|
Code |
Description |
|---|---|
|
0 |
No logging |
|
1 |
Major problems only; serious system failures and potential security problems |
|
2 |
Lost communications (network problems) and protocol failures |
|
3 |
Other serious failures |
|
4 |
Minor failures |
|
5 |
Message collection statistics |
|
6 |
Creating of error messages, VRFY and EXPN commands |
|
7 |
Delivery failures (host or user unknown, and so forth) |
|
8 |
Successful deliveries |
|
9 |
(Default) Messages deferred (due to a host down, and so forth) |
|
10 |
Database expansion (alias, forward, and userdb lookups) |
|
15 |
Automatic alias database rebuilds |
|
20 |
Logs attempts to run locked queue files |
|
30 |
Lost locks |
Refer to the system error logging section in System Administration Guide for more information.
File Modes
Certain files can have protection modes that control access. This section describes the modes that you can control from the sendmail.cf file. The modes you use depend on what functionality you want and the level of security you require.
setuid
By default, the sendmail program is executed with the user ID set to 0 (setuid to root) so that it can deliver to programs that might write in a user's home directory. When sendmail is ready to execute a mailer program, sendmail checks to see if the user ID is 0; if so, it resets the user ID and group ID to the values set by the u and g options in the configuration file. The user ID and group ID are both set to 1 (daemon). You can override these values by setting the S flag to the mailer (for mailers that are trusted, and must be called as root). However, mail processing is accounted to root rather than to the user sending the mail.
Temporary File Modes
The OF option sets the mode of all the temporary files that sendmail uses. The default value, 0600, is appropriate for secure mail, and 0644 is more permissive. If you use the more permissive mode, it is not necessary to run sendmail as root at all (even when running the queue). Users will be able to read mail in the queue.
Should My Alias Database Be Writable?
One approach is to provide the alias database (/etc/mail/aliases) with mode 666. If you use this approach, users can modify any list. However, you might want to limit the aliases that a user can change by putting them into a file that the user can edit and referencing this file from /etc/mail/aliases. Such references have the following format:
alias-name::include:/filename |
- © 2010, Oracle Corporation and/or its affiliates