Version 8.12 of sendmail includes an additional configuration file, /etc/mail/submit.cf. This new file, submit.cf, is used to run sendmail in mail-submission program mode instead of daemon mode. Mail-submission program mode, unlike daemon mode, does not require root privilege, so this new paradigm provides better security.
See the following list of functions for submit.cf:
sendmail uses submit.cf to run in mail submission program (MSP) mode, which submits email messages and can be invoked by programs (such as mailx), as well as by users. Refer to the description of the -Ac option and the -Am option in New or Deprecated Command-Line Options.
submit.cf is used in the following operating modes:
-bm, which is the default operating mode
-bs, which uses standard input to run SMTP
-bt, which is the test mode that is used to resolve addresses
sendmail, when using submit.cf, does not run as an SMTP daemon.
sendmail, when using submit.cf, uses /var/spool/clientmqueue, the client-only mail queue, which holds messages that were not delivered to the sendmail daemon. Messages in the client-only queue are delivered by the client “daemon,” which is really acting as a client queue runner.
By default, sendmail uses submit.cf periodically to run the MSP queue (otherwise known as the client-only queue), /var/spool/clientmqueue.
/usr/lib/sendmail -Ac -q15m |
Note the following:
submit.cf is provided automatically when you install or upgrade to the Solaris 9 operating environment.
submit.cf requires no planning or preliminary procedures prior to the installation of the Solaris 9 operating environment.
Unless you specify a configuration file, sendmail automatically uses submit.cf as required. Basically, sendmail knows which tasks are appropriate for submit.cf and which tasks are appropriate for sendmail.cf.
submit.cf is not to be modified.
The sendmail.cf configuration file is for the daemon mode. When using this file, sendmail is acting as a mail transfer agent (MTA), which is started by root.
/usr/lib/sendmail -L sm-mta -bd -q1h |
See the following list of other distinguishing functions for sendmail.cf:
By default, sendmail.cf accepts SMTP connections on ports 25 and 587.
By default, sendmail.cf runs the main queue, /var/spool/mqueue.
With the addition of submit.cf, the following functional changes have occurred:
In version 8.12 of sendmail, only root can run the mail queue. For further details, refer to the changes that are described in the mailq(1) man page. For new task information, refer to Administering the Queue Directories (Task Map).
The mail-submission program mode runs without root privilege, which might prevent sendmail from having access to certain files (such as the .forward files). Therefore, the -bv option for sendmail could give the user misleading output. No workaround is available.
Prior to sendmail version 8.12, if you were not running the sendmail daemon (that is, running in daemon mode), you would only prevent the delivery of inbound mail. Now, in sendmail version 8.12, if you are not running the sendmail daemon with the default configuration, you also prevent the delivery of outbound mail. The client queue runner (also known as the mail submission program) must be able to submit mail to the daemon on the local SMTP port. If the client queue runner tries to open an SMTP session with the local host and the daemon is not listening on the SMTP port, the mail remains in the queue. The default configuration does run a daemon, so this problem does not occur if you are using the default configuration. However, if you have disabled your daemon, refer to Managing Mail Delivery by Using an Alternate Configuration (Task) for a way to resolve this problem.