In the current client.cf file, the queue directory is defined as /tmp. Because of its nature, the /tmp directory is always world-readable, -writable, and -searchable. Any file that is placed in /tmp can possibly be accessed, copied, or removed by any user. The use of /tmp clearly violates the need for confidentiality.
Another drawback to using /tmp is that /etc/rc files, which are executed when the system boots, often remove everything from /tmp. You certainly would not want queued mail messages removed just because the machine rebooted.
Instead of /tmp, you should use the existing mail queue
directory to store queued messages. If you haven't already
done so, find that location by looking for the
QueueDirectory
(Q
)
option in your existing sendmail.cf file:
%egrep "^OQ|QueueDirectory" /etc/sendmail.cf
OQ/usr/spool/mqueue
Here, we look for lines in the /etc/sendmail.cf file
that begin with the letters OQ
(an old-style declaration)
or that use the new option name QueueDirectory
. Remember that
your sendmail.cf file may not be in /etc. Replace
the location used above with one that is suitable for your situation.
Edit the client.cf file and replace /tmp
with
what you found. At the same time, remove the comment
that was left there reminding you to do just that:
O QueueDirectory=/tmp # BEWARE: use /var/spool/mqueue upon release change this O QueueDirectory=/var/spool/mqueue to this
This change causes sendmail
to use the correct queue directory, but it has an unfortunate
side effect. Recall that sendmail runs as the root unless
an unsafe command-line switch causes it to give up that
privilege. The -C
switch that you've been using all along
to run sendmail is just such an unsafe switch. Consequently,
if you were to now run sendmail as:
%./sendmail -Cclient.cf
you
the -C
would cause sendmail
to run as an ordinary user. For confidentiality
the queue directory is usually protected by making it
accessible only to root. Ordinary users, such as we've
been assuming you are, lack
permission to access the queue directory. Running the above
command
now will likely result in a error similar to the following:
queuename: Cannot create "qfIAA12390" in "/var/spool/mqueue" (euid=4010): Permission denied
You need to install the client.cf file in place of the system
sendmail.cf file so that you can successfully run sendmail.
With the client.cf file installed, you
no longer need to use the -C
switch to tell
sendmail where to find its configuration file.
Unfortunately, before you can make that change, you need
to first make sure other machines know about it.