Solution: sieve with reject/redirect/vacation fails, sendmail exit 71

[Nikola Milutinovic]

Razmik Ghanaghounian wrote:

> Privet Sergey..
> i put trusted users 'cyrus' in submit.cf and it did'nt help.. here is 
> the cut from my submit.cf
>
> #####################
> #   Trusted users   #
> #####################
>
> # this is equivalent to setting class "t"
> #Ft/etc/mail/trusted-users
> Troot
> Tdaemon
> Tuucp
> Tcyrus
>
> and Nikola... the permissions on sendmail binary is
> r-xr-sr-x r   root   smmsp
> so yes, it is setGid smmsp
> anyways setting g+w on /var/spool/clientmqueue and making cyrus member 
> of smmsp does the trick but i know it is'nt the right way.


The SECURITY file of the Sendmail distribution explains this to some 
length, but I'll just give you the gist.

Older versions of Sendmail had the binary set to "rwsr-xr-x", with 
SetUID=root. This allowed any user on the system to use sendmail to send 
mail to another local user (sendmail had to be root in order to invoke 
/bin/mail as root, which delivered to /var/spool/mail/*). Newer versions 
have actually 2 daemons using the same binary. Three system accounts are 
in play here, "root", "smmta" and "smmsp". MTA daemon runs as "root" and 
drops to "smmta" when it handles a connection. MTA-queue scans 
/var/spool/clientmqueue and if it sees a mail in it, delivers it as 
"root". Sendmail binary is SetGID to "smmsp" and any user running it 
will run it with that group ID, allowing any user on the system to 
submit messages to /var/spool/clientmqueue, in case MSP cannot contact 
MTA directly (over the socket).

So, to summarize, "cyrus" shouldn't be a member of "smmsp" group, but 
rwxrwx--- on /var/spool/clientmqueue is a must.

Nix.