[Mimedefang] MimeDefang and RedHat Enterprise Edition->friction or harmony?

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Wed Sep 10 10:55:01 EDT 2003


 
> I installed RedHat Enterprise Linux ES2.1 (should be similar 
> to AS) a couple of months ago.  We run Sendmail 8.12 with 
> MimeDefang, SpamAssassin and McAfee.  It works really great, 
> apart from a snag with delays in McAfee scanning, see the 
> thread at 
> http://lists.roaringpenguin.com/pipermail/mimedefang/2003-Sept
> ember/007892.html
> 
> One thing you must do is to build a Sendmail 8.12 RPM 
> yourself, since RedHat Enterprise Linux comes with Sendmail 
> 8.11. I simply took the latest source-RPM from Redhat 9 and 
> rebuilt it.  For what it's worth, here are some of my notes:
> 
> 1. Make sure that the imap-2001a and imap-devel-2001a RPMs
>     have been installed, and that these services are enabled
>     under xinetd (chkconfig --list): imap, imaps, ipop3, pop3s.
> 
> 2. Download the latest Sendmail SOURCE RPM for Redhat (Redhat 9's
>     sendmail-8.12.8-5.90.src.rpm) and install it.
>     In order to enable the MILTER mail-filters at the Redhat 
> 7.2 level,
>     we must update the patch file sendmail-8.11.0-redhat.patch
>     in /usr/src/redhat/SOURCES by adding these words to the
>     +define(`confENVDEF',... line:
>        -DMILTER -D_FFR_MILTER_ROOT_UNSAFE
> 
> 3. In /usr/src/redhat/SPECS you edit the file sendmail.spec
>     and change line 5 into:
>        %define errata 72
>     Build the binary and source RPMs with this command:
>        rpmbuild -ba sendmail.spec
>     The resulting RPM files will be below the /usr/src/redhat 
> directory.
>     Install all of the RPMs in /usr/src/redhat/RPMS/i386.
> 
> 4. Look at the instructions in the Mimedefang HowTo,
>       http://www.rudolphtire.com/mimedefang-howto/

One important default misconfiguration in Redhat sendmail you did not
mention.

Go into the sendmail.mc file and find a line

define(`confTRUSTED_USER', `smmsp')dnl

and put a dnl in front of it. This setting is bad! Rebuild the sendmail.cf -
with mybe other wanted settings as well - by doing a make in /etc/mail.
Change the ownership of /etc/aliases* to root.root and restart sendmail. (In
the latest rawhide sendmail rpm this issue is fixed by Florian LaRoche.)

Alexander


-- 
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416  14CD E197 6E88 ED69 5653




More information about the MIMEDefang mailing list