Can someone please help me with setting up mail?

lrj at helios.tn.cornell.edu lrj at helios.tn.cornell.edu
Fri Dec 30 19:18:26 AEST 1988 

Okay, i dealt with this problem a couple years ago, and haven't really
touched sendmail.cf since, but here goes...

One of the things about an NFS network is that you cannot (without
twiddling a bit and creating a gaping security hole) act as root on an NFS
partition.  The userid gets translated to "nobody" on the remote machine.
Mail is usually delivered by root, thus the problems you described.

The interesting thing, however, is that normal users have full access.
Due to this, users (with the exception of root) can read/delete mail on an
NFS partition without problems*.  However, mail can be delivered quite
safely by the mail agent IF the partition is a local one.  The only way to
guarantee no problems with the mail agent delivering the mail is to
guarantee that all machines but the server forward the mail TO the server.

You mentioned the use of aliases to try to get all the mail sent to the
server.  In THEORY this ought to work, but i found that in practice is was
rather difficult, and the headaches don't go away (eg having to change
/usr/lib/aliases on 10 machines everytime you add a new user).

A much simpler thing is to change a part of /usr/lib/sendmail.cf to do the
work for you.  At various points (three by my last count) sendmail will
call $#local to deliver the mail and be done with it.  What i did is to
change this to be $#tcp$@$A, causing sendmail to NOT deliver it locally,
but to forward to the server (by defining $A to be the server address).

Simply go through your sendmail.cf (after making a backup copy!) and
change instances of $#local to be $#tcp$@$A.  ONLY DO THIS ON THE
CLIENTS!!!  DO NOT CHANGE THE SERVER'S SENDMAIL.CF!!

Additionally, place these lines near the top of the file:

		# local mail sever -- lrj
		DAservers.full.domain.name

This ought to work for you.  You may also want to define the hostname in
your clients' sendmail.cf to be the name of the server, so it looks like
ALL mail originating from your network is coming from the server.  By
doing this, mail coming back to your systems will tend to be addressed to
the server, and you cut down on the instances of mail coming to a client
only to go to the server.

One more thing; you mentioned that /usr is shared?  Make sure that
/usr/spool/mqueue (and of course everything but mail) is NOT shared or you
can run into some very odd problems.  The best way to do this is to move
/usr/spool/mail to /usr/spool2/mail, and have a symbolic link on each
machine in /usr/spool.  The reason is that usually /usr/spool is really
/private/usr/spool...

Of course, what has worked for my machines may or may not work for all
cases, and i'm offering the above as an example of what i've done to solve
the problem.  if you do it and get nailed, it's not my responsibility.

	-- Lewis R. Jansen, LASSP Systems Grunt
	lrj at helios.tn.cornell.edu

More information about the Comp.sys.sun mailing list