SUMMARY: sendmail on solaris 9 woes

From: Christopher L. Barnard <>
Date: Fri Jul 25 2003 - 12:28:50 EDT
This is a detailed summary because this is important info and I really want
to get this summary into the archives:

I asked:

> I have a sendmail question for the collective.  I believe the problem
> centers around the "new and improved" (harumph) sendmail shipped with
> Solaris 9.
> I do not run sendmail in daemon (-bd) mode on clients; only the mailserver
> will receive email.  So on the client (Solaris 9 with patch 113575-04) I
> have edited the file in two places 
> change Cwlocalhost to Cwmailhost
> and change D{MTAHost}localhost to D{MTAHost}mailhost.
> I have edited the file in one place
> change the Cwlocalhost to Cwmailhost.
> On the mailhost (an old Solaris 7 sparc 20, with patch 110615-09), I put
> the local host name into the local-host-names file and restarted sendmail.
> Under Solaris 8 and older, this worked fine (and there was no so
> I didn't have to modify it...).  With Solaris 9, there is this
> new user smmnp, which will only send email to localhost.  This is called
> improving security -- forcing you to run a daemon that was previously
> disabled...
> Has anyone gotten a Solaris 9 box to send email out without running it in
> daemon mode?


Ok, here is a recipe for running sendmail shipped with a Solaris 9 box in a
secure fashion without running the daemon on the local system.

* do not run sendmail in daemon mode.  Create the file /etc/default/sendmail
with the single line
and then stop and restart sendmail.  A typical ps after doing that will be
   smmsp   688     1  0 13:07:00 ?        0:00 /usr/lib/sendmail -Ac -q15m
    root   689     1  0 13:07:00 ?        0:00 /usr/lib/sendmail -q15m
note that there is not a "-bd" in sight.

* edit the /usr/lib/mail/cf/ file.  change the last line from
FEATURE(`msp', `[]')dnl
FEATURE(`msp', `mailhost')dnl

* compile the new file
cd /usr/lib/mail/cf
m4 ../m4/cf.m4 >

* copy this new file into place
cp /usr/lib/mail/cf/ /etc/mail/

* make sure that mailhost will accept mail from the server (may have to
  edit local_host_names and then restart sendmail on mailhost.

* every time you apply a sendmail patch on this machine, rebuild the

* and by the way, Sun will tell you this cannot be done.  They will say that
  you must run in daemon mode on every machine.

sunmanagers mailing list
Received on Fri Jul 25 12:33:56 2003

