[BlueOnyx:06184] Re: Sendmail's confPRIVACY_FLAGS settings

Michael Stauber mstauber at blueonyx.it
Thu Dec 23 17:21:37 -05 2010 

Hi Darrell,

> In looking at the default BX sendmail.mc file, this is what I see:
> 
> define(`confPRIVACY_FLAGS', `noexpn noexpn authwarnings')
> 
> When I look at the default BQ sendmail.mc file, this is what I see:
> 
> define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl

"dnl" is a comment marker. Means anything that follows a "dnl" will be 
ignored. If a line begins with "dnl", the entire line is ignored. 

> What would be the consequences of using the BQ settings?

It'll still work to some degree or other, but not better.

> What would be the consequences of adding "nobodyreturn" as well?  What about
> "noverb" and "noetrn" as well?

Please see http://www.sendmail.org/m4/readme.html for more info about all the 
various m4 config options of Sendmail. It can be tweaked to hell and back and 
the process of doing that is often as obscure as vodoo shamanism.

"nobodyreturn" will disable all delivery reciepes and over quota messages or 
account disabled notices. Hence you often get told to use that setting to 
avoid being used for backscatter purposes. Which I think is a stupid idea. If 
a business email cannot be delivered, the sender (may he be legitimate or not) 
ought to be informed. If you use the box just for hobby purposes, then it may 
not matter. Of course that gets exploited to some degree. Like anything else.

> Why does the BX settings have "noexpn" listed twice?

Probably by accident. And it doesn't hurt. "noexpn" disables the EXPN and VERB 
commands.

> Why does the BX settings not have a trailing "dnl"?  Or does that not
> really matter?

Because the BX Sendmail config is tweaked a little further than the one on BQ. 
And having dnl at the end of a line there doesn't serve a purpose. Our 
sendmail.mc ain't perfect and there are a few things that I'd do different now 
than I did them two years ago. But as we're moving to Postfix with the next 
version of BX I see not much reason to go back and fiddle with our current 
Sendmail config, as it pretty much does the job just fine.

-- 
With best regards

Michael Stauber

More information about the Blueonyx mailing list