Name

DontBlameSendmail

Synopsis

Although sendmail is very security-conscious, there are times when a site might wish a more relaxed security posture. We don’t recommend any relaxation of security, and in fact recommend beefing up your security whenever possible. But for sites that prefer to reduce sendmail’s security checks, V8.9 and later offer the DontBlameSendmail option. It is declared like this:

O DontBlameSendmail=for,for,...                   configuration file (V8.9 and later) 
-ODontBlameSendmail=for,for,...                   command line (V8.9 and later) 
define(`confDONT_BLAME_SENDMAIL',``for,for,...'') mc configuration (V8.9 and later)

Here, for is one of the comma-separated items[23] listed in the lefthand column of Table 24-18 that are not case-sensitive. If the entire DontBlameSendmail is absent, or if nothing is listed after the equal sign, overall safety is unchanged. If an item is specified that is not listed in the table, sendmail prints the following error and ignores that option:

readcf: DontBlameSendmail option: bad item here unrecognized

The DontBlameSendmail option is not safe. If specified from the command line, it can cause sendmail to relinquish its special privileges.

Table 24-18. DontBlameSendmail change items

Item

§

Meaning

AssumeSafeChown

See this section

Assume chown(2) is safe.

ClassFileInUnsafeDirPath

See this section

Allow F class macro files in unsafe directory paths.

DontWarnForwardFileInUnsafeDirPath

See this section

Omit warnings about forward files in unsafe directories. ...

Get Sendmail, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.