Recommended Permissions

Table 4-1 shows the recommended ownerships and permissions for all the files and directories in the sendmail system. The path components will vary depending on the vendor version of sendmail you are running. For example, where we show the /usr/sbin/sendmail directory, your site might use /usr/lib/sendmail, or even /usr/lib/mail/sendmail.

In Table 4-1, we show the owner as root, or as a T (which means the owner can be the user listed with the TrustedUser option; TrustedUser on page 1112), or as an R (which means the owner must be the one specified by the RunAsUser option; RunAsUser on page 1083) if that option was specified. Under the “Owner” column, we show a colon and the group when the group is important.

Table 4-1. Recommended permissions for V8.12 and above

Path

Type

Owner

Mode

 

/

Directory

root

0755

drwxr-xr-x

/usr

Directory

root

0755

drwxr-xr-x

/usr/sbin[a]

Directory

root

0755

drwxr-xr-x

/usr/sbin/sendmail

File

root:smmsp

02555

-r-xr-sr-x[b]

/etc

Directory

root

0755

drwxr-xr-x

/etc/mail

Directory

root,T

0755

drwxr-xr-x

/etc/mail/sendmail.cf

File

root,T

0644 or 0640

 

/etc/mail/statistics

File

root,T,R

0600

-rw-------

/etc/mail/helpfile

File

root,T

0444

-r--r--r--

/etc/mail/aliases

File

root,T

0644

-rw-r--r--

/etc/mail/aliases.pag

File

root,T,R

0640

-rw-r-----

/etc/mail/aliases.dir

File

root,T,R

0640

-rw-r-----

/etc/mail/aliases.db

File

root,T,R

0640

-rw-r-----

F/path

Directory

root,T ...

Get sendmail, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.