Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!husc6!rice!sun-spots-request From: lrj@helios.tn.cornell.edu Newsgroups: comp.sys.sun Subject: Re: Can someone please help me with setting up mail? Message-ID: <8812201635.AA00418@artemis.TN.CORNELL.EDU> Date: 30 Dec 88 09:18:26 GMT Sender: usenet@rice.edu Organization: NSSDC GSFC Greenbelt, Md Lines: 55 Approved: Sun-Spots@rice.edu Original-Date: Tue, 20 Dec 88 11:35:16 -0500 X-Sun-Spots-Digest: Volume 7, Issue 80, message 6 of 12 X-Issue-Reference: v7n67 Okay, i dealt with this problem a couple years ago, and haven't really touched sendmail.cf since, but here goes... One of the things about an NFS network is that you cannot (without twiddling a bit and creating a gaping security hole) act as root on an NFS partition. The userid gets translated to "nobody" on the remote machine. Mail is usually delivered by root, thus the problems you described. The interesting thing, however, is that normal users have full access. Due to this, users (with the exception of root) can read/delete mail on an NFS partition without problems*. However, mail can be delivered quite safely by the mail agent IF the partition is a local one. The only way to guarantee no problems with the mail agent delivering the mail is to guarantee that all machines but the server forward the mail TO the server. You mentioned the use of aliases to try to get all the mail sent to the server. In THEORY this ought to work, but i found that in practice is was rather difficult, and the headaches don't go away (eg having to change /usr/lib/aliases on 10 machines everytime you add a new user). A much simpler thing is to change a part of /usr/lib/sendmail.cf to do the work for you. At various points (three by my last count) sendmail will call $#local to deliver the mail and be done with it. What i did is to change this to be $#tcp$@$A, causing sendmail to NOT deliver it locally, but to forward to the server (by defining $A to be the server address). Simply go through your sendmail.cf (after making a backup copy!) and change instances of $#local to be $#tcp$@$A. ONLY DO THIS ON THE CLIENTS!!! DO NOT CHANGE THE SERVER'S SENDMAIL.CF!! Additionally, place these lines near the top of the file: # local mail sever -- lrj DAservers.full.domain.name This ought to work for you. You may also want to define the hostname in your clients' sendmail.cf to be the name of the server, so it looks like ALL mail originating from your network is coming from the server. By doing this, mail coming back to your systems will tend to be addressed to the server, and you cut down on the instances of mail coming to a client only to go to the server. One more thing; you mentioned that /usr is shared? Make sure that /usr/spool/mqueue (and of course everything but mail) is NOT shared or you can run into some very odd problems. The best way to do this is to move /usr/spool/mail to /usr/spool2/mail, and have a symbolic link on each machine in /usr/spool. The reason is that usually /usr/spool is really /private/usr/spool... Of course, what has worked for my machines may or may not work for all cases, and i'm offering the above as an example of what i've done to solve the problem. if you do it and get nailed, it's not my responsibility. -- Lewis R. Jansen, LASSP Systems Grunt lrj@helios.tn.cornell.edu