SMM:08-32
Sendmail Installation and Operation Guide
load on your machine, but means that delivery may be delayed for up to the queue interval. Mode
"d" is identical to mode "q" except that it also prevents lookups in maps including the -D flag from
working during the initial queue phase; it is intended for ``dial on demand'' sites where DNS
lookups might cost real money. Some simple error messages (e.g., host unknown during the SMTP
protocol) will be delayed using this mode. Mode "b" is the usual default.
If you run in mode "q" (queue only), "d" (defer), or "b" (deliver in background) sendmail will
not expand aliases and follow .forward files upon initial receipt of the mail. This speeds up the
response to RCPT commands. Mode "i" should not be used by the SMTP server.
4.8. Log Level
The level of logging can be set for sendmail. The default using a standard configuration table
is level 9. The levels are as follows:
0
Minimal logging.
1
Serious system failures and potential security problems.
2
Lost communications (network problems) and protocol failures.
3
Other serious failures, malformed addresses, transient forward/include errors, connection
timeouts.
4
Minor failures, out of date alias databases, connection rejections via check_ rulesets.
5
Message collection statistics.
6
Creation of error messages, VRFY and EXPN commands.
7
Delivery failures (host or user unknown, etc.).
8
Successful deliveries and alias database rebuilds.
9
Messages being deferred (due to a host being down, etc.).
10
Database expansion (alias, forward, and userdb lookups) and authentication information.
11
NIS errors and end of job processing.
12
Logs all SMTP connections.
13
Log bad user shells, files with improper permissions, and other questionable situations.
14 Logs refused
connections.
15
Log all incoming and outgoing SMTP commands.
20
Logs attempts to run locked queue files. These are not errors, but can be useful to note if
your queue appears to be clogged.
30
Lost locks (only if using lockf instead of flock).
Additionally, values above 64 are reserved for extremely verbose debugging output. No normal site
would ever set these.
4.9. File Modes
The modes used for files depend on what functionality you want and the level of security you
require. In many cases sendmail does careful checking of the modes of files and directories to avoid
accidental compromise; if you want to make it possible to have group-writable support files you
may need to use the DontBlameSendmail option to turn off some of these checks.
4.9.1. To suid or not to suid?
Sendmail is no longer installed set-user-ID to root. sendmail/SECURITY explains how to
configure and install sendmail without set-user-ID to root but set-group-ID which is the default
configuration starting with 8.12.