[3895] in testers
Re: [MAILER-DAEMON@dcl.MIT.EDU: Postmaster notify: Cannot send message within 3 days]
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Wed Jan 20 01:10:39 1999
Date: Wed, 20 Jan 1999 01:10:30 -0500 (EST)
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: "Ron M. Hoffmann" <hoffmann@MIT.EDU>
Cc: testers@MIT.EDU, postmaster@MIT.EDU
In-Reply-To: Ron M. Hoffmann's message of Wed, 20 Jan 1999 00:10:07 -0500,
<199901200510.AAA18365@paddington.mit.edu>
Date: Wed, 20 Jan 1999 00:10:07 -0500
From: "Ron M. Hoffmann" <hoffmann@MIT.EDU>
Postmaster started getting bunches of bounces like this
from mickey-mouse, whirlwind, and now dcl, all beginning
early today (Monday).
I'm sending this here as it may be related to the test
patch release which went out last Wednesday.
Abby did some poking around on whirlwind; not sure what
the results of that were.
After Ron and Jonathon mentioned this to me, I started digging around,
and I think I found the problem.
In 8.2.16, the new sendmail ignores the local mailer specified in
sendmail.cf, and forces the use of /usr/lib/mail.local as the local
mailer (instead of /bin/mail), which is what we normally use. My guess
is that this was a security fix on Sun's part. There's probably some
bug which an attacker can exploit if /bin/mail is used as the delivery
agent, and which they probably couldn't close because it would eliminate
some feature used by folks who is /bin/mail is a MUA. So they hacked
sendmail to use /usr/lib/mail.local for local delivery regardless of
what sendmail.cf says.
Because of this any mail sent to root@localhost host caused an error:
--Q-ID-- --Size-- -----Q-Time----- ------------Sender/Recipient------------
AAA17201 5 Wed Jan 20 00:48 tytso
(Operating system error)
/dev/null@localhost
... and each attempt to run sendmail -q caused more errors:
# sendmail -q
Cannot exec /usr/lib/mail.local: No such file or directory
/dev/null@localhost... Operating system error
Cannot exec /usr/lib/mail.local: No such file or directory
/dev/null@localhost... Operating system error
Cannot exec /usr/lib/mail.local: No such file or directory
/dev/null@localhost... Operating system error
Since sendmail -q is run out of cron, the output would cause cron to try
to send mail to root, thus increasing the number of error messages
floating about in the local mail spool. (I had 118 messages in my mail
spool). Six days later (two double bounces), the error bounces started
making their way to root@mit's mailbox, which is when Ron found them, in
a fairly copious stream of bounces.
There is a /os/usr/lib/mail.local, but for some reason the 8.2.16
release didn't create symlink from /usr/lib/mail.local to the os
pack, or simply install mail.local in /usr/lib.
Note that mail.local is small -- only 28k. So I would recommend just
installing it in /usr/lib, and not just putting a symlink there.
Otherwise these error bounces will start accumulating if someone tries
sending mail to root@localhost while the packs are detached.
- Ted
