PDA

View Full Version : Time for an update to sendmail ?



pumpkinbrook
01-06-2006, 12:57 PM
First of all, let me say that my short experience here at WestHost has been for the most part positive. However it has not been without it's frustrations. My comments here are also in the context of a VDS plan, not a shared hosting plan, so my concerns may be different than yours. I also do not know if all VDS have the same setup (kernel and application versions, etc.).

I am not sure if anyone else is using 'non-standard' sendmail setups (i.e. customized beyond WestHost defaults) but I have found the current setup to quite limiting. First of all, not being able to disable sendmail entirely and use the MTA of my choosing (in my case postfix) is annoying. Secondly, as has been requested several times in the past, not having a secondary port is also an issue.

But looking at this a little deeper, we find that sendmail is version 8.11.6, which was released in August of 2001. Now, that's just a bit dated don't you think? And unless this version has been patched, there are a couple of buffer overflow vulnerabilites in this version as well.

Why update? There are the obvious security reasons. And there are the functionality reasons. My biggest complaint is that we are without libmilter API support. This is also something that has been asked about before (going back to 2004 or perhaps earlier). Not having milter support is a big handicap when it comes to spam filtering. Without this we need to accept a lot of bogus mail and filter it out later. It's a waste of resources (and it counts against your bandwidth limit too).

I realize that changing sendmail has a lot of implications as it's used by so many people. And I do not understand the intricacies of it's operation in the VDS environment. But it sure seems as if it's time for an update.

Thoughts anyone? How about it Westhost? I'd be happy to be a guinea pig on a test server :)

HalVaughan
03-04-2006, 11:11 AM
I'm not as concerned about an update as I am concerned that I'd like to see more info or abilities to customize Sendmail or to use other MTAs. I don't know if it is still the case, but when I originally set up my account, I found that Sendmail, as set up here, does not relay messages to non-Westhost domains. For example, if I want to use my account/domain as my SMTP server, I've seen that I can't use it to send e-mail to a friend at aol.com, comcast.com, or other locations.

This may have changed, but I haven't had time to check it.

I also would like to see an easy remote way to setup an email account without using the site manager, so I could have a Perl script on my office system, or one on my acocunt that can be called from my office system, to easily add a new user and password to my domain. I understand this can be done in Sendmail, but every time I ask anyone about it, I'm told the config for Sendmail is so immense and confusing that if I don't know what I'm doing, to not touch it at all.

Hal

wildjokerdesign
03-04-2006, 11:25 AM
It seems redundent to install a perl script on your site that would add email accounts. That is what the Site Manager does and it can just as easily be accessed from your office computer. It is also likely to be more secure then any script you could create.

The only reason you should not be able to send mail to an account outside of WestHost is if perhaps the IP your site uses has been banned. This sometimes happens if you are useing a shared IP but a static IP only cost $1.00 extra a month. If you are wanting to forward email that arrives at an email account on your domain that you have set up that is also possible.

HalVaughan
03-04-2006, 11:38 AM
It seems redundent to install a perl script on your site that would add email accounts. That is what the Site Manager does and it can just as easily be accessed from your office computer. It is also likely to be more secure then any script you could create.


But I have to do it manually. I have a data mining system which is quite sophisticated. It delivers data to my clients through e-mail accounts on my Westhost account. I am working on the last stage, a setting editor, that will let me set up a new client in, literally, less than 2 minutes (now it takes hours, using SQL statements and double checking all the values). But once it is set up on my system, I still have to lot in to Westhost and set it up on my site. I can automate everything except creating the new email account and password for a client.

I'm seriously considering using HTTPS requests for sending data back and forth, but it takes time to setup, and as a small business owner responsible for almost all the software we use, I don't have time to even examine it as a possibility for months.

wildjokerdesign
03-04-2006, 04:58 PM
I would start by looking in /ect and /ect/mail directories. Most files are held there although most the information discussed so far on the forum concerns the virtusertable file which does not normally involve setting up passwords. You might want to take a look at sunzon's tutorial on Setting up Subdomains - Email/FTP (http://forums.westhost.com/showthread.php?t=7963) which would give you a start on the virtusertable file which I am pretty sure you would need to work with. Although refrences in it are related to downloading and modifying the file I see no reason why a the changes could not be handled by a script. Don't know if you have looked at Jala's (http://codeworks.gnomedia.com/westhost-introduction/) site but it gives a good overview of how things work on a WH accounts and where you could run into problems. Also Matt Domsch's (http://www.domsch.com/westhost/) site has some good info on getting things to work when you run into files owned by root.