|
|
| Previous | Table of Contents | Next |
If you set the value of maxbytes too small, users may not be able to receive some messages because of the message’s size. This type of problem reveals itself in the log files. Lines that resemble the following indicate the incoming mail message is too large to process:
Oct 29 12:09:52 pc smap[868]: connect host=unknown/198.53.64.9 Oct 29 12:09:59 pc smap[868]: exiting too much data
No other warnings of this problem occur. This is the only way the firewall operator can check to see if large messages are the reason why mail isn’t being sent.
At this point, you have installed and configured the smap application. It is not very difficult to complete its setup.
Unlike smap, which is started from inetd on a connection-by-connection basis, smapd is started from the /etc/rc.local script and runs the entire time the system is running. The daemon startup is added to the file /etc/rc.local and then the system is rebooted. The following shows the addition of the command to the rc.local file:
echo “Starting Firewall Mail Processor …” /usr/local/etc/smapd
Because sendmail is not running in daemon mode, messages that cannot be delivered and are queued must be delivered by periodically invoking sendmail to process the queue. To do this, add a line similar to the following to the crontab file:
0,30 * * * * /usr/sbin/sendmail -q > /dev/null 2>&1
This ensures that any messages that cannot be successfully delivered by the smapd application will be properly handled.
The configuration of the smapd application is no more difficult than configuring smap. They generally run without a problem. Like smap, smapd reads its configuration from the netperm-table file; it accepts no command-line arguments. The smap application reads the mail queue on a periodic basis and delivers mail to the remote system. Rules that are available to build the smapd configuration file are listed in table 6.10.
| Rule | Description |
|---|---|
| executable pathname | Specifies the pathname of the smapd executable. For historical reasons, smapd forks and execs copies of itself to handle delivering each individual message. THIS ENTRY IS MANDATORY. |
| sendmail pathname | Specifies an alternate pathname for the sendmail executable. smapd assumes the use of sendmail but does not require it. An alternate mail delivery system can replace sendmail, but it should be able to accept arguments in the form of: executable -f fromname recip1 [recip2 … recipN]. The exit code from the mailer is used to determine the status of delivery; for this reason, replacements for sendmail should use similar exit codes. |
| baddir pathname | Specifies a directory where smapd should move any spooled mail that cannot be delivered normally. This directory must be on the same device as the spool directory because the rename(2) system call is employed. The pathname specified should not contain a trailing “/.” |
| userid name | Specifies the userid that smapd should run under. The name can be either a name from the password database, or a numeric userid. This userid should be the same as that under which smap runs, and should have write permission to the spool directory. |
| directory pathname | Specifies the spool directory in which smapd should search for files. smapd should have write permission to this directory. |
| wakeup value | Specifies the number of seconds smapd should sleep between scans of the spool directory. The default is 60 seconds. |
Some options are common for smap and smapd. Nevertheless, you can build a separate configuration for smapd, such as the one shown here:
smapd: executable /usr/local/etc/smapd smapd: sendmail /usr/sbin/sendmail smapd: userid 6 smapd: directory /var/spool/smap smapd: baddir /var/spool/smap/bad smapd: wakeup 900
This configuration defines the operating parameters for smapd. The executable rule identifies the location of the smapd program. This rule is mandatory. The sendmail option specifies where the sendmail program is found. Alternate programs such as zmailer or smail can be used in place of sendmail, as long as they conform to the exit codes used within sendmail.
The userid and directory rules specify the user under which the smapd binary executes, and the home directory used for that configuration. The baddir value is related to directory. The value assigned to directory provides the name of the directory where the in transit mail messages are stored; a bad directory will be created there to save any undelivered or questionable messages.
The last value for smapd specifies how long the delay is between the processing of the queue. The default is 60 seconds; this example uses a 15 minute window.
| Previous | Table of Contents | Next |