How Not To Expose Root in Sendmail
May 23rd, 2009 by Charles Gardner
Quick note:
When you do domain masquerading with sendmail, root is exempted from that by default. No big deal unless the host name of your system is not actually registered in DNS. I have a couple VMs that don’t need outside access or DNS registrations, but I’d like to receive their cron output cleanly.
This is a rather easy fix. In most sendmail .mc files you will find the DOMAIN(generic) statement. This refers to loading the generic.m4 file which includes a default statement to expose root without masquerading — EXPOSED_USER(`root’). Copy the generic.m4 to mycustom.m4 and remove the EXPOSED_USER line. Go to your .mc file and change the DOMAIN(generic) to DOMAIN(mycustom) and rebuild your sendmail.cf file.