This discussion is archived
7 Replies Latest reply: Jan 4, 2011 8:39 AM by 828137 RSS

Patch 142437 (Sendmail 8.14.4) broken?

807567 Newbie
Currently Being Moderated
After installation of Patch 142437-05 (and newer) and therefore upgrading to sendmail 8.14.4, I cant get sendmail to bind on all interfaces. Removing the patch and downgrading to 8.13.8 resolves the issue.

Normally, you specify where to bind to with the following line in sendmail.cf:

{noformat}DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA{noformat}

Omitting the "Addr=127.0.0.1", sendmail should bind on all interfaces (as written in the docs). However, without Addr= sendmail binds to 127.0.0.1, as long as I dont specifiy another valid IP address of the server, in which case it binds there.

Sendmail 8.13.8 behaves this normally (binding to *:25), 8.14.4 not.


Did I miss something, or is the current version of sendmail broken?
  • 1. Re: Patch 142437 (Sendmail 8.14.4) broken?
    Robert Cohen Newbie
    Currently Being Moderated
    You might be being bitten by the "secure by default" in solaris now.
    svccfg -s svc:/network/smtp:sendmail listprop config/local_only

    will show the setting. I believe it overrides sendmail.cf by causing sendmail to read local.cf instead.

    http://forums.sun.com/thread.jspa?threadID=5230600 is one of many threads discussing it.
  • 2. Re: Patch 142437 (Sendmail 8.14.4) broken?
    807567 Newbie
    Currently Being Moderated
    Thank you for your input. However, that's not the problem:


    bash-3.00# svccfg -s network/smtp:sendmail listprop config/local_only
    config/local_only boolean false



    Furthermore, sendmail has to use /etc/mail/sendmail.cf as the config file. Even if I edit it by hand and remove the Addr=, it still binds on localhost and not all interfaces.

    I willl parse through the link you gave me. Maybe I get more enlightment there.
  • 3. Re: Patch 142437 (Sendmail 8.14.4) broken?
    821704 Newbie
    Currently Being Moderated
    If you do a ps -ef and grep send that will tell you what mode sendmail is in. If you are in local mode it will show up as sendmail -bl if you are in daemon mode it will show up as sendmail -bd.
    Local mode listens on the loopback interface only.

    When we upgraded to 8.14.4 I had to redo my sendmail.mc and/or submit.mc files (I'm not brave enough to directly modify my sendmail.cf)

    At least 3 times over the past year patches have caused me to rebuild sendmail so I keep a copy of the .mc files.

    Edited by: user3540465 on Dec 6, 2010 11:29 PM
  • 4. Re: Patch 142437 (Sendmail 8.14.4) broken?
    828137 Newbie
    Currently Being Moderated
    Did you get it working?
    I am having similar problem after patching Solaris on Sparc.

    Edit: Changed setting, still only responds on 127.0.0.1

    # svccfg -s sendmail listprop config/local_only
    config/local_only boolean false

    svcadm refresh svc:/network/smtp:sendmail (stop start same thing)

    # ps -ef | grep sendmail
    smmsp 29147 1 0 13:58:30 ? 0:00 /usr/lib/sendmail -Ac -q15m
    root 29196 1 0 14:11:02 ? 0:00 /usr/lib/sendmail -bl -q15m
    root 29227 6396 0 14:21:53 pts/2 0:00 grep sendmail

    Edited by: 825134 on Jan 3, 2011 11:21 AM
  • 5. Re: Patch 142437 (Sendmail 8.14.4) broken?
    828137 Newbie
    Currently Being Moderated
    Found a solution. Not pretty and will require a script to change it everywhere, all servers and all NG zones but "MODE=-bd" in /etc/default/sendmail did the trick.
  • 6. Re: Patch 142437 (Sendmail 8.14.4) broken?
    809850 Newbie
    Currently Being Moderated
    are you saying to re-create /etc/default/sendmail and place MODE=bd inside ? I no longer have the /etc/default/sendmail file. What I ended up doing was hacking the /lib/svc/method/smtp-sendmail.

    from:

    local=`/usr/bin/svcprop -p config/local_only $SMF_FMRI 2>/dev/null`
    if [ $? -eq 0 -a "$local" = "true" ]; then
    MODE="-bl"
    fi
    to:

    local=`/usr/bin/svcprop -p config/local_only $SMF_FMRI 2>/dev/null`
    if [ $? -eq 0 -a "$local" = "true" ]; then
    MODE="-bd"
    fi

    svcadm enable sendmail

    ps -ef |grep sendmail

    root 3300 1 0 16:20:38 ? 0:00 /usr/lib/sendmail -bd -q15m
    root 3301 3300 0 16:20:38 ? 0:00 /usr/lib/sendmail -bd -q15m

    This works even if the svcprop of config/local_only is set to false, very bizzare.
  • 7. Re: Patch 142437 (Sendmail 8.14.4) broken?
    828137 Newbie
    Currently Being Moderated
    Yes, I put MODE=-bd in a new file /etc/default/sendmail and it fixed "one" of my 60 servers. :( So, I spoke too soon.
    So thanks a ton! I'll try your method.

    I don't think I will ever patch again. The recommended patches changed the version of Java (1.5.0_21 to 1.5.0_26) which broke Sun's OWN web servers! Both 6 and 7! Nice! Still trying to fix several other apps that broke also. Will be great that your fix works. Now I can move on to the other issues.

    Thanks again.