Trusted users are necessary for certain kinds of mail to flow properly. For example,
the rmail(8) program of the UUCP suite of programs runs set-user-id to uucp. If rmail
were not to use the -f command-line switch, all mail from UUCP would wrongly
appear to come from the uucp user. To circumvent this problem, rmail runs sendmail
as:
/usr/lib/sendmail -f reallyfrom
This tells sendmail to show, in both the header and envelope, the message as being
from reallyfrom, rather than from uucp.
The concept of a trusted user is intended to prevent ordinary users from changing
the sender address and thereby forging mail. Although that intention is laudable and
good for UUCP, it can cause problems with mailing lists. Consider the following:
list: "|/usr/lib/sendmail -oi -flist-request -odi list-real"
list-real: :include:/export/share/mail-lists/list.list
The intention here is for all mail sent to the mailing list named list to be dispatched
as though it were sent from the address list-request (the -f). This causes errors to
be returned to the maintainer of the list (the list-request), but replies still go to the
real sender.
Unfortunately, this scheme fails when mail is posted to list from the local machine.
Recall that only trusted users can change the identity of the sender with -f. This is
why V8.1 sendmail eliminated the concept of the trusted user (anyone could use the
-f switch).
Pages:
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337