Question regarding FLOCK or POSIX with Sendmail 8.13.x and MailScanner.

Duncan, Brian M. brian.duncan at kattenlaw.com
Thu Nov 2 17:39:19 GMT 2006 


>
> I can't tell you why your version is different, maybe a
> custom compiled version to get around the Flock exploit that
> was posted about the time 8.12.11 came out. The consensus so
> far has been ; Linux and sendmail 8.12 = flock Linux and
> sendmail 8.13 = posix Also note that there have been some
> problems with dovecot if it is set to a different locking.
>
> I am still curious as to how you have been so lucky with no problems!
> Are you running on a filesystem other than ext2/ext3?
> Maybe Core 4 has a kernel that doesn't have the locking
> problem that the enterprise distros lack because of the
> conservative patching that is done.
>
>

I use Ext3 on all of my mail boxes.  Maybe it is due to the kernel
somehow, or the sendmail RPM's that I used.  I am using the Fedora
compiled kernels.  I switched over to posix earlier on my servers and
have not noticed any differences Yet.  I have been keeping a close eye
on the /var/spool/mqueue folders.

I was more worried about having trouble switching to posix, since this
one box has passed probably close to 200 million messages without issues
with flock on.  I was feeling like if it's not broke don't fix it type
situation.  Yet I see allot of people running into this problem.

I have been trying to find a way to 100% determine what lock method
sendmail uses.  From scanning the mailing lists and searching allot of
people tell others to check with sendmail -d0.1 -d0.4 -bt </dev/null.

If it lists flock in the compiled options then it's using flock.  I have
NOT been able to confirm this.

Here is one host of ours that just rejects messages. (It is a Sendmail
8.12.x box, so it SHOULD be using flock from what I understand)

It was compiled from RPM on 03/08/06, I checked the SPEC file and see
nothing specifying lock type.  The only reason I updated this one was
due to an exploit at the time if I recall correctly.

Version 8.12.11.20060308
 Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
                MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET
NETINET6
                NETUNIX NEWDB NIS PIPELINING SASL SCANF TCPWRAPPERS
USERDB
                USE_LDAP_INIT
 
This is my 8.13 boxes: (same on all of them)

Version 8.13.8
 Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
                MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET
NETINET6
                NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP
STARTTLS
                TCPWRAPPERS USERDB USE_LDAP_INIT

===========================================================
CIRCULAR 230 DISCLOSURE: Pursuant to Regulations Governing Practice Before the Internal Revenue Service, any tax advice contained herein is not intended or written to be used and cannot be used by a taxpayer for the purpose of avoiding tax penalties that may be imposed on the taxpayer.
===========================================================
CONFIDENTIALITY NOTICE:
This electronic mail message and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information that is proprietary, privileged, confidential and/or exempt from disclosure under applicable law.  If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information may be subject to legal restriction or sanction.  Please notify the sender, by electronic mail or telephone, of any unintended recipients and delete the original message without making any copies.
===========================================================
NOTIFICATION:  Katten Muchin Rosenman LLP is an Illinois limited liability partnership that has elected to be governed by the Illinois Uniform Partnership Act (1997).
===========================================================

More information about the MailScanner mailing list