We have encountered show-stopper bugs in the freebsd.org cluster when trying to use dma as a drop-in sendmail replacement. When cron generates email and feeds it to /usr/sbin/sendmail, sendmail qualifies the addresses according to the configured hostname/domainname/masquerade. Instead, DMA leaks this onto the internet: Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 99157E1E for <clusteradm@freebsd.org>; Mon, 7 Jan 2013 15:40:10 +0000 (UTC) (envelope-from root@freebsd.org) Received: from halo.freebsd.org (halo.freebsd.org [IPv6:2001:1900:2254:2064::16:7]) by mx1.freebsd.org (Postfix) with ESMTP id 758A719D for <clusteradm@freebsd.org>; Mon, 7 Jan 2013 15:40:10 +0000 (UTC) Received: from root (uid 0) (envelope-from root@freebsd.org) id 4b by halo.freebsd.org (DragonFly Mail Agent v0.7); Mon, 07 Jan 2013 15:40:10 +0000 From: root (Cron Daemon) ^^^^^^^^^^^^^^^^^ To: clusteradm@freebsd.org Subject: Cron <root@halo> /usr/bin/lockf -s -t 0 /var/run/clusteradm.lock /etc/clusteradm/update.sh X-Cron-Env: <MAILTO=clusteradm@freebsd.org> X-Cron-Env: <SHELL=/bin/sh> X-Cron-Env: <HOME=/root> X-Cron-Env: <PATH=/usr/bin:/bin> X-Cron-Env: <LOGNAME=root> X-Cron-Env: <USER=root> Date: Mon, 07 Jan 2013 15:40:10 +0000 Message-Id: <50eaec5a.4b.55f5d33f@halo.freebsd.org> As per RFC 2822: RFC2822: from = "From:" mailbox-list CRLF mailbox-list = (mailbox *("," mailbox)) / obs-mbox-list mailbox = name-addr / addr-spec addr-spec = local-part "@" domain ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Or there's the angle focus route via name-addr: name-addr = [display-name] angle-addr angle-addr = [CFWS] "<" addr-spec ">" [CFWS] / obs-angle-addr Either way, "From: root" shouldn't be leaking onto the internet without canonification. "From:" grammar always terminates in 'local-part "@" domain'. It's more than just cron that depends on this qualification behavior but that's the one we hit first on the freebsd.org cluster that aborted the experiment. There was another base system tool (my memory says "mail(1)" but I don't think that is correct) and a bunch of user scripts that execed sendmail directly. The interface to /usr/sbin/sendmail is traditionally special. /usr/sbin/sendmail was a generic message router, anything from UUCP to RFC822 internet. Canonification rules varied by context. eg: UUCP had "host!user" as canonical, vs RFC822's "user@domain". /usr/sbin/sendmail is the source of truth for how a local name should be qualified/canonified before leaving the machine and dma isn't doing it. Without this, dma isn't a sufficient drop-in replacement for /usr/sbin/sendmail.
This upstream bug may be relevant https://github.com/corecode/dma/issues/21
as bapt@ reports, presumably fixed by https://github.com/corecode/dma/commit/0ecb0ebe635681a9cf97591af89f8a8ffb367fee
bapt this is done now?
This is indeed fixed e.g. cron mail has From: Charlie Root <root@localhost.localdomain>