Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: An alternative postfix/smtpd solution on port 25' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: An alternative postfix/smtpd solution on port 25
Authored by: n8gray on Sep 14, '05 01:05:30PM

Nice hint, but why do you use sudo to launch sendmail instead of the UserName property?

Also, don't you want RunAtLoad to be set?



[ Reply to This | # ]
10.4: An alternative postfix/smtpd solution on port 25
Authored by: mbogosian on Sep 14, '05 02:52:17PM

Nice hint, but why do you use sudo to launch sendmail instead of the UserName property?

Kudos! You caught this before I could post to correct it. The only reason the UserName key was not used in the original hint was because I was ignorant of the launchd.plist format and did not learn of it until after I had already submitted. To use UserName instead of sudo, change these lines in the /System/Library/LaunchDaemons/smtp.plist file...

    <key>ProgramArguments</key>
    <array>
        <string>/usr/bin/sudo</string>
        <string>-u</string>
        <string>nobody</string>
        <string>/usr/sbin/sendmail</string>
        <string>-bs</string>
    </array>

...to read...


    <key>UserName</key>
    <string>nobody</string>
    <key>GroupName</key>
    <string>nobody</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/sbin/sendmail</string>
        <string>-bs</string>
    </array>

Also, don't you want RunAtLoad to be set?

Actually, I don't believe we want that. If I understand the behavior of the RunAtLoad key correctly, setting it in this case would tell launchd to run a sendmail process on port 25 at boot time without a user being connected.

sendmail -bs exits at the end of each session/connection. After a user connected the first time (and completed a session), that sendmail process would exit and no further sendmail process would run until the next user tried to connect on port 25. All subsequent requests on port 25 would behave as if RunAtLoad was not set.

launchd seems to be Apple's solution for running processes on certain triggers (e.g., opening ports, creation of files, etc.). It is like inetd with some additional features. It is my understanding that typically one does not want to use RunAtLoad when one is trying to use launchd as an inetd replacement/alternative (i.e., for port-listening), which is what we're doing in this implementation.* See Apple's own ssh and telnet configurations as additional examples.

If your intention was to run an MTA daemon that listened to port 25 all the time (instead of having launchd do it on-demand), then this hint would be inappropriate. You would be better served by not using launchd at all, but instead configuring postfix (or another MTA) to stay alive and handle connections on port 25 directly.

This hint was intended to handle requests on port 25 only on an as-needed basis, while not requiring postfix's master to run all the time (much like 10.4's default behavior). For a desktop/notebook solution, I believe this is the correct behavior.


* As an aside, 10.4 also comes with xinetd (an inetd-like daemon) which we could have used instead of launchd to implement this hint. However (to my knowledge) it is not running by default. I can only assume it is present for backward compatibility or for system administrators who prefer it over launchd, though launchd seems like it is where everything is moving to the future. In fact, there is a specific directory /etc/xinetd.d-migrated2launchd (which is empty on my machine).

It would certainly be nice if Apple chose to release launchd under an OSI-approved license, since it seems like a nice abstraction to inetd, certain types of cron jobs, etc., from which other operating systems (e.g., Linux, *BSD, etc.) could benefit.



[ Reply to This | # ]