Sendmail assumes user IDs are used when running, and these user IDs must be defined to execute sendmail correctly. The commands to define the sendmail user IDs are defined in SEZAINST(EZARACF). The commands are:
ADDGROUP SMMSPGRP OMVS(GID(25))
ADDGROUP SNDMGRP OMVS(GID(26))
ADDUSER MAILNULL DFLTGRP(SNDMGRP) NOPASSWORD OMVS(UID(26) HOME('/'))
ADDUSER SENDMAIL DFLTGRP(SNDMGRP) NOPASSWORD OMVS(UID(0) HOME('/'))
ADDUSER SMMSP DFLTGRP(SMMSPGRP) NOPASSWORD OMVS(UID(25) HOME('/'))
RDEFINE STARTED SENDMAIL.* STDATA(USER(SENDMAIL))
SETROPTS RACLIST(STARTED) REFRESHThe queue directories must have the appropriate read and write permission for UID 25 and 26 respectively.
In addition, there are security concerns for programs that change user ID without prompting for a password. Program control is the Security Server facility used to manage programs that change user IDs without prompting for a password. By having an installation use program control, applications not permitted to the facility are not allowed to change user IDs without prompting for a password. The commands are:
PERMIT BPX.DAEMON CLASS(FACILITY) ID(SENDMAIL) ACCESS(READ)
SETROPTS RACLIST(FACILITY) REFRESHFor more information on Security Server commands used to allow sendmail access to the program control facility, see SEZAINST(EZARACF). For complete information on the program control facility, see z/OS Security Server RACF Security Administrator's Guide.
When /usr/sbin/sendmail begins execution as a started task, or as a Mail Transmission Agent (MTA) daemon from the UNIX shell, it starts with the UID defined for the started task or the shell. It immediately does a setuid() to the confRUN_AS_USER (sendmail uid 0) to listen on port 25 and do other setup tasks. Then, when it begins processing mail, it does a setuid() to the confDEF_USER_ID (mailnull uid 26).
In addition, when using /bin/sendmail to create mail as a Mail User Agent (MUA), the Mail Submission Agent (MSA) configuration file /etc/mail/submit.cf is used. This file must exist in a program control environment. If it does not exist, EZZ9895I is issued when sendmail does a setuid() to the confRUN_AS_USER (smmsp uid 25) to do all the mail processing. With program control, an installation must have a /etc/mail/submit.cf, which can be a copy of /usr/lpp/tcpip/samples/sendmail/cf/submit.cf. /bin/sendmail must be owned by the UID confRUN_AS_USER (smmsp uid 25), and must have the Set UID and Set GID bits set. Assuming that the default UID of 25 is used, the following commands can be used to run /bin/sendmail in a program control environment:
chown 25:25 /bin/sendmail
chmod 6755 /bin/sendmail ls -l /usr/lpp/tcpip/bin/sendmail-rwsr-sr-x 1 SMMSP SMMSPGRP ... /usr/lpp/tcpip/bin/sendmailIt is important to have sendmail.cf and submit.cf files to isolate tasks done by the sendmail daemon MTA and the sendmail user MUA. Also, the queue directories must have the appropriate permission bits. The default directories used by the MTA and the MSA are /var/spool/mqueue and /var/spool/clientmqueue. If these directories are not correct for your system, use the QUEUE_DIR and MSP_QUEUE_DIR flags. Ensure that the permissions for the queue directories are set up for the user IDs defined.