SUMMARY sharing /var/spool/mail between hosts from Rainer Landes on 1997-02-12 (tru64-unix-managers)

From: Rainer Landes <rlandes_at_fphws01.physik.uni-karlsruhe.de>
Date: Tue, 11 Feb 97 16:05:06 +0100

Thanks, gurus!

Olle Eriksson <olle_at_cb.uu.se>
Simon Tardell <tardell_at_particle.kth.se>
"Bernt Christandl" <beb_at_rosat.mpe-garching.mpg.de>
Lucio Chiappetti <lucio_at_ifctr.mi.cnr.it>
Bertrand Hutin <hb_at_o2tech.fr>
Stephen Carpenter <sac_at_uvo.dec.com>
Kai Grunau <kgrunau_at_ifm.uni-kiel.de>
-------

My question was:

...
#I think I just could NFS-mount the directory /var/spool/mail on
#every unix host in the NIS domain.

#Question: How do I lock mail processes on the different hosts from
#accidentially accessing mail files at the same time and so clobbering
#the files?
...

---------
most answers were similar to:

read "man mail_manual_setup"
You have to enable NFS-locking on all systems.
...lots of people (including myself) do share mail spool
through NFS without experiencing any trouble.

----
Kai Grunau <kgrunau_at_ifm.uni-kiel.de> summarizes:
We have a NIS "Cluster" with 30 Workstations and ONE
/var/spool/mail directory !!!!
This is one mail directory is availabe on 29 machines over NFS.
The exports file look like this : 
/var/spool/mail -root=0 hostnames
The fstab files look like this : 
host:/usr/var/spool/mail /usr/var/spool/mail nfs rw,bg 0 0
It is important to start the nfs daemon with nfs-locking.
(man lockf)
------
"Bernt Christandl" <beb_at_rosat.mpe-garching.mpg.de> 
pointed out that it is important not to export the mail spool to 
everyone in /etc/exports, but to list the permitted hosts explicitely
(security!)
He suggested also to use exmh as mailer.
------
some opinions differ:
Simon Tardell <tardell_at_particle.kth.se>
...
I believe you don't. NFS locking is supposedly not secure enough to guarantee
that. The developer of qmail, an alternate MTA, makes a big deal about this 
(they use an alternate mail drop scheme, which doesn't require NFS locking). 
See http://www.qmail.org/. I don't remember where one could read the specifics 
about NFS locking and mail spool, maybe the sendmail FAQ?
Having said that, lots of people (including myself) do share mail spool 
through NFS without experiencing any trouble.
...
Lucio Chiappetti <lucio_at_ifctr.mi.cnr.it>
...
  I've never done that. I've been told to be very cautios with NFS mount
  of "system" directories.
...
    Since those people can wander on any public machine,
    the arrangement is the following :
       incoming mail is stored in the spool area of the mail exchanger.
       
       the mail exchanger runs the "imapd" daemon
       users run Pine (or PC-Pine) as mail agent, this connects to the
       imapd daemon and they can read their mail from anywhere.
...
Pine is a very nice package, and very simple to install, see the Pine Info
Centre at http://www.washington.edu/pine/
Bertrand Hutin <hb_at_o2tech.fr>
...
configure your hosts Nfs clients to send all mail to the mail server.
If you use public domain sendmail.8.8.x select a nullclient configuration file.
...
Rainer Landes,  eMail: Computer-Administration_at_Physik.uni-karlsruhe.de
Tel(+49)721 608 3578       http://www-comp.physik.uni-karlsruhe.de/
Computer facilities of the Faculty of Physics, Univ. of Karlsruhe, GER

Received on Tue Feb 11 1997 - 19:04:07 NZDT

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:47 NZDT