# Sendmail/clientmqueue permissions



## un_x (Feb 22, 2015)

PS: this forum is COMPLETELY UNUSABLE by those with dial-up connections.  It takes 10 seconds for every character that is typed!

SOLVED. Sorry, the problem was that sendmail needs to be world-executable, whereas, I typically prefer to keep all world permissions off on my systems unless absolutely necessary, and sendmail broke this preference in a very complete way. It demands world permissions seemingly everywhere, /lib, /etc, /etc/mail, /usr/, /var, etc. Perhaps this is a stupid preference, but it helped limit various abuses in the past.

Having upgraded from 4.11 to 9.2, and after experimenting with the "new" SGID sendmail delivery configuration for several days, I am finding these 2 "problems", and wonder if anyone can confirm that "this is just the way it is with SGID sendmail".

1. /var/spool/clientmqueue is writable by anyone in group smmsp.

2. All email in clientmqueue is readable by anyone in group smmsp.

Is SUID sendmail the only way to prevent users from reading each others email?


----------

