What's the difference between "daemon mode" and "mail-submission mode" in sendmail?
A quick walk-through of modes
Awhile ago I was troubleshooting some issues with sendmail and in doing so, had to dig into a core concept: operational modes. For some reason, documentation on the topic seems to be either extremely vague or unnecessarily complex. This blog post is an effort to try to summarize the key concepts here and make the topic more accessible (if for no other reason than to remind myself later – you’re welcome, Mike from the future).
Sendmail essentially has two modes it can run as:
- Daemon Mode - If you’re like me, this is probably the mode that comes to mind when visualizing a MTA. By default, this spins up a daemon process that listens on TCP/25 and/or TCP/587 for SMTP traffic (the specifics depend on various parameters defined under
CLIENT_OPTIONSandDAEMON_OPTIONSconfigs). This mode requires root-level privilege. - Message-submission program (MSP) mode - This was introduced in version 8.12 of Sendmail and allow applications to invoke (or “submit”) emails without requiring root-level permissions.
In theory, the idea is fairly simple: MSP mode allows other applications on a server to send emails without the extra concern of exposing root permissions.
There are a few other key differences between the modes:
- MSP mode typically reads configuration options from a
submit.cffile. - Daemon mode typically reads configuration options from a
sendmail.cffile. - MSP mode has a few different ways it can take input including standard input (STDIN).
- It’s generally best to have them store queued messages in separate locations. By default, MSP mode uses
/var/spool/clientmqueueand Daemon mode uses/var/spool/mqueue. - The two modes generally work together. For example, a client queue runner needs to be able to submit mail to the daemon on the local SMTP port.
More to come on this later…
