There are times when, for security reasons, you might wish to restrict delivery to a chroot(8) hierarchy. You might, for example, wish to restrict local spool delivery to a small subset of the total filesystem. One way to manage such a change is to set up that new directory hierarchy so that it looks something like this:

/secure/etc/passwd
/secure/etc/group
/secure/etc/mail/sendmail.cf
/secure/etc/mail/aliases.db
/secure/etc/mail/access.db
/secure/var/spool/mail
/secure/usr/sbin/sendmail
/secure/var/mqueue
/secure/var/clientmqueue
etc.

If this /= delivery agent equate is declared for the local delivery agent as /=/secure, all local delivery will first cause sendmail to chroot(8) into the /secure hierarchy. If that chroot(8) fails, sendmail will log the failure and continue to chroot(8) into the root directory.

One way to declare the /= delivery agent equate and change the location of mail.local at the same time is like this:

define(`LOCAL_MAILER_PATH', `/bin/mail.local, /=/secure')

Note that other files will have to appear in the /secure hierarchy. A /secure/dev/zero, for example, will be necessary for Solaris-based systems. A Bourne shell will also be necessary (e.g., /secure/bin/sh), as will a local delivery agent, such as /secure/bin/mail.local. Running delivery agents in a chroot(8) environment is not for the fainthearted, and much experimentation will doubtless be required to get it right for your system.

Note that this /= delivery agent equate is intended to run sendmail's delivery agents in a chroot(8) environment. It is not intended to run sendmail.