Wednesday, August 8, 2012

Microsoft Exchange Server Online Book


Book List 


Linux Boot Process

Introduction: The Linux startup process is the process of Linux-operating system initialization. Linux Boot Process is most discussed topic over internet. It includes Linux internals. It is very important for Linux Administrator. Because most of the troubleshooting is depend upon this. Please note that in this article, I have explained everything for x86 platform.
.
Phase1 From Power ON to Loading Kernel
Overview of Phase1:
Step 1- When we power on PC, BIOS (which is stored on Motherboard) loads into RAM. The purpose of BIOS is load OS or Kernel into RAM.
Step 2- BIOS search for Bootable Device. When bootable device found goes to next step
Step 3- When bootable device found it loads 1 stage Boot Loader i.e. MBR in RAM. Size of MBR is just 512 bytes. just first sector of Harddisk
Step 4- First stage boot loader loads Second stage boot loader i.e. GRUB or LILO
Step 5- When second stage boot loader gets executed in RAM, Splash Screen gets displayed. Job of second stage boot loader is to load kernel in RAM
Step 6- Stage 2 boot loader loads Kernel and optional initial Root FileSystem into RAM. It passes control to Kernel and kernel get decompressed into RAM and get initialised. At this stage second stage boot loader checks Hardware and mount root device also loads necessary kernel modules. When it completes first Userspace program gets executed i.e. init. init is father of all processes

Detail Phase1 process:
Step 1- BIOS boots up
-    When we power on PC, BIOS (which is stored on MotherBoard) loads into RAM.
The purpose of BIOS is load OS or Kernel into RAM.
BIOS is made up of two parts: the POST code and runtime services. After the POST is complete, it is flushed from memory, but the BIOS runtime services remain and are available to the target operating system.

Step 2- BIOS boots up contd.
-    BIOS performs Power On Self Test (POST). Here BIOS does Hardware Inventory.
-    Here, to boot an operating system, the BIOS runtime searches for devices that are both active and bootable in the order of preference defined by the complementary metal oxide semiconductor (CMOS) settings.

What is this MBR?
=============================================

|    Boot Sector (BS) |  Partition        |  Magic        |
|                                |  Table (PT)    |  Numbers    |
|    446 bytes             |  64 bytes       |  2 bytes       |
============== 512 bytes ======================                          
M         B           R
-    Size of MBR is 512 bytes.
-    Boot Sector is stored in first 446 bytes.
Boot Loader resides here.
-    Partition Table is stored in next 64 bytes
-    Last 2 bytes are for Magic No. The magic number serves as a validation check of the MBR.

Step 3- MBR loads into RAM
-    If the POST is successful, the BIOS calls INT 19H
-    INT 19H is to load the sector at head 0, cylinder 0, sector 1 i.e. MBR of Hard disk into memory at 0:7C00h, and transfer control to it.
-    After MBR gets loaded into RAM, BIOS handover control to it.
-    It loads First Stage Boot Loader which resides in MBR

Step 4- Stage 1 Boot Loader loads into RAM
-    The job of the Stage 1 Boot Loader is to find and load the Stage 2 Boot Loader
-    Stage 1 BL examines Partition Table from MBR and search for Active Partition.
-    It also scans remaining to verify that they are all inactive.
-    Active Partition's boot record is read from the device into RAM and executed.

Step 5- Stage 2 Boot Loader & Kernel
-    The purpose of Stage 2 BL is to load OS kernel into RAM.
-    Now here 2 major Boot Loaders are available for Linux. i.e. LILO & GRUB. Here we w
-    The main advantage of GRUB over LILO is, GRUB has knowledge of Linux Filesystems. So GRUB can load kernel directly from ext2 or ext3 filesystem. Whereas LILO uses RAW sectors on the disk and it requires BIOS calls int 13 fn 8 & int 13 fn 2.
-    GRUB does this by adding one more Stage after Stage 1 i.e. Stage 1.5.
o    Here Stage 1 BL loads Stage 1.5 (i.e. /boot/e2fs_stage1_5 to load ext2 or ext3 FileSystem)
o    Stage 1.5 then loads Stage 2 BL.
o    Now GRUB has all the information about FileSystem.
-    Stage 2 BL then request to display a list of available kernel (Defined in /boot/grub/menu.lst)
It is also called GRUB startup menu, which allows the user to choose an operating system and examine and edit startup parameters.
-    After an operating system is chosen, respective kernel gets loaded into RAM and Stage 2 BL passes over the control.
-    Here Stage 2 BL uncompresses Kernel and fills the memory with kernel memory structures which can be seen in the /proc virtual file system

The Engine Of The Car Is Ready And Running!!
The Linux OS is ready and running!! Kernel Land is ready!!
But No User land!!
==================================================================================
Phase2. From init to Login prompt.

-    When the kernel is loaded, it immediately initializes and configures the computer's memory and configures various hardware attached to the system, including all processors, I/O subsystems, and storage devices. It then looks for the compressed initrd image in a predetermined location in memory, decompresses it, mounts it, and loads all necessary drivers.
-    After this the kernel locates & starts the first user-space application /sbin/init
-    Init is the Father of all Processes. Its PID is 1

-    Before /sbin/init loads into RAM, it reads /etc/inittab file
-    /etc/inittab is ASCII text file. Where we can configure multiple parameters for init daemon
-    If you take close look of /etc/inittab, you will find below entries there ->
--------------------------------------------------------------------------------------------------------------------------------------------
/etc/inittab
============
id:5:initdefault:                     ---- > Defines Default Runlevel. Here it is 5

# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit      ---- >  Executes /etc/rc.d/rc.sysinit in subshell
                             I have explained below about rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6

# Trap CTRL-ALT-DELETE
ca::ctrlaltdel:/sbin/shutdown -t3 -r now

# When our UPS tells us power has failed, assume we have a few minutes
# of power left.  Schedule a shutdown for 2 minutes from now.
# This does, of course, assume you have powerd installed and your
# UPS connected and working correctly.
pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"

# If power was restored before the shutdown kicked in, cancel it.
pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"

# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
3:2345:respawn:/sbin/mingetty tty3
4:2345:respawn:/sbin/mingetty tty4
5:2345:respawn:/sbin/mingetty tty5
6:2345:respawn:/sbin/mingetty tty6

# Run xdm in runlevel 5
x:5:respawn:/etc/X11/prefdm nodaemon    -> this line will get executed for
runlevel 5
--------------------------------------------------------------------------------------------------------------------------------------------
-    /etc/inittab executes /etc/rc.d/rc.sysinit in new subshell.

o    calls /etc/sysconfig/network in same shell
It sets the hostname and checks whether Network is yes or no i.e. checks for existence for Network card
o    calls /etc/init.d/functions script in the same shell.
It sets global umask and path and defines 27 shells functions within the rc.sysinit shell environment
o    Displays the "Welcome to Red Hat..." from /etc/redhat-release
o    Runs dmesg* which creates /var/log/dmesg and display its contents on the screen
o    Mounts all local filesystems from /etc/fstab and updates /etc/mtab
mount command simply displays the contents of /etc/mtab
Now /etc/rc.d/rc.sysinit script ends!!

Summary:  rc.sysinit:     1. Sets the global umask, global PATH
2. Sets up the Networking subsystem
3. Basically starts the System Daemons
--------------------------------------------------------------------------------------------------------------------------------------------
Back to /etc/inittab:

-    /etc/rc.d/rc script is executed in a new subshell of /etc/inittab

o    It starts and stops the Application Networking daemons, by using Init Scripts
These init scripts are stored under /etc/init.d/
Their symlinks are created in all /etc/rc.d/rc?.d/directories
If name of the symlink in /etc/rc.d/rc?.d/ starts with S then those services will get start system boots.
If name of symlink in /etc/rc.d/rc?.d/ starts with K then those services will get stop when system boot.

If you want any service to start when system boots up then use below command:
# chkconfig -level on
# chkconfig level 3 gpm on  --- > Enabling GPM service

o    It runs /etc/rc.d/rc.local which is a symlink in all RLs and is the only script which is run regardless of the RL and is  S99local in all /etc/rc.d/rc?.d/... and points to
        /etc/rc.d/rc.local
           
-    Goes back to inittab
-    shutdown CAD magic keys are set -  You can hack it if you wish
ca::ctrlaltdel:/sbin/shutdown -t3 -r now

-    mingettys are spawned with their terminals. All mingettys enter sleep state - EXCEPT one
And here you get a LOGIN PROMPT.

-    If Runlevel 5, then script " /etc/X11/prefdm" is executed..

Here INITAB is OVER.
=========================================================
 Phase3. From Login prompt to Bash Prompt

Now mingettys are loaded.

What is getty?

A getty is is a program that opens a tty port, prompts for a login name, and runs the /bin/login command. It is normally invoked by init.
    
The mingetty daemon is used to listen for virtual consoles (like the 6 that run by default with your keyboard and monitor) and cannot be used to handle serial lines

You will need to configure agetty or mgetty to listen on the serial ports, because they are capable of responding to input on physical serial ports.

How do you get Login Prompt?

-    The first mingetty [awake one] loads device driver for /dev/tty1 & executes /etc/issue
-    mingetty then executes the /bin/login process and is then put to sleep state by init
-    /bin/login displays login prompt.

Towards Bash prompt ->

-    /bin/login execs /usr/bin/passwd which challenges for passwd from user which then does authentication and authorization using PAM
       
-    init then puts the login daemon into sleep state, wakes up mingetty which now takes over

-    mingetty checks for .hushlogin in $HOME/$USER
   
If $HOME/.hushlogin DOES NOT EXISTS then it does the following:
        
- executes lastlog* -u $USER using /var/log/lastlog
- executes cat /etc/motd
- executes users mail, if any, in /var/spool/mail/$USER
-     init then wakes /bin/login process
       
-    mingetty then goes into zombie state and is killed by init
       
-    login then loads /bin/bash as a monitored child process   
       
-    /bin/bash takes over

-    and login goes into sleep state

-    Executes /etc/profile -> sets system-wide ENV variables Global Profile
                  
-    Executes /etc/inputrc -> Sets keyboard mappings  [See stty -a] Show Terminal characteristics

Examples ->    # stty intr ^g   --> Keyboard mapping
                     # stty -echo     --> Terminal Characteristics

#/etc/inputrc See man bash - /bell-style
                ============
                     set bell-style [audible] [none] [visible]
                     set disable-completion [off] on
   
                         To do it per-user:
                =================
setterm -blength 0 [in per user .bash_profile]
or
xset b off [in GUI]
[bash -r, --noediting as args in /etc/passwd 7th field]
                   
-    Executes /etc/profile.d/*.sh [16 shell scripts are executed]
                     
colorls.csh    colorls.sh
glib2.csh    glib2.sh
gnome-ssh-askpass.csh    gnome-ssh-askpass.sh
krb5-workstation.csh    krb5-workstation.sh
lang.csh    lang.sh
less.csh    less.sh
vim.csh    vim.sh
which-2.sh   
             
-    Executes /etc/bashrc - Sets system-wide [Global] aliases/shell functions
sets the users and root's final global umask
-    Executes user's personal .bash_profile
-    Executes .bashrc   -> user specific Bash initialization file. It resides at every users home directory. And gets executed when you successfully login to the Linux system.

-    Misc :
o    .bash_history  -> It stores all command history
o    .bash_logout   -> It stores logout logs. It gets executes while Logoff.

Finally, at last, the comforting shell login prompt bash!!

=========================Boot Process Ends here====================

Thursday, August 2, 2012

SAMBA Interview Question & Answer



Q: - Which SELinux security context used for SAMBA ?
samba_share_t

Q: - On which ports SAMBA server works ?
- UDP port 137 for netbios-ns, the NETBIOS Name Service
- UDP port 138 for netbios-dgm, the NETBIOS Datagram Service
- TCP port 139 for netbios-ssn, the NETBIOS session service
- TCP port 445 for microsoft-ds, the Microsoft Domain Service

Q: - What are the Secrity or Authentication Mode for SAMBA server?
ADS
DOMAIN
SERVER
USER
SHARE

Q: - How to Manually Create Machine Trust Accounts ?
/usr/sbin/useradd -g machines -d /var/lib/nobody -c "machine nickname" -s /bin/false machine_name$
passwd -l machine_name$

Q: - What are the SAMBA server Types ?
- Primary Domain Controller (PDC)
- Backup Domain Controller (BDC)
- ADS Domain Controller

Q: - Which protocol SAMBA server uses ?
SMB, which stands for Server Message Block, is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers.

Q: - How Does a Workstation find its Domain Controller?
There are two different mechanisms to locate a domain controller: one method is used when NetBIOS over TCP/IP is enabled and the other when it has been disabled in the TCP/IP network configuration. Where NetBIOS over TCP/IP is disabled, all name resolution involves the use of DNS, broadcast messaging over UDP, as well as Active Directory communication technologies.

Q: - Can Samba Be a Backup Domain Controller to an NT4 PDC?
No. The native NT4 SAM replication protocols have not yet been fully implemented.

Q: - How Do I Replicate the smbpasswd File?
Replication of the smbpasswd file is sensitive. It has to be done whenever changes to the SAM are made. Every user's password change is done in the smbpasswd file and has to be replicated to the BDC. So replicating the
smbpasswd file very often is necessary.As the smbpasswd file contains plaintext password equivalents, it must not be sent unencrypted over the wire. The best way to set up smbpasswd replication from the PDC to the BDC is to use the utility rsync. rsync can use ssh as a transport. ssh itself can be set up to accept only rsync transfer without requiring the user to type a password.As said a few times before, use of this method is broken and awed. Machine trust accounts will go out of sync, resulting in a broken domain. This method is not recommended. Try using LDAP instead.

Q: - Can Samba fully replace my Windows NT server that is not a Primary Domain Controller (PDC)?
Samba can completely serve files and printers to Windows, just as a Windows NT server would.

Q: - Can Samba replaces my Windows NT PDC?
 Not completely. Samba domain control capabilities for a Windows 9x client are  solid and complete, and so these clients would probably never know the difference. The domain control support for Windows NT/2000 clients is still being developed. Currently, enough has been implemented to allow a Windows NT client to join a Samba-controlled domain, but there is more to domain control than that. The most conspicuous absence is the lack of support for Windows NT trust relationships and the SAM replication protocol used between NT PDCs and Backup Domain Controllers (BDCs).

Q: - What TCP and UDP ports required for NetBIOS over TCP/IP use?
The NBT name service uses port 137/udp, the NBT session service uses port 139/tcp, and the NBT datagram service uses port 138/udp.

Q: - How SMB protocol works?
There will be three stages in creating an SMB connection between a client and a specific share on a server.
The first stage in connecting to an SMB share is to negotiate the SMB protocol dialect to use. In the request packet, the client sends a text listing of all the SMB dialects that it understands. The server selects the most advanced protocol that it knows and responds to the client, specifying the protocol number from the list. At this point, the client and server have agreed that SMB commands can be used for the remainder of the conversation.
The second stage is to create a session connection between the client and server. To do this, the client issues a session setup request, which includes a sername and some proof of validity, such as a password. The server attempts to validate requesting user. If successful, the server then returns a session UID to client. This UID is unique for each session and has no relation to the server internal representation of users.
The third stage before access to files on a remote share is allowed is for the client to make a successful tree connection to the shared resource. The client sends to the server a tree connect request, which includes the UID previously issued by the server. At this stage the server verifies that the authenticated user is authorized to access the requested resource. If the user has sufficient privileges to access the share, the client is issued a tree connection ID (TID). The TID is used in all requests to access files contained in the resource to which the TID refers.
In this way SMB protocol works.

Q: - How man sections samba configuration file (smb.conf) contains?

smb.conf file contains three sections.
1. [global] Contains settings that determine Samba overall behavior.
2. [homes] A default share for providing a home directory for all users.
3. [printers] A default share for exporting all printers on the host via CIFS.

Q: - If a netbios name is not defined in smb.conf, than what will be netbios name?
If a netbios name is not defined, Samba will use the IP hostname of the server by default.

Q: - I want to use User level security for my samba server than what i have to add in smb.conf file?
security = user

Q: - How you will verify that your smb.conf file doesn’t have any mistakes and misspellings?
"testparm " tool that verifies the syntax of a configuration file(smb.conf).
testparm -s smb.conf

Q: - What is the use of "smbclient" command?
"smbclient" is used to display the list of shares on your server. This verifies that smbd is running and functioning correctly. The -L option instructs smbclient to enumerate the shares on the server rather than actually connecting to one. The   -N switch instructs smbclient to use an anonymous login rather than the login name of the current user.
smbclient -L localhost -N
Antother use of "smbclient" command to connect the samba share.
smbclient /// -U

Q: - Explain "smbstatus" command?
The smbstatus utility displays information about connected users and currently locked files.

Q: - Is it possible for Samba to share file systems that have been mounted using NFS?
Yes. However, this can be problematic if the NFS server that provides the file system fails, causing the Samba server to hang. It is always safer to use Samba to share a local file system.

Q: - How many simultaneous connections can a Samba server support?
In theory, there is no limit. In practice, the limit is determined by the server’s hardware, specifically the total amount of available RAM and the CPU power. It might also depend on the amount of activity from the smbd processes.

Q: - Can Samba be a member of more than one workgroup at the same time?
No, Samba can be a member of only one workgroup.

Q: - What is SWAT?
SWAT is GUI Based administration tool for samba server.

Q: - I am trying to use SWAT, but I keep getting the message There was no response. The server could be down or not responding. What is the problem?
The most likely cause is that SWAT is not listening to connections, or you have used the wrong URL in trying to connect to SWAT. SWAT usually lives behind port 901, so the URL you should use is http://ID_ADDRESS_OF_SERVER:901/

Q: - Can i set empty password for samba user?
Yes, if you want to set the value to an empty password, you must change
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXX
to
NOPASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XX
in your smbpasswd file.
Note: - if you have edited the smbpasswd file by hand, make sure that the LAN Manager and NT password fields contain exactly 32 characters, no more and no fewer. If these fields do not have exactly 32 characters, Samba will not be able to correctly read the entry.
or You can modify by "smbpasswd" command.
smbpasswd -n USER_NAME
Also you have to set the null passwords parameter to yes in the [global] section of smb.conf:
null passwords = yes

Q: - Can i set empty password for samba user?
Yes, If you want to set the value to an empty password, you must change
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXX
to
NOPASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XX
in your smbpasswd file.
Note: - if you have edited the smbpasswd file by hand, make sure that the LAN Manager and NT password fields contain exactly 32 characters, no more and no fewer. If these fields do not have exactly 32 characters, Samba will not be able to correctly read the entry.
or You can modify by "smbpasswd" command.
smbpasswd -n USER_NAME
Also you have to set the null passwords parameter to yes in the [global] section of smb.conf: null passwords = yes

Q: - Does Samba support PAM?
Yes

Q: - What is role of "NTLM"?
The challenge / response  authentication protocol available to Windows clients and servers for validating connection requests.

Q: - Explain "force group" parameter used in smb.conf?
It will define the group id to be used for all file access in the place of the user’s primary group.

Q: - Explain "force user" parameter used in smb.conf?
It will define the user id to be used for all file access.

Q: - Explain "write list" parameter used in smb.conf?
A list of users and/or groups that should be given write access even if the read only parameter has been enabled.

SEND MAIL IINTERVIEW QUESTION & ANSWER



Q: - How to start sendmail server ?
service sendmail restart

Q: - On which ports sendmail and senmail with SSL works ?
By default, Sendmail uses TCP and UDP port 25 for non-encrypted transfers. If the Sendmail server is configured to use SSL for encrypting email sent and received, it uses port 465.

Q: - Explain use of "trusted-users" file ?
List of users that can send email as other users without a warning including system users such as apache for the Apache HTTP Server.

Q: - Explain the use of "local-host-names" file ?
If the email server should be known by different hostnames, list the host- names in this file, one line per hostname. Any email sent to addresses at these hostnames is treated as local mail. The FEATURE(`use_cw_fileĆ¢€™) option must be enabled in the sendmail.mc file for this file to be referenced.

Q: - explain the use of /etc/aliases file ?
/etc/aliases, can be used to redirect email from one user to another. By default, it includes redirects for system accounts to the root user. It can then be used to redirect all email for the root user to the user account for the system administrator.

Q: - Can we use SSL Encryption with Sendmail ?
Yes, Sendmail can be configured to encrypt email sent and received using SSL (secure sockets layer)

Q: - What is Sendmail ?
Sendmail is an MTA, meaning it accepts email messages sent to it using the SMTP proto- col and transports them to another MTA email server until the messages reach their destinations. It also accepts email for the local network and delivers them to local mail spools, one for each user.

Q: - What is the role of MUA ?
An MUA (Mail User Agent) with access to the mailbox file, directly or through a network file system, can read messages from the disk and display them for the user. This is generally a console or webmail application running on the server.

Q: - Which are the important configuration files for Sendmail server ?
The /etc/mail/ directory contains all the Sendmail configuration files, with sendmail.cf and submit.cf being the main configuration files. The sendmail.cf file includes options for the mail transmission agent and accepts SMTP connections for sending email. The submit.cf file configures the mail submission program.

Q: - How to configure sendmail to accept mail for local delivery that is addressed to other hosts?
Create a /etc/mail/local-host-names file. Put into that file the hostnames and domain names for which sendmail should accept mail for local delivery. Enter the names with one hostname or domain name per line. And also make sure that Sendmail configuration file should contain "use_cw_file" option.
dnl Load class $=w with other names for the local host
FEATURE(`use_cw_file')

Q: - When an organization stores aliases on an LDAP server, how you will configure sendmail to read aliases from the LDAP server?
Use "sendmail -bt -d0" command to check the sendmail compiler options. If sendmail was not compiled with LDAP support, recompile and reinstall sendmail.
Add an ALIAS_FILE define, containing the string ldap  to the sendmail configuration.
# Set the LDAP cluster value
define(`confLDAP_CLUSTER', `wrotethebook.com')
# Tell sendmail that aliases are available via LDAP
define(`ALIAS_FILE', `ldap:')

Q: - How to forward emails of a local user to external address?
Add an alias to the aliases file for each user whose mail must be forwarded to another system. The recipient field of the alias entry must be a full email address that includes the host part. After adding the desired aliases, rebuild the aliases database file with the newaliases command.

Q: - You have been asked to create a sendmail configuration that sends all local mail to a mail hub, while directly delivering mail addressed to external systems.
Create a sendmail configuration containing the MAIL_HUB define to identify the mail relay host for local mail. Use the LOCAL_USER command to exempt the root user's mail from relaying.
dnl Define a relay server for local mail
define(`MAIL_HUB', `smtp.test.com')
dnl Users whose mail is not passed to the mail hub
LOCAL_USER(root)
Rebuild and reinstall sendmail.cf, and then restart sendmail.

Q: - How to  configure multiple mail queues?
mkdir /var/spool/mqueue/queue.1
mkdir /var/spool/mqueue/queue.2
mkdir /var/spool/mqueue/queue.3
chmod 700 /var/spool/mqueue/queue.1
chmod 700 /var/spool/mqueue/queue.2
chmod 700 /var/spool/mqueue/queue.3
Add the QUEUE_DIR define to the sendmail configuration to use the new queue directories.
dnl Declare the queue directory path
define(`QUEUE_DIR', `/var/spool/mqueue/queue.*')

Q: - How to  disable certain SMTP commands?
Add the confPRIVACY_FLAGS define to the sendmail configuration to set Privacy Options that disable unwanted, optional SMTP commands. Here we will disables the EXPN, VRFY, VERB, and ETRN commands.
dnl Disable EXPN, VRFY, VERB and ETRN
define(`confPRIVACY_FLAGS', `noexpn,novrfy,noverb,noetrn')
Rebuild and reinstall sendmail.cf, and then restart sendmail.

Q: - In which Sendmail configuration file we have to make changes?
we will make the changes only in the sendmail.mc file, and the changes will be moved into the sendmail.cf file for us.

Q: - When Sendmail dispatches your email, it places the servers hostname behind your username, which becomes the "from address" in the email (ie. user@mail.test.com).But we want to use the domain name and not the hostname?
define(`confDOMAIN_NAME', `test.com')dnl
FEATURE(`relay_entire_domain')dnl

Q: - What does /etc/mail/access file contains?
The access database ("/etc/mail/access") is a list of IP addresses and domainnames of allowable connections.
FEATURE(`access_db',`hash -T -o /etc/mail/access.db')dnl
and cat  /etc/mail/access
localhost.localdomain           RELAY
localhost                              RELAY
127.0.0.1                             RELAY
192.168.0                            RELAY
test.com                              RELAY

Q: - How to restrict sendmail to sending a big file?
define(`confMAX_MESSAGE_SIZE',`52428800')dnl
or If you are using a PHP based webmail application like SquirrelMail, you can adjust the max file size in php.ini file.
vi php.ini
post_max_size = 50M
upload_max_filesize = 50M
memory_limit = 64M

Q: - How to set 25 recipients for each email?
define(`confMAX_RCPTS_PER_MESSAGE',`50')dnl

Q: - Which antivirus you have integrated with sendmail ?
ClaimAV

Q: - What is Clamav-Milter?
Clamav-Milter is a tool to integrate sendmail and clamAV antivirus.

Q: - Which configuration files are required to integrate sendmail and ClaimAV antivirus?
milter.conf and clamav-milter

Q: - How to test sendmail integration with ClaimAV?
grep Milter /var/log/maillog
You have to get following type of messages.
sendmail: Milter add: header: X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on mail.test.com
sendmail: Milter add: header: X-Virus-Status: Clean

Q: - Which tool you have used to block spamming?
SpamAssassin

Q: - What does "/etc/mail/" directory contains?
The /etc/mail/ directory contain all the Sendmail configuration files, with sendmail.cf and submit.cf being the main configuration files.

Q: - Explain the use of /etc/mail/relay-domains file?
The /etc/mail/relay-domains file is used to determine domains from which it will relay mail. The contents of the relay-domains file should be limited to those domains that can be trusted not to originate spam.