sendmail -C problem: explained

[eric () SENDMAIL ORG (Eric Allman)]

OK, after some searching, it turns out that there was a problem -- of
sorts -- in sendmail prior to 8.8.7, on some architectures.  Basically,
on kernels with group sets, where groupset[0] is not equivalent to
getegid(), and if sendmail has the setgid bit set, this problem can
occur.  In general, BSD-based systems do NOT have the problem, but
System V-based systems DO.  Linux apparently uses System V semantics.

There are two solutions.  Either do not run sendmail setgid (there is
absolutely no reason for it to need the setgid bit), or upgrade to
8.8.7, which does not have the problem even if it is setgid.

The Makefiles that come with sendmail mistakenly install sendmail
setgid, for reasons lost in antiquity.

eric