diff options
| author | Jason Downs <downsj@cvs.openbsd.org> | 1996-12-14 21:17:55 +0000 |
|---|---|---|
| committer | Jason Downs <downsj@cvs.openbsd.org> | 1996-12-14 21:17:55 +0000 |
| commit | 608a01ad15ff5ab89386edfd559332580581c47d (patch) | |
| tree | 0247c82ab4d95ed523c3f3ecf6cf792a84cb635e /usr.sbin/sendmail/FAQ | |
| parent | 454743c06055e0f6c7c4532bdc9b81aeab85126c (diff) | |
Update to Sendmail 8.8.4, plus recent patches, plus OpenBSD support.
Also include entire example configuration subset.
Includes smrsh (using /usr/libexec/sm.bin).
Of the top of my head, the only things I removed from the distribution were
contrib/mail.local.linux, src/Makefiles, all the *.0 and *.ps files.
Our praliases man page replaces the distributed one, ours is better.
Diffstat (limited to 'usr.sbin/sendmail/FAQ')
| -rw-r--r-- | usr.sbin/sendmail/FAQ | 734 |
1 files changed, 6 insertions, 728 deletions
diff --git a/usr.sbin/sendmail/FAQ b/usr.sbin/sendmail/FAQ index cc27e50805f..3ed325746f1 100644 --- a/usr.sbin/sendmail/FAQ +++ b/usr.sbin/sendmail/FAQ @@ -1,731 +1,9 @@ -Newsgroups: comp.mail.sendmail,comp.mail.misc,comp.mail.smail,comp.answers,news.answers -Subject: comp.mail.sendmail Frequently Asked Questions (FAQ) -From: brad@birch.ims.disa.mil (Brad Knowles) -Followup-to: comp.mail.sendmail -Summary: This posting contains a list of Frequently Asked Questions - (and their answers) about the program "sendmail", distributed - with many versions of Unix (and available for some other - operating systems). This FAQ is shared between - comp.mail.sendmail and the Sendmail V8 distribution. It should - be read by anyone who wishes to post to comp.mail.sendmail, or - anyone having questions about the newsgroup itself. - -Archive-name: mail/sendmail-faq -Posting-Frequency: monthly (first Monday) - - -[The most recent copy of this document can be obtained via anonymous -FTP from rtfm.mit.edu in /pub/usenet/news.answers/mail/sendmail-faq. +The FAQ is no longer maintained with the sendmail release. It is +posted regularly to comp.mail.sendmail, comp.mail.misc, comp.mail.smail, +comp.answers, and news.answers, and can be obtained via anonymous FTP +from ftp://rtfm.mit.edu/pub/usenet/news.answers/mail/sendmail-faq. If you do not have access to anonymous FTP, you can retrieve it by sending email to mail-server@rtfm.mit.edu with the command "send -usenet/news.answers/mail/sendmail-faq" in the message.] - - - - Sendmail Version 8 - Frequently Asked Questions - Last updated 9/17/95 - - -This FAQ is specific to Version 8.6.10 of sendmail. Other questions, -particularly regarding compilation and configuration, are answered in -src/READ_ME and cf/README (found in the V8 sendmail distribution). - -This is also the official FAQ for the Usenet newsgroup -comp.mail.sendmail. - -====================================================================== -BEFORE YOU GO ANY FURTHER -====================================================================== - - * What do you wish everyone would do before sending you mail or - posting to comp.mail.sendmail? - - Read this FAQ completely. Read src/READ_ME and cf/README - completely. Read the books written to help with common - problems such as compilation and installation, configuration, - security issues, etc.... Ask themselves if their question - hasn't already been answered. ----------------------------------------------------------------------- - * How can I be sure if this is the right place to look for answers - to my questions? - - 1. Do you know, for a fact, that the question is related to - sendmail V8? - - 2. Do you know, for a fact, that the question is related to an - older version of sendmail? - - 3. Is the question about a sendmail-like program (e.g., Smail, - Zmailer, MMDF, etc...)? - - 4. Is the question about an SMTP Gateway product for a LAN - mail package (e.g., cc:Mail, MS-Mail, WordPerfect - Office/GroupWise, etc...)? - - If you answered "yes" to the question #1, then this is the - right place. - - If you answered "yes" to questions #2 or #3, then you should - seriously consider upgrading to the most recent version of - sendmail V8. - - For question #2, If you're going to continue using an older - version of sendmail, you may not find much help and will - probably get some responses that amount to "Get V8". - Otherwise, this is probably the best place to look for - answers. - - If you answered "yes" to question #3 and are not going to - upgrade to sendmail V8, then this is probably not the right - place to look. - - If you answered "yes" to question #4, then this is almost - certainly not the right place to look. - - For questions #3 and #4, try looking around elsewhere in the - "comp.mail.*" hierarchy for a more appropriate newsgroup. - For example, you might want to try posting to comp.mail.misc - or comp.mail.smail. - - If you couldn't answer "yes" to any of the above questions, - then you're DEFINITELY in the wrong place. For the sake of - your sanity and ego, not to mention avoiding the waste of - your time and ours, try asking your System or E-Mail - Administrator(s) before you post any questions publicly. ----------------------------------------------------------------------- - * Where can I find the latest version of this FAQ? - - It is included in the most recent Version 8 distribution of - sendmail (described below), as well as via anonymous FTP from - rtfm.mit.edu in /pub/usenet/news.answers/mail/sendmail-faq. - If you do not have access to anonymous FTP, you can retrieve - it by sending email to mail-server@rtfm.mit.edu with the - command "send usenet/news.answers/mail/sendmail-faq" in the - message. ----------------------------------------------------------------------- - * I don't have access to Usenet news. Can I still get access to - comp.mail.sendmail? - - Yes. Send email to mxt@dl.ac.uk with the command "sub - comp-news.comp.mail.sendmail <full-US-ordered-email-address>" - in the message. - - E-mail you want posted on comp.mail.sendmail should be sent - to comp-mail-sendmail@dl.ac.uk ----------------------------------------------------------------------- - * I have sendmail-related DNS questions. Where should I ask them? - - Depending on how deeply they get into the DNS, they can be - asked here. However, you'll probably be told that you should - send them to the Info-BIND mailing list (if the question is - specific to that program) or to the Usenet newsgroup - comp.protocols.tcp-ip.domains (DNS in general). ----------------------------------------------------------------------- - * How do I subscribe to either of these? - - For comp.protocols.tcp-ip.domains, you have to be on Usenet. - They don't have a news-to-mail gateway yet. - - For the Info-BIND mailing list, send email to - bind-request@uunet.uu.net with the command "subscribe" in the - message. Submissions should be sent to bind@uunet.uu.net - -====================================================================== -GENERAL QUESTIONS -====================================================================== - - * Where can I get Version 8? - - Via anonymous FTP from FTP.CS.Berkeley.EDU in /ucb/sendmail. ----------------------------------------------------------------------- - * What are the differences between Version 8 and other versions? - - See doc/changes/changes.me in the sendmail distribution. ----------------------------------------------------------------------- - * What happened to sendmail 6.x and 7.x? - - When a new (Alpha/Beta) version of sendmail was released, it - was changed to Release 6. Development continued in that tree - until 4.4BSD was released, when everything on the 4.4 tape - was set to be version 8.1. Version 7.x never existed. ----------------------------------------------------------------------- - * What books are available describing sendmail? - - There is one book available devoted to sendmail: - - Costales, Allman, and Rickert, _Sendmail_. O'Reilly & - Associates. - - Several books have sendmail chapters, for example: - - Nemeth, Snyder, and Seebass, _Unix System Administration - Handbook_. Prentice-Hall. - Carl-Mitchell and Quarterman, _Practical Internetworking with - TCP/IP and UNIX_. Addison-Wesley. - Hunt, _TCP/IP Network Administration_. O'Reilly & Associates. - - Another book about sendmail is due out "soon": - - Avolio & Vixie, _Sendmail Theory and Practice_. Digital - Press (release date unknown). - - For details on sendmail-related DNS issues, consult: - - Liu and Albitz, _DNS and BIND_. O'Reilly & Associates. - - For details on UUCP, see: - - O'Reilly and Todino, _Managing UUCP and Usenet_. - O'Reilly & Associates. - -====================================================================== -COMPILING AND INSTALLING SENDMAIL 8 -====================================================================== - - * Version 8 requires a new version of "make". Where can I get this? - - Actually, Version 8 does not require a new version of "make". - It includes a collection of Makefiles for different architectures, - only one or two of which require the new "make". For a supported - architecture, use ``sh makesendmail''. If you are porting to a - new architecture, start with Makefile.dist. - - If you really do want the new make, it is available on any of - the BSD Net2 or 4.4-Lite distribution sites. These include: - - ftp.uu.net /systems/unix/bsd-sources - gatekeeper.dec.com /.0/BSD/net2 - ucquais.cba.uc.edu /pub/net2 - ftp.luth.se /pub/unix/4.3bsd/net2 - - Diffs and instructions for building this version of make - under SunOS 4.1.x are available on ftp.css.itd.umich.edu in - /pub/systems/sun/Net2-make.sun4.diff.Z. A patchkit for - Ultrix is on ftp.vix.com in /pub/patches/pmake-for-ultrix.Z. - Patches for AIX 3.2.4 are available on ftp.uni-stuttgart.de - in /sw/src/patches/bsd-make-rus-patches. - - There is also a Linux version available on the main Linux - distribution sites as pmake; this version is included as - standard with the current Slackware distributions. ----------------------------------------------------------------------- - * What macro package do I use to format the V8 man pages? - - The BSD group switched over the the ``mandoc'' macros for the - 4.4 release. These include more hooks designed for hypertext - handling. However, new man pages won't format under the old - man macros. Fortunately, old man pages will format under the - new mandoc macros. - - Get the new macros with the BSD Net2 or 4.4-Lite release (see - above for locations; for example, on FTP.UU.NET the files - /system/unix/bsd-sources/share/tmac/me/strip/sed and - /system/unix/bsd-sources/share/tmac/* are what you need). - - This macro set is also included with newer versions of groff. ----------------------------------------------------------------------- - * What modes should be used when installing sendmail? - - The sendmail binary should be owned by root, mode 4755. - The queue directory should be owned by root, with a mode - between 700 and 755. Under no circumstances should - it be group or other writable! - The sendmail config file should be owned by root, mode 644. - The aliases file should generally be owned by one trusted - user and writable only by that user, although it is - not unreasonable to have it group writable by a - "sysadmin" group. It should not be world writable. - The aliases database files (aliases.db or aliases.{pag,dir} - depending on what database format you compile with) - should be owned by root, mode 644. - -====================================================================== -CONFIGURATION QUESTIONS -====================================================================== - - * How do I make all my addresses appear to be from a single host? - - Using the V8 configuration macros, use: - - MASQUERADE_AS(my.dom.ain) - - This will cause all addresses to be sent out as being from - the indicated domain. ----------------------------------------------------------------------- - * How do I rewrite my From: lines to read ``First_Last@My.Domain''? - - There are a couple of ways of doing this. This describes - using the "user database" code. This is still experimental, - and was intended for a different purpose -- however, it does - work with a bit of care. It does require that you have the - Berkeley "db" package installed (it won't work with DBM). - - First, create your input file. This should have lines like: - - loginname:mailname First_Last - First_Last:maildrop loginname - - Install it in (say) /etc/userdb. Create the database: - - makemap btree /etc/userdb.db < /etc/userdb - - You can then create a config file that uses this. You will - have to include the following in your .mc file: - - define(confUSERDB_SPEC, /etc/userdb.db) - FEATURE(notsticky) ----------------------------------------------------------------------- - * So what was the user database feature intended for? - - The intent was to have all information for a given user - (where the user is the unique login name, not an inherently - non-unique full name) in one place. This would include phone - numbers, addresses, and so forth. The "maildrop" feature is - because Berkeley does not use a centralized mail server - (there are a number of reasons for this that are mostly - historic), and so we need to know where each user gets his or - her mail delivered -- i.e., the mail drop. - - We are in the process of setting up our environment so that - mail sent to an unqualified "name" goes to that person's - preferred maildrop; mail sent to "name@host" goes to that - host. The purpose of "FEATURE(notsticky)" is to cause - "name@host" to be looked up in the user database for delivery - to the maildrop. ----------------------------------------------------------------------- - * Why are you so hostile to using full names for e-mail addresses? - - Because full names are not unique. For example, the computer - community has two Andy Tannenbaums and two Peter Deutsches. - At one time, Bell Labs had two Stephen R. Bournes with - offices a few doors apart. You can create alternative - addresses (e.g., Stephen_R_Bourne_2), but that's even worse - -- which one of them has to have their name desecrated in - this way? And you can bet that one of them will get most of - the other person's e-mail. - - So called "full names" are just an attempt to create longer - versions of unique names. Rather that lulling people into a - sense of security, I'd rather that it be clear that these - handles are arbitrary. People should use good user agents - that have alias mappings so that they can attach arbitrary - names for their personal use to those with whom they - correspond (such as the MH alias file). - - Even worse is fuzzy matching in e-mail -- this can make good - addresses turn bad. For example, Eric Allman is currently - (to the best of our knowledge) the only ``Allman'' at - Berkeley, so mail sent to "Allman@Berkeley.EDU" should get to - him. But if another Allman ever appears, this address could - suddenly become ambiguous. He's been the only Allman at - Berkeley for over fifteen years -- to suddenly have this - "good address" bounce mail because it is ambiguous would be a - heinous wrong. - - Finger services should be as fuzzy as possible (within - reason, of course). Mail services should be unique. ----------------------------------------------------------------------- - * Should I use a wildcard MX for my domain? - - If at all possible, no. - - Wildcard MX records have lots of semantic "gotcha"s. For - example, they will match a host "unknown.your.domain" -- if - you don't explicitly test for unknown hosts in your domain, - you will get "config error: mail loops back to myself" - errors. - - See RFCs 1535-1537 for more detail and other related (or - common) problems. ----------------------------------------------------------------------- - * How can I get sendmail to process messages sent to an account and - send the results back to the originator? - - This is a local mailer issue, not a sendmail issue. - Depending on what you're doing, look at procmail (mentioned - again below), ftpmail, or Majordomo. - - Check your local archie server to see what machine(s) nearest - you have the most recent versions of these programs. ----------------------------------------------------------------------- - * How can I get sendmail to deliver local mail to $HOME/.mail - instead of into /usr/spool/mail (or /usr/mail)? - - Again, this is a local mailer issue, not a sendmail issue. - Either modify your local mailer (source code will be - required) or change the program called in the "local" mailer - configuration description to be a new program that does this - local delivery. One program that is capable of doing this is - "procmail", although there are probably many others as well. - - You might be interested in reading the paper ``HLFSD: - Delivering Email to your $HOME'' available in the Proceedings - of the USENIX System Administration (LISA VII) Conference - (November 1993). This is also available via public FTP from - ftp.cs.columbia.edu in /pub/hlfsd/{README.hlfsd,hlfsd.ps}. ----------------------------------------------------------------------- - * I'm trying to to get my mail to go into queue only mode, and it - delivers the mail interactively anyway. (Or, I'm trying to use - the "don't deliver to expensive mailer" flag, and it delivers the - mail interactively anyway.) I can see it does it: here's the - output of "sendmail -v foo@somehost" (or Mail -v or equivalent). - - The -v flag to sendmail (which is implied by the -v flag to - Mail and other programs in that family) tells sendmail to - watch the transaction. Since you have explicitly asked to - see what's going on, it assumes that you do not want to to - auto-queue, and turns that feature off. Remove the -v flag - and use a "tail -f" of the log instead to see what's going - on. - - If you are trying to use the "don't deliver to expensive - mailer" flag (mailer flag "e"), be sure you also turn on - global option "c" -- otherwise it ignores the mailer flag. ----------------------------------------------------------------------- - * There are four UUCP mailers listed in the configuration files. - Which one should I use? - - The choice is partly a matter of local preferences and what - is running at the other end of your UUCP connection. Unlike - good protocols that define what will go over the wire, UUCP - uses the policy that you should do what is right for the - other end; if they change, you have to change. This makes it - hard to do the right thing, and discourages people from - updating their software. In general, if you can avoid UUCP, - please do. - - If you can't avoid it, you'll have to find the version that - is closest to what the other end accepts. Following is a - summary of the UUCP mailers available. - - uucp-old (obsolete name: "uucp") - This is the oldest, the worst (but the closest to UUCP) way - of sending messages across UUCP connections. It does - bangify everything and prepends $U (your UUCP name) to the - sender's address (which can already be a bang path - itself). It can only send to one address at a time, so it - spends a lot of time copying duplicates of messages. Avoid - this if at all possible. - - uucp-new (obsolete name: "suucp") - The same as above, except that it assumes that in one rmail - command you can specify several recipients. It still has a - lot of other problems. - - uucp-dom - This UUCP mailer keeps everything as domain addresses. - Basically, it uses the SMTP mailer rewriting rules. - - Unfortunately, a lot of UUCP mailer transport agents - require bangified addresses in the envelope, although you - can use domain-based addresses in the message header. (The - envelope shows up as the From_ line on UNIX mail.) So.... - - uucp-uudom - This is a cross between uucp-new (for the envelope - addresses) and uucp-dom (for the header addresses). It - bangifies the envelope sender (From_ line in messages) - without adding the local hostname, unless there is no host - name on the address at all (e.g., "wolf") or the host - component is a UUCP host name instead of a domain name - ("somehost!wolf" instead of "some.dom.ain!wolf"). - - Examples: - - We are on host grasp.insa-lyon.fr (UUCP host name "grasp"). - The following summarizes the sender rewriting for various - mailers. - - Mailer sender rewriting in the envelope - ------ ------ ------------------------- - uucp-{old,new} wolf grasp!wolf - uucp-dom wolf wolf@grasp.insa-lyon.fr - uucp-uudom wolf grasp.insa-lyon.fr!wolf - - uucp-{old,new} wolf@fr.net grasp!fr.net!wolf - uucp-dom wolf@fr.net wolf@fr.net - uucp-uudom wolf@fr.net fr.net!wolf - - uucp-{old,new} somehost!wolf grasp!somehost!wolf - uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr - uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf - -====================================================================== -RESOLVING PROBLEMS -====================================================================== - - * When I compile, I get "undefined symbol inet_aton" messages. - - You've probably replaced your resolver with the version from - BIND 4.9.3. You need to compile with -l44bsd in order to get - the additional routines. ----------------------------------------------------------------------- - * I'm getting "Local configuration error" messages, such as: - - 553 relay.domain.net config error: mail loops back to myself - 554 <user@domain.net>... Local configuration error - - How can I solve this problem? - - You have asked mail to the domain (e.g., domain.net) to be - forwarded to a specific host (in this case, relay.domain.net) - by using an MX record, but the relay machine doesn't - recognize itself as domain.net. Add domain.net to - /etc/sendmail.cw (if you are using FEATURE(use_cw_file)) or - add "Cw domain.net" to your configuration file. - - IMPORTANT: Be sure you kill and restart the sendmail daemon - after you change the configuration file (for ANY change in - the configuration, not just this one): - - kill `head -1 /etc/sendmail.pid` - sh -c "`tail -1 /etc/sendmail.pid`" - - NOTA BENE: kill -1 does not work! ----------------------------------------------------------------------- - * When I use sendmail V8 with a Sun config file I get lines like: - - /etc/sendmail.cf: line 273: replacement $3 out of bounds - - the line in question reads: - - R$*<@$%y>$* $1<@$2.LOCAL>$3 user@ether - - what does this mean? How do I fix it? - - V8 doesn't recognize the Sun "$%y" syntax, so as far as it is - concerned, there is only a $1 and a $2 (but no $3) in this - line. Read Rick McCarty's paper on "Converting Standard Sun - Config Files to Sendmail Version 8", in the contrib directory - (file "converting.sun.configs") on the sendmail distribution - for a full discussion of how to do this. ----------------------------------------------------------------------- - * When I use sendmail V8 on a Sun, I sometimes get lines like: - - /etc/sendmail.cf: line 445: bad ruleset 96 (50 max) - - what does this mean? How do I fix it? - - You're somehow trying to start up the old Sun sendmail (or - sendmail.mx) with a sendmail V8 config file, which Sun's - sendmail doesn't like. Check your /etc/rc.local, any - procedures that have been created to stop and re-start the - sendmail processes, etc.... Make sure that you've switched - everything over to using the new sendmail. To keep this - problem from ever happening again, try the following: - - mv /usr/lib/sendmail /usr/lib/sendmail.old - ln -s /usr/local/lib/sendmail.v8 /usr/lib/sendmail - mv /usr/lib/sendmail.mx /usr/lib/sendmail.mx.old - ln -s /usr/local/lib/sendmail.v8 /usr/lib/sendmail.mx - chmod 0000 /usr/lib/sendmail.old - chmod 0000 /usr/lib/sendmail.mx.old - - Assuming you have installed sendmail V8 in /usr/local/lib. ----------------------------------------------------------------------- - * When I use sendmail V8 on an IBM RS/6000 running AIX, the system - resource controller always reports sendmail as "inoperative" even - though it is running. What's wrong? - - IBM's system resource controller is one of their "value - added" features to AIX -- it's not a Unix standard. You'll - need to either redefine the subsystem to use signals (see - chssys(1)) or dump the entire subsystem and invoke sendmail - in /etc/rc.tcpip or some other boot script. ----------------------------------------------------------------------- - * When I use sendmail V8 on an Intel x86 machine running Linux, I - have some problems. Specifically, I have.... - - The current versions of Linux are generally considered to be - great for hobbyists and anyone else who wants to learn Unix - inside and out, or wants to always have something to do, or - wants a machine for light-duty mostly personal use and not - high-volume multi-user purposes. - - However, for those who want a system that will just sit in - the background and work without a fuss handling thousands of - mail messages a day for lots of different users, it's not - (yet) stable enough to fit the bill. - - Unfortunately, there are no known shareware/freeware - implementations of any operating system that provides the - level of stability necessary to handle that kind of load - (i.e., there are no free lunches). - - If you're wedded to the Intel x86 platform and want to run - sendmail, we suggest you look at commercial implementations - of Unix such as Interactive, UnixWare, Solaris, or BSD/386 - (just a sample of the dozens of different versions of Unix - for Intel x86). - - Of all known vendor supported versions of Unix for Intel x86, - BSDI's BSD/386 is least expensive and the only one known to - currently ship with sendmail V8 pre-installed. Since sendmail - V8 is continuing to be developed at UC Berkeley, and BSD/386 - is a full BSD 4.4 implementation, this is obviously be the most - "native" sendmail V8 environment. ----------------------------------------------------------------------- - * When I use sendmail on an Intel x86 machine running OS/2, I have - some problems. Specifically, I have.... - - The OS/2 port of sendmail is known to have left out huge - chunks of the code and functionality of even much older - versions of sendmail, in large part because the underlying OS - just doesn't have the necessary hooks to make it happen. - This port is so broken that we make no attempt to provide any - kind of support for it. Try BSDI's BSD/386 instead. ----------------------------------------------------------------------- - * I'm connected to the network via a SLIP/PPP link. Sometimes my - sendmail process hangs (although it looks like part of the - message has been transfered). Everything else works. What's - wrong? - - Most likely, the problem isn't sendmail at all, but the low - level network connection. It's important that the MTU - (Maximum Transfer Unit) for the SLIP connection be set - properly at both ends. If they disagree, large packets will - be trashed and the connection will hang. ----------------------------------------------------------------------- - * I just upgraded to 8.x and suddenly I'm getting messages in my - syslog of the form "collect: I/O error on connection". What is - going wrong? - - Nothing. This is just a diagnosis of a condition that had - not been diagnosed before. If you are getting a lot of these - from a single host, there is probably some incompatibility - between 8.x and that host. If you get a lot of them in - general, you may have network problems that are causing - connections to get reset. ----------------------------------------------------------------------- - * I just upgraded to 8.x and now when my users try to forward their - mail to a program they get an "illegal shell" message and their - mail is not delivered. What's wrong? - - In order for people to be able to run a program from their - .forward file, 8.x insists that their shell (that is, the - shell listed for that user in the passwd entry) be a "valid" - shell, meaning a shell listed in /etc/shells. If /etc/shells - does not exist, a default list is used, typically consisting - of /bin/sh and /bin/csh. - - This is to support environments that may have NFS-shared - directories mounted on machines on which users do not have - login permission. For example, many people make their - file server inaccessible for performance or security - reasons; although users have directories, their shell on - the server is /usr/local/etc/nologin or some such. If you - allowed them to run programs anyway you might as well let - them log in. - - If you are willing to let users run programs from their - .forward file even though they cannot telnet or rsh in (as - might be reasonable if you run smrsh to control the list of - programs they can run) then add the line - - /SENDMAIL/ANY/SHELL/ - - to /etc/shells. This must be typed exactly as indicated, - in caps, with the trailing slash. NOTA BENE: DO NOT - list /usr/local/etc/nologin in /etc/shells -- this will - open up other security problems. ----------------------------------------------------------------------- - * I just upgraded to 8.x and suddenly connections to the SMTP port - take a long time. What is going wrong? - - It's probably something weird in your TCP implementation that - makes the IDENT code act oddly. On most systems V8 tries to - do a ``callback'' to the connecting host to get a validated - user name (see RFC 1413 for detail). If the connecting host - does not support such a service it will normally fail quickly - with "Connection refused", but certain kinds of packet - filters and certain TCP implementations just time out. - - To test this, set the IDENT timeout to zero using - ``OrIdent=0'' in the configuration file. This will - completely disable all use of the IDENT protocol. - - Another possible problem is that you have your name server - and/or resolver configured improperly. Make sure that all - "nameserver" entries in /etc/resolv.conf point to functional - servers. If you are running your own server make certain - that all the servers listed in your root cache (usually - called something like "/var/namedb/root.cache"; see your - /etc/named.boot file to get your value) are up to date. - Either of these can cause long delays. ----------------------------------------------------------------------- - * I just upgraded to 8.x and suddenly I get errors such as ``unknown - mailer error 5 -- mail: options MUST PRECEDE recipients.'' What is - going wrong? - - You need OSTYPE(systype) in your .mc file -- otherwise the - configurations use a default that probably disagrees with - your local mail system. See cf/README for details. ----------------------------------------------------------------------- - * Under V8, the "From " header gets mysteriously munged when I send - to an alias. - - ``It's not a bug, it's a feature.'' This happens when you - have a "owner-list" alias and you send to "list". V8 - propagates the owner information into the envelope sender - field (which appears as the "From " header on UNIX mail or as - the Return-Path: header) so that downstream errors are - properly returned to the mailing list owner instead of to the - sender. In order to make this appear as sensible as possible - to end users, I recommend making the owner point to a - "request" address -- for example: - - list: :include:/path/name/list.list - owner-list: list-request - list-request: eric - - This will make message sent to "list" come out as being "From - list-request" instead of "From eric". ----------------------------------------------------------------------- - * I am trying to use MASQUERADE_AS (or the user database) to - rewrite from addresses, and although it works in the From: header - line, it doesn't work in the envelope (e.g., the "From " line). - - Believe it or not, this is intentional. The interpretation - of the standards by the V8 development group was that this - was an inappropriate rewriting, and that if the rewriting - were incorrect at least the envelope would contain a valid - return address. Other people have since described scenarios - where the envelope cannot be correct without this rewriting, - so 8.7 will have an option to rewrite both header and - envelope. ----------------------------------------------------------------------- - * I want to run Sendmail version 8 on my DEC system, but you don't - have MAIL11V3 support in sendmail. How do I handle this? - - Get Paul Vixie's reimplementation of the mail11 protocol from - gatekeeper.dec.com in /pub/DEC/gwtools. - - Rumour has it that he will be fully integrating into sendmail - V8 what little is left of IDA sendmail that is not handled - (or handled as well) by V8. No additional information on - this project is currently available. ----------------------------------------------------------------------- - * Messages seem to disappear from my queue unsent. When I look in - the queue directory I see that they have been renamed from qf* to - Qf*, and sendmail doesn't see these. - - If you look closely you should find that the Qf files are - owned by users other than root. Since sendmail runs as root - it refuses to believe information in non-root-owned qf files, - and it renames them to Qf to get them out of the way and make - it easy for you to find. The usual cause of this is - twofold: first, you have the queue directory world writable - (which is probably a mistake -- this opens up other security - problems) and someone is calling sendmail with an "unsafe" - flag, usually a -o flag that sets an option that could - compromise security. When sendmail sees this it gives up - setuid root permissions. +usenet/news.answers/mail/sendmail-faq" in the message. - The usual solution is to not use the problematic flags. If - you must use them, you have to write a special queue - directory and have them processed by the same uid that - submitted the job in the first place. ----------------------------------------------------------------------- -@(#)FAQ 8.16 (Berkeley) 9/17/95 -Send updates to sendmail@sendmail.ORG. + --Eric Allman 8/17/96 |