diff options
author | dm <dm@cvs.openbsd.org> | 1996-01-29 01:45:07 +0000 |
---|---|---|
committer | dm <dm@cvs.openbsd.org> | 1996-01-29 01:45:07 +0000 |
commit | d4348a83d4e90a8f1a7a26c930bbbb9a30ebdd58 (patch) | |
tree | b8c6ba8362f38fb511f05eb04e0e221d7685c866 /usr.sbin/sendmail/doc/op | |
parent | a402471fd01805e5aa531735d5fd71e70f6741ab (diff) |
Sendmail 8.7.3 from NetBSD
Diffstat (limited to 'usr.sbin/sendmail/doc/op')
-rw-r--r-- | usr.sbin/sendmail/doc/op/op.me | 4048 |
1 files changed, 2360 insertions, 1688 deletions
diff --git a/usr.sbin/sendmail/doc/op/op.me b/usr.sbin/sendmail/doc/op/op.me index 9678d14c1fe..6fd40ad866e 100644 --- a/usr.sbin/sendmail/doc/op/op.me +++ b/usr.sbin/sendmail/doc/op/op.me @@ -1,4 +1,4 @@ -.\" Copyright (c) 1983 Eric P. Allman +.\" Copyright (c) 1983, 1995 Eric P. Allman .\" Copyright (c) 1983, 1993 .\" The Regents of the University of California. All rights reserved. .\" @@ -30,7 +30,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)op.me 8.36 (Berkeley) 4/14/94 +.\" @(#)op.me 8.70 (Berkeley) 11/3/95 .\" .\" eqn op.me | pic | troff -me .eh 'SMM:08-%''Sendmail Installation and Operation Guide' @@ -65,22 +65,18 @@ .sp .r Eric Allman -University of California, Berkeley -Mammoth Project -eric@CS.Berkeley.EDU +Pang\(aea Reference Systems +eric@Sendmail.ORG .sp -Version 8.36 +Version 8.70 .sp -For Sendmail Version 8.6 +For Sendmail Version 8.7 .)l .sp 2 .pp .i Sendmail implements a general purpose internetwork mail routing facility -under the UNIX* -.(f -*UNIX is a trademark of Unix Systems Laboratories. -.)f +under the UNIX\(rg operating system. It is not tied to any one transport protocol \*- its function may be likened to a crossbar switch, @@ -104,11 +100,22 @@ incrementally. .pp .i Sendmail is based on -RFC822 (Internet Mail Format Protocol), RFC821 (Simple Mail Transport Protocol), +RFC822 (Internet Mail Format Protocol), RFC1123 (Internet Host Requirements), +RFC1521 (MIME), +RFC1651 (SMTP Service Extensions), +and a series of as-yet-draft standards describing +Delivery Status Notifications (DSNs), +available from the internet drafts sites as +draft-ietf-notary-mime-delivery-\fIXX\fP.txt, +draft-ietf-notary-mime-report-\fIXX\fP.txt, +draft-ietf-notary-smtp-drpt-\fIXX\fP.txt, and -RFC1425 (SMTP Service Extensions). +draft-ietf-notary-status-\fIXX\fP.txt +(replace +.i XX +by the latest draft number). However, since .i sendmail is designed to work in a wider world, @@ -153,6 +160,12 @@ in this version of The appendixes give a brief but detailed explanation of a number of features not described in the rest of the paper. +.pp +.b WARNING: +Several major changes were introduced in version 8.7. +You should not attempt to use this document +for prior versions of +.i sendmail . .bp 7 .sh 1 "BASIC INSTALLATION" .pp @@ -199,29 +212,23 @@ If you are running on a 4.4BSD system, compile by typing .q make . On other systems, you may have to make some other adjustments. -.sh 3 "Old versions of make" -.pp -If you are not running the new version of -.b make -you will probably have to use +On most systems, +you can do the appropriate compilation by typing .(b -make \-f Makefile.dist +sh makesendmail .)b -This file does not assume several new syntaxes, -including the -.q += -syntax in macro definition -and the -.q ".include" -syntax. -.sh 3 "Compilation flags" +This will leave the binary in an appropriately named subdirectory. +It works for multiple object versions +compiled out of the same directory. +.sh 3 "Tweaking the Makefile" .pp .i Sendmail supports two different formats -for the +for the local (on disk) version of databases, +notably the .i aliases database. -These formats are: +At least one of these should be defined if at all possible. .nr ii 1i .ip NDBM The ``new DBM'' format, @@ -243,9 +250,8 @@ old databases are read, but when a new database is created it will be in NEWDB format. As a nasty hack, if you have NEWDB, NDBM, and NIS defined, -and if the file -.i /var/yp/Makefile -exists and is readable, +and if the alias file name includes the substring +.q /yp/ , .i sendmail will create both new and old versions of the alias file during a @@ -260,47 +266,36 @@ If neither of these are defined, .i sendmail reads the alias file into memory on every invocation. This can be slow and should be avoided. -.pp -System V based systems can define -SYSTEM5 -to make several small adjustments. -This changes the handling of timezones -and uses the much less efficient -.i lockf -call in preference to -.i flock . -These can be specified separately using the compilation flags -SYS5TZ -and -LOCKF -respectively. -.pp -If you don't have the -.i unsetenv -routine in your system library, define the UNSETENV compilation flag. -.pp -You may also have to define the compilation variable LA_TYPE -to describe how your load average is computed. -This and other flags are detailed in section 6.1. +There are also several methods for remote database access: +.ip NIS +Sun's Network Information Services (formerly YP). +.ip NISPLUS +Sun's NIS+ services. +.ip NETINFO +NeXT's NetInfo service. +.ip HESIOD +Hesiod service (from Athena). +.lp +Other compilation flags are set in conf.h +and should be predefined for you +unless you are porting to a new environment. .sh 3 "Compilation and installation" .pp After making the local system configuration described above, You should be able to compile and install the system. -Compilation can be performed using -.q make\** -.(f -\**where you may have to replace -.q make -with -.q "make \-f Makefile.dist" -as appropriate. -.)f -in the -.b sendmail/src -directory. +The script +.q makesendmail +is the best approach on most systems: +.(b +sh makesendmail +.)b +This will use +.i uname (1) +to select the correct Makefile for your environment. +.pp You may be able to install using .(b -make install +sh makesendmail install .)b This should install the binary in /usr/\*(SD @@ -315,7 +310,7 @@ On 4.4BSD systems it will also format and install man pages. .pp .i Sendmail cannot operate without a configuration file. -The configuration defines the mail systems understood at this site, +The configuration defines the mail delivery mechanisms understood at this site, how to access them, how to forward email to remote mail systems, and a number of tuning parameters. @@ -348,12 +343,6 @@ they will use The configuration files can be customized to work around this, but it is more complex. .pp -I haven't tested these yet on an isolated LAN environment -with a single UUCP connection to the outside world. -If you are in such an environment, -please send comments to -sendmail@CS.Berkeley.EDU. -.pp Our configuration files are processed by .i m4 to facilitate local customization; @@ -435,12 +424,15 @@ referenced using the .sm MAILER .b m4 macro. -Defined mailer types in this distribution are +The mailer types that are known in this distribution are fax, local, smtp, uucp, and usenet. +For example, to include support for the UUCP-based mailers, +use +.q MAILER(uucp) . .ip ostype Definitions describing various operating system environments (such as the location of support files). @@ -549,8 +541,22 @@ and permissions are .sh 3 "/etc/sendmail.cf" .pp This is the configuration file for -.i sendmail . -This is the only non-library file name compiled into +.i sendmail \**. +.(f +\**Actually, the pathname varies depending on the operating system; +/etc is the preferred directory. +Some older systems install it in +.b /usr/lib/sendmail.cf , +and I've also seen it in +.b /usr/ucblib +and +.b /etc/mail . +If you want to move this file, +change +.i src/conf.h . +.)f +This and /etc/sendmail.pid +are the only non-library file names compiled into .i sendmail \**. .(f \**The system libraries can reference other files; @@ -561,12 +567,6 @@ calls probably reference and .i /etc/resolv.conf . .)f -Some older systems install it in -.b /usr/lib/sendmail.cf . -.pp -If you want to move this file, -change -.i src/pathnames.h . .pp The configuration file is normally created using the distribution files described above. @@ -690,8 +690,10 @@ causes it to run the queue every half hour. .pp Some people use a more complex startup script, removing zero length qf files and df files for which there is no qf file. -For example: -.(b +For example, see Figure 1 +for an example of a complex startup script. +.(z +.hl # remove zero length qf files for qffile in qf* do @@ -732,7 +734,11 @@ for xffile in [A-Z]f* do echo \-n " <panic: $xffile>" > /dev/console done -.)b +.sp +.ce +Figure 1 \(em A complex startup script +.hl +.)z .pp If you are not running a version of UNIX that supports Berkeley TCP/IP, @@ -774,18 +780,6 @@ is defined in the option of the .i sendmail.cf file. -.sh 3 "/usr/\*(SB/newaliases" -.pp -If -.i sendmail -is invoked as -.q newaliases, -it will simulate the -.b \-bi -flag -(i.e., will rebuild the alias database; -see below). -This should be a link to /usr/\*(SD/sendmail. .sh 3 "/usr/\*(SB/mailq" .pp If @@ -810,7 +804,11 @@ All messages from .i sendmail are logged under the .sm LOG_MAIL -facility. +facility\**. +.(f +\**Except on Ultrix, +which does not support facilities in the syslog. +.)f .sh 3 "Format" .pp Each line in the system log @@ -820,7 +818,64 @@ the name of the machine that generated it over the local area network), the word .q sendmail: , -and a message. +and a message\**. +.(f +\**This format may vary slightly if your vendor has changed +the syntax. +.)f +Most messages are a sequence of +.i name \c +=\c +.i value +pairs. +.pp +The two most common lines are logged when a message is processed. +The first logs the receipt of a message; +there will be exactly one of these per message. +Some fields may be omitted if they do not contain interesting information. +Fields are: +.ip from +The envelope sender address. +.ip size +The size of the message in bytes. +.ip class +The class (i.e., numeric precedence) of the message. +.ip pri +The initial message priority (used for queue sorting). +.ip nrcpts +The number of envelope recipients for this message +(after aliasing and forwarding). +.ip msgid +The message id of the message (from the header). +.ip proto +The protocol used to receive this message (e.g., ESMTP or UUCP) +.ip relay +The machine from which it was received. +.lp +There is also one line logged per delivery attempt +(so there can be several per message if delivery is deferred +or there are multiple recipients). +Fields are: +.ip to +A comma-separated list of the recipients to this mailer. +.ip ctladdr +The ``controlling user'', that is, the name of the user +whose credentials we use for delivery. +.ip delay +The total delay between the time this message was received +and the time it was delivered. +.ip xdelay +The amount of time needed in this delivery attempt +(normally indicative of the speed of the connection). +.ip mailer +The name of the mailer used to deliver to this recipient. +.ip relay +The name of the host that actually accepted (or rejected) this recipient. +.ip stat +The delivery status. +.lp +Not all fields are present in all messages; +for example, the relay is not listed for local deliveries. .sh 3 "Levels" .pp If you have @@ -844,10 +899,30 @@ Levels from 11\-64 are reserved for verbose information that some sites might want. .pp A complete description of the log levels -is given in section 4.6. +is given in section +.\" XREF +4.6. +.sh 2 "Dumping State" +.pp +You can ask +.i sendmail +to log a dump of the open files +and the connection cache +by sending it a +.sm SIGUSR1 +signal. +The results are logged at +.sm LOG_DEBUG +priority. .sh 2 "The Mail Queue" .pp -The mail queue should be processed transparently. +Sometimes a host cannot handle a message immediately. +For example, it may be down or overloaded, causing it to refuse connections. +The sending host is then expected to save this message in +its mail queue +and attempt to deliver it later. +.pp +Under normal conditions the mail queue will be processed transparently. However, you may find that manual intervention is sometimes necessary. For example, if a major host is down for a period of time @@ -947,6 +1022,56 @@ you can remove the directory: .(b rmdir /var/spool/omqueue .)b +.sh 2 "The Service Switch" +.pp +The implementation of certain system services +such as host and user name lookup +is controlled by the service switch. +If the host operating system supports such a switch +.i sendmail +will use the native version. +Ultrix, Solaris, and DEC OSF/1 are examples of such systems. +.pp +If the underlying operating system does not support a service switch +(e.g., SunOS, HP-UX, BSD) +then +.i sendmail +will provide a stub implementation. +The +.b ServiceSwitchFile +option points to the name of a file that has the service definitions +Each line has the name of a service +and the possible implementations of that service. +For example, the file: +.(b +hosts dns files nis +aliases files nis +.)b +will ask +.i sendmail +to look for hosts in the Domain Name System first. +If the requested host name is not found, +it tries local files, +and if that fails it tries NIS. +Similarly, +when looking for aliases +it will try the local files first +followed by NIS. +.pp +Service switches are not completely integrated. +For example, despite the fact that the host entry listed in the above example +specifies to look in NIS, +on SunOS this won't happen because the system implementation of +.i gethostbyname \|(3) +doesn't understand this. +If there is enough demand +.i sendmail +may reimplement +.i gethostbyname \|(3), +.i gethostbyaddr \|(3), +.i getpwent \|(3), +and the other system routines that would be necessary +to make this work seamlessly. .sh 2 "The Alias Database" .pp The alias database exists in two forms. @@ -962,7 +1087,14 @@ e.g., .(b eric@prep.ai.MIT.EDU: eric@CS.Berkeley.EDU .)b -will not have the desired effect. +will not have the desired effect +(except on prep.ai.MIT.EDU, +and they probably don't want me)\**. +.(f +\**Actually, any mailer that has the `A' mailer flag set +will permit aliasing; +this is normally limited to the local mailer. +.)f Aliases may be continued by starting any continuation lines with a space or a tab. Blank lines and lines beginning with a sharp sign @@ -971,9 +1103,14 @@ Blank lines and lines beginning with a sharp sign are comments. .pp The second form is processed by the -.i dbm \|(3) -(or -.i db \|(3)) +.i ndbm \|(3)\** +.(f +\**The +.i gdbm +package probably works as well. +.)f +or +.i db \|(3) library. This form is in the files .i /etc/aliases.dir @@ -984,6 +1121,30 @@ This is the form that actually uses to resolve aliases. This technique is used to improve performance. .pp +The control of search order is actually set by the service switch. +Essentially, the entry +.(b +OAswitch:aliases +.)b +is always added as the first alias entry; +also, the first alias file name without a class +(e.g., without +.q nis: +on the front) +will be used as the name of the file for a ``files'' entry +in the aliases switch. +For example, if the configuration file contains +.(b +OA/etc/aliases +.)b +and the service switch contains +.(b +aliases nis files nisplus +.)b +then aliases will first be searched in the NIS database, +then in /etc/aliases, +then in the NIS+ database. +.pp You can also use .sm NIS -based alias files. @@ -1013,7 +1174,7 @@ exactly like a .b K line \(em for example: .(b -OAnis:-N mail.aliases@my.nis.domain +OAnis:\-N mail.aliases@my.nis.domain .)b will search the appropriate NIS map and always include null bytes in the key. .sh 3 "Rebuilding the alias database" @@ -1033,7 +1194,9 @@ flag: .)b .pp If the -.q D +.b RebuildAliases +(old +.b D ) option is specified in the configuration, .i sendmail will rebuild the alias database automatically @@ -1042,7 +1205,12 @@ when it is out of date. Auto-rebuild can be dangerous on heavily loaded machines with large alias files; -if it might take more than five minutes +if it might take more than the rebuild timeout +(option +.b AliasWait , +old +.b a , +which is normally five minutes) to rebuild the database, there is a chance that several processes will start the rebuild process simultaneously. @@ -1051,7 +1219,7 @@ If you have multiple aliases databases specified, the .b \-bi flag rebuilds all the database types it understands -(for example, it can rebuild dbm databases but not nis databases). +(for example, it can rebuild NDBM databases but not NIS databases). .sh 3 "Potential problems" .pp There are a number of problems that can occur @@ -1067,11 +1235,14 @@ or the process rebuilding the database dies (due to being killed or a system crash) before completing the rebuild. .pp -Sendmail has two techniques to try to relieve these problems. +Sendmail has three techniques to try to relieve these problems. First, it ignores interrupts while rebuilding the database; this avoids the problem of someone aborting the process leaving a partially rebuilt database. Second, +it locks the database source file during the rebuild \(em +but that may not work over NFS or if the file is unwritable. +Third, at the end of the rebuild it adds an alias of the form .(b @@ -1084,7 +1255,7 @@ will access the database, it checks to insure that this entry exists\**. .(f \**The -.q a +.b AliasWait option is required in the configuration for this action to occur. This should normally be specified. @@ -1108,7 +1279,8 @@ For example: .(b unix-wizards: eric@ucbarpa, wnj@monet, nosuchuser, sam@matisse -owner-unix-wizards: eric@ucbarpa +owner-unix-wizards: unix-wizards-request +unix-wizards-request: eric@ucbarpa .)b would cause .q eric@ucbarpa @@ -1123,12 +1295,14 @@ List owners also cause the envelope sender address to be modified. The contents of the owner alias are used if they point to a single user, otherwise the name of the alias itself is used. For this reason, and to obey Internet conventions, -a typical scheme would be: -.(b -list: some, set, of, addresses -list-request: list-admin-1, list-admin-2, ... -owner-list: list-request -.)b +the +.q owner- +address normally points at the +.q -request +address; this causes messages to go out with the typical Internet convention +of using ``\c +.i list -request'' +as the return address. .sh 2 "User Information Database" .pp If you have a version of @@ -1142,12 +1316,6 @@ the databases will be searched for a .i user :maildrop entry. If found, the mail will be sent to the specified address. -.pp -If the first token passed to user part of the -.q local -mailer is an at sign, -the at sign will be stripped off -and this step will be skipped. .sh 2 "Per-User Forwarding (.forward Files)" .pp As an alternative to the alias database, @@ -1185,30 +1353,6 @@ Others have interpretations built into .i sendmail that cannot be changed without changing the code. These builtins are described here. -.sh 3 "Return-Receipt-To:" -.pp -If this header is sent, -a message will be sent to any specified addresses -when the final delivery is complete, -that is, -when successfully delivered to a mailer with the -.b l -flag (local delivery) set in the mailer descriptor\**. -.(f -\**Some sites disable this header, -and other (non-\c -.i sendmail ) -systems do not implement it. -Do not assume that a failure to get a return receipt -means that the mail did not arrive. -Also, do not assume that getting a return receipt -means that the mail has been read; -it just means that the message has been delivered -to the recipient's mailbox. -.)f -This header can be disabled with the -.q noreceipts -privacy flag. .sh 3 "Errors-To:" .pp If errors occur anywhere during processing, @@ -1222,21 +1366,35 @@ this was a hack to provide what should now be passed as the envelope sender address. It should go away. It is only used if the -.b l +.b UseErrorsTo option is set. +.pp +The Errors-To: header is official deprecated +and will go away in a future release. .sh 3 "Apparently-To:" .pp +RFC 822 requires at least one recipient field +(To:, Cc:, or Bcc: line) +in every message. If a message comes in with no recipients listed in the message -(in a To:, Cc:, or Bcc: line) then .i sendmail -will add an +will adjust the header based on the +.q NoRecipientAction +option. +One of the possible actions is to add an .q "Apparently-To:" header line for any recipients it is aware of. This is not put in as a standard recipient line to warn any recipients that the list is not complete. .pp -At least one recipient line is required under RFC 822. +The Apparently-To: header is non-standard +and is deprecated. +.sh 3 "Precedence" +.pp +The Precedence: header can be used as a crude control of message priority. +It tweaks the sort order in the queue +and can be configured to change the message timeout values. .sh 2 "IDENT Protocol Support" .pp .i Sendmail @@ -1281,6 +1439,15 @@ the CallerID service apply to Identification. If you wouldn't run a "finger" server due to privacy considerations you may not want to run this protocol. .ba +.lp +In some cases your system may not work properly with IDENT support +due to a bug in the TCP/IP implementation. +The symptoms will be that for some hosts +the SMTP connection will be closed +almost immediately. +If this is true or if you do not want to use IDENT, +you should set the IDENT timeout to zero; +this will disable the IDENT protocol. .sh 1 "ARGUMENTS" .pp The complete list of arguments to @@ -1294,10 +1461,10 @@ to run through the queue is defined by the .b \-q flag. -If you run in mode -.b f +If you run with delivery mode set to +.b i or -.b a +.b b this can be relatively large, since it will only be relevant when a host that was down comes back up. @@ -1307,6 +1474,7 @@ mode it should be relatively short, since it defines the maximum amount of time that a message may sit in the queue. +(See also the MinQueueAge option.) .pp RFC 1123 section 5.3.1.1 says that this value should be at least 30 minutes (although that probably doesn't make sense if you use ``queue-only'' mode). @@ -1327,6 +1495,23 @@ flag may be combined in one call: .(b /usr/\*(SD/sendmail \-bd \-q30m .)b +.pp +An alternative approach is to invoke sendmail from +.i inetd (8) +(use the +.b \-bs +flag to ask sendmail to speak SMTP on its standard input and output). +This works and allows you to wrap +.i sendmail +in a TCP wrapper program, +but may be a bit slower since the configuration file +has to be re-read on every message that comes in. +If you do this, you still need to have a +.i sendmail +running to flush the queue: +.(b +/usr/\*(SD/sendmail \-q30m +.)b .sh 2 "Forcing the Queue" .pp In some cases you may find that the queue has gotten clogged for some reason. @@ -1354,7 +1539,7 @@ Similarly, .q \-qSstring limits the run to particular senders and .q \-qIstring -limits it to particular identifiers. +limits it to particular queue identifiers. .sh 2 "Debugging" .pp There are a fairly large number of debug flags @@ -1374,7 +1559,7 @@ the syntax is: .(b .ta \w'debug-option 'u debug-flag: \fB\-d\fP debug-list -debug-list: debug-option [ , debug-option ] +debug-list: debug-option [ , debug-option ]* debug-option: debug-range [ . debug-level ] debug-range: integer | integer \- integer debug-level: integer @@ -1384,12 +1569,41 @@ For example, .(b \-d12 Set flag 12 to level 1 \-d12.3 Set flag 12 to level 3 -\-d3-17 Set flags 3 through 17 to level 1 -\-d3-17.4 Set flags 3 through 17 to level 4 +\-d3\-17 Set flags 3 through 17 to level 1 +\-d3\-17.4 Set flags 3 through 17 to level 4 .)b For a complete list of the available debug flags you will have to look at the code (they are too dynamic to keep this documentation up to date). +.sh 2 "Changing the Values of Options" +.pp +Options can be overridden using the +.b \-o +or +.b \-O +command line flags. +For example, +.(b +/usr/\*(SD/sendmail \-oT2m +.)b +sets the +.b T +(timeout) option to two minutes +for this run only; +the equivalent line using the long option name is +.(b +/usr/\*(SD/sendmail -OQueueTimeout=2m +.)b +.pp +Some options have security implications. +Sendmail allows you to set these, +but relinquishes its setuid root permissions thereafter\**. +.(f +\**That is, it sets its effective uid to the real uid; +thus, if you are executing as root, +as from root's crontab file or during system startup +the root permissions will still be honored. +.)f .sh 2 "Trying a Different Configuration File" .pp An alternative configuration file @@ -1397,7 +1611,7 @@ can be specified using the .b \-C flag; for example, .(b -/usr/\*(SD/sendmail \-Ctest.cf +/usr/\*(SD/sendmail \-Ctest.cf \-oQ/tmp/mqueue .)b uses the configuration file .i test.cf @@ -1409,23 +1623,12 @@ flag has no value it defaults to .i sendmail.cf in the current directory. -.sh 2 "Changing the Values of Options" .pp -Options can be overridden using the -.b \-o -flag. -For example, -.(b -/usr/\*(SD/sendmail \-oT2m -.)b -sets the -.b T -(timeout) option to two minutes -for this run only. -.pp -Some options have security implications. -Sendmail allows you to set these, -but refuses to run as root thereafter. +.i Sendmail +gives up its setuid root permissions +when you use this flag, so it is common to use a publicly writable directory +(such as /tmp) +as the spool directory (QueueDirectory or Q option) while testing. .sh 2 "Logging Traffic" .pp Many SMTP implementations do not fully implement the protocol. @@ -1437,12 +1640,14 @@ If you suspect such a problem, you can set traffic logging using the flag. For example, .(b -/usr/\*(SD/sendmail \-X /tmp/traffic -bd +/usr/\*(SD/sendmail \-X /tmp/traffic \-bd .)b will log all traffic in the file .i /tmp/traffic . .pp -This logs a lot of data very quickly and should never be used +This logs a lot of data very quickly and should +.b NEVER +be used during normal operations. After starting up such a daemon, force the errant implementation to send a message to your host. @@ -1450,18 +1655,99 @@ All message traffic in and out of .i sendmail , including the incoming SMTP traffic, will be logged in this file. -.sh 2 "Dumping State" +.sh 2 "Testing Configuration Files" .pp -You can ask +When you build a configuration table, +you can do a certain amount of testing +using the +.q "test mode" +of +.i sendmail . +For example, +you could invoke .i sendmail -to log a dump of the open files -and the connection cache -by sending it a -.sm SIGUSR1 -signal. -The results are logged at -.sm LOG_DEBUG -priority. +as: +.(b +sendmail \-bt \-Ctest.cf +.)b +which would read the configuration file +.q test.cf +and enter test mode. +In this mode, +you enter lines of the form: +.(b +rwset address +.)b +where +.i rwset +is the rewriting set you want to use +and +.i address +is an address to apply the set to. +Test mode shows you the steps it takes +as it proceeds, +finally showing you the address it ends up with. +You may use a comma separated list of rwsets +for sequential application of rules to an input. +For example: +.(b +3,1,21,4 monet:bollard +.)b +first applies ruleset three to the input +.q monet:bollard. +Ruleset one is then applied to the output of ruleset three, +followed similarly by rulesets twenty-one and four. +.pp +If you need more detail, +you can also use the +.q \-d21 +flag to turn on more debugging. +For example, +.(b +sendmail \-bt \-d21.99 +.)b +turns on an incredible amount of information; +a single word address +is probably going to print out several pages worth of information. +.pp +You should be warned that internally, +.i sendmail +applies ruleset 3 to all addresses. +In test mode +you will have to do that manually. +For example, older versions allowed you to use +.(b +0 bruce@broadcast.sony.com +.)b +This version requires that you use: +.(b +3,0 bruce@broadcast.sony.com +.)b +.pp +As of version 8.7, +some other syntaxes are available in test mode: +.bu +\&.D\|x\|value +defines macro +.i x +to have the indicated +.i value . +This is useful when debugging rules that use the +.b $& \c +.i x +syntax. +.bu +\&.C\|c\|value +adds the indicated +.i value +to class +.i c . +.bu +\&.S\|ruleset +dumps the contents of the indicated ruleset. +.bu +\-d\|debug-spec +is equivalent to the command-line flag. .sh 1 "TUNING" .pp There are a number of configuration parameters @@ -1471,9 +1757,9 @@ Most of these are set using an option in the configuration file. For example, the line -.q OT5d +.q "O Timeout.queuereturn=5d" sets option -.q T +.q Timeout.queuereturn to the value .q 5d (five days). @@ -1487,6 +1773,22 @@ sites experiencing a large number of small messages, many of which are delivered to many recipients, may find that they need to adjust the parameters dealing with queue priorities. +.pp +All versions of +.i sendmail +prior to 8.7 +had single character option names. +As of 8.7, +options have long (multi-character names). +Although old short names are still accepted, +most new options do not have short equivalents. +.pp +This section only describes the options you are most likely +to want to tweak; +read section +.\"XREF +5 +for more details. .sh 2 "Timeouts" .pp All time intervals are set @@ -1516,17 +1818,24 @@ and one hour. RFC 1123 section 5.3.1.1 recommends that this be at least 30 minutes. .sh 3 "Read timeouts" .pp -It is possible to time out when reading the standard input -or when reading from a remote SMTP server. -These timeouts are set using the -.b r -option in the configuration file. -The argument is a list of -.i keyword=value -pairs. -The recognized keywords, their default values, and the minimum values +Timeouts all have option names +.q Timeout.\fIsuboption\fP . +The recognized +.i suboption s, +their default values, and the minimum values allowed by RFC 1123 section 5.3.2 are: .nr ii 1i +.ip connect +The time to wait for an SMTP connection to open +(the +.i connect (2) +system call) +[0, unspecified]. +If zero, uses the kernel default. +In no case can this option extend the timeout +longer than the kernel provides, but it can shorten it. +This is to get around kernels that provide an absurdly long connection timeout +(90 minutes in one case). .ip initial The wait for the initial 220 greeting message [5m, 5m]. @@ -1543,7 +1852,8 @@ The wait for a reply from a RCPT command [1h, 5m]. This should be long because it could be pointing at a list -that takes a long time to expand. +that takes a long time to expand +(see below). .ip datainit\(dg The wait for a reply from a DATA command [5m, 2m]. @@ -1578,10 +1888,15 @@ the time to wait for another command. [1h, 5m]. .ip ident The timeout waiting for a reply to an IDENT query -[30s, unspecified]. +[30s\**, unspecified]. +.(f +\**On some systems the default is zero to turn the protocol off entirely. +.)f .lp For compatibility with old configuration files, -if no ``keyword='' is specified, +if no +.i suboption +is specified, all the timeouts marked with \(dg are set to the indicated value. .pp Many of the RFC 1123 minimum values @@ -1589,15 +1904,15 @@ may well be too short. .i Sendmail was designed to the RFC 822 protocols, which did not specify read timeouts; -hence, +hence, versions of .i sendmail -does not guarantee to reply to messages promptly. +prior to version 8.1 did not guarantee to reply to messages promptly. In particular, a .q RCPT command specifying a mailing list will expand and verify the entire list; a large list on a slow system -may take more than five minutes\**. +may easily take more than five minutes\**. .(f \**This verification includes looking up every address with the name server; @@ -1605,13 +1920,15 @@ this involves network delays, and can in some cases can be considerable. .)f I recommend a one hour timeout \*- -since this failure is rare, +since a communications failure during the RCPT phase is rare, a long timeout is not onerous -and may ultimately help reduce network load. +and may ultimately help reduce network load +and duplicated messages. .pp -For example, the line: +For example, the lines: .(b -Orcommand=25m,datablock=3h +O Timeout.command=25m +O Timeout.datablock=3h .)b sets the server SMTP command timeout to 25 minutes and the input data block timeout to three hours. @@ -1621,28 +1938,25 @@ After sitting in the queue for a few days, a message will time out. This is to insure that at least the sender is aware of the inability to send a message. -The timeout is typically set to three days. -This timeout is set using the +The timeout is typically set to five days. +It is sometimes considered convenient to also send a warning message +if the message is in the queue longer than a few hours +(assuming you normally have good connectivity; +if your messages normally took several hours to send +you wouldn't want to do this because it wouldn't be an unusual event). +These timeouts are set using the +.b Timeout.queuereturn +and +.b Timeout.queuewarn +options in the configuration file +(previously both were set using the .b T -option in the configuration file. -.pp -The time of submission is set in the queue, -rather than the amount of time left until timeout. -As a result, you can flush messages that have been hanging -for a short period -by running the queue -with a short message timeout. -For example, -.(b -/usr/\*(SD/sendmail \-oT1d \-q -.)b -will run the queue -and flush anything that is one day old. +option). .pp -Since this option is global, -and since you can not +Since these options are global, +and since you can not know .i "a priori" -know how long another host outside your domain will be down, +how long another host outside your domain will be down, a five day timeout is recommended. This allows a recipient to fix the problem even if it occurs at the beginning of a long weekend. @@ -1650,13 +1964,15 @@ RFC 1123 section 5.3.1.1 says that this parameter should be ``at least 4\-5 days''. .pp The +.b Timeout.queuewarn +value can be piggybacked on the .b T -option can also take a second timeout indicating a time after which +option by indicating a time after which a warning message should be sent; the two timeouts are separated by a slash. -For example, the value +For example, the line .(b -5d/4h +OT5d/4h .)b causes email to fail after five days, but a warning message will be sent after four hours. @@ -1665,7 +1981,9 @@ several times. .sh 2 "Forking During Queue Runs" .pp By setting the -.b Y +.b ForkEachJob +(\c +.b Y ) option, .i sendmail will fork before each individual message @@ -1675,14 +1993,14 @@ This will prevent from consuming large amounts of memory, so it may be useful in memory-poor environments. However, if the -.b Y +.b ForkEachJob option is not set, .i sendmail will keep track of hosts that are down during a queue run, which can improve performance dramatically. .pp If the -.b Y +.b ForkEachJob option is set, .i sendmail can not use connection caching. @@ -1690,7 +2008,9 @@ can not use connection caching. .pp Every message is assigned a priority when it is first instantiated, consisting of the message size (in bytes) -offset by the message class times the +offset by the message class +(which is determined from the Precedence: header) +times the .q "work class factor" and the number of recipients times the .q "work recipient factor." @@ -1714,16 +2034,20 @@ this is also included into the priority. .pp The recipient and class factors can be set in the configuration file using the -.b y +.b RecipientFactor +(\c +.b y ) and -.b z +.b ClassFactor +(\c +.b z ) options respectively. They default to 30000 (for the recipient factor) and 1800 (for the class factor). The initial priority is: .EQ -pri = msgsize - (class times bold z) + (nrcpt times bold y) +pri = msgsize - (class times bold ClassFactor) + (nrcpt times bold RecipientFactor) .EN (Remember, higher values for this parameter actually mean that the job will be treated with lower priority.) @@ -1733,14 +2057,16 @@ The priority of a job can also be adjusted each time it is processed using the .q "work time factor," set by the -.b Z +.b RetryFactor +(\c +.b Z ) option. This is added to the priority, so it normally decreases the precedence of the job, on the grounds that jobs that have failed many times will tend to fail again in the future. The -.b Z +.b RetryFactor option defaults to 90000. .sh 2 "Load Limiting" .pp @@ -1748,30 +2074,31 @@ option defaults to 90000. can be asked to queue (but not deliver) mail if the system load average gets too high using the -.b x +.b QueueLA +(\c +.b x ) option. When the load average exceeds the value of the -.b x +.b QueueLA option, the delivery mode is set to .b q (queue only) if the -.i "Queue Factor" +.b QueueFactor (\c -.b q -option) -divided by the difference in the current load average and the -.b x +.b q ) +option divided by the difference in the current load average and the +.b QueueLA option plus one exceeds the priority of the message \(em that is, the message is queued iff: .EQ -pri > { bold q } over { LA - { bold x } + 1 } +pri > { bold QueueFactor } over { LA - { bold QueueLA } + 1 } .EN The -.b q +.b QueueFactor option defaults to 600000, so each point of load average is worth 600000 priority points @@ -1779,7 +2106,9 @@ priority points .pp For drastic cases, the -.b X +.b RefuseLA +(\c +.b X ) option defines a load average at which .i sendmail will refuse @@ -1793,7 +2122,9 @@ There are a number of delivery modes that .i sendmail can operate in, set by the -.q d +.b DeliveryMode +(\c +.b d ) configuration option. These modes specify how quickly mail will be delivered. @@ -1803,25 +2134,42 @@ Legal modes are: i deliver interactively (synchronously) b deliver in background (asynchronously) q queue only (don't deliver) +d defer delvery attempts (don't deliver) .)b There are tradeoffs. Mode .q i -passes the maximum amount of information to the sender, -but is hardly ever necessary. +gives the sender the quickest feedback, +but may slow down some mailers and +is hardly ever necessary. +Mode +.q b +delivers promptly but +can cause large numbers of processes +if you have a mailer that takes a long time to deliver a message. Mode .q q -puts the minimum load on your machine, +minimizes the load on your machine, but means that delivery may be delayed for up to the queue interval. Mode +.q d +is identical to mode +.q q +except that it also prevents all the early map lookups from working; +it is intended for ``dial on demand'' sites where DNS lookups +might cost real money. +Some simple error messages +(e.g., host unknown during the SMTP protocol) +will be delayed using this mode. +Mode .q b -is probably a good compromise. -However, this mode can cause large numbers of processes -if you have a mailer that takes a long time to deliver a message. +is the usual default. .pp If you run in mode .q q -(queue only) +(queue only), +.q d +(defer), or .q b (deliver in background) @@ -1829,6 +2177,9 @@ or will not expand aliases and follow .forward files upon initial receipt of the mail. This speeds up the response to RCPT commands. +Mode +.q i +cannot be used by the SMTP server. .sh 2 "Log Level" .pp The level of logging can be set for @@ -1854,14 +2205,12 @@ VRFY and EXPN commands. .ip 7 Delivery failures (host or user unknown, etc.). .ip 8 -Successful deliveries. +Successful deliveries and alias database rebuilds. .ip 9 Messages being deferred (due to a host being down, etc.). .ip 10 Database expansion (alias, forward, and userdb lookups). -.ip 15 -Automatic alias database rebuilds. .ip 20 Logs attempts to run locked queue files. These are not errors, @@ -1870,13 +2219,11 @@ but can be useful to note if your queue appears to be clogged. Lost locks (only if using lockf instead of flock). .lp Additionally, -values above 64 are reserved for extremely verbose debuggging output. +values above 64 are reserved for extremely verbose debugging output. No normal site would ever set these. .sh 2 "File Modes" .pp -There are a number of files -that may have a number of modes. -The modes depend on what functionality you want +The modes used for files depend on what functionality you want and the level of security you require. .sh 3 "To suid or not to suid?" .pp @@ -1907,6 +2254,26 @@ to be accounted .i sa \|(8)) to root rather than to the user sending the mail. +.pp +If you don't make +.i sendmail +setuid to root, it will still run but you lose a lot of functionality +and a lot of privacy, since you'll have to make the queue directory +world readable. +You could also make +.i sendmail +setuid to some pseudo-user +(e.g., create a user called +.q sendmail +and make +.i sendmail +setuid to that) +which will fix the privacy problems +but not the functionality issues. +Also, this isn't a guarantee of security: +for example, +root occasionally sends mail, +and the daemon often runs as root. .sh 3 "Should my alias database be writable?" .pp At Berkeley @@ -1954,7 +2321,7 @@ can arrange to steal mail anyway. If your DBM files are not writable by the world or you do not have auto-rebuild enabled (with the -.q D +.b AutoRebuildAliases option), then you must be careful to reconstruct the alias database each time you change the text version: @@ -1982,7 +2349,9 @@ instead, the connection is closed and reopened. .pp Two parameters control the connection cache. The -.b k +.b ConnectionCacheSize +(\c +.b k ) option defines the number of simultaneous open connections that will be permitted. If it is set to zero, @@ -1992,9 +2361,12 @@ This should be set as appropriate for your system size; it will limit the amount of system resources that .i sendmail will use during queue runs. +Never set this higher than 4. .pp The -.b K +.b ConnectionCacheTimeout +(\c +.b K ) option specifies the maximum time that any cached connection will be permitted to idle. When the idle time exceeds this value @@ -2006,39 +2378,65 @@ from other hosts. The default is five minutes. .sh 2 "Name Server Access" .pp -If your system supports the name server, -then the probability is that +Control of host address lookups is set by the +.b hosts +service entry in your service switch file. +If you are on a system that has built-in service switch support +(e.g., Ultrix, Solaris, or DEC OSF/1) +then your system is probably configured properly already. +Otherwise, .i sendmail -will be using it regardless of how you configure -.i sendmail . +will consult the file +.b /etc/service.switch , +which should be created. +.i Sendmail +only uses two entries: +.b hosts +and +.b aliases . +.pp +However, some systems (such as SunOS) +will do DNS lookups +regardless of the setting of the service switch entry. In particular, the system routine .i gethostbyname (3) is used to look up host names, -and most vendor versions try some combination of DNS, NIS, -and file lookup in /etc/hosts. -.pp -However, if you do not have a nameserver configured at all, +and many vendor versions try some combination of DNS, NIS, +and file lookup in /etc/hosts +without consulting a service switch. +.i Sendmail +makes no attempt to work around this problem, +and the DNS lookup will be done anyway. +If you do not have a nameserver configured at all, such as at a UUCP-only site, .i sendmail will get a .q "connection refused" -message when it tries to connect to the name server -(either indirectly by calling -.i gethostbyname -or directly by looking up MX records). +message when it tries to connect to the name server. If the -.b I -option is set, +.b hosts +switch entry has the service +.q dns +listed somewhere in the list, .i sendmail will interpret this to mean a temporary failure and will queue the mail for later processing; otherwise, it ignores the name server data. -If your name server is running properly, -the setting of this option is not relevant; -however, it is important that it be set properly -to make error handling work properly. .pp -This option also allows you to tweak name server options. +The same technique is used to decide whether to do MX lookups. +If you want MX support, you +.i must +have +.q dns +listed as a service in the +.b hosts +switch entry. +.pp +The +.b ResolverOptions +(\c +.b I ) +option allows you to tweak name server options. The command line takes a series of flags as documented in .i resolver (3) (with the leading @@ -2047,16 +2445,17 @@ deleted). Each can be preceded by an optional `+' or `\(mi'. For example, the line .(b -OITrue +AAONLY \(miDNSRCH +O ResolverOptions=+AAONLY \(miDNSRCH .)b turns on the AAONLY (accept authoritative answers only) and turns off the DNSRCH (search the domain path) options. Most resolver libraries default DNSRCH, DEFNAMES, and RECURSE flags on and all others off. -Note the use of the initial ``True'' \*- -this is for compatibility with previous versions of -.i sendmail , -but is not otherwise necessary. +You can also include +.q HasWildcardMX +to specify that there is a wildcard MX record matching your domain; +this turns off MX matching when canonifying names, +which can lead to inappropriate canonifications. .pp Version level 1 configurations turn DNSRCH and DEFNAMES off when doing delivery lookups, @@ -2070,7 +2469,7 @@ If you don't want to do automatic name extension, don't call $[ ... $]. .pp The search rules for $[ ... $] are somewhat different than usual. -If the name (that is, the ``...'') +If the name being looked up has at least one dot, it always tries the unmodified name first. If that fails, it tries the reduced search path, and lastly tries the unmodified name @@ -2085,6 +2484,14 @@ that is, if it finds an MX record it makes note of it, but keeps looking. This way, if you have a wildcard MX record matching your domain, it will not assume that all names match. +.pp +To completely turn off all name server access +on systems without service switch support +(such as SunOS) +you will have to recompile with +\-DNAMED_BIND=0 +and remove \-lresolv from the list of libraries to be searched +when linking. .sh 2 "Moving the Per-User Forward Files" .pp Some sites mount each user's home directory @@ -2097,17 +2504,20 @@ because of a file server being down. The performance can be especially bad if you run the automounter. .pp The -.b J +.b ForwardPath +(\c +.b J ) option allows you to set a path of forward files. For example, the config file line .(b -OJ/var/forward/$u:$z/.forward +O ForwardPath=/var/forward/$u:$z/.forward.$w .)b would first look for a file with the same name as the user's login in /var/forward; if that is not found (or is inaccessible) the file -.q \&.forward +``.forward.\c +.i machinename '' in the user's home directory is searched. A truly perverse site could also search by sender by using $r, $s, or $f. @@ -2118,12 +2528,18 @@ it should be mode 1777 Users should create the files mode 644. .sh 2 "Free Space" .pp -On systems that have the +On systems that have one of the system calls in the .i statfs (2) -system call, +family +(including +.i statvfs +and +.i ustat ), you can specify a minimum number of free blocks on the queue filesystem using the -.b b +.b MinFreeBlocks +(\c +.b b ) option. If there are fewer than the indicated number of blocks free on the filesystem on which the queue is mounted @@ -2135,43 +2551,42 @@ This invites the SMTP client to try again later. Beware of setting this option too high; it can cause rejection of email when that mail would be processed without difficulty. +.sh 2 "Maximum Message Size" .pp -This option can also specify an advertised -.q "maximum message size" -for hosts that speak ESMTP. +To avoid overflowing your system with a large message, +the +.b MaxMessageSize +option can be set to set an absolute limit +on the size of any one message. +This will be advertised in the ESMTP dialogue +and checked during message collection. .sh 2 "Privacy Flags" .pp The -.b p +.b PrivacyOptions +(\c +.b p ) option allows you to set certain ``privacy'' flags. Actually, many of them don't give you any extra privacy, rather just insisting that client SMTP servers use the HELO command -before using certain commands. +before using certain commands +or adding extra headers to indicate possible spoof attempts. .pp The option takes a series of flag names; the final privacy is the inclusive or of those flags. For example: .(b -Op needmailhelo, noexpn +O PrivacyOptions=needmailhelo, noexpn .)b insists that the HELO or EHLO command be used before a MAIL command is accepted and disables the EXPN command. .pp -The -.q restrictmailq -option restricts printing the queue to the group that owns the queue directory. -It is absurd to set this if you don't also protect the logs. -.pp -The -.q restrictqrun -option restricts people running the queue -(that is, using the -.b \-q -command line flag) -to root and the owner of the queue directory. +The flags are detailed in section +.\"XREF +5.1.6. .sh 2 "Send to Me Too" .pp Normally, @@ -2186,9 +2601,11 @@ If the .b \-m (me too) command line flag, or if the -.b m +.b MeToo +(\c +.b m ) option is set in the configuration file, -this behaviour is supressed. +this behaviour is suppressed. Some sites like to run the .sm SMTP daemon with @@ -2196,9 +2613,7 @@ daemon with .sh 1 "THE WHOLE SCOOP ON THE CONFIGURATION FILE" .pp This section describes the configuration file -in detail, -including hints on how to write one of your own -if you have to. +in detail. .pp There is one point that should be made clear immediately: the syntax of the configuration file @@ -2212,11 +2627,6 @@ On the list is a configuration-file compiler. .pp -An overview of the configuration file -is given first, -followed by details of the semantics. -.sh 2 "Configuration File Lines" -.pp The configuration file is organized as a series of lines, each of which begins with a single character defining the semantics for the rest of the line. @@ -2226,7 +2636,7 @@ are continuation lines Blank lines and lines beginning with a sharp symbol (`#') are comments. -.sh 3 "R and S \*- rewriting rules" +.sh 2 "R and S \*- Rewriting Rules" .pp The core of address parsing are the rewriting rules. @@ -2291,7 +2701,7 @@ This for is intended only for referencing internally defined macros such as .b $h that are changed at runtime. -.sh 4 "The left hand side" +.sh 3 "The left hand side" .pp The left hand side of rewriting rules contains a pattern. Normal words are simply matched directly. @@ -2336,10 +2746,10 @@ This is .i not bound to a .b $ \c -.i N +.i n on the RHS, and is normally only used when it stands alone in order to match the null input. -.sh 4 "The right hand side" +.sh 3 "The right hand side" .pp When the left hand side of a rewriting rule matches, the input is deleted and replaced by the right hand side. @@ -2375,9 +2785,8 @@ A host name enclosed between .b $[ and .b $] -is looked up using the -.i gethostent \|(3) -routines and replaced by the canonical name\**. +is looked up in the host database(s) +and replaced by the canonical name\**. .(f \**This is actually completely equivalent @@ -2387,9 +2796,9 @@ In particular, a default can be used. .)f For example, -.q $[csam$] +.q $[ftp$] might become -.q lbl-csam.arpa +.q ftp.CS.Berkeley.EDU and .q $[[128.32.130.2]$] would become @@ -2410,6 +2819,9 @@ If no lookup is found, the indicated is inserted; if no default is specified and no lookup matches, the value is left unchanged. +The +.i arguments +are passed to the map for possible use. .pp The .b $> \c @@ -2422,6 +2834,13 @@ The final value of ruleset .i n then becomes the substitution for this rule. +The +.b $> +syntax can only be used at the beginning of the right hand side; +it can be only be preceded by +.b $@ +or +.b $: . .pp The .b $# @@ -2446,10 +2865,11 @@ the host part may be omitted\**. \**You may want to use it for special .q "per user" extensions. -For example, at CMU you can send email to -.q jgm+foo ; -the part after the plus sign -is not part of the user name, +For example, in the address +.q jgm+foo@CMU.EDU ; +the +.q +foo +part is not part of the user name, and is passed to the local mailer for local use. .)f The @@ -2537,11 +2957,11 @@ and finally and .b $: are processed. -.sh 4 "Semantics of rewriting rule sets" +.sh 3 "Semantics of rewriting rule sets" .pp There are five rewriting sets that have specific semantics. -These are related as depicted by figure 2. +Four of these are related as depicted by figure 1. .(z .hl .ie n \{\ @@ -2592,7 +3012,7 @@ Box0: arrow; box "0" .\} .el .sp 2i .ce -Figure 2 \*- Rewriting set semantics +Figure 1 \*- Rewriting set semantics .(c D \*- sender domain addition S \*- mailer-specific sender rewriting @@ -2608,13 +3028,21 @@ This form should have the basic syntax: .(b local-part@host-domain-spec .)b +Ruleset three +is applied by +.i sendmail +before doing anything with any address. +.pp If no .q @ sign is specified, then the host-domain-spec .i may -be appended from the +be appended (box +.q D +in Figure 1) +from the sender address (if the .b C @@ -2622,10 +3050,6 @@ flag is set in the mailer definition corresponding to the .i sending mailer). -Ruleset three -is applied by -.i sendmail -before doing anything with any address. .pp Ruleset zero is applied after ruleset three @@ -2654,7 +3078,7 @@ Ruleset four is applied to all addresses in the message. It is typically used to translate internal to external form. -.sh 4 "IPC mailers" +.sh 3 "IPC mailers" .pp Some special processing occurs if the ruleset zero resolves to an IPC mailer @@ -2694,21 +3118,28 @@ in square brackets: .)b This form avoids the MX mapping. .b N.B.: -This is intended only for situations where you have a network firewall, +.i +This is intended only for situations where you have a network firewall +or other host that will do special processing for all your mail, so that your MX record points to a gateway machine; this machine could then do direct delivery to machines within your local domain. Use of this feature directly violates RFC 1123 section 5.3.5: it should not be used lightly. -.sh 3 "D \*- define macro" +.r +.sh 2 "D \*- Define Macro" .pp -Macros are named with a single character. -These may be selected from the entire ASCII set, +Macros are named with a single character +or with a word in {braces}. +Single character names may be selected from the entire ASCII set, but user-defined macros should be selected from the set of upper case letters only. Lower case letters and special symbols are used internally. +Long names beginning with a lower case letter or a punctuation character +are reserved for use by sendmail, +so user-defined long macro names should begin with an upper case letter. .pp The syntax for macro definitions is: .(b F @@ -2718,9 +3149,13 @@ The syntax for macro definitions is: where .i x is the name of the macro +(which may be a single character +or a word in braces) and .i val is the value it should have. +There should be no spaces given +that do not actually belong in the macro value. .pp Macros are interpolated using the construct @@ -2787,15 +3222,21 @@ but are not otherwise used internally. These macros are: .nr ii 5n .ip $a -.b "The origination date in RFC 822 format." +The origination date in RFC 822 format. +This is extracted from the Date: line. .ip $b -.b "The current date in RFC 822 format." +The current date in RFC 822 format. .ip $c -.b "The hop count." +The hop count. +This is a count of the number of Received: lines +plus the value of the +.b \-h +command line flag. .ip $d -.b "The current date in UNIX (ctime) format." +The current date in UNIX (ctime) format. .ip $e\(dg -.b "The SMTP entry message." +(Obsolete; use SmtpGreetingMessage option instead.) +The SMTP entry message. This is printed out when SMTP starts up. The first word must be the .b $j @@ -2805,15 +3246,27 @@ Defaults to Commonly redefined to include the configuration version number, e.g., .q "$j Sendmail $v/$Z ready at $b" .ip $f -.b "The sender (from) address." +The envelope sender (from) address. .ip $g -.b "The sender address relative to the recipient." +The sender address relative to the recipient. +For example, if +.b $f +is +.q foo , +.b $g +will be +.q host!foo , +.q foo@host.domain , +or whatever is appropriate for the receiving mailer. .ip $h -.b "The recipient host." +The recipient host. +This is set in ruleset 0 from the $# field of a parsed address. .ip $i -.b "The queue id." +The queue id, +e.g., +.q HAA12345 . .ip $j\(dd -.b "The \*(lqofficial\*(rq domain name for this site." +The \*(lqofficial\*(rq domain name for this site. This is fully qualified if the full qualification can be found. It .i must @@ -2821,25 +3274,27 @@ be redefined to be the fully qualified domain name if your system is not configured so that information can find it automatically. .ip $k -.b "The UUCP node name (from the uname system call)." +The UUCP node name (from the uname system call). .ip $l\(dg -.b "The format of the UNIX from line." +(Obsolete; use UnixFromLine option instead.) +The format of the UNIX from line. Unless you have changed the UNIX mailbox format, you should not change the default, which is .q "From $g $d" . .ip $m -.b "The domain part of the \fIgethostname\fP return value." +The domain part of the \fIgethostname\fP return value. Under normal circumstances, .b $j is equivalent to .b $w.$m . .ip $n\(dg -.b "The name of the daemon (for error messages)." +The name of the daemon (for error messages). Defaults to .q MAILER-DAEMON . .ip $o\(dg -.b "The set of \*(lqoperators\*(rq in addresses." +(Obsolete: use OperatorChars option instead.) +The set of \*(lqoperators\*(rq in addresses. A list of characters which will be considered tokens and which will separate tokens @@ -2862,9 +3317,9 @@ a richer set of operators is .q ".:%@!/[]" , which adds support for UUCP, the %-hack, and X.400 addresses. .ip $p -.b "Sendmail's process id." +Sendmail's process id. .ip $q\(dg -.b "Default format of sender address." +Default format of sender address. The .b $q macro specifies how an address should appear in a message @@ -2884,27 +3339,32 @@ eric@CS.Berkeley.EDU (Eric Allman) properly quotes names that have special characters if the first form is used. .ip $r -.b "Protocol used to receive the message." +Protocol used to receive the message. +Set from the +.b \-p +command line flag or by the SMTP server code. .ip $s -.b "Sender's host name." +Sender's host name. +Set from the +.b \-p +command line flag or by the SMTP server code. .ip $t -.b "A numeric representation of the current time." +A numeric representation of the current time. .ip $u -.b "The recipient user." +The recipient user. .ip $v -.b "The version number of \fIsendmail\fP." +The version number of the +.i sendmail +binary. .ip $w\(dd -.b "The hostname of this site." -.pp -The -.b $w -macro is set to the root name of this host (but see below for caveats). +The hostname of this site. +This is the root name of this host (but see below for caveats). .ip $x -.b "The full name of the sender." +The full name of the sender. .ip $z -.b "The home directory of the recipient." +The home directory of the recipient. .ip $_ -.b "The validated sender address." +The validated sender address. .pp There are three types of dates that can be used. The @@ -3017,10 +3477,13 @@ macro is set to the full name of the sender. This can be determined in several ways. It can be passed as flag to .i sendmail . -The second choice is the value of the -.q Full-name: +It can be defined in the +.sm NAME +environment variable. +The third choice is the value of the +.q Full-Name: line in the header if it exists, -and the third choice is the comment field +and the fourth choice is the comment field of a .q From: line. @@ -3083,13 +3546,21 @@ and fields are set to the protocol used to communicate with .i sendmail and the sending hostname. +They can be set together using the +.b \-p +command line flag or separately using the +.b \-M +or +.b \-oM +flags. .pp The .b $_ is set to a validated sender host name. -If the sender is running an RFC 1413 compliant IDENT server, +If the sender is running an RFC 1413 compliant IDENT server +and the receiver has the IDENT protocol turned on, it will include the user name on that host. -.sh 3 "C and F \*- define classes" +.sh 2 "C and F \*- Define Classes" .pp Classes of phrases may be defined to match on the left hand side of rewriting rules, @@ -3103,10 +3574,12 @@ so that attempts to send to oneself can be eliminated. These can either be defined directly in the configuration file or read in from another file. -Classes may be given names -from the set of upper case letters. -Lower case letters and special characters -are reserved for system use. +Classes are named as a single letter or a word in {braces}. +Class names beginning with lower case letters +and special characters are reserved for system use. +Classes defined in config files may be given names +from the set of upper case letters for short names +or beginning with an upper case letter for long names. .pp The syntax is: .(b F @@ -3131,12 +3604,16 @@ CHmonet CHucbmonet .)b are equivalent. -The second form +The ``F'' form reads the elements of the class .i c from the named .i file . .pp +Elements of classes can be accessed in rules using +.b $= +or +.b $~ . The .b $~ (match entries not in class) @@ -3161,6 +3638,50 @@ is set to the set of domains by which this host is known, initially just .b $m . .pp +The class +.b $=t +is set to the set of trusted users by the +.b T +configuration line. +If you want to read trusted users from a file use +.b Ft \c +.i /file/name . +.pp +The class +.b $=n +can be set to the set of MIME body types +that can never be eight to seven bit encoded. +It defaults to +.q multipart/signed . +Message types +.q message/* +and +.q multipart/* +are never encoded directly. +Multipart messages are always handled recursively. +The handling of message/* messages +are controlled by class +.b $=s . +The class +.b $=e +contains the Content-Transfer-Encodings that can be 8\(->7 bit encoded. +It is predefined to contain +.q 7bit , +.q 8bit , +and +.q binary . +The class +.b $=s +contains the set of subtypes of message that can be treated recursively. +By default it contains only +.q rfc822 . +Other +.q message/* +types cannot be 8\(->7 bit encoded. +If a message containing eight bit data is sent to a seven bit host, +and that message cannot be encoded into seven bits, +it will be stripped to 7 bits. +.pp .i Sendmail can be compiled to allow a .i scanf (3) @@ -3175,7 +3696,7 @@ file into a class, use FL/etc/passwd %[^:] .)b which reads every line up to the first colon. -.sh 3 "M \*- define mailer" +.sh 2 "M \*- Define Mailer" .pp Programs and interfaces to mailers are defined in this line. @@ -3199,13 +3720,17 @@ Fields are: .ta 1i Path The pathname of the mailer Flags Special flags for this mailer -Sender A rewriting set for sender addresses -Recipient A rewriting set for recipient addresses +Sender Rewriting set(s) for sender addresses +Recipient Rewriting set(s) for recipient addresses Argv An argument vector to pass to this mailer Eol The end-of-line string for this mailer Maxsize The maximum message length to this mailer Linelimit The maximum line length in the message body Directory The working directory for the mailer +Userid The default user and group id to run as +Nice The nice(2) increment for the mailer +Charset The default character set for 8-bit characters +Type The MTS type information (used for error messages) .)b Only the first character of the field name is checked. .pp @@ -3213,9 +3738,25 @@ The following flags may be set in the mailer description. Any other flags may be used freely to conditionally assign headers to messages destined for particular mailers. +Flags marked with \(dg +are not interpreted by the +.i sendmail +binary; +these are the conventionally used to correlate to the flags portion +of the +.b H +line. +Flags marked with \(dd +apply to the mailers for the sender address +rather than the usual recipient mailers. .nr ii 4n .ip a -Run Extended SMTP (ESMTP) protocol (defined in RFCs 1425, 1426, and 1427). +Run Extended SMTP (ESMTP) protocol (defined in RFCs 1651, 1652, and 1653). +This flag defaults on if the SMTP greeting message includes the word +.q ESMTP . +.ip A +Look up the user part of the address in the alias database. +Normally this is only set for local mailers. .ip b Force a blank line on the end of a message. This is intended to work around some stupid versions of @@ -3226,7 +3767,13 @@ It would not normally be used on network mail. Do not include comments in addresses. This should only be used if you have to work around a remote mailer that gets confused by comments. -.ip C +This strips addresses of the form +.q "Phrase <address>" +or +.q "address (Comment)" +down to just +.q address . +.ip C\(dd If mail is .i received from a mailer with this flag set, @@ -3236,7 +3783,7 @@ any addresses in the header that do not have an at sign after being rewritten by ruleset three will have the .q @domain -clause from the sender +clause from the sender envelope address tacked on. This allows mail with headers of the form: .(b @@ -3249,7 +3796,8 @@ From: usera@hosta To: userb@hostb, userc@hosta .)b automatically. -.ip D +However, it doesn't really work reliably. +.ip D\(dg This mailer wants a .q Date: header line. @@ -3271,7 +3819,7 @@ but only if this is a network forward operation the mailer will give an error if the executing user does not have special permissions). -.ip F +.ip F\(dg This mailer wants a .q From: header line. @@ -3279,11 +3827,7 @@ header line. Normally, .i sendmail sends internally generated email (e.g., error messages) -using the null return address\** -.(f -\**Actually, this only applies to SMTP, -which uses the ``MAIL FROM:<>'' command. -.)f +using the null return address as required by RFC 1123. However, some mailers don't accept a null return address. If necessary, @@ -3309,6 +3853,19 @@ This option is not required (i.e., if this option is omitted the transmission will still operate successfully, although perhaps not as efficiently as possible). +.ip k +Normally when +.i sendmail +connects to a host via SMTP, +it checks to make sure that this isn't accidently the same host name +as might happen if +.i sendmail +is misconfigured or if a long-haul network interface is set in loopback mode. +This flag disables the loopback check. +It should only be used under very unusual circumstances. +.ip K +Currently unimplemented. +Reserved for chunking. .ip l This mailer is local (i.e., @@ -3334,7 +3891,7 @@ macro occurs in the part of the mailer definition, that field will be repeated as necessary for all qualifying users. -.ip M +.ip M\(dg This mailer wants a .q Message-Id: header line. @@ -3342,6 +3899,23 @@ header line. Do not insert a UNIX-style .q From line on the front of the message. +.ip o +Always run as the owner of the recipient mailbox. +Normally +.i sendmail +runs as the sender for locally generated mail +or as +.q daemon +(actually, the user specified in the +.b u +option) +when delivering network mail. +The normal behaviour is required by most local mailers, +which will not allow the envelope sender address +to be set unless the mailer is running as daemon. +This flag is ignored if the +.b S +flag is set. .ip p Use the route-addr style reverse-path in the SMTP .q "MAIL FROM:" @@ -3350,7 +3924,7 @@ rather than just the return address; although this is required in RFC821 section 3.1, many hosts do not process reverse-paths properly. Reverse-paths are officially discouraged by RFC 1123. -.ip P +.ip P\(dg This mailer wants a .q Return-Path: line. @@ -3361,7 +3935,7 @@ but sends a .b \-r flag. .ip s -Strip quote characters off of the address +Strip quote characters (" and \e) off of the address before calling the mailer. .ip S Don't reset the userid @@ -3371,20 +3945,31 @@ where .i sendmail ran as root. This could be used to avoid forged addresses. -This flag is suppressed if given from an -.q unsafe -environment -(e.g, a user's mail.cf file). +If the +.b U= +field is also specified, +this flag causes the user id to always be set to that user and group +(instead of leaving it as root). .ip u Upper case should be preserved in user names for this mailer. .ip U -This mailer wants Unix-style +This mailer wants UUCP-style .q From -lines with the ugly UUCP-style +lines with the ugly .q "remote from <host>" on the end. -.ip x +.ip w +The user must have a valid account on this machine, +i.e., +getpwnam +must succeed. +If not, +the mail is bounced. +This is required to get +.q \&.forward +capability. +.ip x\(dg This mailer wants a .q Full-Name: header line. @@ -3397,6 +3982,10 @@ will have an extra dot prepended (to be stripped at the other end). This insures that lines in the message containing a dot will not terminate the message prematurely. +.ip 5 +If no aliases are found for this address, +pass the address through ruleset 5 for possible alternate resolution. +This is intended to forward the mail to an alternate delivery spot. .ip 7 Strip all output to seven bits. This is the default if the @@ -3409,6 +3998,35 @@ If the .b 7 option is set, this is essentially always set, since the eighth bit was stripped on input. +Note that this option will only impact messages +that didn't have 8\(->7 bit MIME conversions performed. +.ip 8 +If set, +it is acceptable to send eight bit data to this mailer; +the usual attempt to do 8\(->7 bit MIME conversions will be bypassed. +.ip : +Check addresses to see if they begin +.q :include: ; +if they do, convert them to the +.q *include* +mailer. +.ip | +Check addresses to see if they begin with a `|'; +if they do, convert them to the +.q prog +mailer. +.ip / +Check addresses to see if they begin with a `/'; +if they do, convert them to the +.q *file* +mailer. +.ip @ +Look up addresses in the user database. +.pp +Configuration files prior to level 6 +assume the `A', `w', `5', `:', `|', `/', and `@' options +on the mailer named +.q local . .pp The mailer with the special name .q error @@ -3428,7 +4046,7 @@ and the .q "Host unknown" exit status to be returned if the LHS matches. -This mailer is only functional in ruleset zero. +This mailer is only functional in rulesets zero or five. .pp The mailer named .q local @@ -3452,8 +4070,8 @@ M*include*, P=/dev/null, F=su, A=INCLUDE .)b .pp The Sender and Recipient rewriting sets -may either be a simple integer -or may be two integers separated by a slash; +may either be a simple ruleset id +or may be two ids separated by a slash; if so, the first rewriting set is applied to envelope addresses and the second is applied to headers. @@ -3471,10 +4089,69 @@ mailer, since some shells (such as .i csh ) refuse to execute if they cannot read the home directory. -Since the queue directory is not normally readable by normal users +Since the queue directory is not normally readable by unprivileged users .i csh scripts as recipients can fail. -.sh 3 "H \*- define header" +.pp +The Userid +specifies the default user and group id to run as, +overriding the +.b DefaultUser +option (q.v.). +If the +.b S +mailer flag is also specified, +this is the user and group to run as in all circumstances. +This may be given as +.i user:group +to set both the user and group id; +either may be an integer or a symbolic name to be looked up +in the +.i passwd +and +.i group +files respectively. +If only a symbolic user name is specified, +the group id in the +.i passwd +file for that user is used as the group id. +.pp +The Charset field +is used when converting a message to MIME; +this is the character set used in the +Content-Type: header. +If this is not set, the +.b DefaultCharset +option is used, +and if that is not set, the value +.q unknown-8bit +is used. +.b WARNING: +this field applies to the sender's mailer, +not the recipient's mailer. +For example, if the envelope sender address +lists an address on the local network +and the recipient is on an external network, +the character set will be set from the Charset= field +for the local network mailer, +not that of the external network mailer. +.pp +The Type= field +sets the type information +used in MIME error messages +as defined by +RFC XXX +(not yet published). +It is actually three values separated by slashes: +the MTA-type (that is, the description of how hosts are named), +the address type (the description of e-mail addresses), +and the diagnostic type (the description of error diagnostic codes). +Each of these must be a registered value +or begin with +.q X\- . +The default is +.q dns/rfc822/smtp . +.sh 2 "H \*- Define Header" .pp The format of the header lines that .i sendmail @@ -3509,23 +4186,38 @@ it is reflected to the output regardless of these flags. .pp Some headers have special semantics -that will be described below. -.sh 3 "O \*- set option" +that will be described later. +.sh 2 "O \*- Set Option" .pp There are a number of -.q random +global options that can be set from a configuration file. -Options are represented by single characters. +Options are represented by full words; +some are also representable as single characters +for back compatibility. The syntax of this line is: .(b F -.b O \c -.i o\|value +.b O \0 +.i option \c +.b = \c +.i value .)b This sets option -.i o +.i option to be .i value . +Note that there +.i must +be a space between the letter `O' and the name of the option. +An older version is: +.(b F +.b O \c +.i o\|value +.)b +where the option +.i o +is a single character. Depending on the option, .i value may be a string, an integer, @@ -3540,25 +4232,10 @@ the default is TRUE), or a time interval. .pp -The options supported are: +The options supported (with the old, one character names in brackets) are: .nr ii 1i -.ip a\fIN\fP -If set, -wait up to -.i N -minutes for an -.q @:@ -entry to exist in the alias database -before starting up. -If it does not appear in -.i N -minutes, -rebuild the database -(if the -.b D -option is also set) -or issue a warning. -.ip "A\fIspec, spec, ...\fP" +.ip "AliasFile=\fIspec, spec, ...\fP" +[A] Specify possible alias file(s). Each .i spec @@ -3598,32 +4275,46 @@ If a list of are provided, .i sendmail searches them in order. -.ip b\fIN\fP/\fIM\fP -Insist on at least -.i N -blocks free on the filesystem that holds the queue files -before accepting email via SMTP. -If there is insufficient space +.ip AliasWait=\fItimeout\fP +[a] +If set, +wait up to +.i timeout +(units default to minutes) +for an +.q @:@ +entry to exist in the alias database +before starting up. +If it does not appear in the +.i timeout +interval +rebuild the database +(if the +.b AutoRebuildAliases +option is also set) +or issue a warning. +.ip AutoRebuildAliases +[D] +If set, +rebuild the alias database if necessary and possible. +If this option is not set, .i sendmail -gives a 452 response -to the MAIL command. -This invites the sender to try again later. -The optional -.i M -is a maximum message size advertised in the ESMTP EHLO response. -It is currently otherwise unused. -.ip B\fIc\fP +will never rebuild the alias database +unless explicitly requested +using +.b \-bi . +Not recommended \(em can cause thrashing. +.ip BlankSub=\fIc\fP +[B] Set the blank substitution character to .i c . Unquoted spaces in addresses are replaced by this character. Defaults to space (i.e., no change is made). -.ip c -If an outgoing mailer is marked as being expensive, -don't connect immediately. -This requires that queueing be compiled in, -since it will depend on a queue run process to -actually send the mail. -.ip C\fIN\fP +.ip CheckAliases +[n] +Validate the RHS of aliases when rebuilding the alias database. +.ip CheckpointInterval=\fIN\fP +[C] Checkpoints the queue every .i N (default 10) @@ -3632,7 +4323,131 @@ If your system crashes during delivery to a large list, this prevents retransmission to any but the last .I N recipients. -.ip d\fIx\fP +.ip ClassFactor=\fIfact\fP +[z] +The indicated +.i fact or +is multiplied by the message class +(determined by the Precedence: field in the user header +and the +.b P +lines in the configuration file) +and subtracted from the priority. +Thus, messages with a higher Priority: will be favored. +Defaults to 1800. +.ip ColonOkInAddr +[no short name] +If set, colons are acceptable in e-mail addresses +(e.g., +.q host:user ). +If not set, colons indicate the beginning of a RFC 822 group construct +(\c +.q "groupname: member1, member2, ... memberN;" ). +Doubled colons are always acceptable +(\c +.q nodename::user ) +and proper route-addr nesting is understood +(\c +.q <@relay:user@host> ). +Furthermore, this option defaults on if the configuration version level +is less than 6 (for back compatibility). +However, it must be off for full compatibility with RFC 822. +.ip ConnectionCacheSize=\fIN\fP +[k] +The maximum number of open connections that will be cached at a time. +The default is one. +This delays closing the current connection until +either this invocation of +.i sendmail +needs to connect to another host +or it terminates. +Setting it to zero defaults to the old behavior, +that is, connections are closed immediately. +Since this consumes file descriptors, +the connection cache should be kept small: +4 is probably a practical maximum. +.ip ConnectionCacheTimeout=\fItimeout\fP +[K] +The maximum amount of time a cached connection will be permitted to idle +without activity. +If this time is exceeded, +the connection is immediately closed. +This value should be small (on the order of ten minutes). +Before +.i sendmail +uses a cached connection, +it always sends a RSET command +to check the connection; +if this fails, it reopens the connection. +This keeps your end from failing if the other end times out. +The point of this option is to be a good network neighbor +and avoid using up excessive resources +on the other end. +The default is five minutes. +.ip DaemonPortOptions=\fIoptions\fP +[O] +Set server SMTP options. +The options are +.i key=value +pairs. +Known keys are: +.(b +.ta 1i +Port Name/number of listening port (defaults to "smtp") +Addr Address mask (defaults INADDR_ANY) +Family Address family (defaults to INET) +Listen Size of listen queue (defaults to 10) +SndBufSize Size of TCP send buffer +RcvBufSize Size of TCP receive buffer +.)b +The +.i Addr ess +mask may be a numeric address in dot notation +or a network name. +.ip DefaultCharSet=\fIcharset\fP +[no short name] +When a message that has 8-bit characters but is not in MIME format +is converted to MIME +(see the EightBitMode option) +a character set must be included in the Content-Type: header. +This character set is normally set from the Charset= field +of the mailer descriptor. +If that is not set, the value of this option is used. +If this option is not set, the value +.q unknown-8bit +is used. +.ip DefaultUser=\fIuser:group\fP +[u] +Set the default userid for mailers to +.i user:group . +If +.i group +is omitted and +.i user +is a user name +(as opposed to a numeric user id) +the default group listed in the /etc/passwd file for that user is used +as the default group. +Both +.i user +and +.i group +may be numeric. +Mailers without the +.i S +flag in the mailer definition +will run as this user. +Defaults to 1:1. +The value can also be given as a symbolic user name.\** +.(f +\**The old +.b g +option has been combined into the +.b DefaultUser +option. +.)f +.ip DeliveryMode=\fIx\fP +[d] Deliver in mode .i x . Legal modes are: @@ -3641,33 +4456,125 @@ Legal modes are: i Deliver interactively (synchronously) b Deliver in background (asynchronously) q Just queue the message (deliver during queue run) +d Defer delivery and all map lookups (deliver during queue run) .)b Defaults to ``b'' if no option is specified, ``i'' if it is specified but given no argument (i.e., ``Od'' is equivalent to ``Odi''). -.ip D +The +.b \-v +command line flag sets this to +.b i . +.ip DialDelay=\fIsleeptime\fP +[no short name] +Dial-on-demand network connections can see timeouts +if a connection is opened before the call is set up. +If this is set to an interval and a connection times out +on the first connection being attempted +.i sendmail +will sleep for this amount of time and try again. +This should give your system time to establish the connection +to your service provider. +Units default to seconds, so +.q DialDelay=5 +uses a five second delay. +Defaults to zero +(no retry). +.ip DontExpandCnames +[no short name] +The standards say that all host addresses used in a mail message +must be fully canonical. +For example, if your host is named +.q Cruft.Foo.ORG +and also has an alias of +.q FTP.Foo.ORG , +the former name must be used at all times. +This is enforced during host name canonification +($[ ... $] lookups). +If this option is set, the protocols are ignored and the +.q wrong +thing is done. +However, the IETF is moving toward changing this standard, +so the behaviour may become acceptable. +Please note that hosts downstream may still rewrite the address +to be the true canonical name however. +.ip DontInitGroups +[no short name] If set, -rebuild the alias database if necessary and possible. -If this option is not set, .i sendmail -will never rebuild the alias database -unless explicitly requested -using -.b \-bi . -.ip e\fIx\fP -Dispose of errors using mode -.i x . -The values for -.i x +will avoid using the initgroups(3) call. +If you are running NIS, +this causes a sequential scan of the groups.byname map, +which can cause your NIS server to be badly overloaded in a large domain. +The cost of this is that the only group found for users +will be their primary group (the one in the password file), +which will make file access permissions somewhat more restrictive. +Has no effect on systems that don't have group lists. +.ip DontPruneRoutes +[R] +Normally, +.i sendmail +tries to eliminate any unnecessary explicit routes +when sending an error message +(as discussed in RFC 1123 \(sc 5.2.6). +For example, +when sending an error message to +.(b +<@known1,@known2,@known3:user@unknown> +.)b +.i sendmail +will strip off the +.q @known1,@known2 +in order to make the route as direct as possible. +However, if the +.b R +option is set, this will be disabled, +and the mail will be sent to the first address in the route, +even if later addresses are known. +This may be useful if you are caught behind a firewall. +.ip EightBitMode=\fIaction\fP +[8] +Set handling of eight-bit data. +There are two kinds of eight-bit data: +that declared as such using the +.b BODY=8BITMIME +ESMTP declaration or the +.b \-B8BITMIME +command line flag, +and undeclared 8-bit data, that is, +input that just happens to be eight bits. +There are three basic operations that can happen: +undeclared 8-bit data can be automatically converted to 8BITMIME, +undeclared 8-bit data can be passed as-is without conversion to MIME +(``just send 8''), +and declared 8-bit data can be converted to 7-bits +for transmission to a non-8BITMIME mailer. +The possible +.i action s are: .(b -p Print error messages (default) -q No messages, just give exit status -m Mail back errors -w Write back errors (mail if user not logged in) -e Mail back errors and give zero exit stat always +.\" r Reject undeclared 8-bit data; +.\" don't convert 8BITMIME\(->7BIT (``reject'') + s Reject undeclared 8-bit data (``strict'') +.\" do convert 8BITMIME\(->7BIT (``strict'') +.\" c Convert undeclared 8-bit data to MIME; +.\" don't convert 8BITMIME\(->7BIT (``convert'') + m Convert undeclared 8-bit data to MIME (``mime'') +.\" do convert 8BITMIME\(->7BIT (``mime'') +.\" j Pass undeclared 8-bit data; +.\" don't convert 8BITMIME\(->7BIT (``just send 8'') + p Pass undeclared 8-bit data (``pass'') +.\" do convert 8BITMIME\(->7BIT (``pass'') +.\" a Adaptive algorithm: see below .)b -.ip E\fIfile/message\fP +.\"The adaptive algorithm is to accept 8-bit data, +.\"converting it to 8BITMIME only if the receiver understands that, +.\"otherwise just passing it as undeclared 8-bit data; +.\"8BITMIME\(->7BIT conversions are done. +In all cases properly declared 8BITMIME data will be converted to 7BIT +as needed. +.ip ErrorHeader=\fIfile-or-message\fP +[E] Prepend error messages with the indicated message. If it begins with a slash, it is assumed to be the pathname of a file @@ -3679,72 +4586,36 @@ in to end users. If the option is missing or null, or if it names a file which does not exist or which is not readable, no message is printed. -.ip f -Save -Unix-style -.q From -lines at the front of headers. -Normally they are assumed redundant -and discarded. -.ip F\fImode\fP -The file mode for queue files. -.ip g\fIn\fP -Set the default group id -for mailers to run in -to -.i n . -Defaults to 1. -The value can also be given as a symbolic group name. -.ip G -Allow fuzzy matching on the GECOS field. -If this flag is set, -and the usual user name lookups fail -(that is, there is no alias with this name and a -.i getpwnam -fails), -sequentially search the password file -for a matching entry in the GECOS field. -This also requires that MATCHGECOS -be turned on during compilation. -This option is not recommended. -.ip h\fIN\fP -The maximum hop count. -Messages that have been processed more than -.i N -times are assumed to be in a loop and are rejected. -Defaults to 25. -.ip H\fIfile\fP -Specify the help file -for SMTP. -.ip i -Ignore dots in incoming messages. -This is always disabled (that is, dots are always accepted) -when reading SMTP mail. -.ip I -Insist that the BIND name server be running -to resolve host names. -If this is not set and the name server is not running, -the -.i /etc/hosts -file will be considered complete. -In general, you do want to set this option -if your -.i /etc/hosts -file does not include all hosts known to you -or if you are using the MX (mail forwarding) feature of the BIND name server. -The name server will still be consulted -even if this option is not set, but -.i sendmail -will feel free to resort to reading -.i /etc/hosts -if the name server is not available. -Thus, you should -.i never -set this option if you do not run the name server. -.ip j -If set, send error messages in MIME format -(see RFC1341 and RFC1344 for details). -.ip J\fIpath\fP +.ip ErrorMode=\fIx\fP +[e] +Dispose of errors using mode +.i x . +The values for +.i x +are: +.(b +p Print error messages (default) +q No messages, just give exit status +m Mail back errors +w Write back errors (mail if user not logged in) +e Mail back errors and give zero exit stat always +.)b +.ip FallbackMXhost=\fIfallbackhost\fP +[V] +If specified, the +.i fallbackhost +acts like a very low priority MX +on every host. +This is intended to be used by sites with poor network connectivity. +.ip ForkEachJob +[Y] +If set, +deliver each job that is run from the queue in a separate process. +Use this option if you are short of memory, +since the default tends to consume considerable amounts of memory +while the queue is being processed. +.ip ForwardPath=\fIpath\fP +[J] Set the path for searching for users' .forward files. The default is .q $z/.forward . @@ -3761,57 +4632,131 @@ will search first in /var/forward/\c and then in .i ~username /.forward (but only if the first file does not exist). -.ip k\fIN\fP -The maximum number of open connections that will be cached at a time. -The default is one. -This delays closing the current connection until -either this invocation of -.i sendmail -needs to connect to another host -or it terminates. -Setting it to zero defaults to the old behavior, -that is, connections are closed immediately. -.ip K\fItimeout\fP -The maximum amount of time a cached connection will be permitted to idle -without activity. -If this time is exceeded, -the connection is immediately closed. -This value should be small (on the order of ten minutes). -Before -.i sendmail -uses a cached connection, -it always sends a NOOP (no operation) command -to check the connection; -if this fails, it reopens the connection. -This keeps your end from failing if the other end times out. -The point of this option is to be a good network neighbor -and avoid using up excessive resources -on the other end. -The default is five minutes. -.ip l -If there is an -.q Errors-To: -header, send error messages to the addresses listed there. -They normally go to the envelope sender. -Use of this option causes -.i sendmail -to violate RFC 1123. -.ip L\fIn\fP +.ip HelpFile=\fIfile\fP +[H] +Specify the help file +for SMTP. +.ip HoldExpensive +[c] +If an outgoing mailer is marked as being expensive, +don't connect immediately. +This requires that queueing be compiled in, +since it will depend on a queue run process to +actually send the mail. +.ip IgnoreDots +[i] +Ignore dots in incoming messages. +This is always disabled (that is, dots are always accepted) +when reading SMTP mail. +.ip LogLevel=\fIn\fP +[L] Set the default log level to .i n . Defaults to 9. -.ip m -Send to me too, -even if I am in an alias expansion. .ip M\fIx\|value\fP +[no long version] Set the macro .i x to .i value . This is intended only for use from the command line. -.ip n -Validate the RHS of aliases when rebuilding the alias database. -.ip o +The +.b \-M +flag is preferred. +.ip MatchGECOS +[G] +Allow fuzzy matching on the GECOS field. +If this flag is set, +and the usual user name lookups fail +(that is, there is no alias with this name and a +.i getpwnam +fails), +sequentially search the password file +for a matching entry in the GECOS field. +This also requires that MATCHGECOS +be turned on during compilation. +This option is not recommended. +.ip MaxHopCount=\fIN\fP +[h] +The maximum hop count. +Messages that have been processed more than +.i N +times are assumed to be in a loop and are rejected. +Defaults to 25. +.ip MaxHostStatAge=\fIage\fP +[no short name] +Not yet implemented. +This option specifies how long host status information will be retained. +For example, if a host is found to be down, +connections to that host will not be retried for this interval. +The units default to minutes. +.ip MaxQueueRunSize=\fIN\fP +[no short name] +The maximum number of jobs that will be processed +in a single queue run. +If not set, there is no limit on the size. +If you have very large queues or a very short queue run interval +this could be unstable. +However, since the first +.i N +jobs in queue directory order are run (rather than the +.i N +highest priority jobs) +this should be set as high as possible to avoid +.q losing +jobs that happen to fall late in the queue directory. +.ip MeToo +[m] +Send to me too, +even if I am in an alias expansion. +.ip MaxMessageSize=\fIN\fP +[no short name] +Specify the maximum message size +to be advertised in the ESMTP EHLO response. +Messages larger than this will be rejected. +.ip MinFreeBlocks=\fIN\fP +[b] +Insist on at least +.i N +blocks free on the filesystem that holds the queue files +before accepting email via SMTP. +If there is insufficient space +.i sendmail +gives a 452 response +to the MAIL command. +This invites the sender to try again later. +.ip MinQueueAge=\fPage\fP +[no short name] +Don't process any queued jobs +that have been in the queue less than the indicated time interval. +This is intended to allow you to get responsiveness +by processing the queue fairly frequently +without thrashing your system by trying jobs too often. +The default units are minutes. +.ip NoRecipientAction +[no short name] +The action to take when you receive a message that has no valid +recipient headers (To:, Cc:, Bcc:). +It can be +.b None +to pass the message on unmodified, +which violates the protocol, +.b Add-To +to add a To: header with any recipients it can find in the envelope +(which might expose Bcc: recipients), +.b Add-Apparently-To +to add an Apparently-To: header +(this is only for back-compatibility +and is officially deprecated), +.b Add-To-Undisclosed +to add a header +.q "To: undisclosed-recipients:;" +to make the header legal without disclosing anything, +or +.b Add-Bcc +to add an empty Bcc: header. +.ip OldStyleHeaders +[o] Assume that the headers may be in old format, i.e., spaces delimit names. @@ -3823,24 +4768,38 @@ it will be assumed that commas already exist. If this flag is not on, only commas delimit names. Headers are always output with commas between the names. -.ip O\fIoptions\fP -Set server SMTP options. -The options are -.i key=value -pairs. -Known keys are: -.(b -.ta 1i -Port Name/number of listening port (defaults to "smtp") -Addr Address mask (defaults INADDR_ANY) -Family Address family (defaults to INET) -Listen Size of listen queue (defaults to 10) -.)b -The -.i Addr ess -mask may be a numeric address in dot notation -or a network name. -.ip p\fI\|opt,opt,...\fP +Defaults to off. +.ip OperatorChars=\fIcharlist\fP +[$o macro] +The list of characters that are considered to be +.q operators , +that is, characters that delimit tokens. +All operator characters are tokens by themselves; +sequences of non-operator characters are also tokens. +White space characters separate tokens +but are not tokens themselves \(em for example, +.q AAA.BBB +has three tokens, but +.q "AAA BBB" +has two. +If not set, OperatorChars defaults to +.q \&.\|:\|@\|[\|] ; +additionally, the characters +.q (\|)\|<\|>\|,\|; +are always operators. +.ip PostmasterCopy=\fIpostmaster\fP +[P] +If set, +copies of error messages will be sent to the named +.i postmaster . +Only the header of the failed message is sent. +Since most errors are user problems, +this is probably not a good idea on large sites, +and arguably contains all sorts of privacy violations, +but it seems to be popular with certain operating systems vendors. +Defaults to no postmaster copies. +.ip PrivacyOptions=\fI\|opt,opt,...\fP +[p] Set the privacy .i opt ions. ``Privacy'' is really a misnomer; @@ -3859,7 +4818,7 @@ needvrfyhelo Insist on HELO or EHLO command before VRFY novrfy Disallow VRFY entirely restrictmailq Restrict mailq command restrictqrun Restrict \-q command line flag -noreceipts Ignore Return-Receipt-To: header +noreceipts Don't return success DSNs goaway Disallow essentially all SMTP status queries authwarnings Put X-Authentication-Warning: headers in messages .)b @@ -3878,16 +4837,13 @@ can run the queue. Authentication Warnings add warnings about various conditions that may indicate attempts to spoof the mail system, such as using an non-standard queue directory. -.ip P\fIpostmaster\fP -If set, -copies of error messages will be sent to the named -.i postmaster . -Only the header of the failed message is sent. -Since most errors are user problems, -this is probably not a good idea on large sites, -and arguably contains all sorts of privacy violations, -but it seems to be popular with certain operating systems vendors. -.ip q\fIfactor\fP +.ip QueueDirectory=\fIdir\fP +[Q] +Use the named +.i dir +as the queue directory. +.ip QueueFactor=\fIfactor\fP +[q] Use .i factor as the multiplier in the map function @@ -3895,24 +4851,86 @@ to decide when to just queue up jobs rather than run them. This value is divided by the difference between the current load average and the load average limit (\c -.b x -flag) +.b QueueLA +option) to determine the maximum message priority that will be sent. Defaults to 600000. -.ip Q\fIdir\fP -Use the named -.i dir -as the queue directory. -.ip r\|\fItimeouts\fP -Timeout reads after -.i time -interval. -The -.i timeouts -argument is a list of -.i keyword=value -pairs. +.ip QueueLA=\fILA\fP +[x] +When the system load average exceeds +.i LA , +just queue messages +(i.e., don't try to send them). +Defaults to 8. +.ip QueueSortOrder=\fIalgorithm\fP +[no short name] +Sets the +.i algorithm +used for sorting the queue. +Only the first character of the value is used. +Legal values are +.q host +(to order by the name of the first host name of the first recipient) +and +.q priority +(to order strictly by message priority). +Host ordering makes better use of the connection cache, +but may tend to process low priority messages +that go to a single host +over high priority messages that go to several hosts; +it probably shouldn't be used on slow network links. +Priority ordering is the default. +.ip ResolverOptions=\fIoptions\fP +[I] +Set resolver options. +Values can be set using +.b + \c +.i flag +and cleared using +.b \- \c +.i flag ; +the +.i flag s +can be +.q debug , +.q aaonly , +.q usevc , +.q primary , +.q igntc , +.q recurse , +.q defnames , +.q stayopen , +or +.q dnsrch . +The string +.q HasWildcardMX +(without a +.b + +or +.b \- ) +can be specified to turn off matching against MX records +when doing name canonifications. +.b N.B. +Prior to 8.7, +this option indicated that the name server be responding +in order to accept addresses. +This has been replaced by checking to see +if the +.q dns +method is listed in the service switch entry for the +.q hosts +service. +.ip SmtpGreetingMessage=\fImessage\fP +[$e macro] +The message printed when the SMTP server starts up. +Defaults to +.q "$j Sendmail $v ready at $b". +.ip Timeout.\fItype\fP=\|\fItimeout\fP +[r; subsumes old T option as well] +Set timeout values. +The actual timeout is indicated by the +.i type . The recognized timeouts and their default values, and their minimum values specified in RFC 1123 section 5.3.2 are: .(b @@ -3927,37 +4945,128 @@ datafinal reply to final ``.'' in data [1h, 10m] rset reply to RSET command [5m, none] quit reply to QUIT command [2m, none] misc reply to NOOP and VERB commands [2m, none] -command command read [1h, 5m] ident IDENT protocol timeout [30s, none] +fileopen\(dg timeout on opening .forward and :include: files [60s, none] +command\(dg command read [1h, 5m] +queuereturn\(dg how long until a message is returned [5d, 5d] +queuewarn\(dg how long until a warning is sent [none, none] .)b -All but -.q command +All but those marked with a dagger (\(dg) apply to client SMTP. -For back compatibility, -a timeout with no ``keyword='' part -will set all of the longer values. -.ip R -Normally, +If the message is submitted using the +.sm NOTIFY +.sm SMTP +extension, +warning messages will only be sent if +.sm NOTIFY=DELAY +is specified. +The queuereturn and queuewarn timeouts +can be further qualified with a tag based on the Precedence: field +in the message; +they must be one of +.q urgent +(indicating a positive non-zero precedence) +.q normal +(indicating a zero precedence), or +.q non-urgent +(indicating negative precedences). +For example, setting +.q Timeout.queuewarn.urgent=1h +sets the warning timeout for urgent messages only +to one hour. +The default if no precedence is indicated +is to set the timeout for all precedences. +.ip RecipientFactor=\fIfact\fP +[y] +The indicated +.i fact or +is added to the priority (thus +.i lowering +the priority of the job) +for each recipient, +i.e., this value penalizes jobs with large numbers of recipients. +Defaults to 30000. +.ip RefuseLA=\fILA\fP +[X] +When the system load average exceeds +.i LA , +refuse incoming SMTP connections. +Defaults to 12. +.ip RetryFactor=\fIfact\fP +[Z] +The +.i fact or +is added to the priority +every time a job is processed. +Thus, +each time a job is processed, +its priority will be decreased by the indicated value. +In most environments this should be positive, +since hosts that are down are all too often down for a long time. +Defaults to 90000. +.ip SaveFromLine +[f] +Save +Unix-style +.q From +lines at the front of headers. +Normally they are assumed redundant +and discarded. +.ip SendMIMEErrors +[j] +If set, send error messages in MIME format +(see RFC1521 and RFC1344 for details). +.ip ServiceSwitchFile=\fIfilename\fP +[no short name] +If your host operating system has a service switch abstraction +(e.g., /etc/nsswitch.conf on Solaris +or /etc/svc.conf on Ultrix and DEC OSF/1) +that service will be consulted and this option is ignored. +Otherwise, this is the name of a file +that provides the list of methods used to implement particular services. +The syntax is a series of lines, +each of which is a sequence of words. +The first word is the service name, +and following words are service types. +The services that .i sendmail -tries to eliminate any unnecessary explicit routes -when sending an error message -(as discussed in RFC 1123 \(sc 5.2.6). -For example, -when sending an error message to +consults directly are +.q aliases +and +.q hosts. +Service types can be +.q dns , +.q nis , +.q nisplus , +or +.q files +(with the caveat that the appropriate support +must be compiled in +before the service can be referenced). +If ServiceSwitchFile is not specified, it defaults to /etc/service.switch. +If that file does not exist, the default switch is: .(b -<@known1,@known2,@unknown:user@known3> +aliases files +hosts dns nis files .)b -.i sendmail -will strip off the -.q @known1 -in order to make the route as direct as possible. -However, if the -.b R -option is set, this will be disabled, -and the mail will be sent to the first address in the route, -even if later addresses are known. -This may be useful if you are caught behind a firewall. -.ip s +The default file is +.q /etc/service.switch . +.ip SevenBitInput +[7] +Strip input to seven bits for compatibility with old systems. +This shouldn't be necessary. +.ip StatusFile=\fIfile\fP +[S] +Log summary statistics in the named +.i file . +If not set, +no summary statistics are saved. +This file does not grow in size. +It can be printed using the +.i mailstats (8) +program. +.ip SuperSafe +[s] Be super-safe when running things, i.e., always instantiate the queue file, @@ -3966,10 +5075,16 @@ even if you are going to attempt immediate delivery. always instantiates the queue file before returning control the client under any circumstances. -.ip S\fIfile\fP -Log statistics in the named -.i file . -.ip t\fItzinfo\fP +This should really +.i always +be set. +.ip TempFileMode=\fImode\fP +[F] +The file mode for queue files. +It is interpreted in octal by default. +Defaults to 0600. +.ip TimeZoneSpec=\fItzinfo\fP +[t] Set the local time zone info to .i tzinfo \*- for example, @@ -3978,61 +5093,14 @@ Actually, if this is not set, the TZ environment variable is cleared (so the system default is used); if set but null, the user's TZ variable is used, and if set and non-null the TZ variable is set to this value. -.ip T\fIrtime/wtime\fP -Set the queue timeout to -.i rtime . -After this interval, -messages that have not been successfully sent -will be returned to the sender. -Defaults to five days. -The optional -.i wtime -is the time after which a warning message is sent. -If it is missing or zero -then no warning messages are sent. -.ip u\fIn\fP -Set the default userid for mailers to -.i n . -Mailers without the -.i S -flag in the mailer definition -will run as this user. -Defaults to 1. -The value can also be given as a symbolic user name. -.ip U\fIudbspec\fP -The user database specification. -.ip v -Run in verbose mode. -If this is set, -.i sendmail -adjusts options -.b c -(don't connect to expensive mailers) -and -.b d -(delivery mode) -so that all mail is delivered completely -in a single job -so that you can see the entire delivery process. -Option -.b v -should -.i never -be set in the configuration file; -it is intended for command line use only. -.ip V\fIfallbackhost\fP -If specified, the -.i fallbackhost -acts like a very low priority MX -on every host. -This is intended to be used by sites with poor network connectivity. -.ip w -If you are the +.ip TryNullMXList +[w] +If this system is the .q best (that is, lowest preference) MX for a given host, -you should normally detect this situation -and treat that condition specially, +its configuration rules should normally detect this situation +and treat that condition specially by forwarding the mail to a UUCP feed, treating it as local, or whatever. @@ -4049,69 +5117,77 @@ or .q "message timed out" instead of something more meaningful. This option is disrecommended. -.ip x\fILA\fP -When the system load average exceeds -.i LA , -just queue messages -(i.e., don't try to send them). -Defaults to 8. -.ip X\fILA\fP -When the system load average exceeds -.i LA , -refuse incoming SMTP connections. -Defaults to 12. -.ip y\fIfact\fP -The indicated -.i fact or -is added to the priority (thus -.i lowering -the priority of the job) -for each recipient, -i.e., this value penalizes jobs with large numbers of recipients. -Defaults to 30000. -.ip Y -If set, -deliver each job that is run from the queue in a separate process. -Use this option if you are short of memory, -since the default tends to consume considerable amounts of memory -while the queue is being processed. -.ip z\fIfact\fP -The indicated -.i fact or -is multiplied by the message class -(determined by the Precedence: field in the user header -and the -.b P -lines in the configuration file) -and subtracted from the priority. -Thus, messages with a higher Priority: will be favored. -Defaults to 1800. -.ip Z\fIfact\fP -The -.i fact or -is added to the priority -every time a job is processed. -Thus, -each time a job is processed, -its priority will be decreased by the indicated value. -In most environments this should be positive, -since hosts that are down are all too often down for a long time. -Defaults to 90000. -.ip 7 -Strip input to seven bits for compatibility with old systems. -This shouldn't be necessary. +.ip UnixFromLine=\fIfromline\fP +[$l macro] +Defines the format used when +.i sendmail +must add a UNIX-style From_ line +(that is, a line beginning +.q From<space>user ). +Defaults to +.q "From $g $d" . +Don't change this unless your system uses a different UNIX mailbox format +(very unlikely). +.ip UseErrorsTo +[l] +If there is an +.q Errors-To: +header, send error messages to the addresses listed there. +They normally go to the envelope sender. +Use of this option causes +.i sendmail +to violate RFC 1123. +This option is disrecommended and deprecated. +.ip UserDatabaseSpec=\fIudbspec\fP +[U] +The user database specification. +.ip Verbose +[v] +Run in verbose mode. +If this is set, +.i sendmail +adjusts options +.b HoldExpensive +(old +.b c ) +and +.b DeliveryMode +(old +.b d ) +so that all mail is delivered completely +in a single job +so that you can see the entire delivery process. +Option +.b Verbose +should +.i never +be set in the configuration file; +it is intended for command line use only. .lp All options can be specified on the command line using the -\-o flag, +\-O or \-o flag, but most will cause .i sendmail to relinquish its setuid permissions. The options that will not cause this are -b, d, e, i, L, m, o, p, r, s, v, C, and 7. +MinFreeBlocks [b], +DeliveryMode [d], +ErrorMode [e], +IgnoreDots [i], +LogLevel [L], +MeToo [m], +OldStyleHeaders [o], +PrivacyOptions [p], +Timeouts [r], +SuperSafe [s], +Verbose [v], +CheckpointInterval [C], +and +SevenBitInput [7]. Also, M (define macro) when defining the r or s macros is also considered .q safe . -.sh 3 "P \*- precedence definitions" +.sh 2 "P \*- Precedence Definitions" .pp Values for the .q "Precedence:" @@ -4157,7 +5233,7 @@ didn't recognize this name, giving it a default precedence of zero. This allows list maintainers to see error returns on both old and new versions of .i sendmail . -.sh 3 "V \*- configuration version level" +.sh 2 "V \*- Configuration Version Level" .pp To provide compatibility with old configuration files, the @@ -4178,8 +5254,8 @@ on the files. For example, as of this writing version 8 config files -(specifically, 8.6) -used version level 5 configurations. +(specifically, 8.7) +used version level 6 configurations. .pp .q Old configuration files are defined as version level one. @@ -4237,6 +5313,22 @@ change the default definition of .b $w to be just the first component of the hostname. .pp +Version level six configuration files +change many of the local processing options +(such as aliasing and matching the beginning of the address for +`|' characters) +to be mailer flags; +this allows fine-grained control over the special local processing. +Level six configuration files may also use long option names. +The +.b ColonOkInAddr +option (to allow colons in the local-part of addresses) +defaults +.b on +for lower numbered configuration files; +the configuration file requires some additional intelligence +to properly handle the RFC 822 group construct. +.pp The .b V line may have an optional @@ -4250,8 +5342,15 @@ to the list of recognized vendors by editing the routine .i setvendor in .i conf.c . +Please send e-mail to sendmail@CS.Berkeley.EDU +to register your vendor dialect. .)f -.sh 3 "K \*- key file declaration" +You may use +.q /Berkeley +to emphasize that this configuration file +uses the Berkeley dialect of +.i sendmail . +.sh 2 "K \*- Key File Declaration" .pp Special maps can be defined using the line: .(b @@ -4281,7 +5380,7 @@ or .i default portion may be omitted. The -.i arguments +.i "$@ arguments" may appear more than once. The indicated .i key @@ -4309,7 +5408,7 @@ is always the database key. For example, the rule .(b .ta 1.5i -R$- ! $+ $: $(uucp $1 $@ $2 $: %1 @ %0 . UUCP $) +R$\- ! $+ $: $(uucp $1 $@ $2 $: %1 @ %0 . UUCP $) .)b Looks up the UUCP name in a (user defined) UUCP map; if not found it turns it into @@ -4334,24 +5433,156 @@ is equivalent to: $[\fIhostname\fP$] .)b .pp -There are four predefined database lookup classes: -.q dbm , -.q btree , -.q hash , +There are many defined classes. +.ip dbm +Database lookups using the ndbm(3) library. +.i Sendmail +must be compiled with +.b NDBM +defined. +.ip btree +Database lookups using the btree interface to the Berkeley db(3) library. +.i Sendmail +must be compiled with +.b NEWDB +defined. +.ip hash +Database lookups using the hash interface to the Berkeley db(3) library. +.i Sendmail +must be compiled with +.b NEWDB +defined. +.ip nis +NIS lookups. +.i Sendmail +must be compiled with +.b NIS +defined. +.ip nisplus +NIS+ lookups. +.i Sendmail +must be compiled with +.b NISPLUS +defined. +The argument is the name of the table to use for lookups, +and the +.b \-k and -.q nis . -The first requires that -.i sendmail -be compiled with the -.b ndbm -library; -the second two require the -.b db -library, -and the third requires that -.i sendmail -be compiled with NIS support. -All four accept as arguments the same optional flags +.b \-v +flags may be used to set the key and value columns respectively. +.ip hesiod +Hesiod lookups. +.i Sendmail +must be compiled with +.b HESIOD +defined. +.ip netinfo +NeXT NetInfo lookups. +.i Sendmail +must be compiled with +.b NETINFO +defined. +.ip text +Text file lookups. +The format of the text file is defined by the +.b \-k +(key field number), +.b \-v +(value field number), +and +.b \-z +(field delimiter) +flags. +.ip stab +Internal symbol table lookups. +Used internally for aliasing. +.ip implicit +Really should be called +.q alias +\(em this is used to get the default lookups +for alias files, +and is the default if no class is specified for alias files. +.ip user +Looks up users using +.i getpwnam (3). +The +.b \-v +flag can be used to specify the name of the field to return +(although this is normally used only to check the existence +of a user). +.ip host +Canonifies host domain names. +Given a host name it calls the name server +to find the canonical name for that host. +.ip sequence +The arguments on the `K' line are a list of maps; +the resulting map searches the argument maps in order +until it finds a match for the indicated key. +For example, if the key definition is: +.(b +Kmap1 ... +Kmap2 ... +Kseqmap sequence map1 map2 +.)b +then a lookup against +.q seqmap +first does a lookup in map1. +If that is found, it returns immediately. +Otherwise, the same key is used for map2. +.ip switch +Much like the +.q sequence +map except that the order of maps is determined by the service switch. +The argument is the name of the service to be looked up; +the values from the service switch are appended to the map name +to create new map names. +For example, consider the key definition: +.(b +Kali switch aliases +.)b +together with the service switch entry: +.(b +aliases nis files +.)b +This causes a query against the map +.q ali +to search maps named +.q ali.nis +and +.q ali.files +in that order. +.ip dequote +Strip double quotes (") from a name. +It does not strip backslashes, +and will not strip quotes if the resulting string +would contain unscannable syntax +(that is, basic errors like unbalanced angle brackets; +more sophisticated errors such as unknown hosts are not checked). +The intent is for use when trying to accept mail from systems such as +DECnet +that routinely quote odd syntax such as +.(b +"49ers::ubell" +.)b +A typical usage is probably something like: +.(b +Kdequote dequote + +\&... + +R$\- $: $(dequote $1 $) +R$\- $+ $: $>3 $1 $2 +.)b +Care must be taken to prevent unexpected results; +for example, +.(b +"|someprogram < input > output" +.)b +will have quotes stripped, +but the result is probably not what you had in mind. +Fortunately these cases are rare. +.pp +Most of these accept as arguments the same optional flags and a filename (or a mapname for NIS; the filename is the root of the database path, @@ -4367,14 +5598,7 @@ no error is produced, and .i sendmail will behave as if the map existed but was empty. -.ip "\-N" -Normally when maps are written, -the trailing null byte is not included as part of the key. -If this flag is indicated it will be included. -During lookups, only the null-byte-included form will be searched. -See also -.b \-O. -.ip "\-O" +.ip "\-N, \-O" If neither .b \-N or @@ -4386,9 +5610,14 @@ on the end of keys. It starts by trying both; if it finds any key with a null byte it never tries again without a null byte and vice versa. -If this flag is specified, -it never tries with a null byte; -this can speed matches but is never necessary. +If +.b \-N +is specified it never tries without a null byte and +if +.b \-O +is specified it never tries with a null byte. +Setting one of +these can speed matches but are never necessary. If both .b \-N and @@ -4416,6 +5645,25 @@ this flag prevents the map from substituting the value. However, The \-a argument is still appended on a match, and the default is still taken if the match fails. +.ip "\-k\fIkeycol\fP" +The key column name (for NIS+) or number +(for text lookups). +.ip "\-v\fIvalcol\fP" +The value column name (for NIS+) or number +(for text lookups). +.ip "\-z\fIdelim\fP" +The column delimiter (for text lookups). +It can be a single character or one of the special strings +.q \|\en +or +.q \|\et +to indicate newline or tab respectively. +If omitted entirely, +the column separator is any sequence of whitespace. +.ip "\-s\fIspacesub\fP +For the dequote map only, +the character to use to replace space characters +after a successful dequote. .pp The .i dbm @@ -4445,7 +5693,7 @@ The program can be used to build any of the three database-oriented maps. It takes the following flags: .ip \-f -Fold upper to lower case in the map. +Do not fold upper to lower case in the map. .ip \-N Include null bytes in keys. .ip \-o @@ -4466,691 +5714,14 @@ while they are being updated.\** \**That is, don't create new maps and then use .i mv (1) to move them into place. -I consider this a shortfall (a.k.a. bug) in -.i sendmail -which should be fixed in a future release. +Since the maps are already open +the new maps will never be seen. .)f .pp -There are also two builtin maps that are, -strictly speaking, -not database lookups. -.pp -The -.q host -map does host domain canonification; -given a host name it calls the name server -to find the canonical name for that host. -.pp -The -.q dequote -map strips double quotes (") from a name. -It does not strip backslashes. -It will not strip quotes if the resulting string -would contain unscannable syntax -(that is, basic errors like unbalanced angle brackets; -more sophisticated errors such as unknown hosts are not checked). -The intent is for use when trying to accept mail from systems such as -DECnet -that routinely quote odd syntax such as -.(b -"49ers::ubell" -.)b -A typical usage is probably something like: -.(b -Kdequote dequote - -\&... - -R$\- $: $(dequote $1 $) -R$\- $+ $: $>3 $1 $2 -.)b -Care must be taken to prevent unexpected results; -for example, -.(b -"|someprogram < input > output" -.)b -will have quotes stripped, -but the result is probably not what you had in mind. -Fortunately these cases are rare. -.pp New classes can be added in the routine .b setupmaps in file .b conf.c . -.sh 2 "Building a Configuration File From Scratch" -.pp -Building a configuration table from scratch is an extremely difficult job. -Fortunately, -it is almost never necessary to do so; -nearly every situation that may come up -may be resolved by changing an existing table. -In any case, -it is critical that you understand what it is that you are trying to do -and come up with a philosophy for the configuration table. -This section is intended to explain what the real purpose -of a configuration table is -and to give you some ideas -for what your philosophy might be. -.pp -.b "Do not even consider" -writing your own configuration file -without carefully studying -RFC 821, 822, and 1123. -You should also read RFC 976 -if you are doing UUCP exchange. -.sh 3 "What you are trying to do" -.pp -The configuration table has three major purposes. -The first and simplest -is to set up the environment for -.i sendmail . -This involves setting the options, -defining a few critical macros, -etc. -Since these are described in other places, -we will not go into more detail here. -.pp -The second purpose is to rewrite addresses in the message. -This should typically be done in two phases. -The first phase maps addresses in any format -into a canonical form. -This should be done in ruleset three. -The second phase maps this canonical form -into the syntax appropriate for the receiving mailer. -.i Sendmail -does this in three subphases. -Rulesets one and two -are applied to all sender and recipient addresses respectively. -After this, -you may specify per-mailer rulesets -for both sender and recipient addresses; -this allows mailer-specific customization. -Finally, -ruleset four is applied to do any default conversion -to external form. -.pp -The third purpose -is to map addresses into the actual set of instructions -necessary to get the message delivered. -Ruleset zero must resolve to the internal form, -which is in turn used as a pointer to a mailer descriptor. -The mailer descriptor describes the interface requirements -of the mailer. -.sh 3 "Philosophy" -.pp -The particular philosophy you choose will depend heavily -on the size and structure of your organization. -I will present a few possible philosophies here. -There are as many philosophies as there are config designers; -feel free to develop your own. -.pp -One general point applies to all of these philosophies: -it is almost always a mistake -to try to do full host route resolution. -For example, -if you are on a UUCP-only site -and you are trying to get names of the form -.q user@host -to the Internet, -it does not pay to route them to -.q xyzvax!decvax!ucbvax!c70!user@host -since you then depend on several links not under your control, -some of which are likely to misparse it anyway. -The best approach to this problem -is to simply forward the message for -.q user@host -to -.q xyzvax -and let xyzvax -worry about it from there. -In summary, -just get the message closer to the destination, -rather than determining the full path. -.sh 4 "Large site, many hosts \*- minimum information" -.pp -Berkeley is an example of a large site, -i.e., more than two or three hosts -and multiple mail connections. -We have decided that the only reasonable philosophy -in our environment -is to designate one host as the guru for our site. -It must be able to resolve any piece of mail it receives. -The other sites should have the minimum amount of information -they can get away with. -In addition, -any information they do have -should be hints rather than solid information. -.pp -For example, -a typical site on our local ether network is -.q monet -(actually -.q monet.CS.Berkeley.EDU ). -When monet receives mail for delivery, -it checks whether it knows -that the destination host is directly reachable; -if so, mail is sent to that host. -If it receives mail for any unknown host, -it just passes it directly to -.q ucbvax.CS.Berkeley.EDU , -our master host. -Ucbvax may determine that the host name is illegal -and reject the message, -or may be able to do delivery. -However, it is important to note that when a new mail connection is added, -the only host that -.i must -have its tables updated -is ucbvax; -the others -.i may -be updated if convenient, -but this is not critical. -.pp -This picture is slightly muddied -due to network connections that are not actually located -on ucbvax. -For example, -some UUCP connections are currently on -.q ucbarpa. -However, -monet -.i "does not" -know about this; -the information is hidden totally between ucbvax and ucbarpa. -Mail going from monet to a UUCP host -is transferred via the ethernet -from monet to ucbvax, -then via the ethernet from ucbvax to ucbarpa, -and then is submitted to UUCP. -Although this involves some extra hops, -we feel this is an acceptable tradeoff. -.pp -An interesting point is that it would be possible -to update monet -to send appropriate UUCP mail directly to ucbarpa -if the load got too high; -if monet failed to note a host as connected to ucbarpa -it would go via ucbvax as before, -and if monet incorrectly sent a message to ucbarpa -it would still be sent by ucbarpa -to ucbvax as before. -The only problem that can occur is loops, -for example, -if ucbarpa thought that ucbvax had the UUCP connection -and vice versa. -For this reason, -updates should -.i always -happen to the master host first. -.pp -This philosophy results as much from the need -to have a single source for the configuration files -(typically built using -.i m4 \|(1) -or some similar tool) -as any logical need. -Maintaining more than three separate tables by hand -is essentially an impossible job. -.sh 4 "Small site \*- complete information" -.pp -A small site -(two or three hosts and few external connections) -may find it more reasonable to have complete information -at each host. -This would require that each host -know exactly where each network connection is, -possibly including the names of each host on that network. -As long as the site remains small -and the configuration remains relatively static, -the update problem will probably not be too great. -.sh 4 "Single host" -.pp -This is in some sense the trivial case. -The only major issue is trying to insure that you don't -have to know too much about your environment. -For example, -if you have a UUCP connection -you might find it useful to know about the names of hosts -connected directly to you, -but this is really not necessary -since this may be determined from the syntax. -.sh 4 "A completely different philosophy" -.pp -This is adapted from Bruce Lilly. -Any errors in interpretation are mine. -.pp -Do minimal changes in ruleset 3: -fix some common but unambiguous errors (e.g. trailing dot on domains) and -hide bang paths foo!bar into bar@foo.UUCP. -The resulting "canonical" form is any valid RFC822/RFC1123/RFC976 address. -.pp -Ruleset 0 does the bulk of the work. -It removes the trailing "@.UUCP" that hides bang paths, -strips anything not needed to resolve, -e.g. the phrase from phrase <route-addr> and from named groups, -rejects unparseable addresses using $#error, -and finally -resolves to a mailer/host/user triple. -Ruleset 0 is rather lengthy -as it has to handle 3 basic address forms: -RFC976 bang paths, -RFC1123 %-hacks -(including vanilla RFC822 local-part@domain), -and RFC822 source routes. -It's also complicated by having to handle named lists. -.pp -The header rewriting rulesets 1 and 2 -remove the trailing "@.UUCP" that hides bang paths. -Ruleset 2 also strips the $# mailer $@ host (for test mode). -.pp -Ruleset 4 does absolutely nothing. -.pp -The per-mailer rewriting rulesets conform the envelope and -header addresses to the requirements of the specific -mailer. -.pp -Lots of rulesets-as-subroutines are used. -.pp -As a result, header addresses are subject to minimal munging -(per RFC1123), and the general plan is per RFC822 sect. 3.4.10. -.sh 3 "Relevant issues" -.pp -The canonical form you use -should almost certainly be as specified in -the Internet protocols -RFC819 and RFC822. -Copies of these RFC's are included on the -.i sendmail -tape -as -.i doc/rfc819.lpr -and -.i doc/rfc822.lpr . -.pp -RFC822 -describes the format of the mail message itself. -.i Sendmail -follows this RFC closely, -to the extent that many of the standards described in this document -can not be changed without changing the code. -In particular, -the following characters have special interpretations: -.(b -< > ( ) " \e -.)b -Any attempt to use these characters for other than their RFC822 -purpose in addresses is probably doomed to disaster. -.pp -RFC819 -describes the specifics of the domain-based addressing. -This is touched on in RFC822 as well. -Essentially each host is given a name -which is a right-to-left dot qualified pseudo-path -from a distinguished root. -The elements of the path need not be physical hosts; -the domain is logical rather than physical. -For example, -at Berkeley -one legal host might be -.q a.CC.Berkeley.EDU ; -reading from right to left, -.q EDU -is a top level domain -comprising educational institutions, -.q Berkeley -is a logical domain name, -.q CC -represents the Computer Center, -(in this case a strictly logical entity), -and -.q a -is a host in the Computer Center. -.pp -Beware when reading RFC819 -that there are a number of errors in it. -.sh 3 "How to proceed" -.pp -Once you have decided on a philosophy, -it is worth examining the available configuration tables -to decide if any of them are close enough -to steal major parts of. -Even under the worst of conditions, -there is a fair amount of boiler plate that can be collected safely. -.pp -The next step is to build ruleset three. -This will be the hardest part of the job. -Beware of doing too much to the address in this ruleset, -since anything you do will reflect through -to the message. -In particular, -stripping of local domains is best deferred, -since this can leave you with addresses with no domain spec at all. -Since -.i sendmail -likes to append the sending domain to addresses with no domain, -this can change the semantics of addresses. -Also try to avoid -fully qualifying domains in this ruleset. -Although technically legal, -this can lead to unpleasantly and unnecessarily long addresses -reflected into messages. -The Berkeley configuration files -define ruleset nine -to qualify domain names and strip local domains. -This is called from ruleset zero -to get all addresses into a cleaner form. -.pp -Once you have ruleset three finished, -the other rulesets should be relatively trivial. -If you need hints, -examine the supplied configuration tables. -.sh 3 "Testing the rewriting rules \*- the \-bt flag" -.pp -When you build a configuration table, -you can do a certain amount of testing -using the -.q "test mode" -of -.i sendmail . -For example, -you could invoke -.i sendmail -as: -.(b -sendmail \-bt \-Ctest.cf -.)b -which would read the configuration file -.q test.cf -and enter test mode. -In this mode, -you enter lines of the form: -.(b -rwset address -.)b -where -.i rwset -is the rewriting set you want to use -and -.i address -is an address to apply the set to. -Test mode shows you the steps it takes -as it proceeds, -finally showing you the address it ends up with. -You may use a comma separated list of rwsets -for sequential application of rules to an input. -For example: -.(b -3,1,21,4 monet:bollard -.)b -first applies ruleset three to the input -.q monet:bollard. -Ruleset one is then applied to the output of ruleset three, -followed similarly by rulesets twenty-one and four. -.pp -If you need more detail, -you can also use the -.q \-d21 -flag to turn on more debugging. -For example, -.(b -sendmail \-bt \-d21.99 -.)b -turns on an incredible amount of information; -a single word address -is probably going to print out several pages worth of information. -.pp -You should be warned that internally, -.i sendmail -applies ruleset 3 to all addresses. -In this version of -.i sendmail , -you will have to do that manually. -For example, older versions allowed you to use -.(b -0 bruce@broadcast.sony.com -.)b -This version requires that you use: -.(b -3,0 bruce@broadcast.sony.com -.)b -.sh 3 "Building mailer descriptions" -.pp -To add an outgoing mailer to your mail system, -you will have to define the characteristics of the mailer. -.pp -Each mailer must have an internal name. -This can be arbitrary, -except that the names -.q local -and -.q prog -must be defined. -.pp -The pathname of the mailer must be given in the P field. -If this mailer should be accessed via an IPC connection, -use the string -.q [IPC] -instead. -.pp -The F field defines the mailer flags. -You should specify an -.q f -or -.q r -flag to pass the name of the sender as a -.b \-f -or -.b \-r -flag respectively. -These flags are only passed if they were passed to -.i sendmail , -so that mailers that give errors under some circumstances -can be placated. -If the mailer is not picky -you can just specify -.q "\-f $g" -in the argv template. -If the mailer must be called as -.b root -the -.q S -flag should be given; -this will not reset the userid -before calling the mailer\**. -.(f -\**\c -.i Sendmail -must be running setuid to root -for this to work. -.)f -If this mailer is local -(i.e., will perform final delivery -rather than another network hop) -the -.q l -flag should be given. -Quote characters -(backslashes and " marks) -can be stripped from addresses if the -.q s -flag is specified; -if this is not given -they are passed through. -If the mailer is capable of sending to more than one user -on the same host -in a single transaction -the -.q m -flag should be stated. -If this flag is on, -then the argv template containing -.b $u -will be repeated for each unique user -on a given host. -The -.q e -flag will mark the mailer as being -.q expensive, -which will cause -.i sendmail -to defer connection -until a queue run\**. -.(f -\**The -.q c -configuration option must be given -for this to be effective. -.)f -.pp -An unusual case is the -.q C -flag. -This flag applies to the mailer that the message is received from, -rather than the mailer being sent to; -if set, -the domain spec of the sender -(i.e., the -.q @host.domain -part) -is saved -and is appended to any addresses in the message -that do not already contain a domain spec. -For example, -a message of the form: -.(b -From: eric@vangogh.CS.Berkeley.EDU -To: wnj@monet.CS.Berkeley.EDU, mckusick -.)b -will be modified to: -.(b -From: eric@vangogh.CS.Berkeley.EDU -To: wnj@monet.CS.Berkeley.EDU, mckusick@vangogh.CS.Berkeley.EDU -.)b -.i "if and only if" -the -.q C -flag is defined in the mailer resolved to -by running -.q eric@vangogh.CS.Berkeley.EDU -through rulesets 3 and 0. -.pp -Other flags are described -in Appendix C. -.pp -The S and R fields in the mailer description -are per-mailer rewriting sets -to be applied to sender and recipient addresses -respectively. -These are applied after the sending domain is appended -and the general rewriting sets -(numbers one and two) -are applied, -but before the output rewrite -(ruleset four) -is applied. -A typical use is to append the current domain -to addresses that do not already have a domain. -For example, -a header of the form: -.(b -From: eric -.)b -might be changed to be: -.(b -From: eric@vangogh.CS.Berkeley.EDU -.)b -or -.(b -From: ucbvax!eric -.)b -depending on the domain it is being shipped into. -These sets can also be used -to do special purpose output rewriting -in cooperation with ruleset four. -.pp -The S and R fields -can be specified as two numbers separated by a slash -(e.g., -.q "S=10/11" ), -meaning that all envelope addresses will be processed through ruleset 10 -and all header addresses will be processed through ruleset 11. -With only one number specified, -both envelope and header rewriting sets are set to the indicated ruleset. -.pp -The E field defines the string to use -as an end-of-line indication. -A string containing only newline is the default. -The usual backslash escapes -(\er, \en, \ef, \eb) -may be used. -.pp -Finally, -an argv template is given as the A field. -It may have embedded spaces. -If there is no argv with a -.b $u -macro in it, -.i sendmail -will speak SMTP -to the mailer. -If the pathname for this mailer is -.q [IPC], -the argv should be -.(b -IPC $h [ \fIport\fP ] -.)b -where -.i port -is the optional port number -to connect to. -.pp -For example, -the specifications: -.(b -.ta \w'Mlocal, 'u +\w'P=/bin/mail, 'u +\w'F=rlsm, 'u +\w'S=10, 'u +\w'R=20, 'u -Mlocal, P=/bin/mail, F=rlsm S=10, R=20, A=mail \-d $u -Mether, P=[IPC], F=meC, S=11, R=21, A=IPC $h, M=100000 -.)b -specifies a mailer to do local delivery -and a mailer for ethernet delivery. -The first is called -.q local, -is located in the file -.q /bin/mail, -takes a picky -.b \-r -flag, -does local delivery, -quotes should be stripped from addresses, -and multiple users can be delivered at once; -ruleset ten -should be applied to sender addresses in the message -and ruleset twenty -should be applied to recipient addresses; -the argv to send to a message will be the word -.q mail, -the word -.q \-d, -and words containing the name of the receiving user. -If a -.b \-r -flag is inserted -it will be between the words -.q mail -and -.q \-d. -The second mailer is called -.q ether, -it should be connected to via an IPC connection, -it can handle multiple users at once, -connections should be deferred, -and any domain from the sender address -should be appended to any receiver name -without a domain; -sender addresses should be processed by ruleset eleven -and recipient addresses by ruleset twenty-one. -There is a 100,000 byte limit on messages passed through this mailer. .sh 2 "The User Database" .pp If you have a version of @@ -5161,7 +5732,7 @@ the handling of sender and recipient addresses is modified. .pp The location of this database is controlled with the -.b U +.b UserDatabaseSpec option. .sh 3 "Structure of the user database" .pp @@ -5314,6 +5885,10 @@ recompiling .i sendmail . This section describes what changes can be made and what has to be modified to make them. +In most cases this should be unnecessary +unless you are porting +.i sendmail +to a new environment. .sh 2 "Parameters in src/Makefile" .pp These parameters are intended to describe the compilation environment, @@ -5339,113 +5914,22 @@ If set together with NEWDB and NDBM, .i sendmail will create both DBM and NEWDB files if and only if -the file /var/yp/Makefile -exists and is readable. +an alias file includes the substring +.q /yp/ +in the name. This is intended for compatibility with Sun Microsystems' .i mkalias program used on YP masters. -.ip SYSTEM5 -Set all of the compilation parameters appropriate for System V. -.ip LOCKF -Use System V -.b lockf -instead of Berkeley -.b flock . -Due to the highly unusual semantics of locks -across forks in -.b lockf , -this should never be used unless absolutely necessary. -Set by default if -SYSTEM5 is set. -.ip SYS5TZ -Use System V -time zone semantics. -.ip HASINITGROUPS -Set this if your system has the -.i initgroups() -call -(if you have multiple group support). -This is the default if SYSTEM5 is -.i not -defined or if you are on HPUX. -.ip HASUNAME -Set this if you have the -.i uname (2) -system call (or corresponding library routine). -Set by default if -SYSTEM5 -is set. -.ip HASSTATFS -Set this if you have the -.i statfs (2) -system call. -This will allow you to give a temporary failure -message to incoming SMTP email -when you are low on disk space. -It is set by default on 4.4BSD and OSF/1 systems. -.ip HASUSTAT -Set if you have the -.i ustat (2) -system call. -This is an alternative implementation of disk space control. -You should only set one of HASSTATFS or HASUSTAT; -the first is preferred. +.ip NISPLUS +Compile in support for NIS+. +.ip NETINFO +Compile in support for NetInfo (NeXT stations). +.ip HESIOD +Compile in support for Hesiod. .ip _PATH_SENDMAILCF The pathname of the sendmail.cf file. .ip _PATH_SENDMAILPID The pathname of the sendmail.pid file. -.ip LA_TYPE -The load average type. -Details are described below. -.lp -The are several built-in ways of computing the load average. -.i Sendmail -tries to auto-configure them based on imperfect guesses; -you can select one using the -.i cc -option -.b \-DLA_TYPE= \c -.i type , -where -.i type -is: -.ip LA_INT -The kernel stores the load average in the kernel as an array of long integers. -The actual values are scaled by a factor FSCALE -(default 256). -.ip LA_SHORT -The kernel stores the load average in the kernel as an array of short integers. -The actual values are scaled by a factor FSCALE -(default 256). -.ip LA_FLOAT -The kernel stores the load average in the kernel as an array of -double precision floats. -.ip LA_MACH -Use MACH-style load averages. -.ip LA_SUBR -Call the -.i getloadavg -routine to get the load average as an array of doubles. -.ip LA_ZERO -Always return zero as the load average. -This is the fallback case. -.lp -If type -.sm LA_INT , -.sm LA_SHORT , -or -.sm LA_FLOAT -is specified, -you may also need to specify -.sm _PATH_UNIX -(the path to your system binary) -and -.sm LA_AVENRUN -(the name of the variable containing the load average in the kernel; -usually -.q _avenrun -or -.q avenrun ). .pp There are also several compilation flags to indicate the environment such as @@ -5464,8 +5948,12 @@ However, the sizes of certain primitive vectors, etc., are included in this file. The numbers following the parameters are their default value. +.pp +This document is not the best source of information +for compilation flags in conf.h \(em +see src/READ_ME or src/conf.h itself. .nr ii 1.2i -.ip "MAXLINE [1024]" +.ip "MAXLINE [2048]" The maximum line length of any input line. If message lines exceed this length they will still be processed correctly; @@ -5496,9 +5984,15 @@ is seven atoms. .ip "MAXMAILERS [25]" The maximum number of mailers that may be defined in the configuration file. -.ip "MAXRWSETS [100]" +.ip "MAXRWSETS [200]" The maximum number of rewriting sets that may be defined. +The first half of these are reserved for numeric specification +(e.g., ``S92''), +while the upper half are reserved for auto-numbering +(e.g., ``Sfoo''). +Thus, with a value of 200 an attempt to use ``S99'' will succeed, +but ``S100'' will fail. .ip "MAXPRIORITIES [25]" The maximum number of values for the .q Precedence: @@ -5506,29 +6000,32 @@ field that may be defined (using the .b P line in sendmail.cf). -.ip "MAXUSERENVIRON [40]" +.ip "MAXUSERENVIRON [100]" The maximum number of items in the user environment that will be passed to subordinate mailers. -.ip "QUEUESIZE [1000]" -The maximum number of entries that will be processed -in a single queue run. .ip "MAXMXHOSTS [20]" The maximum number of MX records we will accept for any single host. +.ip "MAXALIASDB [12]" +The maximum number of alias databases that can be open at any time. +Note that there may also be an open file limit. +.ip "MAXMAPSTACK [12]" +The maximum number of maps that may be "stacked" in a +.b sequence +class map. +.ip "MAXMIMEARGS [20]" +The maximum number of arguments in a MIME Content-Type: header; +additional arguments will be ignored. +.ip "MAXMIMENESTING [20]" +The maximum depth to which MIME messages may be nested +(that is, nested Message or Multipart documents; +this does not limit the number of components in a single Multipart document). .lp A number of other compilation options exist. These specify whether or not specific code should be compiled in. +Ones marked with \(dg +are 0/1 valued. .nr ii 1.2i -.ip DEBUG -If set, debugging information is compiled in. -To actually get the debugging output, -the -.b \-d -flag must be used. -.b "WE STRONGLY RECOMMEND THAT THIS BE LEFT ON." -Some people, believing that it was a security hole -(it was, once) -have turned it off and thus crippled debuggers. -.ip NETINET +.ip NETINET\(dg If set, support for Internet protocol networking is compiled in. Previous versions of @@ -5536,7 +6033,10 @@ Previous versions of referred to this as .sm DAEMON ; this old usage is now incorrect. -.ip NETISO +Defaults on; +turn it off in the Makefile +if your system doesn't support the Internet protocols. +.ip NETISO\(dg If set, support for ISO protocol networking is compiled in (it may be appropriate to #define this in the Makefile instead of conf.h). @@ -5549,11 +6049,15 @@ This makes an informational log record for each message processed, and makes a higher priority log record for internal system errors. -.ip MATCHGECOS +.b "STRONGLY RECOMMENDED" +\(em if you want no logging, turn it off in the configuration file. +.ip MATCHGECOS\(dg Compile in the code to do ``fuzzy matching'' on the GECOS field in /etc/passwd. -This also requires that option G be turned on. -.ip NAMED_BIND +This also requires that the +.b MatchGECOS +option be turned on. +.ip NAMED_BIND\(dg Compile in code to use the Berkeley Internet Name Domain (BIND) server to resolve TCP/IP host names. @@ -5568,30 +6072,13 @@ This flag should be set to compile in the queueing code. If this is not set, mailers must accept the mail immediately or it will be returned to the sender. -.ip SETPROCTITLE -If defined, -.i sendmail -will change its -.i argv -array to indicate its current status. -This can be used in conjunction with the -.i ps -command to find out just what it's up to. .ip SMTP If set, the code to handle user and server SMTP will be compiled in. This is only necessary if your machine has some mailer that speaks SMTP (this means most machines everywhere). -.ip UGLYUUCP -If you have a UUCP host adjacent to you which is not running -a reasonable version of -.i rmail , -you will have to set this flag to include the -.q "remote from sysname" -info on the from line. -Otherwise, UUCP gets confused about where the mail came from. -.ip USERDB +.ip USERDB\(dg Include the .b experimental Berkeley user information database package. @@ -5599,7 +6086,10 @@ This adds a new level of local name expansion between aliasing and forwarding. It also uses the NEWDB package. This may change in future releases. -.ip IDENTPROTO +.lp +The following options are normally turned on +in per-operating-system clauses in conf.h. +.ip IDENTPROTO\(dg Compile in the IDENT protocol as defined in RFC 1413. This defaults on for all systems except Ultrix, which apparently has the interesting @@ -5610,6 +6100,104 @@ message it closes all open connections to that host. Since some firewall gateways send this error code when you access an unauthorized port (such as 113, used by IDENT), Ultrix cannot receive email from such hosts. +.ip SYSTEM5 +Set all of the compilation parameters appropriate for System V. +.ip HASFLOCK\(dg +Use Berkeley-style +.b flock +instead of System V +.b lockf +to do file locking. +Due to the highly unusual semantics of locks +across forks in +.b lockf , +this should always be used if at all possible. +.ip HASINITGROUPS +Set this if your system has the +.i initgroups() +call +(if you have multiple group support). +This is the default if SYSTEM5 is +.i not +defined or if you are on HPUX. +.ip HASUNAME +Set this if you have the +.i uname (2) +system call (or corresponding library routine). +Set by default if +SYSTEM5 +is set. +.ip HASGETDTABLESIZE +Set this if you have the +.i getdtablesize (2) +system call. +.ip HASWAITPID +Set this if you have the +.i haswaitpid (2) +system call. +.ip SFS_TYPE +The mechanism that can be used to get file system capacity information. +The values can be one of +SFS_USTAT (use the ustat(2) syscall), +SFS_4ARGS (use the four argument statfs(2) syscall), +SFS_VFS (use the two argument statfs(2) syscall including <sys/vfs.h>), +SFS_MOUNT (use the two argument statfs(2) syscall including <sys/mount.h>), +SFS_STATFS (use the two argument statfs(2) syscall including <sys/statfs.h>), +SFS_STATVFS (use the two argument statfs(2) syscall including <sys/statvfs.h>), +or +SFS_NONE (no way to get this information). +.ip LA_TYPE +The load average type. +Details are described below. +.lp +The are several built-in ways of computing the load average. +.i Sendmail +tries to auto-configure them based on imperfect guesses; +you can select one using the +.i cc +option +.b \-DLA_TYPE= \c +.i type , +where +.i type +is: +.ip LA_INT +The kernel stores the load average in the kernel as an array of long integers. +The actual values are scaled by a factor FSCALE +(default 256). +.ip LA_SHORT +The kernel stores the load average in the kernel as an array of short integers. +The actual values are scaled by a factor FSCALE +(default 256). +.ip LA_FLOAT +The kernel stores the load average in the kernel as an array of +double precision floats. +.ip LA_MACH +Use MACH-style load averages. +.ip LA_SUBR +Call the +.i getloadavg +routine to get the load average as an array of doubles. +.ip LA_ZERO +Always return zero as the load average. +This is the fallback case. +.lp +If type +.sm LA_INT , +.sm LA_SHORT , +or +.sm LA_FLOAT +is specified, +you may also need to specify +.sm _PATH_UNIX +(the path to your system binary) +and +.sm LA_AVENRUN +(the name of the variable containing the load average in the kernel; +usually +.q _avenrun +or +.q avenrun ). .sh 2 "Configuration in src/conf.c" .pp The following changes can be made in conf.c. @@ -5683,13 +6271,21 @@ table specifies .i sendmail 's preference for which field to return error messages to. +.ip H_ERRORSTO +Addresses in this header should receive error messages. +.ip H_CTE +This header is a Content-Transfer-Encoding header. +.ip H_CTYPE +This header is a Content-Type header. +.ip H_STRIPVAL +Strip the value from the header (for Bcc:). .nr ii 5n .lp Let's look at a sample .i HdrInfo specification: .(b -.ta 4n +\w'"return-receipt-to", 'u +.ta 4n +\w'"content-transfer-encoding", 'u struct hdrinfo HdrInfo[] = \&{ /* originator fields, most to least significant */ @@ -5698,15 +6294,20 @@ struct hdrinfo HdrInfo[] = "sender", H_FROM, "from", H_FROM, "full-name", H_ACHECK, + "errors-to", H_FROM\^|\^H_ERRORSTO, /* destination fields */ "to", H_RCPT, "resent-to", H_RCPT, "cc", H_RCPT, + "bcc", H_RCPT\^|\^H_STRIPVAL, /* message identification and control */ "message", H_EOH, "text", H_EOH, /* trace fields */ - "received", H_TRACE|H_FORCE, + "received", H_TRACE\^|\^H_FORCE, + /* miscellaneous fields */ + "content-transfer-encoding", H_CTE, + "content-type", H_CTYPE, NULL, 0, }; @@ -5824,10 +6425,10 @@ checkcompat(to, e) usrerr("No private net mail allowed through this machine"); return (EX_UNAVAILABLE); } - if (MsgSize > 50000 && to\->q_mailer != LocalMailer) + if (MsgSize > 50000 && bitnset(M_LOCALMAILER, to\->q_mailer)) { usrerr("Message too large for non-local delivery"); - NoReturn = TRUE; + e\->e_flags |= EF_NORETURN; return (EX_UNAVAILABLE); } return (EX_OK); @@ -5837,8 +6438,10 @@ checkcompat(to, e) This would reject messages greater than 50000 bytes unless they were local. The -.i NoReturn -flag can be sent to suppress the return of the actual body +.i EF_NORETURN +flag can be set in +.i e\(->e_flags +to suppress the return of the actual body of the message in the error return. The actual use of this routine is highly dependent on the implementation, @@ -5849,7 +6452,7 @@ The routine .i getla should return an approximation of the current system load average as an integer. -There are four versions included on compilation flags +There are several versions included on compilation flags as described above. .sh 3 "New Database Map Classes" .pp @@ -5917,8 +6520,6 @@ shouldqueue(pri, ctime) { if (CurrentLA < QueueLA) return (FALSE); - if (CurrentLA >= RefuseLA) - return (TRUE); return (pri > (QueueFactor / (CurrentLA \- QueueLA + 1))); } .)b @@ -5999,6 +6600,12 @@ The routine .i getla returns the current load average (as a rounded integer). The distribution includes several possible implementations. +If you are porting to a new environment +you may need to add some new tweaks.\** +.(f +\**If you do, please send updates to +sendmail@CS.Berkeley.EDU. +.)f .sh 2 "Configuration in src/daemon.c" .pp The file @@ -6021,7 +6628,13 @@ We now recommend that you create a new keyed map instead. The following summarizes changes since the last commonly available version of .i sendmail -(5.67): +(5.67). +For a detailed list, +consult the file +RELEASE_NOTES +in the root directory of the +.i sendmail +distribution. .sh 2 "Connection Caching" .pp Instead of closing SMTP connections immediately, @@ -6088,8 +6701,8 @@ doesn't always provide adequate concurrency limits. .sh 2 "Extended SMTP Support" .pp Version 8 includes both sending and receiving support for Extended -SMTP support as defined by RFC 1425 (basic) and RFC 1427 (SIZE); -and limited support for RFC 1426 (BODY). +SMTP support as defined by RFC 1651 (basic) and RFC 1653 (SIZE); +and limited support for RFC 1652 (BODY). .sh 2 "Eight-Bit Clean" .pp Previous versions of @@ -6199,6 +6812,10 @@ flag has been added to allow logging of all protocol in and out of .i sendmail for debugging. +.pp +The +.b \-O +flag simplies setting long-form options. .sh 2 "Enhanced Command Line Flags" .pp The @@ -6216,11 +6833,6 @@ respectively. .sh 2 "New and Old Configuration Line Types" .pp The -.b T -(Trusted users) configuration line has been deleted. -It will still be accepted but will be ignored. -.pp -The .b K line has been added to declare database maps. .pp @@ -6234,6 +6846,10 @@ line has a .q D= field that lets you change into a temporary directory while that mailer is running. +It also has a +.q U= +field to allow you to set the user and group id to be used +when running the mailer. .sh 2 "New Options" .pp Several new options have been added, @@ -6284,6 +6900,8 @@ host. handling technique. .ip 7 Do not run eight bit clean. +.ip 8 +Eight bit data handling mode. .sh 2 "Extended Options" .pp The @@ -6309,6 +6927,8 @@ If the EHLO (extended hello) command fails, .i sendmail falls back to old SMTP. +.ip A +Try the user part of addresses for this mailer as aliases. .ip b Ensure that there is a blank line at the end of all messages. .ip c @@ -6320,8 +6940,29 @@ Never use the null sender as the envelope sender, even when running SMTP. Although this violates RFC 1123, it may be necessary when you must deal with some obnoxious old hosts. +.ip k +Turn off the loopback check in the HELO protocol; +doing this may cause mailer loops. +.ip o +Always run the mailer as the recipient of the message. +.ip w +This user should have a passwd file entry. +.ip 5 +Try ruleset 5 if no local aliases. .ip 7 Strip all output to 7 bits. +.ip : +Check for :include: files. +.ip | +Check for |program addresses. +.ip / +Check for /file addresses. +.ip @ +Check this user against the user database. +.sh 2 "Long Option Names" +.pp +All options can be specified using long names, +and some new options can only be specified with long names. .sh 2 "New Pre-Defined Macros" .pp The following macros are pre-defined: @@ -6443,9 +7084,10 @@ for many years, and many employers have been remarkably patient about letting me work on a large project that was not part of my official job. -This includes time on the INGRES Project at Berkeley, +This includes time on the INGRES Project at +the University of California at Berkeley, at Britton Lee, -and again on the Mammoth Project at Berkeley. +and again on the Mammoth and Titan Projects at Berkeley. .pp Much of the second wave of improvements should be credited to Bryan Costales of ICSI. @@ -6460,7 +7102,9 @@ It has proven to be a group network effort. Version 8 in particular was a group project. The following people made notable contributions: .(l +John Beck, Hewlett-Packard Keith Bostic, CSRG, University of California, Berkeley +Andrew Cheng, Sun Microsystems Michael J. Corrigan, University of California, San Diego Bryan Costales, International Computer Science Institute Pa\*:r (Pell) Emanuelsson @@ -6473,17 +7117,26 @@ Brian Kantor, University of California, San Diego Murray S. Kucherawy, HookUp Communication Corp. Bruce Lilly, Sony U.S. Karl London -Nakamura Motonori, Kyoto University +Motonori Nakamura, Ritsumeikan University & Kyoto University John Gardiner Myers, Carnegie Mellon University Neil Rickert, Northern Illinois University Eric Schnoebelen, Convex Computer Corp. Eric Wassenaar, National Institute for Nuclear and High Energy Physics, Amsterdam -Christophe Wolfhugel, Herve Schauer Consultants (Paris) +Christophe Wolfhugel, Pasteur Institute & Herve Schauer Consultants (Paris) .)l I apologize for anyone I have omitted, misspelled, misattributed, or otherwise missed. -Many other people have contributed ideas, comments, and encouragement. +At this point, I suspect that at least a hundred people +have contributed code, +and many more have contributed ideas, comments, and encouragement. +I've tried to list them in the RELEASE_NOTES in the distribution directory. I appreciate their contribution as well. +.pp +Special thanks are reserved for Michael Corrigan and Christophe Wolfhugel, +who besides being wonderful guinea pigs and contributors +have also consented to be added to the ``sendmail@CS.Berkeley.EDU'' list +and, by answering the bulk of the questions sent to that list, +have freed me up to do other work. .++ A .+c "COMMAND LINE FLAGS" .ba 0 @@ -6499,12 +7152,16 @@ Operation modes are: .ta 4n m Deliver mail (default) s Speak SMTP on input side +a\(dg ``Arpanet'' mode (get envelope sender information from header) d Run as a daemon t Run in test mode v Just verify addresses, don't collect or deliver i Initialize the alias database p Print the mail queue .)b +.(f +\(dgDeprecated. +.)f .ip \-B\fItype\fP Indicate body type. .ip \-C\fIfile\fP @@ -6546,7 +7203,19 @@ Set option .i x to the specified .i value . -These options are described in Appendix B. +These options are described in Section 5.6. +.ip \-O\fIoption\fP\fB=\fP\fIvalue\fP +Set +.i option +to the specified +.i value +(for long form option names). +These options are described in Section 5.6. +.ip \-M\fIx\|value +Set macro +.i x +to the specified +.i value . .ip \-p\fIprotocol\fP Set the sending protocol. Programs are encouraged to set this. @@ -6646,31 +7315,6 @@ The types are: .ip d The data file. The message body (excluding the header) is kept in this file. -.ip l -The lock file. -If this file exists, -the job is currently being processed, -and a queue run will not process the file. -For that reason, -an extraneous -.b lf -file can cause a job to apparently disappear -(it will not even time out!). -[Actually, this file is obsolete on most systems that support the -.b flock -or -.b lockf -system calls.] -.ip n -This file is created when an id is being created. -It is a separate file to insure that no mail can ever be destroyed -due to a race condition. -It should exist for no more than a few milliseconds -at any given time. -[This is only used on old versions of -.i sendmail ; -it is not used -on newer versions.] .ip q The queue control file. This file contains the information necessary to process the job. @@ -6693,9 +7337,13 @@ The file is structured as a series of lines each beginning with a code letter. The lines are as follows: -.ip D -The name of the data file. -There may only be one of these lines. +.ip V +The version number of the queue file format, +used to allow new +.i sendmail +binaries to read queue files created by older versions. +Defaults to version zero. +Must be the first line of the file if present. .ip H A header definition. There may be any number of these lines. @@ -6714,19 +7362,30 @@ will be flagged so that deliveries will be run as the .i aliasname is the name of the alias that expanded to this address (used for printing messages). +.ip Q +The ``original recipient'', +specified by the ORCPT= field in an ESMTP transaction. +Used exclusively for Delivery Status Notifications. +It applies only to the immediately following `R' line. .ip R A recipient address. This will normally be completely aliased, but is actually realiased when the job is processed. There will be one line for each recipient. +Version 1 qf files +also include a leading colon-terminated list of flags, +which can be +`S' to return a message on successful final delivery, +`F' to return a message on failure, +`D' to return a message if the message is delayed, +`B' to indicate that the body should be returned, +`N' to suppress returning the body, +and +`P' to declare this as a ``primary'' (command line or SMTP-session) address. .ip S The sender address. There may only be one of these lines. -.ip E -An error address. -If any such lines exist, -they represent the addresses that should receive error messages. .ip T The job creation time. This is used to compute when to time out the job. @@ -6754,6 +7413,15 @@ and .b w indicating that a warning message has been sent announcing that the mail has been delayed. +.ip N +The total number of delivery attempts. +.ip K +The time (as seconds since January 1, 1970) +of the last delivery attempt. +.ip I +The i-number of the data file; +this can be used to recover your mail queue +after a disastrous disk crash. .ip $ A macro definition. The values of certain macros @@ -6773,6 +7441,12 @@ Legal values are .q 7BIT and .q 8BITMIME . +.ip O +The original MTS value (from the ESMTP transaction). +For Deliver Status Notifications only. +.ip Z +The original envelope id (from the ESMTP transaction). +For Deliver Status Notifications only. .pp As an example, the following is a queue file sent to @@ -6787,9 +7461,7 @@ nothing can replace looking at what your own system generates. .(b P835771 T404261372 -DdfAAA13557 Seric -Eowner-sendmail@vangogh.CS.Berkeley.EDU Ceric:sendmail@vangogh.CS.Berkeley.EDU Reric@mammoth.Berkeley.EDU Rbostic@okeeffe.CS.Berkeley.EDU @@ -6808,7 +7480,7 @@ Hmessage-id: <9207170931.AA22757@foo.bar.baz.de> HTo: sendmail@vangogh.CS.Berkeley.EDU Hsubject: this is an example message .)b -This shows the name of the data file, +This shows the person who sent the message, the submission time (in seconds since January 1, 1970), @@ -6891,7 +7563,7 @@ A transcript of the current session. .\"Eric Allman .\"Britton-Lee, Inc. .\".sp -.\"Version 8.36 +.\"Version 8.70 .\".ce 0 .bp 2 .rs |