91.rm Ve 92.sp 93For Sendmail Version 8.11 94.)l 95.(f 96Sendmail is a trademark of Sendmail, Inc. 97.)f 98.sp 2 99.pp 100.i Sendmail \u\s-2TM\s0\d 101implements a general purpose internetwork mail routing facility 102under the UNIX\(rg 103operating system. 104It is not tied to any one transport protocol \*- 105its function may be likened to a crossbar switch, 106relaying messages from one domain into another. 107In the process, 108it can do a limited amount of message header editing 109to put the message into a format that is appropriate 110for the receiving domain. 111All of this is done under the control of a configuration file. 112.pp 113Due to the requirements of flexibility 114for 115.i sendmail , 116the configuration file can seem somewhat unapproachable. 117However, there are only a few basic configurations 118for most sites, 119for which standard configuration files have been supplied. 120Most other configurations 121can be built by adjusting an existing configuration file 122incrementally. 123.pp 124.i Sendmail 125is based on 126RFC821 (Simple Mail Transport Protocol), 127RFC822 (Internet Mail Headers Format), 128RFC974 (MX routing), 129RFC1123 (Internet Host Requirements), 130RFC2045 (MIME), 131RFC1869 (SMTP Service Extensions), 132RFC1652 (SMTP 8BITMIME Extension), 133RFC1870 (SMTP SIZE Extension), 134RFC1891 (SMTP Delivery Status Notifications), 135RFC1892 (Multipart/Report), 136RFC1893 (Enhanced Mail System Status Codes), 137RFC1894 (Delivery Status Notifications), 138RFC1985 (SMTP Service Extension for Remote Message Queue Starting), 139RFC2033 (Local Message Transmission Protocol), 140RFC2034 (SMTP Service Extension for Returning Enhanced Error Codes), 141RFC2476 (Message Submission), 142RFC2487 (SMTP Service Extension for Secure SMTP over TLS), 143and 144RFC2554 (SMTP Service Extension for Authentication). 145However, since 146.i sendmail 147is designed to work in a wider world, 148in many cases it can be configured to exceed these protocols. 149These cases are described herein. 150.pp 151Although 152.i sendmail 153is intended to run 154without the need for monitoring, 155it has a number of features 156that may be used to monitor or adjust the operation 157under unusual circumstances. 158These features are described. 159.pp 160Section one describes how to do a basic 161.i sendmail 162installation. 163Section two 164explains the day-to-day information you should know 165to maintain your mail system. 166If you have a relatively normal site, 167these two sections should contain sufficient information 168for you to install 169.i sendmail 170and keep it happy. 171Section three 172describes some parameters that may be safely tweaked. 173Section four 174has information regarding the command line arguments. 175Section five 176contains the nitty-gritty information about the configuration 177file. 178This section is for masochists 179and people who must write their own configuration file. 180Section six 181describes configuration that can be done at compile time. 182The appendixes give a brief 183but detailed explanation of a number of features 184not described in the rest of the paper. 185.bp 7 186.sh 1 "BASIC INSTALLATION" 187.pp 188There are two basic steps to installing 189.i sendmail . 190First, you have to compile and install the binary. 191If 192.i sendmail 193has already been ported to your operating system 194that should be simple. 195Second, you must build a run-time configuration file. 196This is a file that 197.i sendmail 198reads when it starts up 199that describes the mailers it knows about, 200how to parse addresses, 201how to rewrite the message header, 202and the settings of various options. 203Although the configuration file can be quite complex, 204a configuration can usually be built 205using an M4-based configuration language. 206.pp 207The remainder of this section will describe the installation of 208.i sendmail 209assuming you can use one of the existing configurations 210and that the standard installation parameters are acceptable. 211All pathnames and examples 212are given from the root of the 213.i sendmail 214subtree, 215normally 216.i /usr/src/usr.\*(SD/sendmail 217on 4.4BSD. 218.pp 219If you are loading this off the tape, 220continue with the next section. 221If you have a running binary already on your system, 222you should probably skip to section 1.2. 223.sh 2 "Compiling Sendmail" 224.pp 225All 226.i sendmail 227source is in the 228.i sendmail 229subdirectory. 230To compile sendmail, 231.q cd 232into the 233.i sendmail 234directory and type 235.(b 236\&./Build 237.)b 238This will leave the binary in an appropriately named subdirectory, 239e.g., 240obj.BSD-OS.2.1.i386. 241It works for multiple object versions 242compiled out of the same directory. 243.sh 3 "Tweaking the Build Invocation" 244.pp 245You can give parameters on the 246.i Build 247command. 248In most cases these are only used when the 249.i obj.* 250directory is first created. 251These commands include: 252.nr ii 0.5i 253.ip "\-L \fIlibdirs\fP" 254A list of directories to search for libraries. 255.ip "\-I \fIincdirs\fP" 256A list of directories to search for include files. 257.ip "\-E \fIenvar\fP=\fIvalue\fP" 258Set an environment variable to an indicated 259.i value 260before compiling. 261.ip "\-c" 262Create a new 263.i obj.* 264tree before running. 265.ip "\-f \fIsiteconfig\fP" 266Read the indicated site configuration file. 267If this parameter is not specified, 268.i Build 269includes 270.i all 271of the files 272.i $BUILDTOOLS/Site/site.$oscf.m4 273and 274.i $BUILDTOOLS/Site/site.config.m4 , 275where $BUILDTOOLS is normally 276.i \&../devtools 277and $oscf is the same name as used on the 278.i obj.* 279directory. 280See below for a description of the site configuration file. 281.ip "\-S" 282Skip auto-configuration. 283.i Build 284will avoid auto-detecting libraries if this is set. 285All libraries and map definitions must be specified 286in the site configuration file. 287.lp 288Any other parameters are passed to the 289.i make 290program. 291.sh 3 "Creating a Site Configuration File" 292.\"XXX 293.pp 294(This section is not yet complete. 295For now, see the file devtools/README for details.) 296See sendmail/README for various compilation flags that can be set. 297.sh 3 "Tweaking the Makefile" 298.pp 299.\" .b "XXX This should all be in the Site Configuration File section." 300.i Sendmail 301supports two different formats 302for the local (on disk) version of databases, 303notably the 304.i aliases 305database. 306At least one of these should be defined if at all possible. 307.nr ii 1i 308.ip NDBM 309The ``new DBM'' format, 310available on nearly all systems around today. 311This was the preferred format prior to 4.4BSD. 312It allows such complex things as multiple databases 313and closing a currently open database. 314.ip NEWDB 315The Berkeley DB package. 316If you have this, use it. 317It allows 318long records, 319multiple open databases, 320real in-memory caching, 321and so forth. 322You can define this in conjunction with 323.sm NDBM ; 324if you do, 325old alias databases are read, 326but when a new database is created it will be in NEWDB format. 327As a nasty hack, 328if you have NEWDB, NDBM, and NIS defined, 329and if the alias file name includes the substring 330.q /yp/ , 331.i sendmail 332will create both new and old versions of the alias file 333during a 334.i newalias 335command. 336This is required because the Sun NIS/YP system 337reads the DBM version of the alias file. 338It's ugly as sin, 339but it works. 340.lp 341If neither of these are defined, 342.i sendmail 343reads the alias file into memory on every invocation. 344This can be slow and should be avoided. 345There are also several methods for remote database access: 346.ip NIS 347Sun's Network Information Services (formerly YP). 348.ip NISPLUS 349Sun's NIS+ services. 350.ip NETINFO 351NeXT's NetInfo service. 352.ip HESIOD 353Hesiod service (from Athena). 354.lp 355Other compilation flags are set in conf.h 356and should be predefined for you 357unless you are porting to a new environment. 358.sh 3 "Compilation and installation" 359.pp 360After making the local system configuration described above, 361You should be able to compile and install the system. 362The script 363.q Build 364is the best approach on most systems: 365.(b 366\&./Build 367.)b 368This will use 369.i uname (1) 370to create a custom Makefile for your environment. 371.pp 372If you are installing in the standard places, 373you should be able to install using 374.(b 375\&./Build install 376.)b 377This should install the binary in 378/usr/\*(SD 379and create links from 380/usr/\*(SB/newaliases 381and 382/usr/\*(SB/mailq 383to 384/usr/\*(SD/sendmail. 385On 4.4BSD systems it will also format and install man pages. 386.sh 2 "Configuration Files" 387.pp 388.i Sendmail 389cannot operate without a configuration file. 390The configuration defines the mail delivery mechanisms understood at this site, 391how to access them, 392how to forward email to remote mail systems, 393and a number of tuning parameters. 394This configuration file is detailed 395in the later portion of this document. 396.pp 397The 398.i sendmail 399configuration can be daunting at first. 400The world is complex, 401and the mail configuration reflects that. 402The distribution includes an m4-based configuration package 403that hides a lot of the complexity. 404.pp 405These configuration files are simpler than old versions 406largely because the world has become simpler; 407in particular, 408text-based host files are officially eliminated, 409obviating the need to 410.q hide 411hosts behind a registered internet gateway. 412.pp 413These files also assume that most of your neighbors 414use domain-based UUCP addressing; 415that is, 416instead of naming hosts as 417.q host!user 418they will use 419.q host.domain!user . 420The configuration files can be customized to work around this, 421but it is more complex. 422.pp 423Our configuration files are processed by 424.i m4 425to facilitate local customization; 426the directory 427.i cf 428of the 429.i sendmail 430distribution directory 431contains the source files. 432This directory contains several subdirectories: 433.nr ii 1i 434.ip cf 435Both site-dependent and site-independent descriptions of hosts. 436These can be literal host names 437(e.g., 438.q ucbvax.mc ) 439when the hosts are gateways 440or more general descriptions 441(such as 442.q "generic-solaris2.mc" 443as a general description of an SMTP-connected host 444running Solaris 2.x. 445Files ending 446.b \&.mc 447(``Master Configuration'') 448are the input descriptions; 449the output is in the corresponding 450.b \&.cf 451file. 452The general structure of these files is described below. 453.ip domain 454Site-dependent subdomain descriptions. 455These are tied to the way your organization wants to do addressing. 456For example, 457.b domain/CS.Berkeley.EDU.m4 458is our description for hosts in the CS.Berkeley.EDU subdomain. 459These are referenced using the 460.sm DOMAIN 461.b m4 462macro in the 463.b \&.mc 464file. 465.ip feature 466Definitions of specific features that some particular host in your site 467might want. 468These are referenced using the 469.sm FEATURE 470.b m4 471macro. 472An example feature is 473use_cw_file 474(which tells 475.i sendmail 476to read an /etc/mail/local-host-names file on startup 477to find the set of local names). 478.ip hack 479Local hacks, referenced using the 480.sm HACK 481.b m4 482macro. 483Try to avoid these. 484The point of having them here is to make it clear that they smell. 485.ip m4 486Site-independent 487.i m4 (1) 488include files that have information common to all configuration files. 489This can be thought of as a 490.q #include 491directory. 492.ip mailer 493Definitions of mailers, 494referenced using the 495.sm MAILER 496.b m4 497macro. 498The mailer types that are known in this distribution are 499fax, 500local, 501smtp, 502uucp, 503and usenet. 504For example, to include support for the UUCP-based mailers, 505use 506.q MAILER(uucp) . 507.ip ostype 508Definitions describing various operating system environments 509(such as the location of support files). 510These are referenced using the 511.sm OSTYPE 512.b m4 513macro. 514.ip sh 515Shell files used by the 516.b m4 517build process. 518You shouldn't have to mess with these. 519.ip siteconfig 520Local UUCP connectivity information. 521This directory has been supplanted by the mailertable feature; 522any new configurations should use that feature to do UUCP 523(and other) routing. 524.pp 525If you are in a new domain 526(e.g., a company), 527you will probably want to create a 528cf/domain 529file for your domain. 530This consists primarily of relay definitions 531and features you want enabled site-wide: 532for example, Berkeley's domain definition 533defines relays for 534BitNET 535and UUCP. 536These are specific to Berkeley, 537and should be fully-qualified internet-style domain names. 538Please check to make certain they are reasonable for your domain. 539.pp 540Subdomains at Berkeley are also represented in the 541cf/domain 542directory. 543For example, 544the domain 545CS.Berkeley.EDU 546is the Computer Science subdomain, 547EECS.Berkeley.EDU 548is the Electrical Engineering and Computer Sciences subdomain, 549and 550S2K.Berkeley.EDU 551is the Sequoia 2000 subdomain. 552You will probably have to add an entry to this directory 553to be appropriate for your domain. 554.pp 555You will have to use or create 556.b \&.mc 557files in the 558.i cf/cf 559subdirectory for your hosts. 560This is detailed in the 561cf/README 562file. 563.sh 2 "Details of Installation Files" 564.pp 565This subsection describes the files that 566comprise the 567.i sendmail 568installation. 569.sh 3 "/usr/\*(SD/sendmail" 570.pp 571The binary for 572.i sendmail 573is located in /usr/\*(SD\**. 574.(f 575\**This is usually 576/usr/sbin 577on 4.4BSD and newer systems; 578many systems install it in 579/usr/lib. 580I understand it is in /usr/ucblib 581on System V Release 4. 582.)f 583It should be setuid root. 584For security reasons, 585/, /usr, and /usr/\*(SD 586should be owned by root, mode 755\**. 587.(f 588\**Some vendors ship them owned by bin; 589this creates a security hole that is not actually related to 590.i sendmail . 591Other important directories that should have restrictive ownerships 592and permissions are 593/bin, /usr/bin, /etc, /etc/mail, /usr/etc, /lib, and /usr/lib. 594.)f 595.sh 3 "/etc/mail/sendmail.cf" 596.pp 597This is the configuration file for 598.i sendmail \**. 599.(f 600\**Actually, the pathname varies depending on the operating system; 601/etc/mail is the preferred directory. 602Some older systems install it in 603.b /usr/lib/sendmail.cf , 604and I've also seen it in 605.b /usr/ucblib . 606If you want to move this file, 607add -D_PATH_SENDMAILCF=\e"/file/name\e" 608to the flags passed to the C compiler. 609Moving this file is not recommended: 610other programs and scripts know of this location. 611.)f 612This is the only non-library file name compiled into 613.i sendmail \**. 614.(f 615\**The system libraries can reference other files; 616in particular, system library subroutines that 617.i sendmail 618calls probably reference 619.i /etc/passwd 620and 621.i /etc/resolv.conf . 622.)f 623.pp 624The configuration file is normally created 625using the distribution files described above. 626If you have a particularly unusual system configuration 627you may need to create a special version. 628The format of this file is detailed in later sections 629of this document. 630.sh 3 "/usr/\*(SB/newaliases" 631.pp 632The 633.i newaliases 634command should just be a link to 635.i sendmail : 636.(b 637rm \-f /usr/\*(SB/newaliases 638ln \-s /usr/\*(SD/sendmail /usr/\*(SB/newaliases 639.)b 640This can be installed in whatever search path you prefer 641for your system. 642.sh 3 "/usr/\*(SB/hoststat" 643.pp 644The 645.i hoststat 646command should just be a link to 647.i sendmail , 648in a fashion similar to 649.i newaliases . 650This command lists the status of the last mail transaction 651with all remote hosts. The 652.b \-v 653flag will prevent the status display from being truncated. 654It functions only when the 655.b HostStatusDirectory 656option is set. 657.sh 3 "/usr/\*(SB/purgestat" 658.pp 659This command is also a link to 660.i sendmail . 661It flushes expired (Timeout.hoststatus) information that is stored in the 662.b HostStatusDirectory 663tree. 664.sh 3 "/var/spool/mqueue" 665.pp 666The directory 667.i /var/spool/mqueue 668should be created to hold the mail queue. 669This directory should be mode 700 670and owned by root. 671.pp 672The actual path of this directory 673is defined in the 674.b Q 675option of the 676.i sendmail.cf 677file. 678To use multiple queues, 679supply a value ending with an asterisk. 680For example, 681.i /var/spool/mqueue/qd* 682will use all of the directories or symbolic links to directories 683beginning with `qd' in 684.i /var/spool/mqueue 685as queue directories. 686Do not change the queue directory structure 687while sendmail is running. 688.pp 689If these directories have subdirectories or symbolic links to directories 690named `qf', `df', and `xf', then these will be used for the different 691queue file types. 692That is, the data files are stored in the `df' subdirectory, 693the transcript files are stored in the `xf' subdirectory, and 694all others are stored in the `qf' subdirectory. 695.sh 3 "/var/spool/mqueue/.hoststat" 696.pp 697This is a typical value for the 698.b HostStatusDirectory 699option, 700containing one file per host 701that this sendmail has chatted with recently. 702It is normally a subdirectory of 703.i mqueue . 704.sh 3 "/etc/mail/aliases*" 705.pp 706The system aliases are held in 707.q /etc/mail/aliases . 708A sample is given in 709.q sendmail/aliases 710which includes some aliases which 711.i must 712be defined: 713.(b 714cp lib/aliases /etc/mail/aliases 715.i "edit /etc/mail/aliases" 716.)b 717You should extend this file with any aliases that are apropos to your system. 718.pp 719Normally 720.i sendmail 721looks at a database version of the files, 722stored either in 723.q /etc/mail/aliases.dir 724and 725.q /etc/mail/aliases.pag 726or 727.q /etc/mail/aliases.db 728depending on which database package you are using. 729The actual path of this file 730is defined in the 731.b AliasFile 732option of the 733.i sendmail.cf 734file. 735.sh 3 "/etc/rc or /etc/init.d/sendmail" 736.pp 737It will be necessary to start up the 738.i sendmail 739daemon when your system reboots. 740This daemon performs two functions: 741it listens on the SMTP socket for connections 742(to receive mail from a remote system) 743and it processes the queue periodically 744to insure that mail gets delivered when hosts come up. 745.pp 746Add the following lines to 747.q /etc/rc 748(or 749.q /etc/rc.local 750as appropriate) 751in the area where it is starting up the daemons 752on a BSD-base system, 753or on a System-V-based system 754in one of the startup files, typically 755.q /etc/init.d/sendmail : 756.(b 757if [ \-f /usr/\*(SD/sendmail \-a \-f /etc/mail/sendmail.cf ]; then 758 (cd /var/spool/mqueue; rm \-f [lnx]f*) 759 /usr/\*(SD/sendmail \-bd \-q30m & 760 echo \-n ' sendmail' >/dev/console 761fi 762.)b 763The 764.q cd 765and 766.q rm 767commands insure that all lock files have been removed; 768extraneous lock files may be left around 769if the system goes down in the middle of processing a message. 770The line that actually invokes 771.i sendmail 772has two flags: 773.q \-bd 774causes it to listen on the SMTP port, 775and 776.q \-q30m 777causes it to run the queue every half hour. 778.pp 779Some people use a more complex startup script, 780removing zero length qf files and df files for which there is no qf file. 781For example, see Figure 1 782for an example of a complex script which does this clean up. 783.(z 784.hl 785#!/bin/sh 786# remove zero length qf files 787for qffile in qf* 788do 789 if [ \-r $qffile ] 790 then 791 if [ ! \-s $qffile ] 792 then 793 echo \-n " <zero: $qffile>" > /dev/console 794 rm \-f $qffile 795 fi 796 fi 797done 798# rename tf files to be qf if the qf does not exist 799for tffile in tf* 800do 801 qffile=`echo $tffile | sed 's/t/q/'` 802 if [ \-r $tffile \-a ! \-f $qffile ] 803 then 804 echo \-n " <recovering: $tffile>" > /dev/console 805 mv $tffile $qffile 806 else 807 if [ \-f $tffile ] 808 then 809 echo \-n " <extra: $tffile>" > /dev/console 810 rm \-f $tffile 811 fi 812 fi 813done 814# remove df files with no corresponding qf files 815for dffile in df* 816do 817 qffile=`echo $dffile | sed 's/d/q/'` 818 if [ \-r $dffile \-a ! \-f $qffile ] 819 then 820 echo \-n " <incomplete: $dffile>" > /dev/console 821 mv $dffile `echo $dffile | sed 's/d/D/'` 822 fi 823done 824# announce files that have been saved during disaster recovery 825for xffile in [A-Z]f* 826do 827 if [ \-f $xffile ] 828 then 829 echo \-n " <panic: $xffile>" > /dev/console 830 fi 831done 832.sp 833.ce 834Figure 1 \(em A complex startup script 835.hl 836.)z 837.pp 838If you are not running a version of UNIX 839that supports Berkeley TCP/IP, 840do not include the 841.b \-bd 842flag. 843.sh 3 "/etc/mail/helpfile" 844.pp 845This is the help file used by the SMTP 846.b HELP 847command. 848It should be copied from 849.q sendmail/helpfile : 850.(b 851cp sendmail/helpfile /etc/mail/helpfile 852.)b 853The actual path of this file 854is defined in the 855.b HelpFile 856option of the 857.i sendmail.cf 858file. 859.sh 3 "/etc/mail/statistics" 860.pp 861If you wish to collect statistics 862about your mail traffic, 863you should create the file 864.q /etc/mail/statistics : 865.(b 866cp /dev/null /etc/mail/statistics 867chmod 644 /etc/mail/statistics 868.)b 869This file does not grow. 870It is printed with the program 871.q mailstats/mailstats.c. 872The actual path of this file 873is defined in the 874.b S 875option of the 876.i sendmail.cf 877file. 878.sh 3 "/usr/\*(SB/mailq" 879.pp 880If 881.i sendmail 882is invoked as 883.q mailq, 884it will simulate the 885.b \-bp 886flag 887(i.e., 888.i sendmail 889will print the contents of the mail queue; 890see below). 891This should be a link to /usr/\*(SD/sendmail. 892.sh 1 "NORMAL OPERATIONS" 893.sh 2 "The System Log" 894.pp 895The system log is supported by the 896.i syslogd \|(8) 897program. 898All messages from 899.i sendmail 900are logged under the 901.sm LOG_MAIL 902facility\**. 903.(f 904\**Except on Ultrix, 905which does not support facilities in the syslog. 906.)f 907.sh 3 "Format" 908.pp 909Each line in the system log 910consists of a timestamp, 911the name of the machine that generated it 912(for logging from several machines 913over the local area network), 914the word 915.q sendmail: , 916and a message\**. 917.(f 918\**This format may vary slightly if your vendor has changed 919the syntax. 920.)f 921Most messages are a sequence of 922.i name \c 923=\c 924.i value 925pairs. 926.pp 927The two most common lines are logged when a message is processed. 928The first logs the receipt of a message; 929there will be exactly one of these per message. 930Some fields may be omitted if they do not contain interesting information. 931Fields are: 932.ip from 933The envelope sender address. 934.ip size 935The size of the message in bytes. 936.ip class 937The class (i.e., numeric precedence) of the message. 938.ip pri 939The initial message priority (used for queue sorting). 940.ip nrcpts 941The number of envelope recipients for this message 942(after aliasing and forwarding). 943.ip msgid 944The message id of the message (from the header). 945.ip proto 946The protocol used to receive this message (e.g., ESMTP or UUCP) 947.ip daemon 948The daemon name from the 949.b DaemonPortOptions 950setting. 951.ip relay 952The machine from which it was received. 953.lp 954There is also one line logged per delivery attempt 955(so there can be several per message if delivery is deferred 956or there are multiple recipients). 957Fields are: 958.ip to 959A comma-separated list of the recipients to this mailer. 960.ip ctladdr 961The ``controlling user'', that is, the name of the user 962whose credentials we use for delivery. 963.ip delay 964The total delay between the time this message was received 965and the current delivery attempt. 966.ip xdelay 967The amount of time needed in this delivery attempt 968(normally indicative of the speed of the connection). 969.ip mailer 970The name of the mailer used to deliver to this recipient. 971.ip relay 972The name of the host that actually accepted (or rejected) this recipient. 973.ip dsn 974The enhanced error code (RFC2034) if available. 975.ip stat 976The delivery status. 977.lp 978Not all fields are present in all messages; 979for example, the relay is not listed for local deliveries. 980.sh 3 "Levels" 981.pp 982If you have 983.i syslogd \|(8) 984or an equivalent installed, 985you will be able to do logging. 986There is a large amount of information that can be logged. 987The log is arranged as a succession of levels. 988At the lowest level 989only extremely strange situations are logged. 990At the highest level, 991even the most mundane and uninteresting events 992are recorded for posterity. 993As a convention, 994log levels under ten 995are considered generally 996.q useful; 997log levels above 64 998are reserved for debugging purposes. 999Levels from 11\-64 are reserved for verbose information 1000that some sites might want. 1001.pp 1002A complete description of the log levels 1003is given in section 1004.\" XREF 10054.6. 1006.sh 2 "Dumping State" 1007.pp 1008You can ask 1009.i sendmail 1010to log a dump of the open files 1011and the connection cache 1012by sending it a 1013.sm SIGUSR1 1014signal. 1015The results are logged at 1016.sm LOG_DEBUG 1017priority. 1018.sh 2 "The Mail Queue" 1019.pp 1020Sometimes a host cannot handle a message immediately. 1021For example, it may be down or overloaded, causing it to refuse connections. 1022The sending host is then expected to save this message in 1023its mail queue 1024and attempt to deliver it later. 1025.pp 1026Under normal conditions the mail queue will be processed transparently. 1027However, you may find that manual intervention is sometimes necessary. 1028For example, 1029if a major host is down for a period of time 1030the queue may become clogged. 1031Although 1032.i sendmail 1033ought to recover gracefully when the host comes up, 1034you may find performance unacceptably bad in the meantime. 1035.sh 3 "Printing the queue" 1036.pp 1037The contents of the queue can be printed 1038using the 1039.i mailq 1040command 1041(or by specifying the 1042.b \-bp 1043flag to 1044.i sendmail ): 1045.(b 1046mailq 1047.)b 1048This will produce a listing of the queue id's, 1049the size of the message, 1050the date the message entered the queue, 1051and the sender and recipients. 1052.sh 3 "Forcing the queue" 1053.pp 1054.i Sendmail 1055should run the queue automatically 1056at intervals. 1057When using multiple queues, 1058a separate process will be created to 1059run each of the queues 1060unless the queue run is initiated by a user 1061with the verbose flag. 1062The algorithm is to read and sort the queue, 1063and then to attempt to process all jobs in order. 1064When it attempts to run the job, 1065.i sendmail 1066first checks to see if the job is locked. 1067If so, it ignores the job. 1068.pp 1069There is no attempt to insure that only one queue processor 1070exists at any time, 1071since there is no guarantee that a job cannot take forever 1072to process 1073(however, 1074.i sendmail 1075does include heuristics to try to abort jobs 1076that are taking absurd amounts of time; 1077technically, this violates RFC 821, but is blessed by RFC 1123). 1078Due to the locking algorithm, 1079it is impossible for one job to freeze the entire queue. 1080However, 1081an uncooperative recipient host 1082or a program recipient 1083that never returns 1084can accumulate many processes in your system. 1085Unfortunately, 1086there is no completely general way to solve this. 1087.pp 1088In some cases, 1089you may find that a major host going down 1090for a couple of days 1091may create a prohibitively large queue. 1092This will result in 1093.i sendmail 1094spending an inordinate amount of time 1095sorting the queue. 1096This situation can be fixed by moving the queue to a temporary place 1097and creating a new queue. 1098The old queue can be run later when the offending host returns to service. 1099.pp 1100To do this, 1101it is acceptable to move the entire queue directory: 1102.(b 1103cd /var/spool 1104mv mqueue omqueue; mkdir mqueue; chmod 700 mqueue 1105.)b 1106You should then kill the existing daemon 1107(since it will still be processing in the old queue directory) 1108and create a new daemon. 1109.pp 1110To run the old mail queue, 1111run the following command: 1112.(b 1113/usr/\*(SD/sendmail \-oQ/var/spool/omqueue \-q 1114.)b 1115The 1116.b \-oQ 1117flag specifies an alternate queue directory 1118and the 1119.b \-q 1120flag says to just run every job in the queue. 1121If you have a tendency toward voyeurism, 1122you can use the 1123.b \-v 1124flag to watch what is going on. 1125.pp 1126When the queue is finally emptied, 1127you can remove the directory: 1128.(b 1129rmdir /var/spool/omqueue 1130.)b 1131.sh 2 "Disk Based Connection Information" 1132.pp 1133.i Sendmail 1134stores a large amount of information about each remote system it 1135has connected to in memory. It is now possible to preserve some 1136of this information on disk as well, by using the 1137.b HostStatusDirectory 1138option, so that it may be shared between several invocations of 1139.i sendmail . 1140This allows mail to be queued immediately or skipped during a queue run if 1141there has been a recent failure in connecting to a remote machine. 1142.pp 1143Additionally enabling 1144.b SingleThreadDelivery 1145has the added effect of single-threading mail delivery to a destination. 1146This can be quite helpful 1147if the remote machine is running an SMTP server that is easily overloaded 1148or cannot accept more than a single connection at a time, 1149but can cause some messages to be punted to a future queue run. 1150It also applies to 1151.i all 1152hosts, so setting this because you have one machine on site 1153that runs some software that is easily overrun 1154can cause mail to other hosts to be slowed down. 1155If this option is set, 1156you probably want to set the 1157.b MinQueueAge 1158option as well and run the queue fairly frequently; 1159this way jobs that are skipped because another 1160.i sendmail 1161is talking to the same host will be tried again quickly 1162rather than being delayed for a long time. 1163.pp 1164The disk based host information is stored in a subdirectory of the 1165.b mqueue 1166directory called 1167.b \&.hoststat \**. 1168.(f 1169\**This is the usual value of the 1170.b HostStatusDirectory 1171option; 1172it can, of course, go anywhere you like in your filesystem. 1173.)f 1174Removing this directory and its subdirectories has an effect similar to 1175the 1176.i purgestat 1177command and is completely safe. 1178However, 1179.i purgestat 1180only removes expired (Timeout.hoststatus) data. 1181The information in these directories can 1182be perused with the 1183.i hoststat 1184command, which will indicate the host name, the last access, and the 1185status of that access. 1186An asterisk in the left most column indicates that a 1187.i sendmail 1188process currently has the host locked for mail delivery. 1189.pp 1190The disk based connection information is treated the same way as memory based 1191connection information for the purpose of timeouts. 1192By default, information about host failures is valid for 30 minutes. 1193This can be adjusted with 1194the 1195.b Timeout.hoststatus 1196option. 1197.pp 1198The connection information stored on disk may be expired at any time 1199with the 1200.i purgestat 1201command or by invoking sendmail with the 1202.b \-bH 1203switch. 1204The connection information may be viewed with the 1205.i hoststat 1206command or by invoking sendmail with the 1207.b \-bh 1208switch. 1209.sh 2 "The Service Switch" 1210.pp 1211The implementation of certain system services 1212such as host and user name lookup 1213is controlled by the service switch. 1214If the host operating system supports such a switch, 1215and sendmail knows about it, 1216.i sendmail 1217will use the native version. 1218Ultrix, Solaris, and DEC OSF/1 are examples of such systems\**. 1219.(f 1220\**HP-UX 10 has service switch support, 1221but since the APIs are apparently not available in the libraries 1222.i sendmail 1223does not use the native service switch in this release. 1224.)f 1225.pp 1226If the underlying operating system does not support a service switch 1227(e.g., SunOS 4.X, HP-UX, BSD) 1228then 1229.i sendmail 1230will provide a stub implementation. 1231The 1232.b ServiceSwitchFile 1233option points to the name of a file that has the service definitions. 1234Each line has the name of a service 1235and the possible implementations of that service. 1236For example, the file: 1237.(b 1238hosts dns files nis 1239aliases files nis 1240.)b 1241will ask 1242.i sendmail 1243to look for hosts in the Domain Name System first. 1244If the requested host name is not found, 1245it tries local files, 1246and if that fails it tries NIS. 1247Similarly, 1248when looking for aliases 1249it will try the local files first 1250followed by NIS. 1251.pp 1252Service switches are not completely integrated. 1253For example, despite the fact that the host entry listed in the above example 1254specifies to look in NIS, 1255on SunOS this won't happen because the system implementation of 1256.i gethostbyname \|(3) 1257doesn't understand this. 1258If there is enough demand 1259.i sendmail 1260may reimplement 1261.i gethostbyname \|(3), 1262.i gethostbyaddr \|(3), 1263.i getpwent \|(3), 1264and the other system routines that would be necessary 1265to make this work seamlessly. 1266.sh 2 "The Alias Database" 1267.pp 1268After recipient addresses are read from the SMTP connection 1269or command line 1270they are parsed by ruleset 0, 1271which must resolve to a 1272{\c 1273.i mailer , 1274.i host , 1275.i address } 1276triple. 1277If the flags selected by the 1278.i mailer 1279include the 1280.b A 1281(aliasable) flag, 1282the 1283.i address 1284part of the triple is looked up as the key 1285(i.e., the left hand side) 1286into the alias database. 1287If there is a match, the address is deleted from the send queue 1288and all addresses on the right hand side of the alias 1289are added in place of the alias that was found. 1290This is a recursive operation, 1291so aliases found in the right hand side of the alias 1292are similarly expanded. 1293.pp 1294The alias database exists in two forms. 1295One is a text form, 1296maintained in the file 1297.i /etc/mail/aliases. 1298The aliases are of the form 1299.(b 1300name: name1, name2, ... 1301.)b 1302Only local names may be aliased; 1303e.g., 1304.(b 1305eric@prep.ai.MIT.EDU: eric@CS.Berkeley.EDU 1306.)b 1307will not have the desired effect 1308(except on prep.ai.MIT.EDU, 1309and they probably don't want me)\**. 1310.(f 1311\**Actually, any mailer that has the `A' mailer flag set 1312will permit aliasing; 1313this is normally limited to the local mailer. 1314.)f 1315Aliases may be continued by starting any continuation lines 1316with a space or a tab or by putting a backslash directly before 1317the newline. 1318Blank lines and lines beginning with a sharp sign 1319(\c 1320.q # ) 1321are comments. 1322.pp 1323The second form is processed by the 1324.i ndbm \|(3)\** 1325.(f 1326\**The 1327.i gdbm 1328package does not work. 1329.)f 1330or the Berkeley DB library. 1331This form is in the file 1332.i /etc/mail/aliases.db 1333(if using NEWDB) 1334or 1335.i /etc/mail/aliases.dir 1336and 1337.i /etc/mail/aliases.pag 1338(if using NDBM). 1339This is the form that 1340.i sendmail 1341actually uses to resolve aliases. 1342This technique is used to improve performance. 1343.pp 1344The control of search order is actually set by the service switch. 1345Essentially, the entry 1346.(b 1347O AliasFile=switch:aliases 1348.)b 1349is always added as the first alias entry; 1350also, the first alias file name without a class 1351(e.g., without 1352.q nis: 1353on the front) 1354will be used as the name of the file for a ``files'' entry 1355in the aliases switch. 1356For example, if the configuration file contains 1357.(b 1358O AliasFile=/etc/mail/aliases 1359.)b 1360and the service switch contains 1361.(b 1362aliases nis files nisplus 1363.)b 1364then aliases will first be searched in the NIS database, 1365then in /etc/mail/aliases, 1366then in the NIS+ database. 1367.pp 1368You can also use 1369.sm NIS -based 1370alias files. 1371For example, the specification: 1372.(b 1373O AliasFile=/etc/mail/aliases 1374O AliasFile=nis:mail.aliases@my.nis.domain 1375.)b 1376will first search the /etc/mail/aliases file 1377and then the map named 1378.q mail.aliases 1379in 1380.q my.nis.domain . 1381Warning: if you build your own 1382.sm NIS -based 1383alias files, 1384be sure to provide the 1385.b \-l 1386flag to 1387.i makedbm (8) 1388to map upper case letters in the keys to lower case; 1389otherwise, aliases with upper case letters in their names 1390won't match incoming addresses. 1391.pp 1392Additional flags can be added after the colon 1393exactly like a 1394.b K 1395line \(em for example: 1396.(b 1397O AliasFile=nis:\-N mail.aliases@my.nis.domain 1398.)b 1399will search the appropriate NIS map and always include null bytes in the key. 1400Also: 1401.(b 1402O AliasFile=nis:\-f mail.aliases@my.nis.domain 1403.)b 1404will prevent sendmail from downcasing the key before the alias lookup. 1405.sh 3 "Rebuilding the alias database" 1406.pp 1407The 1408.i hash 1409or 1410.i dbm 1411version of the database 1412may be rebuilt explicitly by executing the command 1413.(b 1414newaliases 1415.)b 1416This is equivalent to giving 1417.i sendmail 1418the 1419.b \-bi 1420flag: 1421.(b 1422/usr/\*(SD/sendmail \-bi 1423.)b 1424.pp 1425If the 1426.b RebuildAliases 1427(old 1428.b D ) 1429option is specified in the configuration, 1430.i sendmail 1431will rebuild the alias database automatically 1432if possible 1433when it is out of date. 1434Auto-rebuild can be dangerous 1435on heavily loaded machines 1436with large alias files; 1437if it might take more than the rebuild timeout 1438(option 1439.b AliasWait , 1440old 1441.b a , 1442which is normally five minutes) 1443to rebuild the database, 1444there is a chance that several processes will start the rebuild process 1445simultaneously. 1446.pp 1447If you have multiple aliases databases specified, 1448the 1449.b \-bi 1450flag rebuilds all the database types it understands 1451(for example, it can rebuild NDBM databases but not NIS databases). 1452.sh 3 "Potential problems" 1453.pp 1454There are a number of problems that can occur 1455with the alias database. 1456They all result from a 1457.i sendmail 1458process accessing the DBM version 1459while it is only partially built. 1460This can happen under two circumstances: 1461One process accesses the database 1462while another process is rebuilding it, 1463or the process rebuilding the database dies 1464(due to being killed or a system crash) 1465before completing the rebuild. 1466.pp 1467Sendmail has three techniques to try to relieve these problems. 1468First, it ignores interrupts while rebuilding the database; 1469this avoids the problem of someone aborting the process 1470leaving a partially rebuilt database. 1471Second, 1472it locks the database source file during the rebuild \(em 1473but that may not work over NFS or if the file is unwritable. 1474Third, 1475at the end of the rebuild 1476it adds an alias of the form 1477.(b 1478@: @ 1479.)b 1480(which is not normally legal). 1481Before 1482.i sendmail 1483will access the database, 1484it checks to insure that this entry exists\**. 1485.(f 1486\**The 1487.b AliasWait 1488option is required in the configuration 1489for this action to occur. 1490This should normally be specified. 1491.)f 1492.sh 3 "List owners" 1493.pp 1494If an error occurs on sending to a certain address, 1495say 1496.q \fIx\fP , 1497.i sendmail 1498will look for an alias 1499of the form 1500.q owner-\fIx\fP 1501to receive the errors. 1502This is typically useful 1503for a mailing list 1504where the submitter of the list 1505has no control over the maintenance of the list itself; 1506in this case the list maintainer would be the owner of the list. 1507For example: 1508.(b 1509unix-wizards: eric@ucbarpa, wnj@monet, nosuchuser, 1510 sam@matisse 1511owner-unix-wizards: unix-wizards-request 1512unix-wizards-request: eric@ucbarpa 1513.)b 1514would cause 1515.q eric@ucbarpa 1516to get the error that will occur 1517when someone sends to 1518unix-wizards 1519due to the inclusion of 1520.q nosuchuser 1521on the list. 1522.pp 1523List owners also cause the envelope sender address to be modified. 1524The contents of the owner alias are used if they point to a single user, 1525otherwise the name of the alias itself is used. 1526For this reason, and to obey Internet conventions, 1527the 1528.q owner- 1529address normally points at the 1530.q -request 1531address; this causes messages to go out with the typical Internet convention 1532of using ``\c 1533.i list -request'' 1534as the return address. 1535.sh 2 "User Information Database" 1536.pp 1537If you have a version of 1538.i sendmail 1539with the user information database 1540compiled in, 1541and you have specified one or more databases using the 1542.b U 1543option, 1544the databases will be searched for a 1545.i user :maildrop 1546entry. 1547If found, the mail will be sent to the specified address. 1548.sh 2 "Per-User Forwarding (.forward Files)" 1549.pp 1550As an alternative to the alias database, 1551any user may put a file with the name 1552.q .forward 1553in his or her home directory. 1554If this file exists, 1555.i sendmail 1556redirects mail for that user 1557to the list of addresses listed in the .forward file. 1558Note that aliases are fully expanded before forward files are referenced. 1559For example, if the home directory for user 1560.q mckusick 1561has a .forward file with contents: 1562.(b 1563mckusick@ernie 1564kirk@calder 1565.)b 1566then any mail arriving for 1567.q mckusick 1568will be redirected to the specified accounts. 1569.pp 1570Actually, the configuration file defines a sequence of filenames to check. 1571By default, this is the user's .forward file, 1572but can be defined to be more generally using the 1573.b ForwardPath 1574option. 1575If you change this, 1576you will have to inform your user base of the change; 1577\&.forward is pretty well incorporated into the collective subconscious. 1578.sh 2 "Special Header Lines" 1579.pp 1580Several header lines have special interpretations 1581defined by the configuration file. 1582Others have interpretations built into 1583.i sendmail 1584that cannot be changed without changing the code. 1585These builtins are described here. 1586.sh 3 "Errors-To:" 1587.pp 1588If errors occur anywhere during processing, 1589this header will cause error messages to go to 1590the listed addresses. 1591This is intended for mailing lists. 1592.pp 1593The Errors-To: header was created in the bad old days 1594when UUCP didn't understand the distinction between an envelope and a header; 1595this was a hack to provide what should now be passed 1596as the envelope sender address. 1597It should go away. 1598It is only used if the 1599.b UseErrorsTo 1600option is set. 1601.pp 1602The Errors-To: header is officially deprecated 1603and will go away in a future release. 1604.sh 3 "Apparently-To:" 1605.pp 1606RFC 822 requires at least one recipient field 1607(To:, Cc:, or Bcc: line) 1608in every message. 1609If a message comes in with no recipients listed in the message 1610then 1611.i sendmail 1612will adjust the header based on the 1613.q NoRecipientAction 1614option. 1615One of the possible actions is to add an 1616.q "Apparently-To:" 1617header line for any recipients it is aware of. 1618.pp 1619The Apparently-To: header is non-standard 1620and is deprecated. 1621.sh 3 "Precedence" 1622.pp 1623The Precedence: header can be used as a crude control of message priority. 1624It tweaks the sort order in the queue 1625and can be configured to change the message timeout values. 1626The precedence of a message also controls how 1627delivery status notifications (DSNs) 1628are processed for that message. 1629.sh 2 "IDENT Protocol Support" 1630.pp 1631.i Sendmail 1632supports the IDENT protocol as defined in RFC 1413. 1633Note that the RFC states 1634a client should wait at least 30 seconds for a response. 1635The default Timeout.ident is 5 seconds 1636as many sites have adopted the practice of dropping IDENT queries. 1637This has lead to delays processing mail. 1638Although this enhances identification 1639of the author of an email message 1640by doing a ``call back'' to the originating system to include 1641the owner of a particular TCP connection 1642in the audit trail 1643it is in no sense perfect; 1644a determined forger can easily spoof the IDENT protocol. 1645The following description is excerpted from RFC 1413: 1646.ba +5 1647.lp 16486. Security Considerations 1649.lp 1650The information returned by this protocol is at most as trustworthy 1651as the host providing it OR the organization operating the host. For 1652example, a PC in an open lab has few if any controls on it to prevent 1653a user from having this protocol return any identifier the user 1654wants. Likewise, if the host has been compromised the information 1655returned may be completely erroneous and misleading. 1656.lp 1657The Identification Protocol is not intended as an authorization or 1658access control protocol. At best, it provides some additional 1659auditing information with respect to TCP connections. At worst, it 1660can provide misleading, incorrect, or maliciously incorrect 1661information. 1662.lp 1663The use of the information returned by this protocol for other than 1664auditing is strongly discouraged. Specifically, using Identification 1665Protocol information to make access control decisions - either as the 1666primary method (i.e., no other checks) or as an adjunct to other 1667methods may result in a weakening of normal host security. 1668.lp 1669An Identification server may reveal information about users, 1670entities, objects or processes which might normally be considered 1671private. An Identification server provides service which is a rough 1672analog of the CallerID services provided by some phone companies and 1673many of the same privacy considerations and arguments that apply to 1674the CallerID service apply to Identification. If you wouldn't run a 1675"finger" server due to privacy considerations you may not want to run 1676this protocol. 1677.ba 1678.lp 1679In some cases your system may not work properly with IDENT support 1680due to a bug in the TCP/IP implementation. 1681The symptoms will be that for some hosts 1682the SMTP connection will be closed 1683almost immediately. 1684If this is true or if you do not want to use IDENT, 1685you should set the IDENT timeout to zero; 1686this will disable the IDENT protocol. 1687.sh 1 "ARGUMENTS" 1688.pp 1689The complete list of arguments to 1690.i sendmail 1691is described in detail in Appendix A. 1692Some important arguments are described here. 1693.sh 2 "Queue Interval" 1694.pp 1695The amount of time between forking a process 1696to run through the queue 1697is defined by the 1698.b \-q 1699flag. 1700If you run with delivery mode set to 1701.b i 1702or 1703.b b 1704this can be relatively large, 1705since it will only be relevant 1706when a host that was down comes back up. 1707If you run in 1708.b q 1709mode 1710it should be relatively short, 1711since it defines the maximum amount of time that a message 1712may sit in the queue. 1713(See also the MinQueueAge option.) 1714.pp 1715RFC 1123 section 5.3.1.1 says that this value should be at least 30 minutes 1716(although that probably doesn't make sense if you use ``queue-only'' mode). 1717.sh 2 "Daemon Mode" 1718.pp 1719If you allow incoming mail over an IPC connection, 1720you should have a daemon running. 1721This should be set by your 1722.i /etc/rc 1723file using the 1724.b \-bd 1725flag. 1726The 1727.b \-bd 1728flag and the 1729.b \-q 1730flag may be combined in one call: 1731.(b 1732/usr/\*(SD/sendmail \-bd \-q30m 1733.)b 1734.pp 1735An alternative approach is to invoke sendmail from 1736.i inetd (8) 1737(use the 1738.b \-bs 1739flag to ask sendmail to speak SMTP on its standard input and output). 1740This works and allows you to wrap 1741.i sendmail 1742in a TCP wrapper program, 1743but may be a bit slower since the configuration file 1744has to be re-read on every message that comes in. 1745If you do this, you still need to have a 1746.i sendmail 1747running to flush the queue: 1748.(b 1749/usr/\*(SD/sendmail \-q30m 1750.)b 1751.sh 2 "Forcing the Queue" 1752.pp 1753In some cases you may find that the queue has gotten clogged for some reason. 1754You can force a queue run 1755using the 1756.b \-q 1757flag (with no value). 1758It is entertaining to use the 1759.b \-v 1760flag (verbose) 1761when this is done to watch what happens: 1762.(b 1763/usr/\*(SD/sendmail \-q \-v 1764.)b 1765.pp 1766You can also limit the jobs to those with a particular queue identifier, 1767sender, or recipient 1768using one of the queue modifiers. 1769For example, 1770.q \-qRberkeley 1771restricts the queue run to jobs that have the string 1772.q berkeley 1773somewhere in one of the recipient addresses. 1774Similarly, 1775.q \-qSstring 1776limits the run to particular senders and 1777.q \-qIstring 1778limits it to particular queue identifiers. 1779.sh 2 "Debugging" 1780.pp 1781There are a fairly large number of debug flags 1782built into 1783.i sendmail . 1784Each debug flag has a number and a level, 1785where higher levels means to print out more information. 1786The convention is that levels greater than nine are 1787.q absurd, 1788i.e., 1789they print out so much information that you wouldn't normally 1790want to see them except for debugging that particular piece of code. 1791Debug flags are set using the 1792.b \-d 1793option; 1794the syntax is: 1795.(b 1796.ta \w'debug-option 'u 1797debug-flag: \fB\-d\fP debug-list 1798debug-list: debug-option [ , debug-option ]* 1799debug-option: debug-range [ . debug-level ] 1800debug-range: integer | integer \- integer 1801debug-level: integer 1802.)b 1803where spaces are for reading ease only. 1804For example, 1805.(b 1806\-d12 Set flag 12 to level 1 1807\-d12.3 Set flag 12 to level 3 1808\-d3\-17 Set flags 3 through 17 to level 1 1809\-d3\-17.4 Set flags 3 through 17 to level 4 1810.)b 1811For a complete list of the available debug flags 1812you will have to look at the code 1813and the 1814.i TRACEFLAGS 1815file in the sendmail distribution 1816(they are too dynamic to keep this document up to date). 1817.sh 2 "Changing the Values of Options" 1818.pp 1819Options can be overridden using the 1820.b \-o 1821or 1822.b \-O 1823command line flags. 1824For example, 1825.(b 1826/usr/\*(SD/sendmail \-oT2m 1827.)b 1828sets the 1829.b T 1830(timeout) option to two minutes 1831for this run only; 1832the equivalent line using the long option name is 1833.(b 1834/usr/\*(SD/sendmail -OTimeout.queuereturn=2m 1835.)b 1836.pp 1837Some options have security implications. 1838Sendmail allows you to set these, 1839but relinquishes its setuid root permissions thereafter\**. 1840.(f 1841\**That is, it sets its effective uid to the real uid; 1842thus, if you are executing as root, 1843as from root's crontab file or during system startup 1844the root permissions will still be honored. 1845.)f 1846.sh 2 "Trying a Different Configuration File" 1847.pp 1848An alternative configuration file 1849can be specified using the 1850.b \-C 1851flag; for example, 1852.(b 1853/usr/\*(SD/sendmail \-Ctest.cf \-oQ/tmp/mqueue 1854.)b 1855uses the configuration file 1856.i test.cf 1857instead of the default 1858.i /etc/mail/sendmail.cf. 1859If the 1860.b \-C 1861flag has no value 1862it defaults to 1863.i sendmail.cf 1864in the current directory. 1865.pp 1866.i Sendmail 1867gives up its setuid root permissions 1868when you use this flag, so it is common to use a publicly writable directory 1869(such as /tmp) 1870as the queue directory (QueueDirectory or Q option) while testing. 1871.sh 2 "Logging Traffic" 1872.pp 1873Many SMTP implementations do not fully implement the protocol. 1874For example, some personal computer based SMTPs 1875do not understand continuation lines in reply codes. 1876These can be very hard to trace. 1877If you suspect such a problem, you can set traffic logging using the 1878.b \-X 1879flag. 1880For example, 1881.(b 1882/usr/\*(SD/sendmail \-X /tmp/traffic \-bd 1883.)b 1884will log all traffic in the file 1885.i /tmp/traffic . 1886.pp 1887This logs a lot of data very quickly and should 1888.b NEVER 1889be used 1890during normal operations. 1891After starting up such a daemon, 1892force the errant implementation to send a message to your host. 1893All message traffic in and out of 1894.i sendmail , 1895including the incoming SMTP traffic, 1896will be logged in this file. 1897.sh 2 "Testing Configuration Files" 1898.pp 1899When you build a configuration table, 1900you can do a certain amount of testing 1901using the 1902.q "test mode" 1903of 1904.i sendmail . 1905For example, 1906you could invoke 1907.i sendmail 1908as: 1909.(b 1910sendmail \-bt \-Ctest.cf 1911.)b 1912which would read the configuration file 1913.q test.cf 1914and enter test mode. 1915In this mode, 1916you enter lines of the form: 1917.(b 1918rwset address 1919.)b 1920where 1921.i rwset 1922is the rewriting set you want to use 1923and 1924.i address 1925is an address to apply the set to. 1926Test mode shows you the steps it takes 1927as it proceeds, 1928finally showing you the address it ends up with. 1929You may use a comma separated list of rwsets 1930for sequential application of rules to an input. 1931For example: 1932.(b 19333,1,21,4 monet:bollard 1934.)b 1935first applies ruleset three to the input 1936.q monet:bollard. 1937Ruleset one is then applied to the output of ruleset three, 1938followed similarly by rulesets twenty-one and four. 1939.pp 1940If you need more detail, 1941you can also use the 1942.q \-d21 1943flag to turn on more debugging. 1944For example, 1945.(b 1946sendmail \-bt \-d21.99 1947.)b 1948turns on an incredible amount of information; 1949a single word address 1950is probably going to print out several pages worth of information. 1951.pp 1952You should be warned that internally, 1953.i sendmail 1954applies ruleset 3 to all addresses. 1955In test mode 1956you will have to do that manually. 1957For example, older versions allowed you to use 1958.(b 19590 bruce@broadcast.sony.com 1960.)b 1961This version requires that you use: 1962.(b 19633,0 bruce@broadcast.sony.com 1964.)b 1965.pp 1966As of version 8.7, 1967some other syntaxes are available in test mode: 1968.bu 1969\&.D\|x\|value 1970defines macro 1971.i x 1972to have the indicated 1973.i value . 1974This is useful when debugging rules that use the 1975.b $& \c 1976.i x 1977syntax. 1978.bu 1979\&.C\|c\|value 1980adds the indicated 1981.i value 1982to class 1983.i c . 1984.bu 1985\&.S\|ruleset 1986dumps the contents of the indicated ruleset. 1987.bu 1988\-d\|debug-spec 1989is equivalent to the command-line flag. 1990.sh 2 "Persistent Host Status Information" 1991.pp 1992When 1993.b HostStatusDirectory 1994is enabled, 1995information about the status of hosts is maintained on disk 1996and can thus be shared between different instantiations of 1997.i sendmail . 1998The status of the last connection with each remote host 1999may be viewed with the command: 2000.(b 2001sendmail \-bh 2002.)b 2003This information may be flushed with the command: 2004.(b 2005sendmail \-bH 2006.)b 2007Flushing the information prevents new 2008.i sendmail 2009processes from loading it, 2010but does not prevent existing processes from using the status information 2011that they already have. 2012.sh 1 "TUNING" 2013.pp 2014There are a number of configuration parameters 2015you may want to change, 2016depending on the requirements of your site. 2017Most of these are set 2018using an option in the configuration file. 2019For example, 2020the line 2021.q "O Timeout.queuereturn=5d" 2022sets option 2023.q Timeout.queuereturn 2024to the value 2025.q 5d 2026(five days). 2027.pp 2028Most of these options have appropriate defaults for most sites. 2029However, 2030sites having very high mail loads may find they need to tune them 2031as appropriate for their mail load. 2032In particular, 2033sites experiencing a large number of small messages, 2034many of which are delivered to many recipients, 2035may find that they need to adjust the parameters 2036dealing with queue priorities. 2037.pp 2038All versions of 2039.i sendmail 2040prior to 8.7 2041had single character option names. 2042As of 8.7, 2043options have long (multi-character names). 2044Although old short names are still accepted, 2045most new options do not have short equivalents. 2046.pp 2047This section only describes the options you are most likely 2048to want to tweak; 2049read section 2050.\"XREF 20515 2052for more details. 2053.sh 2 "Timeouts" 2054.pp 2055All time intervals are set 2056using a scaled syntax. 2057For example, 2058.q 10m 2059represents ten minutes, whereas 2060.q 2h30m 2061represents two and a half hours. 2062The full set of scales is: 2063.(b 2064.ta 4n 2065s seconds 2066m minutes 2067h hours 2068d days 2069w weeks 2070.)b 2071.sh 3 "Queue interval" 2072.pp 2073The argument to the 2074.b \-q 2075flag 2076specifies how often a sub-daemon will run the queue. 2077This is typically set to between fifteen minutes 2078and one hour. 2079If not set, 2080or set to zero, 2081the queue will not be run automatically. 2082RFC 1123 section 5.3.1.1 recommends that this be at least 30 minutes. 2083.sh 3 "Read timeouts" 2084.pp 2085Timeouts all have option names 2086.q Timeout.\fIsuboption\fP . 2087The recognized 2088.i suboption s, 2089their default values, and the minimum values 2090allowed by RFC 1123 section 5.3.2 are: 2091.nr ii 1i 2092.ip connect 2093The time to wait for an SMTP connection to open 2094(the 2095.i connect (2) 2096system call) 2097[0, unspecified]. 2098If zero, uses the kernel default. 2099In no case can this option extend the timeout 2100longer than the kernel provides, but it can shorten it. 2101This is to get around kernels that provide an absurdly long connection timeout 2102(90 minutes in one case). 2103.ip iconnect 2104The same as 2105.i connect, 2106except it applies only to the initial attempt to connect to a host 2107for a given message 2108[0, unspecified]. 2109The concept is that this should be very short (a few seconds); 2110hosts that are well connected and responsive will thus be serviced immediately. 2111Hosts that are slow will not hold up other deliveries in the initial 2112delivery attempt. 2113.ip initial 2114The wait for the initial 220 greeting message 2115[5m, 5m]. 2116.ip helo 2117The wait for a reply from a HELO or EHLO command 2118[5m, unspecified]. 2119This may require a host name lookup, so 2120five minutes is probably a reasonable minimum. 2121.ip mail\(dg 2122The wait for a reply from a MAIL command 2123[10m, 5m]. 2124.ip rcpt\(dg 2125The wait for a reply from a RCPT command 2126[1h, 5m]. 2127This should be long 2128because it could be pointing at a list 2129that takes a long time to expand 2130(see below). 2131.ip datainit\(dg 2132The wait for a reply from a DATA command 2133[5m, 2m]. 2134.ip datablock\(dg\(dd 2135The wait for reading a data block 2136(that is, the body of the message). 2137[1h, 3m]. 2138This should be long because it also applies to programs 2139piping input to 2140.i sendmail 2141which have no guarantee of promptness. 2142.ip datafinal\(dg 2143The wait for a reply from the dot terminating a message. 2144[1h, 10m]. 2145If this is shorter than the time actually needed 2146for the receiver to deliver the message, 2147duplicates will be generated. 2148This is discussed in RFC 1047. 2149.ip rset 2150The wait for a reply from a RSET command 2151[5m, unspecified]. 2152.ip quit 2153The wait for a reply from a QUIT command 2154[2m, unspecified]. 2155.ip misc 2156The wait for a reply from miscellaneous (but short) commands 2157such as NOOP (no-operation) and VERB (go into verbose mode). 2158[2m, unspecified]. 2159.ip command\(dg\(dd 2160In server SMTP, 2161the time to wait for another command. 2162[1h, 5m]. 2163.ip ident\(dd 2164The timeout waiting for a reply to an IDENT query 2165[30s\**, unspecified]. 2166.(f 2167\**On some systems the default is zero to turn the protocol off entirely. 2168.)f 2169.ip fileopen\(dd 2170The timeout for opening .forward and :include: files [60s, none]. 2171.ip control\(dd 2172The timeout for a complete control socket transaction to complete [2m, none]. 2173.ip hoststatus\(dd 2174How long status information about a host 2175(e.g., host down) 2176will be cached before it is considered stale 2177[30m, unspecified]. 2178.ip resolver.retrans 2179The resolver's 2180retransmission time interval 2181(in seconds) 2182[varies]. 2183Sets both 2184.i Timeout.resolver.retrans.first 2185and 2186.i Timeout.resolver.retrans.normal . 2187.ip resolver.retrans.first 2188The resolver's 2189retransmission time interval 2190(in seconds) 2191for the first attempt to 2192deliver a message 2193[varies]. 2194.ip resolver.retrans.normal 2195The resolver's 2196retransmission time interval 2197(in seconds) 2198for all resolver lookups 2199except the first delivery attempt 2200[varies]. 2201.ip resolver.retry 2202The number of times 2203to retransmit a resolver query. 2204Sets both 2205.i Timeout.resolver.retry.first 2206and 2207.i Timeout.resolver.retry.normal 2208[varies]. 2209.ip resolver.retry.first 2210The number of times 2211to retransmit a resolver query 2212for the first attempt 2213to deliver a message 2214[varies]. 2215.ip resolver.retry.normal 2216The number of times 2217to retransmit a resolver query 2218for all resolver lookups 2219 except the first delivery attempt 2220[varies]. 2221.lp 2222For compatibility with old configuration files, 2223if no 2224.i suboption 2225is specified, 2226all the timeouts marked with 2227.DG 2228(\(dg) are set to the indicated value. 2229All but those marked with 2230.DD 2231(\(dd) apply to client SMTP. 2232.pp 2233Many of the RFC 1123 minimum values 2234may well be too short. 2235.i Sendmail 2236was designed to the RFC 822 protocols, 2237which did not specify read timeouts; 2238hence, versions of 2239.i sendmail 2240prior to version 8.1 did not guarantee to reply to messages promptly. 2241In particular, a 2242.q RCPT 2243command specifying a mailing list 2244will expand and verify the entire list; 2245a large list on a slow system 2246may easily take more than five minutes\**. 2247.(f 2248\**This verification includes looking up every address 2249with the name server; 2250this involves network delays, 2251and can in some cases can be considerable. 2252.)f 2253I recommend a one hour timeout \*- 2254since a communications failure during the RCPT phase is rare, 2255a long timeout is not onerous 2256and may ultimately help reduce network load 2257and duplicated messages. 2258.pp 2259For example, the lines: 2260.(b 2261O Timeout.command=25m 2262O Timeout.datablock=3h 2263.)b 2264sets the server SMTP command timeout to 25 minutes 2265and the input data block timeout to three hours. 2266.sh 3 "Message timeouts" 2267.pp 2268After sitting in the queue for a few days, 2269a message will time out. 2270This is to insure that at least the sender is aware 2271of the inability to send a message. 2272The timeout is typically set to five days. 2273It is sometimes considered convenient to also send a warning message 2274if the message is in the queue longer than a few hours 2275(assuming you normally have good connectivity; 2276if your messages normally took several hours to send 2277you wouldn't want to do this because it wouldn't be an unusual event). 2278These timeouts are set using the 2279.b Timeout.queuereturn 2280and 2281.b Timeout.queuewarn 2282options in the configuration file 2283(previously both were set using the 2284.b T 2285option). 2286.pp 2287If the message is submitted using the 2288.sm NOTIFY 2289.sm SMTP 2290extension, 2291warning messages will only be sent if 2292.sm NOTIFY=DELAY 2293is specified. 2294The queuereturn and queuewarn timeouts 2295can be further qualified with a tag based on the Precedence: field 2296in the message; 2297they must be one of 2298.q urgent 2299(indicating a positive non-zero precedence) 2300.q normal 2301(indicating a zero precedence), or 2302.q non-urgent 2303(indicating negative precedences). 2304For example, setting 2305.q Timeout.queuewarn.urgent=1h 2306sets the warning timeout for urgent messages only 2307to one hour. 2308The default if no precedence is indicated 2309is to set the timeout for all precedences. 2310The value "now" can be used for 2311-O Timeout.queuereturn 2312to return entries immediately during a queue run, 2313e.g., to bounce messages independent of their time in the queue. 2314.pp 2315Since these options are global, 2316and since you can not know 2317.i "a priori" 2318how long another host outside your domain will be down, 2319a five day timeout is recommended. 2320This allows a recipient to fix the problem even if it occurs 2321at the beginning of a long weekend. 2322RFC 1123 section 5.3.1.1 says that this parameter 2323should be ``at least 4\-5 days''. 2324.pp 2325The 2326.b Timeout.queuewarn 2327value can be piggybacked on the 2328.b T 2329option by indicating a time after which 2330a warning message should be sent; 2331the two timeouts are separated by a slash. 2332For example, the line 2333.(b 2334OT5d/4h 2335.)b 2336causes email to fail after five days, 2337but a warning message will be sent after four hours. 2338This should be large enough that the message will have been tried 2339several times. 2340.sh 2 "Forking During Queue Runs" 2341.pp 2342By setting the 2343.b ForkEachJob 2344(\c 2345.b Y ) 2346option, 2347.i sendmail 2348will fork before each individual message 2349while running the queue. 2350This will prevent 2351.i sendmail 2352from consuming large amounts of memory, 2353so it may be useful in memory-poor environments. 2354However, if the 2355.b ForkEachJob 2356option is not set, 2357.i sendmail 2358will keep track of hosts that are down during a queue run, 2359which can improve performance dramatically. 2360.pp 2361If the 2362.b ForkEachJob 2363option is set, 2364.i sendmail 2365can not use connection caching. 2366.sh 2 "Queue Priorities" 2367.pp 2368Every message is assigned a priority when it is first instantiated, 2369consisting of the message size (in bytes) 2370offset by the message class 2371(which is determined from the Precedence: header) 2372times the 2373.q "work class factor" 2374and the number of recipients times the 2375.q "work recipient factor." 2376The priority is used to order the queue. 2377Higher numbers for the priority mean that the message will be processed later 2378when running the queue. 2379.pp 2380The message size is included so that large messages are penalized 2381relative to small messages. 2382The message class allows users to send 2383.q "high priority" 2384messages by including a 2385.q Precedence: 2386field in their message; 2387the value of this field is looked up in the 2388.b P 2389lines of the configuration file. 2390Since the number of recipients affects the amount of load a message presents 2391to the system, 2392this is also included into the priority. 2393.pp 2394The recipient and class factors 2395can be set in the configuration file using the 2396.b RecipientFactor 2397(\c 2398.b y ) 2399and 2400.b ClassFactor 2401(\c 2402.b z ) 2403options respectively. 2404They default to 30000 (for the recipient factor) 2405and 1800 2406(for the class factor). 2407The initial priority is: 2408.EQ 2409pri = msgsize - (class times bold ClassFactor) + (nrcpt times bold RecipientFactor) 2410.EN 2411(Remember, higher values for this parameter actually mean 2412that the job will be treated with lower priority.) 2413.pp 2414The priority of a job can also be adjusted each time it is processed 2415(that is, each time an attempt is made to deliver it) 2416using the 2417.q "work time factor," 2418set by the 2419.b RetryFactor 2420(\c 2421.b Z ) 2422option. 2423This is added to the priority, 2424so it normally decreases the precedence of the job, 2425on the grounds that jobs that have failed many times 2426will tend to fail again in the future. 2427The 2428.b RetryFactor 2429option defaults to 90000. 2430.sh 2 "Load Limiting" 2431.pp 2432.i Sendmail 2433can be asked to queue (but not deliver) 2434mail if the system load average gets too high 2435using the 2436.b QueueLA 2437(\c 2438.b x ) 2439option. 2440When the load average exceeds the value of the 2441.b QueueLA 2442option, 2443the delivery mode is set to 2444.b q 2445(queue only) 2446if the 2447.b QueueFactor 2448(\c 2449.b q ) 2450option divided by the difference in the current load average and the 2451.b QueueLA 2452option 2453plus one 2454is less than the priority of the message \(em 2455that is, the message is queued iff: 2456.EQ 2457pri > { bold QueueFactor } over { LA - { bold QueueLA } + 1 } 2458.EN 2459The 2460.b QueueFactor 2461option defaults to 600000, 2462so each point of load average is worth 600000 2463priority points 2464(as described above). 2465.pp 2466For drastic cases, 2467the 2468.b RefuseLA 2469(\c 2470.b X ) 2471option defines a load average at which 2472.i sendmail 2473will refuse 2474to accept network connections. 2475Locally generated mail 2476(including incoming UUCP mail) 2477is still accepted. 2478.sh 2 "Delivery Mode" 2479.pp 2480There are a number of delivery modes that 2481.i sendmail 2482can operate in, 2483set by the 2484.b DeliveryMode 2485(\c 2486.b d ) 2487configuration option. 2488These modes 2489specify how quickly mail will be delivered. 2490Legal modes are: 2491.(b 2492.ta 4n 2493i deliver interactively (synchronously) 2494b deliver in background (asynchronously) 2495q queue only (don't deliver) 2496d defer delivery attempts (don't deliver) 2497.)b 2498There are tradeoffs. 2499Mode 2500.q i 2501gives the sender the quickest feedback, 2502but may slow down some mailers and 2503is hardly ever necessary. 2504Mode 2505.q b 2506delivers promptly but 2507can cause large numbers of processes 2508if you have a mailer that takes a long time to deliver a message. 2509Mode 2510.q q 2511minimizes the load on your machine, 2512but means that delivery may be delayed for up to the queue interval. 2513Mode 2514.q d 2515is identical to mode 2516.q q 2517except that it also prevents all the early map lookups from working; 2518it is intended for ``dial on demand'' sites where DNS lookups 2519might cost real money. 2520Some simple error messages 2521(e.g., host unknown during the SMTP protocol) 2522will be delayed using this mode. 2523Mode 2524.q b 2525is the usual default. 2526.pp 2527If you run in mode 2528.q q 2529(queue only), 2530.q d 2531(defer), 2532or 2533.q b 2534(deliver in background) 2535.i sendmail 2536will not expand aliases and follow .forward files 2537upon initial receipt of the mail. 2538This speeds up the response to RCPT commands. 2539Mode 2540.q i 2541cannot be used by the SMTP server. 2542.sh 2 "Log Level" 2543.pp 2544The level of logging can be set for 2545.i sendmail . 2546The default using a standard configuration table is level 9. 2547The levels are as follows: 2548.nr ii 0.5i 2549.ip 0 2550Minimal logging. 2551.ip 1 2552Serious system failures and potential security problems. 2553.ip 2 2554Lost communications (network problems) and protocol failures. 2555.ip 3 2556Other serious failures, malformed addresses, transient forward/include 2557errors, connection timeouts. 2558.ip 4 2559Minor failures, out of date alias databases, connection rejections 2560via check_ rulesets. 2561.ip 5 2562Message collection statistics. 2563.ip 6 2564Creation of error messages, 2565VRFY and EXPN commands. 2566.ip 7 2567Delivery failures (host or user unknown, etc.). 2568.ip 8 2569Successful deliveries and alias database rebuilds. 2570.ip 9 2571Messages being deferred 2572(due to a host being down, etc.). 2573.ip 10 2574Database expansion (alias, forward, and userdb lookups) 2575and authentication information. 2576.ip 11 2577NIS errors and end of job processing. 2578.ip 12 2579Logs all SMTP connections. 2580.ip 13 2581Log bad user shells, files with improper permissions, and other 2582questionable situations. 2583.ip 14 2584Logs refused connections. 2585.ip 15 2586Log all incoming and outgoing SMTP commands. 2587.ip 20 2588Logs attempts to run locked queue files. 2589These are not errors, 2590but can be useful to note if your queue appears to be clogged. 2591.ip 30 2592Lost locks (only if using lockf instead of flock). 2593.lp 2594Additionally, 2595values above 64 are reserved for extremely verbose debugging output. 2596No normal site would ever set these. 2597.sh 2 "File Modes" 2598.pp 2599The modes used for files depend on what functionality you want 2600and the level of security you require. 2601In many cases 2602.i sendmail 2603does careful checking of the modes 2604of files and directories 2605to avoid accidental compromise; 2606if you want to make it possible to have group-writable support files 2607you may need to use the 2608.b DontBlameSendmail 2609option to turn off some of these checks. 2610.sh 3 "To suid or not to suid?" 2611.pp 2612.i Sendmail 2613is normally installed 2614setuid to root. 2615At the point where it is about to 2616.i exec \|(2) 2617a mailer, 2618it checks to see if the userid is zero (root); 2619if so, 2620it resets the userid and groupid to a default 2621(set by the 2622.b U= 2623equate in the mailer line; 2624if that is not set, the 2625.b DefaultUser 2626option is used). 2627This can be overridden 2628by setting the 2629.b S 2630flag to the mailer 2631for mailers that are trusted 2632and must be called as root. 2633However, 2634this will cause mail processing 2635to be accounted 2636(using 2637.i sa \|(8)) 2638to root 2639rather than to the user sending the mail. 2640.pp 2641If you don't make 2642.i sendmail 2643setuid to root, it will still run but you lose a lot of functionality 2644and a lot of privacy, since you'll have to make the queue directory 2645world readable. 2646You could also make 2647.i sendmail 2648setuid to some pseudo-user 2649(e.g., create a user called 2650.q sendmail 2651and make 2652.i sendmail 2653setuid to that) 2654which will fix the privacy problems 2655but not the functionality issues. 2656It also introduces problems on some operating systems 2657if sendmail needs to give up the setuid special privileges. 2658Also, this isn't a guarantee of security: 2659for example, 2660root occasionally sends mail, 2661and the daemon often runs as root. 2662Note however that 2663.i sendmail 2664must run as root or the trusted user in order to create the SMTP listener 2665socket. 2666.pp 2667A middle ground is to make 2668.i sendmail 2669setuid to root, 2670but set the 2671.b RunAsUser 2672option. 2673This causes 2674.i sendmail 2675to become the indicated user as soon as it has done the startup 2676that requires root privileges 2677(primarily, opening the 2678.sm SMTP 2679socket). 2680If you use 2681.b RunAsUser , 2682the queue directory 2683(normally 2684.i /var/spool/mqueue ) 2685should be owned by that user, 2686and all files and databases 2687(including user 2688.i \&.forward 2689files, 2690alias files, 2691:include: files, 2692and external databases) 2693must be readable by that user. 2694Also, since sendmail will not be able to change it's uid, 2695delivery to programs or files will be marked as unsafe, 2696e.g., undeliverable, 2697in 2698.i \&.forward , 2699aliases, 2700and :include: files. 2701Administrators can override this by setting the 2702.b DontBlameSendmail 2703option to the setting 2704.b NonRootSafeAddr . 2705.b RunAsUser 2706is probably best suited for firewall configurations 2707that don't have regular user logins. 2708.sh 3 "Turning off security checks" 2709.pp 2710.i Sendmail 2711is very particular about the modes of files that it reads or writes. 2712For example, by default it will refuse to read most files 2713that are group writable 2714on the grounds that they might have been tampered with 2715by someone other than the owner; 2716it will even refuse to read files in group writable directories. 2717.pp 2718If you are 2719.i quite 2720sure that your configuration is safe and you want 2721.i sendmail 2722to avoid these security checks, 2723you can turn off certain checks using the 2724.b DontBlameSendmail 2725option. 2726This option takes one or more names that disable checks. 2727In the descriptions that follow, 2728.q "unsafe directory" 2729means a directory that is writable by anyone other than the owner. 2730The values are: 2731.nr ii 0.5i 2732.ip Safe 2733No special handling. 2734.ip AssumeSafeChown 2735Assume that the 2736.i chown 2737system call is restricted to root. 2738Since some versions of UNIX permit regular users 2739to give away their files to other users on some filesystems, 2740.i sendmail 2741often cannot assume that a given file was created by the owner, 2742particularly when it is in a writable directory. 2743You can set this flag if you know that file giveaway is restricted 2744on your system. 2745.ip ClassFileInUnsafeDirPath 2746When reading class files (using the 2747.b F 2748line in the configuration file), 2749allow files that are in unsafe directories. 2750.ip DontWarnForwardFileInUnsafeDirPath 2751Prevent logging of 2752unsafe directory path warnings 2753for non-existent forward files. 2754.ip ErrorHeaderInUnsafeDirPath 2755Allow the file named in the 2756.b ErrorHeader 2757option to be in an unsafe directory. 2758.ip FileDeliveryToHardLink 2759Allow delivery to files that are hard links. 2760.ip FileDeliveryToSymLink 2761Allow delivery to files that are symbolic links. 2762.ip ForwardFileInGroupWritableDirPath 2763Allow 2764.i \&.forward 2765files in group writable directories. 2766.ip ForwardFileInUnsafeDirPath 2767Allow 2768.i \&.forward 2769files in unsafe directories. 2770.ip ForwardFileInUnsafeDirPathSafe 2771Allow a 2772.i \&.forward 2773file that is in an unsafe directory to include references 2774to program and files. 2775.ip GroupWritableAliasFile 2776Allow group-writable alias files. 2777.ip GroupWritableDirPathSafe 2778Change the definition of 2779.q "unsafe directory" 2780to consider group-writable directories to be safe. 2781World-writable directories are always unsafe. 2782.ip GroupWritableForwardFileSafe 2783Accept group-writable 2784.i \&.forward 2785files as safe for program and file delivery. 2786.ip GroupWritableIncludeFileSafe 2787Accept group-writable 2788.i :include: 2789files as safe for program and file delivery. 2790.ip HelpFileInUnsafeDirPath 2791Allow the file named in the 2792.b HelpFile 2793option to be in an unsafe directory. 2794.ip IncludeFileInGroupWritableDirPath 2795Allow 2796.i :include: 2797files in group writable directories. 2798.ip IncludeFileInUnsafeDirPath 2799Allow 2800.i :include: 2801files in unsafe directories. 2802.ip IncludeFileInUnsafeDirPathSafe 2803Allow a 2804.i :include: 2805file that is in an unsafe directory to include references 2806to program and files. 2807.ip InsufficientEntropy 2808Try to use STARTTLS even if the PRNG for OpenSSL is not properly seeded 2809despite the security problems. 2810.ip LinkedAliasFileInWritableDir 2811Allow an alias file that is a link in a writable directory. 2812.ip LinkedClassFileInWritableDir 2813Allow class files that are links in writable directories. 2814.ip LinkedForwardFileInWritableDir 2815Allow 2816.i \&.forward 2817files that are links in writable directories. 2818.ip LinkedIncludeFileInWritableDir 2819Allow 2820.i :include: 2821files that are links in writable directories. 2822.ip LinkedMapInWritableDir 2823Allow map files that are links in writable directories. 2824.ip LinkedServiceSwitchFileInWritableDir 2825Allow the service switch file to be a link 2826even if the directory is writable. 2827.ip MapInUnsafeDirPath 2828Allow maps (e.g., 2829.i hash , 2830.i btree , 2831and 2832.i dbm 2833files) 2834in unsafe directories. 2835.ip NonRootSafeAddr 2836Do not mark file and program deliveries as unsafe 2837if sendmail is not running with root privileges. 2838.ip RunProgramInUnsafeDirPath 2839Go ahead and run programs that are in writable directories. 2840.ip RunWritableProgram 2841Go ahead and run programs that are group- or world-writable. 2842.ip TrustStickyBit 2843Allow group or world writable directories 2844if the sticky bit is set on the directory. 2845Do not set this on systems which do not honor 2846the sticky bit on directories. 2847.ip WorldWritableAliasFile 2848Accept world-writable alias files. 2849.ip WriteMapToHardLink 2850Allow writes to maps that are hard links. 2851.ip WriteMapToSymLink 2852Allow writes to maps that are symbolic links. 2853.ip WriteStatsToHardLink 2854Allow the status file to be a hard link. 2855.ip WriteStatsToSymLink 2856Allow the status file to be a symbolic link. 2857.sh 2 "Connection Caching" 2858.pp 2859When processing the queue, 2860.i sendmail 2861will try to keep the last few open connections open 2862to avoid startup and shutdown costs. 2863This only applies to IPC connections. 2864.pp 2865When trying to open a connection 2866the cache is first searched. 2867If an open connection is found, it is probed to see if it is still active 2868by sending a 2869.sm RSET 2870command. 2871It is not an error if this fails; 2872instead, the connection is closed and reopened. 2873.pp 2874Two parameters control the connection cache. 2875The 2876.b ConnectionCacheSize 2877(\c 2878.b k ) 2879option defines the number of simultaneous open connections 2880that will be permitted. 2881If it is set to zero, 2882connections will be closed as quickly as possible. 2883The default is one. 2884This should be set as appropriate for your system size; 2885it will limit the amount of system resources that 2886.i sendmail 2887will use during queue runs. 2888Never set this higher than 4. 2889.pp 2890The 2891.b ConnectionCacheTimeout 2892(\c 2893.b K ) 2894option specifies the maximum time that any cached connection 2895will be permitted to idle. 2896When the idle time exceeds this value 2897the connection is closed. 2898This number should be small 2899(under ten minutes) 2900to prevent you from grabbing too many resources 2901from other hosts. 2902The default is five minutes. 2903.sh 2 "Name Server Access" 2904.pp 2905Control of host address lookups is set by the 2906.b hosts 2907service entry in your service switch file. 2908If you are on a system that has built-in service switch support 2909(e.g., Ultrix, Solaris, or DEC OSF/1) 2910then your system is probably configured properly already. 2911Otherwise, 2912.i sendmail 2913will consult the file 2914.b /etc/mail/service.switch , 2915which should be created. 2916.i Sendmail 2917only uses two entries: 2918.b hosts 2919and 2920.b aliases , 2921although system routines may use other services 2922(notably the 2923.b passwd 2924service for user name lookups by 2925.i getpwname ). 2926.pp 2927However, some systems (such as SunOS 4.X) 2928will do DNS lookups 2929regardless of the setting of the service switch entry. 2930In particular, the system routine 2931.i gethostbyname (3) 2932is used to look up host names, 2933and many vendor versions try some combination of DNS, NIS, 2934and file lookup in /etc/hosts 2935without consulting a service switch. 2936.i Sendmail 2937makes no attempt to work around this problem, 2938and the DNS lookup will be done anyway. 2939If you do not have a nameserver configured at all, 2940such as at a UUCP-only site, 2941.i sendmail 2942will get a 2943.q "connection refused" 2944message when it tries to connect to the name server. 2945If the 2946.b hosts 2947switch entry has the service 2948.q dns 2949listed somewhere in the list, 2950.i sendmail 2951will interpret this to mean a temporary failure 2952and will queue the mail for later processing; 2953otherwise, it ignores the name server data. 2954.pp 2955The same technique is used to decide whether to do MX lookups. 2956If you want MX support, you 2957.i must 2958have 2959.q dns 2960listed as a service in the 2961.b hosts 2962switch entry. 2963.pp 2964The 2965.b ResolverOptions 2966(\c 2967.b I ) 2968option allows you to tweak name server options. 2969The command line takes a series of flags as documented in 2970.i resolver (3) 2971(with the leading 2972.q RES_ 2973deleted). 2974Each can be preceded by an optional `+' or `\(mi'. 2975For example, the line 2976.(b 2977O ResolverOptions=+AAONLY \(miDNSRCH 2978.)b 2979turns on the AAONLY (accept authoritative answers only) 2980and turns off the DNSRCH (search the domain path) options. 2981Most resolver libraries default DNSRCH, DEFNAMES, and RECURSE 2982flags on and all others off. 2983You can also include 2984.q HasWildcardMX 2985to specify that there is a wildcard MX record matching your domain; 2986this turns off MX matching when canonifying names, 2987which can lead to inappropriate canonifications. 2988.pp 2989Version level 1 configurations 2990turn DNSRCH and DEFNAMES off when doing delivery lookups, 2991but leave them on everywhere else. 2992Version 8 of 2993.i sendmail 2994ignores them when doing canonification lookups 2995(that is, when using $[ ... $]), 2996and always does the search. 2997If you don't want to do automatic name extension, 2998don't call $[ ... $]. 2999.pp 3000The search rules for $[ ... $] are somewhat different than usual. 3001If the name being looked up 3002has at least one dot, it always tries the unmodified name first. 3003If that fails, it tries the reduced search path, 3004and lastly tries the unmodified name 3005(but only for names without a dot, 3006since names with a dot have already been tried). 3007This allows names such as 3008``utc.CS'' 3009to match the site in Czechoslovakia 3010rather than the site in your local Computer Science department. 3011It also prefers A and CNAME records over MX records \*- 3012that is, if it finds an MX record it makes note of it, 3013but keeps looking. 3014This way, if you have a wildcard MX record matching your domain, 3015it will not assume that all names match. 3016.pp 3017To completely turn off all name server access 3018on systems without service switch support 3019(such as SunOS 4.X) 3020you will have to recompile with 3021\-DNAMED_BIND=0 3022and remove \-lresolv from the list of libraries to be searched 3023when linking. 3024.sh 2 "Moving the Per-User Forward Files" 3025.pp 3026Some sites mount each user's home directory 3027from a local disk on their workstation, 3028so that local access is fast. 3029However, the result is that .forward file lookups are slow. 3030In some cases, 3031mail can even be delivered on machines inappropriately 3032because of a file server being down. 3033The performance can be especially bad if you run the automounter. 3034.pp 3035The 3036.b ForwardPath 3037(\c 3038.b J ) 3039option allows you to set a path of forward files. 3040For example, the config file line 3041.(b 3042O ForwardPath=/var/forward/$u:$z/.forward.$w 3043.)b 3044would first look for a file with the same name as the user's login 3045in /var/forward; 3046if that is not found (or is inaccessible) 3047the file 3048``.forward.\c 3049.i machinename '' 3050in the user's home directory is searched. 3051A truly perverse site could also search by sender 3052by using $r, $s, or $f. 3053.pp 3054If you create a directory such as /var/forward, 3055it should be mode 1777 3056(that is, the sticky bit should be set). 3057Users should create the files mode 644. 3058Note that you must use the 3059forwardfileinunsafedirpath and 3060forwardfileinunsafedirpathsafe 3061flags with the DontBlameSendmail option 3062to allow forward files in a world 3063writable directory. 3064This might also be used as a 3065denial of service 3066attack (users could create forward files for other users); 3067a better approach might be to create 3068/var/forward 3069mode 755 3070and create empty files for each user, 3071owned by that user, 3072mode 644. 3073If you do this, you don't have to set the DontBlameSendmail options 3074indicated above. 3075.sh 2 "Free Space" 3076.pp 3077On systems that have one of the system calls in the 3078.i statfs (2) 3079family 3080(including 3081.i statvfs 3082and 3083.i ustat ), 3084you can specify a minimum number of free blocks on the queue filesystem 3085using the 3086.b MinFreeBlocks 3087(\c 3088.b b ) 3089option. 3090If there are fewer than the indicated number of blocks free 3091on the filesystem on which the queue is mounted 3092the SMTP server will reject mail 3093with the 3094452 error code. 3095This invites the SMTP client to try again later. 3096.pp 3097Beware of setting this option too high; 3098it can cause rejection of email 3099when that mail would be processed without difficulty. 3100.sh 2 "Maximum Message Size" 3101.pp 3102To avoid overflowing your system with a large message, 3103the 3104.b MaxMessageSize 3105option can be set to set an absolute limit 3106on the size of any one message. 3107This will be advertised in the ESMTP dialogue 3108and checked during message collection. 3109.sh 2 "Privacy Flags" 3110.pp 3111The 3112.b PrivacyOptions 3113(\c 3114.b p ) 3115option allows you to set certain 3116``privacy'' 3117flags. 3118Actually, many of them don't give you any extra privacy, 3119rather just insisting that client SMTP servers 3120use the HELO command 3121before using certain commands 3122or adding extra headers to indicate possible spoof attempts. 3123.pp 3124The option takes a series of flag names; 3125the final privacy is the inclusive or of those flags. 3126For example: 3127.(b 3128O PrivacyOptions=needmailhelo, noexpn 3129.)b 3130insists that the HELO or EHLO command be used before a MAIL command is accepted 3131and disables the EXPN command. 3132.pp 3133The flags are detailed in section 3134.\"XREF 31355.6. 3136.sh 2 "Send to Me Too" 3137.pp 3138Beginning with version 8.10, 3139.i sendmail 3140includes by default the (envelope) sender in any list expansions. 3141For example, if 3142.q matt 3143sends to a list that contains 3144.q matt 3145as one of the members he will get a copy of the message. 3146If the 3147.b MeToo 3148option is set to 3149.sm FALSE 3150(in the configuration file or via the command line), 3151this behavior is changed, i.e., 3152the (envelope) sender is excluded in list expansions. 3153.sh 1 "THE WHOLE SCOOP ON THE CONFIGURATION FILE" 3154.pp 3155This section describes the configuration file 3156in detail. 3157.pp 3158There is one point that should be made clear immediately: 3159the syntax of the configuration file 3160is designed to be reasonably easy to parse, 3161since this is done every time 3162.i sendmail 3163starts up, 3164rather than easy for a human to read or write. 3165On the 3166.q "future project" 3167list is a 3168configuration-file compiler. 3169.pp 3170The configuration file is organized as a series of lines, 3171each of which begins with a single character 3172defining the semantics for the rest of the line. 3173Lines beginning with a space or a tab 3174are continuation lines 3175(although the semantics are not well defined in many places). 3176Blank lines and lines beginning with a sharp symbol 3177(`#') 3178are comments. 3179.sh 2 "R and S \*- Rewriting Rules" 3180.pp 3181The core of address parsing 3182are the rewriting rules. 3183These are an ordered production system. 3184.i Sendmail 3185scans through the set of rewriting rules 3186looking for a match on the left hand side 3187(LHS) 3188of the rule. 3189When a rule matches, 3190the address is replaced by the right hand side 3191(RHS) 3192of the rule. 3193.pp 3194There are several sets of rewriting rules. 3195Some of the rewriting sets are used internally 3196and must have specific semantics. 3197Other rewriting sets 3198do not have specifically assigned semantics, 3199and may be referenced by the mailer definitions 3200or by other rewriting sets. 3201.pp 3202The syntax of these two commands are: 3203.(b F 3204.b S \c 3205.i n 3206.)b 3207Sets the current ruleset being collected to 3208.i n . 3209If you begin a ruleset more than once 3210it appends to the old definition. 3211.(b F 3212.b R \c 3213.i lhs 3214.i rhs 3215.i comments 3216.)b 3217The 3218fields must be separated 3219by at least one tab character; 3220there may be embedded spaces 3221in the fields. 3222The 3223.i lhs 3224is a pattern that is applied to the input. 3225If it matches, 3226the input is rewritten to the 3227.i rhs . 3228The 3229.i comments 3230are ignored. 3231.pp 3232Macro expansions of the form 3233.b $ \c 3234.i x 3235are performed when the configuration file is read. 3236A literal 3237.b $ 3238can be included using 3239.b $$ . 3240Expansions of the form 3241.b $& \c 3242.i x 3243are performed at run time using a somewhat less general algorithm. 3244This is intended only for referencing internally defined macros 3245such as 3246.b $h 3247that are changed at runtime. 3248.sh 3 "The left hand side" 3249.pp 3250The left hand side of rewriting rules contains a pattern. 3251Normal words are simply matched directly. 3252Metasyntax is introduced using a dollar sign. 3253The metasymbols are: 3254.(b 3255.ta \w'\fB$=\fP\fIx\fP 'u 3256\fB$*\fP Match zero or more tokens 3257\fB$+\fP Match one or more tokens 3258\fB$\-\fP Match exactly one token 3259\fB$=\fP\fIx\fP Match any phrase in class \fIx\fP 3260\fB$~\fP\fIx\fP Match any word not in class \fIx\fP 3261.)b 3262If any of these match, 3263they are assigned to the symbol 3264.b $ \c 3265.i n 3266for replacement on the right hand side, 3267where 3268.i n 3269is the index in the LHS. 3270For example, 3271if the LHS: 3272.(b 3273$\-:$+ 3274.)b 3275is applied to the input: 3276.(b 3277UCBARPA:eric 3278.)b 3279the rule will match, and the values passed to the RHS will be: 3280.(b 3281.ta 4n 3282$1 UCBARPA 3283$2 eric 3284.)b 3285.pp 3286Additionally, the LHS can include 3287.b $@ 3288to match zero tokens. 3289This is 3290.i not 3291bound to a 3292.b $ \c 3293.i n 3294on the RHS, and is normally only used when it stands alone 3295in order to match the null input. 3296.sh 3 "The right hand side" 3297.pp 3298When the left hand side of a rewriting rule matches, 3299the input is deleted and replaced by the right hand side. 3300Tokens are copied directly from the RHS 3301unless they begin with a dollar sign. 3302Metasymbols are: 3303.(b 3304.ta \w'$#mailer\0\0\0'u 3305\fB$\fP\fIn\fP Substitute indefinite token \fIn\fP from LHS 3306\fB$[\fP\fIname\fP\fB$]\fP Canonicalize \fIname\fP 3307\fB$(\fP\fImap key\fP \fB$@\fP\fIarguments\fP \fB$:\fP\fIdefault\fP \fB$)\fP 3308 Generalized keyed mapping function 3309\fB$>\fP\fIn\fP \*(lqCall\*(rq ruleset \fIn\fP 3310\fB$#\fP\fImailer\fP Resolve to \fImailer\fP 3311\fB$@\fP\fIhost\fP Specify \fIhost\fP 3312\fB$:\fP\fIuser\fP Specify \fIuser\fP 3313.)b 3314.pp 3315The 3316.b $ \c 3317.i n 3318syntax substitutes the corresponding value from a 3319.b $+ , 3320.b $\- , 3321.b $* , 3322.b $= , 3323or 3324.b $~ 3325match on the LHS. 3326It may be used anywhere. 3327.pp 3328A host name enclosed between 3329.b $[ 3330and 3331.b $] 3332is looked up in the host database(s) 3333and replaced by the canonical name\**. 3334.(f 3335\**This is actually 3336completely equivalent 3337to $(host \fIhostname\fP$). 3338In particular, a 3339.b $: 3340default can be used. 3341.)f 3342For example, 3343.q $[ftp$] 3344might become 3345.q ftp.CS.Berkeley.EDU 3346and 3347.q $[[128.32.130.2]$] 3348would become 3349.q vangogh.CS.Berkeley.EDU. 3350.i Sendmail 3351recognizes its numeric IP address 3352without calling the name server 3353and replaces it with its canonical name. 3354.pp 3355The 3356.b $( 3357\&... 3358.b $) 3359syntax is a more general form of lookup; 3360it uses a named map instead of an implicit map. 3361If no lookup is found, the indicated 3362.i default 3363is inserted; 3364if no default is specified and no lookup matches, 3365the value is left unchanged. 3366The 3367.i arguments 3368are passed to the map for possible use. 3369.pp 3370The 3371.b $> \c 3372.i n 3373syntax 3374causes the remainder of the line to be substituted as usual 3375and then passed as the argument to ruleset 3376.i n . 3377The final value of ruleset 3378.i n 3379then becomes 3380the substitution for this rule. 3381The 3382.b $> 3383syntax expands everything after the ruleset name 3384to the end of the replacement string 3385and then passes that as the initial input to the ruleset. 3386Recursive calls are allowed. 3387For example, 3388.(b 3389$>0 $>3 $1 3390.)b 3391expands $1, passes that to ruleset 3, and then passes the result 3392of ruleset 3 to ruleset 0. 3393.pp 3394The 3395.b $# 3396syntax should 3397.i only 3398be used in ruleset zero, 3399a subroutine of ruleset zero, 3400or rulesets that return decisions (e.g., check_rcpt). 3401It causes evaluation of the ruleset to terminate immediately, 3402and signals to 3403.i sendmail 3404that the address has completely resolved. 3405The complete syntax for ruleset 0 is: 3406.(b 3407\fB$#\fP\fImailer\fP \fB$@\fP\fIhost\fP \fB$:\fP\fIuser\fP 3408.)b 3409This specifies the 3410{mailer, host, user} 34113-tuple necessary to direct the mailer. 3412If the mailer is local 3413the host part may be omitted\**. 3414.(f 3415\**You may want to use it for special 3416.q "per user" 3417extensions. 3418For example, in the address 3419.q jgm+foo@CMU.EDU ; 3420the 3421.q +foo 3422part is not part of the user name, 3423and is passed to the local mailer for local use. 3424.)f 3425The 3426.i mailer 3427must be a single word, 3428but the 3429.i host 3430and 3431.i user 3432may be multi-part. 3433If the 3434.i mailer 3435is the builtin IPC mailer, 3436the 3437.i host 3438may be a colon-separated list of hosts 3439that are searched in order for the first working address 3440(exactly like MX records). 3441The 3442.i user 3443is later rewritten by the mailer-specific envelope rewriting set 3444and assigned to the 3445.b $u 3446macro. 3447As a special case, if the mailer specified has the 3448.b F=@ 3449flag specified 3450and the first character of the 3451.b $: 3452value is 3453.q @ , 3454the 3455.q @ 3456is stripped off, and a flag is set in the address descriptor 3457that causes sendmail to not do ruleset 5 processing. 3458.pp 3459Normally, a rule that matches is retried, 3460that is, 3461the rule loops until it fails. 3462A RHS may also be preceded by a 3463.b $@ 3464or a 3465.b $: 3466to change this behavior. 3467A 3468.b $@ 3469prefix causes the ruleset to return with the remainder of the RHS 3470as the value. 3471A 3472.b $: 3473prefix causes the rule to terminate immediately, 3474but the ruleset to continue; 3475this can be used to avoid continued application of a rule. 3476The prefix is stripped before continuing. 3477.pp 3478The 3479.b $@ 3480and 3481.b $: 3482prefixes may precede a 3483.b $> 3484spec; 3485for example: 3486.(b 3487.ta 8n 3488R$+ $: $>7 $1 3489.)b 3490matches anything, 3491passes that to ruleset seven, 3492and continues; 3493the 3494.b $: 3495is necessary to avoid an infinite loop. 3496.pp 3497Substitution occurs in the order described, 3498that is, 3499parameters from the LHS are substituted, 3500hostnames are canonicalized, 3501.q subroutines 3502are called, 3503and finally 3504.b $# , 3505.b $@ , 3506and 3507.b $: 3508are processed. 3509.sh 3 "Semantics of rewriting rule sets" 3510.pp 3511There are six rewriting sets 3512that have specific semantics. 3513Five of these are related as depicted by figure 1. 3514.(z 3515.hl 3516.ie n \{\ 3517.(c 3518 +---+ 3519 -->| 0 |-->resolved address 3520 / +---+ 3521 / +---+ +---+ 3522 / ---->| 1 |-->| S |-- 3523 +---+ / +---+ / +---+ +---+ \e +---+ 3524addr-->| 3 |-->| D |-- --->| 4 |-->msg 3525 +---+ +---+ \e +---+ +---+ / +---+ 3526 --->| 2 |-->| R |-- 3527 +---+ +---+ 3528.)c 3529 3530.\} 3531.el \{\ 3532.ie !"\*(.T"" \{\ 3533.PS 3534boxwid = 0.3i 3535boxht = 0.3i 3536movewid = 0.3i 3537moveht = 0.3i 3538linewid = 0.3i 3539lineht = 0.3i 3540 3541 box invis "addr"; arrow 3542Box3: box "3" 3543A1: arrow 3544BoxD: box "D"; line; L1: Here 3545C: [ 3546 C1: arrow; box "1"; arrow; box "S"; line; E1: Here 3547 move to C1 down 0.5; right 3548 C2: arrow; box "2"; arrow; box "R"; line; E2: Here 3549 ] with .w at L1 + (0.5, 0) 3550 move to C.e right 0.5 3551L4: arrow; box "4"; arrow; box invis "msg" 3552 line from L1 to C.C1 3553 line from L1 to C.C2 3554 line from C.E1 to L4 3555 line from C.E2 to L4 3556 move to BoxD.n up 0.6; right 3557Box0: arrow; box "0" 3558 arrow; box invis "resolved address" width 1.3 3559 line from 1/3 of the way between A1 and BoxD.w to Box0 3560.PE 3561.\} 3562.el .sp 2i 3563.\} 3564.ce 3565Figure 1 \*- Rewriting set semantics 3566.(c 3567D \*- sender domain addition 3568S \*- mailer-specific sender rewriting 3569R \*- mailer-specific recipient rewriting 3570.)c 3571.hl 3572.)z 3573.pp 3574Ruleset three 3575should turn the address into 3576.q "canonical form." 3577This form should have the basic syntax: 3578.(b 3579local-part@host-domain-spec 3580.)b 3581Ruleset three 3582is applied by 3583.i sendmail 3584before doing anything with any address. 3585.pp 3586If no 3587.q @ 3588sign is specified, 3589then the 3590host-domain-spec 3591.i may 3592be appended (box 3593.q D 3594in Figure 1) 3595from the 3596sender address 3597(if the 3598.b C 3599flag is set in the mailer definition 3600corresponding to the 3601.i sending 3602mailer). 3603.pp 3604Ruleset zero 3605is applied after ruleset three 3606to addresses that are going to actually specify recipients. 3607It must resolve to a 3608.i "{mailer, host, address}" 3609triple. 3610The 3611.i mailer 3612must be defined in the mailer definitions 3613from the configuration file. 3614The 3615.i host 3616is defined into the 3617.b $h 3618macro 3619for use in the argv expansion of the specified mailer. 3620.pp 3621Rulesets one and two 3622are applied to all sender and recipient addresses respectively. 3623They are applied before any specification 3624in the mailer definition. 3625They must never resolve. 3626.pp 3627Ruleset four is applied to all addresses 3628in the message. 3629It is typically used 3630to translate internal to external form. 3631.pp 3632In addition, 3633ruleset 5 is applied to all local addresses 3634(specifically, those that resolve to a mailer with the `F=5' 3635flag set) 3636that do not have aliases. 3637This allows a last minute hook for local names. 3638.sh 3 "Ruleset hooks" 3639.pp 3640A few extra rulesets are defined as 3641.q hooks 3642that can be defined to get special features. 3643They are all named rulesets. 3644The 3645.q check_* 3646forms all give accept/reject status; 3647falling off the end or returning normally is an accept, 3648and resolving to 3649.b $#error 3650is a reject. 3651Many of these can also resolve to the special mailer name 3652.b $#discard ; 3653this accepts the message as though it were successful 3654but then discards it without delivery. 3655Note, 3656this mailer can not be chosen as a mailer in ruleset 0. 3657.sh 4 "check_relay" 3658.pp 3659The 3660.i check_relay 3661ruleset is called after a connection is accepted by the daemon. 3662It is not called when sendmail is started using the 3663.b \-bs 3664option. 3665It is passed 3666.(b 3667client.host.name $| client.host.address 3668.)b 3669where 3670.b $| 3671is a metacharacter separating the two parts. 3672This ruleset can reject connections from various locations. 3673.sh 4 "check_mail" 3674.pp 3675The 3676.i check_mail 3677ruleset is passed the user name parameter of the 3678.sm "SMTP MAIL" 3679command. 3680It can accept or reject the address. 3681.sh 4 "check_rcpt" 3682.pp 3683The 3684.i check_rcpt 3685ruleset is passed the user name parameter of the 3686.sm "SMTP RCPT" 3687command. 3688It can accept or reject the address. 3689.sh 4 "check_compat" 3690.pp 3691The 3692.i check_compat 3693ruleset is passed 3694.(b 3695sender-address $| recipient-address 3696.)b 3697where 3698.b $| 3699is a metacharacter separating the addresses. 3700It can accept or reject mail transfer between these two addresses 3701much like the 3702.i checkcompat() 3703function. 3704.sh 4 "check_eoh" 3705.pp 3706The 3707.i check_eoh 3708ruleset is passed 3709.(b 3710number-of-headers $| size-of-headers 3711.)b 3712where 3713.b $| 3714is a metacharacter separating the numbers. 3715These numbers can be used for size comparisons with the 3716.b arith 3717map. 3718The ruleset is triggered after 3719all of the headers have been read. 3720It can be used to correlate information gathered 3721from those headers using the 3722.b macro 3723storage map. 3724One possible use is to check for a missing header. 3725For example: 3726.(b 3727.ta 1.5i 3728Kstorage macro 3729HMessage-Id: $>CheckMessageId 3730 3731SCheckMessageId 3732# Record the presence of the header 3733R$* $: $(storage {MessageIdCheck} $@ OK $) $1 3734R< $+ @ $+ > $@ OK 3735R$* $#error $: 553 Header Error 3736 3737Scheck_eoh 3738# Check the macro 3739R$* $: < $&{MessageIdCheck} > 3740# Clear the macro for the next message 3741R$* $: $(storage {MessageIdCheck} $) $1 3742# Has a Message-Id: header 3743R< $+ > $@ OK 3744# Allow missing Message-Id: from local mail 3745R$* $: < $&{client_name} > 3746R< > $@ OK 3747R< $=w > $@ OK 3748# Otherwise, reject the mail 3749R$* $#error $: 553 Header Error 3750.)b 3751Keep in mind the Message-Id: header is not a required header and 3752is not a guaranteed spam indicator. 3753This ruleset is an example and 3754should probably not be used in production. 3755.sh 4 "check_etrn" 3756.pp 3757The 3758.i check_etrn 3759ruleset is passed the parameter of the 3760.sm "SMTP ETRN" 3761command. 3762It can accept or reject the command. 3763.sh 4 "check_expn" 3764.pp 3765The 3766.i check_expn 3767ruleset is passed the user name parameter of the 3768.sm "SMTP EXPN" 3769command. 3770It can accept or reject the address. 3771.sh 4 "check_vrfy" 3772.pp 3773The 3774.i check_vrfy 3775ruleset is passed the user name parameter of the 3776.sm "SMTP VRFY" 3777command. 3778It can accept or reject the command. 3779.sh 4 "trust_auth" 3780.pp 3781The 3782.i trust_auth 3783ruleset is passed the AUTH= parameter of the 3784.sm "SMTP MAIL" 3785command. 3786It is used to determine whether this value should be 3787trusted. In order to make this decision, the ruleset 3788may make use of the various 3789.b ${auth_*} 3790macros. 3791If the ruleset does resolve to the 3792.q error 3793mailer the AUTH= parameter is not trusted and hence 3794not passed on to the next relay. 3795.sh 4 "tls_client" 3796.pp 3797The 3798.i tls_client 3799ruleset is called when sendmail acts as server, after a STARTTLS command 3800has been issued, and from 3801.i check_mail. 3802The parameter is the value of 3803.b ${verify} 3804and STARTTLS or MAIL, respectively. 3805If the ruleset does resolve to the 3806.q error 3807mailer, the appropriate error code is returned to the client. 3808.sh 4 "tls_server" 3809.pp 3810The 3811.i tls_server 3812ruleset is called when sendmail acts as client after a STARTTLS command 3813(should) have been issued. 3814The parameter is the value of 3815.b ${verify} . 3816If the ruleset does resolve to the 3817.q error 3818mailer, the connection is aborted 3819(treated as non-deliverable with a permanent or temporary error). 3820.sh 3 "IPC mailers" 3821.pp 3822Some special processing occurs 3823if the ruleset zero resolves to an IPC mailer 3824(that is, a mailer that has 3825.q [IPC] 3826listed as the Path in the 3827.b M 3828configuration line. 3829The host name passed after 3830.q $@ 3831has MX expansion performed if not delivering via a named socket; 3832this looks the name up in DNS to find alternate delivery sites. 3833.pp 3834The host name can also be provided as a dotted quad in square brackets; 3835for example: 3836.(b 3837[128.32.149.78] 3838.)b 3839This causes direct conversion of the numeric value 3840to an IP host address. 3841.pp 3842The host name passed in after the 3843.q $@ 3844may also be a colon-separated list of hosts. 3845Each is separately MX expanded and the results are concatenated 3846to make (essentially) one long MX list. 3847The intent here is to create 3848.q fake 3849MX records that are not published in DNS 3850for private internal networks. 3851.pp 3852As a final special case, the host name can be passed in 3853as a text string 3854in square brackets: 3855.(b 3856[ucbvax.berkeley.edu] 3857.)b 3858This form avoids the MX mapping. 3859.b N.B.: 3860.i 3861This is intended only for situations where you have a network firewall 3862or other host that will do special processing for all your mail, 3863so that your MX record points to a gateway machine; 3864this machine could then do direct delivery to machines 3865within your local domain. 3866Use of this feature directly violates RFC 1123 section 5.3.5: 3867it should not be used lightly. 3868.r 3869.sh 2 "D \*- Define Macro" 3870.pp 3871Macros are named with a single character 3872or with a word in {braces}. 3873The names ``x'' and ``{x}'' denote the same macro 3874for every single character ``x''. 3875Single character names may be selected from the entire ASCII set, 3876but user-defined macros 3877should be selected from the set of upper case letters only. 3878Lower case letters 3879and special symbols 3880are used internally. 3881Long names beginning with a lower case letter or a punctuation character 3882are reserved for use by sendmail, 3883so user-defined long macro names should begin with an upper case letter. 3884.pp 3885The syntax for macro definitions is: 3886.(b F 3887.b D \c 3888.i x\|val 3889.)b 3890where 3891.i x 3892is the name of the macro 3893(which may be a single character 3894or a word in braces) 3895and 3896.i val 3897is the value it should have. 3898There should be no spaces given 3899that do not actually belong in the macro value. 3900.pp 3901Macros are interpolated 3902using the construct 3903.b $ \c 3904.i x , 3905where 3906.i x 3907is the name of the macro to be interpolated. 3908This interpolation is done when the configuration file is read, 3909except in 3910.b M 3911lines. 3912The special construct 3913.b $& \c 3914.i x 3915can be used in 3916.b R 3917lines to get deferred interpolation. 3918.pp 3919Conditionals can be specified using the syntax: 3920.(b 3921$?x text1 $| text2 $. 3922.)b 3923This interpolates 3924.i text1 3925if the macro 3926.b $x 3927is set and non-null, 3928and 3929.i text2 3930otherwise. 3931The 3932.q else 3933(\c 3934.b $| ) 3935clause may be omitted. 3936.pp 3937Lower case macro names are reserved to have 3938special semantics, 3939used to pass information in or out of 3940.i sendmail , 3941and special characters are reserved to 3942provide conditionals, etc. 3943Upper case names 3944(that is, 3945.b $A 3946through 3947.b $Z ) 3948are specifically reserved for configuration file authors. 3949.pp 3950The following macros are defined and/or used internally by 3951.i sendmail 3952for interpolation into argv's for mailers 3953or for other contexts. 3954The ones marked \(dg are information passed into sendmail\**, 3955.(f 3956\**As of version 8.6, 3957all of these macros have reasonable defaults. 3958Previous versions required that they be defined. 3959.)f 3960the ones marked \(dd are information passed both in and out of sendmail, 3961and the unmarked macros are passed out of sendmail 3962but are not otherwise used internally. 3963These macros are: 3964.nr ii 5n 3965.ip $a 3966The origination date in RFC 822 format. 3967This is extracted from the Date: line. 3968.ip $b 3969The current date in RFC 822 format. 3970.ip $c 3971The hop count. 3972This is a count of the number of Received: lines 3973plus the value of the 3974.b \-h 3975command line flag. 3976.ip $d 3977The current date in UNIX (ctime) format. 3978.ip $e\(dg 3979(Obsolete; use SmtpGreetingMessage option instead.) 3980The SMTP entry message. 3981This is printed out when SMTP starts up. 3982The first word must be the 3983.b $j 3984macro as specified by RFC821. 3985Defaults to 3986.q "$j Sendmail $v ready at $b" . 3987Commonly redefined to include the configuration version number, e.g., 3988.q "$j Sendmail $v/$Z ready at $b" 3989.ip $f 3990The envelope sender (from) address. 3991.ip $g 3992The sender address relative to the recipient. 3993For example, if 3994.b $f 3995is 3996.q foo , 3997.b $g 3998will be 3999.q host!foo , 4000.q foo@host.domain , 4001or whatever is appropriate for the receiving mailer. 4002.ip $h 4003The recipient host. 4004This is set in ruleset 0 from the $@ field of a parsed address. 4005.ip $i 4006The queue id, 4007e.g., 4008.q HAA12345 . 4009.ip $j\(dd 4010The \*(lqofficial\*(rq domain name for this site. 4011This is fully qualified if the full qualification can be found. 4012It 4013.i must 4014be redefined to be the fully qualified domain name 4015if your system is not configured so that information can find 4016it automatically. 4017.ip $k 4018The UUCP node name (from the uname system call). 4019.ip $l\(dg 4020(Obsolete; use UnixFromLine option instead.) 4021The format of the UNIX from line. 4022Unless you have changed the UNIX mailbox format, 4023you should not change the default, 4024which is 4025.q "From $g $d" . 4026.ip $m 4027The domain part of the \fIgethostname\fP return value. 4028Under normal circumstances, 4029.b $j 4030is equivalent to 4031.b $w.$m . 4032.ip $n\(dg 4033The name of the daemon (for error messages). 4034Defaults to 4035.q MAILER-DAEMON . 4036.ip $o\(dg 4037(Obsolete: use OperatorChars option instead.) 4038The set of \*(lqoperators\*(rq in addresses. 4039A list of characters 4040which will be considered tokens 4041and which will separate tokens 4042when doing parsing. 4043For example, if 4044.q @ 4045were in the 4046.b $o 4047macro, then the input 4048.q a@b 4049would be scanned as three tokens: 4050.q a, 4051.q @, 4052and 4053.q b. 4054Defaults to 4055.q ".:@[]" , 4056which is the minimum set necessary to do RFC 822 parsing; 4057a richer set of operators is 4058.q ".:%@!/[]" , 4059which adds support for UUCP, the %-hack, and X.400 addresses. 4060.ip $p 4061Sendmail's process id. 4062.ip $q\(dg 4063Default format of sender address. 4064The 4065.b $q 4066macro specifies how an address should appear in a message 4067when it is defaulted. 4068Defaults to 4069.q "<$g>" . 4070It is commonly redefined to be 4071.q "$?x$x <$g>$|$g$." 4072or 4073.q "$g$?x ($x)$." , 4074corresponding to the following two formats: 4075.(b 4076Eric Allman <eric@CS.Berkeley.EDU> 4077eric@CS.Berkeley.EDU (Eric Allman) 4078.)b 4079.i Sendmail 4080properly quotes names that have special characters 4081if the first form is used. 4082.ip $r 4083Protocol used to receive the message. 4084Set from the 4085.b \-p 4086command line flag or by the SMTP server code. 4087.ip $s 4088Sender's host name. 4089Set from the 4090.b \-p 4091command line flag or by the SMTP server code. 4092.ip $t 4093A numeric representation of the current time. 4094.ip $u 4095The recipient user. 4096.ip $v 4097The version number of the 4098.i sendmail 4099binary. 4100.ip $w\(dd 4101The hostname of this site. 4102This is the root name of this host (but see below for caveats). 4103.ip $x 4104The full name of the sender. 4105.ip $z 4106The home directory of the recipient. 4107.ip $_ 4108The validated sender address. 4109.ip ${auth_authen} 4110The client's authentication credentials as determined by authentication 4111(only set if successful). 4112.ip ${auth_author} 4113The authorization identity, i.e. the AUTH= parameter of the 4114.sm "SMTP MAIL" 4115command if supplied. 4116.ip ${auth_type} 4117The mechanism used for authentication 4118(only set if successful). 4119.ip ${auth_ssf} 4120The keylength (in bits) of the symmetric encryption algorithm 4121used for the security layer of a SASL mechanism. 4122.ip ${bodytype} 4123The message body type 4124(7BIT or 8BITMIME), 4125as determined from the envelope. 4126.ip ${cert_issuer} 4127The DN (distinguished name) of the CA (certificate authority) 4128that signed the presented certificate (the cert issuer). 4129.ip ${cert_subject} 4130The DN of the presented certificate (called the cert subject). 4131.ip ${cipher} 4132The cipher suite used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 4133EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 4134.ip ${cipher_bits} 4135The keylength (in bits) of the symmetric encryption algorithm 4136used for a TLS connection. 4137.ip ${client_addr} 4138The IP address of the SMTP client. 4139Defined in the SMTP server only. 4140.ip ${client_name} 4141The host name of the SMTP client. 4142This may be the client's bracketed IP address 4143in the form [ nnn.nnn.nnn.nnn ] if the client's 4144IP address is not resolvable, or if it is resolvable 4145but the IP address of the resolved hostname 4146doesn't match the original IP address. 4147Defined in the SMTP server only. 4148.ip ${client_port} 4149The port number of the SMTP client. 4150Defined in the SMTP server only. 4151.ip ${client_resolve} 4152Holds the result of the resolve call for 4153.b ${client_name} 4154: OK, FAIL, FORGED, TEMP. 4155Defined in the SMTP server only. 4156.ip ${currHeader} 4157Header value as quoted string 4158(possibly truncated to 4159.b MAXNAME ). 4160.ip ${daemon_addr} 4161The IP address the daemon is listening on for connections. 4162Unless 4163.b DaemonPortOptions 4164is set, this will be 4165.q 0.0.0.0 . 4166.ip ${daemon_family} 4167The network family 4168if the daemon is accepting network connections. 4169Possible values include 4170.q inet , 4171.q inet6 , 4172.q iso , 4173.q ns , 4174.q x.25 4175.ip ${daemon_flags} 4176The flags for the daemon as specified by the 4177Modifier= part of 4178.b DaemonPortOptions 4179whereby the flags are separated from each other by spaces, 4180and upper case flags are doubled. 4181That is, 4182Modifier=Ea 4183will be represented as 4184"EE a" in 4185.b ${daemon_flags} , 4186which is required for testing the flags in rulesets. 4187.ip ${daemon_info} 4188Some information about a daemon as a text string. 4189For example, 4190.q SMTP+queueing@00:30:00 . 4191.ip ${daemon_name} 4192The name of the daemon from 4193.b DaemonPortOptions 4194Name= suboption. 4195If this suboption is not set, 4196"Daemon#", 4197where # is the daemon number, 4198is used. 4199.ip ${daemon_port} 4200The port the daemon is accepting connection on. 4201Unless 4202.b DaemonPortOptions 4203is set, this will most likely be 4204.q 25 . 4205.ip ${deliveryMode} 4206The current delivery mode sendmail is using. 4207It is initially set to the value of the 4208.b DeliveryMode 4209option. 4210.ip ${envid} 4211The envelope id passed to sendmail as part of the envelope. 4212.ip ${hdrlen} 4213The length of the header value which is stored in 4214${currHeader} (before possible truncation). 4215If this value is greater than or equal 4216.b MAXNAME 4217the header has been truncated. 4218.ip ${hdr_name} 4219The name of the header field for which the current header 4220check ruleset has been called. 4221This is useful for a default header check ruleset to get 4222the name of the header. 4223.ip ${if_addr} 4224The IP address of the interface of an incoming connection 4225unless it is in the loopback net. 4226.ip ${if_family} 4227The IP family of the interface of an incoming connection 4228unless it is in the loopback net. 4229.ip ${if_name} 4230The name of the interface of an incoming connection. 4231This macro can be used for 4232SmtpGreetingMessage and HReceived for virtual hosting. 4233For example: 4234.(b 4235O SmtpGreetingMessage=$?{if_name}${if_name}$|$j$. MTA 4236.)b 4237.ip ${mail_addr} 4238The address part of the resolved triple of the address given for the 4239.sm "SMTP MAIL" 4240command. 4241Defined in the SMTP server only. 4242.ip ${mail_host} 4243The host from the resolved triple of the address given for the 4244.sm "SMTP MAIL" 4245command. 4246Defined in the SMTP server only. 4247.ip ${mail_mailer} 4248The mailer from the resolved triple of the address given for the 4249.sm "SMTP MAIL" 4250command. 4251Defined in the SMTP server only. 4252.ip ${msg_size} 4253The value of the SIZE= parameter, 4254i.e., usually the size of the message (in an ESMTP dialogue), 4255before the message has been collected, thereafter 4256the message size as computed by 4257.i sendmail 4258(and can be used in check_compat). 4259.ip ${ntries} 4260The number of delivery attempts. 4261.ip ${opMode} 4262The current operation mode (from the 4263.b \-b 4264flag). 4265.ip ${queue_interval} 4266The queue run interval given by the 4267.b \-q 4268flag. 4269For example, 4270.b \-q30m 4271would set 4272.b ${queue_interval} 4273to 4274.q 00:30:00 . 4275.ip ${rcpt_addr} 4276The address part of the resolved triple of the address given for the 4277.sm "SMTP RCPT" 4278command. 4279Defined in the SMTP server only. 4280.ip ${rcpt_host} 4281The host from the resolved triple of the address given for the 4282.sm "SMTP RCPT" 4283command. 4284Defined in the SMTP server only. 4285.ip ${rcpt_mailer} 4286The mailer from the resolved triple of the address given for the 4287.sm "SMTP RCPT" 4288command. 4289Defined in the SMTP server only. 4290.ip ${server_addr} 4291The address of the server of the current outgoing SMTP connection. 4292.ip ${server_name} 4293The name of the server of the current outgoing SMTP connection. 4294.ip ${tls_version} 4295The TLS/SSL version used for the connection, e.g., TLSv1, SSLv3, SSLv2. 4296.ip ${verify} 4297The result of the verification of the presented cert. 4298Possible values are: 4299.(b 4300.ta 9n 4301OK verification succeeded. 4302NO no cert presented. 4303FAIL cert presented but could not be verified, 4304 e.g., the signing CA is missing. 4305NONE STARTTLS has not been performed. 4306TEMP temporary error occurred. 4307PROTOCOL some protocol error occurred. 4308SOFTWARE STARTTLS handshake failed, 4309 which is a fatal error for this session, 4310 the e-mail will be queued. 4311.)b 4312.pp 4313There are three types of dates that can be used. 4314The 4315.b $a 4316and 4317.b $b 4318macros are in RFC 822 format; 4319.b $a 4320is the time as extracted from the 4321.q Date: 4322line of the message 4323(if there was one), 4324and 4325.b $b 4326is the current date and time 4327(used for postmarks). 4328If no 4329.q Date: 4330line is found in the incoming message, 4331.b $a 4332is set to the current time also. 4333The 4334.b $d 4335macro is equivalent to the 4336.b $b 4337macro in UNIX 4338(ctime) 4339format. 4340.pp 4341The macros 4342.b $w , 4343.b $j , 4344and 4345.b $m 4346are set to the identity of this host. 4347.i Sendmail 4348tries to find the fully qualified name of the host 4349if at all possible; 4350it does this by calling 4351.i gethostname (2) 4352to get the current hostname 4353and then passing that to 4354.i gethostbyname (3) 4355which is supposed to return the canonical version of that host name.\** 4356.(f 4357\**For example, on some systems 4358.i gethostname 4359might return 4360.q foo 4361which would be mapped to 4362.q foo.bar.com 4363by 4364.i gethostbyname . 4365.)f 4366Assuming this is successful, 4367.b $j 4368is set to the fully qualified name 4369and 4370.b $m 4371is set to the domain part of the name 4372(everything after the first dot). 4373The 4374.b $w 4375macro is set to the first word 4376(everything before the first dot) 4377if you have a level 5 or higher configuration file; 4378otherwise, it is set to the same value as 4379.b $j . 4380If the canonification is not successful, 4381it is imperative that the config file set 4382.b $j 4383to the fully qualified domain name\**. 4384.(f 4385\**Older versions of sendmail didn't pre-define 4386.b $j 4387at all, so up until 8.6, 4388config files 4389.i always 4390had to define 4391.b $j . 4392.)f 4393.pp 4394The 4395.b $f 4396macro is the id of the sender 4397as originally determined; 4398when mailing to a specific host 4399the 4400.b $g 4401macro is set to the address of the sender 4402.ul 4403relative to the recipient. 4404For example, 4405if I send to 4406.q bollard@matisse.CS.Berkeley.EDU 4407from the machine 4408.q vangogh.CS.Berkeley.EDU 4409the 4410.b $f 4411macro will be 4412.q eric 4413and the 4414.b $g 4415macro will be 4416.q eric@vangogh.CS.Berkeley.EDU. 4417.pp 4418The 4419.b $x 4420macro is set to the full name of the sender. 4421This can be determined in several ways. 4422It can be passed as flag to 4423.i sendmail . 4424It can be defined in the 4425.sm NAME 4426environment variable. 4427The third choice is the value of the 4428.q Full-Name: 4429line in the header if it exists, 4430and the fourth choice is the comment field 4431of a 4432.q From: 4433line. 4434If all of these fail, 4435and if the message is being originated locally, 4436the full name is looked up in the 4437.i /etc/passwd 4438file. 4439.pp 4440When sending, 4441the 4442.b $h , 4443.b $u , 4444and 4445.b $z 4446macros get set to the host, user, and home directory 4447(if local) 4448of the recipient. 4449The first two are set from the 4450.b $@ 4451and 4452.b $: 4453part of the rewriting rules, respectively. 4454.pp 4455The 4456.b $p 4457and 4458.b $t 4459macros are used to create unique strings 4460(e.g., for the 4461.q Message-Id: 4462field). 4463The 4464.b $i 4465macro is set to the queue id on this host; 4466if put into the timestamp line 4467it can be extremely useful for tracking messages. 4468The 4469.b $v 4470macro is set to be the version number of 4471.i sendmail ; 4472this is normally put in timestamps 4473and has been proven extremely useful for debugging. 4474.pp 4475The 4476.b $c 4477field is set to the 4478.q "hop count," 4479i.e., the number of times this message has been processed. 4480This can be determined 4481by the 4482.b \-h 4483flag on the command line 4484or by counting the timestamps in the message. 4485.pp 4486The 4487.b $r 4488and 4489.b $s 4490fields are set to the protocol used to communicate with 4491.i sendmail 4492and the sending hostname. 4493They can be set together using the 4494.b \-p 4495command line flag or separately using the 4496.b \-M 4497or 4498.b \-oM 4499flags. 4500.pp 4501The 4502.b $_ 4503is set to a validated sender host name. 4504If the sender is running an RFC 1413 compliant IDENT server 4505and the receiver has the IDENT protocol turned on, 4506it will include the user name on that host. 4507.pp 4508The 4509.b ${client_name} , 4510.b ${client_addr} , 4511and 4512.b ${client_port} 4513macros 4514are set to the name, address, and port number of the SMTP client 4515who is invoking 4516.i sendmail 4517as a server. 4518These can be used in the 4519.i check_* 4520rulesets (using the 4521.b $& 4522deferred evaluation form, of course!). 4523.sh 2 "C and F \*- Define Classes" 4524.pp 4525Classes of phrases may be defined 4526to match on the left hand side of rewriting rules, 4527where a 4528.q phrase 4529is a sequence of characters that does not contain space characters. 4530For example 4531a class of all local names for this site 4532might be created 4533so that attempts to send to oneself 4534can be eliminated. 4535These can either be defined directly in the configuration file 4536or read in from another file. 4537Classes are named as a single letter or a word in {braces}. 4538Class names beginning with lower case letters 4539and special characters are reserved for system use. 4540Classes defined in config files may be given names 4541from the set of upper case letters for short names 4542or beginning with an upper case letter for long names. 4543.pp 4544The syntax is: 4545.(b F 4546.b C \c 4547.i c\|phrase1 4548.i phrase2... 4549.br 4550.b F \c 4551.i c\|file 4552.br 4553.b F \c 4554.i c\||program 4555.)b 4556The first form defines the class 4557.i c 4558to match any of the named words. 4559If 4560.i phrase1 4561or 4562.i phrase2 4563is another class, 4564e.g., 4565.i $=S , 4566the contents of class 4567.i S 4568are added to class 4569.i c . 4570It is permissible to split them among multiple lines; 4571for example, the two forms: 4572.(b 4573CHmonet ucbmonet 4574.)b 4575and 4576.(b 4577CHmonet 4578CHucbmonet 4579.)b 4580are equivalent. 4581The ``F'' forms 4582read the elements of the class 4583.i c 4584from the named 4585.i file 4586or 4587.i program . 4588Each element should be listed on a separate line. 4589To specify an optional file, use ``-o'' between the class 4590name and the file name, e.g., 4591.(b 4592Fc -o /path/to/file 4593.)b 4594If the file can't be used, 4595.i sendmail 4596will not complain but silently ignore it. 4597.pp 4598Elements of classes can be accessed in rules using 4599.b $= 4600or 4601.b $~ . 4602The 4603.b $~ 4604(match entries not in class) 4605only matches a single word; 4606multi-word entries in the class are ignored in this context. 4607.pp 4608Some classes have internal meaning to 4609.i sendmail : 4610.nr ii 0.5i 4611.\".ip $=b 4612.\"A set of Content-Types that will not have the newline character 4613.\"translated to CR-LF before encoding into base64 MIME. 4614.\"The class can have major times 4615.\"(e.g., 4616.\".q image ) 4617.\"or full types 4618.\"(such as 4619.\".q application/octet-stream ). 4620.\"The class is initialized with 4621.\".q application/octet-stream , 4622.\".q image , 4623.\".q audio , 4624.\"and 4625.\".q video . 4626.ip $=e 4627contains the Content-Transfer-Encodings that can be 8\(->7 bit encoded. 4628It is predefined to contain 4629.q 7bit , 4630.q 8bit , 4631and 4632.q binary . 4633.ip $=k 4634set to be the same as 4635.b $k , 4636that is, the UUCP node name. 4637.ip $=m 4638set to the set of domains by which this host is known, 4639initially just 4640.b $m . 4641.ip $=n 4642can be set to the set of MIME body types 4643that can never be eight to seven bit encoded. 4644It defaults to 4645.q multipart/signed . 4646Message types 4647.q message/* 4648and 4649.q multipart/* 4650are never encoded directly. 4651Multipart messages are always handled recursively. 4652The handling of message/* messages 4653are controlled by class 4654.b $=s . 4655.ip $=q 4656A set of Content-Types that will never be encoded as base64 4657(if they have to be encoded, they will be encoded as quoted-printable). 4658It can have primary types 4659(e.g., 4660.q text ) 4661or full types 4662(such as 4663.q text/plain ). 4664The class is initialized to have 4665.q text/plain 4666only. 4667.ip $=s 4668contains the set of subtypes of message that can be treated recursively. 4669By default it contains only 4670.q rfc822 . 4671Other 4672.q message/* 4673types cannot be 8\(->7 bit encoded. 4674If a message containing eight bit data is sent to a seven bit host, 4675and that message cannot be encoded into seven bits, 4676it will be stripped to 7 bits. 4677.ip $=t 4678set to the set of trusted users by the 4679.b T 4680configuration line. 4681If you want to read trusted users from a file, use 4682.b Ft \c 4683.i /file/name . 4684.ip $=w 4685set to be the set of all names 4686this host is known by. 4687This can be used to match local hostnames. 4688.ip $={persistentMacros} 4689set to the macros would should be saved across queue runs. 4690Care should be taken when adding macro names to this class. 4691.pp 4692.i Sendmail 4693can be compiled to allow a 4694.i scanf (3) 4695string on the 4696.b F 4697line. 4698This lets you do simplistic parsing of text files. 4699For example, to read all the user names in your system 4700.i /etc/passwd 4701file into a class, use 4702.(b 4703FL/etc/passwd %[^:] 4704.)b 4705which reads every line up to the first colon. 4706.sh 2 "M \*- Define Mailer" 4707.pp 4708Programs and interfaces to mailers 4709are defined in this line. 4710The format is: 4711.(b F 4712.b M \c 4713.i name , 4714{\c 4715.i field =\c 4716.i value \|}* 4717.)b 4718where 4719.i name 4720is the name of the mailer 4721(used internally only) 4722and the 4723.q field=name 4724pairs define attributes of the mailer. 4725Fields are: 4726.(b 4727.ta 1i 4728Path The pathname of the mailer 4729Flags Special flags for this mailer 4730Sender Rewriting set(s) for sender addresses 4731Recipient Rewriting set(s) for recipient addresses 4732Argv An argument vector to pass to this mailer 4733Eol The end-of-line string for this mailer 4734Maxsize The maximum message length to this mailer 4735maxmessages The maximum message deliveries per connection 4736Linelimit The maximum line length in the message body 4737Directory The working directory for the mailer 4738Userid The default user and group id to run as 4739Nice The nice(2) increment for the mailer 4740Charset The default character set for 8-bit characters 4741Type Type information for DSN diagnostics 4742Wait The maximum time to wait for the mailer 4743/ The root directory for the mailer 4744.)b 4745Only the first character of the field name is checked. 4746.pp 4747The following flags may be set in the mailer description. 4748Any other flags may be used freely 4749to conditionally assign headers to messages 4750destined for particular mailers. 4751Flags marked with \(dg 4752are not interpreted by the 4753.i sendmail 4754binary; 4755these are the conventionally used to correlate to the flags portion 4756of the 4757.b H 4758line. 4759Flags marked with \(dd 4760apply to the mailers for the sender address 4761rather than the usual recipient mailers. 4762.nr ii 4n 4763.ip a 4764Run Extended SMTP (ESMTP) protocol (defined in RFCs 1869, 1652, and 1870). 4765This flag defaults on if the SMTP greeting message includes the word 4766.q ESMTP . 4767.ip A 4768Look up the user part of the address in the alias database. 4769Normally this is only set for local mailers. 4770.ip b 4771Force a blank line on the end of a message. 4772This is intended to work around some stupid versions of 4773/bin/mail 4774that require a blank line, but do not provide it themselves. 4775It would not normally be used on network mail. 4776.ip c 4777Do not include comments in addresses. 4778This should only be used if you have to work around 4779a remote mailer that gets confused by comments. 4780This strips addresses of the form 4781.q "Phrase <address>" 4782or 4783.q "address (Comment)" 4784down to just 4785.q address . 4786.ip C\(dd 4787If mail is 4788.i received 4789from a mailer with this flag set, 4790any addresses in the header that do not have an at sign 4791(\c 4792.q @ ) 4793after being rewritten by ruleset three 4794will have the 4795.q @domain 4796clause from the sender envelope address 4797tacked on. 4798This allows mail with headers of the form: 4799.(b 4800From: usera@hosta 4801To: userb@hostb, userc 4802.)b 4803to be rewritten as: 4804.(b 4805From: usera@hosta 4806To: userb@hostb, userc@hosta 4807.)b 4808automatically. 4809However, it doesn't really work reliably. 4810.ip d 4811Do not include angle brackets around route-address syntax addresses. 4812This is useful on mailers that are going to pass addresses to a shell 4813that might interpret angle brackets as I/O redirection. 4814However, it does not protect against other shell metacharacters. 4815Therefore, passing addresses to a shell should not be considered secure. 4816.ip D\(dg 4817This mailer wants a 4818.q Date: 4819header line. 4820.ip e 4821This mailer is expensive to connect to, 4822so try to avoid connecting normally; 4823any necessary connection will occur during a queue run. 4824See also option 4825.b HoldExpensive . 4826.ip E 4827Escape lines beginning with 4828.q From\0 4829in the message with a `>' sign. 4830.ip f 4831The mailer wants a 4832.b \-f 4833.i from 4834flag, 4835but only if this is a network forward operation 4836(i.e., 4837the mailer will give an error 4838if the executing user 4839does not have special permissions). 4840.ip F\(dg 4841This mailer wants a 4842.q From: 4843header line. 4844.ip g 4845Normally, 4846.i sendmail 4847sends internally generated email (e.g., error messages) 4848using the null return address 4849as required by RFC 1123. 4850However, some mailers don't accept a null return address. 4851If necessary, 4852you can set the 4853.b g 4854flag to prevent 4855.i sendmail 4856from obeying the standards; 4857error messages will be sent as from the MAILER-DAEMON 4858(actually, the value of the 4859.b $n 4860macro). 4861.ip h 4862Upper case should be preserved in host names 4863(the $@ portion of the mailer triplet resolved from ruleset 0) 4864for this mailer. 4865.ip i 4866Do User Database rewriting on envelope sender address. 4867.ip I 4868This mailer will be speaking SMTP 4869to another 4870.i sendmail 4871\*- 4872as such it can use special protocol features. 4873This option is not required 4874(i.e., 4875if this option is omitted the transmission will still operate successfully, 4876although perhaps not as efficiently as possible). 4877.ip j 4878Do User Database rewriting on recipients as well as senders. 4879.ip k 4880Normally when 4881.i sendmail 4882connects to a host via SMTP, 4883it checks to make sure that this isn't accidently the same host name 4884as might happen if 4885.i sendmail 4886is misconfigured or if a long-haul network interface is set in loopback mode. 4887This flag disables the loopback check. 4888It should only be used under very unusual circumstances. 4889.ip K 4890Currently unimplemented. 4891Reserved for chunking. 4892.ip l 4893This mailer is local 4894(i.e., 4895final delivery will be performed). 4896.ip L 4897Limit the line lengths as specified in RFC821. 4898This deprecated option should be replaced by the 4899.b L= 4900mail declaration. 4901For historic reasons, the 4902.b L 4903flag also sets the 4904.b 7 4905flag. 4906.ip m 4907This mailer can send to multiple users 4908on the same host 4909in one transaction. 4910When a 4911.b $u 4912macro occurs in the 4913.i argv 4914part of the mailer definition, 4915that field will be repeated as necessary 4916for all qualifying users. 4917Removing this flag can defeat duplicate supression on a remote site 4918as each recipient is sent in a separate transaction. 4919.ip M\(dg 4920This mailer wants a 4921.q Message-Id: 4922header line. 4923.ip n 4924Do not insert a UNIX-style 4925.q From 4926line on the front of the message. 4927.ip o 4928Always run as the owner of the recipient mailbox. 4929Normally 4930.i sendmail 4931runs as the sender for locally generated mail 4932or as 4933.q daemon 4934(actually, the user specified in the 4935.b u 4936option) 4937when delivering network mail. 4938The normal behavior is required by most local mailers, 4939which will not allow the envelope sender address 4940to be set unless the mailer is running as daemon. 4941This flag is ignored if the 4942.b S 4943flag is set. 4944.ip p 4945Use the route-addr style reverse-path in the SMTP 4946.q "MAIL FROM:" 4947command 4948rather than just the return address; 4949although this is required in RFC821 section 3.1, 4950many hosts do not process reverse-paths properly. 4951Reverse-paths are officially discouraged by RFC 1123. 4952.ip P\(dg 4953This mailer wants a 4954.q Return-Path: 4955line. 4956.ip q 4957When an address that resolves to this mailer is verified 4958(SMTP VRFY command), 4959generate 250 responses instead of 252 responses. 4960This will imply that the address is local. 4961.ip r 4962Same as 4963.b f , 4964but sends a 4965.b \-r 4966flag. 4967.ip R 4968Open SMTP connections from a 4969.q secure 4970port. 4971Secure ports aren't 4972(secure, that is) 4973except on UNIX machines, 4974so it is unclear that this adds anything. 4975.ip s 4976Strip quote characters (" and \e) off of the address 4977before calling the mailer. 4978.ip S 4979Don't reset the userid 4980before calling the mailer. 4981This would be used in a secure environment 4982where 4983.i sendmail 4984ran as root. 4985This could be used to avoid forged addresses. 4986If the 4987.b U= 4988field is also specified, 4989this flag causes the effective user id to be set to that user. 4990.ip u 4991Upper case should be preserved in user names 4992for this mailer. 4993Standards require preservation of case in the local part of addresses, 4994except for those address for which your system accepts responsibility. 4995.ip U 4996This mailer wants UUCP-style 4997.q From 4998lines with the ugly 4999.q "remote from <host>" 5000on the end. 5001.ip w 5002The user must have a valid account on this machine, 5003i.e., 5004getpwnam 5005must succeed. 5006If not, 5007the mail is bounced. 5008This is required to get 5009.q \&.forward 5010capability. 5011.ip x\(dg 5012This mailer wants a 5013.q Full-Name: 5014header line. 5015.ip X 5016This mailer want to use the hidden dot algorithm 5017as specified in RFC821; 5018basically, 5019any line beginning with a dot 5020will have an extra dot prepended 5021(to be stripped at the other end). 5022This insures that lines in the message containing a dot 5023will not terminate the message prematurely. 5024.ip z 5025Run Local Mail Transfer Protocol (LMTP) 5026between 5027.i sendmail 5028and the local mailer. 5029This is a variant on SMTP 5030defined in RFC 2033 5031that is specifically designed for delivery to a local mailbox. 5032.ip 0 5033Don't look up MX records for hosts sent via SMTP. 5034.ip 3 5035Extend the list of characters converted to =XX notation 5036when converting to Quoted-Printable 5037to include those that don't map cleanly between ASCII and EBCDIC. 5038Useful if you have IBM mainframes on site. 5039.ip 5 5040If no aliases are found for this address, 5041pass the address through ruleset 5 for possible alternate resolution. 5042This is intended to forward the mail to an alternate delivery spot. 5043.ip 6 5044Strip headers to seven bits. 5045.ip 7 5046Strip all output to seven bits. 5047This is the default if the 5048.b L 5049flag is set. 5050Note that clearing this option is not 5051sufficient to get full eight bit data passed through 5052.i sendmail . 5053If the 5054.b 7 5055option is set, this is essentially always set, 5056since the eighth bit was stripped on input. 5057Note that this option will only impact messages 5058that didn't have 8\(->7 bit MIME conversions performed. 5059.ip 8 5060If set, 5061it is acceptable to send eight bit data to this mailer; 5062the usual attempt to do 8\(->7 bit MIME conversions will be bypassed. 5063.ip 9 5064If set, 5065do 5066.i limited 50677\(->8 bit MIME conversions. 5068These conversions are limited to text/plain data. 5069.ip : 5070Check addresses to see if they begin 5071.q :include: ; 5072if they do, convert them to the 5073.q *include* 5074mailer. 5075.ip | 5076Check addresses to see if they begin with a `|'; 5077if they do, convert them to the 5078.q prog 5079mailer. 5080.ip / 5081Check addresses to see if they begin with a `/'; 5082if they do, convert them to the 5083.q *file* 5084mailer. 5085.ip @ 5086Look up addresses in the user database. 5087.ip % 5088Do not attempt delivery on initial recipient of a message 5089or on queue runs 5090unless the queued message is selected 5091using one of the -qI/-qR/-qS queue run modifiers 5092or an ETRN request. 5093.pp 5094Configuration files prior to level 6 5095assume the `A', `w', `5', `:', `|', `/', and `@' options 5096on the mailer named 5097.q local . 5098.pp 5099The mailer with the special name 5100.q error 5101can be used to generate a user error. 5102The (optional) host field is an exit status to be returned, 5103and the user field is a message to be printed. 5104The exit status may be numeric or one of the values 5105USAGE, NOUSER, NOHOST, UNAVAILABLE, SOFTWARE, TEMPFAIL, PROTOCOL, or CONFIG 5106to return the corresponding EX_ exit code, 5107or an enhanced error code as described in RFC 1893, 5108.ul 5109Enhanced Mail System Status Codes. 5110For example, the entry: 5111.(b 5112$#error $@ NOHOST $: Host unknown in this domain 5113.)b 5114on the RHS of a rule 5115will cause the specified error to be generated 5116and the 5117.q "Host unknown" 5118exit status to be returned 5119if the LHS matches. 5120This mailer is only functional in rulesets 0, 5, 5121or one of the check_* rulesets. 5122.pp 5123The mailer with the special name 5124.q discard 5125causes any mail sent to it to be discarded 5126but otherwise treated as though it were successfully delivered. 5127This mailer can not be used in ruleset 0, 5128only in the various address checking rulesets. 5129.pp 5130The mailer named 5131.q local 5132.i must 5133be defined in every configuration file. 5134This is used to deliver local mail, 5135and is treated specially in several ways. 5136Additionally, three other mailers named 5137.q prog , 5138.q *file* , 5139and 5140.q *include* 5141may be defined to tune the delivery of messages to programs, 5142files, 5143and :include: lists respectively. 5144They default to: 5145.(b 5146Mprog, P=/bin/sh, F=lsoDq9, T=DNS/RFC822/X-Unix, A=sh \-c $u 5147M*file*, P=[FILE], F=lsDFMPEouq9, T=DNS/RFC822/X-Unix, A=FILE $u 5148M*include*, P=/dev/null, F=su, A=INCLUDE $u 5149.)b 5150.pp 5151The Sender and Recipient rewriting sets 5152may either be a simple ruleset id 5153or may be two ids separated by a slash; 5154if so, the first rewriting set is applied to envelope 5155addresses 5156and the second is applied to headers. 5157Setting any value zero disables corresponding mailer-specific rewriting. 5158.pp 5159The Directory 5160is actually a colon-separated path of directories to try. 5161For example, the definition 5162.q D=$z:/ 5163first tries to execute in the recipient's home directory; 5164if that is not available, 5165it tries to execute in the root of the filesystem. 5166This is intended to be used only on the 5167.q prog 5168mailer, 5169since some shells (such as 5170.i csh ) 5171refuse to execute if they cannot read the home directory. 5172Since the queue directory is not normally readable by unprivileged users 5173.i csh 5174scripts as recipients can fail. 5175.pp 5176The Userid 5177specifies the default user and group id to run as, 5178overriding the 5179.b DefaultUser 5180option (q.v.). 5181If the 5182.b S 5183mailer flag is also specified, 5184this user and group will be set as the 5185effective uid and gid for the process. 5186This may be given as 5187.i user:group 5188to set both the user and group id; 5189either may be an integer or a symbolic name to be looked up 5190in the 5191.i passwd 5192and 5193.i group 5194files respectively. 5195If only a symbolic user name is specified, 5196the group id in the 5197.i passwd 5198file for that user is used as the group id. 5199.pp 5200The Charset field 5201is used when converting a message to MIME; 5202this is the character set used in the 5203Content-Type: header. 5204If this is not set, the 5205.b DefaultCharset 5206option is used, 5207and if that is not set, the value 5208.q unknown-8bit 5209is used. 5210.b WARNING: 5211this field applies to the sender's mailer, 5212not the recipient's mailer. 5213For example, if the envelope sender address 5214lists an address on the local network 5215and the recipient is on an external network, 5216the character set will be set from the Charset= field 5217for the local network mailer, 5218not that of the external network mailer. 5219.pp 5220The Type= field 5221sets the type information 5222used in MIME error messages 5223as defined by 5224RFC 1894. 5225It is actually three values separated by slashes: 5226the MTA-type (that is, the description of how hosts are named), 5227the address type (the description of e-mail addresses), 5228and the diagnostic type (the description of error diagnostic codes). 5229Each of these must be a registered value 5230or begin with 5231.q X\- . 5232The default is 5233.q dns/rfc822/smtp . 5234.pp 5235The m= field specifies the maximum number of messages to attempt to deliver 5236on a single SMTP or LMTP connection. 5237.pp 5238The /= field specifies a new root directory for the mailer. The path is 5239macro expanded and then passed to the 5240.q chroot 5241system call. The root directory is changed before the Directory field is 5242consulted or the uid is changed. 5243.pp 5244The Wait= field specifies the maximum time to wait for the 5245mailer to return after sending all data to it. 5246This applies to mailers that have been forked by 5247.i sendmail . 5248.sh 2 "H \*- Define Header" 5249.pp 5250The format of the header lines that 5251.i sendmail 5252inserts into the message 5253are defined by the 5254.b H 5255line. 5256The syntax of this line is one of the following: 5257.(b F 5258.b H \c 5259.i hname \c 5260.b : 5261.i htemplate 5262.)b 5263.(b F 5264.b H [\c 5265.b ? \c 5266.i mflags \c 5267.b ? \c 5268.b ]\c 5269.i hname \c 5270.b : 5271.i htemplate 5272.)b 5273.(b F 5274.b H [\c 5275.b ? \c 5276.i ${macro} \c 5277.b ? \c 5278.b ]\c 5279.i hname \c 5280.b : 5281.i htemplate 5282.)b 5283Continuation lines in this spec 5284are reflected directly into the outgoing message. 5285The 5286.i htemplate 5287is macro-expanded before insertion into the message. 5288If the 5289.i mflags 5290(surrounded by question marks) 5291are specified, 5292at least one of the specified flags 5293must be stated in the mailer definition 5294for this header to be automatically output. 5295If a 5296.i ${macro} 5297(surrounded by question marks) 5298is specified, 5299the header will be automatically output 5300if the macro is set. 5301The macro may be set using any of the normal methods, 5302including using the 5303.b macro 5304storage map in a ruleset. 5305If one of these headers is in the input 5306it is reflected to the output 5307regardless of these flags or macros. 5308.pp 5309Some headers have special semantics 5310that will be described later. 5311.pp 5312A secondary syntax allows validation of headers as they are being read. 5313To enable validation, use: 5314.(b 5315.b H \c 5316.i Header \c 5317.b ": $>" \c 5318.i Ruleset 5319.b H \c 5320.i Header \c 5321.b ": $>+" \c 5322.i Ruleset 5323.)b 5324The indicated 5325.i Ruleset 5326is called for the specified 5327.i Header , 5328and can return 5329.b $#error 5330to reject the message or 5331.b $#discard 5332to discard the message 5333(as with the other 5334.b check_ * 5335rulesets). 5336The ruleset receives the header field-body as argument, 5337i.e., not the header field-name; see also 5338${hdr_name} and ${currHeader}. 5339The header is treated as a structured field, 5340that is, 5341text in parentheses is deleted before processing, 5342unless the second form 5343.b $>+ 5344is used. 5345Note: only one ruleset can be associated with a header; 5346.i sendmail 5347will silently ignore multiple entries. 5348.pp 5349For example, the configuration lines: 5350.(b 5351HMessage-Id: $>CheckMessageId 5352 5353SCheckMessageId 5354R< $+ @ $+ > $@ OK 5355R$* $#error $: Illegal Message-Id header 5356.)b 5357would refuse any message that had a Message-Id: header of any of the 5358following forms: 5359.(b 5360Message-Id: <> 5361Message-Id: some text 5362Message-Id: <legal text@domain> extra crud 5363.)b 5364A default ruleset that is called for headers which don't have a 5365specific ruleset defined for them can be specified by: 5366.(b 5367.b H \c 5368.i * \c 5369.b ": $>" \c 5370.i Ruleset 5371.)b 5372or 5373.(b 5374.b H \c 5375.i * \c 5376.b ": $>+" \c 5377.i Ruleset 5378.)b 5379.sh 2 "O \*- Set Option" 5380.pp 5381There are a number of 5382global 5383options that 5384can be set from a configuration file. 5385Options are represented by full words; 5386some are also representable as single characters 5387for back compatibility. 5388The syntax of this line is: 5389.(b F 5390.b O \0 5391.i option \c 5392.b = \c 5393.i value 5394.)b 5395This sets option 5396.i option 5397to be 5398.i value . 5399Note that there 5400.i must 5401be a space between the letter `O' and the name of the option. 5402An older version is: 5403.(b F 5404.b O \c 5405.i o\|value 5406.)b 5407where the option 5408.i o 5409is a single character. 5410Depending on the option, 5411.i value 5412may be a string, an integer, 5413a boolean 5414(with legal values 5415.q t , 5416.q T , 5417.q f , 5418or 5419.q F ; 5420the default is TRUE), 5421or 5422a time interval. 5423.pp 5424The options supported (with the old, one character names in brackets) are: 5425.nr ii 1i 5426.ip "AliasFile=\fIspec, spec, ...\fP" 5427[A] 5428Specify possible alias file(s). 5429Each 5430.i spec 5431should be in the format 5432``\c 5433.i class \c 5434.b : 5435.i info '' 5436where 5437.i class \c 5438.b : 5439is optional and defaults to ``implicit''. 5440Depending on how 5441.i sendmail 5442is compiled, valid classes are 5443.q implicit 5444(search through a compiled-in list of alias file types, 5445for back compatibility), 5446.q hash 5447(if 5448.sm NEWDB 5449is specified), 5450.q btree 5451(if 5452.sm NEWDB 5453is specified), 5454.q dbm 5455(if 5456.sm NDBM 5457is specified), 5458.q stab 5459(internal symbol table \*- not normally used 5460unless you have no other database lookup), 5461.q sequence 5462(use a sequence of maps 5463previously declared), 5464.q ldap 5465(if 5466.sm LDAPMAP 5467is specified), 5468or 5469.q nis 5470(if 5471.sm NIS 5472is specified). 5473If a list of 5474.i spec s 5475are provided, 5476.i sendmail 5477searches them in order. 5478.ip AliasWait=\fItimeout\fP 5479[a] 5480If set, 5481wait up to 5482.i timeout 5483(units default to minutes) 5484for an 5485.q @:@ 5486entry to exist in the alias database 5487before starting up. 5488If it does not appear in the 5489.i timeout 5490interval 5491rebuild the database 5492(if the 5493.b AutoRebuildAliases 5494option is also set) 5495or issue a warning. 5496.ip AllowBogusHELO 5497[no short name] 5498If set, allow HELO SMTP commands that don't include a host name. 5499Setting this violates RFC 1123 section 5.2.5, 5500but is necessary to interoperate with several SMTP clients. 5501If there is a value, it is still checked for legitimacy. 5502.ip AuthMechanisms 5503[no short name] 5504List of authentication mechanisms for AUTH (separated by spaces). 5505The advertised list of authentication mechanisms will be the 5506intersection of this list and the list of available mechanisms as 5507determined by the Cyrus SASL library. 5508.ip AuthOptions 5509[no short name] 5510When to use the AUTH= parameter for the MAIL FROM command; 5511.(b 5512.ta 1i 5513A Only when authentication succeeded. 5514.)b 5515The default is to try whenever SMTP AUTH is available. 5516.ip AutoRebuildAliases 5517[D] 5518If set, 5519rebuild the alias database if necessary and possible. 5520The rebuild will happen the next time an alias is looked up. 5521If this option is not set, 5522.i sendmail 5523will never rebuild the alias database 5524unless explicitly requested 5525using 5526.b \-bi . 5527.b NOTE : 5528There is a potential for a denial of service attack if this is set. 5529This option is deprecated and 5530will be removed from a future version. 5531.ip BlankSub=\fIc\fP 5532[B] 5533Set the blank substitution character to 5534.i c . 5535Unquoted spaces in addresses are replaced by this character. 5536Defaults to space (i.e., no change is made). 5537.ip CACERTPath 5538[no short name] 5539Path to directory with certificates of CAs. 5540This directory directory must contain the hashes of each CA certificate 5541as filenames (or as links to them). 5542.ip CACERTFile 5543[no short name] 5544File containing one CA certificate. 5545.ip CheckAliases 5546[n] 5547Validate the RHS of aliases when rebuilding the alias database. 5548.ip CheckpointInterval=\fIN\fP 5549[C] 5550Checkpoints the queue every 5551.i N 5552(default 10) 5553addresses sent. 5554If your system crashes during delivery to a large list, 5555this prevents retransmission to any but the last 5556.i N 5557recipients. 5558.ip ClassFactor=\fIfact\fP 5559[z] 5560The indicated 5561.i fact or 5562is multiplied by the message class 5563(determined by the Precedence: field in the user header 5564and the 5565.b P 5566lines in the configuration file) 5567and subtracted from the priority. 5568Thus, messages with a higher Priority: will be favored. 5569Defaults to 1800. 5570.ip ClientCertFile 5571[no short name] 5572File containing the certificate of the client, i.e., this certificate 5573is used when sendmail acts as client. 5574.ip ClientPortOptions=\fIoptions\fP 5575[O] 5576Set client SMTP options. 5577The options are 5578.i key=value 5579pairs separated by commas. 5580Known keys are: 5581.(b 5582.ta 1i 5583Port Name/number of source port for connection (defaults to any free port) 5584Addr Address mask (defaults INADDR_ANY) 5585Family Address family (defaults to INET) 5586SndBufSize Size of TCP send buffer 5587RcvBufSize Size of TCP receive buffer 5588Modifier Options (flags) for the daemon 5589.)b 5590The 5591.i Addr ess 5592mask may be a numeric address in dot notation 5593or a network name. 5594.i Modifier 5595can be the following character: 5596.(b 5597.ta 1i 5598h use name of interface for HELO command 5599.)b 5600If ``h'' is set, the name corresponding to the outgoing interface 5601address (whether chosen via the Connection parameter or 5602the default) is used for the HELO/EHLO command. 5603.ip ClientKeyFile 5604[no short name] 5605File containing the private key belonging to the client certificate. 5606.ip ColonOkInAddr 5607[no short name] 5608If set, colons are acceptable in e-mail addresses 5609(e.g., 5610.q host:user ). 5611If not set, colons indicate the beginning of a RFC 822 group construct 5612(\c 5613.q "groupname: member1, member2, ... memberN;" ). 5614Doubled colons are always acceptable 5615(\c 5616.q nodename::user ) 5617and proper route-addr nesting is understood 5618(\c 5619.q <@relay:user@host> ). 5620Furthermore, this option defaults on if the configuration version level 5621is less than 6 (for back compatibility). 5622However, it must be off for full compatibility with RFC 822. 5623.ip ConnectionCacheSize=\fIN\fP 5624[k] 5625The maximum number of open connections that will be cached at a time. 5626The default is one. 5627This delays closing the current connection until 5628either this invocation of 5629.i sendmail 5630needs to connect to another host 5631or it terminates. 5632Setting it to zero defaults to the old behavior, 5633that is, connections are closed immediately. 5634Since this consumes file descriptors, 5635the connection cache should be kept small: 56364 is probably a practical maximum. 5637.ip ConnectionCacheTimeout=\fItimeout\fP 5638[K] 5639The maximum amount of time a cached connection will be permitted to idle 5640without activity. 5641If this time is exceeded, 5642the connection is immediately closed. 5643This value should be small (on the order of ten minutes). 5644Before 5645.i sendmail 5646uses a cached connection, 5647it always sends a RSET command 5648to check the connection; 5649if this fails, it reopens the connection. 5650This keeps your end from failing if the other end times out. 5651The point of this option is to be a good network neighbor 5652and avoid using up excessive resources 5653on the other end. 5654The default is five minutes. 5655.ip ConnectOnlyTo=\fIaddress\fP 5656[no short name] 5657This can be used to 5658override the connection address (for testing purposes). 5659.ip ConnectionRateThrottle=\fIN\fP 5660[no short name] 5661If set to a positive value, 5662allow no more than 5663.i N 5664incoming daemon connections in a one second period. 5665This is intended to flatten out peaks 5666and allow the load average checking to cut in. 5667Defaults to zero (no limits). 5668.ip ControlSocketName=\fIname\fP 5669[no short name] 5670Name of the control socket for daemon management. 5671A running 5672.i sendmail 5673daemon can be controlled through this named socket. 5674Available commands are: 5675.i help, 5676.i restart, 5677.i shutdown, 5678and 5679.i status. 5680The 5681.i status 5682command returns the current number of daemon children, 5683the maximum number of daemon children, 5684the free disk space (in blocks) of the queue directory, 5685and the load average of the machine expressed as an integer. 5686If not set, no control socket will be available. 5687Solaris and pre-4.4BSD kernel users should see the note in sendmail/README . 5688.ip DHParameters 5689File with DH parameters for STARTTLS. 5690This is only required if DSA/DH is used. 5691.ip DaemonPortOptions=\fIoptions\fP 5692[O] 5693Set server SMTP options. 5694Each instance of DaemonPortOptions leads to an additional incoming socket. 5695The options are 5696.i key=value 5697pairs. 5698Known keys are: 5699.(b 5700.ta 1i 5701Name User-definable name for the daemon (defaults to "Daemon#") 5702Port Name/number of listening port (defaults to "smtp") 5703Addr Address mask (defaults INADDR_ANY) 5704Family Address family (defaults to INET) 5705Listen Size of listen queue (defaults to 10) 5706Modifier Options (flags) for the daemon 5707SndBufSize Size of TCP send buffer 5708RcvBufSize Size of TCP receive buffer 5709.)b 5710The 5711.i Name 5712field is used for error messages and logging. 5713The 5714.i Addr ess 5715mask may be a numeric address in dot notation 5716or a network name. 5717The 5718.i Family 5719key defaults to INET (IPv4). 5720IPv6 users who wish to also accept IPv6 connections 5721should add additional Family=inet6 DaemonPortOptions lines. 5722.i Modifier 5723can be a sequence (without any delimiters) 5724of the following characters: 5725.(b 5726.ta 1i 5727a always require authentication 5728b bind to interface through which mail has been received 5729c perform hostname canonification (.cf) 5730f require fully qualified hostname (.cf) 5731u allow unqualified addresses (.cf) 5732C don't perform hostname canonification 5733E disallow ETRN (see RFC 2476) 5734.)b 5735That is, one way to specify a message submission agent (MSA) that 5736always requires authentication is: 5737.(b 5738O DaemonPortOptions=Name=MSA, Port=587, M=Ea 5739.)b 5740The modifiers that are marked with "(.cf)" have only 5741effect in the standard configuration file, in which 5742they are available via 5743.b ${daemon_flags} . 5744Notice: Do 5745.b not 5746use the ``a'' modifier on a public accessible MTA! 5747It should only be used for a MSA that is accessed by authorized 5748users for initial mail submission. 5749Users must authenticate to use a MSA which has this option turned on. 5750The flags ``c'' and ``C'' can change the default for 5751hostname canonification in the 5752.i sendmail.cf 5753file. 5754See the relevant documentation for 5755.sm FEATURE(nocanonify) . 5756The modifier ``f'' disallows addresses of the form 5757.b user@host 5758unless they are submitted directly. 5759The flag ``u'' allows unqualified sender addresses. 5760``b'' forces sendmail to bind to the interface 5761through which the e-mail has been 5762received for the outgoing connection. 5763.b WARNING: 5764Use ``b'' 5765only if outgoing mail can be routed through the incoming connection's 5766interface to its destination. No attempt is made to catch problems due to a 5767misconfiguration of this parameter, use it only for virtual hosting 5768where each virtual interface can connect to every possible location. 5769This will also override possible settings via 5770.b ClientPortOptions. 5771Note, 5772.i sendmail 5773will listen on a new socket 5774for each occurence of the DaemonPortOptions option 5775in a configuration file. 5776.ip DefaultAuthInfo 5777[no short name] 5778Filename that contains default authentication information for outgoing 5779connections. This file must contain the user id, the authorization id, 5780the password (plain text), and the realm to use 5781on separate lines and must be readable by 5782root (or the trusted user) only. 5783If no realm is specified, 5784.b $j 5785is used. 5786.ip DefaultCharSet=\fIcharset\fP 5787[no short name] 5788When a message that has 8-bit characters but is not in MIME format 5789is converted to MIME 5790(see the EightBitMode option) 5791a character set must be included in the Content-Type: header. 5792This character set is normally set from the Charset= field 5793of the mailer descriptor. 5794If that is not set, the value of this option is used. 5795If this option is not set, the value 5796.q unknown-8bit 5797is used. 5798.ip DataFileBufferSize=\fIthreshold\fP 5799[no short name] 5800Set the 5801.i threshold , 5802in bytes, 5803before a memory-based 5804queue data file 5805becomes disk-based. 5806The default is 4096 bytes. 5807.ip DeadLetterDrop=\fIfile\fP 5808[no short name] 5809Defines the location of the system-wide dead.letter file, 5810formerly hardcoded to /usr/tmp/dead.letter. 5811If this option is not set (the default), 5812sendmail will not attempt to save to a system-wide dead.letter file 5813in the event 5814it can not bounce the mail to the user or postmaster. 5815Instead, it will rename the qf file 5816as it has in the past 5817when the dead.letter file could not be opened. 5818.ip DefaultUser=\fIuser:group\fP 5819[u] 5820Set the default userid for mailers to 5821.i user:group . 5822If 5823.i group 5824is omitted and 5825.i user 5826is a user name 5827(as opposed to a numeric user id) 5828the default group listed in the /etc/passwd file for that user is used 5829as the default group. 5830Both 5831.i user 5832and 5833.i group 5834may be numeric. 5835Mailers without the 5836.i S 5837flag in the mailer definition 5838will run as this user. 5839Defaults to 1:1. 5840The value can also be given as a symbolic user name.\** 5841.(f 5842\**The old 5843.b g 5844option has been combined into the 5845.b DefaultUser 5846option. 5847.)f 5848.ip DeliveryMode=\fIx\fP 5849[d] 5850Deliver in mode 5851.i x . 5852Legal modes are: 5853.(b 5854.ta 4n 5855i Deliver interactively (synchronously) 5856b Deliver in background (asynchronously) 5857q Just queue the message (deliver during queue run) 5858d Defer delivery and all map lookups (deliver during queue run) 5859.)b 5860Defaults to ``b'' if no option is specified, 5861``i'' if it is specified but given no argument 5862(i.e., ``Od'' is equivalent to ``Odi''). 5863The 5864.b \-v 5865command line flag sets this to 5866.b i . 5867.ip DialDelay=\fIsleeptime\fP 5868[no short name] 5869Dial-on-demand network connections can see timeouts 5870if a connection is opened before the call is set up. 5871If this is set to an interval and a connection times out 5872on the first connection being attempted 5873.i sendmail 5874will sleep for this amount of time and try again. 5875This should give your system time to establish the connection 5876to your service provider. 5877Units default to seconds, so 5878.q DialDelay=5 5879uses a five second delay. 5880Defaults to zero 5881(no retry). 5882.ip DontBlameSendmail=\fIoption,option,...\fP 5883[no short name] 5884In order to avoid possible cracking attempts 5885caused by world- and group-writable files and directories, 5886.i sendmail 5887does paranoid checking when opening most of its support files. 5888If for some reason you absolutely must run with, 5889for example, 5890a group-writable 5891.i /etc 5892directory, 5893then you will have to turn off this checking 5894(at the cost of making your system more vulnerable to attack). 5895The arguments are individual options that turn off checking: 5896.(b 5897Safe 5898AssumeSafeChown 5899ClassFileInUnsafeDirPath 5900DontWarnForwardFileInUnsafeDirPath 5901ErrorHeaderInUnsafeDirPath 5902FileDeliveryToHardLink 5903FileDeliveryToSymLink 5904ForwardFileInUnsafeDirPath 5905ForwardFileInUnsafeDirPathSafe 5906ForwardFileIngroupWritableDirPath 5907GroupWritableAliasFile 5908GroupWritableDirPathSafe 5909GroupWritableForwardFileSafe 5910GroupWritableIncludeFileSafe 5911HelpFileinUnsafeDirPath 5912IncludeFileInUnsafeDirPath 5913IncludeFileInUnsafeDirPathSafe 5914IncludeFileIngroupWritableDirPath 5915InsufficientEntropy 5916LinkedAliasFileInWritableDir 5917LinkedClassFileInWritableDir 5918LinkedForwardFileInWritableDir 5919LinkedIncludeFileInWritableDir 5920LinkedMapInWritableDir 5921LinkedServiceSwitchFileInWritableDir 5922MapInUnsafeDirPath 5923NonRootSafeAddr 5924RunProgramInUnsafeDirPath 5925RunWritableProgram 5926TrustStickyBit 5927WorldWritableAliasFile 5928WriteMapToHardLink 5929WriteMapToSymLink 5930WriteStatsToHardLink 5931WriteStatsToSymLink 5932.)b 5933.b Safe 5934is the default. 5935The details of these flags are described above. 5936.\"XXX should have more here!!! XXX 5937.b "Use of this option is not recommended." 5938.ip DontExpandCnames 5939[no short name] 5940The standards say that all host addresses used in a mail message 5941must be fully canonical. 5942For example, if your host is named 5943.q Cruft.Foo.ORG 5944and also has an alias of 5945.q FTP.Foo.ORG , 5946the former name must be used at all times. 5947This is enforced during host name canonification 5948($[ ... $] lookups). 5949If this option is set, the protocols are ignored and the 5950.q wrong 5951thing is done. 5952However, the IETF is moving toward changing this standard, 5953so the behavior may become acceptable. 5954Please note that hosts downstream may still rewrite the address 5955to be the true canonical name however. 5956.ip DontInitGroups 5957[no short name] 5958If set, 5959.i sendmail 5960will avoid using the initgroups(3) call. 5961If you are running NIS, 5962this causes a sequential scan of the groups.byname map, 5963which can cause your NIS server to be badly overloaded in a large domain. 5964The cost of this is that the only group found for users 5965will be their primary group (the one in the password file), 5966which will make file access permissions somewhat more restrictive. 5967Has no effect on systems that don't have group lists. 5968.ip DontProbeInterfaces 5969[no short name] 5970.i Sendmail 5971normally finds the names of all interfaces active on your machine 5972when it starts up 5973and adds their name to the 5974.b $=w 5975class of known host aliases. 5976If you have a large number of virtual interfaces 5977or if your DNS inverse lookups are slow 5978this can be time consuming. 5979This option turns off that probing. 5980However, you will need to be certain to include all variant names 5981in the 5982.b $=w 5983class by some other mechanism. 5984.ip DontPruneRoutes 5985[R] 5986Normally, 5987.i sendmail 5988tries to eliminate any unnecessary explicit routes 5989when sending an error message 5990(as discussed in RFC 1123 \(sc 5.2.6). 5991For example, 5992when sending an error message to 5993.(b 5994<@known1,@known2,@known3:user@unknown> 5995.)b 5996.i sendmail 5997will strip off the 5998.q @known1,@known2 5999in order to make the route as direct as possible. 6000However, if the 6001.b R 6002option is set, this will be disabled, 6003and the mail will be sent to the first address in the route, 6004even if later addresses are known. 6005This may be useful if you are caught behind a firewall. 6006.ip DoubleBounceAddress=\fIerror-address\fP 6007[no short name] 6008If an error occurs when sending an error message, 6009send the error report 6010(termed a 6011.q "double bounce" 6012because it is an error 6013.q bounce 6014that occurs when trying to send another error 6015.q bounce ) 6016to the indicated address. 6017The address is macro expanded 6018at the time of delivery. 6019If not set, defaults to 6020.q postmaster . 6021.ip EightBitMode=\fIaction\fP 6022[8] 6023Set handling of eight-bit data. 6024There are two kinds of eight-bit data: 6025that declared as such using the 6026.b BODY=8BITMIME 6027ESMTP declaration or the 6028.b \-B8BITMIME 6029command line flag, 6030and undeclared 8-bit data, that is, 6031input that just happens to be eight bits. 6032There are three basic operations that can happen: 6033undeclared 8-bit data can be automatically converted to 8BITMIME, 6034undeclared 8-bit data can be passed as-is without conversion to MIME 6035(``just send 8''), 6036and declared 8-bit data can be converted to 7-bits 6037for transmission to a non-8BITMIME mailer. 6038The possible 6039.i action s 6040are: 6041.(b 6042.\" r Reject undeclared 8-bit data; 6043.\" don't convert 8BITMIME\(->7BIT (``reject'') 6044 s Reject undeclared 8-bit data (``strict'') 6045.\" do convert 8BITMIME\(->7BIT (``strict'') 6046.\" c Convert undeclared 8-bit data to MIME; 6047.\" don't convert 8BITMIME\(->7BIT (``convert'') 6048 m Convert undeclared 8-bit data to MIME (``mime'') 6049.\" do convert 8BITMIME\(->7BIT (``mime'') 6050.\" j Pass undeclared 8-bit data; 6051.\" don't convert 8BITMIME\(->7BIT (``just send 8'') 6052 p Pass undeclared 8-bit data (``pass'') 6053.\" do convert 8BITMIME\(->7BIT (``pass'') 6054.\" a Adaptive algorithm: see below 6055.)b 6056.\"The adaptive algorithm is to accept 8-bit data, 6057.\"converting it to 8BITMIME only if the receiver understands that, 6058.\"otherwise just passing it as undeclared 8-bit data; 6059.\"8BITMIME\(->7BIT conversions are done. 6060In all cases properly declared 8BITMIME data will be converted to 7BIT 6061as needed. 6062.ip ErrorHeader=\fIfile-or-message\fP 6063[E] 6064Prepend error messages with the indicated message. 6065If it begins with a slash, 6066it is assumed to be the pathname of a file 6067containing a message (this is the recommended setting). 6068Otherwise, it is a literal message. 6069The error file might contain the name, email address, and/or phone number 6070of a local postmaster who could provide assistance 6071to end users. 6072If the option is missing or null, 6073or if it names a file which does not exist or which is not readable, 6074no message is printed. 6075.ip ErrorMode=\fIx\fP 6076[e] 6077Dispose of errors using mode 6078.i x . 6079The values for 6080.i x 6081are: 6082.(b 6083p Print error messages (default) 6084q No messages, just give exit status 6085m Mail back errors 6086w Write back errors (mail if user not logged in) 6087e Mail back errors and give zero exit stat always 6088.)b 6089.ip FallbackMXhost=\fIfallbackhost\fP 6090[V] 6091If specified, the 6092.i fallbackhost 6093acts like a very low priority MX 6094on every host. 6095This is intended to be used by sites with poor network connectivity. 6096Messages which are undeliverable due to temporary address failures 6097(e.g., DNS failure) 6098also go to the FallBackMX host. 6099.ip ForkEachJob 6100[Y] 6101If set, 6102deliver each job that is run from the queue in a separate process. 6103Use this option if you are short of memory, 6104since the default tends to consume considerable amounts of memory 6105while the queue is being processed. 6106.ip ForwardPath=\fIpath\fP 6107[J] 6108Set the path for searching for users' .forward files. 6109The default is 6110.q $z/.forward . 6111Some sites that use the automounter may prefer to change this to 6112.q /var/forward/$u 6113to search a file with the same name as the user in a system directory. 6114It can also be set to a sequence of paths separated by colons; 6115.i sendmail 6116stops at the first file it can successfully and safely open. 6117For example, 6118.q /var/forward/$u:$z/.forward 6119will search first in /var/forward/\c 6120.i username 6121and then in 6122.i ~username /.forward 6123(but only if the first file does not exist). 6124.ip HelpFile=\fIfile\fP 6125[H] 6126Specify the help file 6127for SMTP. 6128If no file name is specified, "helpfile" is used. 6129.ip HoldExpensive 6130[c] 6131If an outgoing mailer is marked as being expensive, 6132don't connect immediately. 6133This requires that queueing be compiled in, 6134since it will depend on a queue run process to 6135actually send the mail. 6136.ip HostsFile=\fIpath\fP 6137[no short name] 6138The path to the hosts database, 6139normally 6140.q /etc/hosts . 6141This option is only consulted when sendmail 6142is canonifying addresses, 6143and then only when 6144.q files 6145is in the 6146.q hosts 6147service switch entry. 6148In particular, this file is 6149.i never 6150used when looking up host addresses; 6151that is under the control of the system 6152.i gethostbyname (3) 6153routine. 6154.ip HostStatusDirectory=\fIpath\fP 6155[no short name] 6156The location of the long term host status information. 6157When set, 6158information about the status of hosts 6159(e.g., host down or not accepting connections) 6160will be shared between all 6161.i sendmail 6162processes; 6163normally, this information is only held within a single queue run. 6164This option requires a connection cache of at least 1 to function. 6165If the option begins with a leading `/', 6166it is an absolute pathname; 6167otherwise, 6168it is relative to the mail queue directory. 6169A suggested value for sites desiring persistent host status is 6170.q \&.hoststat 6171(i.e., a subdirectory of the queue directory). 6172.ip IgnoreDots 6173[i] 6174Ignore dots in incoming messages. 6175This is always disabled (that is, dots are always accepted) 6176when reading SMTP mail. 6177.ip LDAPDefaultSpec=\fIspec\fP 6178[no short name] 6179Sets a default map specification for LDAP maps. 6180The value should only contain LDAP specific settings 6181such as 6182.q "-h host -p port -d bindDN" . 6183The settings will be used for all LDAP maps 6184unless the individual map specification overrides a setting. 6185This option should be set before any LDAP maps are defined. 6186.ip LogLevel=\fIn\fP 6187[L] 6188Set the log level to 6189.i n . 6190Defaults to 9. 6191.ip M\fIx\|value\fP 6192[no long version] 6193Set the macro 6194.i x 6195to 6196.i value . 6197This is intended only for use from the command line. 6198The 6199.b \-M 6200flag is preferred. 6201.ip MatchGECOS 6202[G] 6203Allow fuzzy matching on the GECOS field. 6204If this flag is set, 6205and the usual user name lookups fail 6206(that is, there is no alias with this name and a 6207.i getpwnam 6208fails), 6209sequentially search the password file 6210for a matching entry in the GECOS field. 6211This also requires that MATCHGECOS 6212be turned on during compilation. 6213This option is not recommended. 6214.ip MaxAliasRecursion=\fIN\fP 6215[no short name] 6216The maximum depth of alias recursion (default: 10). 6217.ip MaxDaemonChildren=\fIN\fP 6218[no short name] 6219If set, 6220.i sendmail 6221will refuse connections when it has more than 6222.i N 6223children processing incoming mail or automatic queue runs. 6224This does not limit the number of outgoing connections. 6225If not set, there is no limit to the number of children -- 6226that is, the system load averaging controls this. 6227.ip MaxHeadersLength=\fIN\fP 6228[no short name] 6229The maximum length of the sum of all headers. 6230This can be used to prevent a denial of service attack. 6231The default is no limit. 6232.ip MaxHopCount=\fIN\fP 6233[h] 6234The maximum hop count. 6235Messages that have been processed more than 6236.i N 6237times are assumed to be in a loop and are rejected. 6238Defaults to 25. 6239.ip MaxMessageSize=\fIN\fP 6240[no short name] 6241Specify the maximum message size 6242to be advertised in the ESMTP EHLO response. 6243Messages larger than this will be rejected. 6244.ip MaxMimeHeaderLength=\fIN[/M]\fP 6245[no short name] 6246Sets the maximum length of certain MIME header field values 6247to 6248.i N 6249characters. 6250For some of these headers which take parameters, 6251the maximum length of each parameter is set to 6252.i M 6253if specified. If 6254.i /M 6255is not specified, one half of 6256.i N 6257will be used. 6258By default, 6259these values are 0, meaning no checks are done. 6260.ip MaxQueueRunSize=\fIN\fP 6261[no short name] 6262The maximum number of jobs that will be processed 6263in a single queue run. 6264If not set, there is no limit on the size. 6265If you have very large queues or a very short queue run interval 6266this could be unstable. 6267However, since the first 6268.i N 6269jobs in queue directory order are run (rather than the 6270.i N 6271highest priority jobs) 6272this should be set as high as possible to avoid 6273.q losing 6274jobs that happen to fall late in the queue directory. 6275.ip MaxRecipientsPerMessage=\fIN\fP 6276[no short name] 6277The maximum number of recipients that will be accepted per message 6278in an SMTP transaction. 6279Note: setting this too low can interfere with sending mail from 6280MUAs that use SMTP for initial submission. 6281If not set, there is no limit on the number of recipients per envelope. 6282.ip MeToo 6283[m] 6284Send to me too, 6285even if I am in an alias expansion. 6286This option is deprecated 6287and will be removed from a future version. 6288.ip MinFreeBlocks=\fIN\fP 6289[b] 6290Insist on at least 6291.i N 6292blocks free on the filesystem that holds the queue files 6293before accepting email via SMTP. 6294If there is insufficient space 6295.i sendmail 6296gives a 452 response 6297to the MAIL command. 6298This invites the sender to try again later. 6299.ip MinQueueAge=\fIage\fP 6300[no short name] 6301Don't process any queued jobs 6302that have been in the queue less than the indicated time interval. 6303This is intended to allow you to get responsiveness 6304by processing the queue fairly frequently 6305without thrashing your system by trying jobs too often. 6306The default units are minutes. 6307.ip MustQuoteChars=\fIs\fP 6308[no short name] 6309Sets the list of characters that must be quoted if used in a full name 6310that is in the phrase part of a ``phrase <address>'' syntax. 6311The default is ``\'.''. 6312The characters ``@,;:\e()[]'' are always added to this list. 6313.ip NoRecipientAction 6314[no short name] 6315The action to take when you receive a message that has no valid 6316recipient headers (To:, Cc:, Bcc:, or Apparently-To: \(em 6317the last included for back compatibility with old 6318.i sendmail s). 6319It can be 6320.b None 6321to pass the message on unmodified, 6322which violates the protocol, 6323.b Add-To 6324to add a To: header with any recipients it can find in the envelope 6325(which might expose Bcc: recipients), 6326.b Add-Apparently-To 6327to add an Apparently-To: header 6328(this is only for back-compatibility 6329and is officially deprecated), 6330.b Add-To-Undisclosed 6331to add a header 6332.q "To: undisclosed-recipients:;" 6333to make the header legal without disclosing anything, 6334or 6335.b Add-Bcc 6336to add an empty Bcc: header. 6337.ip OldStyleHeaders 6338[o] 6339Assume that the headers may be in old format, 6340i.e., 6341spaces delimit names. 6342This actually turns on 6343an adaptive algorithm: 6344if any recipient address contains a comma, parenthesis, 6345or angle bracket, 6346it will be assumed that commas already exist. 6347If this flag is not on, 6348only commas delimit names. 6349Headers are always output with commas between the names. 6350Defaults to off. 6351.ip OperatorChars=\fIcharlist\fP 6352[$o macro] 6353The list of characters that are considered to be 6354.q operators , 6355that is, characters that delimit tokens. 6356All operator characters are tokens by themselves; 6357sequences of non-operator characters are also tokens. 6358White space characters separate tokens 6359but are not tokens themselves \(em for example, 6360.q AAA.BBB 6361has three tokens, but 6362.q "AAA BBB" 6363has two. 6364If not set, OperatorChars defaults to 6365.q \&.\|:\|@\|[\|] ; 6366additionally, the characters 6367.q (\|)\|<\|>\|,\|; 6368are always operators. 6369Note that OperatorChars must be set in the 6370configuration file before any rulesets. 6371.ip PidFile=\fIfilename\fP 6372[no short name] 6373Filename of the pid file. 6374(default is _PATH_SENDMAILPID). 6375The 6376.i filename 6377is macro-expanded before it is opened. 6378.ip PostmasterCopy=\fIpostmaster\fP 6379[P] 6380If set, 6381copies of error messages will be sent to the named 6382.i postmaster . 6383Only the header of the failed message is sent. 6384Errors resulting from messages with a negative precedence will not be sent. 6385Since most errors are user problems, 6386this is probably not a good idea on large sites, 6387and arguably contains all sorts of privacy violations, 6388but it seems to be popular with certain operating systems vendors. 6389The address is macro expanded 6390at the time of delivery. 6391Defaults to no postmaster copies. 6392.ip PrivacyOptions=\fI\|opt,opt,...\fP 6393[p] 6394Set the privacy 6395.i opt ions. 6396``Privacy'' is really a misnomer; 6397many of these are just a way of insisting on stricter adherence 6398to the SMTP protocol. 6399The 6400.i opt ions 6401can be selected from: 6402.(b 6403.ta \w'needvrfyhelo'u+3n 6404public Allow open access 6405needmailhelo Insist on HELO or EHLO command before MAIL 6406needexpnhelo Insist on HELO or EHLO command before EXPN 6407noexpn Disallow EXPN entirely, implies noverb. 6408needvrfyhelo Insist on HELO or EHLO command before VRFY 6409novrfy Disallow VRFY entirely 6410noetrn Disallow ETRN entirely 6411noverb Disallow VERB entirely 6412restrictmailq Restrict mailq command 6413restrictqrun Restrict \-q command line flag 6414noreceipts Don't return success DSNs\** 6415nobodyreturn Don't return the body of a message with DSNs 6416goaway Disallow essentially all SMTP status queries 6417authwarnings Put X-Authentication-Warning: headers in messages 6418 and log warnings 6419.)b 6420.(f 6421\**N.B.: 6422the 6423.b noreceipts 6424flag turns off support for RFC 1891 6425(Delivery Status Notification). 6426.)f 6427The 6428.q goaway 6429pseudo-flag sets all flags except 6430.q noreceipts , 6431.q restrictmailq , 6432.q restrictqrun , 6433.q noetrn , 6434and 6435.q nobodyreturn . 6436If mailq is restricted, 6437only people in the same group as the queue directory 6438can print the queue. 6439If queue runs are restricted, 6440only root and the owner of the queue directory 6441can run the queue. 6442Authentication Warnings add warnings about various conditions 6443that may indicate attempts to spoof the mail system,
| 91.rm Ve 92.sp 93For Sendmail Version 8.11 94.)l 95.(f 96Sendmail is a trademark of Sendmail, Inc. 97.)f 98.sp 2 99.pp 100.i Sendmail \u\s-2TM\s0\d 101implements a general purpose internetwork mail routing facility 102under the UNIX\(rg 103operating system. 104It is not tied to any one transport protocol \*- 105its function may be likened to a crossbar switch, 106relaying messages from one domain into another. 107In the process, 108it can do a limited amount of message header editing 109to put the message into a format that is appropriate 110for the receiving domain. 111All of this is done under the control of a configuration file. 112.pp 113Due to the requirements of flexibility 114for 115.i sendmail , 116the configuration file can seem somewhat unapproachable. 117However, there are only a few basic configurations 118for most sites, 119for which standard configuration files have been supplied. 120Most other configurations 121can be built by adjusting an existing configuration file 122incrementally. 123.pp 124.i Sendmail 125is based on 126RFC821 (Simple Mail Transport Protocol), 127RFC822 (Internet Mail Headers Format), 128RFC974 (MX routing), 129RFC1123 (Internet Host Requirements), 130RFC2045 (MIME), 131RFC1869 (SMTP Service Extensions), 132RFC1652 (SMTP 8BITMIME Extension), 133RFC1870 (SMTP SIZE Extension), 134RFC1891 (SMTP Delivery Status Notifications), 135RFC1892 (Multipart/Report), 136RFC1893 (Enhanced Mail System Status Codes), 137RFC1894 (Delivery Status Notifications), 138RFC1985 (SMTP Service Extension for Remote Message Queue Starting), 139RFC2033 (Local Message Transmission Protocol), 140RFC2034 (SMTP Service Extension for Returning Enhanced Error Codes), 141RFC2476 (Message Submission), 142RFC2487 (SMTP Service Extension for Secure SMTP over TLS), 143and 144RFC2554 (SMTP Service Extension for Authentication). 145However, since 146.i sendmail 147is designed to work in a wider world, 148in many cases it can be configured to exceed these protocols. 149These cases are described herein. 150.pp 151Although 152.i sendmail 153is intended to run 154without the need for monitoring, 155it has a number of features 156that may be used to monitor or adjust the operation 157under unusual circumstances. 158These features are described. 159.pp 160Section one describes how to do a basic 161.i sendmail 162installation. 163Section two 164explains the day-to-day information you should know 165to maintain your mail system. 166If you have a relatively normal site, 167these two sections should contain sufficient information 168for you to install 169.i sendmail 170and keep it happy. 171Section three 172describes some parameters that may be safely tweaked. 173Section four 174has information regarding the command line arguments. 175Section five 176contains the nitty-gritty information about the configuration 177file. 178This section is for masochists 179and people who must write their own configuration file. 180Section six 181describes configuration that can be done at compile time. 182The appendixes give a brief 183but detailed explanation of a number of features 184not described in the rest of the paper. 185.bp 7 186.sh 1 "BASIC INSTALLATION" 187.pp 188There are two basic steps to installing 189.i sendmail . 190First, you have to compile and install the binary. 191If 192.i sendmail 193has already been ported to your operating system 194that should be simple. 195Second, you must build a run-time configuration file. 196This is a file that 197.i sendmail 198reads when it starts up 199that describes the mailers it knows about, 200how to parse addresses, 201how to rewrite the message header, 202and the settings of various options. 203Although the configuration file can be quite complex, 204a configuration can usually be built 205using an M4-based configuration language. 206.pp 207The remainder of this section will describe the installation of 208.i sendmail 209assuming you can use one of the existing configurations 210and that the standard installation parameters are acceptable. 211All pathnames and examples 212are given from the root of the 213.i sendmail 214subtree, 215normally 216.i /usr/src/usr.\*(SD/sendmail 217on 4.4BSD. 218.pp 219If you are loading this off the tape, 220continue with the next section. 221If you have a running binary already on your system, 222you should probably skip to section 1.2. 223.sh 2 "Compiling Sendmail" 224.pp 225All 226.i sendmail 227source is in the 228.i sendmail 229subdirectory. 230To compile sendmail, 231.q cd 232into the 233.i sendmail 234directory and type 235.(b 236\&./Build 237.)b 238This will leave the binary in an appropriately named subdirectory, 239e.g., 240obj.BSD-OS.2.1.i386. 241It works for multiple object versions 242compiled out of the same directory. 243.sh 3 "Tweaking the Build Invocation" 244.pp 245You can give parameters on the 246.i Build 247command. 248In most cases these are only used when the 249.i obj.* 250directory is first created. 251These commands include: 252.nr ii 0.5i 253.ip "\-L \fIlibdirs\fP" 254A list of directories to search for libraries. 255.ip "\-I \fIincdirs\fP" 256A list of directories to search for include files. 257.ip "\-E \fIenvar\fP=\fIvalue\fP" 258Set an environment variable to an indicated 259.i value 260before compiling. 261.ip "\-c" 262Create a new 263.i obj.* 264tree before running. 265.ip "\-f \fIsiteconfig\fP" 266Read the indicated site configuration file. 267If this parameter is not specified, 268.i Build 269includes 270.i all 271of the files 272.i $BUILDTOOLS/Site/site.$oscf.m4 273and 274.i $BUILDTOOLS/Site/site.config.m4 , 275where $BUILDTOOLS is normally 276.i \&../devtools 277and $oscf is the same name as used on the 278.i obj.* 279directory. 280See below for a description of the site configuration file. 281.ip "\-S" 282Skip auto-configuration. 283.i Build 284will avoid auto-detecting libraries if this is set. 285All libraries and map definitions must be specified 286in the site configuration file. 287.lp 288Any other parameters are passed to the 289.i make 290program. 291.sh 3 "Creating a Site Configuration File" 292.\"XXX 293.pp 294(This section is not yet complete. 295For now, see the file devtools/README for details.) 296See sendmail/README for various compilation flags that can be set. 297.sh 3 "Tweaking the Makefile" 298.pp 299.\" .b "XXX This should all be in the Site Configuration File section." 300.i Sendmail 301supports two different formats 302for the local (on disk) version of databases, 303notably the 304.i aliases 305database. 306At least one of these should be defined if at all possible. 307.nr ii 1i 308.ip NDBM 309The ``new DBM'' format, 310available on nearly all systems around today. 311This was the preferred format prior to 4.4BSD. 312It allows such complex things as multiple databases 313and closing a currently open database. 314.ip NEWDB 315The Berkeley DB package. 316If you have this, use it. 317It allows 318long records, 319multiple open databases, 320real in-memory caching, 321and so forth. 322You can define this in conjunction with 323.sm NDBM ; 324if you do, 325old alias databases are read, 326but when a new database is created it will be in NEWDB format. 327As a nasty hack, 328if you have NEWDB, NDBM, and NIS defined, 329and if the alias file name includes the substring 330.q /yp/ , 331.i sendmail 332will create both new and old versions of the alias file 333during a 334.i newalias 335command. 336This is required because the Sun NIS/YP system 337reads the DBM version of the alias file. 338It's ugly as sin, 339but it works. 340.lp 341If neither of these are defined, 342.i sendmail 343reads the alias file into memory on every invocation. 344This can be slow and should be avoided. 345There are also several methods for remote database access: 346.ip NIS 347Sun's Network Information Services (formerly YP). 348.ip NISPLUS 349Sun's NIS+ services. 350.ip NETINFO 351NeXT's NetInfo service. 352.ip HESIOD 353Hesiod service (from Athena). 354.lp 355Other compilation flags are set in conf.h 356and should be predefined for you 357unless you are porting to a new environment. 358.sh 3 "Compilation and installation" 359.pp 360After making the local system configuration described above, 361You should be able to compile and install the system. 362The script 363.q Build 364is the best approach on most systems: 365.(b 366\&./Build 367.)b 368This will use 369.i uname (1) 370to create a custom Makefile for your environment. 371.pp 372If you are installing in the standard places, 373you should be able to install using 374.(b 375\&./Build install 376.)b 377This should install the binary in 378/usr/\*(SD 379and create links from 380/usr/\*(SB/newaliases 381and 382/usr/\*(SB/mailq 383to 384/usr/\*(SD/sendmail. 385On 4.4BSD systems it will also format and install man pages. 386.sh 2 "Configuration Files" 387.pp 388.i Sendmail 389cannot operate without a configuration file. 390The configuration defines the mail delivery mechanisms understood at this site, 391how to access them, 392how to forward email to remote mail systems, 393and a number of tuning parameters. 394This configuration file is detailed 395in the later portion of this document. 396.pp 397The 398.i sendmail 399configuration can be daunting at first. 400The world is complex, 401and the mail configuration reflects that. 402The distribution includes an m4-based configuration package 403that hides a lot of the complexity. 404.pp 405These configuration files are simpler than old versions 406largely because the world has become simpler; 407in particular, 408text-based host files are officially eliminated, 409obviating the need to 410.q hide 411hosts behind a registered internet gateway. 412.pp 413These files also assume that most of your neighbors 414use domain-based UUCP addressing; 415that is, 416instead of naming hosts as 417.q host!user 418they will use 419.q host.domain!user . 420The configuration files can be customized to work around this, 421but it is more complex. 422.pp 423Our configuration files are processed by 424.i m4 425to facilitate local customization; 426the directory 427.i cf 428of the 429.i sendmail 430distribution directory 431contains the source files. 432This directory contains several subdirectories: 433.nr ii 1i 434.ip cf 435Both site-dependent and site-independent descriptions of hosts. 436These can be literal host names 437(e.g., 438.q ucbvax.mc ) 439when the hosts are gateways 440or more general descriptions 441(such as 442.q "generic-solaris2.mc" 443as a general description of an SMTP-connected host 444running Solaris 2.x. 445Files ending 446.b \&.mc 447(``Master Configuration'') 448are the input descriptions; 449the output is in the corresponding 450.b \&.cf 451file. 452The general structure of these files is described below. 453.ip domain 454Site-dependent subdomain descriptions. 455These are tied to the way your organization wants to do addressing. 456For example, 457.b domain/CS.Berkeley.EDU.m4 458is our description for hosts in the CS.Berkeley.EDU subdomain. 459These are referenced using the 460.sm DOMAIN 461.b m4 462macro in the 463.b \&.mc 464file. 465.ip feature 466Definitions of specific features that some particular host in your site 467might want. 468These are referenced using the 469.sm FEATURE 470.b m4 471macro. 472An example feature is 473use_cw_file 474(which tells 475.i sendmail 476to read an /etc/mail/local-host-names file on startup 477to find the set of local names). 478.ip hack 479Local hacks, referenced using the 480.sm HACK 481.b m4 482macro. 483Try to avoid these. 484The point of having them here is to make it clear that they smell. 485.ip m4 486Site-independent 487.i m4 (1) 488include files that have information common to all configuration files. 489This can be thought of as a 490.q #include 491directory. 492.ip mailer 493Definitions of mailers, 494referenced using the 495.sm MAILER 496.b m4 497macro. 498The mailer types that are known in this distribution are 499fax, 500local, 501smtp, 502uucp, 503and usenet. 504For example, to include support for the UUCP-based mailers, 505use 506.q MAILER(uucp) . 507.ip ostype 508Definitions describing various operating system environments 509(such as the location of support files). 510These are referenced using the 511.sm OSTYPE 512.b m4 513macro. 514.ip sh 515Shell files used by the 516.b m4 517build process. 518You shouldn't have to mess with these. 519.ip siteconfig 520Local UUCP connectivity information. 521This directory has been supplanted by the mailertable feature; 522any new configurations should use that feature to do UUCP 523(and other) routing. 524.pp 525If you are in a new domain 526(e.g., a company), 527you will probably want to create a 528cf/domain 529file for your domain. 530This consists primarily of relay definitions 531and features you want enabled site-wide: 532for example, Berkeley's domain definition 533defines relays for 534BitNET 535and UUCP. 536These are specific to Berkeley, 537and should be fully-qualified internet-style domain names. 538Please check to make certain they are reasonable for your domain. 539.pp 540Subdomains at Berkeley are also represented in the 541cf/domain 542directory. 543For example, 544the domain 545CS.Berkeley.EDU 546is the Computer Science subdomain, 547EECS.Berkeley.EDU 548is the Electrical Engineering and Computer Sciences subdomain, 549and 550S2K.Berkeley.EDU 551is the Sequoia 2000 subdomain. 552You will probably have to add an entry to this directory 553to be appropriate for your domain. 554.pp 555You will have to use or create 556.b \&.mc 557files in the 558.i cf/cf 559subdirectory for your hosts. 560This is detailed in the 561cf/README 562file. 563.sh 2 "Details of Installation Files" 564.pp 565This subsection describes the files that 566comprise the 567.i sendmail 568installation. 569.sh 3 "/usr/\*(SD/sendmail" 570.pp 571The binary for 572.i sendmail 573is located in /usr/\*(SD\**. 574.(f 575\**This is usually 576/usr/sbin 577on 4.4BSD and newer systems; 578many systems install it in 579/usr/lib. 580I understand it is in /usr/ucblib 581on System V Release 4. 582.)f 583It should be setuid root. 584For security reasons, 585/, /usr, and /usr/\*(SD 586should be owned by root, mode 755\**. 587.(f 588\**Some vendors ship them owned by bin; 589this creates a security hole that is not actually related to 590.i sendmail . 591Other important directories that should have restrictive ownerships 592and permissions are 593/bin, /usr/bin, /etc, /etc/mail, /usr/etc, /lib, and /usr/lib. 594.)f 595.sh 3 "/etc/mail/sendmail.cf" 596.pp 597This is the configuration file for 598.i sendmail \**. 599.(f 600\**Actually, the pathname varies depending on the operating system; 601/etc/mail is the preferred directory. 602Some older systems install it in 603.b /usr/lib/sendmail.cf , 604and I've also seen it in 605.b /usr/ucblib . 606If you want to move this file, 607add -D_PATH_SENDMAILCF=\e"/file/name\e" 608to the flags passed to the C compiler. 609Moving this file is not recommended: 610other programs and scripts know of this location. 611.)f 612This is the only non-library file name compiled into 613.i sendmail \**. 614.(f 615\**The system libraries can reference other files; 616in particular, system library subroutines that 617.i sendmail 618calls probably reference 619.i /etc/passwd 620and 621.i /etc/resolv.conf . 622.)f 623.pp 624The configuration file is normally created 625using the distribution files described above. 626If you have a particularly unusual system configuration 627you may need to create a special version. 628The format of this file is detailed in later sections 629of this document. 630.sh 3 "/usr/\*(SB/newaliases" 631.pp 632The 633.i newaliases 634command should just be a link to 635.i sendmail : 636.(b 637rm \-f /usr/\*(SB/newaliases 638ln \-s /usr/\*(SD/sendmail /usr/\*(SB/newaliases 639.)b 640This can be installed in whatever search path you prefer 641for your system. 642.sh 3 "/usr/\*(SB/hoststat" 643.pp 644The 645.i hoststat 646command should just be a link to 647.i sendmail , 648in a fashion similar to 649.i newaliases . 650This command lists the status of the last mail transaction 651with all remote hosts. The 652.b \-v 653flag will prevent the status display from being truncated. 654It functions only when the 655.b HostStatusDirectory 656option is set. 657.sh 3 "/usr/\*(SB/purgestat" 658.pp 659This command is also a link to 660.i sendmail . 661It flushes expired (Timeout.hoststatus) information that is stored in the 662.b HostStatusDirectory 663tree. 664.sh 3 "/var/spool/mqueue" 665.pp 666The directory 667.i /var/spool/mqueue 668should be created to hold the mail queue. 669This directory should be mode 700 670and owned by root. 671.pp 672The actual path of this directory 673is defined in the 674.b Q 675option of the 676.i sendmail.cf 677file. 678To use multiple queues, 679supply a value ending with an asterisk. 680For example, 681.i /var/spool/mqueue/qd* 682will use all of the directories or symbolic links to directories 683beginning with `qd' in 684.i /var/spool/mqueue 685as queue directories. 686Do not change the queue directory structure 687while sendmail is running. 688.pp 689If these directories have subdirectories or symbolic links to directories 690named `qf', `df', and `xf', then these will be used for the different 691queue file types. 692That is, the data files are stored in the `df' subdirectory, 693the transcript files are stored in the `xf' subdirectory, and 694all others are stored in the `qf' subdirectory. 695.sh 3 "/var/spool/mqueue/.hoststat" 696.pp 697This is a typical value for the 698.b HostStatusDirectory 699option, 700containing one file per host 701that this sendmail has chatted with recently. 702It is normally a subdirectory of 703.i mqueue . 704.sh 3 "/etc/mail/aliases*" 705.pp 706The system aliases are held in 707.q /etc/mail/aliases . 708A sample is given in 709.q sendmail/aliases 710which includes some aliases which 711.i must 712be defined: 713.(b 714cp lib/aliases /etc/mail/aliases 715.i "edit /etc/mail/aliases" 716.)b 717You should extend this file with any aliases that are apropos to your system. 718.pp 719Normally 720.i sendmail 721looks at a database version of the files, 722stored either in 723.q /etc/mail/aliases.dir 724and 725.q /etc/mail/aliases.pag 726or 727.q /etc/mail/aliases.db 728depending on which database package you are using. 729The actual path of this file 730is defined in the 731.b AliasFile 732option of the 733.i sendmail.cf 734file. 735.sh 3 "/etc/rc or /etc/init.d/sendmail" 736.pp 737It will be necessary to start up the 738.i sendmail 739daemon when your system reboots. 740This daemon performs two functions: 741it listens on the SMTP socket for connections 742(to receive mail from a remote system) 743and it processes the queue periodically 744to insure that mail gets delivered when hosts come up. 745.pp 746Add the following lines to 747.q /etc/rc 748(or 749.q /etc/rc.local 750as appropriate) 751in the area where it is starting up the daemons 752on a BSD-base system, 753or on a System-V-based system 754in one of the startup files, typically 755.q /etc/init.d/sendmail : 756.(b 757if [ \-f /usr/\*(SD/sendmail \-a \-f /etc/mail/sendmail.cf ]; then 758 (cd /var/spool/mqueue; rm \-f [lnx]f*) 759 /usr/\*(SD/sendmail \-bd \-q30m & 760 echo \-n ' sendmail' >/dev/console 761fi 762.)b 763The 764.q cd 765and 766.q rm 767commands insure that all lock files have been removed; 768extraneous lock files may be left around 769if the system goes down in the middle of processing a message. 770The line that actually invokes 771.i sendmail 772has two flags: 773.q \-bd 774causes it to listen on the SMTP port, 775and 776.q \-q30m 777causes it to run the queue every half hour. 778.pp 779Some people use a more complex startup script, 780removing zero length qf files and df files for which there is no qf file. 781For example, see Figure 1 782for an example of a complex script which does this clean up. 783.(z 784.hl 785#!/bin/sh 786# remove zero length qf files 787for qffile in qf* 788do 789 if [ \-r $qffile ] 790 then 791 if [ ! \-s $qffile ] 792 then 793 echo \-n " <zero: $qffile>" > /dev/console 794 rm \-f $qffile 795 fi 796 fi 797done 798# rename tf files to be qf if the qf does not exist 799for tffile in tf* 800do 801 qffile=`echo $tffile | sed 's/t/q/'` 802 if [ \-r $tffile \-a ! \-f $qffile ] 803 then 804 echo \-n " <recovering: $tffile>" > /dev/console 805 mv $tffile $qffile 806 else 807 if [ \-f $tffile ] 808 then 809 echo \-n " <extra: $tffile>" > /dev/console 810 rm \-f $tffile 811 fi 812 fi 813done 814# remove df files with no corresponding qf files 815for dffile in df* 816do 817 qffile=`echo $dffile | sed 's/d/q/'` 818 if [ \-r $dffile \-a ! \-f $qffile ] 819 then 820 echo \-n " <incomplete: $dffile>" > /dev/console 821 mv $dffile `echo $dffile | sed 's/d/D/'` 822 fi 823done 824# announce files that have been saved during disaster recovery 825for xffile in [A-Z]f* 826do 827 if [ \-f $xffile ] 828 then 829 echo \-n " <panic: $xffile>" > /dev/console 830 fi 831done 832.sp 833.ce 834Figure 1 \(em A complex startup script 835.hl 836.)z 837.pp 838If you are not running a version of UNIX 839that supports Berkeley TCP/IP, 840do not include the 841.b \-bd 842flag. 843.sh 3 "/etc/mail/helpfile" 844.pp 845This is the help file used by the SMTP 846.b HELP 847command. 848It should be copied from 849.q sendmail/helpfile : 850.(b 851cp sendmail/helpfile /etc/mail/helpfile 852.)b 853The actual path of this file 854is defined in the 855.b HelpFile 856option of the 857.i sendmail.cf 858file. 859.sh 3 "/etc/mail/statistics" 860.pp 861If you wish to collect statistics 862about your mail traffic, 863you should create the file 864.q /etc/mail/statistics : 865.(b 866cp /dev/null /etc/mail/statistics 867chmod 644 /etc/mail/statistics 868.)b 869This file does not grow. 870It is printed with the program 871.q mailstats/mailstats.c. 872The actual path of this file 873is defined in the 874.b S 875option of the 876.i sendmail.cf 877file. 878.sh 3 "/usr/\*(SB/mailq" 879.pp 880If 881.i sendmail 882is invoked as 883.q mailq, 884it will simulate the 885.b \-bp 886flag 887(i.e., 888.i sendmail 889will print the contents of the mail queue; 890see below). 891This should be a link to /usr/\*(SD/sendmail. 892.sh 1 "NORMAL OPERATIONS" 893.sh 2 "The System Log" 894.pp 895The system log is supported by the 896.i syslogd \|(8) 897program. 898All messages from 899.i sendmail 900are logged under the 901.sm LOG_MAIL 902facility\**. 903.(f 904\**Except on Ultrix, 905which does not support facilities in the syslog. 906.)f 907.sh 3 "Format" 908.pp 909Each line in the system log 910consists of a timestamp, 911the name of the machine that generated it 912(for logging from several machines 913over the local area network), 914the word 915.q sendmail: , 916and a message\**. 917.(f 918\**This format may vary slightly if your vendor has changed 919the syntax. 920.)f 921Most messages are a sequence of 922.i name \c 923=\c 924.i value 925pairs. 926.pp 927The two most common lines are logged when a message is processed. 928The first logs the receipt of a message; 929there will be exactly one of these per message. 930Some fields may be omitted if they do not contain interesting information. 931Fields are: 932.ip from 933The envelope sender address. 934.ip size 935The size of the message in bytes. 936.ip class 937The class (i.e., numeric precedence) of the message. 938.ip pri 939The initial message priority (used for queue sorting). 940.ip nrcpts 941The number of envelope recipients for this message 942(after aliasing and forwarding). 943.ip msgid 944The message id of the message (from the header). 945.ip proto 946The protocol used to receive this message (e.g., ESMTP or UUCP) 947.ip daemon 948The daemon name from the 949.b DaemonPortOptions 950setting. 951.ip relay 952The machine from which it was received. 953.lp 954There is also one line logged per delivery attempt 955(so there can be several per message if delivery is deferred 956or there are multiple recipients). 957Fields are: 958.ip to 959A comma-separated list of the recipients to this mailer. 960.ip ctladdr 961The ``controlling user'', that is, the name of the user 962whose credentials we use for delivery. 963.ip delay 964The total delay between the time this message was received 965and the current delivery attempt. 966.ip xdelay 967The amount of time needed in this delivery attempt 968(normally indicative of the speed of the connection). 969.ip mailer 970The name of the mailer used to deliver to this recipient. 971.ip relay 972The name of the host that actually accepted (or rejected) this recipient. 973.ip dsn 974The enhanced error code (RFC2034) if available. 975.ip stat 976The delivery status. 977.lp 978Not all fields are present in all messages; 979for example, the relay is not listed for local deliveries. 980.sh 3 "Levels" 981.pp 982If you have 983.i syslogd \|(8) 984or an equivalent installed, 985you will be able to do logging. 986There is a large amount of information that can be logged. 987The log is arranged as a succession of levels. 988At the lowest level 989only extremely strange situations are logged. 990At the highest level, 991even the most mundane and uninteresting events 992are recorded for posterity. 993As a convention, 994log levels under ten 995are considered generally 996.q useful; 997log levels above 64 998are reserved for debugging purposes. 999Levels from 11\-64 are reserved for verbose information 1000that some sites might want. 1001.pp 1002A complete description of the log levels 1003is given in section 1004.\" XREF 10054.6. 1006.sh 2 "Dumping State" 1007.pp 1008You can ask 1009.i sendmail 1010to log a dump of the open files 1011and the connection cache 1012by sending it a 1013.sm SIGUSR1 1014signal. 1015The results are logged at 1016.sm LOG_DEBUG 1017priority. 1018.sh 2 "The Mail Queue" 1019.pp 1020Sometimes a host cannot handle a message immediately. 1021For example, it may be down or overloaded, causing it to refuse connections. 1022The sending host is then expected to save this message in 1023its mail queue 1024and attempt to deliver it later. 1025.pp 1026Under normal conditions the mail queue will be processed transparently. 1027However, you may find that manual intervention is sometimes necessary. 1028For example, 1029if a major host is down for a period of time 1030the queue may become clogged. 1031Although 1032.i sendmail 1033ought to recover gracefully when the host comes up, 1034you may find performance unacceptably bad in the meantime. 1035.sh 3 "Printing the queue" 1036.pp 1037The contents of the queue can be printed 1038using the 1039.i mailq 1040command 1041(or by specifying the 1042.b \-bp 1043flag to 1044.i sendmail ): 1045.(b 1046mailq 1047.)b 1048This will produce a listing of the queue id's, 1049the size of the message, 1050the date the message entered the queue, 1051and the sender and recipients. 1052.sh 3 "Forcing the queue" 1053.pp 1054.i Sendmail 1055should run the queue automatically 1056at intervals. 1057When using multiple queues, 1058a separate process will be created to 1059run each of the queues 1060unless the queue run is initiated by a user 1061with the verbose flag. 1062The algorithm is to read and sort the queue, 1063and then to attempt to process all jobs in order. 1064When it attempts to run the job, 1065.i sendmail 1066first checks to see if the job is locked. 1067If so, it ignores the job. 1068.pp 1069There is no attempt to insure that only one queue processor 1070exists at any time, 1071since there is no guarantee that a job cannot take forever 1072to process 1073(however, 1074.i sendmail 1075does include heuristics to try to abort jobs 1076that are taking absurd amounts of time; 1077technically, this violates RFC 821, but is blessed by RFC 1123). 1078Due to the locking algorithm, 1079it is impossible for one job to freeze the entire queue. 1080However, 1081an uncooperative recipient host 1082or a program recipient 1083that never returns 1084can accumulate many processes in your system. 1085Unfortunately, 1086there is no completely general way to solve this. 1087.pp 1088In some cases, 1089you may find that a major host going down 1090for a couple of days 1091may create a prohibitively large queue. 1092This will result in 1093.i sendmail 1094spending an inordinate amount of time 1095sorting the queue. 1096This situation can be fixed by moving the queue to a temporary place 1097and creating a new queue. 1098The old queue can be run later when the offending host returns to service. 1099.pp 1100To do this, 1101it is acceptable to move the entire queue directory: 1102.(b 1103cd /var/spool 1104mv mqueue omqueue; mkdir mqueue; chmod 700 mqueue 1105.)b 1106You should then kill the existing daemon 1107(since it will still be processing in the old queue directory) 1108and create a new daemon. 1109.pp 1110To run the old mail queue, 1111run the following command: 1112.(b 1113/usr/\*(SD/sendmail \-oQ/var/spool/omqueue \-q 1114.)b 1115The 1116.b \-oQ 1117flag specifies an alternate queue directory 1118and the 1119.b \-q 1120flag says to just run every job in the queue. 1121If you have a tendency toward voyeurism, 1122you can use the 1123.b \-v 1124flag to watch what is going on. 1125.pp 1126When the queue is finally emptied, 1127you can remove the directory: 1128.(b 1129rmdir /var/spool/omqueue 1130.)b 1131.sh 2 "Disk Based Connection Information" 1132.pp 1133.i Sendmail 1134stores a large amount of information about each remote system it 1135has connected to in memory. It is now possible to preserve some 1136of this information on disk as well, by using the 1137.b HostStatusDirectory 1138option, so that it may be shared between several invocations of 1139.i sendmail . 1140This allows mail to be queued immediately or skipped during a queue run if 1141there has been a recent failure in connecting to a remote machine. 1142.pp 1143Additionally enabling 1144.b SingleThreadDelivery 1145has the added effect of single-threading mail delivery to a destination. 1146This can be quite helpful 1147if the remote machine is running an SMTP server that is easily overloaded 1148or cannot accept more than a single connection at a time, 1149but can cause some messages to be punted to a future queue run. 1150It also applies to 1151.i all 1152hosts, so setting this because you have one machine on site 1153that runs some software that is easily overrun 1154can cause mail to other hosts to be slowed down. 1155If this option is set, 1156you probably want to set the 1157.b MinQueueAge 1158option as well and run the queue fairly frequently; 1159this way jobs that are skipped because another 1160.i sendmail 1161is talking to the same host will be tried again quickly 1162rather than being delayed for a long time. 1163.pp 1164The disk based host information is stored in a subdirectory of the 1165.b mqueue 1166directory called 1167.b \&.hoststat \**. 1168.(f 1169\**This is the usual value of the 1170.b HostStatusDirectory 1171option; 1172it can, of course, go anywhere you like in your filesystem. 1173.)f 1174Removing this directory and its subdirectories has an effect similar to 1175the 1176.i purgestat 1177command and is completely safe. 1178However, 1179.i purgestat 1180only removes expired (Timeout.hoststatus) data. 1181The information in these directories can 1182be perused with the 1183.i hoststat 1184command, which will indicate the host name, the last access, and the 1185status of that access. 1186An asterisk in the left most column indicates that a 1187.i sendmail 1188process currently has the host locked for mail delivery. 1189.pp 1190The disk based connection information is treated the same way as memory based 1191connection information for the purpose of timeouts. 1192By default, information about host failures is valid for 30 minutes. 1193This can be adjusted with 1194the 1195.b Timeout.hoststatus 1196option. 1197.pp 1198The connection information stored on disk may be expired at any time 1199with the 1200.i purgestat 1201command or by invoking sendmail with the 1202.b \-bH 1203switch. 1204The connection information may be viewed with the 1205.i hoststat 1206command or by invoking sendmail with the 1207.b \-bh 1208switch. 1209.sh 2 "The Service Switch" 1210.pp 1211The implementation of certain system services 1212such as host and user name lookup 1213is controlled by the service switch. 1214If the host operating system supports such a switch, 1215and sendmail knows about it, 1216.i sendmail 1217will use the native version. 1218Ultrix, Solaris, and DEC OSF/1 are examples of such systems\**. 1219.(f 1220\**HP-UX 10 has service switch support, 1221but since the APIs are apparently not available in the libraries 1222.i sendmail 1223does not use the native service switch in this release. 1224.)f 1225.pp 1226If the underlying operating system does not support a service switch 1227(e.g., SunOS 4.X, HP-UX, BSD) 1228then 1229.i sendmail 1230will provide a stub implementation. 1231The 1232.b ServiceSwitchFile 1233option points to the name of a file that has the service definitions. 1234Each line has the name of a service 1235and the possible implementations of that service. 1236For example, the file: 1237.(b 1238hosts dns files nis 1239aliases files nis 1240.)b 1241will ask 1242.i sendmail 1243to look for hosts in the Domain Name System first. 1244If the requested host name is not found, 1245it tries local files, 1246and if that fails it tries NIS. 1247Similarly, 1248when looking for aliases 1249it will try the local files first 1250followed by NIS. 1251.pp 1252Service switches are not completely integrated. 1253For example, despite the fact that the host entry listed in the above example 1254specifies to look in NIS, 1255on SunOS this won't happen because the system implementation of 1256.i gethostbyname \|(3) 1257doesn't understand this. 1258If there is enough demand 1259.i sendmail 1260may reimplement 1261.i gethostbyname \|(3), 1262.i gethostbyaddr \|(3), 1263.i getpwent \|(3), 1264and the other system routines that would be necessary 1265to make this work seamlessly. 1266.sh 2 "The Alias Database" 1267.pp 1268After recipient addresses are read from the SMTP connection 1269or command line 1270they are parsed by ruleset 0, 1271which must resolve to a 1272{\c 1273.i mailer , 1274.i host , 1275.i address } 1276triple. 1277If the flags selected by the 1278.i mailer 1279include the 1280.b A 1281(aliasable) flag, 1282the 1283.i address 1284part of the triple is looked up as the key 1285(i.e., the left hand side) 1286into the alias database. 1287If there is a match, the address is deleted from the send queue 1288and all addresses on the right hand side of the alias 1289are added in place of the alias that was found. 1290This is a recursive operation, 1291so aliases found in the right hand side of the alias 1292are similarly expanded. 1293.pp 1294The alias database exists in two forms. 1295One is a text form, 1296maintained in the file 1297.i /etc/mail/aliases. 1298The aliases are of the form 1299.(b 1300name: name1, name2, ... 1301.)b 1302Only local names may be aliased; 1303e.g., 1304.(b 1305eric@prep.ai.MIT.EDU: eric@CS.Berkeley.EDU 1306.)b 1307will not have the desired effect 1308(except on prep.ai.MIT.EDU, 1309and they probably don't want me)\**. 1310.(f 1311\**Actually, any mailer that has the `A' mailer flag set 1312will permit aliasing; 1313this is normally limited to the local mailer. 1314.)f 1315Aliases may be continued by starting any continuation lines 1316with a space or a tab or by putting a backslash directly before 1317the newline. 1318Blank lines and lines beginning with a sharp sign 1319(\c 1320.q # ) 1321are comments. 1322.pp 1323The second form is processed by the 1324.i ndbm \|(3)\** 1325.(f 1326\**The 1327.i gdbm 1328package does not work. 1329.)f 1330or the Berkeley DB library. 1331This form is in the file 1332.i /etc/mail/aliases.db 1333(if using NEWDB) 1334or 1335.i /etc/mail/aliases.dir 1336and 1337.i /etc/mail/aliases.pag 1338(if using NDBM). 1339This is the form that 1340.i sendmail 1341actually uses to resolve aliases. 1342This technique is used to improve performance. 1343.pp 1344The control of search order is actually set by the service switch. 1345Essentially, the entry 1346.(b 1347O AliasFile=switch:aliases 1348.)b 1349is always added as the first alias entry; 1350also, the first alias file name without a class 1351(e.g., without 1352.q nis: 1353on the front) 1354will be used as the name of the file for a ``files'' entry 1355in the aliases switch. 1356For example, if the configuration file contains 1357.(b 1358O AliasFile=/etc/mail/aliases 1359.)b 1360and the service switch contains 1361.(b 1362aliases nis files nisplus 1363.)b 1364then aliases will first be searched in the NIS database, 1365then in /etc/mail/aliases, 1366then in the NIS+ database. 1367.pp 1368You can also use 1369.sm NIS -based 1370alias files. 1371For example, the specification: 1372.(b 1373O AliasFile=/etc/mail/aliases 1374O AliasFile=nis:mail.aliases@my.nis.domain 1375.)b 1376will first search the /etc/mail/aliases file 1377and then the map named 1378.q mail.aliases 1379in 1380.q my.nis.domain . 1381Warning: if you build your own 1382.sm NIS -based 1383alias files, 1384be sure to provide the 1385.b \-l 1386flag to 1387.i makedbm (8) 1388to map upper case letters in the keys to lower case; 1389otherwise, aliases with upper case letters in their names 1390won't match incoming addresses. 1391.pp 1392Additional flags can be added after the colon 1393exactly like a 1394.b K 1395line \(em for example: 1396.(b 1397O AliasFile=nis:\-N mail.aliases@my.nis.domain 1398.)b 1399will search the appropriate NIS map and always include null bytes in the key. 1400Also: 1401.(b 1402O AliasFile=nis:\-f mail.aliases@my.nis.domain 1403.)b 1404will prevent sendmail from downcasing the key before the alias lookup. 1405.sh 3 "Rebuilding the alias database" 1406.pp 1407The 1408.i hash 1409or 1410.i dbm 1411version of the database 1412may be rebuilt explicitly by executing the command 1413.(b 1414newaliases 1415.)b 1416This is equivalent to giving 1417.i sendmail 1418the 1419.b \-bi 1420flag: 1421.(b 1422/usr/\*(SD/sendmail \-bi 1423.)b 1424.pp 1425If the 1426.b RebuildAliases 1427(old 1428.b D ) 1429option is specified in the configuration, 1430.i sendmail 1431will rebuild the alias database automatically 1432if possible 1433when it is out of date. 1434Auto-rebuild can be dangerous 1435on heavily loaded machines 1436with large alias files; 1437if it might take more than the rebuild timeout 1438(option 1439.b AliasWait , 1440old 1441.b a , 1442which is normally five minutes) 1443to rebuild the database, 1444there is a chance that several processes will start the rebuild process 1445simultaneously. 1446.pp 1447If you have multiple aliases databases specified, 1448the 1449.b \-bi 1450flag rebuilds all the database types it understands 1451(for example, it can rebuild NDBM databases but not NIS databases). 1452.sh 3 "Potential problems" 1453.pp 1454There are a number of problems that can occur 1455with the alias database. 1456They all result from a 1457.i sendmail 1458process accessing the DBM version 1459while it is only partially built. 1460This can happen under two circumstances: 1461One process accesses the database 1462while another process is rebuilding it, 1463or the process rebuilding the database dies 1464(due to being killed or a system crash) 1465before completing the rebuild. 1466.pp 1467Sendmail has three techniques to try to relieve these problems. 1468First, it ignores interrupts while rebuilding the database; 1469this avoids the problem of someone aborting the process 1470leaving a partially rebuilt database. 1471Second, 1472it locks the database source file during the rebuild \(em 1473but that may not work over NFS or if the file is unwritable. 1474Third, 1475at the end of the rebuild 1476it adds an alias of the form 1477.(b 1478@: @ 1479.)b 1480(which is not normally legal). 1481Before 1482.i sendmail 1483will access the database, 1484it checks to insure that this entry exists\**. 1485.(f 1486\**The 1487.b AliasWait 1488option is required in the configuration 1489for this action to occur. 1490This should normally be specified. 1491.)f 1492.sh 3 "List owners" 1493.pp 1494If an error occurs on sending to a certain address, 1495say 1496.q \fIx\fP , 1497.i sendmail 1498will look for an alias 1499of the form 1500.q owner-\fIx\fP 1501to receive the errors. 1502This is typically useful 1503for a mailing list 1504where the submitter of the list 1505has no control over the maintenance of the list itself; 1506in this case the list maintainer would be the owner of the list. 1507For example: 1508.(b 1509unix-wizards: eric@ucbarpa, wnj@monet, nosuchuser, 1510 sam@matisse 1511owner-unix-wizards: unix-wizards-request 1512unix-wizards-request: eric@ucbarpa 1513.)b 1514would cause 1515.q eric@ucbarpa 1516to get the error that will occur 1517when someone sends to 1518unix-wizards 1519due to the inclusion of 1520.q nosuchuser 1521on the list. 1522.pp 1523List owners also cause the envelope sender address to be modified. 1524The contents of the owner alias are used if they point to a single user, 1525otherwise the name of the alias itself is used. 1526For this reason, and to obey Internet conventions, 1527the 1528.q owner- 1529address normally points at the 1530.q -request 1531address; this causes messages to go out with the typical Internet convention 1532of using ``\c 1533.i list -request'' 1534as the return address. 1535.sh 2 "User Information Database" 1536.pp 1537If you have a version of 1538.i sendmail 1539with the user information database 1540compiled in, 1541and you have specified one or more databases using the 1542.b U 1543option, 1544the databases will be searched for a 1545.i user :maildrop 1546entry. 1547If found, the mail will be sent to the specified address. 1548.sh 2 "Per-User Forwarding (.forward Files)" 1549.pp 1550As an alternative to the alias database, 1551any user may put a file with the name 1552.q .forward 1553in his or her home directory. 1554If this file exists, 1555.i sendmail 1556redirects mail for that user 1557to the list of addresses listed in the .forward file. 1558Note that aliases are fully expanded before forward files are referenced. 1559For example, if the home directory for user 1560.q mckusick 1561has a .forward file with contents: 1562.(b 1563mckusick@ernie 1564kirk@calder 1565.)b 1566then any mail arriving for 1567.q mckusick 1568will be redirected to the specified accounts. 1569.pp 1570Actually, the configuration file defines a sequence of filenames to check. 1571By default, this is the user's .forward file, 1572but can be defined to be more generally using the 1573.b ForwardPath 1574option. 1575If you change this, 1576you will have to inform your user base of the change; 1577\&.forward is pretty well incorporated into the collective subconscious. 1578.sh 2 "Special Header Lines" 1579.pp 1580Several header lines have special interpretations 1581defined by the configuration file. 1582Others have interpretations built into 1583.i sendmail 1584that cannot be changed without changing the code. 1585These builtins are described here. 1586.sh 3 "Errors-To:" 1587.pp 1588If errors occur anywhere during processing, 1589this header will cause error messages to go to 1590the listed addresses. 1591This is intended for mailing lists. 1592.pp 1593The Errors-To: header was created in the bad old days 1594when UUCP didn't understand the distinction between an envelope and a header; 1595this was a hack to provide what should now be passed 1596as the envelope sender address. 1597It should go away. 1598It is only used if the 1599.b UseErrorsTo 1600option is set. 1601.pp 1602The Errors-To: header is officially deprecated 1603and will go away in a future release. 1604.sh 3 "Apparently-To:" 1605.pp 1606RFC 822 requires at least one recipient field 1607(To:, Cc:, or Bcc: line) 1608in every message. 1609If a message comes in with no recipients listed in the message 1610then 1611.i sendmail 1612will adjust the header based on the 1613.q NoRecipientAction 1614option. 1615One of the possible actions is to add an 1616.q "Apparently-To:" 1617header line for any recipients it is aware of. 1618.pp 1619The Apparently-To: header is non-standard 1620and is deprecated. 1621.sh 3 "Precedence" 1622.pp 1623The Precedence: header can be used as a crude control of message priority. 1624It tweaks the sort order in the queue 1625and can be configured to change the message timeout values. 1626The precedence of a message also controls how 1627delivery status notifications (DSNs) 1628are processed for that message. 1629.sh 2 "IDENT Protocol Support" 1630.pp 1631.i Sendmail 1632supports the IDENT protocol as defined in RFC 1413. 1633Note that the RFC states 1634a client should wait at least 30 seconds for a response. 1635The default Timeout.ident is 5 seconds 1636as many sites have adopted the practice of dropping IDENT queries. 1637This has lead to delays processing mail. 1638Although this enhances identification 1639of the author of an email message 1640by doing a ``call back'' to the originating system to include 1641the owner of a particular TCP connection 1642in the audit trail 1643it is in no sense perfect; 1644a determined forger can easily spoof the IDENT protocol. 1645The following description is excerpted from RFC 1413: 1646.ba +5 1647.lp 16486. Security Considerations 1649.lp 1650The information returned by this protocol is at most as trustworthy 1651as the host providing it OR the organization operating the host. For 1652example, a PC in an open lab has few if any controls on it to prevent 1653a user from having this protocol return any identifier the user 1654wants. Likewise, if the host has been compromised the information 1655returned may be completely erroneous and misleading. 1656.lp 1657The Identification Protocol is not intended as an authorization or 1658access control protocol. At best, it provides some additional 1659auditing information with respect to TCP connections. At worst, it 1660can provide misleading, incorrect, or maliciously incorrect 1661information. 1662.lp 1663The use of the information returned by this protocol for other than 1664auditing is strongly discouraged. Specifically, using Identification 1665Protocol information to make access control decisions - either as the 1666primary method (i.e., no other checks) or as an adjunct to other 1667methods may result in a weakening of normal host security. 1668.lp 1669An Identification server may reveal information about users, 1670entities, objects or processes which might normally be considered 1671private. An Identification server provides service which is a rough 1672analog of the CallerID services provided by some phone companies and 1673many of the same privacy considerations and arguments that apply to 1674the CallerID service apply to Identification. If you wouldn't run a 1675"finger" server due to privacy considerations you may not want to run 1676this protocol. 1677.ba 1678.lp 1679In some cases your system may not work properly with IDENT support 1680due to a bug in the TCP/IP implementation. 1681The symptoms will be that for some hosts 1682the SMTP connection will be closed 1683almost immediately. 1684If this is true or if you do not want to use IDENT, 1685you should set the IDENT timeout to zero; 1686this will disable the IDENT protocol. 1687.sh 1 "ARGUMENTS" 1688.pp 1689The complete list of arguments to 1690.i sendmail 1691is described in detail in Appendix A. 1692Some important arguments are described here. 1693.sh 2 "Queue Interval" 1694.pp 1695The amount of time between forking a process 1696to run through the queue 1697is defined by the 1698.b \-q 1699flag. 1700If you run with delivery mode set to 1701.b i 1702or 1703.b b 1704this can be relatively large, 1705since it will only be relevant 1706when a host that was down comes back up. 1707If you run in 1708.b q 1709mode 1710it should be relatively short, 1711since it defines the maximum amount of time that a message 1712may sit in the queue. 1713(See also the MinQueueAge option.) 1714.pp 1715RFC 1123 section 5.3.1.1 says that this value should be at least 30 minutes 1716(although that probably doesn't make sense if you use ``queue-only'' mode). 1717.sh 2 "Daemon Mode" 1718.pp 1719If you allow incoming mail over an IPC connection, 1720you should have a daemon running. 1721This should be set by your 1722.i /etc/rc 1723file using the 1724.b \-bd 1725flag. 1726The 1727.b \-bd 1728flag and the 1729.b \-q 1730flag may be combined in one call: 1731.(b 1732/usr/\*(SD/sendmail \-bd \-q30m 1733.)b 1734.pp 1735An alternative approach is to invoke sendmail from 1736.i inetd (8) 1737(use the 1738.b \-bs 1739flag to ask sendmail to speak SMTP on its standard input and output). 1740This works and allows you to wrap 1741.i sendmail 1742in a TCP wrapper program, 1743but may be a bit slower since the configuration file 1744has to be re-read on every message that comes in. 1745If you do this, you still need to have a 1746.i sendmail 1747running to flush the queue: 1748.(b 1749/usr/\*(SD/sendmail \-q30m 1750.)b 1751.sh 2 "Forcing the Queue" 1752.pp 1753In some cases you may find that the queue has gotten clogged for some reason. 1754You can force a queue run 1755using the 1756.b \-q 1757flag (with no value). 1758It is entertaining to use the 1759.b \-v 1760flag (verbose) 1761when this is done to watch what happens: 1762.(b 1763/usr/\*(SD/sendmail \-q \-v 1764.)b 1765.pp 1766You can also limit the jobs to those with a particular queue identifier, 1767sender, or recipient 1768using one of the queue modifiers. 1769For example, 1770.q \-qRberkeley 1771restricts the queue run to jobs that have the string 1772.q berkeley 1773somewhere in one of the recipient addresses. 1774Similarly, 1775.q \-qSstring 1776limits the run to particular senders and 1777.q \-qIstring 1778limits it to particular queue identifiers. 1779.sh 2 "Debugging" 1780.pp 1781There are a fairly large number of debug flags 1782built into 1783.i sendmail . 1784Each debug flag has a number and a level, 1785where higher levels means to print out more information. 1786The convention is that levels greater than nine are 1787.q absurd, 1788i.e., 1789they print out so much information that you wouldn't normally 1790want to see them except for debugging that particular piece of code. 1791Debug flags are set using the 1792.b \-d 1793option; 1794the syntax is: 1795.(b 1796.ta \w'debug-option 'u 1797debug-flag: \fB\-d\fP debug-list 1798debug-list: debug-option [ , debug-option ]* 1799debug-option: debug-range [ . debug-level ] 1800debug-range: integer | integer \- integer 1801debug-level: integer 1802.)b 1803where spaces are for reading ease only. 1804For example, 1805.(b 1806\-d12 Set flag 12 to level 1 1807\-d12.3 Set flag 12 to level 3 1808\-d3\-17 Set flags 3 through 17 to level 1 1809\-d3\-17.4 Set flags 3 through 17 to level 4 1810.)b 1811For a complete list of the available debug flags 1812you will have to look at the code 1813and the 1814.i TRACEFLAGS 1815file in the sendmail distribution 1816(they are too dynamic to keep this document up to date). 1817.sh 2 "Changing the Values of Options" 1818.pp 1819Options can be overridden using the 1820.b \-o 1821or 1822.b \-O 1823command line flags. 1824For example, 1825.(b 1826/usr/\*(SD/sendmail \-oT2m 1827.)b 1828sets the 1829.b T 1830(timeout) option to two minutes 1831for this run only; 1832the equivalent line using the long option name is 1833.(b 1834/usr/\*(SD/sendmail -OTimeout.queuereturn=2m 1835.)b 1836.pp 1837Some options have security implications. 1838Sendmail allows you to set these, 1839but relinquishes its setuid root permissions thereafter\**. 1840.(f 1841\**That is, it sets its effective uid to the real uid; 1842thus, if you are executing as root, 1843as from root's crontab file or during system startup 1844the root permissions will still be honored. 1845.)f 1846.sh 2 "Trying a Different Configuration File" 1847.pp 1848An alternative configuration file 1849can be specified using the 1850.b \-C 1851flag; for example, 1852.(b 1853/usr/\*(SD/sendmail \-Ctest.cf \-oQ/tmp/mqueue 1854.)b 1855uses the configuration file 1856.i test.cf 1857instead of the default 1858.i /etc/mail/sendmail.cf. 1859If the 1860.b \-C 1861flag has no value 1862it defaults to 1863.i sendmail.cf 1864in the current directory. 1865.pp 1866.i Sendmail 1867gives up its setuid root permissions 1868when you use this flag, so it is common to use a publicly writable directory 1869(such as /tmp) 1870as the queue directory (QueueDirectory or Q option) while testing. 1871.sh 2 "Logging Traffic" 1872.pp 1873Many SMTP implementations do not fully implement the protocol. 1874For example, some personal computer based SMTPs 1875do not understand continuation lines in reply codes. 1876These can be very hard to trace. 1877If you suspect such a problem, you can set traffic logging using the 1878.b \-X 1879flag. 1880For example, 1881.(b 1882/usr/\*(SD/sendmail \-X /tmp/traffic \-bd 1883.)b 1884will log all traffic in the file 1885.i /tmp/traffic . 1886.pp 1887This logs a lot of data very quickly and should 1888.b NEVER 1889be used 1890during normal operations. 1891After starting up such a daemon, 1892force the errant implementation to send a message to your host. 1893All message traffic in and out of 1894.i sendmail , 1895including the incoming SMTP traffic, 1896will be logged in this file. 1897.sh 2 "Testing Configuration Files" 1898.pp 1899When you build a configuration table, 1900you can do a certain amount of testing 1901using the 1902.q "test mode" 1903of 1904.i sendmail . 1905For example, 1906you could invoke 1907.i sendmail 1908as: 1909.(b 1910sendmail \-bt \-Ctest.cf 1911.)b 1912which would read the configuration file 1913.q test.cf 1914and enter test mode. 1915In this mode, 1916you enter lines of the form: 1917.(b 1918rwset address 1919.)b 1920where 1921.i rwset 1922is the rewriting set you want to use 1923and 1924.i address 1925is an address to apply the set to. 1926Test mode shows you the steps it takes 1927as it proceeds, 1928finally showing you the address it ends up with. 1929You may use a comma separated list of rwsets 1930for sequential application of rules to an input. 1931For example: 1932.(b 19333,1,21,4 monet:bollard 1934.)b 1935first applies ruleset three to the input 1936.q monet:bollard. 1937Ruleset one is then applied to the output of ruleset three, 1938followed similarly by rulesets twenty-one and four. 1939.pp 1940If you need more detail, 1941you can also use the 1942.q \-d21 1943flag to turn on more debugging. 1944For example, 1945.(b 1946sendmail \-bt \-d21.99 1947.)b 1948turns on an incredible amount of information; 1949a single word address 1950is probably going to print out several pages worth of information. 1951.pp 1952You should be warned that internally, 1953.i sendmail 1954applies ruleset 3 to all addresses. 1955In test mode 1956you will have to do that manually. 1957For example, older versions allowed you to use 1958.(b 19590 bruce@broadcast.sony.com 1960.)b 1961This version requires that you use: 1962.(b 19633,0 bruce@broadcast.sony.com 1964.)b 1965.pp 1966As of version 8.7, 1967some other syntaxes are available in test mode: 1968.bu 1969\&.D\|x\|value 1970defines macro 1971.i x 1972to have the indicated 1973.i value . 1974This is useful when debugging rules that use the 1975.b $& \c 1976.i x 1977syntax. 1978.bu 1979\&.C\|c\|value 1980adds the indicated 1981.i value 1982to class 1983.i c . 1984.bu 1985\&.S\|ruleset 1986dumps the contents of the indicated ruleset. 1987.bu 1988\-d\|debug-spec 1989is equivalent to the command-line flag. 1990.sh 2 "Persistent Host Status Information" 1991.pp 1992When 1993.b HostStatusDirectory 1994is enabled, 1995information about the status of hosts is maintained on disk 1996and can thus be shared between different instantiations of 1997.i sendmail . 1998The status of the last connection with each remote host 1999may be viewed with the command: 2000.(b 2001sendmail \-bh 2002.)b 2003This information may be flushed with the command: 2004.(b 2005sendmail \-bH 2006.)b 2007Flushing the information prevents new 2008.i sendmail 2009processes from loading it, 2010but does not prevent existing processes from using the status information 2011that they already have. 2012.sh 1 "TUNING" 2013.pp 2014There are a number of configuration parameters 2015you may want to change, 2016depending on the requirements of your site. 2017Most of these are set 2018using an option in the configuration file. 2019For example, 2020the line 2021.q "O Timeout.queuereturn=5d" 2022sets option 2023.q Timeout.queuereturn 2024to the value 2025.q 5d 2026(five days). 2027.pp 2028Most of these options have appropriate defaults for most sites. 2029However, 2030sites having very high mail loads may find they need to tune them 2031as appropriate for their mail load. 2032In particular, 2033sites experiencing a large number of small messages, 2034many of which are delivered to many recipients, 2035may find that they need to adjust the parameters 2036dealing with queue priorities. 2037.pp 2038All versions of 2039.i sendmail 2040prior to 8.7 2041had single character option names. 2042As of 8.7, 2043options have long (multi-character names). 2044Although old short names are still accepted, 2045most new options do not have short equivalents. 2046.pp 2047This section only describes the options you are most likely 2048to want to tweak; 2049read section 2050.\"XREF 20515 2052for more details. 2053.sh 2 "Timeouts" 2054.pp 2055All time intervals are set 2056using a scaled syntax. 2057For example, 2058.q 10m 2059represents ten minutes, whereas 2060.q 2h30m 2061represents two and a half hours. 2062The full set of scales is: 2063.(b 2064.ta 4n 2065s seconds 2066m minutes 2067h hours 2068d days 2069w weeks 2070.)b 2071.sh 3 "Queue interval" 2072.pp 2073The argument to the 2074.b \-q 2075flag 2076specifies how often a sub-daemon will run the queue. 2077This is typically set to between fifteen minutes 2078and one hour. 2079If not set, 2080or set to zero, 2081the queue will not be run automatically. 2082RFC 1123 section 5.3.1.1 recommends that this be at least 30 minutes. 2083.sh 3 "Read timeouts" 2084.pp 2085Timeouts all have option names 2086.q Timeout.\fIsuboption\fP . 2087The recognized 2088.i suboption s, 2089their default values, and the minimum values 2090allowed by RFC 1123 section 5.3.2 are: 2091.nr ii 1i 2092.ip connect 2093The time to wait for an SMTP connection to open 2094(the 2095.i connect (2) 2096system call) 2097[0, unspecified]. 2098If zero, uses the kernel default. 2099In no case can this option extend the timeout 2100longer than the kernel provides, but it can shorten it. 2101This is to get around kernels that provide an absurdly long connection timeout 2102(90 minutes in one case). 2103.ip iconnect 2104The same as 2105.i connect, 2106except it applies only to the initial attempt to connect to a host 2107for a given message 2108[0, unspecified]. 2109The concept is that this should be very short (a few seconds); 2110hosts that are well connected and responsive will thus be serviced immediately. 2111Hosts that are slow will not hold up other deliveries in the initial 2112delivery attempt. 2113.ip initial 2114The wait for the initial 220 greeting message 2115[5m, 5m]. 2116.ip helo 2117The wait for a reply from a HELO or EHLO command 2118[5m, unspecified]. 2119This may require a host name lookup, so 2120five minutes is probably a reasonable minimum. 2121.ip mail\(dg 2122The wait for a reply from a MAIL command 2123[10m, 5m]. 2124.ip rcpt\(dg 2125The wait for a reply from a RCPT command 2126[1h, 5m]. 2127This should be long 2128because it could be pointing at a list 2129that takes a long time to expand 2130(see below). 2131.ip datainit\(dg 2132The wait for a reply from a DATA command 2133[5m, 2m]. 2134.ip datablock\(dg\(dd 2135The wait for reading a data block 2136(that is, the body of the message). 2137[1h, 3m]. 2138This should be long because it also applies to programs 2139piping input to 2140.i sendmail 2141which have no guarantee of promptness. 2142.ip datafinal\(dg 2143The wait for a reply from the dot terminating a message. 2144[1h, 10m]. 2145If this is shorter than the time actually needed 2146for the receiver to deliver the message, 2147duplicates will be generated. 2148This is discussed in RFC 1047. 2149.ip rset 2150The wait for a reply from a RSET command 2151[5m, unspecified]. 2152.ip quit 2153The wait for a reply from a QUIT command 2154[2m, unspecified]. 2155.ip misc 2156The wait for a reply from miscellaneous (but short) commands 2157such as NOOP (no-operation) and VERB (go into verbose mode). 2158[2m, unspecified]. 2159.ip command\(dg\(dd 2160In server SMTP, 2161the time to wait for another command. 2162[1h, 5m]. 2163.ip ident\(dd 2164The timeout waiting for a reply to an IDENT query 2165[30s\**, unspecified]. 2166.(f 2167\**On some systems the default is zero to turn the protocol off entirely. 2168.)f 2169.ip fileopen\(dd 2170The timeout for opening .forward and :include: files [60s, none]. 2171.ip control\(dd 2172The timeout for a complete control socket transaction to complete [2m, none]. 2173.ip hoststatus\(dd 2174How long status information about a host 2175(e.g., host down) 2176will be cached before it is considered stale 2177[30m, unspecified]. 2178.ip resolver.retrans 2179The resolver's 2180retransmission time interval 2181(in seconds) 2182[varies]. 2183Sets both 2184.i Timeout.resolver.retrans.first 2185and 2186.i Timeout.resolver.retrans.normal . 2187.ip resolver.retrans.first 2188The resolver's 2189retransmission time interval 2190(in seconds) 2191for the first attempt to 2192deliver a message 2193[varies]. 2194.ip resolver.retrans.normal 2195The resolver's 2196retransmission time interval 2197(in seconds) 2198for all resolver lookups 2199except the first delivery attempt 2200[varies]. 2201.ip resolver.retry 2202The number of times 2203to retransmit a resolver query. 2204Sets both 2205.i Timeout.resolver.retry.first 2206and 2207.i Timeout.resolver.retry.normal 2208[varies]. 2209.ip resolver.retry.first 2210The number of times 2211to retransmit a resolver query 2212for the first attempt 2213to deliver a message 2214[varies]. 2215.ip resolver.retry.normal 2216The number of times 2217to retransmit a resolver query 2218for all resolver lookups 2219 except the first delivery attempt 2220[varies]. 2221.lp 2222For compatibility with old configuration files, 2223if no 2224.i suboption 2225is specified, 2226all the timeouts marked with 2227.DG 2228(\(dg) are set to the indicated value. 2229All but those marked with 2230.DD 2231(\(dd) apply to client SMTP. 2232.pp 2233Many of the RFC 1123 minimum values 2234may well be too short. 2235.i Sendmail 2236was designed to the RFC 822 protocols, 2237which did not specify read timeouts; 2238hence, versions of 2239.i sendmail 2240prior to version 8.1 did not guarantee to reply to messages promptly. 2241In particular, a 2242.q RCPT 2243command specifying a mailing list 2244will expand and verify the entire list; 2245a large list on a slow system 2246may easily take more than five minutes\**. 2247.(f 2248\**This verification includes looking up every address 2249with the name server; 2250this involves network delays, 2251and can in some cases can be considerable. 2252.)f 2253I recommend a one hour timeout \*- 2254since a communications failure during the RCPT phase is rare, 2255a long timeout is not onerous 2256and may ultimately help reduce network load 2257and duplicated messages. 2258.pp 2259For example, the lines: 2260.(b 2261O Timeout.command=25m 2262O Timeout.datablock=3h 2263.)b 2264sets the server SMTP command timeout to 25 minutes 2265and the input data block timeout to three hours. 2266.sh 3 "Message timeouts" 2267.pp 2268After sitting in the queue for a few days, 2269a message will time out. 2270This is to insure that at least the sender is aware 2271of the inability to send a message. 2272The timeout is typically set to five days. 2273It is sometimes considered convenient to also send a warning message 2274if the message is in the queue longer than a few hours 2275(assuming you normally have good connectivity; 2276if your messages normally took several hours to send 2277you wouldn't want to do this because it wouldn't be an unusual event). 2278These timeouts are set using the 2279.b Timeout.queuereturn 2280and 2281.b Timeout.queuewarn 2282options in the configuration file 2283(previously both were set using the 2284.b T 2285option). 2286.pp 2287If the message is submitted using the 2288.sm NOTIFY 2289.sm SMTP 2290extension, 2291warning messages will only be sent if 2292.sm NOTIFY=DELAY 2293is specified. 2294The queuereturn and queuewarn timeouts 2295can be further qualified with a tag based on the Precedence: field 2296in the message; 2297they must be one of 2298.q urgent 2299(indicating a positive non-zero precedence) 2300.q normal 2301(indicating a zero precedence), or 2302.q non-urgent 2303(indicating negative precedences). 2304For example, setting 2305.q Timeout.queuewarn.urgent=1h 2306sets the warning timeout for urgent messages only 2307to one hour. 2308The default if no precedence is indicated 2309is to set the timeout for all precedences. 2310The value "now" can be used for 2311-O Timeout.queuereturn 2312to return entries immediately during a queue run, 2313e.g., to bounce messages independent of their time in the queue. 2314.pp 2315Since these options are global, 2316and since you can not know 2317.i "a priori" 2318how long another host outside your domain will be down, 2319a five day timeout is recommended. 2320This allows a recipient to fix the problem even if it occurs 2321at the beginning of a long weekend. 2322RFC 1123 section 5.3.1.1 says that this parameter 2323should be ``at least 4\-5 days''. 2324.pp 2325The 2326.b Timeout.queuewarn 2327value can be piggybacked on the 2328.b T 2329option by indicating a time after which 2330a warning message should be sent; 2331the two timeouts are separated by a slash. 2332For example, the line 2333.(b 2334OT5d/4h 2335.)b 2336causes email to fail after five days, 2337but a warning message will be sent after four hours. 2338This should be large enough that the message will have been tried 2339several times. 2340.sh 2 "Forking During Queue Runs" 2341.pp 2342By setting the 2343.b ForkEachJob 2344(\c 2345.b Y ) 2346option, 2347.i sendmail 2348will fork before each individual message 2349while running the queue. 2350This will prevent 2351.i sendmail 2352from consuming large amounts of memory, 2353so it may be useful in memory-poor environments. 2354However, if the 2355.b ForkEachJob 2356option is not set, 2357.i sendmail 2358will keep track of hosts that are down during a queue run, 2359which can improve performance dramatically. 2360.pp 2361If the 2362.b ForkEachJob 2363option is set, 2364.i sendmail 2365can not use connection caching. 2366.sh 2 "Queue Priorities" 2367.pp 2368Every message is assigned a priority when it is first instantiated, 2369consisting of the message size (in bytes) 2370offset by the message class 2371(which is determined from the Precedence: header) 2372times the 2373.q "work class factor" 2374and the number of recipients times the 2375.q "work recipient factor." 2376The priority is used to order the queue. 2377Higher numbers for the priority mean that the message will be processed later 2378when running the queue. 2379.pp 2380The message size is included so that large messages are penalized 2381relative to small messages. 2382The message class allows users to send 2383.q "high priority" 2384messages by including a 2385.q Precedence: 2386field in their message; 2387the value of this field is looked up in the 2388.b P 2389lines of the configuration file. 2390Since the number of recipients affects the amount of load a message presents 2391to the system, 2392this is also included into the priority. 2393.pp 2394The recipient and class factors 2395can be set in the configuration file using the 2396.b RecipientFactor 2397(\c 2398.b y ) 2399and 2400.b ClassFactor 2401(\c 2402.b z ) 2403options respectively. 2404They default to 30000 (for the recipient factor) 2405and 1800 2406(for the class factor). 2407The initial priority is: 2408.EQ 2409pri = msgsize - (class times bold ClassFactor) + (nrcpt times bold RecipientFactor) 2410.EN 2411(Remember, higher values for this parameter actually mean 2412that the job will be treated with lower priority.) 2413.pp 2414The priority of a job can also be adjusted each time it is processed 2415(that is, each time an attempt is made to deliver it) 2416using the 2417.q "work time factor," 2418set by the 2419.b RetryFactor 2420(\c 2421.b Z ) 2422option. 2423This is added to the priority, 2424so it normally decreases the precedence of the job, 2425on the grounds that jobs that have failed many times 2426will tend to fail again in the future. 2427The 2428.b RetryFactor 2429option defaults to 90000. 2430.sh 2 "Load Limiting" 2431.pp 2432.i Sendmail 2433can be asked to queue (but not deliver) 2434mail if the system load average gets too high 2435using the 2436.b QueueLA 2437(\c 2438.b x ) 2439option. 2440When the load average exceeds the value of the 2441.b QueueLA 2442option, 2443the delivery mode is set to 2444.b q 2445(queue only) 2446if the 2447.b QueueFactor 2448(\c 2449.b q ) 2450option divided by the difference in the current load average and the 2451.b QueueLA 2452option 2453plus one 2454is less than the priority of the message \(em 2455that is, the message is queued iff: 2456.EQ 2457pri > { bold QueueFactor } over { LA - { bold QueueLA } + 1 } 2458.EN 2459The 2460.b QueueFactor 2461option defaults to 600000, 2462so each point of load average is worth 600000 2463priority points 2464(as described above). 2465.pp 2466For drastic cases, 2467the 2468.b RefuseLA 2469(\c 2470.b X ) 2471option defines a load average at which 2472.i sendmail 2473will refuse 2474to accept network connections. 2475Locally generated mail 2476(including incoming UUCP mail) 2477is still accepted. 2478.sh 2 "Delivery Mode" 2479.pp 2480There are a number of delivery modes that 2481.i sendmail 2482can operate in, 2483set by the 2484.b DeliveryMode 2485(\c 2486.b d ) 2487configuration option. 2488These modes 2489specify how quickly mail will be delivered. 2490Legal modes are: 2491.(b 2492.ta 4n 2493i deliver interactively (synchronously) 2494b deliver in background (asynchronously) 2495q queue only (don't deliver) 2496d defer delivery attempts (don't deliver) 2497.)b 2498There are tradeoffs. 2499Mode 2500.q i 2501gives the sender the quickest feedback, 2502but may slow down some mailers and 2503is hardly ever necessary. 2504Mode 2505.q b 2506delivers promptly but 2507can cause large numbers of processes 2508if you have a mailer that takes a long time to deliver a message. 2509Mode 2510.q q 2511minimizes the load on your machine, 2512but means that delivery may be delayed for up to the queue interval. 2513Mode 2514.q d 2515is identical to mode 2516.q q 2517except that it also prevents all the early map lookups from working; 2518it is intended for ``dial on demand'' sites where DNS lookups 2519might cost real money. 2520Some simple error messages 2521(e.g., host unknown during the SMTP protocol) 2522will be delayed using this mode. 2523Mode 2524.q b 2525is the usual default. 2526.pp 2527If you run in mode 2528.q q 2529(queue only), 2530.q d 2531(defer), 2532or 2533.q b 2534(deliver in background) 2535.i sendmail 2536will not expand aliases and follow .forward files 2537upon initial receipt of the mail. 2538This speeds up the response to RCPT commands. 2539Mode 2540.q i 2541cannot be used by the SMTP server. 2542.sh 2 "Log Level" 2543.pp 2544The level of logging can be set for 2545.i sendmail . 2546The default using a standard configuration table is level 9. 2547The levels are as follows: 2548.nr ii 0.5i 2549.ip 0 2550Minimal logging. 2551.ip 1 2552Serious system failures and potential security problems. 2553.ip 2 2554Lost communications (network problems) and protocol failures. 2555.ip 3 2556Other serious failures, malformed addresses, transient forward/include 2557errors, connection timeouts. 2558.ip 4 2559Minor failures, out of date alias databases, connection rejections 2560via check_ rulesets. 2561.ip 5 2562Message collection statistics. 2563.ip 6 2564Creation of error messages, 2565VRFY and EXPN commands. 2566.ip 7 2567Delivery failures (host or user unknown, etc.). 2568.ip 8 2569Successful deliveries and alias database rebuilds. 2570.ip 9 2571Messages being deferred 2572(due to a host being down, etc.). 2573.ip 10 2574Database expansion (alias, forward, and userdb lookups) 2575and authentication information. 2576.ip 11 2577NIS errors and end of job processing. 2578.ip 12 2579Logs all SMTP connections. 2580.ip 13 2581Log bad user shells, files with improper permissions, and other 2582questionable situations. 2583.ip 14 2584Logs refused connections. 2585.ip 15 2586Log all incoming and outgoing SMTP commands. 2587.ip 20 2588Logs attempts to run locked queue files. 2589These are not errors, 2590but can be useful to note if your queue appears to be clogged. 2591.ip 30 2592Lost locks (only if using lockf instead of flock). 2593.lp 2594Additionally, 2595values above 64 are reserved for extremely verbose debugging output. 2596No normal site would ever set these. 2597.sh 2 "File Modes" 2598.pp 2599The modes used for files depend on what functionality you want 2600and the level of security you require. 2601In many cases 2602.i sendmail 2603does careful checking of the modes 2604of files and directories 2605to avoid accidental compromise; 2606if you want to make it possible to have group-writable support files 2607you may need to use the 2608.b DontBlameSendmail 2609option to turn off some of these checks. 2610.sh 3 "To suid or not to suid?" 2611.pp 2612.i Sendmail 2613is normally installed 2614setuid to root. 2615At the point where it is about to 2616.i exec \|(2) 2617a mailer, 2618it checks to see if the userid is zero (root); 2619if so, 2620it resets the userid and groupid to a default 2621(set by the 2622.b U= 2623equate in the mailer line; 2624if that is not set, the 2625.b DefaultUser 2626option is used). 2627This can be overridden 2628by setting the 2629.b S 2630flag to the mailer 2631for mailers that are trusted 2632and must be called as root. 2633However, 2634this will cause mail processing 2635to be accounted 2636(using 2637.i sa \|(8)) 2638to root 2639rather than to the user sending the mail. 2640.pp 2641If you don't make 2642.i sendmail 2643setuid to root, it will still run but you lose a lot of functionality 2644and a lot of privacy, since you'll have to make the queue directory 2645world readable. 2646You could also make 2647.i sendmail 2648setuid to some pseudo-user 2649(e.g., create a user called 2650.q sendmail 2651and make 2652.i sendmail 2653setuid to that) 2654which will fix the privacy problems 2655but not the functionality issues. 2656It also introduces problems on some operating systems 2657if sendmail needs to give up the setuid special privileges. 2658Also, this isn't a guarantee of security: 2659for example, 2660root occasionally sends mail, 2661and the daemon often runs as root. 2662Note however that 2663.i sendmail 2664must run as root or the trusted user in order to create the SMTP listener 2665socket. 2666.pp 2667A middle ground is to make 2668.i sendmail 2669setuid to root, 2670but set the 2671.b RunAsUser 2672option. 2673This causes 2674.i sendmail 2675to become the indicated user as soon as it has done the startup 2676that requires root privileges 2677(primarily, opening the 2678.sm SMTP 2679socket). 2680If you use 2681.b RunAsUser , 2682the queue directory 2683(normally 2684.i /var/spool/mqueue ) 2685should be owned by that user, 2686and all files and databases 2687(including user 2688.i \&.forward 2689files, 2690alias files, 2691:include: files, 2692and external databases) 2693must be readable by that user. 2694Also, since sendmail will not be able to change it's uid, 2695delivery to programs or files will be marked as unsafe, 2696e.g., undeliverable, 2697in 2698.i \&.forward , 2699aliases, 2700and :include: files. 2701Administrators can override this by setting the 2702.b DontBlameSendmail 2703option to the setting 2704.b NonRootSafeAddr . 2705.b RunAsUser 2706is probably best suited for firewall configurations 2707that don't have regular user logins. 2708.sh 3 "Turning off security checks" 2709.pp 2710.i Sendmail 2711is very particular about the modes of files that it reads or writes. 2712For example, by default it will refuse to read most files 2713that are group writable 2714on the grounds that they might have been tampered with 2715by someone other than the owner; 2716it will even refuse to read files in group writable directories. 2717.pp 2718If you are 2719.i quite 2720sure that your configuration is safe and you want 2721.i sendmail 2722to avoid these security checks, 2723you can turn off certain checks using the 2724.b DontBlameSendmail 2725option. 2726This option takes one or more names that disable checks. 2727In the descriptions that follow, 2728.q "unsafe directory" 2729means a directory that is writable by anyone other than the owner. 2730The values are: 2731.nr ii 0.5i 2732.ip Safe 2733No special handling. 2734.ip AssumeSafeChown 2735Assume that the 2736.i chown 2737system call is restricted to root. 2738Since some versions of UNIX permit regular users 2739to give away their files to other users on some filesystems, 2740.i sendmail 2741often cannot assume that a given file was created by the owner, 2742particularly when it is in a writable directory. 2743You can set this flag if you know that file giveaway is restricted 2744on your system. 2745.ip ClassFileInUnsafeDirPath 2746When reading class files (using the 2747.b F 2748line in the configuration file), 2749allow files that are in unsafe directories. 2750.ip DontWarnForwardFileInUnsafeDirPath 2751Prevent logging of 2752unsafe directory path warnings 2753for non-existent forward files. 2754.ip ErrorHeaderInUnsafeDirPath 2755Allow the file named in the 2756.b ErrorHeader 2757option to be in an unsafe directory. 2758.ip FileDeliveryToHardLink 2759Allow delivery to files that are hard links. 2760.ip FileDeliveryToSymLink 2761Allow delivery to files that are symbolic links. 2762.ip ForwardFileInGroupWritableDirPath 2763Allow 2764.i \&.forward 2765files in group writable directories. 2766.ip ForwardFileInUnsafeDirPath 2767Allow 2768.i \&.forward 2769files in unsafe directories. 2770.ip ForwardFileInUnsafeDirPathSafe 2771Allow a 2772.i \&.forward 2773file that is in an unsafe directory to include references 2774to program and files. 2775.ip GroupWritableAliasFile 2776Allow group-writable alias files. 2777.ip GroupWritableDirPathSafe 2778Change the definition of 2779.q "unsafe directory" 2780to consider group-writable directories to be safe. 2781World-writable directories are always unsafe. 2782.ip GroupWritableForwardFileSafe 2783Accept group-writable 2784.i \&.forward 2785files as safe for program and file delivery. 2786.ip GroupWritableIncludeFileSafe 2787Accept group-writable 2788.i :include: 2789files as safe for program and file delivery. 2790.ip HelpFileInUnsafeDirPath 2791Allow the file named in the 2792.b HelpFile 2793option to be in an unsafe directory. 2794.ip IncludeFileInGroupWritableDirPath 2795Allow 2796.i :include: 2797files in group writable directories. 2798.ip IncludeFileInUnsafeDirPath 2799Allow 2800.i :include: 2801files in unsafe directories. 2802.ip IncludeFileInUnsafeDirPathSafe 2803Allow a 2804.i :include: 2805file that is in an unsafe directory to include references 2806to program and files. 2807.ip InsufficientEntropy 2808Try to use STARTTLS even if the PRNG for OpenSSL is not properly seeded 2809despite the security problems. 2810.ip LinkedAliasFileInWritableDir 2811Allow an alias file that is a link in a writable directory. 2812.ip LinkedClassFileInWritableDir 2813Allow class files that are links in writable directories. 2814.ip LinkedForwardFileInWritableDir 2815Allow 2816.i \&.forward 2817files that are links in writable directories. 2818.ip LinkedIncludeFileInWritableDir 2819Allow 2820.i :include: 2821files that are links in writable directories. 2822.ip LinkedMapInWritableDir 2823Allow map files that are links in writable directories. 2824.ip LinkedServiceSwitchFileInWritableDir 2825Allow the service switch file to be a link 2826even if the directory is writable. 2827.ip MapInUnsafeDirPath 2828Allow maps (e.g., 2829.i hash , 2830.i btree , 2831and 2832.i dbm 2833files) 2834in unsafe directories. 2835.ip NonRootSafeAddr 2836Do not mark file and program deliveries as unsafe 2837if sendmail is not running with root privileges. 2838.ip RunProgramInUnsafeDirPath 2839Go ahead and run programs that are in writable directories. 2840.ip RunWritableProgram 2841Go ahead and run programs that are group- or world-writable. 2842.ip TrustStickyBit 2843Allow group or world writable directories 2844if the sticky bit is set on the directory. 2845Do not set this on systems which do not honor 2846the sticky bit on directories. 2847.ip WorldWritableAliasFile 2848Accept world-writable alias files. 2849.ip WriteMapToHardLink 2850Allow writes to maps that are hard links. 2851.ip WriteMapToSymLink 2852Allow writes to maps that are symbolic links. 2853.ip WriteStatsToHardLink 2854Allow the status file to be a hard link. 2855.ip WriteStatsToSymLink 2856Allow the status file to be a symbolic link. 2857.sh 2 "Connection Caching" 2858.pp 2859When processing the queue, 2860.i sendmail 2861will try to keep the last few open connections open 2862to avoid startup and shutdown costs. 2863This only applies to IPC connections. 2864.pp 2865When trying to open a connection 2866the cache is first searched. 2867If an open connection is found, it is probed to see if it is still active 2868by sending a 2869.sm RSET 2870command. 2871It is not an error if this fails; 2872instead, the connection is closed and reopened. 2873.pp 2874Two parameters control the connection cache. 2875The 2876.b ConnectionCacheSize 2877(\c 2878.b k ) 2879option defines the number of simultaneous open connections 2880that will be permitted. 2881If it is set to zero, 2882connections will be closed as quickly as possible. 2883The default is one. 2884This should be set as appropriate for your system size; 2885it will limit the amount of system resources that 2886.i sendmail 2887will use during queue runs. 2888Never set this higher than 4. 2889.pp 2890The 2891.b ConnectionCacheTimeout 2892(\c 2893.b K ) 2894option specifies the maximum time that any cached connection 2895will be permitted to idle. 2896When the idle time exceeds this value 2897the connection is closed. 2898This number should be small 2899(under ten minutes) 2900to prevent you from grabbing too many resources 2901from other hosts. 2902The default is five minutes. 2903.sh 2 "Name Server Access" 2904.pp 2905Control of host address lookups is set by the 2906.b hosts 2907service entry in your service switch file. 2908If you are on a system that has built-in service switch support 2909(e.g., Ultrix, Solaris, or DEC OSF/1) 2910then your system is probably configured properly already. 2911Otherwise, 2912.i sendmail 2913will consult the file 2914.b /etc/mail/service.switch , 2915which should be created. 2916.i Sendmail 2917only uses two entries: 2918.b hosts 2919and 2920.b aliases , 2921although system routines may use other services 2922(notably the 2923.b passwd 2924service for user name lookups by 2925.i getpwname ). 2926.pp 2927However, some systems (such as SunOS 4.X) 2928will do DNS lookups 2929regardless of the setting of the service switch entry. 2930In particular, the system routine 2931.i gethostbyname (3) 2932is used to look up host names, 2933and many vendor versions try some combination of DNS, NIS, 2934and file lookup in /etc/hosts 2935without consulting a service switch. 2936.i Sendmail 2937makes no attempt to work around this problem, 2938and the DNS lookup will be done anyway. 2939If you do not have a nameserver configured at all, 2940such as at a UUCP-only site, 2941.i sendmail 2942will get a 2943.q "connection refused" 2944message when it tries to connect to the name server. 2945If the 2946.b hosts 2947switch entry has the service 2948.q dns 2949listed somewhere in the list, 2950.i sendmail 2951will interpret this to mean a temporary failure 2952and will queue the mail for later processing; 2953otherwise, it ignores the name server data. 2954.pp 2955The same technique is used to decide whether to do MX lookups. 2956If you want MX support, you 2957.i must 2958have 2959.q dns 2960listed as a service in the 2961.b hosts 2962switch entry. 2963.pp 2964The 2965.b ResolverOptions 2966(\c 2967.b I ) 2968option allows you to tweak name server options. 2969The command line takes a series of flags as documented in 2970.i resolver (3) 2971(with the leading 2972.q RES_ 2973deleted). 2974Each can be preceded by an optional `+' or `\(mi'. 2975For example, the line 2976.(b 2977O ResolverOptions=+AAONLY \(miDNSRCH 2978.)b 2979turns on the AAONLY (accept authoritative answers only) 2980and turns off the DNSRCH (search the domain path) options. 2981Most resolver libraries default DNSRCH, DEFNAMES, and RECURSE 2982flags on and all others off. 2983You can also include 2984.q HasWildcardMX 2985to specify that there is a wildcard MX record matching your domain; 2986this turns off MX matching when canonifying names, 2987which can lead to inappropriate canonifications. 2988.pp 2989Version level 1 configurations 2990turn DNSRCH and DEFNAMES off when doing delivery lookups, 2991but leave them on everywhere else. 2992Version 8 of 2993.i sendmail 2994ignores them when doing canonification lookups 2995(that is, when using $[ ... $]), 2996and always does the search. 2997If you don't want to do automatic name extension, 2998don't call $[ ... $]. 2999.pp 3000The search rules for $[ ... $] are somewhat different than usual. 3001If the name being looked up 3002has at least one dot, it always tries the unmodified name first. 3003If that fails, it tries the reduced search path, 3004and lastly tries the unmodified name 3005(but only for names without a dot, 3006since names with a dot have already been tried). 3007This allows names such as 3008``utc.CS'' 3009to match the site in Czechoslovakia 3010rather than the site in your local Computer Science department. 3011It also prefers A and CNAME records over MX records \*- 3012that is, if it finds an MX record it makes note of it, 3013but keeps looking. 3014This way, if you have a wildcard MX record matching your domain, 3015it will not assume that all names match. 3016.pp 3017To completely turn off all name server access 3018on systems without service switch support 3019(such as SunOS 4.X) 3020you will have to recompile with 3021\-DNAMED_BIND=0 3022and remove \-lresolv from the list of libraries to be searched 3023when linking. 3024.sh 2 "Moving the Per-User Forward Files" 3025.pp 3026Some sites mount each user's home directory 3027from a local disk on their workstation, 3028so that local access is fast. 3029However, the result is that .forward file lookups are slow. 3030In some cases, 3031mail can even be delivered on machines inappropriately 3032because of a file server being down. 3033The performance can be especially bad if you run the automounter. 3034.pp 3035The 3036.b ForwardPath 3037(\c 3038.b J ) 3039option allows you to set a path of forward files. 3040For example, the config file line 3041.(b 3042O ForwardPath=/var/forward/$u:$z/.forward.$w 3043.)b 3044would first look for a file with the same name as the user's login 3045in /var/forward; 3046if that is not found (or is inaccessible) 3047the file 3048``.forward.\c 3049.i machinename '' 3050in the user's home directory is searched. 3051A truly perverse site could also search by sender 3052by using $r, $s, or $f. 3053.pp 3054If you create a directory such as /var/forward, 3055it should be mode 1777 3056(that is, the sticky bit should be set). 3057Users should create the files mode 644. 3058Note that you must use the 3059forwardfileinunsafedirpath and 3060forwardfileinunsafedirpathsafe 3061flags with the DontBlameSendmail option 3062to allow forward files in a world 3063writable directory. 3064This might also be used as a 3065denial of service 3066attack (users could create forward files for other users); 3067a better approach might be to create 3068/var/forward 3069mode 755 3070and create empty files for each user, 3071owned by that user, 3072mode 644. 3073If you do this, you don't have to set the DontBlameSendmail options 3074indicated above. 3075.sh 2 "Free Space" 3076.pp 3077On systems that have one of the system calls in the 3078.i statfs (2) 3079family 3080(including 3081.i statvfs 3082and 3083.i ustat ), 3084you can specify a minimum number of free blocks on the queue filesystem 3085using the 3086.b MinFreeBlocks 3087(\c 3088.b b ) 3089option. 3090If there are fewer than the indicated number of blocks free 3091on the filesystem on which the queue is mounted 3092the SMTP server will reject mail 3093with the 3094452 error code. 3095This invites the SMTP client to try again later. 3096.pp 3097Beware of setting this option too high; 3098it can cause rejection of email 3099when that mail would be processed without difficulty. 3100.sh 2 "Maximum Message Size" 3101.pp 3102To avoid overflowing your system with a large message, 3103the 3104.b MaxMessageSize 3105option can be set to set an absolute limit 3106on the size of any one message. 3107This will be advertised in the ESMTP dialogue 3108and checked during message collection. 3109.sh 2 "Privacy Flags" 3110.pp 3111The 3112.b PrivacyOptions 3113(\c 3114.b p ) 3115option allows you to set certain 3116``privacy'' 3117flags. 3118Actually, many of them don't give you any extra privacy, 3119rather just insisting that client SMTP servers 3120use the HELO command 3121before using certain commands 3122or adding extra headers to indicate possible spoof attempts. 3123.pp 3124The option takes a series of flag names; 3125the final privacy is the inclusive or of those flags. 3126For example: 3127.(b 3128O PrivacyOptions=needmailhelo, noexpn 3129.)b 3130insists that the HELO or EHLO command be used before a MAIL command is accepted 3131and disables the EXPN command. 3132.pp 3133The flags are detailed in section 3134.\"XREF 31355.6. 3136.sh 2 "Send to Me Too" 3137.pp 3138Beginning with version 8.10, 3139.i sendmail 3140includes by default the (envelope) sender in any list expansions. 3141For example, if 3142.q matt 3143sends to a list that contains 3144.q matt 3145as one of the members he will get a copy of the message. 3146If the 3147.b MeToo 3148option is set to 3149.sm FALSE 3150(in the configuration file or via the command line), 3151this behavior is changed, i.e., 3152the (envelope) sender is excluded in list expansions. 3153.sh 1 "THE WHOLE SCOOP ON THE CONFIGURATION FILE" 3154.pp 3155This section describes the configuration file 3156in detail. 3157.pp 3158There is one point that should be made clear immediately: 3159the syntax of the configuration file 3160is designed to be reasonably easy to parse, 3161since this is done every time 3162.i sendmail 3163starts up, 3164rather than easy for a human to read or write. 3165On the 3166.q "future project" 3167list is a 3168configuration-file compiler. 3169.pp 3170The configuration file is organized as a series of lines, 3171each of which begins with a single character 3172defining the semantics for the rest of the line. 3173Lines beginning with a space or a tab 3174are continuation lines 3175(although the semantics are not well defined in many places). 3176Blank lines and lines beginning with a sharp symbol 3177(`#') 3178are comments. 3179.sh 2 "R and S \*- Rewriting Rules" 3180.pp 3181The core of address parsing 3182are the rewriting rules. 3183These are an ordered production system. 3184.i Sendmail 3185scans through the set of rewriting rules 3186looking for a match on the left hand side 3187(LHS) 3188of the rule. 3189When a rule matches, 3190the address is replaced by the right hand side 3191(RHS) 3192of the rule. 3193.pp 3194There are several sets of rewriting rules. 3195Some of the rewriting sets are used internally 3196and must have specific semantics. 3197Other rewriting sets 3198do not have specifically assigned semantics, 3199and may be referenced by the mailer definitions 3200or by other rewriting sets. 3201.pp 3202The syntax of these two commands are: 3203.(b F 3204.b S \c 3205.i n 3206.)b 3207Sets the current ruleset being collected to 3208.i n . 3209If you begin a ruleset more than once 3210it appends to the old definition. 3211.(b F 3212.b R \c 3213.i lhs 3214.i rhs 3215.i comments 3216.)b 3217The 3218fields must be separated 3219by at least one tab character; 3220there may be embedded spaces 3221in the fields. 3222The 3223.i lhs 3224is a pattern that is applied to the input. 3225If it matches, 3226the input is rewritten to the 3227.i rhs . 3228The 3229.i comments 3230are ignored. 3231.pp 3232Macro expansions of the form 3233.b $ \c 3234.i x 3235are performed when the configuration file is read. 3236A literal 3237.b $ 3238can be included using 3239.b $$ . 3240Expansions of the form 3241.b $& \c 3242.i x 3243are performed at run time using a somewhat less general algorithm. 3244This is intended only for referencing internally defined macros 3245such as 3246.b $h 3247that are changed at runtime. 3248.sh 3 "The left hand side" 3249.pp 3250The left hand side of rewriting rules contains a pattern. 3251Normal words are simply matched directly. 3252Metasyntax is introduced using a dollar sign. 3253The metasymbols are: 3254.(b 3255.ta \w'\fB$=\fP\fIx\fP 'u 3256\fB$*\fP Match zero or more tokens 3257\fB$+\fP Match one or more tokens 3258\fB$\-\fP Match exactly one token 3259\fB$=\fP\fIx\fP Match any phrase in class \fIx\fP 3260\fB$~\fP\fIx\fP Match any word not in class \fIx\fP 3261.)b 3262If any of these match, 3263they are assigned to the symbol 3264.b $ \c 3265.i n 3266for replacement on the right hand side, 3267where 3268.i n 3269is the index in the LHS. 3270For example, 3271if the LHS: 3272.(b 3273$\-:$+ 3274.)b 3275is applied to the input: 3276.(b 3277UCBARPA:eric 3278.)b 3279the rule will match, and the values passed to the RHS will be: 3280.(b 3281.ta 4n 3282$1 UCBARPA 3283$2 eric 3284.)b 3285.pp 3286Additionally, the LHS can include 3287.b $@ 3288to match zero tokens. 3289This is 3290.i not 3291bound to a 3292.b $ \c 3293.i n 3294on the RHS, and is normally only used when it stands alone 3295in order to match the null input. 3296.sh 3 "The right hand side" 3297.pp 3298When the left hand side of a rewriting rule matches, 3299the input is deleted and replaced by the right hand side. 3300Tokens are copied directly from the RHS 3301unless they begin with a dollar sign. 3302Metasymbols are: 3303.(b 3304.ta \w'$#mailer\0\0\0'u 3305\fB$\fP\fIn\fP Substitute indefinite token \fIn\fP from LHS 3306\fB$[\fP\fIname\fP\fB$]\fP Canonicalize \fIname\fP 3307\fB$(\fP\fImap key\fP \fB$@\fP\fIarguments\fP \fB$:\fP\fIdefault\fP \fB$)\fP 3308 Generalized keyed mapping function 3309\fB$>\fP\fIn\fP \*(lqCall\*(rq ruleset \fIn\fP 3310\fB$#\fP\fImailer\fP Resolve to \fImailer\fP 3311\fB$@\fP\fIhost\fP Specify \fIhost\fP 3312\fB$:\fP\fIuser\fP Specify \fIuser\fP 3313.)b 3314.pp 3315The 3316.b $ \c 3317.i n 3318syntax substitutes the corresponding value from a 3319.b $+ , 3320.b $\- , 3321.b $* , 3322.b $= , 3323or 3324.b $~ 3325match on the LHS. 3326It may be used anywhere. 3327.pp 3328A host name enclosed between 3329.b $[ 3330and 3331.b $] 3332is looked up in the host database(s) 3333and replaced by the canonical name\**. 3334.(f 3335\**This is actually 3336completely equivalent 3337to $(host \fIhostname\fP$). 3338In particular, a 3339.b $: 3340default can be used. 3341.)f 3342For example, 3343.q $[ftp$] 3344might become 3345.q ftp.CS.Berkeley.EDU 3346and 3347.q $[[128.32.130.2]$] 3348would become 3349.q vangogh.CS.Berkeley.EDU. 3350.i Sendmail 3351recognizes its numeric IP address 3352without calling the name server 3353and replaces it with its canonical name. 3354.pp 3355The 3356.b $( 3357\&... 3358.b $) 3359syntax is a more general form of lookup; 3360it uses a named map instead of an implicit map. 3361If no lookup is found, the indicated 3362.i default 3363is inserted; 3364if no default is specified and no lookup matches, 3365the value is left unchanged. 3366The 3367.i arguments 3368are passed to the map for possible use. 3369.pp 3370The 3371.b $> \c 3372.i n 3373syntax 3374causes the remainder of the line to be substituted as usual 3375and then passed as the argument to ruleset 3376.i n . 3377The final value of ruleset 3378.i n 3379then becomes 3380the substitution for this rule. 3381The 3382.b $> 3383syntax expands everything after the ruleset name 3384to the end of the replacement string 3385and then passes that as the initial input to the ruleset. 3386Recursive calls are allowed. 3387For example, 3388.(b 3389$>0 $>3 $1 3390.)b 3391expands $1, passes that to ruleset 3, and then passes the result 3392of ruleset 3 to ruleset 0. 3393.pp 3394The 3395.b $# 3396syntax should 3397.i only 3398be used in ruleset zero, 3399a subroutine of ruleset zero, 3400or rulesets that return decisions (e.g., check_rcpt). 3401It causes evaluation of the ruleset to terminate immediately, 3402and signals to 3403.i sendmail 3404that the address has completely resolved. 3405The complete syntax for ruleset 0 is: 3406.(b 3407\fB$#\fP\fImailer\fP \fB$@\fP\fIhost\fP \fB$:\fP\fIuser\fP 3408.)b 3409This specifies the 3410{mailer, host, user} 34113-tuple necessary to direct the mailer. 3412If the mailer is local 3413the host part may be omitted\**. 3414.(f 3415\**You may want to use it for special 3416.q "per user" 3417extensions. 3418For example, in the address 3419.q jgm+foo@CMU.EDU ; 3420the 3421.q +foo 3422part is not part of the user name, 3423and is passed to the local mailer for local use. 3424.)f 3425The 3426.i mailer 3427must be a single word, 3428but the 3429.i host 3430and 3431.i user 3432may be multi-part. 3433If the 3434.i mailer 3435is the builtin IPC mailer, 3436the 3437.i host 3438may be a colon-separated list of hosts 3439that are searched in order for the first working address 3440(exactly like MX records). 3441The 3442.i user 3443is later rewritten by the mailer-specific envelope rewriting set 3444and assigned to the 3445.b $u 3446macro. 3447As a special case, if the mailer specified has the 3448.b F=@ 3449flag specified 3450and the first character of the 3451.b $: 3452value is 3453.q @ , 3454the 3455.q @ 3456is stripped off, and a flag is set in the address descriptor 3457that causes sendmail to not do ruleset 5 processing. 3458.pp 3459Normally, a rule that matches is retried, 3460that is, 3461the rule loops until it fails. 3462A RHS may also be preceded by a 3463.b $@ 3464or a 3465.b $: 3466to change this behavior. 3467A 3468.b $@ 3469prefix causes the ruleset to return with the remainder of the RHS 3470as the value. 3471A 3472.b $: 3473prefix causes the rule to terminate immediately, 3474but the ruleset to continue; 3475this can be used to avoid continued application of a rule. 3476The prefix is stripped before continuing. 3477.pp 3478The 3479.b $@ 3480and 3481.b $: 3482prefixes may precede a 3483.b $> 3484spec; 3485for example: 3486.(b 3487.ta 8n 3488R$+ $: $>7 $1 3489.)b 3490matches anything, 3491passes that to ruleset seven, 3492and continues; 3493the 3494.b $: 3495is necessary to avoid an infinite loop. 3496.pp 3497Substitution occurs in the order described, 3498that is, 3499parameters from the LHS are substituted, 3500hostnames are canonicalized, 3501.q subroutines 3502are called, 3503and finally 3504.b $# , 3505.b $@ , 3506and 3507.b $: 3508are processed. 3509.sh 3 "Semantics of rewriting rule sets" 3510.pp 3511There are six rewriting sets 3512that have specific semantics. 3513Five of these are related as depicted by figure 1. 3514.(z 3515.hl 3516.ie n \{\ 3517.(c 3518 +---+ 3519 -->| 0 |-->resolved address 3520 / +---+ 3521 / +---+ +---+ 3522 / ---->| 1 |-->| S |-- 3523 +---+ / +---+ / +---+ +---+ \e +---+ 3524addr-->| 3 |-->| D |-- --->| 4 |-->msg 3525 +---+ +---+ \e +---+ +---+ / +---+ 3526 --->| 2 |-->| R |-- 3527 +---+ +---+ 3528.)c 3529 3530.\} 3531.el \{\ 3532.ie !"\*(.T"" \{\ 3533.PS 3534boxwid = 0.3i 3535boxht = 0.3i 3536movewid = 0.3i 3537moveht = 0.3i 3538linewid = 0.3i 3539lineht = 0.3i 3540 3541 box invis "addr"; arrow 3542Box3: box "3" 3543A1: arrow 3544BoxD: box "D"; line; L1: Here 3545C: [ 3546 C1: arrow; box "1"; arrow; box "S"; line; E1: Here 3547 move to C1 down 0.5; right 3548 C2: arrow; box "2"; arrow; box "R"; line; E2: Here 3549 ] with .w at L1 + (0.5, 0) 3550 move to C.e right 0.5 3551L4: arrow; box "4"; arrow; box invis "msg" 3552 line from L1 to C.C1 3553 line from L1 to C.C2 3554 line from C.E1 to L4 3555 line from C.E2 to L4 3556 move to BoxD.n up 0.6; right 3557Box0: arrow; box "0" 3558 arrow; box invis "resolved address" width 1.3 3559 line from 1/3 of the way between A1 and BoxD.w to Box0 3560.PE 3561.\} 3562.el .sp 2i 3563.\} 3564.ce 3565Figure 1 \*- Rewriting set semantics 3566.(c 3567D \*- sender domain addition 3568S \*- mailer-specific sender rewriting 3569R \*- mailer-specific recipient rewriting 3570.)c 3571.hl 3572.)z 3573.pp 3574Ruleset three 3575should turn the address into 3576.q "canonical form." 3577This form should have the basic syntax: 3578.(b 3579local-part@host-domain-spec 3580.)b 3581Ruleset three 3582is applied by 3583.i sendmail 3584before doing anything with any address. 3585.pp 3586If no 3587.q @ 3588sign is specified, 3589then the 3590host-domain-spec 3591.i may 3592be appended (box 3593.q D 3594in Figure 1) 3595from the 3596sender address 3597(if the 3598.b C 3599flag is set in the mailer definition 3600corresponding to the 3601.i sending 3602mailer). 3603.pp 3604Ruleset zero 3605is applied after ruleset three 3606to addresses that are going to actually specify recipients. 3607It must resolve to a 3608.i "{mailer, host, address}" 3609triple. 3610The 3611.i mailer 3612must be defined in the mailer definitions 3613from the configuration file. 3614The 3615.i host 3616is defined into the 3617.b $h 3618macro 3619for use in the argv expansion of the specified mailer. 3620.pp 3621Rulesets one and two 3622are applied to all sender and recipient addresses respectively. 3623They are applied before any specification 3624in the mailer definition. 3625They must never resolve. 3626.pp 3627Ruleset four is applied to all addresses 3628in the message. 3629It is typically used 3630to translate internal to external form. 3631.pp 3632In addition, 3633ruleset 5 is applied to all local addresses 3634(specifically, those that resolve to a mailer with the `F=5' 3635flag set) 3636that do not have aliases. 3637This allows a last minute hook for local names. 3638.sh 3 "Ruleset hooks" 3639.pp 3640A few extra rulesets are defined as 3641.q hooks 3642that can be defined to get special features. 3643They are all named rulesets. 3644The 3645.q check_* 3646forms all give accept/reject status; 3647falling off the end or returning normally is an accept, 3648and resolving to 3649.b $#error 3650is a reject. 3651Many of these can also resolve to the special mailer name 3652.b $#discard ; 3653this accepts the message as though it were successful 3654but then discards it without delivery. 3655Note, 3656this mailer can not be chosen as a mailer in ruleset 0. 3657.sh 4 "check_relay" 3658.pp 3659The 3660.i check_relay 3661ruleset is called after a connection is accepted by the daemon. 3662It is not called when sendmail is started using the 3663.b \-bs 3664option. 3665It is passed 3666.(b 3667client.host.name $| client.host.address 3668.)b 3669where 3670.b $| 3671is a metacharacter separating the two parts. 3672This ruleset can reject connections from various locations. 3673.sh 4 "check_mail" 3674.pp 3675The 3676.i check_mail 3677ruleset is passed the user name parameter of the 3678.sm "SMTP MAIL" 3679command. 3680It can accept or reject the address. 3681.sh 4 "check_rcpt" 3682.pp 3683The 3684.i check_rcpt 3685ruleset is passed the user name parameter of the 3686.sm "SMTP RCPT" 3687command. 3688It can accept or reject the address. 3689.sh 4 "check_compat" 3690.pp 3691The 3692.i check_compat 3693ruleset is passed 3694.(b 3695sender-address $| recipient-address 3696.)b 3697where 3698.b $| 3699is a metacharacter separating the addresses. 3700It can accept or reject mail transfer between these two addresses 3701much like the 3702.i checkcompat() 3703function. 3704.sh 4 "check_eoh" 3705.pp 3706The 3707.i check_eoh 3708ruleset is passed 3709.(b 3710number-of-headers $| size-of-headers 3711.)b 3712where 3713.b $| 3714is a metacharacter separating the numbers. 3715These numbers can be used for size comparisons with the 3716.b arith 3717map. 3718The ruleset is triggered after 3719all of the headers have been read. 3720It can be used to correlate information gathered 3721from those headers using the 3722.b macro 3723storage map. 3724One possible use is to check for a missing header. 3725For example: 3726.(b 3727.ta 1.5i 3728Kstorage macro 3729HMessage-Id: $>CheckMessageId 3730 3731SCheckMessageId 3732# Record the presence of the header 3733R$* $: $(storage {MessageIdCheck} $@ OK $) $1 3734R< $+ @ $+ > $@ OK 3735R$* $#error $: 553 Header Error 3736 3737Scheck_eoh 3738# Check the macro 3739R$* $: < $&{MessageIdCheck} > 3740# Clear the macro for the next message 3741R$* $: $(storage {MessageIdCheck} $) $1 3742# Has a Message-Id: header 3743R< $+ > $@ OK 3744# Allow missing Message-Id: from local mail 3745R$* $: < $&{client_name} > 3746R< > $@ OK 3747R< $=w > $@ OK 3748# Otherwise, reject the mail 3749R$* $#error $: 553 Header Error 3750.)b 3751Keep in mind the Message-Id: header is not a required header and 3752is not a guaranteed spam indicator. 3753This ruleset is an example and 3754should probably not be used in production. 3755.sh 4 "check_etrn" 3756.pp 3757The 3758.i check_etrn 3759ruleset is passed the parameter of the 3760.sm "SMTP ETRN" 3761command. 3762It can accept or reject the command. 3763.sh 4 "check_expn" 3764.pp 3765The 3766.i check_expn 3767ruleset is passed the user name parameter of the 3768.sm "SMTP EXPN" 3769command. 3770It can accept or reject the address. 3771.sh 4 "check_vrfy" 3772.pp 3773The 3774.i check_vrfy 3775ruleset is passed the user name parameter of the 3776.sm "SMTP VRFY" 3777command. 3778It can accept or reject the command. 3779.sh 4 "trust_auth" 3780.pp 3781The 3782.i trust_auth 3783ruleset is passed the AUTH= parameter of the 3784.sm "SMTP MAIL" 3785command. 3786It is used to determine whether this value should be 3787trusted. In order to make this decision, the ruleset 3788may make use of the various 3789.b ${auth_*} 3790macros. 3791If the ruleset does resolve to the 3792.q error 3793mailer the AUTH= parameter is not trusted and hence 3794not passed on to the next relay. 3795.sh 4 "tls_client" 3796.pp 3797The 3798.i tls_client 3799ruleset is called when sendmail acts as server, after a STARTTLS command 3800has been issued, and from 3801.i check_mail. 3802The parameter is the value of 3803.b ${verify} 3804and STARTTLS or MAIL, respectively. 3805If the ruleset does resolve to the 3806.q error 3807mailer, the appropriate error code is returned to the client. 3808.sh 4 "tls_server" 3809.pp 3810The 3811.i tls_server 3812ruleset is called when sendmail acts as client after a STARTTLS command 3813(should) have been issued. 3814The parameter is the value of 3815.b ${verify} . 3816If the ruleset does resolve to the 3817.q error 3818mailer, the connection is aborted 3819(treated as non-deliverable with a permanent or temporary error). 3820.sh 3 "IPC mailers" 3821.pp 3822Some special processing occurs 3823if the ruleset zero resolves to an IPC mailer 3824(that is, a mailer that has 3825.q [IPC] 3826listed as the Path in the 3827.b M 3828configuration line. 3829The host name passed after 3830.q $@ 3831has MX expansion performed if not delivering via a named socket; 3832this looks the name up in DNS to find alternate delivery sites. 3833.pp 3834The host name can also be provided as a dotted quad in square brackets; 3835for example: 3836.(b 3837[128.32.149.78] 3838.)b 3839This causes direct conversion of the numeric value 3840to an IP host address. 3841.pp 3842The host name passed in after the 3843.q $@ 3844may also be a colon-separated list of hosts. 3845Each is separately MX expanded and the results are concatenated 3846to make (essentially) one long MX list. 3847The intent here is to create 3848.q fake 3849MX records that are not published in DNS 3850for private internal networks. 3851.pp 3852As a final special case, the host name can be passed in 3853as a text string 3854in square brackets: 3855.(b 3856[ucbvax.berkeley.edu] 3857.)b 3858This form avoids the MX mapping. 3859.b N.B.: 3860.i 3861This is intended only for situations where you have a network firewall 3862or other host that will do special processing for all your mail, 3863so that your MX record points to a gateway machine; 3864this machine could then do direct delivery to machines 3865within your local domain. 3866Use of this feature directly violates RFC 1123 section 5.3.5: 3867it should not be used lightly. 3868.r 3869.sh 2 "D \*- Define Macro" 3870.pp 3871Macros are named with a single character 3872or with a word in {braces}. 3873The names ``x'' and ``{x}'' denote the same macro 3874for every single character ``x''. 3875Single character names may be selected from the entire ASCII set, 3876but user-defined macros 3877should be selected from the set of upper case letters only. 3878Lower case letters 3879and special symbols 3880are used internally. 3881Long names beginning with a lower case letter or a punctuation character 3882are reserved for use by sendmail, 3883so user-defined long macro names should begin with an upper case letter. 3884.pp 3885The syntax for macro definitions is: 3886.(b F 3887.b D \c 3888.i x\|val 3889.)b 3890where 3891.i x 3892is the name of the macro 3893(which may be a single character 3894or a word in braces) 3895and 3896.i val 3897is the value it should have. 3898There should be no spaces given 3899that do not actually belong in the macro value. 3900.pp 3901Macros are interpolated 3902using the construct 3903.b $ \c 3904.i x , 3905where 3906.i x 3907is the name of the macro to be interpolated. 3908This interpolation is done when the configuration file is read, 3909except in 3910.b M 3911lines. 3912The special construct 3913.b $& \c 3914.i x 3915can be used in 3916.b R 3917lines to get deferred interpolation. 3918.pp 3919Conditionals can be specified using the syntax: 3920.(b 3921$?x text1 $| text2 $. 3922.)b 3923This interpolates 3924.i text1 3925if the macro 3926.b $x 3927is set and non-null, 3928and 3929.i text2 3930otherwise. 3931The 3932.q else 3933(\c 3934.b $| ) 3935clause may be omitted. 3936.pp 3937Lower case macro names are reserved to have 3938special semantics, 3939used to pass information in or out of 3940.i sendmail , 3941and special characters are reserved to 3942provide conditionals, etc. 3943Upper case names 3944(that is, 3945.b $A 3946through 3947.b $Z ) 3948are specifically reserved for configuration file authors. 3949.pp 3950The following macros are defined and/or used internally by 3951.i sendmail 3952for interpolation into argv's for mailers 3953or for other contexts. 3954The ones marked \(dg are information passed into sendmail\**, 3955.(f 3956\**As of version 8.6, 3957all of these macros have reasonable defaults. 3958Previous versions required that they be defined. 3959.)f 3960the ones marked \(dd are information passed both in and out of sendmail, 3961and the unmarked macros are passed out of sendmail 3962but are not otherwise used internally. 3963These macros are: 3964.nr ii 5n 3965.ip $a 3966The origination date in RFC 822 format. 3967This is extracted from the Date: line. 3968.ip $b 3969The current date in RFC 822 format. 3970.ip $c 3971The hop count. 3972This is a count of the number of Received: lines 3973plus the value of the 3974.b \-h 3975command line flag. 3976.ip $d 3977The current date in UNIX (ctime) format. 3978.ip $e\(dg 3979(Obsolete; use SmtpGreetingMessage option instead.) 3980The SMTP entry message. 3981This is printed out when SMTP starts up. 3982The first word must be the 3983.b $j 3984macro as specified by RFC821. 3985Defaults to 3986.q "$j Sendmail $v ready at $b" . 3987Commonly redefined to include the configuration version number, e.g., 3988.q "$j Sendmail $v/$Z ready at $b" 3989.ip $f 3990The envelope sender (from) address. 3991.ip $g 3992The sender address relative to the recipient. 3993For example, if 3994.b $f 3995is 3996.q foo , 3997.b $g 3998will be 3999.q host!foo , 4000.q foo@host.domain , 4001or whatever is appropriate for the receiving mailer. 4002.ip $h 4003The recipient host. 4004This is set in ruleset 0 from the $@ field of a parsed address. 4005.ip $i 4006The queue id, 4007e.g., 4008.q HAA12345 . 4009.ip $j\(dd 4010The \*(lqofficial\*(rq domain name for this site. 4011This is fully qualified if the full qualification can be found. 4012It 4013.i must 4014be redefined to be the fully qualified domain name 4015if your system is not configured so that information can find 4016it automatically. 4017.ip $k 4018The UUCP node name (from the uname system call). 4019.ip $l\(dg 4020(Obsolete; use UnixFromLine option instead.) 4021The format of the UNIX from line. 4022Unless you have changed the UNIX mailbox format, 4023you should not change the default, 4024which is 4025.q "From $g $d" . 4026.ip $m 4027The domain part of the \fIgethostname\fP return value. 4028Under normal circumstances, 4029.b $j 4030is equivalent to 4031.b $w.$m . 4032.ip $n\(dg 4033The name of the daemon (for error messages). 4034Defaults to 4035.q MAILER-DAEMON . 4036.ip $o\(dg 4037(Obsolete: use OperatorChars option instead.) 4038The set of \*(lqoperators\*(rq in addresses. 4039A list of characters 4040which will be considered tokens 4041and which will separate tokens 4042when doing parsing. 4043For example, if 4044.q @ 4045were in the 4046.b $o 4047macro, then the input 4048.q a@b 4049would be scanned as three tokens: 4050.q a, 4051.q @, 4052and 4053.q b. 4054Defaults to 4055.q ".:@[]" , 4056which is the minimum set necessary to do RFC 822 parsing; 4057a richer set of operators is 4058.q ".:%@!/[]" , 4059which adds support for UUCP, the %-hack, and X.400 addresses. 4060.ip $p 4061Sendmail's process id. 4062.ip $q\(dg 4063Default format of sender address. 4064The 4065.b $q 4066macro specifies how an address should appear in a message 4067when it is defaulted. 4068Defaults to 4069.q "<$g>" . 4070It is commonly redefined to be 4071.q "$?x$x <$g>$|$g$." 4072or 4073.q "$g$?x ($x)$." , 4074corresponding to the following two formats: 4075.(b 4076Eric Allman <eric@CS.Berkeley.EDU> 4077eric@CS.Berkeley.EDU (Eric Allman) 4078.)b 4079.i Sendmail 4080properly quotes names that have special characters 4081if the first form is used. 4082.ip $r 4083Protocol used to receive the message. 4084Set from the 4085.b \-p 4086command line flag or by the SMTP server code. 4087.ip $s 4088Sender's host name. 4089Set from the 4090.b \-p 4091command line flag or by the SMTP server code. 4092.ip $t 4093A numeric representation of the current time. 4094.ip $u 4095The recipient user. 4096.ip $v 4097The version number of the 4098.i sendmail 4099binary. 4100.ip $w\(dd 4101The hostname of this site. 4102This is the root name of this host (but see below for caveats). 4103.ip $x 4104The full name of the sender. 4105.ip $z 4106The home directory of the recipient. 4107.ip $_ 4108The validated sender address. 4109.ip ${auth_authen} 4110The client's authentication credentials as determined by authentication 4111(only set if successful). 4112.ip ${auth_author} 4113The authorization identity, i.e. the AUTH= parameter of the 4114.sm "SMTP MAIL" 4115command if supplied. 4116.ip ${auth_type} 4117The mechanism used for authentication 4118(only set if successful). 4119.ip ${auth_ssf} 4120The keylength (in bits) of the symmetric encryption algorithm 4121used for the security layer of a SASL mechanism. 4122.ip ${bodytype} 4123The message body type 4124(7BIT or 8BITMIME), 4125as determined from the envelope. 4126.ip ${cert_issuer} 4127The DN (distinguished name) of the CA (certificate authority) 4128that signed the presented certificate (the cert issuer). 4129.ip ${cert_subject} 4130The DN of the presented certificate (called the cert subject). 4131.ip ${cipher} 4132The cipher suite used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 4133EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 4134.ip ${cipher_bits} 4135The keylength (in bits) of the symmetric encryption algorithm 4136used for a TLS connection. 4137.ip ${client_addr} 4138The IP address of the SMTP client. 4139Defined in the SMTP server only. 4140.ip ${client_name} 4141The host name of the SMTP client. 4142This may be the client's bracketed IP address 4143in the form [ nnn.nnn.nnn.nnn ] if the client's 4144IP address is not resolvable, or if it is resolvable 4145but the IP address of the resolved hostname 4146doesn't match the original IP address. 4147Defined in the SMTP server only. 4148.ip ${client_port} 4149The port number of the SMTP client. 4150Defined in the SMTP server only. 4151.ip ${client_resolve} 4152Holds the result of the resolve call for 4153.b ${client_name} 4154: OK, FAIL, FORGED, TEMP. 4155Defined in the SMTP server only. 4156.ip ${currHeader} 4157Header value as quoted string 4158(possibly truncated to 4159.b MAXNAME ). 4160.ip ${daemon_addr} 4161The IP address the daemon is listening on for connections. 4162Unless 4163.b DaemonPortOptions 4164is set, this will be 4165.q 0.0.0.0 . 4166.ip ${daemon_family} 4167The network family 4168if the daemon is accepting network connections. 4169Possible values include 4170.q inet , 4171.q inet6 , 4172.q iso , 4173.q ns , 4174.q x.25 4175.ip ${daemon_flags} 4176The flags for the daemon as specified by the 4177Modifier= part of 4178.b DaemonPortOptions 4179whereby the flags are separated from each other by spaces, 4180and upper case flags are doubled. 4181That is, 4182Modifier=Ea 4183will be represented as 4184"EE a" in 4185.b ${daemon_flags} , 4186which is required for testing the flags in rulesets. 4187.ip ${daemon_info} 4188Some information about a daemon as a text string. 4189For example, 4190.q SMTP+queueing@00:30:00 . 4191.ip ${daemon_name} 4192The name of the daemon from 4193.b DaemonPortOptions 4194Name= suboption. 4195If this suboption is not set, 4196"Daemon#", 4197where # is the daemon number, 4198is used. 4199.ip ${daemon_port} 4200The port the daemon is accepting connection on. 4201Unless 4202.b DaemonPortOptions 4203is set, this will most likely be 4204.q 25 . 4205.ip ${deliveryMode} 4206The current delivery mode sendmail is using. 4207It is initially set to the value of the 4208.b DeliveryMode 4209option. 4210.ip ${envid} 4211The envelope id passed to sendmail as part of the envelope. 4212.ip ${hdrlen} 4213The length of the header value which is stored in 4214${currHeader} (before possible truncation). 4215If this value is greater than or equal 4216.b MAXNAME 4217the header has been truncated. 4218.ip ${hdr_name} 4219The name of the header field for which the current header 4220check ruleset has been called. 4221This is useful for a default header check ruleset to get 4222the name of the header. 4223.ip ${if_addr} 4224The IP address of the interface of an incoming connection 4225unless it is in the loopback net. 4226.ip ${if_family} 4227The IP family of the interface of an incoming connection 4228unless it is in the loopback net. 4229.ip ${if_name} 4230The name of the interface of an incoming connection. 4231This macro can be used for 4232SmtpGreetingMessage and HReceived for virtual hosting. 4233For example: 4234.(b 4235O SmtpGreetingMessage=$?{if_name}${if_name}$|$j$. MTA 4236.)b 4237.ip ${mail_addr} 4238The address part of the resolved triple of the address given for the 4239.sm "SMTP MAIL" 4240command. 4241Defined in the SMTP server only. 4242.ip ${mail_host} 4243The host from the resolved triple of the address given for the 4244.sm "SMTP MAIL" 4245command. 4246Defined in the SMTP server only. 4247.ip ${mail_mailer} 4248The mailer from the resolved triple of the address given for the 4249.sm "SMTP MAIL" 4250command. 4251Defined in the SMTP server only. 4252.ip ${msg_size} 4253The value of the SIZE= parameter, 4254i.e., usually the size of the message (in an ESMTP dialogue), 4255before the message has been collected, thereafter 4256the message size as computed by 4257.i sendmail 4258(and can be used in check_compat). 4259.ip ${ntries} 4260The number of delivery attempts. 4261.ip ${opMode} 4262The current operation mode (from the 4263.b \-b 4264flag). 4265.ip ${queue_interval} 4266The queue run interval given by the 4267.b \-q 4268flag. 4269For example, 4270.b \-q30m 4271would set 4272.b ${queue_interval} 4273to 4274.q 00:30:00 . 4275.ip ${rcpt_addr} 4276The address part of the resolved triple of the address given for the 4277.sm "SMTP RCPT" 4278command. 4279Defined in the SMTP server only. 4280.ip ${rcpt_host} 4281The host from the resolved triple of the address given for the 4282.sm "SMTP RCPT" 4283command. 4284Defined in the SMTP server only. 4285.ip ${rcpt_mailer} 4286The mailer from the resolved triple of the address given for the 4287.sm "SMTP RCPT" 4288command. 4289Defined in the SMTP server only. 4290.ip ${server_addr} 4291The address of the server of the current outgoing SMTP connection. 4292.ip ${server_name} 4293The name of the server of the current outgoing SMTP connection. 4294.ip ${tls_version} 4295The TLS/SSL version used for the connection, e.g., TLSv1, SSLv3, SSLv2. 4296.ip ${verify} 4297The result of the verification of the presented cert. 4298Possible values are: 4299.(b 4300.ta 9n 4301OK verification succeeded. 4302NO no cert presented. 4303FAIL cert presented but could not be verified, 4304 e.g., the signing CA is missing. 4305NONE STARTTLS has not been performed. 4306TEMP temporary error occurred. 4307PROTOCOL some protocol error occurred. 4308SOFTWARE STARTTLS handshake failed, 4309 which is a fatal error for this session, 4310 the e-mail will be queued. 4311.)b 4312.pp 4313There are three types of dates that can be used. 4314The 4315.b $a 4316and 4317.b $b 4318macros are in RFC 822 format; 4319.b $a 4320is the time as extracted from the 4321.q Date: 4322line of the message 4323(if there was one), 4324and 4325.b $b 4326is the current date and time 4327(used for postmarks). 4328If no 4329.q Date: 4330line is found in the incoming message, 4331.b $a 4332is set to the current time also. 4333The 4334.b $d 4335macro is equivalent to the 4336.b $b 4337macro in UNIX 4338(ctime) 4339format. 4340.pp 4341The macros 4342.b $w , 4343.b $j , 4344and 4345.b $m 4346are set to the identity of this host. 4347.i Sendmail 4348tries to find the fully qualified name of the host 4349if at all possible; 4350it does this by calling 4351.i gethostname (2) 4352to get the current hostname 4353and then passing that to 4354.i gethostbyname (3) 4355which is supposed to return the canonical version of that host name.\** 4356.(f 4357\**For example, on some systems 4358.i gethostname 4359might return 4360.q foo 4361which would be mapped to 4362.q foo.bar.com 4363by 4364.i gethostbyname . 4365.)f 4366Assuming this is successful, 4367.b $j 4368is set to the fully qualified name 4369and 4370.b $m 4371is set to the domain part of the name 4372(everything after the first dot). 4373The 4374.b $w 4375macro is set to the first word 4376(everything before the first dot) 4377if you have a level 5 or higher configuration file; 4378otherwise, it is set to the same value as 4379.b $j . 4380If the canonification is not successful, 4381it is imperative that the config file set 4382.b $j 4383to the fully qualified domain name\**. 4384.(f 4385\**Older versions of sendmail didn't pre-define 4386.b $j 4387at all, so up until 8.6, 4388config files 4389.i always 4390had to define 4391.b $j . 4392.)f 4393.pp 4394The 4395.b $f 4396macro is the id of the sender 4397as originally determined; 4398when mailing to a specific host 4399the 4400.b $g 4401macro is set to the address of the sender 4402.ul 4403relative to the recipient. 4404For example, 4405if I send to 4406.q bollard@matisse.CS.Berkeley.EDU 4407from the machine 4408.q vangogh.CS.Berkeley.EDU 4409the 4410.b $f 4411macro will be 4412.q eric 4413and the 4414.b $g 4415macro will be 4416.q eric@vangogh.CS.Berkeley.EDU. 4417.pp 4418The 4419.b $x 4420macro is set to the full name of the sender. 4421This can be determined in several ways. 4422It can be passed as flag to 4423.i sendmail . 4424It can be defined in the 4425.sm NAME 4426environment variable. 4427The third choice is the value of the 4428.q Full-Name: 4429line in the header if it exists, 4430and the fourth choice is the comment field 4431of a 4432.q From: 4433line. 4434If all of these fail, 4435and if the message is being originated locally, 4436the full name is looked up in the 4437.i /etc/passwd 4438file. 4439.pp 4440When sending, 4441the 4442.b $h , 4443.b $u , 4444and 4445.b $z 4446macros get set to the host, user, and home directory 4447(if local) 4448of the recipient. 4449The first two are set from the 4450.b $@ 4451and 4452.b $: 4453part of the rewriting rules, respectively. 4454.pp 4455The 4456.b $p 4457and 4458.b $t 4459macros are used to create unique strings 4460(e.g., for the 4461.q Message-Id: 4462field). 4463The 4464.b $i 4465macro is set to the queue id on this host; 4466if put into the timestamp line 4467it can be extremely useful for tracking messages. 4468The 4469.b $v 4470macro is set to be the version number of 4471.i sendmail ; 4472this is normally put in timestamps 4473and has been proven extremely useful for debugging. 4474.pp 4475The 4476.b $c 4477field is set to the 4478.q "hop count," 4479i.e., the number of times this message has been processed. 4480This can be determined 4481by the 4482.b \-h 4483flag on the command line 4484or by counting the timestamps in the message. 4485.pp 4486The 4487.b $r 4488and 4489.b $s 4490fields are set to the protocol used to communicate with 4491.i sendmail 4492and the sending hostname. 4493They can be set together using the 4494.b \-p 4495command line flag or separately using the 4496.b \-M 4497or 4498.b \-oM 4499flags. 4500.pp 4501The 4502.b $_ 4503is set to a validated sender host name. 4504If the sender is running an RFC 1413 compliant IDENT server 4505and the receiver has the IDENT protocol turned on, 4506it will include the user name on that host. 4507.pp 4508The 4509.b ${client_name} , 4510.b ${client_addr} , 4511and 4512.b ${client_port} 4513macros 4514are set to the name, address, and port number of the SMTP client 4515who is invoking 4516.i sendmail 4517as a server. 4518These can be used in the 4519.i check_* 4520rulesets (using the 4521.b $& 4522deferred evaluation form, of course!). 4523.sh 2 "C and F \*- Define Classes" 4524.pp 4525Classes of phrases may be defined 4526to match on the left hand side of rewriting rules, 4527where a 4528.q phrase 4529is a sequence of characters that does not contain space characters. 4530For example 4531a class of all local names for this site 4532might be created 4533so that attempts to send to oneself 4534can be eliminated. 4535These can either be defined directly in the configuration file 4536or read in from another file. 4537Classes are named as a single letter or a word in {braces}. 4538Class names beginning with lower case letters 4539and special characters are reserved for system use. 4540Classes defined in config files may be given names 4541from the set of upper case letters for short names 4542or beginning with an upper case letter for long names. 4543.pp 4544The syntax is: 4545.(b F 4546.b C \c 4547.i c\|phrase1 4548.i phrase2... 4549.br 4550.b F \c 4551.i c\|file 4552.br 4553.b F \c 4554.i c\||program 4555.)b 4556The first form defines the class 4557.i c 4558to match any of the named words. 4559If 4560.i phrase1 4561or 4562.i phrase2 4563is another class, 4564e.g., 4565.i $=S , 4566the contents of class 4567.i S 4568are added to class 4569.i c . 4570It is permissible to split them among multiple lines; 4571for example, the two forms: 4572.(b 4573CHmonet ucbmonet 4574.)b 4575and 4576.(b 4577CHmonet 4578CHucbmonet 4579.)b 4580are equivalent. 4581The ``F'' forms 4582read the elements of the class 4583.i c 4584from the named 4585.i file 4586or 4587.i program . 4588Each element should be listed on a separate line. 4589To specify an optional file, use ``-o'' between the class 4590name and the file name, e.g., 4591.(b 4592Fc -o /path/to/file 4593.)b 4594If the file can't be used, 4595.i sendmail 4596will not complain but silently ignore it. 4597.pp 4598Elements of classes can be accessed in rules using 4599.b $= 4600or 4601.b $~ . 4602The 4603.b $~ 4604(match entries not in class) 4605only matches a single word; 4606multi-word entries in the class are ignored in this context. 4607.pp 4608Some classes have internal meaning to 4609.i sendmail : 4610.nr ii 0.5i 4611.\".ip $=b 4612.\"A set of Content-Types that will not have the newline character 4613.\"translated to CR-LF before encoding into base64 MIME. 4614.\"The class can have major times 4615.\"(e.g., 4616.\".q image ) 4617.\"or full types 4618.\"(such as 4619.\".q application/octet-stream ). 4620.\"The class is initialized with 4621.\".q application/octet-stream , 4622.\".q image , 4623.\".q audio , 4624.\"and 4625.\".q video . 4626.ip $=e 4627contains the Content-Transfer-Encodings that can be 8\(->7 bit encoded. 4628It is predefined to contain 4629.q 7bit , 4630.q 8bit , 4631and 4632.q binary . 4633.ip $=k 4634set to be the same as 4635.b $k , 4636that is, the UUCP node name. 4637.ip $=m 4638set to the set of domains by which this host is known, 4639initially just 4640.b $m . 4641.ip $=n 4642can be set to the set of MIME body types 4643that can never be eight to seven bit encoded. 4644It defaults to 4645.q multipart/signed . 4646Message types 4647.q message/* 4648and 4649.q multipart/* 4650are never encoded directly. 4651Multipart messages are always handled recursively. 4652The handling of message/* messages 4653are controlled by class 4654.b $=s . 4655.ip $=q 4656A set of Content-Types that will never be encoded as base64 4657(if they have to be encoded, they will be encoded as quoted-printable). 4658It can have primary types 4659(e.g., 4660.q text ) 4661or full types 4662(such as 4663.q text/plain ). 4664The class is initialized to have 4665.q text/plain 4666only. 4667.ip $=s 4668contains the set of subtypes of message that can be treated recursively. 4669By default it contains only 4670.q rfc822 . 4671Other 4672.q message/* 4673types cannot be 8\(->7 bit encoded. 4674If a message containing eight bit data is sent to a seven bit host, 4675and that message cannot be encoded into seven bits, 4676it will be stripped to 7 bits. 4677.ip $=t 4678set to the set of trusted users by the 4679.b T 4680configuration line. 4681If you want to read trusted users from a file, use 4682.b Ft \c 4683.i /file/name . 4684.ip $=w 4685set to be the set of all names 4686this host is known by. 4687This can be used to match local hostnames. 4688.ip $={persistentMacros} 4689set to the macros would should be saved across queue runs. 4690Care should be taken when adding macro names to this class. 4691.pp 4692.i Sendmail 4693can be compiled to allow a 4694.i scanf (3) 4695string on the 4696.b F 4697line. 4698This lets you do simplistic parsing of text files. 4699For example, to read all the user names in your system 4700.i /etc/passwd 4701file into a class, use 4702.(b 4703FL/etc/passwd %[^:] 4704.)b 4705which reads every line up to the first colon. 4706.sh 2 "M \*- Define Mailer" 4707.pp 4708Programs and interfaces to mailers 4709are defined in this line. 4710The format is: 4711.(b F 4712.b M \c 4713.i name , 4714{\c 4715.i field =\c 4716.i value \|}* 4717.)b 4718where 4719.i name 4720is the name of the mailer 4721(used internally only) 4722and the 4723.q field=name 4724pairs define attributes of the mailer. 4725Fields are: 4726.(b 4727.ta 1i 4728Path The pathname of the mailer 4729Flags Special flags for this mailer 4730Sender Rewriting set(s) for sender addresses 4731Recipient Rewriting set(s) for recipient addresses 4732Argv An argument vector to pass to this mailer 4733Eol The end-of-line string for this mailer 4734Maxsize The maximum message length to this mailer 4735maxmessages The maximum message deliveries per connection 4736Linelimit The maximum line length in the message body 4737Directory The working directory for the mailer 4738Userid The default user and group id to run as 4739Nice The nice(2) increment for the mailer 4740Charset The default character set for 8-bit characters 4741Type Type information for DSN diagnostics 4742Wait The maximum time to wait for the mailer 4743/ The root directory for the mailer 4744.)b 4745Only the first character of the field name is checked. 4746.pp 4747The following flags may be set in the mailer description. 4748Any other flags may be used freely 4749to conditionally assign headers to messages 4750destined for particular mailers. 4751Flags marked with \(dg 4752are not interpreted by the 4753.i sendmail 4754binary; 4755these are the conventionally used to correlate to the flags portion 4756of the 4757.b H 4758line. 4759Flags marked with \(dd 4760apply to the mailers for the sender address 4761rather than the usual recipient mailers. 4762.nr ii 4n 4763.ip a 4764Run Extended SMTP (ESMTP) protocol (defined in RFCs 1869, 1652, and 1870). 4765This flag defaults on if the SMTP greeting message includes the word 4766.q ESMTP . 4767.ip A 4768Look up the user part of the address in the alias database. 4769Normally this is only set for local mailers. 4770.ip b 4771Force a blank line on the end of a message. 4772This is intended to work around some stupid versions of 4773/bin/mail 4774that require a blank line, but do not provide it themselves. 4775It would not normally be used on network mail. 4776.ip c 4777Do not include comments in addresses. 4778This should only be used if you have to work around 4779a remote mailer that gets confused by comments. 4780This strips addresses of the form 4781.q "Phrase <address>" 4782or 4783.q "address (Comment)" 4784down to just 4785.q address . 4786.ip C\(dd 4787If mail is 4788.i received 4789from a mailer with this flag set, 4790any addresses in the header that do not have an at sign 4791(\c 4792.q @ ) 4793after being rewritten by ruleset three 4794will have the 4795.q @domain 4796clause from the sender envelope address 4797tacked on. 4798This allows mail with headers of the form: 4799.(b 4800From: usera@hosta 4801To: userb@hostb, userc 4802.)b 4803to be rewritten as: 4804.(b 4805From: usera@hosta 4806To: userb@hostb, userc@hosta 4807.)b 4808automatically. 4809However, it doesn't really work reliably. 4810.ip d 4811Do not include angle brackets around route-address syntax addresses. 4812This is useful on mailers that are going to pass addresses to a shell 4813that might interpret angle brackets as I/O redirection. 4814However, it does not protect against other shell metacharacters. 4815Therefore, passing addresses to a shell should not be considered secure. 4816.ip D\(dg 4817This mailer wants a 4818.q Date: 4819header line. 4820.ip e 4821This mailer is expensive to connect to, 4822so try to avoid connecting normally; 4823any necessary connection will occur during a queue run. 4824See also option 4825.b HoldExpensive . 4826.ip E 4827Escape lines beginning with 4828.q From\0 4829in the message with a `>' sign. 4830.ip f 4831The mailer wants a 4832.b \-f 4833.i from 4834flag, 4835but only if this is a network forward operation 4836(i.e., 4837the mailer will give an error 4838if the executing user 4839does not have special permissions). 4840.ip F\(dg 4841This mailer wants a 4842.q From: 4843header line. 4844.ip g 4845Normally, 4846.i sendmail 4847sends internally generated email (e.g., error messages) 4848using the null return address 4849as required by RFC 1123. 4850However, some mailers don't accept a null return address. 4851If necessary, 4852you can set the 4853.b g 4854flag to prevent 4855.i sendmail 4856from obeying the standards; 4857error messages will be sent as from the MAILER-DAEMON 4858(actually, the value of the 4859.b $n 4860macro). 4861.ip h 4862Upper case should be preserved in host names 4863(the $@ portion of the mailer triplet resolved from ruleset 0) 4864for this mailer. 4865.ip i 4866Do User Database rewriting on envelope sender address. 4867.ip I 4868This mailer will be speaking SMTP 4869to another 4870.i sendmail 4871\*- 4872as such it can use special protocol features. 4873This option is not required 4874(i.e., 4875if this option is omitted the transmission will still operate successfully, 4876although perhaps not as efficiently as possible). 4877.ip j 4878Do User Database rewriting on recipients as well as senders. 4879.ip k 4880Normally when 4881.i sendmail 4882connects to a host via SMTP, 4883it checks to make sure that this isn't accidently the same host name 4884as might happen if 4885.i sendmail 4886is misconfigured or if a long-haul network interface is set in loopback mode. 4887This flag disables the loopback check. 4888It should only be used under very unusual circumstances. 4889.ip K 4890Currently unimplemented. 4891Reserved for chunking. 4892.ip l 4893This mailer is local 4894(i.e., 4895final delivery will be performed). 4896.ip L 4897Limit the line lengths as specified in RFC821. 4898This deprecated option should be replaced by the 4899.b L= 4900mail declaration. 4901For historic reasons, the 4902.b L 4903flag also sets the 4904.b 7 4905flag. 4906.ip m 4907This mailer can send to multiple users 4908on the same host 4909in one transaction. 4910When a 4911.b $u 4912macro occurs in the 4913.i argv 4914part of the mailer definition, 4915that field will be repeated as necessary 4916for all qualifying users. 4917Removing this flag can defeat duplicate supression on a remote site 4918as each recipient is sent in a separate transaction. 4919.ip M\(dg 4920This mailer wants a 4921.q Message-Id: 4922header line. 4923.ip n 4924Do not insert a UNIX-style 4925.q From 4926line on the front of the message. 4927.ip o 4928Always run as the owner of the recipient mailbox. 4929Normally 4930.i sendmail 4931runs as the sender for locally generated mail 4932or as 4933.q daemon 4934(actually, the user specified in the 4935.b u 4936option) 4937when delivering network mail. 4938The normal behavior is required by most local mailers, 4939which will not allow the envelope sender address 4940to be set unless the mailer is running as daemon. 4941This flag is ignored if the 4942.b S 4943flag is set. 4944.ip p 4945Use the route-addr style reverse-path in the SMTP 4946.q "MAIL FROM:" 4947command 4948rather than just the return address; 4949although this is required in RFC821 section 3.1, 4950many hosts do not process reverse-paths properly. 4951Reverse-paths are officially discouraged by RFC 1123. 4952.ip P\(dg 4953This mailer wants a 4954.q Return-Path: 4955line. 4956.ip q 4957When an address that resolves to this mailer is verified 4958(SMTP VRFY command), 4959generate 250 responses instead of 252 responses. 4960This will imply that the address is local. 4961.ip r 4962Same as 4963.b f , 4964but sends a 4965.b \-r 4966flag. 4967.ip R 4968Open SMTP connections from a 4969.q secure 4970port. 4971Secure ports aren't 4972(secure, that is) 4973except on UNIX machines, 4974so it is unclear that this adds anything. 4975.ip s 4976Strip quote characters (" and \e) off of the address 4977before calling the mailer. 4978.ip S 4979Don't reset the userid 4980before calling the mailer. 4981This would be used in a secure environment 4982where 4983.i sendmail 4984ran as root. 4985This could be used to avoid forged addresses. 4986If the 4987.b U= 4988field is also specified, 4989this flag causes the effective user id to be set to that user. 4990.ip u 4991Upper case should be preserved in user names 4992for this mailer. 4993Standards require preservation of case in the local part of addresses, 4994except for those address for which your system accepts responsibility. 4995.ip U 4996This mailer wants UUCP-style 4997.q From 4998lines with the ugly 4999.q "remote from <host>" 5000on the end. 5001.ip w 5002The user must have a valid account on this machine, 5003i.e., 5004getpwnam 5005must succeed. 5006If not, 5007the mail is bounced. 5008This is required to get 5009.q \&.forward 5010capability. 5011.ip x\(dg 5012This mailer wants a 5013.q Full-Name: 5014header line. 5015.ip X 5016This mailer want to use the hidden dot algorithm 5017as specified in RFC821; 5018basically, 5019any line beginning with a dot 5020will have an extra dot prepended 5021(to be stripped at the other end). 5022This insures that lines in the message containing a dot 5023will not terminate the message prematurely. 5024.ip z 5025Run Local Mail Transfer Protocol (LMTP) 5026between 5027.i sendmail 5028and the local mailer. 5029This is a variant on SMTP 5030defined in RFC 2033 5031that is specifically designed for delivery to a local mailbox. 5032.ip 0 5033Don't look up MX records for hosts sent via SMTP. 5034.ip 3 5035Extend the list of characters converted to =XX notation 5036when converting to Quoted-Printable 5037to include those that don't map cleanly between ASCII and EBCDIC. 5038Useful if you have IBM mainframes on site. 5039.ip 5 5040If no aliases are found for this address, 5041pass the address through ruleset 5 for possible alternate resolution. 5042This is intended to forward the mail to an alternate delivery spot. 5043.ip 6 5044Strip headers to seven bits. 5045.ip 7 5046Strip all output to seven bits. 5047This is the default if the 5048.b L 5049flag is set. 5050Note that clearing this option is not 5051sufficient to get full eight bit data passed through 5052.i sendmail . 5053If the 5054.b 7 5055option is set, this is essentially always set, 5056since the eighth bit was stripped on input. 5057Note that this option will only impact messages 5058that didn't have 8\(->7 bit MIME conversions performed. 5059.ip 8 5060If set, 5061it is acceptable to send eight bit data to this mailer; 5062the usual attempt to do 8\(->7 bit MIME conversions will be bypassed. 5063.ip 9 5064If set, 5065do 5066.i limited 50677\(->8 bit MIME conversions. 5068These conversions are limited to text/plain data. 5069.ip : 5070Check addresses to see if they begin 5071.q :include: ; 5072if they do, convert them to the 5073.q *include* 5074mailer. 5075.ip | 5076Check addresses to see if they begin with a `|'; 5077if they do, convert them to the 5078.q prog 5079mailer. 5080.ip / 5081Check addresses to see if they begin with a `/'; 5082if they do, convert them to the 5083.q *file* 5084mailer. 5085.ip @ 5086Look up addresses in the user database. 5087.ip % 5088Do not attempt delivery on initial recipient of a message 5089or on queue runs 5090unless the queued message is selected 5091using one of the -qI/-qR/-qS queue run modifiers 5092or an ETRN request. 5093.pp 5094Configuration files prior to level 6 5095assume the `A', `w', `5', `:', `|', `/', and `@' options 5096on the mailer named 5097.q local . 5098.pp 5099The mailer with the special name 5100.q error 5101can be used to generate a user error. 5102The (optional) host field is an exit status to be returned, 5103and the user field is a message to be printed. 5104The exit status may be numeric or one of the values 5105USAGE, NOUSER, NOHOST, UNAVAILABLE, SOFTWARE, TEMPFAIL, PROTOCOL, or CONFIG 5106to return the corresponding EX_ exit code, 5107or an enhanced error code as described in RFC 1893, 5108.ul 5109Enhanced Mail System Status Codes. 5110For example, the entry: 5111.(b 5112$#error $@ NOHOST $: Host unknown in this domain 5113.)b 5114on the RHS of a rule 5115will cause the specified error to be generated 5116and the 5117.q "Host unknown" 5118exit status to be returned 5119if the LHS matches. 5120This mailer is only functional in rulesets 0, 5, 5121or one of the check_* rulesets. 5122.pp 5123The mailer with the special name 5124.q discard 5125causes any mail sent to it to be discarded 5126but otherwise treated as though it were successfully delivered. 5127This mailer can not be used in ruleset 0, 5128only in the various address checking rulesets. 5129.pp 5130The mailer named 5131.q local 5132.i must 5133be defined in every configuration file. 5134This is used to deliver local mail, 5135and is treated specially in several ways. 5136Additionally, three other mailers named 5137.q prog , 5138.q *file* , 5139and 5140.q *include* 5141may be defined to tune the delivery of messages to programs, 5142files, 5143and :include: lists respectively. 5144They default to: 5145.(b 5146Mprog, P=/bin/sh, F=lsoDq9, T=DNS/RFC822/X-Unix, A=sh \-c $u 5147M*file*, P=[FILE], F=lsDFMPEouq9, T=DNS/RFC822/X-Unix, A=FILE $u 5148M*include*, P=/dev/null, F=su, A=INCLUDE $u 5149.)b 5150.pp 5151The Sender and Recipient rewriting sets 5152may either be a simple ruleset id 5153or may be two ids separated by a slash; 5154if so, the first rewriting set is applied to envelope 5155addresses 5156and the second is applied to headers. 5157Setting any value zero disables corresponding mailer-specific rewriting. 5158.pp 5159The Directory 5160is actually a colon-separated path of directories to try. 5161For example, the definition 5162.q D=$z:/ 5163first tries to execute in the recipient's home directory; 5164if that is not available, 5165it tries to execute in the root of the filesystem. 5166This is intended to be used only on the 5167.q prog 5168mailer, 5169since some shells (such as 5170.i csh ) 5171refuse to execute if they cannot read the home directory. 5172Since the queue directory is not normally readable by unprivileged users 5173.i csh 5174scripts as recipients can fail. 5175.pp 5176The Userid 5177specifies the default user and group id to run as, 5178overriding the 5179.b DefaultUser 5180option (q.v.). 5181If the 5182.b S 5183mailer flag is also specified, 5184this user and group will be set as the 5185effective uid and gid for the process. 5186This may be given as 5187.i user:group 5188to set both the user and group id; 5189either may be an integer or a symbolic name to be looked up 5190in the 5191.i passwd 5192and 5193.i group 5194files respectively. 5195If only a symbolic user name is specified, 5196the group id in the 5197.i passwd 5198file for that user is used as the group id. 5199.pp 5200The Charset field 5201is used when converting a message to MIME; 5202this is the character set used in the 5203Content-Type: header. 5204If this is not set, the 5205.b DefaultCharset 5206option is used, 5207and if that is not set, the value 5208.q unknown-8bit 5209is used. 5210.b WARNING: 5211this field applies to the sender's mailer, 5212not the recipient's mailer. 5213For example, if the envelope sender address 5214lists an address on the local network 5215and the recipient is on an external network, 5216the character set will be set from the Charset= field 5217for the local network mailer, 5218not that of the external network mailer. 5219.pp 5220The Type= field 5221sets the type information 5222used in MIME error messages 5223as defined by 5224RFC 1894. 5225It is actually three values separated by slashes: 5226the MTA-type (that is, the description of how hosts are named), 5227the address type (the description of e-mail addresses), 5228and the diagnostic type (the description of error diagnostic codes). 5229Each of these must be a registered value 5230or begin with 5231.q X\- . 5232The default is 5233.q dns/rfc822/smtp . 5234.pp 5235The m= field specifies the maximum number of messages to attempt to deliver 5236on a single SMTP or LMTP connection. 5237.pp 5238The /= field specifies a new root directory for the mailer. The path is 5239macro expanded and then passed to the 5240.q chroot 5241system call. The root directory is changed before the Directory field is 5242consulted or the uid is changed. 5243.pp 5244The Wait= field specifies the maximum time to wait for the 5245mailer to return after sending all data to it. 5246This applies to mailers that have been forked by 5247.i sendmail . 5248.sh 2 "H \*- Define Header" 5249.pp 5250The format of the header lines that 5251.i sendmail 5252inserts into the message 5253are defined by the 5254.b H 5255line. 5256The syntax of this line is one of the following: 5257.(b F 5258.b H \c 5259.i hname \c 5260.b : 5261.i htemplate 5262.)b 5263.(b F 5264.b H [\c 5265.b ? \c 5266.i mflags \c 5267.b ? \c 5268.b ]\c 5269.i hname \c 5270.b : 5271.i htemplate 5272.)b 5273.(b F 5274.b H [\c 5275.b ? \c 5276.i ${macro} \c 5277.b ? \c 5278.b ]\c 5279.i hname \c 5280.b : 5281.i htemplate 5282.)b 5283Continuation lines in this spec 5284are reflected directly into the outgoing message. 5285The 5286.i htemplate 5287is macro-expanded before insertion into the message. 5288If the 5289.i mflags 5290(surrounded by question marks) 5291are specified, 5292at least one of the specified flags 5293must be stated in the mailer definition 5294for this header to be automatically output. 5295If a 5296.i ${macro} 5297(surrounded by question marks) 5298is specified, 5299the header will be automatically output 5300if the macro is set. 5301The macro may be set using any of the normal methods, 5302including using the 5303.b macro 5304storage map in a ruleset. 5305If one of these headers is in the input 5306it is reflected to the output 5307regardless of these flags or macros. 5308.pp 5309Some headers have special semantics 5310that will be described later. 5311.pp 5312A secondary syntax allows validation of headers as they are being read. 5313To enable validation, use: 5314.(b 5315.b H \c 5316.i Header \c 5317.b ": $>" \c 5318.i Ruleset 5319.b H \c 5320.i Header \c 5321.b ": $>+" \c 5322.i Ruleset 5323.)b 5324The indicated 5325.i Ruleset 5326is called for the specified 5327.i Header , 5328and can return 5329.b $#error 5330to reject the message or 5331.b $#discard 5332to discard the message 5333(as with the other 5334.b check_ * 5335rulesets). 5336The ruleset receives the header field-body as argument, 5337i.e., not the header field-name; see also 5338${hdr_name} and ${currHeader}. 5339The header is treated as a structured field, 5340that is, 5341text in parentheses is deleted before processing, 5342unless the second form 5343.b $>+ 5344is used. 5345Note: only one ruleset can be associated with a header; 5346.i sendmail 5347will silently ignore multiple entries. 5348.pp 5349For example, the configuration lines: 5350.(b 5351HMessage-Id: $>CheckMessageId 5352 5353SCheckMessageId 5354R< $+ @ $+ > $@ OK 5355R$* $#error $: Illegal Message-Id header 5356.)b 5357would refuse any message that had a Message-Id: header of any of the 5358following forms: 5359.(b 5360Message-Id: <> 5361Message-Id: some text 5362Message-Id: <legal text@domain> extra crud 5363.)b 5364A default ruleset that is called for headers which don't have a 5365specific ruleset defined for them can be specified by: 5366.(b 5367.b H \c 5368.i * \c 5369.b ": $>" \c 5370.i Ruleset 5371.)b 5372or 5373.(b 5374.b H \c 5375.i * \c 5376.b ": $>+" \c 5377.i Ruleset 5378.)b 5379.sh 2 "O \*- Set Option" 5380.pp 5381There are a number of 5382global 5383options that 5384can be set from a configuration file. 5385Options are represented by full words; 5386some are also representable as single characters 5387for back compatibility. 5388The syntax of this line is: 5389.(b F 5390.b O \0 5391.i option \c 5392.b = \c 5393.i value 5394.)b 5395This sets option 5396.i option 5397to be 5398.i value . 5399Note that there 5400.i must 5401be a space between the letter `O' and the name of the option. 5402An older version is: 5403.(b F 5404.b O \c 5405.i o\|value 5406.)b 5407where the option 5408.i o 5409is a single character. 5410Depending on the option, 5411.i value 5412may be a string, an integer, 5413a boolean 5414(with legal values 5415.q t , 5416.q T , 5417.q f , 5418or 5419.q F ; 5420the default is TRUE), 5421or 5422a time interval. 5423.pp 5424The options supported (with the old, one character names in brackets) are: 5425.nr ii 1i 5426.ip "AliasFile=\fIspec, spec, ...\fP" 5427[A] 5428Specify possible alias file(s). 5429Each 5430.i spec 5431should be in the format 5432``\c 5433.i class \c 5434.b : 5435.i info '' 5436where 5437.i class \c 5438.b : 5439is optional and defaults to ``implicit''. 5440Depending on how 5441.i sendmail 5442is compiled, valid classes are 5443.q implicit 5444(search through a compiled-in list of alias file types, 5445for back compatibility), 5446.q hash 5447(if 5448.sm NEWDB 5449is specified), 5450.q btree 5451(if 5452.sm NEWDB 5453is specified), 5454.q dbm 5455(if 5456.sm NDBM 5457is specified), 5458.q stab 5459(internal symbol table \*- not normally used 5460unless you have no other database lookup), 5461.q sequence 5462(use a sequence of maps 5463previously declared), 5464.q ldap 5465(if 5466.sm LDAPMAP 5467is specified), 5468or 5469.q nis 5470(if 5471.sm NIS 5472is specified). 5473If a list of 5474.i spec s 5475are provided, 5476.i sendmail 5477searches them in order. 5478.ip AliasWait=\fItimeout\fP 5479[a] 5480If set, 5481wait up to 5482.i timeout 5483(units default to minutes) 5484for an 5485.q @:@ 5486entry to exist in the alias database 5487before starting up. 5488If it does not appear in the 5489.i timeout 5490interval 5491rebuild the database 5492(if the 5493.b AutoRebuildAliases 5494option is also set) 5495or issue a warning. 5496.ip AllowBogusHELO 5497[no short name] 5498If set, allow HELO SMTP commands that don't include a host name. 5499Setting this violates RFC 1123 section 5.2.5, 5500but is necessary to interoperate with several SMTP clients. 5501If there is a value, it is still checked for legitimacy. 5502.ip AuthMechanisms 5503[no short name] 5504List of authentication mechanisms for AUTH (separated by spaces). 5505The advertised list of authentication mechanisms will be the 5506intersection of this list and the list of available mechanisms as 5507determined by the Cyrus SASL library. 5508.ip AuthOptions 5509[no short name] 5510When to use the AUTH= parameter for the MAIL FROM command; 5511.(b 5512.ta 1i 5513A Only when authentication succeeded. 5514.)b 5515The default is to try whenever SMTP AUTH is available. 5516.ip AutoRebuildAliases 5517[D] 5518If set, 5519rebuild the alias database if necessary and possible. 5520The rebuild will happen the next time an alias is looked up. 5521If this option is not set, 5522.i sendmail 5523will never rebuild the alias database 5524unless explicitly requested 5525using 5526.b \-bi . 5527.b NOTE : 5528There is a potential for a denial of service attack if this is set. 5529This option is deprecated and 5530will be removed from a future version. 5531.ip BlankSub=\fIc\fP 5532[B] 5533Set the blank substitution character to 5534.i c . 5535Unquoted spaces in addresses are replaced by this character. 5536Defaults to space (i.e., no change is made). 5537.ip CACERTPath 5538[no short name] 5539Path to directory with certificates of CAs. 5540This directory directory must contain the hashes of each CA certificate 5541as filenames (or as links to them). 5542.ip CACERTFile 5543[no short name] 5544File containing one CA certificate. 5545.ip CheckAliases 5546[n] 5547Validate the RHS of aliases when rebuilding the alias database. 5548.ip CheckpointInterval=\fIN\fP 5549[C] 5550Checkpoints the queue every 5551.i N 5552(default 10) 5553addresses sent. 5554If your system crashes during delivery to a large list, 5555this prevents retransmission to any but the last 5556.i N 5557recipients. 5558.ip ClassFactor=\fIfact\fP 5559[z] 5560The indicated 5561.i fact or 5562is multiplied by the message class 5563(determined by the Precedence: field in the user header 5564and the 5565.b P 5566lines in the configuration file) 5567and subtracted from the priority. 5568Thus, messages with a higher Priority: will be favored. 5569Defaults to 1800. 5570.ip ClientCertFile 5571[no short name] 5572File containing the certificate of the client, i.e., this certificate 5573is used when sendmail acts as client. 5574.ip ClientPortOptions=\fIoptions\fP 5575[O] 5576Set client SMTP options. 5577The options are 5578.i key=value 5579pairs separated by commas. 5580Known keys are: 5581.(b 5582.ta 1i 5583Port Name/number of source port for connection (defaults to any free port) 5584Addr Address mask (defaults INADDR_ANY) 5585Family Address family (defaults to INET) 5586SndBufSize Size of TCP send buffer 5587RcvBufSize Size of TCP receive buffer 5588Modifier Options (flags) for the daemon 5589.)b 5590The 5591.i Addr ess 5592mask may be a numeric address in dot notation 5593or a network name. 5594.i Modifier 5595can be the following character: 5596.(b 5597.ta 1i 5598h use name of interface for HELO command 5599.)b 5600If ``h'' is set, the name corresponding to the outgoing interface 5601address (whether chosen via the Connection parameter or 5602the default) is used for the HELO/EHLO command. 5603.ip ClientKeyFile 5604[no short name] 5605File containing the private key belonging to the client certificate. 5606.ip ColonOkInAddr 5607[no short name] 5608If set, colons are acceptable in e-mail addresses 5609(e.g., 5610.q host:user ). 5611If not set, colons indicate the beginning of a RFC 822 group construct 5612(\c 5613.q "groupname: member1, member2, ... memberN;" ). 5614Doubled colons are always acceptable 5615(\c 5616.q nodename::user ) 5617and proper route-addr nesting is understood 5618(\c 5619.q <@relay:user@host> ). 5620Furthermore, this option defaults on if the configuration version level 5621is less than 6 (for back compatibility). 5622However, it must be off for full compatibility with RFC 822. 5623.ip ConnectionCacheSize=\fIN\fP 5624[k] 5625The maximum number of open connections that will be cached at a time. 5626The default is one. 5627This delays closing the current connection until 5628either this invocation of 5629.i sendmail 5630needs to connect to another host 5631or it terminates. 5632Setting it to zero defaults to the old behavior, 5633that is, connections are closed immediately. 5634Since this consumes file descriptors, 5635the connection cache should be kept small: 56364 is probably a practical maximum. 5637.ip ConnectionCacheTimeout=\fItimeout\fP 5638[K] 5639The maximum amount of time a cached connection will be permitted to idle 5640without activity. 5641If this time is exceeded, 5642the connection is immediately closed. 5643This value should be small (on the order of ten minutes). 5644Before 5645.i sendmail 5646uses a cached connection, 5647it always sends a RSET command 5648to check the connection; 5649if this fails, it reopens the connection. 5650This keeps your end from failing if the other end times out. 5651The point of this option is to be a good network neighbor 5652and avoid using up excessive resources 5653on the other end. 5654The default is five minutes. 5655.ip ConnectOnlyTo=\fIaddress\fP 5656[no short name] 5657This can be used to 5658override the connection address (for testing purposes). 5659.ip ConnectionRateThrottle=\fIN\fP 5660[no short name] 5661If set to a positive value, 5662allow no more than 5663.i N 5664incoming daemon connections in a one second period. 5665This is intended to flatten out peaks 5666and allow the load average checking to cut in. 5667Defaults to zero (no limits). 5668.ip ControlSocketName=\fIname\fP 5669[no short name] 5670Name of the control socket for daemon management. 5671A running 5672.i sendmail 5673daemon can be controlled through this named socket. 5674Available commands are: 5675.i help, 5676.i restart, 5677.i shutdown, 5678and 5679.i status. 5680The 5681.i status 5682command returns the current number of daemon children, 5683the maximum number of daemon children, 5684the free disk space (in blocks) of the queue directory, 5685and the load average of the machine expressed as an integer. 5686If not set, no control socket will be available. 5687Solaris and pre-4.4BSD kernel users should see the note in sendmail/README . 5688.ip DHParameters 5689File with DH parameters for STARTTLS. 5690This is only required if DSA/DH is used. 5691.ip DaemonPortOptions=\fIoptions\fP 5692[O] 5693Set server SMTP options. 5694Each instance of DaemonPortOptions leads to an additional incoming socket. 5695The options are 5696.i key=value 5697pairs. 5698Known keys are: 5699.(b 5700.ta 1i 5701Name User-definable name for the daemon (defaults to "Daemon#") 5702Port Name/number of listening port (defaults to "smtp") 5703Addr Address mask (defaults INADDR_ANY) 5704Family Address family (defaults to INET) 5705Listen Size of listen queue (defaults to 10) 5706Modifier Options (flags) for the daemon 5707SndBufSize Size of TCP send buffer 5708RcvBufSize Size of TCP receive buffer 5709.)b 5710The 5711.i Name 5712field is used for error messages and logging. 5713The 5714.i Addr ess 5715mask may be a numeric address in dot notation 5716or a network name. 5717The 5718.i Family 5719key defaults to INET (IPv4). 5720IPv6 users who wish to also accept IPv6 connections 5721should add additional Family=inet6 DaemonPortOptions lines. 5722.i Modifier 5723can be a sequence (without any delimiters) 5724of the following characters: 5725.(b 5726.ta 1i 5727a always require authentication 5728b bind to interface through which mail has been received 5729c perform hostname canonification (.cf) 5730f require fully qualified hostname (.cf) 5731u allow unqualified addresses (.cf) 5732C don't perform hostname canonification 5733E disallow ETRN (see RFC 2476) 5734.)b 5735That is, one way to specify a message submission agent (MSA) that 5736always requires authentication is: 5737.(b 5738O DaemonPortOptions=Name=MSA, Port=587, M=Ea 5739.)b 5740The modifiers that are marked with "(.cf)" have only 5741effect in the standard configuration file, in which 5742they are available via 5743.b ${daemon_flags} . 5744Notice: Do 5745.b not 5746use the ``a'' modifier on a public accessible MTA! 5747It should only be used for a MSA that is accessed by authorized 5748users for initial mail submission. 5749Users must authenticate to use a MSA which has this option turned on. 5750The flags ``c'' and ``C'' can change the default for 5751hostname canonification in the 5752.i sendmail.cf 5753file. 5754See the relevant documentation for 5755.sm FEATURE(nocanonify) . 5756The modifier ``f'' disallows addresses of the form 5757.b user@host 5758unless they are submitted directly. 5759The flag ``u'' allows unqualified sender addresses. 5760``b'' forces sendmail to bind to the interface 5761through which the e-mail has been 5762received for the outgoing connection. 5763.b WARNING: 5764Use ``b'' 5765only if outgoing mail can be routed through the incoming connection's 5766interface to its destination. No attempt is made to catch problems due to a 5767misconfiguration of this parameter, use it only for virtual hosting 5768where each virtual interface can connect to every possible location. 5769This will also override possible settings via 5770.b ClientPortOptions. 5771Note, 5772.i sendmail 5773will listen on a new socket 5774for each occurence of the DaemonPortOptions option 5775in a configuration file. 5776.ip DefaultAuthInfo 5777[no short name] 5778Filename that contains default authentication information for outgoing 5779connections. This file must contain the user id, the authorization id, 5780the password (plain text), and the realm to use 5781on separate lines and must be readable by 5782root (or the trusted user) only. 5783If no realm is specified, 5784.b $j 5785is used. 5786.ip DefaultCharSet=\fIcharset\fP 5787[no short name] 5788When a message that has 8-bit characters but is not in MIME format 5789is converted to MIME 5790(see the EightBitMode option) 5791a character set must be included in the Content-Type: header. 5792This character set is normally set from the Charset= field 5793of the mailer descriptor. 5794If that is not set, the value of this option is used. 5795If this option is not set, the value 5796.q unknown-8bit 5797is used. 5798.ip DataFileBufferSize=\fIthreshold\fP 5799[no short name] 5800Set the 5801.i threshold , 5802in bytes, 5803before a memory-based 5804queue data file 5805becomes disk-based. 5806The default is 4096 bytes. 5807.ip DeadLetterDrop=\fIfile\fP 5808[no short name] 5809Defines the location of the system-wide dead.letter file, 5810formerly hardcoded to /usr/tmp/dead.letter. 5811If this option is not set (the default), 5812sendmail will not attempt to save to a system-wide dead.letter file 5813in the event 5814it can not bounce the mail to the user or postmaster. 5815Instead, it will rename the qf file 5816as it has in the past 5817when the dead.letter file could not be opened. 5818.ip DefaultUser=\fIuser:group\fP 5819[u] 5820Set the default userid for mailers to 5821.i user:group . 5822If 5823.i group 5824is omitted and 5825.i user 5826is a user name 5827(as opposed to a numeric user id) 5828the default group listed in the /etc/passwd file for that user is used 5829as the default group. 5830Both 5831.i user 5832and 5833.i group 5834may be numeric. 5835Mailers without the 5836.i S 5837flag in the mailer definition 5838will run as this user. 5839Defaults to 1:1. 5840The value can also be given as a symbolic user name.\** 5841.(f 5842\**The old 5843.b g 5844option has been combined into the 5845.b DefaultUser 5846option. 5847.)f 5848.ip DeliveryMode=\fIx\fP 5849[d] 5850Deliver in mode 5851.i x . 5852Legal modes are: 5853.(b 5854.ta 4n 5855i Deliver interactively (synchronously) 5856b Deliver in background (asynchronously) 5857q Just queue the message (deliver during queue run) 5858d Defer delivery and all map lookups (deliver during queue run) 5859.)b 5860Defaults to ``b'' if no option is specified, 5861``i'' if it is specified but given no argument 5862(i.e., ``Od'' is equivalent to ``Odi''). 5863The 5864.b \-v 5865command line flag sets this to 5866.b i . 5867.ip DialDelay=\fIsleeptime\fP 5868[no short name] 5869Dial-on-demand network connections can see timeouts 5870if a connection is opened before the call is set up. 5871If this is set to an interval and a connection times out 5872on the first connection being attempted 5873.i sendmail 5874will sleep for this amount of time and try again. 5875This should give your system time to establish the connection 5876to your service provider. 5877Units default to seconds, so 5878.q DialDelay=5 5879uses a five second delay. 5880Defaults to zero 5881(no retry). 5882.ip DontBlameSendmail=\fIoption,option,...\fP 5883[no short name] 5884In order to avoid possible cracking attempts 5885caused by world- and group-writable files and directories, 5886.i sendmail 5887does paranoid checking when opening most of its support files. 5888If for some reason you absolutely must run with, 5889for example, 5890a group-writable 5891.i /etc 5892directory, 5893then you will have to turn off this checking 5894(at the cost of making your system more vulnerable to attack). 5895The arguments are individual options that turn off checking: 5896.(b 5897Safe 5898AssumeSafeChown 5899ClassFileInUnsafeDirPath 5900DontWarnForwardFileInUnsafeDirPath 5901ErrorHeaderInUnsafeDirPath 5902FileDeliveryToHardLink 5903FileDeliveryToSymLink 5904ForwardFileInUnsafeDirPath 5905ForwardFileInUnsafeDirPathSafe 5906ForwardFileIngroupWritableDirPath 5907GroupWritableAliasFile 5908GroupWritableDirPathSafe 5909GroupWritableForwardFileSafe 5910GroupWritableIncludeFileSafe 5911HelpFileinUnsafeDirPath 5912IncludeFileInUnsafeDirPath 5913IncludeFileInUnsafeDirPathSafe 5914IncludeFileIngroupWritableDirPath 5915InsufficientEntropy 5916LinkedAliasFileInWritableDir 5917LinkedClassFileInWritableDir 5918LinkedForwardFileInWritableDir 5919LinkedIncludeFileInWritableDir 5920LinkedMapInWritableDir 5921LinkedServiceSwitchFileInWritableDir 5922MapInUnsafeDirPath 5923NonRootSafeAddr 5924RunProgramInUnsafeDirPath 5925RunWritableProgram 5926TrustStickyBit 5927WorldWritableAliasFile 5928WriteMapToHardLink 5929WriteMapToSymLink 5930WriteStatsToHardLink 5931WriteStatsToSymLink 5932.)b 5933.b Safe 5934is the default. 5935The details of these flags are described above. 5936.\"XXX should have more here!!! XXX 5937.b "Use of this option is not recommended." 5938.ip DontExpandCnames 5939[no short name] 5940The standards say that all host addresses used in a mail message 5941must be fully canonical. 5942For example, if your host is named 5943.q Cruft.Foo.ORG 5944and also has an alias of 5945.q FTP.Foo.ORG , 5946the former name must be used at all times. 5947This is enforced during host name canonification 5948($[ ... $] lookups). 5949If this option is set, the protocols are ignored and the 5950.q wrong 5951thing is done. 5952However, the IETF is moving toward changing this standard, 5953so the behavior may become acceptable. 5954Please note that hosts downstream may still rewrite the address 5955to be the true canonical name however. 5956.ip DontInitGroups 5957[no short name] 5958If set, 5959.i sendmail 5960will avoid using the initgroups(3) call. 5961If you are running NIS, 5962this causes a sequential scan of the groups.byname map, 5963which can cause your NIS server to be badly overloaded in a large domain. 5964The cost of this is that the only group found for users 5965will be their primary group (the one in the password file), 5966which will make file access permissions somewhat more restrictive. 5967Has no effect on systems that don't have group lists. 5968.ip DontProbeInterfaces 5969[no short name] 5970.i Sendmail 5971normally finds the names of all interfaces active on your machine 5972when it starts up 5973and adds their name to the 5974.b $=w 5975class of known host aliases. 5976If you have a large number of virtual interfaces 5977or if your DNS inverse lookups are slow 5978this can be time consuming. 5979This option turns off that probing. 5980However, you will need to be certain to include all variant names 5981in the 5982.b $=w 5983class by some other mechanism. 5984.ip DontPruneRoutes 5985[R] 5986Normally, 5987.i sendmail 5988tries to eliminate any unnecessary explicit routes 5989when sending an error message 5990(as discussed in RFC 1123 \(sc 5.2.6). 5991For example, 5992when sending an error message to 5993.(b 5994<@known1,@known2,@known3:user@unknown> 5995.)b 5996.i sendmail 5997will strip off the 5998.q @known1,@known2 5999in order to make the route as direct as possible. 6000However, if the 6001.b R 6002option is set, this will be disabled, 6003and the mail will be sent to the first address in the route, 6004even if later addresses are known. 6005This may be useful if you are caught behind a firewall. 6006.ip DoubleBounceAddress=\fIerror-address\fP 6007[no short name] 6008If an error occurs when sending an error message, 6009send the error report 6010(termed a 6011.q "double bounce" 6012because it is an error 6013.q bounce 6014that occurs when trying to send another error 6015.q bounce ) 6016to the indicated address. 6017The address is macro expanded 6018at the time of delivery. 6019If not set, defaults to 6020.q postmaster . 6021.ip EightBitMode=\fIaction\fP 6022[8] 6023Set handling of eight-bit data. 6024There are two kinds of eight-bit data: 6025that declared as such using the 6026.b BODY=8BITMIME 6027ESMTP declaration or the 6028.b \-B8BITMIME 6029command line flag, 6030and undeclared 8-bit data, that is, 6031input that just happens to be eight bits. 6032There are three basic operations that can happen: 6033undeclared 8-bit data can be automatically converted to 8BITMIME, 6034undeclared 8-bit data can be passed as-is without conversion to MIME 6035(``just send 8''), 6036and declared 8-bit data can be converted to 7-bits 6037for transmission to a non-8BITMIME mailer. 6038The possible 6039.i action s 6040are: 6041.(b 6042.\" r Reject undeclared 8-bit data; 6043.\" don't convert 8BITMIME\(->7BIT (``reject'') 6044 s Reject undeclared 8-bit data (``strict'') 6045.\" do convert 8BITMIME\(->7BIT (``strict'') 6046.\" c Convert undeclared 8-bit data to MIME; 6047.\" don't convert 8BITMIME\(->7BIT (``convert'') 6048 m Convert undeclared 8-bit data to MIME (``mime'') 6049.\" do convert 8BITMIME\(->7BIT (``mime'') 6050.\" j Pass undeclared 8-bit data; 6051.\" don't convert 8BITMIME\(->7BIT (``just send 8'') 6052 p Pass undeclared 8-bit data (``pass'') 6053.\" do convert 8BITMIME\(->7BIT (``pass'') 6054.\" a Adaptive algorithm: see below 6055.)b 6056.\"The adaptive algorithm is to accept 8-bit data, 6057.\"converting it to 8BITMIME only if the receiver understands that, 6058.\"otherwise just passing it as undeclared 8-bit data; 6059.\"8BITMIME\(->7BIT conversions are done. 6060In all cases properly declared 8BITMIME data will be converted to 7BIT 6061as needed. 6062.ip ErrorHeader=\fIfile-or-message\fP 6063[E] 6064Prepend error messages with the indicated message. 6065If it begins with a slash, 6066it is assumed to be the pathname of a file 6067containing a message (this is the recommended setting). 6068Otherwise, it is a literal message. 6069The error file might contain the name, email address, and/or phone number 6070of a local postmaster who could provide assistance 6071to end users. 6072If the option is missing or null, 6073or if it names a file which does not exist or which is not readable, 6074no message is printed. 6075.ip ErrorMode=\fIx\fP 6076[e] 6077Dispose of errors using mode 6078.i x . 6079The values for 6080.i x 6081are: 6082.(b 6083p Print error messages (default) 6084q No messages, just give exit status 6085m Mail back errors 6086w Write back errors (mail if user not logged in) 6087e Mail back errors and give zero exit stat always 6088.)b 6089.ip FallbackMXhost=\fIfallbackhost\fP 6090[V] 6091If specified, the 6092.i fallbackhost 6093acts like a very low priority MX 6094on every host. 6095This is intended to be used by sites with poor network connectivity. 6096Messages which are undeliverable due to temporary address failures 6097(e.g., DNS failure) 6098also go to the FallBackMX host. 6099.ip ForkEachJob 6100[Y] 6101If set, 6102deliver each job that is run from the queue in a separate process. 6103Use this option if you are short of memory, 6104since the default tends to consume considerable amounts of memory 6105while the queue is being processed. 6106.ip ForwardPath=\fIpath\fP 6107[J] 6108Set the path for searching for users' .forward files. 6109The default is 6110.q $z/.forward . 6111Some sites that use the automounter may prefer to change this to 6112.q /var/forward/$u 6113to search a file with the same name as the user in a system directory. 6114It can also be set to a sequence of paths separated by colons; 6115.i sendmail 6116stops at the first file it can successfully and safely open. 6117For example, 6118.q /var/forward/$u:$z/.forward 6119will search first in /var/forward/\c 6120.i username 6121and then in 6122.i ~username /.forward 6123(but only if the first file does not exist). 6124.ip HelpFile=\fIfile\fP 6125[H] 6126Specify the help file 6127for SMTP. 6128If no file name is specified, "helpfile" is used. 6129.ip HoldExpensive 6130[c] 6131If an outgoing mailer is marked as being expensive, 6132don't connect immediately. 6133This requires that queueing be compiled in, 6134since it will depend on a queue run process to 6135actually send the mail. 6136.ip HostsFile=\fIpath\fP 6137[no short name] 6138The path to the hosts database, 6139normally 6140.q /etc/hosts . 6141This option is only consulted when sendmail 6142is canonifying addresses, 6143and then only when 6144.q files 6145is in the 6146.q hosts 6147service switch entry. 6148In particular, this file is 6149.i never 6150used when looking up host addresses; 6151that is under the control of the system 6152.i gethostbyname (3) 6153routine. 6154.ip HostStatusDirectory=\fIpath\fP 6155[no short name] 6156The location of the long term host status information. 6157When set, 6158information about the status of hosts 6159(e.g., host down or not accepting connections) 6160will be shared between all 6161.i sendmail 6162processes; 6163normally, this information is only held within a single queue run. 6164This option requires a connection cache of at least 1 to function. 6165If the option begins with a leading `/', 6166it is an absolute pathname; 6167otherwise, 6168it is relative to the mail queue directory. 6169A suggested value for sites desiring persistent host status is 6170.q \&.hoststat 6171(i.e., a subdirectory of the queue directory). 6172.ip IgnoreDots 6173[i] 6174Ignore dots in incoming messages. 6175This is always disabled (that is, dots are always accepted) 6176when reading SMTP mail. 6177.ip LDAPDefaultSpec=\fIspec\fP 6178[no short name] 6179Sets a default map specification for LDAP maps. 6180The value should only contain LDAP specific settings 6181such as 6182.q "-h host -p port -d bindDN" . 6183The settings will be used for all LDAP maps 6184unless the individual map specification overrides a setting. 6185This option should be set before any LDAP maps are defined. 6186.ip LogLevel=\fIn\fP 6187[L] 6188Set the log level to 6189.i n . 6190Defaults to 9. 6191.ip M\fIx\|value\fP 6192[no long version] 6193Set the macro 6194.i x 6195to 6196.i value . 6197This is intended only for use from the command line. 6198The 6199.b \-M 6200flag is preferred. 6201.ip MatchGECOS 6202[G] 6203Allow fuzzy matching on the GECOS field. 6204If this flag is set, 6205and the usual user name lookups fail 6206(that is, there is no alias with this name and a 6207.i getpwnam 6208fails), 6209sequentially search the password file 6210for a matching entry in the GECOS field. 6211This also requires that MATCHGECOS 6212be turned on during compilation. 6213This option is not recommended. 6214.ip MaxAliasRecursion=\fIN\fP 6215[no short name] 6216The maximum depth of alias recursion (default: 10). 6217.ip MaxDaemonChildren=\fIN\fP 6218[no short name] 6219If set, 6220.i sendmail 6221will refuse connections when it has more than 6222.i N 6223children processing incoming mail or automatic queue runs. 6224This does not limit the number of outgoing connections. 6225If not set, there is no limit to the number of children -- 6226that is, the system load averaging controls this. 6227.ip MaxHeadersLength=\fIN\fP 6228[no short name] 6229The maximum length of the sum of all headers. 6230This can be used to prevent a denial of service attack. 6231The default is no limit. 6232.ip MaxHopCount=\fIN\fP 6233[h] 6234The maximum hop count. 6235Messages that have been processed more than 6236.i N 6237times are assumed to be in a loop and are rejected. 6238Defaults to 25. 6239.ip MaxMessageSize=\fIN\fP 6240[no short name] 6241Specify the maximum message size 6242to be advertised in the ESMTP EHLO response. 6243Messages larger than this will be rejected. 6244.ip MaxMimeHeaderLength=\fIN[/M]\fP 6245[no short name] 6246Sets the maximum length of certain MIME header field values 6247to 6248.i N 6249characters. 6250For some of these headers which take parameters, 6251the maximum length of each parameter is set to 6252.i M 6253if specified. If 6254.i /M 6255is not specified, one half of 6256.i N 6257will be used. 6258By default, 6259these values are 0, meaning no checks are done. 6260.ip MaxQueueRunSize=\fIN\fP 6261[no short name] 6262The maximum number of jobs that will be processed 6263in a single queue run. 6264If not set, there is no limit on the size. 6265If you have very large queues or a very short queue run interval 6266this could be unstable. 6267However, since the first 6268.i N 6269jobs in queue directory order are run (rather than the 6270.i N 6271highest priority jobs) 6272this should be set as high as possible to avoid 6273.q losing 6274jobs that happen to fall late in the queue directory. 6275.ip MaxRecipientsPerMessage=\fIN\fP 6276[no short name] 6277The maximum number of recipients that will be accepted per message 6278in an SMTP transaction. 6279Note: setting this too low can interfere with sending mail from 6280MUAs that use SMTP for initial submission. 6281If not set, there is no limit on the number of recipients per envelope. 6282.ip MeToo 6283[m] 6284Send to me too, 6285even if I am in an alias expansion. 6286This option is deprecated 6287and will be removed from a future version. 6288.ip MinFreeBlocks=\fIN\fP 6289[b] 6290Insist on at least 6291.i N 6292blocks free on the filesystem that holds the queue files 6293before accepting email via SMTP. 6294If there is insufficient space 6295.i sendmail 6296gives a 452 response 6297to the MAIL command. 6298This invites the sender to try again later. 6299.ip MinQueueAge=\fIage\fP 6300[no short name] 6301Don't process any queued jobs 6302that have been in the queue less than the indicated time interval. 6303This is intended to allow you to get responsiveness 6304by processing the queue fairly frequently 6305without thrashing your system by trying jobs too often. 6306The default units are minutes. 6307.ip MustQuoteChars=\fIs\fP 6308[no short name] 6309Sets the list of characters that must be quoted if used in a full name 6310that is in the phrase part of a ``phrase <address>'' syntax. 6311The default is ``\'.''. 6312The characters ``@,;:\e()[]'' are always added to this list. 6313.ip NoRecipientAction 6314[no short name] 6315The action to take when you receive a message that has no valid 6316recipient headers (To:, Cc:, Bcc:, or Apparently-To: \(em 6317the last included for back compatibility with old 6318.i sendmail s). 6319It can be 6320.b None 6321to pass the message on unmodified, 6322which violates the protocol, 6323.b Add-To 6324to add a To: header with any recipients it can find in the envelope 6325(which might expose Bcc: recipients), 6326.b Add-Apparently-To 6327to add an Apparently-To: header 6328(this is only for back-compatibility 6329and is officially deprecated), 6330.b Add-To-Undisclosed 6331to add a header 6332.q "To: undisclosed-recipients:;" 6333to make the header legal without disclosing anything, 6334or 6335.b Add-Bcc 6336to add an empty Bcc: header. 6337.ip OldStyleHeaders 6338[o] 6339Assume that the headers may be in old format, 6340i.e., 6341spaces delimit names. 6342This actually turns on 6343an adaptive algorithm: 6344if any recipient address contains a comma, parenthesis, 6345or angle bracket, 6346it will be assumed that commas already exist. 6347If this flag is not on, 6348only commas delimit names. 6349Headers are always output with commas between the names. 6350Defaults to off. 6351.ip OperatorChars=\fIcharlist\fP 6352[$o macro] 6353The list of characters that are considered to be 6354.q operators , 6355that is, characters that delimit tokens. 6356All operator characters are tokens by themselves; 6357sequences of non-operator characters are also tokens. 6358White space characters separate tokens 6359but are not tokens themselves \(em for example, 6360.q AAA.BBB 6361has three tokens, but 6362.q "AAA BBB" 6363has two. 6364If not set, OperatorChars defaults to 6365.q \&.\|:\|@\|[\|] ; 6366additionally, the characters 6367.q (\|)\|<\|>\|,\|; 6368are always operators. 6369Note that OperatorChars must be set in the 6370configuration file before any rulesets. 6371.ip PidFile=\fIfilename\fP 6372[no short name] 6373Filename of the pid file. 6374(default is _PATH_SENDMAILPID). 6375The 6376.i filename 6377is macro-expanded before it is opened. 6378.ip PostmasterCopy=\fIpostmaster\fP 6379[P] 6380If set, 6381copies of error messages will be sent to the named 6382.i postmaster . 6383Only the header of the failed message is sent. 6384Errors resulting from messages with a negative precedence will not be sent. 6385Since most errors are user problems, 6386this is probably not a good idea on large sites, 6387and arguably contains all sorts of privacy violations, 6388but it seems to be popular with certain operating systems vendors. 6389The address is macro expanded 6390at the time of delivery. 6391Defaults to no postmaster copies. 6392.ip PrivacyOptions=\fI\|opt,opt,...\fP 6393[p] 6394Set the privacy 6395.i opt ions. 6396``Privacy'' is really a misnomer; 6397many of these are just a way of insisting on stricter adherence 6398to the SMTP protocol. 6399The 6400.i opt ions 6401can be selected from: 6402.(b 6403.ta \w'needvrfyhelo'u+3n 6404public Allow open access 6405needmailhelo Insist on HELO or EHLO command before MAIL 6406needexpnhelo Insist on HELO or EHLO command before EXPN 6407noexpn Disallow EXPN entirely, implies noverb. 6408needvrfyhelo Insist on HELO or EHLO command before VRFY 6409novrfy Disallow VRFY entirely 6410noetrn Disallow ETRN entirely 6411noverb Disallow VERB entirely 6412restrictmailq Restrict mailq command 6413restrictqrun Restrict \-q command line flag 6414noreceipts Don't return success DSNs\** 6415nobodyreturn Don't return the body of a message with DSNs 6416goaway Disallow essentially all SMTP status queries 6417authwarnings Put X-Authentication-Warning: headers in messages 6418 and log warnings 6419.)b 6420.(f 6421\**N.B.: 6422the 6423.b noreceipts 6424flag turns off support for RFC 1891 6425(Delivery Status Notification). 6426.)f 6427The 6428.q goaway 6429pseudo-flag sets all flags except 6430.q noreceipts , 6431.q restrictmailq , 6432.q restrictqrun , 6433.q noetrn , 6434and 6435.q nobodyreturn . 6436If mailq is restricted, 6437only people in the same group as the queue directory 6438can print the queue. 6439If queue runs are restricted, 6440only root and the owner of the queue directory 6441can run the queue. 6442Authentication Warnings add warnings about various conditions 6443that may indicate attempts to spoof the mail system,
|
6445.ip ProcessTitlePrefix=\fIstring\fP 6446[no short name] 6447Prefix the process title shown on 'ps' listings with 6448.i string . 6449The 6450.i string 6451will be macro processed. 6452.ip QueueDirectory=\fIdir\fP 6453[Q] 6454Use the named 6455.i dir 6456as the queue directory. 6457To use multiple queues, supply a value ending with an asterisk. 6458For example, 6459.i /var/spool/mqueue/q* 6460will use all of the directories or symbolic links to directories 6461beginning with 6462.i q 6463in 6464.i /var/spool/mqueue 6465as queue directories. 6466Do not change the queue directory structure 6467while sendmail is running. 6468.ip QueueFactor=\fIfactor\fP 6469[q] 6470Use 6471.i factor 6472as the multiplier in the map function 6473to decide when to just queue up jobs rather than run them. 6474This value is divided by the difference between the current load average 6475and the load average limit 6476(\c 6477.b QueueLA 6478option) 6479to determine the maximum message priority 6480that will be sent. 6481Defaults to 600000. 6482.ip QueueLA=\fILA\fP 6483[x] 6484When the system load average exceeds 6485.i LA 6486and the 6487.b QueueFactor 6488(\c 6489.b q ) 6490option divided by the difference in the current load average and the 6491.b QueueLA 6492option plus one 6493is less than the priority of the message, 6494just queue messages 6495(i.e., don't try to send them). 6496Defaults to 8 multiplied by 6497the number of processors online on the system 6498(if that can be determined). 6499.ip QueueSortOrder=\fIalgorithm\fP 6500[no short name] 6501Sets the 6502.i algorithm 6503used for sorting the queue. 6504Only the first character of the value is used. 6505Legal values are 6506.q host 6507(to order by the name of the first host name of the first recipient), 6508.q filename 6509(to order by the name of the queue file name), 6510.q time 6511(to order by the submission time), 6512and 6513.q priority 6514(to order by message priority). 6515Host ordering makes better use of the connection cache, 6516but may tend to process low priority messages 6517that go to a single host 6518over high priority messages that go to several hosts; 6519it probably shouldn't be used on slow network links. 6520Filename ordering saves the overhead of 6521reading all of the queued items 6522before starting the queue run. 6523Time ordering is almost always a bad idea, 6524since it allows large, bulk mail to go out 6525before smaller, personal mail, 6526but may have applicability on some hosts with very fast connections. 6527Priority ordering is the default. 6528.ip QueueTimeout=\fItimeout\fP 6529[T] 6530A synonym for 6531.q Timeout.queuereturn . 6532Use that form instead of the 6533.q QueueTimeout 6534form. 6535.ip RandFile 6536[no short name] 6537Name of file containing random data or the name of the UNIX socket 6538if EGD is used. 6539A (required) prefix "egd:" or "file:" specifies the type. 6540STARTTLS requires this filename if the compile flag HASURANDOMDEV is not set 6541(see sendmail/README). 6542.ip ResolverOptions=\fIoptions\fP 6543[I] 6544Set resolver options. 6545Values can be set using 6546.b + \c 6547.i flag 6548and cleared using 6549.b \- \c 6550.i flag ; 6551the 6552.i flag s 6553can be 6554.q debug , 6555.q aaonly , 6556.q usevc , 6557.q primary , 6558.q igntc , 6559.q recurse , 6560.q defnames , 6561.q stayopen , 6562or 6563.q dnsrch . 6564The string 6565.q HasWildcardMX 6566(without a 6567.b + 6568or 6569.b \- ) 6570can be specified to turn off matching against MX records 6571when doing name canonifications. 6572.b N.B. 6573Prior to 8.7, 6574this option indicated that the name server be responding 6575in order to accept addresses. 6576This has been replaced by checking to see 6577if the 6578.q dns 6579method is listed in the service switch entry for the 6580.q hosts 6581service. 6582.ip RrtImpliesDsn 6583[R] 6584If this option is set, a 6585.q Return-Receipt-To: 6586header causes the request of a DSN, which is sent to 6587the envelope sender as required by RFC1891, 6588not to the address given in the header. 6589.ip RunAsUser=\fIuser\fP 6590[no short name] 6591The 6592.i user 6593parameter may be a user name 6594(looked up in 6595.i /etc/passwd ) 6596or a numeric user id; 6597either form can have 6598.q ":group" 6599attached 6600(where group can be numeric or symbolic). 6601If set to a non-zero (non-root) value, 6602.i sendmail 6603will change to this user id shortly after startup\**. 6604.(f 6605\**When running as a daemon, 6606it changes to this user after accepting a connection 6607but before reading any 6608.sm SMTP 6609commands. 6610.)f 6611This avoids a certain class of security problems. 6612However, this means that all 6613.q \&.forward 6614and 6615.q :include: 6616files must be readable by the indicated 6617.i user 6618and all files to be written must be writable by 6619.i user 6620Also, all file and program deliveries will be marked unsafe 6621unless the option 6622.b DontBlameSendmail=NonRootSafeAddr 6623is set, 6624in which case the delivery will be done as 6625.i user . 6626It is also incompatible with the 6627.b SafeFileEnvironment 6628option. 6629In other words, it may not actually add much to security on an average system, 6630and may in fact detract from security 6631(because other file permissions must be loosened). 6632However, it should be useful on firewalls and other 6633places where users don't have accounts and the aliases file is 6634well constrained. 6635.ip RecipientFactor=\fIfact\fP 6636[y] 6637The indicated 6638.i fact or 6639is added to the priority (thus 6640.i lowering 6641the priority of the job) 6642for each recipient, 6643i.e., this value penalizes jobs with large numbers of recipients. 6644Defaults to 30000. 6645.ip RefuseLA=\fILA\fP 6646[X] 6647When the system load average exceeds 6648.i LA , 6649refuse incoming SMTP connections. 6650Defaults to 12 multiplied by 6651the number of processors online on the system 6652(if that can be determined). 6653.ip RetryFactor=\fIfact\fP 6654[Z] 6655The 6656.i fact or 6657is added to the priority 6658every time a job is processed. 6659Thus, 6660each time a job is processed, 6661its priority will be decreased by the indicated value. 6662In most environments this should be positive, 6663since hosts that are down are all too often down for a long time. 6664Defaults to 90000. 6665.ip SafeFileEnvironment=\fIdir\fP 6666[no short name] 6667If this option is set, 6668.i sendmail 6669will do a 6670.i chroot (2) 6671call into the indicated 6672.i dir ectory 6673before doing any file writes. 6674If the file name specified by the user begins with 6675.i dir , 6676that partial path name will be stripped off before writing, 6677so (for example) 6678if the SafeFileEnvironment variable is set to 6679.q /safe 6680then aliases of 6681.q /safe/logs/file 6682and 6683.q /logs/file 6684actually indicate the same file. 6685Additionally, if this option is set, 6686.i sendmail 6687refuses to deliver to symbolic links. 6688.ip SaveFromLine 6689[f] 6690Save 6691UNIX-style 6692.q From 6693lines at the front of headers. 6694Normally they are assumed redundant 6695and discarded. 6696.ip SendMimeErrors 6697[j] 6698If set, send error messages in MIME format 6699(see RFC2045 and RFC1344 for details). 6700If disabled, 6701.i sendmail 6702will not return the DSN keyword in response to an EHLO 6703and will not do Delivery Status Notification processing as described in 6704RFC1891. 6705.ip ServerCertFile 6706[no short name] 6707File containing the certificate of the server, i.e., this certificate 6708is used when sendmail acts as server. 6709.ip ServerKeyFile 6710[no short name] 6711File containing the private key belonging to the server certificate. 6712.ip ServiceSwitchFile=\fIfilename\fP 6713[no short name] 6714If your host operating system has a service switch abstraction 6715(e.g., /etc/nsswitch.conf on Solaris 6716or /etc/svc.conf on Ultrix and DEC OSF/1) 6717that service will be consulted and this option is ignored. 6718Otherwise, this is the name of a file 6719that provides the list of methods used to implement particular services. 6720The syntax is a series of lines, 6721each of which is a sequence of words. 6722The first word is the service name, 6723and following words are service types. 6724The services that 6725.i sendmail 6726consults directly are 6727.q aliases 6728and 6729.q hosts. 6730Service types can be 6731.q dns , 6732.q nis , 6733.q nisplus , 6734or 6735.q files 6736(with the caveat that the appropriate support 6737must be compiled in 6738before the service can be referenced). 6739If ServiceSwitchFile is not specified, it defaults to 6740/etc/mail/service.switch. 6741If that file does not exist, the default switch is: 6742.(b 6743aliases files 6744hosts dns nis files 6745.)b 6746The default file is 6747.q /etc/mail/service.switch . 6748.ip SevenBitInput 6749[7] 6750Strip input to seven bits for compatibility with old systems. 6751This shouldn't be necessary. 6752.ip SingleLineFromHeader 6753[no short name] 6754If set, From: lines that have embedded newlines are unwrapped 6755onto one line. 6756This is to get around a botch in Lotus Notes 6757that apparently cannot understand legally wrapped RFC822 headers. 6758.ip SingleThreadDelivery 6759[no short name] 6760If set, a client machine will never try to open two SMTP connections 6761to a single server machine at the same time, 6762even in different processes. 6763That is, if another 6764.i sendmail 6765is already talking to some host a new 6766.i sendmail 6767will not open another connection. 6768This property is of mixed value; 6769although this reduces the load on the other machine, 6770it can cause mail to be delayed 6771(for example, if one 6772.i sendmail 6773is delivering a huge message, other 6774.i sendmail s 6775won't be able to send even small messages). 6776Also, it requires another file descriptor 6777(for the lock file) 6778per connection, so you may have to reduce the 6779.b ConnectionCacheSize 6780option to avoid running out of per-process file descriptors. 6781Requires the 6782.b HostStatusDirectory 6783option. 6784.ip SmtpGreetingMessage=\fImessage\fP 6785[$e macro] 6786The message printed when the SMTP server starts up. 6787Defaults to 6788.q "$j Sendmail $v ready at $b". 6789.ip StatusFile=\fIfile\fP 6790[S] 6791Log summary statistics in the named 6792.i file . 6793If no file name is specified, "statistics" is used. 6794If not set, 6795no summary statistics are saved. 6796This file does not grow in size. 6797It can be printed using the 6798.i mailstats (8) 6799program. 6800.ip SuperSafe 6801[s] 6802Be super-safe when running things, 6803i.e., 6804always instantiate the queue file, 6805even if you are going to attempt immediate delivery. 6806.i Sendmail 6807always instantiates the queue file 6808before returning control to the client 6809under any circumstances. 6810This should really 6811.i always 6812be set. 6813.ip TempFileMode=\fImode\fP 6814[F] 6815The file mode for queue files, files to which 6816.i sendmail 6817delivers directly, and files in the 6818.b HostStatusDirectory . 6819It is interpreted in octal by default. 6820Defaults to 0600. 6821.ip Timeout.\fItype\fP=\|\fItimeout\fP 6822[r; subsumes old T option as well] 6823Set timeout values. 6824For more information, 6825see section 6826.\" XREF 68274.1. 6828.ip TimeZoneSpec=\fItzinfo\fP 6829[t] 6830Set the local time zone info to 6831.i tzinfo 6832\*- for example, 6833.q PST8PDT . 6834Actually, if this is not set, 6835the TZ environment variable is cleared (so the system default is used); 6836if set but null, the user's TZ variable is used, 6837and if set and non-null the TZ variable is set to this value. 6838.ip TrustedUser=\fIuser\fP 6839[no short name] 6840The 6841.i user 6842parameter may be a user name 6843(looked up in 6844.i /etc/passwd ) 6845or a numeric user id. 6846Trusted user for file ownership and starting the daemon. If set, generated 6847alias databases and the control socket (if configured) will automatically 6848be owned by this user. 6849.ip TryNullMXList 6850[w] 6851If this system is the 6852.q best 6853(that is, lowest preference) 6854MX for a given host, 6855its configuration rules should normally detect this situation 6856and treat that condition specially 6857by forwarding the mail to a UUCP feed, 6858treating it as local, 6859or whatever. 6860However, in some cases (such as Internet firewalls) 6861you may want to try to connect directly to that host 6862as though it had no MX records at all. 6863Setting this option causes 6864.i sendmail 6865to try this. 6866The downside is that errors in your configuration 6867are likely to be diagnosed as 6868.q "host unknown" 6869or 6870.q "message timed out" 6871instead of something more meaningful. 6872This option is disrecommended. 6873.ip UnixFromLine=\fIfromline\fP 6874[$l macro] 6875Defines the format used when 6876.i sendmail 6877must add a UNIX-style From_ line 6878(that is, a line beginning 6879.q From<space>user ). 6880Defaults to 6881.q "From $g $d" . 6882Don't change this unless your system uses a different UNIX mailbox format 6883(very unlikely). 6884.ip UnsafeGroupWrites 6885[no short name] 6886If set (default), 6887:include: and .forward files that are group writable are considered 6888.q unsafe , 6889that is, 6890they cannot reference programs or write directly to files. 6891World writable :include: and .forward files 6892are always unsafe. 6893.ip UseErrorsTo 6894[l] 6895If there is an 6896.q Errors-To: 6897header, send error messages to the addresses listed there. 6898They normally go to the envelope sender. 6899Use of this option causes 6900.i sendmail 6901to violate RFC 1123. 6902This option is disrecommended and deprecated. 6903.ip UserDatabaseSpec=\fIudbspec\fP 6904[U] 6905The user database specification. 6906.ip Verbose 6907[v] 6908Run in verbose mode. 6909If this is set, 6910.i sendmail 6911adjusts options 6912.b HoldExpensive 6913(old 6914.b c ) 6915and 6916.b DeliveryMode 6917(old 6918.b d ) 6919so that all mail is delivered completely 6920in a single job 6921so that you can see the entire delivery process. 6922Option 6923.b Verbose 6924should 6925.i never 6926be set in the configuration file; 6927it is intended for command line use only. 6928.ip XscriptFileBufferSize=\fIthreshold\fP 6929[no short name] 6930Set the 6931.i threshold , 6932in bytes, 6933before a memory-based 6934queue transcript file 6935becomes disk-based. 6936The default is 4096 bytes. 6937.lp 6938All options can be specified on the command line using the 6939\-O or \-o flag, 6940but most will cause 6941.i sendmail 6942to relinquish its setuid permissions. 6943The options that will not cause this are 6944SevenBitInput [7], 6945EightBitMode [8], 6946MinFreeBlocks [b], 6947CheckpointInterval [C], 6948DeliveryMode [d], 6949ErrorMode [e], 6950IgnoreDots [i], 6951SendMimeErrors [j], 6952LogLevel [L], 6953MeToo [m], 6954OldStyleHeaders [o], 6955PrivacyOptions [p], 6956SuperSafe [s], 6957Verbose [v], 6958QueueSortOrder, 6959MinQueueAge, 6960DefaultCharSet, 6961Dial Delay, 6962NoRecipientAction, 6963ColonOkInAddr, 6964MaxQueueRunSize, 6965SingleLineFromHeader, 6966and 6967AllowBogusHELO. 6968Actually, PrivacyOptions [p] given on the command line 6969are added to those already specified in the 6970.i sendmail.cf 6971file, i.e., they can't be reset. 6972Also, M (define macro) when defining the r or s macros 6973is also considered 6974.q safe . 6975.sh 2 "P \*- Precedence Definitions" 6976.pp 6977Values for the 6978.q "Precedence:" 6979field may be defined using the 6980.b P 6981control line. 6982The syntax of this field is: 6983.(b 6984\fBP\fP\fIname\fP\fB=\fP\fInum\fP 6985.)b 6986When the 6987.i name 6988is found in a 6989.q Precedence: 6990field, 6991the message class is set to 6992.i num . 6993Higher numbers mean higher precedence. 6994Numbers less than zero 6995have the special property 6996that if an error occurs during processing 6997the body of the message will not be returned; 6998this is expected to be used for 6999.q "bulk" 7000mail such as through mailing lists. 7001The default precedence is zero. 7002For example, 7003our list of precedences is: 7004.(b 7005Pfirst-class=0 7006Pspecial-delivery=100 7007Plist=\-30 7008Pbulk=\-60 7009Pjunk=\-100 7010.)b 7011People writing mailing list exploders 7012are encouraged to use 7013.q "Precedence: list" . 7014Older versions of 7015.i sendmail 7016(which discarded all error returns for negative precedences) 7017didn't recognize this name, giving it a default precedence of zero. 7018This allows list maintainers to see error returns 7019on both old and new versions of 7020.i sendmail . 7021.sh 2 "V \*- Configuration Version Level" 7022.pp 7023To provide compatibility with old configuration files, 7024the 7025.b V 7026line has been added to define some very basic semantics 7027of the configuration file. 7028These are not intended to be long term supports; 7029rather, they describe compatibility features 7030which will probably be removed in future releases. 7031.pp 7032.b N.B.: 7033these version 7034.i levels 7035have nothing 7036to do with the version 7037.i number 7038on the files. 7039For example, 7040as of this writing 7041version 8 config files 7042(specifically, 8.10) 7043used version level 9 configurations. 7044.pp 7045.q Old 7046configuration files are defined as version level one. 7047Version level two files make the following changes: 7048.np 7049Host name canonification ($[ ... $]) 7050appends a dot if the name is recognized; 7051this gives the config file a way of finding out if anything matched. 7052(Actually, this just initializes the 7053.q host 7054map with the 7055.q \-a. 7056flag \*- you can reset it to anything you prefer 7057by declaring the map explicitly.) 7058.np 7059Default host name extension is consistent throughout processing; 7060version level one configurations turned off domain extension 7061(that is, adding the local domain name) 7062during certain points in processing. 7063Version level two configurations are expected to include a trailing dot 7064to indicate that the name is already canonical. 7065.np 7066Local names that are not aliases 7067are passed through a new distinguished ruleset five; 7068this can be used to append a local relay. 7069This behavior can be prevented by resolving the local name 7070with an initial `@'. 7071That is, something that resolves to a local mailer and a user name of 7072.q vikki 7073will be passed through ruleset five, 7074but a user name of 7075.q @vikki 7076will have the `@' stripped, 7077will not be passed through ruleset five, 7078but will otherwise be treated the same as the prior example. 7079The expectation is that this might be used to implement a policy 7080where mail sent to 7081.q vikki 7082was handled by a central hub, 7083but mail sent to 7084.q vikki@localhost 7085was delivered directly. 7086.pp 7087Version level three files 7088allow # initiated comments on all lines. 7089Exceptions are backslash escaped # marks 7090and the $# syntax. 7091.pp 7092Version level four configurations 7093are completely equivalent to level three 7094for historical reasons. 7095.pp 7096Version level five configuration files 7097change the default definition of 7098.b $w 7099to be just the first component of the hostname. 7100.pp 7101Version level six configuration files 7102change many of the local processing options 7103(such as aliasing and matching the beginning of the address for 7104`|' characters) 7105to be mailer flags; 7106this allows fine-grained control over the special local processing. 7107Level six configuration files may also use long option names. 7108The 7109.b ColonOkInAddr 7110option (to allow colons in the local-part of addresses) 7111defaults 7112.b on 7113for lower numbered configuration files; 7114the configuration file requires some additional intelligence 7115to properly handle the RFC 822 group construct. 7116.pp 7117Version level seven configuration files 7118used new option names to replace old macros 7119(\c 7120.b $e 7121became 7122.b SmtpGreetingMessage , 7123.b $l 7124became 7125.b UnixFromLine , 7126and 7127.b $o 7128became 7129.b OperatorChars . 7130Also, prior to version seven, 7131the 7132.b F=q 7133flag (use 250 instead of 252 return value for 7134.sm "SMTP VRFY" 7135commands) 7136was assumed. 7137.pp 7138Version level eight configuration files allow 7139.b $# 7140on the left hand side of ruleset lines. 7141.pp 7142Version level nine configuration files allow 7143parentheses in rulesets, i.e. they are not treated 7144as comments and hence removed. 7145.pp 7146The 7147.b V 7148line may have an optional 7149.b / \c 7150.i vendor 7151to indicate that this configuration file uses modifications 7152specific to a particular vendor\**. 7153.(f 7154\**And of course, vendors are encouraged to add themselves 7155to the list of recognized vendors by editing the routine 7156.i setvendor 7157in 7158.i conf.c . 7159Please send e-mail to sendmail@Sendmail.ORG 7160to register your vendor dialect. 7161.)f 7162You may use 7163.q /Berkeley 7164to emphasize that this configuration file 7165uses the Berkeley dialect of 7166.i sendmail . 7167.sh 2 "K \*- Key File Declaration" 7168.pp 7169Special maps can be defined using the line: 7170.(b 7171Kmapname mapclass arguments 7172.)b 7173The 7174.i mapname 7175is the handle by which this map is referenced in the rewriting rules. 7176The 7177.i mapclass 7178is the name of a type of map; 7179these are compiled in to 7180.i sendmail . 7181The 7182.i arguments 7183are interpreted depending on the class; 7184typically, 7185there would be a single argument naming the file containing the map. 7186.pp 7187Maps are referenced using the syntax: 7188.(b 7189$( \fImap\fP \fIkey\fP $@ \fIarguments\fP $: \fIdefault\fP $) 7190.)b 7191where either or both of the 7192.i arguments 7193or 7194.i default 7195portion may be omitted. 7196The 7197.i "$@ arguments" 7198may appear more than once. 7199The indicated 7200.i key 7201and 7202.i arguments 7203are passed to the appropriate mapping function. 7204If it returns a value, it replaces the input. 7205If it does not return a value and the 7206.i default 7207is specified, the 7208.i default 7209replaces the input. 7210Otherwise, the input is unchanged. 7211.pp 7212The 7213.i arguments 7214are passed to the map for arbitrary use. 7215Most map classes can interpolate these arguments 7216into their values using the syntax 7217.q %\fIn\fP 7218(where 7219.i n 7220is a digit) 7221to indicate the corresponding 7222.i argument . 7223Argument 7224.q %0 7225indicates the database key. 7226For example, the rule 7227.(b 7228.ta 1.5i 7229R$\- ! $+ $: $(uucp $1 $@ $2 $: %1 @ %0 . UUCP $) 7230.)b 7231Looks up the UUCP name in a (user defined) UUCP map; 7232if not found it turns it into 7233.q \&.UUCP 7234form. 7235The database might contain records like: 7236.(b 7237decvax %1@%0.DEC.COM 7238research %1@%0.ATT.COM 7239.)b 7240Note that 7241.i default 7242clauses never do this mapping. 7243.pp 7244The built in map with both name and class 7245.q host 7246is the host name canonicalization lookup. 7247Thus, 7248the syntax: 7249.(b 7250$(host \fIhostname\fP$) 7251.)b 7252is equivalent to: 7253.(b 7254$[\fIhostname\fP$] 7255.)b 7256.pp 7257There are many defined classes. 7258.ip dbm 7259Database lookups using the ndbm(3) library. 7260.i Sendmail 7261must be compiled with 7262.b NDBM 7263defined. 7264.ip btree 7265Database lookups using the btree interface to the Berkeley DB 7266library. 7267.i Sendmail 7268must be compiled with 7269.b NEWDB 7270defined. 7271.ip hash 7272Database lookups using the hash interface to the Berkeley DB 7273library. 7274.i Sendmail 7275must be compiled with 7276.b NEWDB 7277defined. 7278.ip nis 7279NIS lookups. 7280.i Sendmail 7281must be compiled with 7282.b NIS 7283defined. 7284.ip nisplus 7285NIS+ lookups. 7286.i Sendmail 7287must be compiled with 7288.b NISPLUS 7289defined. 7290The argument is the name of the table to use for lookups, 7291and the 7292.b \-k 7293and 7294.b \-v 7295flags may be used to set the key and value columns respectively. 7296.ip hesiod 7297Hesiod lookups. 7298.i Sendmail 7299must be compiled with 7300.b HESIOD 7301defined. 7302.ip ldap 7303LDAP X500 directory lookups. 7304.i Sendmail 7305must be compiled with 7306.b LDAPMAP 7307defined. 7308The map supports most of the standard arguments 7309and most of the command line arguments of the 7310.i ldapsearch 7311program. 7312Note that, 7313by default, 7314if a single query matches multiple values, 7315only the first value will be returned 7316unless the 7317.b \-z 7318(value separator) 7319map flag is set. 7320Also, the 7321.b \-1 7322map flag will treat a multiple value return 7323as if there were no matches. 7324.ip netinfo 7325NeXT NetInfo lookups. 7326.i Sendmail 7327must be compiled with 7328.b NETINFO 7329defined. 7330.ip text 7331Text file lookups. 7332The format of the text file is defined by the 7333.b \-k 7334(key field number), 7335.b \-v 7336(value field number), 7337and 7338.b \-z 7339(field delimiter) 7340flags. 7341.ip ph 7342PH query map. 7343Contributed and supported by 7344Mark Roth, roth@uiuc.edu. 7345For more information, 7346consult the web site 7347.q http://www-dev.cso.uiuc.edu/sendmail/ . 7348.ip nsd 7349nsd map for IRIX 6.5 and later. 7350Contributed and supported by Bob Mende of SGI, 7351mende@sgi.com. 7352.ip stab 7353Internal symbol table lookups. 7354Used internally for aliasing. 7355.ip implicit 7356Really should be called 7357.q alias 7358\(em this is used to get the default lookups 7359for alias files, 7360and is the default if no class is specified for alias files. 7361.ip user 7362Looks up users using 7363.i getpwnam (3). 7364The 7365.b \-v 7366flag can be used to specify the name of the field to return 7367(although this is normally used only to check the existence 7368of a user). 7369.ip host 7370Canonifies host domain names. 7371Given a host name it calls the name server 7372to find the canonical name for that host. 7373.ip bestmx 7374Returns the best MX record for a host name given as the key. 7375The current machine is always preferred \*- 7376that is, if the current machine is one of the hosts listed as a 7377lowest-preference MX record, then it will be guaranteed to be returned. 7378This can be used to find out if this machine is the target for an MX record, 7379and mail can be accepted on that basis. 7380If the 7381.b \-z 7382flag is given, then all MX names are returned, 7383separated by the given delimiter. 7384.ip sequence 7385The arguments on the `K' line are a list of maps; 7386the resulting map searches the argument maps in order 7387until it finds a match for the indicated key. 7388For example, if the key definition is: 7389.(b 7390Kmap1 ... 7391Kmap2 ... 7392Kseqmap sequence map1 map2 7393.)b 7394then a lookup against 7395.q seqmap 7396first does a lookup in map1. 7397If that is found, it returns immediately. 7398Otherwise, the same key is used for map2. 7399.ip syslog 7400the key is logged via 7401.i syslogd \|(8). 7402The lookup returns the empty string. 7403.ip switch 7404Much like the 7405.q sequence 7406map except that the order of maps is determined by the service switch. 7407The argument is the name of the service to be looked up; 7408the values from the service switch are appended to the map name 7409to create new map names. 7410For example, consider the key definition: 7411.(b 7412Kali switch aliases 7413.)b 7414together with the service switch entry: 7415.(b 7416aliases nis files 7417.)b 7418This causes a query against the map 7419.q ali 7420to search maps named 7421.q ali.nis 7422and 7423.q ali.files 7424in that order. 7425.ip dequote 7426Strip double quotes (") from a name. 7427It does not strip backslashes, 7428and will not strip quotes if the resulting string 7429would contain unscannable syntax 7430(that is, basic errors like unbalanced angle brackets; 7431more sophisticated errors such as unknown hosts are not checked). 7432The intent is for use when trying to accept mail from systems such as 7433DECnet 7434that routinely quote odd syntax such as 7435.(b 7436"49ers::ubell" 7437.)b 7438A typical usage is probably something like: 7439.(b 7440Kdequote dequote 7441 7442\&... 7443 7444R$\- $: $(dequote $1 $) 7445R$\- $+ $: $>3 $1 $2 7446.)b 7447Care must be taken to prevent unexpected results; 7448for example, 7449.(b 7450"|someprogram < input > output" 7451.)b 7452will have quotes stripped, 7453but the result is probably not what you had in mind. 7454Fortunately these cases are rare. 7455.ip regex 7456The map definition on the 7457.b K 7458line contains a regular expression. 7459Any key input is compared to that expression using the 7460POSIX regular expressions routines regcomp(), regerr(), and regexec(). 7461Refer to the documentation for those routines for more information 7462about the regular expression matching. 7463No rewriting of the key is done if the 7464.b \-m 7465flag is used. Without it, the key is discarded or if 7466.b \-s 7467if used, it is substituted by the substring matches, delimited by 7468.b $| 7469or the string specified with the the 7470.b \-d 7471flag. The flags available for the map are 7472.(b 7473-n not 7474-f case sensitive 7475-b basic regular expressions 7476 (default is extended) 7477-s substring match 7478-d set the delimiter used for -s 7479-a append string to key 7480-m match only, do not 7481 replace/discard value 7482-D perform no lookup in deferred delivery mode. 7483.)b 7484The 7485.b \-s 7486flag can include an optional parameter which can be used 7487to select the substrings in the result of the lookup. For example, 7488.(b 7489-s1,3,4 7490.)b 7491Notes: to match a 7492.b $ 7493in a string, 7494\\$$ 7495must be used. 7496If the pattern contains spaces, they must be replaced 7497with the blank substitution character, unless it is 7498space itself. 7499.ip program 7500The arguments on the 7501.b K 7502line are the pathname to a program and any initial parameters to be passed. 7503When the map is called, 7504the key is added to the initial parameters 7505and the program is invoked 7506as the default user/group id. 7507The first line of standard output is returned as the value of the lookup. 7508This has many potential security problems, 7509and has terrible performance; 7510it should be used only when absolutely necessary. 7511.ip macro 7512Set or clear a macro value. 7513To set a macro, 7514pass the value as the first argument in the map lookup. 7515To clear a macro, 7516do not pass an argument in the map lookup. 7517The map always returns the empty string. 7518Example of typical usage include: 7519.(b 7520Kstorage macro 7521 7522\&... 7523 7524# set macro ${MyMacro} to the ruleset match 7525R$+ $: $(storage {MyMacro} $@ $1 $) $1 7526# set macro ${MyMacro} to an empty string 7527R$* $: $(storage {MyMacro} $@ $) $1 7528# clear macro ${MyMacro} 7529R$\- $: $(storage {MyMacro} $) $1 7530.)b 7531.ip arith 7532Perform simple arithmetic operations. 7533The operation is given as key, currently +, -, *, /, 7534l (for less than), and = are supported. 7535The two operands are given as arguments. 7536The lookup returns the result of the computation, 7537i.e. 7538.sm TRUE 7539or 7540.sm FALSE 7541for comparisons, integer values otherwise. 7542All options which are possible for maps are ignored. 7543A simple example is: 7544.(b 7545Kcomp arith 7546 7547\&... 7548 7549Scheck_etrn 7550R$* $: $(comp l $@ $&{load_avg} $@ 7 $) $1 7551RFALSE $# error \&... 7552.)b 7553.pp 7554Most of these accept as arguments the same optional flags 7555and a filename 7556(or a mapname for NIS; 7557the filename is the root of the database path, 7558so that 7559.q .db 7560or some other extension appropriate for the database type 7561will be added to get the actual database name). 7562Known flags are: 7563.ip "\-o" 7564Indicates that this map is optional \*- that is, 7565if it cannot be opened, 7566no error is produced, 7567and 7568.i sendmail 7569will behave as if the map existed but was empty. 7570.ip "\-N, \-O" 7571If neither 7572.b \-N 7573or 7574.b \-O 7575are specified, 7576.i sendmail 7577uses an adaptive algorithm to decide whether or not to look for null bytes 7578on the end of keys. 7579It starts by trying both; 7580if it finds any key with a null byte it never tries again without a null byte 7581and vice versa. 7582If 7583.b \-N 7584is specified it never tries without a null byte and 7585if 7586.b \-O 7587is specified it never tries with a null byte. 7588Setting one of 7589these can speed matches but are never necessary. 7590If both 7591.b \-N 7592and 7593.b \-O 7594are specified, 7595.i sendmail 7596will never try any matches at all \(em 7597that is, everything will appear to fail. 7598.ip "\-a\fIx\fP" 7599Append the string 7600.i x 7601on successful matches. 7602For example, the default 7603.i host 7604map appends a dot on successful matches. 7605.ip "\-T\fIx\fP" 7606Append the string 7607.i x 7608on temporary failures. 7609For example, 7610.i x 7611would be appended if a DNS lookup returned 7612.q "server failed" 7613or an NIS lookup could not locate a server. 7614See also the 7615.b \-t 7616flag. 7617.ip "\-f" 7618Do not fold upper to lower case before looking up the key. 7619.ip "\-m" 7620Match only (without replacing the value). 7621If you only care about the existence of a key and not the value 7622(as you might when searching the NIS map 7623.q hosts.byname 7624for example), 7625this flag prevents the map from substituting the value. 7626However, 7627The \-a argument is still appended on a match, 7628and the default is still taken if the match fails. 7629.ip "\-k\fIkeycol\fP" 7630The key column name (for NIS+) or number 7631(for text lookups). 7632For LDAP maps this is an LDAP filter string 7633in which %s is replaced with the literal contents of the lookup key 7634and %0 is replaced with the LDAP escaped contents of the lookup key 7635according to RFC2254. 7636.ip "\-v\fIvalcol\fP" 7637The value column name (for NIS+) or number 7638(for text lookups). 7639For LDAP maps this is the name of one or more 7640attributes to be returned; 7641multiple attributes can be separated by commas. 7642If not specified, all attributes found in the match 7643will be returned. 7644.ip "\-z\fIdelim\fP" 7645The column delimiter (for text lookups). 7646It can be a single character or one of the special strings 7647.q \|\en 7648or 7649.q \|\et 7650to indicate newline or tab respectively. 7651If omitted entirely, 7652the column separator is any sequence of white space. 7653For LDAP maps this is the separator character 7654to combine multiple values 7655into a single return string. 7656If not set, 7657the LDAP lookup will only return the first match found. 7658.ip "\-t" 7659Normally, when a map attempts to do a lookup 7660and the server fails 7661(e.g., 7662.i sendmail 7663couldn't contact any name server; 7664this is 7665.i not 7666the same as an entry not being found in the map), 7667the message being processed is queued for future processing. 7668The 7669.b \-t 7670flag turns off this behavior, 7671letting the temporary failure (server down) 7672act as though it were a permanent failure (entry not found). 7673It is particularly useful for DNS lookups, 7674where someone else's misconfigured name server can cause problems 7675on your machine. 7676However, care must be taken to ensure that you don't bounce mail 7677that would be resolved correctly if you tried again. 7678A common strategy is to forward such mail 7679to another, possibly better connected, mail server. 7680.ip "\-D" 7681Perform no lookup in deferred delivery mode. 7682This flag is set by default for the 7683.i host 7684map. 7685.ip "\-S\fIspacesub\fP 7686The character to use to replace space characters 7687after a successful map lookup (esp. useful for regex 7688and syslog maps). 7689.ip "\-s\fIspacesub\fP 7690For the dequote map only, 7691the character to use to replace space characters 7692after a successful dequote. 7693.ip "\-q" 7694Don't dequote the key before lookup. 7695.ip "\-L\fIlevel\fP 7696For the syslog map only, it specifies the level 7697to use for the syslog call. 7698.ip "\-A" 7699When rebuilding an alias file, 7700the 7701.b \-A 7702flag causes duplicate entries in the text version 7703to be merged. 7704For example, two entries: 7705.(b 7706list: user1, user2 7707list: user3 7708.)b 7709would be treated as though it were the single entry 7710.(b 7711list: user1, user2, user3 7712.)b 7713in the presence of the 7714.b \-A 7715flag. 7716.pp 7717The following additional flags are present in the ldap map only: 7718.ip "\-R" 7719Do not auto chase referrals. sendmail must be compiled with 7720.b \-DLDAP_REFERRALS 7721to use this flag. 7722.ip "\-n" 7723Retrieve attribute names only. 7724.ip "\-r\fIderef\fP" 7725Set the alias dereference option to one of never, always, search, or find. 7726.ip "\-s\fIscope\fP" 7727Set search scope to one of base, one (one level), or sub (subtree). 7728.ip "\-h\fIhost\fP" 7729LDAP server hostname. 7730Some LDAP libraries allow you to specify multiple, space-separated hosts for 7731redundancy. 7732In addition, each of the hosts listed can be followed by a colon and a port 7733number to override the default LDAP port. 7734.ip "\-b\fIbase\fP" 7735LDAP search base. 7736.ip "\-p\fIport\fP" 7737LDAP service port. 7738.ip "\-l\fItimelimit\fP" 7739Time limit for LDAP queries. 7740.ip "\-Z\fIsizelimit\fP" 7741Size (number of matches) limit for LDAP queries. 7742.ip "\-d\fIdistinguished_name\fP" 7743The distinguished name to use to login to the LDAP server. 7744.ip "\-M\fImethod\fP" 7745The method to authenticate to the LDAP server. 7746Should be one of 7747.b LDAP_AUTH_NONE , 7748.b LDAP_AUTH_SIMPLE , 7749or 7750.b LDAP_AUTH_KRBV4 . 7751.ip "\-P\fIpasswordfile\fP" 7752The file containing the secret key for the 7753.b LDAP_AUTH_SIMPLE 7754authentication method 7755or the name of the Kerberos ticket file for 7756.b LDAP_AUTH_KRBV4 . 7757.ip "\-1" 7758Force LDAP searches to only succeed if a single match is found. 7759If multiple values are found, 7760the search is treated as if no match was found. 7761.pp 7762The 7763.i dbm 7764map appends the strings 7765.q \&.pag 7766and 7767.q \&.dir 7768to the given filename; 7769the 7770.i hash 7771and 7772.i btree 7773maps append 7774.q \&.db . 7775For example, the map specification 7776.(b 7777Kuucp dbm \-o \-N /etc/mail/uucpmap 7778.)b 7779specifies an optional map named 7780.q uucp 7781of class 7782.q dbm ; 7783it always has null bytes at the end of every string, 7784and the data is located in 7785/etc/mail/uucpmap.{dir,pag}. 7786.pp 7787The program 7788.i makemap (8) 7789can be used to build any of the three database-oriented maps. 7790It takes the following flags: 7791.ip \-f 7792Do not fold upper to lower case in the map. 7793.ip \-N 7794Include null bytes in keys. 7795.ip \-o 7796Append to an existing (old) file. 7797.ip \-r 7798Allow replacement of existing keys; 7799normally, re-inserting an existing key is an error. 7800.ip \-v 7801Print what is happening. 7802.lp 7803The 7804.i sendmail 7805daemon does not have to be restarted to read the new maps 7806as long as you change them in place; 7807file locking is used so that the maps won't be read 7808while they are being updated. 7809.pp 7810New classes can be added in the routine 7811.b setupmaps 7812in file 7813.b conf.c . 7814.sh 2 "The User Database" 7815.pp 7816If you have a version of 7817.i sendmail 7818with the user database package 7819compiled in, 7820the handling of sender and recipient addresses 7821is modified. 7822.pp 7823The location of this database is controlled with the 7824.b UserDatabaseSpec 7825option. 7826.sh 3 "Structure of the user database" 7827.pp 7828The database is a sorted (BTree-based) structure. 7829User records are stored with the key: 7830.(b 7831\fIuser-name\fP\fB:\fP\fIfield-name\fP 7832.)b 7833The sorted database format ensures that user records are clustered together. 7834Meta-information is always stored with a leading colon. 7835.pp 7836Field names define both the syntax and semantics of the value. 7837Defined fields include: 7838.nr ii 1i 7839.ip maildrop 7840The delivery address for this user. 7841There may be multiple values of this record. 7842In particular, 7843mailing lists will have one 7844.i maildrop 7845record for each user on the list. 7846.ip "mailname" 7847The outgoing mailname for this user. 7848For each outgoing name, 7849there should be an appropriate 7850.i maildrop 7851record for that name to allow return mail. 7852See also 7853.i :default:mailname . 7854.ip mailsender 7855Changes any mail sent to this address to have the indicated envelope sender. 7856This is intended for mailing lists, 7857and will normally be the name of an appropriate -request address. 7858It is very similar to the owner-\c 7859.i list 7860syntax in the alias file. 7861.ip fullname 7862The full name of the user. 7863.ip office-address 7864The office address for this user. 7865.ip office-phone 7866The office phone number for this user. 7867.ip office-fax 7868The office FAX number for this user. 7869.ip home-address 7870The home address for this user. 7871.ip home-phone 7872The home phone number for this user. 7873.ip home-fax 7874The home FAX number for this user. 7875.ip project 7876A (short) description of the project this person is affiliated with. 7877In the University this is often just the name of their graduate advisor. 7878.ip plan 7879A pointer to a file from which plan information can be gathered. 7880.pp 7881As of this writing, 7882only a few of these fields are actually being used by 7883.i sendmail : 7884.i maildrop 7885and 7886.i mailname . 7887A 7888.i finger 7889program that uses the other fields is planned. 7890.sh 3 "User database semantics" 7891.pp 7892When the rewriting rules submit an address to the local mailer, 7893the user name is passed through the alias file. 7894If no alias is found (or if the alias points back to the same address), 7895the name (with 7896.q :maildrop 7897appended) 7898is then used as a key in the user database. 7899If no match occurs (or if the maildrop points at the same address), 7900forwarding is tried. 7901.pp 7902If the first token of the user name returned by ruleset 0 7903is an 7904.q @ 7905sign, the user database lookup is skipped. 7906The intent is that the user database will act as a set of defaults 7907for a cluster (in our case, the Computer Science Division); 7908mail sent to a specific machine should ignore these defaults. 7909.pp 7910When mail is sent, 7911the name of the sending user is looked up in the database. 7912If that user has a 7913.q mailname 7914record, 7915the value of that record is used as their outgoing name. 7916For example, I might have a record: 7917.(b 7918eric:mailname Eric.Allman@CS.Berkeley.EDU 7919.)b 7920This would cause my outgoing mail to be sent as Eric.Allman. 7921.pp 7922If a 7923.q maildrop 7924is found for the user, 7925but no corresponding 7926.q mailname 7927record exists, 7928the record 7929.q :default:mailname 7930is consulted. 7931If present, this is the name of a host to override the local host. 7932For example, in our case we would set it to 7933.q CS.Berkeley.EDU . 7934The effect is that anyone known in the database 7935gets their outgoing mail stamped as 7936.q user@CS.Berkeley.EDU , 7937but people not listed in the database use the local hostname. 7938.sh 3 "Creating the database\**" 7939.(f 7940\**These instructions are known to be incomplete. 7941Other features are available which provide similar functionality, 7942e.g., virtual hosting and mapping local addresses into a 7943generic form as explained in cf/README. 7944.)f 7945.pp 7946The user database is built from a text file 7947using the 7948.i makemap 7949utility 7950(in the distribution in the makemap subdirectory). 7951The text file is a series of lines corresponding to userdb records; 7952each line has a key and a value separated by white space. 7953The key is always in the format described above \*- 7954for example: 7955.(b 7956eric:maildrop 7957.)b 7958This file is normally installed in a system directory; 7959for example, it might be called 7960.i /etc/mail/userdb . 7961To make the database version of the map, run the program: 7962.(b 7963makemap btree /etc/mail/userdb < /etc/mail/userdb 7964.)b 7965Then create a config file that uses this. 7966For example, using the V8 M4 configuration, include the 7967following line in your .mc file: 7968.(b 7969define(\`confUSERDB_SPEC\', /etc/mail/userdb.db) 7970.)b 7971.sh 1 "OTHER CONFIGURATION" 7972.pp 7973There are some configuration changes that can be made by 7974recompiling 7975.i sendmail . 7976This section describes what changes can be made 7977and what has to be modified to make them. 7978In most cases this should be unnecessary 7979unless you are porting 7980.i sendmail 7981to a new environment. 7982.sh 2 "Parameters in devtools/OS/$oscf" 7983.pp 7984These parameters are intended to describe the compilation environment, 7985not site policy, 7986and should normally be defined in the operating system 7987configuration file. 7988.b "This section needs a complete rewrite." 7989.ip NDBM 7990If set, 7991the new version of the DBM library 7992that allows multiple databases will be used. 7993If neither NDBM nor NEWDB are set, 7994a much less efficient method of alias lookup is used. 7995.ip NEWDB 7996If set, use the new database package from Berkeley (from 4.4BSD). 7997This package is substantially faster than DBM or NDBM. 7998If NEWDB and NDBM are both set, 7999.i sendmail 8000will read DBM files, 8001but will create and use NEWDB files. 8002.ip NIS 8003Include support for NIS. 8004If set together with 8005.i both 8006NEWDB and NDBM, 8007.i sendmail 8008will create both DBM and NEWDB files if and only if 8009an alias file includes the substring 8010.q /yp/ 8011in the name. 8012This is intended for compatibility with Sun Microsystems' 8013.i mkalias 8014program used on YP masters. 8015.ip NISPLUS 8016Compile in support for NIS+. 8017.ip NETINFO 8018Compile in support for NetInfo (NeXT stations). 8019.ip LDAPMAP 8020Compile in support for LDAP X500 queries. 8021Requires libldap and liblber 8022from the Umich LDAP 3.2 or 3.3 release 8023or equivalent libraries for other LDAP libraries 8024such as OpenLDAP. 8025.ip HESIOD 8026Compile in support for Hesiod. 8027.ip MAP_NSD 8028Compile in support for IRIX NSD lookups. 8029.ip MAP_REGEX 8030Compile in support for regular expression matching. 8031.ip PH_MAP 8032Compile in support for ph lookups. 8033.ip SASL 8034Compile in support for SASL, 8035a required component for SMTP Authentication support. 8036.ip STARTTLS 8037Compile in support for STARTTLS. 8038.ip EGD 8039Compile in support for the "Entropy Gathering Daemon" 8040to provide better random data for TLS. 8041.ip SFIO 8042Compile in support for sfio, which is required to enable encryption, 8043e.g., STARTTLS. 8044.ip TCPWRAPPERS 8045Compile in support for TCP Wrappers. 8046.ip _PATH_SENDMAILCF 8047The pathname of the sendmail.cf file. 8048.ip _PATH_SENDMAILPID 8049The pathname of the sendmail.pid file. 8050.pp 8051There are also several compilation flags to indicate the environment 8052such as 8053.q _AIX3 8054and 8055.q _SCO_unix_ . 8056See the sendmail/README 8057file for the latest scoop on these flags. 8058.sh 2 "Parameters in sendmail/conf.h" 8059.pp 8060Parameters and compilation options 8061are defined in conf.h. 8062Most of these need not normally be tweaked; 8063common parameters are all in sendmail.cf. 8064However, the sizes of certain primitive vectors, etc., 8065are included in this file. 8066The numbers following the parameters 8067are their default value. 8068.pp 8069This document is not the best source of information 8070for compilation flags in conf.h \(em 8071see sendmail/README or sendmail/conf.h itself. 8072.nr ii 1.2i 8073.ip "MAXLINE [2048]" 8074The maximum line length of any input line. 8075If message lines exceed this length 8076they will still be processed correctly; 8077however, header lines, 8078configuration file lines, 8079alias lines, 8080etc., 8081must fit within this limit. 8082.ip "MAXNAME [256]" 8083The maximum length of any name, 8084such as a host or a user name. 8085.ip "MAXPV [256]" 8086The maximum number of parameters to any mailer. 8087This limits the number of recipients that may be passed in one transaction. 8088It can be set to any arbitrary number above about 10, 8089since 8090.i sendmail 8091will break up a delivery into smaller batches as needed. 8092A higher number may reduce load on your system, however. 8093.ip "MAXATOM [1000]" 8094The maximum number of atoms 8095(tokens) 8096in a single address. 8097For example, 8098the address 8099.q "eric@CS.Berkeley.EDU" 8100is seven atoms. 8101.ip "MAXMAILERS [25]" 8102The maximum number of mailers that may be defined 8103in the configuration file. 8104This value is defined in include/sendmail/sendmail.h. 8105.ip "MAXRWSETS [200]" 8106The maximum number of rewriting sets 8107that may be defined. 8108The first half of these are reserved for numeric specification 8109(e.g., ``S92''), 8110while the upper half are reserved for auto-numbering 8111(e.g., ``Sfoo''). 8112Thus, with a value of 200 an attempt to use ``S99'' will succeed, 8113but ``S100'' will fail. 8114.ip "MAXPRIORITIES [25]" 8115The maximum number of values for the 8116.q Precedence: 8117field that may be defined 8118(using the 8119.b P 8120line in sendmail.cf). 8121.ip "MAXUSERENVIRON [100]" 8122The maximum number of items in the user environment 8123that will be passed to subordinate mailers. 8124.ip "MAXMXHOSTS [100]" 8125The maximum number of MX records we will accept for any single host. 8126.ip "MAXALIASDB [12]" 8127The maximum number of alias databases that can be open at any time. 8128Note that there may also be an open file limit. 8129.ip "MAXMAPSTACK [12]" 8130The maximum number of maps that may be "stacked" in a 8131.b sequence 8132class map. 8133.ip "MAXMIMEARGS [20]" 8134The maximum number of arguments in a MIME Content-Type: header; 8135additional arguments will be ignored. 8136.ip "MAXMIMENESTING [20]" 8137The maximum depth to which MIME messages may be nested 8138(that is, nested Message or Multipart documents; 8139this does not limit the number of components in a single Multipart document). 8140.ip "MAXDAEMONS [10]" 8141The maximum number of sockets sendmail will open for accepting connections 8142on different ports. 8143.ip "MAXMACNAMELEN [25]" 8144The maximum length of a macro name. 8145.lp 8146A number of other compilation options exist. 8147These specify whether or not specific code should be compiled in. 8148Ones marked with \(dg 8149are 0/1 valued. 8150.nr ii 1.2i 8151.ip NETINET\(dg 8152If set, 8153support for Internet protocol networking is compiled in. 8154Previous versions of 8155.i sendmail 8156referred to this as 8157.sm DAEMON ; 8158this old usage is now incorrect. 8159Defaults on; 8160turn it off in the Makefile 8161if your system doesn't support the Internet protocols. 8162.ip NETINET6\(dg 8163If set, 8164support for IPv6 networking is compiled in. 8165It must be separately enabled by adding DaemonPortOptions settings. 8166.ip NETISO\(dg 8167If set, 8168support for ISO protocol networking is compiled in 8169(it may be appropriate to #define this in the Makefile instead of conf.h). 8170.ip NETUNIX\(dg 8171If set, 8172support for UNIX domain sockets is compiled in. 8173This is used for control socket support. 8174.ip LOG 8175If set, 8176the 8177.i syslog 8178routine in use at some sites is used. 8179This makes an informational log record 8180for each message processed, 8181and makes a higher priority log record 8182for internal system errors. 8183.b "STRONGLY RECOMMENDED" 8184\(em if you want no logging, turn it off in the configuration file. 8185.ip MATCHGECOS\(dg 8186Compile in the code to do ``fuzzy matching'' on the GECOS field 8187in /etc/passwd. 8188This also requires that the 8189.b MatchGECOS 8190option be turned on. 8191.ip NAMED_BIND\(dg 8192Compile in code to use the 8193Berkeley Internet Name Domain (BIND) server 8194to resolve TCP/IP host names. 8195.ip NOTUNIX 8196If you are using a non-UNIX mail format, 8197you can set this flag to turn off special processing 8198of UNIX-style 8199.q "From " 8200lines. 8201.ip QUEUE\(dg 8202This flag should be set to compile in the queueing code. 8203If this is not set, 8204mailers must accept the mail immediately 8205or it will be returned to the sender. 8206.ip SMTP\(dg 8207If set, 8208the code to handle user and server SMTP will be compiled in. 8209This is only necessary if your machine has some mailer 8210that speaks SMTP 8211(this means most machines everywhere). 8212.ip USERDB\(dg 8213Include the 8214.b experimental 8215Berkeley user information database package. 8216This adds a new level of local name expansion 8217between aliasing and forwarding. 8218It also uses the NEWDB package. 8219This may change in future releases. 8220.lp 8221The following options are normally turned on 8222in per-operating-system clauses in conf.h. 8223.ip IDENTPROTO\(dg 8224Compile in the IDENT protocol as defined in RFC 1413. 8225This defaults on for all systems except Ultrix, 8226which apparently has the interesting 8227.q feature 8228that when it receives a 8229.q "host unreachable" 8230message it closes all open connections to that host. 8231Since some firewall gateways send this error code 8232when you access an unauthorized port (such as 113, used by IDENT), 8233Ultrix cannot receive email from such hosts. 8234.ip SYSTEM5 8235Set all of the compilation parameters appropriate for System V. 8236.ip HASFLOCK\(dg 8237Use Berkeley-style 8238.b flock 8239instead of System V 8240.b lockf 8241to do file locking. 8242Due to the highly unusual semantics of locks 8243across forks in 8244.b lockf , 8245this should always be used if at all possible. 8246.ip HASINITGROUPS 8247Set this if your system has the 8248.i initgroups() 8249call 8250(if you have multiple group support). 8251This is the default if SYSTEM5 is 8252.i not 8253defined or if you are on HPUX. 8254.ip HASUNAME 8255Set this if you have the 8256.i uname (2) 8257system call (or corresponding library routine). 8258Set by default if 8259SYSTEM5 8260is set. 8261.ip HASGETDTABLESIZE 8262Set this if you have the 8263.i getdtablesize (2) 8264system call. 8265.ip HASWAITPID 8266Set this if you have the 8267.i haswaitpid (2) 8268system call. 8269.ip FAST_PID_RECYCLE 8270Set this if your system can possibly 8271reuse the same pid in the same second of time. 8272.ip SFS_TYPE 8273The mechanism that can be used to get file system capacity information. 8274The values can be one of 8275SFS_USTAT (use the ustat(2) syscall), 8276SFS_4ARGS (use the four argument statfs(2) syscall), 8277SFS_VFS (use the two argument statfs(2) syscall including <sys/vfs.h>), 8278SFS_MOUNT (use the two argument statfs(2) syscall including <sys/mount.h>), 8279SFS_STATFS (use the two argument statfs(2) syscall including <sys/statfs.h>), 8280SFS_STATVFS (use the two argument statfs(2) syscall including <sys/statvfs.h>), 8281or 8282SFS_NONE (no way to get this information). 8283.ip LA_TYPE 8284The load average type. 8285Details are described below. 8286.lp 8287The are several built-in ways of computing the load average. 8288.i Sendmail 8289tries to auto-configure them based on imperfect guesses; 8290you can select one using the 8291.i cc 8292option 8293.b \-DLA_TYPE= \c 8294.i type , 8295where 8296.i type 8297is: 8298.ip LA_INT 8299The kernel stores the load average in the kernel as an array of long integers. 8300The actual values are scaled by a factor FSCALE 8301(default 256). 8302.ip LA_SHORT 8303The kernel stores the load average in the kernel as an array of short integers. 8304The actual values are scaled by a factor FSCALE 8305(default 256). 8306.ip LA_FLOAT 8307The kernel stores the load average in the kernel as an array of 8308double precision floats. 8309.ip LA_MACH 8310Use MACH-style load averages. 8311.ip LA_SUBR 8312Call the 8313.i getloadavg 8314routine to get the load average as an array of doubles. 8315.ip LA_ZERO 8316Always return zero as the load average. 8317This is the fallback case. 8318.lp 8319If type 8320.sm LA_INT , 8321.sm LA_SHORT , 8322or 8323.sm LA_FLOAT 8324is specified, 8325you may also need to specify 8326.sm _PATH_UNIX 8327(the path to your system binary) 8328and 8329.sm LA_AVENRUN 8330(the name of the variable containing the load average in the kernel; 8331usually 8332.q _avenrun 8333or 8334.q avenrun ). 8335.sh 2 "Configuration in sendmail/conf.c" 8336.pp 8337The following changes can be made in conf.c. 8338.sh 3 "Built-in Header Semantics" 8339.pp 8340Not all header semantics are defined in the configuration file. 8341Header lines that should only be included by certain mailers 8342(as well as other more obscure semantics) 8343must be specified in the 8344.i HdrInfo 8345table in 8346.i conf.c . 8347This table contains the header name 8348(which should be in all lower case) 8349and a set of header control flags (described below), 8350The flags are: 8351.ip H_ACHECK 8352Normally when the check is made to see if a header line is compatible 8353with a mailer, 8354.i sendmail 8355will not delete an existing line. 8356If this flag is set, 8357.i sendmail 8358will delete 8359even existing header lines. 8360That is, 8361if this bit is set and the mailer does not have flag bits set 8362that intersect with the required mailer flags 8363in the header definition in 8364sendmail.cf, 8365the header line is 8366.i always 8367deleted. 8368.ip H_EOH 8369If this header field is set, 8370treat it like a blank line, 8371i.e., 8372it will signal the end of the header 8373and the beginning of the message text. 8374.ip H_FORCE 8375Add this header entry 8376even if one existed in the message before. 8377If a header entry does not have this bit set, 8378.i sendmail 8379will not add another header line if a header line 8380of this name already existed. 8381This would normally be used to stamp the message 8382by everyone who handled it. 8383.ip H_TRACE 8384If set, 8385this is a timestamp 8386(trace) 8387field. 8388If the number of trace fields in a message 8389exceeds a preset amount 8390the message is returned 8391on the assumption that it has an aliasing loop. 8392.ip H_RCPT 8393If set, 8394this field contains recipient addresses. 8395This is used by the 8396.b \-t 8397flag to determine who to send to 8398when it is collecting recipients from the message. 8399.ip H_FROM 8400This flag indicates that this field 8401specifies a sender. 8402The order of these fields in the 8403.i HdrInfo 8404table specifies 8405.i sendmail 's 8406preference 8407for which field to return error messages to. 8408.ip H_ERRORSTO 8409Addresses in this header should receive error messages. 8410.ip H_CTE 8411This header is a Content-Transfer-Encoding header. 8412.ip H_CTYPE 8413This header is a Content-Type header. 8414.ip H_STRIPVAL 8415Strip the value from the header (for Bcc:). 8416.nr ii 5n 8417.lp 8418Let's look at a sample 8419.i HdrInfo 8420specification: 8421.(b 8422.ta 4n +\w'"content-transfer-encoding", 'u 8423struct hdrinfo HdrInfo[] = 8424\&{ 8425 /* originator fields, most to least significant */ 8426 "resent-sender", H_FROM, 8427 "resent-from", H_FROM, 8428 "sender", H_FROM, 8429 "from", H_FROM, 8430 "full-name", H_ACHECK, 8431 "errors-to", H_FROM\^|\^H_ERRORSTO, 8432 /* destination fields */ 8433 "to", H_RCPT, 8434 "resent-to", H_RCPT, 8435 "cc", H_RCPT, 8436 "bcc", H_RCPT\^|\^H_STRIPVAL, 8437 /* message identification and control */ 8438 "message", H_EOH, 8439 "text", H_EOH, 8440 /* trace fields */ 8441 "received", H_TRACE\^|\^H_FORCE, 8442 /* miscellaneous fields */ 8443 "content-transfer-encoding", H_CTE, 8444 "content-type", H_CTYPE, 8445 8446 NULL, 0, 8447}; 8448.)b 8449This structure indicates that the 8450.q To: , 8451.q Resent-To: , 8452and 8453.q Cc: 8454fields 8455all specify recipient addresses. 8456Any 8457.q Full-Name: 8458field will be deleted unless the required mailer flag 8459(indicated in the configuration file) 8460is specified. 8461The 8462.q Message: 8463and 8464.q Text: 8465fields will terminate the header; 8466these are used by random dissenters around the network world. 8467The 8468.q Received: 8469field will always be added, 8470and can be used to trace messages. 8471.pp 8472There are a number of important points here. 8473First, 8474header fields are not added automatically just because they are in the 8475.i HdrInfo 8476structure; 8477they must be specified in the configuration file 8478in order to be added to the message. 8479Any header fields mentioned in the configuration file but not 8480mentioned in the 8481.i HdrInfo 8482structure have default processing performed; 8483that is, 8484they are added unless they were in the message already. 8485Second, 8486the 8487.i HdrInfo 8488structure only specifies cliched processing; 8489certain headers are processed specially by ad hoc code 8490regardless of the status specified in 8491.i HdrInfo . 8492For example, 8493the 8494.q Sender: 8495and 8496.q From: 8497fields are always scanned on ARPANET mail 8498to determine the sender\**; 8499.(f 8500\**Actually, this is no longer true in SMTP; 8501this information is contained in the envelope. 8502The older ARPANET protocols did not completely distinguish 8503envelope from header. 8504.)f 8505this is used to perform the 8506.q "return to sender" 8507function. 8508The 8509.q "From:" 8510and 8511.q "Full-Name:" 8512fields are used to determine the full name of the sender 8513if possible; 8514this is stored in the macro 8515.b $x 8516and used in a number of ways. 8517.sh 3 "Restricting Use of Email" 8518.pp 8519If it is necessary to restrict mail through a relay, 8520the 8521.i checkcompat 8522routine can be modified. 8523This routine is called for every recipient address. 8524It returns an exit status 8525indicating the status of the message. 8526The status 8527.sm EX_OK 8528accepts the address, 8529.sm EX_TEMPFAIL 8530queues the message for a later try, 8531and other values 8532(commonly 8533.sm EX_UNAVAILABLE ) 8534reject the message. 8535It is up to 8536.i checkcompat 8537to print an error message 8538(using 8539.i usrerr ) 8540if the message is rejected. 8541For example, 8542.i checkcompat 8543could read: 8544.(b 8545.re 8546.sz -1 8547.ta 4n +4n +4n +4n +4n +4n +4n 8548int 8549checkcompat(to, e) 8550 register ADDRESS *to; 8551 register ENVELOPE *e; 8552\&{ 8553 register STAB *s; 8554 8555 s = stab("private", ST_MAILER, ST_FIND); 8556 if (s != NULL && e\->e_from.q_mailer != LocalMailer && 8557 to->q_mailer == s->s_mailer) 8558 { 8559 usrerr("No private net mail allowed through this machine"); 8560 return (EX_UNAVAILABLE); 8561 } 8562 if (MsgSize > 50000 && bitnset(M_LOCALMAILER, to\->q_mailer)) 8563 { 8564 usrerr("Message too large for non-local delivery"); 8565 e\->e_flags |= EF_NORETURN; 8566 return (EX_UNAVAILABLE); 8567 } 8568 return (EX_OK); 8569} 8570.sz 8571.)b 8572This would reject messages greater than 50000 bytes 8573unless they were local. 8574The 8575.i EF_NORETURN 8576flag can be set in 8577.i e\(->e_flags 8578to suppress the return of the actual body 8579of the message in the error return. 8580The actual use of this routine is highly dependent on the 8581implementation, 8582and use should be limited. 8583.sh 3 "New Database Map Classes" 8584.pp 8585New key maps can be added by creating a class initialization function 8586and a lookup function. 8587These are then added to the routine 8588.i setupmaps. 8589.pp 8590The initialization function is called as 8591.(b 8592\fIxxx\fP_map_init(MAP *map, char *args) 8593.)b 8594The 8595.i map 8596is an internal data structure. 8597The 8598.i args 8599is a pointer to the portion of the configuration file line 8600following the map class name; 8601flags and filenames can be extracted from this line. 8602The initialization function must return 8603.sm TRUE 8604if it successfully opened the map, 8605.sm FALSE 8606otherwise. 8607.pp 8608The lookup function is called as 8609.(b 8610\fIxxx\fP_map_lookup(MAP *map, char buf[], char **av, int *statp) 8611.)b 8612The 8613.i map 8614defines the map internally. 8615The 8616.i buf 8617has the input key. 8618This may be (and often is) used destructively. 8619The 8620.i av 8621is a list of arguments passed in from the rewrite line. 8622The lookup function should return a pointer to the new value. 8623If the map lookup fails, 8624.i *statp 8625should be set to an exit status code; 8626in particular, it should be set to 8627.sm EX_TEMPFAIL 8628if recovery is to be attempted by the higher level code. 8629.sh 3 "Queueing Function" 8630.pp 8631The routine 8632.i shouldqueue 8633is called to decide if a message should be queued 8634or processed immediately. 8635Typically this compares the message priority to the current load average. 8636The default definition is: 8637.(b 8638bool 8639shouldqueue(pri, ctime) 8640 long pri; 8641 time_t ctime; 8642{ 8643 if (CurrentLA < QueueLA) 8644 return (FALSE); 8645 return (pri > (QueueFactor / (CurrentLA \- QueueLA + 1))); 8646} 8647.)b 8648If the current load average 8649(global variable 8650.i CurrentLA , 8651which is set before this function is called) 8652is less than the low threshold load average 8653(option 8654.b x , 8655variable 8656.i QueueLA ), 8657.i shouldqueue 8658returns 8659.sm FALSE 8660immediately 8661(that is, it should 8662.i not 8663queue). 8664If the current load average exceeds the high threshold load average 8665(option 8666.b X , 8667variable 8668.i RefuseLA ), 8669.i shouldqueue 8670returns 8671.sm TRUE 8672immediately. 8673Otherwise, it computes the function based on the message priority, 8674the queue factor 8675(option 8676.b q , 8677global variable 8678.i QueueFactor ), 8679and the current and threshold load averages. 8680.pp 8681An implementation wishing to take the actual age of the message into account 8682can also use the 8683.i ctime 8684parameter, 8685which is the time that the message was first submitted to 8686.i sendmail . 8687Note that the 8688.i pri 8689parameter is already weighted 8690by the number of times the message has been tried 8691(although this tends to lower the priority of the message with time); 8692the expectation is that the 8693.i ctime 8694would be used as an 8695.q "escape clause" 8696to ensure that messages are eventually processed. 8697.sh 3 "Refusing Incoming SMTP Connections" 8698.pp 8699The function 8700.i refuseconnections 8701returns 8702.sm TRUE 8703if incoming SMTP connections should be refused. 8704The current implementation is based exclusively on the current load average 8705and the refuse load average option 8706(option 8707.b X , 8708global variable 8709.i RefuseLA ): 8710.(b 8711bool 8712refuseconnections() 8713{ 8714 return (RefuseLA > 0 && CurrentLA >= RefuseLA); 8715} 8716.)b 8717A more clever implementation 8718could look at more system resources. 8719.sh 3 "Load Average Computation" 8720.pp 8721The routine 8722.i getla 8723returns the current load average (as a rounded integer). 8724The distribution includes several possible implementations. 8725If you are porting to a new environment 8726you may need to add some new tweaks.\** 8727.(f 8728\**If you do, please send updates to 8729sendmail@Sendmail.ORG. 8730.)f 8731.sh 2 "Configuration in sendmail/daemon.c" 8732.pp 8733The file 8734.i sendmail/daemon.c 8735contains a number of routines that are dependent 8736on the local networking environment. 8737The version supplied assumes you have BSD style sockets. 8738.pp 8739In previous releases, 8740we recommended that you modify the routine 8741.i maphostname 8742if you wanted to generalize 8743.b $[ 8744\&...\& 8745.b $] 8746lookups. 8747We now recommend that you create a new keyed map instead. 8748.sh 2 "Certificates for STARTTLS" 8749.pp 8750In this section we assume that 8751.i sendmail 8752has been compiled with support for STARTTLS. 8753When acting as a server, 8754.i sendmail 8755requires X.509 certificates to support STARTTLS: 8756one as certificate for the server (ServerCertFile and corresponding 8757private ServerKeyFile) 8758at least one root CA (CACERTFile), 8759i.e., a certificate that is used to sign other certificates, 8760and a path to a directory which contains other CAs (CACERTPath). 8761The file specified via 8762CACERTFile 8763can contain several certificates of CAs. 8764The DNs of these certificates are sent 8765to the client during the TLS handshake (as part of the 8766CertificateRequest) as the list of acceptable CAs. 8767The CACERTPath directory must contain the hashes of each CA certificate 8768as filenames (or as links to them). 8769Symbolic links can be generated with the following 8770two (Bourne) shell commands: 8771.(b 8772C=FileName_of_CA_Certificate 8773ln -s $C `openssl x509 -noout -hash < $C`.0 8774.)b 8775An X.509 certificate is also required for authentication in client mode 8776(ClientCertFile and corresponding private ClientKeyFile), however, 8777.i sendmail 8778will always use STARTTLS when offered by a server. 8779The client and server certificates can be identical. 8780Certificates can be obtained from a certificate authority 8781or created with the help of OpenSSL. 8782The required format for certificates and private keys is PEM. 8783To allow for automatic startup of sendmail, private keys 8784(ServerKeyFile, ClientKeyFile) 8785must be stored unencrypted. 8786The keys are only protected by the permissions of the file system. 8787Never make a private key available to a third party. 8788.sh 2 "PRNG for STARTTLS" 8789.pp 8790STARTTLS requires a strong pseudo random number generator (PRNG) 8791to operate properly. 8792Depending on the TLS library you use, it may be required to explicitly 8793initialize the PRNG with random data. 8794OpenSSL makes use of 8795.b /dev/urandom(4) 8796if available (this corresponds to the compile flag HASURANDOMDEV). 8797On systems which lack this support, a random file must be specified in the 8798.i sendmail.cf 8799file using the option RandFile. 8800It is 8801.b strongly 8802advised to use the "Entropy Gathering Daemon" EGD 8803from Brian Warner on those systems to provide useful random data. 8804In this case, 8805.i sendmail 8806must be compiled with the flag EGD, and the 8807RandFile option must point to the EGD socket. 8808If neither 8809.b /dev/urandom(4) 8810nor EGD are available, you have to make sure 8811that useful random data is available all the time in RandFile. 8812If the file hasn't been modified in the last 10 minutes before 8813it is supposed to be used by 8814.i sendmail 8815the content is considered obsolete. 8816One method for generating this file is: 8817.(b 8818openssl rand -out /etc/mail/randfile -rand \c 8819.i /path/to/file:... \c 8820256 8821.)b 8822See the OpenSSL documentation for more information. 8823In this case, the PRNG for TLS is only 8824seeded with other random data if the 8825.b DontBlameSendmail 8826option 8827.b InsufficientEntropy 8828is set. 8829This is most likely not sufficient for certain actions, e.g., 8830generation of (temporary) keys. 8831.pp 8832Please see the OpenSSL documentation or other sources 8833for further information about certificates, their creation and their usage, 8834the importance of a good PRNG, and other aspects of TLS. 8835.sh 1 "ACKNOWLEDGEMENTS" 8836.pp 8837I've worked on 8838.i sendmail 8839for many years, 8840and many employers have been remarkably patient 8841about letting me work on a large project 8842that was not part of my official job. 8843This includes time on the INGRES Project at 8844the University of California at Berkeley, 8845at Britton Lee, 8846and again on the Mammoth and Titan Projects at Berkeley. 8847.pp 8848Much of the second wave of improvements 8849resulting in version 8.1 8850should be credited to Bryan Costales of the 8851International Computer Science Institute. 8852As he passed me drafts of his book on 8853.i sendmail 8854I was inspired to start working on things again. 8855Bryan was also available to bounce ideas off of. 8856.pp 8857Gregory Neil Shapiro 8858of Worcester Polytechnic Institute 8859has become instrumental in all phases of 8860.i sendmail 8861support and development, 8862and was largely responsible for getting versions 8.8 and 8.9 8863out the door. 8864.pp 8865Many, many people contributed chunks of code and ideas to 8866.i sendmail . 8867It has proven to be a group network effort. 8868Version 8 in particular was a group project. 8869The following people and organizations made notable contributions: 8870.(l 8871Claus Assmann 8872John Beck, Hewlett-Packard & Sun Microsystems 8873Keith Bostic, CSRG, University of California, Berkeley 8874Andrew Cheng, Sun Microsystems 8875Michael J. Corrigan, University of California, San Diego 8876Bryan Costales, International Computer Science Institute & InfoBeat 8877Pa\*:r (Pell) Emanuelsson 8878Craig Everhart, Transarc Corporation 8879Per Hedeland, Ericsson 8880Tom Ivar Helbekkmo, Norwegian School of Economics 8881Kari Hurtta, Finnish Meteorological Institute 8882Allan E. Johannesen, WPI 8883Jonathan Kamens, OpenVision Technologies, Inc. 8884Takahiro Kanbe, Fuji Xerox Information Systems Co., Ltd. 8885Brian Kantor, University of California, San Diego 8886John Kennedy, Cal State University, Chico 8887Murray S. Kucherawy, HookUp Communication Corp. 8888Bruce Lilly, Sony U.S. 8889Karl London 8890Motonori Nakamura, Ritsumeikan University & Kyoto University 8891John Gardiner Myers, Carnegie Mellon University 8892Neil Rickert, Northern Illinois University 8893Gregory Neil Shapiro, WPI 8894Eric Schnoebelen, Convex Computer Corp. 8895Eric Wassenaar, National Institute for Nuclear and High Energy Physics, Amsterdam 8896Randall Winchester, University of Maryland 8897Christophe Wolfhugel, Pasteur Institute & Herve Schauer Consultants (Paris) 8898Exactis.com, Inc. 8899.)l 8900I apologize for anyone I have omitted, misspelled, misattributed, or 8901otherwise missed. 8902At this point, I suspect that at least a hundred people 8903have contributed code, 8904and many more have contributed ideas, comments, and encouragement. 8905I've tried to list them in the RELEASE_NOTES in the distribution directory. 8906I appreciate their contribution as well. 8907.pp 8908Special thanks are reserved for Michael Corrigan and Christophe Wolfhugel, 8909who besides being wonderful guinea pigs and contributors 8910have also consented to be added to the ``sendmail@Sendmail.ORG'' list 8911and, by answering the bulk of the questions sent to that list, 8912have freed me up to do other work. 8913.++ A 8914.+c "COMMAND LINE FLAGS" 8915.ba 0 8916.nr ii 1i 8917.pp 8918Arguments must be presented with flags before addresses. 8919The flags are: 8920.ip \-b\fIx\fP 8921Set operation mode to 8922.i x . 8923Operation modes are: 8924.(b 8925.ta 4n 8926m Deliver mail (default) 8927s Speak SMTP on input side 8928a\(dg ``Arpanet'' mode (get envelope sender information from header) 8929d Run as a daemon in background 8930D Run as a daemon in foreground 8931t Run in test mode 8932v Just verify addresses, don't collect or deliver 8933i Initialize the alias database 8934p Print the mail queue 8935h Print the persistent host status database 8936H Purge expired entries from the persistent host status database 8937.)b 8938.(f 8939\(dgDeprecated. 8940.)f 8941.ip \-B\fItype\fP 8942Indicate body type. 8943.ip \-C\fIfile\fP 8944Use a different configuration file. 8945.i Sendmail 8946runs as the invoking user (rather than root) 8947when this flag is specified. 8948.ip \-d\fIlevel\fP 8949Set debugging level. 8950.ip "\-f\ \fIaddr\fP" 8951The envelope sender address is set to 8952.i addr . 8953This address may also be used in the From: header 8954if that header is missing during initial submission. 8955The envelope sender address is used as the recipient 8956for delivery status notifications 8957and may also appear in a Return-Path: header. 8958.ip \-F\ \fIname\fP 8959Sets the full name of this user to 8960.i name . 8961.ip \-G 8962When accepting messages via the command line, 8963indicate that they are for relay (gateway) submission. 8964sendmail may complain about syntactically invalid messages, 8965e.g., unqualified host names, 8966rather than fixing them when this flag is set. 8967sendmail will not do any canonicalization in this mode. 8968.ip "\-h\ \fIcnt\fP" 8969Sets the 8970.q "hop count" 8971to 8972.i cnt . 8973This represents the number of times this message has been processed 8974by 8975.i sendmail 8976(to the extent that it is supported by the underlying networks). 8977.i Cnt 8978is incremented during processing, 8979and if it reaches 8980MAXHOP 8981(currently 30) 8982.i sendmail 8983throws away the message with an error. 8984.ip "\-L \fItag\fP" 8985Sets the identifier used for syslog. 8986Note that this identifier is set 8987as early as possible. 8988However, 8989.i sendmail 8990may be used 8991if problems arise 8992before the command line arguments 8993are processed. 8994.ip \-n 8995Don't do aliasing or forwarding. 8996.ip "\-N \fInotifications\fP" 8997Tag all addresses being sent as wanting the indicated 8998.i notifications , 8999which consists of the word 9000.q NEVER 9001or a comma-separated list of 9002.q SUCCESS , 9003.q FAILURE , 9004and 9005.q DELAY 9006for successful delivery, 9007failure, 9008and a message that is stuck in a queue somewhere. 9009The default is 9010.q FAILURE,DELAY . 9011.ip "\-r\ \fIaddr\fP" 9012An obsolete form of 9013.b \-f . 9014.ip \-o\fIx\|value\fP 9015Set option 9016.i x 9017to the specified 9018.i value . 9019These options are described in Section 5.6. 9020.ip \-O\fIoption\fP\fB=\fP\fIvalue\fP 9021Set 9022.i option 9023to the specified 9024.i value 9025(for long form option names). 9026These options are described in Section 5.6. 9027.ip \-M\fIx\|value\fP 9028Set macro 9029.i x 9030to the specified 9031.i value . 9032.ip \-p\fIprotocol\fP 9033Set the sending protocol. 9034Programs are encouraged to set this. 9035The protocol field can be in the form 9036.i protocol \c 9037.b : \c 9038.i host 9039to set both the sending protocol and sending host. 9040For example, 9041.q \-pUUCP:uunet 9042sets the sending protocol to UUCP 9043and the sending host to uunet. 9044(Some existing programs use \-oM to set the r and s macros; 9045this is equivalent to using \-p.) 9046.ip \-q\fItime\fP 9047Try to process the queued up mail. 9048If the time is given, 9049a 9050.i sendmail 9051will run through the queue at the specified interval 9052to deliver queued mail; 9053otherwise, it only runs once. 9054.ip \-q\fIXstring\fP 9055Run the queue once, 9056limiting the jobs to those matching 9057.i Xstring . 9058The key letter 9059.i X 9060can be 9061.b I 9062to limit based on queue identifier, 9063.b R 9064to limit based on recipient, 9065or 9066.b S 9067to limit based on sender. 9068A particular queued job is accepted if one of the corresponding addresses 9069contains the indicated 9070.i string . 9071Multiple 9072.i \-q\fIX\fP 9073flags are permitted, 9074with items with the same key letter 9075.q or'ed 9076together, and items with different key letters 9077.q and'ed 9078together. 9079.ip "\-R ret" 9080What information you want returned if the message bounces; 9081.i ret 9082can be 9083.q HDRS 9084for headers only or 9085.q FULL 9086for headers plus body. 9087This is a request only; 9088the other end is not required to honor the parameter. 9089If 9090.q HDRS 9091is specified local bounces also return only the headers. 9092.ip \-t 9093Read the header for 9094.q To: , 9095.q Cc: , 9096and 9097.q Bcc: 9098lines, and send to everyone listed in those lists. 9099The 9100.q Bcc: 9101line will be deleted before sending. 9102Any addresses in the argument vector will be deleted 9103from the send list. 9104.ip "\-U" 9105Indicate that this is an initial User Agent submission. 9106This flag is deprecated. 9107Future releases will ignore this flag and 9108assume all submissions from the command line are 9109initial submissions. 9110.ip "\-V envid" 9111The indicated 9112.i envid 9113is passed with the envelope of the message 9114and returned if the message bounces. 9115.ip "\-X \fIlogfile\fP" 9116Log all traffic in and out of 9117.i sendmail 9118in the indicated 9119.i logfile 9120for debugging mailer problems. 9121This produces a lot of data very quickly and should be used sparingly. 9122.pp 9123There are a number of options that may be specified as 9124primitive flags. 9125These are the e, i, m, and v options. 9126Also, 9127the f option 9128may be specified as the 9129.b \-s 9130flag. 9131The DSN related options 9132.q "\-N" , 9133.q "\-R" , 9134and 9135.q "\-V" 9136have no effects on 9137.i sendmail 9138running as daemon. 9139.+c "QUEUE FILE FORMATS" 9140.pp 9141This appendix describes the format of the queue files. 9142These files live in the directory defined by the 9143.b Q 9144option in the 9145.i sendmail.cf 9146file, usually 9147.i /var/spool/mqueue 9148or 9149.i /usr/spool/mqueue . 9150The individual qf, df, and xf files 9151may be stored in separate 9152.i qf/ , 9153.i df/ , 9154and 9155.i xf/ 9156subdirectories 9157if they are present in the queue directory. 9158.pp 9159To use multiple queues, 9160supply a value ending with an asterisk. 9161For example, 9162.i /var/spool/mqueue/q* 9163will use all of the directories or symbolic links to directories 9164beginning with `q' in 9165.i /var/spool/mqueue 9166as queue directories. 9167New messages will be randomly placed 9168into one of the queues. 9169Do not change the queue directory structure 9170while sendmail is running. 9171.pp 9172All queue files have the name 9173\fIx\fP\|\fBf\fP\fIYMDhmsNPPPPP\fP 9174where 9175.i YMDhmsNPPPPP 9176is the 9177.i id 9178for this message 9179and the 9180.i x 9181is a type. 9182The individual letters in the 9183.i id 9184are: 9185.nr ii 0.5i 9186.ip Y 9187Encoded year 9188.ip M 9189Encoded month 9190.ip D 9191Encoded day 9192.ip h 9193Encoded hour 9194.ip m 9195Encoded minute 9196.ip s 9197Encoded second 9198.ip N 9199Envelope number 9200.ip PPPPP 9201At least five digits of the process ID 9202.pp 9203All files with the same id collectively define one message. 9204If memory-buffered files are available, 9205some of these files may never appear 9206on disk. 9207.pp 9208The types are: 9209.nr ii 0.5i 9210.ip d 9211The data file. 9212The message body (excluding the header) is kept in this file. 9213.ip q 9214The queue control file. 9215This file contains the information necessary to process the job. 9216.ip t 9217A temporary file. 9218These are an image of the 9219.b qf 9220file when it is being rebuilt. 9221It should be renamed to a 9222.b qf 9223file very quickly. 9224.ip x 9225A transcript file, 9226existing during the life of a session 9227showing everything that happens 9228during that session. 9229.pp 9230The 9231.b qf 9232file is structured as a series of lines 9233each beginning with a code letter. 9234The lines are as follows: 9235.ip V 9236The version number of the queue file format, 9237used to allow new 9238.i sendmail 9239binaries to read queue files created by older versions. 9240Defaults to version zero. 9241Must be the first line of the file if present. 9242For 8.10 the version number is 4. 9243.ip A 9244The information given by the AUTH= parameter of the 9245.q "MAIL FROM:" 9246command or $f@$j 9247if sendmail has been called directly. 9248.ip H 9249A header definition. 9250There may be any number of these lines. 9251The order is important: 9252they represent the order in the final message. 9253These use the same syntax 9254as header definitions in the configuration file. 9255.ip C 9256The controlling address. 9257The syntax is 9258.q localuser:aliasname . 9259Recipient addresses following this line 9260will be flagged so that deliveries will be run as the 9261.i localuser 9262(a user name from the /etc/passwd file); 9263.i aliasname 9264is the name of the alias that expanded to this address 9265(used for printing messages). 9266.ip Q 9267The ``original recipient'', 9268specified by the ORCPT= field in an ESMTP transaction. 9269Used exclusively for Delivery Status Notifications. 9270It applies only to the immediately following `R' line. 9271.ip R 9272A recipient address. 9273This will normally be completely aliased, 9274but is actually realiased when the job is processed. 9275There will be one line 9276for each recipient. 9277Version 1 qf files 9278also include a leading colon-terminated list of flags, 9279which can be 9280`S' to return a message on successful final delivery, 9281`F' to return a message on failure, 9282`D' to return a message if the message is delayed, 9283`B' to indicate that the body should be returned, 9284`N' to suppress returning the body, 9285and 9286`P' to declare this as a ``primary'' (command line or SMTP-session) address. 9287.ip S 9288The sender address. 9289There may only be one of these lines. 9290.ip T 9291The job creation time. 9292This is used to compute when to time out the job. 9293.ip P 9294The current message priority. 9295This is used to order the queue. 9296Higher numbers mean lower priorities. 9297The priority changes 9298as the message sits in the queue. 9299The initial priority depends on the message class 9300and the size of the message. 9301.ip M 9302A message. 9303This line is printed by the 9304.i mailq 9305command, 9306and is generally used to store status information. 9307It can contain any text. 9308.ip F 9309Flag bits, represented as one letter per flag. 9310Defined flag bits are 9311.b r 9312indicating that this is a response message 9313and 9314.b w 9315indicating that a warning message has been sent 9316announcing that the mail has been delayed. 9317.ip N 9318The total number of delivery attempts. 9319.ip K 9320The time (as seconds since January 1, 1970) 9321of the last delivery attempt. 9322.ip I 9323The i-number of the data file; 9324this can be used to recover your mail queue 9325after a disastrous disk crash. 9326.ip $ 9327A macro definition. 9328The values of certain macros 9329are passed through to the queue run phase. 9330.ip B 9331The body type. 9332The remainder of the line is a text string defining the body type. 9333If this field is missing, 9334the body type is assumed to be 9335.q "undefined" 9336and no special processing is attempted. 9337Legal values are 9338.q 7BIT 9339and 9340.q 8BITMIME . 9341.ip Z 9342The original envelope id (from the ESMTP transaction). 9343For Deliver Status Notifications only. 9344.pp 9345As an example, 9346the following is a queue file sent to 9347.q eric@mammoth.Berkeley.EDU 9348and 9349.q bostic@okeeffe.CS.Berkeley.EDU \**: 9350.(f 9351\**This example is contrived and probably inaccurate for your environment. 9352Glance over it to get an idea; 9353nothing can replace looking at what your own system generates. 9354.)f 9355.(b 9356V4 9357T711358135 9358K904446490 9359N0 9360P2100941 9361$_eric@localhost 9362${daemon_flags} 9363Seric 9364Ceric:100:1000:sendmail@vangogh.CS.Berkeley.EDU 9365RPFD:eric@mammoth.Berkeley.EDU 9366RPFD:bostic@okeeffe.CS.Berkeley.EDU 9367H?P?Return-path: <^g> 9368H??Received: by vangogh.CS.Berkeley.EDU (5.108/2.7) id AAA06703; 9369 Fri, 17 Jul 1992 00:28:55 -0700 9370H??Received: from mail.CS.Berkeley.EDU by vangogh.CS.Berkeley.EDU (5.108/2.7) 9371 id AAA06698; Fri, 17 Jul 1992 00:28:54 -0700 9372H??Received: from [128.32.31.21] by mail.CS.Berkeley.EDU (5.96/2.5) 9373 id AA22777; Fri, 17 Jul 1992 03:29:14 -0400 9374H??Received: by foo.bar.baz.de (5.57/Ultrix3.0-C) 9375 id AA22757; Fri, 17 Jul 1992 09:31:25 GMT 9376H?F?From: eric@foo.bar.baz.de (Eric Allman) 9377H?x?Full-name: Eric Allman 9378H??Message-id: <9207170931.AA22757@foo.bar.baz.de> 9379H??To: sendmail@vangogh.CS.Berkeley.EDU 9380H??Subject: this is an example message 9381.)b 9382This shows 9383the person who sent the message, 9384the submission time 9385(in seconds since January 1, 1970), 9386the message priority, 9387the message class, 9388the recipients, 9389and the headers for the message. 9390.+c "SUMMARY OF SUPPORT FILES" 9391.pp 9392This is a summary of the support files 9393that 9394.i sendmail 9395creates or generates. 9396Many of these can be changed by editing the sendmail.cf file; 9397check there to find the actual pathnames. 9398.nr ii 1i 9399.ip "/usr/\*(SD/sendmail" 9400The binary of 9401.i sendmail . 9402.ip /usr/\*(SB/newaliases 9403A link to /usr/\*(SD/sendmail; 9404causes the alias database to be rebuilt. 9405Running this program is completely equivalent to giving 9406.i sendmail 9407the 9408.b \-bi 9409flag. 9410.ip /usr/\*(SB/mailq 9411Prints a listing of the mail queue. 9412This program is equivalent to using the 9413.b \-bp 9414flag to 9415.i sendmail . 9416.ip /etc/mail/sendmail.cf 9417The configuration file, 9418in textual form. 9419.ip /etc/mail/helpfile 9420The SMTP help file. 9421.ip /etc/mail/statistics 9422A statistics file; need not be present. 9423.ip /etc/mail/sendmail.pid 9424Created in daemon mode; 9425it contains the process id of the current SMTP daemon. 9426If you use this in scripts; 9427use ``head \-1'' to get just the first line; 9428the second line contains the command line used to invoke the daemon, 9429and later versions of 9430.i sendmail 9431may add more information to subsequent lines. 9432.ip /etc/mail/aliases 9433The textual version of the alias file. 9434.ip /etc/mail/aliases.db 9435The alias file in 9436.i hash \|(3) 9437format. 9438.ip /etc/mail/aliases.{pag,dir} 9439The alias file in 9440.i ndbm \|(3) 9441format. 9442.ip /var/spool/mqueue 9443The directory in which the mail queue(s) 9444and temporary files reside. 9445.ip /var/spool/mqueue/qf* 9446Control (queue) files for messages. 9447.ip /var/spool/mqueue/df* 9448Data files. 9449.ip /var/spool/mqueue/tf* 9450Temporary versions of the qf files, 9451used during queue file rebuild. 9452.ip /var/spool/mqueue/xf* 9453A transcript of the current session. 9454.if o \ 9455\{\ 9456. bp 9457. rs 9458. sp |4i 9459. ce 2 9460This page intentionally left blank; 9461replace it with a blank sheet for double-sided output. 9462.\} 9463.\".ro 9464.\".ls 1 9465.\".tp 9466.\".sp 2i 9467.\".in 0 9468.\".ce 100 9469.\".sz 24 9470.\".b SENDMAIL 9471.\".sz 14 9472.\".sp 9473.\"INSTALLATION AND OPERATION GUIDE 9474.\".sp 9475.\".sz 10 9476.\"Eric Allman 9477.\".sp
| 6445.ip ProcessTitlePrefix=\fIstring\fP 6446[no short name] 6447Prefix the process title shown on 'ps' listings with 6448.i string . 6449The 6450.i string 6451will be macro processed. 6452.ip QueueDirectory=\fIdir\fP 6453[Q] 6454Use the named 6455.i dir 6456as the queue directory. 6457To use multiple queues, supply a value ending with an asterisk. 6458For example, 6459.i /var/spool/mqueue/q* 6460will use all of the directories or symbolic links to directories 6461beginning with 6462.i q 6463in 6464.i /var/spool/mqueue 6465as queue directories. 6466Do not change the queue directory structure 6467while sendmail is running. 6468.ip QueueFactor=\fIfactor\fP 6469[q] 6470Use 6471.i factor 6472as the multiplier in the map function 6473to decide when to just queue up jobs rather than run them. 6474This value is divided by the difference between the current load average 6475and the load average limit 6476(\c 6477.b QueueLA 6478option) 6479to determine the maximum message priority 6480that will be sent. 6481Defaults to 600000. 6482.ip QueueLA=\fILA\fP 6483[x] 6484When the system load average exceeds 6485.i LA 6486and the 6487.b QueueFactor 6488(\c 6489.b q ) 6490option divided by the difference in the current load average and the 6491.b QueueLA 6492option plus one 6493is less than the priority of the message, 6494just queue messages 6495(i.e., don't try to send them). 6496Defaults to 8 multiplied by 6497the number of processors online on the system 6498(if that can be determined). 6499.ip QueueSortOrder=\fIalgorithm\fP 6500[no short name] 6501Sets the 6502.i algorithm 6503used for sorting the queue. 6504Only the first character of the value is used. 6505Legal values are 6506.q host 6507(to order by the name of the first host name of the first recipient), 6508.q filename 6509(to order by the name of the queue file name), 6510.q time 6511(to order by the submission time), 6512and 6513.q priority 6514(to order by message priority). 6515Host ordering makes better use of the connection cache, 6516but may tend to process low priority messages 6517that go to a single host 6518over high priority messages that go to several hosts; 6519it probably shouldn't be used on slow network links. 6520Filename ordering saves the overhead of 6521reading all of the queued items 6522before starting the queue run. 6523Time ordering is almost always a bad idea, 6524since it allows large, bulk mail to go out 6525before smaller, personal mail, 6526but may have applicability on some hosts with very fast connections. 6527Priority ordering is the default. 6528.ip QueueTimeout=\fItimeout\fP 6529[T] 6530A synonym for 6531.q Timeout.queuereturn . 6532Use that form instead of the 6533.q QueueTimeout 6534form. 6535.ip RandFile 6536[no short name] 6537Name of file containing random data or the name of the UNIX socket 6538if EGD is used. 6539A (required) prefix "egd:" or "file:" specifies the type. 6540STARTTLS requires this filename if the compile flag HASURANDOMDEV is not set 6541(see sendmail/README). 6542.ip ResolverOptions=\fIoptions\fP 6543[I] 6544Set resolver options. 6545Values can be set using 6546.b + \c 6547.i flag 6548and cleared using 6549.b \- \c 6550.i flag ; 6551the 6552.i flag s 6553can be 6554.q debug , 6555.q aaonly , 6556.q usevc , 6557.q primary , 6558.q igntc , 6559.q recurse , 6560.q defnames , 6561.q stayopen , 6562or 6563.q dnsrch . 6564The string 6565.q HasWildcardMX 6566(without a 6567.b + 6568or 6569.b \- ) 6570can be specified to turn off matching against MX records 6571when doing name canonifications. 6572.b N.B. 6573Prior to 8.7, 6574this option indicated that the name server be responding 6575in order to accept addresses. 6576This has been replaced by checking to see 6577if the 6578.q dns 6579method is listed in the service switch entry for the 6580.q hosts 6581service. 6582.ip RrtImpliesDsn 6583[R] 6584If this option is set, a 6585.q Return-Receipt-To: 6586header causes the request of a DSN, which is sent to 6587the envelope sender as required by RFC1891, 6588not to the address given in the header. 6589.ip RunAsUser=\fIuser\fP 6590[no short name] 6591The 6592.i user 6593parameter may be a user name 6594(looked up in 6595.i /etc/passwd ) 6596or a numeric user id; 6597either form can have 6598.q ":group" 6599attached 6600(where group can be numeric or symbolic). 6601If set to a non-zero (non-root) value, 6602.i sendmail 6603will change to this user id shortly after startup\**. 6604.(f 6605\**When running as a daemon, 6606it changes to this user after accepting a connection 6607but before reading any 6608.sm SMTP 6609commands. 6610.)f 6611This avoids a certain class of security problems. 6612However, this means that all 6613.q \&.forward 6614and 6615.q :include: 6616files must be readable by the indicated 6617.i user 6618and all files to be written must be writable by 6619.i user 6620Also, all file and program deliveries will be marked unsafe 6621unless the option 6622.b DontBlameSendmail=NonRootSafeAddr 6623is set, 6624in which case the delivery will be done as 6625.i user . 6626It is also incompatible with the 6627.b SafeFileEnvironment 6628option. 6629In other words, it may not actually add much to security on an average system, 6630and may in fact detract from security 6631(because other file permissions must be loosened). 6632However, it should be useful on firewalls and other 6633places where users don't have accounts and the aliases file is 6634well constrained. 6635.ip RecipientFactor=\fIfact\fP 6636[y] 6637The indicated 6638.i fact or 6639is added to the priority (thus 6640.i lowering 6641the priority of the job) 6642for each recipient, 6643i.e., this value penalizes jobs with large numbers of recipients. 6644Defaults to 30000. 6645.ip RefuseLA=\fILA\fP 6646[X] 6647When the system load average exceeds 6648.i LA , 6649refuse incoming SMTP connections. 6650Defaults to 12 multiplied by 6651the number of processors online on the system 6652(if that can be determined). 6653.ip RetryFactor=\fIfact\fP 6654[Z] 6655The 6656.i fact or 6657is added to the priority 6658every time a job is processed. 6659Thus, 6660each time a job is processed, 6661its priority will be decreased by the indicated value. 6662In most environments this should be positive, 6663since hosts that are down are all too often down for a long time. 6664Defaults to 90000. 6665.ip SafeFileEnvironment=\fIdir\fP 6666[no short name] 6667If this option is set, 6668.i sendmail 6669will do a 6670.i chroot (2) 6671call into the indicated 6672.i dir ectory 6673before doing any file writes. 6674If the file name specified by the user begins with 6675.i dir , 6676that partial path name will be stripped off before writing, 6677so (for example) 6678if the SafeFileEnvironment variable is set to 6679.q /safe 6680then aliases of 6681.q /safe/logs/file 6682and 6683.q /logs/file 6684actually indicate the same file. 6685Additionally, if this option is set, 6686.i sendmail 6687refuses to deliver to symbolic links. 6688.ip SaveFromLine 6689[f] 6690Save 6691UNIX-style 6692.q From 6693lines at the front of headers. 6694Normally they are assumed redundant 6695and discarded. 6696.ip SendMimeErrors 6697[j] 6698If set, send error messages in MIME format 6699(see RFC2045 and RFC1344 for details). 6700If disabled, 6701.i sendmail 6702will not return the DSN keyword in response to an EHLO 6703and will not do Delivery Status Notification processing as described in 6704RFC1891. 6705.ip ServerCertFile 6706[no short name] 6707File containing the certificate of the server, i.e., this certificate 6708is used when sendmail acts as server. 6709.ip ServerKeyFile 6710[no short name] 6711File containing the private key belonging to the server certificate. 6712.ip ServiceSwitchFile=\fIfilename\fP 6713[no short name] 6714If your host operating system has a service switch abstraction 6715(e.g., /etc/nsswitch.conf on Solaris 6716or /etc/svc.conf on Ultrix and DEC OSF/1) 6717that service will be consulted and this option is ignored. 6718Otherwise, this is the name of a file 6719that provides the list of methods used to implement particular services. 6720The syntax is a series of lines, 6721each of which is a sequence of words. 6722The first word is the service name, 6723and following words are service types. 6724The services that 6725.i sendmail 6726consults directly are 6727.q aliases 6728and 6729.q hosts. 6730Service types can be 6731.q dns , 6732.q nis , 6733.q nisplus , 6734or 6735.q files 6736(with the caveat that the appropriate support 6737must be compiled in 6738before the service can be referenced). 6739If ServiceSwitchFile is not specified, it defaults to 6740/etc/mail/service.switch. 6741If that file does not exist, the default switch is: 6742.(b 6743aliases files 6744hosts dns nis files 6745.)b 6746The default file is 6747.q /etc/mail/service.switch . 6748.ip SevenBitInput 6749[7] 6750Strip input to seven bits for compatibility with old systems. 6751This shouldn't be necessary. 6752.ip SingleLineFromHeader 6753[no short name] 6754If set, From: lines that have embedded newlines are unwrapped 6755onto one line. 6756This is to get around a botch in Lotus Notes 6757that apparently cannot understand legally wrapped RFC822 headers. 6758.ip SingleThreadDelivery 6759[no short name] 6760If set, a client machine will never try to open two SMTP connections 6761to a single server machine at the same time, 6762even in different processes. 6763That is, if another 6764.i sendmail 6765is already talking to some host a new 6766.i sendmail 6767will not open another connection. 6768This property is of mixed value; 6769although this reduces the load on the other machine, 6770it can cause mail to be delayed 6771(for example, if one 6772.i sendmail 6773is delivering a huge message, other 6774.i sendmail s 6775won't be able to send even small messages). 6776Also, it requires another file descriptor 6777(for the lock file) 6778per connection, so you may have to reduce the 6779.b ConnectionCacheSize 6780option to avoid running out of per-process file descriptors. 6781Requires the 6782.b HostStatusDirectory 6783option. 6784.ip SmtpGreetingMessage=\fImessage\fP 6785[$e macro] 6786The message printed when the SMTP server starts up. 6787Defaults to 6788.q "$j Sendmail $v ready at $b". 6789.ip StatusFile=\fIfile\fP 6790[S] 6791Log summary statistics in the named 6792.i file . 6793If no file name is specified, "statistics" is used. 6794If not set, 6795no summary statistics are saved. 6796This file does not grow in size. 6797It can be printed using the 6798.i mailstats (8) 6799program. 6800.ip SuperSafe 6801[s] 6802Be super-safe when running things, 6803i.e., 6804always instantiate the queue file, 6805even if you are going to attempt immediate delivery. 6806.i Sendmail 6807always instantiates the queue file 6808before returning control to the client 6809under any circumstances. 6810This should really 6811.i always 6812be set. 6813.ip TempFileMode=\fImode\fP 6814[F] 6815The file mode for queue files, files to which 6816.i sendmail 6817delivers directly, and files in the 6818.b HostStatusDirectory . 6819It is interpreted in octal by default. 6820Defaults to 0600. 6821.ip Timeout.\fItype\fP=\|\fItimeout\fP 6822[r; subsumes old T option as well] 6823Set timeout values. 6824For more information, 6825see section 6826.\" XREF 68274.1. 6828.ip TimeZoneSpec=\fItzinfo\fP 6829[t] 6830Set the local time zone info to 6831.i tzinfo 6832\*- for example, 6833.q PST8PDT . 6834Actually, if this is not set, 6835the TZ environment variable is cleared (so the system default is used); 6836if set but null, the user's TZ variable is used, 6837and if set and non-null the TZ variable is set to this value. 6838.ip TrustedUser=\fIuser\fP 6839[no short name] 6840The 6841.i user 6842parameter may be a user name 6843(looked up in 6844.i /etc/passwd ) 6845or a numeric user id. 6846Trusted user for file ownership and starting the daemon. If set, generated 6847alias databases and the control socket (if configured) will automatically 6848be owned by this user. 6849.ip TryNullMXList 6850[w] 6851If this system is the 6852.q best 6853(that is, lowest preference) 6854MX for a given host, 6855its configuration rules should normally detect this situation 6856and treat that condition specially 6857by forwarding the mail to a UUCP feed, 6858treating it as local, 6859or whatever. 6860However, in some cases (such as Internet firewalls) 6861you may want to try to connect directly to that host 6862as though it had no MX records at all. 6863Setting this option causes 6864.i sendmail 6865to try this. 6866The downside is that errors in your configuration 6867are likely to be diagnosed as 6868.q "host unknown" 6869or 6870.q "message timed out" 6871instead of something more meaningful. 6872This option is disrecommended. 6873.ip UnixFromLine=\fIfromline\fP 6874[$l macro] 6875Defines the format used when 6876.i sendmail 6877must add a UNIX-style From_ line 6878(that is, a line beginning 6879.q From<space>user ). 6880Defaults to 6881.q "From $g $d" . 6882Don't change this unless your system uses a different UNIX mailbox format 6883(very unlikely). 6884.ip UnsafeGroupWrites 6885[no short name] 6886If set (default), 6887:include: and .forward files that are group writable are considered 6888.q unsafe , 6889that is, 6890they cannot reference programs or write directly to files. 6891World writable :include: and .forward files 6892are always unsafe. 6893.ip UseErrorsTo 6894[l] 6895If there is an 6896.q Errors-To: 6897header, send error messages to the addresses listed there. 6898They normally go to the envelope sender. 6899Use of this option causes 6900.i sendmail 6901to violate RFC 1123. 6902This option is disrecommended and deprecated. 6903.ip UserDatabaseSpec=\fIudbspec\fP 6904[U] 6905The user database specification. 6906.ip Verbose 6907[v] 6908Run in verbose mode. 6909If this is set, 6910.i sendmail 6911adjusts options 6912.b HoldExpensive 6913(old 6914.b c ) 6915and 6916.b DeliveryMode 6917(old 6918.b d ) 6919so that all mail is delivered completely 6920in a single job 6921so that you can see the entire delivery process. 6922Option 6923.b Verbose 6924should 6925.i never 6926be set in the configuration file; 6927it is intended for command line use only. 6928.ip XscriptFileBufferSize=\fIthreshold\fP 6929[no short name] 6930Set the 6931.i threshold , 6932in bytes, 6933before a memory-based 6934queue transcript file 6935becomes disk-based. 6936The default is 4096 bytes. 6937.lp 6938All options can be specified on the command line using the 6939\-O or \-o flag, 6940but most will cause 6941.i sendmail 6942to relinquish its setuid permissions. 6943The options that will not cause this are 6944SevenBitInput [7], 6945EightBitMode [8], 6946MinFreeBlocks [b], 6947CheckpointInterval [C], 6948DeliveryMode [d], 6949ErrorMode [e], 6950IgnoreDots [i], 6951SendMimeErrors [j], 6952LogLevel [L], 6953MeToo [m], 6954OldStyleHeaders [o], 6955PrivacyOptions [p], 6956SuperSafe [s], 6957Verbose [v], 6958QueueSortOrder, 6959MinQueueAge, 6960DefaultCharSet, 6961Dial Delay, 6962NoRecipientAction, 6963ColonOkInAddr, 6964MaxQueueRunSize, 6965SingleLineFromHeader, 6966and 6967AllowBogusHELO. 6968Actually, PrivacyOptions [p] given on the command line 6969are added to those already specified in the 6970.i sendmail.cf 6971file, i.e., they can't be reset. 6972Also, M (define macro) when defining the r or s macros 6973is also considered 6974.q safe . 6975.sh 2 "P \*- Precedence Definitions" 6976.pp 6977Values for the 6978.q "Precedence:" 6979field may be defined using the 6980.b P 6981control line. 6982The syntax of this field is: 6983.(b 6984\fBP\fP\fIname\fP\fB=\fP\fInum\fP 6985.)b 6986When the 6987.i name 6988is found in a 6989.q Precedence: 6990field, 6991the message class is set to 6992.i num . 6993Higher numbers mean higher precedence. 6994Numbers less than zero 6995have the special property 6996that if an error occurs during processing 6997the body of the message will not be returned; 6998this is expected to be used for 6999.q "bulk" 7000mail such as through mailing lists. 7001The default precedence is zero. 7002For example, 7003our list of precedences is: 7004.(b 7005Pfirst-class=0 7006Pspecial-delivery=100 7007Plist=\-30 7008Pbulk=\-60 7009Pjunk=\-100 7010.)b 7011People writing mailing list exploders 7012are encouraged to use 7013.q "Precedence: list" . 7014Older versions of 7015.i sendmail 7016(which discarded all error returns for negative precedences) 7017didn't recognize this name, giving it a default precedence of zero. 7018This allows list maintainers to see error returns 7019on both old and new versions of 7020.i sendmail . 7021.sh 2 "V \*- Configuration Version Level" 7022.pp 7023To provide compatibility with old configuration files, 7024the 7025.b V 7026line has been added to define some very basic semantics 7027of the configuration file. 7028These are not intended to be long term supports; 7029rather, they describe compatibility features 7030which will probably be removed in future releases. 7031.pp 7032.b N.B.: 7033these version 7034.i levels 7035have nothing 7036to do with the version 7037.i number 7038on the files. 7039For example, 7040as of this writing 7041version 8 config files 7042(specifically, 8.10) 7043used version level 9 configurations. 7044.pp 7045.q Old 7046configuration files are defined as version level one. 7047Version level two files make the following changes: 7048.np 7049Host name canonification ($[ ... $]) 7050appends a dot if the name is recognized; 7051this gives the config file a way of finding out if anything matched. 7052(Actually, this just initializes the 7053.q host 7054map with the 7055.q \-a. 7056flag \*- you can reset it to anything you prefer 7057by declaring the map explicitly.) 7058.np 7059Default host name extension is consistent throughout processing; 7060version level one configurations turned off domain extension 7061(that is, adding the local domain name) 7062during certain points in processing. 7063Version level two configurations are expected to include a trailing dot 7064to indicate that the name is already canonical. 7065.np 7066Local names that are not aliases 7067are passed through a new distinguished ruleset five; 7068this can be used to append a local relay. 7069This behavior can be prevented by resolving the local name 7070with an initial `@'. 7071That is, something that resolves to a local mailer and a user name of 7072.q vikki 7073will be passed through ruleset five, 7074but a user name of 7075.q @vikki 7076will have the `@' stripped, 7077will not be passed through ruleset five, 7078but will otherwise be treated the same as the prior example. 7079The expectation is that this might be used to implement a policy 7080where mail sent to 7081.q vikki 7082was handled by a central hub, 7083but mail sent to 7084.q vikki@localhost 7085was delivered directly. 7086.pp 7087Version level three files 7088allow # initiated comments on all lines. 7089Exceptions are backslash escaped # marks 7090and the $# syntax. 7091.pp 7092Version level four configurations 7093are completely equivalent to level three 7094for historical reasons. 7095.pp 7096Version level five configuration files 7097change the default definition of 7098.b $w 7099to be just the first component of the hostname. 7100.pp 7101Version level six configuration files 7102change many of the local processing options 7103(such as aliasing and matching the beginning of the address for 7104`|' characters) 7105to be mailer flags; 7106this allows fine-grained control over the special local processing. 7107Level six configuration files may also use long option names. 7108The 7109.b ColonOkInAddr 7110option (to allow colons in the local-part of addresses) 7111defaults 7112.b on 7113for lower numbered configuration files; 7114the configuration file requires some additional intelligence 7115to properly handle the RFC 822 group construct. 7116.pp 7117Version level seven configuration files 7118used new option names to replace old macros 7119(\c 7120.b $e 7121became 7122.b SmtpGreetingMessage , 7123.b $l 7124became 7125.b UnixFromLine , 7126and 7127.b $o 7128became 7129.b OperatorChars . 7130Also, prior to version seven, 7131the 7132.b F=q 7133flag (use 250 instead of 252 return value for 7134.sm "SMTP VRFY" 7135commands) 7136was assumed. 7137.pp 7138Version level eight configuration files allow 7139.b $# 7140on the left hand side of ruleset lines. 7141.pp 7142Version level nine configuration files allow 7143parentheses in rulesets, i.e. they are not treated 7144as comments and hence removed. 7145.pp 7146The 7147.b V 7148line may have an optional 7149.b / \c 7150.i vendor 7151to indicate that this configuration file uses modifications 7152specific to a particular vendor\**. 7153.(f 7154\**And of course, vendors are encouraged to add themselves 7155to the list of recognized vendors by editing the routine 7156.i setvendor 7157in 7158.i conf.c . 7159Please send e-mail to sendmail@Sendmail.ORG 7160to register your vendor dialect. 7161.)f 7162You may use 7163.q /Berkeley 7164to emphasize that this configuration file 7165uses the Berkeley dialect of 7166.i sendmail . 7167.sh 2 "K \*- Key File Declaration" 7168.pp 7169Special maps can be defined using the line: 7170.(b 7171Kmapname mapclass arguments 7172.)b 7173The 7174.i mapname 7175is the handle by which this map is referenced in the rewriting rules. 7176The 7177.i mapclass 7178is the name of a type of map; 7179these are compiled in to 7180.i sendmail . 7181The 7182.i arguments 7183are interpreted depending on the class; 7184typically, 7185there would be a single argument naming the file containing the map. 7186.pp 7187Maps are referenced using the syntax: 7188.(b 7189$( \fImap\fP \fIkey\fP $@ \fIarguments\fP $: \fIdefault\fP $) 7190.)b 7191where either or both of the 7192.i arguments 7193or 7194.i default 7195portion may be omitted. 7196The 7197.i "$@ arguments" 7198may appear more than once. 7199The indicated 7200.i key 7201and 7202.i arguments 7203are passed to the appropriate mapping function. 7204If it returns a value, it replaces the input. 7205If it does not return a value and the 7206.i default 7207is specified, the 7208.i default 7209replaces the input. 7210Otherwise, the input is unchanged. 7211.pp 7212The 7213.i arguments 7214are passed to the map for arbitrary use. 7215Most map classes can interpolate these arguments 7216into their values using the syntax 7217.q %\fIn\fP 7218(where 7219.i n 7220is a digit) 7221to indicate the corresponding 7222.i argument . 7223Argument 7224.q %0 7225indicates the database key. 7226For example, the rule 7227.(b 7228.ta 1.5i 7229R$\- ! $+ $: $(uucp $1 $@ $2 $: %1 @ %0 . UUCP $) 7230.)b 7231Looks up the UUCP name in a (user defined) UUCP map; 7232if not found it turns it into 7233.q \&.UUCP 7234form. 7235The database might contain records like: 7236.(b 7237decvax %1@%0.DEC.COM 7238research %1@%0.ATT.COM 7239.)b 7240Note that 7241.i default 7242clauses never do this mapping. 7243.pp 7244The built in map with both name and class 7245.q host 7246is the host name canonicalization lookup. 7247Thus, 7248the syntax: 7249.(b 7250$(host \fIhostname\fP$) 7251.)b 7252is equivalent to: 7253.(b 7254$[\fIhostname\fP$] 7255.)b 7256.pp 7257There are many defined classes. 7258.ip dbm 7259Database lookups using the ndbm(3) library. 7260.i Sendmail 7261must be compiled with 7262.b NDBM 7263defined. 7264.ip btree 7265Database lookups using the btree interface to the Berkeley DB 7266library. 7267.i Sendmail 7268must be compiled with 7269.b NEWDB 7270defined. 7271.ip hash 7272Database lookups using the hash interface to the Berkeley DB 7273library. 7274.i Sendmail 7275must be compiled with 7276.b NEWDB 7277defined. 7278.ip nis 7279NIS lookups. 7280.i Sendmail 7281must be compiled with 7282.b NIS 7283defined. 7284.ip nisplus 7285NIS+ lookups. 7286.i Sendmail 7287must be compiled with 7288.b NISPLUS 7289defined. 7290The argument is the name of the table to use for lookups, 7291and the 7292.b \-k 7293and 7294.b \-v 7295flags may be used to set the key and value columns respectively. 7296.ip hesiod 7297Hesiod lookups. 7298.i Sendmail 7299must be compiled with 7300.b HESIOD 7301defined. 7302.ip ldap 7303LDAP X500 directory lookups. 7304.i Sendmail 7305must be compiled with 7306.b LDAPMAP 7307defined. 7308The map supports most of the standard arguments 7309and most of the command line arguments of the 7310.i ldapsearch 7311program. 7312Note that, 7313by default, 7314if a single query matches multiple values, 7315only the first value will be returned 7316unless the 7317.b \-z 7318(value separator) 7319map flag is set. 7320Also, the 7321.b \-1 7322map flag will treat a multiple value return 7323as if there were no matches. 7324.ip netinfo 7325NeXT NetInfo lookups. 7326.i Sendmail 7327must be compiled with 7328.b NETINFO 7329defined. 7330.ip text 7331Text file lookups. 7332The format of the text file is defined by the 7333.b \-k 7334(key field number), 7335.b \-v 7336(value field number), 7337and 7338.b \-z 7339(field delimiter) 7340flags. 7341.ip ph 7342PH query map. 7343Contributed and supported by 7344Mark Roth, roth@uiuc.edu. 7345For more information, 7346consult the web site 7347.q http://www-dev.cso.uiuc.edu/sendmail/ . 7348.ip nsd 7349nsd map for IRIX 6.5 and later. 7350Contributed and supported by Bob Mende of SGI, 7351mende@sgi.com. 7352.ip stab 7353Internal symbol table lookups. 7354Used internally for aliasing. 7355.ip implicit 7356Really should be called 7357.q alias 7358\(em this is used to get the default lookups 7359for alias files, 7360and is the default if no class is specified for alias files. 7361.ip user 7362Looks up users using 7363.i getpwnam (3). 7364The 7365.b \-v 7366flag can be used to specify the name of the field to return 7367(although this is normally used only to check the existence 7368of a user). 7369.ip host 7370Canonifies host domain names. 7371Given a host name it calls the name server 7372to find the canonical name for that host. 7373.ip bestmx 7374Returns the best MX record for a host name given as the key. 7375The current machine is always preferred \*- 7376that is, if the current machine is one of the hosts listed as a 7377lowest-preference MX record, then it will be guaranteed to be returned. 7378This can be used to find out if this machine is the target for an MX record, 7379and mail can be accepted on that basis. 7380If the 7381.b \-z 7382flag is given, then all MX names are returned, 7383separated by the given delimiter. 7384.ip sequence 7385The arguments on the `K' line are a list of maps; 7386the resulting map searches the argument maps in order 7387until it finds a match for the indicated key. 7388For example, if the key definition is: 7389.(b 7390Kmap1 ... 7391Kmap2 ... 7392Kseqmap sequence map1 map2 7393.)b 7394then a lookup against 7395.q seqmap 7396first does a lookup in map1. 7397If that is found, it returns immediately. 7398Otherwise, the same key is used for map2. 7399.ip syslog 7400the key is logged via 7401.i syslogd \|(8). 7402The lookup returns the empty string. 7403.ip switch 7404Much like the 7405.q sequence 7406map except that the order of maps is determined by the service switch. 7407The argument is the name of the service to be looked up; 7408the values from the service switch are appended to the map name 7409to create new map names. 7410For example, consider the key definition: 7411.(b 7412Kali switch aliases 7413.)b 7414together with the service switch entry: 7415.(b 7416aliases nis files 7417.)b 7418This causes a query against the map 7419.q ali 7420to search maps named 7421.q ali.nis 7422and 7423.q ali.files 7424in that order. 7425.ip dequote 7426Strip double quotes (") from a name. 7427It does not strip backslashes, 7428and will not strip quotes if the resulting string 7429would contain unscannable syntax 7430(that is, basic errors like unbalanced angle brackets; 7431more sophisticated errors such as unknown hosts are not checked). 7432The intent is for use when trying to accept mail from systems such as 7433DECnet 7434that routinely quote odd syntax such as 7435.(b 7436"49ers::ubell" 7437.)b 7438A typical usage is probably something like: 7439.(b 7440Kdequote dequote 7441 7442\&... 7443 7444R$\- $: $(dequote $1 $) 7445R$\- $+ $: $>3 $1 $2 7446.)b 7447Care must be taken to prevent unexpected results; 7448for example, 7449.(b 7450"|someprogram < input > output" 7451.)b 7452will have quotes stripped, 7453but the result is probably not what you had in mind. 7454Fortunately these cases are rare. 7455.ip regex 7456The map definition on the 7457.b K 7458line contains a regular expression. 7459Any key input is compared to that expression using the 7460POSIX regular expressions routines regcomp(), regerr(), and regexec(). 7461Refer to the documentation for those routines for more information 7462about the regular expression matching. 7463No rewriting of the key is done if the 7464.b \-m 7465flag is used. Without it, the key is discarded or if 7466.b \-s 7467if used, it is substituted by the substring matches, delimited by 7468.b $| 7469or the string specified with the the 7470.b \-d 7471flag. The flags available for the map are 7472.(b 7473-n not 7474-f case sensitive 7475-b basic regular expressions 7476 (default is extended) 7477-s substring match 7478-d set the delimiter used for -s 7479-a append string to key 7480-m match only, do not 7481 replace/discard value 7482-D perform no lookup in deferred delivery mode. 7483.)b 7484The 7485.b \-s 7486flag can include an optional parameter which can be used 7487to select the substrings in the result of the lookup. For example, 7488.(b 7489-s1,3,4 7490.)b 7491Notes: to match a 7492.b $ 7493in a string, 7494\\$$ 7495must be used. 7496If the pattern contains spaces, they must be replaced 7497with the blank substitution character, unless it is 7498space itself. 7499.ip program 7500The arguments on the 7501.b K 7502line are the pathname to a program and any initial parameters to be passed. 7503When the map is called, 7504the key is added to the initial parameters 7505and the program is invoked 7506as the default user/group id. 7507The first line of standard output is returned as the value of the lookup. 7508This has many potential security problems, 7509and has terrible performance; 7510it should be used only when absolutely necessary. 7511.ip macro 7512Set or clear a macro value. 7513To set a macro, 7514pass the value as the first argument in the map lookup. 7515To clear a macro, 7516do not pass an argument in the map lookup. 7517The map always returns the empty string. 7518Example of typical usage include: 7519.(b 7520Kstorage macro 7521 7522\&... 7523 7524# set macro ${MyMacro} to the ruleset match 7525R$+ $: $(storage {MyMacro} $@ $1 $) $1 7526# set macro ${MyMacro} to an empty string 7527R$* $: $(storage {MyMacro} $@ $) $1 7528# clear macro ${MyMacro} 7529R$\- $: $(storage {MyMacro} $) $1 7530.)b 7531.ip arith 7532Perform simple arithmetic operations. 7533The operation is given as key, currently +, -, *, /, 7534l (for less than), and = are supported. 7535The two operands are given as arguments. 7536The lookup returns the result of the computation, 7537i.e. 7538.sm TRUE 7539or 7540.sm FALSE 7541for comparisons, integer values otherwise. 7542All options which are possible for maps are ignored. 7543A simple example is: 7544.(b 7545Kcomp arith 7546 7547\&... 7548 7549Scheck_etrn 7550R$* $: $(comp l $@ $&{load_avg} $@ 7 $) $1 7551RFALSE $# error \&... 7552.)b 7553.pp 7554Most of these accept as arguments the same optional flags 7555and a filename 7556(or a mapname for NIS; 7557the filename is the root of the database path, 7558so that 7559.q .db 7560or some other extension appropriate for the database type 7561will be added to get the actual database name). 7562Known flags are: 7563.ip "\-o" 7564Indicates that this map is optional \*- that is, 7565if it cannot be opened, 7566no error is produced, 7567and 7568.i sendmail 7569will behave as if the map existed but was empty. 7570.ip "\-N, \-O" 7571If neither 7572.b \-N 7573or 7574.b \-O 7575are specified, 7576.i sendmail 7577uses an adaptive algorithm to decide whether or not to look for null bytes 7578on the end of keys. 7579It starts by trying both; 7580if it finds any key with a null byte it never tries again without a null byte 7581and vice versa. 7582If 7583.b \-N 7584is specified it never tries without a null byte and 7585if 7586.b \-O 7587is specified it never tries with a null byte. 7588Setting one of 7589these can speed matches but are never necessary. 7590If both 7591.b \-N 7592and 7593.b \-O 7594are specified, 7595.i sendmail 7596will never try any matches at all \(em 7597that is, everything will appear to fail. 7598.ip "\-a\fIx\fP" 7599Append the string 7600.i x 7601on successful matches. 7602For example, the default 7603.i host 7604map appends a dot on successful matches. 7605.ip "\-T\fIx\fP" 7606Append the string 7607.i x 7608on temporary failures. 7609For example, 7610.i x 7611would be appended if a DNS lookup returned 7612.q "server failed" 7613or an NIS lookup could not locate a server. 7614See also the 7615.b \-t 7616flag. 7617.ip "\-f" 7618Do not fold upper to lower case before looking up the key. 7619.ip "\-m" 7620Match only (without replacing the value). 7621If you only care about the existence of a key and not the value 7622(as you might when searching the NIS map 7623.q hosts.byname 7624for example), 7625this flag prevents the map from substituting the value. 7626However, 7627The \-a argument is still appended on a match, 7628and the default is still taken if the match fails. 7629.ip "\-k\fIkeycol\fP" 7630The key column name (for NIS+) or number 7631(for text lookups). 7632For LDAP maps this is an LDAP filter string 7633in which %s is replaced with the literal contents of the lookup key 7634and %0 is replaced with the LDAP escaped contents of the lookup key 7635according to RFC2254. 7636.ip "\-v\fIvalcol\fP" 7637The value column name (for NIS+) or number 7638(for text lookups). 7639For LDAP maps this is the name of one or more 7640attributes to be returned; 7641multiple attributes can be separated by commas. 7642If not specified, all attributes found in the match 7643will be returned. 7644.ip "\-z\fIdelim\fP" 7645The column delimiter (for text lookups). 7646It can be a single character or one of the special strings 7647.q \|\en 7648or 7649.q \|\et 7650to indicate newline or tab respectively. 7651If omitted entirely, 7652the column separator is any sequence of white space. 7653For LDAP maps this is the separator character 7654to combine multiple values 7655into a single return string. 7656If not set, 7657the LDAP lookup will only return the first match found. 7658.ip "\-t" 7659Normally, when a map attempts to do a lookup 7660and the server fails 7661(e.g., 7662.i sendmail 7663couldn't contact any name server; 7664this is 7665.i not 7666the same as an entry not being found in the map), 7667the message being processed is queued for future processing. 7668The 7669.b \-t 7670flag turns off this behavior, 7671letting the temporary failure (server down) 7672act as though it were a permanent failure (entry not found). 7673It is particularly useful for DNS lookups, 7674where someone else's misconfigured name server can cause problems 7675on your machine. 7676However, care must be taken to ensure that you don't bounce mail 7677that would be resolved correctly if you tried again. 7678A common strategy is to forward such mail 7679to another, possibly better connected, mail server. 7680.ip "\-D" 7681Perform no lookup in deferred delivery mode. 7682This flag is set by default for the 7683.i host 7684map. 7685.ip "\-S\fIspacesub\fP 7686The character to use to replace space characters 7687after a successful map lookup (esp. useful for regex 7688and syslog maps). 7689.ip "\-s\fIspacesub\fP 7690For the dequote map only, 7691the character to use to replace space characters 7692after a successful dequote. 7693.ip "\-q" 7694Don't dequote the key before lookup. 7695.ip "\-L\fIlevel\fP 7696For the syslog map only, it specifies the level 7697to use for the syslog call. 7698.ip "\-A" 7699When rebuilding an alias file, 7700the 7701.b \-A 7702flag causes duplicate entries in the text version 7703to be merged. 7704For example, two entries: 7705.(b 7706list: user1, user2 7707list: user3 7708.)b 7709would be treated as though it were the single entry 7710.(b 7711list: user1, user2, user3 7712.)b 7713in the presence of the 7714.b \-A 7715flag. 7716.pp 7717The following additional flags are present in the ldap map only: 7718.ip "\-R" 7719Do not auto chase referrals. sendmail must be compiled with 7720.b \-DLDAP_REFERRALS 7721to use this flag. 7722.ip "\-n" 7723Retrieve attribute names only. 7724.ip "\-r\fIderef\fP" 7725Set the alias dereference option to one of never, always, search, or find. 7726.ip "\-s\fIscope\fP" 7727Set search scope to one of base, one (one level), or sub (subtree). 7728.ip "\-h\fIhost\fP" 7729LDAP server hostname. 7730Some LDAP libraries allow you to specify multiple, space-separated hosts for 7731redundancy. 7732In addition, each of the hosts listed can be followed by a colon and a port 7733number to override the default LDAP port. 7734.ip "\-b\fIbase\fP" 7735LDAP search base. 7736.ip "\-p\fIport\fP" 7737LDAP service port. 7738.ip "\-l\fItimelimit\fP" 7739Time limit for LDAP queries. 7740.ip "\-Z\fIsizelimit\fP" 7741Size (number of matches) limit for LDAP queries. 7742.ip "\-d\fIdistinguished_name\fP" 7743The distinguished name to use to login to the LDAP server. 7744.ip "\-M\fImethod\fP" 7745The method to authenticate to the LDAP server. 7746Should be one of 7747.b LDAP_AUTH_NONE , 7748.b LDAP_AUTH_SIMPLE , 7749or 7750.b LDAP_AUTH_KRBV4 . 7751.ip "\-P\fIpasswordfile\fP" 7752The file containing the secret key for the 7753.b LDAP_AUTH_SIMPLE 7754authentication method 7755or the name of the Kerberos ticket file for 7756.b LDAP_AUTH_KRBV4 . 7757.ip "\-1" 7758Force LDAP searches to only succeed if a single match is found. 7759If multiple values are found, 7760the search is treated as if no match was found. 7761.pp 7762The 7763.i dbm 7764map appends the strings 7765.q \&.pag 7766and 7767.q \&.dir 7768to the given filename; 7769the 7770.i hash 7771and 7772.i btree 7773maps append 7774.q \&.db . 7775For example, the map specification 7776.(b 7777Kuucp dbm \-o \-N /etc/mail/uucpmap 7778.)b 7779specifies an optional map named 7780.q uucp 7781of class 7782.q dbm ; 7783it always has null bytes at the end of every string, 7784and the data is located in 7785/etc/mail/uucpmap.{dir,pag}. 7786.pp 7787The program 7788.i makemap (8) 7789can be used to build any of the three database-oriented maps. 7790It takes the following flags: 7791.ip \-f 7792Do not fold upper to lower case in the map. 7793.ip \-N 7794Include null bytes in keys. 7795.ip \-o 7796Append to an existing (old) file. 7797.ip \-r 7798Allow replacement of existing keys; 7799normally, re-inserting an existing key is an error. 7800.ip \-v 7801Print what is happening. 7802.lp 7803The 7804.i sendmail 7805daemon does not have to be restarted to read the new maps 7806as long as you change them in place; 7807file locking is used so that the maps won't be read 7808while they are being updated. 7809.pp 7810New classes can be added in the routine 7811.b setupmaps 7812in file 7813.b conf.c . 7814.sh 2 "The User Database" 7815.pp 7816If you have a version of 7817.i sendmail 7818with the user database package 7819compiled in, 7820the handling of sender and recipient addresses 7821is modified. 7822.pp 7823The location of this database is controlled with the 7824.b UserDatabaseSpec 7825option. 7826.sh 3 "Structure of the user database" 7827.pp 7828The database is a sorted (BTree-based) structure. 7829User records are stored with the key: 7830.(b 7831\fIuser-name\fP\fB:\fP\fIfield-name\fP 7832.)b 7833The sorted database format ensures that user records are clustered together. 7834Meta-information is always stored with a leading colon. 7835.pp 7836Field names define both the syntax and semantics of the value. 7837Defined fields include: 7838.nr ii 1i 7839.ip maildrop 7840The delivery address for this user. 7841There may be multiple values of this record. 7842In particular, 7843mailing lists will have one 7844.i maildrop 7845record for each user on the list. 7846.ip "mailname" 7847The outgoing mailname for this user. 7848For each outgoing name, 7849there should be an appropriate 7850.i maildrop 7851record for that name to allow return mail. 7852See also 7853.i :default:mailname . 7854.ip mailsender 7855Changes any mail sent to this address to have the indicated envelope sender. 7856This is intended for mailing lists, 7857and will normally be the name of an appropriate -request address. 7858It is very similar to the owner-\c 7859.i list 7860syntax in the alias file. 7861.ip fullname 7862The full name of the user. 7863.ip office-address 7864The office address for this user. 7865.ip office-phone 7866The office phone number for this user. 7867.ip office-fax 7868The office FAX number for this user. 7869.ip home-address 7870The home address for this user. 7871.ip home-phone 7872The home phone number for this user. 7873.ip home-fax 7874The home FAX number for this user. 7875.ip project 7876A (short) description of the project this person is affiliated with. 7877In the University this is often just the name of their graduate advisor. 7878.ip plan 7879A pointer to a file from which plan information can be gathered. 7880.pp 7881As of this writing, 7882only a few of these fields are actually being used by 7883.i sendmail : 7884.i maildrop 7885and 7886.i mailname . 7887A 7888.i finger 7889program that uses the other fields is planned. 7890.sh 3 "User database semantics" 7891.pp 7892When the rewriting rules submit an address to the local mailer, 7893the user name is passed through the alias file. 7894If no alias is found (or if the alias points back to the same address), 7895the name (with 7896.q :maildrop 7897appended) 7898is then used as a key in the user database. 7899If no match occurs (or if the maildrop points at the same address), 7900forwarding is tried. 7901.pp 7902If the first token of the user name returned by ruleset 0 7903is an 7904.q @ 7905sign, the user database lookup is skipped. 7906The intent is that the user database will act as a set of defaults 7907for a cluster (in our case, the Computer Science Division); 7908mail sent to a specific machine should ignore these defaults. 7909.pp 7910When mail is sent, 7911the name of the sending user is looked up in the database. 7912If that user has a 7913.q mailname 7914record, 7915the value of that record is used as their outgoing name. 7916For example, I might have a record: 7917.(b 7918eric:mailname Eric.Allman@CS.Berkeley.EDU 7919.)b 7920This would cause my outgoing mail to be sent as Eric.Allman. 7921.pp 7922If a 7923.q maildrop 7924is found for the user, 7925but no corresponding 7926.q mailname 7927record exists, 7928the record 7929.q :default:mailname 7930is consulted. 7931If present, this is the name of a host to override the local host. 7932For example, in our case we would set it to 7933.q CS.Berkeley.EDU . 7934The effect is that anyone known in the database 7935gets their outgoing mail stamped as 7936.q user@CS.Berkeley.EDU , 7937but people not listed in the database use the local hostname. 7938.sh 3 "Creating the database\**" 7939.(f 7940\**These instructions are known to be incomplete. 7941Other features are available which provide similar functionality, 7942e.g., virtual hosting and mapping local addresses into a 7943generic form as explained in cf/README. 7944.)f 7945.pp 7946The user database is built from a text file 7947using the 7948.i makemap 7949utility 7950(in the distribution in the makemap subdirectory). 7951The text file is a series of lines corresponding to userdb records; 7952each line has a key and a value separated by white space. 7953The key is always in the format described above \*- 7954for example: 7955.(b 7956eric:maildrop 7957.)b 7958This file is normally installed in a system directory; 7959for example, it might be called 7960.i /etc/mail/userdb . 7961To make the database version of the map, run the program: 7962.(b 7963makemap btree /etc/mail/userdb < /etc/mail/userdb 7964.)b 7965Then create a config file that uses this. 7966For example, using the V8 M4 configuration, include the 7967following line in your .mc file: 7968.(b 7969define(\`confUSERDB_SPEC\', /etc/mail/userdb.db) 7970.)b 7971.sh 1 "OTHER CONFIGURATION" 7972.pp 7973There are some configuration changes that can be made by 7974recompiling 7975.i sendmail . 7976This section describes what changes can be made 7977and what has to be modified to make them. 7978In most cases this should be unnecessary 7979unless you are porting 7980.i sendmail 7981to a new environment. 7982.sh 2 "Parameters in devtools/OS/$oscf" 7983.pp 7984These parameters are intended to describe the compilation environment, 7985not site policy, 7986and should normally be defined in the operating system 7987configuration file. 7988.b "This section needs a complete rewrite." 7989.ip NDBM 7990If set, 7991the new version of the DBM library 7992that allows multiple databases will be used. 7993If neither NDBM nor NEWDB are set, 7994a much less efficient method of alias lookup is used. 7995.ip NEWDB 7996If set, use the new database package from Berkeley (from 4.4BSD). 7997This package is substantially faster than DBM or NDBM. 7998If NEWDB and NDBM are both set, 7999.i sendmail 8000will read DBM files, 8001but will create and use NEWDB files. 8002.ip NIS 8003Include support for NIS. 8004If set together with 8005.i both 8006NEWDB and NDBM, 8007.i sendmail 8008will create both DBM and NEWDB files if and only if 8009an alias file includes the substring 8010.q /yp/ 8011in the name. 8012This is intended for compatibility with Sun Microsystems' 8013.i mkalias 8014program used on YP masters. 8015.ip NISPLUS 8016Compile in support for NIS+. 8017.ip NETINFO 8018Compile in support for NetInfo (NeXT stations). 8019.ip LDAPMAP 8020Compile in support for LDAP X500 queries. 8021Requires libldap and liblber 8022from the Umich LDAP 3.2 or 3.3 release 8023or equivalent libraries for other LDAP libraries 8024such as OpenLDAP. 8025.ip HESIOD 8026Compile in support for Hesiod. 8027.ip MAP_NSD 8028Compile in support for IRIX NSD lookups. 8029.ip MAP_REGEX 8030Compile in support for regular expression matching. 8031.ip PH_MAP 8032Compile in support for ph lookups. 8033.ip SASL 8034Compile in support for SASL, 8035a required component for SMTP Authentication support. 8036.ip STARTTLS 8037Compile in support for STARTTLS. 8038.ip EGD 8039Compile in support for the "Entropy Gathering Daemon" 8040to provide better random data for TLS. 8041.ip SFIO 8042Compile in support for sfio, which is required to enable encryption, 8043e.g., STARTTLS. 8044.ip TCPWRAPPERS 8045Compile in support for TCP Wrappers. 8046.ip _PATH_SENDMAILCF 8047The pathname of the sendmail.cf file. 8048.ip _PATH_SENDMAILPID 8049The pathname of the sendmail.pid file. 8050.pp 8051There are also several compilation flags to indicate the environment 8052such as 8053.q _AIX3 8054and 8055.q _SCO_unix_ . 8056See the sendmail/README 8057file for the latest scoop on these flags. 8058.sh 2 "Parameters in sendmail/conf.h" 8059.pp 8060Parameters and compilation options 8061are defined in conf.h. 8062Most of these need not normally be tweaked; 8063common parameters are all in sendmail.cf. 8064However, the sizes of certain primitive vectors, etc., 8065are included in this file. 8066The numbers following the parameters 8067are their default value. 8068.pp 8069This document is not the best source of information 8070for compilation flags in conf.h \(em 8071see sendmail/README or sendmail/conf.h itself. 8072.nr ii 1.2i 8073.ip "MAXLINE [2048]" 8074The maximum line length of any input line. 8075If message lines exceed this length 8076they will still be processed correctly; 8077however, header lines, 8078configuration file lines, 8079alias lines, 8080etc., 8081must fit within this limit. 8082.ip "MAXNAME [256]" 8083The maximum length of any name, 8084such as a host or a user name. 8085.ip "MAXPV [256]" 8086The maximum number of parameters to any mailer. 8087This limits the number of recipients that may be passed in one transaction. 8088It can be set to any arbitrary number above about 10, 8089since 8090.i sendmail 8091will break up a delivery into smaller batches as needed. 8092A higher number may reduce load on your system, however. 8093.ip "MAXATOM [1000]" 8094The maximum number of atoms 8095(tokens) 8096in a single address. 8097For example, 8098the address 8099.q "eric@CS.Berkeley.EDU" 8100is seven atoms. 8101.ip "MAXMAILERS [25]" 8102The maximum number of mailers that may be defined 8103in the configuration file. 8104This value is defined in include/sendmail/sendmail.h. 8105.ip "MAXRWSETS [200]" 8106The maximum number of rewriting sets 8107that may be defined. 8108The first half of these are reserved for numeric specification 8109(e.g., ``S92''), 8110while the upper half are reserved for auto-numbering 8111(e.g., ``Sfoo''). 8112Thus, with a value of 200 an attempt to use ``S99'' will succeed, 8113but ``S100'' will fail. 8114.ip "MAXPRIORITIES [25]" 8115The maximum number of values for the 8116.q Precedence: 8117field that may be defined 8118(using the 8119.b P 8120line in sendmail.cf). 8121.ip "MAXUSERENVIRON [100]" 8122The maximum number of items in the user environment 8123that will be passed to subordinate mailers. 8124.ip "MAXMXHOSTS [100]" 8125The maximum number of MX records we will accept for any single host. 8126.ip "MAXALIASDB [12]" 8127The maximum number of alias databases that can be open at any time. 8128Note that there may also be an open file limit. 8129.ip "MAXMAPSTACK [12]" 8130The maximum number of maps that may be "stacked" in a 8131.b sequence 8132class map. 8133.ip "MAXMIMEARGS [20]" 8134The maximum number of arguments in a MIME Content-Type: header; 8135additional arguments will be ignored. 8136.ip "MAXMIMENESTING [20]" 8137The maximum depth to which MIME messages may be nested 8138(that is, nested Message or Multipart documents; 8139this does not limit the number of components in a single Multipart document). 8140.ip "MAXDAEMONS [10]" 8141The maximum number of sockets sendmail will open for accepting connections 8142on different ports. 8143.ip "MAXMACNAMELEN [25]" 8144The maximum length of a macro name. 8145.lp 8146A number of other compilation options exist. 8147These specify whether or not specific code should be compiled in. 8148Ones marked with \(dg 8149are 0/1 valued. 8150.nr ii 1.2i 8151.ip NETINET\(dg 8152If set, 8153support for Internet protocol networking is compiled in. 8154Previous versions of 8155.i sendmail 8156referred to this as 8157.sm DAEMON ; 8158this old usage is now incorrect. 8159Defaults on; 8160turn it off in the Makefile 8161if your system doesn't support the Internet protocols. 8162.ip NETINET6\(dg 8163If set, 8164support for IPv6 networking is compiled in. 8165It must be separately enabled by adding DaemonPortOptions settings. 8166.ip NETISO\(dg 8167If set, 8168support for ISO protocol networking is compiled in 8169(it may be appropriate to #define this in the Makefile instead of conf.h). 8170.ip NETUNIX\(dg 8171If set, 8172support for UNIX domain sockets is compiled in. 8173This is used for control socket support. 8174.ip LOG 8175If set, 8176the 8177.i syslog 8178routine in use at some sites is used. 8179This makes an informational log record 8180for each message processed, 8181and makes a higher priority log record 8182for internal system errors. 8183.b "STRONGLY RECOMMENDED" 8184\(em if you want no logging, turn it off in the configuration file. 8185.ip MATCHGECOS\(dg 8186Compile in the code to do ``fuzzy matching'' on the GECOS field 8187in /etc/passwd. 8188This also requires that the 8189.b MatchGECOS 8190option be turned on. 8191.ip NAMED_BIND\(dg 8192Compile in code to use the 8193Berkeley Internet Name Domain (BIND) server 8194to resolve TCP/IP host names. 8195.ip NOTUNIX 8196If you are using a non-UNIX mail format, 8197you can set this flag to turn off special processing 8198of UNIX-style 8199.q "From " 8200lines. 8201.ip QUEUE\(dg 8202This flag should be set to compile in the queueing code. 8203If this is not set, 8204mailers must accept the mail immediately 8205or it will be returned to the sender. 8206.ip SMTP\(dg 8207If set, 8208the code to handle user and server SMTP will be compiled in. 8209This is only necessary if your machine has some mailer 8210that speaks SMTP 8211(this means most machines everywhere). 8212.ip USERDB\(dg 8213Include the 8214.b experimental 8215Berkeley user information database package. 8216This adds a new level of local name expansion 8217between aliasing and forwarding. 8218It also uses the NEWDB package. 8219This may change in future releases. 8220.lp 8221The following options are normally turned on 8222in per-operating-system clauses in conf.h. 8223.ip IDENTPROTO\(dg 8224Compile in the IDENT protocol as defined in RFC 1413. 8225This defaults on for all systems except Ultrix, 8226which apparently has the interesting 8227.q feature 8228that when it receives a 8229.q "host unreachable" 8230message it closes all open connections to that host. 8231Since some firewall gateways send this error code 8232when you access an unauthorized port (such as 113, used by IDENT), 8233Ultrix cannot receive email from such hosts. 8234.ip SYSTEM5 8235Set all of the compilation parameters appropriate for System V. 8236.ip HASFLOCK\(dg 8237Use Berkeley-style 8238.b flock 8239instead of System V 8240.b lockf 8241to do file locking. 8242Due to the highly unusual semantics of locks 8243across forks in 8244.b lockf , 8245this should always be used if at all possible. 8246.ip HASINITGROUPS 8247Set this if your system has the 8248.i initgroups() 8249call 8250(if you have multiple group support). 8251This is the default if SYSTEM5 is 8252.i not 8253defined or if you are on HPUX. 8254.ip HASUNAME 8255Set this if you have the 8256.i uname (2) 8257system call (or corresponding library routine). 8258Set by default if 8259SYSTEM5 8260is set. 8261.ip HASGETDTABLESIZE 8262Set this if you have the 8263.i getdtablesize (2) 8264system call. 8265.ip HASWAITPID 8266Set this if you have the 8267.i haswaitpid (2) 8268system call. 8269.ip FAST_PID_RECYCLE 8270Set this if your system can possibly 8271reuse the same pid in the same second of time. 8272.ip SFS_TYPE 8273The mechanism that can be used to get file system capacity information. 8274The values can be one of 8275SFS_USTAT (use the ustat(2) syscall), 8276SFS_4ARGS (use the four argument statfs(2) syscall), 8277SFS_VFS (use the two argument statfs(2) syscall including <sys/vfs.h>), 8278SFS_MOUNT (use the two argument statfs(2) syscall including <sys/mount.h>), 8279SFS_STATFS (use the two argument statfs(2) syscall including <sys/statfs.h>), 8280SFS_STATVFS (use the two argument statfs(2) syscall including <sys/statvfs.h>), 8281or 8282SFS_NONE (no way to get this information). 8283.ip LA_TYPE 8284The load average type. 8285Details are described below. 8286.lp 8287The are several built-in ways of computing the load average. 8288.i Sendmail 8289tries to auto-configure them based on imperfect guesses; 8290you can select one using the 8291.i cc 8292option 8293.b \-DLA_TYPE= \c 8294.i type , 8295where 8296.i type 8297is: 8298.ip LA_INT 8299The kernel stores the load average in the kernel as an array of long integers. 8300The actual values are scaled by a factor FSCALE 8301(default 256). 8302.ip LA_SHORT 8303The kernel stores the load average in the kernel as an array of short integers. 8304The actual values are scaled by a factor FSCALE 8305(default 256). 8306.ip LA_FLOAT 8307The kernel stores the load average in the kernel as an array of 8308double precision floats. 8309.ip LA_MACH 8310Use MACH-style load averages. 8311.ip LA_SUBR 8312Call the 8313.i getloadavg 8314routine to get the load average as an array of doubles. 8315.ip LA_ZERO 8316Always return zero as the load average. 8317This is the fallback case. 8318.lp 8319If type 8320.sm LA_INT , 8321.sm LA_SHORT , 8322or 8323.sm LA_FLOAT 8324is specified, 8325you may also need to specify 8326.sm _PATH_UNIX 8327(the path to your system binary) 8328and 8329.sm LA_AVENRUN 8330(the name of the variable containing the load average in the kernel; 8331usually 8332.q _avenrun 8333or 8334.q avenrun ). 8335.sh 2 "Configuration in sendmail/conf.c" 8336.pp 8337The following changes can be made in conf.c. 8338.sh 3 "Built-in Header Semantics" 8339.pp 8340Not all header semantics are defined in the configuration file. 8341Header lines that should only be included by certain mailers 8342(as well as other more obscure semantics) 8343must be specified in the 8344.i HdrInfo 8345table in 8346.i conf.c . 8347This table contains the header name 8348(which should be in all lower case) 8349and a set of header control flags (described below), 8350The flags are: 8351.ip H_ACHECK 8352Normally when the check is made to see if a header line is compatible 8353with a mailer, 8354.i sendmail 8355will not delete an existing line. 8356If this flag is set, 8357.i sendmail 8358will delete 8359even existing header lines. 8360That is, 8361if this bit is set and the mailer does not have flag bits set 8362that intersect with the required mailer flags 8363in the header definition in 8364sendmail.cf, 8365the header line is 8366.i always 8367deleted. 8368.ip H_EOH 8369If this header field is set, 8370treat it like a blank line, 8371i.e., 8372it will signal the end of the header 8373and the beginning of the message text. 8374.ip H_FORCE 8375Add this header entry 8376even if one existed in the message before. 8377If a header entry does not have this bit set, 8378.i sendmail 8379will not add another header line if a header line 8380of this name already existed. 8381This would normally be used to stamp the message 8382by everyone who handled it. 8383.ip H_TRACE 8384If set, 8385this is a timestamp 8386(trace) 8387field. 8388If the number of trace fields in a message 8389exceeds a preset amount 8390the message is returned 8391on the assumption that it has an aliasing loop. 8392.ip H_RCPT 8393If set, 8394this field contains recipient addresses. 8395This is used by the 8396.b \-t 8397flag to determine who to send to 8398when it is collecting recipients from the message. 8399.ip H_FROM 8400This flag indicates that this field 8401specifies a sender. 8402The order of these fields in the 8403.i HdrInfo 8404table specifies 8405.i sendmail 's 8406preference 8407for which field to return error messages to. 8408.ip H_ERRORSTO 8409Addresses in this header should receive error messages. 8410.ip H_CTE 8411This header is a Content-Transfer-Encoding header. 8412.ip H_CTYPE 8413This header is a Content-Type header. 8414.ip H_STRIPVAL 8415Strip the value from the header (for Bcc:). 8416.nr ii 5n 8417.lp 8418Let's look at a sample 8419.i HdrInfo 8420specification: 8421.(b 8422.ta 4n +\w'"content-transfer-encoding", 'u 8423struct hdrinfo HdrInfo[] = 8424\&{ 8425 /* originator fields, most to least significant */ 8426 "resent-sender", H_FROM, 8427 "resent-from", H_FROM, 8428 "sender", H_FROM, 8429 "from", H_FROM, 8430 "full-name", H_ACHECK, 8431 "errors-to", H_FROM\^|\^H_ERRORSTO, 8432 /* destination fields */ 8433 "to", H_RCPT, 8434 "resent-to", H_RCPT, 8435 "cc", H_RCPT, 8436 "bcc", H_RCPT\^|\^H_STRIPVAL, 8437 /* message identification and control */ 8438 "message", H_EOH, 8439 "text", H_EOH, 8440 /* trace fields */ 8441 "received", H_TRACE\^|\^H_FORCE, 8442 /* miscellaneous fields */ 8443 "content-transfer-encoding", H_CTE, 8444 "content-type", H_CTYPE, 8445 8446 NULL, 0, 8447}; 8448.)b 8449This structure indicates that the 8450.q To: , 8451.q Resent-To: , 8452and 8453.q Cc: 8454fields 8455all specify recipient addresses. 8456Any 8457.q Full-Name: 8458field will be deleted unless the required mailer flag 8459(indicated in the configuration file) 8460is specified. 8461The 8462.q Message: 8463and 8464.q Text: 8465fields will terminate the header; 8466these are used by random dissenters around the network world. 8467The 8468.q Received: 8469field will always be added, 8470and can be used to trace messages. 8471.pp 8472There are a number of important points here. 8473First, 8474header fields are not added automatically just because they are in the 8475.i HdrInfo 8476structure; 8477they must be specified in the configuration file 8478in order to be added to the message. 8479Any header fields mentioned in the configuration file but not 8480mentioned in the 8481.i HdrInfo 8482structure have default processing performed; 8483that is, 8484they are added unless they were in the message already. 8485Second, 8486the 8487.i HdrInfo 8488structure only specifies cliched processing; 8489certain headers are processed specially by ad hoc code 8490regardless of the status specified in 8491.i HdrInfo . 8492For example, 8493the 8494.q Sender: 8495and 8496.q From: 8497fields are always scanned on ARPANET mail 8498to determine the sender\**; 8499.(f 8500\**Actually, this is no longer true in SMTP; 8501this information is contained in the envelope. 8502The older ARPANET protocols did not completely distinguish 8503envelope from header. 8504.)f 8505this is used to perform the 8506.q "return to sender" 8507function. 8508The 8509.q "From:" 8510and 8511.q "Full-Name:" 8512fields are used to determine the full name of the sender 8513if possible; 8514this is stored in the macro 8515.b $x 8516and used in a number of ways. 8517.sh 3 "Restricting Use of Email" 8518.pp 8519If it is necessary to restrict mail through a relay, 8520the 8521.i checkcompat 8522routine can be modified. 8523This routine is called for every recipient address. 8524It returns an exit status 8525indicating the status of the message. 8526The status 8527.sm EX_OK 8528accepts the address, 8529.sm EX_TEMPFAIL 8530queues the message for a later try, 8531and other values 8532(commonly 8533.sm EX_UNAVAILABLE ) 8534reject the message. 8535It is up to 8536.i checkcompat 8537to print an error message 8538(using 8539.i usrerr ) 8540if the message is rejected. 8541For example, 8542.i checkcompat 8543could read: 8544.(b 8545.re 8546.sz -1 8547.ta 4n +4n +4n +4n +4n +4n +4n 8548int 8549checkcompat(to, e) 8550 register ADDRESS *to; 8551 register ENVELOPE *e; 8552\&{ 8553 register STAB *s; 8554 8555 s = stab("private", ST_MAILER, ST_FIND); 8556 if (s != NULL && e\->e_from.q_mailer != LocalMailer && 8557 to->q_mailer == s->s_mailer) 8558 { 8559 usrerr("No private net mail allowed through this machine"); 8560 return (EX_UNAVAILABLE); 8561 } 8562 if (MsgSize > 50000 && bitnset(M_LOCALMAILER, to\->q_mailer)) 8563 { 8564 usrerr("Message too large for non-local delivery"); 8565 e\->e_flags |= EF_NORETURN; 8566 return (EX_UNAVAILABLE); 8567 } 8568 return (EX_OK); 8569} 8570.sz 8571.)b 8572This would reject messages greater than 50000 bytes 8573unless they were local. 8574The 8575.i EF_NORETURN 8576flag can be set in 8577.i e\(->e_flags 8578to suppress the return of the actual body 8579of the message in the error return. 8580The actual use of this routine is highly dependent on the 8581implementation, 8582and use should be limited. 8583.sh 3 "New Database Map Classes" 8584.pp 8585New key maps can be added by creating a class initialization function 8586and a lookup function. 8587These are then added to the routine 8588.i setupmaps. 8589.pp 8590The initialization function is called as 8591.(b 8592\fIxxx\fP_map_init(MAP *map, char *args) 8593.)b 8594The 8595.i map 8596is an internal data structure. 8597The 8598.i args 8599is a pointer to the portion of the configuration file line 8600following the map class name; 8601flags and filenames can be extracted from this line. 8602The initialization function must return 8603.sm TRUE 8604if it successfully opened the map, 8605.sm FALSE 8606otherwise. 8607.pp 8608The lookup function is called as 8609.(b 8610\fIxxx\fP_map_lookup(MAP *map, char buf[], char **av, int *statp) 8611.)b 8612The 8613.i map 8614defines the map internally. 8615The 8616.i buf 8617has the input key. 8618This may be (and often is) used destructively. 8619The 8620.i av 8621is a list of arguments passed in from the rewrite line. 8622The lookup function should return a pointer to the new value. 8623If the map lookup fails, 8624.i *statp 8625should be set to an exit status code; 8626in particular, it should be set to 8627.sm EX_TEMPFAIL 8628if recovery is to be attempted by the higher level code. 8629.sh 3 "Queueing Function" 8630.pp 8631The routine 8632.i shouldqueue 8633is called to decide if a message should be queued 8634or processed immediately. 8635Typically this compares the message priority to the current load average. 8636The default definition is: 8637.(b 8638bool 8639shouldqueue(pri, ctime) 8640 long pri; 8641 time_t ctime; 8642{ 8643 if (CurrentLA < QueueLA) 8644 return (FALSE); 8645 return (pri > (QueueFactor / (CurrentLA \- QueueLA + 1))); 8646} 8647.)b 8648If the current load average 8649(global variable 8650.i CurrentLA , 8651which is set before this function is called) 8652is less than the low threshold load average 8653(option 8654.b x , 8655variable 8656.i QueueLA ), 8657.i shouldqueue 8658returns 8659.sm FALSE 8660immediately 8661(that is, it should 8662.i not 8663queue). 8664If the current load average exceeds the high threshold load average 8665(option 8666.b X , 8667variable 8668.i RefuseLA ), 8669.i shouldqueue 8670returns 8671.sm TRUE 8672immediately. 8673Otherwise, it computes the function based on the message priority, 8674the queue factor 8675(option 8676.b q , 8677global variable 8678.i QueueFactor ), 8679and the current and threshold load averages. 8680.pp 8681An implementation wishing to take the actual age of the message into account 8682can also use the 8683.i ctime 8684parameter, 8685which is the time that the message was first submitted to 8686.i sendmail . 8687Note that the 8688.i pri 8689parameter is already weighted 8690by the number of times the message has been tried 8691(although this tends to lower the priority of the message with time); 8692the expectation is that the 8693.i ctime 8694would be used as an 8695.q "escape clause" 8696to ensure that messages are eventually processed. 8697.sh 3 "Refusing Incoming SMTP Connections" 8698.pp 8699The function 8700.i refuseconnections 8701returns 8702.sm TRUE 8703if incoming SMTP connections should be refused. 8704The current implementation is based exclusively on the current load average 8705and the refuse load average option 8706(option 8707.b X , 8708global variable 8709.i RefuseLA ): 8710.(b 8711bool 8712refuseconnections() 8713{ 8714 return (RefuseLA > 0 && CurrentLA >= RefuseLA); 8715} 8716.)b 8717A more clever implementation 8718could look at more system resources. 8719.sh 3 "Load Average Computation" 8720.pp 8721The routine 8722.i getla 8723returns the current load average (as a rounded integer). 8724The distribution includes several possible implementations. 8725If you are porting to a new environment 8726you may need to add some new tweaks.\** 8727.(f 8728\**If you do, please send updates to 8729sendmail@Sendmail.ORG. 8730.)f 8731.sh 2 "Configuration in sendmail/daemon.c" 8732.pp 8733The file 8734.i sendmail/daemon.c 8735contains a number of routines that are dependent 8736on the local networking environment. 8737The version supplied assumes you have BSD style sockets. 8738.pp 8739In previous releases, 8740we recommended that you modify the routine 8741.i maphostname 8742if you wanted to generalize 8743.b $[ 8744\&...\& 8745.b $] 8746lookups. 8747We now recommend that you create a new keyed map instead. 8748.sh 2 "Certificates for STARTTLS" 8749.pp 8750In this section we assume that 8751.i sendmail 8752has been compiled with support for STARTTLS. 8753When acting as a server, 8754.i sendmail 8755requires X.509 certificates to support STARTTLS: 8756one as certificate for the server (ServerCertFile and corresponding 8757private ServerKeyFile) 8758at least one root CA (CACERTFile), 8759i.e., a certificate that is used to sign other certificates, 8760and a path to a directory which contains other CAs (CACERTPath). 8761The file specified via 8762CACERTFile 8763can contain several certificates of CAs. 8764The DNs of these certificates are sent 8765to the client during the TLS handshake (as part of the 8766CertificateRequest) as the list of acceptable CAs. 8767The CACERTPath directory must contain the hashes of each CA certificate 8768as filenames (or as links to them). 8769Symbolic links can be generated with the following 8770two (Bourne) shell commands: 8771.(b 8772C=FileName_of_CA_Certificate 8773ln -s $C `openssl x509 -noout -hash < $C`.0 8774.)b 8775An X.509 certificate is also required for authentication in client mode 8776(ClientCertFile and corresponding private ClientKeyFile), however, 8777.i sendmail 8778will always use STARTTLS when offered by a server. 8779The client and server certificates can be identical. 8780Certificates can be obtained from a certificate authority 8781or created with the help of OpenSSL. 8782The required format for certificates and private keys is PEM. 8783To allow for automatic startup of sendmail, private keys 8784(ServerKeyFile, ClientKeyFile) 8785must be stored unencrypted. 8786The keys are only protected by the permissions of the file system. 8787Never make a private key available to a third party. 8788.sh 2 "PRNG for STARTTLS" 8789.pp 8790STARTTLS requires a strong pseudo random number generator (PRNG) 8791to operate properly. 8792Depending on the TLS library you use, it may be required to explicitly 8793initialize the PRNG with random data. 8794OpenSSL makes use of 8795.b /dev/urandom(4) 8796if available (this corresponds to the compile flag HASURANDOMDEV). 8797On systems which lack this support, a random file must be specified in the 8798.i sendmail.cf 8799file using the option RandFile. 8800It is 8801.b strongly 8802advised to use the "Entropy Gathering Daemon" EGD 8803from Brian Warner on those systems to provide useful random data. 8804In this case, 8805.i sendmail 8806must be compiled with the flag EGD, and the 8807RandFile option must point to the EGD socket. 8808If neither 8809.b /dev/urandom(4) 8810nor EGD are available, you have to make sure 8811that useful random data is available all the time in RandFile. 8812If the file hasn't been modified in the last 10 minutes before 8813it is supposed to be used by 8814.i sendmail 8815the content is considered obsolete. 8816One method for generating this file is: 8817.(b 8818openssl rand -out /etc/mail/randfile -rand \c 8819.i /path/to/file:... \c 8820256 8821.)b 8822See the OpenSSL documentation for more information. 8823In this case, the PRNG for TLS is only 8824seeded with other random data if the 8825.b DontBlameSendmail 8826option 8827.b InsufficientEntropy 8828is set. 8829This is most likely not sufficient for certain actions, e.g., 8830generation of (temporary) keys. 8831.pp 8832Please see the OpenSSL documentation or other sources 8833for further information about certificates, their creation and their usage, 8834the importance of a good PRNG, and other aspects of TLS. 8835.sh 1 "ACKNOWLEDGEMENTS" 8836.pp 8837I've worked on 8838.i sendmail 8839for many years, 8840and many employers have been remarkably patient 8841about letting me work on a large project 8842that was not part of my official job. 8843This includes time on the INGRES Project at 8844the University of California at Berkeley, 8845at Britton Lee, 8846and again on the Mammoth and Titan Projects at Berkeley. 8847.pp 8848Much of the second wave of improvements 8849resulting in version 8.1 8850should be credited to Bryan Costales of the 8851International Computer Science Institute. 8852As he passed me drafts of his book on 8853.i sendmail 8854I was inspired to start working on things again. 8855Bryan was also available to bounce ideas off of. 8856.pp 8857Gregory Neil Shapiro 8858of Worcester Polytechnic Institute 8859has become instrumental in all phases of 8860.i sendmail 8861support and development, 8862and was largely responsible for getting versions 8.8 and 8.9 8863out the door. 8864.pp 8865Many, many people contributed chunks of code and ideas to 8866.i sendmail . 8867It has proven to be a group network effort. 8868Version 8 in particular was a group project. 8869The following people and organizations made notable contributions: 8870.(l 8871Claus Assmann 8872John Beck, Hewlett-Packard & Sun Microsystems 8873Keith Bostic, CSRG, University of California, Berkeley 8874Andrew Cheng, Sun Microsystems 8875Michael J. Corrigan, University of California, San Diego 8876Bryan Costales, International Computer Science Institute & InfoBeat 8877Pa\*:r (Pell) Emanuelsson 8878Craig Everhart, Transarc Corporation 8879Per Hedeland, Ericsson 8880Tom Ivar Helbekkmo, Norwegian School of Economics 8881Kari Hurtta, Finnish Meteorological Institute 8882Allan E. Johannesen, WPI 8883Jonathan Kamens, OpenVision Technologies, Inc. 8884Takahiro Kanbe, Fuji Xerox Information Systems Co., Ltd. 8885Brian Kantor, University of California, San Diego 8886John Kennedy, Cal State University, Chico 8887Murray S. Kucherawy, HookUp Communication Corp. 8888Bruce Lilly, Sony U.S. 8889Karl London 8890Motonori Nakamura, Ritsumeikan University & Kyoto University 8891John Gardiner Myers, Carnegie Mellon University 8892Neil Rickert, Northern Illinois University 8893Gregory Neil Shapiro, WPI 8894Eric Schnoebelen, Convex Computer Corp. 8895Eric Wassenaar, National Institute for Nuclear and High Energy Physics, Amsterdam 8896Randall Winchester, University of Maryland 8897Christophe Wolfhugel, Pasteur Institute & Herve Schauer Consultants (Paris) 8898Exactis.com, Inc. 8899.)l 8900I apologize for anyone I have omitted, misspelled, misattributed, or 8901otherwise missed. 8902At this point, I suspect that at least a hundred people 8903have contributed code, 8904and many more have contributed ideas, comments, and encouragement. 8905I've tried to list them in the RELEASE_NOTES in the distribution directory. 8906I appreciate their contribution as well. 8907.pp 8908Special thanks are reserved for Michael Corrigan and Christophe Wolfhugel, 8909who besides being wonderful guinea pigs and contributors 8910have also consented to be added to the ``sendmail@Sendmail.ORG'' list 8911and, by answering the bulk of the questions sent to that list, 8912have freed me up to do other work. 8913.++ A 8914.+c "COMMAND LINE FLAGS" 8915.ba 0 8916.nr ii 1i 8917.pp 8918Arguments must be presented with flags before addresses. 8919The flags are: 8920.ip \-b\fIx\fP 8921Set operation mode to 8922.i x . 8923Operation modes are: 8924.(b 8925.ta 4n 8926m Deliver mail (default) 8927s Speak SMTP on input side 8928a\(dg ``Arpanet'' mode (get envelope sender information from header) 8929d Run as a daemon in background 8930D Run as a daemon in foreground 8931t Run in test mode 8932v Just verify addresses, don't collect or deliver 8933i Initialize the alias database 8934p Print the mail queue 8935h Print the persistent host status database 8936H Purge expired entries from the persistent host status database 8937.)b 8938.(f 8939\(dgDeprecated. 8940.)f 8941.ip \-B\fItype\fP 8942Indicate body type. 8943.ip \-C\fIfile\fP 8944Use a different configuration file. 8945.i Sendmail 8946runs as the invoking user (rather than root) 8947when this flag is specified. 8948.ip \-d\fIlevel\fP 8949Set debugging level. 8950.ip "\-f\ \fIaddr\fP" 8951The envelope sender address is set to 8952.i addr . 8953This address may also be used in the From: header 8954if that header is missing during initial submission. 8955The envelope sender address is used as the recipient 8956for delivery status notifications 8957and may also appear in a Return-Path: header. 8958.ip \-F\ \fIname\fP 8959Sets the full name of this user to 8960.i name . 8961.ip \-G 8962When accepting messages via the command line, 8963indicate that they are for relay (gateway) submission. 8964sendmail may complain about syntactically invalid messages, 8965e.g., unqualified host names, 8966rather than fixing them when this flag is set. 8967sendmail will not do any canonicalization in this mode. 8968.ip "\-h\ \fIcnt\fP" 8969Sets the 8970.q "hop count" 8971to 8972.i cnt . 8973This represents the number of times this message has been processed 8974by 8975.i sendmail 8976(to the extent that it is supported by the underlying networks). 8977.i Cnt 8978is incremented during processing, 8979and if it reaches 8980MAXHOP 8981(currently 30) 8982.i sendmail 8983throws away the message with an error. 8984.ip "\-L \fItag\fP" 8985Sets the identifier used for syslog. 8986Note that this identifier is set 8987as early as possible. 8988However, 8989.i sendmail 8990may be used 8991if problems arise 8992before the command line arguments 8993are processed. 8994.ip \-n 8995Don't do aliasing or forwarding. 8996.ip "\-N \fInotifications\fP" 8997Tag all addresses being sent as wanting the indicated 8998.i notifications , 8999which consists of the word 9000.q NEVER 9001or a comma-separated list of 9002.q SUCCESS , 9003.q FAILURE , 9004and 9005.q DELAY 9006for successful delivery, 9007failure, 9008and a message that is stuck in a queue somewhere. 9009The default is 9010.q FAILURE,DELAY . 9011.ip "\-r\ \fIaddr\fP" 9012An obsolete form of 9013.b \-f . 9014.ip \-o\fIx\|value\fP 9015Set option 9016.i x 9017to the specified 9018.i value . 9019These options are described in Section 5.6. 9020.ip \-O\fIoption\fP\fB=\fP\fIvalue\fP 9021Set 9022.i option 9023to the specified 9024.i value 9025(for long form option names). 9026These options are described in Section 5.6. 9027.ip \-M\fIx\|value\fP 9028Set macro 9029.i x 9030to the specified 9031.i value . 9032.ip \-p\fIprotocol\fP 9033Set the sending protocol. 9034Programs are encouraged to set this. 9035The protocol field can be in the form 9036.i protocol \c 9037.b : \c 9038.i host 9039to set both the sending protocol and sending host. 9040For example, 9041.q \-pUUCP:uunet 9042sets the sending protocol to UUCP 9043and the sending host to uunet. 9044(Some existing programs use \-oM to set the r and s macros; 9045this is equivalent to using \-p.) 9046.ip \-q\fItime\fP 9047Try to process the queued up mail. 9048If the time is given, 9049a 9050.i sendmail 9051will run through the queue at the specified interval 9052to deliver queued mail; 9053otherwise, it only runs once. 9054.ip \-q\fIXstring\fP 9055Run the queue once, 9056limiting the jobs to those matching 9057.i Xstring . 9058The key letter 9059.i X 9060can be 9061.b I 9062to limit based on queue identifier, 9063.b R 9064to limit based on recipient, 9065or 9066.b S 9067to limit based on sender. 9068A particular queued job is accepted if one of the corresponding addresses 9069contains the indicated 9070.i string . 9071Multiple 9072.i \-q\fIX\fP 9073flags are permitted, 9074with items with the same key letter 9075.q or'ed 9076together, and items with different key letters 9077.q and'ed 9078together. 9079.ip "\-R ret" 9080What information you want returned if the message bounces; 9081.i ret 9082can be 9083.q HDRS 9084for headers only or 9085.q FULL 9086for headers plus body. 9087This is a request only; 9088the other end is not required to honor the parameter. 9089If 9090.q HDRS 9091is specified local bounces also return only the headers. 9092.ip \-t 9093Read the header for 9094.q To: , 9095.q Cc: , 9096and 9097.q Bcc: 9098lines, and send to everyone listed in those lists. 9099The 9100.q Bcc: 9101line will be deleted before sending. 9102Any addresses in the argument vector will be deleted 9103from the send list. 9104.ip "\-U" 9105Indicate that this is an initial User Agent submission. 9106This flag is deprecated. 9107Future releases will ignore this flag and 9108assume all submissions from the command line are 9109initial submissions. 9110.ip "\-V envid" 9111The indicated 9112.i envid 9113is passed with the envelope of the message 9114and returned if the message bounces. 9115.ip "\-X \fIlogfile\fP" 9116Log all traffic in and out of 9117.i sendmail 9118in the indicated 9119.i logfile 9120for debugging mailer problems. 9121This produces a lot of data very quickly and should be used sparingly. 9122.pp 9123There are a number of options that may be specified as 9124primitive flags. 9125These are the e, i, m, and v options. 9126Also, 9127the f option 9128may be specified as the 9129.b \-s 9130flag. 9131The DSN related options 9132.q "\-N" , 9133.q "\-R" , 9134and 9135.q "\-V" 9136have no effects on 9137.i sendmail 9138running as daemon. 9139.+c "QUEUE FILE FORMATS" 9140.pp 9141This appendix describes the format of the queue files. 9142These files live in the directory defined by the 9143.b Q 9144option in the 9145.i sendmail.cf 9146file, usually 9147.i /var/spool/mqueue 9148or 9149.i /usr/spool/mqueue . 9150The individual qf, df, and xf files 9151may be stored in separate 9152.i qf/ , 9153.i df/ , 9154and 9155.i xf/ 9156subdirectories 9157if they are present in the queue directory. 9158.pp 9159To use multiple queues, 9160supply a value ending with an asterisk. 9161For example, 9162.i /var/spool/mqueue/q* 9163will use all of the directories or symbolic links to directories 9164beginning with `q' in 9165.i /var/spool/mqueue 9166as queue directories. 9167New messages will be randomly placed 9168into one of the queues. 9169Do not change the queue directory structure 9170while sendmail is running. 9171.pp 9172All queue files have the name 9173\fIx\fP\|\fBf\fP\fIYMDhmsNPPPPP\fP 9174where 9175.i YMDhmsNPPPPP 9176is the 9177.i id 9178for this message 9179and the 9180.i x 9181is a type. 9182The individual letters in the 9183.i id 9184are: 9185.nr ii 0.5i 9186.ip Y 9187Encoded year 9188.ip M 9189Encoded month 9190.ip D 9191Encoded day 9192.ip h 9193Encoded hour 9194.ip m 9195Encoded minute 9196.ip s 9197Encoded second 9198.ip N 9199Envelope number 9200.ip PPPPP 9201At least five digits of the process ID 9202.pp 9203All files with the same id collectively define one message. 9204If memory-buffered files are available, 9205some of these files may never appear 9206on disk. 9207.pp 9208The types are: 9209.nr ii 0.5i 9210.ip d 9211The data file. 9212The message body (excluding the header) is kept in this file. 9213.ip q 9214The queue control file. 9215This file contains the information necessary to process the job. 9216.ip t 9217A temporary file. 9218These are an image of the 9219.b qf 9220file when it is being rebuilt. 9221It should be renamed to a 9222.b qf 9223file very quickly. 9224.ip x 9225A transcript file, 9226existing during the life of a session 9227showing everything that happens 9228during that session. 9229.pp 9230The 9231.b qf 9232file is structured as a series of lines 9233each beginning with a code letter. 9234The lines are as follows: 9235.ip V 9236The version number of the queue file format, 9237used to allow new 9238.i sendmail 9239binaries to read queue files created by older versions. 9240Defaults to version zero. 9241Must be the first line of the file if present. 9242For 8.10 the version number is 4. 9243.ip A 9244The information given by the AUTH= parameter of the 9245.q "MAIL FROM:" 9246command or $f@$j 9247if sendmail has been called directly. 9248.ip H 9249A header definition. 9250There may be any number of these lines. 9251The order is important: 9252they represent the order in the final message. 9253These use the same syntax 9254as header definitions in the configuration file. 9255.ip C 9256The controlling address. 9257The syntax is 9258.q localuser:aliasname . 9259Recipient addresses following this line 9260will be flagged so that deliveries will be run as the 9261.i localuser 9262(a user name from the /etc/passwd file); 9263.i aliasname 9264is the name of the alias that expanded to this address 9265(used for printing messages). 9266.ip Q 9267The ``original recipient'', 9268specified by the ORCPT= field in an ESMTP transaction. 9269Used exclusively for Delivery Status Notifications. 9270It applies only to the immediately following `R' line. 9271.ip R 9272A recipient address. 9273This will normally be completely aliased, 9274but is actually realiased when the job is processed. 9275There will be one line 9276for each recipient. 9277Version 1 qf files 9278also include a leading colon-terminated list of flags, 9279which can be 9280`S' to return a message on successful final delivery, 9281`F' to return a message on failure, 9282`D' to return a message if the message is delayed, 9283`B' to indicate that the body should be returned, 9284`N' to suppress returning the body, 9285and 9286`P' to declare this as a ``primary'' (command line or SMTP-session) address. 9287.ip S 9288The sender address. 9289There may only be one of these lines. 9290.ip T 9291The job creation time. 9292This is used to compute when to time out the job. 9293.ip P 9294The current message priority. 9295This is used to order the queue. 9296Higher numbers mean lower priorities. 9297The priority changes 9298as the message sits in the queue. 9299The initial priority depends on the message class 9300and the size of the message. 9301.ip M 9302A message. 9303This line is printed by the 9304.i mailq 9305command, 9306and is generally used to store status information. 9307It can contain any text. 9308.ip F 9309Flag bits, represented as one letter per flag. 9310Defined flag bits are 9311.b r 9312indicating that this is a response message 9313and 9314.b w 9315indicating that a warning message has been sent 9316announcing that the mail has been delayed. 9317.ip N 9318The total number of delivery attempts. 9319.ip K 9320The time (as seconds since January 1, 1970) 9321of the last delivery attempt. 9322.ip I 9323The i-number of the data file; 9324this can be used to recover your mail queue 9325after a disastrous disk crash. 9326.ip $ 9327A macro definition. 9328The values of certain macros 9329are passed through to the queue run phase. 9330.ip B 9331The body type. 9332The remainder of the line is a text string defining the body type. 9333If this field is missing, 9334the body type is assumed to be 9335.q "undefined" 9336and no special processing is attempted. 9337Legal values are 9338.q 7BIT 9339and 9340.q 8BITMIME . 9341.ip Z 9342The original envelope id (from the ESMTP transaction). 9343For Deliver Status Notifications only. 9344.pp 9345As an example, 9346the following is a queue file sent to 9347.q eric@mammoth.Berkeley.EDU 9348and 9349.q bostic@okeeffe.CS.Berkeley.EDU \**: 9350.(f 9351\**This example is contrived and probably inaccurate for your environment. 9352Glance over it to get an idea; 9353nothing can replace looking at what your own system generates. 9354.)f 9355.(b 9356V4 9357T711358135 9358K904446490 9359N0 9360P2100941 9361$_eric@localhost 9362${daemon_flags} 9363Seric 9364Ceric:100:1000:sendmail@vangogh.CS.Berkeley.EDU 9365RPFD:eric@mammoth.Berkeley.EDU 9366RPFD:bostic@okeeffe.CS.Berkeley.EDU 9367H?P?Return-path: <^g> 9368H??Received: by vangogh.CS.Berkeley.EDU (5.108/2.7) id AAA06703; 9369 Fri, 17 Jul 1992 00:28:55 -0700 9370H??Received: from mail.CS.Berkeley.EDU by vangogh.CS.Berkeley.EDU (5.108/2.7) 9371 id AAA06698; Fri, 17 Jul 1992 00:28:54 -0700 9372H??Received: from [128.32.31.21] by mail.CS.Berkeley.EDU (5.96/2.5) 9373 id AA22777; Fri, 17 Jul 1992 03:29:14 -0400 9374H??Received: by foo.bar.baz.de (5.57/Ultrix3.0-C) 9375 id AA22757; Fri, 17 Jul 1992 09:31:25 GMT 9376H?F?From: eric@foo.bar.baz.de (Eric Allman) 9377H?x?Full-name: Eric Allman 9378H??Message-id: <9207170931.AA22757@foo.bar.baz.de> 9379H??To: sendmail@vangogh.CS.Berkeley.EDU 9380H??Subject: this is an example message 9381.)b 9382This shows 9383the person who sent the message, 9384the submission time 9385(in seconds since January 1, 1970), 9386the message priority, 9387the message class, 9388the recipients, 9389and the headers for the message. 9390.+c "SUMMARY OF SUPPORT FILES" 9391.pp 9392This is a summary of the support files 9393that 9394.i sendmail 9395creates or generates. 9396Many of these can be changed by editing the sendmail.cf file; 9397check there to find the actual pathnames. 9398.nr ii 1i 9399.ip "/usr/\*(SD/sendmail" 9400The binary of 9401.i sendmail . 9402.ip /usr/\*(SB/newaliases 9403A link to /usr/\*(SD/sendmail; 9404causes the alias database to be rebuilt. 9405Running this program is completely equivalent to giving 9406.i sendmail 9407the 9408.b \-bi 9409flag. 9410.ip /usr/\*(SB/mailq 9411Prints a listing of the mail queue. 9412This program is equivalent to using the 9413.b \-bp 9414flag to 9415.i sendmail . 9416.ip /etc/mail/sendmail.cf 9417The configuration file, 9418in textual form. 9419.ip /etc/mail/helpfile 9420The SMTP help file. 9421.ip /etc/mail/statistics 9422A statistics file; need not be present. 9423.ip /etc/mail/sendmail.pid 9424Created in daemon mode; 9425it contains the process id of the current SMTP daemon. 9426If you use this in scripts; 9427use ``head \-1'' to get just the first line; 9428the second line contains the command line used to invoke the daemon, 9429and later versions of 9430.i sendmail 9431may add more information to subsequent lines. 9432.ip /etc/mail/aliases 9433The textual version of the alias file. 9434.ip /etc/mail/aliases.db 9435The alias file in 9436.i hash \|(3) 9437format. 9438.ip /etc/mail/aliases.{pag,dir} 9439The alias file in 9440.i ndbm \|(3) 9441format. 9442.ip /var/spool/mqueue 9443The directory in which the mail queue(s) 9444and temporary files reside. 9445.ip /var/spool/mqueue/qf* 9446Control (queue) files for messages. 9447.ip /var/spool/mqueue/df* 9448Data files. 9449.ip /var/spool/mqueue/tf* 9450Temporary versions of the qf files, 9451used during queue file rebuild. 9452.ip /var/spool/mqueue/xf* 9453A transcript of the current session. 9454.if o \ 9455\{\ 9456. bp 9457. rs 9458. sp |4i 9459. ce 2 9460This page intentionally left blank; 9461replace it with a blank sheet for double-sided output. 9462.\} 9463.\".ro 9464.\".ls 1 9465.\".tp 9466.\".sp 2i 9467.\".in 0 9468.\".ce 100 9469.\".sz 24 9470.\".b SENDMAIL 9471.\".sz 14 9472.\".sp 9473.\"INSTALLATION AND OPERATION GUIDE 9474.\".sp 9475.\".sz 10 9476.\"Eric Allman 9477.\".sp
|