1261363Sgshapiro# Copyright (c) 1998-2004 Proofpoint, Inc. and its suppliers. 264562Sgshapiro# All rights reserved. 338032Speter# Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 438032Speter# Copyright (c) 1988 538032Speter# The Regents of the University of California. All rights reserved. 638032Speter# 738032Speter# By using this file, you agree to the terms and conditions set 838032Speter# forth in the LICENSE file which can be found at the top level of 938032Speter# the sendmail distribution. 1038032Speter# 1138032Speter# 12266692Sgshapiro# $Id: README,v 8.393 2013-11-22 20:51:54 ca Exp $ 1338032Speter# 1438032Speter 1538032SpeterThis directory contains the source files for sendmail(TM). 1638032Speter 1790792Sgshapiro ******************************************************************* 1890792Sgshapiro !! Read sendmail/SECURITY for important installation information !! 1990792Sgshapiro ******************************************************************* 2038032Speter 2138032Speter ********************************************************** 2238032Speter ** Read below for more details on building sendmail. ** 2338032Speter ********************************************************** 2438032Speter 2538032Speter************************************************************************** 2638032Speter** IMPORTANT: Read the appropriate paragraphs in the section on ** 2738032Speter** ``Operating System and Compile Quirks''. ** 2838032Speter************************************************************************** 2938032Speter 3038032SpeterFor detailed instructions, please read the document ../doc/op/op.me: 3138032Speter 3290792Sgshapiro cd ../doc/op ; make op.ps op.txt 3338032Speter 34261363SgshapiroSendmail is a trademark of Proofpoint, Inc. 35203004SgshapiroUS Patent Numbers 6865671, 6986037. 3638032Speter 3738032Speter 3838032Speter+-------------------+ 3938032Speter| BUILDING SENDMAIL | 4038032Speter+-------------------+ 4138032Speter 4238032SpeterBy far, the easiest way to compile sendmail is to use the "Build" 4338032Speterscript: 4438032Speter 45182352Sgshapiro sh ./Build 4638032Speter 4738032SpeterThis uses the "uname" command to figure out what architecture you are 4838032Speteron and creates a proper Makefile accordingly. It also creates a 4938032Spetersubdirectory per object format, so that multiarchitecture support is 5038032Spetereasy. In general this should be all you need. IRIX 6.x users should 5138032Speterread the note below in the OPERATING SYSTEM AND COMPILE QUIRKS section. 5238032Speter 5338032SpeterIf you need to look at other include or library directories, use the 5438032Speter-I or -L flags on the command line, e.g., 5538032Speter 56182352Sgshapiro sh ./Build -I/usr/sww/include -L/usr/sww/lib 5738032Speter 5838032SpeterIt's also possible to create local site configuration in the file 5938032Spetersite.config.m4 (or another file settable with the -f flag). This 6038032Speterfile contains M4 definitions for various compilation values; the 6138032Spetermost useful are: 6238032Speter 6338032SpeterconfMAPDEF -D flags to specify database types to be included 6438032Speter (see below) 6538032SpeterconfENVDEF -D flags to specify other environment information 6638032SpeterconfINCDIRS -I flags for finding include files during compilation 6738032SpeterconfLIBDIRS -L flags for finding libraries during linking 6838032SpeterconfLIBS -l flags for selecting libraries during linking 6938032SpeterconfLDOPTS other ld(1) linker options 7038032Speter 7138032SpeterOthers can be found by examining Makefile.m4. Please read 7264562Sgshapiro../devtools/README for more information about the site.config.m4 7338032Speterfile. 7438032Speter 7538032SpeterYou can recompile from scratch using the -c flag with the Build 7638032Spetercommand. This removes the existing compilation directory for the 7794334Sgshapirocurrent platform and builds a new one. The -c flag must also 7894334Sgshapirobe used if any site.*.m4 file in devtools/Site/ is changed. 7938032Speter 8038032SpeterPorting to a new Unix-based system should be a matter of creating 8164562Sgshapiroan appropriate configuration file in the devtools/OS/ directory. 8238032Speter 8338032Speter 8438032Speter+----------------------+ 8538032Speter| DATABASE DEFINITIONS | 8638032Speter+----------------------+ 8738032Speter 8838032SpeterThere are several database formats that can be used for the alias files 8938032Speterand for general maps. When used for alias files they interact in an 9038032Speterattempt to be backward compatible. 9138032Speter 9238032SpeterThe options are: 9338032Speter 9438032SpeterNEWDB The new Berkeley DB package. Some systems (e.g., BSD/OS and 9538032Speter Digital UNIX 4.0) have some version of this package 9638032Speter pre-installed. If your system does not have Berkeley DB 9738032Speter pre-installed, or the version installed is not version 2.0 9838032Speter or greater (e.g., is Berkeley DB 1.85 or 1.86), get the 9938032Speter current version from http://www.sleepycat.com/. DO NOT 10038032Speter use a version from any of the University of California, 10138032Speter Berkeley "Net" or other distributions. If you are still 10238032Speter running BSD/386 1.x, you will need to upgrade the included 10338032Speter Berkeley DB library to a current version. NEWDB is included 10438032Speter automatically if the Build script can find a library named 10564562Sgshapiro libdb.a or libdb.so. 106110560Sgshapiro See also OPERATING SYSTEM AND COMPILE QUIRKS about Berkeley 107110560Sgshapiro DB versions, e.g., DB 4.1.x. 10838032SpeterNDBM The older NDBM implementation -- the very old V7 DBM 10938032Speter implementation is no longer supported. 11038032SpeterNIS Network Information Services. To use this you must have 11138032Speter NIS support on your system. 11238032SpeterNISPLUS NIS+ (the revised NIS released with Solaris 2). You must 11338032Speter have NIS+ support on your system to use this flag. 11438032SpeterHESIOD Support for Hesiod (from the DEC/Athena distribution). You 11538032Speter must already have Hesiod support on your system for this to 11638032Speter work. You may be able to get this to work with the MIT/Athena 11738032Speter version of Hesiod, but that's likely to be a lot of work. 11882017Sgshapiro BIND 8.X also includes Hesiod support. 11964562SgshapiroLDAPMAP Lightweight Directory Access Protocol support. You will 12064562Sgshapiro have to install the UMich or OpenLDAP 12164562Sgshapiro (http://www.openldap.org/) ldap and lber libraries to use 12264562Sgshapiro this flag. 12338032SpeterMAP_REGEX Regular Expression support. You will need to use an 12438032Speter operating system which comes with the POSIX regex() 12538032Speter routines or install a regexp library such as libregex from 12638032Speter the Free Software Foundation. 12790792SgshapiroDNSMAP DNS map support. Requires NAMED_BIND. 12890792SgshapiroPH_MAP PH map support. You will need the libphclient library from 129120256Sgshapiro the nph package (http://www-dev.cites.uiuc.edu/ph/nph/). 13064562SgshapiroMAP_NSD nsd map support (IRIX 6.5 and later). 131132943SgshapiroSOCKETMAP Support for a trivial query protocol over UNIX domain or TCP 132132943Sgshapiro sockets. 13338032Speter 13438032Speter>>> NOTE WELL for NEWDB support: If you want to get ndbm support, for 13538032Speter>>> Berkeley DB versions under 2.0, it is CRITICAL that you remove 13638032Speter>>> ndbm.o from libdb.a before you install it and DO NOT install ndbm.h; 13738032Speter>>> for Berkeley DB versions 2.0 through 2.3.14, remove dbm.o from libdb.a 13838032Speter>>> before you install it. If you don't delete these, there is absolutely 13938032Speter>>> no point to including -DNDBM, since it will just get you another 14038032Speter>>> (inferior) API to the same format database. These files OVERRIDE 14138032Speter>>> calls to ndbm routines -- in particular, if you leave ndbm.h in, 14238032Speter>>> you can find yourself using the new db package even if you don't 14338032Speter>>> define NEWDB. Berkeley DB versions later than 2.3.14 do not need 14438032Speter>>> to be modified. Please also consult the README in the top level 14538032Speter>>> directory of the sendmail distribution for other important information. 14638032Speter>>> 14738032Speter>>> Further note: DO NOT remove your existing /usr/include/ndbm.h -- 14838032Speter>>> you need that one. But do not install an updated ndbm.h in 14938032Speter>>> /usr/include, /usr/local/include, or anywhere else. 15038032Speter 15138032SpeterIf NEWDB and NDBM are defined (but not NIS), then sendmail will read 15238032SpeterNDBM format alias files, but the next time a newaliases is run the 15338032Speterformat will be converted to NEWDB; that format will be used forever 15438032Spetermore. This is intended as a transition feature. 15538032Speter 15638032SpeterIf NEWDB, NDBM, and NIS are all defined and the name of the file includes 15738032Speterthe string "/yp/", sendmail will rebuild BOTH the NEWDB and NDBM format 15838032Speteralias files. However, it will only read the NEWDB file; the NDBM format 15938032Speterfile is used only by the NIS subsystem. This is needed because the NIS 16038032Spetermaps on an NIS server are built directly from the NDBM files. 16138032Speter 16238032SpeterIf NDBM and NIS are defined (regardless of the definition of NEWDB), 16338032Speterand the filename includes the string "/yp/", sendmail adds the special 16438032Spetertokens "YP_LAST_MODIFIED" and "YP_MASTER_NAME", both of which are 16538032Speterrequired if the NDBM file is to be used as an NIS map. 16638032Speter 16794334SgshapiroAll of these flags are normally defined in a confMAPDEF setting in your 16894334Sgshapirosite.config.m4. 16938032Speter 17038032SpeterIf you define NEWDB or HESIOD you get the User Database (USERDB) 17138032Speterautomatically. Generally you do want to have NEWDB for it to do 17238032Speteranything interesting. See above for getting the Berkeley DB 17338032Speterpackage (i.e., NEWDB). There is no separate "user database" 17438032Speterpackage -- don't bother searching for it on the net. 17538032Speter 17638032SpeterHesiod and LDAP require libraries that may not be installed with your 17738032Spetersystem. These are outside of my ability to provide support. See the 17838032Speter"Quirks" section for more information. 17938032Speter 18038032SpeterThe regex map can be used to see if an address matches a certain regular 18138032Speterexpression. For example, all-numerics local parts are common spam 18238032Speteraddresses, so "^[0-9]+$" would match this. By using such a map in a 18338032Spetercheck_* rule-set, you can block a certain range of addresses that would 18438032Speterotherwise be considered valid. 18538032Speter 186132943SgshapiroThe socket map uses a simple request/reply protocol over TCP or 187132943SgshapiroUNIX domain sockets to query an external server. Both requests and 188132943Sgshapiroreplies are text based and encoded as netstrings. The socket map 189132943Sgshapirouses the same syntax as milters the specify the remote endpoint, 190132943Sgshapiroe.g.: 19180785Sgshapiro 192285303SgshapiroKmySocketMap socket inet:12345@127.0.0.1 193132943Sgshapiro 194132943SgshapiroSee doc/op/op.me for details. 195132943Sgshapiro 196285303Sgshapiro 19738032Speter+---------------+ 19838032Speter| COMPILE FLAGS | 19938032Speter+---------------+ 20038032Speter 20138032SpeterWherever possible, I try to make sendmail pull in the correct 20238032Spetercompilation options needed to compile on various environments based on 20338032Speterautomatically defined symbols. Some machines don't seem to have useful 20438032Spetersymbols available, requiring that a compilation flag be defined in 20564562Sgshapirothe Makefile; see the devtools/OS subdirectory for the supported 20638032Speterarchitectures. 20738032Speter 20838032SpeterIf you are a system to which sendmail has already been ported you 20938032Spetershould not have to touch the following symbols. But if you are porting, 21038032Speteryou may have to tweak the following compilation flags in conf.h in order 21138032Speterto get it to compile and link properly: 21238032Speter 21338032SpeterSYSTEM5 Adjust for System V (not necessarily Release 4). 21438032SpeterSYS5SIGNALS Use System V signal semantics -- the signal handler 21538032Speter is automatically dropped when the signal is caught. 21638032Speter If this is not set, use POSIX/BSD semantics, where the 21738032Speter signal handler stays in force until an exec or an 21838032Speter explicit delete. Implied by SYSTEM5. 21938032SpeterSYS5SETPGRP Use System V setpgrp() semantics. Implied by SYSTEM5. 22090792SgshapiroHASNICE Define this to zero if you lack the nice(2) system call. 22190792SgshapiroHASRRESVPORT Define this to zero if you lack the rresvport(3) system call. 22238032SpeterHASFCHMOD Define this to one if you have the fchmod(2) system call. 22338032Speter This improves security. 22464562SgshapiroHASFCHOWN Define this to one if you have the fchown(2) system call. 22590792Sgshapiro This is required for the TrustedUser option if sendmail 22690792Sgshapiro must rebuild an (alias) map. 22738032SpeterHASFLOCK Set this if you prefer to use the flock(2) system call 22838032Speter rather than using fcntl-based locking. Fcntl locking 22938032Speter has some semantic gotchas, but many vendor systems 23038032Speter also interface it to lockd(8) to do NFS-style locking. 23138032Speter Unfortunately, may vendors implementations of fcntl locking 23238032Speter is just plain broken (e.g., locks are never released, 23338032Speter causing your sendmail to deadlock; when the kernel runs 23438032Speter out of locks your system crashes). For this reason, I 23538032Speter recommend always defining this unless you are absolutely 23638032Speter certain that your fcntl locking implementation really works. 23738032SpeterHASUNAME Set if you have the "uname" system call. Implied by 23838032Speter SYSTEM5. 23938032SpeterHASUNSETENV Define this if your system library has the "unsetenv" 24038032Speter subroutine. 24138032SpeterHASSETSID Define this if you have the setsid(2) system call. This 24238032Speter is implied if your system appears to be POSIX compliant. 24338032SpeterHASINITGROUPS Define this if you have the initgroups(3) routine. 24438032SpeterHASSETVBUF Define this if you have the setvbuf(3) library call. 24538032Speter If you don't, setlinebuf will be used instead. This 24638032Speter defaults on if your compiler defines __STDC__. 24738032SpeterHASSETREUID Define this if you have setreuid(2) ***AND*** root can 24838032Speter use setreuid to change to an arbitrary user. This second 24938032Speter condition is not satisfied on AIX 3.x. You may find that 25038032Speter your system has setresuid(2), (for example, on HP-UX) in 25138032Speter which case you will also have to #define setreuid(r, e) 25238032Speter to be the appropriate call. Some systems (such as Solaris) 25338032Speter have a compatibility routine that doesn't work properly, 25438032Speter but may have "saved user ids" properly implemented so you 25538032Speter can ``#define setreuid(r, e) seteuid(e)'' and have it work. 25638032Speter The important thing is that you have a call that will set 25738032Speter the effective uid independently of the real or saved uid 25838032Speter and be able to set the effective uid back again when done. 25938032Speter There's a test program in ../test/t_setreuid.c that will 26038032Speter try things on your system. Setting this improves the 26138032Speter security, since sendmail doesn't have to read .forward 26238032Speter and :include: files as root. There are certain attacks 26338032Speter that may be unpreventable without this call. 26438032SpeterUSESETEUID Define this to 1 if you have a seteuid(2) system call that 26538032Speter will allow root to set only the effective user id to an 26638032Speter arbitrary value ***AND*** you have saved user ids. This is 26738032Speter preferable to HASSETREUID if these conditions are fulfilled. 26838032Speter These are the semantics of the to-be-released revision of 26938032Speter Posix.1. The test program ../test/t_seteuid.c will try 27038032Speter this out on your system. If you define both HASSETREUID 27138032Speter and USESETEUID, the former is ignored. 27290792SgshapiroHASSETEGID Define this if you have setegid(2) and it can be 27390792Sgshapiro used to set the saved gid. Please run t_dropgid in 27490792Sgshapiro test/ if you are not sure whether the call works. 27590792SgshapiroHASSETREGID Define this if you have setregid(2) and it can be 27690792Sgshapiro used to set the saved gid. Please run t_dropgid in 27790792Sgshapiro test/ if you are not sure whether the call works. 27890792SgshapiroHASSETRESGID Define this if you have setresgid(2) and it can be 27990792Sgshapiro used to set the saved gid. Please run t_dropgid in 28090792Sgshapiro test/ if you are not sure whether the call works. 28138032SpeterHASLSTAT Define this if you have symbolic links (and thus the 28238032Speter lstat(2) system call). This improves security. Unlike 28338032Speter most other options, this one is on by default, so you 28438032Speter need to #undef it in conf.h if you don't have symbolic 28538032Speter links (these days everyone does). 28638032SpeterHASSETRLIMIT Define this to 1 if you have the setrlimit(2) syscall. 28738032Speter You can define it to 0 to force it off. It is assumed 28838032Speter if you are running a BSD-like system. 28938032SpeterHASULIMIT Define this if you have the ulimit(2) syscall (System V 29038032Speter style systems). HASSETRLIMIT overrides, as it is more 29138032Speter general. 29238032SpeterHASWAITPID Define this if you have the waitpid(2) syscall. 29338032SpeterHASGETDTABLESIZE 29438032Speter Define this if you have the getdtablesize(2) syscall. 29538032SpeterHAS_ST_GEN Define this to 1 if your system has the st_gen field in 29638032Speter the stat structure (see stat(2)). 29764562SgshapiroHASSRANDOMDEV Define this if your system has the srandomdev(3) function 29864562Sgshapiro call. 29964562SgshapiroHASURANDOMDEV Define this if your system has /dev/urandom(4). 30064562SgshapiroHASSTRERROR Define this if you have the libc strerror(3) function (which 30138032Speter should be declared in <errno.h>), and it should be used 30238032Speter instead of sys_errlist. 303132943SgshapiroHASCLOSEFROM Define this if your system has closefrom(3). 304132943SgshapiroHASFDWALK Define this if your system has fdwalk(3). 30590792SgshapiroSM_CONF_GETOPT Define this as 0 if you need a reimplementation of getopt(3). 30638032Speter On some systems, getopt does very odd things if called 30738032Speter to scan the arguments twice. This flag will ask sendmail 30838032Speter to compile in a local version of getopt that works 309111823Sgshapiro properly. You may also need this if you build with 310111823Sgshapiro another library that introduces a non-standard getopt(3). 31138032SpeterNEEDSTRTOL Define this if your standard C library does not define 31238032Speter strtol(3). This will compile in a local version. 31338032SpeterNEEDFSYNC Define this if your standard C library does not define 31438032Speter fsync(2). This will try to simulate the operation using 31538032Speter fcntl(2); if that is not available it does nothing, which 31638032Speter isn't great, but at least it compiles and runs. 31738032SpeterHASGETUSERSHELL Define this to 1 if you have getusershell(3) in your 31838032Speter standard C library. If this is not defined, or is defined 31938032Speter to be 0, sendmail will scan the /etc/shells file (no 32038032Speter NIS-style support, defaults to /bin/sh and /bin/csh if 32138032Speter that file does not exist) to get a list of unrestricted 32238032Speter user shells. This is used to determine whether users 32338032Speter are allowed to forward their mail to a program or a file. 32438032SpeterNEEDPUTENV Define this if your system needs am emulation of the 32538032Speter putenv(3) call. Define to 1 to implement it in terms 32638032Speter of setenv(3) or to 2 to do it in terms of primitives. 32738032SpeterNOFTRUNCATE Define this if you don't have the ftruncate(2) syscall. 32838032Speter If you don't have this system call, there is an unavoidable 32938032Speter race condition that occurs when creating alias databases. 33038032SpeterGIDSET_T The type of entries in a gidset passed as the second 33138032Speter argument to getgroups(2). Historically this has been an 33238032Speter int, so this is the default, but some systems (such as 33338032Speter IRIX) pass it as a gid_t, which is an unsigned short. 33438032Speter This will make a difference, so it is important to get 33538032Speter this right! However, it is only an issue if you have 33638032Speter group sets. 33738032SpeterSLEEP_T The type returned by the system sleep() function. 33838032Speter Defaults to "unsigned int". Don't worry about this 33938032Speter if you don't have compilation problems. 34038032SpeterARBPTR_T The type of an arbitrary pointer -- defaults to "void *". 34138032Speter If you are an very old compiler you may need to define 34238032Speter this to be "char *". 34338032SpeterSOCKADDR_LEN_T The type used for the third parameter to accept(2), 34438032Speter getsockname(2), and getpeername(2), representing the 34538032Speter length of a struct sockaddr. Defaults to int. 34638032SpeterSOCKOPT_LEN_T The type used for the fifth parameter to getsockopt(2) 34738032Speter and setsockopt(2), representing the length of the option 34838032Speter buffer. Defaults to int. 34938032SpeterLA_TYPE The type of load average your kernel supports. These 35038032Speter can be one of: 35138032Speter LA_ZERO (1) -- it always returns the load average as 35238032Speter "zero" (and does so on all architectures). 35338032Speter LA_INT (2) to read /dev/kmem for the symbol avenrun and 35438032Speter interpret as a long integer. 35538032Speter LA_FLOAT (3) same, but interpret the result as a floating 35638032Speter point number. 35738032Speter LA_SHORT (6) to interpret as a short integer. 35838032Speter LA_SUBR (4) if you have the getloadavg(3) routine in your 35938032Speter system library. 36038032Speter LA_MACH (5) to use MACH-style load averages (calls 36138032Speter processor_set_info()), 36238032Speter LA_PROCSTR (7) to read /proc/loadavg and interpret it 36338032Speter as a string representing a floating-point 36438032Speter number (Linux-style). 36538032Speter LA_READKSYM (8) is an implementation suitable for some 36638032Speter versions of SVr4 that uses the MIOC_READKSYM ioctl 36738032Speter call to read /dev/kmem. 36838032Speter LA_DGUX (9) is a special implementation for DG/UX that uses 36938032Speter the dg_sys_info system call. 37038032Speter LA_HPUX (10) is an HP-UX specific version that uses the 37138032Speter pstat_getdynamic system call. 37238032Speter LA_IRIX6 (11) is an IRIX 6.x specific version that adapts 37338032Speter to 32 or 64 bit kernels; it is otherwise very similar 37438032Speter to LA_INT. 37538032Speter LA_KSTAT (12) uses the (Solaris-specific) kstat(3k) 37638032Speter implementation. 37738032Speter LA_DEVSHORT (13) reads a short from a system file (default: 37838032Speter /dev/table/avenrun) and scales it in the same manner 37938032Speter as LA_SHORT. 380147078Sgshapiro LA_LONGLONG (17) to read /dev/kmem for the symbol avenrun and 381147078Sgshapiro interpret as a long long integer (e.g., for 64 bit 382147078Sgshapiro systems). 38338032Speter LA_INT, LA_SHORT, LA_FLOAT, and LA_READKSYM have several 38438032Speter other parameters that they try to divine: the name of your 38538032Speter kernel, the name of the variable in the kernel to examine, 38638032Speter the number of bits of precision in a fixed point load average, 38738032Speter and so forth. LA_DEVSHORT uses _PATH_AVENRUN to find the 38838032Speter device to be read to find the load average. 38938032Speter In desperation, use LA_ZERO. The actual code is in 39038032Speter conf.c -- it can be tweaked if you are brave. 39138032SpeterFSHIFT For LA_INT, LA_SHORT, and LA_READKSYM, this is the number 39238032Speter of bits of load average after the binary point -- i.e., 39338032Speter the number of bits to shift right in order to scale the 39438032Speter integer to get the true integer load average. Defaults to 8. 39538032Speter_PATH_UNIX The path to your kernel. Needed only for LA_INT, LA_SHORT, 39638032Speter and LA_FLOAT. Defaults to "/unix" on System V, "/vmunix" 39738032Speter everywhere else. 39838032SpeterLA_AVENRUN For LA_INT, LA_SHORT, and LA_FLOAT, the name of the kernel 39938032Speter variable that holds the load average. Defaults to "avenrun" 40038032Speter on System V, "_avenrun" everywhere else. 40138032SpeterSFS_TYPE Encodes how your kernel can locate the amount of free 40238032Speter space on a disk partition. This can be set to SFS_NONE 40338032Speter (0) if you have no way of getting this information, 40438032Speter SFS_USTAT (1) if you have the ustat(2) system call, 40538032Speter SFS_4ARGS (2) if you have a four-argument statfs(2) 40638032Speter system call (and the include file is <sys/statfs.h>), 40738032Speter SFS_VFS (3), SFS_MOUNT (4), SFS_STATFS (5) if you have 40838032Speter the two-argument statfs(2) system call with includes in 40938032Speter <sys/vfs.h>, <sys/mount.h>, or <sys/statfs.h> respectively, 41038032Speter or SFS_STATVFS (6) if you have the two-argument statvfs(2) 41138032Speter call. The default if nothing is defined is SFS_NONE. 41238032SpeterSFS_BAVAIL with SFS_4ARGS you can also set SFS_BAVAIL to the field name 41338032Speter in the statfs structure that holds the useful information; 41438032Speter this defaults to f_bavail. 41538032SpeterSPT_TYPE Encodes how your system can display what a process is doing 41638032Speter on a ps(1) command (SPT stands for Set Process Title). Can 41738032Speter be set to: 41838032Speter SPT_NONE (0) -- Don't try to set the process title at all. 41938032Speter SPT_REUSEARGV (1) -- Pad out your argv with the information; 42038032Speter this is the default if none specified. 42138032Speter SPT_BUILTIN (2) -- The system library has setproctitle. 42238032Speter SPT_PSTAT (3) -- Use the PSTAT_SETCMD option to pstat(2) 42338032Speter to set the process title; this is used by HP-UX. 42438032Speter SPT_PSSTRINGS (4) -- Use the magic PS_STRINGS pointer (4.4BSD). 42538032Speter SPT_SYSMIPS (5) -- Use sysmips() supported by NEWS-OS 6. 42638032Speter SPT_SCO (6) -- Write kernel u. area. 42738032Speter SPT_CHANGEARGV (7) -- Write pointers to our own strings into 42838032Speter the existing argv vector. 42938032SpeterSPT_PADCHAR Character used to pad the process title; if undefined, 43038032Speter the space character (0x20) is used. This is ignored if 43138032Speter SPT_TYPE != SPT_REUSEARGV 43238032SpeterERRLIST_PREDEFINED 43338032Speter If set, assumes that some header file defines sys_errlist. 43438032Speter This may be needed if you get type conflicts on this 43538032Speter variable -- otherwise don't worry about it. 43638032SpeterWAITUNION The wait(2) routine takes a "union wait" argument instead 43738032Speter of an integer argument. This is for compatibility with 43838032Speter old versions of BSD. 43938032SpeterSCANF You can set this to extend the F command to accept a 44038032Speter scanf string -- this gives you a primitive parser for 44138032Speter class definitions -- BUT it can make you vulnerable to 44238032Speter core dumps if the target file is poorly formed. 44338032SpeterSYSLOG_BUFSIZE You can define this to be the size of the buffer that 44438032Speter syslog accepts. If it is not defined, it assumes a 44538032Speter 1024-byte buffer. If the buffer is very small (under 44638032Speter 256 bytes) the log message format changes -- each 44738032Speter e-mail message will log many more messages, since it 44838032Speter will log each piece of information as a separate line 44938032Speter in syslog. 45038032SpeterBROKEN_RES_SEARCH 45138032Speter On Ultrix (and maybe other systems?) if you use the 45238032Speter res_search routine with an unknown host name, it returns 45338032Speter -1 but sets h_errno to 0 instead of HOST_NOT_FOUND. If 45438032Speter you set this, sendmail considers 0 to be the same as 45538032Speter HOST_NOT_FOUND. 45638032SpeterNAMELISTMASK If defined, values returned by nlist(3) are masked 45738032Speter against this value before use -- a common value is 45838032Speter 0x7fffffff to strip off the top bit. 45938032SpeterBSD4_4_SOCKADDR If defined, socket addresses have an sa_len field that 46038032Speter defines the length of this address. 46138032SpeterSAFENFSPATHCONF Set this to 1 if and only if you have verified that a 46238032Speter pathconf(2) call with _PC_CHOWN_RESTRICTED argument on an 46338032Speter NFS filesystem where the underlying system allows users to 46438032Speter give away files to other users returns <= 0. Be sure you 46538032Speter try both on NFS V2 and V3. Some systems assume that their 46638032Speter local policy apply to NFS servers -- this is a bad 46738032Speter assumption! The test/t_pathconf.c program will try this 46838032Speter for you -- you have to run it in a directory that is 46938032Speter mounted from a server that allows file giveaway. 47038032SpeterSIOCGIFCONF_IS_BROKEN 47138032Speter Set this if your system has an SIOCGIFCONF ioctl defined, 47238032Speter but it doesn't behave the same way as "most" systems (BSD, 47338032Speter Solaris, SunOS, HP-UX, etc.) 47438032SpeterSIOCGIFNUM_IS_BROKEN 47538032Speter Set this if your system has an SIOCGIFNUM ioctl defined, 47638032Speter but it doesn't behave the same way as "most" systems 47738032Speter (Solaris, HP-UX). 47864562SgshapiroFAST_PID_RECYCLE 47964562Sgshapiro Set this if your system can reuse the same PID in the same 48064562Sgshapiro second. 48164562SgshapiroSO_REUSEADDR_IS_BROKEN 48264562Sgshapiro Set this if your system has a setsockopt() SO_REUSEADDR 48364562Sgshapiro flag but doesn't pay attention to it when trying to bind a 48464562Sgshapiro socket to a recently closed port. 48577349SgshapiroNEEDSGETIPNODE Set this if your system supports IPv6 but doesn't include 48677349Sgshapiro the getipnodeby{name,addr}() functions. Set automatically 48777349Sgshapiro for Linux's glibc. 48890792SgshapiroPIPELINING Support SMTP PIPELINING (set by default). 48990792SgshapiroUSING_NETSCAPE_LDAP 49094334Sgshapiro Deprecated in favor of SM_CONF_LDAP_MEMFREE. See 49194334Sgshapiro libsm/README. 49290792SgshapiroNEEDLINK Set this if your system doesn't have a link() call. It 49390792Sgshapiro will create a copy of the file instead of a hardlink. 49490792SgshapiroUSE_ENVIRON Set this to 1 to access process environment variables from 49590792Sgshapiro the external variable environ instead of the third 49690792Sgshapiro parameter of main(). 49790792SgshapiroUSE_DOUBLE_FORK By default this is on (1). Set it to 0 to suppress the 49890792Sgshapiro extra fork() used to avoid intermediate zombies. 499112810SgshapiroALLOW_255 Do not convert (char)0xff to (char)0x7f in headers etc. 500112810Sgshapiro This can also be done at runtime with the command line 501112810Sgshapiro option -d82.101. 502132943SgshapiroNEEDINTERRNO Set this if <errno.h> does not declare errno, i.e., if an 503132943Sgshapiro application needs to use 504132943Sgshapiro extern int errno; 505132943SgshapiroUSE_TTYPATH Set this to 1 to enable ErrorMode=write. 506132943SgshapiroUSESYSCTL Use sysctl(3) to determine the number of CPUs in a system. 507157001SgshapiroHASSNPRINTF Set this to 1 if your OS has a working snprintf(3), i.e., 508157001Sgshapiro it properly obeys the size of the buffer and returns the 509157001Sgshapiro number of characters that would have been printed if the 510157001Sgshapiro size were unlimited. 511157001SgshapiroLDAP_REFERRALS Set this if you want to use the -R flag (do not auto chase 512157001Sgshapiro referrals) for LDAP maps (requires -DLDAPMAP). 513168515SgshapiroMILTER_NO_NAGLE Turn off Nagle algorithm for communication with libmilter 514168515Sgshapiro ("cork" on Linux). On some operating systems this may 515168515Sgshapiro improve the interprocess communication performance. 51638032Speter 51780785Sgshapiro 51838032Speter+-----------------------+ 51938032Speter| COMPILE-TIME FEATURES | 52038032Speter+-----------------------+ 52138032Speter 52238032SpeterThere are a bunch of features that you can decide to compile in, such 52338032Speteras selecting various database packages and special protocol support. 52438032SpeterSeveral are assumed based on other compilation flags -- if you want to 52538032Speter"un-assume" something, you probably need to edit conf.h. Compilation 52638032Speterflags that add support for special features include: 52738032Speter 52838032SpeterNDBM Include support for "new" DBM library for aliases and maps. 52938032Speter Normally defined in the Makefile. 53038032SpeterNEWDB Include support for Berkeley DB package (hash & btree) 53138032Speter for aliases and maps. Normally defined in the Makefile. 53238032Speter If the version of NEWDB you have is the old one that does 53338032Speter not include the "fd" call (this call was added in version 53438032Speter 1.5 of the Berkeley DB code), you must upgrade to the 53538032Speter current version of Berkeley DB. 53638032SpeterNIS Define this to get NIS (YP) support for aliases and maps. 53738032Speter Normally defined in the Makefile. 53838032SpeterNISPLUS Define this to get NIS+ support for aliases and maps. 53938032Speter Normally defined in the Makefile. 54038032SpeterHESIOD Define this to get Hesiod support for aliases and maps. 54138032Speter Normally defined in the Makefile. 54238032SpeterNETINFO Define this to get NeXT NetInfo support for aliases and maps. 54338032Speter Normally defined in the Makefile. 54464562SgshapiroLDAPMAP Define this to get LDAP support for maps. 54564562SgshapiroPH_MAP Define this to get PH support for maps. 54664562SgshapiroMAP_NSD Define this to get nsd support for maps. 54738032SpeterUSERDB Define this to 1 to include support for the User Information 54838032Speter Database. Implied by NEWDB or HESIOD. You can use 54938032Speter -DUSERDB=0 to explicitly turn it off. 55038032SpeterIDENTPROTO Define this as 1 to get IDENT (RFC 1413) protocol support. 55138032Speter This is assumed unless you are running on Ultrix or 55238032Speter HP-UX, both of which have a problem in the UDP 55338032Speter implementation. You can define it to be 0 to explicitly 55438032Speter turn off IDENT protocol support. If defined off, the code 55538032Speter is actually still compiled in, but it defaults off; you 55664562Sgshapiro can turn it on by setting the IDENT timeout in the 55738032Speter configuration file. 55838032SpeterIP_SRCROUTE Define this to 1 to get IP source routing information 55938032Speter displayed in the Received: header. This is assumed on 56038032Speter most systems, but some (e.g., Ultrix) apparently have a 56138032Speter broken version of getsockopt that doesn't properly 56238032Speter support the IP_OPTIONS call. You probably want this if 56338032Speter your OS can cope with it. Symptoms of failure will be that 56438032Speter it won't compile properly (that is, no support for fetching 56538032Speter IP_OPTIONs), or it compiles but source-routed TCP connections 56638032Speter either refuse to open or open and hang for no apparent reason. 56738032Speter Ultrix and AIX3 are known to fail this way. 56838032SpeterLOG Set this to get syslog(3) support. Defined by default 56938032Speter in conf.h. You want this if at all possible. 57038032SpeterNETINET Set this to get TCP/IP support. Defined by default 57138032Speter in conf.h. You probably want this. 57264562SgshapiroNETINET6 Set this to get IPv6 support. Other configuration may 57364562Sgshapiro be needed in conf.h for your particular operating system. 57464562Sgshapiro Also, DaemonPortOptions must be set appropriately for 57564562Sgshapiro sendmail to accept IPv6 connections. 57638032SpeterNETISO Define this to get ISO networking support. 57738032SpeterNETUNIX Define this to get Unix domain networking support. Defined 57838032Speter by default. A few bizarre systems (SCO, ISC, Altos) don't 57938032Speter support this networking domain. 58064562SgshapiroNETNS Define this to get NS networking support. 58164562SgshapiroNETX25 Define this to get X.25 networking support. 58238032SpeterNAMED_BIND If non-zero, include DNS (name daemon) support, including 58338032Speter MX support. The specs say you must use this if you run 58438032Speter SMTP. You don't have to be running a name server daemon 58538032Speter on your machine to need this -- any use of the DNS resolver, 58638032Speter including remote access to another machine, requires this 58738032Speter option. Defined by default in conf.h. Define it to zero 58838032Speter ONLY on machines that do not use DNS in any way. 58938032SpeterMATCHGECOS Permit fuzzy matching of user names against the full 59038032Speter name (GECOS) field in the /etc/passwd file. This should 59138032Speter probably be on, since you can disable it from the config 59238032Speter file if you want to. Defined by default in conf.h. 59338032SpeterMIME8TO7 If non-zero, include 8 to 7 bit MIME conversions. This 59438032Speter also controls advertisement of 8BITMIME in the ESMTP 59538032Speter startup dialogue. 596125820SgshapiroMIME7TO8_OLD If 0 then use an algorithm for MIME 7-bit quoted-printable 597125820Sgshapiro or base64 encoding to 8-bit text that has been introduced 598125820Sgshapiro in 8.12.3. There are some examples where that code fails, 599125820Sgshapiro but the old code works. If you have an example of improper 600125820Sgshapiro 7 to 8 bit conversion please send it to sendmail-bugs. 60138032SpeterMIME7TO8 If non-zero, include 7 to 8 bit MIME conversions. 60238032SpeterHES_GETMAILHOST Define this to 1 if you are using Hesiod with the 60338032Speter hes_getmailhost() routine. This is included with the MIT 60438032Speter Hesiod distribution, but not with the DEC Hesiod distribution. 60538032SpeterXDEBUG Do additional internal checking. These don't cost too 60638032Speter much; you might as well leave this on. 60738032SpeterTCPWRAPPERS Turns on support for the TCP wrappers library (-lwrap). 60838032Speter See below for further information. 60938032SpeterSECUREWARE Enable calls to the SecureWare luid enabling/changing routines. 61038032Speter SecureWare is a C2 security package added to several UNIX's 61138032Speter (notably ConvexOS) to get a C2 Secure system. This 61238032Speter option causes mail delivery to be done with the luid of the 61338032Speter recipient. 61438032SpeterSHARE_V1 Support for the fair share scheduler, version 1. Setting to 61538032Speter 1 causes final delivery to be done using the recipients 61638032Speter resource limitations. So far as I know, this is only 61738032Speter supported on ConvexOS. 61890792SgshapiroSASL Enables SMTP AUTH (RFC 2554). This requires the Cyrus SASL 61964562Sgshapiro library (ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/). Please 62064562Sgshapiro install at least version 1.5.13. See below for further 62164562Sgshapiro information: SASL COMPILATION AND CONFIGURATION. If your 62264562Sgshapiro SASL library is older than 1.5.10, you have to set this 62364562Sgshapiro to its version number using a simple conversion: a.b.c 62464562Sgshapiro -> c + b*100 + a*10000, e.g. for 1.5.9 define SASL=10509. 62564562Sgshapiro Note: Using an older version than 1.5.5 of Cyrus SASL is 62690792Sgshapiro not supported. Starting with version 1.5.10, setting SASL=1 62790792Sgshapiro is sufficient. Any value other than 1 (or 0) will be 62864562Sgshapiro compared with the actual version found and if there is a 62964562Sgshapiro mismatch, compilation will fail. 63064562SgshapiroEGD Define this if your system has EGD installed, see 63194334Sgshapiro http://egd.sourceforge.net/ . It should be used to 63264562Sgshapiro seed the PRNG for STARTTLS if HASURANDOMDEV is not defined. 63390792SgshapiroSTARTTLS Enables SMTP STARTTLS (RFC 2487). This requires OpenSSL 634285303Sgshapiro (http://www.OpenSSL.org/); use OpenSSL 0.9.8zc or later. 63564562Sgshapiro See STARTTLS COMPILATION AND CONFIGURATION for further 63664562Sgshapiro information. 63764562SgshapiroTLS_NO_RSA Turn off support for RSA algorithms in STARTTLS. 638132943SgshapiroMILTER Turn on support for external filters using the Milter API; 639132943Sgshapiro this option is set by default, to turn it off use 640141858Sgshapiro APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER=0') 641132943Sgshapiro in devtools/Site/site.config.m4 (see devtools/README). 642132943Sgshapiro See libmilter/README for more information about milter. 64390792SgshapiroREQUIRES_DIR_FSYNC Turn on support for file systems that require to 64490792Sgshapiro call fsync() for a directory if the meta-data in it has 645110560Sgshapiro been changed. This should be turned on at least for older 646110560Sgshapiro versions of ReiserFS; it is enabled by default for Linux. 647110560Sgshapiro According to some information this flag is not needed 648110560Sgshapiro anymore for kernel 2.4.16 and newer. We would appreciate 649110560Sgshapiro feedback about the semantics of the various file systems 650110560Sgshapiro available for Linux. 651110560Sgshapiro An alternative to this compile time flag is to mount the 652110560Sgshapiro queue directory without the -async option, or using 653110560Sgshapiro chattr +S on Linux. 65498121SgshapiroDBMMODE The default file permissions to use when creating new 65598121Sgshapiro database files for maps and aliases. Defaults to 0640. 656285303SgshapiroIPV6_FULL Use uncompressed IPv6 addresses (set by default). This 657285303Sgshapiro permits a zero subnet to have a more specific match, 658285303Sgshapiro such as different map entries for IPv6:0:0 vs IPv6:0. 65938032Speter 66080785SgshapiroGeneric notice: If you enable a compile time option that needs 66180785Sgshapirolibraries or include files that don't come with sendmail or are 66280785Sgshapiroinstalled in a location that your C compiler doesn't use by default 66380785Sgshapiroyou should set confINCDIRS and confLIBDIRS as explained in the 66480785Sgshapirofirst section: BUILDING SENDMAIL. 66580785Sgshapiro 66680785Sgshapiro 66738032Speter+---------------------+ 66838032Speter| DNS/RESOLVER ISSUES | 66938032Speter+---------------------+ 67038032Speter 67138032SpeterMany systems have old versions of the resolver library. At a minimum, 67238032Speteryou should be running BIND 4.8.3; older versions may compile, but they 67338032Speterhave known bugs that should give you pause. 67438032Speter 67538032SpeterCommon problems in old versions include "undefined" errors for 67638032Speterdn_skipname. 67738032Speter 67838032SpeterSome people have had a problem with BIND 4.9; it uses some routines 67938032Speterthat it expects to be externally defined such as strerror(). It may 68038032Speterhelp to link with "-l44bsd" to solve this problem. This has apparently 68138032Speterbeen fixed in later versions of BIND, starting around 4.9.3. In other 68238032Speterwords, if you use 4.9.0 through 4.9.2, you need -l44bsd; for earlier or 68338032Speterlater versions, you do not. 68438032Speter 68538032Speter!PLEASE! be sure to link with the same version of the resolver as 68638032Speterthe header files you used -- some people have used the 4.9 headers 68738032Speterand linked with BIND 4.8 or vice versa, and it doesn't work. 68838032SpeterUnfortunately, it doesn't fail in an obvious way -- things just 68938032Spetersubtly don't work. 69038032Speter 69138032SpeterWILDCARD MX RECORDS ARE A BAD IDEA! The only situation in which they 69238032Speterwork reliably is if you have two versions of DNS, one in the real world 69338032Speterwhich has a wildcard pointing to your firewall, and a completely 69438032Speterdifferent version of the database internally that does not include 69538032Speterwildcard MX records that match your domain. ANYTHING ELSE WILL GIVE 69638032SpeterYOU HEADACHES! 69738032Speter 69871345SgshapiroWhen attempting to canonify a hostname, some broken name servers will 69971345Sgshapiroreturn SERVFAIL (a temporary failure) on T_AAAA (IPv6) lookups. If you 70090792Sgshapirowant to excuse this behavior, include WorkAroundBrokenAAAA in 70190792SgshapiroResolverOptions. However, instead, we recommend catching the problem and 70290792Sgshapiroreporting it to the name server administrator so we can rid the world of 70390792Sgshapirobroken name servers. 70438032Speter 70580785Sgshapiro 70664562Sgshapiro+----------------------------------------+ 70764562Sgshapiro| STARTTLS COMPILATION AND CONFIGURATION | 70864562Sgshapiro+----------------------------------------+ 70964562Sgshapiro 71090792SgshapiroPlease read the documentation accompanying the OpenSSL library. You 71190792Sgshapirohave to compile and install the OpenSSL libraries before you can compile 71264562Sgshapirosendmail. See devtools/README how to set the correct compile time 71364562Sgshapiroparameters; you should at least set the following variables: 71464562Sgshapiro 71564562SgshapiroAPPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') 71664562SgshapiroAPPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto') 71764562Sgshapiro 71880785SgshapiroIf you have installed the OpenSSL libraries and include files in 71980785Sgshapiroa location that your C compiler doesn't use by default you should 72080785Sgshapiroset confINCDIRS and confLIBDIRS as explained in the first section: 72180785SgshapiroBUILDING SENDMAIL. 72280785Sgshapiro 72364562SgshapiroConfiguration information can be found in doc/op/op.me (required 72464562Sgshapirocertificates) and cf/README (how to tell sendmail about certificates). 72564562Sgshapiro 72664562SgshapiroTo perform an initial test, connect to your sendmail daemon 72764562Sgshapiro(telnet localhost 25) and issue a EHLO localhost and see whether 72864562Sgshapiro250-STARTTLS 72964562Sgshapirois in the response. If it isn't, run the daemon with 73064562Sgshapiro-O LogLevel=14 73164562Sgshapiroand try again. Then take a look at the logfile and see whether 73264562Sgshapirothere are any problems listed about permissions (unsafe files) 73364562Sgshapiroor the validity of X.509 certificates. 73464562Sgshapiro 735110560SgshapiroFrom: Garrett Wollman <wollman@lcs.mit.edu> 736110560Sgshapiro 737110560Sgshapiro If your certificate authority is hierarchical, and you only include 738110560Sgshapiro the top-level CA certificate in the CACertFile file, some mail clients 739110560Sgshapiro may be unable to infer the proper certificate chain when selecting a 740110560Sgshapiro client certificate. Including the bottom-level CA certificate(s) in 741110560Sgshapiro the CACertFile file will allow these clients to work properly. This 742110560Sgshapiro is not necessary if you are not using client certificates for 743110560Sgshapiro authentication, or if all your clients are running Sendmail or other 744110560Sgshapiro programs using the OpenSSL library (which get it right automatically). 745110560Sgshapiro In addition, some mail clients are totally incapable of using 746110560Sgshapiro certificate authentication -- even some of those which already support 747110560Sgshapiro SSL/TLS for confidentiality. 748110560Sgshapiro 74964562SgshapiroFurther information can be found via: 75064562Sgshapirohttp://www.sendmail.org/tips/ 75164562Sgshapiro 75264562Sgshapiro 75364562Sgshapiro+------------------------------------+ 75464562Sgshapiro| SASL COMPILATION AND CONFIGURATION | 75564562Sgshapiro+------------------------------------+ 75664562Sgshapiro 75790792SgshapiroPlease read the documentation accompanying the Cyrus SASL library 75890792Sgshapiro(INSTALL and README). If you use Berkeley DB for Cyrus SASL then 75990792Sgshapiroyou must compile sendmail with the same version of Berkeley DB. 760110560SgshapiroSee devtools/README for how to set the correct compile time parameters; 76190792Sgshapiroyou should at least set the following variables: 76264562Sgshapiro 76380785SgshapiroAPPENDDEF(`conf_sendmail_ENVDEF', `-DSASL') 76480785SgshapiroAPPENDDEF(`conf_sendmail_LIBS', `-lsasl') 76580785Sgshapiro 76680785SgshapiroIf you have installed the Cyrus SASL library and include files in 76780785Sgshapiroa location that your C compiler doesn't use by default you should 76880785Sgshapiroset confINCDIRS and confLIBDIRS as explained in the first section: 76980785SgshapiroBUILDING SENDMAIL. 77080785Sgshapiro 77164562SgshapiroYou have to select and install authentication mechanisms and tell 77264562Sgshapirosendmail where to find the sasl library and the include files (see 773110560Sgshapirodevtools/README for the parameters to set). Set up the required 77464562Sgshapirousers and passwords as explained in the SASL documentation. See 77590792Sgshapiroalso cf/README for authentication related options (especially 77690792SgshapiroDefaultAuthInfo if you want authentication between MTAs). 77764562Sgshapiro 77864562SgshapiroTo perform an initial test, connect to your sendmail daemon 77964562Sgshapiro(telnet localhost 25) and issue a EHLO localhost and see whether 78064562Sgshapiro250-AUTH .... 78164562Sgshapirois in the response. If it isn't, run the daemon with 78264562Sgshapiro-O LogLevel=14 78364562Sgshapiroand try again. Then take a look at the logfile and see whether 78464562Sgshapirothere are any security related problems listed (unsafe files). 78564562Sgshapiro 78664562SgshapiroFurther information can be found via: 78764562Sgshapirohttp://www.sendmail.org/tips/ 78864562Sgshapiro 78964562Sgshapiro 79038032Speter+-------------------------------------+ 79138032Speter| OPERATING SYSTEM AND COMPILE QUIRKS | 79238032Speter+-------------------------------------+ 79338032Speter 79438032SpeterGCC problems 79590792Sgshapiro When compiling with "gcc -O -Wall" specify "-DSM_OMIT_BOGUS_WARNINGS" 79690792Sgshapiro too (see include/sm/cdefs.h for more info). 79790792Sgshapiro 79838032Speter ***************************************************************** 79938032Speter ** IMPORTANT: DO NOT USE OPTIMIZATION (``-O'') IF YOU ARE ** 80038032Speter ** RUNNING GCC 2.4.x or 2.5.x. THERE IS A BUG IN THE GCC ** 80138032Speter ** OPTIMIZER THAT CAUSES SENDMAIL COMPILES TO FAIL MISERABLY. ** 80238032Speter ***************************************************************** 80338032Speter 80438032Speter Jim Wilson of Cygnus believes he has found the problem -- it will 80538032Speter probably be fixed in GCC 2.5.6 -- but until this is verified, be 80638032Speter very suspicious of gcc -O. This problem is reported to have been 80738032Speter fixed in gcc 2.6. 80838032Speter 80938032Speter A bug in gcc 2.5.5 caused problems compiling sendmail 8.6.5 with 81038032Speter optimization on a Sparc. If you are using gcc 2.5.5, youi should 81138032Speter upgrade to the latest version of gcc. 81238032Speter 81338032Speter Apparently GCC 2.7.0 on the Pentium processor has optimization 81438032Speter problems. I recommend against using -O on that architecture. This 81538032Speter has been seen on FreeBSD 2.0.5 RELEASE. 81638032Speter 81738032Speter Solaris 2.X users should use version 2.7.2.3 over 2.7.2. 81838032Speter 81938032Speter We have been told there are problems with gcc 2.8.0. If you are 82038032Speter using this version, you should upgrade to 2.8.1 or later. 82138032Speter 822110560SgshapiroBerkeley DB 823110560Sgshapiro Berkeley DB 4.1.x with x <= 24 does not work with sendmail. 824110560Sgshapiro You need at least 4.1.25. 825110560Sgshapiro 826110560SgshapiroGDBM GDBM does not work with sendmail because the additional 82738032Speter security checks and file locking cause problems. Unfortunately, 82838032Speter gdbm does not provide a compile flag in its version of ndbm.h so 82938032Speter the code can adapt. Until the GDBM authors can fix these problems, 83038032Speter GDBM will not be supported. Please use Berkeley DB instead. 83138032Speter 83238032SpeterConfiguration file location 83338032Speter Up to 8.6, sendmail tried to find the sendmail.cf file in the same 83438032Speter place as the vendors had put it, even when this was obviously 83538032Speter stupid. As of 8.7, sendmail ALWAYS looks for /etc/sendmail.cf. 83664562Sgshapiro Beginning with 8.10, sendmail uses /etc/mail/sendmail.cf. 83738032Speter You can get sendmail to use the stupid vendor .cf location by 83838032Speter adding -DUSE_VENDOR_CF_PATH during compilation, but this may break 83938032Speter support programs and scripts that need to find sendmail.cf. You 84038032Speter are STRONGLY urged to use symbolic links if you want to use the 84138032Speter vendor location rather than changing the location in the sendmail 84238032Speter binary. 84338032Speter 84464562Sgshapiro NETINFO systems use NETINFO to determine the location of 84590792Sgshapiro sendmail.cf. The full path to sendmail.cf is stored as the value of 84664562Sgshapiro the "sendmail.cf" property in the "/locations/sendmail" 84790792Sgshapiro subdirectory of NETINFO. Set the value of this property to 84864562Sgshapiro "/etc/mail/sendmail.cf" (without the quotes) to use this new 84964562Sgshapiro default location for Sendmail 8.10.0 and higher. 85064562Sgshapiro 85164562SgshapiroControlSocket permissions 85264562Sgshapiro Paraphrased from BIND 8.2.1's README: 85364562Sgshapiro 85464562Sgshapiro Solaris and other pre-4.4BSD kernels do not respect ownership or 85564562Sgshapiro protections on UNIX-domain sockets. The short term fix for this is to 85664562Sgshapiro override the default path and put such control sockets into root- 85764562Sgshapiro owned directories which do not permit non-root to r/w/x through them. 85864562Sgshapiro The long term fix is for all kernels to upgrade to 4.4BSD semantics. 85964562Sgshapiro 86090792SgshapiroHP MPE/iX 86190792Sgshapiro The MPE-specific code within sendmail emulates a set-user-id root 86290792Sgshapiro environment for the sendmail binary. But there is no root uid 0 on 86390792Sgshapiro MPE, nor is there any support for set-user-id programs. Even when 86490792Sgshapiro sendmail thinks it is running as uid 0, it will still have the file 86590792Sgshapiro access rights of the underlying non-zero uid, but because sendmail is 86690792Sgshapiro an MPE priv-mode program it will still be able to call setuid() to 86790792Sgshapiro successfully switch to a new uid. 86890792Sgshapiro 86990792Sgshapiro MPE setgid() semantics don't quite work the way sendmail expects, so 87090792Sgshapiro special emulation is done here also. 87190792Sgshapiro 87290792Sgshapiro This uid/gid emulation is enabled via the setuid/setgid file mode bits 87390792Sgshapiro which are not currently used by MPE. Code in libsm/mpeix.c examines 87490792Sgshapiro these bits and enables emulation if they have been set, i.e., 87590792Sgshapiro chmod u+s,g+s /SENDMAIL/CURRENT/SENDMAIL. 87690792Sgshapiro 87738032SpeterSunOS 4.x (Solaris 1.x) 87838032Speter You may have to use -lresolv on SunOS. However, beware that 87938032Speter this links in a new version of gethostbyname that does not 88038032Speter understand NIS, so you must have all of your hosts in DNS. 88138032Speter 88238032Speter Some people have reported problems with the SunOS version of 88338032Speter -lresolv and/or in.named, and suggest that you get a newer 88438032Speter version. The symptoms are delays when you connect to the 88538032Speter SMTP server on a SunOS machine or having your domain added to 88638032Speter addresses inappropriately. There is a version of BIND 88738032Speter version 4.9 on gatekeeper.DEC.COM in pub/BSD/bind/4.9. 88838032Speter 88938032Speter There is substantial disagreement about whether you can make 89038032Speter this work with resolv+, which allows you to specify a search-path 89138032Speter of services. Some people report that it works fine, others 89238032Speter claim it doesn't work at all (including causing sendmail to 89338032Speter drop core when it tries to do multiple resolv+ lookups for a 89438032Speter single job). I haven't tried resolv+, as we use DNS exclusively. 89538032Speter 89638032Speter Should you want to try resolv+, it is on ftp.uu.net in 89738032Speter /networking/ip/dns. 89838032Speter 89938032Speter Apparently getservbyname() can fail under moderate to high 90038032Speter load under some circumstances. This will exhibit itself as 90138032Speter the message ``554 makeconnection: service "smtp" unknown''. 90238032Speter The problem has been traced to one or more blank lines in 90338032Speter /etc/services on the NIS server machine. Delete these 90438032Speter and it should work. This info is thanks to Brian Bartholomew 90538032Speter <bb@math.ufl.edu> of I-Kinetics, Inc. 90638032Speter 90764562Sgshapiro NOTE: The SunOS 4.X linker uses library paths specified during 90864562Sgshapiro compilation using -L for run-time shared library searches. 90964562Sgshapiro Therefore, it is vital that relative and unsafe directory paths not 91064562Sgshapiro be used when compiling sendmail. 91164562Sgshapiro 91238032SpeterSunOS 4.0.2 (Sun 386i) 91338032Speter Date: Fri, 25 Aug 1995 11:13:58 +0200 (MET DST) 91438032Speter From: teus@oce.nl 91538032Speter 91638032Speter Sendmail 8.7.Beta.12 compiles and runs nearly out of the box with the 91738032Speter following changes: 91838032Speter * Don't use /usr/5bin in your PATH, but make /usr/5bin/uname 91938032Speter available as "uname" command. 92038032Speter * Use the defines "-DBSD4_3 -DNAMED_BIND=0" in 92164562Sgshapiro devtools/OS/SunOS.4.0, which is selected via the "uname" command. 92238032Speter I recommend to make available the db-library on the system first 92338032Speter (and change the Makefile to use this library). 92438032Speter Note that the sendmail.cf and aliases files are found in /etc. 92538032Speter 92638032SpeterSunOS 4.1.3, 4.1.3_U1 92738032Speter Sendmail causes crashes on SunOS 4.1.3 and 4.1.3_U1. According 92838032Speter to Sun bug number 1077939: 92938032Speter 93038032Speter If an application does a getsockopt() on a SOCK_STREAM (TCP) socket 93138032Speter after the other side of the connection has sent a TCP RESET for 93238032Speter the stream, the kernel gets a Bus Trap in the tcp_ctloutput() or 93338032Speter ip_ctloutput() routine. 93438032Speter 93538032Speter For 4.1.3, this is fixed in patch 100584-08, available on the 93638032Speter Sunsolve 2.7.1 or later CDs. For 4.1.3_U1, this was fixed in patch 93738032Speter 101790-01 (SunOS 4.1.3_U1: TCP socket and reset problems), later 93838032Speter obsoleted by patch 102010-05. 93938032Speter 94038032Speter Sun patch 100584-08 is not currently publicly available on their 94138032Speter ftp site but a user has reported it can be found at other sites 94238032Speter using a web search engine. 94338032Speter 94438032SpeterSolaris 2.x (SunOS 5.x) 94538032Speter To compile for Solaris, the Makefile built by Build must 94638032Speter include a SOLARIS definition which reflects the Solaris version 94738032Speter (i.e. -DSOLARIS=20400 for 2.4 or -DSOLARIS=20501 for 2.5.1). 94838032Speter If you are using gcc, make sure -I/usr/include is not used (or 94938032Speter it might complain about TopFrame). If you are using Sun's cc, 95038032Speter make sure /opt/SUNWspro/bin/cc is used instead of /usr/ucb/cc 95138032Speter (or it might complain about tm_zone). 95238032Speter 95394334Sgshapiro The Solaris 2.x (x <= 3) "syslog" function is apparently limited 95494334Sgshapiro to something about 90 characters because of a kernel limitation. 95594334Sgshapiro If you have source code, you can probably up this number. You 95694334Sgshapiro can get patches that fix this problem: the patch ids are: 95738032Speter 95838032Speter Solaris 2.1 100834 95938032Speter Solaris 2.2 100999 96038032Speter Solaris 2.3 101318 96138032Speter 96238032Speter Be sure you have the appropriate patch installed or you won't 96338032Speter see system logging. 96438032Speter 96538032SpeterSolaris 2.4 (SunOS 5.4) 96638032Speter If you include /usr/lib at the end of your LD_LIBRARY_PATH you run 96738032Speter the risk of getting the wrong libraries under some circumstances. 96838032Speter This is because of a new feature in Solaris 2.4, described by 96938032Speter Rod.Evans@Eng.Sun.COM: 97038032Speter 97138032Speter >> Prior to SunOS 5.4, any LD_LIBRARY_PATH setting was ignored by the 97238032Speter >> runtime linker if the application was setxid (secure), thus your 97338032Speter >> applications search path would be: 97438032Speter >> 97538032Speter >> /usr/local/lib LD_LIBRARY_PATH component - IGNORED 97638032Speter >> /usr/lib LD_LIBRARY_PATH component - IGNORED 97738032Speter >> /usr/local/lib RPATH - honored 97838032Speter >> /usr/lib RPATH - honored 97938032Speter >> 98038032Speter >> the effect is that path 3 would be the first used, and this would 98138032Speter >> satisfy your resolv.so lookup. 98238032Speter >> 98338032Speter >> In SunOS 5.4 we made the LD_LIBRARY_PATH a little more flexible. 98438032Speter >> People who developed setxid applications wanted to be able to alter 98538032Speter >> the library search path to some degree to allow for their own 98638032Speter >> testing and debugging mechanisms. It was decided that the only 98738032Speter >> secure way to do this was to allow a `trusted' path to be used in 98838032Speter >> LD_LIBRARY_PATH. The only trusted directory we presently define 98990792Sgshapiro >> is /usr/lib. Thus a set-user-ID root developer could play with some 99038032Speter >> alternative shared object implementations and place them in 99138032Speter >> /usr/lib (being root we assume they'ed have access to write in this 99238032Speter >> directory). This change was made as part of 1155380 - after a 99338032Speter >> *huge* amount of discussion regarding the security aspect of things. 99438032Speter >> 99538032Speter >> So, in SunOS 5.4 your applications search path would be: 99638032Speter >> 99738032Speter >> /usr/local/lib from LD_LIBRARY_PATH - IGNORED (untrustworthy) 99838032Speter >> /usr/lib from LD_LIBRARY_PATH - honored (trustworthy) 99938032Speter >> /usr/local/lib from RPATH - honored 100038032Speter >> /usr/lib from RPATH - honored 100138032Speter >> 100238032Speter >> here, path 2 would be the first used. 100338032Speter 100438032SpeterSolaris 2.5.1 (SunOS 5.5.1) and 2.6 (SunOS 5.6) 100538032Speter Apparently Solaris 2.5.1 patch 103663-01 installs a new 100638032Speter /usr/include/resolv.h file that defines the __P macro without 100738032Speter checking to see if it is already defined. This new resolv.h is also 100890792Sgshapiro included in the Solaris 2.6 distribution. This causes compile 100938032Speter warnings such as: 101038032Speter 101138032Speter In file included from daemon.c:51: 101238032Speter /usr/include/resolv.h:208: warning: `__P' redefined 101338032Speter cdefs.h:58: warning: this is the location of the previous definition 101438032Speter 101538032Speter These warnings can be safely ignored or you can create a resolv.h 101638032Speter file in the obj.SunOS.5.5.1.* or obj.SunOS.5.6.* directory that reads: 101738032Speter 101838032Speter #undef __P 101938032Speter #include "/usr/include/resolv.h" 102038032Speter 102190792Sgshapiro This problem was fixed in Solaris 7 (Sun bug ID 4081053). 102238032Speter 102364562SgshapiroSolaris 7 (SunOS 5.7) 102464562Sgshapiro Solaris 7 includes LDAP libraries but the implementation was 102564562Sgshapiro lacking a few things. The following settings can be placed in 102664562Sgshapiro devtools/Site/site.SunOS.5.7.m4 if you plan on using those 102764562Sgshapiro libraries. 102864562Sgshapiro 102964562Sgshapiro APPENDDEF(`confMAPDEF', `-DLDAPMAP') 103064562Sgshapiro APPENDDEF(`confENVDEF', `-DLDAP_VERSION_MAX=3') 103164562Sgshapiro APPENDDEF(`confLIBS', `-lldap') 103264562Sgshapiro 103364562Sgshapiro Also, Sun's patch 107555 is needed to prevent a crash in the call 103464562Sgshapiro to ldap_set_option for LDAP_OPT_REFERRALS in ldapmap_setopts if 103564562Sgshapiro LDAP support is compiled in sendmail. 103664562Sgshapiro 103790792SgshapiroSolaris 8 and later (SunOS 5.8 and later) 103890792Sgshapiro Solaris 8 and later can optionally install LDAP support. If you 103990792Sgshapiro have installed the Entire Distribution meta-cluster, you can use 104090792Sgshapiro the following in devtools/Site/site.SunOS.5.8.m4 (or other 104190792Sgshapiro appropriately versioned file) to enable LDAP: 104290792Sgshapiro 104390792Sgshapiro APPENDDEF(`confMAPDEF', `-DLDAPMAP') 104490792Sgshapiro APPENDDEF(`confLIBS', `-lldap') 104590792Sgshapiro 104690792SgshapiroSolaris 9 and later (SunOS 5.9 and later) 104790792Sgshapiro Solaris 9 and later have a revised LDAP library, libldap.so.5, 104890792Sgshapiro which is derived from a Netscape implementation, thus requiring 104994334Sgshapiro that SM_CONF_LDAP_MEMFREE be defined in conjunction with LDAPMAP: 105090792Sgshapiro 105194334Sgshapiro APPENDDEF(`confMAPDEF', `-DLDAPMAP') 105294334Sgshapiro APPENDDEF(`confENVDEF', `-DSM_CONF_LDAP_MEMFREE') 105390792Sgshapiro APPENDDEF(`confLIBS', `-lldap') 105490792Sgshapiro 105571345SgshapiroSolaris 105671345Sgshapiro If you are using dns for hostname resolution on Solaris, make sure 105771345Sgshapiro that the 'dns' entry is last on the hosts line in 105871345Sgshapiro '/etc/nsswitch.conf'. For example, use: 105971345Sgshapiro 106071345Sgshapiro hosts: nisplus files dns 106171345Sgshapiro 106271345Sgshapiro Do not use: 106371345Sgshapiro 1064110560Sgshapiro hosts: nisplus dns [NOTFOUND=return] files 106571345Sgshapiro 106671345Sgshapiro Note that 'nisplus' above is an illustration. The same comment 106771345Sgshapiro applies no matter what naming services you are using. If you have 106871345Sgshapiro anything other than dns last, even after "[NOTFOUND=return]", 106971345Sgshapiro sendmail may not be able to determine whether an error was 107071345Sgshapiro temporary or permanent. The error returned by the solaris 107171345Sgshapiro gethostbyname() is the error for the last lookup used, and other 107271345Sgshapiro naming services do not have the same concept of temporary failure. 107371345Sgshapiro 107438032SpeterUltrix 107538032Speter By default, the IDENT protocol is turned off on Ultrix. If you 107638032Speter are running Ultrix 4.4 or later, or if you have included patch 107738032Speter CXO-8919 for Ultrix 4.2 or 4.3 to fix the TCP problem, you can turn 107864562Sgshapiro IDENT on in the configuration file by setting the "ident" timeout. 107938032Speter 108064562Sgshapiro The Ultrix 4.5 Y2K patch (ULTV45-022-1) has changed the resolver 108164562Sgshapiro included in libc.a. Unfortunately, the __RES symbol hasn't changed 108264562Sgshapiro and therefore, sendmail can no longer automatically detect the 108364562Sgshapiro newer version. If you get a compiler error: 108464562Sgshapiro 108564562Sgshapiro /lib/libc.a(gethostent.o): local_hostname_length: multiply defined 108664562Sgshapiro 108764562Sgshapiro Then rebuild with this in devtools/Site/site.ULTRIX.m4: 108864562Sgshapiro 108964562Sgshapiro APPENDDEF(`conf_sendmail_ENVDEF', `-DNEEDLOCAL_HOSTNAME_LENGTH=0') 109064562Sgshapiro 109138032SpeterDigital UNIX (formerly DEC OSF/1) 109238032Speter If you are compiling on OSF/1 (DEC Alpha), you must use 109338032Speter -L/usr/shlib (otherwise it core dumps on startup). You may also 109438032Speter need -mld to get the nlist() function, although some versions 109538032Speter apparently don't need this. 109664562Sgshapiro 109738032Speter Also, the enclosed makefile removed /usr/sbin/smtpd; if you need 109838032Speter it, just create the link to the sendmail binary. 109938032Speter 110038032Speter On DEC OSF/1 3.2 or earlier, the MatchGECOS option doesn't work 110138032Speter properly due to a bug in the getpw* routines. If you want to use 110238032Speter this, use -DDEC_OSF_BROKEN_GETPWENT=1. The problem is fixed in 3.2C. 110338032Speter 110438032Speter Digital's mail delivery agent, /bin/mail (aka /bin/binmail), will 110538032Speter only preserve the envelope sender in the "From " header if 110638032Speter DefaultUserID is set to daemon. Setting this to mailnull will 110738032Speter cause all mail to have the header "From mailnull ...". To use 110838032Speter a different DefaultUserID, you will need to use a different mail 110938032Speter delivery agent (such as mail.local found in the sendmail 111038032Speter distribution). 111138032Speter 111238032Speter On Digital UNIX 4.0 and later, Berkeley DB 1.85 is included with the 111338032Speter operating system and already has the ndbm.o module removed. However, 111438032Speter Digital has modified the original Berkeley DB db.h include file. 111538032Speter This results in the following warning while compiling map.c and udb.c: 111638032Speter 111738032Speter cc: Warning: /usr/include/db.h, line 74: The redefinition of the macro 111838032Speter "__signed" conflicts with a current definition because the replacement 111938032Speter lists differ. The redefinition is now in effect. 112038032Speter #define __signed signed 112138032Speter ------------------------^ 112238032Speter 112338032Speter This warning can be ignored. 112438032Speter 112542575Speter Digital UNIX's linker checks /usr/ccs/lib/ before /usr/lib/. 112642575Speter If you have installed a new version of BIND in /usr/include 112742575Speter and /usr/lib, you will experience difficulties as Digital ships 112842575Speter libresolv.a in /usr/ccs/lib/ as well. Be sure to replace both 112942575Speter copies of libresolv.a. 113042575Speter 113138032SpeterIRIX 113238032Speter The header files on SGI IRIX are completely prototyped, and as 113338032Speter a result you can sometimes get some warning messages during 113438032Speter compilation. These can be ignored. There are two errors in 113538032Speter deliver only if you are using gcc, both of the form ``warning: 113638032Speter passing arg N of `execve' from incompatible pointer type''. 113738032Speter Also, if you compile with -DNIS, you will get a complaint 113838032Speter about a declaration of struct dom_binding in a prototype 113938032Speter when compiling map.c; this is not important because the 114038032Speter function being prototyped is not used in that file. 114138032Speter 114238032Speter In order to compile sendmail you will have had to install 114338032Speter the developers' option in order to get the necessary include 114438032Speter files. 114538032Speter 114638032Speter If you compile with -lmalloc (the fast memory allocator), you may 114738032Speter get warning messages such as the following: 114838032Speter 114938032Speter ld32: WARNING 85: definition of _calloc in /usr/lib32/libmalloc.so 115038032Speter preempts that definition in /usr/lib32/mips3/libc.so. 115138032Speter ld32: WARNING 85: definition of _malloc in /usr/lib32/libmalloc.so 115238032Speter preempts that definition in /usr/lib32/mips3/libc.so. 115338032Speter ld32: WARNING 85: definition of _realloc in /usr/lib32/libmalloc.so 115438032Speter preempts that definition in /usr/lib32/mips3/libc.so. 115538032Speter ld32: WARNING 85: definition of _free in /usr/lib32/libmalloc.so 115638032Speter preempts that definition in /usr/lib32/mips3/libc.so. 115738032Speter ld32: WARNING 85: definition of _cfree in /usr/lib32/libmalloc.so 115838032Speter preempts that definition in /usr/lib32/mips3/libc.so. 115938032Speter 116038032Speter These are unavoidable and innocuous -- just ignore them. 116138032Speter 116238032Speter According to Dave Sill <de5@ornl.gov>, there is a version of the 116338032Speter Berkeley DB library patched to run on Irix 6.2 available from 116438032Speter http://reality.sgi.com/ariel/freeware/#db . 116538032Speter 116638032SpeterIRIX 6.x 116764562Sgshapiro If you are using XFS filesystem, avoid using the -32 ABI switch to 116864562Sgshapiro the cc compiler if possible. 116938032Speter 117073188Sgshapiro Broken inet_aton and inet_ntoa on IRIX using gcc: There's 117173188Sgshapiro a problem with gcc on IRIX, i.e., gcc can't pass structs 117273188Sgshapiro less than 16 bits long unless they are 8 bits; IRIX 6.2 has 117373188Sgshapiro some other sized structs. See 117473188Sgshapiro http://www.bitmechanic.com/mail-archives/mysql/current/0418.html 117590792Sgshapiro This problem seems to be fixed by gcc v2.95.2, gcc v2.8.1 117690792Sgshapiro is reported as broken. Check your gcc version for this bug 117790792Sgshapiro before installing sendmail. 117873188Sgshapiro 117964562SgshapiroIRIX 6.4 118064562Sgshapiro The IRIX 6.5.4 version of /bin/m4 does not work properly with 118164562Sgshapiro sendmail. Either install fw_m4.sw.m4 off the Freeware_May99 CD and 118264562Sgshapiro use /usr/freeware/bin/m4 or install and use GNU m4. 118338032Speter 118438032SpeterNeXT or NEXTSTEP 118538032Speter NEXTSTEP 3.3 and earlier ship with the old DBM library. Also, 118638032Speter Berkeley DB does not currently run on NEXTSTEP. 118738032Speter 118838032Speter If you are compiling on NEXTSTEP, you will have to create an 118938032Speter empty file "unistd.h" and create a file "dirent.h" containing: 119038032Speter 119138032Speter #include <sys/dir.h> 119238032Speter #define dirent direct 119338032Speter 119464562Sgshapiro (devtools/OS/NeXT should try to do both of these for you.) 119538032Speter 119638032Speter Apparently, there is a bug in getservbyname on Nextstep 3.0 119738032Speter that causes it to fail under some circumstances with the 119838032Speter message "SYSERR: service "smtp" unknown" logged. You should 119938032Speter be able to work around this by including the line: 120038032Speter 120138032Speter OOPort=25 120238032Speter 120338032Speter in your .cf file. 120438032Speter 120538032SpeterBSDI (BSD/386) 1.0, NetBSD 0.9, FreeBSD 1.0 120638032Speter The "m4" from BSDI won't handle the config files properly. 120738032Speter I haven't had a chance to test this myself. 120838032Speter 120938032Speter The M4 shipped in FreeBSD and NetBSD 0.9 don't handle the config 121090792Sgshapiro files properly. One must use either GNU m4 1.1 or the PD-M4 121138032Speter recently posted in comp.os.386bsd.bugs (and maybe others). 121238032Speter NetBSD-current includes the PD-M4 (as stated in the NetBSD file 121338032Speter CHANGES). 121464562Sgshapiro 121590792Sgshapiro FreeBSD 1.0 RELEASE has uname(2) now. Use -DUSEUNAME in order to 121690792Sgshapiro use it (look into devtools/OS/FreeBSD). NetBSD-current may have 121738032Speter it too but it has not been verified. 121838032Speter 121938032Speter The latest version of Berkeley DB uses a different naming 122038032Speter scheme than the version that is supplied with your release. This 122138032Speter means you will be able to use the current version of Berkeley DB 122238032Speter with sendmail as long you use the new db.h when compiling 122364562Sgshapiro sendmail and link it against the new libdb.a or libdb.so. You 122464562Sgshapiro should probably keep the original db.h in /usr/include and the 122564562Sgshapiro new db.h in /usr/local/include. 122638032Speter 122738032Speter4.3BSD 122838032Speter If you are running a "virgin" version of 4.3BSD, you'll have 122938032Speter a very old resolver and be missing some header files. The 123038032Speter header files are simple -- create empty versions and everything 123138032Speter will work fine. For the resolver you should really port a new 123238032Speter version (4.8.3 or later) of the resolver; 4.9 is available on 123338032Speter gatekeeper.DEC.COM in pub/BSD/bind/4.9. If you are really 123438032Speter determined to continue to use your old, buggy version (or as 123538032Speter a shortcut to get sendmail working -- I'm sure you have the 123638032Speter best intentions to port a modern version of BIND), you can 123773188Sgshapiro copy ../contrib/oldbind.compat.c into sendmail and add the 123873188Sgshapiro following to devtools/Site/site.config.m4: 123938032Speter 124073188Sgshapiro APPENDDEF(`confOBJADD', `oldbind.compat.o') 124173188Sgshapiro 124290792SgshapiroOpenBSD (up to 2.9 Release), NetBSD, FreeBSD (up to 4.3-RELEASE) 124390792Sgshapiro m4 from *BSD won't handle libsm/Makefile.m4 properly, since the 124490792Sgshapiro maximum length for strings is too short. You need to use GNU m4 124590792Sgshapiro or patch m4, see for example: 124690792Sgshapiro http://FreeBSD.org/cgi/cvsweb.cgi/src/usr.bin/m4/eval.c.diff?r1=1.11&r2=1.12 124790792Sgshapiro 124838032SpeterA/UX 124938032Speter Date: Tue, 12 Oct 1993 18:28:28 -0400 (EDT) 125038032Speter From: "Eric C. Hagberg" <hagberg@med.cornell.edu> 125138032Speter Subject: Fix for A/UX ndbm 125238032Speter 125338032Speter I guess this isn't really a sendmail bug, however, it is something 125438032Speter that A/UX users should be aware of when compiling sendmail 8.6. 125538032Speter 125638032Speter Apparently, the calls that sendmail is using to the ndbm routines 125738032Speter in A/UX 3.0.x contain calls to "broken" routines, in that the 125838032Speter aliases database will break when it gets "just a little big" 125938032Speter (sorry I don't have exact numbers here, but it broke somewhere 126038032Speter around 20-25 aliases for me.), making all aliases non-functional 126138032Speter after exceeding this point. 126238032Speter 126338032Speter What I did was to get the gnu-dbm-1.6 package, compile it, and 126438032Speter then re-compile sendmail with "-lgdbm", "-DNDBM", and using the 126590792Sgshapiro ndbm.h header file that comes with the gnu-package. This makes 126638032Speter things behave properly. 126738032Speter [NOTE: see comment above about GDBM] 126838032Speter 126938032Speter I suppose porting the New Berkeley DB package is another route, 127038032Speter however, I made a quick attempt at it, and found it difficult 127138032Speter (not easy at least); the gnu-dbm package "configured" and 127238032Speter compiled easily. 127338032Speter 127438032Speter [NOTE: Berkeley DB version 2.X runs on A/UX and can be used for 127538032Speter database maps.] 127638032Speter 127738032SpeterSCO Unix 127838032Speter From: Thomas Essebier <tom@stallion.oz.au> 127938032Speter Organisation: Stallion Technologies Pty Ltd. 128038032Speter 128138032Speter It will probably help those who are trying to configure sendmail 8.6.9 128238032Speter to know that if they are on SCO, they had better set 128338032Speter OI-dnsrch 128438032Speter or they will core dump as soon as they try to use the resolver. 128590792Sgshapiro i.e., although SCO has _res.dnsrch defined, and is kinda BIND 4.8.3, 128690792Sgshapiro it does not inititialise it, nor does it understand 'search' in 128738032Speter /etc/named.boot. 128838032Speter - sigh - 128938032Speter 129064562Sgshapiro According to SCO, the m4 which ships with UnixWare 2.1.2 is broken. 129138032Speter We recommend installing GNU m4 before attempting to build sendmail. 129238032Speter 129390792Sgshapiro On some versions a bogus error value is listed if connections 129490792Sgshapiro time out (large negative number). To avoid this explicitly set 129590792Sgshapiro Timeout.connect to a reasonable value (several minutes). 129690792Sgshapiro 129738032SpeterDG/UX 129838032Speter Doug Anderson <dlander@afterlife.ncsc.mil> has successfully run 129938032Speter V8 on the DG/UX 5.4.2 and 5.4R3.x platforms under heavy usage. 130038032Speter Originally, the DG /bin/mail program wasn't compatible with 130138032Speter the V8 sendmail, since the DG /bin/mail requires the environment 130238032Speter variable "_FORCE_MAIL_LOCAL_=yes" be set. Version 8.7 now includes 130338032Speter this in the environment before invoking the local mailer. Some 130438032Speter have used procmail to avoid this problem in the past. It works 130538032Speter but some have experienced file locking problems with their DG/UX 130638032Speter ports of procmail. 130738032Speter 130838032SpeterApollo DomainOS 130938032Speter If you are compiling on Apollo, you will have to create an empty 131038032Speter file "unistd.h" (for DomainOS 10.3 and earlier) and create a file 131138032Speter "dirent.h" containing: 131238032Speter 131338032Speter #include <sys/dir.h> 131438032Speter #define dirent direct 131538032Speter 131664562Sgshapiro (devtools/OS/DomainOS will attempt to do both of these for you.) 131738032Speter 131838032SpeterHP-UX 8.00 131938032Speter Date: Mon, 24 Jan 1994 13:25:45 +0200 132038032Speter From: Kimmo Suominen <Kimmo.Suominen@lut.fi> 132138032Speter Subject: 8.6.5 w/ HP-UX 8.00 on s300 132238032Speter 132390792Sgshapiro Just compiled and fought with sendmail 8.6.5 on a HP9000/360 (i.e., 132490792Sgshapiro a series 300 machine) running HP-UX 8.00. 132538032Speter 132638032Speter I was getting segmentation fault when delivering to a local user. 132738032Speter With debugging I saw it was faulting when doing _free@libc... *sigh* 132838032Speter It seems the new implementation of malloc on s300 is buggy as of 8.0, 132938032Speter so I tried out the one in -lmalloc (malloc(3X)). With that it seems 133038032Speter to work just dandy. 133138032Speter 133238032Speter When linking, you will get the following error: 133338032Speter 133438032Speter ld: multiply defined symbol _freespace in file /usr/lib/libmalloc.a 133538032Speter 133638032Speter but you can just ignore it. You might want to add this info to the 133738032Speter README file for the future... 133838032Speter 133938032SpeterLinux 134098841Sgshapiro Something broke between versions 0.99.13 and 0.99.14 of Linux: the 134198841Sgshapiro flock() system call gives errors. If you are running .14, you must 134298841Sgshapiro not use flock. You can do this with -DHASFLOCK=0. We have also 1343132943Sgshapiro been getting complaints since version 2.4.X was released. 1344132943Sgshapiro sendmail 8.13 has changed the default locking method to fcntl() 1345132943Sgshapiro for Linux kernel version 2.4 and later. Be sure to update other 1346132943Sgshapiro sendmail related programs to match locking techniques (some 1347132943Sgshapiro examples, besides makemap and mail.local, include procmail, mailx, 1348132943Sgshapiro mutt, elm, etc). 134938032Speter 135038032Speter Around the inclusion of bind-4.9.3 & Linux libc-4.6.20, the 135138032Speter initialization of the _res structure changed. If /etc/hosts.conf 135238032Speter was configured as "hosts, bind" the resolver code could return 135338032Speter "Name server failure" errors. This is supposedly fixed in 135438032Speter later versions of libc (>= 4.6.29?), and later versions of 135538032Speter sendmail (> 8.6.10) try to work around the problem. 135638032Speter 135738032Speter Some older versions (< 4.6.20?) of the libc/include files conflict 135838032Speter with sendmail's version of cdefs.h. Deleting sendmail's version 135938032Speter on those systems should be non-harmful, and new versions don't care. 136038032Speter 136138032Speter NOTE ON LINUX & BIND: By default, the Makefile generated for Linux 136238032Speter includes header files in /usr/local/include and libraries in 136338032Speter /usr/local/lib. If you've installed BIND on your system, the header 136438032Speter files typically end up in the search path and you need to add 136538032Speter "-lresolv" to the LIBS line in your Makefile. Really old versions 136638032Speter may need to include "-l44bsd" as well (particularly if the link phase 136738032Speter complains about missing strcasecmp, strncasecmp or strpbrk). 136838032Speter Complaints about an undefined reference to `__dn_skipname' in 136938032Speter domain.o are a sure sign that you need to add -lresolv to LIBS. 137038032Speter Newer versions of Linux are basically threaded BIND, so you may or 137138032Speter may not see complaints if you accidentally mix BIND 137238032Speter headers/libraries with virginal libc. If you have BIND headers in 137338032Speter /usr/local/include (resolv.h, etc) you *should* be adding -lresolv 137438032Speter to LIBS. Data structures may change and you'd be asking for a 137538032Speter core dump. 137638032Speter 137743730Speter A number of problems have been reported regarding the Linux 2.2.0 137843730Speter kernel. So far, these problems have been tracked down to syslog() 137943730Speter and DNS resolution. We believe the problem is with the poll() 138043730Speter implementation in the Linux 2.2.0 kernel and poll()-aware versions 138143730Speter of glib (at least up to 2.0.111). 138243730Speter 138373188Sgshapiroglibc 138473188Sgshapiro glibc 2.2.1 (and possibly other versions) changed the value of 138573188Sgshapiro __RES in resolv.h but failed to actually provide the IPv6 API 138673188Sgshapiro changes that the change implied. Therefore, compiling with 138773188Sgshapiro -DNETINET6 fails. 138873188Sgshapiro 138973188Sgshapiro Workarounds: 139073188Sgshapiro 1) Compile without -DNETINET6 139173188Sgshapiro 2) Build against a real BIND 8.2.2 include/lib tree 139273188Sgshapiro 3) Wait for glibc to fix it 139373188Sgshapiro 139464562SgshapiroAIX 4.X 139564562Sgshapiro The AIX 4.X linker uses library paths specified during compilation 139664562Sgshapiro using -L for run-time shared library searches. Therefore, it is 139764562Sgshapiro vital that relative and unsafe directory paths not be using when 139864562Sgshapiro compiling sendmail. Because of this danger, by default, compiles 139964562Sgshapiro on AIX use the -blibpath option to limit shared libraries to 140064562Sgshapiro /usr/lib and /lib. If you need to allow more directories, such as 140164562Sgshapiro /usr/local/lib, modify your devtools/Site/site.AIX.4.2.m4, 140264562Sgshapiro site.AIX.4.3.m4, and/or site.AIX.4.x.m4 file(s) and set confLDOPTS 1403110560Sgshapiro appropriately. For example: 140464562Sgshapiro 140564562Sgshapiro define(`confLDOPTS', `-blibpath:/usr/lib:/lib:/usr/local/lib') 140664562Sgshapiro 140764562Sgshapiro Be sure to only add (safe) system directories. 140864562Sgshapiro 140964562Sgshapiro The AIX version of GNU ld also exhibits this problem. If you are 141064562Sgshapiro using that version, instead of -blibpath, use its -rpath option. 141164562Sgshapiro For example: 141264562Sgshapiro 141364562Sgshapiro gcc -Wl,-rpath /usr/lib -Wl,-rpath /lib -Wl,-rpath /usr/local/lib 141464562Sgshapiro 141590792SgshapiroAIX 4.X If the test program t-event (and most others) in libsm fails, 141690792Sgshapiro check your compiler settings. It seems that the flags -qnoro or 141790792Sgshapiro -qnoroconst on some AIX versions trigger a compiler bug. Check 141890792Sgshapiro your compiler settings or use cc instead of xlc. 141990792Sgshapiro 142090792SgshapiroAIX 4.0-4.2, maybe some AIX 4.3 versions 142190792Sgshapiro The AIX m4 implements a different mechanism for ifdef which is 142290792Sgshapiro inconsistent with other versions of m4. Therefore, it will not 142390792Sgshapiro work properly with the sendmail Build architecture or m4 142490792Sgshapiro configuration method. To work around this problem, please use 142590792Sgshapiro GNU m4 from ftp://ftp.gnu.org/pub/gnu/. 142690792Sgshapiro The problem seems to be solved in AIX 4.3.3 at least. 142790792Sgshapiro 142864562SgshapiroAIX 4.3.3 142964562Sgshapiro From: Valdis.Kletnieks@vt.edu 143064562Sgshapiro Date: Sun, 02 Jul 2000 03:58:02 -0400 143164562Sgshapiro 143264562Sgshapiro Under AIX 4.3.3, after applying bos.adt.include 4.3.3.12 to close the 143366494Sgshapiro BIND 8.2.2 security holes, you can no longer build with -DNETINET6 143464562Sgshapiro because they changed the value of __RES in resolv.h but failed to 143564562Sgshapiro actually provide the API changes that the change implied. 143664562Sgshapiro 143764562Sgshapiro Workarounds: 143864562Sgshapiro 1) Compile without -DNETINET6 143973188Sgshapiro 2) Build against a real BIND 8.2.2 include/lib tree 144064562Sgshapiro 3) Wait for IBM to fix it 144164562Sgshapiro 144238032SpeterAIX 3.x 144338032Speter This version of sendmail does not support MB, MG, and MR resource 144438032Speter records, which are supported by AIX sendmail. 144538032Speter 144638032Speter Several people have reported that the IBM-supplied named returns 144738032Speter fairly random results -- the named should be replaced. It is not 144838032Speter necessary to replace the resolver, which will simplify installation. 144938032Speter A new BIND resolver can be found at http://www.isc.org/isc/. 145038032Speter 145138032SpeterAIX 3.1.x 145238032Speter The supplied load average code only works correctly for AIX 3.2.x. 145338032Speter For 3.1, use -DLA_TYPE=LA_SUBR and get the latest ``monitor'' 145438032Speter package by Jussi Maki <jmaki@hut.fi> from ftp.funet.fi in the 145538032Speter directory pub/unix/AIX/rs6000/monitor-1.12.tar.Z; use the loadavgd 145638032Speter daemon, and the getloadavg subroutine supplied with that package. 145738032Speter If you don't care about load average throttling, just turn off 145838032Speter load average checking using -DLA_TYPE=LA_ZERO. 145938032Speter 146038032SpeterRISC/os 146138032Speter RISC/os from MIPS is a merged AT&T/Berkeley system. When you 146238032Speter compile on that platform you will get duplicate definitions 146338032Speter on many files. You can ignore these. 146438032Speter 146538032SpeterSystem V Release 4 Based Systems 146664562Sgshapiro There is a single devtools OS that is intended for all SVR4-based 146764562Sgshapiro systems (built from devtools/OS/SVR4). It defines __svr4__, 146838032Speter which is predefined by some compilers. If your compiler already 146938032Speter defines this compile variable, you can delete the definition from 147064562Sgshapiro the generated Makefile or create a devtools/Site/site.config.m4 147138032Speter file. 147238032Speter 147338032Speter It's been tested on Dell Issue 2.2. 147438032Speter 147538032SpeterDELL SVR4 147638032Speter Date: Mon, 06 Dec 1993 10:42:29 EST 147738032Speter From: "Kimmo Suominen" <kim@grendel.lut.fi> 147838032Speter Message-ID: <2d0352f9.lento29@lento29.UUCP> 147938032Speter To: eric@cs.berkeley.edu 148038032Speter Cc: sendmail@cs.berkeley.edu 148138032Speter Subject: Notes for DELL SVR4 148238032Speter 148338032Speter Eric, 148438032Speter 148538032Speter Here are some notes for compiling Sendmail 8.6.4 on DELL SVR4. I ran 148638032Speter across these things when helping out some people who contacted me by 148738032Speter e-mail. 148838032Speter 148938032Speter 1) Use gcc 2.4.5 (or later?). Dell distributes gcc 2.1 with their 149038032Speter Issue 2.2 Unix. It is too old, and gives you problems with 149138032Speter clock.c, because sigset_t won't get defined in <sys/signal.h>. 149238032Speter This is due to a problematic protection rule in there, and is 149338032Speter fixed with gcc 2.4.5. 149438032Speter 149538032Speter 2) If you don't use the new Berkeley DB (-DNEWDB), then you need 149638032Speter to add "-lc -lucb" to the libraries to link with. This is because 149738032Speter the -ldbm distributed by Dell needs the bcopy, bcmp and bzero 149838032Speter functions. It is important that you specify both libraries in 149938032Speter the given order to be sure you only get the BSTRING functions 150038032Speter from the UCB library (and not the signal routines etc.). 150138032Speter 150238032Speter 3) Don't leave out "-lelf" even if compiling with "-lc -lucb". 150338032Speter The UCB library also has another copy of the nlist routines, 150438032Speter but we do want the ones from "-lelf". 150538032Speter 150638032Speter If anyone needs a compiled gcc 2.4.5 and/or a ported DB library, they 150738032Speter can use anonymous ftp to fetch them from lut.fi in the /kim directory. 150838032Speter They are copies of what I use on grendel.lut.fi, and offering them 150938032Speter does not imply that I would also support them. I have sent the DB 151038032Speter port for SVR4 back to Keith Bostic for inclusion in the official 151138032Speter distribution, but I haven't heard anything from him as of today. 151238032Speter 151338032Speter - gcc-2.4.5-svr4.tar.gz (gcc 2.4.5 and the corresponding libg++) 151438032Speter - db-1.72.tar.gz (with source, objects and a installed copy) 151538032Speter 151638032Speter Cheers 151738032Speter + Kim 151838032Speter -- 151938032Speter * Kimmo.Suominen@lut.fi * SysVr4 enthusiast at GRENDEL.LUT.FI * 152038032Speter * KIM@FINFILES.BITNET * Postmaster and Hostmaster at LUT.FI * 152138032Speter * + 358 200 865 718 * Unix area moderator at NIC.FUNET.FI * 152238032Speter 152338032SpeterConvexOS 10.1 and below 152438032Speter In order to use the name server, you must create the file 152538032Speter /etc/use_nameserver. If this file does not exist, the call 152638032Speter to res_init() will fail and you will have absolutely no 152738032Speter access to DNS, including MX records. 152838032Speter 152938032SpeterAmdahl UTS 2.1.5 153038032Speter In order to get UTS to work, you will have to port BIND 4.9. 153138032Speter The vendor's BIND is reported to be ``totally inadequate.'' 153238032Speter See sendmail/contrib/AmdahlUTS.patch for the patches necessary 153338032Speter to get BIND 4.9 compiled for UTS. 153438032Speter 153538032SpeterUnixWare 153638032Speter According to Alexander Kolbasov <sasha@unitech.gamma.ru>, 153738032Speter the m4 on UnixWare 2.0 (still in Beta) will core dump on the 153838032Speter config files. GNU m4 and the m4 from UnixWare 1.x both work. 153938032Speter 154038032Speter According to Larry Rosenman <ler@lerami.lerctr.org>: 154138032Speter 154238032Speter UnixWare 2.1.[23]'s m4 chokes (not obviously) when 154364562Sgshapiro processing the 8.9.0 cf files. 154464562Sgshapiro 154538032Speter I had a LOCAL_RULE_0 that wound up AFTER the 154638032Speter SBasic_check_rcpt rules using the SCO supplied M4. 154764562Sgshapiro GNU M4 works fine. 154838032Speter 154938032SpeterUNICOS 8.0.3.4 155038032Speter Some people have reported that the -O flag on UNICOS can cause 155138032Speter problems. You may want to turn this off if you have problems 155238032Speter running sendmail. Reported by Jerry G. DeLapp <jgd@acl.lanl.gov>. 155338032Speter 155494334SgshapiroDarwin/Mac OS X (10.X.X) 1555110560Sgshapiro The linker errors produced regarding getopt() and its associated 155694334Sgshapiro variables can safely be ignored. 155794334Sgshapiro 155890792Sgshapiro From Mike Zimmerman <zimmy@torrentnet.com>: 155990792Sgshapiro 156077349Sgshapiro From scratch here is what Darwin users need to do to the standard 156177349Sgshapiro 10.0.0, 10.0.1 install to get sendmail working. 156277349Sgshapiro From http://www.macosx.com/forums/showthread.php?s=6dac0e9e1f3fd118a4870a8a9b559491&threadid=2242: 156377349Sgshapiro 1. chmod g-w / /private /private/etc 156477349Sgshapiro 2. Properly set HOSTNAME in /etc/hostconfig to your FQDN: 156577349Sgshapiro HOSTNAME=-my.domain.com- 156677349Sgshapiro 3. Edit /etc/rc.boot: 156777349Sgshapiro hostname my.domain.com 156877349Sgshapiro domainname domain.com 156977349Sgshapiro 4. Edit /System/Library/StartupItems/Sendmail/Sendmail: 157077349Sgshapiro Remove the "&" after the sendmail command: 157177349Sgshapiro /usr/sbin/sendmail -bd -q1h 157277349Sgshapiro 157390792Sgshapiro From Carsten Klapp <carsten.klapp@home.com>: 157490792Sgshapiro 157590792Sgshapiro The easiest workaround is to remove the group-writable permission 157690792Sgshapiro for the root directory and the symbolic /etc inherits this 157790792Sgshapiro change. While this does fix sendmail, the unfortunate side-effect 157890792Sgshapiro is the OS X admin will no longer be able to manipulate icons in the 157990792Sgshapiro top level of the Startup disk unless logged into the GUI as the 158090792Sgshapiro superuser. 158190792Sgshapiro 158290792Sgshapiro In applying the alternate workaround, care must be taken while 158390792Sgshapiro swapping the symlink /etc with the directory /private/etc. In all 158490792Sgshapiro likelihood any admin who is concerned with this sendmail error has 158590792Sgshapiro enough experience to not accidentally harm anything in the process. 158690792Sgshapiro 158790792Sgshapiro a. Swap the /etc symlink with /private/etc (as superuser): 158890792Sgshapiro rm /etc 158990792Sgshapiro mv /private/etc /etc 159090792Sgshapiro ln -s /etc /private/etc 159190792Sgshapiro 159290792Sgshapiro b. Set / to group unwritable (as superuser): 159390792Sgshapiro chmod g-w / 159490792Sgshapiro 159598841SgshapiroDarwin/Mac OS X (10.1.5) 159698841Sgshapiro Apple's upgrade to sendmail 8.12 is incorrectly configured. You 159798841Sgshapiro will need to manually fix it up by doing the following: 159898841Sgshapiro 159998841Sgshapiro 1. chown smmsp:smmsp /var/spool/clientmqueue 160098841Sgshapiro 2. chmod 2770 /var/spool/clientmqueue 160198841Sgshapiro 3. chgrp smmsp /usr/sbin/sendmail 160298841Sgshapiro 4. chmod g+s /usr/sbin/sendmail 160398841Sgshapiro 160498841Sgshapiro From Daniel J. Luke <dluke@geeklair.net>: 160598841Sgshapiro 160698841Sgshapiro It appears that setting the sendmail.cf property in 160798841Sgshapiro /locations/sendmail in NetInfo on Mac OS X 10.1.5 with sendmail 160898841Sgshapiro 8.12.4 causes 'bad things' to happen. 160998841Sgshapiro 161098841Sgshapiro Specifically sendmail instances that should be getting their config 161198841Sgshapiro from /etc/mail/submit.cf don't (so mail/mutt/perl scripts which 161298841Sgshapiro open pipes to sendmail stop working as sendmail tries to write to 161398841Sgshapiro /var/spool/mqueue and cannot as sendmail is no longer suid root). 161498841Sgshapiro 161598841Sgshapiro Removing the entry from NetInfo fixes this problem. 161698841Sgshapiro 161738032SpeterGNU getopt 161838032Speter I'm told that GNU getopt has a problem in that it gets confused 161938032Speter by the double call. Use the version in conf.c instead. 162038032Speter 162138032SpeterBIND 4.9.2 and Ultrix 162238032Speter If you are running on Ultrix, be sure you read conf/Info.Ultrix 162338032Speter in the BIND distribution very carefully -- there is information 162438032Speter in there that you need to know in order to avoid errors of the 162538032Speter form: 162638032Speter 162738032Speter /lib/libc.a(gethostent.o): sethostent: multiply defined 162838032Speter /lib/libc.a(gethostent.o): endhostent: multiply defined 162938032Speter /lib/libc.a(gethostent.o): gethostbyname: multiply defined 163038032Speter /lib/libc.a(gethostent.o): gethostbyaddr: multiply defined 163138032Speter 163238032Speter during the link stage. 163338032Speter 163464562SgshapiroBIND 8.X 163564562Sgshapiro BIND 8.X returns HOST_NOT_FOUND instead of TRY_AGAIN on temporary 163664562Sgshapiro DNS failures when trying to find the hostname associated with an IP 163764562Sgshapiro address (gethostbyaddr()). This can cause problems as 163864562Sgshapiro $&{client_name} based lookups in class R ($=R) and the access 163964562Sgshapiro database won't succeed. 164064562Sgshapiro 164164562Sgshapiro This will be fixed in BIND 8.2.1. For earlier versions, this can 164264562Sgshapiro be fixed by making "dns" the last name service queried for host 164364562Sgshapiro resolution in /etc/irs.conf: 164464562Sgshapiro 164564562Sgshapiro hosts local continue 164664562Sgshapiro hosts dns 164764562Sgshapiro 164838032Speterstrtoul 164938032Speter Some compilers (notably gcc) claim to be ANSI C but do not 165038032Speter include the ANSI-required routine "strtoul". If your compiler 165138032Speter has this problem, you will get an error in srvrsmtp.c on the 165238032Speter code: 165338032Speter 165438032Speter # ifdef defined(__STDC__) && !defined(BROKEN_ANSI_LIBRARY) 165538032Speter e->e_msgsize = strtoul(vp, (char **) NULL, 10); 165638032Speter # else 165738032Speter e->e_msgsize = strtol(vp, (char **) NULL, 10); 165838032Speter # endif 165938032Speter 166038032Speter You can use -DBROKEN_ANSI_LIBRARY to get around this problem. 166138032Speter 166238032SpeterListproc 6.0c 166338032Speter Date: 23 Sep 1995 23:56:07 GMT 166438032Speter Message-ID: <95925101334.~INN-AUMa00187.comp-news@dl.ac.uk> 166538032Speter From: alansz@mellers1.psych.berkeley.edu (Alan Schwartz) 166638032Speter Subject: Listproc 6.0c + Sendmail 8.7 [Helpful hint] 166738032Speter 166838032Speter Just upgraded to sendmail 8.7, and discovered that listproc 6.0c 166938032Speter breaks, because it, by default, sends a blank "HELO" rather than 1670110560Sgshapiro a "HELO hostname" when using the 'system' or 'telnet' mail method. 167138032Speter 167238032Speter The fix is to include -DZMAILER in the compilation, which will 167338032Speter cause it to use "HELO hostname" (which Z-mail apparently requires 167438032Speter as well. :) 167538032Speter 167664562SgshapiroOpenSSL 167764562Sgshapiro OpenSSL versions prior to 0.9.6 use a macro named Free which 167864562Sgshapiro conflicts with existing macro names on some platforms, such as 167964562Sgshapiro AIX. 168066494Sgshapiro Do not use 0.9.3, but OpenSSL 0.9.5a or later if compatible with 168166494Sgshapiro 0.9.5a. 168238032Speter 168364562SgshapiroPH 168464562Sgshapiro PH support is provided by Mark Roth <roth@uiuc.edu>. The map is 1685120256Sgshapiro described at http://www-dev.cites.uiuc.edu/sendmail/ . 168690792Sgshapiro 168790792Sgshapiro NOTE: The "spacedname" pseudo-field which was used by earlier 168890792Sgshapiro versions of the PH map code is no longer supported! See the URL 168990792Sgshapiro listed above for more information. 169090792Sgshapiro 169164562Sgshapiro Please contact Mark Roth for support and questions regarding the 169264562Sgshapiro map. 169338032Speter 169438032SpeterTCP Wrappers 169538032Speter If you are using -DTCPWRAPPERS to get TCP Wrappers support you will 169638032Speter also need to install libwrap.a and modify your site.config.m4 file 169738032Speter or the generated Makefile to include -lwrap in the LIBS line 169838032Speter (make sure that INCDIRS and LIBDIRS point to where the tcpd.h and 169938032Speter libwrap.a can be found). 170038032Speter 170164562Sgshapiro TCP Wrappers is available at ftp://ftp.porcupine.org/pub/security/. 170238032Speter 170338032Speter If you have alternate MX sites for your site, be sure that all of 170438032Speter your MX sites reject the same set of hosts. If not, a bad guy whom 170538032Speter you reject will connect to your site, fail, and move on to the next 170638032Speter MX site, which will accept the mail for you and forward it on to you. 170738032Speter 170838032SpeterRegular Expressions (MAP_REGEX) 170938032Speter If sendmail linking fails with: 171038032Speter 171138032Speter undefined reference to 'regcomp' 171238032Speter 171338032Speter or sendmail gives an error about a regular expression with: 171438032Speter 171564562Sgshapiro pattern-compile-error: : Operation not applicable 171638032Speter 171790792Sgshapiro Your libc does not include a running version of POSIX-regex. Use 171864562Sgshapiro librx or regex.o from the GNU Free Software Foundation, 171964562Sgshapiro ftp://ftp.gnu.org/pub/gnu/rx-?.?.tar.gz or 172064562Sgshapiro ftp://ftp.gnu.org/pub/gnu/regex-?.?.tar.gz. 172164562Sgshapiro You can also use the regex-lib by Henry Spencer, 172264562Sgshapiro ftp://ftp.funet.fi/pub/languages/C/spencer/regex.shar.gz 172364562Sgshapiro Make sure, your compiler reads regex.h from the distribution, 172464562Sgshapiro not from /usr/include, otherwise sendmail will dump a core. 172538032Speter 1726159609SgshapiroFedora Core 5, 64 bit version 1727159609Sgshapiro If the ld stage fails with undefined functions like 1728159609Sgshapiro __res_querydomain, __dn_expand 1729159609Sgshapiro then add these lines to devtools/Site/site.config.m4 173038032Speter 1731159609Sgshapiro APPENDDEF(`confLIBDIRS', `-L/usr/lib64') 1732159609Sgshapiro APPENDDEF(`confINCDIRS', `-I/usr/include/bind9') 1733159609Sgshapiro 1734159609Sgshapiro and rebuild (sh ./Build -c). 1735159609Sgshapiro 1736159609Sgshapiro Problem noted by Daniel Krones, solution suggested by 1737159609Sgshapiro Anthony Howe. 1738159609Sgshapiro 1739285303Sgshapiro 174038032Speter+--------------+ 174138032Speter| MANUAL PAGES | 174238032Speter+--------------+ 174338032Speter 174464562SgshapiroThe manual pages have been written against the -man macros, and 174564562Sgshapiroshould format correctly with any reasonable *roff. 174638032Speter 174780785Sgshapiro 174838032Speter+-----------------+ 174938032Speter| DEBUGGING HOOKS | 175038032Speter+-----------------+ 175138032Speter 175238032SpeterAs of 8.6.5, sendmail daemons will catch a SIGUSR1 signal and log 175338032Spetersome debugging output (logged at LOG_DEBUG severity). The 175438032Speterinformation dumped is: 175538032Speter 175638032Speter * The value of the $j macro. 175738032Speter * A warning if $j is not in the set $=w. 175838032Speter * A list of the open file descriptors. 175938032Speter * The contents of the connection cache. 176038032Speter * If ruleset 89 is defined, it is evaluated and the results printed. 176138032Speter 176238032SpeterThis allows you to get information regarding the runtime state of the 176338032Speterdaemon on the fly. This should not be done too frequently, since 176438032Speterthe process of rewriting may lose memory which will not be recovered. 176538032SpeterAlso, ruleset 89 may call non-reentrant routines, so there is a small 176638032Speternon-zero probability that this will cause other problems. It is 176738032Speterreally only for debugging serious problems. 176838032Speter 176938032SpeterA typical formulation of ruleset 89 would be: 177038032Speter 177138032Speter R$* $@ $>0 some test address 177238032Speter 177338032Speter 177438032Speter+-----------------------------+ 177538032Speter| DESCRIPTION OF SOURCE FILES | 177638032Speter+-----------------------------+ 177738032Speter 177838032SpeterThe following list describes the files in this directory: 177938032Speter 178064562SgshapiroBuild Shell script for building sendmail. 178164562SgshapiroMakefile A convenience for calling ./Build. 178238032SpeterMakefile.m4 A template for constructing a makefile based on the 178364562Sgshapiro information in the devtools directory. 178438032SpeterREADME This file. 178538032SpeterTRACEFLAGS My own personal list of the trace flags -- not guaranteed 178638032Speter to be particularly up to date. 178738032Speteralias.c Does name aliasing in all forms. 178864562Sgshapiroaliases.5 Man page describing the format of the aliases file. 178938032Speterarpadate.c A subroutine which creates ARPANET standard dates. 179090792Sgshapirobf.c Routines to implement memory-buffered file system using 179190792Sgshapiro hooks provided by libsm now (formerly Torek stdio library). 179290792Sgshapirobf.h Buffered file I/O function declarations and 179390792Sgshapiro data structure and function declarations for bf.c. 179438032Spetercollect.c The routine that actually reads the mail into a temp 179538032Speter file. It also does a certain amount of parsing of 179638032Speter the header, etc. 179738032Speterconf.c The configuration file. This contains information 179838032Speter that is presumed to be quite static and non- 179938032Speter controversial, or code compiled in for efficiency 180038032Speter reasons. Most of the configuration is in sendmail.cf. 180138032Speterconf.h Configuration that must be known everywhere. 180290792Sgshapirocontrol.c Routines to implement control socket. 180338032Speterconvtime.c A routine to sanely process times. 180490792Sgshapirodaemon.c Routines to implement daemon mode. 180538032Speterdeliver.c Routines to deliver mail. 180638032Speterdomain.c Routines that interface with DNS (the Domain Name 180738032Speter System). 180864562Sgshapiroenvelope.c Routines to manipulate the envelope structure. 180938032Spetererr.c Routines to print error messages. 181038032Speterheaders.c Routines to process message headers. 181164562Sgshapirohelpfile An example helpfile for the SMTP HELP command and -bt mode. 181238032Spetermacro.c The macro expander. This is used internally to 181338032Speter insert information from the configuration file. 181464562Sgshapiromailq.1 Man page for the mailq command. 181538032Spetermain.c The main routine to sendmail. This file also 181638032Speter contains some miscellaneous routines. 181764562Sgshapiromakesendmail A convenience for calling ./Build. 181838032Spetermap.c Support for database maps. 181938032Spetermci.c Routines that handle mail connection information caching. 182064562Sgshapiromilter.c MTA portions of the mail filter API. 182138032Spetermime.c MIME conversion routines. 182264562Sgshapironewaliases.1 Man page for the newaliases command. 182338032Speterparseaddr.c The routines which do address parsing. 182438032Speterqueue.c Routines to implement message queueing. 182538032Speterreadcf.c The routine that reads the configuration file and 182638032Speter translates it to internal form. 182738032Speterrecipient.c Routines that manipulate the recipient list. 182890792Sgshapirosasl.c Routines to interact with Cyrys-SASL. 182938032Spetersavemail.c Routines which save the letter on processing errors. 183064562Sgshapirosendmail.8 Man page for the sendmail command. 183138032Spetersendmail.h Main header file for sendmail. 183290792Sgshapirosfsasl.c I/O interface between SASL/TLS and the MTA. 183364562Sgshapirosfsasl.h Header file for sfsasl.c. 183464562Sgshapiroshmticklib.c Routines for shared memory counters. 183590792Sgshapirosm_resolve.c Routines for DNS lookups (for DNS map type). 183690792Sgshapirosm_resolve.h Header file for sm_resolve.c. 183738032Spetersrvrsmtp.c Routines to implement server SMTP. 183838032Speterstab.c Routines to manage the symbol table. 183938032Speterstats.c Routines to collect and post the statistics. 184064562Sgshapirostatusd_shm.h Data structure and function declarations for shmticklib.c. 184138032Spetersysexits.c List of error messages associated with error codes 184238032Speter in sysexits.h. 184364562Sgshapirosysexits.h List of error codes for systems that lack their own. 184464562Sgshapirotimers.c Routines to provide microtimers. 184564562Sgshapirotimers.h Data structure and function declarations for timers.h. 184690792Sgshapirotls.c Routines for TLS. 184738032Spetertrace.c The trace package. These routines allow setting and 184838032Speter testing of trace flags with a high granularity. 184938032Speterudb.c The user database interface module. 185038032Speterusersmtp.c Routines to implement user SMTP. 185138032Speterutil.c Some general purpose routines used by sendmail. 185238032Speterversion.c The version number and information about this 185364562Sgshapiro version of sendmail. 185438032Speter 1855266692Sgshapiro(Version $Revision: 8.393 $, last update $Date: 2013-11-22 20:51:54 $ ) 1856