KNOWNBUGS revision 98121
1252995Sdteske 2252995Sdteske 3252995Sdteske K N O W N B U G S I N S E N D M A I L 4252995Sdteske 5252995Sdteske 6252995SdteskeThe following are bugs or deficiencies in sendmail that we are aware of 7252995Sdteskebut which have not been fixed in the current release. You probably 8252995Sdteskewant to get the most up to date version of this from ftp.sendmail.org 9252995Sdteskein /pub/sendmail/KNOWNBUGS. For descriptions of bugs that have been 10252995Sdteskefixed, see the file RELEASE_NOTES (in the root directory of the sendmail 11252995Sdteskedistribution). 12252995Sdteske 13252995SdteskeThis list is not guaranteed to be complete. 14252995Sdteske 15252995Sdteske* Delivery to programs that generate too much output may cause problems 16252995Sdteske 17252995Sdteske If e-mail is delivered to a program which generates too much 18252995Sdteske output, then sendmail may issue an error: 19252995Sdteske 20252995Sdteske timeout waiting for input from local during Draining Input 21252995Sdteske 22252995Sdteske Make sure that the program does not generate output beyond a 23252995Sdteske status message (corresponding to the exit status). This may 24252995Sdteske require a wrapper around the actual program to redirect output 25252995Sdteske to /dev/null. 26252995Sdteske 27252995Sdteske Such a problem has been reported for bulk_mailer. 28252995Sdteske 29252995Sdteske* Null bytes are not handled properly in headers. 30252995Sdteske 31252995Sdteske Sendmail should handle full binary data. As it stands, it handles 32252995Sdteske all values in the body, but only 0x01-0x80 and 0xA0-0xFF in 33252995Sdteske the header. Notably missing is 0x00, which would require a major 34252995Sdteske restructuring of the code -- for example, almost no C library support 35252995Sdteske could be used to handle strings. 36252995Sdteske 37252995Sdteske* Header checks are not called if header value is too long or empty. 38252995Sdteske 39252995Sdteske If the value of a header is longer than 1250 (MAXNAME + MAXATOM - 6) 40252995Sdteske characters or it contains a single word longer than 256 (MAXNAME) 41252995Sdteske characters then no header check is done even if one is configured for 42252995Sdteske the header. 43252995Sdteske 44252995Sdteske* Sender addresses whose domain part cause a temporary A record lookup 45252995Sdteske failure but have a valid MX record will be temporarily rejected in 46252995Sdteske the default configuration. Solution: fix the DNS at the sender side. 47252995Sdteske If that's not easy to achieve, possible workarounds are: 48252995Sdteske - add an entry to the access map: 49252995Sdteske dom.ain OK 50252995Sdteske - (only for advanced users) replace 51252995Sdteske 52252995Sdteske# Resolve map (to check if a host exists in check_mail) 53252995SdteskeKresolve host -a<OKR> -T<TEMP> 54252995Sdteske 55252995Sdteske with 56252995Sdteske 57252995Sdteske# Resolve map (to check if a host exists in check_mail) 58252995SdteskeKcanon host -a<OKR> -T<TEMP> 59252995SdteskeKdnsmx dns -R MX -a<OKR> -T<TEMP> 60252995SdteskeKresolve sequence dnsmx canon 61252995Sdteske 62252995Sdteske 63252995Sdteske* Duplicate error messages. 64252995Sdteske 65252995Sdteske Sometimes identical, duplicate error messages can be generated. As 66252995Sdteske near as I can tell, this is rare and relatively innocuous. 67252995Sdteske 68252995Sdteske* Misleading error messages. 69252995Sdteske 70252995Sdteske If an illegal address is specified on the command line together 71252995Sdteske with at least one valid address and PostmasterCopy is set, the 72252995Sdteske DSN does not contain the illegal address, but only the valid 73252995Sdteske address(es). 74252995Sdteske 75252995Sdteske* \231 considered harmful. 76252995Sdteske 77252995Sdteske Header addresses that have the \231 character (and possibly others 78252995Sdteske in the range \201 - \237) behave in odd and usually unexpected ways. 79252995Sdteske 80252995Sdteske* accept() problem on SVR4. 81252995Sdteske 82252995Sdteske Apparently, the sendmail daemon loop (doing accept()s on the network) 83252995Sdteske can get into a weird state on SVR4; it starts logging ``SYSERR: 84252995Sdteske getrequests: accept: Protocol Error''. The workaround is to kill 85252995Sdteske and restart the sendmail daemon. We don't have an SVR4 system at 86252995Sdteske Berkeley that carries more than token mail load, so I can't validate 87252995Sdteske this. It is likely to be a glitch in the sockets emulation, since 88252995Sdteske "Protocol Error" is not possible error code with Berkeley TCP/IP. 89252995Sdteske 90252995Sdteske I've also had someone report the message ``sendmail: accept: 91252995Sdteske SIOCGPGRP failed errno 22'' on an SVR4 system. This message is 92252995Sdteske not in the sendmail source code, so I assume it is also a bug 93252995Sdteske in the sockets emulation. (Errno 22 is EINVAL "Invalid Argument" 94252995Sdteske on all the systems I have available, including Solaris 2.x.) 95252995Sdteske Apparently, this problem is due to linking -lc before -lsocket; 96252995Sdteske if you are having this problem, check your Makefile. 97252995Sdteske 98252995Sdteske* accept() problem on Linux. 99252995Sdteske 100252995Sdteske The accept() in sendmail daemon loop can return ETIMEDOUT. An 101252995Sdteske error is reported to syslog: 102252995Sdteske 103252995Sdteske Jun 9 17:14:12 hostname sendmail[207]: NOQUEUE: SYSERR(root): 104252995Sdteske getrequests: accept: Connection timed out 105252995Sdteske 106252995Sdteske "Connection timed out" is not documented as a valid return from 107252995Sdteske accept(2) and this was believed to be a bug in the Linux kernel. 108252995Sdteske Later information from the Linux kernel group states that Linux 109252995Sdteske 2.0 kernels follow RFC1122 while sendmail follows the original BSD 110252995Sdteske (now POSIX 1003.1g draft) specification. The 2.1.X and later kernels 111252995Sdteske will follow the POSIX draft. 112252995Sdteske 113252995Sdteske* Excessive mailing list nesting can run out of file descriptors. 114252995Sdteske 115252995Sdteske If you have a mailing list that includes lots of other mailing 116 lists, each of which has a separate owner, you can run out of 117 file descriptors. Each mailing list with a separate owner uses 118 one open file descriptor (prior to 8.6.6 it was three open 119 file descriptors per list). This is particularly egregious if 120 you have your connection cache set to be large. 121 122* Connection caching breaks if you pass the port number as an argument. 123 124 If you have a definition such as: 125 126 Mport, P=[IPC], F=kmDFMuX, S=11/31, R=21, 127 M=2100000, T=DNS/RFC822/SMTP, 128 A=IPC [127.0.0.1] $h 129 130 (i.e., where $h is the port number instead of the host name) the 131 connection caching code will break because it won't notice that 132 two messages addressed to different ports should use different 133 connections. 134 135* ESMTP SIZE underestimates the size of a message 136 137 Sendmail makes no allowance for headers that it adds, nor does it 138 account for the SMTP on-the-wire \r\n expansion. It probably doesn't 139 allow for 8->7 bit MIME conversions either. 140 141* Client ignores SIZE parameter. 142 143 When sendmail acts as client and the server specifies a limit 144 for the mail size, sendmail will ignore this and try to send the 145 mail anyway. The server will usually reject the MAIL command 146 which specifies the size of the message and hence this problem 147 is not significant. 148 149* Paths to programs being executed and the mode of program files are 150 not checked. Essentially, the RunProgramInUnsafeDirPath and 151 RunWritableProgram bits in the DontBlameSendmail option are always 152 set. This is not a problem if your system is well managed (that is, 153 if binaries and system directories are mode 755 instead of something 154 foolish like 777). 155 156* 8-bit data in GECOS field 157 158 If the GECOS (personal name) information in the passwd file contains 159 8-bit characters, those characters can be included in the message 160 header, which can cause problems when sending SMTP to hosts that 161 only accept 7-bit characters. 162 163* 8->7 bit MIME conversion 164 165 When sendmail is doing 8->7 bit MIME conversions, and the message 166 contains certain MIME body types that cannot be converted to 7-bit, 167 sendmail will strip the message to 7-bit. 168 169* 7->8 bit MIME conversion 170 171 If a message that is encoded as 7-bit MIME is converted to 8-bit and 172 that message when decoded is illegal (e.g., because of long lines or 173 illegal characters), sendmail can produce an illegal message. 174 175* MIME encoded full name phrases in the From: header 176 177 If a full name phrase includes characters from MustQuoteChars, sendmail 178 will quote the entire full name phrase. If MustQuoteChars includes 179 characters which are not special characters according to STD 11 (RFC 180 822), this quotation can interfere with MIME encoded full name phrases. 181 By default, sendmail includes the single quote character (') in 182 MustQuoteChars even though it is not listed as a special character in 183 STD 11. 184 185* bestmx map with -z flag truncates the list of MX hosts 186 187 A bestmx map configured with the -z flag will truncate the list 188 of MX hosts. This prevents creation of strings which are too 189 long for ruleset parsing. This can have an adverse effect on the 190 relay_based_on_MX feature. 191 192* Saving to ~sender/dead.letter fails if su'ed to root 193 194 If ErrorMode is set to print and an error in sending mail occurs, 195 the normal action is to print a message to the screen and append 196 the message to a dead.letter file in the sender's home directory. 197 In the case where the sender is using su to act as root, the file 198 safety checks prevent sendmail from saving the dead.letter file 199 because the sender's uid and the current real uid do not match. 200 201* Berkeley DB 2.X race condition with fcntl() locking 202 203 There is a race condition for Berkeley DB 2.X databases on 204 operating systems which use fcntl() style locking, such as 205 Solaris. Sendmail locks the map before calling db_open() to 206 prevent others from modifying the map while it is being opened. 207 Unfortunately, Berkeley DB opens the map, closes it, and then 208 reopens it. fcntl() locking drops the lock when any file 209 descriptor pointing to the file is closed, even if it is a 210 different file descriptor than the one used to initially lock 211 the file. As a result there is a possibility that entries in a 212 map might not be found during a map rebuild. As a workaround, 213 you can use makemap to build a map with a new name and then 214 "mv" the new db file to replace the old one. 215 216 Sleepycat Software has added code to avoid this race condition to 217 Berkeley DB versions after 2.7.5. 218 219* File open timeouts not available on hard mounted NFS file systems 220 221 Since SIGALRM does not interrupt an RPC call for hard mounted 222 NFS file systems, it is impossible to implement a timeout on a file 223 open operation. Therefore, while the NFS server is not responding, 224 attempts to open a file on that server will hang. Systems with 225 local mail delivery and NFS hard mounted home directories should be 226 avoided, as attempts to open the forward files could hang. 227 228* Race condition for delivery to set-user-ID files 229 230 Sendmail will deliver to a fail if the file is owned by the DefaultUser 231 or has the set-user-ID bit set. Unfortunately, some systems clear that bit 232 when a file is modified. Sendmail compensates by resetting the file mode 233 back to it's original settings. Unfortunately, there's still a 234 permission failure race as sendmail checks the permissions before locking 235 the file. This is unavoidable as sendmail must verify the file is safe 236 to open before opening it. A file can not be locked until it is open. 237 238$Revision: 8.55 $, Last updated $Date: 2002/03/05 00:45:54 $ 239