diff options
author | peter <peter@FreeBSD.org> | 1998-08-04 16:35:57 +0000 |
---|---|---|
committer | peter <peter@FreeBSD.org> | 1998-08-04 16:35:57 +0000 |
commit | 9f74da92d2d9619b4a0543b7c6c819cb4eb4959e (patch) | |
tree | 97e0c5ab8cb2ff07b5c3ab6c04738a62c19fbe5c /usr.sbin/sendmail/doc/op/op.me | |
parent | d0cf6313bab68523e1ff8a7cf65c7f6c26c8dad0 (diff) | |
download | FreeBSD-src-9f74da92d2d9619b4a0543b7c6c819cb4eb4959e.zip FreeBSD-src-9f74da92d2d9619b4a0543b7c6c819cb4eb4959e.tar.gz |
Remove old sendmail (to the Attic)
Diffstat (limited to 'usr.sbin/sendmail/doc/op/op.me')
-rw-r--r-- | usr.sbin/sendmail/doc/op/op.me | 8211 |
1 files changed, 0 insertions, 8211 deletions
diff --git a/usr.sbin/sendmail/doc/op/op.me b/usr.sbin/sendmail/doc/op/op.me deleted file mode 100644 index 60bc113..0000000 --- a/usr.sbin/sendmail/doc/op/op.me +++ /dev/null @@ -1,8211 +0,0 @@ -.\" Copyright (c) 1983, 1995 Eric P. Allman -.\" Copyright (c) 1983, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)op.me 8.106 (Berkeley) 10/20/97 -.\" -.\" eqn op.me | pic | troff -me -.eh 'SMM:08-%''Sendmail Installation and Operation Guide' -.oh 'Sendmail Installation and Operation Guide''SMM:08-%' -.\" SD is lib if sendmail is installed in /usr/lib, sbin if in /usr/sbin -.ds SD sbin -.\" SB is bin if newaliases/mailq are installed in /usr/bin, ucb if in /usr/ucb -.ds SB bin -.nr si 3n -.de $0 -.(x -.in \\$3u*3n -.ti -3n -\\$2. \\$1 -.)x -.. -.de $C -.(x -.in 0 -\\$1 \\$2. \\$3 -.)x -.. -.sc -.+c -.(l C -.sz 16 -.b SENDMAIL -.sz 12 -.sp -.b "INSTALLATION AND OPERATION GUIDE" -.sz 10 -.sp -.r -Eric Allman -eric@Sendmail.ORG -.sp -Version 8.106 -.sp -For Sendmail Version 8.8 -.)l -.sp 2 -.pp -.i Sendmail -implements a general purpose internetwork mail routing facility -under the UNIX\(rg -operating system. -It is not tied to any one transport protocol \*- -its function may be likened to a crossbar switch, -relaying messages from one domain into another. -In the process, -it can do a limited amount of message header editing -to put the message into a format that is appropriate -for the receiving domain. -All of this is done under the control of a configuration file. -.pp -Due to the requirements of flexibility -for -.i sendmail , -the configuration file can seem somewhat unapproachable. -However, there are only a few basic configurations -for most sites, -for which standard configuration files have been supplied. -Most other configurations -can be built by adjusting an existing configuration files -incrementally. -.pp -.i Sendmail -is based on -RFC821 (Simple Mail Transport Protocol), -RFC822 (Internet Mail Format Protocol), -RFC1123 (Internet Host Requirements), -RFC1521 (MIME), -RFC1651 (SMTP Service Extensions), -RFC1891 (SMTP Delivery Status Notifications), -RFC1892 (Multipart/Report), -RFC1893 (Mail System Status Codes), -RFC1894 (Delivery Status Notifications), -and -RFC1985 (SMTP Service Extension for Remote Message Queue Starting). -However, since -.i sendmail -is designed to work in a wider world, -in many cases it can be configured to exceed these protocols. -These cases are described herein. -.pp -Although -.i sendmail -is intended to run -without the need for monitoring, -it has a number of features -that may be used to monitor or adjust the operation -under unusual circumstances. -These features are described. -.pp -Section one describes how to do a basic -.i sendmail -installation. -Section two -explains the day-to-day information you should know -to maintain your mail system. -If you have a relatively normal site, -these two sections should contain sufficient information -for you to install -.i sendmail -and keep it happy. -Section three -describes some parameters that may be safely tweaked. -Section four -has information regarding the command line arguments. -Section five -contains the nitty-gritty information about the configuration -file. -This section is for masochists -and people who must write their own configuration file. -Section six -describes configuration that can be done at compile time. -Section seven -gives a brief description of differences -in this version of -.i sendmail . -The appendixes give a brief -but detailed explanation of a number of features -not described in the rest of the paper. -.pp -.b WARNING: -Several major changes were introduced in version 8.7. -You should not attempt to use this document -for prior versions of -.i sendmail . -.bp -.rs -.sp |4i -.ce 2 -This page intentionally left blank; -replace it with a blank sheet for double-sided output. -.bp 7 -.sh 1 "BASIC INSTALLATION" -.pp -There are two basic steps to installing -.i sendmail . -The hard part is to build the configuration table. -This is a file that -.i sendmail -reads when it starts up -that describes the mailers it knows about, -how to parse addresses, -how to rewrite the message header, -and the settings of various options. -Although the configuration table is quite complex, -a configuration can usually be built -by adjusting an existing off-the-shelf configuration. -The second part is actually doing the installation, -i.e., creating the necessary files, etc. -.pp -The remainder of this section will describe the installation of -.i sendmail -assuming you can use one of the existing configurations -and that the standard installation parameters are acceptable. -All pathnames and examples -are given from the root of the -.i sendmail -subtree, -normally -.i /usr/src/usr.\*(SD/sendmail -on 4.4BSD. -.pp -If you are loading this off the tape, -continue with the next section. -If you have a running binary already on your system, -you should probably skip to section 1.2. -.sh 2 "Compiling Sendmail" -.pp -All -.i sendmail -source is in the -.i src -subdirectory. -If you are running on a 4.4BSD system, -compile by typing -.q make . -On other systems, you may have to make some other adjustments. -On most systems, -you can do the appropriate compilation by typing -.(b -sh makesendmail -.)b -This will leave the binary in an appropriately named subdirectory. -It works for multiple object versions -compiled out of the same directory. -.sh 3 "Tweaking the Makefile" -.pp -.i Sendmail -supports two different formats -for the local (on disk) version of databases, -notably the -.i aliases -database. -At least one of these should be defined if at all possible. -.nr ii 1i -.ip NDBM -The ``new DBM'' format, -available on nearly all systems around today. -This was the preferred format prior to 4.4BSD. -It allows such complex things as multiple databases -and closing a currently open database. -.ip NEWDB -The new database package from Berkeley. -If you have this, use it. -It allows -long records, -multiple open databases, -real in-memory caching, -and so forth. -You can define this in conjunction with one of the other two; -if you do, -old databases are read, -but when a new database is created it will be in NEWDB format. -As a nasty hack, -if you have NEWDB, NDBM, and NIS defined, -and if the alias file name includes the substring -.q /yp/ , -.i sendmail -will create both new and old versions of the alias file -during a -.i newalias -command. -This is required because the Sun NIS/YP system -reads the DBM version of the alias file. -It's ugly as sin, -but it works. -.lp -If neither of these are defined, -.i sendmail -reads the alias file into memory on every invocation. -This can be slow and should be avoided. -There are also several methods for remote database access: -.ip NIS -Sun's Network Information Services (formerly YP). -.ip NISPLUS -Sun's NIS+ services. -.ip NETINFO -NeXT's NetInfo service. -.ip HESIOD -Hesiod service (from Athena). -.lp -Other compilation flags are set in conf.h -and should be predefined for you -unless you are porting to a new environment. -.sh 3 "Compilation and installation" -.pp -After making the local system configuration described above, -You should be able to compile and install the system. -The script -.q makesendmail -is the best approach on most systems: -.(b -sh makesendmail -.)b -This will use -.i uname (1) -to select the correct Makefile for your environment. -.pp -You may be able to install using -.(b -sh makesendmail install -.)b -This should install the binary in -/usr/\*(SD -and create links from -/usr/\*(SB/newaliases -and -/usr/\*(SB/mailq -to -/usr/\*(SD/sendmail. -On 4.4BSD systems it will also format and install man pages. -.sh 2 "Configuration Files" -.pp -.i Sendmail -cannot operate without a configuration file. -The configuration defines the mail delivery mechanisms understood at this site, -how to access them, -how to forward email to remote mail systems, -and a number of tuning parameters. -This configuration file is detailed -in the later portion of this document. -.pp -The -.i sendmail -configuration can be daunting at first. -The world is complex, -and the mail configuration reflects that. -The distribution includes an m4-based configuration package -that hides a lot of the complexity. -.pp -These configuration files are simpler than old versions -largely because the world has become simpler; -in particular, -text-based host files are officially eliminated, -obviating the need to -.q hide -hosts behind a registered internet gateway. -.pp -These files also assume that most of your neighbors -use domain-based UUCP addressing; -that is, -instead of naming hosts as -.q host!user -they will use -.q host.domain!user . -The configuration files can be customized to work around this, -but it is more complex. -.pp -Our configuration files are processed by -.i m4 -to facilitate local customization; -the directory -.i cf -of the -.i sendmail -distribution directory -contains the source files. -This directory contains several subdirectories: -.nr ii 1i -.ip cf -Both site-dependent and site-independent descriptions of hosts. -These can be literal host names -(e.g., -.q ucbvax.mc ) -when the hosts are gateways -or more general descriptions -(such as -.q "tcpproto.mc" -as a general description of an SMTP-connected host -or -.q "uucpproto.mc" -as a general description of a UUCP-connected host). -Files ending -.b \&.mc -(``Master Configuration'') -are the input descriptions; -the output is in the corresponding -.b \&.cf -file. -The general structure of these files is described below. -.ip domain -Site-dependent subdomain descriptions. -These are tied to the way your organization wants to do addressing. -For example, -.b domain/cs.exposed.m4 -is our description for hosts in the CS.Berkeley.EDU subdomain -that want their individual hostname to be externally visible; -.b domain/cs.hidden.m4 -is the same except that the hostname is hidden -(everything looks like it comes from CS.Berkeley.EDU). -These are referenced using the -.sm DOMAIN -.b m4 -macro in the -.b \&.mc -file. -.ip feature -Definitions of specific features that some particular host in your site -might want. -These are referenced using the -.sm FEATURE -.b m4 -macro. -An example feature is -use_cw_file -(which tells -.i sendmail -to read an /etc/sendmail.cw file on startup -to find the set of local names). -.ip hack -Local hacks, referenced using the -.sm HACK -.b m4 -macro. -Try to avoid these. -The point of having them here is to make it clear that they smell. -.ip m4 -Site-independent -.i m4 (1) -include files that have information common to all configuration files. -This can be thought of as a -.q #include -directory. -.ip mailer -Definitions of mailers, -referenced using the -.sm MAILER -.b m4 -macro. -The mailer types that are known in this distribution are -fax, -local, -smtp, -uucp, -and usenet. -For example, to include support for the UUCP-based mailers, -use -.q MAILER(uucp) . -.ip ostype -Definitions describing various operating system environments -(such as the location of support files). -These are referenced using the -.sm OSTYPE -.b m4 -macro. -.ip sh -Shell files used by the -.b m4 -build process. -You shouldn't have to mess with these. -.ip siteconfig -Local UUCP connectivity information. -They normally contain lists of site information, for example: -.(b -SITE(contessa) -SITE(hoptoad) -SITE(nkainc) -SITE(well) -.)b -They are referenced using the SITECONFIG macro: -.(b -SITECONFIG(site.config.file, name_of_site, X) -.)b -where -.i X -is the macro/class name to use. -It can be U -(indicating locally connected hosts) -or one of W, X, or Y -for up to three remote UUCP hubs. -This directory has been supplanted by the mailertable feature; -any new configurations should use that feature to do UUCP -(and other) routing. -.pp -If you are in a new domain -(e.g., a company), -you will probably want to create a -cf/domain -file for your domain. -This consists primarily of relay definitions: -for example, Berkeley's domain definition -defines relays for -BitNET, -CSNET, -and UUCP. -Of these, -only the UUCP relay is particularly specific -to Berkeley. -All of these are internet-style domain names. -Please check to make certain they are reasonable for your domain. -.pp -Subdomains at Berkeley are also represented in the -cf/domain -directory. -For example, -the domain -cs-exposed -is the Computer Science subdomain with the local hostname shown -to other users; -cs-hidden -makes users appear to be from the CS.Berkeley.EDU subdomain -(with no local host information included). -You will probably have to update this directory -to be appropriate for your domain. -.pp -You will have to use or create -.b \&.mc -files in the -.i cf/cf -subdirectory for your hosts. -This is detailed in the -cf/README -file. -.sh 2 "Details of Installation Files" -.pp -This subsection describes the files that -comprise the -.i sendmail -installation. -.sh 3 "/usr/\*(SD/sendmail" -.pp -The binary for -.i sendmail -is located in /usr/\*(SD\**. -.(f -\**This is usually -/usr/sbin -on 4.4BSD and newer systems; -many systems install it in -/usr/lib. -I understand it is in /usr/ucblib -on System V Release 4. -.)f -It should be setuid root. -For security reasons, -/, /usr, and /usr/\*(SD -should be owned by root, mode 755\**. -.(f -\**Some vendors ship them owned by bin; -this creates a security hole that is not actually related to -.i sendmail . -Other important directories that should have restrictive ownerships -and permissions are -/bin, /usr/bin, /etc, /usr/etc, /lib, and /usr/lib. -.)f -.sh 3 "/etc/sendmail.cf" -.pp -This is the configuration file for -.i sendmail \**. -.(f -\**Actually, the pathname varies depending on the operating system; -/etc is the preferred directory. -Some older systems install it in -.b /usr/lib/sendmail.cf , -and I've also seen it in -.b /usr/ucblib -and -.b /etc/mail . -If you want to move this file, -change -.i src/conf.h . -.)f -This and /etc/sendmail.pid -are the only non-library file names compiled into -.i sendmail \**. -.(f -\**The system libraries can reference other files; -in particular, system library subroutines that -.i sendmail -calls probably reference -.i /etc/passwd -and -.i /etc/resolv.conf . -.)f -.pp -The configuration file is normally created -using the distribution files described above. -If you have a particularly unusual system configuration -you may need to create a special version. -The format of this file is detailed in later sections -of this document. -.sh 3 "/usr/\*(SB/newaliases" -.pp -The -.i newaliases -command should just be a link to -.i sendmail : -.(b -rm \-f /usr/\*(SB/newaliases -ln \-s /usr/\*(SD/sendmail /usr/\*(SB/newaliases -.)b -This can be installed in whatever search path you prefer -for your system. -.sh 3 "/usr/\*(SB/hoststat" -.pp -The -.i hoststat -command should just be a link to -.i sendmail , -in a fashion similar to -.i newaliases . -This command lists the status of the last mail transaction -with all remote hosts. -It functions only when the -.b HostStatusDirectory -option is set. -.sh 3 "/usr/\*(SB/purgestat" -.pp -This command is also a link to -.i sendmail . -It flushes all information that is stored in the -.b HostStatusDirectory -tree. -.sh 3 "/var/spool/mqueue" -.pp -The directory -.i /var/spool/mqueue -should be created to hold the mail queue. -This directory should be mode 700 -and owned by root. -.pp -The actual path of this directory -is defined in the -.b Q -option of the -.i sendmail.cf -file. -.sh 3 "/var/spool/mqueue/.hoststat" -.pp -This is a typical value for the -.b HostStatusDirectory -option, -containing one file per host -that this sendmail has chatted with recently. -It is normally a subdirectory of -.i mqueue . -.sh 3 "/etc/aliases*" -.pp -The system aliases are held in -.q /etc/aliases . -A sample is given in -.q lib/aliases -which includes some aliases which -.i must -be defined: -.(b -cp lib/aliases /etc/aliases -.i "edit /etc/aliases" -.)b -You should extend this file with any aliases that are apropos to your system. -.pp -Normally -.i sendmail -looks at a version of these files maintained by the -.i dbm \|(3) -or -.i db \|(3) -routines. -These are stored either in -.q /etc/aliases.dir -and -.q /etc/aliases.pag -or -.q /etc/aliases.db -depending on which database package you are using. -These can initially be created as empty files, -but they will have to be initialized promptly. -These should be mode 644: -.(b -cp /dev/null /etc/aliases.dir -cp /dev/null /etc/aliases.pag -chmod 644 /etc/aliases.* -newaliases -.)b -The -.i db -routines preset the mode reasonably, -so this step can be skipped. -The actual path of this file -is defined in the -.b AliasFile -option of the -.i sendmail.cf -file. -.sh 3 "/etc/rc" -.pp -It will be necessary to start up the -.i sendmail -daemon when your system reboots. -This daemon performs two functions: -it listens on the SMTP socket for connections -(to receive mail from a remote system) -and it processes the queue periodically -to insure that mail gets delivered when hosts come up. -.pp -Add the following lines to -.q /etc/rc -(or -.q /etc/rc.local -as appropriate) -in the area where it is starting up the daemons: -.(b -if [ \-f /usr/\*(SD/sendmail \-a \-f /etc/sendmail.cf ]; then - (cd /var/spool/mqueue; rm \-f [lnx]f*) - /usr/\*(SD/sendmail \-bd \-q30m & - echo \-n ' sendmail' >/dev/console -fi -.)b -The -.q cd -and -.q rm -commands insure that all lock files have been removed; -extraneous lock files may be left around -if the system goes down in the middle of processing a message. -The line that actually invokes -.i sendmail -has two flags: -.q \-bd -causes it to listen on the SMTP port, -and -.q \-q30m -causes it to run the queue every half hour. -.pp -Some people use a more complex startup script, -removing zero length qf files and df files for which there is no qf file. -For example, see Figure 1 -for an example of a complex startup script. -.(z -.hl -# remove zero length qf files -for qffile in qf* -do - if [ \-r $qffile ] - then - if [ ! \-s $qffile ] - then - echo \-n " <zero: $qffile>" > /dev/console - rm \-f $qffile - fi - fi -done -# rename tf files to be qf if the qf does not exist -for tffile in tf* -do - qffile=`echo $tffile | sed 's/t/q/'` - if [ \-r $tffile \-a ! \-f $qffile ] - then - echo \-n " <recovering: $tffile>" > /dev/console - mv $tffile $qffile - else - echo \-n " <extra: $tffile>" > /dev/console - rm \-f $tffile - fi -done -# remove df files with no corresponding qf files -for dffile in df* -do - qffile=`echo $dffile | sed 's/d/q/'` - if [ \-r $dffile \-a ! \-f $qffile ] - then - echo \-n " <incomplete: $dffile>" > /dev/console - mv $dffile `echo $dffile | sed 's/d/D/'` - fi -done -# announce files that have been saved during disaster recovery -for xffile in [A-Z]f* -do - echo \-n " <panic: $xffile>" > /dev/console -done -.sp -.ce -Figure 1 \(em A complex startup script -.hl -.)z -.pp -If you are not running a version of UNIX -that supports Berkeley TCP/IP, -do not include the -.b \-bd -flag. -.sh 3 "/usr/lib/sendmail.hf" -.pp -This is the help file used by the SMTP -.b HELP -command. -It should be copied from -.q lib/sendmail.hf : -.(b -cp lib/sendmail.hf /usr/lib -.)b -The actual path of this file -is defined in the -.b H -option of the -.i sendmail.cf -file. -.sh 3 "/etc/sendmail.st" -.pp -If you wish to collect statistics -about your mail traffic, -you should create the file -.q /etc/sendmail.st : -.(b -cp /dev/null /etc/sendmail.st -chmod 666 /etc/sendmail.st -.)b -This file does not grow. -It is printed with the program -.q mailstats/mailstats.c. -The actual path of this file -is defined in the -.b S -option of the -.i sendmail.cf -file. -.sh 3 "/usr/\*(SB/mailq" -.pp -If -.i sendmail -is invoked as -.q mailq, -it will simulate the -.b \-bp -flag -(i.e., -.i sendmail -will print the contents of the mail queue; -see below). -This should be a link to /usr/\*(SD/sendmail. -.sh 1 "NORMAL OPERATIONS" -.sh 2 "The System Log" -.pp -The system log is supported by the -.i syslogd \|(8) -program. -All messages from -.i sendmail -are logged under the -.sm LOG_MAIL -facility\**. -.(f -\**Except on Ultrix, -which does not support facilities in the syslog. -.)f -.sh 3 "Format" -.pp -Each line in the system log -consists of a timestamp, -the name of the machine that generated it -(for logging from several machines -over the local area network), -the word -.q sendmail: , -and a message\**. -.(f -\**This format may vary slightly if your vendor has changed -the syntax. -.)f -Most messages are a sequence of -.i name \c -=\c -.i value -pairs. -.pp -The two most common lines are logged when a message is processed. -The first logs the receipt of a message; -there will be exactly one of these per message. -Some fields may be omitted if they do not contain interesting information. -Fields are: -.ip from -The envelope sender address. -.ip size -The size of the message in bytes. -.ip class -The class (i.e., numeric precedence) of the message. -.ip pri -The initial message priority (used for queue sorting). -.ip nrcpts -The number of envelope recipients for this message -(after aliasing and forwarding). -.ip msgid -The message id of the message (from the header). -.ip proto -The protocol used to receive this message (e.g., ESMTP or UUCP) -.ip relay -The machine from which it was received. -.lp -There is also one line logged per delivery attempt -(so there can be several per message if delivery is deferred -or there are multiple recipients). -Fields are: -.ip to -A comma-separated list of the recipients to this mailer. -.ip ctladdr -The ``controlling user'', that is, the name of the user -whose credentials we use for delivery. -.ip delay -The total delay between the time this message was received -and the time it was delivered. -.ip xdelay -The amount of time needed in this delivery attempt -(normally indicative of the speed of the connection). -.ip mailer -The name of the mailer used to deliver to this recipient. -.ip relay -The name of the host that actually accepted (or rejected) this recipient. -.ip stat -The delivery status. -.lp -Not all fields are present in all messages; -for example, the relay is not listed for local deliveries. -.sh 3 "Levels" -.pp -If you have -.i syslogd \|(8) -or an equivalent installed, -you will be able to do logging. -There is a large amount of information that can be logged. -The log is arranged as a succession of levels. -At the lowest level -only extremely strange situations are logged. -At the highest level, -even the most mundane and uninteresting events -are recorded for posterity. -As a convention, -log levels under ten -are considered generally -.q useful; -log levels above 64 -are reserved for debugging purposes. -Levels from 11\-64 are reserved for verbose information -that some sites might want. -.pp -A complete description of the log levels -is given in section -.\" XREF -4.6. -.sh 2 "Dumping State" -.pp -You can ask -.i sendmail -to log a dump of the open files -and the connection cache -by sending it a -.sm SIGUSR1 -signal. -The results are logged at -.sm LOG_DEBUG -priority. -.sh 2 "The Mail Queue" -.pp -Sometimes a host cannot handle a message immediately. -For example, it may be down or overloaded, causing it to refuse connections. -The sending host is then expected to save this message in -its mail queue -and attempt to deliver it later. -.pp -Under normal conditions the mail queue will be processed transparently. -However, you may find that manual intervention is sometimes necessary. -For example, -if a major host is down for a period of time -the queue may become clogged. -Although -.i sendmail -ought to recover gracefully when the host comes up, -you may find performance unacceptably bad in the meantime. -.sh 3 "Printing the queue" -.pp -The contents of the queue can be printed -using the -.i mailq -command -(or by specifying the -.b \-bp -flag to -.i sendmail ): -.(b -mailq -.)b -This will produce a listing of the queue id's, -the size of the message, -the date the message entered the queue, -and the sender and recipients. -.sh 3 "Forcing the queue" -.pp -.i Sendmail -should run the queue automatically -at intervals. -The algorithm is to read and sort the queue, -and then to attempt to process all jobs in order. -When it attempts to run the job, -.i sendmail -first checks to see if the job is locked. -If so, it ignores the job. -.pp -There is no attempt to insure that only one queue processor -exists at any time, -since there is no guarantee that a job cannot take forever -to process -(however, -.i sendmail -does include heuristics to try to abort jobs -that are taking absurd amounts of time; -technically, this violates RFC 821, but is blessed by RFC 1123). -Due to the locking algorithm, -it is impossible for one job to freeze the entire queue. -However, -an uncooperative recipient host -or a program recipient -that never returns -can accumulate many processes in your system. -Unfortunately, -there is no completely general way to solve this. -.pp -In some cases, -you may find that a major host going down -for a couple of days -may create a prohibitively large queue. -This will result in -.i sendmail -spending an inordinate amount of time -sorting the queue. -This situation can be fixed by moving the queue to a temporary place -and creating a new queue. -The old queue can be run later when the offending host returns to service. -.pp -To do this, -it is acceptable to move the entire queue directory: -.(b -cd /var/spool -mv mqueue omqueue; mkdir mqueue; chmod 700 mqueue -.)b -You should then kill the existing daemon -(since it will still be processing in the old queue directory) -and create a new daemon. -.pp -To run the old mail queue, -run the following command: -.(b -/usr/\*(SD/sendmail \-oQ/var/spool/omqueue \-q -.)b -The -.b \-oQ -flag specifies an alternate queue directory -and the -.b \-q -flag says to just run every job in the queue. -If you have a tendency toward voyeurism, -you can use the -.b \-v -flag to watch what is going on. -.pp -When the queue is finally emptied, -you can remove the directory: -.(b -rmdir /var/spool/omqueue -.)b -.sh 2 "Disk Based Connection Information" -.pp -.i Sendmail -stores a large amount of information about each remote system it -has connected to in memory. It is now possible to preserve some -of this information on disk as well, by using the -.b HostStatusDirectory -option, so that it may be shared between several invocations of -.i sendmail . -This allows mail to be queued immediately or skipped during a queue run if -there has been a recent failure in connecting to a remote machine. -.pp -Additionally enabling -.b SingleThreadDelivery -has the added effect of single-threading mail delivery to a destination. -This can be quite helpful -if the remote machine is running an SMTP server that is easily overloaded -or cannot accept more than a single connection at a time, -but can cause some messages to be punted to a future queue run. -It also applies to -.i all -hosts, so setting this because you have one machine on site -that runs some software that is easily overrun -can cause mail to other hosts to be slowed down. -If this option is set, -you probably want to set the -.b MinQueueAge -option as well and run the queue fairly frequently; -this will cause hosts that are skipped because another -.i sendmail -instance is talking to it to be tried again soon. -.pp -The disk based host information is stored in a subdirectory of of the -.b mqueue -directory called -.b \&.hoststat \**. -.(f -\**This is the usual value of the -.b HostStatusDirectory -option; -it can, of course, go anywhere you like in your filesystem. -.)f -Removing this directory and its subdirectories has an effect similar to -the -.i purgestat -command and is completely safe. -The information in these directories can -be perused with the -.i hoststat -command, which will indicate the host name, the last access, and the -status of that access. -An asterisk in the left most column indicates that a -.i sendmail -process currently has the host locked for mail delivery. -.pp -The disk based connection information is treated the same way as memory based -connection information for the purpose of timeouts. -By default, information about host failures is valid for 30 minutes. -This can be adjusted with -the -.b Timeout.hoststatus -option. -.pp -The connection information stored on disk may be purged at any time -with the -.i purgestat -command or by invoking sendmail with the -.b \-bH -switch. -The connection information may be viewed with the -.i hoststat -command or by invoking sendmail with the -.b \-bh -switch. -.sh 2 "The Service Switch" -.pp -The implementation of certain system services -such as host and user name lookup -is controlled by the service switch. -If the host operating system supports such a switch -.i sendmail -will use the native version. -Ultrix, Solaris, and DEC OSF/1 are examples of such systems. -.pp -If the underlying operating system does not support a service switch -(e.g., SunOS, HP-UX, BSD) -then -.i sendmail -will provide a stub implementation. -The -.b ServiceSwitchFile -option points to the name of a file that has the service definitions -Each line has the name of a service -and the possible implementations of that service. -For example, the file: -.(b -hosts dns files nis -aliases files nis -.)b -will ask -.i sendmail -to look for hosts in the Domain Name System first. -If the requested host name is not found, -it tries local files, -and if that fails it tries NIS. -Similarly, -when looking for aliases -it will try the local files first -followed by NIS. -.pp -Service switches are not completely integrated. -For example, despite the fact that the host entry listed in the above example -specifies to look in NIS, -on SunOS this won't happen because the system implementation of -.i gethostbyname \|(3) -doesn't understand this. -If there is enough demand -.i sendmail -may reimplement -.i gethostbyname \|(3), -.i gethostbyaddr \|(3), -.i getpwent \|(3), -and the other system routines that would be necessary -to make this work seamlessly. -.sh 2 "The Alias Database" -.pp -After recipient addresses are read from the SMTP connection -or command line -they are parsed by ruleset 0, -which must resolve to a -{\c -.i mailer , -.i host , -.i user } -triple. -If the flags selected by the -.i mailer -includes the -.b A -(aliasable) flag, -the -.i user -part of the triple is looked up as the key -(i.e., the left hand side) -into the alias database -If there is a match, the address is deleted from the send queue -and all addresses on the right hand side of the alias -are added in place of the alias that was found. -This is a recursive operation, -so aliases found in the right hand side of the alias -are similarly expanded. -.pp -The alias database exists in two forms. -One is a text form, -maintained in the file -.i /etc/aliases. -The aliases are of the form -.(b -name: name1, name2, ... -.)b -Only local names may be aliased; -e.g., -.(b -eric@prep.ai.MIT.EDU: eric@CS.Berkeley.EDU -.)b -will not have the desired effect -(except on prep.ai.MIT.EDU, -and they probably don't want me)\**. -.(f -\**Actually, any mailer that has the `A' mailer flag set -will permit aliasing; -this is normally limited to the local mailer. -.)f -Aliases may be continued by starting any continuation lines -with a space or a tab. -Blank lines and lines beginning with a sharp sign -(\c -.q # ) -are comments. -.pp -The second form is processed by the -.i ndbm \|(3)\** -.(f -\**The -.i gdbm -package probably works as well. -.)f -or -.i db \|(3) -library. -This form is in the files -.i /etc/aliases.dir -and -.i /etc/aliases.pag. -This is the form that -.i sendmail -actually uses to resolve aliases. -This technique is used to improve performance. -.pp -The control of search order is actually set by the service switch. -Essentially, the entry -.(b -OAswitch:aliases -.)b -is always added as the first alias entry; -also, the first alias file name without a class -(e.g., without -.q nis: -on the front) -will be used as the name of the file for a ``files'' entry -in the aliases switch. -For example, if the configuration file contains -.(b -OA/etc/aliases -.)b -and the service switch contains -.(b -aliases nis files nisplus -.)b -then aliases will first be searched in the NIS database, -then in /etc/aliases, -then in the NIS+ database. -.pp -You can also use -.sm NIS -based -alias files. -For example, the specification: -.(b -OA/etc/aliases -OAnis:mail.aliases@my.nis.domain -.)b -will first search the /etc/aliases file -and then the map named -.q mail.aliases -in -.q my.nis.domain . -Warning: if you build your own -.sm NIS -based -alias files, -be sure to provide the -.b \-l -flag to -.i makedbm (8) -to map upper case letters in the keys to lower case; -otherwise, aliases with upper case letters in their names -won't match incoming addresses. -.pp -Additional flags can be added after the colon -exactly like a -.b K -line \(em for example: -.(b -OAnis:\-N mail.aliases@my.nis.domain -.)b -will search the appropriate NIS map and always include null bytes in the key. -.sh 3 "Rebuilding the alias database" -.pp -The DB or DBM version of the database -may be rebuilt explicitly by executing the command -.(b -newaliases -.)b -This is equivalent to giving -.i sendmail -the -.b \-bi -flag: -.(b -/usr/\*(SD/sendmail \-bi -.)b -.pp -If the -.b RebuildAliases -(old -.b D ) -option is specified in the configuration, -.i sendmail -will rebuild the alias database automatically -if possible -when it is out of date. -Auto-rebuild can be dangerous -on heavily loaded machines -with large alias files; -if it might take more than the rebuild timeout -(option -.b AliasWait , -old -.b a , -which is normally five minutes) -to rebuild the database, -there is a chance that several processes will start the rebuild process -simultaneously. -.pp -If you have multiple aliases databases specified, -the -.b \-bi -flag rebuilds all the database types it understands -(for example, it can rebuild NDBM databases but not NIS databases). -.sh 3 "Potential problems" -.pp -There are a number of problems that can occur -with the alias database. -They all result from a -.i sendmail -process accessing the DBM version -while it is only partially built. -This can happen under two circumstances: -One process accesses the database -while another process is rebuilding it, -or the process rebuilding the database dies -(due to being killed or a system crash) -before completing the rebuild. -.pp -Sendmail has three techniques to try to relieve these problems. -First, it ignores interrupts while rebuilding the database; -this avoids the problem of someone aborting the process -leaving a partially rebuilt database. -Second, -it locks the database source file during the rebuild \(em -but that may not work over NFS or if the file is unwritable. -Third, -at the end of the rebuild -it adds an alias of the form -.(b -@: @ -.)b -(which is not normally legal). -Before -.i sendmail -will access the database, -it checks to insure that this entry exists\**. -.(f -\**The -.b AliasWait -option is required in the configuration -for this action to occur. -This should normally be specified. -.)f -.sh 3 "List owners" -.pp -If an error occurs on sending to a certain address, -say -.q \fIx\fP , -.i sendmail -will look for an alias -of the form -.q owner-\fIx\fP -to receive the errors. -This is typically useful -for a mailing list -where the submitter of the list -has no control over the maintenance of the list itself; -in this case the list maintainer would be the owner of the list. -For example: -.(b -unix-wizards: eric@ucbarpa, wnj@monet, nosuchuser, - sam@matisse -owner-unix-wizards: unix-wizards-request -unix-wizards-request: eric@ucbarpa -.)b -would cause -.q eric@ucbarpa -to get the error that will occur -when someone sends to -unix-wizards -due to the inclusion of -.q nosuchuser -on the list. -.pp -List owners also cause the envelope sender address to be modified. -The contents of the owner alias are used if they point to a single user, -otherwise the name of the alias itself is used. -For this reason, and to obey Internet conventions, -the -.q owner- -address normally points at the -.q -request -address; this causes messages to go out with the typical Internet convention -of using ``\c -.i list -request'' -as the return address. -.sh 2 "User Information Database" -.pp -If you have a version of -.i sendmail -with the user information database -compiled in, -and you have specified one or more databases using the -.b U -option, -the databases will be searched for a -.i user :maildrop -entry. -If found, the mail will be sent to the specified address. -.sh 2 "Per-User Forwarding (.forward Files)" -.pp -As an alternative to the alias database, -any user may put a file with the name -.q .forward -in his or her home directory. -If this file exists, -.i sendmail -redirects mail for that user -to the list of addresses listed in the .forward file. -For example, if the home directory for user -.q mckusick -has a .forward file with contents: -.(b -mckusick@ernie -kirk@calder -.)b -then any mail arriving for -.q mckusick -will be redirected to the specified accounts. -.pp -Actually, the configuration file defines a sequence of filenames to check. -By default, this is the user's .forward file, -but can be defined to be more generally using the -.b J -option. -If you change this, -you will have to inform your user base of the change; -\&.forward is pretty well incorporated into the collective subconscious. -.sh 2 "Special Header Lines" -.pp -Several header lines have special interpretations -defined by the configuration file. -Others have interpretations built into -.i sendmail -that cannot be changed without changing the code. -These builtins are described here. -.sh 3 "Errors-To:" -.pp -If errors occur anywhere during processing, -this header will cause error messages to go to -the listed addresses. -This is intended for mailing lists. -.pp -The Errors-To: header was created in the bad old days -when UUCP didn't understand the distinction between an envelope and a header; -this was a hack to provide what should now be passed -as the envelope sender address. -It should go away. -It is only used if the -.b UseErrorsTo -option is set. -.pp -The Errors-To: header is official deprecated -and will go away in a future release. -.sh 3 "Apparently-To:" -.pp -RFC 822 requires at least one recipient field -(To:, Cc:, or Bcc: line) -in every message. -If a message comes in with no recipients listed in the message -then -.i sendmail -will adjust the header based on the -.q NoRecipientAction -option. -One of the possible actions is to add an -.q "Apparently-To:" -header line for any recipients it is aware of. -This is not put in as a standard recipient line -to warn any recipients that the list is not complete. -.pp -The Apparently-To: header is non-standard -and is deprecated. -.sh 3 "Precedence" -.pp -The Precedence: header can be used as a crude control of message priority. -It tweaks the sort order in the queue -and can be configured to change the message timeout values. -.sh 2 "IDENT Protocol Support" -.pp -.i Sendmail -supports the IDENT protocol as defined in RFC 1413. -Although this enhances identification -of the author of an email message -by doing a ``call back'' to the originating system to include -the owner of a particular TCP connection -in the audit trail -it is in no sense perfect; -a determined forger can easily spoof the IDENT protocol. -The following description is excerpted from RFC 1413: -.ba +5 -.lp -6. Security Considerations -.lp -The information returned by this protocol is at most as trustworthy -as the host providing it OR the organization operating the host. For -example, a PC in an open lab has few if any controls on it to prevent -a user from having this protocol return any identifier the user -wants. Likewise, if the host has been compromised the information -returned may be completely erroneous and misleading. -.lp -The Identification Protocol is not intended as an authorization or -access control protocol. At best, it provides some additional -auditing information with respect to TCP connections. At worst, it -can provide misleading, incorrect, or maliciously incorrect -information. -.lp -The use of the information returned by this protocol for other than -auditing is strongly discouraged. Specifically, using Identification -Protocol information to make access control decisions - either as the -primary method (i.e., no other checks) or as an adjunct to other -methods may result in a weakening of normal host security. -.lp -An Identification server may reveal information about users, -entities, objects or processes which might normally be considered -private. An Identification server provides service which is a rough -analog of the CallerID services provided by some phone companies and -many of the same privacy considerations and arguments that apply to -the CallerID service apply to Identification. If you wouldn't run a -"finger" server due to privacy considerations you may not want to run -this protocol. -.ba -.lp -In some cases your system may not work properly with IDENT support -due to a bug in the TCP/IP implementation. -The symptoms will be that for some hosts -the SMTP connection will be closed -almost immediately. -If this is true or if you do not want to use IDENT, -you should set the IDENT timeout to zero; -this will disable the IDENT protocol. -.sh 1 "ARGUMENTS" -.pp -The complete list of arguments to -.i sendmail -is described in detail in Appendix A. -Some important arguments are described here. -.sh 2 "Queue Interval" -.pp -The amount of time between forking a process -to run through the queue -is defined by the -.b \-q -flag. -If you run with delivery mode set to -.b i -or -.b b -this can be relatively large, -since it will only be relevant -when a host that was down comes back up. -If you run in -.b q -mode -it should be relatively short, -since it defines the maximum amount of time that a message -may sit in the queue. -(See also the MinQueueAge option.) -.pp -RFC 1123 section 5.3.1.1 says that this value should be at least 30 minutes -(although that probably doesn't make sense if you use ``queue-only'' mode). -.sh 2 "Daemon Mode" -.pp -If you allow incoming mail over an IPC connection, -you should have a daemon running. -This should be set by your -.i /etc/rc -file using the -.b \-bd -flag. -The -.b \-bd -flag and the -.b \-q -flag may be combined in one call: -.(b -/usr/\*(SD/sendmail \-bd \-q30m -.)b -.pp -An alternative approach is to invoke sendmail from -.i inetd (8) -(use the -.b \-bs -flag to ask sendmail to speak SMTP on its standard input and output). -This works and allows you to wrap -.i sendmail -in a TCP wrapper program, -but may be a bit slower since the configuration file -has to be re-read on every message that comes in. -If you do this, you still need to have a -.i sendmail -running to flush the queue: -.(b -/usr/\*(SD/sendmail \-q30m -.)b -.sh 2 "Forcing the Queue" -.pp -In some cases you may find that the queue has gotten clogged for some reason. -You can force a queue run -using the -.b \-q -flag (with no value). -It is entertaining to use the -.b \-v -flag (verbose) -when this is done to watch what happens: -.(b -/usr/\*(SD/sendmail \-q \-v -.)b -.pp -You can also limit the jobs to those with a particular queue identifier, -sender, or recipient -using one of the queue modifiers. -For example, -.q \-qRberkeley -restricts the queue run to jobs that have the string -.q berkeley -somewhere in one of the recipient addresses. -Similarly, -.q \-qSstring -limits the run to particular senders and -.q \-qIstring -limits it to particular queue identifiers. -.sh 2 "Debugging" -.pp -There are a fairly large number of debug flags -built into -.i sendmail . -Each debug flag has a number and a level, -where higher levels means to print out more information. -The convention is that levels greater than nine are -.q absurd, -i.e., -they print out so much information that you wouldn't normally -want to see them except for debugging that particular piece of code. -Debug flags are set using the -.b \-d -option; -the syntax is: -.(b -.ta \w'debug-option 'u -debug-flag: \fB\-d\fP debug-list -debug-list: debug-option [ , debug-option ]* -debug-option: debug-range [ . debug-level ] -debug-range: integer | integer \- integer -debug-level: integer -.)b -where spaces are for reading ease only. -For example, -.(b -\-d12 Set flag 12 to level 1 -\-d12.3 Set flag 12 to level 3 -\-d3\-17 Set flags 3 through 17 to level 1 -\-d3\-17.4 Set flags 3 through 17 to level 4 -.)b -For a complete list of the available debug flags -you will have to look at the code -(they are too dynamic to keep this documentation up to date). -.sh 2 "Changing the Values of Options" -.pp -Options can be overridden using the -.b \-o -or -.b \-O -command line flags. -For example, -.(b -/usr/\*(SD/sendmail \-oT2m -.)b -sets the -.b T -(timeout) option to two minutes -for this run only; -the equivalent line using the long option name is -.(b -/usr/\*(SD/sendmail -OTimeout.queuereturn=2m -.)b -.pp -Some options have security implications. -Sendmail allows you to set these, -but relinquishes its setuid root permissions thereafter\**. -.(f -\**That is, it sets its effective uid to the real uid; -thus, if you are executing as root, -as from root's crontab file or during system startup -the root permissions will still be honored. -.)f -.sh 2 "Trying a Different Configuration File" -.pp -An alternative configuration file -can be specified using the -.b \-C -flag; for example, -.(b -/usr/\*(SD/sendmail \-Ctest.cf \-oQ/tmp/mqueue -.)b -uses the configuration file -.i test.cf -instead of the default -.i /etc/sendmail.cf. -If the -.b \-C -flag has no value -it defaults to -.i sendmail.cf -in the current directory. -.pp -.i Sendmail -gives up its setuid root permissions -when you use this flag, so it is common to use a publicly writable directory -(such as /tmp) -as the spool directory (QueueDirectory or Q option) while testing. -.sh 2 "Logging Traffic" -.pp -Many SMTP implementations do not fully implement the protocol. -For example, some personal computer based SMTPs -do not understand continuation lines in reply codes. -These can be very hard to trace. -If you suspect such a problem, you can set traffic logging using the -.b \-X -flag. -For example, -.(b -/usr/\*(SD/sendmail \-X /tmp/traffic \-bd -.)b -will log all traffic in the file -.i /tmp/traffic . -.pp -This logs a lot of data very quickly and should -.b NEVER -be used -during normal operations. -After starting up such a daemon, -force the errant implementation to send a message to your host. -All message traffic in and out of -.i sendmail , -including the incoming SMTP traffic, -will be logged in this file. -.sh 2 "Testing Configuration Files" -.pp -When you build a configuration table, -you can do a certain amount of testing -using the -.q "test mode" -of -.i sendmail . -For example, -you could invoke -.i sendmail -as: -.(b -sendmail \-bt \-Ctest.cf -.)b -which would read the configuration file -.q test.cf -and enter test mode. -In this mode, -you enter lines of the form: -.(b -rwset address -.)b -where -.i rwset -is the rewriting set you want to use -and -.i address -is an address to apply the set to. -Test mode shows you the steps it takes -as it proceeds, -finally showing you the address it ends up with. -You may use a comma separated list of rwsets -for sequential application of rules to an input. -For example: -.(b -3,1,21,4 monet:bollard -.)b -first applies ruleset three to the input -.q monet:bollard. -Ruleset one is then applied to the output of ruleset three, -followed similarly by rulesets twenty-one and four. -.pp -If you need more detail, -you can also use the -.q \-d21 -flag to turn on more debugging. -For example, -.(b -sendmail \-bt \-d21.99 -.)b -turns on an incredible amount of information; -a single word address -is probably going to print out several pages worth of information. -.pp -You should be warned that internally, -.i sendmail -applies ruleset 3 to all addresses. -In test mode -you will have to do that manually. -For example, older versions allowed you to use -.(b -0 bruce@broadcast.sony.com -.)b -This version requires that you use: -.(b -3,0 bruce@broadcast.sony.com -.)b -.pp -As of version 8.7, -some other syntaxes are available in test mode: -.bu -\&.D\|x\|value -defines macro -.i x -to have the indicated -.i value . -This is useful when debugging rules that use the -.b $& \c -.i x -syntax. -.bu -\&.C\|c\|value -adds the indicated -.i value -to class -.i c . -.bu -\&.S\|ruleset -dumps the contents of the indicated ruleset. -.bu -\-d\|debug-spec -is equivalent to the command-line flag. -.sh 2 "Persistent Host Status Information" -.pp -When -.b HostStatusDirectory -is enabled, -information about the status of hosts is maintained on disk -and can thus be shared between different instantiations of -.i sendmail . -The status of the last connection with each remote host -may be viewed with the command: -.(b -sendmail \-bh -.)b -This information may be flushed with the command: -.(b -sendmail \-bH -.)b -Flushing the information prevents new -.i sendmail -processes from loading it, -but does not prevent existing processes from using the status information -that they already have. -.sh 1 "TUNING" -.pp -There are a number of configuration parameters -you may want to change, -depending on the requirements of your site. -Most of these are set -using an option in the configuration file. -For example, -the line -.q "O Timeout.queuereturn=5d" -sets option -.q Timeout.queuereturn -to the value -.q 5d -(five days). -.pp -Most of these options have appropriate defaults for most sites. -However, -sites having very high mail loads may find they need to tune them -as appropriate for their mail load. -In particular, -sites experiencing a large number of small messages, -many of which are delivered to many recipients, -may find that they need to adjust the parameters -dealing with queue priorities. -.pp -All versions of -.i sendmail -prior to 8.7 -had single character option names. -As of 8.7, -options have long (multi-character names). -Although old short names are still accepted, -most new options do not have short equivalents. -.pp -This section only describes the options you are most likely -to want to tweak; -read section -.\"XREF -5 -for more details. -.sh 2 "Timeouts" -.pp -All time intervals are set -using a scaled syntax. -For example, -.q 10m -represents ten minutes, whereas -.q 2h30m -represents two and a half hours. -The full set of scales is: -.(b -.ta 4n -s seconds -m minutes -h hours -d days -w weeks -.)b -.sh 3 "Queue interval" -.pp -The argument to the -.b \-q -flag -specifies how often a sub-daemon will run the queue. -This is typically set to between fifteen minutes -and one hour. -RFC 1123 section 5.3.1.1 recommends that this be at least 30 minutes. -.sh 3 "Read timeouts" -.pp -Timeouts all have option names -.q Timeout.\fIsuboption\fP . -The recognized -.i suboption s, -their default values, and the minimum values -allowed by RFC 1123 section 5.3.2 are: -.nr ii 1i -.ip connect -The time to wait for an SMTP connection to open -(the -.i connect (2) -system call) -[0, unspecified]. -If zero, uses the kernel default. -In no case can this option extend the timeout -longer than the kernel provides, but it can shorten it. -This is to get around kernels that provide an absurdly long connection timeout -(90 minutes in one case). -.ip iconnect -The same as -.i connect, -except it applies only to the initial attempt to connect to a host -for a given message -[0, unspecified]. -The concept is that this should be very short (a few seconds); -hosts that are well connected and responsive will thus be serviced immediately. -Hosts that are slow will not hold up other deliveries in the initial -delivery attempt. -.ip initial -The wait for the initial 220 greeting message -[5m, 5m]. -.ip helo -The wait for a reply from a HELO or EHLO command -[5m, unspecified]. -This may require a host name lookup, so -five minutes is probably a reasonable minimum. -.ip mail\(dg -The wait for a reply from a MAIL command -[10m, 5m]. -.ip rcpt\(dg -The wait for a reply from a RCPT command -[1h, 5m]. -This should be long -because it could be pointing at a list -that takes a long time to expand -(see below). -.ip datainit\(dg -The wait for a reply from a DATA command -[5m, 2m]. -.ip datablock\(dg -The wait for reading a data block -(that is, the body of the message). -[1h, 3m]. -This should be long because it also applies to programs -piping input to -.i sendmail -which have no guarantee of promptness. -.ip datafinal\(dg -The wait for a reply from the dot terminating a message. -[1h, 10m]. -If this is shorter than the time actually needed -for the receiver to deliver the message, -duplicates will be generated. -This is discussed in RFC 1047. -.ip rset -The wait for a reply from a RSET command -[5m, unspecified]. -.ip quit -The wait for a reply from a QUIT command -[2m, unspecified]. -.ip misc -The wait for a reply from miscellaneous (but short) commands -such as NOOP (no-operation) and VERB (go into verbose mode). -[2m, unspecified]. -.ip command\(dg -In server SMTP, -the time to wait for another command. -[1h, 5m]. -.ip ident -The timeout waiting for a reply to an IDENT query -[30s\**, unspecified]. -.(f -\**On some systems the default is zero to turn the protocol off entirely. -.)f -.lp -For compatibility with old configuration files, -if no -.i suboption -is specified, -all the timeouts marked with \(dg are set to the indicated value. -.pp -Many of the RFC 1123 minimum values -may well be too short. -.i Sendmail -was designed to the RFC 822 protocols, -which did not specify read timeouts; -hence, versions of -.i sendmail -prior to version 8.1 did not guarantee to reply to messages promptly. -In particular, a -.q RCPT -command specifying a mailing list -will expand and verify the entire list; -a large list on a slow system -may easily take more than five minutes\**. -.(f -\**This verification includes looking up every address -with the name server; -this involves network delays, -and can in some cases can be considerable. -.)f -I recommend a one hour timeout \*- -since a communications failure during the RCPT phase is rare, -a long timeout is not onerous -and may ultimately help reduce network load -and duplicated messages. -.pp -For example, the lines: -.(b -O Timeout.command=25m -O Timeout.datablock=3h -.)b -sets the server SMTP command timeout to 25 minutes -and the input data block timeout to three hours. -.sh 3 "Message timeouts" -.pp -After sitting in the queue for a few days, -a message will time out. -This is to insure that at least the sender is aware -of the inability to send a message. -The timeout is typically set to five days. -It is sometimes considered convenient to also send a warning message -if the message is in the queue longer than a few hours -(assuming you normally have good connectivity; -if your messages normally took several hours to send -you wouldn't want to do this because it wouldn't be an unusual event). -These timeouts are set using the -.b Timeout.queuereturn -and -.b Timeout.queuewarn -options in the configuration file -(previously both were set using the -.b T -option). -.pp -Since these options are global, -and since you can not know -.i "a priori" -how long another host outside your domain will be down, -a five day timeout is recommended. -This allows a recipient to fix the problem even if it occurs -at the beginning of a long weekend. -RFC 1123 section 5.3.1.1 says that this parameter -should be ``at least 4\-5 days''. -.pp -The -.b Timeout.queuewarn -value can be piggybacked on the -.b T -option by indicating a time after which -a warning message should be sent; -the two timeouts are separated by a slash. -For example, the line -.(b -OT5d/4h -.)b -causes email to fail after five days, -but a warning message will be sent after four hours. -This should be large enough that the message will have been tried -several times. -.sh 2 "Forking During Queue Runs" -.pp -By setting the -.b ForkEachJob -(\c -.b Y ) -option, -.i sendmail -will fork before each individual message -while running the queue. -This will prevent -.i sendmail -from consuming large amounts of memory, -so it may be useful in memory-poor environments. -However, if the -.b ForkEachJob -option is not set, -.i sendmail -will keep track of hosts that are down during a queue run, -which can improve performance dramatically. -.pp -If the -.b ForkEachJob -option is set, -.i sendmail -can not use connection caching. -.sh 2 "Queue Priorities" -.pp -Every message is assigned a priority when it is first instantiated, -consisting of the message size (in bytes) -offset by the message class -(which is determined from the Precedence: header) -times the -.q "work class factor" -and the number of recipients times the -.q "work recipient factor." -The priority is used to order the queue. -Higher numbers for the priority mean that the message will be processed later -when running the queue. -.pp -The message size is included so that large messages are penalized -relative to small messages. -The message class allows users to send -.q "high priority" -messages by including a -.q Precedence: -field in their message; -the value of this field is looked up in the -.b P -lines of the configuration file. -Since the number of recipients affects the amount of load a message presents -to the system, -this is also included into the priority. -.pp -The recipient and class factors -can be set in the configuration file using the -.b RecipientFactor -(\c -.b y ) -and -.b ClassFactor -(\c -.b z ) -options respectively. -They default to 30000 (for the recipient factor) -and 1800 -(for the class factor). -The initial priority is: -.EQ -pri = msgsize - (class times bold ClassFactor) + (nrcpt times bold RecipientFactor) -.EN -(Remember, higher values for this parameter actually mean -that the job will be treated with lower priority.) -.pp -The priority of a job can also be adjusted each time it is processed -(that is, each time an attempt is made to deliver it) -using the -.q "work time factor," -set by the -.b RetryFactor -(\c -.b Z ) -option. -This is added to the priority, -so it normally decreases the precedence of the job, -on the grounds that jobs that have failed many times -will tend to fail again in the future. -The -.b RetryFactor -option defaults to 90000. -.sh 2 "Load Limiting" -.pp -.i Sendmail -can be asked to queue (but not deliver) -mail if the system load average gets too high -using the -.b QueueLA -(\c -.b x ) -option. -When the load average exceeds the value of the -.b QueueLA -option, -the delivery mode is set to -.b q -(queue only) -if the -.b QueueFactor -(\c -.b q ) -option divided by the difference in the current load average and the -.b QueueLA -option -plus one -exceeds the priority of the message \(em -that is, the message is queued iff: -.EQ -pri > { bold QueueFactor } over { LA - { bold QueueLA } + 1 } -.EN -The -.b QueueFactor -option defaults to 600000, -so each point of load average is worth 600000 -priority points -(as described above). -.pp -For drastic cases, -the -.b RefuseLA -(\c -.b X ) -option defines a load average at which -.i sendmail -will refuse -to accept network connections. -Locally generated mail -(including incoming UUCP mail) -is still accepted. -.sh 2 "Delivery Mode" -.pp -There are a number of delivery modes that -.i sendmail -can operate in, -set by the -.b DeliveryMode -(\c -.b d ) -configuration option. -These modes -specify how quickly mail will be delivered. -Legal modes are: -.(b -.ta 4n -i deliver interactively (synchronously) -b deliver in background (asynchronously) -q queue only (don't deliver) -d defer delvery attempts (don't deliver) -.)b -There are tradeoffs. -Mode -.q i -gives the sender the quickest feedback, -but may slow down some mailers and -is hardly ever necessary. -Mode -.q b -delivers promptly but -can cause large numbers of processes -if you have a mailer that takes a long time to deliver a message. -Mode -.q q -minimizes the load on your machine, -but means that delivery may be delayed for up to the queue interval. -Mode -.q d -is identical to mode -.q q -except that it also prevents all the early map lookups from working; -it is intended for ``dial on demand'' sites where DNS lookups -might cost real money. -Some simple error messages -(e.g., host unknown during the SMTP protocol) -will be delayed using this mode. -Mode -.q b -is the usual default. -.pp -If you run in mode -.q q -(queue only), -.q d -(defer), -or -.q b -(deliver in background) -.i sendmail -will not expand aliases and follow .forward files -upon initial receipt of the mail. -This speeds up the response to RCPT commands. -Mode -.q i -cannot be used by the SMTP server. -.sh 2 "Log Level" -.pp -The level of logging can be set for -.i sendmail . -The default using a standard configuration table is level 9. -The levels are as follows: -.nr ii 0.5i -.ip 0 -No logging. -.ip 1 -Serious system failures and potential security problems. -.ip 2 -Lost communications (network problems) and protocol failures. -.ip 3 -Other serious failures. -.ip 4 -Minor failures. -.ip 5 -Message collection statistics. -.ip 6 -Creation of error messages, -VRFY and EXPN commands. -.ip 7 -Delivery failures (host or user unknown, etc.). -.ip 8 -Successful deliveries and alias database rebuilds. -.ip 9 -Messages being deferred -(due to a host being down, etc.). -.ip 10 -Database expansion (alias, forward, and userdb lookups). -.ip 12 -Log all incoming and outgoing SMTP commands. -.ip 20 -Logs attempts to run locked queue files. -These are not errors, -but can be useful to note if your queue appears to be clogged. -.ip 30 -Lost locks (only if using lockf instead of flock). -.lp -Additionally, -values above 64 are reserved for extremely verbose debugging output. -No normal site would ever set these. -.sh 2 "File Modes" -.pp -The modes used for files depend on what functionality you want -and the level of security you require. -.sh 3 "To suid or not to suid?" -.pp -.i Sendmail -can safely be made -setuid to root. -At the point where it is about to -.i exec \|(2) -a mailer, -it checks to see if the userid is zero; -if so, -it resets the userid and groupid to a default -(set by the -.b u -and -.b g -options). -(This can be overridden -by setting the -.b S -flag to the mailer -for mailers that are trusted -and must be called as root.) -However, -this will cause mail processing -to be accounted -(using -.i sa \|(8)) -to root -rather than to the user sending the mail. -.pp -If you don't make -.i sendmail -setuid to root, it will still run but you lose a lot of functionality -and a lot of privacy, since you'll have to make the queue directory -world readable. -You could also make -.i sendmail -setuid to some pseudo-user -(e.g., create a user called -.q sendmail -and make -.i sendmail -setuid to that) -which will fix the privacy problems -but not the functionality issues. -Also, this isn't a guarantee of security: -for example, -root occasionally sends mail, -and the daemon often runs as root. -.sh 3 "Should my alias database be writable?" -.pp -At Berkeley -we have the alias database -(/etc/aliases*) -mode 644. -While this is not as flexible as if the database -were more 666, it avoids potential security problems -with a globally writable database. -.pp -The database that -.i sendmail -actually used -is represented by the two files -.i aliases.dir -and -.i aliases.pag -(both in /etc) -(or -.i aliases.db -if you are running with the new Berkeley database primitives). -The mode on these files should match the mode -on /etc/aliases. -If -.i aliases -is writable -and the -DBM -files -(\c -.i aliases.dir -and -.i aliases.pag ) -are not, -users will be unable to reflect their desired changes -through to the actual database. -However, -if -.i aliases -is read-only -and the DBM files are writable, -a slightly sophisticated user -can arrange to steal mail anyway. -.pp -If your DBM files are not writable by the world -or you do not have auto-rebuild enabled -(with the -.b AutoRebuildAliases -option), -then you must be careful to reconstruct the alias database -each time you change the text version: -.(b -newaliases -.)b -If this step is ignored or forgotten -any intended changes will also be ignored or forgotten. -.sh 2 "Connection Caching" -.pp -When processing the queue, -.i sendmail -will try to keep the last few open connections open -to avoid startup and shutdown costs. -This only applies to IPC connections. -.pp -When trying to open a connection -the cache is first searched. -If an open connection is found, it is probed to see if it is still active -by sending a -.sm RSET -command. -It is not an error if this fails; -instead, the connection is closed and reopened. -.pp -Two parameters control the connection cache. -The -.b ConnectionCacheSize -(\c -.b k ) -option defines the number of simultaneous open connections -that will be permitted. -If it is set to zero, -connections will be closed as quickly as possible. -The default is one. -This should be set as appropriate for your system size; -it will limit the amount of system resources that -.i sendmail -will use during queue runs. -Never set this higher than 4. -.pp -The -.b ConnectionCacheTimeout -(\c -.b K ) -option specifies the maximum time that any cached connection -will be permitted to idle. -When the idle time exceeds this value -the connection is closed. -This number should be small -(under ten minutes) -to prevent you from grabbing too many resources -from other hosts. -The default is five minutes. -.sh 2 "Name Server Access" -.pp -Control of host address lookups is set by the -.b hosts -service entry in your service switch file. -If you are on a system that has built-in service switch support -(e.g., Ultrix, Solaris, or DEC OSF/1) -then your system is probably configured properly already. -Otherwise, -.i sendmail -will consult the file -.b /etc/service.switch , -which should be created. -.i Sendmail -only uses two entries: -.b hosts -and -.b aliases . -.pp -However, some systems (such as SunOS) -will do DNS lookups -regardless of the setting of the service switch entry. -In particular, the system routine -.i gethostbyname (3) -is used to look up host names, -and many vendor versions try some combination of DNS, NIS, -and file lookup in /etc/hosts -without consulting a service switch. -.i Sendmail -makes no attempt to work around this problem, -and the DNS lookup will be done anyway. -If you do not have a nameserver configured at all, -such as at a UUCP-only site, -.i sendmail -will get a -.q "connection refused" -message when it tries to connect to the name server. -If the -.b hosts -switch entry has the service -.q dns -listed somewhere in the list, -.i sendmail -will interpret this to mean a temporary failure -and will queue the mail for later processing; -otherwise, it ignores the name server data. -.pp -The same technique is used to decide whether to do MX lookups. -If you want MX support, you -.i must -have -.q dns -listed as a service in the -.b hosts -switch entry. -.pp -The -.b ResolverOptions -(\c -.b I ) -option allows you to tweak name server options. -The command line takes a series of flags as documented in -.i resolver (3) -(with the leading -.q RES_ -deleted). -Each can be preceded by an optional `+' or `\(mi'. -For example, the line -.(b -O ResolverOptions=+AAONLY \(miDNSRCH -.)b -turns on the AAONLY (accept authoritative answers only) -and turns off the DNSRCH (search the domain path) options. -Most resolver libraries default DNSRCH, DEFNAMES, and RECURSE -flags on and all others off. -You can also include -.q HasWildcardMX -to specify that there is a wildcard MX record matching your domain; -this turns off MX matching when canonifying names, -which can lead to inappropriate canonifications. -.pp -Version level 1 configurations -turn DNSRCH and DEFNAMES off when doing delivery lookups, -but leave them on everywhere else. -Version 8 of -.i sendmail -ignores them when doing canonification lookups -(that is, when using $[ ... $]), -and always does the search. -If you don't want to do automatic name extension, -don't call $[ ... $]. -.pp -The search rules for $[ ... $] are somewhat different than usual. -If the name being looked up -has at least one dot, it always tries the unmodified name first. -If that fails, it tries the reduced search path, -and lastly tries the unmodified name -(but only for names without a dot, -since names with a dot have already been tried). -This allows names such as -``utc.CS'' -to match the site in Czechoslovakia -rather than the site in your local Computer Science department. -It also prefers A and CNAME records over MX records \*- -that is, if it finds an MX record it makes note of it, -but keeps looking. -This way, if you have a wildcard MX record matching your domain, -it will not assume that all names match. -.pp -To completely turn off all name server access -on systems without service switch support -(such as SunOS) -you will have to recompile with -\-DNAMED_BIND=0 -and remove \-lresolv from the list of libraries to be searched -when linking. -.sh 2 "Moving the Per-User Forward Files" -.pp -Some sites mount each user's home directory -from a local disk on their workstation, -so that local access is fast. -However, the result is that .forward file lookups are slow. -In some cases, -mail can even be delivered on machines inappropriately -because of a file server being down. -The performance can be especially bad if you run the automounter. -.pp -The -.b ForwardPath -(\c -.b J ) -option allows you to set a path of forward files. -For example, the config file line -.(b -O ForwardPath=/var/forward/$u:$z/.forward.$w -.)b -would first look for a file with the same name as the user's login -in /var/forward; -if that is not found (or is inaccessible) -the file -``.forward.\c -.i machinename '' -in the user's home directory is searched. -A truly perverse site could also search by sender -by using $r, $s, or $f. -.pp -If you create a directory such as /var/forward, -it should be mode 1777 -(that is, the sticky bit should be set). -Users should create the files mode 644. -.sh 2 "Free Space" -.pp -On systems that have one of the system calls in the -.i statfs (2) -family -(including -.i statvfs -and -.i ustat ), -you can specify a minimum number of free blocks on the queue filesystem -using the -.b MinFreeBlocks -(\c -.b b ) -option. -If there are fewer than the indicated number of blocks free -on the filesystem on which the queue is mounted -the SMTP server will reject mail -with the -452 error code. -This invites the SMTP client to try again later. -.pp -Beware of setting this option too high; -it can cause rejection of email -when that mail would be processed without difficulty. -.sh 2 "Maximum Message Size" -.pp -To avoid overflowing your system with a large message, -the -.b MaxMessageSize -option can be set to set an absolute limit -on the size of any one message. -This will be advertised in the ESMTP dialogue -and checked during message collection. -.sh 2 "Privacy Flags" -.pp -The -.b PrivacyOptions -(\c -.b p ) -option allows you to set certain -``privacy'' -flags. -Actually, many of them don't give you any extra privacy, -rather just insisting that client SMTP servers -use the HELO command -before using certain commands -or adding extra headers to indicate possible spoof attempts. -.pp -The option takes a series of flag names; -the final privacy is the inclusive or of those flags. -For example: -.(b -O PrivacyOptions=needmailhelo, noexpn -.)b -insists that the HELO or EHLO command be used before a MAIL command is accepted -and disables the EXPN command. -.pp -The flags are detailed in section -.\"XREF -5.6. -.sh 2 "Send to Me Too" -.pp -Normally, -.i sendmail -deletes the (envelope) sender from any list expansions. -For example, if -.q matt -sends to a list that contains -.q matt -as one of the members he won't get a copy of the message. -If the -.b \-m -(me too) -command line flag, or if the -.b MeToo -(\c -.b m ) -option is set in the configuration file, -this behaviour is suppressed. -Some sites like to run the -.sm SMTP -daemon with -.b \-m . -.sh 1 "THE WHOLE SCOOP ON THE CONFIGURATION FILE" -.pp -This section describes the configuration file -in detail. -.pp -There is one point that should be made clear immediately: -the syntax of the configuration file -is designed to be reasonably easy to parse, -since this is done every time -.i sendmail -starts up, -rather than easy for a human to read or write. -On the -.q "future project" -list is a -configuration-file compiler. -.pp -The configuration file is organized as a series of lines, -each of which begins with a single character -defining the semantics for the rest of the line. -Lines beginning with a space or a tab -are continuation lines -(although the semantics are not well defined in many places). -Blank lines and lines beginning with a sharp symbol -(`#') -are comments. -.sh 2 "R and S \*- Rewriting Rules" -.pp -The core of address parsing -are the rewriting rules. -These are an ordered production system. -.i Sendmail -scans through the set of rewriting rules -looking for a match on the left hand side -(LHS) -of the rule. -When a rule matches, -the address is replaced by the right hand side -(RHS) -of the rule. -.pp -There are several sets of rewriting rules. -Some of the rewriting sets are used internally -and must have specific semantics. -Other rewriting sets -do not have specifically assigned semantics, -and may be referenced by the mailer definitions -or by other rewriting sets. -.pp -The syntax of these two commands are: -.(b F -.b S \c -.i n -.)b -Sets the current ruleset being collected to -.i n . -If you begin a ruleset more than once -it appends to the old definition. -.(b F -.b R \c -.i lhs -.i rhs -.i comments -.)b -The -fields must be separated -by at least one tab character; -there may be embedded spaces -in the fields. -The -.i lhs -is a pattern that is applied to the input. -If it matches, -the input is rewritten to the -.i rhs . -The -.i comments -are ignored. -.pp -Macro expansions of the form -.b $ \c -.i x -are performed when the configuration file is read. -Expansions of the form -.b $& \c -.i x -are performed at run time using a somewhat less general algorithm. -This for is intended only for referencing internally defined macros -such as -.b $h -that are changed at runtime. -.sh 3 "The left hand side" -.pp -The left hand side of rewriting rules contains a pattern. -Normal words are simply matched directly. -Metasyntax is introduced using a dollar sign. -The metasymbols are: -.(b -.ta \w'\fB$=\fP\fIx\fP 'u -\fB$*\fP Match zero or more tokens -\fB$+\fP Match one or more tokens -\fB$\-\fP Match exactly one token -\fB$=\fP\fIx\fP Match any phrase in class \fIx\fP -\fB$~\fP\fIx\fP Match any word not in class \fIx\fP -.)b -If any of these match, -they are assigned to the symbol -.b $ \c -.i n -for replacement on the right hand side, -where -.i n -is the index in the LHS. -For example, -if the LHS: -.(b -$\-:$+ -.)b -is applied to the input: -.(b -UCBARPA:eric -.)b -the rule will match, and the values passed to the RHS will be: -.(b -.ta 4n -$1 UCBARPA -$2 eric -.)b -.pp -Additionally, the LHS can include -.b $@ -to match zero tokens. -This is -.i not -bound to a -.b $ \c -.i n -on the RHS, and is normally only used when it stands alone -in order to match the null input. -.sh 3 "The right hand side" -.pp -When the left hand side of a rewriting rule matches, -the input is deleted and replaced by the right hand side. -Tokens are copied directly from the RHS -unless they begin with a dollar sign. -Metasymbols are: -.(b -.ta \w'$#mailer\0\0\0'u -\fB$\fP\fIn\fP Substitute indefinite token \fIn\fP from LHS -\fB$[\fP\fIname\fP\fB$]\fP Canonicalize \fIname\fP -\fB$(\fP\fImap key\fP \fB$@\fP\fIarguments\fP \fB$:\fP\fIdefault\fP \fB$)\fP - Generalized keyed mapping function -\fB$>\fP\fIn\fP \*(lqCall\*(rq ruleset \fIn\fP -\fB$#\fP\fImailer\fP Resolve to \fImailer\fP -\fB$@\fP\fIhost\fP Specify \fIhost\fP -\fB$:\fP\fIuser\fP Specify \fIuser\fP -.)b -.pp -The -.b $ \c -.i n -syntax substitutes the corresponding value from a -.b $+ , -.b $\- , -.b $* , -.b $= , -or -.b $~ -match on the LHS. -It may be used anywhere. -.pp -A host name enclosed between -.b $[ -and -.b $] -is looked up in the host database(s) -and replaced by the canonical name\**. -.(f -\**This is actually -completely equivalent -to $(host \fIhostname\fP$). -In particular, a -.b $: -default can be used. -.)f -For example, -.q $[ftp$] -might become -.q ftp.CS.Berkeley.EDU -and -.q $[[128.32.130.2]$] -would become -.q vangogh.CS.Berkeley.EDU. -.i Sendmail -recognizes it's numeric IP address -without calling the name server -and replaces it with it's canonical name. -.pp -The -.b $( -\&... -.b $) -syntax is a more general form of lookup; -it uses a named map instead of an implicit map. -If no lookup is found, the indicated -.i default -is inserted; -if no default is specified and no lookup matches, -the value is left unchanged. -The -.i arguments -are passed to the map for possible use. -.pp -The -.b $> \c -.i n -syntax -causes the remainder of the line to be substituted as usual -and then passed as the argument to ruleset -.i n . -The final value of ruleset -.i n -then becomes -the substitution for this rule. -The -.b $> -syntax can only be used at the beginning of the right hand side; -it can be only be preceded by -.b $@ -or -.b $: . -.pp -The -.b $# -syntax should -.i only -be used in ruleset zero -or a subroutine of ruleset zero. -It causes evaluation of the ruleset to terminate immediately, -and signals to -.i sendmail -that the address has completely resolved. -The complete syntax is: -.(b -\fB$#\fP\fImailer\fP \fB$@\fP\fIhost\fP \fB$:\fP\fIuser\fP -.)b -This specifies the -{mailer, host, user} -3-tuple necessary to direct the mailer. -If the mailer is local -the host part may be omitted\**. -.(f -\**You may want to use it for special -.q "per user" -extensions. -For example, in the address -.q jgm+foo@CMU.EDU ; -the -.q +foo -part is not part of the user name, -and is passed to the local mailer for local use. -.)f -The -.i mailer -must be a single word, -but the -.i host -and -.i user -may be multi-part. -If the -.i mailer -is the builtin IPC mailer, -the -.i host -may be a colon-separated list of hosts -that are searched in order for the first working address -(exactly like MX records). -The -.i user -is later rewritten by the mailer-specific envelope rewriting set -and assigned to the -.b $u -macro. -As a special case, if the mailer specified has the -.b F=@ -flag specified -and the first character of the -.b $: -value is -.q @ , -the -.q @ -is stripped off, and a flag is set in the address descriptor -that causes sendmail to not do ruleset 5 processing. -.pp -Normally, a rule that matches is retried, -that is, -the rule loops until it fails. -A RHS may also be preceded by a -.b $@ -or a -.b $: -to change this behavior. -A -.b $@ -prefix causes the ruleset to return with the remainder of the RHS -as the value. -A -.b $: -prefix causes the rule to terminate immediately, -but the ruleset to continue; -this can be used to avoid continued application of a rule. -The prefix is stripped before continuing. -.pp -The -.b $@ -and -.b $: -prefixes may precede a -.b $> -spec; -for example: -.(b -.ta 8n -R$+ $: $>7 $1 -.)b -matches anything, -passes that to ruleset seven, -and continues; -the -.b $: -is necessary to avoid an infinite loop. -.pp -Substitution occurs in the order described, -that is, -parameters from the LHS are substituted, -hostnames are canonicalized, -.q subroutines -are called, -and finally -.b $# , -.b $@ , -and -.b $: -are processed. -.sh 3 "Semantics of rewriting rule sets" -.pp -There are five rewriting sets -that have specific semantics. -Four of these are related as depicted by figure 1. -.(z -.hl -.ie n \{\ -.(c - +---+ - -->| 0 |-->resolved address - / +---+ - / +---+ +---+ - / ---->| 1 |-->| S |-- - +---+ / +---+ / +---+ +---+ \e +---+ -addr-->| 3 |-->| D |-- --->| 4 |-->msg - +---+ +---+ \e +---+ +---+ / +---+ - --->| 2 |-->| R |-- - +---+ +---+ -.)c - -.\} -.el .ie !"\*(.T"" \ -\{\ -.PS -boxwid = 0.3i -boxht = 0.3i -movewid = 0.3i -moveht = 0.3i -linewid = 0.3i -lineht = 0.3i - - box invis "addr"; arrow -Box3: box "3" -A1: arrow -BoxD: box "D"; line; L1: Here -C: [ - C1: arrow; box "1"; arrow; box "S"; line; E1: Here - move to C1 down 0.5; right - C2: arrow; box "2"; arrow; box "R"; line; E2: Here - ] with .w at L1 + (0.5, 0) - move to C.e right 0.5 -L4: arrow; box "4"; arrow; box invis "msg" - line from L1 to C.C1 - line from L1 to C.C2 - line from C.E1 to L4 - line from C.E2 to L4 - move to BoxD.n up 0.6; right -Box0: arrow; box "0" - arrow; box invis "resolved address" width 1.3 - line from 1/3 of the way between A1 and BoxD.w to Box0 -.PE -.\} -.el .sp 2i -.ce -Figure 1 \*- Rewriting set semantics -.(c -D \*- sender domain addition -S \*- mailer-specific sender rewriting -R \*- mailer-specific recipient rewriting -.)c -.hl -.)z -.pp -Ruleset three -should turn the address into -.q "canonical form." -This form should have the basic syntax: -.(b -local-part@host-domain-spec -.)b -Ruleset three -is applied by -.i sendmail -before doing anything with any address. -.pp -If no -.q @ -sign is specified, -then the -host-domain-spec -.i may -be appended (box -.q D -in Figure 1) -from the -sender address -(if the -.b C -flag is set in the mailer definition -corresponding to the -.i sending -mailer). -.pp -Ruleset zero -is applied after ruleset three -to addresses that are going to actually specify recipients. -It must resolve to a -.i "{mailer, host, user}" -triple. -The -.i mailer -must be defined in the mailer definitions -from the configuration file. -The -.i host -is defined into the -.b $h -macro -for use in the argv expansion of the specified mailer. -.pp -Rulesets one and two -are applied to all sender and recipient addresses respectively. -They are applied before any specification -in the mailer definition. -They must never resolve. -.pp -Ruleset four is applied to all addresses -in the message. -It is typically used -to translate internal to external form. -.pp -In addition, -ruleset 5 is applied to all local addresses -(specifically, those that resolve to a mailer with the `F=5' -flag set) -that do not have aliases. -This allows a last minute hook for local names. -.sh 3 "Ruleset hooks" -.pp -A few extra rulesets are defined as -.q hooks -that can be defined to get special features. -They are all named rulesets. -The -.q check_* -forms all give accept/reject status; -falling off the end or returning normally is an accept, -and resolving to $#error -is a reject. -.sh 4 "check_relay" -.pp -The -.i check_relay -ruleset is called after a connection is accepted. -It is passed -.(b -client.host.name $| client.host.address -.)b -where -.b $| -is a metacharacter separating the two parts. -This ruleset can reject connections from various locations. -.sh 4 "check_mail" -.pp -The -.i check_mail -ruleset is passed the user name parameter of the -.sm "SMTP MAIL" -command. -It can accept or reject the address. -.sh 4 "check_rcpt" -.pp -The -.i check_rcpt -ruleset is passed the user name parameter of the -.sm "SMTP RCPT" -command. -It can accept or reject the address. -.sh 4 "check_compat" -.pp -The -.i check_compat -ruleset is passed -.(b -sender-address $| recipient-address -.)b -where -.b $| -is a metacharacter separating the addresses. -It can accept or reject mail transfer between these two addresses -much like the -.i checkcompat() -function. -.sh 3 "IPC mailers" -.pp -Some special processing occurs -if the ruleset zero resolves to an IPC mailer -(that is, a mailer that has -.q [IPC] -listed as the Path in the -.b M -configuration line. -The host name passed after -.q $@ -has MX expansion performed; -this looks the name up in DNS to find alternate delivery sites. -.pp -The host name can also be provided as a dotted quad in square brackets; -for example: -.(b -[128.32.149.78] -.)b -This causes direct conversion of the numeric value -to a TCP/IP host address. -.pp -The host name passed in after the -.q $@ -may also be a colon-separated list of hosts. -Each is separately MX expanded and the results are concatenated -to make (essentially) one long MX list. -The intent here is to create -.q fake -MX records that are not published in DNS -for private internal networks. -.pp -As a final special case, the host name can be passed in -as a text string -in square brackets: -.(b -[ucbvax.berkeley.edu] -.)b -This form avoids the MX mapping. -.b N.B.: -.i -This is intended only for situations where you have a network firewall -or other host that will do special processing for all your mail, -so that your MX record points to a gateway machine; -this machine could then do direct delivery to machines -within your local domain. -Use of this feature directly violates RFC 1123 section 5.3.5: -it should not be used lightly. -.r -.sh 2 "D \*- Define Macro" -.pp -Macros are named with a single character -or with a word in {braces}. -Single character names may be selected from the entire ASCII set, -but user-defined macros -should be selected from the set of upper case letters only. -Lower case letters -and special symbols -are used internally. -Long names beginning with a lower case letter or a punctuation character -are reserved for use by sendmail, -so user-defined long macro names should begin with an upper case letter. -.pp -The syntax for macro definitions is: -.(b F -.b D \c -.i x\|val -.)b -where -.i x -is the name of the macro -(which may be a single character -or a word in braces) -and -.i val -is the value it should have. -There should be no spaces given -that do not actually belong in the macro value. -.pp -Macros are interpolated -using the construct -.b $ \c -.i x , -where -.i x -is the name of the macro to be interpolated. -This interpolation is done when the configuration file is read, -except in -.b M -lines. -The special construct -.b $& \c -.i x -can be used in -.b R -lines to get deferred interpolation. -.pp -Conditionals can be specified using the syntax: -.(b -$?x text1 $| text2 $. -.)b -This interpolates -.i text1 -if the macro -.b $x -is set, -and -.i text2 -otherwise. -The -.q else -(\c -.b $| ) -clause may be omitted. -.pp -Lower case macro names are reserved to have -special semantics, -used to pass information in or out of -.i sendmail , -and special characters are reserved to -provide conditionals, etc. -Upper case names -(that is, -.b $A -through -.b $Z ) -are specifically reserved for configuration file authors. -.pp -The following macros are defined and/or used internally by -.i sendmail -for interpolation into argv's for mailers -or for other contexts. -The ones marked \(dg are information passed into sendmail\**, -.(f -\**As of version 8.6, -all of these macros have reasonable defaults. -Previous versions required that they be defined. -.)f -the ones marked \(dd are information passed both in and out of sendmail, -and the unmarked macros are passed out of sendmail -but are not otherwise used internally. -These macros are: -.nr ii 5n -.ip $a -The origination date in RFC 822 format. -This is extracted from the Date: line. -.ip $b -The current date in RFC 822 format. -.ip $c -The hop count. -This is a count of the number of Received: lines -plus the value of the -.b \-h -command line flag. -.ip $d -The current date in UNIX (ctime) format. -.ip $e\(dg -(Obsolete; use SmtpGreetingMessage option instead.) -The SMTP entry message. -This is printed out when SMTP starts up. -The first word must be the -.b $j -macro as specified by RFC821. -Defaults to -.q "$j Sendmail $v ready at $b" . -Commonly redefined to include the configuration version number, e.g., -.q "$j Sendmail $v/$Z ready at $b" -.ip $f -The envelope sender (from) address. -.ip $g -The sender address relative to the recipient. -For example, if -.b $f -is -.q foo , -.b $g -will be -.q host!foo , -.q foo@host.domain , -or whatever is appropriate for the receiving mailer. -.ip $h -The recipient host. -This is set in ruleset 0 from the $# field of a parsed address. -.ip $i -The queue id, -e.g., -.q HAA12345 . -.ip $j\(dd -The \*(lqofficial\*(rq domain name for this site. -This is fully qualified if the full qualification can be found. -It -.i must -be redefined to be the fully qualified domain name -if your system is not configured so that information can find -it automatically. -.ip $k -The UUCP node name (from the uname system call). -.ip $l\(dg -(Obsolete; use UnixFromLine option instead.) -The format of the UNIX from line. -Unless you have changed the UNIX mailbox format, -you should not change the default, -which is -.q "From $g $d" . -.ip $m -The domain part of the \fIgethostname\fP return value. -Under normal circumstances, -.b $j -is equivalent to -.b $w.$m . -.ip $n\(dg -The name of the daemon (for error messages). -Defaults to -.q MAILER-DAEMON . -.ip $o\(dg -(Obsolete: use OperatorChars option instead.) -The set of \*(lqoperators\*(rq in addresses. -A list of characters -which will be considered tokens -and which will separate tokens -when doing parsing. -For example, if -.q @ -were in the -.b $o -macro, then the input -.q a@b -would be scanned as three tokens: -.q a, -.q @, -and -.q b. -Defaults to -.q ".:@[]" , -which is the minimum set necessary to do RFC 822 parsing; -a richer set of operators is -.q ".:%@!/[]" , -which adds support for UUCP, the %-hack, and X.400 addresses. -.ip $p -Sendmail's process id. -.ip $q\(dg -Default format of sender address. -The -.b $q -macro specifies how an address should appear in a message -when it is defaulted. -Defaults to -.q "<$g>" . -It is commonly redefined to be -.q "$?x$x <$g>$|$g$." -or -.q "$g$?x ($x)$." , -corresponding to the following two formats: -.(b -Eric Allman <eric@CS.Berkeley.EDU> -eric@CS.Berkeley.EDU (Eric Allman) -.)b -.i Sendmail -properly quotes names that have special characters -if the first form is used. -.ip $r -Protocol used to receive the message. -Set from the -.b \-p -command line flag or by the SMTP server code. -.ip $s -Sender's host name. -Set from the -.b \-p -command line flag or by the SMTP server code. -.ip $t -A numeric representation of the current time. -.ip $u -The recipient user. -.ip $v -The version number of the -.i sendmail -binary. -.ip $w\(dd -The hostname of this site. -This is the root name of this host (but see below for caveats). -.ip $x -The full name of the sender. -.ip $z -The home directory of the recipient. -.ip $_ -The validated sender address. -.ip ${bodytype} -The message body type -(7BIT or 8BITMIME), -as determined from the envelope. -.ip ${client_addr} -The IP address of the SMTP client. -Defined in the SMTP server only. -.ip ${client_name} -The host name of the SMTP client. -Defined in the SMTP server only. -.ip ${client_port} -The port number of the SMTP client. -Defined in the SMTP server only. -.ip ${envid} -The envelope id passed to sendmail as part of the envelope. -.ip ${opMode} -The current operation mode (from the -.b \-b -flag). -.pp -There are three types of dates that can be used. -The -.b $a -and -.b $b -macros are in RFC 822 format; -.b $a -is the time as extracted from the -.q Date: -line of the message -(if there was one), -and -.b $b -is the current date and time -(used for postmarks). -If no -.q Date: -line is found in the incoming message, -.b $a -is set to the current time also. -The -.b $d -macro is equivalent to the -.b $b -macro in UNIX -(ctime) -format. -.pp -The macros -.b $w , -.b $j , -and -.b $m -are set to the identity of this host. -.i Sendmail -tries to find the fully qualified name of the host -if at all possible; -it does this by calling -.i gethostname (2) -to get the current hostname -and then passing that to -.i gethostbyname (3) -which is supposed to return the canonical version of that host name.\** -.(f -\**For example, on some systems -.i gethostname -might return -.q foo -which would be mapped to -.q foo.bar.com -by -.i gethostbyname . -.)f -Assuming this is successful, -.b $j -is set to the fully qualified name -and -.b $m -is set to the domain part of the name -(everything after the first dot). -The -.b $w -macro is set to the first word -(everything before the first dot) -if you have a level 5 or higher configuration file; -otherwise, it is set to the same value as -.b $j . -If the canonification is not successful, -it is imperative that the config file set -.b $j -to the fully qualified domain name\**. -.(f -\**Older versions of sendmail didn't pre-define -.b $j -at all, so up until 8.6, -config files -.i always -had to define -.b $j . -.)f -.pp -The -.b $f -macro is the id of the sender -as originally determined; -when mailing to a specific host -the -.b $g -macro is set to the address of the sender -.ul -relative to the recipient. -For example, -if I send to -.q bollard@matisse.CS.Berkeley.EDU -from the machine -.q vangogh.CS.Berkeley.EDU -the -.b $f -macro will be -.q eric -and the -.b $g -macro will be -.q eric@vangogh.CS.Berkeley.EDU. -.pp -The -.b $x -macro is set to the full name of the sender. -This can be determined in several ways. -It can be passed as flag to -.i sendmail . -It can be defined in the -.sm NAME -environment variable. -The third choice is the value of the -.q Full-Name: -line in the header if it exists, -and the fourth choice is the comment field -of a -.q From: -line. -If all of these fail, -and if the message is being originated locally, -the full name is looked up in the -.i /etc/passwd -file. -.pp -When sending, -the -.b $h , -.b $u , -and -.b $z -macros get set to the host, user, and home directory -(if local) -of the recipient. -The first two are set from the -.b $@ -and -.b $: -part of the rewriting rules, respectively. -.pp -The -.b $p -and -.b $t -macros are used to create unique strings -(e.g., for the -.q Message-Id: -field). -The -.b $i -macro is set to the queue id on this host; -if put into the timestamp line -it can be extremely useful for tracking messages. -The -.b $v -macro is set to be the version number of -.i sendmail ; -this is normally put in timestamps -and has been proven extremely useful for debugging. -.pp -The -.b $c -field is set to the -.q "hop count," -i.e., the number of times this message has been processed. -This can be determined -by the -.b \-h -flag on the command line -or by counting the timestamps in the message. -.pp -The -.b $r -and -.b $s -fields are set to the protocol used to communicate with -.i sendmail -and the sending hostname. -They can be set together using the -.b \-p -command line flag or separately using the -.b \-M -or -.b \-oM -flags. -.pp -The -.b $_ -is set to a validated sender host name. -If the sender is running an RFC 1413 compliant IDENT server -and the receiver has the IDENT protocol turned on, -it will include the user name on that host. -.pp -The -.b ${client_name} , -.b ${client_addr} , -and -.b ${client_port} -macros -are set to the name, address, and port number of the SMTP client -who is invoking -.i sendmail -as a server. -These can be used in the -.i check_* -rulesets (using the -.b $& -deferred evaluation form, of course!). -.sh 2 "C and F \*- Define Classes" -.pp -Classes of phrases may be defined -to match on the left hand side of rewriting rules, -where a -.q phrase -is a sequence of characters that do not contain space characters. -For example -a class of all local names for this site -might be created -so that attempts to send to oneself -can be eliminated. -These can either be defined directly in the configuration file -or read in from another file. -Classes are named as a single letter or a word in {braces}. -Class names beginning with lower case letters -and special characters are reserved for system use. -Classes defined in config files may be given names -from the set of upper case letters for short names -or beginning with an upper case letter for long names. -.pp -The syntax is: -.(b F -.b C \c -.i c\|phrase1 -.i phrase2... -.br -.b F \c -.i c\|file -.)b -The first form defines the class -.i c -to match any of the named words. -It is permissible to split them among multiple lines; -for example, the two forms: -.(b -CHmonet ucbmonet -.)b -and -.(b -CHmonet -CHucbmonet -.)b -are equivalent. -The ``F'' form -reads the elements of the class -.i c -from the named -.i file . -.pp -Elements of classes can be accessed in rules using -.b $= -or -.b $~ . -The -.b $~ -(match entries not in class) -only matches a single word; -multi-word entries in the class are ignored in this context. -.pp -Some classes have internal meaning to -.i sendmail : -.nr ii 0.5i -.\".ip $=b -.\"A set of Content-Types that will not have the newline character -.\"translated to CR-LF before encoding into base64 MIME. -.\"The class can have major times -.\"(e.g., -.\".q image ) -.\"or full types -.\"(such as -.\".q application/octet-stream ). -.\"The class is initialized with -.\".q application/octet-stream , -.\".q image , -.\".q audio , -.\"and -.\".q video . -.ip $=e -contains the Content-Transfer-Encodings that can be 8\(->7 bit encoded. -It is predefined to contain -.q 7bit , -.q 8bit , -and -.q binary . -.ip $=k -set to be the same as -.b $k , -that is, the UUCP node name. -.ip $=m -set to the set of domains by which this host is known, -initially just -.b $m . -.ip $=n -can be set to the set of MIME body types -that can never be eight to seven bit encoded. -It defaults to -.q multipart/signed . -Message types -.q message/* -and -.q multipart/* -are never encoded directly. -Multipart messages are always handled recursively. -The handling of message/* messages -are controlled by class -.b $=s . -.ip $=q -A set of Content-Types that will never be encoded as base64 -(if they have to be encoded, they will be encoded as quoted-printable). -It can have primary types -(e.g., -.q text ) -or full types -(such as -.q text/plain ). -The class is initialized to have -.q text/plain -only. -.ip $=s -contains the set of subtypes of message that can be treated recursively. -By default it contains only -.q rfc822 . -Other -.q message/* -types cannot be 8\(->7 bit encoded. -If a message containing eight bit data is sent to a seven bit host, -and that message cannot be encoded into seven bits, -it will be stripped to 7 bits. -.ip $=t -set to the set of trusted users by the -.b T -configuration line. -If you want to read trusted users from a file use -.b Ft \c -.i /file/name . -.ip $=w -set to be the set of all names -this host is known by. -This can be used to match local hostnames. -.pp -.i Sendmail -can be compiled to allow a -.i scanf (3) -string on the -.b F -line. -This lets you do simplistic parsing of text files. -For example, to read all the user names in your system -.i /etc/passwd -file into a class, use -.(b -FL/etc/passwd %[^:] -.)b -which reads every line up to the first colon. -.sh 2 "M \*- Define Mailer" -.pp -Programs and interfaces to mailers -are defined in this line. -The format is: -.(b F -.b M \c -.i name , -{\c -.i field =\c -.i value \|}* -.)b -where -.i name -is the name of the mailer -(used internally only) -and the -.q field=name -pairs define attributes of the mailer. -Fields are: -.(b -.ta 1i -Path The pathname of the mailer -Flags Special flags for this mailer -Sender Rewriting set(s) for sender addresses -Recipient Rewriting set(s) for recipient addresses -Argv An argument vector to pass to this mailer -Eol The end-of-line string for this mailer -Maxsize The maximum message length to this mailer -Linelimit The maximum line length in the message body -Directory The working directory for the mailer -Userid The default user and group id to run as -Nice The nice(2) increment for the mailer -Charset The default character set for 8-bit characters -Type The MTS type information (used for error messages) -.)b -Only the first character of the field name is checked. -.pp -The following flags may be set in the mailer description. -Any other flags may be used freely -to conditionally assign headers to messages -destined for particular mailers. -Flags marked with \(dg -are not interpreted by the -.i sendmail -binary; -these are the conventionally used to correlate to the flags portion -of the -.b H -line. -Flags marked with \(dd -apply to the mailers for the sender address -rather than the usual recipient mailers. -.nr ii 4n -.ip a -Run Extended SMTP (ESMTP) protocol (defined in RFCs 1651, 1652, and 1653). -This flag defaults on if the SMTP greeting message includes the word -.q ESMTP . -.ip A -Look up the user part of the address in the alias database. -Normally this is only set for local mailers. -.ip b -Force a blank line on the end of a message. -This is intended to work around some stupid versions of -/bin/mail -that require a blank line, but do not provide it themselves. -It would not normally be used on network mail. -.ip c -Do not include comments in addresses. -This should only be used if you have to work around -a remote mailer that gets confused by comments. -This strips addresses of the form -.q "Phrase <address>" -or -.q "address (Comment)" -down to just -.q address . -.ip C\(dd -If mail is -.i received -from a mailer with this flag set, -any addresses in the header that do not have an at sign -(\c -.q @ ) -after being rewritten by ruleset three -will have the -.q @domain -clause from the sender envelope address -tacked on. -This allows mail with headers of the form: -.(b -From: usera@hosta -To: userb@hostb, userc -.)b -to be rewritten as: -.(b -From: usera@hosta -To: userb@hostb, userc@hosta -.)b -automatically. -However, it doesn't really work reliably. -.ip d -Do not include angle brackets around route-address syntax addresses. -This is useful on mailers that are going to pass addresses to a shell -that might interpret angle brackets as I/O redirection. -.ip D\(dg -This mailer wants a -.q Date: -header line. -.ip e -This mailer is expensive to connect to, -so try to avoid connecting normally; -any necessary connection will occur during a queue run. -.ip E -Escape lines beginning with -.q From -in the message with a `>' sign. -.ip f -The mailer wants a -.b \-f -.i from -flag, -but only if this is a network forward operation -(i.e., -the mailer will give an error -if the executing user -does not have special permissions). -.ip F\(dg -This mailer wants a -.q From: -header line. -.ip g -Normally, -.i sendmail -sends internally generated email (e.g., error messages) -using the null return address -as required by RFC 1123. -However, some mailers don't accept a null return address. -If necessary, -you can set the -.b g -flag to prevent -.i sendmail -from obeying the standards; -error messages will be sent as from the MAILER-DAEMON -(actually, the value of the -.b $n -macro). -.ip h -Upper case should be preserved in host names -for this mailer. -.ip i -Do User Database rewriting on envelope sender address. -.ip I -This mailer will be speaking SMTP -to another -.i sendmail -\*- -as such it can use special protocol features. -This option is not required -(i.e., -if this option is omitted the transmission will still operate successfully, -although perhaps not as efficiently as possible). -.ip j -Do User Database rewriting on recipients as well as senders. -.ip k -Normally when -.i sendmail -connects to a host via SMTP, -it checks to make sure that this isn't accidently the same host name -as might happen if -.i sendmail -is misconfigured or if a long-haul network interface is set in loopback mode. -This flag disables the loopback check. -It should only be used under very unusual circumstances. -.ip K -Currently unimplemented. -Reserved for chunking. -.ip l -This mailer is local -(i.e., -final delivery will be performed). -.ip L -Limit the line lengths as specified in RFC821. -This deprecated option should be replaced by the -.b L= -mail declaration. -For historic reasons, the -.b L -flag also sets the -.b 7 -flag. -.ip m -This mailer can send to multiple users -on the same host -in one transaction. -When a -.b $u -macro occurs in the -.i argv -part of the mailer definition, -that field will be repeated as necessary -for all qualifying users. -.ip M\(dg -This mailer wants a -.q Message-Id: -header line. -.ip n -Do not insert a UNIX-style -.q From -line on the front of the message. -.ip o -Always run as the owner of the recipient mailbox. -Normally -.i sendmail -runs as the sender for locally generated mail -or as -.q daemon -(actually, the user specified in the -.b u -option) -when delivering network mail. -The normal behaviour is required by most local mailers, -which will not allow the envelope sender address -to be set unless the mailer is running as daemon. -This flag is ignored if the -.b S -flag is set. -.ip p -Use the route-addr style reverse-path in the SMTP -.q "MAIL FROM:" -command -rather than just the return address; -although this is required in RFC821 section 3.1, -many hosts do not process reverse-paths properly. -Reverse-paths are officially discouraged by RFC 1123. -.ip P\(dg -This mailer wants a -.q Return-Path: -line. -.ip q -When an address that resolves to this mailer is verified -(SMTP VRFY command), -generate 250 responses instead of 252 responses. -This will imply that the address is local. -.ip r -Same as -.b f , -but sends a -.b \-r -flag. -.ip R -Open SMTP connections from a -.q secure -port. -Secure ports aren't -(secure, that is) -except on UNIX machines, -so it is unclear that this adds anything. -.ip s -Strip quote characters (" and \e) off of the address -before calling the mailer. -.ip S -Don't reset the userid -before calling the mailer. -This would be used in a secure environment -where -.i sendmail -ran as root. -This could be used to avoid forged addresses. -If the -.b U= -field is also specified, -this flag causes the user id to always be set to that user and group -(instead of leaving it as root). -.ip u -Upper case should be preserved in user names -for this mailer. -.ip U -This mailer wants UUCP-style -.q From -lines with the ugly -.q "remote from <host>" -on the end. -.ip w -The user must have a valid account on this machine, -i.e., -getpwnam -must succeed. -If not, -the mail is bounced. -This is required to get -.q \&.forward -capability. -.ip x\(dg -This mailer wants a -.q Full-Name: -header line. -.ip X -This mailer want to use the hidden dot algorithm -as specified in RFC821; -basically, -any line beginning with a dot -will have an extra dot prepended -(to be stripped at the other end). -This insures that lines in the message containing a dot -will not terminate the message prematurely. -.ip 0 -Don't look up MX records for hosts sent via SMTP. -.ip 3 -Extend the list of characters converted to =XX notation -when converting to Quoted-Printable -to include those that don't map cleanly between ASCII and EBCDIC. -Useful if you have IBM mainframes on site. -.ip 5 -If no aliases are found for this address, -pass the address through ruleset 5 for possible alternate resolution. -This is intended to forward the mail to an alternate delivery spot. -.ip 7 -Strip all output to seven bits. -This is the default if the -.b L -flag is set. -Note that clearing this option is not -sufficient to get full eight bit data passed through -.i sendmail . -If the -.b 7 -option is set, this is essentially always set, -since the eighth bit was stripped on input. -Note that this option will only impact messages -that didn't have 8\(->7 bit MIME conversions performed. -.ip 8 -If set, -it is acceptable to send eight bit data to this mailer; -the usual attempt to do 8\(->7 bit MIME conversions will be bypassed. -.ip 9 -If set, -do -.i limited -7\(->8 bit MIME conversions. -These conversions are limited to text/plain data. -.ip : -Check addresses to see if they begin -.q :include: ; -if they do, convert them to the -.q *include* -mailer. -.ip | -Check addresses to see if they begin with a `|'; -if they do, convert them to the -.q prog -mailer. -.ip / -Check addresses to see if they begin with a `/'; -if they do, convert them to the -.q *file* -mailer. -.ip @ -Look up addresses in the user database. -.pp -Configuration files prior to level 6 -assume the `A', `w', `5', `:', `|', `/', and `@' options -on the mailer named -.q local . -.pp -The mailer with the special name -.q error -can be used to generate a user error. -The (optional) host field is an exit status to be returned, -and the user field is a message to be printed. -The exit status may be numeric or one of the values -USAGE, NOUSER, NOHOST, UNAVAILABLE, SOFTWARE, TEMPFAIL, PROTOCOL, or CONFIG -to return the corresponding EX_ exit code, -or an enhanced error code as described in RFC 1893, -.ul -Enhanced Mail System Status Codes. -For example, the entry: -.(b -$#error $@ NOHOST $: Host unknown in this domain -.)b -on the RHS of a rule -will cause the specified error to be generated -and the -.q "Host unknown" -exit status to be returned -if the LHS matches. -This mailer is only functional in rulesets 0, 5, -or one of the check_* rulesets. -.pp -The mailer named -.q local -.i must -be defined in every configuration file. -This is used to deliver local mail, -and is treated specially in several ways. -Additionally, three other mailers named -.q prog , -.q *file* , -and -.q *include* -may be defined to tune the delivery of messages to programs, -files, -and :include: lists respectively. -They default to: -.(b -Mprog, P=/bin/sh, F=lsD, A=sh \-c $u -M*file*, P=/dev/null, F=lsDFMPEu, A=FILE -M*include*, P=/dev/null, F=su, A=INCLUDE -.)b -.pp -The Sender and Recipient rewriting sets -may either be a simple ruleset id -or may be two ids separated by a slash; -if so, the first rewriting set is applied to envelope -addresses -and the second is applied to headers. -.pp -The Directory -is actually a colon-separated path of directories to try. -For example, the definition -.q D=$z:/ -first tries to execute in the recipient's home directory; -if that is not available, -it tries to execute in the root of the filesystem. -This is intended to be used only on the -.q prog -mailer, -since some shells (such as -.i csh ) -refuse to execute if they cannot read the home directory. -Since the queue directory is not normally readable by unprivileged users -.i csh -scripts as recipients can fail. -.pp -The Userid -specifies the default user and group id to run as, -overriding the -.b DefaultUser -option (q.v.). -If the -.b S -mailer flag is also specified, -this is the user and group to run as in all circumstances. -This may be given as -.i user:group -to set both the user and group id; -either may be an integer or a symbolic name to be looked up -in the -.i passwd -and -.i group -files respectively. -If only a symbolic user name is specified, -the group id in the -.i passwd -file for that user is used as the group id. -.pp -The Charset field -is used when converting a message to MIME; -this is the character set used in the -Content-Type: header. -If this is not set, the -.b DefaultCharset -option is used, -and if that is not set, the value -.q unknown-8bit -is used. -.b WARNING: -this field applies to the sender's mailer, -not the recipient's mailer. -For example, if the envelope sender address -lists an address on the local network -and the recipient is on an external network, -the character set will be set from the Charset= field -for the local network mailer, -not that of the external network mailer. -.pp -The Type= field -sets the type information -used in MIME error messages -as defined by -RFC 1894. -It is actually three values separated by slashes: -the MTA-type (that is, the description of how hosts are named), -the address type (the description of e-mail addresses), -and the diagnostic type (the description of error diagnostic codes). -Each of these must be a registered value -or begin with -.q X\- . -The default is -.q dns/rfc822/smtp . -.sh 2 "H \*- Define Header" -.pp -The format of the header lines that -.i sendmail -inserts into the message -are defined by the -.b H -line. -The syntax of this line is: -.(b F -.b H [\c -.b ? \c -.i mflags \c -.b ? ]\c -.i hname \c -.b : -.i htemplate -.)b -Continuation lines in this spec -are reflected directly into the outgoing message. -The -.i htemplate -is macro expanded before insertion into the message. -If the -.i mflags -(surrounded by question marks) -are specified, -at least one of the specified flags -must be stated in the mailer definition -for this header to be automatically output. -If one of these headers is in the input -it is reflected to the output -regardless of these flags. -.pp -Some headers have special semantics -that will be described later. -.sh 2 "O \*- Set Option" -.pp -There are a number of -global -options that -can be set from a configuration file. -Options are represented by full words; -some are also representable as single characters -for back compatibility. -The syntax of this line is: -.(b F -.b O \0 -.i option \c -.b = \c -.i value -.)b -This sets option -.i option -to be -.i value . -Note that there -.i must -be a space between the letter `O' and the name of the option. -An older version is: -.(b F -.b O \c -.i o\|value -.)b -where the option -.i o -is a single character. -Depending on the option, -.i value -may be a string, an integer, -a boolean -(with legal values -.q t , -.q T , -.q f , -or -.q F ; -the default is TRUE), -or -a time interval. -.pp -The options supported (with the old, one character names in brackets) are: -.nr ii 1i -.ip "AliasFile=\fIspec, spec, ...\fP" -[A] -Specify possible alias file(s). -Each -.i spec -should be in the format -``\c -.i class \c -.b : -.i file '' -where -.i class \c -.b : -is optional and defaults to ``implicit''. -Depending on how -.i sendmail -is compiled, valid classes are -.q implicit -(search through a compiled-in list of alias file types, -for back compatibility), -.q hash -(if -.sm NEWDB -is specified), -.q dbm -(if -.sm NDBM -is specified), -.q stab -(internal symbol table \*- not normally used -unless you have no other database lookup), -or -.q nis -(if -.sm NIS -is specified). -If a list of -.i spec s -are provided, -.i sendmail -searches them in order. -.ip AliasWait=\fItimeout\fP -[a] -If set, -wait up to -.i timeout -(units default to minutes) -for an -.q @:@ -entry to exist in the alias database -before starting up. -If it does not appear in the -.i timeout -interval -rebuild the database -(if the -.b AutoRebuildAliases -option is also set) -or issue a warning. -.ip AllowBogusHELO -[no short name] -If set, allow HELO SMTP commands that don't include a host name. -Setting this violates RFC 1123 section 5.2.5, -but is necessary to interoperate with several SMTP clients. -If there is a value, it is still checked for legitimacy. -.ip AutoRebuildAliases -[D] -If set, -rebuild the alias database if necessary and possible. -If this option is not set, -.i sendmail -will never rebuild the alias database -unless explicitly requested -using -.b \-bi . -Not recommended \(em can cause thrashing. -.ip BlankSub=\fIc\fP -[B] -Set the blank substitution character to -.i c . -Unquoted spaces in addresses are replaced by this character. -Defaults to space (i.e., no change is made). -.ip CheckAliases -[n] -Validate the RHS of aliases when rebuilding the alias database. -.ip CheckpointInterval=\fIN\fP -[C] -Checkpoints the queue every -.i N -(default 10) -addresses sent. -If your system crashes during delivery to a large list, -this prevents retransmission to any but the last -.I N -recipients. -.ip ClassFactor=\fIfact\fP -[z] -The indicated -.i fact or -is multiplied by the message class -(determined by the Precedence: field in the user header -and the -.b P -lines in the configuration file) -and subtracted from the priority. -Thus, messages with a higher Priority: will be favored. -Defaults to 1800. -.ip ColonOkInAddr -[no short name] -If set, colons are acceptable in e-mail addresses -(e.g., -.q host:user ). -If not set, colons indicate the beginning of a RFC 822 group construct -(\c -.q "groupname: member1, member2, ... memberN;" ). -Doubled colons are always acceptable -(\c -.q nodename::user ) -and proper route-addr nesting is understood -(\c -.q <@relay:user@host> ). -Furthermore, this option defaults on if the configuration version level -is less than 6 (for back compatibility). -However, it must be off for full compatibility with RFC 822. -.ip ConnectionCacheSize=\fIN\fP -[k] -The maximum number of open connections that will be cached at a time. -The default is one. -This delays closing the current connection until -either this invocation of -.i sendmail -needs to connect to another host -or it terminates. -Setting it to zero defaults to the old behavior, -that is, connections are closed immediately. -Since this consumes file descriptors, -the connection cache should be kept small: -4 is probably a practical maximum. -.ip ConnectionCacheTimeout=\fItimeout\fP -[K] -The maximum amount of time a cached connection will be permitted to idle -without activity. -If this time is exceeded, -the connection is immediately closed. -This value should be small (on the order of ten minutes). -Before -.i sendmail -uses a cached connection, -it always sends a RSET command -to check the connection; -if this fails, it reopens the connection. -This keeps your end from failing if the other end times out. -The point of this option is to be a good network neighbor -and avoid using up excessive resources -on the other end. -The default is five minutes. -.ip ConnectionRateThrottle=\fIN\fP -[no short name] -If set to a positive value, -allow no more than -.i N -incoming daemon connections in a one second period. -This is intended to flatten out peaks -and allow the load average checking to cut in. -Defaults to zero (no limits). -.ip DaemonPortOptions=\fIoptions\fP -[O] -Set server SMTP options. -The options are -.i key=value -pairs. -Known keys are: -.(b -.ta 1i -Port Name/number of listening port (defaults to "smtp") -Addr Address mask (defaults INADDR_ANY) -Family Address family (defaults to INET) -Listen Size of listen queue (defaults to 10) -SndBufSize Size of TCP send buffer -RcvBufSize Size of TCP receive buffer -.)b -The -.i Addr ess -mask may be a numeric address in dot notation -or a network name. -.ip DefaultCharSet=\fIcharset\fP -[no short name] -When a message that has 8-bit characters but is not in MIME format -is converted to MIME -(see the EightBitMode option) -a character set must be included in the Content-Type: header. -This character set is normally set from the Charset= field -of the mailer descriptor. -If that is not set, the value of this option is used. -If this option is not set, the value -.q unknown-8bit -is used. -.ip DefaultUser=\fIuser:group\fP -[u] -Set the default userid for mailers to -.i user:group . -If -.i group -is omitted and -.i user -is a user name -(as opposed to a numeric user id) -the default group listed in the /etc/passwd file for that user is used -as the default group. -Both -.i user -and -.i group -may be numeric. -Mailers without the -.i S -flag in the mailer definition -will run as this user. -Defaults to 1:1. -The value can also be given as a symbolic user name.\** -.(f -\**The old -.b g -option has been combined into the -.b DefaultUser -option. -.)f -.ip DeliveryMode=\fIx\fP -[d] -Deliver in mode -.i x . -Legal modes are: -.(b -.ta 4n -i Deliver interactively (synchronously) -b Deliver in background (asynchronously) -q Just queue the message (deliver during queue run) -d Defer delivery and all map lookups (deliver during queue run) -.)b -Defaults to ``b'' if no option is specified, -``i'' if it is specified but given no argument -(i.e., ``Od'' is equivalent to ``Odi''). -The -.b \-v -command line flag sets this to -.b i . -.ip DialDelay=\fIsleeptime\fP -[no short name] -Dial-on-demand network connections can see timeouts -if a connection is opened before the call is set up. -If this is set to an interval and a connection times out -on the first connection being attempted -.i sendmail -will sleep for this amount of time and try again. -This should give your system time to establish the connection -to your service provider. -Units default to seconds, so -.q DialDelay=5 -uses a five second delay. -Defaults to zero -(no retry). -.ip DontExpandCnames -[no short name] -The standards say that all host addresses used in a mail message -must be fully canonical. -For example, if your host is named -.q Cruft.Foo.ORG -and also has an alias of -.q FTP.Foo.ORG , -the former name must be used at all times. -This is enforced during host name canonification -($[ ... $] lookups). -If this option is set, the protocols are ignored and the -.q wrong -thing is done. -However, the IETF is moving toward changing this standard, -so the behaviour may become acceptable. -Please note that hosts downstream may still rewrite the address -to be the true canonical name however. -.ip DontInitGroups -[no short name] -If set, -.i sendmail -will avoid using the initgroups(3) call. -If you are running NIS, -this causes a sequential scan of the groups.byname map, -which can cause your NIS server to be badly overloaded in a large domain. -The cost of this is that the only group found for users -will be their primary group (the one in the password file), -which will make file access permissions somewhat more restrictive. -Has no effect on systems that don't have group lists. -.ip DontPruneRoutes -[R] -Normally, -.i sendmail -tries to eliminate any unnecessary explicit routes -when sending an error message -(as discussed in RFC 1123 \(sc 5.2.6). -For example, -when sending an error message to -.(b -<@known1,@known2,@known3:user@unknown> -.)b -.i sendmail -will strip off the -.q @known1,@known2 -in order to make the route as direct as possible. -However, if the -.b R -option is set, this will be disabled, -and the mail will be sent to the first address in the route, -even if later addresses are known. -This may be useful if you are caught behind a firewall. -.ip DoubleBounceAddress=\fIerror-address\fP -[no short name] -If an error occurs when sending an error message, -send the error report -(termed a -.q "double bounce" -because it is an error -.q bounce -that occurs when trying to send another error -.q bounce ) -to the indicated address. -If not set, defaults to -.q postmaster . -.ip EightBitMode=\fIaction\fP -[8] -Set handling of eight-bit data. -There are two kinds of eight-bit data: -that declared as such using the -.b BODY=8BITMIME -ESMTP declaration or the -.b \-B8BITMIME -command line flag, -and undeclared 8-bit data, that is, -input that just happens to be eight bits. -There are three basic operations that can happen: -undeclared 8-bit data can be automatically converted to 8BITMIME, -undeclared 8-bit data can be passed as-is without conversion to MIME -(``just send 8''), -and declared 8-bit data can be converted to 7-bits -for transmission to a non-8BITMIME mailer. -The possible -.i action s -are: -.(b -.\" r Reject undeclared 8-bit data; -.\" don't convert 8BITMIME\(->7BIT (``reject'') - s Reject undeclared 8-bit data (``strict'') -.\" do convert 8BITMIME\(->7BIT (``strict'') -.\" c Convert undeclared 8-bit data to MIME; -.\" don't convert 8BITMIME\(->7BIT (``convert'') - m Convert undeclared 8-bit data to MIME (``mime'') -.\" do convert 8BITMIME\(->7BIT (``mime'') -.\" j Pass undeclared 8-bit data; -.\" don't convert 8BITMIME\(->7BIT (``just send 8'') - p Pass undeclared 8-bit data (``pass'') -.\" do convert 8BITMIME\(->7BIT (``pass'') -.\" a Adaptive algorithm: see below -.)b -.\"The adaptive algorithm is to accept 8-bit data, -.\"converting it to 8BITMIME only if the receiver understands that, -.\"otherwise just passing it as undeclared 8-bit data; -.\"8BITMIME\(->7BIT conversions are done. -In all cases properly declared 8BITMIME data will be converted to 7BIT -as needed. -.ip ErrorHeader=\fIfile-or-message\fP -[E] -Prepend error messages with the indicated message. -If it begins with a slash, -it is assumed to be the pathname of a file -containing a message (this is the recommended setting). -Otherwise, it is a literal message. -The error file might contain the name, email address, and/or phone number -of a local postmaster who could provide assistance -in to end users. -If the option is missing or null, -or if it names a file which does not exist or which is not readable, -no message is printed. -.ip ErrorMode=\fIx\fP -[e] -Dispose of errors using mode -.i x . -The values for -.i x -are: -.(b -p Print error messages (default) -q No messages, just give exit status -m Mail back errors -w Write back errors (mail if user not logged in) -e Mail back errors and give zero exit stat always -.)b -.ip FallbackMXhost=\fIfallbackhost\fP -[V] -If specified, the -.i fallbackhost -acts like a very low priority MX -on every host. -This is intended to be used by sites with poor network connectivity. -.ip ForkEachJob -[Y] -If set, -deliver each job that is run from the queue in a separate process. -Use this option if you are short of memory, -since the default tends to consume considerable amounts of memory -while the queue is being processed. -.ip ForwardPath=\fIpath\fP -[J] -Set the path for searching for users' .forward files. -The default is -.q $z/.forward . -Some sites that use the automounter may prefer to change this to -.q /var/forward/$u -to search a file with the same name as the user in a system directory. -It can also be set to a sequence of paths separated by colons; -.i sendmail -stops at the first file it can successfully and safely open. -For example, -.q /var/forward/$u:$z/.forward -will search first in /var/forward/\c -.i username -and then in -.i ~username /.forward -(but only if the first file does not exist). -.ip HelpFile=\fIfile\fP -[H] -Specify the help file -for SMTP. -.ip HoldExpensive -[c] -If an outgoing mailer is marked as being expensive, -don't connect immediately. -This requires that queueing be compiled in, -since it will depend on a queue run process to -actually send the mail. -.ip HostsFile=\fIpath\fP -[no short name] -The path to the hosts database, -normally -.q /etc/hosts . -This option is only consulted when sendmail -is canonifying addresses, -and then only when -.q files -is in the -.q hosts -service switch entry. -In particular, this file is -.i never -used when looking up host addresses; -that is under the control of the system -.i gethostbyname (3) -routine. -.ip HostStatusDirectory=\fIpath\fP -[no short name] -The location of the long term host status information. -When set, -information about the status of hosts -(e.g., host down or not accepting connections) -will be shared between all -.i sendmail -processes; -normally, this information is only held within a single queue run. -This option requires a connection cache of at least 1 to function. -If the option begins with a leading `/', -it is an absolute pathname; -otherwise, -it is relative to the mail queue directory. -A suggested value for sites desiring persistent host status is -.q \&.hoststat -(i.e., a subdirectory of the queue directory). -.ip IgnoreDots -[i] -Ignore dots in incoming messages. -This is always disabled (that is, dots are always accepted) -when reading SMTP mail. -.ip LogLevel=\fIn\fP -[L] -Set the default log level to -.i n . -Defaults to 9. -.ip M\fIx\|value\fP -[no long version] -Set the macro -.i x -to -.i value . -This is intended only for use from the command line. -The -.b \-M -flag is preferred. -.ip MatchGECOS -[G] -Allow fuzzy matching on the GECOS field. -If this flag is set, -and the usual user name lookups fail -(that is, there is no alias with this name and a -.i getpwnam -fails), -sequentially search the password file -for a matching entry in the GECOS field. -This also requires that MATCHGECOS -be turned on during compilation. -This option is not recommended. -.ip MaxDaemonChildren=\fIN\fP -[no short name] -If set, -.i sendmail -will refuse connections when it has more than -.i N -children processing incoming mail. -This does not limit the number of outgoing connections. -If not set, there is no limit to the number of children -- -that is, the system load averaging controls this. -.ip MaxHopCount=\fIN\fP -[h] -The maximum hop count. -Messages that have been processed more than -.i N -times are assumed to be in a loop and are rejected. -Defaults to 25. -.ip MaxHostStatAge=\fIage\fP -[no short name] -Not yet implemented. -This option specifies how long host status information will be retained. -For example, if a host is found to be down, -connections to that host will not be retried for this interval. -The units default to minutes. -.ip MaxMessageSize=\fIN\fP -[no short name] -Specify the maximum message size -to be advertised in the ESMTP EHLO response. -Messages larger than this will be rejected. -.ip MaxQueueRunSize=\fIN\fP -[no short name] -The maximum number of jobs that will be processed -in a single queue run. -If not set, there is no limit on the size. -If you have very large queues or a very short queue run interval -this could be unstable. -However, since the first -.i N -jobs in queue directory order are run (rather than the -.i N -highest priority jobs) -this should be set as high as possible to avoid -.q losing -jobs that happen to fall late in the queue directory. -.ip MeToo -[m] -Send to me too, -even if I am in an alias expansion. -.ip MinFreeBlocks=\fIN\fP -[b] -Insist on at least -.i N -blocks free on the filesystem that holds the queue files -before accepting email via SMTP. -If there is insufficient space -.i sendmail -gives a 452 response -to the MAIL command. -This invites the sender to try again later. -.ip MinQueueAge=\fPage\fP -[no short name] -Don't process any queued jobs -that have been in the queue less than the indicated time interval. -This is intended to allow you to get responsiveness -by processing the queue fairly frequently -without thrashing your system by trying jobs too often. -The default units are minutes. -.ip MustQuoteChars=\fIs\fP -[no short name] -Sets the list of characters that must be quoted if used in a full name -that is in the phrase part of a ``phrase <address>'' syntax. -The default is ``\'.''. -The characters ``@,;:\e()[]'' are always added to this list. -.ip NoRecipientAction -[no short name] -The action to take when you receive a message that has no valid -recipient headers (To:, Cc:, Bcc:, or Apparently-To: \(em -the last included for back compatibility with old -.i sendmail s). -It can be -.b None -to pass the message on unmodified, -which violates the protocol, -.b Add-To -to add a To: header with any recipients it can find in the envelope -(which might expose Bcc: recipients), -.b Add-Apparently-To -to add an Apparently-To: header -(this is only for back-compatibility -and is officially deprecated), -.b Add-To-Undisclosed -to add a header -.q "To: undisclosed-recipients:;" -to make the header legal without disclosing anything, -or -.b Add-Bcc -to add an empty Bcc: header. -.ip OldStyleHeaders -[o] -Assume that the headers may be in old format, -i.e., -spaces delimit names. -This actually turns on -an adaptive algorithm: -if any recipient address contains a comma, parenthesis, -or angle bracket, -it will be assumed that commas already exist. -If this flag is not on, -only commas delimit names. -Headers are always output with commas between the names. -Defaults to off. -.ip OperatorChars=\fIcharlist\fP -[$o macro] -The list of characters that are considered to be -.q operators , -that is, characters that delimit tokens. -All operator characters are tokens by themselves; -sequences of non-operator characters are also tokens. -White space characters separate tokens -but are not tokens themselves \(em for example, -.q AAA.BBB -has three tokens, but -.q "AAA BBB" -has two. -If not set, OperatorChars defaults to -.q \&.\|:\|@\|[\|] ; -additionally, the characters -.q (\|)\|<\|>\|,\|; -are always operators. -.ip PostmasterCopy=\fIpostmaster\fP -[P] -If set, -copies of error messages will be sent to the named -.i postmaster . -Only the header of the failed message is sent. -Since most errors are user problems, -this is probably not a good idea on large sites, -and arguably contains all sorts of privacy violations, -but it seems to be popular with certain operating systems vendors. -Defaults to no postmaster copies. -.ip PrivacyOptions=\fI\|opt,opt,...\fP -[p] -Set the privacy -.i opt ions. -``Privacy'' is really a misnomer; -many of these are just a way of insisting on stricter adherence -to the SMTP protocol. -The -.i opt ions -can be selected from: -.(b -.ta \w'needvrfyhelo'u+3n -public Allow open access -needmailhelo Insist on HELO or EHLO command before MAIL -needexpnhelo Insist on HELO or EHLO command before EXPN -noexpn Disallow EXPN entirely -needvrfyhelo Insist on HELO or EHLO command before VRFY -novrfy Disallow VRFY entirely -restrictmailq Restrict mailq command -restrictqrun Restrict \-q command line flag -noreceipts Don't return success DSNs -goaway Disallow essentially all SMTP status queries -authwarnings Put X-Authentication-Warning: headers in messages -.)b -The -.q goaway -pseudo-flag sets all flags except -.q restrictmailq -and -.q restrictqrun . -If mailq is restricted, -only people in the same group as the queue directory -can print the queue. -If queue runs are restricted, -only root and the owner of the queue directory -can run the queue. -Authentication Warnings add warnings about various conditions -that may indicate attempts to spoof the mail system, -such as using an non-standard queue directory. -.ip QueueDirectory=\fIdir\fP -[Q] -Use the named -.i dir -as the queue directory. -.ip QueueFactor=\fIfactor\fP -[q] -Use -.i factor -as the multiplier in the map function -to decide when to just queue up jobs rather than run them. -This value is divided by the difference between the current load average -and the load average limit -(\c -.b QueueLA -option) -to determine the maximum message priority -that will be sent. -Defaults to 600000. -.ip QueueLA=\fILA\fP -[x] -When the system load average exceeds -.i LA , -just queue messages -(i.e., don't try to send them). -Defaults to 8. -.ip QueueSortOrder=\fIalgorithm\fP -[no short name] -Sets the -.i algorithm -used for sorting the queue. -Only the first character of the value is used. -Legal values are -.q host -(to order by the name of the first host name of the first recipient), -.q time -(to order by the submission time), -and -.q priority -(to order by message priority). -Host ordering makes better use of the connection cache, -but may tend to process low priority messages -that go to a single host -over high priority messages that go to several hosts; -it probably shouldn't be used on slow network links. -Time ordering is almost always a bad idea, -since it allows large, bulk mail to go out -before smaller, personal mail, -but may have applicability on some hosts with very fast connections. -Priority ordering is the default. -.ip QueueTimeout=\fItimeout\fP -[T] -A synonym for -.q Timeout.queuereturn . -Use that form instead of the -.q QueueTimeout -form. -.ip ResolverOptions=\fIoptions\fP -[I] -Set resolver options. -Values can be set using -.b + \c -.i flag -and cleared using -.b \- \c -.i flag ; -the -.i flag s -can be -.q debug , -.q aaonly , -.q usevc , -.q primary , -.q igntc , -.q recurse , -.q defnames , -.q stayopen , -or -.q dnsrch . -The string -.q HasWildcardMX -(without a -.b + -or -.b \- ) -can be specified to turn off matching against MX records -when doing name canonifications. -.b N.B. -Prior to 8.7, -this option indicated that the name server be responding -in order to accept addresses. -This has been replaced by checking to see -if the -.q dns -method is listed in the service switch entry for the -.q hosts -service. -.ip RunAsUser=\fIuser\fP -[no short name] -The -.i user -parameter may be a user name -(looked up in -.i /etc/passwd ) -or a numeric user id; -either form can have -.q ":group" -attached -(where group can be numeric or symbolic). -If set to a non-zero (non-root) value, -.i sendmail -will change to this user id shortly after startup\**. -.(f -\**When running as a daemon, -it changes to this user after accepting a connection -but before reading any -.sm SMTP -commands. -.)f -This avoids a certain class of security problems. -However, this means that all -.q \&.forward -and -.q :include: -files must be readable by the indicated -.i user , -and on systems that don't support the saved uid bit properly, -all files to be written must be writable by -.i user -and all programs will be executed by -.i user . -It is also incompatible with the -.b SafeFileEnvironment -option. -In other words, it may not actually add much to security on an average system, -and may in fact detract from security -(because other file permissions must be loosened). -However, it should be useful on firewalls and other -places where users don't have accounts and the aliases file is -well constrained. -.ip RecipientFactor=\fIfact\fP -[y] -The indicated -.i fact or -is added to the priority (thus -.i lowering -the priority of the job) -for each recipient, -i.e., this value penalizes jobs with large numbers of recipients. -Defaults to 30000. -.ip RefuseLA=\fILA\fP -[X] -When the system load average exceeds -.i LA , -refuse incoming SMTP connections. -Defaults to 12. -.ip RetryFactor=\fIfact\fP -[Z] -The -.i fact or -is added to the priority -every time a job is processed. -Thus, -each time a job is processed, -its priority will be decreased by the indicated value. -In most environments this should be positive, -since hosts that are down are all too often down for a long time. -Defaults to 90000. -.ip SafeFileEnvironment=\fIdir\fP -[no short name] -If this option is set, -.i sendmail -will do a -.i chroot (2) -call into the indicated -.i dir ectory -before doing any file writes. -If the file name specified by the user begins with -.i dir , -that partial path name will be stripped off before writing, -so (for example) -if the SafeFileEnvironment variable is set to -.q /safe -then aliases of -.q /safe/logs/file -and -.q /logs/file -actually indicate the same file. -Additionally, if this option is set, -.i sendmail -refuses to deliver to symbolic links. -.ip SaveFromLine -[f] -Save -Unix-style -.q From -lines at the front of headers. -Normally they are assumed redundant -and discarded. -.ip SendMIMEErrors -[j] -If set, send error messages in MIME format -(see RFC1521 and RFC1344 for details). -If disabled, -.i sendmail -will not return the DSN keyword in response to an EHLO -and will not do Delivery Status Notification processing as described in -RFC1891. -.ip ServiceSwitchFile=\fIfilename\fP -[no short name] -If your host operating system has a service switch abstraction -(e.g., /etc/nsswitch.conf on Solaris -or /etc/svc.conf on Ultrix and DEC OSF/1) -that service will be consulted and this option is ignored. -Otherwise, this is the name of a file -that provides the list of methods used to implement particular services. -The syntax is a series of lines, -each of which is a sequence of words. -The first word is the service name, -and following words are service types. -The services that -.i sendmail -consults directly are -.q aliases -and -.q hosts. -Service types can be -.q dns , -.q nis , -.q nisplus , -or -.q files -(with the caveat that the appropriate support -must be compiled in -before the service can be referenced). -If ServiceSwitchFile is not specified, it defaults to /etc/service.switch. -If that file does not exist, the default switch is: -.(b -aliases files -hosts dns nis files -.)b -The default file is -.q /etc/service.switch . -.ip SevenBitInput -[7] -Strip input to seven bits for compatibility with old systems. -This shouldn't be necessary. -.ip SingleLineFromHeader -[no short name] -If set, From: lines that have embedded newlines are unwrapped -onto one line. -This is to get around a botch in Lotus Notes -that apparently cannot understand legally wrapped RFC822 headers. -.ip SingleThreadDelivery -[no short name] -If set, a client machine will never try to open two SMTP connections -to a single server machine at the same time, -even in different processes. -That is, if another -.i sendmail -is already talking to some host a new -.i sendmail -will not open another connection. -This property is of mixed value; -although this reduces the load on the other machine, -it can cause mail to be delayed -(for example, if one -.i sendmail -is delivering a huge message, other -.i sendmail s -won't be able to send even small messages). -Also, it requires another file descriptor -(for the lock file) -per connection, so you may have to reduce the -.b ConnectionCacheSize -option to avoid running out of per-process file descriptors. -Requires the -.b HostStatusDirectory -option. -.ip SmtpGreetingMessage=\fImessage\fP -[$e macro] -The message printed when the SMTP server starts up. -Defaults to -.q "$j Sendmail $v ready at $b". -.ip StatusFile=\fIfile\fP -[S] -Log summary statistics in the named -.i file . -If not set, -no summary statistics are saved. -This file does not grow in size. -It can be printed using the -.i mailstats (8) -program. -.ip SuperSafe -[s] -Be super-safe when running things, -i.e., -always instantiate the queue file, -even if you are going to attempt immediate delivery. -.i Sendmail -always instantiates the queue file -before returning control the client -under any circumstances. -This should really -.i always -be set. -.ip TempFileMode=\fImode\fP -[F] -The file mode for queue files. -It is interpreted in octal by default. -Defaults to 0600. -.ip Timeout.\fItype\fP=\|\fItimeout\fP -[r; subsumes old T option as well] -Set timeout values. -The actual timeout is indicated by the -.i type . -The recognized timeouts and their default values, and their -minimum values specified in RFC 1123 section 5.3.2 are: -.(b -.ta \w'datafinal'u+3n -initial wait for initial greeting message [5m, 5m] -helo reply to HELO or EHLO command [5m, none] -mail reply to MAIL command [10m, 5m] -rcpt reply to RCPT command [1h, 5m] -datainit reply to DATA command [5m, 2m] -datablock data block read [1h, 3m] -datafinal reply to final ``.'' in data [1h, 10m] -rset reply to RSET command [5m, none] -quit reply to QUIT command [2m, none] -misc reply to NOOP and VERB commands [2m, none] -ident IDENT protocol timeout [30s, none] -fileopen\(dg timeout on opening .forward and :include: files [60s, none] -command\(dg command read [1h, 5m] -queuereturn\(dg how long until a message is returned [5d, 5d] -queuewarn\(dg how long until a warning is sent [none, none] -hoststatus\(dg how long until host status is ``stale'' [30m, none] -.)b -All but those marked with a dagger (\(dg) -apply to client SMTP. -If the message is submitted using the -.sm NOTIFY -.sm SMTP -extension, -warning messages will only be sent if -.sm NOTIFY=DELAY -is specified. -The queuereturn and queuewarn timeouts -can be further qualified with a tag based on the Precedence: field -in the message; -they must be one of -.q urgent -(indicating a positive non-zero precedence) -.q normal -(indicating a zero precedence), or -.q non-urgent -(indicating negative precedences). -For example, setting -.q Timeout.queuewarn.urgent=1h -sets the warning timeout for urgent messages only -to one hour. -The default if no precedence is indicated -is to set the timeout for all precedences. -.ip TimeZoneSpec=\fItzinfo\fP -[t] -Set the local time zone info to -.i tzinfo -\*- for example, -.q PST8PDT . -Actually, if this is not set, -the TZ environment variable is cleared (so the system default is used); -if set but null, the user's TZ variable is used, -and if set and non-null the TZ variable is set to this value. -.ip TryNullMXList -[w] -If this system is the -.q best -(that is, lowest preference) -MX for a given host, -its configuration rules should normally detect this situation -and treat that condition specially -by forwarding the mail to a UUCP feed, -treating it as local, -or whatever. -However, in some cases (such as Internet firewalls) -you may want to try to connect directly to that host -as though it had no MX records at all. -Setting this option causes -.i sendmail -to try this. -The downside is that errors in your configuration -are likely to be diagnosed as -.q "host unknown" -or -.q "message timed out" -instead of something more meaningful. -This option is disrecommended. -.ip UnixFromLine=\fIfromline\fP -[$l macro] -Defines the format used when -.i sendmail -must add a UNIX-style From_ line -(that is, a line beginning -.q From<space>user ). -Defaults to -.q "From $g $d" . -Don't change this unless your system uses a different UNIX mailbox format -(very unlikely). -.ip UnsafeGroupWrites -[no short name] -If set, -:include: and .forward files that are group writable are considered -.q unsafe , -that is, -they cannot reference programs or write directly to files. -World writable :include: and .forward files -are always unsafe.. -.ip UseErrorsTo -[l] -If there is an -.q Errors-To: -header, send error messages to the addresses listed there. -They normally go to the envelope sender. -Use of this option causes -.i sendmail -to violate RFC 1123. -This option is disrecommended and deprecated. -.ip UserDatabaseSpec=\fIudbspec\fP -[U] -The user database specification. -.ip UserSubmission -[no short name] -This is an initial submission directly from a Mail User Agent. -This can be set in the configuration file if you have -MUAs that don't pass the -.b \-U -flag or use the -XUSR -ESMTP extension, -but some relayed mail may get inappropriately rewritten if you do. -.ip Verbose -[v] -Run in verbose mode. -If this is set, -.i sendmail -adjusts options -.b HoldExpensive -(old -.b c ) -and -.b DeliveryMode -(old -.b d ) -so that all mail is delivered completely -in a single job -so that you can see the entire delivery process. -Option -.b Verbose -should -.i never -be set in the configuration file; -it is intended for command line use only. -.lp -All options can be specified on the command line using the -\-O or \-o flag, -but most will cause -.i sendmail -to relinquish its setuid permissions. -The options that will not cause this are -MinFreeBlocks [b], -DeliveryMode [d], -ErrorMode [e], -IgnoreDots [i], -LogLevel [L], -MeToo [m], -OldStyleHeaders [o], -PrivacyOptions [p], -Timeouts [r], -SuperSafe [s], -Verbose [v], -CheckpointInterval [C], -and -SevenBitInput [7]. -Also, M (define macro) when defining the r or s macros -is also considered -.q safe . -.sh 2 "P \*- Precedence Definitions" -.pp -Values for the -.q "Precedence:" -field may be defined using the -.b P -control line. -The syntax of this field is: -.(b -\fBP\fP\fIname\fP\fB=\fP\fInum\fP -.)b -When the -.i name -is found in a -.q Precedence: -field, -the message class is set to -.i num . -Higher numbers mean higher precedence. -Numbers less than zero -have the special property -that if an error occurs during processing -the body of the message will not be returned; -this is expected to be used for -.q "bulk" -mail such as through mailing lists. -The default precedence is zero. -For example, -our list of precedences is: -.(b -Pfirst-class=0 -Pspecial-delivery=100 -Plist=\-30 -Pbulk=\-60 -Pjunk=\-100 -.)b -People writing mailing list exploders -are encouraged to use -.q "Precedence: list" . -Older versions of -.i sendmail -(which discarded all error returns for negative precedences) -didn't recognize this name, giving it a default precedence of zero. -This allows list maintainers to see error returns -on both old and new versions of -.i sendmail . -.sh 2 "V \*- Configuration Version Level" -.pp -To provide compatibility with old configuration files, -the -.b V -line has been added to define some very basic semantics -of the configuration file. -These are not intended to be long term supports; -rather, they describe compatibility features -which will probably be removed in future releases. -.pp -.b N.B.: -these version -.i levels -have nothing -to do with the version -.i number -on the files. -For example, -as of this writing -version 8 config files -(specifically, 8.7) -used version level 6 configurations. -.pp -.q Old -configuration files are defined as version level one. -Version level two files make the following changes: -.np -Host name canonification ($[ ... $]) -appends a dot if the name is recognized; -this gives the config file a way of finding out if anything matched. -(Actually, this just initializes the -.q host -map with the -.q \-a. -flag \*- you can reset it to anything you prefer -by declaring the map explicitly.) -.np -Default host name extension is consistent throughout processing; -version level one configurations turned off domain extension -(that is, adding the local domain name) -during certain points in processing. -Version level two configurations are expected to include a trailing dot -to indicate that the name is already canonical. -.np -Local names that are not aliases -are passed through a new distinguished ruleset five; -this can be used to append a local relay. -This behaviour can be prevented by resolving the local name -with an initial `@'. -That is, something that resolves to a local mailer and a user name of -.q vikki -will be passed through ruleset five, -but a user name of -.q @vikki -will have the `@' stripped, -will not be passed through ruleset five, -but will otherwise be treated the same as the prior example. -The expectation is that this might be used to implement a policy -where mail sent to -.q vikki -was handled by a central hub, -but mail sent to -.q vikki@localhost -was delivered directly. -.pp -Version level three files -allow # initiated comments on all lines. -Exceptions are backslash escaped # marks -and the $# syntax. -.pp -Version level four configurations -are completely equivalent to level three -for historical reasons. -.pp -Version level five configuration files -change the default definition of -.b $w -to be just the first component of the hostname. -.pp -Version level six configuration files -change many of the local processing options -(such as aliasing and matching the beginning of the address for -`|' characters) -to be mailer flags; -this allows fine-grained control over the special local processing. -Level six configuration files may also use long option names. -The -.b ColonOkInAddr -option (to allow colons in the local-part of addresses) -defaults -.b on -for lower numbered configuration files; -the configuration file requires some additional intelligence -to properly handle the RFC 822 group construct. -.pp -The -.b V -line may have an optional -.b / \c -.i vendor -to indicate that this configuration file uses modifications -specific to a particular vendor\**. -.(f -\**And of course, vendors are encouraged to add themselves -to the list of recognized vendors by editing the routine -.i setvendor -in -.i conf.c . -Please send e-mail to sendmail@Sendmail.ORG -to register your vendor dialect. -.)f -You may use -.q /Berkeley -to emphasize that this configuration file -uses the Berkeley dialect of -.i sendmail . -.sh 2 "K \*- Key File Declaration" -.pp -Special maps can be defined using the line: -.(b -Kmapname mapclass arguments -.)b -The -.i mapname -is the handle by which this map is referenced in the rewriting rules. -The -.i mapclass -is the name of a type of map; -these are compiled in to -.i sendmail . -The -.i arguments -are interpreted depending on the class; -typically, -there would be a single argument naming the file containing the map. -.pp -Maps are referenced using the syntax: -.(b -$( \fImap\fP \fIkey\fP $@ \fIarguments\fP $: \fIdefault\fP $) -.)b -where either or both of the -.i arguments -or -.i default -portion may be omitted. -The -.i "$@ arguments" -may appear more than once. -The indicated -.i key -and -.i arguments -are passed to the appropriate mapping function. -If it returns a value, it replaces the input. -If it does not return a value and the -.i default -is specified, the -.i default -replaces the input. -Otherwise, the input is unchanged. -.pp -The -.i arguments -are passed to the map for arbitrary use. -Most map classes can interpolate these arguments -into their values using the syntax -.q %\fIn\fP -(where -.i n -is a digit) -to indicate the corresponding -.i argument . -Argument -.q %0 -indicates the database key. -For example, the rule -.(b -.ta 1.5i -R$\- ! $+ $: $(uucp $1 $@ $2 $: %1 @ %0 . UUCP $) -.)b -Looks up the UUCP name in a (user defined) UUCP map; -if not found it turns it into -.q \&.UUCP -form. -The database might contain records like: -.(b -decvax %1@%0.DEC.COM -research %1@%0.ATT.COM -.)b -Note that -.i default -clauses never do this mapping. -.pp -The built in map with both name and class -.q host -is the host name canonicalization lookup. -Thus, -the syntax: -.(b -$(host \fIhostname\fP$) -.)b -is equivalent to: -.(b -$[\fIhostname\fP$] -.)b -.pp -There are many defined classes. -.ip dbm -Database lookups using the ndbm(3) library. -.i Sendmail -must be compiled with -.b NDBM -defined. -.ip btree -Database lookups using the btree interface to the Berkeley db(3) library. -.i Sendmail -must be compiled with -.b NEWDB -defined. -.ip hash -Database lookups using the hash interface to the Berkeley db(3) library. -.i Sendmail -must be compiled with -.b NEWDB -defined. -.ip nis -NIS lookups. -.i Sendmail -must be compiled with -.b NIS -defined. -.ip nisplus -NIS+ lookups. -.i Sendmail -must be compiled with -.b NISPLUS -defined. -The argument is the name of the table to use for lookups, -and the -.b \-k -and -.b \-v -flags may be used to set the key and value columns respectively. -.ip hesiod -Hesiod lookups. -.i Sendmail -must be compiled with -.b HESIOD -defined. -.ip ldapx -LDAP X500 directory lookups. -.i Sendmail -must be compiled with -.b LDAPMAP -defined. -The map supports most of the standard arguments -and most of the command line arguments of the -.i ldapsearch -program. -.ip netinfo -NeXT NetInfo lookups. -.i Sendmail -must be compiled with -.b NETINFO -defined. -.ip text -Text file lookups. -The format of the text file is defined by the -.b \-k -(key field number), -.b \-v -(value field number), -and -.b \-z -(field delimiter) -flags. -.ip stab -Internal symbol table lookups. -Used internally for aliasing. -.ip implicit -Really should be called -.q alias -\(em this is used to get the default lookups -for alias files, -and is the default if no class is specified for alias files. -.ip user -Looks up users using -.i getpwnam (3). -The -.b \-v -flag can be used to specify the name of the field to return -(although this is normally used only to check the existence -of a user). -.ip host -Canonifies host domain names. -Given a host name it calls the name server -to find the canonical name for that host. -.ip sequence -The arguments on the `K' line are a list of maps; -the resulting map searches the argument maps in order -until it finds a match for the indicated key. -For example, if the key definition is: -.(b -Kmap1 ... -Kmap2 ... -Kseqmap sequence map1 map2 -.)b -then a lookup against -.q seqmap -first does a lookup in map1. -If that is found, it returns immediately. -Otherwise, the same key is used for map2. -.ip switch -Much like the -.q sequence -map except that the order of maps is determined by the service switch. -The argument is the name of the service to be looked up; -the values from the service switch are appended to the map name -to create new map names. -For example, consider the key definition: -.(b -Kali switch aliases -.)b -together with the service switch entry: -.(b -aliases nis files -.)b -This causes a query against the map -.q ali -to search maps named -.q ali.nis -and -.q ali.files -in that order. -.ip dequote -Strip double quotes (") from a name. -It does not strip backslashes, -and will not strip quotes if the resulting string -would contain unscannable syntax -(that is, basic errors like unbalanced angle brackets; -more sophisticated errors such as unknown hosts are not checked). -The intent is for use when trying to accept mail from systems such as -DECnet -that routinely quote odd syntax such as -.(b -"49ers::ubell" -.)b -A typical usage is probably something like: -.(b -Kdequote dequote - -\&... - -R$\- $: $(dequote $1 $) -R$\- $+ $: $>3 $1 $2 -.)b -Care must be taken to prevent unexpected results; -for example, -.(b -"|someprogram < input > output" -.)b -will have quotes stripped, -but the result is probably not what you had in mind. -Fortunately these cases are rare. -.pp -Most of these accept as arguments the same optional flags -and a filename -(or a mapname for NIS; -the filename is the root of the database path, -so that -.q .db -or some other extension appropriate for the database type -will be added to get the actual database name). -Known flags are: -.ip "\-o" -Indicates that this map is optional \*- that is, -if it cannot be opened, -no error is produced, -and -.i sendmail -will behave as if the map existed but was empty. -.ip "\-N, \-O" -If neither -.b \-N -or -.b \-O -are specified, -.i sendmail -uses an adaptive algorithm to decide whether or not to look for null bytes -on the end of keys. -It starts by trying both; -if it finds any key with a null byte it never tries again without a null byte -and vice versa. -If -.b \-N -is specified it never tries without a null byte and -if -.b \-O -is specified it never tries with a null byte. -Setting one of -these can speed matches but are never necessary. -If both -.b \-N -and -.b \-O -are specified, -.i sendmail -will never try any matches at all \(em -that is, everything will appear to fail. -.ip "\-a\fIx\fP" -Append the string -.i x -on successful matches. -For example, the default -.i host -map appends a dot on successful matches. -.ip "\-f" -Do not fold upper to lower case before looking up the key. -.ip "\-m" -Match only (without replacing the value). -If you only care about the existence of a key and not the value -(as you might when searching the NIS map -.q hosts.byname -for example), -this flag prevents the map from substituting the value. -However, -The \-a argument is still appended on a match, -and the default is still taken if the match fails. -.ip "\-k\fIkeycol\fP" -The key column name (for NIS+) or number -(for text lookups). -For LDAP maps this is a filter string -passed to printf with a %s where the string to be -.q "mapped" -is inserted. -.ip "\-v\fIvalcol\fP" -The value column name (for NIS+) or number -(for text lookups). -For LDAP maps this is the name of the -attribute to be returned. -.ip "\-z\fIdelim\fP" -The column delimiter (for text lookups). -It can be a single character or one of the special strings -.q \|\en -or -.q \|\et -to indicate newline or tab respectively. -If omitted entirely, -the column separator is any sequence of whitespace. -.ip "\-t" -Normally, when a map attempts to do a lookup -and the server fails -(e.g., -.i sendmail -couldn't contact any name server; -this is -.i not -the same as an entry not being found in the map), -the message being processed is queued for future processing. -The -.b \-t -flag turns off this behaviour, -letting the temporary failure (server down) -act as though it were a permanent failure (entry not found). -It is particularly useful for DNS lookups, -where someone else's misconfigured name server can cause problems -on your machine. -However, care must be taken to ensure that you don't bounce mail -that would be resolved correctly if you tried again. -A common strategy is to forward such mail -to another, possibly better connected, mail server. -.ip "\-s\fIspacesub\fP -For the dequote map only, -the character to use to replace space characters -after a successful dequote. -.pp -The -.i dbm -map appends the strings -.q \&.pag -and -.q \&.dir -to the given filename; -the two -.i db -based -maps append -.q \&.db . -For example, the map specification -.(b -Kuucp dbm \-o \-N /usr/lib/uucpmap -.)b -specifies an optional map named -.q uucp -of class -.q dbm ; -it always has null bytes at the end of every string, -and the data is located in -/usr/lib/uucpmap.{dir,pag}. -.pp -The program -.i makemap (8) -can be used to build any of the three database-oriented maps. -It takes the following flags: -.ip \-f -Do not fold upper to lower case in the map. -.ip \-N -Include null bytes in keys. -.ip \-o -Append to an existing (old) file. -.ip \-r -Allow replacement of existing keys; -normally, re-inserting an existing key is an error. -.ip \-v -Print what is happening. -.lp -The -.i sendmail -daemon does not have to be restarted to read the new maps -as long as you change them in place; -file locking is used so that the maps won't be read -while they are being updated.\** -.(f -\**That is, don't create new maps and then use -.i mv (1) -to move them into place. -Since the maps are already open -the new maps will never be seen. -.)f -.pp -New classes can be added in the routine -.b setupmaps -in file -.b conf.c . -.sh 2 "The User Database" -.pp -If you have a version of -.i sendmail -with the user database package -compiled in, -the handling of sender and recipient addresses -is modified. -.pp -The location of this database is controlled with the -.b UserDatabaseSpec -option. -.sh 3 "Structure of the user database" -.pp -The database is a sorted (BTree-based) structure. -User records are stored with the key: -.(b -\fIuser-name\fP\fB:\fP\fIfield-name\fP -.)b -The sorted database format ensures that user records are clustered together. -Meta-information is always stored with a leading colon. -.pp -Field names define both the syntax and semantics of the value. -Defined fields include: -.nr ii 1i -.ip maildrop -The delivery address for this user. -There may be multiple values of this record. -In particular, -mailing lists will have one -.i maildrop -record for each user on the list. -.ip "mailname" -The outgoing mailname for this user. -For each outgoing name, -there should be an appropriate -.i maildrop -record for that name to allow return mail. -See also -.i :default:mailname . -.ip mailsender -Changes any mail sent to this address to have the indicated envelope sender. -This is intended for mailing lists, -and will normally be the name of an appropriate -request address. -It is very similar to the owner-\c -.i list -syntax in the alias file. -.ip fullname -The full name of the user. -.ip office-address -The office address for this user. -.ip office-phone -The office phone number for this user. -.ip office-fax -The office FAX number for this user. -.ip home-address -The home address for this user. -.ip home-phone -The home phone number for this user. -.ip home-fax -The home FAX number for this user. -.ip project -A (short) description of the project this person is affiliated with. -In the University this is often just the name of their graduate advisor. -.ip plan -A pointer to a file from which plan information can be gathered. -.pp -As of this writing, -only a few of these fields are actually being used by -.i sendmail : -.i maildrop -and -.i mailname . -A -.i finger -program that uses the other fields is planned. -.sh 3 "User database semantics" -.pp -When the rewriting rules submit an address to the local mailer, -the user name is passed through the alias file. -If no alias is found (or if the alias points back to the same address), -the name (with -.q :maildrop -appended) -is then used as a key in the user database. -If no match occurs (or if the maildrop points at the same address), -forwarding is tried. -.pp -If the first token of the user name returned by ruleset 0 -is an -.q @ -sign, the user database lookup is skipped. -The intent is that the user database will act as a set of defaults -for a cluster (in our case, the Computer Science Division); -mail sent to a specific machine should ignore these defaults. -.pp -When mail is sent, -the name of the sending user is looked up in the database. -If that user has a -.q mailname -record, -the value of that record is used as their outgoing name. -For example, I might have a record: -.(b -eric:mailname Eric.Allman@CS.Berkeley.EDU -.)b -This would cause my outgoing mail to be sent as Eric.Allman. -.pp -If a -.q maildrop -is found for the user, -but no corresponding -.q mailname -record exists, -the record -.q :default:mailname -is consulted. -If present, this is the name of a host to override the local host. -For example, in our case we would set it to -.q CS.Berkeley.EDU . -The effect is that anyone known in the database -gets their outgoing mail stamped as -.q user@CS.Berkeley.EDU , -but people not listed in the database use the local hostname. -.sh 3 "Creating the database\**" -.(f -\**These instructions are known to be incomplete. -A future version of the user database is planned -including things such as finger service \*- and good documentation. -.)f -.pp -The user database is built from a text file -using the -.i makemap -utility -(in the distribution in the makemap subdirectory). -The text file is a series of lines corresponding to userdb records; -each line has a key and a value separated by white space. -The key is always in the format described above \*- -for example: -.(b -eric:maildrop -.)b -This file is normally installed in a system directory; -for example, it might be called -.i /etc/userdb . -To make the database version of the map, run the program: -.(b -makemap btree /etc/userdb.db < /etc/userdb -.)b -Then create a config file that uses this. -For example, using the V8 M4 configuration, include the -following line in your .mc file: -.(b -define(\`confUSERDB_SPEC\', /etc/userdb.db) -.)b -.sh 1 "OTHER CONFIGURATION" -.pp -There are some configuration changes that can be made by -recompiling -.i sendmail . -This section describes what changes can be made -and what has to be modified to make them. -In most cases this should be unnecessary -unless you are porting -.i sendmail -to a new environment. -.sh 2 "Parameters in src/Makefile" -.pp -These parameters are intended to describe the compilation environment, -not site policy, -and should normally be defined in src/Makefile. -.ip NDBM -If set, -the new version of the DBM library -that allows multiple databases will be used. -If neither NDBM nor NEWDB are set, -a much less efficient method of alias lookup is used. -.ip NEWDB -If set, use the new database package from Berkeley (from 4.4BSD). -This package is substantially faster than DBM or NDBM. -If NEWDB and NDBM are both set, -.i sendmail -will read DBM files, -but will create and use NEWDB files. -.ip NIS -Include support for NIS. -If set together with -.i both -NEWDB and NDBM, -.i sendmail -will create both DBM and NEWDB files if and only if -an alias file includes the substring -.q /yp/ -in the name. -This is intended for compatibility with Sun Microsystems' -.i mkalias -program used on YP masters. -.ip NISPLUS -Compile in support for NIS+. -.ip NETINFO -Compile in support for NetInfo (NeXT stations). -.ip LDAPMAP -Compile in support for LDAP X500 queries. -Requires libldap and liblber -from the Umich LDAP 3.2 or 3.3 release. -.ip HESIOD -Compile in support for Hesiod. -.ip _PATH_SENDMAILCF -The pathname of the sendmail.cf file. -.ip _PATH_SENDMAILPID -The pathname of the sendmail.pid file. -.pp -There are also several compilation flags to indicate the environment -such as -.q _AIX3 -and -.q _SCO_unix_ . -See the READ_ME -file for the latest scoop on these flags. -.sh 2 "Parameters in src/conf.h" -.pp -Parameters and compilation options -are defined in conf.h. -Most of these need not normally be tweaked; -common parameters are all in sendmail.cf. -However, the sizes of certain primitive vectors, etc., -are included in this file. -The numbers following the parameters -are their default value. -.pp -This document is not the best source of information -for compilation flags in conf.h \(em -see src/READ_ME or src/conf.h itself. -.nr ii 1.2i -.ip "MAXLINE [2048]" -The maximum line length of any input line. -If message lines exceed this length -they will still be processed correctly; -however, header lines, -configuration file lines, -alias lines, -etc., -must fit within this limit. -.ip "MAXNAME [256]" -The maximum length of any name, -such as a host or a user name. -.ip "MAXPV [40]" -The maximum number of parameters to any mailer. -This limits the number of recipients that may be passed in one transaction. -It can be set to any arbitrary number above about 10, -since -.i sendmail -will break up a delivery into smaller batches as needed. -A higher number may reduce load on your system, however. -.ip "MAXATOM [100]" -The maximum number of atoms -(tokens) -in a single address. -For example, -the address -.q "eric@CS.Berkeley.EDU" -is seven atoms. -.ip "MAXMAILERS [25]" -The maximum number of mailers that may be defined -in the configuration file. -.ip "MAXRWSETS [200]" -The maximum number of rewriting sets -that may be defined. -The first half of these are reserved for numeric specification -(e.g., ``S92''), -while the upper half are reserved for auto-numbering -(e.g., ``Sfoo''). -Thus, with a value of 200 an attempt to use ``S99'' will succeed, -but ``S100'' will fail. -.ip "MAXPRIORITIES [25]" -The maximum number of values for the -.q Precedence: -field that may be defined -(using the -.b P -line in sendmail.cf). -.ip "MAXUSERENVIRON [100]" -The maximum number of items in the user environment -that will be passed to subordinate mailers. -.ip "MAXMXHOSTS [100]" -The maximum number of MX records we will accept for any single host. -.ip "MAXALIASDB [12]" -The maximum number of alias databases that can be open at any time. -Note that there may also be an open file limit. -.ip "MAXMAPSTACK [12]" -The maximum number of maps that may be "stacked" in a -.b sequence -class map. -.ip "MAXMIMEARGS [20]" -The maximum number of arguments in a MIME Content-Type: header; -additional arguments will be ignored. -.ip "MAXMIMENESTING [20]" -The maximum depth to which MIME messages may be nested -(that is, nested Message or Multipart documents; -this does not limit the number of components in a single Multipart document). -.lp -A number of other compilation options exist. -These specify whether or not specific code should be compiled in. -Ones marked with \(dg -are 0/1 valued. -.nr ii 1.2i -.ip NETINET\(dg -If set, -support for Internet protocol networking is compiled in. -Previous versions of -.i sendmail -referred to this as -.sm DAEMON ; -this old usage is now incorrect. -Defaults on; -turn it off in the Makefile -if your system doesn't support the Internet protocols. -.ip NETISO\(dg -If set, -support for ISO protocol networking is compiled in -(it may be appropriate to #define this in the Makefile instead of conf.h). -.ip LOG -If set, -the -.i syslog -routine in use at some sites is used. -This makes an informational log record -for each message processed, -and makes a higher priority log record -for internal system errors. -.b "STRONGLY RECOMMENDED" -\(em if you want no logging, turn it off in the configuration file. -.ip MATCHGECOS\(dg -Compile in the code to do ``fuzzy matching'' on the GECOS field -in /etc/passwd. -This also requires that the -.b MatchGECOS -option be turned on. -.ip NAMED_BIND\(dg -Compile in code to use the -Berkeley Internet Name Domain (BIND) server -to resolve TCP/IP host names. -.ip NOTUNIX -If you are using a non-UNIX mail format, -you can set this flag to turn off special processing -of UNIX-style -.q "From " -lines. -.ip QUEUE\(dg -This flag should be set to compile in the queueing code. -If this is not set, -mailers must accept the mail immediately -or it will be returned to the sender. -.ip SMTP\(dg -If set, -the code to handle user and server SMTP will be compiled in. -This is only necessary if your machine has some mailer -that speaks SMTP -(this means most machines everywhere). -.ip USERDB\(dg -Include the -.b experimental -Berkeley user information database package. -This adds a new level of local name expansion -between aliasing and forwarding. -It also uses the NEWDB package. -This may change in future releases. -.lp -The following options are normally turned on -in per-operating-system clauses in conf.h. -.ip IDENTPROTO\(dg -Compile in the IDENT protocol as defined in RFC 1413. -This defaults on for all systems except Ultrix, -which apparently has the interesting -.q feature -that when it receives a -.q "host unreachable" -message it closes all open connections to that host. -Since some firewall gateways send this error code -when you access an unauthorized port (such as 113, used by IDENT), -Ultrix cannot receive email from such hosts. -.ip SYSTEM5 -Set all of the compilation parameters appropriate for System V. -.ip HASFLOCK\(dg -Use Berkeley-style -.b flock -instead of System V -.b lockf -to do file locking. -Due to the highly unusual semantics of locks -across forks in -.b lockf , -this should always be used if at all possible. -.ip HASINITGROUPS -Set this if your system has the -.i initgroups() -call -(if you have multiple group support). -This is the default if SYSTEM5 is -.i not -defined or if you are on HPUX. -.ip HASUNAME -Set this if you have the -.i uname (2) -system call (or corresponding library routine). -Set by default if -SYSTEM5 -is set. -.ip HASGETDTABLESIZE -Set this if you have the -.i getdtablesize (2) -system call. -.ip HASWAITPID -Set this if you have the -.i haswaitpid (2) -system call. -.ip SFS_TYPE -The mechanism that can be used to get file system capacity information. -The values can be one of -SFS_USTAT (use the ustat(2) syscall), -SFS_4ARGS (use the four argument statfs(2) syscall), -SFS_VFS (use the two argument statfs(2) syscall including <sys/vfs.h>), -SFS_MOUNT (use the two argument statfs(2) syscall including <sys/mount.h>), -SFS_STATFS (use the two argument statfs(2) syscall including <sys/statfs.h>), -SFS_STATVFS (use the two argument statfs(2) syscall including <sys/statvfs.h>), -or -SFS_NONE (no way to get this information). -.ip LA_TYPE -The load average type. -Details are described below. -.lp -The are several built-in ways of computing the load average. -.i Sendmail -tries to auto-configure them based on imperfect guesses; -you can select one using the -.i cc -option -.b \-DLA_TYPE= \c -.i type , -where -.i type -is: -.ip LA_INT -The kernel stores the load average in the kernel as an array of long integers. -The actual values are scaled by a factor FSCALE -(default 256). -.ip LA_SHORT -The kernel stores the load average in the kernel as an array of short integers. -The actual values are scaled by a factor FSCALE -(default 256). -.ip LA_FLOAT -The kernel stores the load average in the kernel as an array of -double precision floats. -.ip LA_MACH -Use MACH-style load averages. -.ip LA_SUBR -Call the -.i getloadavg -routine to get the load average as an array of doubles. -.ip LA_ZERO -Always return zero as the load average. -This is the fallback case. -.lp -If type -.sm LA_INT , -.sm LA_SHORT , -or -.sm LA_FLOAT -is specified, -you may also need to specify -.sm _PATH_UNIX -(the path to your system binary) -and -.sm LA_AVENRUN -(the name of the variable containing the load average in the kernel; -usually -.q _avenrun -or -.q avenrun ). -.sh 2 "Configuration in src/conf.c" -.pp -The following changes can be made in conf.c. -.sh 3 "Built-in Header Semantics" -.pp -Not all header semantics are defined in the configuration file. -Header lines that should only be included by certain mailers -(as well as other more obscure semantics) -must be specified in the -.i HdrInfo -table in -.i conf.c . -This table contains the header name -(which should be in all lower case) -and a set of header control flags (described below), -The flags are: -.ip H_ACHECK -Normally when the check is made to see if a header line is compatible -with a mailer, -.i sendmail -will not delete an existing line. -If this flag is set, -.i sendmail -will delete -even existing header lines. -That is, -if this bit is set and the mailer does not have flag bits set -that intersect with the required mailer flags -in the header definition in -sendmail.cf, -the header line is -.i always -deleted. -.ip H_EOH -If this header field is set, -treat it like a blank line, -i.e., -it will signal the end of the header -and the beginning of the message text. -.ip H_FORCE -Add this header entry -even if one existed in the message before. -If a header entry does not have this bit set, -.i sendmail -will not add another header line if a header line -of this name already existed. -This would normally be used to stamp the message -by everyone who handled it. -.ip H_TRACE -If set, -this is a timestamp -(trace) -field. -If the number of trace fields in a message -exceeds a preset amount -the message is returned -on the assumption that it has an aliasing loop. -.ip H_RCPT -If set, -this field contains recipient addresses. -This is used by the -.b \-t -flag to determine who to send to -when it is collecting recipients from the message. -.ip H_FROM -This flag indicates that this field -specifies a sender. -The order of these fields in the -.i HdrInfo -table specifies -.i sendmail 's -preference -for which field to return error messages to. -.ip H_ERRORSTO -Addresses in this header should receive error messages. -.ip H_CTE -This header is a Content-Transfer-Encoding header. -.ip H_CTYPE -This header is a Content-Type header. -.ip H_STRIPVAL -Strip the value from the header (for Bcc:). -.nr ii 5n -.lp -Let's look at a sample -.i HdrInfo -specification: -.(b -.ta 4n +\w'"content-transfer-encoding", 'u -struct hdrinfo HdrInfo[] = -\&{ - /* originator fields, most to least significant */ - "resent-sender", H_FROM, - "resent-from", H_FROM, - "sender", H_FROM, - "from", H_FROM, - "full-name", H_ACHECK, - "errors-to", H_FROM\^|\^H_ERRORSTO, - /* destination fields */ - "to", H_RCPT, - "resent-to", H_RCPT, - "cc", H_RCPT, - "bcc", H_RCPT\^|\^H_STRIPVAL, - /* message identification and control */ - "message", H_EOH, - "text", H_EOH, - /* trace fields */ - "received", H_TRACE\^|\^H_FORCE, - /* miscellaneous fields */ - "content-transfer-encoding", H_CTE, - "content-type", H_CTYPE, - - NULL, 0, -}; -.)b -This structure indicates that the -.q To: , -.q Resent-To: , -and -.q Cc: -fields -all specify recipient addresses. -Any -.q Full-Name: -field will be deleted unless the required mailer flag -(indicated in the configuration file) -is specified. -The -.q Message: -and -.q Text: -fields will terminate the header; -these are used by random dissenters around the network world. -The -.q Received: -field will always be added, -and can be used to trace messages. -.pp -There are a number of important points here. -First, -header fields are not added automatically just because they are in the -.i HdrInfo -structure; -they must be specified in the configuration file -in order to be added to the message. -Any header fields mentioned in the configuration file but not -mentioned in the -.i HdrInfo -structure have default processing performed; -that is, -they are added unless they were in the message already. -Second, -the -.i HdrInfo -structure only specifies cliched processing; -certain headers are processed specially by ad hoc code -regardless of the status specified in -.i HdrInfo . -For example, -the -.q Sender: -and -.q From: -fields are always scanned on ARPANET mail -to determine the sender\**; -.(f -\**Actually, this is no longer true in SMTP; -this information is contained in the envelope. -The older ARPANET protocols did not completely distinguish -envelope from header. -.)f -this is used to perform the -.q "return to sender" -function. -The -.q "From:" -and -.q "Full-Name:" -fields are used to determine the full name of the sender -if possible; -this is stored in the macro -.b $x -and used in a number of ways. -.sh 3 "Restricting Use of Email" -.pp -If it is necessary to restrict mail through a relay, -the -.i checkcompat -routine can be modified. -This routine is called for every recipient address. -It returns an exit status -indicating the status of the message. -The status -.sm EX_OK -accepts the address, -.sm EX_TEMPFAIL -queues the message for a later try, -and other values -(commonly -.sm EX_UNAVAILABLE ) -reject the message. -It is up to -.i checkcompat -to print an error message -(using -.i usrerr ) -if the message is rejected. -For example, -.i checkcompat -could read: -.(b -.re -.sz -1 -.ta 4n +4n +4n +4n +4n +4n +4n -int -checkcompat(to, e) - register ADDRESS *to; - register ENVELOPE *e; -\&{ - register STAB *s; - - s = stab("private", ST_MAILER, ST_FIND); - if (s != NULL && e\->e_from.q_mailer != LocalMailer && - to->q_mailer == s->s_mailer) - { - usrerr("No private net mail allowed through this machine"); - return (EX_UNAVAILABLE); - } - if (MsgSize > 50000 && bitnset(M_LOCALMAILER, to\->q_mailer)) - { - usrerr("Message too large for non-local delivery"); - e\->e_flags |= EF_NORETURN; - return (EX_UNAVAILABLE); - } - return (EX_OK); -} -.sz -.)b -This would reject messages greater than 50000 bytes -unless they were local. -The -.i EF_NORETURN -flag can be set in -.i e\(->e_flags -to suppress the return of the actual body -of the message in the error return. -The actual use of this routine is highly dependent on the -implementation, -and use should be limited. -.sh 3 "Load Average Computation" -.pp -The routine -.i getla -should return an approximation of the current system load average -as an integer. -There are several versions included on compilation flags -as described above. -.sh 3 "New Database Map Classes" -.pp -New key maps can be added by creating a class initialization function -and a lookup function. -These are then added to the routine -.i setupmaps. -.pp -The initialization function is called as -.(b -\fIxxx\fP_map_init(MAP *map, char *args) -.)b -The -.i map -is an internal data structure. -The -.i args -is a pointer to the portion of the configuration file line -following the map class name; -flags and filenames can be extracted from this line. -The initialization function must return -.sm TRUE -if it successfully opened the map, -.sm FALSE -otherwise. -.pp -The lookup function is called as -.(b -\fIxxx\fP_map_lookup(MAP *map, char buf[], char **av, int *statp) -.)b -The -.i map -defines the map internally. -The -.i buf -has the input key. -This may be (and often is) used destructively. -The -.i av -is a list of arguments passed in from the rewrite line. -The lookup function should return a pointer to the new value. -IF the map lookup fails, -.i *statp -should be set to an exit status code; -in particular, it should be set to -.sm EX_TEMPFAIL -if recovery is to be attempted by the higher level code. -.sh 3 "Queueing Function" -.pp -The routine -.i shouldqueue -is called to decide if a message should be queued -or processed immediately. -Typically this compares the message priority to the current load average. -The default definition is: -.(b -bool -shouldqueue(pri, ctime) - long pri; - time_t ctime; -{ - if (CurrentLA < QueueLA) - return (FALSE); - return (pri > (QueueFactor / (CurrentLA \- QueueLA + 1))); -} -.)b -If the current load average -(global variable -.i CurrentLA , -which is set before this function is called) -is less than the low threshold load average -(option -.b x , -variable -.i QueueLA ), -.i shouldqueue -returns -.sm FALSE -immediately -(that is, it should -.i not -queue). -If the current load average exceeds the high threshold load average -(option -.b X , -variable -.i RefuseLA ), -.i shouldqueue -returns -.sm TRUE -immediately. -Otherwise, it computes the function based on the message priority, -the queue factor -(option -.b q , -global variable -.i QueueFactor ), -and the current and threshold load averages. -.pp -An implementation wishing to take the actual age of the message into account -can also use the -.i ctime -parameter, -which is the time that the message was first submitted to -.i sendmail . -Note that the -.i pri -parameter is already weighted -by the number of times the message has been tried -(although this tends to lower the priority of the message with time); -the expectation is that the -.i ctime -would be used as an -.q "escape clause" -to ensure that messages are eventually processed. -.sh 3 "Refusing Incoming SMTP Connections" -.pp -The function -.i refuseconnections -returns -.sm TRUE -if incoming SMTP connections should be refused. -The current implementation is based exclusively on the current load average -and the refuse load average option -(option -.b X , -global variable -.i RefuseLA ): -.(b -bool -refuseconnections() -{ - return (CurrentLA >= RefuseLA); -} -.)b -A more clever implementation -could look at more system resources. -.sh 3 "Load Average Computation" -.pp -The routine -.i getla -returns the current load average (as a rounded integer). -The distribution includes several possible implementations. -If you are porting to a new environment -you may need to add some new tweaks.\** -.(f -\**If you do, please send updates to -sendmail@Sendmail.ORG. -.)f -.sh 2 "Configuration in src/daemon.c" -.pp -The file -.i src/daemon.c -contains a number of routines that are dependent -on the local networking environment. -The version supplied assumes you have BSD style sockets. -.pp -In previous releases, -we recommended that you modify the routine -.i maphostname -if you wanted to generalize -.b $[ -\&...\& -.b $] -lookups. -We now recommend that you create a new keyed map instead. -.sh 1 "CHANGES IN VERSION 8" -.pp -The following summarizes changes -since the last commonly available version of -.i sendmail -(5.67). -For a detailed list, -consult the file -RELEASE_NOTES -in the root directory of the -.i sendmail -distribution. -.sh 2 "Connection Caching" -.pp -Instead of closing SMTP connections immediately, -those connections are cached for possible future use. -The advent of MX records made this effective for mailing lists; -in addition, -substantial performance improvements can be expected for queue processing. -.sh 2 "MX Piggybacking" -.pp -If two hosts with different names in a single message -happen to have the same set of MX hosts, -they can be sent in the same transaction. -Version 8 notices this and tries to batch the messages. -.sh 2 "RFC 1123 Compliance" -.pp -A number of changes have been made to make -.i sendmail -.q "conditionally compliant" -(that is, -.i sendmail -satisfies all of the -.q MUST -clauses and most but not all of the -.q SHOULD -clauses in RFC 1123). -.pp -The major areas of change are (numbers are RFC 1123 section numbers): -.nr ii \w'5.3.1.1\0\0'u -.ip 5.2.7 -Response to RCPT command is fast. -.ip 5.2.8 -Numeric IP addresses are logged in Received: lines. -.ip 5.2.17 -Self domain literal is properly handled. -.ip 5.3.2 -Better control over individual timeouts. -.ip 5.3.3 -Error messages are sent as -.q From:<> . -.ip 5.3.3 -Error messages are never sent to -.q <> . -.ip 5.3.3 -Route-addrs are pruned. -.lp -The areas in which -.i sendmail -is not -.q "unconditionally compliant" -are: -.ip 5.2.6 -.i Sendmail -does do header munging. -.ip 5.2.10 -.i Sendmail -doesn't always use the exact SMTP message text -as listed in RFC 821. -.ip 5.3.1.1 -.i Sendmail -doesn't guarantee only one connect for each host in queue runs. -.ip 5.3.1.1 -.i Sendmail -doesn't always provide adequate concurrency limits. -.sh 2 "Extended SMTP Support" -.pp -Version 8 includes both sending and receiving support for Extended -SMTP support as defined by RFC 1651 (basic) and RFC 1653 (SIZE); -and limited support for RFC 1652 (BODY). -.sh 2 "Eight-Bit Clean" -.pp -Previous versions of -.i sendmail -used the 0200 bit for quoting. -This version avoids that use. -However, for compatibility with RFC 822, -you can set option `7' to get seven bit stripping. -.pp -Individual mailers can still produce seven bit output using the -`7' mailer flag. -.sh 2 "User Database" -.pp -The user database is an as-yet experimental attempt -to provide unified large-site name support. -We are installing it at Berkeley; -future versions may show significant modifications. -.sh 2 "Improved BIND Support" -.pp -The BIND support, -particularly for MX records, -had a number of annoying -.q features -which have been removed in this release. -In particular, -these more tightly bind (pun intended) the name server to -.i sendmail , -so that the name server resolution rules are incorporated directly into -.b sendmail . -.sh 2 "Keyed Files" -.pp -Generalized keyed files is an idea taken directly from -.sm IDA -.i sendmail -(albeit with a completely different implementation). -They can be useful on large sites. -.pp -Version 8 also understands YP. -.sh 2 "Multi-Word Classes" -.pp -Classes can now be multiple words. -For example, -.(b -CShofmann.CS.Berkeley.EDU -.)b -allows you to match the entire string -.q hofmann.CS.Berkeley.EDU -using the single construct -.q $=S . -.sh 2 "Deferred Macro Expansion" -.pp -The -.b $& \c -.i x -construct has been adopted from -.sm IDA . -.sh 2 "IDENT Protocol Support" -.pp -The IDENT protocol as defined in RFC 1413 is supported. -.sh 2 "Parsing Bug Fixes" -.pp -A number of small bugs having to do with things like -backslash-escaped quotes inside of comments -have been fixed. -.sh 2 "Separate Envelope/Header Processing" -.pp -Since the From: line is passed in separately from the envelope sender, -these have both been made visible; -the -.b $g -macro is set to the envelope sender during processing -of mailer argument vectors -and the header sender during processing of headers. -.pp -It is also possible to specify separate per-mailer -envelope and header processing. -The -.b S enderRWSet -and -.b R ecipientRWset -arguments for mailers -can be specified as -.i envelope/header -to give different rewritings for envelope versus header addresses. -.sh 2 "Owner-List Propagates to Envelope" -.pp -When an alias has an associated owner\-list name, -that alias is used to change the envelope sender address. -This will cause downstream errors to be returned to that owner. -.sh 2 "Dynamic Header Allocation" -.pp -The fixed size limit on header lines has been eliminated. -.sh 2 "New Command Line Flags" -.pp -The -.b \-B -flag has been added to pass in body type information. -.pp -The -.b \-p -flag has been added -to pass in protocol information. -.pp -The -.b \-X -flag has been added -to allow logging of all protocol in and out of -.i sendmail -for debugging. -.pp -The -.b \-O -flag implies setting long-form options. -.sh 2 "Enhanced Command Line Flags" -.pp -The -.b \-q -flag can limit limit a queue run to specific recipients, senders, or queue ids -using -.b \-qR\c -.i substring , -.b \-qS\c -.i substring , -or -.b \-qI\c -.i substring -respectively. -.sh 2 "New and Old Configuration Line Types" -.pp -The -.b K -line has been added to declare database maps. -.pp -The -.b V -line has been added to declare the configuration version level. -.pp -The -.b M -line has a -.q D= -field that lets you change into a temporary directory while that mailer -is running. -It also has a -.q U= -field to allow you to set the user and group id to be used -when running the mailer. -.sh 2 "New Options" -.pp -Several new options have been added, -many to support new features, -others to allow tuning that was previously available -only by recompiling. -They are described in detail in Section 5.6. -Briefly, -.nr ii 0.5i -.ip b -Insist on a minimum number of disk blocks. -.ip C -Set checkpoint interval. -.ip E -Default error message. -.ip G -Enable GECOS matching. -.ip h -Maximum hop count. -.ip j -Send errors in MIME-encapsulated format. -.ip J -Forward file path. -.ip k -Connection cache size -.ip K -Connection cache lifetime. -.ip l -Enable Errors-To: header. -These headers violate RFC 1123; -this option is included to provide back compatibility -with old versions of -.i sendmail . -.ip O -Set incoming SMTP daemon options, such as an alternate SMTP port. -.ip p -Privacy options. -.ip R -Don't prune route-addrs. -.ip U -User database spec. -.ip V -Fallback -.q MX -host. -.ip w -.q "Best MX" -handling technique. -.ip 7 -Do not run eight bit clean. -.ip 8 -Eight bit data handling mode. -.sh 2 "Extended Options" -.pp -The -.b r -(read timeout), -.b I -(use BIND), -and -.b T -(queue timeout) -options have been extended to pass in more information. -.sh 2 "New Mailer Flags" -.pp -Several new mailer flags have been added. -.ip a -Try to use ESMTP when creating a connection. -If this is not set, -.i sendmail -will still try if the other end hints that it knows about ESMTP -in its greeting message; -this flag says to try even if it doesn't hint. -If the EHLO (extended hello) -command fails, -.i sendmail -falls back to old SMTP. -.ip A -Try the user part of addresses for this mailer as aliases. -.ip b -Ensure that there is a blank line at the end of all messages. -.ip c -Strip all comments from addresses; -this should only be used as a last resort -when dealing with cranky mailers. -.ip g -Never use the null sender as the envelope sender, -even when running SMTP. -Although this violates RFC 1123, -it may be necessary when you must deal with some obnoxious old hosts. -.ip k -Turn off the loopback check in the HELO protocol; -doing this may cause mailer loops. -.ip o -Always run the mailer as the recipient of the message. -.ip w -This user should have a passwd file entry. -.ip 5 -Try ruleset 5 if no local aliases. -.ip 7 -Strip all output to 7 bits. -.ip : -Check for :include: files. -.ip | -Check for |program addresses. -.ip / -Check for /file addresses. -.ip @ -Check this user against the user database. -.sh 2 "Long Option Names" -.pp -All options can be specified using long names, -and some new options can only be specified with long names. -.sh 2 "New Pre-Defined Macros" -.pp -The following macros are pre-defined: -.ip $k -The UUCP node name, -nominally from -.i uname (2) -call. -.ip $m -The domain part of our full hostname. -.ip $_ -The RFC 1413-provided sender address. -.sh 2 "New LHS Token" -.pp -Version 8 allows -.b $@ -on the Left Hand Side of an -.q R -line to match zero tokens. -This is intended to be used to match the null input. -.sh 2 "Bigger Defaults" -.pp -Version 8 allows up to 100 rulesets instead of 30. -It is recommended that rulesets 0\-9 be reserved for -.i sendmail 's -dedicated use in future releases. -.pp -The total number of MX records that can be used has been raised to 20. -.pp -The number of queued messages that can be handled at one time -has been raised from 600 to 1000. -.sh 2 "Different Default Tuning Parameters" -.pp -Version 8 has changed the default parameters -for tuning queue costs -to make the number of recipients more important -than the size of the message (for small messages). -This is reasonable if you are connected with reasonably fast links. -.sh 2 "Auto-Quoting in Addresses" -.pp -Previously, the -.q "Full Name <email address>" -syntax would generate incorrect protocol output -if -.q "Full Name" -had special characters such as dot. -This version puts quotes around such names. -.sh 2 "Symbolic Names On Error Mailer" -.pp -Several names have been built in to the $@ portion of the $#error -mailer. -.sh 2 "SMTP VRFY Doesn't Expand" -.pp -Previous versions of -.i sendmail -treated VRFY and EXPN the same. -In this version, -VRFY doesn't expand aliases or follow .forward files. -EXPN still does. -.pp -As an optimization, if you run with your default delivery mode being -queue-only or deliver-in-background, -the RCPT command will also not chase aliases and .forward files. -It will chase them when it processes the queue. -.sh 2 "[IPC] Mailers Allow Multiple Hosts" -.pp -When an address resolves to a mailer that has -.q [IPC] -as its -.q Path , -the $@ part (host name) -can be a colon-separated list of hosts instead of a single hostname. -This asks -.i sendmail -to search the list for the first entry that is available -exactly as though it were an MX record. -The intent is to route internal traffic through internal networks -without publishing an MX record to the net. -MX expansion is still done on the individual items. -.sh 2 "Aliases Extended" -.pp -The implementation has been merged with maps. -Among other things, -this supports NIS-based aliases. -.sh 2 "Portability and Security Enhancements" -.pp -A number of internal changes have been made to enhance portability. -.pp -Several fixes have been made to increase the paranoia factor. -.sh 2 "Miscellaneous Changes" -.pp -.i Sendmail -writes a -.i /etc/sendmail.pid -file with the current process id of the SMTP daemon. -.pp -Two people using the same program in their .forward file -are considered different -so that duplicate elimination doesn't delete one of them. -.pp -The -.i mailstats -program prints mailer names -and gets the location of the -.i sendmail.st -file from -.i /etc/sendmail.cf . -.pp -Many minor bugs have been fixed, such as handling of backslashes -inside of quotes. -.pp -A hook (ruleset 5) has been added -to allow rewriting of local addresses after aliasing. -.sh 1 "ACKNOWLEDGEMENTS" -.pp -I've worked on -.i sendmail -for many years, -and many employers have been remarkably patient -about letting me work on a large project -that was not part of my official job. -This includes time on the INGRES Project at -the University of California at Berkeley, -at Britton Lee, -and again on the Mammoth and Titan Projects at Berkeley. -.pp -Much of the second wave of improvements -should be credited to Bryan Costales of ICSI. -As he passed me drafts of his book on -.i sendmail -I was inspired to start working on things again. -Bryan was also available to bounce ideas off of. -.pp -Many, many people contributed chunks of code and ideas to -.i sendmail . -It has proven to be a group network effort. -Version 8 in particular was a group project. -The following people made notable contributions: -.(l -John Beck, Hewlett-Packard -Keith Bostic, CSRG, University of California, Berkeley -Andrew Cheng, Sun Microsystems -Michael J. Corrigan, University of California, San Diego -Bryan Costales, International Computer Science Institute -Pa\*:r (Pell) Emanuelsson -Craig Everhart, Transarc Corporation -Tom Ivar Helbekkmo, Norwegian School of Economics -Allan E. Johannesen, WPI -Jonathan Kamens, OpenVision Technologies, Inc. -Takahiro Kanbe, Fuji Xerox Information Systems Co., Ltd. -Brian Kantor, University of California, San Diego -Murray S. Kucherawy, HookUp Communication Corp. -Bruce Lilly, Sony U.S. -Karl London -Motonori Nakamura, Ritsumeikan University & Kyoto University -John Gardiner Myers, Carnegie Mellon University -Neil Rickert, Northern Illinois University -Eric Schnoebelen, Convex Computer Corp. -Eric Wassenaar, National Institute for Nuclear and High Energy Physics, Amsterdam -Christophe Wolfhugel, Pasteur Institute & Herve Schauer Consultants (Paris) -.)l -I apologize for anyone I have omitted, misspelled, misattributed, or -otherwise missed. -At this point, I suspect that at least a hundred people -have contributed code, -and many more have contributed ideas, comments, and encouragement. -I've tried to list them in the RELEASE_NOTES in the distribution directory. -I appreciate their contribution as well. -.pp -Special thanks are reserved for Michael Corrigan and Christophe Wolfhugel, -who besides being wonderful guinea pigs and contributors -have also consented to be added to the ``sendmail@Sendmail.ORG'' list -and, by answering the bulk of the questions sent to that list, -have freed me up to do other work. -.++ A -.+c "COMMAND LINE FLAGS" -.ba 0 -.nr ii 1i -.pp -Arguments must be presented with flags before addresses. -The flags are: -.ip \-b\fIx\fP -Set operation mode to -.i x . -Operation modes are: -.(b -.ta 4n -m Deliver mail (default) -s Speak SMTP on input side -a\(dg ``Arpanet'' mode (get envelope sender information from header) -d Run as a daemon in background -D Run as a daemon in foreground -t Run in test mode -v Just verify addresses, don't collect or deliver -i Initialize the alias database -p Print the mail queue -.)b -.(f -\(dgDeprecated. -.)f -.ip \-B\fItype\fP -Indicate body type. -.ip \-C\fIfile\fP -Use a different configuration file. -.i Sendmail -runs as the invoking user (rather than root) -when this flag is specified. -.ip \-d\fIlevel\fP -Set debugging level. -.ip "\-f\ \fIaddr\fP" -The sender's machine address is -.i addr . -.ip \-F\fIname\fP -Sets the full name of this user to -.i name . -.ip "\-h\ \fIcnt\fP" -Sets the -.q "hop count" -to -.i cnt . -This represents the number of times this message has been processed -by -.i sendmail -(to the extent that it is supported by the underlying networks). -.i Cnt -is incremented during processing, -and if it reaches -MAXHOP -(currently 30) -.i sendmail -throws away the message with an error. -.ip \-n -Don't do aliasing or forwarding. -.ip "\-N \fInotifications\fP" -Tag all addresses being sent as wanting the indicated -.i notifications , -which consists of the word -.q NEVER -or a comma-separated list of -.q SUCCESS , -.q FAILURE , -and -.q DELAY -for successful delivery, -failure, -and a message that is stuck in a queue somewhere. -The default is -.q FAILURE,DELAY . -.ip "\-r\ \fIaddr\fP" -An obsolete form of -.b \-f . -.ip \-o\fIx\|value\fP -Set option -.i x -to the specified -.i value . -These options are described in Section 5.6. -.ip \-O\fIoption\fP\fB=\fP\fIvalue\fP -Set -.i option -to the specified -.i value -(for long form option names). -These options are described in Section 5.6. -.ip \-M\fIx\|value -Set macro -.i x -to the specified -.i value . -.ip \-p\fIprotocol\fP -Set the sending protocol. -Programs are encouraged to set this. -The protocol field can be in the form -.i protocol \c -.b : \c -.i host -to set both the sending protocol and sending host. -For example, -.q \-pUUCP:uunet -sets the sending protocol to UUCP -and the sending host to uunet. -(Some existing programs use \-oM to set the r and s macros; -this is equivalent to using \-p.) -.ip \-q\fItime\fP -Try to process the queued up mail. -If the time is given, -a -.i sendmail -will run through the queue at the specified interval -to deliver queued mail; -otherwise, it only runs once. -.ip \-q\fIXstring\fP -Run the queue once, -limiting the jobs to those matching -.i Xstring . -The key letter -.i X -can be -.b I -to limit based on queue identifier, -.b R -to limit based on recipient, -or -.b S -to limit based on sender. -A particular queued job is accepted if one of the corresponding addresses -contains the indicated -.i string . -.ip "\-R ret" -What information you want returned if the message bounces; -.i ret -can be -.q HDRS -for headers only or -.q FULL -for headers plus body. -This is a request only; -the other end is not required to honor the parameter. -.ip \-t -Read the header for -.q To: , -.q Cc: , -and -.q Bcc: -lines, and send to everyone listed in those lists. -The -.q Bcc: -line will be deleted before sending. -Any addresses in the argument vector will be deleted -from the send list. -.ip "\-U" -Indicate that this is an initial User Agent submission. -In future releases, sendmail may complain about syntactically invalid messages -rather than fixing them when this flag is not set. -.ip "\-V envid" -The indicated -.i envid -is passed with the envelope of the message -and returned if the message bounces. -.ip "\-X \fIlogfile\fP" -Log all traffic in and out of -.i sendmail -in the indicated -.i logfile -for debugging mailer problems. -This produces a lot of data very quickly and should be used sparingly. -.pp -There are a number of options that may be specified as -primitive flags. -These are the e, i, m, and v options. -Also, -the f option -may be specified as the -.b \-s -flag. -.+c "QUEUE FILE FORMATS" -.pp -This appendix describes the format of the queue files. -These files live in the directory defined by the -.b Q -option in the -.i sendmail.cf -file, usually -.i /var/spool/mqueue -or -.i /usr/spool/mqueue . -.pp -All queue files have the name -\fIx\fP\|\fBf\fP\fIAAA99999\fP -where -.i AAA99999 -is the -.i id -for this message -and the -.i x -is a type. -The first letter of the id encodes the hour of the day -that the message was received by the system -(with A being the hour between midnight and 1:00AM). -All files with the same id collectively define one message. -.pp -The types are: -.nr ii 0.5i -.ip d -The data file. -The message body (excluding the header) is kept in this file. -.ip q -The queue control file. -This file contains the information necessary to process the job. -.ip t -A temporary file. -These are an image of the -.b qf -file when it is being rebuilt. -It should be renamed to a -.b qf -file very quickly. -.ip x -A transcript file, -existing during the life of a session -showing everything that happens -during that session. -.pp -The -.b qf -file is structured as a series of lines -each beginning with a code letter. -The lines are as follows: -.ip V -The version number of the queue file format, -used to allow new -.i sendmail -binaries to read queue files created by older versions. -Defaults to version zero. -Must be the first line of the file if present. -.ip H -A header definition. -There may be any number of these lines. -The order is important: -they represent the order in the final message. -These use the same syntax -as header definitions in the configuration file. -.ip C -The controlling address. -The syntax is -.q localuser:aliasname . -Recipient addresses following this line -will be flagged so that deliveries will be run as the -.i localuser -(a user name from the /etc/passwd file); -.i aliasname -is the name of the alias that expanded to this address -(used for printing messages). -.ip Q -The ``original recipient'', -specified by the ORCPT= field in an ESMTP transaction. -Used exclusively for Delivery Status Notifications. -It applies only to the immediately following `R' line. -.ip R -A recipient address. -This will normally be completely aliased, -but is actually realiased when the job is processed. -There will be one line -for each recipient. -Version 1 qf files -also include a leading colon-terminated list of flags, -which can be -`S' to return a message on successful final delivery, -`F' to return a message on failure, -`D' to return a message if the message is delayed, -`B' to indicate that the body should be returned, -`N' to suppress returning the body, -and -`P' to declare this as a ``primary'' (command line or SMTP-session) address. -.ip S -The sender address. -There may only be one of these lines. -.ip T -The job creation time. -This is used to compute when to time out the job. -.ip P -The current message priority. -This is used to order the queue. -Higher numbers mean lower priorities. -The priority changes -as the message sits in the queue. -The initial priority depends on the message class -and the size of the message. -.ip M -A message. -This line is printed by the -.i mailq -command, -and is generally used to store status information. -It can contain any text. -.ip F -Flag bits, represented as one letter per flag. -Defined flag bits are -.b r -indicating that this is a response message -and -.b w -indicating that a warning message has been sent -announcing that the mail has been delayed. -.ip N -The total number of delivery attempts. -.ip K -The time (as seconds since January 1, 1970) -of the last delivery attempt. -.ip I -The i-number of the data file; -this can be used to recover your mail queue -after a disastrous disk crash. -.ip $ -A macro definition. -The values of certain macros -(as of this writing, only -.b $r -and -.b $s ) -are passed through to the queue run phase. -.ip B -The body type. -The remainder of the line is a text string defining the body type. -If this field is missing, -the body type is assumed to be -.q "undefined" -and no special processing is attempted. -Legal values are -.q 7BIT -and -.q 8BITMIME . -.ip O -The original MTS value (from the ESMTP transaction). -For Deliver Status Notifications only. -.ip Z -The original envelope id (from the ESMTP transaction). -For Deliver Status Notifications only. -.pp -As an example, -the following is a queue file sent to -.q eric@mammoth.Berkeley.EDU -and -.q bostic@okeeffe.CS.Berkeley.EDU \**: -.(f -\**This example is contrived and probably inaccurate for your environment. -Glance over it to get an idea; -nothing can replace looking at what your own system generates. -.)f -.(b -P835771 -T404261372 -Seric -Ceric:sendmail@vangogh.CS.Berkeley.EDU -Reric@mammoth.Berkeley.EDU -Rbostic@okeeffe.CS.Berkeley.EDU -H?P?return-path: <owner-sendmail@vangogh.CS.Berkeley.EDU> -Hreceived: by vangogh.CS.Berkeley.EDU (5.108/2.7) id AAA06703; - Fri, 17 Jul 92 00:28:55 -0700 -Hreceived: from mail.CS.Berkeley.EDU by vangogh.CS.Berkeley.EDU (5.108/2.7) - id AAA06698; Fri, 17 Jul 92 00:28:54 -0700 -Hreceived: from [128.32.31.21] by mail.CS.Berkeley.EDU (5.96/2.5) - id AA22777; Fri, 17 Jul 92 03:29:14 -0400 -Hreceived: by foo.bar.baz.de (5.57/Ultrix3.0-C) - id AA22757; Fri, 17 Jul 92 09:31:25 GMT -H?F?from: eric@foo.bar.baz.de (Eric Allman) -H?x?full-name: Eric Allman -Hmessage-id: <9207170931.AA22757@foo.bar.baz.de> -HTo: sendmail@vangogh.CS.Berkeley.EDU -Hsubject: this is an example message -.)b -This shows -the person who sent the message, -the submission time -(in seconds since January 1, 1970), -the message priority, -the message class, -the recipients, -and the headers for the message. -.+c "SUMMARY OF SUPPORT FILES" -.pp -This is a summary of the support files -that -.i sendmail -creates or generates. -Many of these can be changed by editing the sendmail.cf file; -check there to find the actual pathnames. -.nr ii 1i -.ip "/usr/\*(SD/sendmail" -The binary of -.i sendmail . -.ip /usr/\*(SB/newaliases -A link to /usr/\*(SD/sendmail; -causes the alias database to be rebuilt. -Running this program is completely equivalent to giving -.i sendmail -the -.b \-bi -flag. -.ip /usr/\*(SB/mailq -Prints a listing of the mail queue. -This program is equivalent to using the -.b \-bp -flag to -.i sendmail . -.ip /etc/sendmail.cf -The configuration file, -in textual form. -.ip /usr/lib/sendmail.hf -The SMTP help file. -.ip /etc/sendmail.st -A statistics file; need not be present. -.ip /etc/sendmail.pid -Created in daemon mode; -it contains the process id of the current SMTP daemon. -If you use this in scripts; -use ``head \-1'' to get just the first line; -later versions of -.i sendmail -may add information to subsequent lines. -.ip /etc/aliases -The textual version of the alias file. -.ip /etc/aliases.{pag,dir} -The alias file in -.i dbm \|(3) -format. -.ip /var/spool/mqueue -The directory in which the mail queue -and temporary files reside. -.ip /var/spool/mqueue/qf* -Control (queue) files for messages. -.ip /var/spool/mqueue/df* -Data files. -.ip /var/spool/mqueue/tf* -Temporary versions of the qf files, -used during queue file rebuild. -.ip /var/spool/mqueue/xf* -A transcript of the current session. -.if e \ -\{\ -. bp -. rs -. sp |4i -. ce 2 -This page intentionally left blank; -replace it with a blank sheet for double-sided output. -.\} -.\".ro -.\".ls 1 -.\".tp -.\".sp 2i -.\".in 0 -.\".ce 100 -.\".sz 24 -.\".b SENDMAIL -.\".sz 14 -.\".sp -.\"INSTALLATION AND OPERATION GUIDE -.\".sp -.\".sz 10 -.\"Eric Allman -.\".sp -.\"Version 8.106 -.\".ce 0 -.bp 3 -.ce -.sz 12 -TABLE OF CONTENTS -.sz 10 -.sp -.\" remove some things to avoid "out of temp file space" problem -.rm sh -.rm (x -.rm )x -.rm ip -.rm pp -.rm lp -.rm he -.rm fo -.rm eh -.rm oh -.rm ef -.rm of -.xp |