path: root/contrib
diff options
authorPeter Wemm <peter@FreeBSD.org>1998-08-03 05:56:20 +0000
committerPeter Wemm <peter@FreeBSD.org>1998-08-03 05:56:20 +0000
commitc2aa98e247e56d5266d789dfc9b90b524b0019fe (patch)
tree0772be9f4640bcba9db4a0de9e79a39ad377d80b /contrib
parentff37c899d76b8a843614fb348674c7e94e4f53ce (diff)
Import sendmail-8.9.1 (slightly trimmed) onto a fresh branch undervendor/sendmail/8.9.1
src/contrib as per various discussions. I will copy across our changes and then point the Makefiles across once the dust has settled..
Notes: svn path=/vendor/sendmail/dist/; revision=38032 svn path=/vendor/sendmail/8.9.1/; revision=38034; tag=vendor/sendmail/8.9.1
Diffstat (limited to 'contrib')
341 files changed, 97632 insertions, 0 deletions
diff --git a/contrib/sendmail/BuildTools/M4/depend/BSD.m4 b/contrib/sendmail/BuildTools/M4/depend/BSD.m4
new file mode 100644
index 000000000000..661f69ec12ec
--- /dev/null
+++ b/contrib/sendmail/BuildTools/M4/depend/BSD.m4
@@ -0,0 +1,8 @@
+# @(#)BSD.m4 8.3 (Berkeley) 2/9/98
+depend: ${BEFORE}
+ @mv Makefile Makefile.old
+ @sed -e '/^# Do not edit or remove this line or anything below it.$$/,$$d' < Makefile.old > Makefile
+ @echo "# Do not edit or remove this line or anything below it." >> Makefile
+ mkdep -a -f Makefile ${COPTS} *.c
+# End of BSD.m4
diff --git a/contrib/sendmail/BuildTools/M4/depend/CC-M.m4 b/contrib/sendmail/BuildTools/M4/depend/CC-M.m4
new file mode 100644
index 000000000000..01d82662b1bc
--- /dev/null
+++ b/contrib/sendmail/BuildTools/M4/depend/CC-M.m4
@@ -0,0 +1,8 @@
+# @(#)CC-M.m4 8.2 (Berkeley) 2/19/98
+depend: ${BEFORE}
+ @mv Makefile Makefile.old
+ @sed -e '/^# Do not edit or remove this line or anything below it.$$/,$$d' < Makefile.old > Makefile
+ @echo "# Do not edit or remove this line or anything below it." >> Makefile
+ ${CC} -M ${COPTS} *.c >> Makefile
+# End of CC-M.m4
diff --git a/contrib/sendmail/BuildTools/M4/depend/NCR.m4 b/contrib/sendmail/BuildTools/M4/depend/NCR.m4
new file mode 100644
index 000000000000..03e0c10dd387
--- /dev/null
+++ b/contrib/sendmail/BuildTools/M4/depend/NCR.m4
@@ -0,0 +1,8 @@
+# @(#)NCR.m4 8.3 (Berkeley) 2/19/98
+depend: ${BEFORE}
+ @mv Makefile Makefile.old
+ @sed -e '/^# Do not edit or remove this line or anything below it.$$/,$$d' < Makefile.old > Makefile
+ @echo "# Do not edit or remove this line or anything below it." >> Makefile
+ ${CC} -w0 -Hmake ${COPTS} *.c >> Makefile
+# End of NCR.m4
diff --git a/contrib/sendmail/BuildTools/M4/depend/Solaris.m4 b/contrib/sendmail/BuildTools/M4/depend/Solaris.m4
new file mode 100644
index 000000000000..cbdc618abfc8
--- /dev/null
+++ b/contrib/sendmail/BuildTools/M4/depend/Solaris.m4
@@ -0,0 +1,8 @@
+# @(#)Solaris.m4 8.1 (Berkeley) 3/5/98
+depend: ${BEFORE}
+ @mv Makefile Makefile.old
+ @sed -e '/^# Do not edit or remove this line or anything below it.$$/,$$d' < Makefile.old > Makefile
+ @echo "# Do not edit or remove this line or anything below it." >> Makefile
+ ${CC} -xM ${COPTS} *.c >> Makefile
+# End of Solaris.m4
diff --git a/contrib/sendmail/BuildTools/M4/depend/X11.m4 b/contrib/sendmail/BuildTools/M4/depend/X11.m4
new file mode 100644
index 000000000000..27f90361f4c3
--- /dev/null
+++ b/contrib/sendmail/BuildTools/M4/depend/X11.m4
@@ -0,0 +1,5 @@
+# @(#)X11.m4 8.1 (Berkeley) 4/8/98
+depend: ${BEFORE}
+ makedepend -- ${COPTS} -- *.c
+# End of X11.m4
diff --git a/contrib/sendmail/BuildTools/M4/depend/generic.m4 b/contrib/sendmail/BuildTools/M4/depend/generic.m4
new file mode 100644
index 000000000000..e7452d9e3297
--- /dev/null
+++ b/contrib/sendmail/BuildTools/M4/depend/generic.m4
@@ -0,0 +1,8 @@
+# @(#)generic.m4 8.2 (Berkeley) 2/9/98
+# dependencies
+# gross overkill, and yet still not quite enough....
+${OBJS}: ${SRCDIR}/sendmail.h ${SRCDIR}/conf.h
+# give a null "depend" list so that the startup script will work
+# End of generic.m4
diff --git a/contrib/sendmail/BuildTools/M4/header.m4 b/contrib/sendmail/BuildTools/M4/header.m4
new file mode 100644
index 000000000000..df216bb96714
--- /dev/null
+++ b/contrib/sendmail/BuildTools/M4/header.m4
@@ -0,0 +1,32 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# Definitions for Makefile construction for sendmail
+# @(#)header.m4 8.14 (Berkeley) 5/19/98
+ifdef(`pushdef', `',
+ `errprint(`You need a newer version of M4, at least as new as
+System V or GNU')
+ include(NoSuchFile)')
+define(`confABI', `')
+define(`confCC', `cc')
+define(`confSHELL', `/bin/sh')
+define(`confBEFORE', `')
+define(`confLIBDIRS', `')
+define(`confINCDIRS', `')
+define(`confLIBSEARCH', `db bind resolv 44bsd')
+define(`confSITECONFIG', `site.config')
+define(`confBUILDBIN', `../../BuildTools/bin')
+define(`PUSHDIVERT', `pushdef(`__D__', divnum)divert($1)')
+define(`POPDIVERT', `divert(__D__)popdef(`__D__')')
+define(`APPENDDEF', `define(`$1', ifdef(`$1', `$1 $2', `$2'))')
+define(`PREPENDDEF', `define(`$1', ifdef(`$1', `$2 $1', `$2'))')
diff --git a/contrib/sendmail/BuildTools/OS/386BSD b/contrib/sendmail/BuildTools/OS/386BSD
new file mode 100644
index 000000000000..34af745c8a57
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/386BSD
@@ -0,0 +1,7 @@
+# @(#)386BSD 8.1 (Berkeley) 1/30/98
+define(`confENVDEF', ` -DMIME')
+define(`confLIBS', `-lutil')
+define(`confLINKS', `/usr/sbin/sendmail /usr/bin/newaliases \
+ /usr/sbin/sendmail /usr/bin/mailq \
+ /usr/sbin/sendmail /usr/bin/hoststat \
+ /usr/sbin/sendmail /usr/bin/purgestat')
diff --git a/contrib/sendmail/BuildTools/OS/A-UX b/contrib/sendmail/BuildTools/OS/A-UX
new file mode 100644
index 000000000000..782106d7e155
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/A-UX
@@ -0,0 +1,11 @@
+# @(#)A-UX 8.4 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-D_POSIX_SOURCE ')
+define(`confLIBS', `-ldbm -lposix -lUTIL')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
diff --git a/contrib/sendmail/BuildTools/OS/AIX b/contrib/sendmail/BuildTools/OS/AIX
new file mode 100644
index 000000000000..ebf1f123262a
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/AIX
@@ -0,0 +1,10 @@
+# @(#)AIX 8.6 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-D_AIX3 ')
+define(`confOPTIMIZE', `-g')
+define(`confLIBS', `-ldbm')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `system')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `/usr/ucb/install')
diff --git a/contrib/sendmail/BuildTools/OS/AIX.2 b/contrib/sendmail/BuildTools/OS/AIX.2
new file mode 100644
index 000000000000..3838e893631a
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/AIX.2
@@ -0,0 +1,18 @@
+# @(#)AIX.2 8.8 (Berkeley) 3/12/98
+SMROOT= /usr/local/newmail
+define(`confMAPDEF', `-DNIS')
+ -D_PATH_SENDMAILCF=\"${SMROOT}/sendmail.cf\"\
+ -D_PATH_SENDMAILPID=\"${SMROOT}/sendmail.pid\"')
+define(`confOPTIMIZE', `-g')
+define(`confINCDIRS', `-I/u/markw/src/db.1.85/PORT/aixrt/include -I/u/markw/src/db.1.85/PORT/aixrt -I/fs/work/src/bind/include')
+define(`confLIBS', `-lbsd /u/markw/src/db.1.85/PORT/aixrt/libdb.a /usr/local/lib/libgldavg.a /fs/work/src/bind/res/libresolv.a')
+define(`confMBINDIR', `${SMROOT}/bin')
+define(`confSBINDIR', `/usr/etc')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `system')
+define(`confSTDIR', `${SMROOT}')
+define(`confHFDIR', `${SMROOT}')
+define(`confINSTALL', `/usr/ucb/install')
diff --git a/contrib/sendmail/BuildTools/OS/AIX.4.2 b/contrib/sendmail/BuildTools/OS/AIX.4.2
new file mode 100644
index 000000000000..e302f5a11369
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/AIX.4.2
@@ -0,0 +1,11 @@
+# @(#)AIX.4.2 8.5 (Berkeley) 3/14/98
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-D_AIX4=40200 ')
+define(`confOPTIMIZE', `-O3')
+define(`confLIBS', `-ldbm')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `system')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/AIX.4.3 b/contrib/sendmail/BuildTools/OS/AIX.4.3
new file mode 100644
index 000000000000..75a4272f04b0
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/AIX.4.3
@@ -0,0 +1,12 @@
+# @(#)AIX.4.3 8.4 (Berkeley) 3/14/98
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-D_AIX4=40300 ')
+define(`confOPTIMIZE', `-O3')
+define(`confCC', `/usr/bin/xlc')
+define(`confLIBS', `-ldbm')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `system')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/AIX.4.x b/contrib/sendmail/BuildTools/OS/AIX.4.x
new file mode 100644
index 000000000000..f08bfcb4a357
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/AIX.4.x
@@ -0,0 +1,10 @@
+# @(#)AIX.4.x 8.7 (Berkeley) 3/14/98
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-D_AIX4 ')
+define(`confOPTIMIZE', `-O3')
+define(`confLIBS', `-ldbm')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `system')
diff --git a/contrib/sendmail/BuildTools/OS/Altos b/contrib/sendmail/BuildTools/OS/Altos
new file mode 100644
index 000000000000..9c1f301d18d0
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Altos
@@ -0,0 +1,12 @@
+# @(#)Altos 8.6 (Berkeley) 2/19/98
+define(`confCC', `gcc')
+define(`confENVDEF', `-DALTOS_SYSTEM_V ')
+define(`confLIBS', `-lsocket -lrpc')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/BSD-OS b/contrib/sendmail/BuildTools/OS/BSD-OS
new file mode 100644
index 000000000000..58586dd596f3
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/BSD-OS
@@ -0,0 +1,8 @@
+# @(#)BSD-OS 8.8 (Berkeley) 6/3/98
+define(`confMAPDEF', `-DNEWDB -DMAP_REGEX')
+define(`confENVDEF', `-DNETISO')
+define(`confLIBS', `-lutil -lkvm')
+define(`confOPTIMIZE', `-O2')
+define(`confMAN1EXT', `0')
+define(`confMAN5EXT', `0')
+define(`confMAN8EXT', `0')
diff --git a/contrib/sendmail/BuildTools/OS/BSD43 b/contrib/sendmail/BuildTools/OS/BSD43
new file mode 100644
index 000000000000..1bbccea2c7fa
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/BSD43
@@ -0,0 +1,21 @@
+# @(#)BSD43 8.5 (Berkeley) 3/12/98
+define(`confBEFORE', `unistd.h stddef.h stdlib.h dirent.h sys/time.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DoldBSD43 ')
+define(`confLIBS', `-ldbm -ll')
+define(`confUBINDIR', `/usr/ucb')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+unistd.h stddef.h stdlib.h sys/time.h:
+ cp /dev/null $@
+sys/time.h: sys
+ mkdir sys
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/CLIX b/contrib/sendmail/BuildTools/OS/CLIX
new file mode 100644
index 000000000000..69f422965bbd
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/CLIX
@@ -0,0 +1,14 @@
+# @(#)CLIX 8.8 (Berkeley) 3/12/98
+define(`confCC', `gcc')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DCLIX ')
+define(`confINCDIRS', `-I/usr/include')
+define(`confLIBS', `-lnsl -lbsd')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `cp')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/CRAYT3E.2.0.x b/contrib/sendmail/BuildTools/OS/CRAYT3E.2.0.x
new file mode 100644
index 000000000000..6f5abb5de390
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/CRAYT3E.2.0.x
@@ -0,0 +1,11 @@
+# @(#)CRAYT3E.2.0.x 8.1 (Berkeley) 4/21/98
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DUNICOS ')
+define(`confOPTIMIZE', `-O')
+define(`confINSTALL', `cpset')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bin')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', ` //usr/spool/mqueue')
+define(`confHFDIR', ` /usr/lib')
diff --git a/contrib/sendmail/BuildTools/OS/CSOS b/contrib/sendmail/BuildTools/OS/CSOS
new file mode 100644
index 000000000000..3a995c9496f2
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/CSOS
@@ -0,0 +1,9 @@
+# @(#)CSOS 8.5 (Berkeley) 2/8/98
+define(`confLIBS', `-lnet')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confEBINDIR', `/usr/lib')
+define(`confUBINDIR', `/usr/ucb')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
diff --git a/contrib/sendmail/BuildTools/OS/ConvexOS b/contrib/sendmail/BuildTools/OS/ConvexOS
new file mode 100644
index 000000000000..8ea990c6e664
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/ConvexOS
@@ -0,0 +1,11 @@
+# @(#)ConvexOS 8.6 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DYPCOMPAT -DNIS')
+define(`confENVDEF', `-D__STDC__ -d non_int_bit_field')
+define(`confOPTIMIZE', `-g')
+define(`confLIBS', `-lshare')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
diff --git a/contrib/sendmail/BuildTools/OS/Dell b/contrib/sendmail/BuildTools/OS/Dell
new file mode 100644
index 000000000000..2b9c1ea44a1f
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Dell
@@ -0,0 +1,15 @@
+# @(#)Dell 8.8 (Berkeley) 3/12/98
+define(`confCC', `gcc')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-D__svr4__ ')
+define(`confOPTIMIZE', `-O2')
+define(`confLIBS', `-ldbm -lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucblib')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/DomainOS b/contrib/sendmail/BuildTools/OS/DomainOS
new file mode 100644
index 000000000000..ee6be2726b81
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/DomainOS
@@ -0,0 +1,18 @@
+# @(#)DomainOS 8.6 (Berkeley) 6/24/98
+define(`confCC', `cc -A nansi -A,systype,any -A,runtype,bsd4.3')
+define(`confBEFORE', `unistd.h dirent.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confSBINDIR', `/usr/etc')
+define(`confMBINDIR', `/usr/lib')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+ cp /dev/null unistd.h
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/DomainOS.10.4 b/contrib/sendmail/BuildTools/OS/DomainOS.10.4
new file mode 100644
index 000000000000..a92051b6befd
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/DomainOS.10.4
@@ -0,0 +1,15 @@
+# @(#)DomainOS.10.4 8.1 (Berkeley) 6/24/98
+define(`confCC', `cc -A nansi -A,systype,any -A,runtype,bsd4.3')
+define(`confBEFORE', `dirent.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confSBINDIR', `/usr/etc')
+define(`confMBINDIR', `/usr/lib')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/Dynix b/contrib/sendmail/BuildTools/OS/Dynix
new file mode 100644
index 000000000000..2781e49d1c1e
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Dynix
@@ -0,0 +1,13 @@
+# @(#)Dynix 8.7 (Berkeley) 2/26/98
+define(`confCC', `gcc')
+define(`confOPTIMIZE', `-O -g')
+define(`confLIBS', `-lseq')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `staff # no kmem group,')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confOBJADD', `strtol.o')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/EWS-UX_V b/contrib/sendmail/BuildTools/OS/EWS-UX_V
new file mode 100644
index 000000000000..bf11275a2cd1
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/EWS-UX_V
@@ -0,0 +1,29 @@
+# @(#)EWS-UX_V 8.6 (Berkeley) 3/12/98
+define(`confCC', `/usr/abiccs/bin/cc -KOlimit=900')
+define(`confBEFORE', `sysexits.h ndbm.h ndbm.o')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-Dnec_ews_svr4 ')
+define(`confLIBS', `ndbm.o -lsocket -lnsl -lelf # # with NDBM')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/var/ucblib')
+define(`confHFDIR', `/var/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+ echo '#ifndef _LOCAL_SYSEXITS_H_' > sysexits.h;
+ echo '#define _LOCAL_SYSEXITS_H_' >> sysexits.h;
+ cat /usr/abiccs/ucbinclude/sysexits.h >> sysexits.h;
+ echo '#endif /* _LOCAL_SYSEXITS_H_ */' >> sysexits.h;
+# ln -s /usr/abiccs/ucbinclude/sysexits.h .
+ ln -s /usr/abiccs/ucbinclude/ndbm.h .
+ ar x /usr/abiccs/ucblib/libucb.a ndbm.o
+# ar x /usr/ucblib/libucb.a ndbm.o
diff --git a/contrib/sendmail/BuildTools/OS/FreeBSD b/contrib/sendmail/BuildTools/OS/FreeBSD
new file mode 100644
index 000000000000..bec2c599060b
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/FreeBSD
@@ -0,0 +1,3 @@
+# @(#)FreeBSD 8.5 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNEWDB -DNIS -DMAP_REGEX')
+define(`confLIBS', `-lutil')
diff --git a/contrib/sendmail/BuildTools/OS/HP-UX b/contrib/sendmail/BuildTools/OS/HP-UX
new file mode 100644
index 000000000000..66d71a45eed0
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/HP-UX
@@ -0,0 +1,12 @@
+# @(#)HP-UX 8.9 (Berkeley) 3/14/98
+define(`confCC', `cc -Aa -D_HPUX_SOURCE')
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confOPTIMIZE', `+O1')
+define(`confLIBS', `-lndbm')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
diff --git a/contrib/sendmail/BuildTools/OS/HP-UX.10.x b/contrib/sendmail/BuildTools/OS/HP-UX.10.x
new file mode 100644
index 000000000000..a4b3a816048f
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/HP-UX.10.x
@@ -0,0 +1,11 @@
+# @(#)HP-UX.10.x 8.10 (Berkeley) 3/21/98
+define(`confCC', `cc -Aa -D_HPUX_SOURCE')
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-DV4FS ')
+define(`confOPTIMIZE', `+O3')
+define(`confLIBS', `-lndbm')
+define(`confSHELL', `/usr/bin/sh')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/usr/share/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confSBINGRP', `mail')
diff --git a/contrib/sendmail/BuildTools/OS/HP-UX.11.x b/contrib/sendmail/BuildTools/OS/HP-UX.11.x
new file mode 100644
index 000000000000..9e13c58e979a
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/HP-UX.11.x
@@ -0,0 +1,11 @@
+# @(#)HP-UX.11.x 8.7 (Berkeley) 3/30/98
+define(`confCC', `cc -Ae')
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-DV4FS -DHPUX11 ')
+define(`confOPTIMIZE', `+O3')
+define(`confLIBS', `-ldbm -lnsl')
+define(`confSHELL', `/usr/bin/sh')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/usr/share/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confSBINGRP', `mail')
diff --git a/contrib/sendmail/BuildTools/OS/IRIX b/contrib/sendmail/BuildTools/OS/IRIX
new file mode 100644
index 000000000000..dafbda6a5fb6
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/IRIX
@@ -0,0 +1,13 @@
+# @(#)IRIX 8.7 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DIRIX ')
+define(`confLIBS', `-lmld -lmalloc -lsun')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bsd')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/IRIX.5.x b/contrib/sendmail/BuildTools/OS/IRIX.5.x
new file mode 100644
index 000000000000..4ac44c29aea1
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/IRIX.5.x
@@ -0,0 +1,13 @@
+# @(#)IRIX.5.x 8.7 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DIRIX5 ')
+define(`confLIBS', `-lmld -lmalloc')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bsd')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/var')
+define(`confHFDIR', `/etc')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/IRIX.6.5 b/contrib/sendmail/BuildTools/OS/IRIX.6.5
new file mode 100644
index 000000000000..3056ff449128
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/IRIX.6.5
@@ -0,0 +1,35 @@
+# @(#)IRIX.6.5 8.2 (Berkeley) 4/24/98
+# Select what ABI we are using -- see abi(5) for details
+# -32 ~ IRIX 5.3 (default: -mips2)
+# - long and pointer are 32 bit
+# -n32 New to IRIX 6.2 (default: -mips3)
+# - long and pointer are 32 bit
+# -64 ~ IRIX 6.1 (default: -mips4)
+# - long and pointer are 64 bit
+# We force ABI here, so then it does not depend on CPU
+# With IDO 6.2 (IRIX 6.2) you need subsystem compiler_dev.sw32.lib
+# for compilation with ABI=-n32 -- alternatively you can set ABI=-32
+# ABI=-64 requires subsystem compiler_dev.sw64.lib, but this runs
+# only with IRIX64 (ie. 64 bit kernels)
+# NOTE: Do not set `confABI' in a site configuration file! The ABI MUST
+# be given on the Build command line using the -E parameter, e.g.:
+# Build -E ABI=-n32
+ABI= confABI
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-DIRIX6 -DHASSNPRINTF=1 ${ABI} ')
+define(`confLDOPTS', `${ABI}')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bsd')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/var')
+define(`confHFDIR', `/etc')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/IRIX.6.x b/contrib/sendmail/BuildTools/OS/IRIX.6.x
new file mode 100644
index 000000000000..c52fd4ea41dc
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/IRIX.6.x
@@ -0,0 +1,35 @@
+# @(#)IRIX.6.x 8.11 (Berkeley) 4/24/98
+# Select what ABI we are using -- see abi(5) for details
+# -32 ~ IRIX 5.3 (default: -mips2)
+# - long and pointer are 32 bit
+# -n32 New to IRIX 6.2 (default: -mips3)
+# - long and pointer are 32 bit
+# -64 ~ IRIX 6.1 (default: -mips4)
+# - long and pointer are 64 bit
+# We force ABI here, so then it does not depend on CPU
+# With IDO 6.2 (IRIX 6.2) you need subsystem compiler_dev.sw32.lib
+# for compilation with ABI=-n32 -- alternatively you can set ABI=-32
+# ABI=-64 requires subsystem compiler_dev.sw64.lib, but this runs
+# only with IRIX64 (ie. 64 bit kernels)
+# NOTE: Do not set `confABI' in a site configuration file! The ABI MUST
+# be given on the Build command line using the -E parameter, e.g.:
+# Build -E ABI=-n32
+ABI= confABI
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-DIRIX6 ${ABI} ')
+define(`confLDOPTS', `${ABI}')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bsd')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/var')
+define(`confHFDIR', `/etc')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/IRIX64.6.0 b/contrib/sendmail/BuildTools/OS/IRIX64.6.0
new file mode 100644
index 000000000000..5226bb535c52
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/IRIX64.6.0
@@ -0,0 +1,34 @@
+# @(#)IRIX64.6.0 8.10 (Berkeley) 3/12/98
+# Select what ABI we are using -- see abi(5) for details
+# -32 ~ IRIX 5.3 (default: -mips2)
+# - long and pointer are 32 bit
+# -64 ~ IRIX 6.1 (default: -mips4)
+# - long and pointer are 64 bit
+# We force ABI here, so then it does not depend on CPU
+# With IDO 6.2 (IRIX 6.2) you need subsystem compiler_dev.sw32.lib
+# for compilation with ABI=-n32 -- alternatively you can set ABI=-32
+# ABI=-64 requires subsystem compiler_dev.sw64.lib, but this runs
+# only with IRIX64 (ie. 64 bit kernels)
+# NOTE: Do not set `confABI' in a site configuration file! The ABI MUST
+# be given on the Build command line using the -E parameter, e.g.:
+# Build -E ABI=-32
+ABI= confABI
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DIRIX64 ${ABI} ')
+define(`confLDOPTS', `${ABI}')
+define(`confLIBS', `-lelf -lmalloc')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bsd')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/IRIX64.6.1 b/contrib/sendmail/BuildTools/OS/IRIX64.6.1
new file mode 100644
index 000000000000..4876a8807a47
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/IRIX64.6.1
@@ -0,0 +1,34 @@
+# @(#)IRIX64.6.1 8.10 (Berkeley) 3/12/98
+# Select what ABI we are using -- see abi(5) for details
+# -32 ~ IRIX 5.3 (default: -mips2)
+# - long and pointer are 32 bit
+# -64 ~ IRIX 6.1 (default: -mips4)
+# - long and pointer are 64 bit
+# We force ABI here, so then it does not depend on CPU
+# With IDO 6.2 (IRIX 6.2) you need subsystem compiler_dev.sw32.lib
+# for compilation with ABI=-n32 -- alternatively you can set ABI=-32
+# ABI=-64 requires subsystem compiler_dev.sw64.lib, but this runs
+# only with IRIX64 (ie. 64 bit kernels)
+# NOTE: Do not set `confABI' in a site configuration file! The ABI MUST
+# be given on the Build command line using the -E parameter, e.g.:
+# Build -E ABI=-32
+ABI= confABI
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DIRIX64 ${ABI} ')
+define(`confLDOPTS', `${ABI}')
+define(`confLIBS', `-lelf -lmalloc')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bsd')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/IRIX64.6.x b/contrib/sendmail/BuildTools/OS/IRIX64.6.x
new file mode 100644
index 000000000000..503df04b42c6
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/IRIX64.6.x
@@ -0,0 +1,35 @@
+# @(#)IRIX64.6.x 8.11 (Berkeley) 4/24/98
+# Select what ABI we are using -- see abi(5) for details
+# -32 ~ IRIX 5.3 (default: -mips2)
+# - long and pointer are 32 bit
+# -n32 New to IRIX 6.2 (default: -mips3)
+# - long and pointer are 32 bit
+# -64 ~ IRIX 6.1 (default: -mips4)
+# - long and pointer are 64 bit
+# We force ABI here, so then it does not depend on CPU
+# With IDO 6.2 (IRIX 6.2) you need subsystem compiler_dev.sw32.lib
+# for compilation with ABI=-n32 -- alternatively you can set ABI=-32
+# ABI=-64 requires subsystem compiler_dev.sw64.lib, but this runs
+# only with IRIX64 (ie. 64 bit kernels)
+# NOTE: Do not set `confABI' in a site configuration file! The ABI MUST
+# be given on the Build command line using the -E parameter, e.g.:
+# Build -E ABI=-n32
+ABI= confABI
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confENVDEF', `-DIRIX6 ${ABI} ')
+define(`confLDOPTS', `${ABI}')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bsd')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/var')
+define(`confHFDIR', `/etc')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/ISC b/contrib/sendmail/BuildTools/OS/ISC
new file mode 100644
index 000000000000..f07093f660b0
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/ISC
@@ -0,0 +1,10 @@
+# @(#)ISC 8.5 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confLIBS', `-lyp -lrpc -lndbm -linet -lcposix')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/spool/log')
+define(`confHFDIR', `/usr/lib')
diff --git a/contrib/sendmail/BuildTools/OS/KSR b/contrib/sendmail/BuildTools/OS/KSR
new file mode 100644
index 000000000000..d3931a464051
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/KSR
@@ -0,0 +1,7 @@
+# @(#)KSR 8.4 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confLIBDIRS', `-L/usr/shlib -L/usr/lib')
+define(`confLIBS', `-ldbm')
+define(`confSTDIR', `/var/adm/sendmail')
+define(`confHFDIR', `/usr/share/lib')
+define(`confINSTALL', `installbsd')
diff --git a/contrib/sendmail/BuildTools/OS/LUNA b/contrib/sendmail/BuildTools/OS/LUNA
new file mode 100644
index 000000000000..2a0fe1d78c22
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/LUNA
@@ -0,0 +1,46 @@
+# @(#)LUNA 8.8 (Berkeley) 3/12/98
+define(`confBEFORE', `dirent.h stddef.h stdlib.h unistd.h limits.h time.h sys/time.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
+stddef.h unistd.h limits.h:
+ if [ -f /usr/include/$@ ]; then \
+ ln -s /usr/include/$@ .; \
+ else \
+ cp /dev/null $@; \
+ fi
+ if [ -f /usr/include/stdlib.h ]; then \
+ ln -s /usr/include/stdlib.h .; \
+ else \
+ if [ -f /usr/include/libc.h ]; then \
+ ln -s /usr/include/libc.h stdlib.h; \
+ else \
+ cp /dev/null stdlib.h; \
+ fi; \
+ fi
+# just for UNIOS-B
+ echo "#ifndef _LOCAL_TIME_H_" > time.h
+ echo "#define _LOCAL_TIME_H_" >> time.h
+ cat /usr/include/time.h >> time.h
+ echo "#endif" >> time.h
+ -mkdir sys
+ echo "#ifndef _LOCAL_SYS_TIME_H_" > sys/time.h
+ echo "#define _LOCAL_SYS_TIME_H_" >> sys/time.h
+ cat /usr/include/sys/time.h >> sys/time.h
+ echo "#endif" >> sys/time.h
diff --git a/contrib/sendmail/BuildTools/OS/Linux b/contrib/sendmail/BuildTools/OS/Linux
new file mode 100644
index 000000000000..e908c478a944
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Linux
@@ -0,0 +1,5 @@
+# @(#)Linux 8.4 (Berkeley) 3/22/98
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confDEPEND_TYPE', `CC-M')
+define(`confMANROOT', `/usr/man/man')
diff --git a/contrib/sendmail/BuildTools/OS/Linux.ppc b/contrib/sendmail/BuildTools/OS/Linux.ppc
new file mode 100644
index 000000000000..d2c3cafa7ca7
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Linux.ppc
@@ -0,0 +1,3 @@
+# @(#)Linux.ppc 8.3 (Berkeley) 2/12/98
+define(`confHFDIR', `/usr/lib')
+define(`confSBINGRP', `mail')
diff --git a/contrib/sendmail/BuildTools/OS/Mach386 b/contrib/sendmail/BuildTools/OS/Mach386
new file mode 100644
index 000000000000..981478120463
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Mach386
@@ -0,0 +1,11 @@
+# @(#)Mach386 8.6 (Berkeley) 3/12/98
+define(`confCC', `gcc')
+define(`confMAPDEF', `-DNDBM')
+define(`confLIBS', `-ldbm')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/NCR.MP-RAS.2.x b/contrib/sendmail/BuildTools/OS/NCR.MP-RAS.2.x
new file mode 100644
index 000000000000..74d733401675
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NCR.MP-RAS.2.x
@@ -0,0 +1,15 @@
+# @(#)NCR.MP-RAS.2.x 8.9 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DNCR_MP_RAS2 ')
+define(`confOPTIMIZE', `-O2')
+define(`confINCDIRS', `-I/usr/include -I/usr/ucbinclude')
+define(`confLIBDIRS', `-L/usr/ucblib')
+define(`confLIBS', `-lnsl -lnet -lsocket -lelf -lc -lucb')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSTDIR', `/var/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confDEPEND_TYPE', `NCR')
diff --git a/contrib/sendmail/BuildTools/OS/NCR.MP-RAS.3.x b/contrib/sendmail/BuildTools/OS/NCR.MP-RAS.3.x
new file mode 100644
index 000000000000..14e02e3ab05c
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NCR.MP-RAS.3.x
@@ -0,0 +1,15 @@
+# @(#)NCR.MP-RAS.3.x 8.9 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DNCR_MP_RAS3 ')
+define(`confOPTIMIZE', `-O2')
+define(`confINCDIRS', `-I/usr/include -I/usr/ucbinclude')
+define(`confLIBDIRS', `-L/usr/ucblib')
+define(`confLIBS', `-lsocket -lnsl -lelf -lc -lucb')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSTDIR', `/var/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confDEPEND_TYPE', `NCR')
diff --git a/contrib/sendmail/BuildTools/OS/NEWS-OS.4.x b/contrib/sendmail/BuildTools/OS/NEWS-OS.4.x
new file mode 100644
index 000000000000..4fa83bbb7c45
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NEWS-OS.4.x
@@ -0,0 +1,14 @@
+# @(#)NEWS-OS.4.x 8.6 (Berkeley) 3/12/98
+define(`confBEFORE', `limits.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confLIBS', `-lmld')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+ touch limits.h
diff --git a/contrib/sendmail/BuildTools/OS/NEWS-OS.6.x b/contrib/sendmail/BuildTools/OS/NEWS-OS.6.x
new file mode 100644
index 000000000000..dec79b5e9ec2
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NEWS-OS.6.x
@@ -0,0 +1,28 @@
+# @(#)NEWS-OS.6.x 8.8 (Berkeley) 3/12/98
+define(`confCC', `/bin/cc')
+define(`confBEFORE', `sysexits.h ndbm.o')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confLIBS', `ndbm.o -lelf -lsocket -lnsl # # with NDBM')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `/usr/ucb/install')
+ ln -s /usr/ucbinclude/sysexits.h .
+ if [ ! -f /usr/include/ndbm.h ]; then \
+ ln -s /usr/ucbinclude/ndbm.h .; \
+ fi; \
+ if [ -f /usr/lib/libndbm.a ]; then \
+ ar x /usr/lib/libndbm.a ndbm.o; \
+ else \
+ ar x /usr/ucblib/libucb.a ndbm.o; \
+ fi;
diff --git a/contrib/sendmail/BuildTools/OS/NEXTSTEP.4.x b/contrib/sendmail/BuildTools/OS/NEXTSTEP.4.x
new file mode 100644
index 000000000000..4fd6b0386089
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NEXTSTEP.4.x
@@ -0,0 +1,28 @@
+# @(#)NEXTSTEP.4.x 8.1 (Berkeley) 3/21/98
+# NEXTSTEP 3.1 and 3.2 only support m68k and i386
+#ARCH= -arch m68k -arch i386 -arch hppa -arch sparc
+#ARCH= -arch m68k -arch i386
+# For new sendmail Makefile structure, this must go in the ENVDEF and LDOPTS
+define(`confBEFORE', `unistd.h dirent.h')
+define(`confMAPDEF', `-DNDBM -DNIS -DNETINFO')
+define(`confENVDEF', `-DNeXT -Wno-precomp -pipe ${RC_CFLAGS}')
+define(`confLDOPTS', `${RC_CFLAGS}')
+define(`confLIBS', `-ldbm')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/etc/sendmail')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+ cp /dev/null unistd.h
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/NeXT.2.x b/contrib/sendmail/BuildTools/OS/NeXT.2.x
new file mode 100644
index 000000000000..d8f469495045
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NeXT.2.x
@@ -0,0 +1,20 @@
+# @(#)NeXT.2.x 8.7 (Berkeley) 3/12/98
+define(`confBEFORE', `unistd.h dirent.h')
+define(`confMAPDEF', `-DNDBM -DNIS -DNETINFO')
+define(`confENVDEF', `-DNeXT ')
+define(`confLIBS', `-ldbm')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/etc/sendmail')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+ cp /dev/null unistd.h
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/NeXT.3.x b/contrib/sendmail/BuildTools/OS/NeXT.3.x
new file mode 100644
index 000000000000..05aad6f85a51
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NeXT.3.x
@@ -0,0 +1,28 @@
+# @(#)NeXT.3.x 8.7 (Berkeley) 3/12/98
+# NEXTSTEP 3.1 and 3.2 only support m68k and i386
+#ARCH= -arch m68k -arch i386 -arch hppa -arch sparc
+#ARCH= -arch m68k -arch i386
+# For new sendmail Makefile structure, this must go in the ENVDEF and LDOPTS
+define(`confBEFORE', `unistd.h dirent.h')
+define(`confMAPDEF', `-DNDBM -DNIS -DNETINFO')
+define(`confENVDEF', `-DNeXT -Wno-precomp -pipe ${RC_CFLAGS}')
+define(`confLDOPTS', `${RC_CFLAGS}')
+define(`confLIBS', `-ldbm')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/etc/sendmail')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+ cp /dev/null unistd.h
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/NeXT.4.x b/contrib/sendmail/BuildTools/OS/NeXT.4.x
new file mode 100644
index 000000000000..35f3bdb35e51
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NeXT.4.x
@@ -0,0 +1,29 @@
+# @(#)NeXT.4.x 8.8 (Berkeley) 5/25/98
+# NEXTSTEP 3.1 and 3.2 only support m68k and i386
+#ARCH= -arch m68k -arch i386 -arch hppa -arch sparc
+#ARCH= -arch m68k -arch i386
+# For new sendmail Makefile structure, this must go in the ENVDEF and LDOPTS
+define(`confBEFORE', `unistd.h dirent.h')
+define(`confMAPDEF', `-DNDBM -DNIS -DNETINFO')
+define(`confENVDEF', `-DNeXT -Wno-precomp -pipe ${RC_CFLAGS}')
+define(`confLDOPTS', `${RC_CFLAGS}')
+define(`confLIBS', `-ldbm')
+define(`confMANROOT', `/usr/lib/man/cat')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/etc/sendmail')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+ cp /dev/null unistd.h
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/NetBSD b/contrib/sendmail/BuildTools/OS/NetBSD
new file mode 100644
index 000000000000..595fd2df289d
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NetBSD
@@ -0,0 +1,4 @@
+# @(#)NetBSD 8.6 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNEWDB -DNIS -DMAP_REGEX')
+define(`confENVDEF', ` -DNETISO')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/NetBSD.8.3 b/contrib/sendmail/BuildTools/OS/NetBSD.8.3
new file mode 100644
index 000000000000..6576660f44e8
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NetBSD.8.3
@@ -0,0 +1,3 @@
+# @(#)NetBSD.8.3 8.6 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNEWDB -DNIS -DMAP_REGEX')
+define(`confENVDEF', ` # -DNETISO')
diff --git a/contrib/sendmail/BuildTools/OS/NonStop-UX b/contrib/sendmail/BuildTools/OS/NonStop-UX
new file mode 100644
index 000000000000..02bdb7801d4d
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/NonStop-UX
@@ -0,0 +1,16 @@
+# @(#)NonStop-UX 8.8 (Berkeley) 3/12/98
+define(`confCC', `gcc')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DNonStop_UX_BXX -D_SVID ')
+define(`confINCDIRS', `-I/usr/include -I/usr/ucbinclude')
+define(`confLIBDIRS', `-L/usr/ucblib')
+define(`confLIBS', `-lsocket -lnsl -lelf -lucb')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/OSF1 b/contrib/sendmail/BuildTools/OS/OSF1
new file mode 100644
index 000000000000..cc65dbc7844d
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/OSF1
@@ -0,0 +1,9 @@
+# @(#)OSF1 8.7 (Berkeley) 3/14/98
+define(`confCC', `cc -Olimit 1000')
+define(`confMAPDEF', `-DNDBM -DNIS -DMAP_REGEX')
+define(`confLIBS', `-ldbm')
+define(`confSTDIR', `/var/adm/sendmail')
+define(`confHFDIR', `/usr/share/lib')
+define(`confINSTALL', `installbsd')
+define(`confUBINDIR', `${BINDIR}')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/OpenBSD b/contrib/sendmail/BuildTools/OS/OpenBSD
new file mode 100644
index 000000000000..fb7bc8f42c36
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/OpenBSD
@@ -0,0 +1,3 @@
+# @(#)OpenBSD 8.5 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNEWDB -DNIS -DMAP_REGEX')
+define(`confENVDEF', ` -DNETISO')
diff --git a/contrib/sendmail/BuildTools/OS/PTX b/contrib/sendmail/BuildTools/OS/PTX
new file mode 100644
index 000000000000..9af372792a8a
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/PTX
@@ -0,0 +1,10 @@
+# @(#)PTX 8.6 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM')
+define(`confOPTIMIZE', `-g')
+define(`confLIBS', `-lsocket -linet -lelf -lnsl -lseq')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
diff --git a/contrib/sendmail/BuildTools/OS/Paragon b/contrib/sendmail/BuildTools/OS/Paragon
new file mode 100644
index 000000000000..e16e051f734a
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Paragon
@@ -0,0 +1,8 @@
+# @(#)Paragon 8.3 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM')
+define(`confLIBDIRS', `-L/usr/shlib -L/usr/lib')
+define(`confLIBS', `-ldbm')
+define(`confSTDIR', `/var/adm/sendmail')
+define(`confHFDIR', `/usr/share/lib')
+define(`confINSTALL', `installbsd')
+define(`confUBINDIR', `${BINDIR}')
diff --git a/contrib/sendmail/BuildTools/OS/PowerUX b/contrib/sendmail/BuildTools/OS/PowerUX
new file mode 100644
index 000000000000..b0f133d0a8c7
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/PowerUX
@@ -0,0 +1,9 @@
+# @(#)PowerUX 8.5 (Berkeley) 2/12/98
+define(`confENVDEF', `-D__svr4__ ')
+define(`confLIBS', `-Bstatic -lsocket -lnsl -lelf -lgen')
+define(`confMBINDIR', `/usr/local/etc')
+define(`confSBINDIR', `/usr/local/etc')
+define(`confUBINDIR', `/usr/local/bin')
+define(`confEBINDIR', `/usr/local/lib')
+define(`confSBINGRP', `mail')
+define(`confINSTALL', `/usr/ucb/install')
diff --git a/contrib/sendmail/BuildTools/OS/QNX b/contrib/sendmail/BuildTools/OS/QNX
new file mode 100644
index 000000000000..3cc01821afc8
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/QNX
@@ -0,0 +1,15 @@
+# @(#)QNX 8.4 (Berkeley) 2/19/98
+# For this Makefile to work you must compile and install the libdb package
+# and then change DBMINC and DBMLIB as appropriate.
+DBMINC= /usr/local/include
+DBMLIB= /usr/local/lib
+define(`confENVDEF', `-Osax -w4 -zc -fr= -D__BIT_TYPES_DEFINED__')
+define(`confINCDIRS', `${DBMINC}')
+define(`confLIBDIRS', `${DBMLIB}')
+define(`confLIBS', `-lsocket')
+define(`confLDOPTS', `-M -N256k')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
diff --git a/contrib/sendmail/BuildTools/OS/RISCos b/contrib/sendmail/BuildTools/OS/RISCos
new file mode 100644
index 000000000000..1888ae691616
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/RISCos
@@ -0,0 +1,25 @@
+# @(#)RISCos 8.5 (Berkeley) 3/12/98
+define(`confCC', `cc -systype bsd43 -Olimit 900')
+define(`confBEFORE', `stdlib.h dirent.h unistd.h stddef.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DRISCOS ')
+define(`confLIBS', `-lmld')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `/usr/bsd43/bin/install')
+stdlib.h stddef.h:
+ cp /dev/null $@
+ echo "typedef unsigned short mode_t;" > unistd.h
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/RISCos.4_0 b/contrib/sendmail/BuildTools/OS/RISCos.4_0
new file mode 100644
index 000000000000..e057fb433cfe
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/RISCos.4_0
@@ -0,0 +1,25 @@
+# @(#)RISCos.4_0 8.6 (Berkeley) 3/12/98
+define(`confCC', `cc -systype bsd43 -Olimit 900')
+define(`confBEFORE', `stdlib.h dirent.h unistd.h stddef.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-DRISCOS -DRISCOS_4_0 ')
+define(`confLIBS', `-lmld')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+stdlib.h stddef.h:
+ cp /dev/null $@
+ echo "typedef unsigned short mode_t;" > unistd.h
+ echo "#include <sys/dir.h>" > dirent.h
+ echo "#define dirent direct" >> dirent.h
diff --git a/contrib/sendmail/BuildTools/OS/SCO b/contrib/sendmail/BuildTools/OS/SCO
new file mode 100644
index 000000000000..a72ba53eebe4
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SCO
@@ -0,0 +1,9 @@
+# @(#)SCO 8.3 (Berkeley) 2/8/98
+define(`confENVDEF', `-D_SCO_unix_ ')
+define(`confLIBS', `-lsocket -lprot_s -lx -lc_s')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
diff --git a/contrib/sendmail/BuildTools/OS/SCO.4.2 b/contrib/sendmail/BuildTools/OS/SCO.4.2
new file mode 100644
index 000000000000..027f7300667a
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SCO.4.2
@@ -0,0 +1,11 @@
+# @(#)SCO.4.2 8.5 (Berkeley) 6/30/98
+define(`confENVDEF', `-D_SCO_unix_4_2 ')
+define(`confLIBS', `-lsocket -lndbm -lprot_s -lx -lc_s')
+define(`confMAPDEF', `-DNDBM')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `bin')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
diff --git a/contrib/sendmail/BuildTools/OS/SCO.5.x b/contrib/sendmail/BuildTools/OS/SCO.5.x
new file mode 100644
index 000000000000..8f095ac5aed3
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SCO.5.x
@@ -0,0 +1,10 @@
+# @(#)SCO.5.x 8.10 (Berkeley) 6/30/98
+define(`confCC', `cc -b elf')
+define(`confLIBS', `-lsocket -lndbm -lprot -lcurses -lm -lx -lgen')
+define(`confMAPDEF', `-DMAP_REGEX -DNDBM')
+define(`confSBINGRP', `bin')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/bin')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
diff --git a/contrib/sendmail/BuildTools/OS/SINIX b/contrib/sendmail/BuildTools/OS/SINIX
new file mode 100644
index 000000000000..93cc78135012
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SINIX
@@ -0,0 +1,12 @@
+# @(#)SINIX 8.5 (Berkeley) 2/12/98
+define(`confCC', `/usr/bin/cc')
+define(`confENVDEF', `-D__svr4__ ')
+define(`confLIBS', `-lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
diff --git a/contrib/sendmail/BuildTools/OS/SVR4 b/contrib/sendmail/BuildTools/OS/SVR4
new file mode 100644
index 000000000000..f342c3feeb3e
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SVR4
@@ -0,0 +1,14 @@
+# @(#)SVR4 8.6 (Berkeley) 3/12/98
+define(`confCC', `gcc')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-D__svr4__ ')
+define(`confLIBS', `-ldbm -lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/SunOS b/contrib/sendmail/BuildTools/OS/SunOS
new file mode 100644
index 000000000000..2a8897825acf
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS
@@ -0,0 +1,10 @@
+# @(#)SunOS 8.6 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confLDOPTS', `-Bstatic')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.4.0 b/contrib/sendmail/BuildTools/OS/SunOS.4.0
new file mode 100644
index 000000000000..05bbc57d5049
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.4.0
@@ -0,0 +1,15 @@
+# @(#)SunOS.4.0 8.6 (Berkeley) 3/12/98
+define(`confBEFORE', `stdlib.h stddef.h limits.h')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DSUNOS403 ')
+define(`confLDOPTS', `-Bstatic')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', `/etc')
+define(`confHFDIR', `/usr/lib')
+stddef.h stdlib.h limits.h:
+ cp /dev/null $@
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.5.1 b/contrib/sendmail/BuildTools/OS/SunOS.5.1
new file mode 100644
index 000000000000..2383609ef14a
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.5.1
@@ -0,0 +1,22 @@
+# @(#)SunOS.5.1 8.8 (Berkeley) 3/21/98
+define(`confCC', `gcc')
+define(`confBEFORE', `sysexits.h')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DSOLARIS=20100 ')
+define(`confLIBS', `-lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/etc/mail')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
+ if [ -r /usr/ucbinclude/sysexits.h ]; \
+ then \
+ ln -s /usr/ucbinclude/sysexits.h; \
+ fi
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.5.2 b/contrib/sendmail/BuildTools/OS/SunOS.5.2
new file mode 100644
index 000000000000..5e635db694e2
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.5.2
@@ -0,0 +1,22 @@
+# @(#)SunOS.5.2 8.8 (Berkeley) 3/21/98
+define(`confCC', `gcc')
+define(`confBEFORE', `sysexits.h')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DSOLARIS=20100 ')
+define(`confLIBS', `-lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/etc/mail')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
+ if [ -r /usr/ucbinclude/sysexits.h ]; \
+ then \
+ ln -s /usr/ucbinclude/sysexits.h; \
+ fi
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.5.3 b/contrib/sendmail/BuildTools/OS/SunOS.5.3
new file mode 100644
index 000000000000..8f64d219b7be
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.5.3
@@ -0,0 +1,20 @@
+# @(#)SunOS.5.3 8.8 (Berkeley) 3/21/98
+define(`confCC', `gcc')
+define(`confBEFORE', `sysexits.h')
+define(`confMAPDEF', `-DNDBM -DNIS -DNISPLUS')
+define(`confENVDEF', `-DSOLARIS=20300 ')
+define(`confLIBS', `-lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/lib')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/etc/mail')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
+ if [ -r /usr/ucbinclude/sysexits.h ]; \
+ then \
+ ln -s /usr/ucbinclude/sysexits.h; \
+ fi
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.5.4 b/contrib/sendmail/BuildTools/OS/SunOS.5.4
new file mode 100644
index 000000000000..65e84002c7b7
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.5.4
@@ -0,0 +1,20 @@
+# @(#)SunOS.5.4 8.10 (Berkeley) 3/21/98
+define(`confCC', `gcc')
+define(`confBEFORE', `sysexits.h')
+define(`confMAPDEF', `-DNDBM -DNIS -DNISPLUS')
+define(`confENVDEF', `-DSOLARIS=20400 ')
+define(`confLIBS', `-lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/lib')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/etc/mail')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
+ if [ -r /usr/include/sysexits.h ]; \
+ then \
+ ln -s /usr/include/sysexits.h; \
+ fi
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.5.5 b/contrib/sendmail/BuildTools/OS/SunOS.5.5
new file mode 100644
index 000000000000..267f16d22a1b
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.5.5
@@ -0,0 +1,20 @@
+# @(#)SunOS.5.5 8.11 (Berkeley) 3/21/98
+define(`confCC', `gcc')
+define(`confBEFORE', `sysexits.h')
+define(`confENVDEF', `-DSOLARIS=20500 ')
+define(`confLIBS', `-lsocket -lnsl -lkstat')
+define(`confMBINDIR', `/usr/lib')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/etc/mail')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
+ if [ -r /usr/include/sysexits.h ]; \
+ then \
+ ln -s /usr/include/sysexits.h; \
+ fi
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.5.6 b/contrib/sendmail/BuildTools/OS/SunOS.5.6
new file mode 100644
index 000000000000..0537007008d1
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.5.6
@@ -0,0 +1,20 @@
+# @(#)SunOS.5.6 8.10 (Berkeley) 3/21/98
+define(`confCC', `gcc')
+define(`confBEFORE', `sysexits.h')
+define(`confENVDEF', `-DSOLARIS=20600 ')
+define(`confLIBS', `-lsocket -lnsl -lkstat')
+define(`confMBINDIR', `/usr/lib')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/etc/mail')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
+ if [ -r /usr/include/sysexits.h ]; \
+ then \
+ ln -s /usr/include/sysexits.h; \
+ fi
diff --git a/contrib/sendmail/BuildTools/OS/SunOS.5.7 b/contrib/sendmail/BuildTools/OS/SunOS.5.7
new file mode 100644
index 000000000000..b030e77c6506
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/SunOS.5.7
@@ -0,0 +1,20 @@
+# @(#)SunOS.5.7 8.11 (Berkeley) 3/21/98
+define(`confCC', `gcc')
+define(`confBEFORE', `sysexits.h')
+define(`confENVDEF', `-DSOLARIS=20700 ')
+define(`confLIBS', `-lsocket -lnsl')
+define(`confMBINDIR', `/usr/lib')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/etc/mail')
+define(`confHFDIR', `/etc/mail')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confDEPEND_TYPE', `CC-M')
+ if [ -r /usr/include/sysexits.h ]; \
+ then \
+ ln -s /usr/include/sysexits.h; \
+ fi
diff --git a/contrib/sendmail/BuildTools/OS/Titan b/contrib/sendmail/BuildTools/OS/Titan
new file mode 100644
index 000000000000..b66820089fd1
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/Titan
@@ -0,0 +1,13 @@
+# @(#)Titan 8.5 (Berkeley) 3/12/98
+define(`confCC', `cc -43')
+define(`confBEFORE', `stddef.h stdlib.h')
+define(`confMAPDEF', `-DNDBM')
+define(`confLIBS', `-ldbm')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+stddef.h stdlib.h:
+ cp /dev/null $@
diff --git a/contrib/sendmail/BuildTools/OS/ULTRIX b/contrib/sendmail/BuildTools/OS/ULTRIX
new file mode 100644
index 000000000000..f5df633e52ef
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/ULTRIX
@@ -0,0 +1,10 @@
+# @(#)ULTRIX 8.7 (Berkeley) 3/12/98
+define(`confCC', `cc -Olimit 950')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DIDENTPROTO=0 ')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/UMAX b/contrib/sendmail/BuildTools/OS/UMAX
new file mode 100644
index 000000000000..450c91da7500
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/UMAX
@@ -0,0 +1,15 @@
+# @(#)UMAX 8.5 (Berkeley) 3/12/98
+define(`confBEFORE', `stddef.h')
+define(`confMAPDEF', `-DNIS')
+define(`confENVDEF', `-DUMAXV ')
+define(`confLIBS', `-lyp -lrpc')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+ echo "#define _STDDEF_H" > stddef.h
+ chmod 444 stddef.h
diff --git a/contrib/sendmail/BuildTools/OS/UNICOS b/contrib/sendmail/BuildTools/OS/UNICOS
new file mode 100644
index 000000000000..7984fa927c95
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/UNICOS
@@ -0,0 +1,9 @@
+# @(#)UNICOS 8.7 (Berkeley) 2/26/98
+define(`confENVDEF', `-DUNICOS ')
+define(`confOPTIMIZE', `-O')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSTDIR', ` /etc/mail')
+define(`confHFDIR', ` /etc/mail')
diff --git a/contrib/sendmail/BuildTools/OS/UNIX_SV.4.x.i386 b/contrib/sendmail/BuildTools/OS/UNIX_SV.4.x.i386
new file mode 100644
index 000000000000..a6865e786aed
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/UNIX_SV.4.x.i386
@@ -0,0 +1,14 @@
+# @(#)UNIX_SV.4.x.i386 8.6 (Berkeley) 3/12/98
+define(`confCC', `gcc')
+define(`confMAPDEF', `-DNDBM')
+define(`confENVDEF', `-D__svr4__ -DUNIXWARE ')
+define(`confLIBS', `-lc -ldbm -lsocket -lnsl -lgen -lelf')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confDEPEND_TYPE', `CC-M')
diff --git a/contrib/sendmail/BuildTools/OS/UX4800 b/contrib/sendmail/BuildTools/OS/UX4800
new file mode 100644
index 000000000000..207b370baa0c
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/UX4800
@@ -0,0 +1,24 @@
+# @(#)UX4800 8.8 (Berkeley) 3/12/98
+define(`confCC', `/usr/abiccs/bin/cc -KOlimit=900')
+define(`confBEFORE', `sysexits.h ndbm.h')
+define(`confMAPDEF', `-DNDBM -DNIS # without NEWDB')
+define(`confENVDEF', `-DHASSNPRINTF=1 ')
+define(`confLIBS', `-lsocket -lnsl -lelf # # without NEWDB')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `sys')
+define(`confSTDIR', `/var/ucblib')
+define(`confHFDIR', `/var/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+ echo '#ifndef _LOCAL_SYSEXITS_H_' > sysexits.h;
+ echo '#define _LOCAL_SYSEXITS_H_' >> sysexits.h;
+ cat /usr/abiccs/ucbinclude/sysexits.h >> sysexits.h;
+ echo '#endif /* _LOCAL_SYSEXITS_H_ */' >> sysexits.h;
+ sed 's/void/char/' /usr/abiccs/include/ndbm.h > ndbm.h
diff --git a/contrib/sendmail/BuildTools/OS/UXPDS.V10 b/contrib/sendmail/BuildTools/OS/UXPDS.V10
new file mode 100644
index 000000000000..bf3014034378
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/UXPDS.V10
@@ -0,0 +1,15 @@
+# @(#)UXPDS.V10 8.9 (Berkeley) 3/12/98
+define(`confCC', `/usr/ccs/bin/cc')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DUXPDS=10 ')
+define(`confINCDIRS', `-I/usr/include -I/usr/ucbinclude')
+define(`confLIBS', `/usr/ucblib/libdbm.a /usr/ucblib/libucb.a -lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confMANROOT', `/usr/local/man/man')
diff --git a/contrib/sendmail/BuildTools/OS/UXPDS.V20 b/contrib/sendmail/BuildTools/OS/UXPDS.V20
new file mode 100644
index 000000000000..cacdb4af68b3
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/UXPDS.V20
@@ -0,0 +1,22 @@
+# @(#)UXPDS.V20 8.8 (Berkeley) 3/12/98
+define(`confCC', `/usr/ccs/bin/cc')
+define(`confBEFORE', `netinet/ip_var.h')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confENVDEF', `-DUXPDS=20 ')
+define(`confLIBS', `/usr/ucblib/libdbm.a -lsocket -lnsl -lelf')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/ucblib')
+define(`confHFDIR', `/usr/ucblib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+define(`confMANROOT', `/usr/local/man/man')
+netinet/ip_var.h: netinet /usr/include/netinet/ip_var.h
+ sed '/ip_var_f.h/d' /usr/include/netinet/ip_var.h > netinet/ip_var.h
+ mkdir netinet
diff --git a/contrib/sendmail/BuildTools/OS/dcosx.1.x.NILE b/contrib/sendmail/BuildTools/OS/dcosx.1.x.NILE
new file mode 100644
index 000000000000..900afcd632b9
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/dcosx.1.x.NILE
@@ -0,0 +1,6 @@
+# @(#)dcosx.1.x.NILE 8.3 (Berkeley) 2/8/98
+define(`confENVDEF', `-D__svr4__ -DDCOSx ')
+define(`confLIBS', `-lsocket -lnsl -lelf')
+define(`confHFDIR', `/usr/share/lib/mail')
+define(`confINSTALL', `/usr/ucb/install')
+define(`confSBINGRP', `sys')
diff --git a/contrib/sendmail/BuildTools/OS/dgux b/contrib/sendmail/BuildTools/OS/dgux
new file mode 100644
index 000000000000..7d6d867b1ec1
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/dgux
@@ -0,0 +1,10 @@
+# @(#)dgux 8.5 (Berkeley) 3/12/98
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confLIBS', `-ldbm')
+define(`confMBINDIR', `/usr/bin')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `bin')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/etc')
diff --git a/contrib/sendmail/BuildTools/OS/maxion b/contrib/sendmail/BuildTools/OS/maxion
new file mode 100644
index 000000000000..3bb6e0e2e2cd
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/maxion
@@ -0,0 +1,14 @@
+# @(#)maxion 8.6 (Berkeley) 3/12/98
+define(`confCC', `/usr/ucb/cc')
+define(`confMAPDEF', `-DNDBM -DNIS')
+define(`confLIBDIRS', `-L/usr/ucblib')
+define(`confLIBS', `-ldbm -lgen -lucb')
+define(`confMBINDIR', `/usr/ucblib')
+define(`confSBINDIR', `/usr/ucbetc')
+define(`confUBINDIR', `/usr/ucb')
+define(`confEBINDIR', `/usr/ucblib')
+define(`confSBINOWN', `smtp')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/var/adm/log')
+define(`confHFDIR', `/etc/ucbmail')
+define(`confINSTALL', `/usr/ucb/install')
diff --git a/contrib/sendmail/BuildTools/OS/uts.systemV b/contrib/sendmail/BuildTools/OS/uts.systemV
new file mode 100644
index 000000000000..c5f841fb5ab0
--- /dev/null
+++ b/contrib/sendmail/BuildTools/OS/uts.systemV
@@ -0,0 +1,26 @@
+# @(#)uts.systemV 8.10 (Berkeley) 3/12/98
+# Sendmail 8 on UTS requires BIND 4.9's include files and lib44bsd and
+# libresolv libraries. The BIND version on UTS is much too old.
+define(`confBEFORE', `stddef.h')
+define(`confMAPDEF', `-DNIS -DNDBM')
+define(`confENVDEF', `-D_UTS ')
+define(`confOPTIMIZE', `-g')
+define(`confINCDIRS', `-I${BINDPATH}/include -I${BINDPATH}/compat/include')
+define(`confLIBDIRS', `-L${BINDPATH}/res -L${BINDPATH}/compat/lib')
+define(`confLIBS', `-lyp -lrpc -lbsd -lsocket -la')
+define(`confMBINDIR', `/usr/lib')
+define(`confSBINDIR', `/usr/etc')
+define(`confUBINDIR', `/usr/lib')
+define(`confEBINDIR', `/usr/lib')
+define(`confSBINGRP', `mail')
+define(`confSTDIR', `/usr/lib')
+define(`confHFDIR', `/usr/lib')
+define(`confINSTALL', `${BUILDBIN}/install.sh')
+ echo "#include <sys/types.h>" > stddef.h
diff --git a/contrib/sendmail/BuildTools/README b/contrib/sendmail/BuildTools/README
new file mode 100644
index 000000000000..0efc1548b391
--- /dev/null
+++ b/contrib/sendmail/BuildTools/README
@@ -0,0 +1,110 @@
+This directory contains tools. Do not attempt to actually build
+anything in this directory.
+The Build script allows you to specify a site configuration file by using
+the -f flag:
+ Build -f siteconfig.m4
+You can put such site configuration files in the Site sub-directory;
+see Site/README for details.
+While building a site configuration file, you can add to a definition
+using the APPENDDEF() and PREPENDDEF() macros. For example:
+ APPENDDEF(`confINCDIRS', `-I/usr/local/bind/include')
+will add -I/usr/local/bind/include to the already existing confINCDIRS.
+Note: There must be no trailing spaces after the last quote mark and
+before the closing parenthesis. Also you may need to properly quote
+m4 reserved words as specified by your vendor's m4 command.
+By default, sendmail will search your system for include and library
+directories as well as certain libraries (libdb.* for Berkeley DB and
+libbind.a or libresolv.* for name resolution). You can turn off this
+configuration step by specifying the -S flag with the Build command.
+The OS subtree contains definitions for variations on a standard
+model for system installation. The M4 variables that can be defined
+and their defaults before referencing the appropriate OS definitons
+confBEFORE [empty] Files to create before sendmail is
+ compiled. The methods must be defined
+ in the Makefile using PUSHDIVERT(3).
+confBUILDBIN ../../BuildTools/bin
+ The location of the build support
+ binaries, relative to the obj.*
+ directory.
+confCC cc The C compiler to use.
+confOPTIMIZE -O Flags passed to CC as ${O}.
+confDEPEND_TYPE generic How to build dependencies. This should
+ be the name of a file in
+ BuildTools/M4/depend
+confEBINDIR /usr/libexec The location for binaries executed
+ from other binaries, e.g., mail.local
+ or smrsh.
+confENVDEF [empty] -D flags passed to cc.
+confHFDIR /usr/share/misc Location of the sendmail help file.
+confINCDIRS [empty] -I flags passed to cc.
+confINSTALL install The BSD-compatible install program.
+ Use ${BUILDBIN}/install.sh if none
+ is available on your system.
+confLDOPTS [empty] Linker options passed to ld.
+confLIBDIRS [empty] -L flags passed to ld.
+confLIBS [varies] -l flags passed to ld.
+confLIBSEARCH db bind resolv 44bsd
+ Search for these libraries for
+ linking with programs.
+confLINKS ${UBINDIR}/newaliases ${UBINDIR}/mailq \
+ ${UBINDIR}/hoststat ${UBINDIR}/purgestat
+ Names of links to sendmail.
+confMANROOT /usr/share/man/cat The root of the man subtree.
+confMAN1 confMANROOT 1 The location of man1 files.
+confMAN1EXT 1 The extension on files in confMAN1.
+confMAN1SRC 0 The source for man pages installed
+ in confMAN1.
+confMAN5 confMANROOT 5 The location of man5 files.
+confMAN5EXT 5 The extension on files in confMAN5.
+confMAN5SRC 0 The source for man pages installed
+ in confMAN5.
+confMAN8 confMANROOT 8 The location of man8 files.
+confMAN8EXT 8 The extension on files in confMAN8.
+confMAN8SRC 0 The source for man pages installed
+ in confMAN8.
+confMANDOC -mandoc The macros used to format man pages.
+confMANOWN bin The owner of installed man pages.
+confMANGRP bin The group of installed man pages.
+confMANMODE 444 The mode of installed man pages.
+confMAPDEF [varies] The map definitions, e.g.,
+ -DNDBM -DNEWDB. -DNEWDB is always
+ added if a libdb.a can be found.
+confNO_MAN_INSTALL [undefined] If defined, don't install the man
+ pages by default.
+confMBINDIR /usr/sbin The location of the MTA (sendmail)
+ binary.
+confNROFF groff -Tascii The command to format man pages.
+confOBJADD [empty] Objects that should be included in
+ when linking sendmail and the
+ associated utilities.
+confSBINDIR /usr/sbin The location of root-oriented
+ commands, such as makemap.
+confSBINOWN root The owner for setuid binaries.
+confSBINGRP kmem The group for setuid binaries.
+confSBINMODE 4555 The mode for setuid binaries.
+confSHELL /bin/sh The shell to use inside make.
+confSMOBJADD [empty] Objects that should be included in
+ when linking sendmail.
+confSRCDIR ../../src The sendmail source directory
+ relative to support program obj.*
+ directories.
+confSTDIR /var/log The directory in which to store the
+ sendmail status file.
+confUBINDIR /usr/bin The directory for user-executable
+ binaries.
+confUBINOWN bin The owner for user-executable binaries.
+confUBINGRP bin The group for user-executable binaries.
+confUBINMODE 555 The mode for user-executable binaries.
+@(#)README 8.22 (Berkeley) 6/30/98
diff --git a/contrib/sendmail/BuildTools/Site/README b/contrib/sendmail/BuildTools/Site/README
new file mode 100644
index 000000000000..d5ecb96001dc
--- /dev/null
+++ b/contrib/sendmail/BuildTools/Site/README
@@ -0,0 +1,16 @@
+The Build script will look for the default site configuration files in
+this directory. Build will include the following files if they are
+present in this directory:
+ site.OS.m4
+ site.config.m4
+OS is the name of the operating system file selected from the BuildTools/OS
+directory. SENDMAIL_SUFFIX is a user environment variable which can be
+used to further distinguish between site configuration files in this
+See the README in the BuildTools directory for more information.
+@(#)README 8.3 (Berkeley) 3/27/98
diff --git a/contrib/sendmail/BuildTools/bin/Build b/contrib/sendmail/BuildTools/bin/Build
new file mode 100755
index 000000000000..ab8a49d78cac
--- /dev/null
+++ b/contrib/sendmail/BuildTools/bin/Build
@@ -0,0 +1,513 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1993, 1996-1997 Eric P. Allman. All rights reserved.
+# Copyright (c) 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# @(#)Build 8.93 (Berkeley) 6/24/98
+# A quick-and-dirty script to compile sendmail and related programs
+# in the presence of multiple architectures. To use, just use
+# "sh Build".
+trap "rm -f $obj/.settings$$; exit" 1 2 3 15
+while [ ! -z "$1" ]
+ case $1
+ in
+ -c) # clean out existing $obj tree
+ cflag=1
+ shift
+ ;;
+ -m) # show Makefile name only
+ mflag=1
+ shift
+ ;;
+ -E*) # environment variables to pass into Build
+ arg=`echo $1 | sed 's/^-E//'`
+ if [ -z "$arg" ]
+ then
+ shift # move to argument
+ arg=$1
+ fi
+ if [ -z "$arg" ]
+ then
+ echo "Empty -E flag" >&2
+ exit $EX_USAGE
+ else
+ case $arg
+ in
+ *=*) # check format
+ eval $arg
+ export `echo $arg | sed 's;=.*;;'`
+ ;;
+ *) # bad format
+ echo "Bad format for -E argument ($arg)" >&2
+ exit $EX_USAGE
+ ;;
+ esac
+ shift
+ fi
+ ;;
+ -L*) # set up LIBDIRS
+ libdirs="$libdirs $1"
+ shift
+ ;;
+ -I*) # set up INCDIRS
+ incdirs="$incdirs $1"
+ shift
+ ;;
+ -f*) # select site config file
+ arg=`echo $1 | sed 's/^-f//'`
+ if [ -z "$arg" ]
+ then
+ shift # move to argument
+ arg=$1
+ fi
+ if [ "$siteconfig" ]
+ then
+ echo "Only one -f flag allowed" >&2
+ exit $EX_USAGE
+ else
+ siteconfig=$arg
+ if [ -z "$siteconfig" ]
+ then
+ echo "Missing argument for -f flag" >&2
+ exit $EX_USAGE
+ elif [ ! -f "$siteconfig" ]
+ then
+ echo "${siteconfig}: File not found"
+ exit $EX_NOINPUT
+ else
+ shift # move past argument
+ fi
+ fi
+ ;;
+ -S) # skip auto-configure
+ sflag="-s"
+ shift
+ ;;
+ *) # pass argument to make
+ makeargs="$makeargs \"$1\""
+ shift
+ ;;
+ esac
+# Do heuristic guesses !ONLY! for machines that do not have uname
+if [ -d /NextApps -a ! -f /bin/uname -a ! -f /usr/bin/uname ]
+ # probably a NeXT box
+ arch=`hostinfo | sed -n 's/.*Processor type: \([^ ]*\).*/\1/p'`
+ os=NeXT
+ rel=`hostinfo | sed -n 's/.*NeXT Mach \([0-9\.]*\).*/\1/p'`
+elif [ -f /usr/sony/bin/machine -a -f /etc/osversion ]
+ # probably a Sony NEWS 4.x
+ os=NEWS-OS
+ rel=`awk '{ print $3}' /etc/osversion`
+ arch=`/usr/sony/bin/machine`
+elif [ -d /usr/omron -a -f /bin/luna ]
+ # probably a Omron LUNA
+ os=LUNA
+ if [ -f /bin/luna1 ] && /bin/luna1
+ then
+ rel=unios-b
+ arch=luna1
+ elif [ -f /bin/luna2 ] && /bin/luna2
+ then
+ rel=Mach
+ arch=luna2
+ elif [ -f /bin/luna88k ] && /bin/luna88k
+ then
+ rel=Mach
+ arch=luna88k
+ fi
+elif [ -d /usr/apollo -a -d \`node_data ]
+ # probably a Apollo/DOMAIN
+ os=DomainOS
+ arch=$ISP
+ rel=`/usr/apollo/bin/bldt | grep Domain | awk '{ print $4 }' | sed -e 's/,//g'`
+if [ ! "$arch" -a ! "$os" -a ! "$rel" ]
+ arch=`uname -m | sed -e 's/ //g'`
+ os=`uname -s | sed -e 's/\//-/g' -e 's/ //g'`
+ rel=`uname -r | sed -e 's/(/-/g' -e 's/)//g'`
+# Tweak the values we have already got. PLEASE LIMIT THESE to
+# tweaks that are absolutely necessary because your system uname
+# routine doesn't return something sufficiently unique. Don't do
+# it just because you don't like the name that is returned. You
+# can combine the architecture name with the os name to create a
+# unique Makefile name.
+# tweak machine architecture
+case $arch
+ sun4*) arch=sun4;;
+ 9000/*) arch=`echo $arch | sed -e 's/9000.//' -e 's/..$/xx/'`;;
+ DS/907000) arch=ds90;;
+ NILE*) arch=NILE
+ os=`uname -v`;;
+# tweak operating system type and release
+node=`uname -n | sed -e 's/\//-/g' -e 's/ //g'`
+if [ "$os" = "$node" -a "$arch" = "i386" -a "$rel" = 3.2 -a "`uname -v`" = 2 ]
+ # old versions of SCO UNIX set uname -s the same as uname -n
+ os=SCO_SV
+if [ "$rel" = 4.0 ]
+ case $arch in
+ 3[34]??|3[34]??,*)
+ if [ -d /usr/sadm/sysadm/add-ons/WIN-TCP ]
+ then
+ os=NCR.MP-RAS.2.x
+ elif [ -d /usr/sadm/sysadm/add-ons/inet ]
+ then
+ os=NCR.MP-RAS.3.x
+ fi
+ ;;
+ esac
+case $os
+ DYNIX-ptx) os=PTX;;
+ Paragon*) os=Paragon;;
+ HP-UX) rel=`echo $rel | sed -e 's/^[^.]*\.0*//'`;;
+ AIX) rela=$rel
+ rel=`uname -v`
+ case $rel in
+ 2) arch=""
+ ;;
+ 4) if [ "$rela" = "3" ]
+ then
+ arch=$rela
+ fi
+ ;;
+ esac
+ rel=$rel.$rela
+ ;;
+ BSD-386) os=BSD-OS;;
+ SCO_SV) os=SCO; rel=`uname -X | sed -n 's/Release = 3.2v//p'`;;
+ UNIX_System_V) if [ "$arch" = "ds90" ]
+ then
+ os="UXPDS"
+ rel=`uname -v | sed -e 's/\(V.*\)L.*/\1/'`
+ fi;;
+ SINIX-?) os=SINIX;;
+ DomainOS) case $rel in
+ 10.4*) rel=10.4;;
+ esac
+ ;;
+# get "base part" of operating system release
+rroot=`echo $rel | sed -e 's/\.[^.]*$//'`
+rbase=`echo $rel | sed -e 's/\..*//'`
+if [ "$rroot" = "$rbase" ]
+ rroot=$rel
+# heuristic tweaks to clean up names -- PLEASE LIMIT THESE!
+if [ "$os" = "unix" ]
+ # might be Altos System V
+ case $rel
+ in
+ 5.3*) os=Altos;;
+ esac
+elif [ -r /unix -a -r /usr/lib/libseq.a -a -r /lib/cpp ]
+ # might be a DYNIX/ptx 2.x system, which has a broken uname
+ if strings /lib/cpp | grep _SEQUENT_ > /dev/null
+ then
+ os=PTX
+ fi
+elif [ -d /usr/nec ]
+ # NEC machine -- what is it running?
+ if [ "$os" = "UNIX_System_V" ]
+ then
+ os=EWS-UX_V
+ elif [ "$os" = "UNIX_SV" ]
+ then
+ os=UX4800
+ fi
+elif [ "$arch" = "mips" ]
+ case $rel
+ in
+ 4_*)
+ if [ `uname -v` = "UMIPS" ]
+ then
+ os=RISCos
+ fi;;
+ esac
+# see if there is a "user suffix" specified
+if [ "${SENDMAIL_SUFFIX-}x" = "x" ]
+ sfx=""
+echo "Configuration: os=$os, rel=$rel, rbase=$rbase, rroot=$rroot, arch=$arch, sfx=$sfx"
+# see if we are in a Build-able directory
+if [ ! -f Makefile.m4 ]; then
+ echo "Makefile.m4 not found. Build can only be run from a source directory."
+# now try to find a reasonable object directory
+if [ -r obj.$os.$rel.$arch$sfx ]; then
+ obj=obj.$os.$rel.$arch$sfx
+elif [ -r obj.$os.$rroot.$arch$sfx ]; then
+ obj=obj.$os.$rroot.$arch$sfx
+elif [ -r obj.$os.$rbase.x.$arch$sfx ]; then
+ obj=obj.$os.$rbase.x.$arch$sfx
+elif [ -r obj.$os.$rel$sfx ]; then
+ obj=obj.$os.$rel$sfx
+elif [ -r obj.$os.$rbase.x$sfx ]; then
+ obj=obj.$os.$rbase.x$sfx
+elif [ -r obj.$os.$arch$sfx ]; then
+ obj=obj.$os.$arch$sfx
+elif [ -r obj.$rel.$arch$sfx ]; then
+ obj=obj.$rel.$arch$sfx
+elif [ -r obj.$rbase.x.$arch$sfx ]; then
+ obj=obj.$rbase.x.$arch$sfx
+elif [ -r obj.$os$sfx ]; then
+ obj=obj.$os$sfx
+elif [ -r obj.$arch$sfx ]; then
+ obj=obj.$arch$sfx
+elif [ -r obj.$rel$sfx ]; then
+ obj=obj.$rel$sfx
+elif [ -r obj$sfx ]; then
+ obj=obj$sfx
+if [ -z "$obj" -o "$cflag" ]
+ if [ -n "$obj" ]
+ then
+ echo "Clearing out existing $obj tree"
+ rm -rf $obj
+ else
+ # no existing obj directory -- try to create one if Makefile found
+ obj=obj.$os.$rel.$arch$sfx
+ fi
+ if [ -r $BUILDTOOLS/OS/$os.$rel.$arch$sfx ]; then
+ oscf=$os.$rel.$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$os.$rel.$arch ]; then
+ oscf=$os.$rel.$arch
+ elif [ -r $BUILDTOOLS/OS/$os.$rroot.$arch$sfx ]; then
+ oscf=$os.$rroot.$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$os.$rroot.$arch ]; then
+ oscf=$os.$rroot.$arch
+ elif [ -r $BUILDTOOLS/OS/$os.$rbase.x.$arch$sfx ]; then
+ oscf=$os.$rbase.x.$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$os.$rbase.x.$arch ]; then
+ oscf=$os.$rbase.x.$arch
+ elif [ -r $BUILDTOOLS/OS/$os.$rel$sfx ]; then
+ oscf=$os.$rel$sfx
+ elif [ -r $BUILDTOOLS/OS/$os.$rel ]; then
+ oscf=$os.$rel
+ elif [ -r $BUILDTOOLS/OS/$os.$rroot$sfx ]; then
+ oscf=$os.$rroot$sfx
+ elif [ -r $BUILDTOOLS/OS/$os.$rroot ]; then
+ oscf=$os.$rroot
+ elif [ -r $BUILDTOOLS/OS/$os.$rbase.x$sfx ]; then
+ oscf=$os.$rbase.x$sfx
+ elif [ -r $BUILDTOOLS/OS/$os.$rbase.x ]; then
+ oscf=$os.$rbase.x
+ elif [ -r $BUILDTOOLS/OS/$os.$arch$sfx ]; then
+ oscf=$os.$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$os.$arch ]; then
+ oscf=$os.$arch
+ elif [ -r $BUILDTOOLS/OS/$rel.$arch$sfx ]; then
+ oscf=$rel.$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$rel.$arch ]; then
+ oscf=$rel.$arch
+ elif [ -r $BUILDTOOLS/OS/$rroot.$arch$sfx ]; then
+ oscf=$rroot.$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$rroot.$arch ]; then
+ oscf=$rroot.$arch
+ elif [ -r $BUILDTOOLS/OS/$rbase.x.$arch$sfx ]; then
+ oscf=$rbase.x.$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$rbase.x.$arch ]; then
+ oscf=$rbase.x.$arch
+ elif [ -r $BUILDTOOLS/OS/$os$sfx ]; then
+ oscf=$os$sfx
+ elif [ -r $BUILDTOOLS/OS/$os ]; then
+ oscf=$os
+ elif [ -r $BUILDTOOLS/OS/$arch$sfx ]; then
+ oscf=$arch$sfx
+ elif [ -r $BUILDTOOLS/OS/$arch ]; then
+ oscf=$arch
+ elif [ -r $BUILDTOOLS/OS/$rel$sfx ]; then
+ oscf=$rel$sfx
+ elif [ -r $BUILDTOOLS/OS/$rel ]; then
+ oscf=$rel
+ elif [ -r $BUILDTOOLS/OS/$rel$sfx ]; then
+ oscf=$rel$sfx
+ else
+ echo "Cannot determine how to support $arch.$os.$rel" >&2
+ fi
+ M4=`sh $BUILDTOOLS/bin/find_m4.sh`
+ ret=$?
+ if [ $ret -ne 0 ]
+ then
+ exit $ret
+ fi
+ echo "Using M4=$M4"
+ export M4
+ if [ "$mflag" ]
+ then
+ echo "Will run in virgin $obj using $BUILDTOOLS/OS/$oscf"
+ exit 0
+ fi
+ if [ "$ABI" ]
+ then
+ echo "Using ABI $ABI"
+ fi
+ echo "Creating $obj using $BUILDTOOLS/OS/$oscf"
+ mkdir $obj
+ (cd $obj; ln -s ../*.[ch158] .)
+ if [ -f sendmail.hf ]
+ then
+ (cd $obj; ln -s ../sendmail.hf .)
+ fi
+ rm -f $obj/.settings$$
+ echo 'divert(-1)' > $obj/.settings$$
+ cat $BUILDTOOLS/M4/header.m4 >> $obj/.settings$$
+ if [ "$ABI" ]
+ then
+ echo "define(\`confABI', \`$ABI')" >> $obj/.settings$$
+ fi
+ cat $BUILDTOOLS/OS/$oscf >> $obj/.settings$$
+ if [ -z "$siteconfig" ]
+ then
+ # none specified, use defaults
+ if [ -f $BUILDTOOLS/Site/site.$oscf$sfx.m4 ]
+ then
+ siteconfig=$BUILDTOOLS/Site/site.$oscf$sfx.m4
+ elif [ -f $BUILDTOOLS/Site/site.$oscf.m4 ]
+ then
+ siteconfig=$BUILDTOOLS/Site/site.$oscf.m4
+ fi
+ if [ -f $BUILDTOOLS/Site/site.config.m4 ]
+ then
+ siteconfig="$BUILDTOOLS/Site/site.config.m4 $siteconfig"
+ fi
+ fi
+ if [ ! -z "$siteconfig" ]
+ then
+ echo "Including $siteconfig"
+ cat $siteconfig >> $obj/.settings$$
+ fi
+ if [ "$libdirs" ]
+ then
+ echo "define(\`confLIBDIRS', confLIBDIRS \`\`$libdirs'')" >> $obj/.settings$$
+ fi
+ if [ "$incdirs" ]
+ then
+ echo "define(\`confINCDIRS', confINCDIRS \`\`$incdirs'')" >> $obj/.settings$$
+ fi
+ echo 'divert(0)dnl' >> $obj/.settings$$
+ libdirs=`(cat $obj/.settings$$; echo "_SRIDBIL_= confLIBDIRS" ) | \
+ sed -e 's/\(.\)include/\1_include_/g' -e 's/#define/#_define_/g' | \
+ grep "^_SRIDBIL_=" | \
+ sed -e 's/#_define_/#define/g' -e 's/_include_/include/g' -e "s/^_SRIDBIL_=//"`
+ libsrch=`(cat $obj/.settings$$; echo "_HCRSBIL_= confLIBSEARCH" ) | \
+ sed -e 's/\(.\)include/\1_include_/g' -e 's/#define/#_define_/g' | \
+ grep "^_HCRSBIL_=" | \
+ sed -e 's/#_define_/#define/g' -e 's/_include_/include/g' -e "s/^_HCRSBIL_=//"`
+ echo 'divert(-1)' >> $obj/.settings$$
+ LIBDIRS="$libdirs" LIBSRCH="$libsrch" SITECONFIG="$siteconfig" sh $BUILDTOOLS/bin/configure.sh $sflag $oscf >> $obj/.settings$$
+ echo 'divert(0)dnl' >> $obj/.settings$$
+ sed -e 's/\(.\)include/\1_include_/g' -e 's/#define/#_define_/g' $obj/.settings$$ | \
+ ${M4} -DconfBUILDTOOLSDIR=$BUILDTOOLS - Makefile.m4 | \
+ sed -e 's/#_define_/#define/g' -e 's/_include_/include/g' > $obj/Makefile
+ if [ $? -ne 0 -o ! -s $obj/Makefile ]
+ then
+ echo "ERROR: ${M4} failed; You may need a newer version of M4, at least as new as System V or GNU" 1>&2
+ rm -rf $obj
+ fi
+ rm -f $obj/.settings$$
+ echo "Making dependencies in $obj"
+ (cd $obj; ${MAKE-make} depend)
+if [ "$mflag" ]
+ makefile=`ls -l $obj/Makefile | sed 's/.* //'`
+ if [ -z "$makefile" ]
+ then
+ echo "ERROR: $obj exists but has no Makefile" >&2
+ exit $EX_NOINPUT
+ fi
+ echo "Will run in existing $obj using $makefile"
+ exit 0
+echo "Making in $obj"
+cd $obj
+eval exec ${MAKE-make} $makeargs
diff --git a/contrib/sendmail/BuildTools/bin/configure.sh b/contrib/sendmail/BuildTools/bin/configure.sh
new file mode 100644
index 000000000000..eb149b2cdd46
--- /dev/null
+++ b/contrib/sendmail/BuildTools/bin/configure.sh
@@ -0,0 +1,163 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# @(#)configure.sh 8.27 (Berkeley) 5/19/98
+# Special script to autoconfigure for M4 generation of Makefile
+while [ ! -z "$1" ]
+ case $1
+ in
+ -s) # skip auto-configure
+ sflag=1
+ shift
+ ;;
+ *) # OS definition
+ os=$1
+ shift
+ ;;
+ esac
+for p in `echo $PATH | sed 's/:/ /g'`
+ if [ "x$p" = "x" ]
+ then
+ p="."
+ fi
+ if [ -f $p/whoami ]
+ then
+ usewhoami=1
+ if [ $usehostname -ne 0 ]
+ then
+ break;
+ fi
+ fi
+ if [ -f $p/hostname ]
+ then
+ usehostname=1
+ if [ $usewhoami -ne 0 ]
+ then
+ break;
+ fi
+ fi
+if [ $usewhoami -ne 0 ]
+ user=`whoami`
+ user=$LOGNAME
+if [ $usehostname -ne 0 ]
+ host=`hostname`
+ host=`uname -n`
+echo "PUSHDIVERT(0)"
+echo "####################################################################"
+echo "##### This file is automatically generated -- edit at your own risk"
+echo '#####' Built by $user@$host
+echo '#####' on `date` using template OS/$os
+if [ ! -z "$SITECONFIG" ]
+ echo '#####' including $SITECONFIG
+echo '#####' in `pwd` | sed 's/\/tmp_mnt//'
+echo "####################################################################"
+echo ""
+echo "define(\`__HOST__', \`$host')dnl"
+echo "ifdef(\`confMAPDEF',, \`define(\`confMAPDEF', \`')')dnl"
+echo "ifdef(\`confLIBS',, \`define(\`confLIBS', \`')')dnl"
+# If user did not supply ABI for Build, use SGI_ABI
+# so the proper libraries are checked below.
+if [ -z "$ABI" ]
+case $ABI
+ -n32) LIBDIRS="$LIBDIRS /lib32 /usr/lib32"
+ ;;
+ -64) LIBDIRS="$LIBDIRS /lib64 /usr/lib64"
+ ;;
+ *) LIBDIRS="$LIBDIRS /lib /usr/lib /usr/shlib"
+ ;;
+for l in $LIBSRCH
+ for p in `echo $LIBDIRS | sed -e 's/:/ /g' -e 's/^-L//g' -e 's/ -L/ /g'`
+ do
+ if [ "x$p" = "x" ]
+ then
+ p = "."
+ fi
+ if [ -f $p/lib$l.a -o -f $p/lib$l.so ]
+ then
+ case $l
+ in
+ db)
+ mapdef="$mapdef -DNEWDB"
+ ;;
+ bind|resolv)
+ if [ -n "$resolver" ]
+ then
+ continue
+ else
+ resolver=$l
+ fi
+ ;;
+ 44bsd)
+ if [ "x$resolver" != "xresolv" ]
+ then
+ continue
+ fi
+ ;;
+ esac
+ libs="$libs -l$l"
+ break
+ fi
+ done
+for p in `echo $PATH | sed 's/:/ /g'`
+ pbase=`echo $p | sed -e 's,/bin,,'`
+ if [ "x$p" = "x" ]
+ then
+ p="."
+ fi
+ if [ -f $p/mkdep ]
+ then
+ echo "ifdef(\`confDEPEND_TYPE',, \`define(\`confDEPEND_TYPE', \`BSD')')dnl"
+ fi
+if [ -z "$sflag" ]
+ echo "define(\`confMAPDEF', \`$mapdef' confMAPDEF)dnl"
+ echo "define(\`confLIBS', \`$libs' confLIBS)dnl"
diff --git a/contrib/sendmail/BuildTools/bin/find_m4.sh b/contrib/sendmail/BuildTools/bin/find_m4.sh
new file mode 100755
index 000000000000..d2cf66556d82
--- /dev/null
+++ b/contrib/sendmail/BuildTools/bin/find_m4.sh
@@ -0,0 +1,82 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# @(#)find_m4.sh 8.4 (Berkeley) 5/19/98
+# Try to find a working M4 program.
+# If $M4 is already set, we use it, otherwise we prefer GNU m4.
+test="ifdef(\`pushdef', \`',
+\`errprint(\`You need a newer version of M4, at least as new as System V or GNU')
+define(\`BadNumber', \`10')
+ifdef(\`BadNumber', \`', \`errprint(\`This version of m4 is broken')')"
+if [ "$M4" ]
+ err=`(echo "$test" | $M4) 2>&1 >/dev/null`
+ code=$?
+ firstfound=
+ ifs="$IFS"; IFS="${IFS}:"
+ for m4 in gm4 gnum4 pdm4 m4
+ do
+ for dir in $PATH /usr/5bin /usr/ccs/bin
+ do
+ [ -z "$dir" ] && dir=.
+ if [ -f $dir/$m4 ]
+ then
+ err=`(echo "$test" | $dir/$m4) 2>&1 >/dev/null`
+ ret=$?
+ if [ $ret -eq 0 -a "X$err" = "X" ]
+ then
+ M4=$dir/$m4
+ code=0
+ break
+ else
+ case "$firstfound:$err" in
+ :*version\ of*)
+ firstfound=$dir/$m4
+ firsterr="$err"
+ firstcode=$ret
+ ;;
+ esac
+ fi
+ fi
+ done
+ [ "$M4" ] && break
+ done
+ IFS="$ifs"
+ if [ ! "$M4" ]
+ then
+ if [ "$firstfound" ]
+ then
+ M4=$firstfound
+ err="$firsterr"
+ code=$firstcode
+ else
+ echo "ERROR: Can not locate an M4 program" >&2
+ fi
+ fi
+if [ $code -ne 0 ]
+ echo "ERROR: Using M4=$M4: $err" | grep -v NoSuchFile >&2
+elif [ "X$err" != "X" ]
+ echo "WARNING: $err" >&2
+echo $M4
+exit 0
diff --git a/contrib/sendmail/BuildTools/bin/install.sh b/contrib/sendmail/BuildTools/bin/install.sh
new file mode 100755
index 000000000000..58f7623a1475
--- /dev/null
+++ b/contrib/sendmail/BuildTools/bin/install.sh
@@ -0,0 +1,128 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# @(#)install.sh 8.9 (Berkeley) 5/19/98
+# Set default program
+# chown program -- ultrix keeps it in /etc/chown and /usr/etc/chown
+if [ -f /etc/chown ]
+ chown=/etc/chown
+elif [ -f /usr/etc/chown ]
+ chown=/usr/etc/chown
+ chown=chown
+# Check arguments
+while [ ! -z "$1" ]
+ case $1
+ in
+ -o) owner=$2
+ shift; shift
+ ;;
+ -g) group=$2
+ shift; shift
+ ;;
+ -m) mode=$2
+ shift; shift
+ ;;
+ -c) program=cp
+ shift
+ ;;
+ -s) strip="strip"
+ shift
+ ;;
+ -*) echo $0: Unknown option $1
+ exit 1
+ ;;
+ *) break
+ ;;
+ esac
+# Check source file
+if [ -z "$1" ]
+ echo "Source file required" >&2
+ exit 1
+elif [ -f $1 -o $1 = /dev/null ]
+ src=$1
+ echo "Source file must be a regular file or /dev/null" >&2
+ exit 1
+# Check destination
+if [ -z "$2" ]
+ echo "Destination required" >&2
+ exit 1
+elif [ -d $2 ]
+ dst=$2/$src
+ dst=$2
+# Do install operation
+$program $src $dst
+if [ $? != 0 ]
+ exit 1
+# Strip if requested
+if [ ! -z "$strip" ]
+ $strip $dst
+# Change owner if requested
+if [ ! -z "$owner" ]
+ $chown $owner $dst
+ if [ $? != 0 ]
+ then
+ exit 1
+ fi
+# Change group if requested
+if [ ! -z "$group" ]
+ chgrp $group $dst
+ if [ $? != 0 ]
+ then
+ exit 1
+ fi
+# Change mode if requested
+if [ ! -z "$mode" ]
+ chmod $mode $dst
+ if [ $? != 0 ]
+ then
+ exit 1
+ fi
+exit 0
diff --git a/contrib/sendmail/FAQ b/contrib/sendmail/FAQ
new file mode 100644
index 000000000000..b4cb2e6d1773
--- /dev/null
+++ b/contrib/sendmail/FAQ
@@ -0,0 +1,6 @@
+The FAQ is no longer maintained with the sendmail release. It is
+available at http://www.sendmail.org/faq/ .
+A plain-text version of the questions only, with URLs referring to
+the answers, is posted to comp.mail.sendmail on the 10th and 25th
+of each month.
diff --git a/contrib/sendmail/KNOWNBUGS b/contrib/sendmail/KNOWNBUGS
new file mode 100644
index 000000000000..cd62b20eb12e
--- /dev/null
+++ b/contrib/sendmail/KNOWNBUGS
@@ -0,0 +1,147 @@
+ K N O W N B U G S I N S E N D M A I L
+ (for 8.9.0)
+The following are bugs or deficiencies in sendmail that I am aware of
+but which have not been fixed in the current release. You probably
+want to get the most up to date version of this from ftp.sendmail.org
+in /pub/sendmail/KNOWNBUGS. For descriptions of bugs that have been
+fixed, see the file RELEASE_NOTES (in the root directory of the sendmail
+This list is not guaranteed to be complete.
+* Null bytes are not handled properly in headers.
+ Sendmail should handle full binary data. As it stands, it handles
+ all values in the body, but only 0x01-0x80 and 0xA0-0xFF in
+ the header. Notably missing is 0x00, which would require a major
+ restructuring of the code -- for example, almost no C library support
+ could be used to handle strings.
+* Duplicate error messages.
+ Sometimes identical, duplicate error messages can be generated. As
+ near as I can tell, this is rare and relatively innocuous.
+* $c (hop count) macro improperly set.
+ The $c macro is supposed to contain the current hop count, for use
+ when calling a mailer. This macro is initialized too early, and
+ is always zero (or the value of the -c command line flag, if any).
+ This macro will probably be removed entirely in a future release;
+ I don't believe there are any mailers left that require it.
+* If you EXPN a list or user that has a program mailer, the output of
+ EXPN will include ``@local.host.name''. You can't actually mail to
+ this address. It's not clear what the right behavior is in this
+ circumstance.
+* \231 considered harmful.
+ Header addresses that have the \231 character (and possibly others
+ in the range \201 - \237) behave in odd and usually unexpected ways.
+* accept() problem on SVR4.
+ Apparently, the sendmail daemon loop (doing accept()s on the network)
+ can get into a weird state on SVR4; it starts logging ``SYSERR:
+ getrequests: accept: Protocol Error''. The workaround is to kill
+ and restart the sendmail daemon. We don't have an SVR4 system at
+ Berkeley that carries more than token mail load, so I can't validate
+ this. It is likely to be a glitch in the sockets emulation, since
+ "Protocol Error" is not possible error code with Berkeley TCP/IP.
+ I've also had someone report the message ``sendmail: accept:
+ SIOCGPGRP failed errno 22'' on an SVR4 system. This message is
+ not in the sendmail source code, so I assume it is also a bug
+ in the sockets emulation. (Errno 22 is EINVAL "Invalid Argument"
+ on all the systems I have available, including Solaris 2.x.)
+ Apparently, this problem is due to linking -lc before -lsocket;
+ if you are having this problem, check your Makefile.
+* accept() problem on Linux.
+ Apparently, the accept() in sendmail daemon loop can return ETIMEDOUT
+ and cause sendmail to sleep for 5 seconds during which time no new
+ connections will be accepted. An error is reported to syslog:
+ Jun 9 17:14:12 hostname sendmail[207]: NOQUEUE: SYSERR(root):
+ getrequests: accept: Connection timed out
+ "Connection timed out" is not documented as a valid return from
+ accept(2) and this was believed to be a bug in the Linux kernel.
+ Later information from the Linux kernel group states that Linux
+ 2.0 kernels follow RFC1122 while sendmail follows the original BSD
+ (now POSIX 1003.1g draft) specification. The 2.1.X and later kernels
+ will follow the POSIX draft.
+* Excessive mailing list nesting can run out of file descriptors.
+ If you have a mailing list that includes lots of other mailing
+ lists, each of which has a separate owner, you can run out of
+ file descriptors. Each mailing list with a separate owner uses
+ one open file descriptor (prior to 8.6.6 it was three open
+ file descriptors per list). This is particularly egregious if
+ you have your connection cache set to be large.
+* Connection caching breaks if you pass the port number as an argument.
+ If you have a definition such as:
+ Mport, P=[IPC], F=kmDFMuX, S=11/31, R=21,
+ M=2100000, T=DNS/RFC822/SMTP,
+ A=IPC [] $h
+ (i.e., where $h is the port number instead of the host name) the
+ connection caching code will break because it won't notice that
+ two messages addressed to different ports should use different
+ connections.
+* ESMTP SIZE underestimates the size of a message
+ Sendmail makes no allowance for headers that it adds, nor does it
+ account for the SMTP on-the-wire \r\n expansion. It probably doesn't
+ allow for 8->7 bit MIME conversions either.
+* Paths to programs being executed and the mode of program files are
+ not checked. Essentially, the RunProgramInUnsafeDirPath and
+ RunWritableProgram bits in the DontBlameSendmail option are always
+ set. This is not a problem if your system is well managed (that is,
+ if binaries and system directories are mode 755 instead of something
+ foolish like 777).
+* 8-bit data in GECOS field
+ If the GECOS (personal name) information in the passwd file contains
+ 8-bit characters, those characters can be included in the message
+ header, which can cause problems when sending SMTP to hosts that
+ only accept 7-bit characters.
+* 8->7 bit MIME conversion
+ When sendmail is doing 8->7 bit MIME conversions, and the message
+ contains certain MIME body types that cannot be converted to 7-bit,
+ sendmail will strip the message to 7-bit.
+* 7->8 bit MIME conversion
+ If a message that is encoded as 7-bit MIME is converted to 8-bit and
+ that message when decoded is illegal (e.g., because of long lines or
+ illegal characters), sendmail can produce an illegal message.
+* MIME encoded full name phrases in the From: header
+ If a full name phrase includes characters from MustQuoteChars, sendmail
+ will quote the entire full name phrase. If MustQuoteChars includes
+ characters which are not special characters according to STD 11 (RFC
+ 822), this quotation can interfere with MIME encoded full name phrases.
+ By default, sendmail includes the single quote character (') in
+ MustQuoteChars even though it is not listed as a special character in
+ STD 11.
+(Version 8.32, last updated 6/30/98)
diff --git a/contrib/sendmail/LICENSE b/contrib/sendmail/LICENSE
new file mode 100644
index 000000000000..bb1c3a79c7f0
--- /dev/null
+++ b/contrib/sendmail/LICENSE
@@ -0,0 +1,89 @@
+The following license terms and conditions apply, unless a different
+license is obtained from Sendmail, Inc., 1401 Park Avenue, Emeryville, CA
+94608, or by electronic mail at license@sendmail.com.
+License Terms:
+Use, Modification and Redistribution (including distribution of any
+modified or derived work) in source and binary forms is permitted only if
+each of the following conditions is met:
+1. Redistributions qualify as "freeware" or "Open Source Software" under
+ one of the following terms:
+ (a) Redistributions are made at no charge beyond the reasonable cost of
+ materials and delivery.
+ (b) Redistributions are accompanied by a copy of the Source Code or by an
+ irrevocable offer to provide a copy of the Source Code for up to three
+ years at the cost of materials and delivery. Such redistributions
+ must allow further use, modification, and redistribution of the Source
+ Code under substantially the same terms as this license. For the
+ purposes of redistribution "Source Code" means the complete source
+ code of sendmail including all modifications.
+ Other forms of redistribution are allowed only under a separate royalty-
+ free agreement permitting such redistribution subject to standard
+ commercial terms and conditions. A copy of such agreement may be
+ obtained from Sendmail, Inc. at the above address.
+2. Redistributions of source code must retain the copyright notices as they
+ appear in each source code file, these license terms, and the
+ disclaimer/limitation of liability set forth as paragraph 6 below.
+3. Redistributions in binary form must reproduce the Copyright Notice,
+ these license terms, and the disclaimer/limitation of liability set
+ forth as paragraph 6 below, in the documentation and/or other materials
+ provided with the distribution. For the purposes of binary distribution
+ the "Copyright Notice" refers to the following language:
+ "Copyright (c) 1998 Sendmail, Inc. All rights reserved."
+4. Neither the name of Sendmail, Inc. nor the University of California nor
+ the names of their contributors may be used to endorse or promote
+ products derived from this software without specific prior written
+ permission. The name "sendmail" is a trademark of Sendmail, Inc.
+5. All redistributions must comply with the conditions imposed by the
+ University of California on certain embedded code, whose copyright
+ notice and conditions for redistribution are as follows:
+ (a) Copyright (c) 1988, 1993 The Regents of the University of
+ California. All rights reserved.
+ (b) Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ (i) Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ (ii) Redistributions in binary form must reproduce the above
+ copyright notice, this list of conditions and the following
+ disclaimer in the documentation and/or other materials provided
+ with the distribution.
+ (iii) All advertising materials mentioning features or use of this
+ software must display the following acknowledgement: "This
+ product includes software developed by the University of
+ California, Berkeley and its contributors."
+ (iv) Neither the name of the University nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+6. Disclaimer/Limitation of Liability: THIS SOFTWARE IS PROVIDED BY
+(Version 8.6, last updated 6/24/98)
diff --git a/contrib/sendmail/Makefile b/contrib/sendmail/Makefile
new file mode 100644
index 000000000000..0b44c4203190
--- /dev/null
+++ b/contrib/sendmail/Makefile
@@ -0,0 +1,26 @@
+# @(#)Makefile.dist 8.2 (Berkeley) 2/17/98
+SHELL= /bin/sh
+SUBDIRS= src mail.local mailstats makemap praliases rmail smrsh
+BUILD= ./Build
+all clean install:: FRC
+ @for x in $(SUBDIRS); \
+ do \
+ (cd $$x; echo Making $@ in:; pwd; \
+ $(SHELL) $(BUILD) $(OPTIONS) $@); \
+ done
+fresh:: FRC
+ @for x in $(SUBDIRS); \
+ do \
+ (cd $$x; echo Making $@ in:; pwd; \
+ $(SHELL) $(BUILD) $(OPTIONS) -c); \
+ done
+ @cd $@; pwd; \
diff --git a/contrib/sendmail/README b/contrib/sendmail/README
new file mode 100644
index 000000000000..5de10764212e
--- /dev/null
+++ b/contrib/sendmail/README
@@ -0,0 +1,386 @@
+ * @(#)README 8.48 (Berkeley) 5/19/98
+ */
+This directory has the latest sendmail(TM) software from Sendmail, Inc.
+See doc/changes/changes.me for a summary of changes since 5.67.
+Report any bugs to sendmail-bugs@sendmail.ORG
+There is a web site at http://WWW.Sendmail.ORG -- see that site for
+the latest updates.
+** DO NOT USE MAKE to compile sendmail. Instead, cd src and **
+** use the "Build" shell script. On many environments this **
+** will do everything for you, no fuss, no muss. See **
+** src/README for more details of compilation. See cf/README **
+** for details about building a runtime configuration file. **
+Sendmail is a trademark of Sendmail, Inc.
+Sendmail often gets blamed for many problems that are actually the
+result of other problems, such as overly permissive modes on directories.
+For this reason, sendmail checks the modes on system directories and
+files to determine if can have been trusted. For sendmail to run
+without complaining, you MUST execute the following command:
+ chmod go-w / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue
+ chown root / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue
+You will probably have to tweak this for your environment (for example,
+some systems put the spool directory into /usr/spool instead of
+/var/spool and use /etc/mail for aliases file instead of /etc). If you
+set the RunAsUser option in your sendmail.cf, the /var/spool/mqueue
+directory will have to be owned by the RunAsUser user. As a general rule,
+after you have compiled sendmail, run the command
+ sendmail -v -bi
+to initialize the alias database. If it gives messages such as
+ WARNING: writable directory /etc
+ WARNING: writable directory /usr/spool/mqueue
+then the directories listed have inappropriate write permissions and
+should be secured to avoid various possible security attacks.
+Beginning with sendmail 8.9, these checks have become more strict to
+prevent users from being able to access files they would normally not
+be able to read. In particular, .forward and :include: files in unsafe
+directory paths (directory paths which are group or world writable) will
+no longer be allowed. This would mean that if user joe's home directory
+was writable by group staff, sendmail would not use his .forward file.
+This behavior can be altered, at the expense of system security, by
+setting the DontBlameSendmail option. For example, to allow .forward
+files in group writable directories:
+ O DontBlameSendmail=forwardfileingroupwritabledirpath
+Or to allow them in both group and world writable directories:
+ O DontBlameSendmail=forwardfileinunsafedirpath
+Items from these unsafe .forward and :include: files will be marked
+as unsafe addresses -- the items can not be deliveries to files or
+programs. This behavior can also be altered via DontBlameSendmail:
+ O DontBlameSendmail=forwardfileinunsafedirpath,
+ forwardfileinunsafedirpathsafe
+The first flag allows the .forward file to be read, the second allows
+the items in the file to be marked as safe for file and program
+Other files affected by this strengthened security include class
+files (i.e. Fw /etc/sendmail.cw), persistent host status files, and
+the files specified by the ErrorHeader and HelpFile options. Similar
+DontBlameSendmail flags are available for the class, ErrorHeader, and
+HelpFile files.
+If you have an unsafe configuration of .forward and :include:
+files, you can make it safe by finding all such files, and doing
+a "chmod go-w $FILE" on each. Also, do a "chmod go-w $DIR" for
+each directory in the file's path.
+The sendmail manual pages use contemporary Berkeley troff macros. If
+your system does not process these manual pages, you can pick up the
+new macros in a BSD Net/2 FTP site (e.g. on FTP.UU.NET, the files
+The strip.sed file is only used in installation.
+After installation, edit tmac.doc and tmac.andoc to reflect the
+installation path of the tmac files. Those files contain pointers to
+/usr/share/tmac/, and those pointers are not changed by the `make
+install` process. There's also a bug in those files -- make the
+following patch:
+*** tmac.an~ Tue Jul 12 14:29:09 1994
+--- tmac.an Fri Jul 15 13:17:54 1994
+*** 50,55 ****
+ .de TH
+ .rn TH xX
+ .so /usr/share/lib/tmac/tmac.an.old
+! .TH \\$1 \\$2 \\$3 \\$4 \\$5 \\$6 \\$7 \\$8
+ .rm xX
+ ..
+--- 50,55 ----
+ .de TH
+ .rn TH xX
+ .so /usr/share/lib/tmac/tmac.an.old
+! .TH "\\$1" "\\$2" "\\$3" "\\$4" "\\$5" "\\$6" "\\$7" "\\$8"
+ .rm xX
+ ..
+Rename the existing tmac.an to be tmac.an.old, and rename tmac.andoc
+to be tmac.an.
+tmac.an will choose between tmac.an.old, your old macros, or tmac.doc,
+which are the new macros, so that both the new man pages and the
+existing man pages will be translated properly.
+I'm also told that the groff distribution from MIT has a tmac.doc
+macro set that is compatible with these macros.
+There are other files you should read. Rooted in this directory are:
+ doc/changes/changes.ps
+ Describes changes between Release 5 and Release 8 of sendmail.
+ There are some things that may behave somewhat differently.
+ For example, the rules governing when :include: files will
+ be read have been tightened up for security reasons.
+ Answers to Frequently Asked Questions.
+ Known bugs in the current release. I try to keep this up
+ to date -- get the latest version from FTP.Sendmail.ORG
+ in /ucb/sendmail/KNOWNBUGS.
+ A detailed description of the changes in each version. This
+ is quite long, but informative.
+ src/README
+ Details on compiling and installing sendmail.
+ Details on configuring sendmail.
+ doc/op/op.me
+ The sendmail Installation & Operations Guide. Be warned: if
+ you are running this off on SunOS or some other system with an
+ old version of -me, you need to add the following macro to the
+ macros:
+ .de sm
+ \s-1\\$1\\s0\\$2
+ ..
+ This sets a word in a smaller pointsize.
+There are several related RFCs that you may wish to read -- they are
+available via anonymous FTP to several sites, including:
+ ftp://nic.ddn.mil/rfc/
+ ftp://nis.nsf.net/documents/rfc/
+ ftp://nisc.jvnc.net/rfc/
+ ftp://venera.isi.edu/in-notes/
+ ftp://wuarchive.wustl.edu/doc/rfc/
+For a list of the primary repositories see:
+ http://www.isi.edu/in-notes/rfc-retrieval.txt
+They are also online at:
+ http://www.ietf.org/
+They can also be retrieved via electronic mail by sending
+email to one of:
+ mail-server@nisc.sri.com
+ Put "send rfcNNN" in message body
+ nis-info@nis.nsf.net
+ Put "send RFCnnn.TXT-1" in message body
+ sendrfc@jvnc.net
+ Put "RFCnnn" as Subject: line
+For further instructions see:
+ http://www.isi.edu/in-notes/rfc-editor/rfc-info
+Important RFCs for electronic mail are:
+ RFC821 SMTP protocol
+ RFC822 Mail header format
+ RFC974 MX routing
+ RFC976 UUCP mail format
+ RFC1123 Host requirements (modifies 821, 822, and 974)
+ RFC1413 Identification server
+ RFC1869 SMTP Service Extensions (ESMTP spec)
+ RFC1652 SMTP Service Extension for 8bit-MIMEtransport
+ RFC1870 SMTP Service Extension for Message Size Declaration
+ RFC2045 Multipurpose Internet Mail Extensions (MIME) Part One:
+ Format of Internet Message Bodies
+ RFC1344 Implications of MIME for Internet Mail Gateways
+ RFC1428 Transition of Internet Mail from Just-Send-8 to
+ 8-bit SMTP/MIME
+ RFC1891 SMTP Service Extension for Delivery Status Notifications
+ RFC1892 Multipart/Report Content Type for the Reporting of
+ Mail System Administrative Messages
+ RFC1893 Enhanced Mail System Status Codes
+ RFC1894 An Extensible Message Format for Delivery Status
+ Notifications
+ RFC1985 SMTP Service Extension for Remote Message Queue Starting
+Other standards that may be of interest (but which are less directly
+relevant to sendmail) are:
+ RFC987 Mapping between RFC822 and X.400
+ RFC1049 Content-Type header field (extension to RFC822)
+Warning to AIX users: this version of sendmail does not implement
+MB, MR, or MG DNS resource records, as defined (as experiments) in
+use the version that was on the Net2 tape -- it has a number of
+nefarious bugs that were bad enough when I got them; you shouldn't have
+to go through the same thing. Instead, get a new version via the web at
+http://www.sleepycat.com/. This software is highly recommended; it gets
+rid of several stupid limits, it's much faster, and the interface is
+nicer to animals and plants. If the Berkeley DB include files
+are installed in a location other than those which your compiler searches,
+you will need to provide that directory when building:
+ Build -I/path/to/include/directory
+If you are using Berkeley DB versions 1.85 or 1.86, you are *strongly*
+urged to upgrade to DB version 2, available from http://www.sleepycat.com/.
+Berkeley DB versions 1.85 and 1.86 are known to be broken in various nasty
+ways (see http://www.sleepycat.com/db.185.html), and can cause sendmail
+to dump core. In addition, the newest versions of gcc and the Solaris
+compilers perform optimizations in those versions that may cause fairly
+random core dumps.
+If you have no choice but to use Berkeley DB 1.85 or 1.86, and you are
+using both Berkeley DB and files in the UNIX ndbm format, remove ndbm.h
+and ndbm.o from the DB library after building it. You should also apply
+all of the patches for DB 1.85 and 1.86 found at the Sleepycat web site
+(see http://www.sleepycat.com/db.185.html), as they fix some of the known
+If you are using a version of Berkeley DB 2 previous to 2.3.15, and you
+are using both Berkeley DB and files in the UNIX ndbm format, remove dbm.o
+from the DB library after building it. No other changes are necessary.
+If you are using Berkeley DB version 2.3.15 or greater, no changes are
+The underlying database file formats changed between Berkeley DB versions
+1.85 and 1.86, and again between DB 1.86 and version 2.0. If you are
+upgrading from one of those versions, you must recreate your database
+file(s). Do this by rebuilding all maps with makemap and rebuilding the
+alias file with newaliases.
+If you are using NIS or /etc/hosts, it is critical that you
+list the long (fully qualified) name somewhere (preferably first) in
+the /etc/hosts file used to build the NIS database. For example, the
+line should read
+ mastodon.CS.Berkeley.EDU mastodon
+**** NOT ****
+ mastodon
+If you do not include the long name, sendmail will complain loudly
+about ``unable to qualify my own domain name (mastodon) -- using
+short name'' and conclude that your canonical name is the short
+version and use that in messages. The name "mastodon" doesn't mean
+much outside of Berkeley, and so this creates incorrect and unreplyable
+This version of sendmail notices and reports certain kinds of SMTP
+protocol violations that were ignored by older versions. If you
+are running MH you may wish to install the patch in contrib/mh.patch
+that will prevent these warning reports. This patch also works
+with the old version of sendmail, so it's safe to go ahead and
+install it.
+Sendmail 8 supports the IDENT protocol, as defined by RFC 1413.
+No ident server is included with this distribution. I have found
+copies available on:
+ ftp.lysator.liu.se /pub/ident/servers
+ romulus.ucs.uoknor.edu /networking/ident/servers
+ ftp.cyf-kr.edu.pl /agh/uciagh/network/ident
+If you want to run an IDENT server, I suggest getting a copy from
+one of those sites. Versions are available for several different
+systems, including Apollo, BSD, NeXT, AIX, TOPS20, and VMS.
+The structure of this directory tree is:
+cf Source for sendmail configuration files. These are
+ different than what you've seen before. They are a
+ fairly dramatic rewrite, requiring the new sendmail
+ (since they use new features).
+contrib Some contributed tools to help with sendmail. THESE
+ ARE NOT SUPPORTED by sendmail -- contact the original
+ authors if you have problems. (This directory is not
+ on the 4.4BSD tape.)
+doc Documentation. If you are getting source, read
+ op.me -- it's long, but worth it.
+mail.local The source for the local delivery agent used for 4.4BSD.
+ THIS IS NOT PART OF SENDMAIL! and may not compile
+ everywhere, since it depends on some 4.4-isms. Warning:
+ it does mailbox locking differently than other systems.
+mailstats Statistics printing program. It has the pathname of
+ sendmail.st compiled in, so if you've changed that,
+ beware.
+makemap A program that creates the keyed maps used by the $( ... $)
+ construct in sendmail. It is primitive but effective.
+ It takes a very simple input format, so you will probably
+ expect to preprocess must human-convenient formats
+ using sed scripts before this program will like them.
+ But it should be functionally complete.
+praliases A program to print the DBM or NEWDB version of the
+ aliases file.
+rmail Source for rmail(8). This is used as a delivery
+ agent for for UUCP, and could presumably be used by
+ other non-socket oriented mailers. Older versions of
+ rmail are probably deficient. RMAIL IS NOT PART OF
+ SENDMAIL!!! The 4.4BSD source is included for you to
+ look at or try to port to your system. I know it doesn't
+ compile on {SunOS, HP-UX, OSF/1, other} (pick one).
+smrsh The "sendmail restricted shell", which can be used as
+ a replacement for /bin/sh in the prog mailer to provide
+ increased security control. NOT PART OF SENDMAIL!
+src Source for the sendmail program itself.
+test Some test scripts (currently only for compilation aids).
diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES
new file mode 100644
index 000000000000..2b3475ffbcc6
--- /dev/null
+++ b/contrib/sendmail/RELEASE_NOTES
@@ -0,0 +1,6323 @@
+ @(#)RELEASE_NOTES (Berkeley) 7/2/98
+This listing shows the version of the sendmail binary, the version
+of the sendmail configuration files, the date of release, and a
+summary of the changes in that release.
+8.9.1/8.9.1 98/07/02
+ If both an OS specific site configuration file and a generic
+ site.config.m4 file existed, only the latter was used
+ instead of both. Problem noted by Geir Johannessen of
+ the Norwegian University of Science and Technology.
+ Fix segmentation fault while converting 8 bit to 7 bit MIME
+ multipart messages by trying to write to an unopened
+ file descriptor. Fix from Kari Hurtta of the Finnish
+ Meteorological Institute.
+ Do not assume Message: and Text: headers indicate the end of
+ the header area when parsing MIME headers. Problem noted
+ by Kari Hurtta of the Finnish Meteorological Institute.
+ Setting the confMAN#SRC Build variable would only effect the
+ installation commands. The man pages would still be
+ built with .0 extensions. Problem noted by Bryan
+ Costales of InfoBeat, Inc.
+ Installation of manual pages didn't honor the DESTDIR environment
+ variable. Problem noted by Bryan Costales of InfoBeat, Inc.
+ If the check_relay ruleset resolved to the discard mailer, messages
+ were still delivered. Problem noted by Mirek Luc of NASK.
+ Mail delivery to files would fail with an Operating System Error
+ if sendmail was not running as root, i.e. RunAsUser was set.
+ Problem noted by Leonard N. Zubkoff of Dandelion Digital.
+ Prevent MinQueueAge from interfering from queued items created
+ in the future, i.e. if the system clock was set ahead
+ and then back. Problem noted by Michael Miller of the
+ University of Natal, Pietermaritzburg.
+ Do not advertise ETRN support in ESTMP EHLO reply if noetrn is
+ set in the PrivacyFlags option. Fix from Ted Rule of
+ Flextech TV.
+ Log invalid persistent host status file lines instead of
+ bouncing the message. Problem noted by David Lindes of
+ DaveLtd Enterprises.
+ Move creation of empty sendmail.st file from installation to
+ compilation. Installation may be done from a read-only
+ mount. Fix from Bryan Costales of InfoBeat, Inc. and Ric
+ Anderson of the Oasis Research Center, Inc.
+ Enforce the maximum number of User Database entries limit. Problem
+ noted by Gary Buchanan of Credence Systems Inc.
+ Allow dead.letter files in root's home directory. Problem noted
+ by Anna Ullman of Sun Microsystems.
+ Program deliveries in forward files could be marked unsafe if
+ any directory listed in the ForwardPath option did not
+ exist. Problem noted by Jorg Bielak of Coastal Web Online.
+ Do not trust the length of the address structure returned by
+ gethostbyname(). Problem noted by Chris Evans of Oxford
+ University.
+ If the SIZE= MAIL From: ESMTP parameter is too large, use the
+ 5.3.4 DSN status code instead of 5.2.2. Similarly, for
+ non-local deliveries, if the message is larger than the
+ mailer maximum message size, use 5.3.4 instead of 5.2.3.
+ Suggested by Antony Bowesman of
+ Fujitsu/TeaWARE Mail/MIME System.
+ Portability:
+ Fix the check for an IP address reverse lookup for
+ use in $&{client_name} on 64 bit platforms.
+ From Gilles Gallot of Institut for Development
+ and Resources in Intensive Scientific computing.
+ BSD-OS uses .0 for man page extensions. From Jeff Polk
+ of BSDI.
+ DomainOS detection for Build. Also, version 10.4 and later
+ ship a unistd.h. Fixes from Takanobu Ishimura of
+ PICT Inc.
+ NeXT 4.x uses /usr/lib/man/cat for its man pages. From
+ J. P. McCann of E I A.
+ SCO 4.X and 5.X include NDBM support. From Vlado Potisk
+ of TEMPEST, Ltd.
+ CONFIG: Do not pass spoofed PTR results through resolver for
+ qualification. Problem noted by Michiel Boland of
+ Digital Valley Internet Professionals; fix from
+ Kari Hurtta of the Finnish Meteorological Institute.
+ CONFIG: Do not try to resolve non-DNS hostnames such as UUCP,
+ BITNET, and DECNET addresses for resolvable senders.
+ Problem noted by Alexander Litvin of Lucky Net Ltd.
+ CONFIG: Work around Sun's broken configuration which sends bounce
+ messages as coming from @@hostname instead of <>. LMTP
+ would not accept @@hostname.
+ OP.ME: Corrections to complex sendmail startup script from Rick
+ Troxel of the National Institutes of Health.
+ RMAIL: Do not install rmail by default, require 'make force-install'
+ as this rmail isn't the same as others. Suggested by
+ Kari Hurtta of the Finnish Meteorological Institute.
+8.9.0/8.9.0 98/05/19
+ SECURITY: To prevent users from reading files not normally
+ readable, sendmail will no longer open forward, :include:,
+ class, ErrorHeader, or HelpFile files located in unsafe
+ (i.e. group or world writable) directory paths. Sites
+ which need the ability to override security can use the
+ DontBlameSendmail option. See the README file for more
+ information.
+ SECURITY: Problems can occur on poorly managed systems, specifically,
+ if maps or alias files are in world writable directories.
+ This fixes the change added to 8.8.6 to prevent links in these
+ world writable directories.
+ SECURITY: Make sure ServiceSwitchFile option file is not a link if
+ it is in a world writable directory.
+ SECURITY: Never pass a tty to a mailer -- if a mailer can get at the
+ tty it may be able to push bytes back to the senders input.
+ Unfortunately this breaks -v mode. Problem noted by
+ Wietse Venema of the Global Security Analysis Lab at
+ IBM T.J. Watson Research.
+ SECURITY: Empty group list if DontInitGroups is set to true to
+ prevent program deliveries from picking up extra group
+ privileges. Problem reported by Wolfgang Ley of DFN-CERT.
+ SECURITY: The default value for DefaultUser is now set to the uid and
+ gid of the first existing user mailnull, sendmail, or daemon
+ that has a non-zero uid. If none of these exist, sendmail
+ reverts back to the old behavior of using uid 1 and gid 1.
+ This is a security problem for Linux which has chosen that
+ uid and gid for user bin instead of daemon. If DefaultUser
+ is set in the configuration file, that value overrides this
+ default.
+ SECURITY: Since 8.8.7, the check for non-setuid binaries
+ interfered with setting an alternate group id for the
+ RunAsUser option. Problem noted by Randall Winchester of
+ the University of Maryland.
+ Add support for Berkeley DB 2.X. Based on patch from John Kennedy
+ of Cal State University, Chico.
+ Remove support for OLD_NEWDB (pre-1.5 version of Berkeley DB). Users
+ which previously defined OLD_NEWDB=1 must now upgrade to the
+ current version of Berkeley DB.
+ Added support for regular expressions using the new map class regex.
+ From Jan Krueger of Unix-AG of University of Hannover.
+ Support for BIND 8.1.1's hesiod for hesiod maps and hesiod
+ UserDatabases from Randall Winchester of the University
+ of Maryland.
+ Allow any shell for user shell on program deliveries on V1
+ configurations for backwards compatibility on machines which
+ do not have getusershell(). Fix from John Beck of Sun
+ Microsystems.
+ On operating systems which change the process title by reusing the
+ argument vector memory, sendmail could corrupt memory if the
+ last argument was either "-q" or "-d". Problem noted by
+ Frank Langbein of the University of Stuttgart.
+ Support Local Mail Transfer Protocol (LMTP) between sendmail and
+ mail.local on the F=z flag.
+ Macro-expand the contents of the ErrMsgFile. Previously this was
+ only done if you had magic characters (0x81) to indicate
+ macro expansion. Now $x will be expanded. This means that
+ real dollar signs have to be backslash escaped.
+ TCP Wrappers expects "unknown" in the hostname argument if the
+ reverse DNS lookup for the incoming connection fails.
+ Problem noted by Randy Grimshaw of Syracuse University and
+ Wietse Venema of the Global Security Analysis Lab at
+ IBM T.J. Watson Research.
+ DSN success bounces generated from an invocation of sendmail -t
+ would be sent to both the sender and MAILER-DAEMON.
+ Problem noted by Claus Assmann of
+ Christian-Albrechts-University of Kiel.
+ Avoid "Error 0" messages on delivery mailers which exit with a
+ valid exit value such as EX_NOPERM. Fix from Andreas Luik
+ of ISA Informationssysteme GmbH.
+ Tokenize $&x expansions on right hand side of rules. This eliminates
+ the need to use tricks like $(dequote "" $&{client_name} $)
+ to cause the ${client_name} macro to be properly tokenized.
+ Add the MaxRecipientsPerMessage option: this limits the number of
+ recipients that will be accepted in a single SMTP
+ transaction. After this number is reached, sendmail
+ starts returning "452 Too many recipients" to all RCPT
+ commands. This can be used to limit the number of recipients
+ per envelope (in particular, to discourage use of the server
+ for spamming). Note: a better approach is to restrict
+ relaying entirely.
+ Fixed pointer initialization for LDAP lmap struct, fixed -s option
+ to ldapx map and added timeout for ldap_open call to
+ avoid hanging sendmail in the event of hung LDAP servers.
+ Patch from Booker Bense of Stanford University.
+ Allow multiple -qI, -qR, or -qS queue run limiters. For example,
+ '-qRfoo -qRbar' would deliver mail to recipients with foo or
+ bar in their address. Patch from Allan E Johannesen of
+ Worcester Polytechnic Institute.
+ The bestmx map will now return a list of the MX servers for a host if
+ passed a column delimiter via the -z map flag. This can be
+ used to check if the server is an MX server for the recipient
+ of a message. This can be used to help prevent relaying.
+ Patch from Mitchell Blank Jr of Exec-PC.
+ Mark failures for the *file* mailer and return bounce messages to the
+ sender for those failures.
+ Prevent bogus syslog timestamps on errors in sendmail.cf by
+ preserving the TZ environment variable until TimeZoneSpec
+ has been determined. Problem noted by Ralf Hildebrandt of
+ Technical University of Braunschweig. Patch from Per Hedeland
+ of Ericsson.
+ Print test input in address test mode when input is not from the tty
+ when the -v flag is given (i.e. sendmail -bt -v) to make
+ output easier to decipher. Problem noted by Aidan Nichol
+ of Procter & Gamble.
+ The LDAP map -s flag was not properly parsed and the error message
+ given included the remainder of the arguments instead of
+ solely the argument in error. Problem noted by Aidan Nichol
+ of Procter & Gamble.
+ New DontBlameSendmail option. This option allows administrators to
+ bypass some of sendmail's file security checks at the expense
+ of system security. This should only be used if you are
+ absolutely sure you know the consequences. The available
+ DontBlameSendmail options are:
+ Safe
+ AssumeSafeChown
+ ClassFileInUnsafeDirPath
+ ErrorHeaderInUnsafeDirPath
+ GroupWritableDirPathSafe
+ GroupWritableForwardFileSafe
+ GroupWritableIncludeFileSafe
+ GroupWritableAliasFile
+ HelpFileinUnsafeDirPath
+ WorldWritableAliasFile
+ ForwardFileInGroupWritableDirPath
+ IncludeFileInGroupWritableDirPath
+ ForwardFileInUnsafeDirPath
+ IncludeFileInUnsafeDirPath
+ ForwardFileInUnsafeDirPathSafe
+ IncludeFileInUnsafeDirPathSafe
+ MapInUnsafeDirPath
+ LinkedAliasFileInWritableDir
+ LinkedClassFileInWritableDir
+ LinkedForwardFileInWritableDir
+ LinkedIncludeFileInWritableDir
+ LinkedMapInWritableDir
+ LinkedServiceSwitchFileInWritableDir
+ FileDeliveryToHardLink
+ FileDeliveryToSymLink
+ WriteMapToHardLink
+ WriteMapToSymLink
+ WriteStatsToHardLink
+ WriteStatsToSymLink
+ RunProgramInUnsafeDirPath
+ RunWritableProgram
+ New DontProbeInterfaces option to turn off the inclusion of all the
+ interface names in $=w on startup. In particular, if you
+ have lots of virtual interfaces, this option will speed up
+ startup. However, unless you make other arrangements, mail
+ sent to those addresses will be bounced.
+ Automatically create alias databases if they don't exist and
+ AutoRebuildAliases is set.
+ Add PrivacyOptions=noetrn flag to disable the SMTP ETRN command.
+ Suggested by Christophe Wolfhugel of the Institut Pasteur.
+ Add PrivacyOptions=noverb flag to disable the SMTP VERB command.
+ When determining the client host name ($&{client_name} macro), do
+ a forward (A) DNS lookup on the result of the PTR lookup
+ and compare results. If they differ or if the PTR lookup
+ fails, &{client_name} will contain the IP address
+ surrounded by square brackets (e.g. []).
+ New map flag: -Tx appends "x" to lookups that return temporary failure
+ (i.e, it is like -ax for the temporary failure case, in
+ contrast to the success case).
+ New syntax to do limited checking of header syntax. A config line
+ of the form:
+ HHeader: $>Ruleset
+ causes the indicated Ruleset to be invoked on the Header
+ when read. This ruleset works like the check_* rulesets --
+ that is, it can reject mail on the basis of the contents.
+ Limit the size of the HELO/EHLO parameter to prevent spammers
+ from hiding their connection information in Received:
+ headers.
+ When SingleThreadDelivery is active, deliveries to locked hosts
+ are skipped. This will cause the delivering process to
+ try the next MX host or queue the message if no other MX
+ hosts are available. Suggested by Alexander Litvin.
+ The [FILE] mailer type now delivers to the file specified in the
+ A= equate of the mailer definition instead of $u. It also
+ obeys all of the F= mailer flags such as the MIME
+ 7/8 bit conversion flags. This is useful for defining
+ a mailer which delivers to the same file regardless of the
+ recipient (e.g. 'A=FILE /dev/null' to discard unwanted mail).
+ Do not assume the identity of a remote connection is root@localhost
+ if the remote connection closes the socket before the
+ remote identity can be queried.
+ Change semantics of the F=S mailer flag back to 8.7.5 behavior.
+ Some mailers, including procmail, require that the real
+ uid is left unchanged by sendmail. Problem noted by Per
+ Hedeland of Ericsson.
+ No longer is the src/obj*/Makefile selected from a large list -- it
+ is now generated using the information in BuildTools/OS/ --
+ some of the details are determined dynamically via
+ BuildTools/bin/configure.sh.
+ The other programs in the sendmail distribution -- mail.local,
+ mailstats, makemap, praliases, rmail, and smrsh -- now use
+ the new Build method which creates an operating system
+ specific Makefile using the information in BuildTools.
+ Make 4xx reply codes to the SMTP MAIL command be non-sticky (i.e.,
+ a failure on one message won't affect future messages to the
+ same host). This is necessary if the remote host sends
+ a 451 error if the domain of the sender does not resolve
+ as is common in anti-spam configurations. Problem noted
+ by Mitchell Blank Jr of Exec-PC.
+ New "discard" mailer for check_* rulesets and header checking
+ rulesets. If one of the above rulesets resolves to the
+ $#discard mailer, the commands will be accepted but the
+ message will be completely discarded after it is accepting.
+ This means that even if only one of the recipients
+ resolves to the $#discard mailer, none of the recipients
+ will receive the mail. Suggested by Brian Kantor.
+ All but the last cloned envelope of a split envelope were queued
+ instead of being delivered. Problem noted by John Caruso
+ of CNET: The Computer Network.
+ Fix deadlock situation in persistent host status file locking.
+ Syslog an error if a user forward file could not be read due to
+ an error. Patch from John Beck of Sun Microsystems.
+ Use the first name returned on machine lookups when canonifying a
+ hostname via NetInfo. Patch from Timm Wetzel of GWDG.
+ Clear the $&{client_addr}, $&{client_name}, and $&{client_port}
+ macros when delivering a bounce message to prevent
+ rejection by a check_compat ruleset which uses these macros.
+ Problem noted by Jens Hamisch of AgiX Internetservices GmbH.
+ If the check_relay ruleset resolves to the the error mailer, the
+ error in the $: portion of the resolved triplet is used
+ in the rejection message given to the remote machine.
+ Suggested by Scott Gifford of The Internet Ramp.
+ Set the $&{client_addr}, $&{client_name}, and $&{client_port} macros
+ before calling the check_relay ruleset. Suggested by Scott
+ Gifford of The Internet Ramp.
+ Sendmail would get a segmentation fault if a mailer exited with an
+ exit code of 79. Problem noted by Aaron Schrab of ExecPC
+ Internet. Fix from Christophe Wolfhugel of the Pasteur
+ Institute.
+ Separate snprintf/vsnprintf routines into separate file for use by
+ mail.local.
+ Allow multiple map lookups on right hand side, e.g.,
+ R$* $( host $1 $) $| $( passwd $1 $). Patch from
+ Christophe Wolfhugel of the Pasteur Institute.
+ Properly generate success DSN messages if requested for aliases
+ which have owner- aliases. Problem noted by Kari Hurtta
+ of the Finnish Meteorological Institute.
+ Properly display delayed-expansion macros ($&{macroname}) in
+ address test mode (-bt). Problem noted by Bryan Costales
+ of InfoBeat, Inc.
+ -qR could sometimes match names incorrectly. Problem noted by
+ Lutz Euler of Lavielle EDV Systemberatung GmbH & Co.
+ Include a magic number and version in the StatusFile for the
+ mailstats command.
+ Record the number of rejected and discarded messages in the
+ StatusFile for display by the mailstats command. Patch
+ from Randall Winchester of the University of Maryland.
+ IDENT returns where the OSTYPE field equals "OTHER" now list the
+ user portion as IDENT:username@site instead of
+ username@site to differentiate the two. Suggested by
+ Kari Hurtta of the Finnish Meteorological Institute.
+ Enforce timeout for LDAP queries. Patch from Per Hedeland of
+ Ericsson.
+ Change persistent host status filename substitution so '/' is
+ replaced by ':' instead of '|' to avoid clashes. Also
+ avoid clashes with hostnames with leading dots. Fix from
+ Mitchell Blank Jr. of Exec-PC.
+ If the system lock table is full, only attempt to create a new
+ queue entry five times before giving up. Previously, it
+ was attempted indefinitely which could cause the partition
+ to run out of inodes. Problem noted by Suzie Weigand of
+ Stratus Computer, Inc.
+ In verbose mode, warn if the sendmail.cf version is less than the
+ currently supported version.
+ Sorting for QueueSortOrder=host is now case insensitive. Patch
+ from Randall S. Winchester of the University of Maryland.
+ Properly quote a full name passed via the -F command line option,
+ the Full-Name: header, or the NAME environment variable if
+ it contains characters which must be quoted. Problem noted
+ by Kari Hurtta of the Finnish Meteorological Institute.
+ Avoid possible race condition that unlocked a mail job before
+ releasing the transcript file on systems that use flock(2).
+ In some cases, this might result in a "Transcript Unavailable"
+ message in error bounces.
+ Accept SMTP replies which contain only a reply code and no
+ accompanying text. Problem noted by Fernando Fraticelli of
+ Digital Equipment Corporation.
+ Portability:
+ AIX 4.1 uses int for SOCKADDR_LEN_T from Motonori Nakamura
+ of Kyoto University.
+ AIX 4.2 requires <userpw.h> before <usersec.h>. Patch from
+ Randall S. Winchester of the University of
+ Maryland.
+ AIX 4.3 from Valdis Kletnieks of Virginia Tech CNS.
+ CRAY T3E from Manu Mahonen of Center for Scientific Computing
+ in Finland.
+ Digital UNIX now uses statvfs for determining free
+ disk space. Patch from Randall S. Winchester of
+ the University of Maryland.
+ HP-UX 11.x from Richard Allen of Opin Kerfi HF and
+ Regis McEwen of Progress Software Corporation.
+ IRIX 64 bit fixes from Kari Hurtta of the Finnish
+ Meteorological Institute.
+ IRIX 6.2 configuration fix for mail.local from Michael Kyle
+ of CIC/Advanced Computing Laboratory.
+ IRIX 6.5 from Thomas H Jones II of SGI.
+ IRIX 6.X load average code from Bob Mende of SGI.
+ QNX from Glen McCready <glen@qnx.com>.
+ SCO 4.2 and 5.x use /usr/bin instead of /usr/ucb for links
+ to sendmail. Install with group bin instead of kmem
+ as kmem does not exist. From Guillermo Freige of
+ Gobernacion de la Pcia de Buenos Aires and Paul
+ Fischer of BTG, Inc.
+ SunOS 4.X does not include memmove(). Patch from
+ Per Hedeland of Ericsson.
+ SunOS 5.7 includes getloadavg() function for determining
+ load average. Patch from John Beck of Sun
+ Microsystems.
+ CONFIG: Increment version number of config file.
+ CONFIG: add DATABASE_MAP_TYPE to set the default type of database
+ map for the various maps. The default is hash. Patch from
+ Robert Harker of Harker Systems.
+ CONFIG: new confEBINDIR m4 variable for defining the executable
+ directory for certain programs.
+ CONFIG: new FEATURE(local_lmtp) to use the new LMTP support for
+ local mail delivery. By the default, /usr/libexec/mail.local
+ is used. This is expected to be the mail.local shipped
+ with 8.9 which is LMTP capable. The path is based on the
+ new confEBINDIR m4 variable.
+ CONFIG: Use confEBINDIR in determining path to smrsh for
+ FEATURE(smrsh). Note that this changes the default from
+ /usr/local/etc/smrsh to /usr/libexec/smrsh. To obtain the
+ old path for smrsh, use FEATURE(smrsh, /usr/local/etc/smrsh).
+ CONFIG: DOMAIN(generic) changes the default confFORWARD_PATH to
+ include $z/.forward.$w+$h and $z/.forward+$h which allow
+ the user to setup different .forward files for
+ user+detail addressing.
+ and confDONT_BLAME_SENDMAIL to set MaxRecipientsPerMessage,
+ DontProbeInterfaces, and DontBlameSendmail options.
+ CONFIG: by default do not allow relaying (that is, accepting mail
+ from outside your domain and sending it to another host
+ outside your domain).
+ CONFIG: new FEATURE(promiscuous_relay) to allow mail relaying from
+ any site to any site.
+ CONFIG: new FEATURE(relay_entire_domain) allows any host in your
+ domain as defined by the 'm' class ($=m) to relay.
+ CONFIG: new FEATURE(relay_based_on_MX) to allow relaying based on
+ the MX records of the host portion of an incoming recipient.
+ CONFIG: new FEATURE(access_db) which turns on the access database
+ feature. This database give you the ability to allow
+ or refuse to accept mail from specified domains for
+ administrative reasons. By default, names that are listed
+ as "OK" in the access db are domain names, not host names.
+ CONFIG: new confCR_FILE m4 variable for defining the name of the file
+ used for class 'R'. Defaults to /etc/mail/relay-domains.
+ CONFIG: new command RELAY_DOMAIN(domain) and RELAY_DOMAIN_FILE(file)
+ to add items to class 'R' ($=R) for hosts allowed to relay.
+ CONFIG: new FEATURE(relay_hosts_only) to change the behavior
+ of FEATURE(access_db) and class 'R' to lookup individual
+ host names only.
+ CONFIG: new FEATURE(loose_relay_check). Normally, if a recipient
+ using % addressing is used, e.g. user%site@othersite,
+ and othersite is in class 'R', the check_rcpt ruleset
+ will strip @othersite and recheck user@site for relaying.
+ This feature changes that behavior. It should not be
+ needed for most installations.
+ CONFIG: new FEATURE(relay_local_from) to allow relaying if the
+ domain portion of the mail sender is a local host. This
+ should only be used if absolutely necessary as it opens
+ a window for spammers. Patch from Randall S. Winchester of
+ the University of Maryland.
+ CONFIG: new FEATURE(blacklist_recipients) turns on the ability to
+ block incoming mail destined for certain recipient
+ usernames, hostnames, or addresses.
+ CONFIG: By default, MAIL FROM: commands in the SMTP session will be
+ refused if the host part of the argument to MAIL FROM: cannot
+ be located in the host name service (e.g., DNS).
+ CONFIG: new FEATURE(accept_unresolvable_domains) accepts
+ unresolvable hostnames in MAIL FROM: SMTP commands.
+ CONFIG: new FEATURE(accept_unqualified_senders) accepts
+ MAIL FROM: senders which do not include a domain.
+ CONFIG: new FEATURE(rbl) Turns on rejection of hosts found in the
+ Realtime Blackhole List. You can specify the RBL name
+ server to contact by specifying it as an optional argument.
+ The default is rbl.maps.vix.com. For details, see
+ http://maps.vix.com/rbl/.
+ CONFIG: Call Local_check_relay, Local_check_mail, and
+ Local_check_rcpt from check_relay, check_mail, and
+ check_rcpt. Users with local rulesets should place the
+ rules using LOCAL_RULESETS. If a Local_check_* ruleset
+ returns $#OK, the message is accepted. If the ruleset
+ returns a mailer, the appropriate action is taken, else
+ the return of the ruleset is ignored.
+ CONFIG: CYRUS_MAILER_FLAGS now includes the /:| mailer flags by
+ default to support file, :include:, and program deliveries.
+ CONFIG: Remove the default for confDEF_USER_ID so the binary can
+ pick the proper default value. See the SECURITY note
+ above for more information.
+ CONFIG: FEATURE(nodns) now warns the user that the feature is a
+ no-op. Patch from Kari Hurtta of the Finnish
+ Meteorological Institute.
+ CONFIG: OSTYPE(osf1) now sets DefaultUserID (confDEF_USER_ID) to
+ daemon since DEC's /bin/mail will drop the envelope
+ sender if run as mailnull. See the Digital UNIX section
+ of src/README for more information. Problem noted by
+ Kari Hurtta of the Finnish Meteorological Institute.
+ CONFIG: .cf files are now stored in the same directory with the
+ .mc files instead of in the obj directory.
+ setting SingleLineFromHeader, AllowBogusHELO, and
+ MustQuoteChars respectively.
+ MAIL.LOCAL: support -l flag to run LMTP on stdin/stdout. This
+ SMTP-like protocol allows detailed reporting of delivery
+ status on a per-user basis. Code donated by John Myers of
+ CMU (now of Netscape).
+ MAIL.LOCAL: HP-UX support from Randall S. Winchester of the
+ University of Maryland. NOTE: mail.local is not
+ compatible with the stock HP-UX mail format. Be sure to
+ read mail.local/README.
+ MAIL.LOCAL: Prevent other mail delivery agents from stealing a
+ mailbox lock. Patch from Randall S. Winchester of the
+ University of Maryland.
+ MAIL.LOCAL: glibc portability from John Kennedy of Cal State
+ University, Chico.
+ MAIL.LOCAL: IRIX portability from Kari Hurtta of the Finnish
+ Meteorological Institute.
+ MAILSTATS: Display the number of rejected and discarded messages
+ in the StatusFile. Patch from Randall Winchester of the
+ University of Maryland.
+ MAKEMAP: New -s flag to ignore safety checks on database map files
+ such as linked files in world writable directories.
+ MAKEMAP: Add support for Berkeley DB 2.X. Remove OLD_NEWDB support.
+ PRALIASES: Add support for Berkeley DB 2.X.
+ PRALIASES: Do not automatically include NDBM support. Problem
+ noted by Ralf Hildebrandt of the Technical University of
+ Braunschweig.
+ RMAIL: Improve portability for other platforms. Patches from
+ Randall S. Winchester of the University of Maryland and
+ Kari Hurtta of the Finnish Meteorological Institute.
+ Changed Files:
+ src/Makefiles/Makefile.* files have been modified to use
+ the new build mechanism and are now BuildTools/OS/*.
+ src/makesendmail changed to symbolic link to src/Build.
+ New Files:
+ BuildTools/M4/header.m4
+ BuildTools/M4/depend/BSD.m4
+ BuildTools/M4/depend/CC-M.m4
+ BuildTools/M4/depend/NCR.m4
+ BuildTools/M4/depend/Solaris.m4
+ BuildTools/M4/depend/X11.m4
+ BuildTools/M4/depend/generic.m4
+ BuildTools/OS/AIX.4.2
+ BuildTools/OS/AIX.4.x
+ BuildTools/OS/CRAYT3E.2.0.x
+ BuildTools/OS/HP-UX.11.x
+ BuildTools/OS/IRIX.6.5
+ BuildTools/OS/NEXTSTEP.4.x
+ BuildTools/OS/NeXT.4.x
+ BuildTools/OS/NetBSD.8.3
+ BuildTools/OS/QNX
+ BuildTools/OS/SunOS.5.7
+ BuildTools/OS/dcosx.1.x.NILE
+ BuildTools/README
+ BuildTools/Site/README
+ BuildTools/bin/Build
+ BuildTools/bin/configure.sh
+ BuildTools/bin/find_m4.sh
+ BuildTools/bin/install.sh
+ Makefile
+ cf/cf/Build
+ cf/cf/generic-hpux10.cf
+ cf/feature/accept_unqualified_senders.m4
+ cf/feature/accept_unresolvable_domains.m4
+ cf/feature/access_db.m4
+ cf/feature/blacklist_recipients.m4
+ cf/feature/loose_relay_check.m4
+ cf/feature/local_lmtp.m4
+ cf/feature/promiscuous_relay.m4
+ cf/feature/rbl.m4
+ cf/feature/relay_based_on_MX.m4
+ cf/feature/relay_entire_domain.m4
+ cf/feature/relay_hosts_only.m4
+ cf/feature/relay_local_from.m4
+ cf/ostype/qnx.m4
+ contrib/doublebounce.pl
+ mail.local/Build
+ mail.local/Makefile.m4
+ mail.local/README
+ mailstats/Build
+ mailstats/Makefile.m4
+ makemap/Build
+ makemap/Makefile.m4
+ praliases/Build
+ praliases/Makefile.m4
+ rmail/Build
+ rmail/Makefile.m4
+ rmail/rmail.0
+ smrsh/Build
+ smrsh/Makefile.m4
+ src/Build
+ src/Makefile.m4
+ src/snprintf.c
+ Deleted Files:
+ cf/cf/Makefile (replaced by Makefile.dist)
+ mail.local/Makefile
+ mail.local/Makefile.dist
+ mailstats/Makefile
+ mailstats/Makefile.dist
+ makemap/Makefile
+ makemap/Makefile.dist
+ praliases/Makefile
+ praliases/Makefile.dist
+ rmail/Makefile
+ smrsh/Makefile
+ smrsh/Makefile.dist
+ src/Makefile
+ src/Makefiles/Makefile.AIX.4 (split into AIX.4.x and AIX.4.2)
+ src/Makefiles/Makefile.SMP_DC.OSx.NILE
+ (renamed BuildTools/OS/dcosx.1.x.NILE)
+ src/Makefiles/Makefile.Utah (obsolete platform)
+ Renamed Files:
+ cf/cf/Makefile.dist => Makefile
+ cf/cf/obj/* => cf/cf/*
+ src/READ_ME => src/README
+8.8.8/8.8.8 97/10/24
+ If the check_relay ruleset failed, the relay= field was logged
+ incorrectly. Problem noted by Kari Hurtta of the Finnish
+ Meteorological Institute.
+ If /usr/tmp/dead.letter already existed, sendmail could not
+ add additional bounces to it. Problem noted by Thomas J.
+ Arseneault of SRI International.
+ If an SMTP mailer used a non-standard port number for the outgoing
+ connection, it would be displayed incorrectly in verbose mode.
+ Problem noted by John Kennedy of Cal State University, Chico.
+ Log the ETRN parameter specified by the client before altering them
+ to internal form. Suggested by Bob Kupiec of GES-Verio.
+ EXPN and VRFY SMTP commands on malformed addresses were logging as
+ User unknown with bogus delay= values. Change them to log
+ the same as compliant addresses. Problem noted by Kari E.
+ Hurtta of the Finnish Meteorological Institute.
+ Ignore the debug resolver option unless using sendmail debug trace
+ option for resolver. Problem noted by Greg Nichols of Wind
+ River Systems.
+ If SingleThreadDelivery was enabled and the remote server returned a
+ protocol error on the DATA command, the connection would be
+ closed but the persistent host status file would not be
+ unlocked so other sendmail processes could not deliver to
+ that host. Problem noted by Peter Wemm of DIALix.
+ If queueing up a message due to an expensive mailer, don't increment
+ the number of delivery attempts or set the last delivery
+ attempt time so the message will be delivered on the next
+ queue run regardless of MinQueueAge. Problem noted by
+ Brian J. Coan of the Institute for Global Communications.
+ Authentication warnings of "Processed from queue _directory_" and
+ "Processed by _username_ with -C _filename_" would be logged
+ with the incorrect timestamp. Problem noted by Kari E. Hurtta
+ of the Finnish Meteorological Institute.
+ Use a better heuristic for detecting GDBM.
+ Log null connections on dropped connections. Problem noted by
+ Jon Lewis of Florida Digital Turnpike.
+ If class dbm maps are rebuilt, sendmail will now detect this and
+ reopen the map. Previously, they could give stale
+ results during a single message processing (but would
+ recover when the next message was received). Fix from
+ Joe Pruett of Q7 Enterprises.
+ Do not log failures such as "User unknown" on -bv or SMTP VRFY
+ requests. Problem noted by Kari E. Hurtta of the
+ Finnish Meteorological Institute.
+ Do not send a bounce message back to the sender regarding bad
+ recipients if the SMTP connection is dropped before the
+ message is accepted. Problem noted by Kari E. Hurtta of the
+ Finnish Meteorological Institute.
+ Use "localhost" instead of "[UNIX: localhost]" when connecting to
+ sendmail via a UNIX pipe. This will allow rulesets using
+ $&{client_name} to process without sending the string through
+ dequote. Problem noted by Alan Barrett of Internet Africa.
+ A combination of deferred delivery mode, a double bounce situation,
+ and the inability to save a bounce message to
+ /var/tmp/dead.letter would cause sendmail to send a bounce
+ to postmaster but not remove the offending envelope from the
+ queue causing it to create a new bounce message each time the
+ queue was run. Problem noted by Brad Doctor of Net Daemons
+ Associates.
+ Remove newlines from hostname information returned via DNS. There are
+ no known security implications of newlines in hostnames as
+ sendmail filters newlines in all vital areas; however, this
+ could cause confusing error messages.
+ Starting with sendmail 8.8.6, mail sent with the '-t' option would be
+ rejected if any of the specified addresses were bad. This
+ behavior was modified to only reject the bad addresses and not
+ the entire message. Problem noted by Jozsef Hollosi of
+ SuperNet, Inc.
+ Use Timeout.fileopen when delivering mail to a file. Suggested by
+ Bryan Costales of InfoBeat, Inc.
+ Display the proper Final-Recipient on DSN messages for non-SMTP
+ mailers. Problem noted by Kari E. Hurtta of the
+ Finnish Meteorological Institute.
+ An error in calculating the available space in the list of addresses
+ for logging deliveries could cause an address to be silently
+ dropped.
+ Include the initial user environment if sendmail is restarted via
+ a HUP signal. This will give room for the process title.
+ Problem noted by Jon Lewis of Florida Digital Turnpike.
+ Mail could be delivered without a body if the machine does not
+ support flock locking and runs out of processes during
+ delivery. Fix from Chuck Lever of the University of Michigan.
+ Drop recipient address from 251 and 551 SMTP responses per RFC 821.
+ Problem noted by Kari E. Hurtta of the Finnish Meteorological
+ Institute.
+ Make sure non-rebuildable database maps are opened before the
+ rebuildable maps (i.e. alias files) in case the database maps
+ are needed for verifying the left hand side of the aliases.
+ Problem noted by Lloyd Parkes of Victoria University.
+ Make sure sender RFC822 source route addresses are alias expanded for
+ bounce messages. Problem noted by Juergen Georgi of
+ RUS University of Stuttgart.
+ Minor lint fixes.
+ Return a temporary error instead of a permanent error if an LDAP map
+ search returns an error. This will allow sequenced maps which
+ use other LDAP servers to be checked. Fix from Booker Bense
+ of Stanford University.
+ When automatically converting from quoted printable to 8bit text do
+ not pad bare linefeeds with a space. Problem noted by Theo
+ Nolte of the University of Technology Aachen, Germany.
+ Portability:
+ Non-standard C compilers may have had a problem compiling
+ conf.c due to a standard C external declaration of
+ setproctitle(). Problem noted by Ted Roberts of
+ Electronic Data Systems.
+ AUX: has a broken O_EXCL implementation. Reported by Jim
+ Jagielski of jaguNET Access Services.
+ BSD/OS: didn't compile if HASSETUSERCONTEXT was defined.
+ Digital UNIX: Digital UNIX (and possibly others) moves
+ loader environment variables into the loader memory
+ area. If one of these environment variables (such as
+ LD_LIBRARY_PATH) was the last environment variable,
+ an invalid memory address would be used by the process
+ title routine causing memory corruption. Problem
+ noted by Sam Hartman of Mesa Internet Systems.
+ GNU libc: uses an enum for _PC_CHOWN_RESTRICTED which caused
+ chownsafe() to always return 0 even if the OS does
+ not permit file giveaways. Problem noted by
+ Yasutaka Sumi of The University of Tokyo.
+ IRIX6: Syslog buffer size set to 512 bytes. Reported by
+ Gerald Rinske of Siemens Business Services VAS.
+ Linux: Pad process title with NULLs. Problem noted by
+ Jon Lewis of Florida Digital Turnpike.
+ SCO OpenServer 5.0: SIOCGIFCONF ioctl call returns an
+ incorrect value for the number of interfaces.
+ Problem noted by Chris Loelke of JetStream Internet
+ Services.
+ SINIX: Update for Makefile and syslog buffer size from Gerald
+ Rinske of Siemens Business Services VAS.
+ Solaris: Make sure HASGETUSERSHELL setting for SunOS is not
+ used on a Solaris machine. Problem noted by
+ Stephen Ma of Jtec Pty Limited.
+ CONFIG: SINIX: Update from Gerald Rinske of Siemens Business
+ Services VAS.
+ MAKEMAP: Use a better heuristic for detecting GDBM.
+ CONTRIB: expn.pl: Updated version from the author, David Muir Sharnoff.
+ OP.ME: Document the F=i mailer flag. Problem noted by Per Hedeland of
+ Ericsson.
+8.8.7/8.8.7 97/08/03
+ If using Berkeley DB on systems without O_EXLOCK (open a file with
+ an exclusive lock already set -- i.e., almost all systems
+ except 4.4-BSD derived systems), the initial attempt at
+ rebuilding aliases file if the database didn't already
+ exist would fail. Patch from Raymund Will of LST Software
+ GmbH.
+ Bogus incoming SMTP commands would reset the SMTP conversation.
+ Problem noted by Fredrik Jönsson of the Royal Institute
+ of Technology, Stockholm.
+ Since TCP Wrappers includes setenv(), unsetenv(), and putenv(),
+ some environments could give "multiple definitions" for these
+ routines during compilation. If using TCP Wrappers, assume
+ that these routines are included as though they were in the
+ C library. Patch from Robert La Ferla.
+ When a NEWDB database map was rebuilt at the same time it was being
+ used by a queue run, the maps could be left locked for the
+ duration of the queue run, causing other processes to hang.
+ Problem noted by Kendall Libby of Shore.NET.
+ In some cases, NoRecipientAction=add-bcc was being ignored, so the
+ mail was passed on without any recipient header. This could
+ cause problems downstream. Problem noted by Xander Jansen
+ of SURFnet ExpertiseCentrum.
+ Give error when GDBM is used with sendmail. GDBM's locking and
+ linking of the .dir and .pag files interferes with sendmail's
+ locking and security checks. Problems noted by Fyodor
+ Yarochkin of the Kyrgyz Republic FreeNet.
+ Don't fsync qf files if SuperSafe option is not set.
+ Avoid extra calls to gethostbyname for addresses for which a
+ gethostbyaddr found no value. Also, ignore any returns
+ from gethostbyaddr that look like a dotted quad.
+ If PTR lookup fails when looking up an SMTP peer, don't tag it as
+ "may be forged", since at the network level we pretty much
+ have to assume that the information is good.
+ In some cases, errors during an SMTP session could leave files
+ open or locked.
+ Better handling of missing file descriptors (0, 1, 2) on startup.
+ Better handling of non-setuid binaries -- avoids certain obnoxious
+ errors during testing.
+ Errors in file locking of NEWDB maps had the incorrect file name
+ printed in the error message.
+ If the AllowBogusHELO option were set and an EHLO with a bad or
+ missing parameter were issued, the EHLO behaved like a HELO.
+ Load limiting never kicked in for incoming SMTP transactions if the
+ DeliverMode=background and any recipient was an alias or
+ had a .forward file. From Nik Conwell of Boston University.
+ On some non-Posix systems, the decision of whether chown(2) permits
+ file giveaway was undefined. From Tetsu Ushijima of the
+ Tokyo Institute of Technology.
+ Fix race condition that could cause the body of a message to be
+ lost (so only the header was delivered). This only occurs
+ on systems that do not use flock(2), and only when a queue
+ runner runs during a critical section in another message
+ delivery. Based on a patch from Steve Schweinhart of
+ Results Computing.
+ If a qf file was found in a mail queue directory that had a problem
+ (wrong ownership, bad format, etc.) and the file name was
+ exactly MAXQFNAME bytes long, then instead of being tried
+ once, it would be tried on every queue run. Problem noted
+ by Bryan Costales of Mercury Mail.
+ If the system supports an st_gen field in the status structure,
+ include it when reporting that a file has changed after open.
+ This adds a new compile flag, HAS_ST_GEN (0/1 option).
+ This out to be checked as well as reported, since it is
+ theoretically possible for an attacker to remove a file after
+ it is opened and replace it with another file that has the
+ same i-number, but some filesystems (notably AFS) return
+ garbage in this field, and hence always look like the file
+ has changed. As a practical matter this is not a security
+ problem, since the files can be neither hard nor soft links,
+ and on no filesystem (that I am aware of) is it possible to
+ have two files on the same filesystem with the same i-number
+ simultaneously.
+ Delete the root Makefile from the distribution -- it is only for
+ use internally, and does not work at customer sites.
+ Fix botch that caused the second MAIL FROM: command in a single
+ transaction to clear the entire transaction. Problem
+ noted by John Kennedy of Cal State University, Chico.
+ Work properly on machines that have _PATH_VARTMP defined without
+ a trailing slash. (And a pox on vendors that decide to
+ ignore the established conventions!) Problem noted by
+ Gregory Neil Shapiro of WPI.
+ Internal changes to make it easier to add another protocol family
+ (intended for IPv6). Patches are from John Kennedy of
+ CSU Chico.
+ In certain cases, 7->8 bit MIME decoding of Base64 text could leave
+ an extra space at the beginning of some lines. Problem
+ noted by Charles Karney of Princeton University; fix based
+ on a patch from Christophe Wolfhugel.
+ Portability:
+ Allow _PATH_VENDOR_CF to be set in Makefile for consistency
+ with the _Sendmail_ book, 2nd edition. Note that
+ the book is actually wrong: _PATH_SENDMAILCF should
+ be used instead.
+ AIX 3.x: Include <sys/select.h>. Patch from Gene Rackow
+ of Argonne National Laboratory.
+ OpenBSD from from Paul DuBois of the University of Wisconsin.
+ RISC/os 4.0 from Paul DuBois of the University of Wisconsin.
+ SunOS: Include <memory.h> to fix warning from util.c. From
+ James Aldridge of EUnet Ltd.
+ Solaris: Change STDIR (location of status file) to /etc/mail
+ in Makefiles.
+ Linux, Dynix, UNICOS: Remove -DNDBM and -lgdbm from
+ Makefiles. Use NEWDB on Linux instead.
+ exists but behaves differently than other OSes.
+ Add SIOCGIFNUM_IS_BROKEN compile flag to get
+ around the problem. Problem noted by Tom Moore of
+ NCR Corp.
+ HP-UX 9.x: fix compile warnings for old select API. Problem
+ noted by Tom Smith of Digital Equipment Corp.
+ UnixWare 2.x: compile warnings on offsetof macro. Problem
+ noted by Tom Good of the Community Access Information
+ Resource Network
+ SCO 4.2: compile problems caused by a change in the type of
+ the "length" parameters passed to accept, getpeername,
+ getsockname, and getsockopt. Adds new compile flags
+ SOCKADDR_SIZE_T and SOCKOPT_SIZE_T. Problem reported
+ by Tom Good of St. Vincent's North Richmond Community
+ Mental Health Center Residential Services.
+ AIX 4: Use size_t for SOCKADDR_SIZE_T and SOCKOPT_SIZE_T.
+ Suggested by Brett Hogden of Rochester Gas & Electric
+ Corp.
+ Linux: avoid compile problem for versions of <setjmp.h> that
+ #define both setjmp and longjmp. Problem pointed out
+ by J.R. Oldroyd of TerraNet.
+ CONFIG: SCO UnixWare 2.1: Support for OSTYPE(sco-uw-2.1)
+ from Christopher Durham of SCO.
+ CONFIG: NEXTSTEP: define confCW_FILE to
+ /etc/sendmail/sendmail.cw to match the usual
+ configuration. Patch from Dennis Glatting of
+ PlainTalk.
+ CONFIG: MAILER(fax) called a program that hasn't existed for a long
+ time. Convert to use the HylaFAX 4.0 conventions. Suggested
+ by Harry Styron.
+ CONFIG: Improve sample anti-spam rulesets in cf/cf/knecht.mc. These
+ are the rulesets in use on sendmail.org.
+ MAKEMAP: give error on GDBM files.
+ MAIL.LOCAL: Make error messages a bit more explicit, for example,
+ telling more details on what actually changed when "file
+ changed after open".
+ CONTRIB: etrn.pl: Ignore comments in Fw files. Support multiple Fw
+ files.
+ CONTRIB: passwd-to-alias.pl: Handle 8 bit characters and '-'.
+ src/Makefiles/Makefile.OpenBSD
+ src/Makefiles/Makefile.RISCos.4_0
+ test/t_exclopen.c
+ cf/ostype/sco-uw-2.1.m4
+ Makefile
+8.8.6/8.8.6 97/06/14
+ *************************************************************
+ * The extensive assistance of Gregory Neil Shapiro of WPI *
+ * in preparing this release is gratefully appreciated. *
+ * Sun Microsystems has also provided resources toward *
+ * continued sendmail development. *
+ *************************************************************
+ SECURITY: A few systems allow an open with the O_EXCL|O_CREAT open
+ mode bits set to create a file that is a symbolic link that
+ points nowhere. This makes it possible to create a root
+ owned file in an arbitrary directory by inserting the symlink
+ into a writable directory after the initial lstat(2) check
+ determined that the file did not exist. The only verified
+ example of a system having these odd semantics for O_EXCL
+ and symbolic links was HP-UX prior to version 9.07. Most
+ systems do not have the problem, since a exclusive create
+ of a file disallows symbolic links. Systems that have been
+ verified to NOT have the problem include AIX 3.x, *BSD,
+ DEC OSF/1, HP-UX 9.07 and higher, Linux, SunOS, Solaris,
+ and Ultrix. This is a potential exposure on systems that
+ have this bug and which do not have a MAILER-DAEMON alias
+ pointing at a legitimate account, since this will cause old
+ mail to be dropped in /var/tmp/dead.letter.
+ SECURITY: Problems can occur on poorly managed systems, specifically,
+ if maps or alias files are in world writable directories.
+ If your system has alias maps in writable directories, it
+ is potentially possible for an attacker to replace the .db
+ (or .dir and .pag) files by symbolic links pointing at
+ another database; this can be used either to expose
+ information (e.g., by pointing an alias file at /etc/spwd.db
+ and probing for accounts), or as a denial-of-service attack
+ (by trashing the password database). The fix disallows
+ symbolic links entirely when rebuilding alias files or on
+ maps that are in writable directories, and always warns on
+ writable directories; 8.9 will probably consider writable
+ directories to be fatal errors. This does not represent an
+ exposure on systems that have alias files in unwritable
+ system directories.
+ SECURITY: disallow .forward or :include: files that are links (hard
+ or soft) if the parent directory (or any directory in the
+ path) is writable by anyone other than the owner. This is
+ similar to the previous case for user files. This change
+ should not affect most systems, but is necessary to prevent
+ an attacker who can write the directory from pointing such
+ files at other files that are readable only by the owner.
+ SECURITY: Tighten safechown rules: many systems will say that they
+ have a safe (restricted to root) chown even on files that
+ are mounted from another system that allows owners to give
+ away files. The new rules are very strict, trusting file
+ ownership only in those few cases where the system has
+ been verified to be at least as paranoid as necessary.
+ However, it is possible to relax the rules to partially
+ trust the ownership if the directory path is not world or
+ group writable. This might allow someone who has a legitimate
+ :include: file (referenced directly from /etc/aliases) to
+ become another non-root user if the :include: file is in a
+ non-writable directory on an NFS-mounted filesystem where
+ the local system says that giveaway is denied but it is
+ actually permitted. I believe this to be a very small set
+ of cases. If in doubt, do not point :include: aliases at
+ NFS-mounted filesystems.
+ SECURITY: When setting a numeric group id using the RunAsUser option
+ (e.g., "O RunAsUser=10:20", the group id would not be set.
+ Implicit group ids (e.g., "O RunAsUser=mailnull") or alpha
+ group ids (e.g., "O RunAsUser=mailuser:mailgrp") worked fine.
+ The user id was still set properly. Problem noted by Uli
+ Pralle of the Technical University of Berlin.
+ Save the initial gid set for use when checking for if the
+ PrivacyOptions=restrictmailq option is set. Problem reported
+ by Wolfgang Ley of DFN-CERT.
+ Make 55x reply codes to the SMTP DATA-"." be non-sticky (i.e., a
+ failure on one message won't affect future messages to the
+ same host).
+ IP source route printing had an "off by one" error that would
+ affect any options that came after the route option. Patch
+ from Theo de Raadt.
+ The "Message is too large" error didn't successfully bounce the error
+ back to the sender. Problem reported by Stephen More of
+ PSI; patch from Gregory Neil Shapiro of WPI.
+ Change SMTP status code 553 to map into Extended code 5.1.0 (instead
+ of 5.1.3); it apparently gets used in multiple ways.
+ Suggested by John Myers of Portola Communications.
+ Fix possible extra null byte generated during collection if errors
+ occur at the beginning of the stream. Patch contributed by
+ Andrey A. Chernov and Gregory Neil Shapiro.
+ Code changes to avoid possible reentrant call of malloc/free within
+ a signal handler. Problem noted by John Beck of Sun
+ Microsystems.
+ Move map initialization to be earlier so that check_relay ruleset
+ will have the latest version of the map data. Problem noted
+ by Paul Forgey of Metainfo; patch from Gregory Neil Shapiro.
+ If there are fatal errors during the collection phase (e.g., message
+ too large) don't send the bogus message.
+ Avoid "cannot open xfAAA00000" messages when sending to aliases that
+ have errors and have owner- aliases. Problem noted by Michael
+ Barber of MTU; fix from Gregory Neil Shapiro of WPI.
+ Avoid null pointer dereference on illegal Boundary= parameters in
+ multipart/mixed Content-Type: header. Problem noted by
+ Richard Muirden of RMIT University.
+ Always print error messages during newaliases (-bi) even if the
+ ErrorMode is not set to "print". Fix from Gregory Neil
+ Shapiro.
+ Test mode could core dump if you did a /map lookup in an optional map
+ that could not be opened. Based on a fix from John Beck of
+ Sun Microsystems.
+ If DNS is misconfigured so that the last MX record tried points to
+ a host that does not have an A record, but other MX records
+ pointed to something reasonable, don't bounce the message
+ with a "host unknown" error. Note that this should really
+ be fixed in the zone file for the domain. Problem noted by
+ Joe Rhett of Navigist, Inc.
+ If a map fails (e.g., DNS times out) on all recipient addresses, mark
+ the message as having been tried; otherwise the next queue
+ run will not realize that this is a second attempt and will
+ retry immediately. Problem noted by Bryan Costales of
+ Mercury Mail.
+ If the clock is set backwards, and a MinQueueAge is set, no jobs
+ will be run until the later setting of the clock is reached.
+ "Problem" (I use the term loosely) noted by Eric Hagberg of
+ Morgan Stanley.
+ If the load average rises above the cutoff threshold (above which
+ sendmail will not process the queue at all) during a queue
+ run, abort the queue run immediately. Problem noted by
+ Bryan Costales of Mercury Mail.
+ The variable queue processing algorithm (based on the message size,
+ number of recipients, message precedence, and job age) was
+ non-functional -- either the entire queue was processed or
+ none of the queue was processed. The updated algorithm
+ does no queue run if a single recipient zero size job will
+ not be run.
+ If there is a fatal ("panic") message that will cause sendmail to
+ die immediately, never hold the error message for future
+ printing.
+ Force ErrorMode=print in -bt mode so that all errors are printed
+ regardless of the setting of the ErrorMode option in the
+ configuration file. Patch from Gregory Neil Shapiro.
+ New compile flag HASSTRERROR says that this OS has the strerror(3)
+ routine available in one of the libraries. Use it in conf.h.
+ The -m (match only) flag now works on host class maps.
+ If class hash or btree maps are rebuilt, sendmail will now detect
+ this and reopen the map. Previously, they could give
+ erroneous results during a single message processing
+ (but would recover when the next message was received).
+ Don't delete zero length queue files when doing queue runs until the
+ files are at least ten minutes old. This avoids a potential
+ race condition: the creator creates the qf file, getting back
+ a file descriptor. The queue runner locks it and deletes it
+ because it is zero length. The creator then writes the
+ descriptor that is now for a disconnected file, and the
+ job goes away. Based on a suggestion by Bryan Costales.
+ When determining the "validated" host name ($_ macro), do a forward
+ (A) DNS lookup on the result of the PTR lookup and compare
+ results. If they differ or if the PTR lookup fails, tag the
+ address as "may be forged".
+ Log null connections (i.e., hosts that connect but do not do any
+ substantive activity on the connection before disconnecting;
+ "substantive" is defined to be MAIL, EXPN, VRFY, or ETRN.
+ Always permit "writes" to /dev/null regardless of the link count.
+ This is safe because /dev/null is special cased, and no open
+ or write is ever actually attempted. Patch from Villy Kruse
+ of TwinCom.
+ If a message cannot be sent because of a 552 (exceeded storage
+ allocation) response to the MAIL FROM:<>, and a SIZE= parameter
+ was given, don't return the body in the bounce, since there
+ is a very good chance that the message will double-bounce.
+ Fix possible line truncation if a quoted-printable had an =00 escape
+ in the body. Problem noted by Charles Karney of the Princeton
+ Plasma Physics Laboratory.
+ Notify flags (e.g., -NSUCCESS) were lost on user+detail addresses.
+ Problem noted by Kari Hurtta of the Finnish Meteorological
+ Institute.
+ The MaxDaemonChildren option wasn't applying to queue runs as
+ documented. Note that this increases the potential denial
+ of service problems with this option: an attacker can
+ connect many times, and thereby lock out queue runs as well
+ as incoming connections. If you use this option, you should
+ run the "sendmail -bd" and "sendmail -q30m" jobs separately
+ to avoid this attack. Failure to limit noted by Matthew
+ Dillon of BEST Internet Communications.
+ Always give a message in newaliases if alias files cannot be
+ opened instead of failing silently. Suggested by Gregory
+ Neil Shapiro. This change makes the code match the O'Reilly
+ book (2nd edition).
+ Some older versions of the resolver could return with h_errno == -1
+ if no name server could be reached, causing mail to bounce
+ instead of queueing. Treat this like TRY_AGAIN. Fix from
+ John Beck of SunSoft.
+ If a :include: file is owned by a user that does not have an entry
+ in the passwd file, sendmail could dereference a null pointer.
+ Problem noted by Satish Mynam of Sun Microsystems.
+ Take precautions to make sure that the SMTP protocol cannot get out
+ of sync if (for example) an alias file cannot be opened.
+ Fix a possible race condition that can cause a SIGALRM to come in
+ immediately after a SIGHUP, causing the new sendmail to die.
+ Avoid possible hang on SVr3 systems when doing child reaping. Patch
+ from Villy Kruse of TwinCom.
+ Ignore improperly formatted SMTP reply codes. Previously these were
+ partially processed, which could cause confusing error
+ returns.
+ Fix possible bogus pointer dereference when doing ldapx map lookups
+ on some architectures.
+ Portability:
+ A/UX: from Jim Jagielski of NASA/GSFC.
+ glibc: SOCK_STREAM was changed from a #define to an enum,
+ thus breaking #ifdef SOCK_STREAM. Only option seems
+ to be to assume SOCK_STREAM if __GNU_LIBRARY__ is
+ defined. Problem reported by A Sun of the University
+ of Washington.
+ Solaris: use SIOCGIFNUM to get the number of interfaces on
+ the system rather than guessing at compile time.
+ Patch contributed by John Beck of Sun Microsystems.
+ Intel Paragon: from Wendy Lin of Purdue University.
+ GNU Hurd: from Miles Bader of the GNU project.
+ RISC/os 4.50 from Harlan Stenn of PFCS Corporation.
+ ISC Unix: wait never returns if SIGCLD signals are blocked.
+ Unfortunately releasing them opens a race condition,
+ but there appears to be no fix for this. Patch from
+ Gregory Neil Shapiro.
+ BIND 8.1 for IPv6 compatibility from John Kennedy.
+ Solaris: a bug in strcasecmp caused characters with the
+ high order bit set to apparently randomly match
+ letters -- for example, $| (0233) matches "i" and "I".
+ Problem noted by John Gregson of the University of
+ Cambridge.
+ IRIX 6.x: make Makefile.IRIX.6.2 apply to all 6.x. From
+ Kari Hurtta.
+ IRIX 6.x: Create Makefiles for systems that claim to be
+ IRIX64 but are 6.2 or higher (so use the regular
+ IRIX Makefile).
+ IRIX 6.x: Fix load average computation on 64 bit kernels.
+ Problem noted by Eric Hagberg of Morgan Stanley.
+ CONFIG: Some canonification was still done for UUCP-like addresses
+ even if FEATURE(nocanonify) was set. Problem pointed out by
+ Brian Candler.
+ CONFIG: In some cases UUCP mailers wouldn't properly recognize all
+ local names as local. Problem noted by Jeff Polk of BSDI;
+ fix provided by Gregory Neil Shapiro.
+ CONFIG: The "local:user" syntax entries in mailertables and other
+ "mailer:user" syntax locations returned an incorrect value
+ for the $h macro. Problem noted by Gregory Neil Shapiro.
+ CONFIG: Retain "+detail" information when forwarding mail to a
+ MAIL_HUB, LUSER_RELAY, or LOCAL_RELAY. Patch from Philip
+ Guenther of Gustavus Adolphus College.
+ CONFIG: Make sure user+detail works for FEATURE(virtusertable);
+ rules are the same as for aliasing. Based on a patch from
+ Gregory Neil Shapiro.
+ CONFIG: Break up parsing rules into several pieces; this should
+ have no functional change in this release, but makes it
+ possible to have better anti-spam rulesets in the future.
+ CONFIG: Disallow double dots in host names to avoid having the
+ HostStatusDirectory store status under the wrong name.
+ In some cases this can be used as a denial-of-service attack.
+ Problem noted by Ron Jarrell of Virginia Tech, patch from
+ Gregory Neil Shapiro.
+ CONFIG: Don't use F=m (multiple recipients per invocation) for
+ MAILER(procmail), but do pass F=Pn9 (include Return-Path:,
+ don't include From_, and convert to 8-bit). Suggestions
+ from Kimmo Suominen and Roderick Schertler.
+ CONFIG: Domains under $=M (specified with MASQUERADE_DOMAIN) where
+ being masqueraded as though FEATURE(masquerade_entire_domain)
+ was specified, even when it wasn't.
+ MAIL.LOCAL: Solaris 2.6 has snprintf. From John Beck of SunSoft.
+ MAIL.LOCAL: SECURITY: check to make sure that an attacker doesn't
+ "slip in" a symbolic link between the lstat(2) call and the
+ exclusive open. This is only a problem on System V derived
+ systems that allow an exclusive create on files that are
+ symbolic links pointing nowhere.
+ MAIL.LOCAL: If the final mailbox close() failed, the user id was
+ not reset back to root, which on some systems would cause
+ later mailboxes to fail. Also, any partial message would
+ not be truncated, which could result in repeated deliveries.
+ Problem noted by Bruce Evans via Peter Wemm (FreeBSD
+ developers).
+ MAKEMAP: Handle cases where O_EXLOCK is #defined to be 0. A similar
+ change to the sendmail map code was made in 8.8.3. Problem
+ noted by Gregory Neil Shapiro.
+ MAKEMAP: Give warnings on file problems such as map files that are
+ symbolic links; although makemap is not setuid root, it is
+ often run as root and hence has the potential for the same
+ sorts of problems as alias rebuilds.
+ MAKEMAP: Change compilation so that it will link properly on
+ CONTRIB: etrn.pl: search for Cw as well as Fw lines in sendmail.cf.
+ Accept an optional list of arguments following the server
+ name for the ETRN arguments to use (instead of $=w). Other
+ miscellaneous bug fixes. From Christian von Roques via
+ John Beck of Sun Microsystems.
+ CONTRIB: Add passwd-to-alias.pl, contributed by Kari Hurtta. This
+ Perl script converts GECOS information in the /etc/passwd
+ file into aliases, allowing for faster access to full name
+ lookups; it is also clever about adding aliases (to root)
+ for system accounts.
+ src/safefile.c
+ cf/ostype/gnuhurd.m4
+ cf/ostype/irix6.m4
+ contrib/passwd-to-alias.pl
+ src/Makefiles/Makefile.IRIX64.6.1
+ src/Makefiles/Makefile.IRIX64.6.x
+ src/Makefiles/Makefile.IRIX.6.2 => Makefile.IRIX.6.x
+ src/Makefiles/Makefile.IRIX64 => Makefile.IRIX64.6.0
+8.8.5/8.8.5 97/01/21
+ SECURITY: Clear out group list during startup. Without this, sendmail
+ will continue to run with the group permissions of the caller,
+ even if RunAsUser is specified.
+ SECURITY: Make purgestat (-bH) be root-only. This is not in response
+ to any known attack, but it's best to be conservative.
+ Suggested by Peter Wemm of DIALix.
+ SECURITY: Fix buffer overrun problem in MIME code that has possible
+ security implications. Patch from Alex Garthwaite of the
+ University of Pennsylvania.
+ Use of a -f flag with a phrase attached (e.g., "-f 'Full Name <addr>'")
+ would truncate the address after "Full". Although the -f
+ syntax is incorrect (since it is in the envelope, it
+ shouldn't have comments and full names), the failure mode
+ was unnecessarily awful.
+ Fix a possible null pointer dereference when converting 8-bit data
+ to a 7-bit format. Problem noted by Jim Hutchins of
+ Sandia National Labs and David James of British Telecom.
+ Clear out stale state that affected F=9 on SMTP mailers in queue
+ runs. Although this really shouldn't be used (F=9 is for
+ final delivery only, and using it on an SMTP mailer makes
+ it possible for a message to be converted from 8->7->8->7
+ bits several times), it shouldn't have failed with a syserr.
+ Problem noted by Eric Hagberg of Morgan Stanley.
+ _Really_ fix the multiple :maildrop code in the user database
+ module. Patch from Roy Mongiovi of Georgia Tech.
+ Let F lines in the configuration file actually read root-only
+ files if the configuration file is safe. Based on a
+ patch from Keith Reynolds of SCO.
+ ETRN followed by QUIT would hold the connection open until the queue
+ run completed. Problem noted by Truck Lewis of TDK
+ Semiconductor Corp.
+ It turns out that despite the documentation, the TCP wrappers library
+ does _not_ log rejected connections. Do the logging ourselves.
+ Problem noted by Fletcher Mattox of the University of Texas
+ at Austin.
+ If sendmail finds a qf file in its queue directory that is an unknown
+ version (e.g., when backing out to an old version), the
+ error is reported on every queue run. Change it to only
+ give the error once (and rename the qf => Qf). Patch from
+ William A. Gianopoulos of Raytheon Company.
+ Start a new session when doing background delivery; currently it
+ ignored signals but didn't start a new signal, that caused
+ some problems if a background process tried to send mail
+ under certain circumstances. Problem noted by Eric Hagberg
+ of Morgan Stanley; fix from Kari Hurtta.
+ Simplify test for skipping a queue run to just check if the current
+ load average is >= the queueing load average. Previously
+ the check factored in some other parameters that caused it
+ to essentially never skip the queue run. Patch from Bryan
+ Costales.
+ If the SMTP server is running in "nullserver" mode (that is, it is
+ rejecting all commands), start sleeping after MAXBADCOMMAND
+ (25) commands; this helps prevent a bad guy from putting
+ you into a tight loop as a denial-of-service attack. Based
+ on an e-mail conversation with Brad Knowles of AOL.
+ Slow down when too many "light weight" commands have been issued;
+ this helps prevent a class of denial-of-service attacks.
+ The current values and defaults are:
+ These will probably be configurable in a future release.
+ On systems that have uid_t typedefed to be an unsigned short, programs
+ that had the F=S flag and no U= equate would be invoked with
+ the real uid set to 65535 rather than being left unchanged.
+ In some cases, NOTIFY=NEVER was not being honored. Problem noted
+ by Steve Hubert of the University of Washington, Seattle.
+ Mail that was Quoted-Printable encoded and had a soft line break on
+ the last line (i.e., an incomplete continuation) had the last
+ line dropped. Since this appears to be illegal it isn't
+ clear what to do with it, but flushing the last line seems
+ to be a better "fail soft" approach. Based on a patch from
+ Eric Hagberg.
+ If AllowBogusHELO and PrivacyOptions=needmailhelo are both set, a
+ bogus HELO command still causes the "Polite people say HELO
+ first" error message. Problem pointed out by Chris Thomas
+ of UCLA; patch from John Beck of SunSoft.
+ Handle "sendmail -bp -qSfoobar" properly if restrictqrun is set
+ in PrivacyFlags. The -q shouldn't turn this command off.
+ Problem noted by Murray Kucherawy of Pacific Bell Internet;
+ based on a patch from Gregory Neil Shapiro of WPI.
+ Don't consider SMTP reply codes 452 or 552 (exceeded storage allocation)
+ in a DATA transaction to be sticky; these can occur because
+ a message is too large, and smaller messages should still go
+ through. Problem noted by Matt Dillon of Best Internet
+ Communications.
+ In some cases bounces were saved in /var/tmp/dead.letter even if they
+ had been successfully delivered to the envelope sender.
+ Problem noted Eric Hagberg of Morgan Stanley; solution from
+ Gregory Neil Shapiro of WPI.
+ Give better diagnostics on long alias lines. Based on code contributed
+ by Patrick Gosling of the University of Cambridge.
+ Increase the number of virtual interfaces that will be probed for
+ alternate names. Problem noted by Amy Rich of Shore.Net.
+ UXP/DS V20L10 for Fujitsu DS/90: Makefile patches from
+ Toshiaki Nomura of Fujitsu Limited.
+ SunOS with LDAP support: compile problems with struct timeval.
+ Patch from Nick Cuccia of TCSI Corporation.
+ SCO: from Keith Reynolds of SCO.
+ Solaris: kstat load average computation wasn't being used.
+ Fixes from Michael Ju. Tokarev of Telecom Service, JSC
+ (Moscow).
+ OpenBSD: from Jason Downs of teeny.org.
+ Altos System V: from Tim Rice.
+ Solaris 2.5: from Alan Perry of SunSoft.
+ Solaris 2.6: from John Beck of SunSoft.
+ Harris Nighthawk PowerUX (mh6000 box): from Bob Miorelli
+ of Pratt & Whitney <miorelli@pweh.com>.
+ CONFIG: It seems that I hadn't gotten the Received: line syntax
+ _just_right_ yet. Tweak it again. I'll omit the names
+ of the "contributors" (quantity two) in this one case.
+ As of now, NO MORE DISCUSSION about the syntax of the
+ Received: line.
+ CONFIG: Although FEATURE(nullclient) uses EXPOSED_USER (class $=E),
+ it never inserts that class into the output file. Fix it
+ so it will honor EXPOSED_USER but will _not_ include root
+ automatically in this class. Problem noted by Ronan KERYELL
+ of Centre de Recherche en Informatique de l'École Nationale
+ Supérieure des Mines de Paris (CRI-ENSMP).
+ CONFIG: Clean up handling of "local:" syntax in relay specifications
+ such as LUSER_RELAY. This change permits the following
+ syntaxes: ``local:'' will send to the same user on the
+ local machine (e.g., in a mailertable entry for "host",
+ ``local:'' will cause an address addressed to user@host to
+ go to user on the local machone). ``local:user'' will send
+ to the named user on the local machine. ``local:user@host''
+ is equivalent to ``local:user'' (the host is ignored). In
+ all cases, the original user@host is passed in $@ (i.e., the
+ detail information). Inspired by a report from Michael Fuhr.
+ CONFIG: Strip quotes from the first word of an "error:" host
+ indication. This lets you set (for example) the LUSER_RELAY
+ to be ``error:\"5.1.1\" Your Message Here''. Note the use
+ of the \" so that the resulting string is properly quoted.
+ Problem noted by Gregory Neil Shapiro of WPI.
+ OP.ME: documentation was inconsistent about whether sendmail did a
+ NOOP or a RSET to probe the connection (it does a RSET).
+ Inconsistency noted by Deeran Peethamparam.
+ OP.ME: insert additional blank pages so it will print properly on
+ a duplex printer. From Matthew Black of Cal State University,
+ Long Beach.
+8.8.4/8.8.4 96/12/02
+ SECURITY: under some circumstances, an attacker could get additional
+ permissions by hard linking to files that were group
+ writable by the attacker. The solution is to disallow any
+ files that have hard links -- this will affect .forward,
+ :include:, and output files. Problem noted by Terry
+ Kyriacopoulos of Interlog Internet Services. As a
+ workaround, set UnsafeGroupWrites -- always a good idea.
+ SECURITY: the TryNullMXList (w) option should not be safe -- if it
+ is, it is possible to do a denial-of-service attack on
+ MX hosts that rely on the use of the null MX list. There
+ is no danger if you have this option turned off (the default).
+ Problem noted by Dan Bernstein. Also, make the DontInitGroups
+ unsafe. I know of no specific attack against this, although
+ a denial-of-service attack is probably possible, but in theory
+ you should not be able to safely tweak anything that affects
+ the permissions that are used when mail is delivered.
+ Purgestat could go into an infinite loop if one of the host status
+ directories somehow became empty. Problem noted by Roy
+ Mongiovi of Georgia Tech.
+ Processes got "lost" when counting children due to a race condition.
+ This caused "proc_list_probe: lost pid" messages to be logged.
+ Problem noted by several people.
+ On systems with System V SIGCLD child signal semantics (notably AIX
+ and HP-UX), mail transactions would print the message "451
+ SMTP-MAIL: lost child: No child processes". Problem noted
+ by several people.
+ Miscellaneous compiler warnings on picky compilers (or when setting
+ gcc to high warning levels). From Tom Moore of NCR Corp.
+ SMTP protocol errors, and most errors on MAIL FROM: lines should
+ not be persistent between runs, since they are based on the
+ message rather than the host. Problem noted by Matt Dillon
+ of Best Internet Communications.
+ The F=7 flag was ignored on SMTP mailers. Problem noted by Tom Moore
+ of NCR (a.k.a., AT&T Global Information Solutions).
+ Avoid the possibility of having a child daemon run to completion
+ (including closing the SMTP socket) before the parent has
+ had a chance to close the socket; this can cause the parent
+ to hang for a long time waiting for the socket to drain.
+ Patch from Don Lewis of TDK Semiconductor.
+ If the fork() failed in a queue run, the queue runners would not be
+ rescheduled (so queue runs would stop). Patch from Don Lewis.
+ Some error conditions in ETRN could cause output without an SMTP
+ status code. Problem noted by Don Lewis.
+ Multiple :maildrop addresses in the user database didn't work properly.
+ Patch from Roy Mongiovi of Georgia Tech.
+ Add ".db" automatically onto any user database spec that does not
+ already have it; this is for consistency with makemap, the
+ K line, and the documentation. Inconsistency pointed out
+ by Roy Mongiovi.
+ Allow sendmail to be properly called in nohup mode. Patch from
+ Kyle Jones of UUNET.
+ Change ETRN to ignore but still update host status files; previously
+ it would ignore them and not save the updated status, which
+ caused stale information to be maintained. Based on a patch
+ from Christopher Davis of Kapor Enterprises Inc. Also, have
+ ETRN ignore the MinQueueAge option.
+ Patch long term host status to recover more gracefully from an empty
+ host status file condition. Patch from NAKAMURA Motonori
+ of Kyoto University.
+ Several patches to signal handling code to fix potential race
+ conditions from Don Lewis.
+ Make it possible to compile with -DDAEMON=0 (previously it had some
+ compile errors). This turns DAEMON, QUEUE, and SMTP into
+ 0/1 compilation flags. Note that DAEMON is an obsolete
+ compile flag; use NETINET instead. Solution based on a
+ patch from Bryan Costales.
+ AIX4: getpwnam() and getpwuid() do a sequential scan of the
+ /etc/security/passwd file when called as root. This
+ is very slow on some systems. To speed it up, use the
+ (undocumented) _getpw{nam,uid}_shadow() routines.
+ Patch from Chris Thomas of UCLA/OAC Systems Group.
+ SCO 5.x: include -lprot in the Makefile. Patch from Bill
+ Glicker of Burrelle's Information Service.
+ NEWS-OS 4.x: need a definition for MODE_T to compile. Patch
+ from Makoto MATSUSHITA of Osaka University.
+ SunOS 4.0.3: compile problems. Patches from Andrew Cole of
+ Leeds University and SASABE Tetsuro of the University
+ of Tokyo.
+ DG/UX from Brian J. Murrell of InterLinx Support
+ Services, Inc.
+ Domain/OS from Don (Truck) Lewis of TDK Semiconductor Corp.
+ I believe this to have only been a problem if you
+ compiled with -DUSE_VENDOR_CF_PATH -- another reason
+ to stick with /etc/sendmail.cf as your One True Path.
+ Digital UNIX (OSF/1 on Alpha) load average computation from
+ Martin Laubach of the Technischen Universität Wien.
+ CONFIG: change default Received: line to be multiple lines rather
+ than one long one. By popular demand.
+ MAIL.LOCAL: warnings weren't being logged on some systems. Patch
+ from Jerome Berkman of U.C. Berkeley.
+ MAKEMAP: be sure to zero hinfo to avoid cruft that can cause runs
+ to take a very long time. Problem noted by Yoshiro YONEYA
+ of NTT Software Corporation.
+ CONTRIB: add etrn.pl, contributed by John Beck.
+ contrib/etrn.pl
+8.8.3/8.8.3 96/11/17
+ SECURITY: it was possible to get a root shell by lying to sendmail
+ about argv[0] and then sending it a signal. Problem noted
+ by Leshka Zakharoff <leshka@leshka.chuvashia.su> on the
+ best-of-security list.
+ Log sendmail binary version number in "Warning: .cf version level
+ (%d) exceeds program functionality (%d) message" -- this
+ should make it clearer to people that they are running
+ the wrong binary.
+ Fix a problem that occurs when you open an SMTP connection and then
+ do one or more ETRN commands followed by a MAIL command; at
+ the end of the DATA phase sendmail would incorrectly report
+ "451 SMTP-MAIL: lost child: No child processes". Problem
+ noted by Eric Bishop of Virginia Tech.
+ When doing text-based host canonification (typically /etc/hosts
+ lookup), a null host name would match any /etc/hosts entry
+ with space at the end of the line. Problem noted by Steve
+ Hubert of the University of Washington, Seattle.
+ 7 to 8 bit BASE64 MIME conversions could duplicate bits of text.
+ Problem reported by Tom Smith of Digital Equipment Corp.
+ Increase the size of the DNS answer buffer -- the standard UDP packet
+ size PACKETSZ (512) is not sufficient for some nameserver
+ answers containing very many resource records. The resolver
+ may also switch to TCP and retry if it detects UDP packet
+ overflow. Also, allow for the fact that the resolver
+ routines res_query and res_search return the size of the
+ *un*truncated answer in case the supplied answer buffer it
+ not big enough to accommodate the entire answer. Patch from
+ Eric Wassenaar.
+ Improvements to MaxDaemonChildren code. If you think you have too
+ many children, probe the ones you have to verify that they
+ are still around. Suggested by Jared Mauch of CICnet, Inc.
+ Also, do this probe before growing the vector of children
+ pids; this previously caused the vector to grow indefinitely
+ due to a race condition. Problem reported by Kyle Jones of
+ On some architectures, <db.h> (from the Berkeley DB library) defines
+ O_EXLOCK to zero; this fools the map compilation code into
+ thinking that it can avoid race conditions by locking on open.
+ Change it to check for O_EXLOCK non-zero. Problem noted by
+ Leif Erlingsson of Data Lege.
+ Always call res_init() on startup (if compiled in, of course) to
+ allow the sendmail.cf file to tweak resolver flags; without
+ it, flag tweaks in ResolverOptions are ignored. Patch from
+ Andrew Sun of Merrill Lynch.
+ Improvements to host status printing code. Suggested by Steve Hubert
+ of the University of Washington, Seattle.
+ Change MinQueueAge option processing to do the check for the job age
+ when reading the queue file, rather than at the end; this
+ avoids parsing the addresses, which can do DNS lookups.
+ Problem noted by John Beck of InReference, Inc.
+ When MIME was being 7->8 bit decoded, "From " lines weren't being
+ properly escaped. Problem noted by Peter Nilsson of the
+ University of Linkoping.
+ In some cases, sendmail would retain root permissions during queue
+ runs even if RunAsUser was set. Problem noted by Mark
+ Thomas of Mark G. Thomas Consulting.
+ If the F=l flag was set on an SMTP mailer to indicate that it is
+ actually local delivery, and NOTIFY=SUCCESS is specified in
+ the envelope, and the receiving SMTP server speaks DSN, then
+ the DSN would be both generated locally and propagated to the
+ other end.
+ The U= mailer field didn't correctly extract the group id if the
+ user id was numeric. Problem noted by Kenneth Herron of
+ MCI Telecommunications Communications.
+ If a message exceeded the fixed maximum size on input, the body of
+ the message was included in the bounce. Note that this did
+ not occur if it exceeded the maximum _output_ size. Problem
+ reported by Kyle Jones of UUNET.
+ AIX4: 4.1 doesn't have a working setreuid(2); change the
+ AIX4 defines to use seteuid(2) instead, which
+ works on 4.1 as well as 4.2. Problem noted by
+ Håkan Lindholm of interAF, Sweden.
+ AIX4: use tzname[] vector to determine time zone name.
+ Patch from NAKAMURA Motonori of Kyoto University.
+ MkLinux: add Makefile.Linux.ppc and OSTYPE(mklinux) support.
+ Contributed by Paul DuBois <dubois@primate.wisc.edu>.
+ Solaris: kstat(3k) support for retrieving the load average.
+ This adds the LA_KSTAT definition for LA_TYPE.
+ The outline of the implementation was contributed
+ by Michael Tokarev of Telecom Service, JSC, Moscow.
+ HP-UX 10.0 gripes about the (perfectly legal!) forward
+ declaration of struct rusage at the top of conf.h;
+ change it to only be included if you are using gcc,
+ which is apparently the only compiler that requires
+ it in the first place. Problem noted by Jeff
+ Earickson of Colby College.
+ IRIX: don't default to using gcc. IRIX is a civilized
+ operating system that comes with a decent compiler
+ by default. Problem noted by Barry Bouwsma and
+ Kari Hurtta.
+ CONFIG: specify F=9 as default in FEATURE(local_procmail) for
+ consistency with other local mailers. Inconsistency
+ pointed out by Teddy Hogeborn <teddy@fukt.hk-r.se>.
+ CONFIG: if the "limited best mx" feature is used (to reduce DNS
+ overhead) as part of the bestmx_is_local feature, the
+ domain part was dropped from the name. Patch from Steve
+ Hubert of the University of Washington, Seattle.
+ CONFIG: catch addresses of the form "user@.dom.ain"; these could
+ end up being translated to the null host name, which would
+ return any entry in /etc/hosts that had a space at the end
+ of the line. Problem noted by Steve Hubert of the
+ University of Washington, Seattle.
+ CONFIG: add OSTYPE(aix4). From Michael Sofka of Rensselaer
+ Polytechnic Institute.
+ MAKEMAP: tweak hash and btree parameters for better performance.
+ Patch from Matt Dillon of Best Internet Communications.
+ src/Makefiles/Makefile.Linux.ppc
+ cf/ostype/aix4.m4
+ cf/ostype/mklinux.m4
+8.8.2/8.8.2 96/10/18
+ SECURITY: fix a botch in the 7-bit MIME patch; the previous patch
+ changed the code but didn't fix the problem.
+ Solaris: Don't use the system getusershell(3); it can
+ apparently corrupt the heap in some circumstances.
+ Problem found by Ken Pizzini of Spry, Inc.
+ OP.ME: document several mailer flags that were accidentally omitted
+ from this document. These flags were F=d, F=j, F=R, and F=9.
+ CONFIG: no changes.
+8.8.1/8.8.1 96/10/17
+ SECURITY: unset all environment variables that the resolver will
+ examine during queue runs and daemon mode. Problem noted
+ by Dan Bernstein of the University of Illinois at Chicago.
+ SECURITY: in some cases an illegal 7-bit MIME-encoded text/plain
+ message could overflow a buffer if it was converted back
+ to 8 bits. This caused core dumps and has the potential
+ for a remote attack. Problem first noted by Gregory Shapiro
+ of WPI.
+ Avoid duplicate deliveries of error messages on systems that don't
+ have flock(2) support. Patch from Motonori Nakamura of
+ Kyoto University.
+ Ignore null FallBackMX (V) options. If this option is null (as
+ opposed to undefined) it can cause "null signature" syserrs
+ on illegal host names.
+ If a Base64 encoded text/plain message has no trailing newline in
+ the encoded text, conversion back to 8 bits will drop the
+ final line. Problem noted by Pierre David.
+ If running with a RunAsUser, sendmail would give bogus "cannot
+ setuid" (or seteuid, or setreuid) messages on some systems.
+ Problem pointed out by Jordan Mendelson of Web Services, Inc.
+ Always print error messages in -bv mode -- previously, -bv would
+ be absolutely silent on errors if the error mode was sent
+ to (say) mail-back. Problem noted by Kyle Jones of UUNET.
+ If -qI/R/S is set (or the ETRN command is used), ignore all long
+ term host status. This is necessary because it is common
+ to do this when you know a host has just come back up.
+ Disallow duplicate HELO/EHLO commands as required by RFC 1651 section
+ 4.2. Excessive permissiveness noted by Lee Flight of the
+ University of Leicester.
+ If a service (such as NIS) is specified as the last entry in the
+ service switch, but that service is not compiled in, sendmail
+ would return a temporary failure when an entry was not found
+ in the map. This caused the message to be queued instead of
+ bouncing immediately. Problem noted by Harry Edmon of the
+ University of Washington.
+ Solaris 2.3 had compilation problems in conf.c. Several
+ people pointed this out.
+ NetBSD from Charles Hannum of MIT.
+ AIX4 improvements based on info from Steve Bauer of South
+ Dakota School of Mines & Technology.
+ CONFIG: ``error:code message'' syntax was broken in virtusertable.
+ Patch from Gil Kloepfer Jr.
+ CONFIG: if FEATURE(nocanonify) was specified, hosts in $=M (set
+ using MASQUERADE_DOMAIN) were not masqueraded unless they
+ were also in $=w. Problem noted by Zoltan Basti of
+ Softec.
+ MAIL.LOCAL: patches to compile and link cleanly on AIX. Based
+ on a patch from Eric Hagberg of Morgan Stanley.
+ MAIL.LOCAL: patches to compile on NEXTSTEP. From Patrick Nolan
+ of Stanford via Robert La Ferla.
+8.8.0/8.8.0 96/09/26
+ Under some circumstances, Bcc: headers would not be properly
+ deleted. Pointed out by Jonathan Kamens of OpenVision.
+ Log a warning if the sendmail daemon is invoked without a full
+ pathname, which prevents "kill -1" from working. I was
+ urged to put this in by Andrey A. Chernov of DEMOS (Russia).
+ Fix small buffer overflow. Since the data in this buffer was not
+ read externally, there was no security problem (and in fact
+ probably wouldn't really overflow on most compilers). Pointed
+ out by KIZU takashi of Osaka University.
+ Fix problem causing domain literals such as [] to be ignored
+ if a FallbackMXHost was specified in the configuration file
+ -- all mail would be sent to the fallback even if the original
+ host was accessible. Pointed out by Munenari Hirayama of
+ NSC (Japan).
+ A message that didn't terminate with a newline would (sometimes) not
+ have the trailing "." added properly in the SMTP dialogue,
+ causing SMTP to hang. Patch from Per Hedeland of Ericsson.
+ The DaemonPortOptions suboption to bind to a particular address was
+ incorrect and nonfunctional due to a misunderstanding of the
+ semantics of binding on a passive socket. Patch from
+ NIIBE Yutaka of Mitsubishi Research Institute.
+ Increase the number of MX hosts for a single name to 100 to better
+ handle the truly huge service providers such as AOL, which
+ has 13 at the moment (and climbing). In order to avoid
+ trashing memory, the buffer for all names has only been
+ slightly increased in size, to 12.8K from 10.2K -- this means
+ that if a single name had 100 MX records, the average size
+ of those records could not exceed 128 bytes. Requested by
+ Brad Knowles of America On Line.
+ Restore use of IDENT returns where the OSTYPE field equals "OTHER".
+ Urged by Dan Bernstein of U.C. Berkeley.
+ Print q_statdate and q_specificity in address structure debugging
+ printout.
+ Expand MCI structure flag bits for debugging output.
+ Support IPv6-style domain literals, which can have colons between
+ square braces.
+ Log open file descriptors for the "cannot dup" messages in deliver();
+ this is an attempt to track down a bug that one person seems
+ to be having (it may be a Solaris bug!).
+ DSN NOTIFY parameters were not properly propagated across queue runs;
+ this caused the NOTIFY info to sometimes be lost. Problem
+ pointed out by Claus Assmann of the
+ Christian-Albrechts-University of Kiel.
+ The statistics gathered in the sendmail.st file were too high; in
+ some cases failures (e.g., user unknown or temporary failure)
+ would count as a delivery as far as the statistics were
+ concerned. Problem noted by Tom Moore of AT&T GIS.
+ Systems that don't have flock() would not send split envelopes in
+ the initial run. Problem pointed out by Leonard Zubkoff of
+ Dandelion Digital.
+ Move buffer overflow checking -- these primarily involve distrusting
+ results that may come from NIS and DNS.
+ 4.4-BSD-derived systems, including FreeBSD, NetBSD, and BSD/OS didn't
+ include <paths.h> and hence had the wrong pathnames for a few
+ things like /var/tmp. Reported by Matthew Green.
+ Conditions were reversed for the Priority: header, resulting in all
+ values being interpreted as non-urgent except for non-urgent,
+ which was interpreted as normal. Patch from Bryan Costales.
+ The -o (optional) flag was being ignored on hash and btree maps
+ since 8.7.2. Fix from Bryan Costales.
+ Content-Types listed in class "q" will always be encoded as
+ Quoted-Printable (or more accurately, will never be encoded
+ as base64). The class can have primary types (e.g., "text")
+ or full types (e.g., "text/plain"). Based on a suggestion by
+ Marius Olafsson of the University of Iceland.
+ Define ${envid} to be the original envelope id (from the ESMTP DSN
+ dialogue) so it can be passed to programs in mailers.
+ Define ${bodytype} to be the body type (from the -B flag or the
+ BODY= ESMTP parameter) so it can be passed to programs in
+ mailers.
+ Cause the VRFY command to return 252 instead of 250 unless the F=q
+ flag is set in the mailer descriptor. Suggested by John
+ Myers of CMU.
+ Implement ESMTP ETRN command to flush the queue for a specific host.
+ The command takes a host name; data for that host is
+ immediately (and asynchronously) flushed. Because this shares
+ the -qR implementation, other hosts may be attempted, but
+ there should be no security implications. Implementation
+ from John Beck of InReference, Inc. See RFC 1985 for details.
+ Add three new command line flags to pass in DSN parameters: -V envid
+ (equivalent to ENVID=envid on the MAIL command), -R ret
+ (equivalent to RET=ret on the MAIL command), and -Nnotify
+ (equivalent to NOTIFY=notify on the RCPT command). Note
+ that the -N flag applies to all recipients; there is no way
+ to specify per-address notifications on the command line,
+ nor is there an equivalent for the ORCPT= per-address
+ parameter.
+ Restore LogLevel option to be safe (it can only be increased);
+ apparently I went into paranoid mode between 8.6 and 8.7
+ and made it unsafe. Pointed out by Dabe Murphy of the
+ University of Maryland.
+ New logging on log level 15: all SMTP traffic. Patches from
+ Andrew Gross of San Diego Supercomputer Center.
+ NetInfo property value searching code wasn't stopping when it found
+ a match. This was causing the wrong values to be found (and
+ had a memory leak). Found by Bastian Schleuter of TU-Berlin.
+ Add new F=0 (zero) mailer flag to turn off MX lookups. It was pointed
+ out by Bill Wisner of Electronics for Imaging that you can't
+ use the bracket address form for the MAIL_HUB macro, since
+ that causes the brackets to remain in the envelope recipient
+ address used for delivery. The simple fix (stripping off the
+ brackets in the config file) breaks the use of IP literal
+ addresses. This flag will solve that problem.
+ Add MustQuoteChars option. This is a list of characters that must
+ be quoted if they are found in the phrase part of an address
+ (that is, the full name part). The characters @,;:\()[] are
+ always in this list and cannot be removed. The default is
+ this list plus . and ' to match RFC 822.
+ Add AllowBogusHELO option; if set, sendmail will allow HELO commands
+ that do not include a host name for back compatibility with
+ some stupid SMTP clients. Setting this violates RFC 1123
+ section 5.2.5.
+ Add MaxDaemonChildren option; if this is set, sendmail will start
+ rejecting connections if it has more than this many
+ outstanding children accepting mail. Note that you may
+ see more processes than this because of outgoing mail; this
+ is for incoming connections only.
+ Add ConnectionRateThrottle option. If set to a positive value, the
+ number of incoming SMTP connections that will be permitted
+ in a single second is limited to this number. Connections are
+ not refused during this time, just deferred. The intent is to
+ flatten out demand so that load average limiting can kick in.
+ It is less radical than MaxDaemonChildren, which will stop
+ accepting connections even if all the connections are idle
+ (e.g., due to connection caching).
+ Add Timeout.hoststatus option. This interval (defaulting to 30m)
+ specifies how long cached information about the state of a
+ host will be kept before they are considered stale and the
+ host is retried. If you are using persistent host status
+ (i.e., the HostStatusDirectory option is set) this will apply
+ between runs; otherwise, it applies only within a single queue
+ run and hence is useful only for hosts that have large queues
+ that take a very long time to run.
+ Add SingleLineFromHeader option. If set, From: headers are coerced
+ into being a single line even if they had newlines in them
+ when read. This is to get around a botch in Lotus Notes.
+ Text class maps were totally broken -- if you ever retrieved the last
+ item in a table it would be truncated. Problem noted by
+ Gregory Neil Shapiro of WPI.
+ Extend the lines printed by the mailq command (== the -bp flag) when
+ -v is given to 120 characters; this allows more information
+ to be displayed. Suggested by Gregory Neil Shapiro of WPI.
+ Allow macro definitions (`D' lines) with unquoted commas; previously
+ this was treated as end-of-input. Problem noted by Bryan
+ Costales.
+ The RET= envelope parameter (used for DSNs) wasn't properly written
+ to the queue file. Fix from John Hughes of Atlantic
+ Technologies, Inc.
+ Close /var/tmp/dead.letter after a successful write -- otherwise
+ if this happens in a queue run it can cause nasty delays.
+ Problem noted by Mark Horton of AT&T.
+ If userdb entries pointed to userdb entries, and there were multiple
+ values for a given key, the database cursor would get
+ trashed by the recursive call. Problem noted by Roy Mongiovi
+ of Georgia Tech. Fixed by reading all the values and creating
+ a comma-separated list; thus, the -v output will be somewhat
+ different for this case.
+ Fix buffer allocation problem with Hesiod-based userdb maps when
+ HES_GETMAILHOST is defined. Based on a patch by Betty Lee
+ of Stanford University.
+ When envelopes were split due to aliases with owner- aliases, and
+ there was some error on one of the lists, more than one of
+ the owners would get the message. Problem pointed out by
+ Roy Mongiovi of Georgia Tech.
+ Detect excessive recursion in macro expansions, e.g., $X defined
+ in terms of $Y which is defined in terms of $X. Problem
+ noted by Bryan Costales; patch from Eric Wassenaar.
+ When using F=U to get "ugly UUCP" From_ lines, a buffer could in
+ some cases get trashed causing bogus From_ lines. Fix from
+ Kyle Jones of UUNET.
+ When doing load average initialization, if the nlist call for avenrun
+ failed, the second and subsequent lookups wouldn't notice
+ that fact causing bogus load averages to be returned. Noted
+ by Casper Dik of Sun Holland.
+ Fix problem with incompatibility with some versions of inet_aton that
+ have changed the return value to unsigned, so a check for an
+ error return of -1 doesn't work. Use INADDR_NONE instead.
+ This could cause mail to addresses such as [foo.com] to bounce
+ or get dropped. Problem noted by Christophe Wolfhugel of the
+ Pasteur Institute.
+ DSNs were inconsistent if a failure occurred during the DATA phase
+ rather than the RCPT phase: the Action: would be correct, but
+ the detailed status information would be wrong. Problem noted
+ by Bob Snyder of General Electric Company.
+ Add -U command line flag and the XUSR ESMTP extension, both indicating
+ that this is the initial MUA->MTA submission. The flag current
+ does nothing, but in future releases (when MUAs start using
+ these flags) it will probably turn on things like DNS
+ canonification.
+ Default end-of-line string (E= specification on mailer [M] lines)
+ to \r\n on SMTP mailers. Default remains \n on non-SMTP
+ mailers.
+ Change the internal definition for the *file* and *include* mailers
+ to have $u in the argument vectors so that they aren't
+ misinterpreted as SMTP mailers and thus use \r\n line
+ termination. This will affect anyone who has redefined
+ either of these in their configuration file.
+ Don't assume that IDENT servers close the connection after a query;
+ responses can be newline terminated. From Terry Kennedy of
+ St. Peter's College.
+ Avoid core dumps on erroneous configuration files that have
+ $#mailer with nothing following. From Bryan Costales.
+ Avoid null pointer dereference with high debug values in unlockqueue.
+ Fix from Randy Martin of Clemson University.
+ Fix possible buffer overrun when expanding very large macros. Fix
+ from Kyle Jones of UUNET.
+ After 25 EXPN or VRFY commands, start pausing for a second before
+ processing each one. This avoids a certain form of denial
+ of service attack. Potential attack pointed out by Bryan
+ Costales.
+ Allow new named (not numbered!) config file rules to do validity
+ checking on SMTP arguments: check_mail for MAIL commands and
+ check_rcpt for RCPT commands. These rulesets can do anything
+ they want; their result is ignored unless they resolve to the
+ $#error mailer, in which case the indicated message is printed
+ and the command is rejected. Similarly, the check_compat
+ ruleset is called before delivery with "from_addr $| to_addr"
+ (the $| is a meta-symbol used to separate the two addresses);
+ it can give a "this sender can't send to this recipient"
+ notification. Note that this patch allows $| to stand alone
+ in rulesets.
+ Define new macros ${client_name}, ${client_addr}, and ${client_port}
+ that have the name, IP address, and port number (respectively)
+ of the SMTP client (that is, the entity at the other end of
+ the connection. These can be used in (e.g.) check_rcpt to
+ verify that someone isn't trying to relay mail through your
+ host inappropriately. Be sure to use the deferred evaluation
+ form, for example $&{client_name}, to avoid having these bound
+ when sendmail reads the configuration file.
+ Add new config file rule check_relay to check the incoming connection
+ information. Like check_compat, it is passed the host name
+ and host address separated by $| and can reject connections
+ on that basis.
+ Allow IDA-style recursive function calls. Code contributed by Mark
+ Lovell and Paul Vixie.
+ Eliminate the "No ! in UUCP From address!" message" -- instead, create
+ a virtual UUCP address using either a domain address or the $k
+ macro. Based on code contributed by Mark Lovell and Paul
+ Vixie.
+ Add Stanford LDAP map. Requires special libraries that are not
+ included with sendmail. Contributed by Booker C. Bense
+ <bbense@networking.stanford.edu>; contact him for support.
+ See also the src/READ_ME file.
+ Allow -dANSI to turn on ANSI escape sequences in debug output; this
+ puts metasymbols (e.g., $+) in reverse video. Really useful
+ only for debugging deep bits of code where it is important to
+ distinguish between the single-character metasymbol $+ and the
+ two characters $, +.
+ Changed ruleset 89 (executed in dumpstate()) to a named ruleset,
+ debug_dumpstate.
+ Add new UnsafeGroupWrites option; if set, .forward and :include:
+ files that are group writable are considered "unsafe" -- that
+ is, programs and files referenced from such files are not
+ valid recipients.
+ Delete bogosity test for FallBackMX host; this prevented it to be a
+ name that was not in DNS or was a domain-literal. Problem
+ noted by Tom May.
+ Change the introduction to error messages to more clearly delineate
+ permanent from temporary failures; if both existed in a
+ single message it could be confusing. Suggested by John
+ Beck of InReference, Inc.
+ The IngoreDot (i) option didn't work for lines that were terminated
+ with CRLF. Problem noted by Ted Stockwell of Secure
+ Computing Corporation.
+ Add a heuristic to improve the handling of unbalanced `<' signs in
+ message headers. Problem reported by Matt Dillon of Best
+ Internet Communications.
+ Check for bogus characters in the 0200-0237 range; since these are
+ used internally, very strange errors can occur if those
+ characters appear in headers. Problem noted by Anders Gertz
+ of Lysator.
+ Implement 7 -> 8 bit MIME conversions. This only takes place if the
+ recipient mailer has the F=9 flag set, and only works on
+ text/plain body types. Code contributed by Marius Olafsson
+ of the University of Iceland.
+ Special case "postmaster" name so that it is always treated as lower
+ case in alias files regardless of configuration settings;
+ this prevents some potential problems where "Postmaster" or
+ "POSTMASTER" might not match "postmaster". In most cases
+ this change is a no-op.
+ The -o map flag was ignored for text maps. Problem noted by Bryan
+ Costales.
+ The -a map flag was ignored for dequote maps. Problem noted by
+ Bryan Costales.
+ Fix core dump when a lookup of a class "prog" map returns no
+ response. Patch from Bryan Costales.
+ Log instances where sendmail is deferring or rejecting connections
+ on LogLevel 14. Suggested by Kyle Jones of UUNET.
+ Include port number in process title for network daemons. Suggested
+ by Kyle Jones of UUNET.
+ Send ``double bounces'' (errors that occur when sending an error
+ message) to the address indicated in the DoubleBounceAddress
+ option (default: postmaster). Previously they were always
+ sent to postmaster. Suggested by Kyle Jones of UUNET.
+ Add new mode, -bD, that acts like -bd in all respects except that
+ it runs in foreground. This is useful for using with a
+ wrapper that "watches" system services. Suggested by Kyle
+ Jones of UUNET.
+ Fix botch in spacing around (parenthesized) comments in addresses
+ when the comment comes before the address. Patch from
+ Motonori Nakamura of Kyoto University.
+ Use the prefix "Postmaster notify" on the Subject: lines of messages
+ that are being bounced to postmaster, rather than "Returned
+ mail". This permits the person who is postmaster more
+ easily determine what messages are to their role as
+ postmaster versus bounces to mail they actually sent. Based
+ on a suggestion by Motonori Nakamura.
+ Add new value "time" for QueueSortOrder option; this causes the queue
+ to be sorted strictly by the time of submission. Note that
+ this can cause very bad behaviour over slow lines (because
+ large jobs will tend to delay small jobs) and on nodes with
+ heavy traffic (because old things in the queue for hosts that
+ are down delay processing of new jobs). Also, this does not
+ guarantee that jobs will be delivered in submission order
+ unless you also set DeliveryMode=queue. In general, it should
+ probably only be used on the command line, and only in
+ conjunction with -qRhost.domain. In fact, there are very few
+ cases where it should be used at all. Based on an
+ implementation by Motonori Nakamura.
+ If a map lookup in ruleset 5 returns tempfail, queue the message in
+ the same manner as other rulesets. Previously a temporary
+ failure in ruleset 5 was ignored. Patch from Booker Bense
+ of Stanford University.
+ Don't proceed to the next MX host if an SMTP MAIL command returns a
+ 5yz (permanent failure) code. The next MX host will still be
+ tried if the connection cannot be opened in the first place
+ or if the MAIL command returns a 4yz (temporary failure) code.
+ (It's hard to know what to do here, since neither RFC 974 nor
+ RFC 1123 specify when to proceed to the next MX host.)
+ Suggested by Jonathan Kamens of OpenVision, Inc.
+ Add new "-t" flag for map definitions (the "K" line in the .cf file).
+ This causes map lookups that get a temporary failure (e.g.,
+ name server failure) to _not_ defer the delivery of the
+ message. This should only be used if your configuration file
+ is prepared to do something sensible in this case. Based on
+ an idea by Gregory Shapiro of WPI.
+ Fix problem finding network interface addresses. Patch from
+ Motonori Nakamura.
+ Don't reject qf entries that are not owned by your effective uid if
+ you are not running setuid; this makes management of certain
+ kinds of firewall setups difficult. Patch suggested by
+ Eamonn Coleman of Qualcomm.
+ Add persistent host status. This keeps the information normally
+ maintained within a single queue run in disk files that are
+ shared between sendmail instances. The HostStatusDirectory
+ is the directory in which the information is maintained. If
+ not set, persistent host status is turned off. If not a full
+ pathname, it is relative to the queue directory. A common
+ value is ".hoststat".
+ There are also two new operation modes:
+ * -bh prints the status of hosts that have had recent
+ connections.
+ * -bH purges the host statuses. No attempt is made to save
+ recent status information.
+ This feature was originally written by Paul Vixie of Vixie
+ Enterprises for KJS and adapted for V8 by Mark Lovell of
+ Bigrock Consulting. Paul's funding of Mark and Mark's patience
+ with my insistence that things fit cleanly into the V8
+ framework is gratefully appreciated.
+ New SingleThreadDelivery option (requires HostStatusDirectory to
+ operate). Avoids letting two sendmails on the local machine
+ open connections to the same remote host at the same time.
+ This reduces load on the other machine, but can cause mail to
+ be delayed (for example, if one sendmail is delivering a huge
+ message, other sendmails won't be able to send even small
+ messages). Also, it requires another file descriptor (for the
+ lock file) per connection, so you may have to reduce
+ ConnectionCacheSize to avoid running out of per-process
+ file descriptors. Based on the persistent host status code
+ contributed by Paul Vixie and Mark Lovell.
+ Allow sending to non-simple files (e.g., /dev/null) even if the
+ SafeFileEnvironment option is set. Problem noted by Bryan
+ Costales.
+ The -qR flag mistakenly matched flags in the "R" line of the queue
+ file. Problem noted by Bryan Costales.
+ If a job was aborted using the interrupt signal (e.g., control-C from
+ the keyboard), on some occasions an empty df file would be
+ left around; these would collect in the queue directory.
+ Problem noted by Bryan Costales.
+ Change the makesendmail script to enhance the search for Makefiles
+ based on release number. For example, on SunOS 5.5.1, it will
+ search for Makefile.SunOS.5.5.1, Makefile.SunOS.5.5, and then
+ Makefile.SunOS.5.x (in addition to the other rules, e.g.,
+ adding $arch). Problem noted by Jason Mastaler of Atlanta
+ Webmasters.
+ When creating maps using "newaliases", always map the keys to lower
+ case when creating the map unless the -f flag is specified on
+ the map itself. Previously this was done based on the F=u
+ flag in the local mailer, which meant you could create aliases
+ that you could never access. Problem noted by Bob Wu of DEC.
+ When a job was read from the queue, the bits causing notification on
+ failure or delay were always set. This caused those
+ notifications to be sent even if NOTIFY=NEVER had been
+ specified. Problem noted by Steve Hubert of the University
+ of Washington, Seattle.
+ Add new configurable routine validate_connection (in conf.c). This
+ lets you decide if you are willing to accept traffic from
+ this host. If it returns FALSE, all SMTP commands will return
+ "550 Access denied". -DTCPWRAPPERS will include support for
+ TCP wrappers; you will need to add -lwrap to the link line.
+ (See src/READ_ME for details.)
+ Don't include the "THIS IS A WARNING MESSAGE ONLY" banner on postmaster
+ bounces. Some people seemed to think that this could be
+ confusing (even though it is true). Suggested by Motonori
+ Nakamura.
+ Add new RunAsUser option; this causes sendmail to do a setuid to that
+ user early in processing to avoid potential security problems.
+ However, this means that all .forward and :include: files must
+ be readable by that user, and all files to be written must be
+ writable by that user and all programs will be executed by that
+ user. It is also incompatible with the SafeFileEnvironment
+ option. In other words, it may not actually add much to
+ security. However, it should be useful on firewalls and other
+ places where users don't have accounts and the aliases file is
+ well constrained.
+ Add Timeout.iconnect. This is like Timeout.connect except it is used
+ only on the first attempt to delivery to an address. It could
+ be set to be lower than Timeout.connect on the principle that
+ the mail should go through quickly to responsive hosts; less
+ responsive hosts get to wait for the next queue run.
+ Fix a problem on Solaris that occasionally causes programs
+ (such as vacation) to hang with their standard input connected
+ to a UDP port. It also created some signal handling problems.
+ The problems turned out to be an interaction between vfork(2)
+ and some of the libraries, particularly NIS/NIS+. I am
+ indebted to Tor Egge <tegge@idt.ntnu.no> for this fix.
+ Change user class map to do the same matching that actual delivery
+ will do instead of just a /etc/passwd lookup. This adds
+ fuzzy matching to the user map. Patch from Dan Oscarsson.
+ The Timeout.* options are not safe -- they can be used to create a
+ denial-of-service attack. Problem noted by Christophe
+ Wolfhugel.
+ Don't send PostMasterCopy messages in the event of a "delayed"
+ notification. Suggested by Barry Bouwsma.
+ Don't advertise "VERB" ESMTP extension if the "noexpn" privacy
+ option is set, since this disables VERB mode. Suggested
+ by John Hawkinson of MIT.
+ Complain if the QueueDirectory (Q) option is not set. Problem noted
+ by Motonori Nakamura of Kyoto University.
+ Only queue messages on transient .forward open failures if there
+ were no successful opens. The previous behaviour caused it
+ to queue even if a "fall back" .forward was found. Problem
+ noted by Ann-Kian Yeo of the Dept. of Information Systems
+ and Computer Science (DISCS), NUS, Singapore.
+ Don't do 8->7 bit conversions when bouncing a MIME message that
+ is bouncing because of a MIME error during 8->7 bit conversion;
+ the encapsulated message will bounce again, causing a loop.
+ Problem noted by Steve Hubert of the University of Washington.
+ Create xf (transcript) files using the TempFileMode option value
+ instead of 0644. Suggested by Ann-Kian Yeo of the
+ National University of Singapore.
+ Print errors if setgid/setuid/etc. fail during delivery. This helps
+ detect cases where DefaultUid is set to something that the
+ system can't cope with.
+ Support for AIX/RS 2.2.1 from Mark Whetzel of Western
+ Atlas International.
+ Patches for Intel Paragon OSF/1 1.3 from Leo Bicknell
+ <bicknell@ufp.org>.
+ On DEC OSF/1 3.2 and earlier, the MatchGECOS code would only
+ work on the first recipient of a message due to a
+ bug in the getpwent family. If this is something you
+ use, you can define DEC_OSF_BROKEN_GETPWENT=1 for a
+ workaround. From Maximum Entropy of Sanford C.
+ Bernstein and Associates.
+ FreeBSD uname -r returns a string containing
+ parentheses, which breaks makesendmail. Reported
+ by Piero Serini <piero@strider.ibenet.it>.
+ Sequent DYNIX/ptx 4.0.2 patches from Jack Woolley of
+ Systems and Computer Technology Corporation.
+ Solaris 2.x: omit the UUCP grade parameter (-g flag) because
+ it is system-dependent. Problem noted by J.J. Bailey
+ of Bailey Computer Consulting.
+ Pyramid NILE running DC/OSx support from Earle F. Ake of
+ Hassler Communication Systems Technology, Inc.
+ HP-UX 10.x compile glitches, reported by Anne Brink of the
+ U.S. Army and James Byrne of Harte & Lyne Limited.
+ NetBSD from Matthew Green of the NetBSD crew.
+ SCO 5.x from Keith Reynolds of SCO.
+ IRIX 6.2 from Robert Tarrall of the University of
+ Colorado and Kari Hurtta of the Finnish Meteorological
+ Institute.
+ UXP/DS (Fujitsu/ICL DS/90 series) support from Diego R.
+ Lopez, CICA (Seville).
+ NCR SVR4 MP-RAS 3.x support from Tom Moore of NCR.
+ PTX 3.2.0 from Kenneth Stailey of the US Department of Labor
+ Employment Standards Administration.
+ Altos System V (5.3.1) from Tim Rice of Multitalents.
+ Concurrent Systems Corporation Maxion from Donald R. Laster
+ Jr.
+ NetInfo maps (improved debugging and multi-valued aliases)
+ from Adrian Steinmann of Steinmann Consulting.
+ ConvexOS 11.5 (including SecureWare C2 and the Share Scheduler)
+ from Eric Schnoebelen of Convex.
+ Linux 2.0 mail.local patches from Horst von Brand.
+ NEXTSTEP 3.x compilation from Robert La Ferla.
+ NEXTSTEP 3.x code changes from Allan J. Nathanson of NeXT.
+ Solaris 2.5 configuration fixes for mail.local by Jim Davis
+ of the University of Arizona.
+ Solaris 2.5 has a working setreuid. Noted by David Linn of
+ Vanderbilt University.
+ Solaris changes for praliases, makemap, mailstats, and smrsh.
+ Previously you had to add -DSOLARIS in Makefile.dist;
+ this auto-detects. Based on a patch from Randall
+ Winchester of the University of Maryland.
+ CONFIG: add generic-nextstep3.3.mc file. Contributed by
+ Robert La Ferla of Hot Software.
+ CONFIG: allow mailertables to resolve to ``error:code message''
+ (where "code" is an exit status) on domains (previously
+ worked only on hosts). Patch from Cor Bosman of Xs4all
+ Foundation.
+ CONFIG: hooks for IPv6-style domain literals.
+ CONFIG: predefine ALIAS_FILE and change the prototype file so that
+ if it is undefined the AliasFile option is never set; this
+ should be transparent for most everyone. Suggested by John
+ Myers of CMU.
+ CONFIG: add FEATURE(limited_masquerade). Without this feature, any
+ domain listed in $=w is masqueraded. With it, only those
+ domains listed in a MASQUERADE_DOMAIN macro are masqueraded.
+ CONFIG: add FEATURE(masquerade_entire_domain). This causes
+ masquerading specified by MASQUERADE_DOMAIN to apply to all
+ hosts under those domains as well as the domain headers
+ themselves. For example, if a configuration had
+ MASQUERADE_DOMAIN(foo.com), then without this feature only
+ foo.com would be masqueraded; with it, *.foo.com would be
+ masqueraded as well. Based on an implementation by Richard
+ (Pug) Bainter of U. Texas.
+ CONFIG: add FEATURE(genericstable) to do a more general rewriting of
+ outgoing addresses. Defaults to ``hash -o /etc/genericstable''.
+ Keys are user names; values are outgoing mail addresses. Yes,
+ this does overlap with the user database, and figuring out
+ just when to use which one may be tricky. Based on code
+ contributed by Richard (Pug) Bainter of U. Texas with updates
+ from Per Hedeland of Ericsson.
+ CONFIG: add FEATURE(virtusertable) to do generalized rewriting of
+ incoming addresses. Defaults to ``hash -o /etc/virtusertable''.
+ Keys are either fully qualified addresses or just the host
+ part (with the @ sign). For example, a table containing:
+ info@foo.com foo-info
+ info@bar.com bar-info
+ @baz.org jane@elsewhere.net
+ would send all mail destined for info@foo.com to foo-info
+ (which is presumably an alias), mail addressed to info@bar.com
+ to bar-info, and anything addressed to anyone at baz.org will
+ be sent to jane@elsewhere.net. The names foo.com, bar.com,
+ and baz.org must all be in $=w. Based on discussions with
+ a great many people.
+ CONFIG: add nullclient configurations to define SMTP_MAILER_FLAGS.
+ Suggested by Richard Bainter.
+ CONFIG: add FAX_MAILER_ARGS to tweak the arguments passed to the
+ "fax" mailer.
+ CONFIG: allow mailertable entries to resolve to local:user; this
+ passes the original user@host in to procmail-style local
+ mailers as the "detail" information to allow them to do
+ additional clever processing. From Joe Pruett of
+ Teleport Corporation. Delivery to the original user can
+ be done by specifying "local:" (with nothing after the colon).
+ CONFIG: allow any context that takes "mailer:domain" to also take
+ "mailer:user@domain" to force mailing to the given user;
+ "local:user" can also be used to do local delivery. This
+ applies on *_RELAY and in the mailertable entries. Based
+ on a suggestion by Ribert Kiessling of Easynet.
+ CONFIG: Allow FEATURE(bestmx_is_local) to take an argument that
+ limits the possible domains; this reduces the number of DNS
+ lookups required to support this feature. For example,
+ FEATURE(bestmx_is_local, my.site.com) limits the lookups
+ to domains under my.site.com. Code contributed by Anthony
+ Thyssen <anthony@cit.gu.edu.au>.
+ CONFIG: LOCAL_RULESETS introduces any locally defined rulesets,
+ such as the check_rcpt ruleset. Suggested by Gregory Shapiro
+ of WPI.
+ CONFIG: MAILER_DEFINITIONS introduces any mailer definitions, in the
+ event you have to define local mailers. Suggested by
+ Gregory Shapiro of WPI.
+ CONFIG: fix cases where a three- (or more-) stage route-addr could
+ be misinterpreted as a list:...; syntax. Based on a patch by
+ Vlado Potisk <Vlado_Potisk@tempest.sk>.
+ CONFIG: Fix masquerading of UUCP addresses when the UUCP relay is
+ remotely connected. The address host!user was being
+ converted to host!user@thishost instead of host!user@uurelay.
+ Problem noted by William Gianopoulos of Raytheon Company.
+ CONFIG: add confTO_ICONNECT to set Timeout.iconnect.
+ CONFIG: change FEATURE(redirect) message from "User not local" to
+ "User has moved"; the former wording was confusing if the
+ new address is still on the local host. Based on a suggestion
+ by Andreas Luik.
+ CONFIG: add support in FEATURE(nullclient) for $=E (exposed users).
+ However, the class is not pre-initialized to contain root.
+ Suggested by Gregory Neil Shapiro.
+ CONTRIB: Remove XLA code at the request of the author, Christophe
+ Wolfhugel.
+ CONTRIB: Add re-mqueue.pl, contributed by Paul Pomes of Qualcomm.
+ MAIL.LOCAL: make it possible to compile mail.local on Solaris. Note
+ well: this produces a slightly different mailbox format (no
+ Content-Length: headers), file ownerships and modes are
+ different (not owned by group mail; mode 600 instead of 660),
+ and the local mailer flags will have to be tweaked (make them
+ match bsd4.4) in order to use this mailer. Patches from Paul
+ Hammann of the Missouri Research and Education Network.
+ MAIL.LOCAL: in some cases it could return EX_OK even though there
+ was a delivery error, such as if the ownership on the file
+ was wrong or the mode changed between the initial stat and
+ the open. Problem reported by William Colburn of the New
+ Mexico Institute of Mining and Technology.
+ MAILSTATS: handle zero length files more reliably. Patch from Bryan
+ Costales.
+ MAILSTATS: add man page contributed by Keith Bostic of BSDI.
+ MAKEMAP: The -d flag (to allow duplicate keys) to a btree map wasn't
+ honored. Fix from Michael Scott Shappe.
+ PRALIASES: add man page contributed by Keith Bostic of BSDI.
+ src/Makefiles/Makefile.AIX.2
+ src/Makefiles/Makefile.IRIX.6.2
+ src/Makefiles/Makefile.maxion
+ src/Makefiles/Makefile.NCR.MP-RAS.3.x
+ src/Makefiles/Makefile.SCO.5.x
+ src/Makefiles/Makefile.UXPDSV20
+ mailstats/mailstats.8
+ praliases/praliases.8
+ cf/cf/generic-nextstep3.3.mc
+ cf/feature/genericstable.m4
+ cf/feature/limited_masquerade.m4
+ cf/feature/masquerade_entire_domain.m4
+ cf/feature/virtusertable.m4
+ cf/ostype/aix2.m4
+ cf/ostype/altos.m4
+ cf/ostype/maxion.m4
+ cf/ostype/solaris2.ml.m4
+ cf/ostype/uxpds.m4
+ contrib/re-mqueue.pl
+ src/Makefiles/Makefile.Solaris
+ contrib/xla/README
+ contrib/xla/xla.c
+ src/Makefiles/Makefile.NCR3000 => Makefile.NCR.MP-RAS.2.x
+ src/Makefiles/Makefile.SCO.3.2v4.2 => Makefile.SCO.4.2
+ src/Makefiles/Makefile.UXPDS => Makefile.UXPDSV10
+ src/Makefiles/Makefile.NeXT => Makefile.NeXT.2.x
+ src/Makefiles/Makefile.NEXTSTEP => Makefile.NeXT.3.x
+8.7.6/8.7.3 96/09/17
+ SECURITY: It is possible to force getpwuid to fail when writing the
+ queue file, causing sendmail to fall back to running programs
+ as the default user. This is not exploitable from off-site.
+ Workarounds include using a unique user for the DefaultUser
+ (old u & g options) and using smrsh as the local shell.
+ SECURITY: fix some buffer overruns; in at least one case this allows
+ a local user to get root. This is not known to be exploitable
+ from off-site. The workaround is to disable chfn(1) commands.
+8.7.5/8.7.3 96/03/04
+ Fix glitch in 8.7.4 when putting certain internal lines; this can
+ in some case cause connections to hang or messages to have
+ extra spaces in odd places. Patch from Eric Wassenaar;
+ reports from Eric Hall of Chiron Corporation, Stephen
+ Hansen of Stanford University, Dean Gaudet of HotWired,
+ and others.
+8.7.4/8.7.3 96/02/18
+ SECURITY: In some cases it was still possible for an attacker to
+ insert newlines into a queue file, thus allowing access to
+ any user (except root).
+ CONFIG: no changes -- it is not a bug that the configuration
+ version number is unchanged.
+8.7.3/8.7.3 95/12/03
+ Fix botch in name server timeout in RCPT code; this problem caused
+ two responses in SMTP, which breaks things horribly. Fix
+ from Gregory Neil Shapiro of WPI.
+ Verify that L= value on M lines cannot be negative, which could cause
+ negative array subscripting. Not a security problem since
+ this has to be in the config file, but it could have caused
+ core dumps. Pointed out by Bryan Costales.
+ Fix -d21 debug output for long macro names. Pointed out by Bryan
+ Costales.
+ SCO doesn't have ftruncate. From Bill Aten of Computerizers.
+ IBM's version of arpa/nameser.h defaults to the wrong byte
+ order. Tweak it to work properly. Based on fixes
+ from Fletcher Mattox of UTexas and Betty Lee of
+ Stanford University.
+ CONFIG: add confHOSTS_FILE m4 variable to set HostsFile option.
+ Deficiency pointed out by Bryan Costales of ICSI.
+8.7.2/8.7.2 95/11/19
+ REALLY fix the backslash escapes in SmtpGreetingMessage,
+ OperatorChars, and UnixFromLine options. They were not
+ properly repaired in 8.7.1.
+ Completely delete the Bcc: header if and only if there are other
+ valid recipient headers (To:, Cc: or Apparently-To:, the
+ last being a historic botch, of course). If Bcc: is the
+ only recipient header in the message, its value is tossed,
+ but the header name is kept. The old behaviour (always keep
+ the header name and toss the value) allowed primary recipients
+ to see that a Bcc: went to _someone_.
+ Include queue id on ``Authentication-Warning: <host>: <user> set
+ sender to <address> using -f'' syslog messages. Suggested
+ by Kari Hurtta.
+ If a sequence or switch map lookup entry gets a tempfail but then
+ continues on to another map type, but the name is not found,
+ return a temporary failure from the sequence or switch map.
+ For example, if hosts search ``dns files'' and DNS fails
+ with a tempfail, the hosts map will go on and search files,
+ but if it fails the whole thing should be a tempfail, not
+ a permanent (host unknown) failure, even though that is the
+ failure in the hosts.files map. This error caused hard
+ bounces when it should have requeued.
+ Aliases to files such as /users/bar/foo/inbox, with /users/bar/foo
+ owned by bar mode 700 and inbox being setuid bar stopped
+ working properly due to excessive paranoia. Pointed out by
+ John Hawkinson of Panix.
+ An SMTP RCPT command referencing a host that gave a nameserver
+ timeout would return a 451 command (8.6 accepted it and
+ queued it locally). Revert to the 8.6 behaviour in order
+ to simplify queue management for clustered systems. Suggested
+ by Gregory Neil Shapiro of WPI. The same problem could break
+ MH, which assumes that the SMTP session will succeed (tsk, tsk
+ -- mail gets lost!); this was pointed out by Stuart Pook of
+ Infobiogen.
+ Fix possible buffer overflow in munchstring(). This was not a security
+ problem because you couldn't specify any argument to this
+ without first giving up root privileges, but it is still a
+ good idea to avoid future problems. Problem noted by John
+ Hawkinson and Sam Hartman of MIT.
+ ``452 Out of disk space for temp file'' messages weren't being
+ printed. Fix from David Perlin of Nanosoft.
+ Don't advertise the ESMTP DSN extension if the SendMIMEErrors option
+ is not set, since this is required to get the actual DSNs
+ created. Problem pointed out by John Gardiner Myers of CMU.
+ Log permission problems that cause .forward and :include: files to
+ be untrusted or ignored on log level 12 and higher. Suggested
+ by Randy Martin of Clemson University.
+ Allow user ids in U= clauses of M lines to have hyphens and
+ underscores.
+ Fix overcounting of recipients -- only happened when sending to an
+ alias. Pointed out by Mark Andrews of SGI and Jack Woolley
+ of Systems and Computer Technology Corporation.
+ If a message is sent to an address that fails, the error message that
+ is returned could show some extraneous "success" information
+ included even if the user did not request success notification,
+ which was confusing. Pointed out by Allan Johannesen of WPI.
+ Config files that had no AliasFile definition were defaulting to
+ using /etc/aliases; this caused problems with nullclient
+ configurations. Change it back to the 8.6 semantics of
+ having no local alias file unless it is declared. Problem
+ noted by Charles Karney of Princeton University.
+ Fix compile problem if NOTUNIX is defined. Pointed out by Bryan
+ Costales of ICSI.
+ Map lookups of class "userdb" maps were always case sensitive; they
+ should be controlled by the -f flag like other maps. Pointed
+ out by Bjart Kvarme <bjart.kvarme@usit.uio.no>.
+ Fix problem that caused some addresses to be passed through ruleset 5
+ even when they were tagged as "sticky" by prefixing the
+ address with an "@". Patch from Thomas Dwyer III of Michigan
+ Technological University.
+ When converting a message to Quoted-Printable, prevent any lines with
+ dots alone on a line by themselves. This is because of the
+ preponderance of broken mailers that still get this wrong.
+ Code contributed by Per Hedeland of Ericsson.
+ Fix F{macro}/file construct -- it previously did nothing. Pointed
+ out by Bjart Kvarme of USIT/UiO (Norway).
+ Announce whether a cached connection is SMTP or ESMTP (in -v mode).
+ Requested by Allan Johannesen.
+ Delete check for text format of alias files -- it should be legal
+ to have the database format of the alias files without the
+ text version. Problem pointed out by Joe Rhett of Navigist,
+ Inc.
+ If "Ot" was specified with no value, the TZ variable was not properly
+ imported from the environment. Pointed out by Frank Crawford
+ <frank@ansto.gov.au>.
+ Some architectures core dumped on "program" maps that didn't have
+ extra arguments. Patch from Booker C. Bense of Stanford
+ University.
+ Queue run processes would re-spawn daemons when given a SIGHUP; only
+ the parent should do this. Fix from Brian Coan of the
+ Association for Progressive Communications.
+ If MinQueueAge was set and a message was considered but not run
+ during a queue run and the Timeout.queuereturn interval was
+ reached, a "timed out" error message would be returned that
+ didn't include the failed address (and claimed to be a warning
+ even though it was fatal). The fix is to not return such
+ messages until they are actually tried, i.e., in the next
+ MinQueueAge interval. Problem noted by Rein Tollevik of
+ Add HES_GETMAILHOST compile flag to support MIT Hesiod distributions
+ that have the hes_getmailhost() routine. DEC Hesiod
+ distributions do not have this routine. Based on a patch
+ from Betty Lee of Stanford University.
+ Extensive cleanups to map open code to handle a locking race condition
+ in ndbm, hash, and btree format database files on some (most
+ non-4.4-BSD based) OS architectures. This should solve the
+ occasional "user unknown" problem during alias rebuilds that
+ has plagued me for quite some time. Based on a patch from
+ Thomas Dwyer III of Michigan Technological University.
+ Solaris: Change location of newaliases and mailq from
+ /usr/ucb to /usr/bin to match Sun settings. From
+ James B. Davis of TCI.
+ DomainOS: Makefile.DomainOS doesn't require -ldbm. From
+ Don Lewis of Silicon Systems.
+ HP-UX 10: rename Makefile.HP-UX.10 => Makefile.HP-UX.10.x
+ so that the makesendmail script will find it. Pointed
+ out by Richard Allen of the University of Iceland.
+ Also, use -Aa -D_HPUX_SOURCE instead of -Ae, which
+ isn't supported on all compilers.
+ UXPDS: compilation fixes from Diego R. Lopez.
+ CONFIG: FAX mailer wasn't setting .FAX as a pseudo-domain unless
+ you also had a FAX_RELAY. From Thomas.Tornblom@Hax.SE.
+ CONFIG: Minor glitch in S21 -- attachment of local domain name
+ didn't have trailing dot. From Jim Hickstein of Teradyne.
+ CONFIG: Fix best_mx_is_local feature to allow nested addresses such as
+ user%host@thishost. From Claude Scarpelli of Infobiogen
+ (France).
+ CONFIG: OSTYPE(hpux10) failed to define the location of the help file.
+ Pointed out by Hannu Martikka of Nokia Telecommunications.
+ CONFIG: Diagnose some inappropriate ordering in configuration files,
+ such as FEATURE(smrsh) listed after MAILER(local). Based on
+ a bug report submitted by Paul Hoffman of Proper Publishing.
+ CONFIG: Make OSTYPE files consistently not override settings that
+ have already been set. Previously it worked differently
+ for different files.
+ CONFIG: Change relay mailer to do masquerading like 8.6 did. My take
+ is that this is wrong, but the change was causing problems
+ for some people. From Per Hedeland of Ericsson.
+ CONTRIB: bitdomain.c patch from John Gardiner Myers <jgm+@CMU.EDU>;
+ portability changes for Posix environments (no functional
+ changes).
+8.7.1/8.7.1 95/10/01
+ Old macros that have become options (SmtpGreetingMessage,
+ OperatorChars, and UnixFromLine) didn't allow backslash
+ escapes in the options, where they previously had. Bug
+ pointed out by John Hawkinson of MIT.
+ Fix strange case of an executable called by a program map that
+ returns a value but also a non-zero exit status; this
+ would give contradictory results in the higher level; in
+ particular, the default clause in the map lookup would be
+ ignored. Change to ignore the value if the program returns
+ non-zero exit status. From Tom Moore of AT&T GIS.
+ Shorten parameters passed to syslog() in some contexts to avoid a
+ bug in many vendors' implementations of that routine. Although
+ this isn't really a bug in sendmail per se, and my solution
+ has to assume that syslog() has at least a 1K buffer size
+ internally (I know some vendors have shortened this
+ dramatically -- they're on their own), sendmail is a popular
+ target. Also, limit the size of %s arguments in sprintf.
+ These both have possible security implications. Solutions
+ suggested by Casper Dik of Sun's Network Security Group
+ (Holland), Mark Seiden, and others.
+ Fix a problem that might cause a non-standard -B (body type)
+ parameter to be passed to the next server with undefined
+ results. This could have security implications.
+ If a filesystem was at > 100% utilization, the freediskspace()
+ routine incorrectly returned an error rather than zero.
+ Problem noted by G. Paul Ziemba of Alantec.
+ Change MX sort order so that local hostnames (those in $=w) always
+ sort first within a given preference. This forces the bestmx
+ map to always return the local host first, if it is included
+ in the list of highest priority MX records. From K. Robert
+ Elz.
+ Avoid some possible null pointer dereferences. Fixes from Randy
+ When sendmail starts up on systems that have no fully qualified
+ domain name (FQDN) anywhere in the first matching host map
+ (e.g., /etc/hosts if the hosts service searches "files dns"),
+ sendmail would sleep to try to find a FQDN, which it really
+ really needs. This has been changed to fall through to the
+ next map type if it can't find a FQDN -- i.e., if the hosts
+ file doesn't have a FQDN, it will try dns even though the
+ short name was found in /etc/hosts. This is probably a crock,
+ but many people have hosts files without FQDNs. Remember:
+ domain names are your friends.
+ Log a high-priority message if you can't find your FQDN during startup.
+ Suggested by Simon Barnes of Schlumberger Limited.
+ When using Hesiod, initialize it early to improve error reporting.
+ Patch from Don Lewis of Silicon Systems, Inc.
+ Apparently at least some versions of Linux have a 90 !minute! TCP
+ connection timeout in the kernel. Add a new "connect" timeout
+ to limit this time. Defaults to zero (use whatever the
+ kernel provides). Based on code contributed by J.R. Oldroyd
+ of TerraNet.
+ Under some circumstances, a failed message would not be properly
+ removed from the queue, causing tons of bogus error messages.
+ (This fix eliminates the problematic EF_KEEPQUEUE flag.)
+ Problem noted by Allan E Johannesen and Gregory Neil Shapiro
+ of WPI.
+ On IRIX 5.x, there was an inconsistency in the setting
+ of sendmail.st location. Change the Makefile to
+ install it in /var/sendmail.st to match the OSTYPE
+ file and SGI standards. From Andre
+ <andre@curry.zfe.siemens.de>.
+ Support for Fujitsu/ICL UXP/DS (For the DS/90 Series)
+ from Diego R. Lopez <drlopez@cica.es>.
+ Linux compilation patches from J.R. Oldroyd of TerraNet, Inc.
+ LUNA 2 Mach patches from Motonori Nakamura.
+ SunOS Makefile was including -ldbm, which is for the old
+ dbm library. The ndbm library is part of libc.
+ CONFIG: avoid bouncing ``user@host.'' (note trailing dot) with
+ ``local configuration error'' in nullclient configuration.
+ Patch from Gregory Neil Shapiro of WPI.
+ CONFIG: don't allow an alias file in nullclient configurations --
+ since all addresses are relayed, they give errors during
+ rebuild. Suggested by Per Hedeland of Ericsson.
+ CONFIG: local mailer on Solaris 2 should always get a -f flag because
+ otherwise the F=S causes the From_ line to imply that root is
+ the sender. Problem pointed out by Claude Scarpelli of
+ Infobiogen (France).
+ cf/feature/use_ct_file.m4 (omitted from 8.7 by mistake)
+ src/Makefiles/Makefile.KSR (omitted from 8.7 by mistake)
+ src/Makefiles/Makefile.UXPDS
+8.7/8.7 95/09/16
+ Fix a problem that could cause sendmail to run out of file
+ descriptors due to a trashed data structure after a
+ vfork. Fix from Brian Coan of the Institute for
+ Global Communications.
+ Change the VRFY response if you have disabled VRFY -- some
+ people seemed to think that it was too rude.
+ Avoid reference to uninitialized file descriptor if HASFLOCK
+ was not defined. This was used "safely" in the sense
+ that it only did a stat, but it would have set the
+ map modification time improperly. Problem pointed out
+ by Roy Mongiovi of Georgia Tech.
+ Clean up the Subject: line on warning messages and return
+ receipts so that they don't say "Returned mail:"; this
+ can be confusing.
+ Move ruleset entry/exit debugging from 21.2 to 21.1 -- this is
+ useful enough to make it worthwhile printing on "-d".
+ Avoid logging alias statistics every time you read the alias
+ file on systems with no database method compiled in.
+ If you have a name with a trailing dot, and you try looking it
+ up using gethostbyname without the dot (for /etc/hosts
+ compatibility), be sure to turn off RES_DEFNAMES and
+ RES_DNSRCH to avoid finding the wrong name accidentally.
+ Problem noted by Charles Amos of the University of
+ Maryland.
+ Don't do timeouts in collect if you are not running SMTP.
+ There is nothing that says you can't have a long
+ running program piped into sendmail (possibly via
+ /bin/mail, which just execs sendmail). Problem reported
+ by Don "Truck" Lewis of Silicon Systems.
+ Try gethostbyname() even if the DNS lookup fails iff option I
+ is not set. This allows you to have hosts listed in
+ NIS or /etc/hosts that are not known to DNS. It's normally
+ a bad idea, but can be useful on firewall machines. This
+ should really be broken out on a separate flag, I suppose.
+ Avoid compile warnings against BIND 4.9.3, which uses function
+ prototypes. From Don Lewis of Silicon Systems.
+ Avoid possible incorrect diagnosis of DNS-related errors caused
+ by things like attempts to resolve uucp names using
+ $[ ... $] -- the fix is to clear h_errno at appropriate
+ times. From Kyle Jones of UUNET.
+ SECURITY: avoid denial-of-service attacks possible by destroying
+ the alias database file by setting resource limits low.
+ This involves adding two new compile-time options:
+ HASSETRLIMIT (indicating that setrlimit(2) support is
+ available) and HASULIMIT (indicating that ulimit(2) support
+ is available -- the Release 3 form is used). The former
+ is assumed on BSD-based systems, the latter on System
+ V-based systems. Attack noted by Phil Brandenberger of
+ Swarthmore University.
+ New syntaxes in test (-bt) mode:
+ ``.Dmvalue'' will define macro "m" to "value".
+ ``.Ccvalue'' will add "value" to class "c".
+ ``=Sruleset'' will dump the contents of the indicated
+ ruleset.
+ ``=M'' will display the known mailers.
+ ``-ddebug-spec'' is equivalent to the command-line
+ -d debug flag.
+ ``$m'' will print the value of macro $m.
+ ``$=c'' will print the contents of class $=c.
+ ``/mx host'' returns the MX records for ``host''.
+ ``/parse address'' will parse address, returning the value of
+ crackaddr (essentially, the comment information)
+ and the parsed address.
+ ``/try mailer address'' will rewrite address into the form
+ it will have when presented to the indicated mailer.
+ ``/tryflags flags'' will set flags used by parsing. The
+ flags can be `H' for header or `E' for envelope,
+ and `S' for sender or `R' for recipient. These
+ can be combined, so `HR' sets flags for header
+ recipients.
+ ``/canon hostname'' will try to canonify hostname and
+ return the result.
+ ``/map mapname key'' will look up `key' in the indicated
+ `mapname' and return the result.
+ Somewhat better handling of UNIX-domain socket addresses -- it
+ should show the pathname rather than hex bytes.
+ Restore ``-ba'' mode -- this reads a file from stdin and parses
+ the header for envelope sender information and uses
+ CR-LF as message terminators. It was thought to be
+ obsolete (used only for Arpanet NCP protocols), but it
+ turns out that the UK ``Grey Book'' protocols require
+ that functionality.
+ Fix a fix in previous release -- if gethostname and gethostbyname
+ return a name without dots, and if an attempt to canonify
+ that name fails, wait one minute and try again. This can
+ result in an extra 60 second delay on startup if your system
+ hostname (as returned by hostname(1)) has no dot and no names
+ listed in /etc/hosts or your NIS map have a dot.
+ Check for proper domain name on HELO and EHLO commands per
+ RFC 1123 section 5.2.5. Problem noted by Thomas Dwyer III
+ of Michigan Technological University.
+ Relax chownsafe rules slightly -- old version said that if you
+ can't tell if _POSIX_CHOWN_RESTRICTED is set (that is,
+ if fpathconf returned EINVAL or ENOSYS), assume that
+ chown is not safe. The new version falls back to whether
+ you are on a BSD system or not. This is important for
+ SunOS, which apparently always returns one of those
+ error codes. This impacts whether you can mail to files
+ or not.
+ Syntax errors such as unbalanced parentheses in the configuration
+ file could be omitted if you had "Oem" prior to the
+ syntax error in the config file. Change to always print
+ the error message. It was especially weird because it
+ would cause a "warning" message to be sent to the Postmaster
+ for every message sent (but with no transcript). Problem
+ noted by Gregory Paris of Motorola.
+ Rewrite collect and putbody to handle full 8-bit data, including
+ zero bytes. These changes are internally extensive, but
+ should have minimal impact on external function.
+ Allow full words for option names -- if the option letter is
+ (apparently) a space, then take the word following -- e.g.,
+ The full list of old and new names is as follows:
+ 7 SevenBitInput
+ 8 EightBitMode
+ A AliasFile
+ a AliasWait
+ B BlankSub
+ b MinFreeBlocks/MaxMessageSize
+ C CheckpointInterval
+ c HoldExpensive
+ D AutoRebuildAliases
+ d DeliveryMode
+ E ErrorHeader
+ e ErrorMode
+ f SaveFromLine
+ F TempFileMode
+ G MatchGECOS
+ H HelpFile
+ h MaxHopCount
+ i IgnoreDots
+ I ResolverOptions
+ J ForwardPath
+ j SendMimeErrors
+ k ConnectionCacheSize
+ K ConnectionCacheTimeout
+ L LogLevel
+ l UseErrorsTo
+ m MeToo
+ n CheckAliases
+ O DaemonPortOptions
+ o OldStyleHeaders
+ P PostmasterCopy
+ p PrivacyOptions
+ Q QueueDirectory
+ q QueueFactor
+ R DontPruneRoutes
+ r, T Timeout
+ S StatusFile
+ s SuperSafe
+ t TimeZoneSpec
+ u DefaultUser
+ U UserDatabaseSpec
+ V FallbackMXhost
+ v Verbose
+ w TryNullMXList
+ x QueueLA
+ X RefuseLA
+ Y ForkEachJob
+ y RecipientFactor
+ z ClassFactor
+ Z RetryFactor
+ The old macros that passed information into sendmail have
+ been changed to options; those correspondences are:
+ $e SmtpGreetingMessage
+ $l UnixFromLine
+ $o OperatorChars
+ $q (deleted -- not necessary)
+ To avoid possible problems with an older sendmail,
+ configuration level 6 is accepted by this version of
+ sendmail; any config file using the new names should
+ specify "V6" in the configuration.
+ Change address parsing to properly note that a phrase before a
+ colon and a trailing semicolon are essentially the same
+ as text outside of angle brackets (i.e., sendmail should
+ treat them as comments). This is to handle the
+ ``group name: addr1, addr2, ..., addrN;'' syntax (it will
+ assume that ``group name:'' is a comment on the first
+ address and the ``;'' is a comment on the last address).
+ This requires config file support to get right. It does
+ understand that :: is NOT this syntax, and can be turned
+ off completely by setting the ColonOkInAddresses option.
+ Level 6 config files added with new mailer flags:
+ A Addresses are aliasable.
+ i Do udb rewriting on envelope as well as header
+ sender lines. Applies to the from address mailer
+ flags rather than the recipient mailer flags.
+ j Do udb rewriting on header recipient addresses.
+ Applies to the sender mailer flags rather than the
+ recipient mailer flags.
+ k Disable check for loops when doing HELO command.
+ o Always run as the mail recipient, even on local
+ delivery.
+ w Check for an /etc/passwd entry for this user.
+ 5 Pass addresses through ruleset 5.
+ : Check for :include: on this address.
+ | Check for |program on this address.
+ / Check for /file on this address.
+ @ Look up sender header addresses in the user
+ database. Applies to the mailer flags for the
+ mailer corresponding to the envelope sender
+ address, rather than to recipient mailer flags.
+ Pre-level 6 configuration files set A, w, 5, :, |, /, and @
+ on the "local" mailer, the o flag on the "prog" and "*file*"
+ mailers, and the ColonOkInAddresses option.
+ Eight-to-seven bit MIME conversions. This borrows ideas from
+ John Beck of Hewlett-Packard, who generously contributed
+ their implementation to me, which I then didn't use (see
+ mime.c for an explanation of why). This adds the
+ EightBitMode option (a.k.a. `8') and an F=8 mailer flag
+ to control handling of 8-bit data. These have to cope with
+ two types of 8-bit data: unlabelled 8-bit data (that is,
+ 8-bit data that is entered without declaring it as 8-bit
+ MIME -- technically this is illegal according to the
+ specs) and labelled 8-bit data (that is, it was declared
+ as 8BITMIME in the ESMTP session or by using the
+ -B8BITMIME command line flag). If the F=8 mailer flag is
+ set then 8-bit data is sent to non-8BITMIME machines
+ instead of converting to 7 bit (essentially using
+ just-send-8 semantics). The values for EightBitMode are:
+ m convert unlabelled 8-bit input to 8BITMIME, and do
+ any necessary conversion of 8BITMIME to 7BIT
+ (essentially, the full MIME option).
+ p pass unlabelled 8-bit input, but convert labelled
+ 8BITMIME input to 7BIT as required (default).
+ s strict adherence: reject unlabelled 8-bit input,
+ convert 8BITMIME to 7BIT as required. The F=8
+ flag is ignored.
+ Unlabelled 8-bit data is rejected in mode `s' regardless of
+ the setting of F=8.
+ Add new internal class 'n', which is the set of MIME Content-Types
+ which can not be 8 to 7 bit encoded because of other
+ considerations. Types "multipart/*" and "message/*" are
+ never directly encoded (although their components can be).
+ Add new internal class 's', which is the set of subtypes of the
+ MIME message/* content type that can be treated as though
+ they are an RFC822 message. It is predefined to have
+ "rfc822". Suggested By Kari Hurtta.
+ Add new internal class 'e'. This is the set of MIME
+ Content-Transfer-Encodings that can be converted to
+ a seven bit format (Quoted-Printable or Base64). It is
+ preinitialized to contain "7bit", "8bit", and "binary".
+ Add C=charset mailer parameter and the the DefaultCharSet option (no
+ short name) to set the default character set to use in the
+ Content-Type: header when doing encoding of an 8-bit message
+ which isn't marked as MIME into MIME format. If the C=
+ parameter is set on the Envelope From address, use that as
+ the default encoding; else use the DefaultCharSet option.
+ If neither is set, it defaults to "unknown-8bit" as
+ suggested by RFC 1428 section 3.
+ Allow ``U=user:group'' field in mailer definition to set a default
+ user and group that a mailer will be executed as. This
+ overrides the 'u' and 'g' options, and if the `F=S' flag is
+ also set, it is the uid/gid that will always be used (that
+ is, the controlling address is ignored). The values may be
+ numeric or symbolic; if only a symbolic user is given (no
+ group) that user's default group in the passwd file is used
+ as the group. Based on code donated by Chip Rosenthal of
+ Unicom.
+ Allow `u' option to also accept user:group as a value, in the same
+ fashion as the U= mailer option.
+ Add the symbolic time zone name in the Arpanet format dates (as
+ a comment). This adds a new compile-time configuration
+ flag: TZ_TYPE can be set to TZ_TM_NAME (use the value
+ of (struct tm *)->tm_name), TZ_TM_ZONE (use the value
+ of (struct tm *)->tm_zone), TZ_TZNAME (use extern char
+ *tzname[(struct tm *)->tm_isdst]), TZ_TIMEZONE (use
+ timezone()), or TZ_NONE (don't include the comment). Code
+ from Chip Rosenthal.
+ The "Timeout" option (formerly "r") is extended to allow suboptions.
+ For example,
+ O Timeout.helo = 2m
+ There are also two new suboptions "queuereturn" and
+ "queuewarn"; these subsume the old T option. Thus, to
+ set them both the preferred new syntax is
+ O Timeout.queuereturn = 5d
+ O Timeout.queuewarn = 4h
+ Sort queue by host name instead of by message priority if the
+ QueueSortOrder option (no short name) is set is set to
+ ``host''. This makes better use of the connection cache,
+ but may delay more ``interactive'' messages behind large
+ backlogs under some circumstances. This is probably a
+ good option if you have high speed links or don't do lots
+ of ``batch'' messages, but less good if you are using
+ something like PPP on a 14.4 modem. Based on code
+ contributed by Roy Mongiovi of Georgia Tech (my main
+ contribution was to make it configurable).
+ Save i-number of df file in qf file to simplify rebuilding of queue
+ after disastrous disk crash. Suggested by Kyle Jones of
+ UUNET; closely based on code from KJS DECWRL code written
+ by Paul Vixie. NOTA BENE: The qf files produced by 8.7
+ are NOT back compatible with 8.6 -- that is, you can convert
+ from 8.6 to 8.7, but not the other direction.
+ Add ``F=d'' mailer flag to disable all use of angle brackets in
+ route-addrs in envelopes; this is because in some cases
+ they can be sent to the shell, which interprets them as
+ I/O redirection.
+ Don't include error file (option E) with return-receipts; this
+ can be confusing.
+ Don't send "Warning: cannot send" messages to owner-* or
+ *-request addresses. Suggested by Christophe Wolfhugel
+ of the Institut Pasteur, Paris.
+ Allow -O command line flag to set long form options.
+ Add "MinQueueAge" option to set the minimum time between attempts
+ to run the queue. For example, if the queue interval
+ (-q value) is five minutes, but the minimum queue age
+ is fifteen minutes, jobs won't be tried more often than
+ once every fifteen minutes. This can be used to give
+ you more responsiveness if your delivery mode is set to
+ queue-only.
+ Allow "fileopen" timeout (default: 60 seconds) for opening
+ :include: and .forward files.
+ Add "-k", "-v", and "-z" flags to map definitions; these set the
+ key field name, the value field name, and the field
+ delimiter. The field delimiter can be a single character
+ or the sequence "\t" or "\n" for tab or newline.
+ These are for use by NIS+ and similar access methods.
+ Change maps to always strip quotes before lookups; the -q flag
+ turns off this behaviour. Suggested by Motonori Nakamura.
+ Add "nisplus" map class. Takes -k and -v flags to choose the
+ key and value field names respectively. Code donated by
+ Sun Microsystems.
+ Add "hesiod" map class. The "file name" is used as the
+ "HesiodNameType" parameter to hes_resolve(3). Returns the
+ first value found for the match. Code donated by Scott
+ Hutton of Indiana University.
+ Add "netinfo" (NeXT NetInfo) map class. Maps can have a -k flag to
+ specify the name of the property that is searched as the
+ key and a -v flag to specify the name of the property that
+ is returned as the value (defaults to "members"). The
+ default map is "/aliases". Some code based on code
+ contributed by Robert La Ferla of Hot Software.
+ Add "text" map class. This does slow, linear searches through
+ text files. The -z flag specifies a column delimiter
+ (defaults to any sequence of white space), the -k flag
+ sets the key column number, and the -v flag sets the
+ value column number. Lines beginning with `#' are treated
+ as comments.
+ Add "program" map class to execute arbitrary programs. The search
+ key is presented as the last argument; the output is one
+ line read from the programs standard output. Exit statuses
+ are from sysexits.h.
+ Add "sequence" map class -- searches maps in sequence until it
+ finds a match. For example, the declarations:
+ Kmap1 ...
+ Kmap2 ...
+ Kmapseq sequence map1 map2
+ defines a map "mapseq" that first searches map1; if the
+ value is found it is returned immediately, otherwise
+ map2 is searched and the value returned.
+ Add "switch" map class. This is much like "sequence" except that
+ the ordering is fetched from an external file, usually
+ the system service switch. The parameter is the name of
+ the service to switch on, and the maps that it will use
+ are the name of the switch map followed by ".service_type".
+ For example, if the declaration of the map is
+ Ksample switch hosts
+ and the system service switch specifies that hosts are
+ looked up using dns and nis in that order, then this is
+ equivalent to
+ Ksample sequence sample.dns sample.nis
+ The subordinate maps (sample.*) must already be defined.
+ Add "user" map class -- looks up users using getpwnam. Takes a
+ "-v field" flag on the definition that tells what passwd
+ entry to return -- legal values are name, passwd, uid, gid,
+ gecos, dir, and shell. Generally expected to be used with
+ the -m (matchonly) flag.
+ Add "bestmx" map class -- returns the best MX value for the host
+ listed as the value. If there are several "best" MX records
+ for this host, one will be chosen at random.
+ Add "userdb" map class -- looks up entries in the user database.
+ The "file name" is actually the tag that will be used,
+ typically "mailname". If there are multiple entries
+ matching the name, the one chosen is undefined.
+ Add multiple queue timeouts (both return and warning). These are
+ set by the Precedence: or Priority: header fields to one of
+ three values. If a Priority: is set and has value "normal",
+ "urgent", or "non-urgent" the corresponding timeouts are
+ used. If no priority is set, the Precedence: is consulted;
+ if negative, non-urgent timeouts are used; if greater than
+ zero, urgent timeouts are used. Otherwise, normal timeouts
+ are used. The timeouts are set by setting the six timeouts
+ queue{warn,return}.{urgent,normal,non-urgent}.
+ Fix problem when a mail address is resolved to a $#error mailer
+ with a temporary failure indication; it works in SMTP,
+ but when delivering locally the mail is silently discarded.
+ This patch, from Kyle Jones of UUNET, bounces it instead
+ of queueing it (queueing is very hard).
+ When using /etc/hosts or NIS-style lookups, don't assume that
+ the first name in the list is the best one -- instead,
+ search for the first one with a dot. For example, if
+ an /etc/hosts entry reads
+ mammoth mammoth.CS.Berkeley.EDU
+ this change will use the second name as the canonical
+ machine name instead of the initial, unqualified name.
+ Change dequote map to replace spaces in quoted text with a value
+ indicated by the -s flag on the dequote map definition.
+ For example, ``Mdequote dequote -s_'' will change
+ "Foo Bar" into an unquoted Foo_Bar instead of leaving it
+ quoted (because of the space character). Suggested by Dan
+ Oscarsson for use in X.400 addresses.
+ Implement long macro names as ${name}; long class names can
+ be similarly referenced as $={name} and $~{name}.
+ Definitions are (e.g.) ``D{name}value''. Names that have
+ a leading lower case letter or punctuation characters are
+ reserved for internal use by sendmail; i.e., config files
+ should use names that begin with a capital letter. Based
+ on code contributed by Dan Oscarsson.
+ Fix core dump if getgrgid returns a null group list (as opposed
+ to an empty group list, that is, a pointer to a list
+ with no members). Fix from Andrew Chang of Sun Microsystems.
+ Fix possible core dump if malloc fails -- if the malloc in xalloc
+ failed, it called syserr which called newstr which called
+ xalloc.... The newstr is now avoided for "panic" messages.
+ Reported by Stuart Kemp of James Cook University.
+ Improve connection cache timeouts; previously, they were not even
+ checked if you were delivering to anything other than an
+ IPC-connected host, so a series of (say) local mail
+ deliveries could cause cached connections to be open
+ much longer than the specified timeout.
+ If an incoming message exceeds the maximum message size, stop
+ writing the incoming bytes to the queue data file, since
+ this can fill your mqueue partition -- this is a possible
+ denial-of-service attack.
+ Don't reject all numeric local user names unless HESIOD is
+ defined. It turns out that Posix allows all-numeric
+ user names. Fix from Tony Sanders of BSDI.
+ Add service switch support. If the local OS has a service
+ switch (e.g., /etc/nsswitch.conf on Solaris or /etc/svc.conf
+ on DEC systems) that will be used; otherwise, it falls back
+ to using a local mechanism based on the ServiceSwitchFile
+ option (default: /etc/service.switch). For example, if the
+ service switch lists "files" and "nis" for the aliases
+ service, that will be the default lookup order. the "files"
+ ("local" on DEC) service type expands to any alias files
+ you listed in the configuration file, even if they aren't
+ actually file lookups.
+ Option I (NameServerOptions) no longer sets the "UseNameServer"
+ variable which tells whether or not DNS should be considered
+ canonical. This is now determined based on whether or not
+ "dns" is in the service list for "hosts".
+ Add preliminary support for the ESMTP "DSN" extension (Delivery
+ Status Notifications). DSN notifications override
+ Return-Receipt-To: headers, which are bogus anyhow --
+ support for them has been removed.
+ Add T=mts-name-type/address-type/diagnostic-type keyletter to mailer
+ definitions to define the types used in DSN returns for
+ MTA names, addresses, and diagnostics respectively.
+ Extend heuristic to force running in ESMTP mode to look for the
+ five-character string "ESMTP" anywhere in the 220 greeting
+ message (not just the second line). This is to provide
+ better compatibility with other ESMTP servers.
+ Print sequence number of job when running the queue so you can
+ easily see how much progress you have made. Suggested
+ by Peter Wemm of DIALix.
+ Map newlines to spaces in logged message-ids; some versions of
+ syslog truncate the rest of the line after newlines.
+ Suggested by Fletcher Mattox of U. Texas.
+ Move up forking for job runs so that if a message is split into
+ multiple envelopes you don't get "fork storms" -- this
+ also improves the connection cache utilization.
+ Accept "<<>>", "<<<>>>", and so forth as equivalent to "<>" for
+ the purposes of refusing to send error returns. Suggested
+ by Motonori Nakamura of Ritsumeikan University.
+ Relax rules on when a file can be written when referenced from
+ the aliases file: use the default uid/gid instead of the
+ real uid/gid. This allows you to create a file owned by
+ and writable only by the default uid/gid that will work
+ all the time (without having the setuid bit set). Change
+ suggested by Shau-Ping Lo and Andrew Cheng of Sun
+ Microsystems.
+ Add "DialDelay" option (no short name) to provide an "extra"
+ delay for dial on demand systems. If this is non-zero
+ and a connect fails, sendmail will wait this long and
+ then try again. If it takes longer than the kernel
+ timeout interval to establish the connection, this
+ option can give the network software time to establish
+ the link. The default units are seconds.
+ Move logging of sender information to be as early as possible;
+ previously, it could be delayed a while for SMTP mail
+ sent to aliases. Suggested by Brad Knowles of the
+ Defense Information Systems Agency.
+ Call res_init() before setting RES_DEBUG; this is required by
+ BIND 4.9.3, or so I'm told. From Douglas Anderson of
+ the National Computer Security Center.
+ Add xdelay= field in logs -- this is a transaction delay, telling
+ you how long it took to deliver to this address on the
+ last try. It is intended to be used for sorting mailing
+ lists to favor "quick" addresses. Provided for use by
+ the mailprio scripts (see below).
+ If a map cannot be opened, and that map is non-optional, and
+ an address requires that map for resolution, queue the
+ map instead of bouncing it. This involves creating a
+ pseudo-class of maps called "bogus-map" -- if a required
+ map cannot be opened, the class is changed to bogus-map;
+ all queries against bogus-map return "tempfail". The
+ bogus-map class is not directly accessible. A sample
+ implementation was donated by Jem Taylor of Glasgow
+ University Computing Service.
+ Fix a possible core dump when mailing to a program that talks
+ SMTP on its standard input. Fix from Keith Moore of
+ the University of Kentucky.
+ Make it possible to resolve filenames to $#local $: @ /filename;
+ previously, the "@" would cause it to not be recognized
+ as a file. Problem noted by Brian Hill of U.C. Davis.
+ Accept a -1 signal to re-exec the daemon. This only works if
+ argv[0] is a full path to sendmail.
+ Fix bug in "addr=..." field in O option on little-endian machines
+ -- the network number wasn't being converted to network
+ byte order. Patch from Kurt Lidl of Pix Technologies
+ Corporation.
+ Pre-initialize the resolver early on; this is to avoid a bug with
+ BIND 4.9.3 that can cause the _res.retry field to get
+ reset to zero, causing all name server lookups to time
+ out. Fix from Matt Day of Artisoft.
+ Restore T line (trusted users) in config file -- but instead of
+ locking out the -f flag, they just tell whether or not
+ an X-Authentication-Warning: will be added. This really
+ just creates new entries in class 't', so "Ft/file/name"
+ can be used to read trusted user names from a file.
+ Trusted users are also allowed to execute programs even
+ if they have a shell that isn't in /etc/shells.
+ Improve NEWDB alias file rebuilding so it will create them
+ properly if they do not already exist. This had been
+ a MAYBENEXTRELEASE feature in 8.6.9.
+ Check for @:@ entry in NIS maps before starting up to avoid
+ (but not prevent, sigh) race conditions. This ought to
+ be handled properly in ypserv, but isn't. Suggested by
+ Michael Beirne of Motorola.
+ Refuse connections if there isn't enough space on the filesystem
+ holding the queue. Contributed by Robert Dana of Wolf
+ Communications.
+ Skip checking for directory permissions in the path to a file
+ when checking for file permissions iff setreuid()
+ succeeded -- it is unnecessary in that case. This avoids
+ significant performance problems when looking for .forward
+ files. Based on a suggestion by Win Bent of USC.
+ Allow symbolic ruleset names. Syntax can be "Sname" to get an
+ arbitrary ruleset number assigned or "Sname = integer"
+ to assign a specific ruleset number. Reference is
+ $>name_or_number. Names can be composed of alphas, digits,
+ underscore, or hyphen (first character must be non-numeric).
+ Allow -o flag on AliasFile lines to make the alias file optional.
+ From Bryan Costales of ICSI.
+ Add NoRecipientAction option to handle the case where there is
+ no legal recipient header in the message. It can take
+ on values:
+ None Leave the message as is. The
+ message will be passed on even
+ though it is in technically
+ illegal syntax.
+ Add-To Add a To: header with any
+ recipients that it can find from
+ the envelope. This risks exposing
+ Bcc: recipients.
+ Add-Apparently-To Add an Apparently-To: header. This
+ has almost no redeeming social value,
+ and is provided only for back
+ compatibility.
+ Add-To-Undisclosed Add a header reading
+ To: undisclosed-recipients:;
+ which will have the effect of
+ making the message legal without
+ exposing Bcc: recipients.
+ Add-Bcc To add an empty Bcc: header.
+ There is a chance that mailers down
+ the line will delete this header,
+ which could cause exposure of Bcc:
+ recipients.
+ The default is NoRecipientAction=None.
+ Truncate (rather than delete) Bcc: lines in the header. This
+ should prevent later sendmails (at least, those that don't
+ themselves delete Bcc:) from considering this message to
+ be non-conforming -- although it does imply that non-blind
+ recipients can see that a Bcc: was sent, albeit not to whom.
+ Add SafeFileEnvironment option. If declared, files named as delivery
+ targets must be regular files in addition to the regular
+ checks. Also, if the option is non-null then it is used as
+ the name of a directory that is used as a chroot(2)
+ environment for the delivery; the file names listed in an
+ alias or forward should include the name of this root.
+ For example, if you run with
+ O SafeFileEnvironment=/arch
+ then aliases should reference "/arch/rest/of/path". If a
+ value is given, sendmail also won't try to save to
+ /usr/tmp/dead.letter (instead it just leaves the job in the
+ queue as Qfxxxxxx). Inspired by *Hobbit*'s sendmail patch kit.
+ Support -A flag for alias files; this will comma concatenate like
+ entries. For example, given the aliases:
+ list: member1
+ list: member2
+ and an alias file declared as:
+ OAhash:-A /etc/aliases
+ the final alias inserted will be "list: member1,member2";
+ without -A you will get an error on the second and subsequent
+ alias for "list". Contributed by Bryan Costales of ICSI.
+ Line-buffer transcript file. Suggested by Liudvikas Bukys.
+ Fix a problem that could cause very long addresses to core dump in
+ some special circumstances. Problem pointed out by Allan
+ Johannesen.
+ (Internal change.) Change interface to expand() (macro expansion)
+ to be simpler and more consistent.
+ Delete check for funny qf file names. This didn't really give
+ any extra security and caused some people some problems.
+ (If you -really- want this, define PICKY_QF_NAME_CHECK
+ at compile time.) Suggested by Kyle Jones of UUNET.
+ (Internal change.) Change EF_NORETURN to EF_NO_BODY_RETN and
+ merge with DSN code; this is simpler and more consistent.
+ This may affect some people who have written their own
+ checkcompat() routine.
+ (Internal change.) Eliminate `D' line in qf file. The df file
+ is now assumed to be the same name as the qf file (with
+ the `q' changed to a `d', of course).
+ Avoid forking for delivery if all recipient mailers are marked as
+ "expensive" -- this can be a major cost on some systems.
+ Essentially, this forces sendmail into "queue only" mode
+ if all it is going to do is queue anyway.
+ Avoid sending a null message in some rather unusual circumstances
+ (specifically, the RCPT command returns a temporary
+ failure but the connection is lost before the DATA
+ command). Fix from Scott Hammond of Secure Computing
+ Corporation.
+ Change makesendmail to use a somewhat more rational naming scheme:
+ Makefiles and obj directories are named $os.$rel.$arch,
+ where $os is the operating system (e.g., SunOS), $rel is
+ the release number (e.g., 5.3), and $arch is the machine
+ architecture (e.g., sun4). Any of these can be omitted,
+ and anything after the first dot in a release number can
+ be replaced with "x" (e.g., SunOS.4.x.sun4). The previous
+ version used $os.$arch.$rel and was rather less general.
+ Change makesendmail to do a "make depend" in the target directory
+ when it is being created. This involves adding an empty
+ "depend:" entry in most Makefiles.
+ Ignore IDENT return value if the OSTYPE field returns "OTHER",
+ as indicated by RFC 1413. Pointed out by Kari Hurtta
+ of the Finnish Meteorological Institute.
+ Fix problem that could cause multiple responses to DATA command
+ on header syntax errors (e.g., lines beginning with colons).
+ Problem noted by Jens Thomassen of the University of Oslo.
+ Don't let null bytes in headers cause truncation of the rest of
+ the header.
+ Log Authentication-Warning:s. Suggested by Motonori Nakamura.
+ Increase timeouts on message data puts to allow time for receivers
+ to canonify addresses in headers on the fly. This is still
+ a rather ugly heuristic. From Motonori Nakamura.
+ Add "HasWildcardMX" suboption to ResolverOptions; if set, MX
+ records are not used when canonifying names, and when MX
+ lookups are done for addressing they must be fully
+ qualified. This is useful if you have a wildcard MX record,
+ although it may cause other problems. In general, don't use
+ wildcard MX records. Patch from Motonori Nakamura.
+ Eliminate default two-line SMTP greeting message. Instead of
+ adding an extra "ESMTP spoken here" line, the word "ESMTP"
+ is added between the first and second word of the first
+ line of the greeting message (i.e., immediately after the
+ host name). This eliminates the need for the BROKEN_SMTP_PEERS
+ compile flag. Old sendmails won't see the ESMTP, but that's
+ acceptable because SIZE was the only useful extension that
+ old sendmails understand.
+ Avoid gethostbyname calls on UNIX domain sockets during SIGUSR1
+ invoked state dumps. From Masaharu Onishi.
+ Allow on-line comments in .forward and :include: files; they are
+ introduced by the string "<LWSP>#@#<LWSP>", where <LWSP>
+ is a space or a tab. This is intended for native
+ representation of non-ASCII sets such as Japanese, where
+ existing encodings would be unreadable or would lose
+ data -- for example,
+ <motonori@cs.ritsumei.ac.jp> NAKAMURA Motonori
+ (romanized/less information)
+ <motonori@cs.ritsumei.ac.jp> =?ISO-2022-JP?B?GyRCQ2ZCPBsoQg==?=
+ =?ISO-2022-JP?B?GyRCQUdFNRsoQg==?=
+ (with MIME encoding, not human readable)
+ <motonori@cs.ritsumei.ac.jp> #@# ^[$BCfB<^[(B ^[$BAGE5^[(B
+ (native encoding with ISO-2022-JP)
+ The last form is human readable in the Japanese environment.
+ Based on a fix from (surprise!) Motonori Nakamura.
+ Don't make SMTP error returns on MAIL FROM: line be "sticky" for all
+ messages to that host; these are most frequently associated
+ with addresses rather than the host, with the exception of
+ 421 (service shutting down). The effect was to cause queues
+ to sometimes take an excessive time to flush. Reported by
+ Robert Sargent of Southern Geographics Technologies and
+ Eric Prestemon of American University.
+ Add Nice=N mailer option to set the niceness at which a mailer will
+ run. This is actually a relative niceness (that is, an
+ increment on the background value).
+ Log queue runs that are skipped due to high loads. They are logged
+ at LOG_INFO priority iff the log level is > 8. Contributed
+ by Bruce Nagel of Data General.
+ Allow the error mailer to accept a DSN-style error status code
+ instead of an sysexits status code in the host part.
+ Anything with a dot will be interpreted as a DSN-style code.
+ Add new mailer flag: F=3 will tell translations to Quoted-Printable
+ to encode characters that might be munged by an EBCDIC system
+ in addition to the set required by RFC 1521. The additional
+ characters are !, ", #, $, @, [, \, ], ^, `, {, |, }, and ~.
+ (Think of "IBM 360" as the mnemonic for this flag.)
+ Change check for mailing to files to look for a pathname of [FILE]
+ rather than looking for the mailer named *file*. The mapping
+ of leading slashes still goes to the *file* mailer. This
+ allows you to implement the *file* mailer as a separate
+ program, for example, to insert a Content-Length: header
+ or do special security policy. However, note that the usual
+ initial checking for the file permissions is still done, and
+ the program in question needs to be very careful about how
+ it does the file write to avoid security problems.
+ Be able to read ~root/.forward even if the path isn't accessible to
+ regular users. This is disrecommended because sendmail
+ sometimes does not run as root (e.g., when an unsafe option
+ is specified on the command line), but should otherwise be
+ safe because .forward files must be owned by the user for
+ whom mail is being forwarded, and cannot be a symbolic link.
+ Suggested by Forrest Aldrich of Wang Laboratories.
+ Add new "HostsFile" option that is the pathname to the /etc/hosts
+ file. This is used for canonifying hostnames when the
+ service type is "files".
+ Implement programs on F (read class from file) line. The syntax is
+ Fc|/path/to/program to read the output from the program
+ into class "c".
+ Probe the network interfaces to find alternate names for this
+ host. Requires the SIOCGIFCONF ioctl call. Code
+ contributed by SunSoft.
+ Add "E" configuration line to set or propagate environment
+ variables into children. "E<envar>" will propagate
+ the named variable from the environment when sendmail
+ was invoked into any children it calls; "E<envar>=<value>"
+ sets the named variable to the indicated value. Any
+ variables not explicitly named will not be in the child
+ environment. However, sendmail still forces an
+ "AGENT=sendmail" environment variable, in part to enforce
+ at least one environment variable, since many programs and
+ libraries die horribly if this is not guaranteed.
+ Change heuristic for rebuilding both NEWDB and NDBM versions of
+ alias databases -- new algorithm looks for the substring
+ "/yp/" in the file name. This is more portable and involves
+ less overhead. Suggested by Motonori Nakamura.
+ Dynamically allocate the queue work list so that you don't lose
+ jobs in large queue runs. The old QUEUESIZE compile parameter
+ is replaced by QUEUESEGSIZE (the unit of allocation, which
+ should not need to be changed) and the MaxQueueRunSize option,
+ which is the absolute maximum number of jobs that will ever
+ be handled in a single queue run. Based on code contributed
+ by Brian Coan of the Institute for Global Communications.
+ Log message when a message is dropped because it exceeds the maximum
+ message size. Suggested by Leo Bicknell of Virginia Tech.
+ Allow trusted users (those on a T line or in $=t) to use -bs without
+ an X-Authentication-Warning: added. Suggested by Mark Thomas
+ of Mark G. Thomas Consulting.
+ Announce state of compile flags on -d0.1 (-d0.10 throws in the
+ OS-dependent defines). The old semantic of -d0.1 to not
+ run the daemon in background has been moved to -d99.100,
+ and the old 52.5 flag (to avoid disconnect() from closing
+ all output files) has been moved to 52.100. This makes
+ things more consistent (flags below .100 don't change
+ semantics) and separates out the backgrounding so that
+ it doesn't happen automatically on other unrelated debugging
+ flags.
+ If -t is used but no addresses are found in the header, give an
+ error message rather than just doing nothing. Fix from
+ Motonori Nakamura.
+ On systems (like SunOS) where the effective gid is not necessarily
+ included in the group list returned by getgroups(), the
+ `restrictmailq' option could sometimes cause an authorized
+ user to not be able to use `mailq'. Fix from Charles Hannum
+ of MIT.
+ Allow symbolic service names for [IPC] mailers. Suggested by
+ Gerry Magennis of Logica International.
+ Add DontExpandCnames option to prevent $[ ... $] from expanding CNAMEs
+ when running DNS. For example, if the name FTP.Foo.ORG is
+ a CNAME for Cruft.Foo.ORG, then when sitting on a machine in
+ the Foo.ORG domain a lookup of "FTP" returns "Cruft.Foo.ORG"
+ if this option is not set, or "FTP.Foo.ORG" if it is set.
+ This is technically illegal under RFC 822 and 1123, but the
+ IETF is moving toward legalizing it. Note that turning on
+ this option is not sufficient to guarantee that a downstream
+ neighbor won't rewrite the address for you.
+ Add "-m" flag to makesendmail script -- this tells you what object
+ directory and Makefile it will use, but doesn't actually do
+ the make.
+ Do some additional checking on the contents of the qf file to try
+ to detect attacks against the qf file. In particular,
+ abort on any line beginning "From ", and add an "end of
+ file" line -- any data after that line is prohibited.
+ Always use /etc/sendmail.cf, regardless of the arbitrary vendor
+ choices. This can be overridden in the Makefile by using
+ either -DUSE_VENDOR_CF_PATH to get the vendor location
+ (to the extent that we know it) or by defining
+ _PATH_SENDMAILCF (which is a "hard override"). This allows
+ sendmail 8 to have more consistent installation instructions.
+ Allow macros on `K' line in config file. Suggested by Andrew Chang
+ of Sun Microsystems.
+ Improved symbol table hash function from Eric Wassenaar. This one
+ is at least 50% faster.
+ Fix problem that didn't notice that timeout on file open was a
+ transient error. Fix from Larry Parmelee of Cornell
+ University.
+ Allow comments (lines beginning with a `#') in files read for
+ classes. Suggested by Motonori Nakamura.
+ Make SIGINT (usually ^C) in test mode return to the prompt instead
+ of dropping out entirely. This makes testing some of the
+ name server lookups easier to deal with when there are
+ hung servers. From Motonori Nakamura.
+ Add new ${opMode} macro that is set to the current operation mode
+ (e.g., `s' for -bs, `t' for -bt, etc.). Suggested by
+ Claude Marinier <MARINIER@emp.ewd.dreo.dnd.ca>.
+ Add new delivery mode (Odd) that defers all map lookups to queue runs.
+ Kind of like queue-only mode (Odq) except it tries to avoid
+ any external service requests; for dial-on-demand hosts that
+ want to minimize DNS lookups when mail is being queued. For
+ this to work you will also have to make sure that gethostbyname
+ of your local host name does not do a DNS lookup.
+ Improved handling of "out of space" conditions from John Myers of
+ Carnegie Mellon.
+ Improved security for mailing to files on systems that have fchmod(2)
+ support.
+ Improve "cannot send message for N days" message -- now says "could
+ not send for past N days". Suggested by Tom Moore of AT&T
+ Global Information Solutions.
+ Less misleading Subject: line on messages sent to postmaster only.
+ From Motonori Nakamura.
+ Avoid duplicate error messages on bad command line flags. From
+ Motonori Nakamura.
+ Better error message for case where ruleset 0 falls off the end
+ or otherwise does not resolve to a canonical triple.
+ Fix a problem that could cause multiple bounce messages if a bad
+ address was sent along with a good address to an SMTP
+ site where that SMTP site returned a 4yz code in response
+ to the final dot of the data. Problem reported by David
+ James of British Telecom.
+ Add "volatile" declarations so that gcc -O2 will work. Patches
+ from Alexander Dupuy of System Management ARTS.
+ Delete duplicates in MX lists -- believe it or not, there are sites
+ that list the same host twice in an MX list. This deletion
+ only works on adjacent preferences, so an MX list that
+ had A=5, B=10, A=15 would leave both As, but one that had
+ A=5, A=10, B=15 would reduce to A, B. This is intentional,
+ just in case there is something weird I haven't thought of.
+ Suggested by Barry Shein of Software Tool & Die.
+ SECURITY: .forward files cannot be symbolic links. If they are,
+ a bad guy can read your private files.
+ Solaris 2 from Rob McMahon <cudcv@csv.warwick.ac.uk>.
+ System V Release 4 from Motonori Nakamura of Ritsumeikan
+ University. This expands the disk size
+ checking to include all (?) SVR4 configurations.
+ System V Release 4 from Kimmo Suominen -- initgroups(3)
+ and setrlimit(2) are both available.
+ System V Release 4 from sob@sculley.ffg.com -- some versions
+ apparently "have EX_OK defined in other headerfiles."
+ Linux Makefile typo.
+ Linux getusershell(3) is broken in Slackware 2.0 --
+ from Andrew Pam of Xanadu Australia.
+ More Linux tweaking from John Kennedy of California State
+ University, Chico.
+ Cray changes from Eric Wassenaar: ``On Cray, shorts,
+ ints, and longs are all 64 bits, and all structs
+ are multiples of 64 bits. This means that the
+ sizeof operator returns only multiples of 8.
+ This requires adaptation of code that really
+ deals with 32 bit or 16 bit fields, such as IP
+ addresses or nameserver fields.''
+ DG/UX 5.4.3 from Mark T. Robinson <mtr@ornl.gov>. To
+ get the old behaviour, use -DDGUX_5_4_2.
+ DG/UX hack: add _FORCE_MAIL_LOCAL_=yes environment
+ variable to fix bogus /bin/mail behaviour.
+ Tandem NonStop-UX from Rick McCarty <mccarty@mpd.tandem.com>.
+ This also cleans up some System V Release 4 compile
+ problems.
+ Solaris 2: sendmail.cw file should be in /etc/mail to
+ match all the other configuration files. Fix
+ from Glenn Barry of Emory University.
+ Solaris 2.3: compile problem in conf.c. Fix from Alain
+ Nissen of the University of Liege, Belgium.
+ Ultrix: freespace calculation was incorrect. Fix from
+ Takashi Kizu of Osaka University.
+ SVR4: running in background gets a SIGTTOU because the
+ emulation code doesn't realize that "getpeername"
+ doesn't require reading the file. Fix from Peter
+ Wemm of DIALix.
+ Solaris 2.3: due to an apparent bug in the socket emulation
+ library, sockets can get into a "wedged" state where
+ they just return EPROTO; closing and re-opening the
+ socket clears the problem. Fix from Bob Manson
+ of Ohio State University.
+ Hitachi 3050R & 3050RX running HI-UX/WE2: portability
+ fixes from Akihiro Hashimoto ("Hash") of Chiba
+ University.
+ AIX changes to allow setproctitle to work from Rainer Schöpf
+ of Zentrum für Datenverarbeitung der Universität
+ Mainz.
+ AIX changes for load average from Ed Ravin of NASA/Goddard.
+ SCO Unix from Chip Rosenthal of Unicom (code was using the
+ wrong statfs call).
+ ANSI C fixes from Adam Glass (NetBSD project).
+ Stardent Titan/ANSI C fixes from Kate Hedstrom of Rutgers
+ University.
+ DG-UX fixes from Bruce Nagel of Data General.
+ IRIX64 updates from Mark Levinson of the University of
+ Rochester Medical Center.
+ Altos System V (``the first UNIX/XENIX merge the Altos
+ did for their Series 1000 & Series 2000 line;
+ their merged code was licensed back to AT&T and
+ Microsoft and became System V release 3.2'') from
+ Tim Rice <timr@crl.com>.
+ OSF/1 running on Intel Paragon from Jeff A. Earickson
+ <jeff@ssd.intel.com> of Intel Scalable Systems
+ Division.
+ Amdahl UTS System V 2.1.5 (SVr3-based) from Janet Jackson
+ <janet@dialix.oz.au>.
+ System V Release 4 (statvfs semantic fix) from Alain
+ Durand of I.M.A.G.
+ HP-UX 10.x multiprocessor load average changes from
+ Scott Hutton and Jeff Sumler of Indiana University.
+ Cray CSOS from Scott Bolte of Cray Computer Corporation.
+ Unicos 8.0 from Douglas K. Rand of the University of North
+ Dakota, Scientific Computing Center.
+ Solaris 2.4 fixes from Sanjay Dani of Dani Communications.
+ ConvexOS 11.0 from Christophe Wolfhugel.
+ IRIX 4.0.5 from David Ashton-Reader of CADcentre.
+ ISC UNIX from J. J. Bailey.
+ HP-UX 9.xx on the 8xx series machines from Remy Giraud
+ of Meteo France.
+ HP-UX configuration from Tom Lane <tgl@sss.pgh.pa.us>.
+ IRIX 5.2 and 5.3 from Kari E. Hurtta.
+ FreeBSD 2.0 from Mike Hickey of Federal Data Corporation.
+ Sony NEWS-OS 4.2.1R and 6.0.3 from Motonori Nakamura.
+ Omron LUNA unios-b, mach from Motonori Nakamura.
+ NEC EWS-UX/V 4.2 from Motonori Nakamura.
+ NeXT 2.1 from Bryan Costales.
+ AUX patch thanks to Mike Erwin of Apple Computer.
+ HP-UX 10.0 from John Beck of Hewlett-Packard.
+ Ultrix: allow -DBROKEN_RES_SEARCH=0 if you are using a
+ non-DEC resolver. Suggested by Allan Johannesen.
+ UnixWare 2.0 fixes from Petr Lampa of the Technical
+ University of Brno (Czech Republic).
+ KSR OS 1.2.2 support from Todd Miller of the University
+ of Colorado.
+ UX4800 support from Kazuhisa Shimizu of NEC.
+ MAKEMAP: allow -d flag to allow insertion of duplicate aliases
+ in type ``btree'' maps. The semantics of this are undefined
+ for regular maps, but it can be useful for the user database.
+ MAKEMAP: lock database file while rebuilding to avoid sendmail
+ lookups while the rebuild is going on. There is a race
+ condition between the open(... O_TRUNC ...) and the lock
+ on the file, but it should be quite small.
+ SMRSH: sendmail restricted shell added to the release. This can
+ be used as an alternative to /bin/sh for the "prog" mailer,
+ giving the local administrator more control over what
+ programs can be run from sendmail.
+ MAIL.LOCAL: add this local mailer to the tape. It is not really
+ part of the release proper, and isn't fully supported; in
+ particular, it does not run on System V based systems and
+ never will.
+ CONTRIB: a patch to rmail.c from Bill Gianopoulos of Raytheon
+ to allow rmail to compile on systems that don't have
+ function prototypes and systems that don't have snprintf.
+ CONTRIB: add the "mailprio" scripts that will help you sort mailing
+ lists by transaction delay times so that addresses that
+ respond quickly get sent first. This is to prevent very
+ sluggish servers from delaying other peoples' mail.
+ Contributed by Tony Sanders of BSDI.
+ CONTRIB: add the "bsdi.mc" file as contributed by Tony Sanders
+ of BSDI. This has a lot of comments to help people out.
+ CONFIG: Don't have .mc files include(../m4/cf.m4) -- instead,
+ put this on the m4 command line. On GNU m4 (which
+ supports the __file__ primitive) you can run m4 in an
+ arbitrary directory -- use either:
+ m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf
+ or
+ m4 -I${CFDIR} m4/cf.m4 config.mc > config.cf
+ On other versions of m4 that don't support __file__, you
+ can use:
+ m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 ...
+ (Note the trailing slash on the _CF_DIR_ definition.)
+ Old versions of m4 will default to _CF_DIR_=.. for back
+ compatibility.
+ CONFIG: fix mail from <> so it will properly convert to
+ MAILER-DAEMON on local addresses.
+ CONFIG: fix code that was supposed to catch colons in host
+ names. Problem noted by John Gardiner Myers of CMU.
+ CONFIG: allow use of SMTP_MAILER_MAX in nullclient configuration.
+ From Paul Riddle of the University of Maryland, Baltimore
+ County.
+ CONFIG: Catch and reject "." as a host address.
+ CONFIG: Generalize domaintable to look up all domains, not
+ just unqualified ones.
+ CONFIG: Delete OLD_SENDMAIL support -- as near as I can tell, it
+ was never used and didn't work anyway.
+ CONFIG: Set flags A, w, 5, :, /, |, and @ on the "local" mailer
+ and d on all mailers in the UUCP class.
+ CONFIG: Allow "user+detail" to be aliased specially: it will first
+ look for an alias for "user+detail", then for "user+*", and
+ finally for "user". This is intended for forwarding mail
+ for system aliases such as root and postmaster to a
+ centralized hub.
+ CONFIG: add confEIGHT_BIT_HANDLING to set option 8 (see above).
+ CONFIG: add smtp8 mailer; this has the F=8 (just-send-8) flag set.
+ The F=8 flag is also set on the "relay" mailer, since
+ this is expected to be another sendmail.
+ CONFIG: avoid qualifying all UUCP addresses sent via SMTP with
+ the name of the UUCP_RELAY -- in some cases, this is the
+ wrong value (e.g., when we have local UUCP connections),
+ and this can create unreplyable addresses. From Chip
+ Rosenthal of Unicom.
+ CONFIG: add confRECEIVED_HEADER to change the format of the
+ Received: header inserted into all messages. Suggested by
+ Gary Mills of the University of Manitoba.
+ CONFIG: Make "notsticky" the default; use FEATURE(stickyhost)
+ to get the old behaviour. I did this upon observing
+ that almost everyone needed this feature, and that the
+ concept I was trying to make happen didn't work with
+ some user agents anyway. FEATURE(notsticky) still works,
+ but it is a no-op.
+ CONFIG: Add LUSER_RELAY -- the host to which unrecognized user
+ names are sent, rather than immediately diagnosing them
+ as User Unknown.
+ and RELAY_MAILER_ARGS to set the arguments for the
+ indicated mailers. All default to "IPC $h". Patch from
+ Larry Parmelee of Cornell University.
+ CONFIG: pop mailer needs F=n flag to avoid "annoying side effects
+ on the client side" and F=P to get an appropriate
+ return-path. From Kimmo Suominen.
+ CONFIG: add FEATURE(local_procmail) to use the procmail program
+ as the local mailer. For addresses of the form "user+detail"
+ the "detail" part is passed to procmail via the -a flag.
+ Contributed by Kimmo Suominen.
+ CONFIG: add MAILER(procmail) to add an interface to procmail for
+ use from mailertables. This lets you execute arbitrary
+ procmail scripts. Contributed by Kimmo Suominen.
+ CONFIG: add T= fields (MTS type) to local, smtp, and uucp mailers.
+ CONFIG: add OSTYPE(ptx2) for DYNIX/ptx 2.x from Sequent. From
+ Paul Southworth of CICNet Systems Support.
+ CONFIG: use -a$g as default to UUCP mailers, instead of -a$f.
+ This causes the null return path to be rewritten as
+ MAILER-DAEMON; otherwise UUCP gets horribly confused.
+ From Michael Hohmuth of Technische Universitat Dresden.
+ CONFIG: Add FEATURE(bestmx_is_local) to cause any hosts that
+ list us as the best possible MX record to be treated as
+ though they were local (essentially, assume that they
+ are included in $=w). This can cause additional DNS
+ traffic, but is easier to administer if this fits your
+ local model. It does not work reliably if there are
+ multiple hosts that share the best MX preference.
+ Code contributed by John Oleynick of Rutgers.
+ CONFIG: Add FEATURE(smrsh) to use smrsh (the SendMail Restricted
+ SHell) instead of /bin/sh as the program used for delivery
+ to programs. If an argument is included, it is used as
+ the path to smrsh; otherwise, /usr/local/etc/smrsh is
+ assumed.
+ size of messages to the local and procmail mailers
+ respectively. Contributed by Brad Knowles of the Defense
+ Information Systems Agency.
+ CONFIG: Handle leading ``phrase:'' and trailing ``;'' as comments
+ (just like text outside of angle brackets) in order to
+ properly deal with ``group: addr1, ... addrN;'' syntax.
+ CONFIG: Require OSTYPE macro (the defaults really don't apply to
+ any real systems any more) and tweak the DOMAIN macro
+ so that it is less likely that users will accidentally use
+ the Berkeley defaults. Also, create some generic files
+ that really can be used in the real world.
+ CONFIG: Add new configuration macros to set character sets for
+ messages _arriving from_ various mailers: LOCAL_MAILER_CHARSET,
+ CONFIG: Change UUCP_MAX_SIZE to UUCP_MAILER_MAX for consistency.
+ The old name will still be accepted for a while at least.
+ CONFIG: Implement DECNET_RELAY as spec for host to which DECNET
+ mail (.DECNET pseudo-domain or node::user) will be sent.
+ As with all relays, it can be ``mailer:hostname''. Suggested
+ by Scott Hutton.
+ CONFIG: Add MAILER(mail11) to get DECnet support. Code contributed
+ by Barb Dijker of Labyrinth Computer Services.
+ CONFIG: change confCHECK_ALIASES to default to False -- it has poor
+ performance for large alias files, and this confused many
+ people.
+ CONFIG: Add confCF_VERSION to append local information to the
+ configuration version number displayed during SMTP startup.
+ CONFIG: fix some.newsgroup.usenet@local.host syntax (previously it
+ would only work when locally addressed. Fix from
+ Edvard Tuinder of Cistron Internet Services.
+ CONFIG: use ${opMode} to avoid error on .REDIRECT addresses if option
+ "n" (CheckAlaises) is set when rebuilding alias database.
+ Based on code contributed by Claude Marinier.
+ CONFIG: Allow mailertable to have values of the form
+ ``error:code message''. The ``code'' is a status code
+ derived from the sysexits codes -- e.g., NOHOST or UNAVAILABLE.
+ Contributed by David James <dwj@agw.bt.co.uk>.
+ CONFIG: add MASQUERADE_DOMAIN(domain list) to extend the list of
+ sender domains that will be replaced with the masquerade name.
+ These domains will not be treated as local, but if mail passes
+ through with sender addresses in those domains they will be
+ replaced by the masquerade name. These can also be specified
+ in a file using MASQUERADE_DOMAIN_FILE(filename).
+ CONFIG: add FEATURE(masquerade_envelope) to masquerade the envelope
+ as well as the header. Substantial improvements to this
+ code were contributed by Per Hedeland.
+ CONFIG: add MAILER(phquery) to define a new "ph" mailer; this can be
+ accessed from a mailertable to do CCSO ph lookups. Contributed
+ by Kimmo Suominen.
+ CONFIG: add MAILER(cyrus) to define a new Cyrus mailer; this can be
+ used to define cyrus and cyrusbb mailers (for IMAP support).
+ Contributed by John Gardiner Myers of Carnegie Mellon.
+ CONFIG: add confUUCP_MAILER to select default mailer to use for
+ UUCP addressing. Suggested by Tom Moore of AT&T GIS.
+ cf/cf/cs-hpux10.mc
+ cf/cf/cs-solaris2.mc
+ cf/cf/cyrusproto.mc
+ cf/cf/generic-bsd4.4.mc
+ cf/cf/generic-hpux10.mc
+ cf/cf/generic-hpux9.mc
+ cf/cf/generic-osf1.mc
+ cf/cf/generic-solaris2.mc
+ cf/cf/generic-sunos4.1.mc
+ cf/cf/generic-ultrix4.mc
+ cf/cf/huginn.cs.mc
+ cf/domain/berkeley-only.m4
+ cf/domain/generic.m4
+ cf/feature/bestmx_is_local.m4
+ cf/feature/local_procmail.m4
+ cf/feature/masquerade_envelope.m4
+ cf/feature/smrsh.m4
+ cf/feature/stickyhost.m4
+ cf/feature/use_ct_file.m4
+ cf/m4/cfhead.m4
+ cf/mailer/cyrus.m4
+ cf/mailer/mail11.m4
+ cf/mailer/phquery.m4
+ cf/mailer/procmail.m4
+ cf/ostype/amdahl-uts.m4
+ cf/ostype/bsdi2.0.m4
+ cf/ostype/hpux10.m4
+ cf/ostype/irix5.m4
+ cf/ostype/isc4.1.m4
+ cf/ostype/ptx2.m4
+ cf/ostype/unknown.m4
+ contrib/bsdi.mc
+ contrib/mailprio
+ contrib/rmail.oldsys.patch
+ mail.local/mail.local.0
+ makemap/makemap.0
+ smrsh/README
+ smrsh/smrsh.0
+ smrsh/smrsh.8
+ smrsh/smrsh.c
+ src/Makefiles/Makefile.CSOS
+ src/Makefiles/Makefile.EWS-UX_V
+ src/Makefiles/Makefile.HP-UX.10
+ src/Makefiles/Makefile.IRIX.5.x
+ src/Makefiles/Makefile.IRIX64
+ src/Makefiles/Makefile.ISC
+ src/Makefiles/Makefile.KSR
+ src/Makefiles/Makefile.NEWS-OS.4.x
+ src/Makefiles/Makefile.NEWS-OS.6.x
+ src/Makefiles/Makefile.NEXTSTEP
+ src/Makefiles/Makefile.NonStop-UX
+ src/Makefiles/Makefile.Paragon
+ src/Makefiles/Makefile.SCO.3.2v4.2
+ src/Makefiles/Makefile.SunOS.5.3
+ src/Makefiles/Makefile.SunOS.5.4
+ src/Makefiles/Makefile.SunOS.5.5
+ src/Makefiles/Makefile.UNIX_SV.4.x.i386
+ src/Makefiles/Makefile.uts.systemV
+ src/Makefiles/Makefile.UX4800
+ src/aliases.0
+ src/mailq.0
+ src/mime.c
+ src/newaliases.0
+ src/sendmail.0
+ test/t_seteuid.c
+ cf/cf/alpha.mc => cf/cf/s2k-osf1.mc
+ cf/cf/chez.mc => cf/cf/chez.cs.mc
+ cf/cf/hpux-cs-exposed.mc => cf/cf/cs-hpux9.mc
+ cf/cf/osf1-cs-exposed.mc => cf/cf/cs-osf1.mc
+ cf/cf/s2k.mc => cf/cf/s2k-ultrix4.mc
+ cf/cf/sunos4.1-cs-exposed.mc => cf/cf/cs-sunos4.1.mc
+ cf/cf/ultrix4.1-cs-exposed.mc => cf/cf/cs-ultrix4.mc
+ cf/cf/vangogh.mc => cf/cf/vangogh.cs.mc
+ cf/domain/Berkeley.m4 => cf/domain/Berkeley.EDU.m4
+ cf/domain/cs-exposed.m4 => cf/domain/CS.Berkeley.EDU.m4
+ cf/domain/eecs-hidden.m4 => cf/domain/EECS.Berkeley.EDU.m4
+ cf/domain/s2k.m4 => cf/domain/S2K.Berkeley.EDU.m4
+ cf/ostype/hpux.m4 => cf/ostype/hpux9.m4
+ cf/ostype/irix.m4 => cf/ostype/irix4.m4
+ cf/ostype/ultrix4.1.m4 => cf/ostype/ultrix4.m4
+ src/Makefile.* => src/Makefiles/Makefile.*
+ src/Makefile.AUX => src/Makefiles/Makefile.A-UX
+ src/Makefile.BSDI => src/Makefiles/Makefile.BSD-OS
+ src/Makefile.DGUX => src/Makefiles/Makefile.dgux
+ src/Makefile.RISCos => src/Makefiles/Makefile.UMIPS
+ src/Makefile.SunOS.4.0.3 => src/Makefiles/Makefile.SunOS.4.0
+ cf/cf/cogsci.mc
+ cf/cf/cs-exposed.mc
+ cf/cf/cs-hidden.mc
+ cf/cf/hpux-cs-hidden.mc
+ cf/cf/knecht.mc
+ cf/cf/osf1-cs-hidden.mc
+ cf/cf/sunos3.5-cs-exposed.mc
+ cf/cf/sunos3.5-cs-hidden.mc
+ cf/cf/sunos4.1-cs-hidden.mc
+ cf/cf/ultrix4.1-cs-hidden.mc
+ cf/domain/cs-hidden.m4
+ contrib/rcpt-streaming
+ src/Makefiles/Makefile.SunOS.5.x
+8.6.13/8.6.12 96/01/25
+ SECURITY: In some cases it was still possible for an attacker to
+ insert newlines into a queue file, thus allowing access to
+ any user (except root).
+ CONFIG: no changes -- it is not a bug that the configuration
+ version number is unchanged.
+8.6.12/8.6.12 95/03/28
+ Fix to IDENT code (it was getting the size of the reply buffer
+ too small, so nothing was ever accepted). Fix from several
+ people, including Allan Johannesen, Shane Castle of the
+ Boulder County Information Services, and Jeff Smith of
+ Warwick University (all arrived within a few hours of
+ each other!).
+ Fix a problem that could cause large jobs to run out of
+ file descriptors on systems that use vfork() rather
+ than fork().
+8.6.11/8.6.11 95/03/08
+ The ``possible attack'' message would be logged more often
+ than necessary if you are using Pine as a user agent.
+ The wrong host would be reported in the ``possible attack''
+ message when attempted from IDENT.
+ In some cases the syslog buffer could be overflowed when
+ reporting the ``possible attack'' message. This can
+ cause denial of service attacks. Truncate the message
+ to 80 characters to prevent this problem.
+ When reading the IDENT response a loop is needed around the
+ read from the network to ensure that you don't get
+ partial lines.
+ Password entries without any shell listed (that is, a null
+ shell) wouldn't match as "ok". Problem noted by
+ Rob McMahon.
+ When running BIND 4.9.x a problem could occur because the
+ _res.options field is initialized differently than it
+ was historically -- this requires that sendmail call
+ res_init before it tweaks any bits.
+ Fix an incompatibility in openxscript() between the file open mode
+ and the stdio mode passed to fdopen. This caused UnixWare
+ 2.0 to have conniptions. Fix from Martin Sohnius of
+ Novell Labs Europe.
+ Fix problem with static linking of local getopt routine when
+ using GNU's ld command. Fix from John Kennedy of
+ Cal State Chico.
+ It was possible to turn off privacy flags. Problem noted by
+ *Hobbit*.
+ Be more paranoid about writing files. Suggestions by *Hobbit*
+ and Liudvikas Bukys.
+ MAKEMAP: fixes for 64 bit machines (DEC Alphas in particular)
+ from Spider Boardman.
+ CONFIG: No changes (version number only, to keep it in sync
+ with the binaries).
+8.6.10/8.6.10 95/02/10
+ SECURITY: Diagnose bogus values to some command line flags that
+ could allow trash to get into headers and qf files.
+ Validate the name of the user returned by the IDENT protocol.
+ Some systems that really dislike IDENT send intentionally
+ bogus information. Problem pointed out by Michael Bushnell
+ of the Free Software Foundation. Has some security
+ implications.
+ Fix a problem causing error messages about DNS problems when
+ the host name contained a percent sign to act oddly
+ because it was passed as a printf-style format string.
+ In some cases this could cause core dumps.
+ Avoid possible buffer overrun in returntosender() if error
+ message is quite long. From Fletcher Mattox of the
+ University of Texas.
+ Fix a problem that would silently drop "too many hops" error
+ messages if and only if you were sending to an alias.
+ From Jon Giltner of the University of Colorado and
+ Dan Harton of Oak Ridge National Laboratory.
+ Fix a bug that caused core dumps on some systems if -d11.2 was
+ set and e->e_message was null. Fix from Bruce Nagel of
+ Data General.
+ Fix problem that can still cause df files to be left around
+ after "hop count exceeded" messages. Fix from Andrew
+ Chang and Shau-Ping Lo of SunSoft.
+ Fix a problem that can cause buffer overflows on very long
+ user names (as might occur if you piped to a program
+ with a lot of arguments).
+ Avoid returning an error and re-queueing if the host signature
+ is null; this can occur on addresses like ``user@.''.
+ Problem noted by Wesley Craig and the University of
+ Michigan.
+ Avoid possible calls to malloc(0) if MCI caching is turned
+ off. Bug fix from Pierre David of the Laboratoire
+ Parallelisme, Reseaux, Systemes et Modelisation (PRiSM),
+ Universite de Versailles - St Quentin, and Jacky
+ Thibault.
+ Make a local copy of the line being sent via senttolist() -- in
+ some cases, buffers could get trashed by map lookups
+ causing it to do unexpected things. This also simplifies
+ some of the map code.
+ CONFIG: No changes (version number only, to keep it in sync
+ with the binaries).
+8.6.9/8.6.9 94/04/19
+ Do all mail delivery completely disconnected from any terminal.
+ This provides consistency with daemon delivery and
+ may have some security implications.
+ Make sure that malloc doesn't get called with zero size,
+ since that fails on some systems. Reported by Ed
+ Hill of the University of Iowa.
+ Fix multi-line values for $e (SMTP greeting message). Reported
+ by Mike O'Connor of Ford Motor Company.
+ Avoid syserr if no NIS domain name is defined, but the map it
+ is trying to open is optional. From Win Bent of USC.
+ Changes for picky compilers from Ed Gould of Digital Equipment.
+ Hesiod support for UDB from Todd Miller of the University of
+ Colorado. Use "hesiod" as the service name in the U
+ option.
+ Fix a problem that failed to set the "authentic" host name (that
+ is, the one derived from the socket info) if you called
+ sendmail -bs from inetd. Based on code contributed by
+ Todd Miller (this problem was also reported by Guy Helmer
+ of Dakota State University). This also fixes a related
+ problem reported by Liudvikas Bukys of the University of
+ Rochester.
+ Parameterize "nroff -h" in all the Makefiles so people with
+ variant versions can use them easily. Suggested by
+ Peter Collinson of Hillside Systems.
+ SMTP "MAIL" commands with multiple ESMTP parameters required two
+ spaces between parameters instead of one. Reported by
+ Valdis Kletnieks of Virginia Tech.
+ Reduce the number of system calls during message collection by
+ using global timeouts around the collect() loop. This
+ code was contributed by Eric Wassenaar.
+ If the initial hostname name gathering results in a name
+ without a dot (usually caused by NIS misconfiguration)
+ and BIND is compiled in, directly access DNS to get
+ the canonical name. This should make life easier for
+ Solaris systems. If it still can't be resolved, and
+ if the name server is listed as "required", try again
+ in 30 seconds. If that also fails, exit immediately to
+ avoid bogus "config error: mail loops back to myself"
+ messages.
+ message to explain how much space was available and
+ sound a bit less threatening. Suggested by Stan Janet
+ of the National Institute of Standards and Technology.
+ If mail is delivered to an alias that has an owner, deliver any
+ requested return-receipt immediately, and strip the
+ Return-Receipt-To: header from the subsequent message.
+ This prevents a certain class of denial of service
+ attack, arguably gives more reasonable semantics, and
+ moves things more towards what will probably become a
+ network standard. Suggested by Christopher Davis of
+ Kapor Enterprises.
+ Add a "noreceipts" privacy flag to turn off all return receipts
+ without recompiling.
+ Avoid printing ESMTP parameters as part of the error message
+ if there are errors during parsing. This change is
+ purely cosmetic.
+ Avoid sending out error messages during the collect phase of
+ SMTP; there is an MVS mailer from UCLA that gets
+ confused by this. Of course, I think it's their bug....
+ Check for the $j macro getting undefined, losing a dot, or getting
+ lost from $=w in the daemon before accepting a connection;
+ if it is, it dumps state, prints a LOG_ALERT message,
+ and drops core for debugging. This is an attempt to
+ track down a bug that I thought was long since gone.
+ If you see this, please forward the log fragment to
+ sendmail@sendmail.ORG.
+ Change OLD_NEWDB from a #ifdef to a #if so it can be turned off
+ with -DOLD_NEWDB=0 on the command line. From Christophe
+ Wolfhugel.
+ Instead of trying to truncate the listen queue for the server
+ SMTP port when the load average is too high, just close
+ the port completely and reopen it later as needed.
+ This ensures that the other end gets a quick "connection
+ refused" response, and that the connection can be
+ recovered later. In particular, some socket emulations
+ seem to get confused if you tweak the listen queue
+ size around and can never start listening to connections
+ again. The down side is that someone could start up
+ another daemon process in the interim, so you could
+ have multiple daemons all not listening to connections;
+ this could in turn cause the sendmail.pid file to be
+ incorrect. A better approach might be to accept the
+ connection and give a 421 code, but that could break
+ other mailers in mysterious ways and have paging behaviour
+ implications.
+ Fix a glitch in TCP-level debugging that caused flag 16.101 to
+ set debugging on the wrong socket. From Eric Wassenaar.
+ When creating a df* temporary file, be sure you truncate any
+ existing data in the file -- otherwise system crashes
+ and the like could result in extra data being sent.
+ DOC: Replace the CHANGES-R5-R8 readme file with a paper in the
+ doc directory. This includes some additional
+ information.
+ CONFIG: change UUCP rules to never add $U! or $k! on the front
+ of recipient envelope addresses. This should have been
+ handled by the $&h trick, but broke if people were
+ mixing domainized and UUCP addresses. They should
+ probably have converted all the way over to uucp-uudom
+ instead of uucp-{new,old}, but the failure mode was to
+ loop the mail, which was bad news.
+ Portability fixes:
+ Newer BSDI systems (several people).
+ Older BSDI systems from Christophe Wolfhugel.
+ Intergraph CLIX, from Paul Southworth of CICNet.
+ UnixWare, from Evan Champion.
+ NetBSD from Adam Glass.
+ Solaris from Quentin Campbell of the University of
+ Newcastle upon Tyne.
+ IRIX from Dean Cookson and Bill Driscoll of Mitre
+ Corporation.
+ NCR 3000 from Kevin Darcy of Chrysler Financial Corporation.
+ SunOS (it has setsid() and setvbuf() calls) from
+ Jonathan Kamens of OpenVision Technologies.
+ HP-UX from Tor Lillqvist.
+ New Files:
+ src/Makefile.CLIX
+ src/Makefile.NCR3000
+ doc/changes/Makefile
+ doc/changes/changes.me
+ doc/changes/changes.ps
+8.6.8/8.6.6 94/03/21
+ SECURITY: it was possible to read any file as root using the
+ E (error message) option. Reported by Richard Jones;
+ fixed by Michael Corrigan and Christophe Wolfhugel.
+8.6.7/8.6.6 94/03/14
+ SECURITY: it was possible to get root access by using weird
+ values to the -d flag. Thanks to Alain Durand of
+ INRIA for forwarding me the notice from the bugtraq
+ list.
+8.6.6/8.6.6 94/03/13
+ SECURITY: the ability to give files away on System V-based
+ systems proved dangerous -- don't run as the owner
+ of a :include: file on a system that allows giveaways.
+ Unfortunately, this also applies to determining a
+ valid shell.
+ IMPORTANT: Previous versions weren't expiring old connections
+ in the connection cache for a long time under some
+ circumstances. This could result in resource exhaustion,
+ both at your end and at the other end. This checks the
+ connections for timeouts much more frequently. From
+ Doug Anderson of NCSC.
+ Fix a glitch that snuck in that caused programs to be run as
+ the sender instead of the recipient if the mail was
+ from a local user to another local user. From
+ Motonori Nakamura of Kyoto University.
+ Fix "wildcard" on /etc/shells matching -- instead of looking
+ for "*", look for "/SENDMAIL/ANY/SHELL/". From
+ Bryan Costales of ICSI.
+ Change the method used to declare the "statfs" availability;
+ instead of HASSTATFS and/or HASUSTAT with a ton of
+ tweaking in conf.c, there is a single #define called
+ SFS_TYPE which takes on one of six values (SFS_NONE
+ for no statfs availability, SFS_USTAT for the ustat(2)
+ syscall, SFS_4ARGS for a four argument statfs(2) call,
+ and SFS_VFS, SFS_MOUNT, or SFS_STATFS for a two argument
+ statfs(2) call with the declarations in <sys/vfs.h>,
+ <sys/mount.h>, or <sys/statfs.h> respectively).
+ Fix glitch in NetInfo support that could return garbage if
+ there was no "/locations/sendmail" property. From
+ David Meyer of the University of Virginia.
+ Change HASFLOCK from defined/not-defined to a 0/1 definition
+ to allow Linux to turn it off even though it is a
+ BSD-like system.
+ Allow setting of "ident" timeout to zero to turn off the ident
+ protocol entirely.
+ Make 7-bit stripping local to a connection (instead of to a
+ mailer); this allows you to specify that SMTP is a
+ 7-bit channel, but revert to 8-bit should it advertise
+ that it supports 8BITMIME. You still have to specify
+ mailer flag 7 to get this stripping at all.
+ Improve makesendmail script so it handles more cases automatically.
+ Tighten up restrictions on taking ownership of :include: files
+ to avoid problems on systems that allow you to give away
+ files.
+ Fix a problem that made it impossible to rebuild the alias
+ file if it was on a read-only file system. From
+ Harry Edmon of the University of Washington.
+ Improve MX randomization function. From John Gardiner Myers
+ of CMU.
+ Fix a minor glitch causing a bogus message to be printed (used
+ %s instead of %d in a printf string for the line number)
+ when a bad queue file was read. From Harry Edmon.
+ Allow $s to remain NULL on locally generated mail. I'm not
+ sure this is necessary, but a lot of people have complained
+ about it, and there is a legitimate question as to whether
+ "localhost" is legal as an 822-style domain.
+ Fix a problem with very short line lengths (mailer L= flag) in
+ headers. This causes a leading space to be added onto
+ continuation lines (including in the body!), and also
+ tries to wrap headers containing addresses (From:, To:,
+ etc) intelligently at the shorter line lengths. Problem
+ Reported by Lars-Johan Liman of SUNET Operations Center.
+ Log the real user name when logging syserrs, since these can have
+ security implications. Suggested by several people.
+ Fix address logging of cached connections -- it used to always
+ log the numeric address as zero. This is a somewhat
+ bogus implementation in that it does an extra system
+ call, but it should be an inexpensive one. Fix from
+ Motonori Nakamura.
+ Tighten up handling of short syslog buffers even more -- there
+ were cases where the outgoing relay= name was too long
+ to share a line with delay= and mailer= logging.
+ Limit the overhead on split envelopes to one open file descriptor
+ per envelope -- previously the overhead was three
+ descriptors. This was in response to a problem reported
+ by P{r (Pell) Emanuelsson.
+ Fixes to better handle the case of unexpected connection closes;
+ this redirects the output to the transcript so the info
+ is not lost. From Eric Wassenaar.
+ Fix potential string overrun if you macro evaluate a string that
+ has a naked $ at the end. Problem noted by James Matheson
+ <jmrm@eng.cam.ac.uk>.
+ Make default error number on $#error messages 553 (``Requested
+ action not taken: mailbox name not allowed'') instead of
+ 501 (``Syntax error in parameters or arguments'') to
+ avoid bogus "protocol error" messages.
+ Strip off any existing trailing dot on names during $[ ... $]
+ lookup. This prevents it from ending up with two dots
+ on the end of dot terminated names. From Wesley Craig
+ of the University of Michigan and Bryan Costales of ICSI.
+ Clean up file class reading so that the debugging information is
+ more informative. It hadn't been using setclass, so you
+ didn't see the class items being added.
+ Avoid core dump if you are running a version of sendmail where
+ NIS is compiled in, and you specify an NIS map, but
+ NIS is not running. Fix from John Oleynick of
+ Rutgers.
+ Diagnose bizarre case where res_search returns a failure value,
+ but sets h_errno to a success value.
+ Make sure that "too many hops" messages are considered important
+ enough to send an error to the Postmaster (that is, the
+ address specified in the P option). This fix should
+ help problems that cause the df file to be left around
+ sometimes -- unfortunately, I can't seem to reproduce
+ the problem myself.
+ Avoid core dump (null pointer reference) on EXPN command; this
+ only occurred if your log level was set to 10 or higher
+ and the target account was an alias or had a .forward file.
+ Problem noted by Janne Himanka.
+ Avoid "denial of service" attacks by someone who is flooding your
+ SMTP port with bad commands by shutting the connection
+ after 25 bad commands are issued. From Kyle Jones of
+ Fix core dump on error messages with very long "to" buffers;
+ fmtmsg overflows the message buffer. Fixed by trimming
+ the to address to 203 characters. Problem reported by
+ John Oleynick.
+ Fix configuration for HASFLOCK -- there were some spots where
+ a #ifndef was incorrectly #ifdef. Pointed out by
+ George Baltz of the University of Maryland.
+ Fix a typo in savemail() that could cause the error message To:
+ lists to be incorrect in some places. From Motonori
+ Nakamura.
+ Fix a glitch that can cause duplicate error messages on split
+ envelopes where an address on one of the lists has a
+ name server failure. Fix from Voradesh Yenbut of the
+ University of Washington.
+ Fix possible bogus pointer reference on ESMTP parameters that
+ don't have an ``=value'' part.
+ CNAME loops caused an error message to be generated, but also
+ re-queued the message. Changed to just re-queue the
+ message (it's really hard to just bounce it because
+ of the weird way the name server works in the presence
+ of CNAME loops). Problem noted by James M.R.Matheson
+ of Cambridge University.
+ Avoid giving ``warning: foo owned process doing -bs'' messages
+ if they use ``MAIL FROM:<foo>'' where foo is their true
+ user name. Suggested by Andreas Stolcke of ICSI.
+ Change the NAMED_BIND compile flag to be a 0/1 flag so you can
+ override it easily in the Makefile -- that is, you can
+ turn it off using -DNAMED_BIND=0.
+ If a gethostbyname(...) of an address with a trailing dot fails,
+ try it without the trailing dot. This is because if
+ you have a version of gethostbyname() that falls back
+ to NIS or the /etc/hosts file it will fail to find
+ perfectly reasonable names that just don't happen to
+ be dot terminated in the hosts file. You don't want to
+ strip the dot first though because we're trying to ensure
+ that country names that match one of your subdomains get
+ a chance.
+ PRALIASES: fix bogus output on non-null-terminated strings.
+ From Bill Gianopoulos of Raytheon.
+ CONFIG: Avoid rewriting anything that matches $w to be $j.
+ This was in code intended to only catch the self-literal
+ address (that is, [], where is your
+ IP address), but the code was broken. However, it will
+ still do this if $M is defined; this is necessary to
+ get client configurations to work (sigh). Note that this
+ means that $M overrides :mailname entries in the user
+ database! Problem noted by Paul Southworth.
+ CONFIG: Fix definition of Solaris help file location. From
+ Steve Cliffe <steve@gorgon.cs.uow.edu.au>.
+ CONFIG: Fix bug that broke news.group.USENET mappings.
+ and USENET_MAILER_MAX to tweak the maximum message
+ size for various mailers.
+ CONFIG: Change definition of USENET_MAILER_ARGS to include argv[0]
+ instead of assuming that it is "inews" for consistency
+ with other mailers. From Michael Corrigan of UC San Diego.
+ CONFIG: When mail is forwarded to a LOCAL_RELAY or a MAIL_HUB,
+ qualify the address in the SMTP envelope as user@{relay|hub}
+ instead of user@$j. From Bill Wisner of The Well.
+ CONFIG: Fix route-addr syntax in nullrelay configuration set.
+ CONFIG: Don't turn off case mapping of user names in the local
+ mailer for IRIX. This was different than most every other
+ system.
+ CONFIG: Avoid infinite loops on certainly list:; syntaxes in
+ envelope. Noted by Thierry Besancon
+ <besancon@excalibur.ens.fr>.
+ CONFIG: Don't include -z by default on uux line -- most systems
+ don't want it set by default. Pointed out by Philippe
+ Michel of Thomson CSF.
+ CONFIG: Fix some bugs with mailertables -- for example, if your
+ host name was foo.bar.ray.com and you matched against
+ ".ray.com", the old implementation bound %1 to "bar"
+ instead of "foo.bar". Also, allow "." in the mailertable
+ to match anything -- essentially, take over SMART_HOST.
+ This also moves matching of explicit local host names
+ before the mailertable so they don't have to be special
+ cased in the mailertable data. Reported by Bill
+ Gianopoulos of Raytheon; the fix for the %1 binding
+ problem was contributed by Nicholas Comanos of the
+ University of Sydney.
+ CONFIG: Don't include "root" in class $=L (users to deliver
+ locally, even if a hub or relay exists) by default.
+ This is because of the known bug where definition of
+ both a LOCAL_RELAY and a MAIL_HUB causes $=L to ignore
+ both and deliver into the local mailbox.
+ CONFIG: Move up bitdomain and uudomain handling so that they
+ are done before .UUCP class matching; uudomain was
+ reported as ineffective before. This also frees up
+ diversion 8 for future use. Problem reported by Kimmo
+ Suominen.
+ CONFIG: Don't try to convert dotted IP address (e.g., [])
+ into host names. As pointed out by Jonathan Kamens,
+ these are often used because either the forward or reverse
+ mapping is broken; this translation makes it broken again.
+ DOC: Clarify $@ and $: in the Install & Op Guide. From Kimmo
+ Suominen.
+ Portability fixes:
+ Unicos from David L. Kensiski of Sterling Software.
+ DomainOS from Don Lewis of Silicon Systems.
+ GNU m4 1.0.3 from Karst Koymans of Utrecht University.
+ Convex from Kimmo Suominen <kim@tac.nyc.ny.us>.
+ NetBSD from Adam Glass <glass@sun-lamp.cs.berkeley.edu>.
+ BSD/386 from Tony Sanders of BSDI.
+ Apollo from Eric Wassenaar.
+ DGUX from Doug Anderson.
+ Sequent DYNIX/ptx 2.0 from Tim Wright of Sequent.
+ src/Makefile.DomainOS
+ src/Makefile.PTX
+ src/Makefile.SunOS.5.1
+ src/Makefile.SunOS.5.2
+ src/Makefile.SunOS.5.x
+ src/mailq.1
+ cf/ostype/domainos.m4
+ doc/op/Makefile
+ doc/intro/Makefile
+ doc/usenix/Makefile
+8.6.5/8.6.5 94/01/13
+ Security fix: /.forward could be owned by anyone (the test
+ to allow root to own any file was backwards). From
+ Bob Campbell at U.C. Berkeley.
+ Security fix: group ids were not completely set when programs
+ were invoked. This caused programs to have group
+ permissions they should not have had (usually group
+ daemon instead of their own group). In particular,
+ Perl scripts would refuse to run.
+ Security: check to make sure files that are written are not
+ symbolic links (at least under some circumstances).
+ Although this does not respond to a specific known
+ attack, it's just a good idea. Suggested by
+ Christian Wettergren.
+ Security fix: if a user had an NFS mounted home directory on
+ a system with a restricted shell listed in their
+ /etc/passwd entry, they could still execute any
+ program by putting that in their .forward file.
+ This fix prevents that by insisting that their shell
+ appear in /etc/shells before allowing a .forward to
+ execute a program or write a file. You can disable
+ this by putting "*" in /etc/shells. It also won't
+ permit world-writable :include: files to reference
+ programs or files (there's no way to disable this).
+ These behaviours are only one level deep -- for
+ example, it is legal for a world-writable :include:
+ file to reference an alias that writes a file, on
+ the assumption that the alias file is well controlled.
+ Security fix: root was not treated suspiciously enough when
+ looking into subdirectories. This would potentially
+ allow a cracker to examine files that were publicly
+ readable but in a non-publicly searchable directory.
+ Fix a problem that causes an error on QUIT on a cached
+ connection to create problems on the current job.
+ These are typically unrelated, so errors occur in
+ the wrong place.
+ Reset CurrentLA in sendall() -- this makes sendmail queue
+ runs more responsive to load average, and fixes a
+ problem that ignored the load average in locally
+ generated mail. From Eric Wassenaar.
+ Fix possible core dump on aliases with null LHS. From
+ John Orthoefer of BB&N.
+ Revert to using flock() whenever possible -- there are just
+ too many bugs in fcntl() locking, particularly over
+ NFS, that cause sendmail to fail in perverse ways.
+ Fix a bug that causes the connection cache to get confused
+ when sending error messages. This resulted in
+ "unexpected close" messages. It should fix itself
+ on the following queue run. Problem noted by
+ Liudvikas Bukys of the University of Rochester.
+ Include $k in $=k as documented in the Install & Op Guide.
+ This seems odd, but it was documented.... From
+ Michael Corrigan of UCSD.
+ Fix problem that caused :include:s from alias files to be
+ forced to be owned by root instead of daemon
+ (actually DefUid). From Tim Irvin.
+ Diagnose unrecognized I option values -- from Mortin Forssen
+ of the Chalmers University of Technology.
+ Make "error" mailer work consistently when there is no error
+ code associated with it -- previously it returned OK
+ even though there was a real problem. Now it assumes
+ Fix bug that caused the last header line of messages that had
+ no body and which were terminated with EOF instead of
+ "." to be discarded. Problem noted by Liudvikas Bukys.
+ Fix core dump on SMTP mail to programs that failed -- it tried
+ to go to a "next MX host" when none existed, causing
+ a core dump. From der Mouse at McGill University.
+ Change IDENTPROTO from a defined/not defined to a 0/1 switch;
+ this makes it easier to turn it off (using
+ -DIDENTPROTO=0 in the Makefile). From der Mouse.
+ Fix YP_MASTER_NAME store to use the unupdated result of
+ gethostname() (instead of myhostname(), which tries
+ to fully qualify the name) to be consistent with
+ SunOS. If your hostname is unqualified, this fixes
+ transfers to slave servers. Bug noted by Keith
+ McMillan of Ameritech Services, Inc.
+ Fix Ultrix problem: gethostbyname() can return a very large
+ (> 500) h_length field, which causes the sockaddr
+ to be trashed. Use the size of the sockaddr instead.
+ Fix from Bob Manson of Ohio State.
+ Don't assume "-a." on host lookups if NAMED_BIND is not
+ defined -- this confuses gethostbyname on hosts
+ file lookups, which doesn't understand the trailing
+ dot convention.
+ Log SMTP server subprocesses that die with a signal instead
+ of from a clean exit.
+ If you don't have option "I" set, don't assume that a DNS
+ "host unknown" message is authoritative -- it
+ might still be found in /etc/hosts.
+ Fix a problem that would cause Deferred: messages to be sent
+ as the subject of an error message, even though the
+ actual cause of a message was more severe than that.
+ Problem noted by Chris Seabrook of OSSI.
+ Fix race condition in DBM alias file locking. From Kyle
+ Jones of UUNET.
+ Limit delivery syslog line length to avoid bugs in some
+ versions of syslog(3). This adds a new compile time
+ variable SYSLOG_BUFSIZE. From Jay Plett of Princeton
+ University, which is in turn derived from IDA.
+ Fix quotes inside of comments in addresses -- previously
+ it insisted that they be balanced, but the 822 spec
+ says that they should be ignored.
+ Dump open file state to syslog upon receiving SIGUSR1 (for
+ debugging). This also evaluates ruleset 89, if set
+ (with the null input), and logs the result. This
+ should be used sparingly, since the rewrite process
+ is not reentrant.
+ Change -qI, -qR, and -qS flags to be case-insensitive as
+ documented in the Bat Book.
+ If the mailer returned EX_IOERR or EX_OSERR, sendmail did not
+ return an error message and did not requeue the message.
+ Fix based on code from Roland Dirlewanger of
+ Reseau Regional Aquarel, Bordeaux, France.
+ Fix a problem that caused a seg fault if you got a 421 error
+ code during some parts of connection initialization.
+ I've only seen this when talking to buggy mailers on
+ the other end, but it shouldn't give a seg fault in
+ any case. From Amir Plivatsky.
+ Fix core dump caused by a ruleset call that returns null.
+ Fix from Bryan Costales of ICSI.
+ Full-Name: field was being ignored. Fix from Motonori Nakamura
+ of Kyoto University.
+ Fix a possible problem with very long input lines in setproctitle.
+ From P{r Emanuelsson.
+ Avoid putting "This is a warning message" out on return receipts.
+ Suggested by Douglas Anderson.
+ Detect loops caused by recursive ruleset calls. Suggested by
+ Bryan Costales.
+ Initialize non-alias maps during alias rebuilds -- they may be
+ needed for parsing. Problem noted by Douglas Anderson.
+ Log sender address even if no message was collected in SMTP
+ (e.g., if all RCPTs failed). Suggested by Motonori
+ Nakamura.
+ Don't reflect the owner-list contents into the envelope sender
+ address if the value contains ", :, /, or | (to avoid
+ illegal addresses appearing there).
+ Efficiency hack for toktype macro -- from Craig Partridge of
+ BB&N.
+ Clean up DNS error printing so that a host name is always
+ included.
+ Remember to set $i during queue runs. Reported by Stephen
+ Campbell of Dartmouth University.
+ If the environment variable HOSTALIASES is set, use it during
+ canonification as the name of a file with per-user host
+ translations so that headers are properly mapped. Reported
+ by Anne Bennett of Concordia University.
+ Avoid printing misleading error message if SMTP mailer (not
+ using [IPC]) should die on a core dump.
+ Avoid incorrect diagnosis of "file 1 closed" when it is caused
+ by the other end closing the connection. From
+ Dave Morrison of Oracle.
+ Improve several of the error messages printed by "mailq"
+ to include a host name or other useful information.
+ Add NetInfo preliminary support for NeXT systems. From Vince
+ DeMarco.
+ Fix a glitch that sometimes caused :include:s that pointed to
+ NFS filesystems that were down to give an "aliasing/
+ forwarding loop broken" message instead of queueing
+ the message for retry. Noted by William C Fenner of
+ the NRL Connection Machine Facility.
+ Fix a problem that could cause a core dump if the input sequence
+ had (or somehow acquired) a \231 character.
+ Make sure that route-addrs always have <angle brackets> around
+ them in non-SMTP envelopes (SMTP envelopes already do
+ this properly).
+ Avoid weird headers on unbalanced punctuation of the form:
+ ``Joe User <user)'' -- this caused reference to the
+ null macro. Fix from Rick McCarty of IO.COM.
+ Fix a problem that caused an alias "user: user@local.host" to
+ not have the QNOTREMOTE bit set; this caused configs
+ to act as if FEATURE(notsticky) was defined even when
+ it was not. The effect of the problem was to make it
+ very hard to to set up satellite sites that had a few
+ local accounts, with everything else forwarded to a
+ corporate hub. Reported by Detlef Drewanz of the
+ University of Rostock and Mark Frost of NCD.
+ Change queuing to not call rulesets 3, {1 or 2}, 4 on header
+ addresses. This is more efficient (fewer name server
+ calls) and fixes certain unusual configurations, such
+ as those that have ruleset 4 do something that is
+ non-idempotent unless a mailer-specific ruleset did
+ something else. Problem reported by Brian J. Coan
+ of the Institute for Global Communications.
+ Fix the "obsolete argument" routine in main to better understand
+ new arguments. For example, if you used ``sendmail
+ -C config -v -q'' it would choke on the -q because
+ the -C would stop looking for old-format arguments.
+ Fix the code that was intended to allow two users to forward their
+ mail to the same program and have them appear unique.
+ Portability fixes for:
+ SCO UNIX from Murray Kucherawy.
+ SCO Open Server 3.2v4 from Philippe Brand.
+ System V Release 4 from Rick Ellis and others.
+ OSF/1 from Steve Campbell.
+ DG/UX from Ben Mesander of the USGS and Bryan Curnutt
+ of Stoner Associates.
+ Motorola SysV88 from Kevin Johnson of Motorola.
+ Solaris 2.3 from Casper H.S. Dik of the University
+ of Amsterdam and John Caruso of University
+ of Maryland.
+ FreeBSD from Ollivier Robert.
+ NetBSD from Adam Glass.
+ TitanOS from Kate Hedstrom of Rutgers University.
+ Irix from Bryan Curnutt.
+ Dynix from Jim Davis of the University of Arizona.
+ RISC/os.
+ Linux from John Kennedy of California State University
+ at Chico.
+ Solaris 2.x from Tony Boner of the U.S. Air Force.
+ NEXTSTEP 3.x from Vince DeMarco.
+ HP-UX from various people. NOTA BENE: the location
+ of the config file has moved to /usr/lib
+ to match the HP-UX version of sendmail.
+ CONFIG: Don't do any recipient rewriting on relay mailer;
+ since this is intended only for internal use, the
+ usual RFC 821/822/1123 rules can be relaxed. The
+ main point of this is to avoid munging (ugh) UUCP
+ addresses when relaying internally.
+ CONFIG: fix typo in mailer/uucp.m4 that mutilates list:;
+ syntax addresses delivered via UUCP. Solution
+ provided by Peter Wemm.
+ CONFIG: fix thumb-fumble in default UUCP relaying in ruleset
+ zero; it caused double @ signs in addresses. From
+ Irving Reid of the University of Toronto.
+ CONFIG: Portability fixes for SCO Unix 3.2 with TCP/IP 1.2.1
+ from Markku Toijala of ICL Personal Systems Oy.
+ CONFIG: Add trailing "." on pseudo-domains for consistency;
+ this fixes a problem (noted by Al Whaley of Sunnyside)
+ that made it hard to recognize your own pseudodomain
+ names.
+ CONFIG: catch "@host" syntax errors (i.e., null local-parts)
+ rather than letting them get "local configuration
+ error"s. Problem noted by John Gardiner Myers.
+ CONFIG: add uucp-uudom mailer variant, based on code posted
+ by Spider Boardman <spider@Orb.Nashua.NH.US>; this
+ has uucp-dom semantics but old UUCP syntax. This
+ also permits "uucp-old" as an alias for "uucp" and
+ "uucp-new" as a synonym for "suucp" for consistency.
+ CONFIG: add POP mailer support (from Kimmo Suominen
+ <kim@grendel.lut.fi>).
+ CONFIG: drop CSNET_RELAY support -- CSNET is long gone.
+ CONFIG: fix bug caused with domain literal addresses (e.g.,
+ ``[]'') when FEATURE(allmasquerade)
+ was set; it would get an additional @masquerade.host
+ added to the address. Problem noted by Peter Wan
+ of Georgia Tech.
+ CONFIG: make sure that the local UUCP name is in $=w. From
+ Jim Murray of Stratus.
+ CONFIG: changes to UUCP rewriting to simulate IDA-style "V"
+ mailer flag. Briefly, if you are sending to host
+ "foo", then it rewrites "foo!...!baz" to "...!baz",
+ "foo!baz" remains "foo!baz", and anything else has
+ the local name prepended.
+ CONFIG: portability fixes for HP-UX.
+ DOC: several minor problems fixed in the Install & Op Guide.
+ MAKEMAP: fix core dump problem on lines that are too long or
+ which lack newline. From Mark Delany.
+ MAILSTATS: print sums of columns (total messages & kbytes
+ in and out of the system). From Tom Ferrin of UC
+ San Francisco Computer Graphics Lab.
+ On HP-UX, /etc/sendmail.cf has been moved to
+ /usr/lib/sendmail.cf to match HP sendmail.
+ Permissions have been tightened up on world-writable
+ :include: files and accounts that have shells
+ that are not listed in /etc/shells. This may
+ cause some .forward files that have worked
+ before to start failing.
+ SIGUSR1 dumps some state to the log.
+ src/Makefile.DGUX
+ src/Makefile.Dynix
+ src/Makefile.FreeBSD
+ src/Makefile.Mach386
+ src/Makefile.NetBSD
+ src/Makefile.RISCos
+ src/Makefile.SCO
+ src/Makefile.SVR4
+ src/Makefile.Titan
+ cf/mailer/pop.m4
+ cf/ostype/bsdi1.0.m4
+ cf/ostype/dgux.m4
+ cf/ostype/dynix3.2.m4
+ cf/ostype/sco3.2.m4
+ makemap/Makefile.dist
+ praliases/Makefile.dist
+8.6.4/8.6.4 93/10/31
+ Repair core-dump problem (write to read-only memory segment)
+ if you fall back to the return-to-Postmaster case in
+ savemail. Problem reported by Richard Liu.
+ Immediately diagnose bogus sender addresses in SMTP. This
+ makes quite certain that crackers can't use this
+ class of attack.
+ Reliability Fix: check return value from fclose() and fsync()
+ in a few critical places.
+ Minor problem in initsys() that reversed a condition for
+ redirecting the output channel on queue runs. It's
+ not clear this code even does anything. From Eric
+ Wassenaar of the Dutch National Institute for Nuclear
+ and High-Energy Physics.
+ Fix some problems that caused queue runs to do "too much work",
+ such as double-reading the Errors-To: header. From
+ Eric Wassenaar.
+ Error messages on writing the temporary file (including the
+ data file) were getting suppressed in SMTP -- this
+ fix causes them to be properly reported. From Eric
+ Wassenaar.
+ Some changes to support AF_UNIX sockets -- this will only
+ really become relevant in the next release, but some
+ people need it for local patches. From Michael
+ Corrigan of UC San Diego.
+ Use dynamically allocated memory (instead of static buffers)
+ for macros defined in initsys() and settime(); since
+ these can have different values depending on which
+ envelope they are in. From Eric Wassenaar.
+ Improve logging to show ctladdr on to= logging; this tells you
+ what uid/gid processes ran as.
+ Fix a problem that caused error messages to be discarded if
+ the sender address was unparseable for some reason;
+ this was supposed to fall back to the "return to
+ postmaster" case.
+ Improve aliaswait backoff algorithm.
+ Portability patches for Linux (8.6.3 required another header
+ file) (from Karl London) and SCO UNIX.
+ CONFIG: patch prog mailer to not strip host name off of envelope
+ addresses (so that it matches local again). From
+ Christopher Davis.
+ CONFIG: change uucp-dom mailer so that "<>" translates to $n;
+ this prevents uux from seeing lines with null names like
+ ``From Sat Oct 30 14:55:31 1993''. From Motonori
+ Nakamura of Kyoto University.
+ CONFIG: handle <list:;> syntax correctly. This isn't legal, but
+ it shouldn't fail miserably. From Motonori Nakamura.
+8.6.2/8.6.2 93/10/15
+ Put a "successful delivery" message in the transcript for
+ addresses that get return-receipts.
+ Put a prominent "this is only a warning" message in warning
+ messages -- some people don't read carefully enough
+ and end up sending the message several times.
+ Include reason for temporary failure in the "warning" return
+ message. Currently, it just says "cannot send for
+ four hours".
+ Fix the "Original message received" time generated for
+ returntosender messages. It was previously listed as
+ the current time. Bug reported by Eric Hagberg of
+ Cornell University Medical College.
+ If there is an error when writing the body of a message,
+ don't send the trailing dot and wait for a response
+ in sender SMTP, as this could cause the connection to
+ hang up under some bizarre circumstances. From Eric
+ Wassenaar.
+ Fix some server SMTP synchronization problems caused when
+ connections fail during message collection. From
+ Eric Wassenaar.
+ Fix a problem that can cause srvrsmtp to reject mail if the
+ name server is down -- it accepts the RCPT but rejects
+ the DATA command. Problem reported by Jim Murray of
+ Stratus.
+ Fix a problem that can cause core dumps if the config file
+ incorrectly resolves to a null hostname. Reported by
+ Allan Johannesen of WPI.
+ Non-root use of -C flag, dangerous -f flags, and use of -oQ
+ by non-root users were not put into
+ X-Authentication-Warning:s as intended because the
+ config file hadn't set the PrivacyFlags yet. Fix
+ from Sven-Ove Westberg of the University of Lulea.
+ Under very odd circumstances, the alias file rebuild code
+ could get confused as to whether a database was
+ open or not.
+ Check "vendor code" on the end of V lines -- this is
+ intended to provide a hook for vendor-specific
+ configuration syntax. (This is a "new feature",
+ but I've made an exception to my rule in a belief
+ that this is a highly exceptional case.)
+ Portability fixes for DG/UX (from Douglas Anderson of NCSC),
+ SCO Unix (from Murray Kucherawy), A/UX, and OSF/1
+ (from Jon Forrest of UC Berkeley)
+ CONFIG: fix ``mailer:host'' form of UUCP relay naming.
+8.6.1/8.6 93/10/08
+ Portability fixes for A/UX and Encore UMAX V.
+ Fix error message handling -- if you had a name server down
+ causing an error during parsing, that message was never
+ propagated to the queue file.
+8.6/8.6 93/10/05
+ Configuration cleanup: make it easier to undo IDENTPROTO in
+ conf.h (other systems have the same bug).
+ If HASGETDTABLESIZE and _SC_OPEN_MAX are both defined, assume
+ getdtablesize() instead of sysconf(); a disturbingly
+ large number of systems defined _SC_OPEN_MAX in the
+ header files but don't have the syscall.
+ Another patch to really truly ignore MX records in getcanonname
+ if trymx == FALSE.
+ Fix problem that caused the "250 IAA25499 Message accepted for
+ delivery" message to be omitted if there was an error
+ in the header of the message (e.g., a bad Errors-To:
+ line). Pointed out by Michael Corrigan of UCSD.
+ Announce name of host we are chatting when we get errors; this
+ is an IDA-ism suggested by Christophe Wolfhugel.
+ Portability fixes for Alpha OSF/1 (from Anthony Baxter of the
+ Australian Artificial Intelligence Institute), SCO Unix
+ (from Murray Kucherawy of Hookup Communication Corp.),
+ NeXT (from Vince DeMarco and myself), Linux (from
+ Karl London <karl@borg.demon.co.uk>), BSDI (from
+ Christophe Wolfhugel, and SVR4 on Dell (from Kimmo
+ Suominen), AUX 3.0 on Macintosh, and ANSI C compilers.
+ Some changes to get around gcc optimizer bugs. From Takahiro
+ Kanbe.
+ Fix error recovery in queueup if another tf file of the same
+ name already exists. Problem stumbled over by Bill
+ Wisner of The Well.
+ Output YP_MASTER_NAME and YP_LAST_MODIFIED without null bytes.
+ Problem noted by Keith McMillan of Ameritech Services.
+ Deal with group permissions properly when opening .forward and
+ :include: files. This relaxes the 8.1C restrictions
+ slightly more. This includes proper setting of groups
+ when reading :include: files, allowing you to read some
+ files that you should be able to read but have previously
+ been denied unless you owned them or they had "other"
+ read permission.
+ Make certain that $j is in $=w (after the .cf is read) so that
+ if the user is forced to override some silly system,
+ MX suppression will still work.
+ Fix a couple of efficiency problems where newstr was double-
+ calling expensive routines. In at least one case, it
+ wasn't guaranteed that they would always return the
+ same result. Problem noted by Christophe Wolfhugel.
+ Fix null pointer dereference in putoutmsg -- only on an error
+ condition from a non-SMTP mailer. From Motonori
+ Nakamura.
+ Macro expand "C" line class definitions before scanning so that
+ "CX $Z" works.
+ Fix problem that caused error message to be sent while still
+ trying to send the original message if the connection
+ is closed during a DATA command after getting an error
+ on an RCPT command (pretty obscure). Problem reported
+ by John Myers of CMU.
+ Fix reply to NOOP to be 250 instead of 200 -- this is a long
+ term bug.
+ Fix a nasty bug causing core dumps when returning the "warning:
+ cannot deliver for N hours -- will keep trying" message;
+ it only occurred if you had PostMasterCopy set and
+ only on some architectures. Although sendmail would
+ keep trying, it would send error messages on each
+ queue interval. This is an important fix.
+ Allow u and g options to take user and group names respectively.
+ Don't do a chdir into the queue directory in -bt mode to make
+ ruleset testing a bit easier.
+ Don't allow users to turn off logging (using -oL) on the command
+ line -- command line can only raise, not lower, logging
+ level.
+ Set $u to the original recipient on the SMTP transaction or on
+ the command line. This is only done if there is exactly
+ one recipient. Technically, this does not meet the
+ specs, because it does not guarantee a domain on the
+ address.
+ Fix a problem that dumped error messages on bad addresses if
+ you used the -t flag. Problem noted by Josh Smith of
+ Harvey Mudd College.
+ Given an address such as ``<foo> <bar>'', auto-quote the first
+ ``<foo>'' part, giving ``"<foo>" <bar>''. This is to
+ avoid the problem of people who use angle brackets in
+ their full name information.
+ Fix a null pointer dereference if you set option "l", have
+ an Errors-To: header in the message, and have Errors-To:
+ defined in the config file H lines. From J.R. Oldroyd.
+ Put YPCOMPAT on #ifdef NIS instead -- it's one less thing to get
+ wrong when compiling. Suggested by Rick McCarty of TI.
+ Fix a problem that could pass negative SIZE parameter if the
+ df file got lost; this would cause servers to always
+ give a temporary failure, making the problem even worse.
+ Problem noted by Allan Johannesen of WPI.
+ Add "ident" timeout (one of the "r" option selectors) for IDENT
+ protocol timeouts (30s default). Requested by Murray
+ Kucherawy of HookUp Communication Corp. to handle bogus
+ PC TCP/IP implementations.
+ Change $w default definition to be just the first component of
+ the domain name on config level 5. The $j macro defaults
+ to the FQDN; $m remains as before. This lets well-behaved
+ config files use any of the short, long, or subdomain
+ names.
+ Add makesendmail script in src to try to automate multi-architecture
+ builds. I know, this is sub-optimal, but it is still
+ helpful.
+ Fix very obscure race condition that can cause a queue run to
+ get a queue file for an already completed job. This
+ problem has existed for years. Problem noted by the
+ long suffering Allan Johannesen of WPI.
+ Fix a problem that caused the raw sender name to be passed to
+ udbsender instead of the canonified name -- this caused
+ it to sometimes miss records that it should have found.
+ Relax check of name on HELO packet so that a program using -bs
+ that claims to be itself works properly.
+ Restore rewriting of $: part of address through 2, R, 4 in
+ buildaddr -- this requires passing a lot of flags to get
+ it right. Unlike old versions, this ONLY rewrites
+ recipient addresses, not sender addresses.
+ Fix a bug that caused core dumps in config files that cannot
+ resolve /file/name style addresses. Fix from Jonathan
+ Kamens of OpenVision Technologies.
+ Fix problem with fcntl locking that can cause error returns to
+ be lost if the lock is lost; this required fully
+ queueing everything, dropping the envelope (so errors
+ would get returned), and then re-reading the queue from
+ scratch.
+ Fix a problem that caused aliases that redefine an otherwise
+ true address to still send to the original address
+ if and only if the alias failed in certain bizarre
+ ways (e.g, if they pointed at a list:; syntax address).
+ Problem pointed out by Jonathan Kamens.
+ Remove support for frozen configuration files. They caused
+ more trouble than it was worth.
+ Fix problem that can cause error messages to get ignored when
+ using both -odb and -t flags. Problem noted by Rob
+ McNicholas at U.C. Berkeley.
+ Include all "normal" variations on hostname in $=w. For example,
+ if the host name is vangogh.cs.berkeley.edu, $=w will
+ contain vangogh, vangogh.cs, and vangogh.cs.berkeley.edu.
+ Add "restrictqrun" privacy flag -- without this, anyone can run
+ the queue.
+ Reset SmtpPhase global on initial connection creation so that
+ messages don't come out with stale information.
+ Pass an "ext" argument to lockfile so that error/log messages
+ will properly reflect the true filename being locked.
+ Put all [...] address forms into $=w -- this eliminates the need
+ for MAXIPADDR in conf.h. Suggested by John Gardiner
+ Myers of CMU.
+ Fix a bug that can cause qf files to be left around even after
+ an SMTP RSET command. Problem and fix from Michael
+ Corrigan.
+ Don't send a PostMasterCopy to errors when the Precedence: is
+ negative. Error reports still go to the envelope
+ sender address.
+ Add LA_SHORT for load averages.
+ Lock sendmail.st file when posting statistics.
+ Add "SendBufSize" and "RcvBufSize" suboptions to "O" option to
+ set the size of the TCP send and receive buffers; if you
+ run over a slow slip line you may need to set these down
+ (although it would be better to fix the SLIP implementation
+ so that it's not necessary to recompile every program
+ that does bulk data transfer).
+ Allow null defaults on $( ... $) lookups. Problem reported by
+ Amir Plivatsky.
+ Diagnose crufty S and V config lines. This resulted from an
+ observation that some people were using the SITE macro
+ without the SITECONFIG macro first, which was causing
+ bogus config files that were not caught.
+ Fix makemap -f flag to turn off case folding (it was turning it
+ Fix a problem that caused multiple error messages to be sent if
+ you used "sendmail -t -oem -odb", your system uses fcntl
+ locking, and one of the recipient addresses is unknown.
+ Reset uid earlier in include() so that recursive .forwards or
+ :include:s don't use the wrong uid.
+ If file descriptor 0, 1, or 2 was closed when sendmail was
+ called, the code to recover the descriptor was broken.
+ This sometimes (only sometimes) caused problems with the
+ alias file. Fix from Motonori Nakamura.
+ Fix a problem that caused aliaswait to go into infinite recursion
+ if the @:@ metasymbol wasn't found in the alias file.
+ Improve error message on newaliases if database files cannot be
+ opened or if running with no database format defined.
+ Do a better estimation of the size of error messages when NoReturn
+ is set. Problem noted by P{r (Pell) Emanuelsson.
+ Fix a problem causing the "c" option (don't connect to expensive
+ mailers) to be ignored in SMTP. Problem noted and the
+ solution suggested by Robert Elz of The University of
+ Melbourne.
+ Improve connection caching algorithm by passing "[host]" to
+ hostsignature, which strips the square brackets and
+ returns the real name. This allows mailertable entries
+ to match regular entries.
+ Re-enable Return-Receipt-To: -- people seem to want this stupid
+ feature, even if it doesn't work right.
+ Catch and log attempts to try the "wiz" command in server SMTP.
+ This also ups the log level from LOG_NOTICE to LOG_CRIT.
+ Be more generous at assigning $z to the home directory -- do this
+ for programs that are specified through a .forward file.
+ Fix from Andrew Chang of Sun Microsystems.
+ Always save a fatal error message in preference to a non-fatal
+ error message so that the "subject" line of return
+ messages is the best possible.
+ CONFIG: reduce the number of quotes needed to quote configuration
+ parameters with commas: two quotes should work now, e.g.,
+ define(ALIAS_FILE, ``/etc/aliases,/etc/aliases.local'').
+ CONFIG: class $=Z is a set of UUCP hosts that use uucp-dom
+ connections (domain-ized UUCP).
+ CONFIG: fix bug in default maps (-o must be before database file
+ name). Pointed out by Christophe Wolfhugel.
+ CONFIG: add FEATURE(nodns) to state that we are not relying on
+ DNS. This would presumably be used in UUCP islands.
+ CONFIG: add OSTYPE(nextstep) and OSTYPE(linux).
+ CONFIG: log $u in Received: line. This is in technical violation
+ of the standards, since it doesn't guarantee a domain
+ on the address.
+ CONFIG: don't assume "m" in local mailer flags -- this means that
+ if you redefine LOCAL_MAILER_FLAGS you will have to include
+ the "m" flag should you want it. Apparently some Solaris 2.2
+ installations can't handle multiple local recipients.
+ Problem noted by Josh Smith.
+ CONFIG: add confDOMAIN_NAME to set $j (if undefined, $j defaults).
+ CONFIG: change default version level from 4 to 5.
+ CONFIG: add FEATURE(nullclient) to create a config file that
+ forwards all mail to a hub without ever looking at the
+ addresses in any detail.
+ CONFIG: properly strip mailer: information off of relays when
+ used to change .BITNET form into %-hack form.
+ CONFIG: fix a problem that caused infinite loops if presented
+ with an address such as "!foo".
+ CONFIG: check for self literal (e.g., []) even if
+ the reverse "PTR" mapping is broken. There's a better
+ way to do this, but the change is fairly major and I
+ want to hold it for another release. Problem noted by
+ Bret Marquis.
+8.5/8.5 93/07/23
+ Serious bug: if you used a command line recipient that was unknown
+ sendmail would not send a return message (it was treating
+ everything as though it had an SMTP-style client that
+ would do the return itself). Problem noted by Josh Smith.
+ Change "trymx" option in getcanonname() to ignore all MX data,
+ even during a T_ANY query. This actually didn't break
+ anything, because the only time you called getcanonname
+ with !trymx was if you already knew there were no MX
+ records, but it is somewhat cleaner. From Motonori
+ Nakamura.
+ Don't call getcanonname from getmxrr if you already know there
+ are no DNS records matching the name.
+ Fix a problem causing error messages to always include "The
+ original message was received ... from localhost".
+ The correct original host information is now included.
+ Previous change to cf/sh/makeinfo.sh doesn't port to Ultrix (their
+ version of "test" doesn't have the -x flag). Change it
+ to use -f instead. From John Myers.
+ CONFIG: 8.4 mistakenly set the default SMTP-style mailer to
+ esmtp -- it should be smtp.
+ CONFIG: send all relayed mail using confRELAY_MAILER (defaults
+ to "relay" (a variant of "smtp") if MAILER(smtp) is used,
+ else "suucp" if MAILER(uucp) is used, else "unknown");
+ this cleans up the configs somewhat. This fixes a serious
+ problem that caused route-addrs to get mistaken as relays,
+ pointed out by John Myers. WARNING: this also causes
+ the default on SMART_HOST to change from "suucp" to
+ "relay" if you have MAILER(smtp) specified.
+8.4/8.4 93/07/22
+ Add option `w'. If you receive a message that comes to you because
+ you are the best (lowest preference) target of an MX, and
+ you haven't explicitly recognized the source MX host in
+ your .cf file, this option will cause you to try the target
+ host directly (as if there were no MX for it at all). If
+ `w' is not set, this case is a configuration error.
+ Beware: if `w' is set, senders may get bogus errors like
+ "message timed out" or "host unknown" for problems that
+ are really configuration errors. This option is
+ disrecommended, provided only for compatibility with
+ UIUC sendmail.
+ Fix a problem that caused the incoming socket to be left open
+ when sendmail forks after the DATA command. This caused
+ calling systems to wait in FIN_WAIT_2 state until the
+ entire list was processed and the child closed -- a
+ potentially prodigious amount of time. Problem noted
+ by Neil Rickert.
+ Fix problem (created in 6.64) that caused mail sent to multiple
+ addresses, one of which was a bad address, to completely
+ suppress the sending of the message. This changes
+ handling of EF_FATALERRS somewhat, and adds an
+ EF_GLOBALERRS flag. This also fixes a potential problem
+ with duplicate error messages if there is a syntax error
+ in the header of a message that isn't noticed until late
+ in processing. Original problem pointed out by Josh Smith
+ of Harvey Mudd College. This release includes quite a bit
+ of dickering with error handling (see below).
+ Back out SMTP transaction if MAIL gets nested 501 error. This
+ will only hurt already-broken software and should help
+ humans.
+ Fix a problem that broke aliases when neither NDBM nor NEWDB were
+ compiled in. It would never read the alias file.
+ Repair unbalanced `)' and `>' (the "open" versions are already
+ repaired).
+ Logging of "done" in dropenvelope() was incorrect: it would
+ log this even when the queue file still existed. Change
+ this to only log "done" (at log level 11) when the
+ queue file is actually removed. From John Myers.
+ Log "lost connection" in server SMTP at log level 20 if there
+ is no pending transaction. Some senders just close the
+ connection rather than sending QUIT.
+ Fix a bug causing getmxrr to add a dot to the end of unqualified
+ domains that do not have MX records -- this would cause
+ the subsequent host name lookup to fail. The problem
+ only occurred if you had FEATURE(nocanonify) set.
+ Problem noted by Rick McCarty of Texas Instruments.
+ Fix invocation of setvbuf when passed a -X flag -- I had
+ unwittingly used an ANSI C extension, and this caused
+ core dumps on some machines.
+ Diagnose self-destructive alias loops on RCPT as well as EXPN.
+ Previously it just gave an empty send queue, which
+ then gave either "Need RCPT (recipient)" at the DATA
+ (confusing, since you had given an RCPT command which
+ returned 250) or just dropped the email, depending on
+ whether you were running VERBose mode. Now it usually
+ diagnoses this case as "aliasing/forwarding loop broken".
+ Unfortunately, it still doesn't adequately diagnose
+ some true error conditions.
+ Add internal concept of "warning messages" using 6xx codes.
+ These are not reported only to Postmaster. Unbalanced
+ parens, brackets, and quotes are printed as 653 codes.
+ They are always mapped to 5xx codes before use in SMTP.
+ Clean up error messages to tell both the actual address that
+ failed and the alias they arose from. This makes it
+ somewhat easier to diagnose problems. Difficulty noted
+ by Motonori Nakamura.
+ Fix a problem that inappropriately added a ctladdr to addresses
+ that shouldn't have had one during a queue run. This
+ caused error messages to be handled differently during
+ a queue run than a direct run.
+ Don't print the qf name and line number if you get errors during
+ the direct run of the queue from srvrsmtp -- this was
+ just extra stuff for users to crawl through.
+ Put command line flags on second line of pid file so you can
+ auto-restart the daemon with all appropriate arguments.
+ Use "kill `head -1 /etc/sendmail.pid`" to stop the
+ daemon, and "eval `tail -1 /etc/sendmail.pid`" to
+ restart it.
+ Remove the ``setuid(getuid())'' in main -- this caused the
+ IDENT daemon to screw up. This required that I change
+ HASSETEUID to HASSETREUID and complicate the mode
+ changing somewhat because both Ultrix and SunOS seem
+ to have a bug causing seteuid() to set the saved uid
+ as well as the effective. The program test/t_setreuid.c
+ will test to see if your implementation of setreuid(2)
+ is appropriately functional.
+ The FallBackMX (option V) handling failed to properly identify
+ fallback to yourself -- most of the code was there,
+ but it wasn't being enabled. Problem noted by Murray
+ Kucherawy of the University of Waterloo.
+ Change :include: open timeout from ETIMEDOUT to an internal
+ code EOPENTIMEOUT; this avoids adding "during SmtpPhase
+ with CurHostName" in error messages, which can be
+ confusing. Reported by Jonathan Kamens of OpenVision
+ Technologies.
+ Back out setpgrp (setpgid on POSIX systems) call to reset the
+ process group id. The original fix was to get around
+ some problems with recalcitrant MUAs, but it breaks
+ any call from a shell that creates a process group id
+ different from the process id. I could try to fix
+ this by diddling the tty owner (using tcsetpgrp or
+ equivalent) but this is too likely to break other
+ things.
+ Portability changes:
+ Support -M as equivalent to -oM on Ultrix -- apparently
+ DECnet calls sendmail with -MrDECnet -Ms<HOST> -bs
+ instead of using standard flags. Oh joy. This
+ behaviour reported by Jon Giltner of University
+ of Colorado.
+ SGI IRIX -- this includes several changes that should
+ help other strict ANSI compilers.
+ SCO Unix -- from Murray Kucherawy of HookUp Communication
+ Corporation.
+ Solaris running the Sun C compiler (which despite the
+ documentation apparently doesn't define
+ __STDC__ by default).
+ ConvexOS from Eric Schnoebelen of Convex.
+ Sony NEWS workstations and Omron LUNA workstations from
+ Motonori Nakamura.
+ CONFIG: add confTRY_NULL_MX_LIST to set option `w'.
+ CONFIG: delete `C' and `e' from default SMTP mailers flags;
+ several people have made a good argument that this
+ creates more problems than it solves (although this
+ may prove painful in the short run).
+ CONFIG: generalize all the relays to accept a "mailer:host"
+ format.
+ CONFIG: move local processing in ruleset 0 into a new ruleset
+ 98 (8 on old sendmail). Domain literal [a.b.c.d]
+ addresses are also passed through this ruleset.
+ CONFIG: if neither SMART_HOST nor MAILER(smtp) were defined,
+ internet-style addresses would "fall off the end" of
+ ruleset zero and be interpreted as local -- however,
+ the angle brackets confused the recursive call.
+ These are now diagnosed as "Unrecognized host name".
+ CONFIG: USENET rules weren't included in S0 because of a mistaken
+ ifdef(`_MAILER_USENET_') instead of
+ ifdef(`_MAILER_usenet_'). Problem found by Rein Tollevik
+ of SINTEF RUNIT, Oslo.
+ CONFIG: move up LOCAL_RULE_0 processing so that it happens very
+ early in ruleset 0; this allows .mc authors to bypass
+ things like the "short circuit" code for local addresses.
+ Prompted by a comment by Bill Wisner of The Well.
+ CONFIG: add confSMTP_MAILER to define the mailer used (smtp or
+ esmtp) to send SMTP mail. This allows you to default
+ to esmtp but use a mailertable or other override to
+ deal with broken servers. This logic was pointed out
+ to me by Bill Wisner. Ditto for confLOCAL_MAILER.
+ Changes to cf/sh/makeinfo.sh to make it portable to SVR4
+ environments. Ugly as sin.
+8.3/8.3 93/07/13
+ Fix setuid problems introduced in 8.2 that caused messages
+ like "Cannot create qfXXXXXX: Invalid argument"
+ or "Cannot reopen dfXXXXXX: Permission denied". This
+ involved a new compile flag "HASSETEUID" that takes
+ the place of the old _POSIX_SAVED_IDS -- it turns out
+ that the POSIX interface is broken enough to break
+ some systems badly. This includes some fixes for
+ HP-UX. Also fixes problems where the real uid is
+ not reset properly on startup (from Neil Rickert).
+ Fix a problem that caused timed out messages to not report the
+ addresses that timed out. Error messages are also more
+ "user friendly".
+ Drop required bandwidth on connections from 64 bytes/sec to
+ 16 bytes/sec.
+ Further Solaris portability changes -- doesn't require the BSD
+ compatibility library. This also adds a new
+ "HASGETDTABLESIZE" compile flag which can be used if
+ you want to use getdtablesize(2) instead of sysconf(2).
+ These are loosely based on changes from David Meyer at
+ University of Oregon. This now seems to work, at least
+ for quick test cases.
+ Fix a problem that can cause duplicate error messages to be
+ sent if you are in SMTP, you send to multiple addresses,
+ and at least one of those addresses is good and points
+ to an account that has a .forward file (whew!).
+ Fix a problem causing messages to be discarded if checkcompat()
+ returned EX_TEMPFAIL (because it didn't properly mark
+ the "to" address). Problem noted by John Myers.
+ Fix dfopen to return NULL if the open failed; I was depending
+ on fdopen(-1) returning NULL, which isn't the case. This
+ isn't serious, but does result in weird error diagnoses.
+ From Michael Corrigan.
+ CONFIG: add UUCP_MAX_SIZE M4 macro to set the maximum size of
+ messages sent through UUCP-family mailers. Suggested
+ by Bill Wisner of The Well.
+ CONFIG: if both MAILER(uucp) and MAILER(smtp) are specified,
+ include a "uucp-dom" mailer that uses domain-style
+ addressing. Suggested by Bill Wisner.
+ Christophe Wolfhugel.
+ CONFIG: Add OSTYPE(aix3). From Christophe Wolfhugel.
+8.2/8.2 93/07/11
+ Don't drop out on config file parse errors in -bt mode.
+ On older configuration files, assume option "l" (use Errors-To
+ header) for back compatibility. NOTE: this DOES NOT
+ imply an endorsement of the Errors-To: header in any way.
+ Accept -x flag on AIX-3 as well as OSF/1. Why, why, why???
+ Don't log errors on EHLO -- it isn't a "real" error for an old
+ SMTP server to give an error on this command, and
+ logging it in the transcript can be confusing. Fix
+ from Bill Wisner.
+ IRIX compatibility changes provided by Dan Rich
+ <drich@sandman.lerc.nasa.gov>.
+ Solaris 2 compatibility changes. Provided by Bob Cunningham
+ <bob@kahala.soest.hawaii.edu>, John Oleynick
+ <juo@klinzhai.rutgers.edu>
+ Debugging: -d17 was overloaded (hostsignature and usersmtp.c);
+ move usersmtp (smtpinit and smtpmailfrom) to -d18 to
+ match the other flags in that file.
+ Flush transcript before fork in mailfile(). From Eric Wassenaar.
+ Save h_errno in mci struct and improve error message display.
+ Changes from Eric Wassenaar.
+ Open /dev/null for the transcript if the create of the xf file
+ failed; this avoids at least one possible null pointer
+ reference in very weird cases. From Eric Wassenaar.
+ Clean up statistics gathering; it was over-reporting because of
+ forks. From Eric Wassenaar.
+ Fix problem that causes old Return-Path: line to override new
+ Return-Path: line (conf.c needs H_FORCE to avoid
+ re-using old value). From Motonori Nakamura.
+ Fix broken -m flag in K definition -- even if -m (match only)
+ was specified, it would still replace the key with the
+ value. Noted by Rick McCarty of Texas Instruments.
+ If the name server timed out over several days, no "timed out"
+ message would ever be sent back. The timeout code
+ has been moved from markfailure() to dropenvelope()
+ so that all such failures should be diagnosed. Pointed
+ out by Christophe Wolfhugel and others.
+ Relax safefile() constraints: directories in an include or
+ forward path must be readable by self if the controlling
+ user owns the entry, readable by all otherwise (e.g.,
+ when reading your .forward file, you have to own and
+ have X permission in it; everyone needs X permission in
+ the root and directories leading up to your home);
+ include files must be readable by anyone, but need not
+ be owned by you.
+ If _POSIX_SAVED_IDS is defined, setuid to the owner before
+ reading a .forward file; this gets around some problems
+ on NFS mounts if root permission is not exported and
+ the user's home directory isn't x'able.
+ Additional NeXT portability enhancements from Axel Zinser.
+ Additional HP-UX portability enhancements from Brian Bullen.
+ Add a timeout around SMTP message writes; this assumes you can
+ get throughput of at least 64 bytes/second. Note that
+ this does not impact the "datafinal" default, which
+ is separate; this is just intended to work around
+ network clogs that will occur before the final dot
+ is sent. From Eric Wassenaar.
+ Change map code to set the "include null" flag adaptively --
+ it initially tries both, but if it finds anything
+ matching without a null it never tries again with a
+ null and vice versa. If -N is specified, it never
+ tries without the null and creates new maps with a
+ null byte. If -O is specified, it never tries with
+ the null (for efficiency). If -N and -O are specified,
+ you get -NO (get it?) lookup at all, so this would
+ be a bad idea. If you don't specify either -N or -O,
+ it adapts.
+ Fix recognition of "same from address" so that MH submissions
+ will insert the appropriate full name information;
+ this used to work and got broken somewhere along the
+ way.
+ Some changes to eliminate some unnecessary SYSERRs in the
+ log. For example, if you lost a connection, don't
+ bother reporting that fact on the connection you lost.
+ Add some "extended debugging" flags to try to track down
+ why we get occasional problems with file descriptor
+ one being closed when execing a mailer; it seems to
+ only happen when there has been another error in the
+ same transaction. This requires XDEBUG, defined
+ by default in conf.h.
+ Add "-X filename" command line flag, which logs both sides of
+ all SMTP transactions. This is intended ONLY for
+ debugging bad implementations of other mailers; start
+ it up, send a message from a mailer that is failing,
+ and then kill it off and examine the indicated log.
+ This output is not intended to be particularly human
+ readable. This also adds the HASSETVBUF compile
+ flag, defaulted on if your compiler defines __STDC__.
+ CONFIG: change SMART_HOST to override an SMTP mailer. If you
+ have a local net that should get direct connects, you
+ will need to use LOCAL_NET_CONFIG to catch these hosts.
+ See cf/README for an example.
+ CONFIG: add LOCAL_MAILER_ARGS (default: `mail -d $u') to handle
+ sites that don't use the -d flag.
+ CONFIG: hide recipient addresses as well as sender addresses
+ behind $M if FEATURE(allmasquerade) is specified; this
+ has been requested by several people, but can break
+ local aliases. For example, if you mail to "localalias"
+ this will be rewritten as "localalias@masqueradehost";
+ although initial delivery will work, replies will be
+ broken. Use it sparingly.
+ CONFIG: add FEATURE(domaintable). This maps unqualified domains
+ to qualified domains in headers. I believe this is
+ largely equivalent to the IDA feature of the same name.
+ CONFIG: use $U as UUCP name instead of $k. This permits you
+ to override the "system name" as your UUCP name --
+ in particular, to use domain-ized UUCP names. From
+ Bill Wisner of The Well.
+ CONFIG: create new mailer "esmtp" that always tries EHLO
+ first. This is currently unused in the config files,
+ but could be used in a mailertable entry.
+8.1C/8.1B 93/06/27
+ Serious security bug fix: it was possible to read any file on
+ the system, regardless of ownership and permissions.
+ If a subroutine returns a fully qualified address, return it
+ immediately instead of feeding it back into rewriting.
+ This fixes a problem with mailertable lookups.
+ CONFIG: fix some M4 frotz (concat => CONCAT)
+8.1B/8.1A 93/06/12
+ Serious bug fix: pattern matching backup algorithm stepped by
+ two tokens in classes instead of one. Found by Claus
+ Assmann at University of Kiel, Germany.
+8.1A/8.1A 93/06/08
+ Another mailertable fix....
+8.1/8.1 93/06/07
+ 4.4BSD freeze. No semantic changes.
+6.65/6.34 93/06/06
+ Fix some lintish problems.
+ Fix some cases where server SMTP behaved poorly when handed bogus
+ input, pointed out by Eric Wassenaar.
+ CONFIG: fix some more (sigh) mailertable bugs -- thanks to
+ Motonori Nakamura of Kyoto University (again).
+6.64/6.33 93/06/05
+ Don't send 050 (-v) information after the 250 response to a QUIT
+ command in srvrsmtp -- clients usually close the connection
+ at this point, and it causes bogus error messages.
+ Don't send messages that have errors on input (such as unbalanced
+ parentheses) during SMTP transactions, since a return
+ message has (probably) already been sent.
+ Give better diagnostics on timeouts during network reads, including
+ information similar to the SMTP phase.
+ Fix bug that caused SMTP messages to deliver synchronously; this
+ happened after the DATA 250, and hence caused reading the
+ next command to be delayed.
+ Ignore Errors-To: header unless 'l' (lower case el) header is
+ specified. The Errors-To: header violates RFC 1123.
+ Errors-To: was only needed to take the place of the
+ envelope sender in the days when most Unix mailers
+ didn't understand about the two kinds of senders.
+ Don't send warning messages in response to automatically generated
+ messages (that is, those From:<>).
+ CONFIG: fix some rather stupid typos in the mailertable code
+ pointed out by Motonori Nakamura of Kyoto University.
+ CONFIG: add confUSE_ERRORS_TO configuration option.
+ CONFIG: if ALWAYS_ADD_DOMAIN is selected, try to use $M
+ (masquerade name) instead of $j.
+ CONFIG: don't add dots to relay names (added in 6.29); it breaks
+ several things, and can be simulated by dot terminating
+ the names of relays. For example, use:
+ DBbit.net.relay.
+ (note the trailing dot).
+6.63/6.32 93/06/01
+ Fix prototypes to eliminate chars in argument lists -- some
+ compilers are pissy about this.
+ Log protocol ($r) and body type if set so we can determine if
+ the adaptive algorithms are working.
+ Pessimize on locking of database files (particularly for NEWDB
+ databases) during opens. There were problems with
+ processes opening the file while it was rebuilt; since
+ NEWDB caches heavily, the reader opened an empty file,
+ which is an error. If your system has the ability to
+ lock atomically on open, this works properly; otherwise,
+ there are race conditions.
+ Check mod time on .pag file instead of .dir in NDBM aliases
+ because the .dir file doesn't get updated for small
+ alias files. From John Gardiner Myers of CMU.
+ More Solaris portability -- it now compiles on Solaris, but
+ hangs up in gethostbyname().
+ Move setting of RES_DEBUG flag before first myhostname() call
+ so we can see name server traffic on that call.
+ Fsync() queue files.
+ Fix a problem that causes -bi to try to rebuild maps other than
+ the alias file(s).
+ Fix a problem that caused udb to reject entries from any but
+ the first database listed.
+ Rearrange doc subdirectory for 4.4BSD release tape.
+ CONFIG: put $r into the Received line. This was an oversight.
+ CONFIG: fix typo (call to ruleset 99 should have been ruleset 90).
+ CONFIG: move "auxiliary" subroutines to be in ruleset 90-99
+ range -- in the long run, single digit rulesets may
+ become reserved for builtin use by sendmail.
+ CONFIG: fix major problem that causes host aliases (that is,
+ anything in $=w != $j) to not be recognized. This has
+ been around since 6.30.
+6.62/6.31 93/05/28
+ Fix recursive syserr (if there is an error printing a syserr
+ message). This makes the code much less eager to consider
+ a write error as serious. This also includes some
+ heuristics to be clever about closed connections.
+ Lock NEWDB files during gets. This requires version 1.5 or later
+ of the db library. If you have an older version, you
+ can use -DOLD_NEWDB. This will go away in a few weeks.
+ Fix problem causing aliases that use host maps to get overwritten.
+ Do appropriate byte swapping on port numbers in ident protocol
+ code. Fix from Allan Johannesen of WPI.
+ Defer opening of map files to the same time as alias files so that
+ the daemon will tend to pick up new versions more promptly.
+ Prototype a bunch more functions.
+ Some Solaris 2.1 changes (still doesn't link though).
+ Try to simplify Makefiles by including more subordinate #defines
+ in conf.h (based on OS type).
+ CONFIG: check for domains if FEATURE(mailertable) is defined.
+ For example, if the host name is "knecht.cs.berkeley.edu"
+ it will search the following mailertable keys:
+ knecht.cs.berkeley.edu
+ .cs.berkeley.edu
+ .berkeley.edu
+ .edu
+ This could be used to replace the special relays for bitnet
+ and similar nets.
+6.61/6.30 93/05/24
+ Fix problem that prevented appending dots on canonified host
+ names. This breaks tons of config files -- very
+ important fix.
+ Fix improper pointer dereference in response to HELO command.
+ Fix core dump if debugging set in map_rewrite.
+ CONFIG: add FEATURE(always_add_domain) to always attach the
+ local domain (only impacts local mail).
+ CONFIG: try to avoid turning names into $j -- although
+ technically a host can only have one "canonical name",
+ it seems to be common practice to have several.
+6.60/6.29 93/05/22
+ Major change: merge alias databases with maps. This expands and
+ changes the map class interface but fixes a bunch of bugs.
+ The important user-visible change is that the file name
+ in a K line now does not include the ".db" extension; this
+ is added automatically. Also, the -d (NIS domain) flag is
+ missing from the K config line; use @domain instead.
+ When compiling, the *_MAP names are gone -- just compile
+ in NDBM, NEWDB, and/or NIS support.
+ Announce mailer/host/user triple on -bv flag -- from Brian
+ Bullen of Stirling University.
+ Don't send more than one line in response to HELO -- it confuses
+ Pony Express, which then behaves very badly. However,
+ this change does send two line 220 greetings, with the
+ second line reading "ESMTP spoken here". The usersmtp
+ module recognizes this and goes into ESMTP mode regardless
+ of the setting of the "a" mailer flag. Thus, "a" means
+ "always try EHLO".
+ AIX portability changes (thanks to Christophe Wolfhugel of
+ Herve Schauer Consultants (Paris) for providing me with
+ an INSA account for this purpose). Lightly tested. Use
+ -D_AIX3. This probably breaks compatibility with some
+ older systems (e.g., 4.2bsd) but still works on SunOS
+ 4.1.2, Ultrix 4.2A, HP-UX 8.07, OSF/1 T1.3, and AIX 3.2.3.
+ Fix a problem causing an error message loop if the output channel
+ is hosed.
+ Add the Makefiles that I use for various environments -- some are
+ Berkeley make versions and some are old make versions.
+ My makefile for the NeXT box has gotten lost, alas!
+ PRALIASES: support for printing NEWDB databases. From
+ Michael J. Corrigan of U.C. San Diego.
+ CONFIG: don't pass pseudo-domains to $[ ... $] (if you have
+ a wildcard MX it can have weird results). From
+ Christophe Wolfhugel.
+ CONFIG: dot terminate relay hostnames in S0. From Christophe
+ Wolfhugel.
+6.59/6.28 93/05/13
+ Log version with SMTP daemon startup message.
+ Adjust setproctitle to work on NetBSD and BSD/386.
+ Fix null pointer reference in MX fallback code.
+ A bunch of minor fixes from Eric Wassenaar:
+ If deliver cannot execv the mailer, return EX_OSERR
+ instead of EX_TEMPFAIL (to give better
+ error messages).
+ Consistently malloc e_message.
+ Catch degenerate case of calling returntosender()
+ with an empty returnq.
+ MIME reformatting.
+6.58/6.28 93/05/13
+ Fix bug that can cause incorrect verbose display of user smtp
+ messages.
+ Disable SMTP VERB command if PRIV_NOEXPN is set (since this
+ could reveal the same information.
+ Allow failure when reading SMTP greeting message to go on to
+ next MX host.
+ Add "MIME-Version: 1.0" header if using MIME (this was NOT
+ included in RFC 1344, but Bill King of Allan-Bradley
+ Company forwarded me email from Nathaniel Borenstein
+ claiming that it was an inadvertent omission).
+ Don't use Content-Type: X-message-header. According to John
+ Myers of CMU, many MIME readers will completely ignore
+ the data if they don't recognize it. Instead, just
+ add a blank line to make it a legal (empty) message.
+ Fix problem causing dots to keep getting appended to cached
+ hostnames. This can cause buffer overrun conditions.
+ The problem was found by Erik Forsberg of Retix,
+ although I used a different bug fix than he provided.
+ Fix parsing of split header/envelope rewriting specs -- from
+ Eric Forsberg.
+ Fix from Eric Wassenaar to correct To: lists in error messages.
+6.57/6.28 93/05/11
+ Fix minor glitch causing extra ctladdrs to be output to queue
+ file. Just an annoyance.
+ Cache results of name server canonification lookups to avoid
+ backed up queue runs.
+ Major rewrite of alias.c: considerable cleanup, plus sample
+ (untested) support for NIS aliases. The "A" option
+ can now be a comma separated list (or be repeated) --
+ that is, you can have multiple alias databases. Each
+ database can have the syntax ``class:file''; if no class
+ is specified, the "implicit" class is assumed. Implicit
+ searches through a list of compiled in types -- hash,
+ dbm, nis, and stab. Alias files are searched in the
+ order they are listed. For example:
+ OAhash:/etc/aliases.local,/etc/aliases
+ OAnis:mail.aliases@my.nis.domain
+ first searches the hash database /etc/aliases.local,
+ then the regular /etc/aliases database, then the NIS
+ map "mail.aliases" in the NIS domain "my.nis.domain".
+ If in Verbose mode (probably from VERB command) run SMTP job
+ in foreground and don't do RCPT optimizations.
+ Add udb :mailsender as equivalent to owner- for regular aliases.
+ Delete option 8; add option 7 that means the opposite. That is,
+ default to 8-bit mode; a special option is needed to
+ force sendmail into 7 bit mode.
+ Send error messages in encapsulated MIME format.
+ New compile flag "NIS" that turns on NIS alias and NIS map
+ support.
+ Add "j" option to send error messages in MIME (RFC 1341)
+ encapsulated message format per RFC 1344. The
+ syntax is pretty ugly if you don't have MIME-aware
+ user agents.
+ Clean up message handling (for display in mailq output).
+ New setproctitle implementation for 4.4bsd.
+ Create files (such as ~/dead.letter) using mode FileMode (the
+ F option value) instead of 0666.
+ Fix bug causing output of EXPN command to not be fully qualified.
+ This may cause some problems with UUCP addresses that
+ will require some config file assistance -- specifically,
+ the $: part has to include the host name for this output
+ to make sense.
+ Fix a problem that sometimes diagnosed errors and still sent the
+ message if the header syntax was bad.
+ Fix a bug that caused an error message to be emailed when sendmail
+ was operating in -bv mode.
+ Add "ListenQueueSize" keyword to daemon options option (OO) to
+ set the queue size parameter passed to listen(). You
+ will normally have to tweak your kernel to up this.
+ Strip spaces off of beginning of message-id before logging (in
+ case it was folded across lines).
+ Tweak compile flags in daemon.c -- there were some cases where
+ it wouldn't work without NETINET.
+ Change *file* mailer to output all the usual default headers
+ (From, Date, Message-Id). It gets used when sending
+ back error messages.
+ CONFIG: explicitly catch and diagnose list:; syntax in ruleset
+ zero -- this is not a valid recipient syntax according
+ to RFC 821.
+ CONFIG: add confMIME_FORMAT_ERRORS to send error messages in
+ MIME format. Defaults to on.
+ the flags for those mailers.
+6.56/6.27 93/05/01
+ Fix problem that causes the fallback mail to postmaster
+ (case ESM_POSTMASTER in savemail()) to not look at
+ aliases (ugh).
+ Some more HPUX tweaking (compile flag hpux => __hpux so it
+ still works in ANSI mode).
+ Don't try to flock non-regular files when mailing to a file.
+ In particular, this was a problem if you tried to
+ send to /dev/null.
+ Fix a weird bug that can cause senders to be queued as
+ recipients if the name server is down when the mail
+ is initially sent. This hack just ignores sender
+ deletion (essentially, it sets the MeToo flag) if there
+ is a TEMPFAIL during processing of the sender address.
+ Obscure.
+ Fix a dangling else problem -- from Brian Bullen from University
+ of Stirling, UK.
+ Add the "b" mailer flag to force a blank line on the end of
+ messages. Some brilliant versions of /bin/mail insist
+ on this but do not add it themselves.
+ Add the "g" mailer flag to prevent user SMTP from sending
+ "MAIL From:<>". This is only intended to be a
+ transitional gesture, and should not be used if at
+ all possible. It appears that Berkeley and IDA
+ config files have always handled this properly; the
+ UK config kit apparently does not.
+ Don't lowercase and then capitalize header field names -- leave
+ them with original capitalization. Fixes from Bill
+ King of Allen-Bradley Company.
+ Further cleanup and improved reporting of error messages,
+ particularly conditions that cause messages to be
+ requeued for future delivery.
+ Tweak syslog priorities in some cases.
+ CONFIG: clean up route-addr on UUCP addresses.
+6.55/6.25 93/04/27
+ HPUX 8.07 compatibility changes in getla() -- I had to make
+ these changes to get it to work at Berkeley, although
+ others seem to have been working before (???).
+ Various patches to XLA code.
+ Fix problem that causes setuid bit on files to be ignored from
+ SMTP or in queue runs. Problem noted by Jason Ornstein
+ of Under The Wire, Inc.
+ Fix problem that can cause CNAMEs to be ignored.
+ Generalize getmxrr to match local host in $=w instead of a
+ single name passed in.
+ Some cleanup from Eric Wassenaar:
+ Use FileMailer instead of ProgMailer in two places.
+ Eliminate duplicate 8th-bit stripping in commaize.
+ Fix a problem with mis-parsing of backslash escapes
+ under some circumstances.
+ NIS map fix (was always including trailing null character)
+ from Mike Glendinning of Ingres UK.
+ Add "a" mailer flag to try using ESMTP. It tries the EHLO
+ command and if that fails falls back to regular SMTP.
+ Also parses EHLO option keywords. If host supports
+ SIZE extension, this is added to the MAIL FROM:
+ command.
+ Extend "b" option to include a second value which is the
+ maximum message size this server is willing to accept.
+ For example, a value of "10/1000000" says that there
+ must be ten blocks free, and sendmail will reject
+ any message larger than one megabyte.
+ Some portability hooks for NeXT (this could be applicable
+ to Mach in general). You have to create an empty
+ file called "unistd.h" to get it to compile.
+ Adjust config values (MAXLINE, MAXATOM, and PSBUFSIZE) to
+ be more generous.
+ Add X400-Received: to the list of headers tagged with H_TRACE
+ in conf.c. From Bill King, Allen-Bradley Co.
+6.54/6.25 93/04/19
+ Fix problem that caused redefinition of SMTP and QUEUE compile
+ flags. Pointed out by Jon Forrest of the Sequoia 2000
+ project at Berkeley.
+ Properly handle \! hack -- it was treating host\!user as one
+ token (host!user) instead of three (host, !, user).
+ Fix from Eric Wassenaar of NIKHEF-H.
+ Fix compilation problem in getauthinfo() if IDENTPROTO is off.
+ Turn off DEFNAMES and DNSRCH when getting the hostsignature
+ (i.e., MX records) in level 1 configuration files; this
+ matches the old behaviour. From Motonori Nakamura of
+ Kyoto University.
+ Improve error message printing -- if sent through an alias,
+ error messages include the name of the alias in the
+ message. Unfortunately, in order to make this work
+ properly in queue runs, this changes the format of the
+ C line in the qf file. The relatively uselessness of
+ the previous information was pointed out to me by
+ Allan E Johannesen of WPI.
+ Add XLA compile flag to add hooks to Christophe Wolfhugel's
+ extended load average code. This is still in very early
+ form. For information regarding the guts of the xla
+ code, contact Christophe.Wolfhugel@grasp.insa-lyon.fr.
+ Additional hooks for detecting tempfails in rewriting rules
+ (that is, in map lookups).
+6.53/6.25 93/04/15
+ Properly diagnose ruleset zero returning null (instead of a mailer
+ triple). From Motonori Nakamura of Kyoto University.
+ More generalization of socket code for other protocols.
+ Shorten timeouts on reverse name lookups -- since they are done
+ during connection establishment, long timeouts here can
+ cause higher level timeouts. This mainly serves to accept
+ mail from hosts that do not have proper reverse (PTR) DNS
+ records set up.
+ Reset e_statmsg before each mailer invocation to avoid bogus
+ messages in the log.
+ Redefine $r, $s, and $_ in error envelopes so you don't get
+ incorrect cruft in the error message. Problem noted by
+ Motonori Nakamura of Kyoto University.
+ Fix a problem that can cause failure to return errors to Postmaster
+ in certain cases. From Motonori Nakamura.
+ Fix a problem that can cause some systems to give duplicate error
+ messages when a bad syntax address such as "<a" is presented
+ to an SMTP server. It doesn't seem to occur on all
+ machines. From Motonori Nakamura.
+ Default IDENTPROTO off for Ultrix and HPUX, which apparently have
+ the interesting "feature" that when they receive a "Host
+ unreachable" message they closes all open connections to
+ that host. However, some firewall gateways send this message
+ if you try to connect to an unauthorized port, such as the
+ IDENT port (113). Thus, no email can be received from such
+ hosts. There is some evidence that versions of Ultrix before
+ 4.3 do not have this problem. Thanks to Tom Ivar Helbekkmo
+ for pointing out this behaviour to me and to Michael Corrigan
+ of U.C. San Diego for informing me about the HPUX problem.
+ Allow IPC mailers to return a colon-separated list of hosts in the
+ $@ clause; these are searched in order as though they were
+ MX records.
+ When sending an error report, print the list of addresses tagged
+ as bad. Requested by Allan E Johannesen of WPI.
+ Change map function calls to return a status code. This gets
+ passed back as the result of rewrite. Parseaddr marks
+ the address as a QUEUEUP address if the return code is
+ EX_TEMPFAIL. All this to queue properly if the name
+ server is down. This code is not well tested. This code
+ changes the interface to map lookup functions (a fifth
+ parameter, int *statp, is added). Feature requested by
+ Dan Oscarsson.
+ Don't delete quotes (in the dequote map) if there are spaces in
+ the string, since this would cause them to be replaced by
+ the SpaceSub character.
+ Accept BODY=8BITMIME on SMTP MAIL command. This isn't advertised
+ because the 8BIT to 7BIT translation doesn't exist yet.
+ This does add a "bodytype" field to both envelope and
+ queue file and a -B command line flag to pass the type in
+ during direct invocations.
+ Discard return error messages only on responses to responses to
+ responses, not on responses to responses. That is, the
+ algorithm is to try return to sender, then return to
+ postmaster, then discard. Previously it discarded
+ immediately if the return to sender pass failed.
+ CONFIG: back out change to hide unqualified hostnames behind %-hack.
+ This screws up local aliases and .forward files.
+ CONFIG: add FEATURE(nocanonify) to turn off calls to $[ ... $];
+ some sites only handle completely canonified names.
+ Requested by John Gardiner Myers of CMU.
+ CONFIG: some UUCP code was still included even if FEATURE(nouucp)
+ was specified.
+6.52/6.24 93/04/10
+ Clean up some minor glitches on error return messages pointed out
+ by Motonori Nakamura of Kyoto University.
+ Fix reply() to not reset SmtpReplyBuffer on fatal errors; this
+ was supposed to reset SmtpMsg Buffer. This makes the
+ client side code virtually useless. Reported by Allan
+ E Johannesen of WPI and Phil Brandenberger of Swarthmore.
+ Better debug messages if fuzzy is disabled, suggested by Allan
+ E Johannesen of WPI.
+ Offset SmtpReplyBuffer by four in usersmtp when checking for
+ loopback. From Eric Wassenaar.
+ Don't set $s until after runinchild in srvrsmtp -- otherwise
+ it gets cleared. From Eric Wassenaar.
+ Implement IDA-style $&x for deferred macro expansion.
+ More POSIX compatibility.
+ CONFIG: Hide unqualified hostnames behind %-hack using $s as the
+ actual sender. This is only done if $r is non-null, that
+ is, if this is not locally submitted mail.
+ CONFIG: Add FEATURE(bitdomain) allowing mapping of BITNET host
+ names to internet domains. A program contributed by
+ John Gardiner Myers of CMU to create the maps is included
+ in the contrib directory (in the "misc" tar file).
+ CONFIG: Add FEATURE(uucpdomain) for a similar mapping for UUCP
+ hosts. There is currently no tool to create this map.
+6.51/6.23 93/04/04
+ Add D= mailer flag to specify a path of possible working directories
+ in which to execute the mailer. This is intended for the
+ prog mailer; some shells can get upset if they don't have
+ access to the current directory.
+ Add RFC 1413 (IDENT) protocol support. This is only very loosely
+ tested. This adds a $_ macro to be the authenticated
+ info (in ``user@domain [address]'' form) and debug flag
+ 9 to trace the protocol.
+ Check for loopbacks in usersmtp instead of srvrsmtp -- there is no
+ reason for a local agent to not be talking to the localhost
+ (although the inverse is not true).
+ Add a few hooks for automated map rebuilding. This is certainly
+ not done yet.
+ CONFIG: Have prog mailer specify a path of ``D=$z:/'' -- that is,
+ user's home directory then the root.
+ CONFIG: Log RFC 1413 identification in Received: line.
+6.50/6.22 93/04/01
+ Fixes to requeueing code to make it compute priority, nrcpts,
+ and the like properly.
+6.49/6.22 93/04/01
+ Diagnose incorrect privacy flags. Suggested by Bryan Costales
+ of ICSI.
+ Some ANSI C fixes.
+ Arrange to quote backslashes as well as other special characters
+ in the phrase part of a route-addr.
+ Some fixes to FallBackMX code suggested by Motonori Nakamura of
+ Kyoto University.
+ More vigorous zeroing of CurHostAddr to avoid logging of bogus
+ host addresses when you are actually just printing
+ information from the MCI structure; problem noted by
+ Michael Corrigan of U.C. San Diego.
+ Don't ignore rest of queue if any job is not runnable. This can
+ also cause an incorrect job to be lost. Fix from
+ Eric Wassenaar.
+ Always respond "quickly" to RCPT command; do alias expansion and
+ the like later. This also means that mail for lists that
+ have errors will be accepted, and an error sent back
+ later. This is done by instantiating the queue file
+ and then immediately running and requeueing it.
+6.48/6.22 93/03/30
+ Fix incorrect diagnosis of infinite loop in ruleset. Problem noted
+ by several people.
+ Improve information printed when infinite loops are discovered.
+ Zero CurHostAddr to fix erroneous internet addresses in log when no
+ addresses can be bound. Pointed out by Motonori Nakamura
+ of Kyoto University.
+ "Probe" SMTP connections using RSET instead of NOOP "just in case".
+ Suggested by John Gardiner Myers of CMU.
+ Don't warn about -f if you are setting sender to yourself.
+6.47/6.22 93/03/29
+ Fix incompatible call to endmailer in smtpquit which causes core
+ dumps. Noted by Allan E Johannesen of WPI.
+ HPUX portability changes from Michael J. Corrigan of UC San Diego.
+ Require MAIL before RCPT command in srvrsmtp.c. This had been
+ intentional from the 821 draft days when the order wasn't
+ clear, but is silly now.
+ Fix bug in nis_magic routine that was initializing parameters
+ incorrectly. Fix from Takahiro Kanbe of Fuji Xerox
+ Information Systems Co., Ltd.
+ Change default for PrivacyFlags in conf.c to 0 -- since it always
+ "or"s in new values, there was no way to turn off the
+ AuthWarning stuff.
+ Add O option to set SMTP daemon options.
+ Add V option to set fallback MX host. This always sorts at lower
+ priority than anything it gets from the name server. It
+ should only be used for environments with very bad network
+ connectivity. Requested by several people.
+ Log sending info. It's not clear this is a good idea.
+ CONFIG: fix typo in mailertable code. Noted by Phil Brandenberger
+ of Swarthmore.
+ CONFIG: add confDAEMON_OPTIONS and confFALLBACK_MX to set options
+ O and V, respectively.
+6.46/6.21 93/03/26
+ Fix botch in server SMTP that broke transactions that did not
+ use HELO first (like MH). Fix from Michael Corrigan
+ of U.C. San Diego.
+ Fall back to other MX records if there is an error anywhere
+ in delivery (actually on MAIL or DATA -- RCPT is harder).
+ Suggested by John Gardiner Myers and Motonori Nakamura.
+ Revert to non-prototypes -- it turns out that our ANSI C
+ compiler is more forgiving than most others about
+ mixing prototyped extern declarations with non-prototyped
+ function definitions.
+ Fix a problem with multi-word class matching pointed out by
+ Neil Rickert. Given:
+ CX b a.b.c
+ R$+ $=X $+ $: $1 < $2 > $3
+ the input "user@a.b.c" failed instead of being properly
+ rewritten as "user@a.<b>.c".
+ Neil also convinced me that it was correct that $~ should match
+ only one token -- the problem is that it's always possible
+ to add another token, so $~ matches far too eagerly.
+6.45/6.21 93/03/25
+ Implement multi-word classes (properly!).
+6.44/6.21 93/03/25
+ Add X-Authentication-Warning: headers to clue users into possible
+ attempts to forge mail. This is on the authwarnings
+ privacy flag, but is the default. Suggested by Bryan
+ Costales of ICSI.
+ Pass default units for convtime in so they can be more reasonable.
+ Allow config files to always add a new Comments: header (i.e.,
+ they will be added even if an old one already exists).
+ Suggested by Bryan Costales of ICSI.
+ Allow config files to delete an existing Return-Path: header.
+ These should only be added at final delivery. Suggested
+ by Bryan Costales of ICSI.
+ Some debugging additions. Suggested by Bryan Costales of ICSI.
+ Clean up logging of Family 0 addresses. Noted by David Muir
+ Sharnoff and others.
+ Add a "dequote" map class. This allows config files to strip
+ quotes off of addresses. Note that this is not a builtin
+ map, just a class -- so you have to define the map
+ using the K line.
+ Fix a bug in the queueup() loop getting a locked tf where in
+ very odd cases it can fall off the bottom and core dump.
+ Of course, it was P{r Emanuelsson who found it....
+ Open a new transcript when splitting an envelope. Problem found
+ by Allan E Johannesen of WPI.
+ Improved error output in endmailer if the mailer core dumps.
+ CONFIG: Fix typo in UUCP mailer definition.
+ CONFIG: Default several of the new options on: eight bit input,
+ privacy flags set to "authwarnings", and message warning
+ set to 4h.
+ CONFIG: Use dequote map.
+6.43/6.20 93/03/23
+ Fix problem with assumption of an sa_len field in a generic
+ sockaddr -- it turns out that most vendors haven't
+ picked up this (very important) fix.
+ Change compilation flags for daemon code -- select one or both
+ of NETINET or NETISO, but don't ever set DAEMON manually.
+ CONFIG: add FEATURE(mailertable) to do IDA-style mailertables.
+6.42/6.19 93/03/19
+ Use Postmaster as default fallback return address, not root.
+ POSIX changes for file descriptor handling.
+ Diagnose errors writing new queue file.
+ If you change the owner using an owner- alias, also change the
+ error mode to EM_MAIL so that errors don't get dropped
+ into an inappropriate directory. Problem noted by
+ Allan E Johannesen of WPI.
+ If you are su'ed to root, send email as who you really are, not
+ as root. From Brian Kantor of U.C. San Diego.
+ Allow warning messages to be sent after a configurable interval
+ has passed without delivery. The message is sent only
+ once per envelope. This changes the format of the qf
+ file to have an F line, and the format of the T option
+ to accept take the format "return/warn" (both intervals).
+ Don't force all local names to lower case -- this was left over
+ from the weird handling of case mapping on aliases. It
+ is now driven (as expected) by the "u" mailer flag.
+ Problem noted by P{r Emanuelsson.
+ Fix problem that caused headers on returned email to be trashed;
+ they were getting freed, but are still accessible via
+ BlankEnvelope.
+ Fix problem that caused bogus ids to be created on returned
+ mail.
+ Add support for ISO and other non-INET networking. This is by
+ no means finished yet. This does assume a lot of other
+ system support, like a version of gethostbyname that
+ returns non-AF_INET addresses.
+ CONFIG: change default on prog mailer to keep upper case in
+ user names (i.e., in the program command line).
+ CONFIG: strip trailing dots off of hosts in uucp mailer before
+ convert to bang format.
+ CONFIG: create new "relay" mailer for $R (LOCAL_RELAY) and $H
+ (MAIL_HUB) delivery that doesn't add local domain. Note
+ that this violates 821, but is probably "more correct"
+ for what we are trying to do. Problem pointed out by
+ Michael Graff of Iowa State.
+6.41/6.18 93/03/18
+ Clean up unnecessary creates of queue ids (i.e., empty qf files)
+ when not needed, such as when starting up an SMTP
+ connection.
+ Fix problem where split envelopes aren't instantiated in the queue.
+ This is quite a serious bug.
+ Owner- aliases had problems with leading spaces causing a
+ premature delimitation.
+6.40/6.18 93/03/18
+ Have ending 250 (after DATA) include the id; suggested by
+ Brian Kantor of UC San Diego.
+ Add logging on envelope splitting.
+ Change queue ids to have one more letter encoding the hour of
+ the day so that during a single day there is a greater
+ likelihood of uniqueness; requested by Brian Kantor.
+6.39/6.18 93/03/18
+ Fix minor compile problem if LOCKF is defined.
+ Define size of tobuf in conf.h. Observed by Toshinari Takahashi
+ of Toshiba.
+ Restore e_sender -- this is equivalent to e_from.q_paddr without
+ decorations such as angle brackets and comments.
+ OSF/1 on Alpha changes from Allan E Johannesen of WPI.
+ CONFIG: fix typo in S3 for list syntax (;: => :;). Thanks to
+ Christopher Hoover for noting the problem.
+6.38/6.17 93/03/17
+ Pass envelope to disconnect to avoid another use of CurEnv, which
+ can apparently end up being null at inopportune times.
+ Log "received from" as "relay=" for consistency (suggested by
+ John Gardiner Myers).
+ Fix major bug in header handling: if no From: line existed in
+ the header (so sendmail inserts one), and the sender is
+ an alias that has an owner, the From: line shows the
+ owner (as well as the envelope). Fixed by early binding
+ the headers (which will change debugging output).
+ HPUX portability patches from Michael J. Corrigan of UC San Diego.
+ Some attempts to adapt better to out of open file conditions.
+ Some changes to ctladdr handling in queue files.
+6.37/6.17 93/03/16
+ MAJOR CHANGE: delete e_sender and e_returnpath (why are these
+ different from e_from?) and $< macro.
+ Log correct IP address in relay= field even if the connection
+ times out.
+ Log "received from [RESPONSE]" on EF_RESPONSE messages (from
+ John Gardiner Myers).
+ Fixes to SysExMsg logging (sometimes just got "message: %s"
+ instead of "message: error message"), noted by Eric
+ Wassenaar. Also reported by Motonori Nakamura.
+ Improvements to MX piggybacking code, from Motonori Nakamura.
+ Fix case where CurHostName points to an auto variable that has
+ been deallocated (from Motonori Nakamura).
+ Fix bug causing newlines to be included in aliases if option
+ "n" (check alias RHS) is set; bug noted by David Muir
+ Sharnoff.
+ Fix problem causing user names that should be mapped to lower
+ case to not be mapped if they are sent during a queue
+ run. This greatly simplifies the case mapping code.
+ Problem noted by Allan E Johannesen of WPI.
+ Don't do recipient address rewriting in buildaddr. This
+ improperly did recipient rewriting on sender addresses,
+ and just seems bogus in general -- but the change could
+ break some .cf files.
+ Pass TZ envariable to child processes for System V.
+ CONFIG: allow LOCAL_RULE_1 and LOCAL_RULE_2 if you want to
+ define those rulesets.
+ KNOWN PROBLEM: I have seen some problems on SunOS that causes
+ the User Data Base to give errors on some addresses. I
+ have tracked the problem back at least as far as 93.02.15
+ (version 6.22). Running with debugging on makes it
+ go away, so I conclude that it is referencing uninitialized
+ stack data. I haven't been able to track this down yet.
+6.36/6.16 93/03/08
+ Allow local mailer to specify $@host -- this lets you assign the
+ "foo" part of jgm+foo to $h for passing in to the local
+ mailer.
+ Additional debug printing in getcanonname (show query type).
+ Don't add the e_fromdomain on sender addresses -- this interacts
+ weirdly with the owner- code.
+ Improve delivery logging to not log obvious or meaningless stuff.
+ Include numeric IP address in Received: lines per RFC 1123 section
+ 5.2.8.
+ Fixed a bug in checking stat() return value if restrictmailq is
+ set. Also, check the entire group set instead of just the
+ primary group. Both from John Gardiner Myers.
+ Don't have usrerr automatically print errno, since this is often
+ misleading.
+ Use transienterror() in makeconnection after connect() fails and
+ in openmailer after execve() fails (from Eric Wassenaar).
+ Also moved transienterror() from util.c to conf.c.
+ Clean up from= logging on response messages.
+ Undo patch allowing prescan to return a null vector -- it breaks
+ too many things.
+ Config: FEATURE(notsticky) lets you use UDB for everything coming
+ in to the machine, even if it is specifically targetted
+ to this machine. Without it, UDB is bypassed if the user
+ name is fully qualified.
+ Config: fix another minor botch with <> (local mailer wasn't
+ mapping them properly).
+6.35/6.15 93/03/05
+ Fix getrealhostname to return null if sinlen <= 0 -- this can
+ occur if stdin is a pipe.
+ Avoid infinite loop in getcanonname if name server return
+ NO_DATA (for example).
+ Config: avoid having C flag qualify list syntax and error syntax.
+6.34/6.14 93/03/05
+ Fix logging in deliver to not pass too many parameters to Ultrix
+ versions of syslog.
+ Don't write the pid file until after the daemon has actually
+ opened and conditioned the connection.
+ Consider addresses "different" if their q_uids differ (so that
+ two users forwarding to the same program will be seen
+ as different, rather than the same).
+ Fix problem with bad parameters in main() -- they set ExitStat
+ but don't exit.
+ Fix null pointer references through RealHostName -- painfully
+ discovered by Allan E Johannesen of WPI.
+ Fix bug causing user@@localhost to core dump (yuch).
+ Config: don't put two @host.dom.ain on users in $=E in SMTP
+ mailer. Also, catch user@ (no host) in ruleset 0.
+6.33/6.13 93/03/03
+ Config: add confCW_FILE as the name of the cw configuration file
+ (defaults to /etc/sendmail.cw). From P{r Emanuelsson.
+ Allow prescan to return a pointer to an empty list -- this is
+ not an error. Also, clean up error reporting to avoid
+ double errors (prescan reports once, then the caller
+ reports again).
+ Changes to avoid trusting T_ANY queries -- run them, but if you
+ don't get the info you expected, do T_A and T_MX queries
+ anyhow. This also fixes an oversight where _res.options
+ bits were being ignored.
+ If PRIV_NOVRFY is set, use 252 response code instead of 502 per
+ RFC 1123 section 5.2.3. It's not 100% clear that this
+ is correct, but it probably works better with stupid
+ mailers that do a VRFY and only check the first digit.
+6.32/6.12 93/03/02
+ Fix uninitialized variable "protocol" in smtp code.
+ Include <unistd.h> in sendmail.h -- move towards POSIX/ANSI.
+ Additional hooks for RFC 1427 (ESMTP SIZE extension). This
+ includes requiring that enoughspace() know the system
+ block size, which will undoubtedly break most ports.
+ Trace flag 19 in use for srvrsmtp.c.
+ Additional logging -- notably the sending mailer name. This
+ also changes the delivery logging to strict field=value
+ syntax.
+ Fix some problems with messages getting sent even to addresses
+ that had been marked bad -- from Eric Wassenaar.
+ More WIDE changes: accept host name inside [...] as non-MXed
+ host. This is intended ONLY for use inside firewalled
+ environments, where the MX points at the gateway.
+ Change .cf file conventions so that mapping for <> addresses
+ don't have an @ in them (to avoid confusing the C mailer
+ flag). Pointed out by Neil Rickert.
+ Config extensions for Sam Leffler's FlexFAX software.
+6.31/6.10 93/02/28
+ Fix some more bugs in alias owner code -- there were some weird
+ cases where an error in a non-aliased name would override
+ the return info in an aliased name with an owner.
+ Changes from WIDE Project, forwarded to me by Motonori Nakamura:
+ Log actual delivery host (after MX et al); from
+ yasuhiro@dcl.co.jp.
+ Log daemon startup.
+ Deliver Postmaster copies without a body.
+ Better logging of SMTP senders.
+ Send all program email as daemon even when local.
+ As requested in various forms from many people, accept -qIstring
+ to limit queue runs to jobs with queue-id matching string.
+ Similarly for -qRstring for recipients, -qSstring for
+ senders.
+ Initial hooks for ESMTP support (see RFC 1425).
+ Fixed a syntax error in the UUCP mailer specification that caused
+ core dumps on startup.
+ Check for missing A= or P= arguments in mailer definitions.
+6.30/6.10 93/02/27
+ Require FROZENCONFIG compilation flag to include frozen
+ configuration code. Frozen configuration is really
+ not a very good idea any more, particularly in shared
+ library environments.
+ Do better checking of errno after opens of :include: and .forward
+ files to defer delivery on network and other transient
+ errors. Suggestion from Craig Everhart.
+ Fix minor botch in read timeout macro processing.
+ Add FEATURE(nouucp) to config files for sites that know absolutely
+ nothing about UUCP.
+ Add built cf files to distribution tape and clarify how to build
+ them if you don't have the Berkeley make.
+ Some sizeof(long) portability changes for the Alpha, from Allan
+ E Johannesen.
+ Add "restrictmailq" privacy flag -- if set, only people in the same
+ group as your queue directory can print the queue. If you
+ set this, be sure you also restrict access to log files....
+ Fix another bug in owner-list stuff that can cause data files to
+ be "lost".
+ Fix a bug with queue runs that cause forwards to yourself to go
+ into alias/forwarding loops. I'm still iffy about this
+ fix.
+ Fix from Eric Wassenaar for suppression of return message code.
+6.29/6.9 93/02/24
+ Fix yet another problem in alias owner code -- put the wrong return
+ address on the enclosed return-to-sender letter.
+6.28/6.9 93/02/24
+ Fix botch in alias owner code that caused it to not operate if the
+ error was detected locally.
+6.27/6.9 93/02/24
+ M_LOCAL => M_LOCALMAILER to avoid conflict with Ultrix include
+ file <sys/mount.h>.
+ Miscellaneous bug fixes from Eric Wassenaar:
+ sendmail -bv -t logs the from line even though in verify
+ mode only.
+ sendmail -v can go into queue mode if shouldqueue returns
+ Add route-addr pruning per RFC 1123 section 5.3.3. This can be
+ disabled using the "R" option.
+ Delete (always undocumented) -R flag (save original recipients);
+ there are ways to syslog(3) these now.
+ Clean up SMTP reply codes -- specify them as needed in the code,
+ instead of in conf.c -- this was needed during the NCP to
+ TCP transition, but seems silly now. This also changes
+ parameters to message and nmessage.
+ Have mailstats read the .cf file to find the sendmail.st file and
+ get text versions of mailer names. An initial version of
+ this code was provided by Tuominen Keijo (although the
+ comments indicate the good bits were written by "E.V.").
+ Add yet more System V compatibility hacks.
+ Fix bug in VRFY code (assumes everything must be a local user).
+ Allow specification of any of the hard-wired pathnames in the
+ Makefile.
+ Delete concept of "trusted users" -- this really didn't provide
+ any security anyway, and caused some problems.
+ Delete last vestige of support for the word "at" as an equivalent
+ to the character "@".
+ Propagate owner-foo alias information into the envelope sender.
+ Based on code from John Gardiner Myers. This is a major
+ semantic change -- beware!
+ Allow $@ on LHS to indicate "match zero" -- this is used to match
+ the null expression.
+6.26/6.8 93/02/21
+ Don't "lose" queue runs. Very important fix from (who else?)
+ Eric Wassenaar.
+ Completely reset state on RSET command -- from Eric Wassenaar.
+ Send error messages and return receipts using an envelope sender
+ of <> regardless of the setting of $n. Rewriting rules
+ can undo this if they feel the necessity, as might be
+ needed for networks that don't understand the syntax.
+ This is permitted by RFC 821 section 3.6 and required by
+ RFC 1123 section 5.3.3. THIS REQUIRES VERSION 4 CONFIG
+ FILES because the rulesets must be able to parse <>
+ properly.
+ Don't ever send error messages to "<>" -- they will get sent to
+ the local postmaster or dumped in /usr/tmp/dead.letter
+ instead. Per RFC 1123 section 5.3.3.
+ Explicitly check for email to yourself as a dotted quad. You
+ have to call $[ [ ... ] $] to get this.
+ Up the message timeout to five days per RFC 1123 section
+ Make all read timeouts individually configurable, as strongly
+ recommended by RFC 1123 section 5.3.2.
+ Use f_bavail (blocks available to regular users) instead of f_bfree
+ (blocks available to superuser) in free block checks.
+ Change $d macro to be the current time, not the origination time,
+ since this is consistent with how it is used now.
+ Generalization of enoughspace from Eric Wassenaar covering
+ SGI, Apollo, HPUX, Ultrix, and SunOS.
+ Ignore process group signals -- some front ends can do this if
+ you kill a window too quickly. From Eric Wassenaar.
+ Change umask to 022.
+6.25/6.8 93/02/20
+ Close all cached connections before calling mailers and after
+ forking for delivery (caused double closes which resulted
+ in false errors).
+ Add FEATURE(redirect) in config files -- this allows you to alias
+ old addresses to a pointer to the new address that will
+ give a 551 error message, but not deliver the mail.
+ Some code changes to make the 551 errors look pretty.
+ Names of M4 program paths in config files have changed -- they
+ are all XXX_MAILER_PATH now, to match XXX_MAILER_FLAGS.
+ Fix a bug in the QSELFREF code having to do with empty .forward
+ files, reported by Eric Wassenaar.
+ Add option "p" (privacy flags); this allows you to tune how
+ picky the SMTP server will be. This also adds the
+ confPRIVACY_FLAGS M4 macro in the config files.
+ Add option "b" (minimum blocks free). If there are fewer than
+ this number of blocks free on the filesystem containing
+ the queue directory, the SMTP MAIL command will return
+ a 452 response and ask you to try again later. This
+ also adds the confMIN_FREE_BLOCKS M4 macro in the config
+ files.
+ Made VRFY just verify (doesn't expand aliases and .forward files);
+ EXPN does full expansion. RCPT in queue-only mode also
+ doesn't chase aliases and .forward.
+6.24/6.7 93/02/19
+ Increase the number of domain search entries in domain.c to allow
+ for the extra "" entry indicating the root domain.
+ Reported by Motonori Nakamura of Kyoto U.
+ Add a "SMART_HOST" in the configs for UUCP-connected sites that
+ want to forward all mail with extra "@"s to that site.
+ Also allows SMART_HOST, LOCAL_RELAY, and MAIL_HUB to
+ be specified as ``mailer:hostname'' to use an alternate
+ mailer.
+ Clarified and updated some wording in the Operations Guide.
+ Add the "c" mailer flag -- this suppresses all comment parts of
+ addresses (requested by John Curran of NEARnet).
+ Have -v print prompts in -bt mode even if stdin is not a terminal
+ (default behaviour is to be silent if not reading from
+ a terminal). Suggested by Bryan Costales, ICSI.
+ Move the metacharacters from C0 space (\001-\037) into C1 space
+ (\201-\237). This also fixes a bunch of potential bugs
+ with G1 characters (\240-\276) in headers relating to
+ negative numbers passed to isspace() et al.
+ Add YP_LAST_MODIFIED and YP_MASTER_NAME to DBM version of alias
+ database if YPCOMPAT is #defined. Enhancement from
+ Takahiro Kanbe of Fuji Xerox Information Systems Co., Ltd.
+ Add "list" Precedence (-30); this can be used with old sendmails
+ which will map to precedence 0 (which will return error
+ messages). Suggested by Stephen R. van den Berg.
+ Many bug fixes from Eric Wassenaar of the National Institute for
+ Nuclear and High-Energy Physics, Amsterdam:
+ Clear timeouts properly on open failures in include().
+ Don't dereference through NULL if no home directory found.
+ Re-establish SIGCHLD signal on System 5 in reapchild().
+ Avoid NULL pointer reference on -pFOO flag.
+ Properly handle backslash escapes in comments.
+ Correctly check reply status on SMTP NOOP command.
+ Properly save SMTP error message if peer gives
+ "Service Shutting Down" message.
+ Avoid writing to the transcript if it couldn't be opened.
+ Signal errors in SMTP children to parent properly.
+ Handle self references in a list more globally (include a
+ QSELFREF bit in the address flags). This enhancement
+ was suggested by Eric Wassenaar.
+ Use initgroups() in hpux, even though it's System-V based. The
+ HASINITGROUPS compile flag can set this on other systems.
+ This HPUX behaviour was pointed out by Eric Wassenaar.
+6.23/6.6 93/02/16
+ Clean up handling of LogLevel to make it easier to figure out
+ what's on what level.
+ Change log levels to have some consistency:
+ 1 serious system failures, security problems
+ 2 lost communications, protocol failures
+ 3 other serious failures
+ 4 minor errors
+ 5 message collection
+ 6 vrfy logging, creation of return-to-sender
+ 7 delivery failures
+ 8 delivery successes
+ 9 delivery tempfails (queue ups)
+ 10 database expansion
+ >64 debugging
+ Allow IDA-style separated processing on S= and R= in Mailer
+ definition lines. Note that rulesets 1 and 2 are
+ still used for both addresses as before. Bruce Lilly
+ gave a convincing argument that RFC976 insists on
+ this behaviour.
+ Added some time zones to arpatounix -- they may not be in the
+ standards, but they are in use. However, I may delete
+ arpatounix entirely -- there appears to be no reason
+ for it to exist.
+ Change to UUCP mailer (in cf directory) to try to do a saner job.
+ I'm still not certain about this mailer in general.
+6.22/6.5 93/02/15
+ Fix bug that prevents saving letters in ~/dead.letter.
+ Don't add angle brackets in VRFY command if angle brackets already
+ exist in the address.
+ Fix bogus error message in udbexpand.
+ Null terminate host buffers in buildaddr (broken in 6.21) --
+6.21/6.5 93/02/15
+ Fix another incorrect error message in alias.c, found by Azuma
+ Okamoto.
+ Fix a couple of problems in the more-configurable config files,
+ found by Tom Ivar Helbekkmo.
+ Fix problem with quoted :include: entries.
+ Don't duplicate the filename on verbose printing of .forward and
+ :include: contents.
+ Extend size of prescan buffer (to allow bigger addresses). Also,
+ detect some buffer overflows.
+ Log user SMTP protocol errors (log level 4).
+6.20/6.4 93/02/14
+ Fix another problem in the MCI state machine caused when there
+ were errors generated from the other end to commands
+ other than RCPT.
+6.19/6.4 93/02/14
+ Include load average support for DEC Alpha running OSF/1.
+ Fix multiple-response problem with errors in MAIL From: line.
+ Fix SMTP reply codes for invalid address syntaxes (give 501;
+ never give multiple error messages for a single message).
+ Fix problem where a cached connection timeout rejects all
+ later connects to that host.
+ Fix incorrect error message if alias.c is compiled with DBM only.
+ Additional changes to fix nested conditionals (from Bruce Lilly).
+ Recover more gracefully from operating system failures, particularly
+ NULL returns from openmailer (from Noritoshi Demizu,
+ OMRON Corporation).
+ Log forward, alias, and userdb expand operations on log level 10;
+ concept suggested by P{r (Pell) Emanuelsson.
+ Changes for HPUX 8.07 compatibility.
+6.18/6.4 93/02/12
+ Allow any config option to be set using an M4 define.
+ Change UNAME compile flag to HASUNAME for IDA compatibility
+ (besides, it's a better name).
+ Note in README that on SunOS it must be linked -Bstatic.
+ Fairly major change in domain.c to handle wildcard MX records
+ more rationally. NOTE: the "w" option (no wildcard MX
+ records match local domain) has been eliminated.
+ Fix some unset variable references pointed out by Bruce Lilly.
+ Fix host name in process titles when using cached connection.
+6.17/6.3 93/01/28
+ Fix System 5 compatibility changes to be compatible with the rest
+ of the world.
+6.16/6.3 93/01/28
+ Experimental fix for problem handling errors in the SMTP
+ protocol in conjunction with connection caching.
+ System 5 compatibility changes.
+6.15/6.3 93/01/26
+ Fix a bug that causes local mail delivered using -odq to be
+ eliminated as a duplicate (because it matched the
+ ctladdr, now passed in as a C line). These changes
+ are pretty tricky......
+6.14/6.3 93/01/25
+ Add debugging for some MCI errors.
+6.13/6.3 93/01/22
+ Fix -e compatibility flag to take a value.
+ Fix a couple of minor compilation warnings on Sun cc.
+ Improve error messages in a few cases to be more self-explanatory.
+6.12/6.3 93/01/21
+ Fix yet-another problem with environment handling, pointed out
+ by Yoshitaka Tokugawa and Tom Ivar Helbekkmo.
+ Some heuristics to try to limit resource exhaustion problems
+ if a downstream host has been down for a long time.
+ Fix problem with incorrect host name being logged in "Connection
+ timed out" messages (from Tom Ivar Helbekkmo).
+ Fix some ANSI C problems (from Takahiro Kanbe).
+ Properly log message sender on returned mail during queue run.
+ Count number of recipients properly.
+ Fix a problem in yp map code.
+ Diagnose "message timed out" (from Motonori Nakamura).
+6.11/6.3 93/01/20
+ Fix problem with address delimitor inside quotes.
+ Define $k and $=k to be the UUCP name (from the uname call)
+ based on code from Bruce Lilly.
+6.10/6.2 93/01/18
+ Implement arpatounix (largely code from Bruce Lilly).
+ Log more info (suggested by John Myers).
+ Allow nested $?...$|...$. (inspired by code from Bruce Lilly of
+ Sony US).
+ POSIX compatibility (noted by Keith Bostic).
+ Handle SMTP MAIL command errors properly (urged by several people,
+ notably John Myers of CMU).
+ Do early diagnosis of .cf errors (notably referencing a RHS
+ substitution that isn't on the LHS).
+ Adjust checkpointing to better handle batched recipients, suggested
+ by John Myers.
+ Fix miscellaneous bugs.
+ (config files:) Implement MAIL_HUB for all local mail (to handle
+ NFS-mounted directories) as urged by Tom Ivar Helbekkmo
+ of the Norwegian School of Economics.
+6.9/6.1 93/01/13
+ Environment handling simplification/bug fix -- child processes
+ get a minimal, fixed environment. This avoids different
+ behaviour in queue runs.
+ Handle commas inside comments properly.
+ Properly limit large messages submitted in -obq mode.
+6.8/6.1 93/01/10
+ Check mtime of thaw file against .cf and sendmail binary, based on
+ code from John Myers.
+6.7/6.1 93/01/10
+ MX piggybacking, based on code from John Myers@CMU.
+ Allow checkcompat to return -1 to mean tempfail.
+ Bug fix in m_mno computation.
+6.6/6.1 93/01/09
+ Tuning of queueing functions as recommended by John Gardiner Myers.
+ Return mail headers (no body) on messages with negative precedence.
+ Minor other bug fixes.
+6.5/6.1 93/01/03
+ Fix botch causing queued headers to have ?XX? prefixes.
+6.4/6.1 93/01/02
+ Changes to recognize special mailer types (e.g., file) early.
+6.3/6.1 93/01/01
+ Pass timeouts to sfgets.
+ Check for control characters in addresses.
+ Fixed deferred error reporting.
+ Report duplicate aliases.
+ Handle mixed case recursive aliases.
+ Misc bug fixes.
+6.2/6.1 92/12/30
+ Put return-receipt-to on a conf.c flag (but don't set it).
+ Fix minor syslog problem.
diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README
new file mode 100644
index 000000000000..df50c9da1d03
--- /dev/null
+++ b/contrib/sendmail/cf/README
@@ -0,0 +1,2206 @@
+ Eric Allman <eric@Sendmail.ORG>
+ @(#)README 8.174 (Berkeley) 6/30/98
+This document describes the sendmail configuration files being used
+at Berkeley. These use features in the new (R8) sendmail; they will
+not work on other versions.
+These configuration files are probably not as general as previous
+versions, and don't handle as many of the weird cases automagically.
+I was able to simplify them for two reasons. First, the network
+has become more consistent -- for example, at this point, everyone
+on the internet is supposed to be running a name server, so hacks to
+handle NIC-registered hosts can go away. Second, I assumed that a
+subdomain would be running SMTP internally -- UUCP is presumed to be
+a long-haul protocol. I realize that this is not universal, but it
+does describe the vast majority of sites with which I am familiar,
+including those outside the US.
+Of course, the downside of this is that if you do live in a weird
+world, things are going to get weirder for you. I'm sorry about that,
+but at the time we at Berkeley had a problem, and it seemed like the
+right thing to do.
+This package requires a post-V7 version of m4; if you are running the
+4.2bsd, SysV.2, or 7th Edition version, I suggest finding a friend with
+a newer version. You can m4-expand on their system, then run locally.
+SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. GNU m4 version 1.1
+or later also works. Unfortunately, I'm told that the M4 on BSDI 1.0
+doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is
+available from ftp://ftp.gnu.org/pub/gnu/m4-1.4.tar.gz (check for
+the latest version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken
+(3.x is fine). Use GNU m4 on this platform.
+IF YOU DON'T HAVE A BERKELEY MAKE, don't despair! Just run
+"m4 ../m4/cf.m4 foo.mc > foo.cf" -- that should be all you need.
+There is also a fairly crude (but functional) Makefile.dist that works
+on the old version of make.
+To get started, you may want to look at tcpproto.mc (for TCP-only
+sites), uucpproto.mc (for UUCP-only sites), and clientproto.mc (for
+clusters of clients using a single mail host). Others are versions
+that we use at Berkeley, although not all are in current use. For
+example, ucbvax has gone away, but I've left ucbvax.mc in because
+it demonstrates some interesting techniques.
+I'm not pretending that this README describes everything that these
+configuration files can do; clever people can probably tweak them
+to great effect. But it should get you started.
+*** BE SURE YOU CUSTOMIZE THESE FILES! They have some ***
+*** Berkeley-specific assumptions built in, such as the name ***
+*** of our UUCP-relay. You'll want to create your own domain ***
+*** description, and use that in place of ***
+*** domain/Berkeley.EDU.m4. ***
+Configuration files are contained in the subdirectory "cf", with a
+suffix ".mc". They must be run through "m4" to produce a ".cf" file.
+You must pre-load "cf.m4":
+ m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf
+where ${CFDIR} is the root of the cf directory and config.mc is the
+name of your configuration file. If you are running a version of M4
+that understands the __file__ builtin (versions of GNU m4 >= 0.75 do
+this, but the versions distributed with 4.4BSD and derivatives do not)
+or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory.
+For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST
+use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example:
+ m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf
+Let's examine a typical .mc file:
+ divert(-1)
+ #
+ # Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+ # Copyright (c) 1983 Eric P. Allman. All rights reserved.
+ # Copyright (c) 1988, 1993
+ # The Regents of the University of California. All rights reserved.
+ #
+ # By using this file, you agree to the terms and conditions set
+ # forth in the LICENSE file which can be found at the top level of
+ # the sendmail distribution.
+ #
+ #
+ # This is a Berkeley-specific configuration file for HP-UX 9.x.
+ # It applies only to the Computer Science Division at Berkeley,
+ # and should not be used elsewhere. It is provided on the sendmail
+ # distribution as a sample only. To create your own configuration
+ # file, create an appropriate domain file in ../domain, change the
+ # `DOMAIN' macro below to reference that file, and copy the result
+ # to a name of your own choosing.
+ #
+ divert(0)
+The divert(-1) will delete the crud in the resulting output file.
+The copyright notice can be replaced by whatever your lawyers require;
+our lawyers require the one that I've included in my files. A copyleft
+is a copyright by another name. The divert(0) restores regular output.
+ VERSIONID(`<SCCS or RCS version id>')
+VERSIONID is a macro that stuffs the version information into the
+resulting file. We use SCCS; you could use RCS, something else, or
+omit it completely. This is not the same as the version id included
+in SMTP greeting messages -- this is defined in m4/version.m4.
+ OSTYPE(hpux9)dnl
+You must specify an OSTYPE to properly configure things such as the
+pathname of the help and status files, the flags needed for the local
+mailer, and other important things. If you omit it, you will get an
+error when you try to build the configuration. Look at the ostype
+directory for the list of known operating system types.
+ DOMAIN(CS.Berkeley.EDU)dnl
+This example is specific to the Computer Science Division at Berkeley.
+You can use "DOMAIN(generic)" to get a sufficiently bland definition
+that may well work for you, or you can create a customized domain
+definition appropriate for your environment.
+ MAILER(local)
+ MAILER(smtp)
+These describe the mailers used at the default CS site site. The
+local mailer is always included automatically. Beware: MAILER
+declarations should always be at the end of the configuration file,
+and MAILER(smtp) should always precede MAILER(uucp). The general
+rules are that the order should be:
+ local macro definitions
+Sendmail uses the M4 macro processor to ``compile'' the configuration
+files. The most important thing to know is that M4 is stream-based,
+that is, it doesn't understand about lines. For this reason, in some
+places you may see the word ``dnl'', which stands for ``delete
+through newline''; essentially, it deletes all characters starting
+at the ``dnl'' up to and including the next newline character. In
+most cases sendmail uses this only to avoid lots of unnecessary
+blank lines in the output.
+Other important directives are define(A, B) which defines the macro
+``A'' to have value ``B''. Macros are expanded as they are read, so
+one normally quotes both values to prevent expansion. For example,
+ define(`SMART_HOST', `smart.foo.com')
+One word of warning: M4 macros are expanded even in lines that appear
+to be comments. For example, if you have
+ # See FEATURE(foo) above
+it will not do what you expect, because the FEATURE(foo) will be
+expanded. This also applies to
+ # And then define the $X macro to be the return address
+because ``define'' is an M4 keyword. If you want to use them, surround
+them with directed quotes, `like this'.
+sendmail 8.9 has introduced a new configuration directory for sendmail
+related files, /etc/mail. The new files available for sendmail 8.9 --
+the class 'R' /etc/mail/relay-domains and the access database
+/etc/mail/access -- take advantage of this new directory. 8.9 will
+serve as a transition release. Beginning with 8.10, all of the files
+will use this directory by default.
+You MUST define an operating system environment, or the configuration
+file build will puke. There are several environments available; look
+at the "ostype" directory for the current list. This macro changes
+things like the location of the alias file and queue directory. Some
+of these files are identical to one another.
+It is IMPERATIVE that the OSTYPE occur before any MAILER definitions.
+In general, the OSTYPE macro should go immediately after any version
+information, and MAILER definitions should always go last.
+Operating system definitions are usually easy to write. They may define
+the following variables (everything defaults, so an ostype file may be
+empty). Unfortunately, the list of configuration-supported systems is
+not as broad as the list of source-supported systems, since many of
+the source contributors do not include corresponding ostype files.
+ALIAS_FILE [/etc/aliases] The location of the text version
+ of the alias file(s). It can be a comma-separated
+ list of names (but be sure you quote values with
+ commas in them -- for example, use
+ define(`ALIAS_FILE', `a,b')
+ to get "a" and "b" both listed as alias files;
+ otherwise the define() primitive only sees "a").
+HELP_FILE [/usr/lib/sendmail.hf] The name of the file
+ containing information printed in response to
+ the SMTP HELP command.
+QUEUE_DIR [/var/spool/mqueue] The directory containing
+ queue files.
+STATUS_FILE [/etc/sendmail.st] The file containing status
+ information.
+LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail.
+LOCAL_MAILER_FLAGS [rmn9] The flags used by the local mailer. The
+ flags lsDFM are always included.
+LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local
+ mail.
+LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local
+ mail that you are willing to accept.
+LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
+ that ARRIVE from an address that resolves to the
+ local mailer and which are converted to MIME will be
+ labeled with this character set.
+LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email.
+LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The
+ flags lsDFM are always included.
+LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog"
+ mail.
+LOCAL_SHELL_DIR [$z:/] The directory search path in which the
+ shell should run.
+USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program
+ used to submit news.
+USENET_MAILER_FLAGS [rlsDFMmn] The mailer flags for the usenet mailer.
+USENET_MAILER_ARGS [-m -h -n] The command line arguments for the
+ usenet mailer.
+USENET_MAILER_MAX [100000] The maximum size of messages that will
+ be accepted by the usenet mailer.
+SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default
+ flags are `mDFMUX' for all SMTP-based mailers; the
+ "esmtp" mailer adds `a' and "smtp8" adds `8'.
+SMTP_MAILER_MAX [undefined] The maximum size of messages that will
+ be transported using the smtp, smtp8, or esmtp
+ mailers.
+SMTP_MAILER_ARGS [IPC $h] The arguments passed to the smtp mailer.
+ About the only reason you would want to change this
+ would be to change the default port.
+ESMTP_MAILER_ARGS [IPC $h] The arguments passed to the esmtp mailer.
+SMTP8_MAILER_ARGS [IPC $h] The arguments passed to the smtp8 mailer.
+RELAY_MAILER_ARGS [IPC $h] The arguments passed to the relay mailer.
+SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
+ that ARRIVE from an address that resolves to one of
+ the SMTP mailers and which are converted to MIME will
+ be labeled with this character set.
+UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail.
+UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default
+ flags are `DFMhuU' (and `m' for uucp-new mailer,
+ minus `U' for uucp-dom mailer).
+UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments
+ passed to the UUCP mailer.
+UUCP_MAILER_MAX [100000] The maximum size message accepted for
+ transmission by the UUCP mailers.
+UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
+ that ARRIVE from an address that resolves to one of
+ the UUCP mailers and which are converted to MIME will
+ be labeled with this character set.
+FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to
+ submit FAX messages.
+FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX
+ mailer.
+FAX_MAILER_MAX [100000] The maximum size message accepted for
+ transmission by FAX.
+POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer.
+POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags "lsDFM"
+ are always added.
+POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer.
+PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail
+ program. This is also used by FEATURE(local_procmail).
+PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags
+ ``DFM'' are always set. This is NOT used by
+ FEATURE(local_procmail); tweak LOCAL_MAILER_FLAGS
+ instead.
+PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to
+ the Procmail mailer. This is NOT used by
+ FEATURE(local_procmail); tweak LOCAL_MAILER_ARGS
+ instead.
+PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that
+ will be accepted by the procmail mailer.
+MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer.
+MAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer.
+MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11
+ mailer.
+PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery
+ program.
+PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer.
+PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer.
+CYRUS_MAILER_FLAGS [A5@/:|] The flags used by the cyrus mailer. The
+ flags lsDFMnPq are always included.
+CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver
+ cyrus mail.
+CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed
+ to deliver cyrus mail.
+CYRUS_MAILER_MAX [undefined] If set, the maximum size message that
+ will be accepted by the cyrus mailer.
+CYRUS_MAILER_USER [cyrus:mail] The user and group to become when
+ running the cyrus mailer.
+CYRUS_BB_MAILER_FLAGS [undefined] The flags used by the cyrusbb
+ mailer. The flags lsDFMnP are always included.
+CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed
+ to deliver cyrusbb mail.
+confEBINDIR [/usr/libexec] The directory for executables.
+ Currently used for FEATURE(local_lmtp) and
+ FEATURE(smrsh).
+You will probably want to collect domain-dependent defines into one
+file, referenced by the DOMAIN macro. For example, our Berkeley
+domain file includes definitions for several internal distinguished
+UUCP_RELAY The host that will accept UUCP-addressed email.
+ If not defined, all UUCP sites must be directly
+ connected.
+BITNET_RELAY The host that will accept BITNET-addressed email.
+ If not defined, the .BITNET pseudo-domain won't work.
+DECNET_RELAY The host that will accept DECNET-addressed email.
+ If not defined, the .DECNET pseudo-domain and addresses
+ of the form node::user will not work.
+FAX_RELAY The host that will accept mail to the .FAX pseudo-domain.
+ The "fax" mailer overrides this value.
+LOCAL_RELAY DEPRECATED. The site that will handle unqualified
+ names -- that is, names with out an @domain extension.
+ If not set, they are assumed to belong on this machine.
+ This allows you to have a central site to store a
+ company- or department-wide alias database. This
+ only works at small sites, and only with some user
+ agents.
+LUSER_RELAY The site that will handle lusers -- that is, apparently
+ local names that aren't local accounts or aliases.
+Any of these can be either ``mailer:hostname'' (in which case the
+mailer is the internal mailer name, such as ``uucp-new'' and the hostname
+is the name of the host as appropriate for that mailer) or just a
+``hostname'', in which case a default mailer type (usually ``relay'',
+a variant on SMTP) is used. WARNING: if you have a wildcard MX
+record matching your domain, you probably want to define these to
+have a trailing dot so that you won't get the mail diverted back
+to yourself.
+The domain file can also be used to define a domain name, if needed
+(using "DD<domain>") and set certain site-wide features. If all hosts
+at your site masquerade behind one email name, you could also use
+You do not have to define a domain -- in particular, if you are a
+single machine sitting off somewhere, it is probably more work than
+it's worth. This is just a mechanism for combining "domain dependent
+knowledge" into one place.
+There are fewer mailers supported in this version than the previous
+version, owing mostly to a simpler world. As a general rule, put the
+MAILER definitions last in your .mc file, and always put MAILER(smtp)
+before MAILER(uucp) -- several features and definitions will modify
+the definition of mailers, and the smtp mailer modifies the UUCP
+local The local and prog mailers. You will almost always
+ need these; the only exception is if you relay ALL
+ your mail to another site. This mailer is included
+ automatically.
+smtp The Simple Mail Transport Protocol mailer. This does
+ not hide hosts behind a gateway or another other
+ such hack; it assumes a world where everyone is
+ running the name server. This file actually defines
+ four mailers: "smtp" for regular (old-style) SMTP to
+ other servers, "esmtp" for extended SMTP to other
+ servers, "smtp8" to do SMTP to other servers without
+ converting 8-bit data to MIME (essentially, this is
+ your statement that you know the other end is 8-bit
+ clean even if it doesn't say so), and "relay" for
+ transmission to our RELAY_HOST, LUSER_RELAY, or
+uucp The Unix-to-Unix Copy Program mailer. Actually, this
+ defines two mailers, "uucp-old" (a.k.a. "uucp") and
+ "uucp-new" (a.k.a. "suucp"). The latter is for when you
+ know that the UUCP mailer at the other end can handle
+ multiple recipients in one transfer. If the smtp mailer
+ is also included in your configuration, two other mailers
+ ("uucp-dom" and "uucp-uudom") are also defined [warning:
+ you MUST specify MAILER(smtp) before MAILER(uucp)]. When you
+ include the uucp mailer, sendmail looks for all names in
+ the $=U class and sends them to the uucp-old mailer; all
+ names in the $=Y class are sent to uucp-new; and all
+ names in the $=Z class are sent to uucp-uudom. Note that
+ this is a function of what version of rmail runs on
+ the receiving end, and hence may be out of your control.
+ See the section below describing UUCP mailers in more
+ detail.
+usenet Usenet (network news) delivery. If this is specified,
+ an extra rule is added to ruleset 0 that forwards all
+ local email for users named ``group.usenet'' to the
+ ``inews'' program. Note that this works for all groups,
+ and may be considered a security problem.
+fax Facsimile transmission. This is experimental and based
+ on Sam Leffler's HylaFAX software. For more information,
+ see http://www.vix.com/hylafax/.
+pop Post Office Protocol.
+procmail An interface to procmail (does not come with sendmail).
+ This is designed to be used in mailertables. For example,
+ a common question is "how do I forward all mail for a given
+ domain to a single person?". If you have this mailer
+ defined, you could set up a mailertable reading:
+ host.com procmail:/etc/procmailrcs/host.com
+ with the file /etc/procmailrcs/host.com reading:
+ :0 # forward mail for host.com
+ ! -oi -f $1 person@other.host
+ This would arrange for (anything)@host.com to be sent
+ to person@other.host. Within the procmail script, $1 is
+ the name of the sender and $2 is the name of the recipient.
+ If you use this with FEATURE(local_procmail), the FEATURE
+ should be listed first.
+mail11 The DECnet mail11 mailer, useful only if you have the mail11
+ program from gatekeeper.dec.com:/pub/DEC/gwtools (and
+ DECnet, of course). This is for Phase IV DECnet support;
+ if you have Phase V at your site you may have additional
+ problems.
+phquery The phquery program. This is somewhat counterintuitively
+ referenced as the "ph" mailer internally. It can be used
+ to do CCSO name server lookups. The phquery program, which
+ this mailer uses, is distributed with the ph client.
+cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to
+ a local cyrus user. this mailer can make use of the
+ "user+detail@local.host" syntax; it will deliver the mail to
+ the user's "detail" mailbox if the mailbox's ACL permits.
+ The cyrusbb mailer delivers to a system-wide cyrus mailbox
+ if the mailbox's ACL permits.
+The local mailer accepts addresses of the form "user+detail", where
+the "+detail" is not used for mailbox matching but is available
+to certain local mail programs (in particular, see FEATURE(local_procmail)).
+For example, "eric", "eric+sendmail", and "eric+sww" all indicate
+the same user, but additional arguments <null>, "sendmail", and "sww"
+may be provided for use in sorting mail.
+Special features can be requested using the "FEATURE" macro. For
+example, the .mc line:
+ FEATURE(use_cw_file)
+tells sendmail that you want to have it read an /etc/sendmail.cw
+file to get values for class $=w. The FEATURE may contain a single
+optional parameter -- for example:
+ FEATURE(mailertable, dbm /usr/lib/mailertable)
+The default database map type for the table features can be set with
+ define(`DATABASE_MAP_TYPE', `dbm')
+which would set it to use ndbm databases. The default is the Berkeley DB
+hash database format. Note that you must still declare a database map type
+if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used
+if no argument is given for the FEATURE.
+Available features are:
+use_cw_file Read the file /etc/sendmail.cw file to get alternate
+ names for this host. This might be used if you were
+ on a host that MXed for a dynamic set of other
+ hosts. If the set is static, just including the line
+ "Cw<name1> <name2> ..." (where the names are fully
+ qualified domain names) is probably superior.
+ The actual filename can be overridden by redefining
+ confCW_FILE.
+use_ct_file Read the file /etc/sendmail.ct file to get the names
+ of users that will be ``trusted'', that is, able to
+ set their envelope from address using -f without
+ generating a warning message.
+ The actual filename can be overridden by redefining
+ confCT_FILE.
+redirect Reject all mail addressed to "address.REDIRECT" with
+ a ``551 User not local; please try <address>'' message.
+ If this is set, you can alias people who have left
+ to their new address with ".REDIRECT" appended.
+nouucp Don't do anything special with UUCP addresses at all.
+nocanonify Don't pass addresses to $[ ... $] for canonification.
+ This would generally only be used by sites that only
+ act as mail gateways or which have user agents that do
+ full canonification themselves. You may also want to
+ use "define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')" to
+ turn off the usual resolver options that do a similar
+ thing.
+stickyhost If set, email sent to "user@local.host" are marked
+ as "sticky" -- that is, the local addresses aren't
+ matched against UDB and don't go through ruleset 5.
+ This is used if you want a set up where "user" is
+ not necessarily the same as "user@local.host", e.g.,
+ to make a distinct domain-wide namespace. Prior to
+ 8.7 this was the default, and notsticky was used to
+ turn this off.
+mailertable Include a "mailer table" which can be used to override
+ routing for particular domains. The argument of the
+ FEATURE may be the key definition. If none is specified,
+ the definition used is:
+ hash -o /etc/mailertable
+ Keys in this database are fully qualified domain names
+ or partial domains preceded by a dot -- for example,
+ "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU".
+ Values must be of the form:
+ mailer:domain
+ where "mailer" is the internal mailer name, and "domain"
+ is where to send the message. These maps are not
+ reflected into the message header. As a special case,
+ the forms:
+ local:user
+ will forward to the indicated user using the local mailer,
+ local:
+ will forward to the original user in the e-mail address
+ using the local mailer, and
+ error:code message
+ will give an error message with the indicated code and
+ message.
+domaintable Include a "domain table" which can be used to provide
+ domain name mapping. Use of this should really be
+ limited to your own domains. It may be useful if you
+ change names (e.g., your company changes names from
+ oldname.com to newname.com). The argument of the
+ FEATURE may be the key definition. If none is specified,
+ the definition used is:
+ hash -o /etc/domaintable
+ The key in this table is the domain name; the value is
+ the new (fully qualified) domain. Anything in the
+ domaintable is reflected into headers; that is, this
+ is done in ruleset 3.
+bitdomain Look up bitnet hosts in a table to try to turn them into
+ internet addresses. The table can be built using the
+ bitdomain program contributed by John Gardiner Myers.
+ The argument of the FEATURE may be the key definition; if
+ none is specified, the definition used is:
+ hash -o /etc/bitdomain.db
+ Keys are the bitnet hostname; values are the corresponding
+ internet hostname.
+uucpdomain Similar feature for UUCP hosts. The default map definition
+ is:
+ hash -o /etc/uudomain.db
+ At the moment there is no automagic tool to build this
+ database.
+ Include the local host domain even on locally delivered
+ mail. Normally it is not added on unqualified names.
+ However, if you use a shared message store but do not use
+ the same user name space everywhere, you may need the host
+ name on local names.
+allmasquerade If masquerading is enabled (using MASQUERADE_AS), this
+ feature will cause recipient addresses to also masquerade
+ as being from the masquerade host. Normally they get
+ the local hostname. Although this may be right for
+ ordinary users, it can break local aliases. For example,
+ if you send to "localalias", the originating sendmail will
+ find that alias and send to all members, but send the
+ message with "To: localalias@masqueradehost". Since that
+ alias likely does not exist, replies will fail. Use this
+ feature ONLY if you can guarantee that the ENTIRE
+ namespace on your masquerade host supersets all the
+ local entries.
+ Normally, any hosts listed in $=w are masqueraded. If this
+ feature is given, only the hosts listed in $=M are masqueraded.
+ This is useful if you have several domains with disjoint
+ namespaces hosted on the same machine.
+ If masquerading is enabled (using MASQUERADE_AS) and
+ MASQUERADE_DOMAIN (see below) is set, this feature will
+ cause addresses to be rewritten such that the masquerading
+ domains are actually entire domains to be hidden. All
+ hosts within the masquerading domains will be rewritten
+ to the masquerade name (used in MASQUERADE_AS). For example,
+ if you have:
+ MASQUERADE_AS(masq.com)
+ then *foo.org and *bar.com are converted to masq.com. Without
+ this feature, only foo.org and bar.com are masqueraded.
+ NOTE: only domains within your jurisdiction and
+ current hierarchy should be masqueraded using this.
+genericstable This feature will cause certain addresses originating locally
+ (i.e. that are unqualified) or a domain listed in $=G to be
+ looked up in a map and turned into another ("generic") form,
+ which can change both the domain name and the user name. This
+ is similar to the userdb functionality. The same types of
+ addresses as for masquerading are looked up, i.e. only header
+ sender addresses unless the allmasquerade and/or
+ masquerade_envelope features are given. Qualified addresses
+ must have the domain part in the list of names given by the
+ see below).
+ The argument of FEATURE(genericstable) may be the map
+ definition; the default map definition is:
+ hash -o /etc/genericstable
+ The key for this table is either the full address or the
+ unqualified username (the former is tried first); the
+ value is the new user address. If the new user address does
+ not include a domain, it will be qualified in the standard
+ manner, i.e. using $j or the masquerade name. Note that the
+ address being looked up must be fully qualified. For local
+ mail, it is necessary to use FEATURE(always_add_domain) for
+ the addresses to be qualified.
+virtusertable A domain-specific form of aliasing, allowing multiple
+ virtual domains to be hosted on one machine. For example,
+ if the virtuser table contained:
+ info@foo.com foo-info
+ info@bar.com bar-info
+ @baz.org jane@elsewhere.net
+ then mail addressed to info@foo.com will be sent to the
+ address foo-info, mail addressed to info@bar.com will be
+ delivered to bar-info, and mail addressed to anyone at
+ baz.org will be sent to jane@elsewhere.net. The username
+ from the original address is passed as %1 allowing:
+ @foo.org %1@elsewhere.com
+ meaning someone@foo.org will be sent to someone@elsewhere.com.
+ All the host names on the left hand side (foo.com, bar.com,
+ and baz.org) must be in $=w. The default map definition is:
+ hash -o /etc/virtusertable
+ A new definition can be specified as the second argument of
+ the FEATURE macro, such as
+ FEATURE(virtusertable, dbm -o /etc/mail/virtusers)
+nodns We aren't running DNS at our site (for example,
+ we are UUCP-only connected). It's hard to consider
+ this a "feature", but hey, it had to go somewhere.
+ Actually, as of 8.7 this is a no-op -- remove "dns" from
+ the hosts service switch entry instead.
+nullclient This is a special case -- it creates a stripped down
+ configuration file containing nothing but support for
+ forwarding all mail to a central hub via a local
+ SMTP-based network. The argument is the name of that
+ hub.
+ The only other feature that should be used in conjunction
+ with this one is "nocanonify" (this causes addresses to
+ be sent unqualified via the SMTP connection; normally
+ they are qualified with the masquerade name, which
+ defaults to the name of the hub machine). No mailers
+ should be defined. No aliasing or forwarding is done.
+local_lmtp Use an LMTP capable local mailer. The argument to this
+ feature is the pathname of an LMTP capable mailer. By
+ default, mail.local is used. This is expected to be the
+ mail.local which came with the 8.9 distribution which is
+ LMTP capable. The path to mail.local is set by the
+ confEBINDIR m4 variable -- making the default
+ LOCAL_MAILER_PATH /usr/libexec/mail.local.
+local_procmail Use procmail as the local mailer. This mailer can
+ make use of the "user+indicator@local.host" syntax;
+ normally the +indicator is just tossed, but by default
+ it is passed as the -a argument to procmail. The
+ argument to this feature is the pathname of procmail,
+ which defaults to PROCMAIL_MAILER_PATH. Note that this
+ for the local mailer; tweak LOCAL_MAILER_FLAGS and
+bestmx_is_local Accept mail as though locally addressed for any host that
+ lists us as the best possible MX record. This generates
+ additional DNS traffic, but should be OK for low to
+ medium traffic hosts. The argument may be a set of
+ domains, which will limit the feature to only apply to
+ these domains -- this will reduce unnecessary DNS
+ WILDCARD MX RECORDS!!! If you have a wildcard MX record
+ that matches your domain, you cannot use this feature.
+smrsh Use the SendMail Restricted SHell (smrsh) provided
+ with the distribution instead of /bin/sh for mailing
+ to programs. This improves the ability of the local
+ system administrator to control what gets run via
+ e-mail. If an argument is provided it is used as the
+ pathname to smrsh; otherwise, the path defined by
+ confEBINDIR is used for the smrsh binary -- by default,
+ /usr/libexec/smrsh is assumed.
+ By default, the sendmail configuration files do not permit
+ mail relaying (that is, accepting mail from outside your
+ domain and sending it to another host outside your domain).
+ This option sets your site to allow mail relaying from any
+ site to any site. In general, it is better to control the
+ relaying more carefully with the access db and the 'R'
+ class ($=R). Domains can be added to class 'R' by the
+ macros RELAY_DOMAIN or RELAY_DOMAIN_FILE (analogously to
+ By default, only hosts listed as RELAY in the access db
+ will be allowed to relay. This option also allows any
+ host in your domain as defined by the 'm' class ($=m).
+ By default, names that are listed as RELAY in the access
+ db and class 'R' ($=R) are domain names, not host names.
+ For example, if you specify ``foo.com'', then mail to or
+ from foo.com, abc.foo.com, or a.very.deep.domain.foo.com
+ will all be accepted for relaying. This feature changes
+ the behaviour to lookup individual host names only.
+ Turns on the ability to allow relaying based on the MX
+ records of the host portion of an incoming recipient. See
+ description below for more information before using this
+ feature.
+ Allows relaying if the domain portion of the mail sender
+ is a local host. This should only be used if absolutely
+ necessary as it opens a window for spammers.
+ Normally, MAIL FROM: commands in the SMTP session will be
+ refused if the connection is a network connection and the
+ sender address does not include a domain name. If your
+ setup sends local mail unqualified (i.e. MAIL FROM: <joe>),
+ you will need to use this feature to accept unqualified
+ sender addresses.
+ Normally, MAIL FROM: commands in the SMTP session will be
+ refused if the host part of the argument to MAIL FROM: cannot
+ be located in the host name service (e.g., DNS). If you are
+ inside a firewall that has only a limited view of the
+ Internet host name space, this could cause problems. In this
+ case you probably want to use this feature to accept all
+ domains on input, even if they are unresolvable.
+access_db Turns on the access database feature. The access db gives
+ you the ability to allow or refuse to accept mail from
+ specified domains for administrative reasons. By default,
+ the access database specification is
+ ``hash -o /etc/mail/access''. The format of the
+ database is described below.
+ Turns on the ability to block incoming mail for certain
+ recipient usernames, hostnames, or addresses. For
+ example, you can block incoming mail to user nobody,
+ host foo.mydomain.com, or guest@bar.mydomain.com.
+ These specifications are put in the access db as
+ described below.
+rbl Turns on rejection of hosts found in the Realtime Blackhole
+ List. If an argument is provided it is used as the
+ name sever to contact; otherwise, the main RBL server at
+ rbl.maps.vix.com is used. For details, see
+ http://maps.vix.com/rbl/.
+ Normally, if a recipient using % addressing is used, e.g.
+ user%site@othersite, and othersite is in class 'R', the
+ check_rcpt ruleset will strip @othersite and recheck
+ user@site for relaying. This feature changes that
+ behavior. It should not be needed for most installations.
+| HACKS |
+Some things just can't be called features. To make this clear,
+they go in the hack subdirectory and are referenced using the HACK
+macro. These will tend to be site-dependent. The release
+includes the Berkeley-dependent "cssubdomain" hack (that makes
+sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU;
+this is intended as a short-term aid while we move hosts into
+ *****************************************************
+ * This section is really obsolete, and is preserved *
+ * only for back compatibility. You should plan on *
+ * using mailertables for new installations. In *
+ * particular, it doesn't work for the newer forms *
+ * of UUCP mailers, such as uucp-uudom. *
+ *****************************************************
+Complex sites will need more local configuration information, such as
+lists of UUCP hosts they speak with directly. This can get a bit more
+tricky. For an example of a "complex" site, see cf/ucbvax.mc.
+If your host is known by several different names, you need to augment
+the $=w class. This is a list of names by which you are known, and
+anything sent to an address using a host name in this list will be
+treated as local mail. You can do this in two ways: either create
+the file /etc/sendmail.cw containing a list of your aliases (one per
+line), and use ``FEATURE(use_cw_file)'' in the .mc file, or add the
+ Cw alias.host.name
+at the end of that file. See the ``vangogh.mc'' file for an example.
+Be sure you use the fully-qualified name of the host, rather than a
+short name.
+The SITECONFIG macro allows you to indirectly reference site-dependent
+configuration information stored in the siteconfig subdirectory. For
+example, the line
+ SITECONFIG(uucp.ucbvax, ucbvax, U)
+reads the file uucp.ucbvax for local connection information. The
+second parameter is the local name (in this case just "ucbvax" since
+it is locally connected, and hence a UUCP hostname). The third
+parameter is the name of both a macro to store the local name (in
+this case, $U) and the name of the class (e.g., $=U) in which to store
+the host information read from the file. Another SITECONFIG line reads
+ SITECONFIG(uucp.ucbarpa, ucbarpa.Berkeley.EDU, W)
+This says that the file uucp.ucbarpa contains the list of UUCP sites
+connected to ucbarpa.Berkeley.EDU. The $=W class will be used to
+store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that
+is, the name of the relay to which the hosts listed in uucp.ucbarpa
+are connected. [The machine ucbarpa is gone now, but I've left
+this out-of-date configuration file around to demonstrate how you
+might do this.]
+Note that the case of SITECONFIG with a third parameter of ``U'' is
+special; the second parameter is assumed to be the UUCP name of the
+local site, rather than the name of a remote site, and the UUCP name
+is entered into $=w (the list of local hostnames) as $U.UUCP.
+The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing
+more than a sequence of SITE macros describing connectivity. For
+ SITE(cnmat)
+ SITE(sgi olympus)
+The second example demonstrates that you can use two names on the
+same line; these are usually aliases for the same host (or are at
+least in the same company).
+It's hard to get UUCP mailers right because of the extremely ad hoc
+nature of UUCP addressing. These config files are really designed
+for domain-based addressing, even for UUCP sites.
+There are four UUCP mailers available. The choice of which one to
+use is partly a matter of local preferences and what is running at
+the other end of your UUCP connection. Unlike good protocols that
+define what will go over the wire, UUCP uses the policy that you
+should do what is right for the other end; if they change, you have
+to change. This makes it hard to do the right thing, and discourages
+people from updating their software. In general, if you can avoid
+UUCP, please do.
+The major choice is whether to go for a domainized scheme or a
+non-domainized scheme. This depends entirely on what the other
+end will recognize. If at all possible, you should encourage the
+other end to go to a domain-based system -- non-domainized addresses
+don't work entirely properly.
+The four mailers are:
+ uucp-old (obsolete name: "uucp")
+ This is the oldest, the worst (but the closest to UUCP) way of
+ sending messages accros UUCP connections. It does bangify
+ everything and prepends $U (your UUCP name) to the sender's
+ address (which can already be a bang path itself). It can
+ only send to one address at a time, so it spends a lot of
+ time copying duplicates of messages. Avoid this if at all
+ possible.
+ uucp-new (obsolete name: "suucp")
+ The same as above, except that it assumes that in one rmail
+ command you can specify several recipients. It still has a
+ lot of other problems.
+ uucp-dom
+ This UUCP mailer keeps everything as domain addresses.
+ Basically, it uses the SMTP mailer rewriting rules. This mailer
+ is only included if MAILER(smtp) is also specified.
+ Unfortunately, a lot of UUCP mailer transport agents require
+ bangified addresses in the envelope, although you can use
+ domain-based addresses in the message header. (The envelope
+ shows up as the From_ line on UNIX mail.) So....
+ uucp-uudom
+ This is a cross between uucp-new (for the envelope addresses)
+ and uucp-dom (for the header addresses). It bangifies the
+ envelope sender (From_ line in messages) without adding the
+ local hostname, unless there is no host name on the address
+ at all (e.g., "wolf") or the host component is a UUCP host name
+ instead of a domain name ("somehost!wolf" instead of
+ "some.dom.ain!wolf"). This is also included only if MAILER(smtp)
+ is also specified.
+We are on host grasp.insa-lyon.fr (UUCP host name "grasp"). The
+following summarizes the sender rewriting for various mailers.
+Mailer sender rewriting in the envelope
+------ ------ -------------------------
+uucp-{old,new} wolf grasp!wolf
+uucp-dom wolf wolf@grasp.insa-lyon.fr
+uucp-uudom wolf grasp.insa-lyon.fr!wolf
+uucp-{old,new} wolf@fr.net grasp!fr.net!wolf
+uucp-dom wolf@fr.net wolf@fr.net
+uucp-uudom wolf@fr.net fr.net!wolf
+uucp-{old,new} somehost!wolf grasp!somehost!wolf
+uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr
+uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf
+If you are using one of the domainized UUCP mailers, you really want
+to convert all UUCP addresses to domain format -- otherwise, it will
+do it for you (and probably not the way you expected). For example,
+if you have the address foo!bar!baz (and you are not sending to foo),
+the heuristics will add the @uucp.relay.name or @local.host.name to
+this address. However, if you map foo to foo.host.name first, it
+will not add the local hostname. You can do this using the uucpdomain
+For more complex configurations, you can define special rules.
+The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing
+the names. Any modifications made here are reflected in the header.
+A common use is to convert old UUCP addresses to SMTP addresses using
+the UUCPSMTP macro. For example:
+ UUCPSMTP(decvax, decvax.dec.com)
+ UUCPSMTP(research, research.att.com)
+will cause addresses of the form "decvax!user" and "research!user"
+to be converted to "user@decvax.dec.com" and "user@research.att.com"
+This could also be used to look up hosts in a database map:
+ R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3
+This map would be defined in the LOCAL_CONFIG portion, as shown below.
+Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules.
+For example, new rules are needed to parse hostnames that you accept
+via MX records. For example, you might have:
+ R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.>
+You would use this if you had installed an MX record for cnmat.Berkeley.EDU
+pointing at this host; this rule catches the message and forwards it on
+using UUCP.
+You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2.
+These rulesets are normally empty.
+A similar macro is LOCAL_CONFIG. This introduces lines added after the
+boilerplate option setting but before rulesets, and can be used to
+declare local database maps or whatever. For example:
+ Khostmap hash /etc/hostmap.db
+ Kyplocal nis -m hosts.byname
+You can have your host masquerade as another using
+ MASQUERADE_AS(host.domain)
+This causes mail being sent to be labeled as coming from the
+indicated host.domain, rather than $j. One normally masquerades as
+one of one's own subdomains (for example, it's unlikely that I would
+choose to masquerade as an MIT site). This behaviour is modified by
+a plethora of FEATUREs; in particular, see masquerade_envelope,
+allmasquerade, limited_masquerade, and masquerade_entire_domain.
+The masquerade name is not normally canonified, so it is important
+that it be your One True Name, that is, fully qualified and not a
+CNAME. However, if you use a CNAME, the receiving side may canonify
+it for you, so don't think you can cheat CNAME mapping this way.
+Normally the only addresses that are masqueraded are those that come
+from this host (that is, are either unqualified or in $=w, the list
+of local domain names). You can augment this list using
+ MASQUERADE_DOMAIN(otherhost.domain)
+The effect of this is that although mail to user@otherhost.domain
+will not be delivered locally, any mail including any user@otherhost.domain
+will, when relayed, be rewritten to have the MASQUERADE_AS address.
+This can be a space-separated list of names.
+If these names are in a file, you can use
+to read the list of names from the indicated file.
+Normally only header addresses are masqueraded. If you want to
+masquerade the envelope as well, use
+ FEATURE(masquerade_envelope)
+There are always users that need to be "exposed" -- that is, their
+internal site name should be displayed instead of the masquerade name.
+Root is an example. You can add users to this list using
+ EXPOSED_USER(usernames)
+This adds users to class E; you could also use something like
+ FE/etc/sendmail.cE
+You can also arrange to relay all unqualified names (that is, names
+without @host) to a relay host. For example, if you have a central
+email server, you might relay to that host so that users don't have
+to have .forward files or aliases. You can do this using
+ define(`LOCAL_RELAY', mailer:hostname)
+The ``mailer:'' can be omitted, in which case the mailer defaults to
+"relay". There are some user names that you don't want relayed, perhaps
+because of local aliases. A common example is root, which may be
+locally aliased. You can add entries to this list using
+ LOCAL_USER(usernames)
+This adds users to class L; you could also use something like
+ FL/etc/sendmail.cL
+If you want all incoming mail sent to a centralized hub, as for a
+shared /var/spool/mail scheme, use
+ define(`MAIL_HUB', mailer:hostname)
+Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY
+and MAIL_HUB _AND_ you have FEATURE(stickyhost), unqualified names will
+be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB.
+Names in $=L will be delivered locally, so you MUST have aliases or
+.forward files for them.
+For example, if you are on machine mastodon.CS.Berkeley.EDU and you have
+FEATURE(stickyhost), the following combinations of settings will have the
+indicated effects:
+email sent to.... eric eric@mastodon.CS.Berkeley.EDU
+LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally)
+mail.CS.Berkeley.EDU (no local aliasing) (aliasing done)
+MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
+mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done)
+Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
+MAIL_HUB set as above (no local aliasing) (aliasing done)
+If you do not have FEATURE(stickyhost) set, then LOCAL_RELAY and
+MAIL_HUB act identically, with MAIL_HUB taking precedence.
+If you want all outgoing mail to go to a central relay site, define
+SMART_HOST as well. Briefly:
+ LOCAL_RELAY applies to unqualified names (e.g., "eric").
+ MAIL_HUB applies to names qualified with the name of the
+ local host (e.g., "eric@mastodon.CS.Berkeley.EDU").
+ SMART_HOST applies to names qualified with other hosts.
+However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY,
+DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you
+really want absolutely everything to go to a single central site you will
+need to unset all the other relays -- or better yet, find or build a
+minimal config file that does this.
+For duplicate suppression to work properly, the host name is best
+specified with a terminal dot:
+ define(`MAIL_HUB', `host.domain.')
+ note the trailing dot ---^
+The primary anti-spam features available in sendmail are:
+* Relaying is denied by default.
+* Better checking on sender information.
+* Access database.
+* Header checks.
+Relaying (transmission of messages from a site outside your domain to
+another site outside your domain) is denied by default. Note that
+this changed in sendmail 8.9; previous versions allowed relaying by
+default. If you want to revert to the old behaviour, you will need
+to use FEATURE(promiscuous_relay). You can allow certain domains to
+relay through your server by adding their domain name or IP address to
+class 'R' ($=R) using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the
+access database (described below).
+If you use
+ FEATURE(relay_entire_domain)
+then any host in any of your local domains (that is, the $=m class)
+will be relayed.
+You can also allow relaying based on the MX records of the host
+portion of an incoming recipient address by using
+ FEATURE(relay_based_on_MX)
+For example, if your server receives a recipient of user@domain.com
+and domain.com lists your server in its MX records, the mail will be
+accepted. Note that this will stop spammers from using your host to
+relay spam but it will not stop outsiders from using your server as a
+relay for their site. Along the same lines,
+ FEATURE(relay_local_from)
+will allow relaying if the sender specifies a return path (i.e.
+MAIL FROM: <user@domain>) domain which is a local domain. This a
+dangerous feature as it will allow spammers to spam using your mail
+server by simply specifying a return address of user@your.domain.com.
+It should not be used unless absolutely necessary.
+If source routing is used in the recipient address (i.e.
+RCPT TO: <user%site.com@othersite.com>), sendmail will check
+user@site.com for relaying if othersite.com is an allowed relay host
+in either class 'R', class 'm' if FEATURE(relay_entire_domain) is used,
+or the access database if FEATURE(access_db) is used. To prevent
+the address from being stripped down, use:
+ FEATURE(loose_relay_check)
+If you think you need to use this feature, you probably do not. This
+should only be used for sites which have no control over the addresses
+that they provide a gateway for. Use this FEATURE with caution as it
+can allow spammers to relay through your server if not setup properly.
+As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has
+an unresolvable domain (i.e., one that DNS, your local name service,
+or special case rules in ruleset 3 cannot locate). If you want to
+continue to accept such domains, e.g. because you are inside a
+firewall that has only a limited view of the Internet host name space
+(note that you will not be able to return mail to them unless you have
+some "smart host" forwarder), use
+ FEATURE(accept_unresolvable_domains)
+sendmail will also refuse mail if the MAIL FROM: parameter is not
+fully qualified (i.e., contains a domain as well as a user). If you
+want to continue to accept such senders, use
+ FEATURE(accept_unqualified_senders)
+An ``access'' database can be created to accept or reject mail from
+selected domains. For example, you may choose to reject all mail
+originating from known spammers. To enable such a database, use
+ FEATURE(access_db)
+The FEATURE macro can accept a second parameter giving the key file
+definition for the database; for example
+ FEATURE(access_db, hash -o /etc/mail/access)
+The table itself uses e-mail addresses, domain names, and network
+numbers as keys. For example,
+ spammer@aol.com REJECT
+ cyberspammer.com REJECT
+ 206.117.147 REJECT
+would refuse mail from spammer@aol.com, any user from cyberspammer.com
+(or any host within the cyberspammer.com domain), and any host on the
+206.117.147.* network.
+The value part of the map can contain:
+ OK accept mail even if other rules in the
+ running ruleset would reject it.
+ RELAY Allow domain to relay through your SMTP
+ server. RELAY also serves an implicit
+ OK for the other checks.
+ REJECT reject the sender/recipient with a general
+ purpose message.
+ DISCARD discard the message completely using
+ the $#discard mailer
+ ### any text where ### is an RFC 821 compliant error code
+ and "any text" is a message to return for
+ the command.
+For example:
+ cyberspammer.com 550 We don't accept mail from spammers
+ okay.cyberspammer.com OK
+ sendmail.org OK
+ 128.32 RELAY
+would accept mail from okay.cyberspammer.com, but would reject mail
+from all other hosts at cyberspammer.com with the indicated message.
+It would allow accept mail from any hosts in the sendmail.org domain,
+and allow relaying for the 128.32.*.* network. Note, UUCP users may
+need to add hostname.UUCP to the access database or class 'R' ($=R).
+If you also use:
+ FEATURE(relay_hosts_only)
+then the above example will allow relaying for sendmail.org, but not
+hosts within the sendmail.org domain. Note that this will also require
+hosts listed in class 'R' ($=R) to be fully qualified host names.
+You can also use the access database to block sender addresses based on
+the username portion of the address. For example:
+ FREE.STEALTH.MAILER@ 550 Spam not accepted
+Note that you must include the @ after the username to signify that
+this database entry is for checking only the username portion of the
+sender address.
+If you use:
+ FEATURE(blacklist_recipients)
+then you can add entries to the map for local users, hosts in your
+domains, or addresses in your domain which should not receive mail:
+ badlocaluser 550 Mailbox disabled for this username
+ host.mydomain.com 550 That host does not accept mail
+ user@otherhost.mydomain.com 550 Mailbox disabled for this recipient
+This would prevent a recipient of badlocaluser@mydomain.com, any
+user at host.mydomain.com, and the single address
+user@otherhost.mydomain.com from receiving mail.
+There is also a ``Realtime Blackhole List'' run by the MAPS project
+at http://maps.vix.com/. This is a database maintained in DNS of
+spammers. To use this database, use
+ FEATURE(rbl)
+This will cause sendmail to reject mail from any site in the
+Realtime Blackhole List database. You can specify an alternative
+RBL name server to contact by specifying an argument to the FEATURE.
+The features described above make use of the check_relay, check_mail,
+and check_rcpt rulesets. If you wish to include your own checks,
+you can put your checks in the rulesets Local_check_relay,
+Local_check_mail, and Local_check_rcpt. For example if you wanted to
+block senders with all numeric usernames (i.e. 2312343@bigisp.com),
+you would use Local_check_mail and the new regex map:
+ Kallnumbers regex -a@MATCH ^[0-9]+$
+ SLocal_check_mail
+ # check address against various regex checks
+ R$* $: $>Parse0 $>3 $1
+ R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $)
+ R@MATCH $#error $: 553 Header Error
+These rules are called with the original arguments of the corresponding
+check_* ruleset. If the local ruleset returns $#OK, no further checking
+is done by the features described above and the mail is accepted. If the
+local ruleset resolves to a mailer (such as $#error or $#discard), the
+appropriate action is taken. Otherwise, the results of the local
+rewriting are ignored.
+You can also reject mail on the basis of the contents of headers.
+This is done by adding a ruleset call to the 'H' header definition command
+in sendmail.cf. For example, this can be used to check the validity of
+a Message-ID: header:
+ HMessage-Id: $>CheckMessageId
+ SCheckMessageId
+ R< $+ @ $+ > $@ OK
+ R$* $#error $: 553 Header Error
+Sometimes you may need to add entirely new mailers or rulesets. They
+should be introduced with the constructs MAILER_DEFINITIONS and
+LOCAL_RULESETS respectively. For example:
+ Mmymailer, ...
+ ...
+ Smyruleset
+ ...
+These configuration files are designed primarily for use by SMTP-based
+sites. I don't pretend that they are well tuned for UUCP-only or
+UUCP-primarily nodes (the latter is defined as a small local net
+connected to the rest of the world via UUCP). However, there is one
+hook to handle some special cases.
+You can define a ``smart host'' that understands a richer address syntax
+ define(`SMART_HOST', mailer:hostname)
+In this case, the ``mailer:'' defaults to "relay". Any messages that
+can't be handled using the usual UUCP rules are passed to this host.
+If you are on a local SMTP-based net that connects to the outside
+world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules.
+For example:
+ define(`SMART_HOST', suucp:uunet)
+ R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3
+This will cause all names that end in your domain name ($m) via
+SMTP; anything else will be sent via suucp (smart UUCP) to uunet.
+If you have FEATURE(nocanonify), you may need to omit the dots after
+the $m. If you are running a local DNS inside your domain which is
+not otherwise connected to the outside world, you probably want to
+ define(`SMART_HOST', smtp:fire.wall.com)
+ R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3
+That is, send directly only to things you found in your DNS lookup;
+anything else goes through SMART_HOST.
+You may need to turn off the anti-spam rules in order to accept
+UUCP mail with FEATURE(promiscuous_relay) and
+| WHO AM I? |
+Normally, the $j macro is automatically defined to be your fully
+qualified domain name (FQDN). Sendmail does this by getting your
+host name using gethostname and then calling gethostbyname on the
+result. For example, in some environments gethostname returns
+only the root of the host name (such as "foo"); gethostbyname is
+supposed to return the FQDN ("foo.bar.com"). In some (fairly rare)
+cases, gethostbyname may fail to return the FQDN. In this case
+you MUST define confDOMAIN_NAME to be your fully qualified domain
+name. This is usually done using:
+ Dmbar.com
+ define(`confDOMAIN_NAME', `$w.$m')dnl
+To use FEATURE(mailertable), you will have to create an external
+database containing the routing information for various domains.
+For example, a mailertable file in text format might be:
+ .my.domain xnet:%1.my.domain
+ uuhost1.my.domain suucp:uuhost1
+ .bitnet smtp:relay.bit.net
+This should normally be stored in /etc/mailertable. The actual
+database version of the mailertable is built using:
+ makemap hash /etc/mailertable.db < /etc/mailertable
+The semantics are simple. Any LHS entry that does not begin with
+a dot matches the full host name indicated. LHS entries beginning
+with a dot match anything ending with that domain name -- that is,
+they can be thought of as having a leading "*" wildcard. Matching
+is done in order of most-to-least qualified -- for example, even
+though ".my.domain" is listed first in the above example, an entry
+of "uuhost1.my.domain" will match the second entry since it is
+more explicit.
+The RHS should always be a "mailer:host" pair. The mailer is the
+configuration name of a mailer (that is, an `M' line in the
+sendmail.cf file). The "host" will be the hostname passed to
+that mailer. In domain-based matches (that is, those with leading
+dots) the "%1" may be used to interpolate the wildcarded part of
+the host name. For example, the first line above sends everything
+addressed to "anything.my.domain" to that same host name, but using
+the (presumably experimental) xnet mailer.
+In some cases you may want to temporarily turn off MX records,
+particularly on gateways. For example, you may want to MX
+everything in a domain to one machine that then forwards it
+directly. To do this, you might use the DNS configuration:
+ *.domain. IN MX 0 relay.machine
+and on relay.machine use the mailertable:
+ .domain smtp:[gateway.domain]
+The [square brackets] turn off MX records for this host only.
+If you didn't do this, the mailertable would use the MX record
+again, which would give you an MX loop.
+The user database was not originally intended for mapping full names
+to login names (e.g., Eric.Allman => eric), but some people are using
+it that way. (I would recommend that you set up aliases for this
+purpose instead -- since you can specify multiple alias files, this
+is fairly easy.) The intent was to locate the default maildrop at
+a site, but allow you to override this by sending to a specific host.
+If you decide to set up the user database in this fashion, it is
+imperative that you not use FEATURE(stickyhost) -- otherwise,
+e-mail sent to Full.Name@local.host.name will be rejected.
+To build the internal form of the user database, use:
+ makemap btree /usr/data/base.db < /usr/data/base.txt
+As a general rule, I am adamantly opposed to using full names as
+e-mail addresses, since they are not in any sense unique. For example,
+the Unix software-development community has two Andy Tannenbaums,
+at least two well-known Peter Deutsches, and at one time Bell Labs
+had two Stephen R. Bournes with offices along the same hallway.
+Which one will be forced to suffer the indignity of being
+Stephen_R_Bourne_2? The less famous of the two, or the one that
+was hired later?
+Finger should handle full names (and be fuzzy). Mail should use
+handles, and not be fuzzy. [Not that I expect anyone to pay any
+attention to my opinions.]
+Plussed users
+ Sometimes it is convenient to merge configuration on a
+ centralized mail machine, for example, to forward all
+ root mail to a mail server. In this case it might be
+ useful to be able to treat the root addresses as a class
+ of addresses with subtle differences. You can do this
+ using plussed users. For example, a client might include
+ the alias:
+ root: root+client1@server
+ On the server, this will match an alias for "root+client1".
+ If that is not found, the alias "root+*" will be tried,
+ then "root".
+ For notes on use LDAP in sendmail, see
+ http://www.stanford.edu/~bbense/Inst.html
+A lot of sendmail security comes down to you. Sendmail 8 is much
+more careful about checking for security problems than previous
+versions, but there are some things that you still need to watch
+for. In particular:
+* Make sure the aliases file isn't writable except by trusted
+ system personnel. This includes both the text and database
+ version.
+* Make sure that other files that sendmail reads, such as the
+ mailertable, are only writable by trusted system personnel.
+* The queue directory should not be world writable PARTICULARLY
+ if your system allows "file giveaways" (that is, if a non-root
+ user can chown any file they own to any other user).
+* If your system allows file giveaways, DO NOT create a publically
+ writable directory for forward files. This will allow anyone
+ to steal anyone else's e-mail. Instead, create a script that
+ copies the .forward file from users' home directories once a
+ night (if you want the non-NFS-mounted forward directory).
+* If your system allows file giveaways, you'll find that
+ sendmail is much less trusting of :include: files -- in
+ particular, you'll have to have /SENDMAIL/ANY/SHELL/ in
+ /etc/shells before they will be trusted (that is, before
+ files and programs listed in them will be honored).
+In general, file giveaways are a mistake -- if you can turn them
+off I recommend you do so.
+There are a large number of configuration options that don't normally
+need to be changed. However, if you feel you need to tweak them, you
+can define the following M4 variables. This list is shown in four
+columns: the name you define, the default value for that definition,
+the option or macro that is affected (either Ox for an option or Dx
+for a macro), and a brief description. Greater detail of the semantics
+can be found in the Installation and Operations Guide.
+Some options are likely to be deprecated in future versions -- that is,
+the option is only included to provide back-compatibility. These are
+marked with "*".
+Remember that these options are M4 variables, and hence may need to
+be quoted. In particular, arguments with commas will usually have to
+be ``double quoted, like this phrase'' to avoid having the comma
+confuse things. This is common for alias file definitions and for
+the read timeout.
+M4 Variable Name Configuration Description & [Default]
+================ ============= =======================
+confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used
+ for internally generated outgoing
+ messages.
+confDOMAIN_NAME $j macro If defined, sets $j. This should
+ only be done if your system cannot
+ determine your local domain name,
+ and then it should be set to
+ $w.Foo.COM, where Foo.COM is your
+ domain name.
+confCF_VERSION $Z macro If defined, this is appended to the
+ configuration version name.
+confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
+ internally generated From: address.
+confRECEIVED_HEADER Received:
+ [$?sfrom $s $.$?_($?s$|from $.$_)
+ $.by $j ($v/$Z)$?r with $r$. id $i$?u
+ for $u; $|;
+ $.$b]
+ The format of the Received: header
+ in messages passed through this host.
+ It is unwise to try to change this.
+confCW_FILE Fw class [/etc/sendmail.cw] Name of file used
+ to get the local additions to the $=w
+ (local host names) class.
+confCT_FILE Ft class [/etc/sendmail.ct] Name of file used
+ to get the local additions to the $=t
+ (trusted users) class.
+confCR_FILE FR class [/etc/mail/relay-domains] Name of
+ file used to get the local additions
+ to the $=R (hosts allowed to relay)
+ class.
+confTRUSTED_USERS Ct class [no default] Names of users to add to
+ the list of trusted users. This list
+ always includes root, uucp, and daemon.
+ See also FEATURE(use_ct_file).
+confSMTP_MAILER - [esmtp] The mailer name used when
+ SMTP connectivity is required.
+ One of "smtp", "smtp8", or "esmtp".
+confUUCP_MAILER - [uucp-old] The mailer to be used by
+ default for bang-format recipient
+ addresses. See also discussion of
+ $=U, $=Y, and $=Z in the MAILER(uucp)
+ section.
+confLOCAL_MAILER - [local] The mailer name used when
+ local connectivity is required.
+ Almost always "local".
+confRELAY_MAILER - [relay] The default mailer name used
+ for relaying any mail (e.g., to a
+ whatever). This can reasonably be
+ "uucp-new" if you are on a
+ UUCP-connected site.
+confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits?
+confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling
+confALIAS_WAIT AliasWait [10m] Time to wait for alias file
+ rebuild until you get bored and
+ decide that the apparently pending
+ rebuild failed.
+confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on
+ queue filesystem to accept SMTP mail.
+ (Prior to 8.7 this was minfree/maxsize,
+ where minfree was the number of free
+ blocks and maxsize was the maximum
+ message size. Use confMAX_MESSAGE_SIZE
+ for the second value now.)
+confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages
+ that will be accepted (in bytes).
+confBLANK_SUB BlankSub [.] Blank (space) substitution
+ character.
+confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately
+ to mailers marked expensive?
+confCHECKPOINT_INTERVAL CheckpointInterval
+ [10] Checkpoint queue files every N
+ recipients.
+confDELIVERY_MODE DeliveryMode [background] Default delivery mode.
+confAUTO_REBUILD AutoRebuildAliases
+ [False] Automatically rebuild alias
+ file if needed.
+confERROR_MODE ErrorMode [print] Error message mode.
+confERROR_MESSAGE ErrorHeader [undefined] Error message header/file.
+confSAVE_FROM_LINES SafeFromLine Save extra leading From_ lines.
+confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode.
+confMATCH_GECOS MatchGECOS [False] Match GECOS field.
+confMAX_HOP MaxHopCount [25] Maximum hop count.
+confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd mode]
+ Ignore dot as terminator for incoming
+ messages?
+confBIND_OPTS ResolverOptions [undefined] Default options for DNS
+ resolver.
+confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME-
+ encapsulated messages per RFC 1344.
+confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward]
+ The colon-separated list of places to
+ search for .forward files. N.B.: see
+ the Security Notes section.
+confMCI_CACHE_SIZE ConnectionCacheSize
+ [2] Size of open connection cache.
+confMCI_CACHE_TIMEOUT ConnectionCacheTimeout
+ [5m] Open connection cache timeout.
+confHOST_STATUS_DIRECTORY HostStatusDirectory
+ [undefined] If set, host status is kept
+ on disk between sendmail runs in the
+ named directory tree. This need not be
+ a full pathname, in which case it is
+ interpreted relative to the queue
+ directory.
+confSINGLE_THREAD_DELIVERY SingleThreadDelivery
+ [False] If this option and the
+ HostStatusDirectory option are both
+ set, single thread deliveries to other
+ hosts. That is, don't allow any two
+ sendmails on this host to connect
+ simultaneously to any other single
+ host. This can slow down delivery in
+ some cases, in particular since a
+ cached but otherwise idle connection
+ to a host will prevent other sendmails
+ from connecting to the other host.
+confUSE_ERRORS_TO* UserErrorsTo [False] Use the Errors-To: header to
+ deliver error messages. This should
+ not be necessary because of general
+ acceptance of the envelope/header
+ distinction.
+confLOG_LEVEL LogLevel [9] Log level.
+confME_TOO MeToo [False] Include sender in group
+ expansions.
+confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when
+ running newaliases. Since this does
+ DNS lookups on every address, it can
+ slow down the alias rebuild process
+ considerably on large alias files.
+confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without
+ special chars are old style.
+confDAEMON_OPTIONS DaemonPortOptions
+ [none] SMTP daemon options.
+confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags.
+confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional
+ copies of all error messages.
+confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function.
+confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr
+ syntax addresses to the minimum
+ possible.
+confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk
+ before forking.
+confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response
+ on the initial connect.
+confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial
+ connect() to complete. This can only
+ shorten connection timeouts; the kernel
+ silently enforces an absolute maximum
+ (which varies depending on the system).
+confTO_ICONNECT Timeout.iconnect
+ [undefined] Like Timeout.connect, but
+ applies only to the very first attempt
+ to connect to a host in a message.
+ This allows a single very fast pass
+ followed by more careful delivery
+ attempts in the future.
+confTO_HELO Timeout.helo [5m] The timeout waiting for a response
+ to a HELO or EHLO command.
+confTO_MAIL Timeout.mail [10m] The timeout waiting for a
+ response to the MAIL command.
+confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response
+ to the RCPT command.
+confTO_DATAINIT Timeout.datainit
+ [5m] The timeout waiting for a 354
+ response from the DATA command.
+confTO_DATABLOCK Timeout.datablock
+ [1h] The timeout waiting for a block
+ during DATA phase.
+confTO_DATAFINAL Timeout.datafinal
+ [1h] The timeout waiting for a response
+ to the final "." that terminates a
+ message.
+confTO_RSET Timeout.rset [5m] The timeout waiting for a response
+ to the RSET command.
+confTO_QUIT Timeout.quit [2m] The timeout waiting for a response
+ to the QUIT command.
+confTO_MISC Timeout.misc [2m] The timeout waiting for a response
+ to other SMTP commands.
+confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout waiting
+ for a command to be issued.
+confTO_IDENT Timeout.ident [30s] The timeout waiting for a response
+ to an IDENT query.
+confTO_FILEOPEN Timeout.fileopen
+ [60s] The timeout waiting for a file
+ (e.g., :include: file) to be opened.
+confTO_QUEUERETURN Timeout.queuereturn
+ [5d] The timeout before a message is
+ returned as undeliverable.
+ Timeout.queuereturn.normal
+ [undefined] As above, for normal
+ priority messages.
+ Timeout.queuereturn.urgent
+ [undefined] As above, for urgent
+ priority messages.
+ Timeout.queuereturn.non-urgent
+ [undefined] As above, for non-urgent
+ (low) priority messages.
+confTO_QUEUEWARN Timeout.queuewarn
+ [4h] The timeout before a warning
+ message is sent to the sender telling
+ them that the message has been deferred.
+confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal
+ [undefined] As above, for normal
+ priority messages.
+confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent
+ [undefined] As above, for urgent
+ priority messages.
+ Timeout.queuewarn.non-urgent
+ [undefined] As above, for non-urgent
+ (low) priority messages.
+confTO_HOSTSTATUS Timeout.hoststatus
+ [30m] How long information about host
+ statuses will be maintained before it
+ is considered stale and the host should
+ be retried. This applies both within
+ a single queue run and to persistent
+ information (see below).
+confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be
+ USE_SYSTEM to use the system's idea,
+ USE_TZ to use the user's TZ envariable,
+ or something else to force that value.
+confDEF_USER_ID DefaultUser [1:1] Default user id.
+confUSERDB_SPEC UserDatabaseSpec
+ [undefined] User database specification.
+confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
+confTRY_NULL_MX_LIST TryNullMXList [False] If we are the best MX for a
+ host and haven't made other
+ arrangements, try connecting to the
+ host directly; normally this would be
+ a config error.
+confQUEUE_LA QueueLA [8] Load average at which queue-only
+ function kicks in.
+confREFUSE_LA RefuseLA [12] Load average at which incoming
+ SMTP connections are refused.
+confMAX_DAEMON_CHILDREN MaxDaemonChildren
+ [undefined] The maximum number of
+ children the daemon will permit. After
+ this number, connections will be
+ rejected. If not set or <= 0, there is
+ no limit.
+confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
+ [undefined] The maximum number of
+ connections permitted per second.
+ After this many connections are
+ accepted, further connections will be
+ delayed. If not set or <= 0, there is
+ no limit.
+ RecipientFactor [30000] Cost of each recipient.
+confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a separate
+ process.
+confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class.
+confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt.
+confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm:
+ Priority, Host, or Time.
+confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job
+ must sit in the queue between queue
+ runs. This allows you to set the
+ queue run interval low for better
+ responsiveness without trying all
+ jobs in each run.
+confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting
+ unlabeled 8 bit input to MIME, the
+ character set to use by default.
+confSERVICE_SWITCH_FILE ServiceSwitchFile
+ [/etc/service.switch] The file to use
+ for the service switch on systems that
+ do not have a system-defined switch.
+confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing
+ "file" type access of hosts names.
+confDIAL_DELAY DialDelay [0s] If a connection fails, wait this
+ long and try again. Zero means "don't
+ retry". This is to allow "dial on
+ demand" connections to have enough time
+ to complete a connection.
+confNO_RCPT_ACTION NoRecipientAction
+ [none] What to do if there are no legal
+ recipient fields (To:, Cc: or Bcc:)
+ in the message. Legal values can
+ be "none" to just leave the
+ nonconforming message as is, "add-to"
+ to add a To: header with all the
+ known recipients (which may expose
+ blind recipients), "add-apparently-to"
+ to do the same but use Apparently-To:
+ instead of To:, "add-bcc" to add an
+ empty Bcc: header, or
+ "add-to-undisclosed" to add the header
+ ``To: undisclosed-recipients:;''.
+confSAFE_FILE_ENV SafeFileEnvironment
+ [undefined] If set, sendmail will do a
+ chroot() into this directory before
+ writing files.
+confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6]
+ If set, colons are treated as a regular
+ character in addresses. If not set,
+ they are treated as the introducer to
+ the RFC 822 "group" syntax. Colons are
+ handled properly in route-addrs. This
+ option defaults on for V5 and lower
+ configuration files.
+confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of
+ any given queue run to this number of
+ entries. Essentially, this will stop
+ reading the queue directory after this
+ number of entries are reached; it does
+ _not_ pick the highest priority jobs,
+ so this should be as large as your
+ system can tolerate. If not set, there
+ is no limit.
+confDONT_EXPAND_CNAMES DontExpandCnames
+ [False] If set, $[ ... $] lookups that
+ do DNS based lookups do not expand
+ CNAME records. This currently violates
+ the published standards, but the IETF
+ seems to be moving toward legalizing
+ this. For example, if "FTP.Foo.ORG"
+ is a CNAME for "Cruft.Foo.ORG", then
+ with this option set a lookup of
+ "FTP" will return "FTP.Foo.ORG"; if
+ clear it returns "Cruft.FOO.ORG". N.B.
+ you may not see any effect until your
+ downstream neighbors stop doing CNAME
+ lookups as well.
+confFROM_LINE UnixFromLine [From $g $d] The From_ line used
+ when sending to files or programs.
+confSINGLE_LINE_FROM_HEADER SingleLineFromHeader
+ [False] From: lines that have
+ embedded newlines are unwrapped
+ onto one line.
+confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that
+ does not include a host name.
+confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full
+ name phrase (@,;:\()[] are automatic).
+confOPERATORS OperatorChars [.:%@!^/[]+] Address operator
+ characters.
+confSMTP_LOGIN_MSG SmtpGreetingMessage
+ [$j Sendmail $v/$Z; $b]
+ The initial (spontaneous) SMTP
+ greeting message. The word "ESMTP"
+ will be inserted between the first and
+ second words to convince other
+ sendmails to try to speak ESMTP.
+confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3)
+ routine will never be invoked. You
+ might want to do this if you are
+ running NIS and you have a large group
+ map, since this call does a sequential
+ scan of the map; in a large site this
+ can cause your ypserv to run
+ essentially full time. If you set
+ this, agents run on behalf of users
+ will only have their primary
+ (/etc/passwd) group permissions.
+confUNSAFE_GROUP_WRITES UnsafeGroupWrites
+ [False] If set, group-writable
+ :include: and .forward files are
+ considered "unsafe", that is, programs
+ and files cannot be directly referenced
+ from such files. World-writable files
+ are always considered unsafe.
+confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress
+ [postmaster] If an error occurs when
+ sending an error message, send that
+ "double bounce" error message to this
+ address.
+confRUN_AS_USER RunAsUser [undefined] If set, become this user
+ when reading and delivering mail.
+ Causes all file reads (e.g., .forward
+ and :include: files) to be done as
+ this user. Also, all programs will
+ be run as this user, and all output
+ files will be written as this user.
+ Intended for use only on firewalls
+ where users do not have accounts.
+confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage
+ [infinite] If set, allow no more than
+ the specified number of recipients in
+ an SMTP envelope. Further recipients
+ receive a 452 error code (i.e., they
+ are deferred for the next delivery
+ attempt).
+confDONT_PROBE_INTERFACES DontProbeInterfaces
+ [False] If set, sendmail will _not_
+ insert the names and addresses of any
+ local interfaces into the $=w class
+ (list of known "equivalent" addresses).
+ If you set this, you must also include
+ some support for these addresses (e.g.,
+ in a mailertable entry) -- otherwise,
+ mail to addresses in this list will
+ bounce with a configuration error.
+confDONT_BLAME_SENDMAIL DontBlameSendmail
+ [safe] Override sendmail's file
+ safety checks. This will definitely
+ compromise system security and should
+ not be used unless absolutely
+ necessary.
+confREJECT_MSG - [550 Access denied] The message
+ given if the access database contains
+ REJECT in the value portion.
+See also the description of OSTYPE for some parameters that can be
+tweaked (generally pathnames to mailers).
+Within this directory are several subdirectories, to wit:
+m4 General support routines. These are typically
+ very important and should not be changed without
+ very careful consideration.
+cf The configuration files themselves. They have
+ ".mc" suffixes, and must be run through m4 to
+ become complete. The resulting output should
+ have a ".cf" suffix.
+ostype Definitions describing a particular operating
+ system type. These should always be referenced
+ using the OSTYPE macro in the .mc file. Examples
+ include "bsd4.3", "bsd4.4", "sunos3.5", and
+ "sunos4.1".
+domain Definitions describing a particular domain, referenced
+ using the DOMAIN macro in the .mc file. These are
+ site dependent; for example, "CS.Berkeley.EDU.m4"
+ describes hosts in the CS.Berkeley.EDU subdomain.
+mailer Descriptions of mailers. These are referenced using
+ the MAILER macro in the .mc file.
+sh Shell files used when building the .cf file from the
+ .mc file in the cf subdirectory.
+feature These hold special orthogonal features that you might
+ want to include. They should be referenced using
+ the FEATURE macro.
+hack Local hacks. These can be referenced using the HACK
+ macro. They shouldn't be of more than voyeuristic
+ interest outside the .Berkeley.EDU domain, but who knows?
+ We've all got our own peccadillos.
+siteconfig Site configuration -- e.g., tables of locally connected
+ UUCP sites.
+The following sections detail usage of certain internal parts of the
+sendmail.cf file. Read them carefully if you are trying to modify
+the current model. If you find the above descriptions adequate, these
+should be {boring, confusing, tedious, ridiculous} (pick one or more).
+RULESETS (* means built in to sendmail)
+ 0 * Parsing
+ 1 * Sender rewriting
+ 2 * Recipient rewriting
+ 3 * Canonicalization
+ 4 * Post cleanup
+ 5 * Local address rewrite (after aliasing)
+ 1x mailer rules (sender qualification)
+ 2x mailer rules (recipient qualification)
+ 3x mailer rules (sender header qualification)
+ 4x mailer rules (recipient header qualification)
+ 5x mailer subroutines (general)
+ 6x mailer subroutines (general)
+ 7x mailer subroutines (general)
+ 8x reserved
+ 90 Mailertable host stripping
+ 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail)
+ 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail)
+ 98 Local part of ruleset 0 (ruleset 8 in old sendmail)
+ 99 Guaranteed null (for debugging)
+ 0 local, prog local and program mailers
+ 1 [e]smtp, relay SMTP channel
+ 2 uucp-* UNIX-to-UNIX Copy Program
+ 3 netnews Network News delivery
+ 4 fax Sam Leffler's HylaFAX software
+ 5 mail11 DECnet mailer
+ A
+ B Bitnet Relay
+ C DECnet Relay
+ D The local domain -- usually not needed
+ E reserved for X.400 Relay
+ F FAX Relay
+ G
+ H mail Hub (for mail clusters)
+ I
+ J
+ K
+ L Luser Relay
+ M Masquerade (who I claim to be)
+ N
+ O
+ P
+ Q
+ R Relay (for unqualified names)
+ S Smart Host
+ T
+ U my UUCP name (if I have a UUCP connection)
+ V UUCP Relay (class V hosts)
+ W UUCP Relay (class W hosts)
+ X UUCP Relay (class X hosts)
+ Y UUCP Relay (all other hosts)
+ Z Version number
+ A
+ B domains that are candidates for bestmx lookup
+ C
+ D
+ E addresses that should not seem to come from $M
+ F hosts we forward for
+ G domains that should be looked up in genericstable
+ H
+ I
+ J
+ K
+ L addresses that should not be forwarded to $R
+ M domains that should be mapped to $M
+ N
+ O operators that indicate network operations (cannot be in local names)
+ P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc.
+ Q
+ R domains we are willing to relay (pass anti-spam filters)
+ S
+ T
+ U locally connected UUCP hosts
+ V UUCP hosts connected to relay $V
+ W UUCP hosts connected to relay $W
+ X UUCP hosts connected to relay $X
+ Y locally connected smart UUCP hosts
+ Z locally connected domain-ized UUCP hosts
+ . the class containing only a dot
+ [ the class containing only a left bracket
+ 1 Local host detection and resolution
+ 2 Local Ruleset 3 additions
+ 3 Local Ruleset 0 additions
+ 4 UUCP Ruleset 0 additions
+ 5 locally interpreted names (overrides $R)
+ 6 local configuration (at top of file)
+ 7 mailer definitions
+ 8
+ 9 special local rulesets (1 and 2)
diff --git a/contrib/sendmail/cf/cf/Build b/contrib/sendmail/cf/cf/Build
new file mode 100755
index 000000000000..3efaffdcdba8
--- /dev/null
+++ b/contrib/sendmail/cf/cf/Build
@@ -0,0 +1,28 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# @(#)Build 8.3 (Berkeley) 5/19/98
+# A quick-and-dirty script to create cf files.
+M4=`sh $BUILDTOOLS/bin/find_m4.sh`
+if [ $ret -ne 0 ]
+ exit $ret
+echo "Using M4=$M4"
+eval exec ${MAKE-make} M4=$M4 $*
diff --git a/contrib/sendmail/cf/cf/Makefile b/contrib/sendmail/cf/cf/Makefile
new file mode 100644
index 000000000000..8b6fb4d64e96
--- /dev/null
+++ b/contrib/sendmail/cf/cf/Makefile
@@ -0,0 +1,143 @@
+# Makefile for configuration files.
+# @(#)Makefile 8.17 (Berkeley) 4/2/98
+# Create configuration files using "m4 ../m4/cf.m4 file.mc > file.cf";
+# this may be easier than tweaking the Makefile. You do need to
+# have a fairly modern M4 available (GNU m4 works). On SunOS, use
+# /usr/5bin/m4.
+M4= m4
+CFDIR= ..
+CHMOD= chmod
+ROMODE= 444
+RM= rm -f
+.SUFFIXES: .mc .cf
+ $(RM) $@
+ $(M4) ${CFDIR}/m4/cf.m4 $*.mc > $@ || ( $(RM) $@ && exit 1 )
+ $(CHMOD) $(ROMODE) $@
+ALL= generic-bsd4.4.cf generic-hpux9.cf generic-hpux10.cf \
+ generic-osf1.cf generic-solaris2.cf \
+ generic-sunos4.1.cf generic-ultrix4.cf \
+ cs-hpux9.cf cs-osf1.cf cs-solaris2.cf \
+ cs-sunos4.1.cf cs-ultrix4.cf \
+ s2k-osf1.cf s2k-ultrix4.cf \
+ chez.cs.cf huginn.cs.cf mail.cs.cf mail.eecs.cf mailspool.cs.cf \
+ python.cs.cf ucbarpa.cf ucbvax.cf vangogh.cs.cf knecht.cf
+all: $(ALL)
+clean cleandir:
+ $(RM) $(ALL) core
+depend install:
+# this is overkill, but....
+ ${CFDIR}/domain/Berkeley.EDU.m4 \
+ ${CFDIR}/domain/CS.Berkeley.EDU.m4 \
+ ${CFDIR}/domain/EECS.Berkeley.EDU.m4 \
+ ${CFDIR}/domain/S2K.Berkeley.EDU.m4 \
+ ${CFDIR}/domain/berkeley-only.m4 \
+ ${CFDIR}/domain/generic.m4 \
+ ${CFDIR}/feature/accept_unqualified_senders.m4 \
+ ${CFDIR}/feature/accept_unresolvable_domains.m4 \
+ ${CFDIR}/feature/access_db.m4 \
+ ${CFDIR}/feature/allmasquerade.m4 \
+ ${CFDIR}/feature/always_add_domain.m4 \
+ ${CFDIR}/feature/bestmx_is_local.m4 \
+ ${CFDIR}/feature/bitdomain.m4 \
+ ${CFDIR}/feature/blacklist_recipients.m4 \
+ ${CFDIR}/feature/loose_relay_check.m4 \
+ ${CFDIR}/feature/domaintable.m4 \
+ ${CFDIR}/feature/genericstable.m4 \
+ ${CFDIR}/feature/limited_masquerade.m4 \
+ ${CFDIR}/feature/local_lmtp.m4 \
+ ${CFDIR}/feature/local_procmail.m4 \
+ ${CFDIR}/feature/mailertable.m4 \
+ ${CFDIR}/feature/masquerade_entire_domain.m4 \
+ ${CFDIR}/feature/masquerade_envelope.m4 \
+ ${CFDIR}/feature/nocanonify.m4 \
+ ${CFDIR}/feature/nodns.m4 \
+ ${CFDIR}/feature/notsticky.m4 \
+ ${CFDIR}/feature/nouucp.m4 \
+ ${CFDIR}/feature/nullclient.m4 \
+ ${CFDIR}/feature/promiscuous_relay.m4 \
+ ${CFDIR}/feature/rbl.m4 \
+ ${CFDIR}/feature/redirect.m4 \
+ ${CFDIR}/feature/relay_based_on_MX.m4 \
+ ${CFDIR}/feature/relay_entire_domain.m4 \
+ ${CFDIR}/feature/relay_hosts_only.m4 \
+ ${CFDIR}/feature/relay_local_from.m4 \
+ ${CFDIR}/feature/smrsh.m4 \
+ ${CFDIR}/feature/stickyhost.m4 \
+ ${CFDIR}/feature/use_ct_file.m4 \
+ ${CFDIR}/feature/use_cw_file.m4 \
+ ${CFDIR}/feature/uucpdomain.m4 \
+ ${CFDIR}/feature/virtusertable.m4 \
+ ${CFDIR}/hack/cssubdomain.m4 \
+ ${CFDIR}/m4/cf.m4 \
+ ${CFDIR}/m4/cfhead.m4 \
+ ${CFDIR}/m4/nullrelay.m4 \
+ ${CFDIR}/m4/proto.m4 \
+ ${CFDIR}/m4/version.m4 \
+ ${CFDIR}/mailer/cyrus.m4 \
+ ${CFDIR}/mailer/fax.m4 \
+ ${CFDIR}/mailer/local.m4 \
+ ${CFDIR}/mailer/mail11.m4 \
+ ${CFDIR}/mailer/pop.m4 \
+ ${CFDIR}/mailer/procmail.m4 \
+ ${CFDIR}/mailer/smtp.m4 \
+ ${CFDIR}/mailer/usenet.m4 \
+ ${CFDIR}/mailer/uucp.m4 \
+ ${CFDIR}/ostype/aix2.m4 \
+ ${CFDIR}/ostype/aix3.m4 \
+ ${CFDIR}/ostype/altos.m4 \
+ ${CFDIR}/ostype/amdahl-uts.m4 \
+ ${CFDIR}/ostype/aux.m4 \
+ ${CFDIR}/ostype/bsd4.3.m4 \
+ ${CFDIR}/ostype/bsd4.4.m4 \
+ ${CFDIR}/ostype/bsdi1.0.m4 \
+ ${CFDIR}/ostype/bsdi2.0.m4 \
+ ${CFDIR}/ostype/dgux.m4 \
+ ${CFDIR}/ostype/domainos.m4 \
+ ${CFDIR}/ostype/dynix3.2.m4 \
+ ${CFDIR}/ostype/gnuhurd.m4 \
+ ${CFDIR}/ostype/hpux10.m4 \
+ ${CFDIR}/ostype/hpux9.m4 \
+ ${CFDIR}/ostype/irix4.m4 \
+ ${CFDIR}/ostype/irix5.m4 \
+ ${CFDIR}/ostype/irix6.m4 \
+ ${CFDIR}/ostype/linux.m4 \
+ ${CFDIR}/ostype/maxion.m4 \
+ ${CFDIR}/ostype/mklinux.m4 \
+ ${CFDIR}/ostype/nextstep.m4 \
+ ${CFDIR}/ostype/osf1.m4 \
+ ${CFDIR}/ostype/powerux.m4 \
+ ${CFDIR}/ostype/ptx2.m4 \
+ ${CFDIR}/ostype/qnx.m4 \
+ ${CFDIR}/ostype/riscos4.5.m4 \
+ ${CFDIR}/ostype/sco-uw-2.1.m4 \
+ ${CFDIR}/ostype/sco3.2.m4 \
+ ${CFDIR}/ostype/solaris2.m4 \
+ ${CFDIR}/ostype/solaris2.ml.m4 \
+ ${CFDIR}/ostype/sunos3.5.m4 \
+ ${CFDIR}/ostype/sunos4.1.m4 \
+ ${CFDIR}/ostype/svr4.m4 \
+ ${CFDIR}/ostype/ultrix4.m4 \
+ ${CFDIR}/ostype/unknown.m4 \
+ ${CFDIR}/ostype/uxpds.m4 \
+ ${CFDIR}/siteconfig/uucp.cogsci.m4 \
+ ${CFDIR}/siteconfig/uucp.old.arpa.m4 \
+ ${CFDIR}/siteconfig/uucp.ucbarpa.m4 \
+ ${CFDIR}/siteconfig/uucp.ucbvax.m4 \
+$(ALL): $(M4FILES)
diff --git a/contrib/sendmail/cf/cf/chez.cs.mc b/contrib/sendmail/cf/cf/chez.cs.mc
new file mode 100644
index 000000000000..9858330bd407
--- /dev/null
+++ b/contrib/sendmail/cf/cf/chez.cs.mc
@@ -0,0 +1,33 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for a specific
+# machine in the Computer Science Division at Berkeley, and should
+# not be used elsewhere. It is provided on the sendmail distribution
+# as a sample only.
+# This file is for a home machine that wants to masquerade as an
+# on-campus machine. Additionally, all addresses without a hostname
+# will be forwarded to that machine.
+VERSIONID(`@(#)chez.cs.mc 8.11 (Berkeley) 5/19/98')
+define(`LOCAL_RELAY', vangogh.CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/clientproto.mc b/contrib/sendmail/cf/cf/clientproto.mc
new file mode 100644
index 000000000000..f0a6ae7d6b23
--- /dev/null
+++ b/contrib/sendmail/cf/cf/clientproto.mc
@@ -0,0 +1,33 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This the prototype for a "null client" -- that is, a client that
+# does nothing except forward all mail to a mail hub. IT IS NOT
+# To use this, you MUST use the nullclient feature with the name of
+# the mail hub as its argument. You MUST also define an `OSTYPE' to
+# define the location of the queue directories and the like.
+# In addition, you MAY select the nocanonify feature. This causes
+# addresses to be sent unqualified via the SMTP connection; normally
+# they are qualifed with the masquerade name, which defaults to the
+# name of the hub machine.
+# Other than these, it should never contain any other lines.
+VERSIONID(`@(#)clientproto.mc 8.12 (Berkeley) 5/19/98')
+FEATURE(nullclient, mailhost.$m)
diff --git a/contrib/sendmail/cf/cf/cs-hpux10.mc b/contrib/sendmail/cf/cf/cs-hpux10.mc
new file mode 100644
index 000000000000..527f9308b990
--- /dev/null
+++ b/contrib/sendmail/cf/cf/cs-hpux10.mc
@@ -0,0 +1,30 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for HP-UX 9.x.
+# It applies only to the Computer Science Division at Berkeley,
+# and should not be used elsewhere. It is provided on the sendmail
+# distribution as a sample only. To create your own configuration
+# file, create an appropriate domain file in ../domain, change the
+# `DOMAIN' macro below to reference that file, and copy the result
+# to a name of your own choosing.
+VERSIONID(`@(#)cs-hpux10.mc 8.10 (Berkeley) 5/19/98')
+define(`MAIL_HUB', mailspool.CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/cs-hpux9.mc b/contrib/sendmail/cf/cf/cs-hpux9.mc
new file mode 100644
index 000000000000..f65505296fec
--- /dev/null
+++ b/contrib/sendmail/cf/cf/cs-hpux9.mc
@@ -0,0 +1,30 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for HP-UX 9.x.
+# It applies only to the Computer Science Division at Berkeley,
+# and should not be used elsewhere. It is provided on the sendmail
+# distribution as a sample only. To create your own configuration
+# file, create an appropriate domain file in ../domain, change the
+# `DOMAIN' macro below to reference that file, and copy the result
+# to a name of your own choosing.
+VERSIONID(`@(#)cs-hpux9.mc 8.11 (Berkeley) 5/19/98')
+define(`MAIL_HUB', mailspool.CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/cs-osf1.mc b/contrib/sendmail/cf/cf/cs-osf1.mc
new file mode 100644
index 000000000000..ba35c04ac687
--- /dev/null
+++ b/contrib/sendmail/cf/cf/cs-osf1.mc
@@ -0,0 +1,29 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for OSF/1.
+# It applies only to the Computer Science Division at Berkeley,
+# and should not be used elsewhere. It is provided on the sendmail
+# distribution as a sample only. To create your own configuration
+# file, create an appropriate domain file in ../domain, change the
+# `DOMAIN' macro below to reference that file, and copy the result
+# to a name of your own choosing.
+VERSIONID(`@(#)cs-osf1.mc 8.10 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/cs-solaris2.mc b/contrib/sendmail/cf/cf/cs-solaris2.mc
new file mode 100644
index 000000000000..395d19fc7aa5
--- /dev/null
+++ b/contrib/sendmail/cf/cf/cs-solaris2.mc
@@ -0,0 +1,29 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for Solaris 2.x.
+# It applies only to the Computer Science Division at Berkeley,
+# and should not be used elsewhere. It is provided on the sendmail
+# distribution as a sample only. To create your own configuration
+# file, create an appropriate domain file in ../domain, change the
+# `DOMAIN' macro below to reference that file, and copy the result
+# to a name of your own choosing.
+VERSIONID(`@(#)cs-solaris2.mc 8.9 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/cs-sunos4.1.mc b/contrib/sendmail/cf/cf/cs-sunos4.1.mc
new file mode 100644
index 000000000000..45dcd124d99f
--- /dev/null
+++ b/contrib/sendmail/cf/cf/cs-sunos4.1.mc
@@ -0,0 +1,29 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for SunOS 4.1.x.
+# It applies only to the Computer Science Division at Berkeley,
+# and should not be used elsewhere. It is provided on the sendmail
+# distribution as a sample only. To create your own configuration
+# file, create an appropriate domain file in ../domain, change the
+# `DOMAIN' macro below to reference that file, and copy the result
+# to a name of your own choosing.
+VERSIONID(`@(#)cs-sunos4.1.mc 8.10 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/cs-ultrix4.mc b/contrib/sendmail/cf/cf/cs-ultrix4.mc
new file mode 100644
index 000000000000..f2a4b423b907
--- /dev/null
+++ b/contrib/sendmail/cf/cf/cs-ultrix4.mc
@@ -0,0 +1,29 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for Ultrix 4.x.
+# It applies only to the Computer Science Division at Berkeley,
+# and should not be used elsewhere. It is provided on the sendmail
+# distribution as a sample only. To create your own configuration
+# file, create an appropriate domain file in ../domain, change the
+# `DOMAIN' macro below to reference that file, and copy the result
+# to a name of your own choosing.
+VERSIONID(`@(#)cs-ultrix4.mc 8.10 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/cyrusproto.mc b/contrib/sendmail/cf/cf/cyrusproto.mc
new file mode 100644
index 000000000000..c660898b738f
--- /dev/null
+++ b/contrib/sendmail/cf/cf/cyrusproto.mc
@@ -0,0 +1,41 @@
+# (C) Copyright 1995 by Carnegie Mellon University
+# All Rights Reserved
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose and without fee is hereby granted,
+# provided that the above copyright notice appear in all copies and that
+# both that copyright notice and this permission notice appear in
+# supporting documentation, and that the name of CMU not be
+# used in advertising or publicity pertaining to distribution of the
+# software without specific, written prior permission.
+# Contributed to Berkeley by John Gardiner Myers <jgm+@CMU.EDU>.
+# This sample mc file is for a site that uses the Cyrus IMAP server
+# exclusively for local mail.
+VERSIONID(`@(#)cyrusproto.mc 8.3 (Carnegie Mellon) @(#)cyrusproto.mc 8.3')
+define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')
+Rbb + $+ < @ $=w . > $#cyrusbb $: $1
diff --git a/contrib/sendmail/cf/cf/generic-bsd4.4.mc b/contrib/sendmail/cf/cf/generic-bsd4.4.mc
new file mode 100644
index 000000000000..106fa31c44dd
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-bsd4.4.mc
@@ -0,0 +1,27 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for 4.4 BSD-based systems,
+# including 4.4-Lite, BSDi, NetBSD, and FreeBSD.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-bsd4.4.mc 8.7 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/generic-hpux10.mc b/contrib/sendmail/cf/cf/generic-hpux10.mc
new file mode 100644
index 000000000000..1a7eda909423
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-hpux10.mc
@@ -0,0 +1,26 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for HP-UX 9.x.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-hpux10.mc 8.8 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/generic-hpux9.mc b/contrib/sendmail/cf/cf/generic-hpux9.mc
new file mode 100644
index 000000000000..6aaf3b65e3de
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-hpux9.mc
@@ -0,0 +1,26 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for HP-UX 9.x.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-hpux9.mc 8.8 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/generic-nextstep3.3.mc b/contrib/sendmail/cf/cf/generic-nextstep3.3.mc
new file mode 100644
index 000000000000..5c81faaf6e7a
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-nextstep3.3.mc
@@ -0,0 +1,26 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for NEXTSTEP 3.3 systems.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-nextstep3.3.mc 8.7 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/generic-osf1.mc b/contrib/sendmail/cf/cf/generic-osf1.mc
new file mode 100644
index 000000000000..2113b927223f
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-osf1.mc
@@ -0,0 +1,26 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for OSF/1.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-osf1.mc 8.8 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/generic-solaris2.mc b/contrib/sendmail/cf/cf/generic-solaris2.mc
new file mode 100644
index 000000000000..1e1aa96a6c43
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-solaris2.mc
@@ -0,0 +1,26 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for SunOS 5.x (a.k.a. Solaris 2.x)
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-solaris2.mc 8.8 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/generic-sunos4.1.mc b/contrib/sendmail/cf/cf/generic-sunos4.1.mc
new file mode 100644
index 000000000000..7e916c15ea88
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-sunos4.1.mc
@@ -0,0 +1,26 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for SunOS 4.1.x.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-sunos4.1.mc 8.8 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/generic-ultrix4.mc b/contrib/sendmail/cf/cf/generic-ultrix4.mc
new file mode 100644
index 000000000000..8c900b86e713
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-ultrix4.mc
@@ -0,0 +1,26 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a generic configuration file for Ultrix 4.x.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+VERSIONID(`@(#)generic-ultrix4.mc 8.8 (Berkeley) 5/19/98')
diff --git a/contrib/sendmail/cf/cf/huginn.cs.mc b/contrib/sendmail/cf/cf/huginn.cs.mc
new file mode 100644
index 000000000000..949e917882d5
--- /dev/null
+++ b/contrib/sendmail/cf/cf/huginn.cs.mc
@@ -0,0 +1,42 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for a specific
+# machine in the Computer Science Division at Berkeley, and should
+# not be used elsewhere. It is provided on the sendmail distribution
+# as a sample only.
+# This file is for the backup CS Division mail server.
+VERSIONID(`@(#)huginn.cs.mc 8.12 (Berkeley) 5/19/98')
+# hosts for which we accept and forward mail (must be in .Berkeley.EDU)
+R< @ $=F . $D . > : $* $@ $>7 $2 @here:... -> ...
+R$* $=O $* < @ $=F . $D . > $@ $>7 $1 $2 $3 ...@here -> ...
+R$* < @ $=F . $D . > $#local $: $1 use UDB
diff --git a/contrib/sendmail/cf/cf/knecht.mc b/contrib/sendmail/cf/cf/knecht.mc
new file mode 100644
index 000000000000..97e5e43eb36a
--- /dev/null
+++ b/contrib/sendmail/cf/cf/knecht.mc
@@ -0,0 +1,71 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is specific to Eric's home machine.
+VERSIONID(`@(#)knecht.mc 8.30 (Berkeley) 6/11/98')
+define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward+$h:$z/.forward')dnl
+define(`confDEF_USER_ID', `mailnull')dnl
+define(`confHOST_STATUS_DIRECTORY', `.hoststat')dnl
+define(`confTO_ICONNECT', `10s')dnl
+define(`confCOPY_ERRORS_TO', `Postmaster')dnl
+define(`confTO_QUEUEWARN', `8h')dnl
+define(`confTRUSTED_USERS', `www')dnl
+define(`confPRIVACY_FLAGS', ``authwarnings,noexpn,novrfy'')dnl
+# Regular expression to reject:
+# * numeric-only localparts from aol.com and msn.com
+# * localparts starting with a digit from juno.com
+# * localparts longer than 10 characters from aol.com
+Kcheckaddress regex -a@MATCH
+ ^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com|.{10}[^<]+<@aol\.com)\.?>
+# Names that won't be allowed in a To: line (local-part and domains)
+C{RejectToLocalparts} friend you
+C{RejectToDomains} public.com
+HTo: $>CheckTo
+R$={RejectToLocalparts}@$* $#error $: "553 Header error"
+R$*@$={RejectToDomains} $#error $: "553 Header error"
+HMessage-Id: $>CheckMessageId
+R< $+ @ $+ > $@ OK
+R$* $#error $: "553 Header error"
+# check address against various regex checks
+R$* $: $>Parse0 $>3 $1
+R$+ $: $(checkaddress $1 $)
+R@MATCH $#error $: "553 Header error"
diff --git a/contrib/sendmail/cf/cf/mail.cs.mc b/contrib/sendmail/cf/cf/mail.cs.mc
new file mode 100644
index 000000000000..1ecf34e2a910
--- /dev/null
+++ b/contrib/sendmail/cf/cf/mail.cs.mc
@@ -0,0 +1,43 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for a specific
+# machine in the Computer Science Division at Berkeley, and should
+# not be used elsewhere. It is provided on the sendmail distribution
+# as a sample only.
+# This file is for the primary CS Division mail server.
+VERSIONID(`@(#)mail.cs.mc 8.15 (Berkeley) 5/19/98')
+define(`confUSERDB_SPEC', ``/usr/local/lib/users.cs.db,/usr/local/lib/users.eecs.db'')dnl
+# hosts for which we accept and forward mail (must be in .Berkeley.EDU)
+R< @ $=F . $D . > : $* $@ $>7 $2 @here:... -> ...
+R$* $=O $* < @ $=F . $D . > $@ $>7 $1 $2 $3 ...@here -> ...
+R$* < @ $=F . $D . > $#local $: $1 use UDB
diff --git a/contrib/sendmail/cf/cf/mail.eecs.mc b/contrib/sendmail/cf/cf/mail.eecs.mc
new file mode 100644
index 000000000000..42d053d70ee1
--- /dev/null
+++ b/contrib/sendmail/cf/cf/mail.eecs.mc
@@ -0,0 +1,43 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for a specific
+# machine in Electrical Engineering and Computer Sciences at Berkeley,
+# and should not be used elsewhere. It is provided on the sendmail
+# distribution as a sample only.
+# This file is for the primary EECS mail server.
+VERSIONID(`@(#)mail.eecs.mc 8.15 (Berkeley) 5/19/98')
+define(`confUSERDB_SPEC', `/usr/local/lib/users.eecs.db,/usr/local/lib/users.cs.db,/usr/local/lib/users.coe.db')dnl
+# hosts for which we accept and forward mail (must be in .Berkeley.EDU)
+R< @ $=F . $D . > : $* $@ $>7 $2 @here:... -> ...
+R$* $=O $* < @ $=F . $D . > $@ $>7 $1 $2 $3 ...@here -> ...
+R$* < @ $=F . $D . > $#local $: $1 use UDB
diff --git a/contrib/sendmail/cf/cf/mailspool.cs.mc b/contrib/sendmail/cf/cf/mailspool.cs.mc
new file mode 100644
index 000000000000..7ae62b24d607
--- /dev/null
+++ b/contrib/sendmail/cf/cf/mailspool.cs.mc
@@ -0,0 +1,36 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for a specific
+# machine in the Computer Science Division at Berkeley, and should
+# not be used elsewhere. It is provided on the sendmail distribution
+# as a sample only.
+# This file is for our mail spool machine. For a while we were using
+# "root.machinename" instead of "root+machinename", so this is included
+# for back compatibility.
+VERSIONID(`@(#)mailspool.cs.mc 8.9 (Berkeley) 5/19/98')
+CDroot sys-custodian
+R$=D . $+ $1 + $2
diff --git a/contrib/sendmail/cf/cf/python.cs.mc b/contrib/sendmail/cf/cf/python.cs.mc
new file mode 100644
index 000000000000..2cb111d0b655
--- /dev/null
+++ b/contrib/sendmail/cf/cf/python.cs.mc
@@ -0,0 +1,41 @@
+# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+# This is a Berkeley-specific configuration file for a specific
+# machine in the Computer Science Division at Berkeley, and should
+# not be used elsewhere. It is provided on the sendmail distribution
+# as a sample only.
+# This file is for a home machine that wants to masquerade as an
+# on-campus machine. Additiona