Table of Contents for

sendmail, 4th Edition

Download the Source on page 42

A more complete explanation of how to validate signature of the source distribution (ed4)

The libsm Directory on page 49

Tests in libsm now require make check (8.14)

confCCLINK on page 73

The confCCLINK Build macro allows the linker to be redefined from the confCC default (8.14)

confMKDIR on page 90

The confMKDIR Build macro defines the program to create installation directories (8.14)

confMSP_STFILE on page 91

The confMSP_STFILE Build macro defines MSP statistics file (8.12.6)

HAS... on page 114

HASCLOSEFROM indicates that you have closefrom(3) (8.13)

HAS... on page 114

HASFDWALK indicates that you have fdwalk(3) (8.13)

MAX... on page 120

MAXINPLINE increased to 12288 to support long AUTH negotiation lines (8.14)

MILTER_NO_NAGLE on page 1172

MILTER_NO_NAGLE turns off nagling for communication with Milters (8.14)

NEED... on page 126

NEEDINTERRNO to say errno is not declared in your system’s errno.h file (8.13)

SASL on page 137

SASL flaw fixed for possible library initialization race condition (8.14)

SM_CONF_LDAP_INITIALIZE on page 143

SM_CONF_LDAP_INITIALIZE to enable ldap_initialize(3) (8.13)

SM_CONF_POLL on page 1172

SM_CONF_POLL for poll(2) instead of select(2) in Milters (8.13)

SOCKETMAP on page 145

SOCKETMAP to enable use of socket database-map type (8.13)

SASL and Your mc File on page 191

AUTH is now more fully explained with more detailed examples (ed4)

Public Key Cryptography on page 199

Public/Private encryption is now explained (ed4)

Set Up Your Certificates on page 206

TLS now includes certificate creation examples (ed4)

Add STARTTLS Support to Your mc File on page 211

The new confCRL m4 macro (8.12)

Pitfalls on page 219

SMTP AUTH information now excluded from bounce email (8.13)

-ba on page 233

Using -ba no longer causes STARTTLS to fail (8.14)

-D on page 239

Write debugging output to a file with -D (8.13)

The -Q command-line switch on page 440

Quarantine an envelope with -Q (8.13)

-v on page 249

The modified -v verbose switch with the MSP (8.13)

The Local_check_ Rule Sets on page 252

HTTP proxy commands immediately cause the server to drop the connection (8.14)

Local_check_relay and check_relay on page 252

Macros which, when defined in check_relay, are maintained for the entire SMTP session (8.14)

FEATURE(dnsbl) on page 261

The dnsbl feature can now also discard or quarantine (8.14)

FEATURE(dnsbl) on page 261

The dnsbl feature now uses the dns database-map type (8.13)

FEATURE(dnsbl) on page 261

The DNSBL_MAP_OPT macro tunes the dnsbl DNS lookup (8.13)

FEATURE(enhdnsbl) on page 263

The enhdnsbl feature can now also discard or quarantine (8.14)

The access Database on page 277

The relaytofulladdress keyword for the access database (8.14)

Rejection Message for REJECT on page 283

The confREJECT_MSG m4 macro no longer inserts quotation marks (8.13)

The check_eom Rule Set on page 258

The check_eom rule set reviews the message’s size (8.14)

FEATURE(badmx)—V8.14 and Later on page 291

The badmx feature rejects clients with bad MX records (8.14)

FEATURE(block_bad_helo)—V8.14 and Later on page 292

The block_bad_helo feature rejects clients with a bad HELO/EHLO hostname (8.14)

FEATURE(greet_pause)—V8.13 and Later on page 293

The greet_pause feature protects from SMTP slamming (8.13)

FEATURE(greet_pause)—V8.13 and Later on page 293

Log the time after which the greet_pause feature triggered (8.14)

FEATURE(greet_pause)—V8.13 and Later on page 293

Do not invoke greet_pause if already rejected (8.14)

FEATURE(greet_pause)—V8.13 and Later on page 293

Don’t log greet_pause if client disconnects because of pause (8.14)

FEATURE(mtamark)—V8.13 and Later, Experimental on page 295

Experimental mtamark feature looks up TXT in in-addr.arpa domain (8.13)

FEATURE(require_rdns)—V8.14 and Later on page 296

The require_rdns feature rejects clients whose IP number cannot be properly resolved (8.14)

FEATURE(use_client_ptr)—V8.13 and Later on page 297

The use_client_ptr feature causes check_relay rule set to use ${client_ptr} (8.13)

Which BIND? on page 324

BIND 9 is now the recommended version (ed4)

Failover MX Servers Result in Spam on page 332

Risks of backup MX servers is discussed (ed4)

How to Use dig on page 338

The dig(1) program replaces the nslookup(1) program (ed4)

The mailstats Program on page 364

The mailstats program’s output includes an msgsqur column (8.13)

-D on page 373

The makemap program’s new -D command-line switch (8.13)

-j on page 388

The vacation program’s new -j command-line switch (8.13)

-R on page 390

The vacation program’s new -R command-line switch (8.13)

Handle Qf Files on page 422

Use -qL to process lost (Qf) files (8.13)

Handle Deep Queues on page 404

Handling deep queues moved from defunct performance chapter (ed4)

Recover from a Full Queue on page 407

Recover from full queues moved from defunct performance chapter (ed4)

Parts of a Queued Message on page 396

The DaemonPortOptions option’s queueLA key affects queue processing (8.14)

Periodically with -q on page 427

The DaemonPortOptions option’s queueLA key affects queue processing (8.14)

Queue Group Limitations on page 418

The DaemonPortOptions option’s queueLA key affects queue processing (8.14)

Persistent Queue Runners with -qp on page 434

All persistent queue runners can restart with SIGHUP to control persistent queue runner (8.14)

Queue Quarantining on page 438

Queue quarantining now officially supported (8.13)

The -qQ command-line switch on page 439

Use -qQ to process quarantined envelopes (8.13)

The -Q command-line switch on page 440

Quarantine an envelope with -Q (8.13)

Pitfalls on page 444

Milter recipient rejection defect and queue group selection fixed (8.14)

q line on page 453

The qf file’s q line holds reason for quarantining the envelope (8.13)

V line on page 457

The qf file’s V line bumped to V8 (8.13)

Timeout.queuereturn (V8.7 and later) on page 1106

The new confTO_QUEUERETURN_DSN mc macro (8.13)

Timeout.queuewarn (V8.7 and later) on page 1107

The new confTO_QUEUEWARN_DSN mc macro (8.13)

RFC2142 Common Mailbox Names on page 474

RFC2142 has been documented in its own section (ed4)

Mail List Etiquette on page 495

Mail list etiquette (ed4)

Other Useful Logging on page 520

A guide to other syslog information in this book (ed4)

action= on page 521

The action= syslog equate (8.12)

milter= on page 524

The milter= syslog equate (8.12)

quarantine= on page 526

The quarantine= syslog equate (8.13)

The -D Debug File Switch on page 535

The new -D command-line switch (8.13)

Table of All -d Categories on page 536

The latest debugging settings have been listed (8.13 and 8.14)

Pitfalls on page 539

-d no longer works with -q (8.13)

The access Database on page 277

The FEATURE(access_db)’s new relaytofulladdress argument allows relaying based on full recipient addresses (8.14)

FEATURE(badmx)—V8.14 and Later on page 291

FEATURE(badmx) rejects a client hostname, the domain part of which resolves to a bad MX record (8.14)

FEATURE(block_bad_helo)—V8.14 and Later on page 292

FEATURE(block_bad_helo) rejects clients who provide a HELO/EHLO argument that is either unqualified or one of the server’s names (8.14)

FEATURE(require_rdns)—V8.14 and Later on page 296

FEATURE(require_rdns) rejects clients whose IP number cannot be properly resolved (8.14)

The LOCAL_UUCP mc Macro on page 609

The LOCAL_UUCP m4 macro adds new rules and rule sets to select a uucp delivery agent (8.13)

FEATURE(conncontrol) on page 619

FEATURE(conncontrol) limits the number of simultaneous connections a client may make to your server (8.13)

FEATURE(nodns) on page 635

Removed FEATURE(nodns) (8.13)

FEATURE(local_lmtp) on page 625

FEATURE(local_lmtp) adds a third, optional argument that supplies the command-line arguments for the mail.local program (8.13)

FEATURE(local_lmtp) on page 625

FEATURE(local_lmtp) the F=f no longer set by default (8.13)

FEATURE(ratecontrol) on page 638

FEATURE(ratecontrol) limits the rate at which clients may connect to your server (8.13)

As of V8.13, rules no longer need to balance on page 653

Rules no longer need to balance special characters (8.13)

srv_features on page 708

The srv_features rule set returns bB to offer/deny use of SMTP VERB, dD to offer/deny DSN, lL to require/not require AUTH authentication, rR to request/not request a certificate, and xX to offer/deny use of SMTP EXPN (8.13)

Use rule sets to quarantine on page 442

The #error agent can now return a $@ quarantine (8.13)

FEATURE(local_lmtp) on page 625

FEATURE(local_lmtp) the F=f no longer set by default (8.13)

L= on page 745

SMTP_MAILER_LL and RELAY_MAILER_LL define L= for smtp and relay delivery agents (8.14)

F=B on page 768

F=B flag strips one leading backslash (8.13)

F=W on page 782

F=W ignores host status for delivery agent (8.13)

${addr_type} on page 803

Existing ${addr_type} now shows envelope/sender for header type addresses too (8.14)

${auth_authen} on page 804

Existing ${auth_authen} has its value xtext-encoded (8.13)

${auth_author} on page 805

Existing ${auth_author} has its value xtext-encoded (8.13)

${client_connections} on page 811

New ${client_connections} counts simultaneous client connections (8.13)

${client_rate} on page 814

New ${client_rate} holds rate of connections from a client (8.13)

${msg_id} on page 834

New ${msg_id} holds Message-Id: header’s value (8.13)

${nbadrcpts} on page 837

New ${nbadrcpts} counts number of rejected recipients (8.13)

${quarantine} on page 841

New ${quarantine} holds reason envelope was quarantined (8.13)

${time} on page 846

New ${time} holds current time in seconds (8.13)

${client_rate} on page 814

New ${total_rate} holds current rate of all connections to your server (8.13)

${client_ptr} on page 813

New ${client_ptr} shows connecting client’s PTR record (8.13)

Classes with mc Configuration on page 866

Two existing class macros, $={tls} and $={src} have been renamed (had their first letter capitalized) to become $={Tls} and $={Src} (8.13)

$=w on page 876

The class $=w is no longer automatically filled with all domain prefixes (8.13)

DNS database-map -B switch on page 908

The -B dns database-map switch specifies a domain to append to all lookups (8.14)

DNS database-map -Z switch on page 908

The -Z dns database-map switch limits the number of returned entries (8.14)

DNS database-map -z switch on page 908

The -z dns database-map switch allows multiple return entries and sets the delimit character for returned entries when multiple entries are returned (8.14)

arith on page 898

The r arith database-map operator returns a random value (8.14)

LDAP default schema for aliases includes recursion on page 914

The LDAP database-map default schema for aliases now includes recursion (8.13)

LDAP default schema for classes includes recursion on page 914

The LDAP database-map default schema for class macros now includes recursion (8.13)

The -H ldap database-map switch on page 915

The -H LDAP database-map switch allows a single expression to replace -h and -p (8.13)

The -K ldap database-map switch (V8.14 and later) on page 916

The -K LDAP database-map switch allows %1 through %9 to appear in the query (8.14)

The -v ldap database-map switch on page 919

The -v LDAP database-map switch now allows LDAP recursion (8.13)

The -w ldap database-map switch on page 921

The -w LDAP database-map switch specifies the LDAP API/protocol version (8.13)

FEATURE(ldap_routing) on page 922

FEATURE(ldap_routing)’s third argument may now be a literal sendertoo to reject nonexistent envelope sender addresses (8.13)

FEATURE(ldap_routing) on page 922

FEATURE(ldap_routing) has had its arguments expanded from four to six; support has been added to suppress an extra lookup of part of an unmatched address and to specify how to handle connection errors to and temporary failures from the LDAP server (8.13)

AuthOptions on page 977

The AuthOptions option’s m flag requires use of mechanisms that support mutual authentication (Server only) (8.13)

AuthRealm on page 978

The AuthRealm option defines the authentication realm that is passed to the Cyrus SASL library (8.13)

CheckpointInterval on page 983

The CheckpointInterval option can no longer have its value raised on the command line by nontrusted users (8.13)

ConnectionCacheSize on page 987

The ConnectionCacheSize and ConnectionCacheTimeout options affect delivery agents that use P=[LPC] for delivery (8.13)

ConnectionRateWindowSize on page 989

The ConnectionRateWindowSize option specifies the window size for the FEATURE(conncontrol) and FEATURE(ratecontrol) features (8.13)

ControlSocketName on page 990

The control socket defined by the ControlSocketName option now accepts an mstat command to display machine-readable stats (8.14)

CRLFile on page 992

The CRLFile option defines the name and location of the file that contains the OpenSSL certificate revocation list (8.13)

DaemonPortOptions=InputFilter= on page 1178

The DaemonPortOptions option’s keyword InputFilter specifies which Milter should process arriving mail on a listening port (8.13)

DaemonPortOptions=children= (8.14 and later) on page 994

The DaemonPortOptions option’s keyword children overrides the setting of the MaxDaemonChildren option for this daemon (8.14)

DaemonPortOptions=delayLA= (8.14 and later) on page 995

The DaemonPortOptions option’s keyword delayLA overrides the setting of the DelayLA option for this daemon (8.14.1)

DaemonPortOptions=DeliveryMode= (8.14 and later) on page 995

The DaemonPortOptions option’s keyword DeliveryMode overrides the setting of the DeliveryMode option for this daemon (8.14)

DaemonPortOptions=Modify= on page 996

The DaemonPortOptions option’s Modify=s tells sendmail to use SMTP over SSL (8.13)

DaemonPortOptions=queueLA= (8.14 and later) on page 997

The DaemonPortOptions option’s keyword queueLA overrides the setting of the QueueLA option for this daemon (8.14)

DaemonPortOptions=refuseLA= (8.14 and later) on page 997

The DaemonPortOptions option’s keyword refuseLA overrides the setting of the RefuseLA option for this daemon (8.14.1)

ErrorMode=w on page 1030

The ErrorMode option’s write mode has been deprecated and removed (8.13); build with -DUSE_TTYPATH=1 to restore

FallBackSmartHost on page 1031

The FallBackSmartHost option defines the fallback host of absolute last resort

HeloName on page 1034

The HeloName option sets the greeting name to use instead of $j for the HELO or EHLO command (8.14)

MaxNOOPCommands on page 1048

The MaxNOOPCommands option overrides the default of 20 for the maximum number of useless commands before slowing down (8.14)

PrivacyOptions=noactualrecipient on page 1067

The PrivacyOptions option’s noactualrecipient setting suppresses X-Actual-Recipient DSN lines for privacy (8.14)

RejectLogInterval on page 1079

The RejectLogInterval option specifies how often an additional message notifying of refusing connections should be logged (8.13)

RequiresDirFsync on page 1082

The RequiresDirfsync option overrides the setting of the REQUIRES_DIR_FSYNC compile-time macro (8.13)

SharedMemoryKeyFile on page 1091

The SharedMemoryKeyFile option allows sendmail to set its own shared memory key and to save that key in a file you specify (8.14)

SoftBounce on page 1094

The SoftBounce option changes all 5yz replies into 4yz for testing (8.14)

StatusFile on page 1095

The StatusFile option may be disabled by undefining STATUS_FILE in your mc file for a slight performance boost (8.14)

Timeout.queuereturn (V8.7 and later) on page 1106

The Timeout.queuereturn option’s dsn addition specifies when to return bounce notifications (8.13)

Timeout.queuewarn (V8.7 and later) on page 1107

The Timeout.queuereturn option’s dsn addition specifies when to time out bounce notifications (8.13)

Milter.macros.data on page 1055

The Milter.macros option’s data specifies the macros to pass to the Milter’s DATA command-handling routine (8.14)

Milter.macros.eom on page 1056

The Milter.macros option’s eom specifies the macros to pass to the Milter’s end-of-message handling routine (8.13)

PidFile on page 1063

The PidFile option now works with all persistent daemons (such as queue runners), is locked to prevent overwrites, and is removed when sendmail exits (8.13)

QueueSortOrder=none (V8.13 and later) on page 1075

The QueueSortOrder option accepts an n setting for “none” which turns off all presorting of the queue (8.13)

SuperSafe on page 1096

The SuperSafe option accepts a PostMilter setting which delays fsync()ing the df file until after all Milters have reviewed the message (8.13)

No balancing with $>+ on page 1133

Header fields are now 8-bit clean (8.14)

No balancing with $>+ on page 1133

Preserve spaces after the colon in a header (V8.14)

No balancing with $>+ on page 1133

Special characters no longer need to balance with $>+ (8.13)

H_RECEIPTTO Header Flag (V8.7 and Later) on page 1141

The Delivery-Receipt-To: header is treated the same as a Return-Receipt-To: header (8.13)

Message-ID: on page 1159

The confMESSAGEID_HEADER mc macro allows the Message-Id: header’s value to be defined (8.13)

${msg_id} on page 834

The new ${msg_id} macro holds Message-Id: header’s value (8.13)

Root Won’t Remove Socket File on page 1179

Root won’t remove a Milter socket file (V8.13)

Milter smfi_addrcpt_par() on page 1186

The Milter smfi_addrcpt_par() routine has been added to add a recipient with additional ESMTP arguments (V8.14)

Milter smfi_chgfrom() on page 1187

The Milter smfi_chgfrom() routine has been added to change the envelope sender (V8.14)

Milter smfi_getsymval() on page 1190

sendmail macros may be passed to xxfi_eom (8.13)

Milter smfi_opensocket() on page 1193

The Milter smfi_opensocket() routine has been added to force an immediate setup for listening (V8.13)

Milter smfi_progress() on page 1193

The Milter smfi_progress() routine has been added to reset the sendmail-to-Milter timeout (V8.13)

Milter smfi_quarantine() on page 1194

The Milter smfi_quarantiime() routine has been added to quarantine messages (V8.13)

Milter smfi_setbacklog() on page 1197

The Milter smfi_setbacklog() routine has been added to tune the size of the listen() queue (V8.13)

Milter smfi_setdbg() on page 1198

The Milter smfi_setdbg() routine has been added to turn on/off Milter-library debugging (V8.13)

Milter smfi_setmlreply() on page 1198

The Milter smfi_setmlreturn() routine has been added to define a multilined error return value (V8.13)

Milter smfi_setreply() on page 1200

The use of a 421 return code and returning a temporary failure to drop a connection now works with xxfi_helo() too.

Milter smfi_setsymlist() on page 1201

The Milter smfi_setsymlist() routine has been added to redefine macros passed to the Milter (V8.14)

Milter smfi_stop() on page 1202

The Milter smfi_stop() routine has been added to provide a graceful exit (V8.13)

Milter smfi_version() on page 1203

The Milter smfi_version() routine has been added to fetch the runtime version, and the meaning of SMFI_VERSION has changed (V8.14)

Milter xxfi_body() on page 1207

The SMFIS_SKIP return code for xxfi_body() is used to stop receiving body chunks, but to still have xxfi_eom() called (8.14)

Milter xxfi_data() on page 1210

The Milter xxfi_data() function is used to handle the DATA command (8.14)

Milter xxfi_header() on page 1217

The Milter xxfi_header() function can elect to receive header values with leading spaces preserved by setting SMFIP_HDR_LEADSPC during xxfi_negotiate() (8.14)

Milter xxfi_negotiate() on page 1220

The Milter xxfi_negotiate() function is used to determine what flags and protocols the connecting sendmail supports (8.14)

Milter xxfi_negotiate() on page 1220

The Milter xxfi_envrcpt() function review rejected recipients by setting SMFIP_RCPT_REJ during xxfi_negotiate() (8.14)

Milter xxfi_unknown() on page 1223

The Milter xxfi_unknown() function is used to review unknown SMTP commands (8.14)