Table of Contents for

sendmail, 4th Edition

Only the local delivery agent is required,^[269] so if that required definition is missing, sendmail prints the following warning message but continues to run:

No local mailer defined.

Four mc configuration macros are available, beginning with V8.10 sendmail, to help you choose the delivery agent you prefer in various situations.

define(`confSMTP_MAILER', `dsmtp')

buildaddr: unknown mailer xsmtp

define(`confUUCP_MAILER', `uucp-dom')

define(`confUUCP_MAILER', `relay')

define(`confLOCAL_MAILER', `newlocal')

define(`confRELAY_MAILER', `uucp-new')

Unfortunately, not all delivery agent equates can be tuned with mc configuration macros. The U= delivery agent equate for the usenet agent is one example. To change such a value, you need to copy the original definition, modify it, and put the modified definition in your local mc configuration file. For example, to add a U= delivery agent equate to the Usenet delivery agent, you might do the following:^[270]

% grep -h Musenet cf/mailer/*
Musenet,    P=USENET_MAILER_PATH, F=USENET_MAILER_FLAGS, S=10, R=20,
            _OPTINS(`USENET_MAILER_MAX', `M=', `, ')T=X-Usenet/X-Usenet/X-Unix,
            A=USENET_MAILER_ARGS $u

Here, the prototype definition for the usenet delivery agent is found. Copy that definition into your mc configuration file and add the missing delivery agent equate:

MAILER(usenet)
MAILER_DEFINITIONS
Musenet,   P=USENET_MAILER_PATH, F=USENET_MAILER_FLAGS, S=10, R=20, U=news:news,
            _OPTINS(`USENET_MAILER_MAX', `M=', `, ')T=X-Usenet/X-Usenet/X-Unix,
            A=USENET_MAILER_ARGS $u

First, the MAILER( ) m4 command causes initial support for the usenet delivery agent to be included. The MAILER_DEFINITIONS section (MAILER_DEFINITIONS on page 716) then introduces your new delivery agent definition. Your new definition follows, and thus replaces, the original definition.

Create a new configuration file, and run grep(1) run to check the result:

% make our.cf
% grep ^Musenet our.cf
Musenet,        P=/usr/lib/news/inews, F=rlsDFMmn, S=10, R=20,
Musenet,        P=/usr/lib/news/inews, F=rlsDFMmn, S=10, R=20, U=news:news,

From time to time you might need to create a brand-new delivery agent. To create a new delivery agent with the mc system, first change to the cf/mailer directory. Copy an existing m4 file, one that is similar to your needs. Then edit that new file, and include it in your configuration file with:

MAILER(newname)

Note that the MAILER mc configuration command automatically prefixes the name with the following (where _CF_DIR_ is described in The _CF_DIR_ m4 Macro on page 588):

_CF_DIR_/mailer/

and adds the suffix .m4, here forming cf/mailer/newname.m4.

Be aware, however, that creation of a new delivery agent is not for the fainthearted. In addition to the delivery agent definition, you might also need to create brand-new S= and R= rules and rule sets.

MAILER_DEFINITIONS
place your new delivery agent definitions here

Deliver to a local cyrus user V8.7 and later

The cyrus and cyrusbb delivery agents are intended for use with the cyrus V2 IMAP server from CMU. If you have upgraded to Cyrus V2, you should skip this section and go to the next one, which describes the cyrusv2 delivery agent. First, note that the local delivery agent must be defined before you can define cyrus:

MAILER(`local')    ← define first
MAILER(`cyrus')    ← define second

The cyrus delivery agent can be used for local delivery, if you use an mc configuration statement such as this:

define(`confLOCAL_MAILER', `cyrus')

The cyrus delivery agent, in addition to performing local delivery, will also recognize local addresses of the form user+where. When found, and if permitted, it will deliver to an existing subfolder of the INBOX on the IMAP server.

Users might or might not have local accounts, but it is assumed that they do not. Thus, if you run IMAP but have some local users who want to receive mail in the local spool, you can set up something such as this:

LOCAL_CONFIG
F{NonCyrus} /etc/mail/NonCyrus

LOCAL_RULE_0
R $={NonCyrus}                    $: $# local $: $1
R $={NonCyrus} < @ $=w . >        $: $# local $: $1

Here, users listed in the file /etc/mail/NonCyrus will have their mail delivered locally even if the local delivery agent is defined as cyrus.

The cyrusbb delivery agent is used to deliver mail to the IMAP bulletin boards so that it can be fetched by imapd(8). Any local user address that begins with bb+ will be delivered for later fetching by IMAP.

The defaults for the cyrus delivery agent are listed in Table 20-2. The mc configuration macros at the left can be used to modify or replace those defaults.

Note that mc configuration macro definitions must always precede the MAILER declaration to which they relate.

The Cyrus IMAP server as well as cyrus and cyrusbb delivery agents are available from:

Deliver to a cyrus IMAP V2 user V8.12 and later

The cyrusv2 delivery agent is intended for use with the Cyrus V2 IMAP server from CMU. It is much like the cyrus delivery agent (described earlier), but it delivers using LMTP via a Unix-domain socket and requires a Cyrus version 2 IMAP server. First note that the local delivery agent must be defined before you can define cyrusv2:

MAILER(`local')    ← define first
MAILER(`cyrusv2')  ← define second

The cyrusv2 delivery agent can be used for local delivery, if you use an mc configuration statement such as this:

define(`confLOCAL_MAILER', `cyrusv2')

The cyrusv2 delivery agent, in addition to performing local delivery, will also recognize local addresses of the form user+where. When found, and if permitted, it will deliver to an existing subfolder of the INBOX on the IMAP server.

The defaults for the cyrusv2 delivery agent are listed in Table 20-3. The mc configuration macros at the left can be used to modify or replace those defaults.

Note that mc configuration macro definitions must always precede the MAILER declaration to which they relate.

The IMAP server and cyrusv2 delivery agent are available from:

Accept and then discard the message V8.9 and later

Prior to V8.9 sendmail, the only way to discard mail was to deliver it to the /dev/null device. Beginning with V8.9, sendmail has the ability to discard messages by delivering them with the discard delivery agent. The discard delivery agent is internally defined by sendmail and should not be defined by a MAILER( ) mc command.

The discard delivery agent is primarily used by FEATURE(access_db) (The access Database on page 277), but it can be used equally well by the various policy rule sets. It is used like this:

R ...           $#discard $: discard

Here, any workspace that matches the LHS will be discarded. The event will be logged if the LogLevel option (LogLevel on page 1040) is 5 or higher.

An example of how to use the discard delivery agent looks like this:

LOCAL_CONFIG
C{Discard_To_Names}   allmyfriends

LOCAL_RULESETS
HTo: $>Screen_To

SScreen_To
R $={Discard_To_Names} @ $*      $# discard $: discard

Here, the value of a To: header (To: on page 1167) is passed to the Screen_To rule set. That rule set compares the user part of the address to the list of usernames in the class {Discard_To_Names}. If any are found (in this instance, only the name allmyfriends will be found), that message is discarded.

Note that when handling spam mail, it can be better to reject the message with the error delivery agent than to discard it with this discard delivery agent. Rejection pushes the handling of bounces back onto the sender.

Perform a policy-based rejection All versions

All versions of sendmail define a special internal delivery agent called error that is designed to aid in the issuance of error messages. It is always available for use in the parse rule set 0, the localaddr rule set 5, and the Local_check and other policy setting rule sets. It cannot be defined with an M command.

Beginning with V8.7, the form for using the error agent in the RHS of a rule looks like this:

R...          $#error $@  dsnstat $: text of error message here

In general terms, the text following the $: is the actual error message that will be included in bounced mail and sent back to a connecting SMTP host. For example, the following rule in the parse rule set 0 would cause all mail to the local user George Washington to bounce:

RGeorge.Washington       $#error 5.1.1 $: 553 George doesn't sleep here anymore

with an error message such as this:

553 5.1.1 <george.washington>... George doesn't sleep here anymore

success.category.detail

R...          $#error $@ success.category.detail  $: text of error message here

R$* < @ evilhost.domain > $*        $#error $@ 5.7.1 $: You are bad, go away

R$* < @ evilhost.domain > $*        $#error $@ 65 $: You are bad, go away
                                                ↑
                                    the value of EX_DATAERR from <sysexits.h >

R$* < @ evilhost.domain > $*        $#error $@ unavailable
 $: You are bad, go away

R...          $#error  $@ 5.0.0 $: george doesn't sleep here anymore

553 5.0.0 <george@wash.dc.gov>... george doesn't sleep here anymore

R...          $#error  $: 450 george doesn't sleep here anymore

R...          $#error $@ 2.1.1 $: 553 ...     ← avoid such conflicts

Deliver with a fax-sending program V8.8 and later

The fax delivery agent is used to deliver mail to a fax-sending program. If you define this delivery agent with:

MAILER(`fax')

any address that ends in .fax is automatically sent to that delivery agent. Thus, to fax mail to a user on the local machine, you might do the following:

To: joe@5554321.fax

This will cause the message to be sent to the faxmail program for delivery to the number 555-4321.^[271] The faxmail program will parse the message for a recipient, and for fax-tuning parameters passed in header lines that begin with x-fax-. It will format and send the result to the hfaxd daemon, which actually communicates with fax modems.

Note that hfaxd and the modems need not exist on the local machine. If you have a central fax server, you can set up all the client machines by defining the FAX_RELAY mc configuration macro to point at that machine:

define(`FAX_RELAY', `fax.your.domain')

With this definition, any mail addressed to an address ending in .fax will be forwarded to fax.your.domain for sending as a fax. Obviously, you will need to have fax-sending software and fax modems installed on that machine.

Note that you should use either MAILER(fax) or FAX_RELAY—not both. If you declare both, the MAILER(fax) will supersede the FAX_RELAY, and all fax mail will be delivered locally.

Another way to handle faxes is to set up aliases for each user that can receive faxes:

userA+fax: "|/usr/local/bin/faxmail -d userA@5551234"
userB+fax: "|/usr/local/bin/faxmail -d userB@5556789"

The defaults for the fax delivery agent are listed in Table 20-6. The mc configuration macros at the left can be used to modify or replace those defaults.

The faxmail program, the hfaxd daemon, and all the other supporting software you need to email faxes is available from ftp://ftp.hylafax.org/.

Also, a number of commercial products are available that allow users to email faxes. They are easily found by searching on the Web.

Internal delivery agents V8.1 and later

The *file* delivery agent (the * characters are part of the name) handles delivery to files. The *include* delivery agent handles delivery through :include: lists. Neither can be considered a true delivery agent, however, because actual delivery is still handled internally by sendmail. Instead, they provide a way to tune delivery agent behavior for these two delivery needs.

The defaults for these delivery agents are predefined. They can be viewed with the following command (note that output lines are wrapped to fit the page):^[272]

% /usr/sbin/sendmail -d0.15 -bt < /dev/null | egrep "file|include"
mailer 1 (*file*): P=[FILE] S=parse/parse R=parse/parse M=0 U=0:0 F=9DEFMPloqsu L=0 E=
\n T=X-Unix/X-Unix/X-Unix r=100 A=FILE $u
mailer 2 (*include*): P=/dev/null S=parse/parse R=parse/parse M=0 U=0:0 F=su L=0 E=\n
T=<undefined>/<undefined>/<undefined> r=100 A=INCLUDE $u

These predefined defaults can be overwritten, however, by declaring *file* and *include* in the configuration file. For example, the following configuration file declaration overrides the internal definition shown earlier, and limits the size of any mail message that is delivered to files to 1 MB:

M*file*, P=[FILE], M=1000000, F=9DEFMPloqsu, T=X-Unix/X-Unix/X-Unix, A=FILE $u

Note that any delivery agent equate that does not default to zero (such as the P=, F=, T=, and A= delivery agent equates) needs to be copied to this configuration file declaration, or the original value will be lost.

A similar change in definition for the mc configuration of V8 sendmail would look like this:

MAILER_DEFINITIONS
M*file*, P=[FILE], M=1000000, F=9DEFMPloqsu, T=X-Unix/X-Unix/X-Unix, A=FILE $u

Final local delivery V8.1 and later

When you enable the local delivery agent with:

MAILER(`local')

you are really enabling two delivery agents—local and prog. The local delivery agent is charged with local, final delivery to a user’s mailbox. The prog delivery agent is used to pipe mail through programs.

Mlocal,         P=/usr/lib/mail.local, F=lsDFMAw5:/|@qPSXfmnz9,
                S=EnvFromSMTP/HdrFromL, R=EnvToL/HdrToL,
                T=DNS/RFC822/SMTP, A=mail.local -l

MAILER(`local')

Mprog,    P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
          T=X-Unix/X-Unix/X-Unix,
          A=sh -c $u

Deliver to DECnet nodes V8.7 and later

The mail11 delivery agent is used to send mail to users on remote DECnet nodes using the mail11(8) program. DECnet addresses are of the form:

host::user

Here, host is the node name of a remote DECnet machine.

You declare support for the mail11 delivery agent in your mc configuration file with the following line:

MAILER(`mail11')

The defaults for the mail11 delivery agent are shown in Table 20-9.

Deliver with phquery program V8.7 and later, deprecated

When using the ph delivery agent, actual delivery is through the phquery(8) program, which looks up user information in the CCSO nameserver database and then injects that mail back into sendmail for delivery.^[273] This program cannot be used by itself because you must also install the qi server, and include your own database of user information.

Support is included in your mc configuration file like this:

MAILER(`local')         ← define first
MAILER(`phquery')       ← define second

Note that the local delivery agent must be defined before you can define phquery.

The defaults for the ph delivery agent are shown in Table 20-10, along with the mc configuration macros used to alter those defaults.

The phquery and qi programs, and links to help with both, are available from:

Deliver using MH’s spop V8.6 and later

When using the pop delivery agent, actual delivery is via the spop(8) program, which provides a way to perform local delivery for any user that does not have a local Unix account. This is handy in a POP universe where it is often undesirable for thousands of POP clients to also have local accounts. It is also useful at sites where security concerns prevent POP-only users from also having Unix accounts.

Support is included in your mc configuration file like this:

MAILER(`local')    ← define this
MAILER(`pop')      ← before this

Note that the local delivery agent must be defined before you can define pop.

The defaults for the pop delivery agent are shown in Table 20-11, along with the mc configuration macros used to alter those defaults.

The spop program is distributed as part of the mh suite of software, and is available from:

Deliver using procmail V8.7 and later

When using the procmail delivery agent, actual delivery is performed by the procmail(1) program, which can be used for local delivery. We described one use of procmail when we described FEATURE(local_procmail) (FEATURE(local_procmail) on page 627). In that example, local_procmail was tuned with LOCAL_ mc configuration macros, but here it is tuned with PROCMAIL_ mc configuration macros.

Support for the procmail delivery agent is included in your mc configuration file like this:

MAILER(`smtp')        ← define first
MAILER(`procmail')    ← define second

Note that the smtp delivery agent must be defined before you can define procmail.

The procmail(1) program can be made to filter mail and even route mail to different files by changing a few configuration file rules. For example, it can be used as a delivery agent to handle inbound bounces for mailing lists by setting up a new rule in the parse rule set 0 that routes all recipients that end in -request for delivery with procmail:

LOCAL_CONFIG
Kisrequest regex -a@MATCH -request$

LOCAL_RULE_0
R $+ < @ $+ >                   $: $(isrequest $1 $) $| $1 <@$2>
R $* @MATCH $| $+ < @ $+ >      $#procmail $@ $3 $: $2
R $* $| $*                      $2

This bit of magic requires that you first declare a regex database-map type (regex on page 932) that will match any user part of an address that ends in -request. Then we use LOCAL_RULE_0 to declare three new rules in the parse rule set 0. The first tries to match -request in the address. The second detects a match and calls the procmail delivery agent. The third restores the original workspace in the event that no match was found.

This solution is only a suggestion and a starting place from which to work out your own solutions. In addition to new maps and rules, you will also have to tune the procmail delivery agent (possibly adding a U= delivery agent equate, U= on page 755) and configure the procmail program to do the right thing with the -request addresses it gets.

The defaults for the procmail delivery agent are shown in Table 20-12, along with the mc configuration macros used to alter those defaults.

The procmail(1) program is available from:

Deliver via a pager V8.10 and later

The qpage delivery agent delivers messages by running the qpage(8) program. The qpage(8) program is part of a client/server software package that allows messages to be sent via an alphanumeric pager.

Support is included in your mc configuration file like this:

MAILER(`qpage')

The defaults for this delivery agent are shown in Table 20-13, along with the mc configuration macros used to alter those defaults.

The qpage program is available from:

Deliver using SMTP V8.1 and later

The five smtp delivery agents all use TCP to connect to other hosts. They are the smtp, esmtp, smtp8, dsmtp, and relay delivery agents. All five start with the same basic defaults, which are shown in Table 20-14. Support for all five is included in your mc configuration file like this:

MAILER(`smtp')

Note that each of the five smtp class delivery agents has it own way of specifying the A= delivery agent equate. That is so that you can run each on a different port if you so desire (The use of $h in A=TCP on page 739).

Deliver through inews V8.4 and later

The usenet delivery agent is used to post messages to Usenet newsgroups by means of the inews program. It is declared like this:

MAILER(`local')       ← define first
MAILER(`usenet')      ← define second

Note that the local delivery agent must be defined before you can define usenet. The preceding declaration causes any mail addresses that end in a literal .usenet to be sent via this delivery agent. This works for addresses that end in .usenet, and addresses that end in .usenet@$=w where the class $=w ($=w on page 876) contains all the names of the hosts that represent the local machine.

The user portion of the address that precedes the .usenet should be the name of the newsgroup to which you are posting, such as comp.mail.sendmail.usenet. The usenet delivery agent calls the inews program to deliver the posting to that newsgroup.

The defaults for the usenet delivery agent are shown in Table 20-15, along with the mc configuration macros used to alter those defaults.

The source for inews is available with the nntp program, which is available in many forms from various sites. Use your web browser to find a version suitable to your needs. One such site is:

These are the same folks who supply the BIND nameserver software.

Deliver using UUCP V8.1 and later

The UUCP delivery agents are used to forward email over UUCP networks. The following declaration enables six delivery agents (although two are synonyms for others, meaning there are really only four):

MAILER(`uucp')

The enabled UUCP delivery agents are shown in Table 20-16.

Note that the smtp delivery agent must be defined first if you want to use uucp-dom and uucp-uudom:

MAILER(`smtp')      ← define first
MAILER(`uucp')      ← define second

Table 20-17 shows the mc configuration macros that are used to change the defaults for all the uucp delivery agents. Changing one will affect all of them.

These delivery agents are described in greater detail in Chapter 17, beginning in UUCP Support on page 606.

LOCAL_UUCP
R$* < @ $={ServerUUCP} . UUCP. > $*        $#uucp-uudom $@ $2 $: $1 < @ $2 .UUCP. >
$3

# resolve locally connected UUCP links
...
        ← New rules added here.
# resolve remotely connected UUCP links (if any)

Set a chroot directory V8.10 and later

There are times when, for security reasons, you might wish to restrict delivery to a chroot(8) hierarchy. You might, for example, wish to restrict local spool delivery to a small subset of the total filesystem. One way to manage such a change is to set up that new directory hierarchy so that it looks something like this:

/secure/etc/passwd
/secure/etc/group
/secure/etc/mail/sendmail.cf
/secure/etc/mail/aliases.db
/secure/etc/mail/access.db
/secure/var/spool/mail
/secure/usr/sbin/sendmail
/secure/var/mqueue
/secure/var/clientmqueue
etc.

If this /= delivery agent equate is declared for the local delivery agent as /=/secure, all local delivery will first cause sendmail to chroot(8) into the /secure hierarchy. If that chroot(8) fails, sendmail will log the failure and continue to chroot(8) into the root directory.

One way to declare the /= delivery agent equate and change the location of mail.local at the same time is like this:

define(`LOCAL_MAILER_PATH', `/bin/mail.local, /=/secure')

Note that other files will have to appear in the /secure hierarchy. A /secure/dev/zero, for example, will be necessary for Solaris-based systems. A Bourne shell will also be necessary (e.g., /secure/bin/sh), as will a local delivery agent, such as /secure/bin/mail.local. Running delivery agents in a chroot(8) environment is not for the fainthearted, and much experimentation will doubtless be required to get it right for your system.

Note that this /= delivery agent equate is intended to run sendmail’s delivery agents in a chroot(8) environment. It is not intended to run sendmail.

The argv for this delivery agent All versions

The program that is to be run (specified by the P= delivery agent equate) is given its C-language char **argv array (list of command-line arguments) by this A= delivery agent equate. This delivery agent equate is traditionally the last one specified because prior to V8.7, the argv arguments were all those from the = to the end of the line:

Mlocal, P=/bin/mail, F=rlsDFMmnP, S=10, R=20, A=mail -d $u
                                                ↑
                                                prior to V8.7, argv to end of line
...

Beginning with V8.7, the A= is treated like any other delivery agent equate, in that it ends at the end of the line or at the first comma. The backslash character can be used as a prefix to embed commas in the A= delivery agent equate.

Macros are expanded and can be used in this argv array. For example:

A=mail -d $u

The A= begins the declaration of the argument array. The program that is specified by the P= delivery agent equate (/bin/mail) will be executed with an argv of:

argv[0] = "mail"
argv[1] = "-d"              ← switch means perform final delivery
argv[2] = "fred"            ← where sendmail macro $u contains fred

The macro value of $u contains the current recipient name or names ($u on page 848). Another sendmail macro that commonly appears in A= fields is $h, the recipient host ($h on page 825). You are, of course, free to use any sendmail macro you find necessary as a part of this argv array. Note that $u is special, in that if it is missing, sendmail will speak SMTP to the delivery agent (The special case of $u in A= on page 740) or LMTP if the delivery agent has the F=z flag set (F=z on page 783). Also note that any arguments in excess of the maximum number defined by MAXPV (MAX... on page 120), usually 40, are silently ignored.

define(`LOCAL_MAILER_ARGS', `put.local -l -d $u')

A=TCP $h

A=TCP hostA:hostB:hostC

A=TCP hostlist  port

Mgateway, P=[IPC], ..., A=TCP gateway.domain $h

R$+ < @ $+ .gateway > $*            $#gateway $@ 26 $: $1 < @ $2 .gateway> $3

Mgateway, P=[IPC], ..., A=TCP $h $P
R$+ < @ $+ .gateway > $*            $#gateway $@ $2 $: $1 < @ $2 .gateway> $3

-MP26

Muucp, P=/bin/uux, F=msDFMhuU, S=13, R=23, A=uux - -r $h!rmail ($u)
                     ↑
                                          ↑
                    note
                  note

uux - -r $h!rmail (jim) (bill) (joe)

define(`confLOCAL_MAILER', `dbd')
MAILER_DEFINITIONS
Mdbd, P=[IPC], F=lsDFMmnqSXzA5@/:|,
               S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
               T=DNS/RFC822/SMTP, A=FILE /var/run/dbd

Default MIME character set V8.7 and later

The C= delivery agent equate (introduced with V8.7 sendmail) is used to define a default character set for use with the MIME Content-Type: header (Content-Type: on page 1154). If it is present, its value supersedes that of the DefaultCharSet option (DefaultCharSet on page 1000).

Note that the C= delivery agent equate is examined only when the delivery agent is selected for an envelope sender address.

When a mail message is converted from 8 to 7 bits (see the EightBitMode option in EightBitMode on page 1025) it is important that the result looks like a MIME message. V8.7 sendmail first outputs the following header (if one is not already present):

MIME-Version: 1.0

Next, V8.7 sendmail looks for a Content-Type: header (Content-Type: on page 1154). If none is found, the following is inserted, where charset is the value declared for the C= delivery agent equate of the sender’s delivery agent:

Content-Type: text/plain; charset=charset

If the argument to C= is missing, the following error is printed and C= becomes undefined:

mailer agent_name: null charset

If the C= delivery agent equate is undefined in your configuration file, charset defaults to the value of the DefaultCharSet option. If both are undefined, the value for charset becomes unknown-8bit.

Delivery agent working directory V8.6 and later

Ordinarily, whenever sendmail executes a program via the prog delivery agent, it does so from within the sendmail queue directory. One unfortunate side effect of this behavior is that shell scripts written with the C shell (and possibly other programs) can fail because they cannot stat(2) the current directory. To alleviate this problem, V8 sendmail introduced the D= delivery agent equate. This equate allows you to specify a series of directories for sendmail to attempt to chdir(2) into before invoking the delivery program.

The form of the D= delivery agent equate looks like this:

D=path1:path2...

The D= is followed by a colon-separated series of directory pathnames. Before running the delivery program, sendmail tries to chdir(2) into each in turn, leftmost to rightmost, until it succeeds. If it does not succeed with any of the directories (perhaps because none of them exists), sendmail remains in its queue directory.

One recommended setting for the D= delivery agent equate is this:

D=$z:/

Here, sendmail first tries to chdir(2) into the directory defined by the $z sendmail macro ($z on page 852). That macro either contains the full pathname of the recipient’s home directory or is NULL. If it is NULL or if the home directory is unavailable, the chdir(2) fails, and sendmail instead does a chdir(2) to the / (root) directory.

In using V8 sendmail’s mc configuration, the value given to D= can be easily changed only for the prog delivery agent, which defaults to:

D=$z:/

For prog it can be redefined by using LOCAL_SHELL_DIR, as, for example:

define(`LOCAL_SHELL_DIR', `$z:/disks/3/secure')     ← this must be
MAILER(`local')                                     ← before this

Here, LOCAL_SHELL_DIR is given a new value before the prog delivery agent is loaded (via the local).

For all other delivery agents you must first copy an existing delivery agent definition, and then modify it as outlined in Tuning Without an Appropriate Keyword on page 715.

If the D= argument is missing, the following error is printed and D= becomes undefined:

mailer agent_name: null working directory

The end-of-line string All versions

The E= delivery agent equate specifies the end-of-line character or characters. Those characters are generated by sendmail for outgoing messages and are recognized by sendmail for incoming messages.

The end-of-line characters are defined with the E= delivery agent equate as backslash-escaped control characters, such as:

E=\r\n

Prior to V8.8, the default end-of-line string, if the E= field was missing, was the C-language newline character, \n.^[277] Beginning with V8.8 sendmail, the default is \n for all except delivery agents that speak SMTP, in which case the default is \r\n.

In general, delivery agents that speak SMTP or LMTP (those that lack a $u in the A= argument array) should have their end-of-line field set to E=\r\n (for a carriage-return/line-feed pair).^[278] Delivery agents that do not speak SMTP (those that include a $u in the A= argument array) should have their end-of-line field set to E=\n (for a lone line-feed character).

In using V8 sendmail’s mc configuration, the value given to E= cannot be easily changed. It is supplied to the MAILER(smtp) delivery agents as \r\n, but it is left as the default \n for all others. If you need to change this value at the mc configuration level, you must first copy an existing delivery agent definition, and then modify it as outlined in Tuning Without an Appropriate Keyword on page 715.

If the E= delivery agent equate’s argument is missing, the following error message is printed and the E= becomes undefined:

mailer agent_name: null end-of-line string

Delivery agent flags All versions

The F= delivery agent equate is probably more fraught with peril than the others. The delivery agent flags specified with F= tell sendmail how the delivery agent will behave and what its needs will be. These delivery agent flags are used in one or more of three ways.

First, if a header definition relies conditionally on a delivery agent flag:

H?P?Return-Path: <$g >
  ↑
  apply if P delivery agent flag is specified in F= delivery agent equate

and if that delivery agent flag is listed as a part of the F= delivery agent equate:

Mlocal, P=/bin/mail, F=rlsDFMmnP, S=10, R=20, A=mail -d $u
                               ↑
                               apply in header

that header is included in all mail messages that are sent via this delivery agent.

Second, if a delivery agent needs a special command-line argument that sendmail can produce for it but requires that argument only under special circumstances, selected F= delivery agent flags can produce that result. For example, the F=f delivery agent flag specifies that the delivery agent needs a -f command-line switch when it is forwarding network mail.

Third, the F= delivery agent flags also tell sendmail how this particular delivery agent behaves. For example, the F= delivery agent flag might specify that it perform final delivery or require that it preserve uppercase for usernames.

Many delivery agent flags have special meaning to sendmail; others are strictly user-defined. All the delivery agent flags are detailed at the end of this chapter (Delivery Agent F= Flags on page 759).

Note that whitespace characters cannot be used as delivery agent flags. Also note that delivery agent flags OR together (they are really just bits), so they can be declared separately, for clarity, as in the following:

F=D,     # include Date: header if not present
F=F,     # include From: header if not present
F=7,     # strip the high-bit when delivering

Or they can be declared all together, with no change in meaning or effect, like this:

F=DF7,

Note that the argument following the F= is optional, and an empty declaration is silently ignored. Also note that the comma can be used as a delivery agent flag by prefixing it with a backslash.

MODIFY_MAILER_FLAGS(`which', `change')

MODIFY_MAILER_FLAGS(`SMTP', `+%')

MODIFY_MAILER_FLAGS(`RELAY', `-a')

MODIFY_MAILER_FLAGS(`SMTP', `mDFMuXa8')

FEATURE(`local_lmtp')                   ← must be first
MODIFY_MAILER_FLAGS(`LOCAL', `-P')

define(`LOCAL_MAILER_FLAGS', `Prmn9f')               ← first
MAILER(`local')                                      ← second

lsDFMAwq5:/|@Prmn9f

LOCAL_MAILER_FLAGS      [Prmn9] The flags used by the local mailer.  The
                        flags lsDFMAw5:/|@q are always included.

Maximum line length V8.1 and later

The L= delivery agent equate is used to limit the length of text lines in the body of a mail message. If this equate is omitted and if the delivery agent has the obsolete F=L delivery agent flag set (F=L on page 775), sendmail defaults to SMTPLINELIM (990) as defined in conf.h (SMTPLINELIM on page 144). If the F=L is clear (as it is in modern configuration files), sendmail defaults to 0 (which means an unlimited line length). The F=L is honored for compatibility with older versions of sendmail that lack this L= delivery agent equate.

Limiting line length causes overly long lines to be split. When an output line is split, the text up to the split is first transmitted, followed by the ! character. After that, the characters defined by the E= delivery agent equate are transmitted. A line can be split into two or more pieces. For example, consider the following text from the body of a mail message:

The maximum line length for SMTP mail is 990 characters.
A delivery agent speaks SMTP when the $u sendmail macro
is omitted from the A= equate.

A delivery agent could limit line length to 20 characters with a declaration of:

L=20

With that limit, the preceding text would be split during transmission into the following lines:

The maximum line len!
gth for SMTP mail is!
990 characters.
A delivery agent spe!
aks SMTP when the $u!
sendmail macro
is omitted from the !
A= equate.

Limiting the line length can be useful for programs that can’t handle long lines, such as a 40-character Braille print-driving program. (But such conversions to shorter lines are probably best left to the specialty delivery agent.)

If the argument to L= is missing or if it evaluates to 0 or less, the maximum line limit is internally set to zero, in which case no limit is enforced.

In using V8 sendmail’s mc configuration, the default for the smtp, dsmtp, esmtp, and smtp8 delivery agents is 990. The default for the relay delivery agent is 2040. The default for all other delivery agents is 0. To change the default at the mc level select the appropriate expression from the following two, for example:

define(`SMTP_MAILER_LL', `4096')       ← smtp, esmtp, smtp8, dsmtp (V8.14 and later)
define(`RELAY_MAILER_LL', `4096')      ← relay (V8.14 and later)

Note that prior to V8.14, you had to copy an existing delivery agent definition and modify it as outlined in Tuning Without an Appropriate Keyword on page 715.

Maximum message size All versions

The M= delivery agent equate is used to limit the total size (header and body combined) of messages handled by a delivery agent. The form for the M= delivery agent equate is:

M=nbytes

Here, nbytes is the ASCII representation of an integer that specifies the largest size in bytes that can be transmitted. If nbytes is missing, or if the entire M= delivery agent equate is missing, nbytes internally becomes zero. If the value is zero, the limit is set by the MaxMessageSize option (MaxMessageSize on page 1047). If both are zero or undeclared, no checking is done for a maximum.

If the size of the message exceeds the limit specified, an error message is returned (bounced) that looks like this:

----- Transcript of session follows -----
 552 5.3.4 <recipient>... Message is too large;  nbytes  bytes max

Bounced mail includes a copy of only the headers. The body is specifically not bounced, even if RET=BODY is requested in the SMTP envelope. The DSN status is set to 5.3.4 (see RFC1893).

This delivery agent equate is usually used with UUCP agents, where the cost of telephone connections is of concern. It can also prove useful in mail to files, where disk space is limited.

define(`UUCP_MAILER_MAX' `1000000')      ← this must be
MAILER(`uucp')                           ← before this

Max messages per connection V8.10 and later

The m= delivery agent equate is used to limit the number of envelopes that can be delivered during any single SMTP or LMTP connection.^[279] This can prove useful because more and more sites on the Internet have started rejecting envelopes after too many have been sent.

For example, consider a malicious user at your site who wants to advertise to thousands of users at aol.com by sending a single envelope to all of them. By defining this m= delivery agent equate to a value of, say, 25, only the first 25 envelopes would be delivered on the initial connection to aol.com. For the 26th, sendmail would have to reestablish the connection to send the next 25. Thousands of envelopes would require a new connection for each group of 25 envelopes, thus slowing the flow and giving you more time to detect the affront.

The way to add this delivery agent equate to your SMTP delivery agents looks like this:

define(`SMTP_MAILER_MAXMSGS', `25')

This m= delivery agent equate can also be used with FEATURE(local_lmtp) (FEATURE(local_lmtp) on page 625), which causes mail.local to accept envelopes via LMTP. This can be useful if your machine receives many envelopes from another machine for local delivery. Instead of expecting mail.local to deliver hundreds of envelopes locally during a single run, you can reduce the stress on your machine by limiting the number of envelopes to a comfortable few. Consider defining the following in your .mc configuration file:

define(`LOCAL_MAILER_MAXMSGS', `50')

Here, mail from a site—say, hotmail.com—would be gathered by sendmail until that site finished sending. Then, sendmail would begin delivering all the local addresses via mail.local and LMTP. After the 50th had been delivered, sendmail would exit its run of mail.local and a new run of mail.local would have to begin.

If m= is defined as zero, or is undefined, there is no limit on the number of envelopes. If m= is defined with a negative value, sendmail will issue no error, and will act as though zero were defined.

define(`UUCP_MAILER_MAXMSGS', `25')         ← this must be
MAILER(`uucp')                              ← before this

How to nice(3) the delivery agent V8.7 and later

The N= delivery agent equate is used to give a delivery agent a higher or lower priority in relation to other processes. In general, this equate is useful only for programs that can affect other programs because of increased system or disk load, or for programs that are affected by others for the same reasons. This mechanism is discussed in the online manual for nice(3).

The form for the N= delivery agent equate looks like this:

N=val

Here, val is a signed integer expression that will set the “niceness” to a positive or negative value. If val is zero or missing, the niceness of the delivery agent is unchanged.

One possible application for the N= delivery agent equate might be with Usenet news. Because news seldom needs to flow as quickly as normal email, its delivery agent (usenet) can be forced to run at a low system priority. Just add a line such as the following to your mc configuration file:

define(`USENET_MAILER_PATH', `/usr/lib/news/inews, N=10')

The path shown should, of course, match the actual location of inews.

Path to the delivery agent All versions

The P= delivery agent equate specifies the full pathname of the program that will act as the delivery agent. The form for the P= delivery agent equate looks like this:

P=path

If path is missing, sendmail will print the following error message and set P= to NULL:

mailer agent_name: empty pathname

The path can also be one of three names that are defined internally to sendmail. Those internally defined names are [IPC], which tells sendmail to forward mail over a kernel-supported (usually TCP/IP) network; [FILE], which tells sendmail to deliver to a file; and [LPC], which is used for debugging.

define(`PROCMAIL_MAILER_PATH', `/usr/local/bin/procmail')    ← this must be
MAILER(`procmail')                                           ← before this

Queue group to use V8.12 and later

Queue groups and the Q= delivery agent equate were introduced in V8.12 sendmail. In Queue Groups (V8.12 and Later) on page 408, we show you how to declare and use queue groups. For example, the following mc configuration line declares a queue group named slowmail, in which we plan to defer SMTP mail:

QUEUE_GROUP(`slowmail', `P=/var/spool/mqueue/slowqueue')

Here, the P= queue-group equate says that the queue for the slowmail queue group will be /var/spool/mqueue/slowqueue.

The Q= delivery agent equate associates a delivery agent with a queue group. For the smtp delivery agent, for example, the following delivery agent equate will cause its queue directory to become /var/spool/mqueue/slowqueue because of the previous queue group declaration:

Q=slowmail

Several mc configuration macros are available with which to declare queue groups for selected delivery agents. For example, the following defines the slowmail queue group, and associates the smtp delivery agent with it:

QUEUE_GROUP(`slowmail', `P=/var/spool/mqueue/slowqueue')
define(`SMTP_MAILER_QGR', `slowmail')
MAILER(`smtp')                                   ← must follow the above two

Whenever you assign a queue-group to a delivery agent, the use of a macro that ends in _MAILER_QGRP must precede the MAILER declaration for that delivery agent.

See the section describing a particular delivery agent to find an appropriate mc macro with which to redefine the Q= for that delivery agent. See Table 20-1 on page 717 for a guide to all delivery agents.

Recipient rewriting rule set All versions

The R= delivery agent equate specifies a rule set to be used for processing all envelope- and header-recipient addresses for a specific delivery agent. Mail messages are always addressed to at least one recipient, but there can be more. The addresses of the recipients are given in the envelope and are usually repeated in the mail message’s header.^[281] The envelope address is given to sendmail in one of three ways: as a command-line argument; as an SMTP RCPT To: command; or as To:, Cc:, and Bcc: headers (if the -t command-line switch is given).^[282] Figure 20-1 shows how the R= rule set fits into the flow of addresses through rule sets.

Figure 20-1. The flow of addresses through rule sets

There are two forms for the R= delivery agent equate. One is the standard form, and the other is an enhanced alternative beginning with V8 sendmail:

R=ruleset             ← legal for all
R=eset/hset           ← legal beginning with V8

In the first case, ruleset specifies the rule set to use in rewriting both headers and the envelope. If that value is zero or if the entire R= delivery agent equate is missing, no rule set is called.

In the second case, two rule sets can be specified.^[283] One rule set is specific to the envelope, and the other is specific to headers. The envelope-specific rule set is the one to the left of the slash; the header-specific rule set is to the right (R=eset/hset). If both values are missing, both default to zero. If only one is missing, the missing value defaults to the other value.

Either rule set can be specified by using names or numbers, or both:

R=Myset                   ← name
R=12                      ← number
R=Myset=12                ← both

See Chapter 19 on page 683 for a description of possible errors and how the new V8.7 symbolic rule set names can be used.

Macros cannot be used in delivery agent rule set specifications. That is:

R=$X                      ← illegal

will not give the expected result. Instead, sendmail will complain about a missing rule set specification.

When using V8 sendmail’s mc configuration, you cannot change or specify R= rule sets. If the need arises, however, you can copy an existing delivery agent definition and then modify it as outlined in Tuning Without an Appropriate Keyword on page 715.

Maximum recipients per envelope V8.12 and later

Normally, sendmail limits the number of outbound SMTP RCPT To: commands allowed per session to the size of the DEFAULT_MAX_RCPT compile-time macro (MAX... on page 120), which is defined as 100 in sendmail/conf.c. When delivering an envelope, sendmail will deliver only the maximum number of recipients on the first try. Any that are left over will be deferred until a later delivery attempt (usually during the same queue run).

One problem with piling many recipients into a single envelope is that some sites on the Internet refuse to accept mail when the envelope contains too many recipients. Another, but opposite, problem is that some sites can accept more than 100 recipients per envelope, and you would prefer to send them as many as they can handle in a single transaction.

One way to limit or expand the number of recipients allowed in an envelope is to use this r= delivery agent equate:

r=val

If val is set to a nonzero value, it changes the limit on the number of recipients allowed to the value specified. If val is less than or equal to zero, the limit is set to the value of the DEFAULT_MAX_RCPT compile-time macro (MAX... on page 120).

Some delivery agents provide mc macros with which to add an r= equate. For example, the following mc configuration lines add that default to the various smtp delivery agents:

define(`SMTP_MAILER_MAXRCPTS', `80')    ← this must be
MAILER(`smtp')                          ← before this

See the section describing a particular delivery agent to find an appropriate mc macro with which to redefine the r= for that delivery agent. See Table 20-1 on page 717 for a guide to all delivery agents.

For some delivery agents, there are no mc configuration macros available to directly give a value to this r= equate. Instead, you can use a bit of sleight of hand to add an r= to a particular delivery agent:

define(`LOCAL_MAILER_PATH', `/usr/lib/mail.local, r=200')    ← this must be
MAILER(`local')                                              ← before this

The LOCAL_MAILER_PATH mc configuration macro (Modify P= using an mc configuration macro on page 750) is usually used to define the path for the local delivery agent. Instead of using it for that reason, here we simply restate the path that appears in the current sendmail.cf file, and add the r= declaration to that path. As with all modifications of delivery agent equates, the modification must precede the MAILER declaration for the corresponding delivery agent.

Sender rewriting rule set All versions

The S= delivery agent equate specifies a rule set to be used for processing both envelope- and header-sender addresses. The sender’s address is given in the envelope and generally repeated in the mail message’s From: header line.^[284] The envelope sender address is given to sendmail in one of four ways: as a -f command-line argument; as an SMTP MAIL From: command; as a From: header; or it can be derived from the identity of the user who ran the program. (Note that the latter two are used only during initial message submission.) Figure 20-2 shows how the S= rule set fits into the flow of addresses through rule sets.

Figure 20-2. The flow of addresses through rule sets

There are two forms for the S= delivery agent equate. One is the standard form, and the other is an enhanced alternative beginning with V8 sendmail:

S=ruleset             ← legal for all
S=eset/hset           ← legal beginning with V8

The first case specifies a rule set (ruleset) that will process both recipient and header addresses. If ruleset is zero or if the entire S= delivery agent equate is missing, no rule set is called.

In the second case, one rule set is specific to the envelope, and the other is specific to headers. The envelope-specific rule is the one to the left of the slash; the header-specific rule is the one to the right (S=eset/hset). If both values are missing, no sender S= processing is done. If only one is missing, the missing value defaults to become the other value. (See Chapter 19 on page 683 for a description of possible errors and how symbolic rule set names can be used.)

Either rule set can be specified using names or numbers or both:

S=Myset                   ← name
S=12                      ← number
S=Myset=12                ← both

See The S Configuration Command on page 683 for a discussion of the various legal ways rule sets can be specified.

Macros cannot be used in delivery agent rule set specifications. That is:

S=$X                      ← illegal

will not give the expected result. Instead, sendmail will complain about a missing rule set specification.

When using V8 sendmail’s mc configuration, you cannot change or specify S= rule sets. If the need arises, however, you can copy an existing delivery agent definition, and then modify it as outlined in Tuning Without an Appropriate Keyword on page 715.

Types for DSN diagnostics V8.7 and later

Beginning with V8.7 sendmail, notification of successful, deferred, or failed delivery is now done by using DSN (see RFC1891). The T= delivery agent equate provides three pieces of required information to DSN. The pieces are separated by the slash character:

T=mta-type/addr-type/diag-type

The first piece, the mta-type, is later supplied to the Reporting-MTA: DSN header as its first argument:

Reporting-MTA: dns; here.us.edu
               ↑
               mta-type here

The second piece, the addr-type, is later supplied to the Final-Recipient: DSN header as its first argument:

Final-Recipient: rfc822; badname@here.us.edu
                 ↑
                 addr-type here

The third piece, the diag-type, is later supplied to the Diagnostic-Code: DSN header as its first argument:

Diagnostic-Code: smtp; 550 <badname@here.us.edu>... User unknown
                 ↑
                 diag-type here

If the P= for a delivery agent is [IPC], an undeclared mta-type defaults to dns, an undeclared addr-type to rfc822, and an undeclared diag-type to smtp. For any other P= the default for an undeclared entry is NULL.

In configuring with the m4 technique, the declarations of the T= delivery agent equates are:

T=X-Phone/X-FAX/X-Unix          ← fax
T=DNS/RFC822/X-Unix             ← cyrus, cyrusv2, local, ph, pop, procmail, qpage
T=DNS/RFC822/SMTP               ← all SMTP and LMTP agents
T=X-Usenet/X-Usenet/X-Unix      ← Usenet
T=X-UUCP/X-UUCP/X-Unix          ← all UUCP agents
T=DNS/X-DECnet/X-Unix           ← mail11
T=X-Unix/X-Unix/X-Unix          ← prog

Other than for the local delivery agent, you cannot change these T= defaults. If the need arises, you can, however, copy an existing delivery agent definition and then modify it as outlined in Tuning Without an Appropriate Keyword on page 715.

Run agent as user-id:group-id V8.7 and later

Prior to V8.7, the user and group identities under which sendmail ran were defined by an elaborate set of properties (described under the F=S delivery agent flag in F=S on page 780). Beginning with V8.7, sendmail now offers the U= delivery agent equate as the means to define those identities. If the U= delivery agent equate is specified, it sets the default user and group identities for the delivery agent and always overrides the values of the DefaultUser option (DefaultUser on page 1000). If the F=S delivery agent flag is not set, any controlling user will override this U= delivery agent equate.

The form of the U= delivery agent equate looks like this:

U=user:group

Here, user is the alphanumeric identity of a user on the local system. The user is looked up with the method defined by the MailboxDatabase option (MailboxDatabase on page 1042).^[285] If user is found, the numeric user-id returned becomes the value used. Otherwise, user, which must be fully numeric, becomes the value used.

The colon,^[286] if present, is followed by the alphanumeric identity of a group on the local system. If group is found in the local group(5) file, the numeric group-id from that file is used. Otherwise, group, which must be fully numeric, becomes the value used. If the colon and group are missing and if user was found when looked up, the value is taken from the group-id returned by the lookup.

Some delivery agents provide mc macros with which to add a U= equate. For example, the following mc configuration lines add that default to the various cyrus delivery agents:

define(`CYRUS_MAILER_USER', `cyrus:nullmail')    ← this must be
MAILER(`cyrus')                                  ← before this

See the section describing a particular delivery agent to find an appropriate mc macro with which to redefine the U= for that delivery agent. See Table 20-1 on page 717 for a guide to all delivery agents.

For some delivery agents, there are no mc configuration macros available to directly give a value to this U= equate. Instead, you can use a bit of sleight of hand to add a U= to a particular delivery agent:

define(`LOCAL_MAILER_PATH', `/usr/lib/mail.local, U=mail:mail')    ← this must be
MAILER(`local')                                                    ← before this

The LOCAL_MAILER_PATH mc configuration macro (Modify P= using an mc configuration macro on page 750) is usually used to define the path for the local delivery agent. Instead of using it for that reason, here we simply restate the path that appears in the current sendmail.cf file, and add the U= declaration to that path. As with all modifications of delivery agent equates, the modification must precede the MAILER declaration for the corresponding delivery agent.

Timeout for a process wait V8.10 and later

When sendmail delivers a message via a local program (such as mail.local, procmail, uux, and the like), sendmail will fork(2) and the child will execute the program. Delivery is usually a pipe connection between sendmail and the program.

Usually programs complete their jobs promptly, and exit. The exit(2) code produced by the program tells sendmail whether the program succeeded. Because the program must exit before sendmail can consider the delivery a success, sendmail must wait(2) for the program to exit.

Some programs, in some circumstances, will delay for an excessively long time before exiting. Consider, for example, the procmail delivery agent. If it is configured to allow delivery over NFS, and the NFS server goes down, the procmail delivery agent can hang for a very long time.

Whenever there is risk that a delivery agent might hang because of system problems, you would be wise to either eliminate that dependency or add this W= delivery agent equate to its definition. To add W= to procmail, for example, you can do the following in your .mc configuration file:

define(`PROCMAIL_MAILER_PATH', `/usr/local/bin/procmail, W=2m')

The argument following W= (the 2m) is a time expression as described in Periodically with -q on page 427. Here, the 2m means two minutes.

When sendmail performs delivery, it cannot simply replace itself with the delivery agent program. Instead, it must fork(2), and the child will replace itself.

If sendmail is running in verbose mode (Verbose on page 1117), it shows that it is about to start this process:

Connecting to delivery agent

If a traffic-logging file was specified with the -X command-line switch (Log Transactions with -X on page 512), sendmail appends the following line to that file:

pid =  == EXEC the expanded A= here

Here, the A= delivery agent equate (A= on page 738) from the delivery agent’s declaration is printed with all its sendmail macros expanded and with the recipients listed.

Next, sendmail creates a pipe so that it will be able to print the email message to the delivery agent and so that it can read errors emitted by the delivery agent. See the -d11 debugging switch (-d11.1 on page 550) for a description of what can go wrong.

If all has gone well, sendmail fork(2)s a copy of itself. The parent then pipes the email message to the child.

When the entire message has been sent, the parent then wait(3)s for the child to complete its work and exit(2)s. The parent collects the exit(2) value from the child and determines delivery success based on that exit value.

The child is the copy of sendmail that will transform into the delivery agent. Before the child can transform, it must perform a few more necessary steps.

If sendmail was compiled with HASSETUSERCONTEXT defined (HAS... on page 114), it calls setusercontext(3) like this:

setusercontext(NULL, pwd,  user-id,  LOGIN_SETRESOURCES|LOGIN_SETPRIORITY);

Here, pwd is a pointer to a structure of type passwd for the user whose user-id is user-id. The user-id is that of the controlling user (Delivery to Files on page 466) or the recipient (F=o on page 777).

The sendmail program next sets its group-id as appropriate. If the DontInitGroups option (DontInitGroups on page 1023) is false, sendmail calls initgroups(3). The group identity used is that described under the DefaultUser option (DefaultUser on page 1000).

If the /= delivery agent equate (/=(forward slash) on page 737) has a non-NULL value, sendmail calls chroot(8) to change its topmost directory into a private directory tree.

If the N= delivery agent equate (N= on page 748) has a nonzero value, sendmail calls nice(3) to “re-nice” the delivery agent to that value.

The sendmail program then sets its user-id. The user identity used is chosen by the mailer F=S and U= equates and the DefaultUser option, as detailed in DefaultUser on page 1000.

The sendmail program then attempts to chdir(2) into one of the directories listed in the D= delivery agent equate (D= on page 741).

Next, sendmail dup(2)s the pipes created in the previous section.

Finally, sendmail calls setsid(2) to become a process-group leader and execve(2) to become the delivery agent. That latter call looks like this:

execve(agent,  argv,   envp);

Here, agent is the full path of the delivery agent as specified in the P= delivery agent equate (P= on page 748). The argument vector (the contents of the A= delivery agent equate with all the sendmail macros expanded and all the recipients added) is passed as argv. The environment is that originally given to sendmail, massaged for security and augmented by the E configuration command (The E Configuration Command on page 156).

If the execve(2) fails, the child exits with an appropriate error code.

Hold delivery until ETRN or -qI or -qR or -qS V8.10 and later

Ordinarily, outbound mail is dispatched as soon as it is handed to sendmail. There are times, however, when mail should not be sent until it is asked for. Consider the typical ISP. Clients who connect over dial-up lines are not necessarily connected when mail arrives for delivery to them. The F=% delivery agent flag has been added to prevent sendmail from trying to discover if there is a connection.

The F=% delivery agent flag, when set, prevents immediate delivery to destination hosts. Instead, sendmail queues all messages. Each destination host must then request delivery using the ETRN command (Process the queue via ESMTP ETRN on page 433) after connecting. One way a client can give the ETRN command is by using the etrn.pl script supplied in the contrib subdirectory of the source distribution.

The local administrator can also cause delivery to occur manually for specific clients with any of the -qI, -qR, or -qS command-line switches (Process by identifier/recipient/sender: -q[ISR] on page 431). Note that a standard queue run (as with -q) will not send messages that have been deferred because of this F=% delivery agent flag.

F= delivery agent flags:Turn off MX lookups for delivery agent V8.8 and later

During the delivery phase of a message, sendmail looks up the destination hostname with DNS and (possibly) redirects delivery to MX hosts, if present. One way (but not the best way) to suppress that MX lookup is to surround the destination hostname with square brackets:

% /usr/ucb/mail -v user@\[mail.us.edu\]

Note that the square brackets are retained as part of the SMTP envelope:

RCPT To:<user@[mail.us.edu]>           ← square brackets retained

The F=0 delivery agent flag is another way to suppress MX lookups. To illustrate, consider using this delivery agent flag with FEATURE(nullclient) (FEATURE(nullclient) on page 637):

FEATURE(`nullclient',`mail.us.edu')

Here, all mail will be forwarded to mail.us.edu. To suppress MX lookups, we could surround the address with square brackets:

FEATURE(`nullclient',`[mail.us.edu]')

But this is unattractive and unnecessary. Instead, we use the F=0 delivery agent flag to achieve the same MX suppression effect:

define(`SMTP_MAILER_FLAGS', `0')        ← prior to V8.10
define(`RELAY_MAILER_FLAGS', `0')       ← prior to V8.10

MODIFY_MAILER_FLAGS(`SMTP', `+0')       ← V8.10 and later
MODIFY_MAILER_FLAGS(`RELAY', `+0')      ← V8.10 and later

FEATURE(`nullclient',`mail.us.edu')

Note that the F=0 delivery agent flag is suitable only for configurations such as nullclient. It can be extremely dangerous to use with any other delivery agents because it will cause necessary MX lookups to be skipped.

Don’t send null bytes V8.10 and later

Prior to V8.10, sendmail would not screen header lines to make sure they contained no null (zero) bytes. Instead, such null bytes were passed through, and sometimes caused misinterpretation of addresses and the like.

It might seem impossible that a null byte could appear in a string, because the C-language string library routines use a null character to terminate all strings. But consider the case of a hexadecimal 0x80 character. Such a character has the high bit set, but when delivery is to a 7-bit-only site, sendmail will strip the high bit from 0x80, leaving behind a new 0x00 value in the middle of a string. A null byte!

Beginning with V8.10, sendmail offers a way to strip such null bytes from headers before sending those headers onward. The F=1 delivery agent flag, when set, tells sendmail to strip all null bytes that it finds from all headers. Note that only the headers in the header portion of the message are screened. MIME headers in the body of the message are not screened.

The F=1 delivery agent flag is not set by default for any delivery agent. To add it, just use the MODIFY_MAILER_FLAGS command (The MODIFY_MAILER_FLAGS mc macro on page 744). In the following, for example, we add it to the smtp class of delivery agents:

MODIFY_MAILER_FLAGS(`SMTP', `+1')

In general, this delivery agent flag should be set for outbound delivery agents and for local, final delivery agents. In both, there is a small vulnerability to forgeries that use the hex 80 value. Consider:

From: friend0x80@spam.site

If the 0x80 were to be converted to a zero, the message might wrongly appear to be from a friend on the local machine.^[289]

Force SMTP even if ESMTP is offered V8.12 and later

When sendmail connects to a remote site, it looks for a literal ESMTP string anywhere in the initial acceptance message:

220 wash.dc.gov ESMTP CommuniGate Pro 3.5.9

If the accepting site says that it can accept extended SMTP by including the ESMTP string, the local sendmail will answer with EHLO instead of HELO.

If you want to limit a particular delivery agent to nonextended SMTP, no matter what the receiving site says, you can do so by defining this F=2 delivery agent flag:

MODIFY_MAILER_FLAGS(`SMTP', `+2')              ← this must be
MAILER(`smtp')                                 ← before this

Here, we add the F=2 delivery agent flag to the smtp class of delivery agents. As with all modifications of delivery agent flags, the modification must precede the MAILER declaration of the delivery agent.

This F=2 flag is most useful with broken MTAs and firewalls. When sendmail connects to such a broken site, that site will print ESMTP in its greeting message. But that ESMTP is incorrect, and when sendmail sends EHLO, the broken site will reject the salutation and drop the connection.

Extend quoted-printable to EBCDIC V8.7 and later

When sendmail is required to convert a message body into quoted-printable form as determined by the EightBitMode option (EightBitMode on page 1025) it ordinarily converts only those characters that are required by RFC1521. Unfortunately, mail that is transmitted to some IBM machines (specifically those that speak EBCDIC instead of ASCII) can become garbled because of the way EBCDIC represents (or fails to represent) certain characters. Those characters are:

! " # $ @ \ [  ] ^ ` { | } ˜

When sending MIME mail to such sites, you should probably set the F=3 delivery agent flag for any delivery agents that handle those sites. Setting this delivery agent flag tells sendmail to encode those characters, in addition to those normally encoded, using quoted-printable.

Note that sendmail does this encoding only if 8-bit characters appear in the message. This delivery agent flag solves one EBCDIC problem but should not be thought of as a general solution for all EBCDIC problems.

Use localaddr rule set 5 after local aliasing V8.7 and later

Prior to V8.7 sendmail, only the local delivery agent could cause the localaddr rule set 5 to be called (The localaddr Rule Set 5 on page 700). The localaddr rule set 5 is called after aliasing and before forwarding, and can be used to select a new delivery agent. Beginning with V8.7, any delivery agent with the F=A delivery agent flag set (F=A on page 767) can cause an address to be looked up in the aliases(5) file. Therefore, any delivery agent that has the F=A and F=5 delivery agent flags set will cause the localaddr rule set 5 to be called as though the agent were the local delivery agent.

In configuration files prior to version 6 (The V Configuration Command on page 580), this delivery agent flag is automatically set for the local delivery agent. Note that addresses that (perhaps artificially) begin with an @ character cause the localaddr rule set 5 to be skipped (The localaddr Rule Set 5 on page 700).

Always strip headers to 7 bits V8.10 and later

Older versions of sendmail strip only the high bit from header characters when transmitting an 8-bit message to a 7-bit-only site. Beginning with V8.10 sendmail, it is possible to use this F=6 delivery agent flag to force sendmail to always strip the high bit from all header characters, no matter what.

This F=6 delivery agent flag is not set by default for any delivery agent.

Strip the high bit when delivering V8.6 and later

Under old versions of sendmail, all lines of text output by sendmail (including the header and body of a message) automatically have the high bit cleared (zeroed) for every character. This behavior remains unchanged under V8 sendmail for configuration file versions 2 or less (The V Configuration Command on page 580). But with version 3 and later configuration files, the message body is transmitted with the high bit intact by default. For those delivery agents that should not allow 8-bit data to be transmitted, you can use the F=7 delivery agent flag to force the old behavior.

Beginning with V8.7, the F=7 delivery agent flag can be used to suppress certain kinds of MIME conversions. For example, if the EightBitMode option (EightBitMode on page 1025) is set to p (pass 8) and if the message contains 8-bit MIME data in its body, this F=7 delivery agent flag will force sendmail to bounce the message with the following SMTP error, and to exit with EX_DATAERR:

554 5.6.3 Cannot send 8-bit data to 7-bit destination

Note that F=7 affects only the message body. Headers always have the high bit cleared.

Force EightBitMode=p MIME encoding V8.7 and later

Beginning with V8.7 sendmail, you can set the EightBitMode option (EightBitMode on page 1025) to m (mimefy) to force all unlabeled 8-bit mail to be converted into MIME-labeled mail.

You can suppress this conversion for particular delivery agents by specifying the F=8 delivery agent flag. This form of suppression has the effect of setting the EightBitMode option to p (pass8) for an individual delivery agent.

Convert 7- to 8-bit if appropriate V8.8 and later

The F=9 delivery agent flag causes the MIME message body of a delivered message to be converted back from either quoted-printable or base64 into its original 8-bit form. The F=9 delivery agent flag is effective only if sendmail was compiled with MIME7TO8 defined (MIME7TO8 on page 123).

Conversion works only on single-part MIME messages. If the Content-Type: header is other than text/plain, no conversion is done. Otherwise, the Content-Transfer-Encoding: header is examined. If the Content-Transfer-Encoding: header type is base64, conversion is done from base64 to 8-bit. Otherwise, if the Content-Transfer-Encoding: header type is quoted-printable, conversion is done from quoted-printable to 8-bit. If the Content-Transfer-Encoding: header type is neither, no conversion is done.

Check for :include: files V8.7 and later

Prior to V8.7 sendmail, only the local delivery agent could recognize the :include: directive for creating mailing lists (:include: Mailing Lists on page 486).

Beginning with V8.7, any delivery agent can be made to recognize the :include: directive by setting the F=: delivery agent flag (or to ignore it by not setting the F=: delivery agent flag). This delivery agent flag allows you to design a local delivery agent without :include: support or local-type clones with :include: support. In configuration files prior to version 6 (The V Configuration Command on page 580), this delivery agent flag is automatically set for the local delivery agent.

This delivery agent flag is legal only for addresses contained in ~/.forward files or aliases(5) databases. Any :include: address in an SMTP dialog or on the command line will be rejected.

Check for |program addresses V8.7 and later

Prior to V8.7 sendmail, only the local delivery agent could recognize the | character as a directive to pipe the mail message through a program (see Delivery Via Programs on page 468 and Piping Through Programs on page 504).

Beginning with V8.7, any delivery agent can be made to accept the leading | character. If the F=| delivery agent flag is present, the delivery agent will accept the leading | character and call the prog delivery agent to pipe the message through a program. If the delivery agent flag is absent, this ability to pipe is prohibited. In general, the F=| delivery agent flag should be present for the local and local-clone delivery agents but absent for all others. In configuration files prior to version 6 (The V Configuration Command on page 580), this delivery agent flag is automatically set for the local delivery agent.

This delivery agent flag is legal only for addresses contained in ~/.forward files or aliases(5) databases. Any |program address in an SMTP dialog or on the command line will be rejected.

Check for /file addresses V8.7 and later

Prior to V8.7 sendmail, only the local delivery agent could recognize a leading / character as a directive to append the mail message to a file (see Delivery Via Programs on page 468 and Piping Through Programs on page 504).

Beginning with V8.7, any delivery agent can be made to accept the leading / character. If the F=/ delivery agent flag is present, the delivery agent will accept a leading / character and call the *file* delivery agent to append the mail message to a file. If the delivery agent flag is absent, this ability to append is prohibited. In general, the F=/ delivery agent flag should be present for the local and local-clone delivery agents but absent for all others. In configuration files prior to version 6 (The V Configuration Command on page 580), this delivery agent flag is automatically set for the local delivery agent.

This delivery agent flag is legal only for addresses contained in ~/.forward files or aliases(5) databases. Any / file address in an SMTP dialog or on the command line will be rejected.

User can be User Database key V8.7 and later

When V8.7 or above sendmail has been compiled with User Database support (userdb on page 942) you can specify this delivery agent flag for a delivery agent and thereby cause that delivery agent to perform a User Database lookup for each address it handles. For sender header and envelope addresses, a User Database mailname keyword is used to perform reverse aliasing. For recipient envelope addresses, a User Database maildrop keyword is used to perform additional forward aliasing.^[290] Note that any address with a leading @ character (in the $: part of the triple returned by the parse rule set 0) causes User Database lookups to be skipped. Also note that the absence of an F=i delivery agent flag (F=i on page 772) suppresses User Database rewriting of the envelope sender.

If the F=@ delivery agent flag is present, the delivery agent will try to use the User Database. If the F=@ delivery agent flag is absent, all User Database lookups are skipped. In general, this delivery agent flag should be present for the local and local-clone delivery agents but absent for all others. In configuration files prior to version 6 (The V Configuration Command on page 580), this delivery agent flag is automatically set for the local delivery agent.

Run extended SMTP protocol V8.6 and later

Most old versions of sendmail run only basic SMTP defined in RFC821. In 1993, that service was extended by RFC1425 (obsoleted by RFC1869) to become Extended SMTP (ESMTP). Beginning with V8 sendmail, you can enable a delivery agent to use ESMTP by specifying the F=a delivery agent flag. This causes sendmail to first try to use the extended form of the HELO command, called EHLO. If that fails to be acknowledged as OK, sendmail tries again with nonextended SMTP. If the initial SMTP server greeting includes a line containing the word ESMTP, the F=a delivery agent flag is assumed. (See also the F=2 flag, F=2 on page 763.)

User can be to the LHS of an alias V8.7 and later

Prior to V8.7 sendmail, only the local delivery agent could cause addresses to be looked up in the aliases(5) database (Local Must Be Local on page 462). Beginning with V8.7 sendmail, any delivery agent that has an F=A delivery agent flag set will cause its $: address to be looked up on the lefthand side of the aliases(5) file.

For example, the F=A delivery agent flag can be used to design a local-clone delivery agent that recognizes certain nonlocal addresses as local for aliasing purposes:^[291]

R$+ <@ FIRE.WALL>     $#firelocal $: $1@fire.wall

This allows an alias file such as the following to legally exist:

George.Washington@fire.wall:   gw@internal.net

For example, as a safety net (and if the F=5 delivery agent flag is also specified), any address that is not found in the aliases(5) database will be passed to the localaddr rule set 5 (The localaddr Rule Set 5 on page 700) where another delivery agent can be selected.

In configuration files prior to version 6 (The V Configuration Command on page 580), the F=A delivery agent flag is automatically set for the local delivery agent.

Add a blank line after message V8.6 and later

Some Unix mailbox formats require a blank line at the end of one message and before the start of the next message. If your local version of /bin/mail does not ensure that this blank line exists, you can use the F=b delivery agent flag. If this delivery agent flag is specified and if the message being sent to the delivery agent lacks a blank line at the end, sendmail adds one. This delivery agent flag is also appropriate for use with the *file* delivery agent.

Strip one leading backslash V8.13 and later

The F=s delivery-agent flag (F=s on page 779) causes sendmail to dequote the recipient’s address before passing it to the selected delivery agent. Dequoting causes all quotation marks (“) and all leading backslashes (\) to be removed. But when a lighter touch is needed, you may use this F=B flag instead, which just removes all leading backslashes. For example:

"\\\user"@relayhost    with F=s becomes
    user@relayhost
"\\\user"@relayhost    with F=B becomes
   "user"@relayhost

Note that because F=B is a subset of F=s, we discourage you from using both flags at the same time.

Exclude comment from $g in headers V8.6 and later

Ordinarily, sendmail tries to preserve all RFC2822 comments in sender addresses (Comments in the Header Field on page 1125). Beginning with V8.7, however, RFC2822-style comments can be stripped by setting this F=c delivery agent flag. (An RFC2822-style comment is one in parentheses or text outside angle brackets.) The sender address, always without a comment and stripped of angle brackets, is placed into $g ($g on page 824) and is used with the -f or -r arguments to A= (F=r on page 778). In assembling headers, the comment is ordinarily restored to $g; but if this F=c delivery agent flag is set, the comment is left out.

The main use for this delivery agent flag is to supply just the address to programs that cannot handle anything else.^[292] Another use might be to suppress disclosure of potentially proprietary information. By adding F=c to the smtp delivery agent, for example, you can cause sender headers that are defined with $g to go out without RFC2822 comments:

From: George Washington (The Prez!) <CX75G@fire.wall>    ← without F=c
From: CX75G@fire.wall                                    ← with F=c

Note that this does no good at all if users send out mail with disclosing headers already present, or if they give out information in signature lines.

Add @domain to recipient All versions

The F=C delivery agent flag causes sendmail to append an @domain extension to any recipient address that lacks one after having been rewritten by the canonify rule set 3. The @domain that is added is copied from the envelope sender’s address.

This F=C delivery agent flag is not looked for in the delivery agent definition that was selected to send the message. Rather, it is looked for in the delivery agent that would be selected if the sender were the recipient (as in the case of bounced mail).

To illustrate, consider the following mail:

From: bill@oursite.edu
To: john@remotesite.gov, alice

The recipient address alice lacks an @domain specification. The sendmail program processes the envelope sender address bill@oursite.edu to decide on a delivery agent definition that can be used if this mail needs to be returned. If that envelope sender’s return mail delivery agent has the F=C delivery agent flag set, the @oursite.edu part of the envelope sender’s address is appended to alice:

From: bill@oursite.edu
To: john@remotesite.gov, alice@oursite.edu

The F=C delivery agent flag is traditionally used for the smtp class of delivery agent that is supposed to always supply an @domain part for all addresses.

Note that the domain part of the envelope sender is used. In our example, the envelope and header sender are the same.

See also FEATURE(always_add_domain) (FEATURE(always_add_domain) on page 616).

Never enclose route addresses in <> V8.7 and later

Ordinarily, V8 sendmail forces envelope-sender route addresses^[293] to be enclosed in angle brackets. But beginning with V8.7 sendmail, angle brackets can be omitted by specifying F=d.

Under some circumstances, it is possible for these angle-bracketed addresses to be given to a shell, causing them to be wrongly viewed as I/O redirection. This problem is most common with the UUCP and prog delivery agents.

Need Date: in header All versions

The F=D delivery agent flag is used by sendmail.cf header commands to force the inclusion of date information:

H?D?Resent-Date: $a
H?D?Date: $a

The F=D delivery agent flag has no special internal meaning to sendmail. It is a convention that is used only in the assorted Date: (Date: on page 1155) header definitions. See F= on page 743 for a general description of this process.

Mark expensive delivery agents All versions

The sendmail.cf HoldExpensive option (HoldExpensive on page 1036) tells sendmail not to connect to expensive delivery agents. Instead, mail destined for those agents is queued for later delivery. This F=e delivery agent flag marks a delivery agent as expensive.

For example, consider a site connected to the Internet over a dial-on-demand ISDN link that costs lots of money per minute. Such a site might want all the Internet mail to be queued and would arrange for that queue to be processed only once every other hour.

Under V8 sendmail, verbose output (watch delivery) cancels the effect of the F=e delivery agent flag (suppresses queueing).^[294] Verbose output is set with the -v command-line switch (-v on page 249) or the Verbose option (Verbose on page 1117).

Change extra From into >From All versions

Many Unix mail-reading programs, such as /usr/ucb/Mail, require that each mail message in a file of many mail messages be delimited from the others by a blank line, and then a line that begins with the five characters "From“:

and thanks again. -- bill               ← one message ends
                                        ← a blank line
From george Fri Dec 13 12:03:45 2002    ← next message starts

This means that any given mail message can have only one line in it that begins with the five characters "From“. To prevent such lines from being improperly fed to such mail delivery agents, sendmail offers the F=E delivery agent flag. This delivery agent flag tells sendmail to insert a > character at the front of all but the first such lines found. Consider the following:

From tim@here.us.edu Fri Dec 13 13:00:03 2002
From now on, let's meet on Saturdays instead of Tuesdays,
like we discussed.

If the F=E delivery agent flag is specified for the delivery agent that delivers the preceding message, sendmail converts it to read:

From tim@here.us.edu Sat Dec 14 13:00:03 2002

>From now on, let's meet on Saturdays instead of Tuesdays,
like we discussed.

This F=E delivery agent flag is rarely needed, and is routinely included only with the *file* delivery agent. Usually, the program specified by the local delivery agent definition handles From line conversions. This delivery agent flag should be used only with delivery agents that handle final local delivery.

Delivery agent adds -f to argv All versions

If sendmail is run with a -f command-line switch (-f on page 241) and if the F=f delivery agent flag is specified, the A= for this delivery agent will have the two additional arguments -f and $g inserted between its argv[0] and argv[1]. For example, if sendmail is run as:

/usr/lib/sendmail -f jim host!bill

and if the delivery agent for sending to host is defined as:

Muucp, P=/bin/uux, F=fmsDFMhuU, S=13, R=23, A=uux - -r $h!rmail ($u)

the f in F=fmsDFMhuU causes the A= of:

A=uux - -r $h@rmail ($u)

to be rewritten as:

A=uux -f $g - -r $h@rmail ($u)

Here, $g is jim from the original command line (but rewritten to be a return address relative to the recipient). The original -f argument jim is first rewritten by the canonify rule set 3, the rule set 1, and then the final rule set 4. The result of those rewrites is placed into $f. The $f sendmail macro is rewritten by the canonify rule set 3, the rule set 1, the S= rule set, and then the final rule set 4, and the result is placed into $g. ($f and $g are described in $g on page 824.)

Note that the F=f and the F=r delivery agent flags are very similar and easily confused.

Need From: in header All versions

The F=F delivery agent flag is used by sendmail.cf header commands to force the inclusion of sender (From) information (F= on page 743):

H?F?Resent-From: $q
H?F?From: $q

The F=F delivery agent flag has no special internal meaning to sendmail. It is a convention that is used only in the assorted From: (From: on page 1157) header definitions. See F= on page 743 for a general description of this process.

Suppress From:<> V8.6 and later

The special address <> is used as the envelope sender when sendmail bounces a mail message. This address is intended to prevent bounced messages from bouncing. Unfortunately, not all configuration files properly handle this form of sender address. The stock SunOS configuration files prior to Solaris 2.3, for example, caused sendmail to enter an endless loop when processing <>. Also, some UUCP implementations get confused when they are executed with command-line arguments of:

-f <>

As an interim measure, until all programs learn to correctly handle the <> address, you can use the F=g delivery agent flag to suppress that address for selected delivery agents. If the F=g delivery agent flag is set for a delivery agent, it uses the value of $g ($g on page 824) in place of the <>, where $g contains $n (usually MAILER-DAEMON, $n on page 836) with an @ and the local domain name appended.

Preserve uppercase in hostname All versions

Some delivery agents, such as those that deal with files, require that the recipient’s hostname be left as is. The hostname portion of the recipient’s address is ordinarily converted to lowercase before being tucked into $h. Specifying the F=h delivery agent flag tells sendmail to not convert that address to lowercase.^[295]

The $h sendmail macro ($h on page 825) is usually used with the A= delivery agent equate of a delivery agent. For example:

Muucp, P=/usr/bin/uux, F=msDFMhuU, A=uux - -r $h!rmail ($u)
                              ↑
                            note

Here, the h in F=msDFMhuU tells sendmail to leave the $h alone and not to convert the hostname in that sendmail macro to lowercase.

User Database sender rewrite of envelope V8.7 and later

The F=@ delivery agent flag (F=@ on page 766) allows all addresses for a given delivery agent to be rewritten by the User Database (userdb on page 942). The F=i delivery agent flag either suppresses that rewrite for the sender envelope (if absent) or allows that rewrite for the sender envelope (if present). For example, consider mail from the user jane:

MAIL From:<jane>        ← SMTP envelope sender
From: jane              ← header sender

Now assume that a User Database entry such as the following exists:

jane:mailname       Jane.Doe

If the F=i delivery agent flag is absent but the F=@ delivery agent flag is present, the envelope-sender address will remain unchanged, but the header-sender address will be rewritten by the User Database:

MAIL From:<jane>        ← SMTP envelope sender
From: Jane.Doe          ← header sender

But if both the F=i and F=@ delivery agent flags are present, the envelope- and header-sender addresses will both be rewritten by the User Database:

MAIL From:<Jane.Doe>    ← SMTP envelope sender
From: Jane.Doe          ← header sender

Send SMTP VERB to other site All versions, deprecated

The F=I delivery agent flag tells the local sendmail to send the following VERB^[296] SMTP command to the receiving sendmail:

VERB                                  ← ours sends
200 2.0.0 Verbose mode                ← recipient replies

The VERB SMTP command causes the receiving sendmail to go into verbose mode and to set its deliver mode to interactive. This has the same effect as would occur if the receiving sendmail had been run with the command-line options -v and -odi set.

The F=I delivery agent flag is intended as an aid in debugging a remote receiving site’s sendmail. The VERB SMTP command causes that remote site to run in verbose mode. By temporarily adding the F=I delivery agent flag to a delivery agent’s definition and then running sendmail locally with the -v command-line argument, you can watch both the local and the remote site’s verbose output. Each line of the remote site’s verbose output will be seen locally, prefixed with 050.

Note that if the PrivacyOptions option on the remote site’s sendmail is set to noexpn (PrivacyOptions=noexpn on page 1067) or noverb (PrivacyOptions=noverb on page 1068), that site’s response to the VERB SMTP command will be this rejection:

502 5.7.0 Verbose unavailable

Also note that if the other side is not running sendmail, you might see other errors:

501 No argument given in VERB command.  ← PMDF V5.0
250 Ok                                  ← post.office v1.9.1 (but ignores the
request)

In both of these cases, the request to the other machine to go into verbose mode has failed.

User Database rewrite of header recipient addresses V8.7 and later

If sendmail was compiled with User Database support (userdb on page 942) and if that database is being used (UserDatabaseSpec on page 1116), you can have sendmail rewrite header recipient addresses using that database. The F=j delivery agent flag tells sendmail to look up recipient addresses in the User Database (using the mailname keyword). If an appropriate entry is found, it is used in place of the original address in the recipient headers. The process is the same as that described for the F=i delivery agent flag, except that it is used here for recipient headers.

Don’t check for loops in EHLO/HELO V8.7 and later

When another host connects to the local host and that other host claims to have the same canonical name as the local host, it should be considered an error. In V8.6 sendmail, setting the CheckLoopBack variable in conf.c determined whether this error was detected. But beginning with V8.7 sendmail, this check is based on the delivery agent. If the F=k delivery agent flag is absent, the check is done. If the F=k delivery agent flag is present, the check is skipped.

The check is performed only for SMTP connections. The literal canonical name given in the connecting host’s HELO or EHLO response is compared to the canonical name for the local host. If they are the same, the following error is printed, and the connection is disallowed:

553 5.3.5 host config error: mail loops back to myself            ← V8.6
553 5.3.5 host config error: mail loops back to me (MX problem?) ← V8.7 and later

Here, host is the name of the offending host.

A problem can arise at sites that run two different invocations of sendmail (one for SMTP connections and another for command-line invocation, where each uses a different configuration file). In this instance, when the latter connects to the former, this error can occur. Such sites might find it necessary to set the F=k delivery agent flag for the delivery agent that handles SMTP connections (usually smtp). With an mc configuration, the following command does just that:

define(`SMTP_MAILER_FLAGS',`k')                ← prior to V8.10
MODIFY_MAILER_FLAGS(`SMTP', `+k')              ← V8.10 and later
MAILER(`smtp')                                 ← must be last

Note that sendmail must recognize its local hostname among many possible names. See $=w on page 876 for a discussion of $=w and MX records.

Agent performs local (final) delivery All versions

The F=l delivery agent flag tells sendmail that this delivery agent will be performing final delivery (usually on the local machine). This notification affects sendmail’s behavior in five ways.

First, it enables the DSN notify-on-success mechanism.^[297] That is, if the message were received via SMTP with the envelope:

RCPT To: <user@here.us.edu> NOTIFY=SUCCESS

or via the command line with a -Nsuccess command-line switch, sendmail (upon final local delivery) returns to the original sender an email message acknowledging receipt. This mechanism should be used sparingly.

Second, the F=l delivery agent flag allows sendmail to ignore any host part of the triple returned by the parse rule set 0. Ordinarily, the $@ operator must appear in the RHS for all delivery agents selected. If no host is selected by $@, sendmail prints this error and bounces the message:

554 5.3.5 buildaddr: no host

But because the host is not always needed for final delivery, the presence of the F=l delivery agent flag tells sendmail to silently ignore a missing host part.

Third, the F=l delivery agent flag influences how undeliverable mail will be handled. When the ErrorMode option (ErrorMode on page 1028) is q (quiet), such mail is usually reported in the sendmail program’s exit(2) status (sendmail’s exit( ) Status on page 228). With the F=l delivery agent flag set for the envelope sender address, the undeliverable message will instead be appended to ~/dead.letter for a local sender or mailed back for a remote sender.

Fourth, the F=l delivery agent flag allows the address in the From: header to be compared to the address that sendmail would create if it was going to add the From: header. If the two addresses are the same, the From: header is dropped and a new one is created. This allows sendmail to correct for mh(1), which sometimes fails to add full name information.

Fifth, if the sender address selects a delivery agent with this F=l flag set, and if the sender changed the sender address using a -f command-line switch, and if the sender’s name is not found in the class $=t, sendmail will issue the following X-Authentication-Warning: header:

X-Authentication-Warning: sender set sender to new address using -f

In general, the F=l delivery agent flag should always be specified for the local, prog, and *file* delivery agents.

Note that the processing of a user’s ~/.forward file is no longer tied to the local delivery agent, nor to this F=l delivery agent flag. The ability to look in a user’s ~/.forward file is now determined by the F=w delivery agent flag (F=w on page 781).

Specify SMTP line limits Obsolete as of V8.8

Prior to V8.8 sendmail, this F=L delivery agent flag caused sendmail to split output lines in the message body so that they did not exceed 990 characters, and always caused sendmail to clear the most significant bit of the characters in those lines.

Beginning with V8.8 sendmail, F=L emulates this old behavior under certain conditions. F=L causes sendmail to assign L= a default value of 990, if it is missing one (L= on page 745), and (if the configuration file level is 1 or less) to set the F=7 delivery agent flag.

Allow delivery to multiple recipients All versions

Whenever the sendmail program executes the program specified by the P= delivery agent equate (P= on page 748), that program is given its argv vector as specified by the A= delivery agent equate (A= on page 738). As the last step in building that argv, sendmail appends one or more recipient addresses.

The decision as to whether it appends one address or many is determined by the F=m delivery agent flag. If this flag is absent, the delivery agent is given only one recipient. Otherwise, if it is present, the delivery agent can be given many recipients (subject to any limitation imposed by the MaxRecipientsPerMessage option, MaxRecipientsPerMessage on page 1050). In either case, if there are more recipients than argv can accept, the delivery agent is rerun as many times as is necessary to handle them all.

Note that sendmail is able to distinguish only between failures involving one, many, or all of the recipients when it is delivering with SMTP or LMTP. Otherwise, it judges delivery as successful if a zero exit(2) value is returned by a delivery agent. If the delivery agent fails to deliver to one of many recipients, it exits with a nonzero value, and because of that single failure, sendmail will presume that delivery to all recipients failed. If the error is temporary, this can result in duplicate delivery to each recipient listed prior to the bad recipient.

Need Message-ID: in header All versions

The F=M delivery agent flag is used by sendmail.cf header commands to force the inclusion of message identification information (F= on page 743):

H?M?Resent-Message-ID: <$t.$i@$j>
H?M?Message-ID: <$t.$i@$j>

The F=M delivery agent flag has no special internal meaning to sendmail. It is a convention that is used only in the assorted Message-ID: (Message-ID: on page 1159) header definitions. See F= on page 743 for a general description of this process.

Note that the Message-ID: header definition should always be included in the sendmail.cf file because many software packages expect the presence of that header.

Don’t use Unix-style From in header All versions

The Unix-style mailbox (a single file into which many mail messages are placed) requires that each message be separated from the others by a blank line, followed by a line that begins with the five characters "From“:

and thanks again. -- bill                  ← one message ends
                                           ← a blank line
From george Fri Dec 13 12:03:45 2002       ← next message starts

Ordinarily, sendmail adds a five-character "From" line to a message if there isn’t one. The F=n delivery agent flag prevents sendmail from doing this. It is intended for use when not dealing with a Unix-style mailbox, or when dealing with a delivery agent that adds the blank line and "From" by itself.

Note that if the F=U delivery agent flag is specified (but not F=n), the five-character UUCP-style "From" header line is created, and the words remote from $g are appended to that line. The F=n delivery agent flag should always be specified for SMTP delivery agents. The five-character "From" line is not a valid RFC2822 header (because it lacks a colon) and is not permitted.

Apart from SMTP, the use of the F=n delivery agent flag is best determined on a case-by-case basis. Some delivery agents always generate a "From" line, so the F=n delivery agent flag can be used to avoid duplication. Some delivery agents generate a "From" line only if there is not already one there, so the F=n delivery agent flag is optional and perhaps best omitted. Some delivery agents never generate a "From" line, yet require one (such as the uux program); for these the F=n delivery agent flag should always be omitted.

Always run delivery agent as recipient V8.7 and later

Under certain circumstances, before sendmail delivers to a file or through programs, it can assume the identity (user-id and group-id) of the controlling user (see Delivery to Files on page 466 for a description of this process). Beginning with V8.7, the F=o delivery agent flag changes this behavior. Specifying the F=o delivery agent flag causes sendmail to assume the identity of the recipient. Omitting the F=o delivery agent flag causes sendmail to assume the identity of the controlling user where appropriate. (See also the F=S flag [F=S on page 780] as a way to have sendmail assume specified user-id and group-id identities.)

In V5 and earlier configuration files (The V Configuration Command on page 580), this delivery agent flag is automatically set for the prog and *file* delivery agents. Note that the U= delivery agent equate (U= on page 755), when specified, always overrides the controlling user.

Process return path per RFC821 Deprecated

The SMTP MAIL From: command normally uses the envelope address for the sender:

MAIL From:<jqp@wash.dc.gov>

If the F=p delivery agent flag is specified, sendmail instead sends a transformed version of that address. The transformation can take one of two forms, depending on the first character of the envelope address. If that address begins with an @ character, an @, the local host name, and a comma are prefixed to that address to create a legal return path:

<@hub:jqp@wash.dc.gov>
  ↓
becomes
  ↓
<@ourhost,@hub:jqp@wash.dc.gov>

If the envelope address for the sender does not start with an @ character, an @, the local host name, and a colon are prefixed to that address:

<jqp@wash.dc.gov> becomes <@ourhost:jqp@wash.dc.gov

See also the DontPruneRoutes option (DontPruneRoutes on page 1024).

Note that these forms of address transformations are discouraged by RFC1123. For this reason, the F=p delivery agent flag is deprecated and might be removed from future versions of sendmail.

Need Return-Path: in header All versions

The F=P delivery agent flag is used by sendmail.cf header commands to force the inclusion of return-path information:

H?P?Return-Path: <$g>

The F=P delivery agent flag has no special internal meaning to sendmail. It is a convention that is used only in the assorted Return-Path: (Return-Path: on page 1165) header definitions. See F= on page 743 for a general description of this process.

The sender’s envelope address (the address that would be used to return mail if it were bounced, for example) is placed into $g for use in the Return-Path: header line. This is usually done during final delivery, although it can also be done for delivery agents that lack a clear envelope address. The form of the address in the $g sendmail macro ($g on page 824) depends on the setting of the F=p delivery agent flag. Note that this is normally the same as the address in the five character "From" line.

This F=P flag should be used only with delivery agents that perform final delivery (such as local, prog, and *file*) and which do not add their own Return-Path: header. This F=P flag should not be used for any delivery agent that delivers using SMTP.

250 versus 252 return for SMTP VRFY V8.8 and later

Prior to RFC1123, a successful reply to the SMTP VRFY command was always prefixed with a 250, meaning that sending to this address was likely to result in successful delivery:

VRFY user
250 user@here.us.edu (Full Name)

Here, sendmail states (with the 250) that it interpreted the address as valid locally and that delivery or relaying to another site would be attempted.

RFC1123 now requires that shades of meaning be conveyed in that success code, so the correct prefix should be 252, which means that the host will accept the address and might attempt to relay it elsewhere.

If the F=q delivery agent flag is set, sendmail returns the 250 prefix; otherwise, it returns the 252 prefix. It should be set only for delivery agents doing local delivery. For configuration files earlier than version 7, the F=q delivery agent flag is automatically set for the local, prog, and *file* delivery agents.

Delivery agent adds -r to argv All versions

If sendmail is run with a -f command-line argument, and if the F=r delivery agent flag is specified, the A= for this delivery agent has the two additional arguments, -r and $g, inserted between its argv[0] and argv[1].

Consider a case in which sendmail is run as:

/usr/lib/sendmail -f jim bill

If bill is a local user and the delivery agent for local is defined as:

Mlocal, P=/bin/mail, F=r
lsDFMmnP, S=10, R=20, A=mail -d $u
                       ↑
                     note

the r in F=rlsDFMmnP will cause the A= of:

A=mail -d $u

to be rewritten as:

A=mail -r $g -d $u

The $g is jim from the original command line (but rewritten to be a return address relative to the recipient). The original -f argument jim is first rewritten by the canonify rule set 3, the rule set 1, and the final rule set 4. The result of those rewrites is placed into $f ($f on page 824). The $f sendmail macro is rewritten by the canonify rule set 3, the rule set 1, the S= rule set, and the final rule set 4, and the result is placed into $g ($g on page 824).

Note that the F=f and the F=r delivery agent flags are very similar and easily confused.

Use a reserved TCP port V8.6 and later

The F=R delivery agent flag causes sendmail to connect on a reserved (privileged) TCP port for additional security. Privileged Internet ports are those in the range of 0 to 1023. Only root is allowed to bind to such ports. The sendmail program calls rresvport(3) to obtain a socket on its selected port. Note that this is done only when instantiating an outgoing connection.

This delivery agent flag is suitable only for use with the A=TCP delivery agents. Note that sendmail is usually started by root when run as a daemon.

Strip quotation marks All versions

Some delivery agents don’t correctly understand quotation marks in addresses. For example:

"dechost::user"@relay

For delivery agents that do not correctly understand them, the F=s delivery agent flag causes sendmail to strip all quotation marks from the address before handing it to the delivery agent:

dechost::user@relay

The local delivery agent should always have the F=s delivery agent flag specified. The prog delivery agent commonly has the F=s delivery agent flag specified. The uucp delivery agent might or might not require that delivery agent flag, depending on the specifics of the program specified in the P= delivery agent equate. The [IPC] delivery agents should never specify the F=s delivery agent flag.

The F=s flag also causes all leading backslash characters to be stripped from the user part of the address.

"\\\user"@relayhost    becomes    user@relayhost

Note that when a lighter touch is needed, you may use F=B flag (F=B on page 768), which just removes all leading backslashes. For example:

"\\\user"@relayhost    with F=B becomes   "user"@relayhost

F=SAssume specified user-id and group-id V8.9 and later

There are three major ways in which sendmail can be run:^[298] as a set-user-id root process (that is, with the permissions of root regardless of who runs it), as a root process because it was run by root, or as an ordinary process run by an ordinary (nonprivileged) user. When sendmail is running with root privilege and when the F=S delivery agent flag is specified for a delivery agent, sendmail always invokes that delivery agent as the effective user and effective group specified by the U= delivery agent equate.^[299] If the U= delivery agent equate is unspecified or is specified as zero, it runs as the effective user root. In both instances, the real user and real group IDs remain those of the recipient.

If the F=S flag is omitted from the delivery agent, the following scenarios occur:

If it fails to set its identity, it prints and logs the following error:

insufficient privileges to change gid, RealGid=rgid, RunAsUid=ruid, gid=gid,
egid=egid

Note that this F=S flag was revised once for V8.7. Then it was revised again for V8.9, and has remained stable since.

Preserve uppercase for username All versions

The username portion of the recipient’s address is ordinarily converted to lowercase before being tucked into $u. The $u is usually used with the A= delivery agent equate of a delivery agent:

Mprog,  P=/bin/sh,   F=lsDFMeuP,  S=10, R=20, A=sh -c $u
                             ↑
                           note

Some delivery agents, such as the prog agent, execute programs. They require that the program (user) name be left as is (otherwise, the program name would not be found). Specifying the F=u delivery agent flag tells sendmail to not convert that name to lowercase.^[300]

Beginning with V8.7 sendmail, the F=u delivery agent flag also determines how some aliases are treated. If it is set, usernames are stored in the aliases database without conversion to lowercase. If it is clear, they are converted to lowercase.

Also, if the F=u delivery agent flag is set, looking up the owner part that follows the owner- in a mailing list is done in a case-sensitive manner. If the F=u delivery agent flag is clear, the owner is converted to lowercase before being looked up.

In general, the F=u delivery agent flag should be set in all delivery agent declarations, except possibly the local delivery agent.

Use UUCP-style From line All versions

The F=U delivery agent flag causes sendmail to prefix a five-character "From" line to the start of the headers if there is not already one there. Whether one was prefixed or not, this delivery agent flag also tells sendmail to add the words remote from host to the end of that line, and also requires that $g be in the form host!....

The F=U delivery agent flag is required when a neighbor UUCP site runs an old (or possibly SysV) version of the rmail program. The newer BSD versions of rmail do not require this delivery agent flag.

Note that the F=n flag (F=n on page 776), if specified, overrides this F=U flag.

Check for valid user identity V8.7 and later

The sendmail program uses the getpwnam(3) routine (and can use others, such as LDAP) to determine whether a local address corresponds to a local account. If it does, the home directory for the user is copied into $z ($z on page 852). Then the full name of the user is extracted from the GECOS field of the passwd(5) file and placed into $x ($x on page 851).

Beginning with V8.7 sendmail, the information in the passwd(5) file is looked up only if the F=w delivery agent flag is set for the recipient’s delivery agent. In general, it must be present (set) for the local and any local-clone delivery agents but should be absent for all other delivery agents. For configuration files of levels lower than 6 (The V Configuration Command on page 580), the F=w delivery agent flag is automatically set for the local delivery agent.

Omitting the F=w delivery agent flag has several consequences:

Note that if you are using Unix V7-style mailboxes (as with /bin/mail), this delivery agent flag should be considered mandatory for local and local clones. If you are using blackbox-style mailboxes (as with cyrus), this flag is meaningless because usernames are not passed, and so should be omitted. If you want to cancel forwarding, use the ForwardPath option. Attempting to cancel forwarding by omitting the F=w delivery agent flag can have unpredictable side effects that might cause mail to fail.

Ignore host status for this delivery agent V8.13 and later

The HostStatusDirectory option (HostStatusDirectory on page 1037) defines where long-term host status should be maintained. If you prefer a particular delivery agent to ignore that status, you may do so by defining this F=W flag. When defined, it acts as though the HostStatusDirectory option were undefined for that particular delivery agent.

Need Full-Name: in header All versions

The F=x delivery agent flag is used by sendmail.cf header commands to force the inclusion of the user’s full name (F= on page 743):

H?x?Full-Name: $x

The F=x delivery agent flag has no special internal meaning to sendmail. It is a convention that is used only in the assorted Full-Name: (Full-Name: on page 1158) header definitions. See F= on page 743 for a general description of this process.

Need RFC2821 hidden dot All versions

Delivery agents that speak SMTP require that any line of the message that begins with a dot have that dot doubled. Delivery agents speak SMTP or LMTP when the $u is missing from the A= delivery agent equate. For example:

Mether, P=[ICP], F=msDFMuCX, S=11, R=21, A=TCP $h

An example of a file that contains leading dots is a troff(1) source file:

.\" Show example
.Ps
Mether, P=[ICP], F=msDFMuCX, S=11, R=21, A=TCP $h
.Pe

In this example, three lines begin with a leading dot, but the F=X delivery agent flag causes sendmail to transmit the message as: