Lines Matching +full:a +full:- +full:oq +full:- +full:z
5 of the sendmail configuration files, the date of release, and a
13 - Prevent transaction stuffing by ensuring SMTP clients
19 - Accept only CRLF . CRLF as end of an SMTP message
22 - Do not accept a CR or LF except in the combination
27 replaces offending bare CR or bare LF with a space.
31 are used, i.e., TLSA RR 2-x-y and 3-x-y are supported
34 default an openssl.cnf file from a location specified
41 Note: referring to a file which does not exist does
47 The default rules return a temporary error for these
62 If a reply to a previous RCPT was received while sending
75 the arguments must not have a trailing dot anymore
76 because the -a. option has been removed (as it only
79 VACATION: Add support for Return-Path header to set sender
81 VACATION: Honor RFC3834 and avoid an auto-reply if
82 'Auto-Submitted: no' is found in the headers to
84 VACATION: Avoid an auto-reply if a 'List-Id:' is found in
102 without STARTTLS. This can be changed via a
109 Fix a regression introduced in 8.17.1: aliases file which
114 new logging may be enabled in a future release.
119 When EAI is enabled, mailq prints UTF-8 addresses as such
130 Handle a possible change in an upcoming release of Cyrus-SASL
134 to the server and a milter is unavailable.
137 based on a codespell report by Jens Schleusener
141 If tls_rcpt rejected the delivery of a recipient then a bogus
143 If a server replied with 421 to a RCPT command then a bogus reply=
145 When quoting the value for ${currHeader} avoid causing a syntax
146 error (Unbalanced '"') when truncating a header value
148 Reduce the performance impact of a change introduced in
157 breakage when a hostname contains 'dnl'. Problem
161 DOC: Document that USAGE is a possible value for {verify}.
173 using a loopback address. Patch from Mike Karels of
180 adapt a condition for sigwait(2) taking one argument.
192 to ANSI C. If you are using sendmail on a system
193 which does not have a compiler for ANSI C contact us
196 Experimental support for SMTPUTF8 (EAI, see RFC 6530-6533)
200 If a mail submission via the command line requires
201 the use of SMTPUTF8, e.g., because a header uses UTF-8
203 ASCII, then the new option -U must be used, and
207 (MTA-STS, see RFC 8461) is available when using
208 - the compile time option _FFR_MTA_STS (which requires
210 - FEATURE(sts), which implicitly sets the cf option
212 - postfix-mta-sts-resolver, see
213 https://github.com/Snawoot/postfix-mta-sts-resolver.git
219 flags are available: D/M to disable DANE/MTA-STS,
232 Fix a theoretical buffer overflow when encountering an
240 a connection immediately only if sent as first command.
244 CDB map locking has been changed so a sendmail process which
245 does have a CDB map open does not block an in-place
248 the map under a different name and then move it
250 On some systems the rejection of a RCPT by a milter could
252 CONFIG: New FEATURE(`check_other') to provide a default
255 removed in future versions because it has a fundamental
264 CONTRIB: Added cidrexpand -O option for suppressing duplicates from
265 a CIDR expansion that overlaps a later entry and -S option
276 CDB, flock() (-DHASFLOCK), or an earlier Berkeley
287 libsm/t-ixlen.c
288 libsm/t-ixlen.sh
289 libsm/t-streq.c
290 libsm/t-streq.sh
294 libsmutil/t-lockfile.c
295 libsmutil/t-lockfile-0.sh
296 libsmutil/t-maplock-0.sh
305 when a closed session is encountered.
309 the compile time option DANE is set. Only TLSA RR 3-1-x
315 New option CRLPath to specify a directory which contains
319 can return a (semicolon separated) list of TLS related
323 mail, sendmail can now immediately try a connection again
324 without STARTTLS after a TLS handshake failure.
330 a clear text delivery attempt.
341 Fix logic to enable a milter to delete a recipient in
344 Log name of a milter making changes (this was missing for
346 Log the actual reply of a server when an SMTP delivery problem
347 occurs in a "reply=" field if possible.
349 patch from Packet Hack, Jim Hranicky, Kevin A. McGrail,
351 Add CDB as map type. Note: CDB is a "Constant DataBase", i.e.,
367 new -c option for LDAP maps to specify the network timeout.
382 DOC: The dns map can return multiple values in a single result
383 if the -z option is used.
385 LIBMILTER: Fix typo in a macro. Patch from Ignacio Goyret
386 of Alcatel-Lucent.
391 LIBMILTER: Fix a potential memory leak in smfi_setsymlist().
400 Add support for Darwin 14-18 (Mac OS X 10.x).
406 of a FQHN) to 256 if it is less than that value.
418 libsm/t-notify.c
426 a recursion which was caught and logged as
430 The value 'none' previously caused a log entry claiming
437 Patch from Lars-Johan Liman of Netnod Internet Exchange.
440 value depends on the compile-time option IPV6_FULL:
450 LIBMILTER: Allow a milter to specify an empty macro list ("", not
453 MAKEMAP: A change to check TrustedUser in fewer cases which was
454 made in 2013 caused a potential regression when makemap
457 (prefix _FFR_) which might be enabled in a subsequent
462 - doc/op/op.* for rulesets and macros,
463 - cf/README for mc/cf options.
466 SECURITY: Properly set the close-on-exec flag for file descriptors
468 If header rewriting fails due to a temporary map lookup failure,
481 permits a zero subnet to have a more specific match,
487 As a very simple check search for patterns like
488 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. If necessary,
490 APPENDDEF(`conf_sendmail_ENVDEF', `-DIPV6_FULL=0')
492 If debugging is turned on (-d0.14) also print the OpenSSL
495 If a connection to the MTA is dropped by the client before its
497 so that the unvalidated hostname is not passed to a
499 Add a timeout for communication with socket map servers
500 which can be specified using the -d option.
501 Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow
503 The new option CertFingerprintAlgorithm specifies the finger-
516 respectively. See SSL_CTX_set_options(3) for a list.
523 if a CRLFile is in use (and LogLevel is 14 or higher.)
524 Store a more specific TLS protocol version in ${tls_version}
525 instead of a generic one, e.g., TLSv1 instead of
533 TLS server to have a cert is removed. This only works
536 may not work with a server using this.
538 ServerKeyFile can take a second file name, which must be
539 separated from the first with a comma (note: do not use
540 any spaces) to set up a second cert/key pair. This can
543 A new map type "arpa" is available to reverse an IP (IPv4 or IPv6)
545 without trailing {ip6,in-addr}.arpa.
547 sendmail -C new.cf -bC
548 will perform a basic syntax/consistency check of new.cf.
549 The mailer flag 'I' is deprecated and will be removed in a
554 If the new option MaxQueueAge is set to a value greater than zero,
555 entries in the queue will be retried during a queue run
561 Reset timeout after receiving a message to appropriate value if
564 Report correct error messages from the LDAP library for a range of
571 DEVTOOLS: Fix regression in auto-detection of libraries when only
574 LIBMILTER: Mark communication socket as close-on-exec in case
575 a user's filter starts other applications.
584 SECURITY: Properly set the close-on-exec flag for file descriptors
586 Fix a misformed comment in conf.c: "/*" within comment
587 which may cause a compilation error on some systems.
589 DEVTOOLS: Fix regression in auto-detection of libraries when only
603 A new mailer flag '!' is available to suppress an MH hack
613 APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_IPV6_FULL')
620 setusercontext() on deliveries as a different user.
622 Avoid compiler warnings from a change in Cyrus-SASL 2.1.25.
624 Add support for DHParameters 2048-bit primes.
627 LIBSMDB: Add a missing check for malloc() in libsmdb/smndbm.c.
641 Drop support for IPv4-mapped IPv6 addresses to prevent the MTA
642 from using a mapped address over a legitimate IPv6 address
645 Fix a regression introduced in 8.14.6: the wrong list of
646 macros was sent to a milter in the EHLO stage.
650 was not performed and a wrong syntax check was applied
651 to the "addr-type" field. Problem noted by Dan Lukes
660 resolve to the error mailer using a temporary failure
670 Fix a regression introduced in 8.14.5: if a server offers
674 Do not cache hostnames internally in a non case sensitive way
679 as a DKIM signing milter.
682 internal counter was subject to a race condition.
683 If a milter decreases the timeout it waits for a communication
684 with the MTA, the MTA might experience a write() timeout.
687 Note: decreasing the communication timeout in a milter
691 the milter which invoked it, instead of a global
694 If Timeout.resolver.retrans is set to a value larger than 20,
698 If sendmail could not lock the statistics file due to a system
699 error, and sendmail later sends a DSN for a mail that
701 memory that was freed before (causing a crash on some
705 Account for an API change in newer versions of Cyrus-SASL.
707 Do not try to resolve link-local addresses for IPv4 (just as it
711 the reason for the failure in a single log line. Suggested
723 is based on hostname which may not be a unique identifier
724 for a server, i.e., different machines may have the
727 Avoid an out-of-bounds access in case a resolver reply for a DNS
728 map lookup returns a size larger than 1K. Based on a
730 If a job is aborted using the interrupt signal (e.g., control-C from
732 functions that are not signal-safe. Note: in previous
737 Per RFC 6176, when operating as a TLS client, do not offer SSLv2.
738 Since TLS session resumption is never used as a client, disable
739 use of RFC 4507-style session tickets.
744 Read at most two AUTH lines from a server greeting (up to two
746 "AUTH=mechs"). Otherwise a malicious server may exhaust
750 connection to an LDAP server is lost while making a query.
758 CONFIG: FEATURE(`ldap_routing') in 8.14.4 tried to add a missing
759 -T<TMPF> that is required, but failed for some cases
761 until a better solution can be implemented. Problem
765 CONTRIB: qtool.pl: Deal with H entries that do not have a
768 DOC: Use a better description for the -i option in sendmail.
787 in CNs by placing a string indicating a bad certificate
790 During the generation of a queue identifier an integer overflow
794 The value of headers, e.g., Precedence, Content-Type, et.al.,
796 Between 8.11.7 and 8.12.0 the length limitation on a return
801 Prevent a crash when a hostname lookup returns a seemingly
802 valid result which contains a NULL pointer (this seems
810 from a milter. Problem found by Scott Rotondo
815 If a Diffie-Hellman cipher is selected for STARTTLS, the
819 the server can take a significant amount of time on slow
821 to none or a file (see doc/op/op.me). Patch from
826 Fix a potential memory leak in libsmdb/smdb1.c found by parfait.
828 If a milter sets the reply code to "421" during the transfer
831 Return EX_IOERR (instead of 0) if a mail submission fails due to
836 CONFIG: Using a CN restriction did not work for TLS_Clt as it
837 referred to a wrong macro. Patch from John Gardiner
845 were used. Patch from Vesa-Matti J Kari of the
847 LIBMILTER: Fix internal check whether a milter application
862 VACATION: Do not refer to a local variable outside its scope.
871 During ruleset processing the generation of a key for a map
876 8.14.2 caused a regression: it accessed (macro) storage which was
892 libmilter has been set to 1 so a milter can determine
894 MAKEMAP: If a delimiter is specified (-t) use that also when
895 dumping a map. Patch from Todd C. Miller of OpenBSD.
901 DEVTOOLS: Clarify that confSHAREDLIBDIR requires a trailing slash.
907 If a message was queued and it contained 8 bit characters in
908 a From: or To: header, then those characters could be
909 "mistaken" for internal control characters during a queue
912 If MaxMimeHeaderLength is set to a value greater than 0 (which
914 is 0, sendmail corrupted in the non-transfer-encoding
915 case every MAXLINE-1 characters. Patch from John Gardiner
920 background if a milter can reject or delete a recipient.
926 Force a queue run for -qGqueuegroup even if no runners are
928 When multiple results are requested for a DNS map lookup
929 (-z and -Z), return only those that are relevant for
933 the message is refused (by a milter), sendmail previously
934 created a delivery status notification (DSN). Patch
936 A code change in Cyrus-SASL 2.1.22 for sasl_decode64() requires
939 sendmail counted a delivery as successful if PIPELINING is
946 If check_compat returns $#discard then a "savemail panic" could
948 a system which does not have the compile time flag
951 If a milter rejected a recipient, the count for nrcpts= in the
954 If a milter invoked smfi_chgfrom() where ESMTP arguments are not
957 sendmail(8) had a bogus space in -qGname. Patch from Peng Haitao.
960 CONTRIB: buildvirtuser: Skip dot-files (e.g., .cvsignore) when
972 Even though a milter rejects a recipient the MTA will still keep
974 transaction is accepted. This is a regression introduced
977 The new DaemonPortOptions which begin with a lower case character
979 If a server shut down the connection in response to a STARTTLS
980 command, sendmail would log a misleading error message
1005 Booth, University of Illinois at Urbana-Champaign.
1019 - header field names are still restricted to 7 bit.
1020 - RFC 2822 allows only 7 bit (US-ASCII) characters in
1022 Preserve spaces after the colon in a header. Previously, any
1028 may be off by a factor of 4 in case of a sequence of
1031 Fix a regression in 8.13.8: if InputMailFilters is set then
1032 "sendmail -bs" can trigger an assertion because the
1035 Avoid referencing a freed variable during cleanup when terminating.
1048 New option -K for LDAP maps to replace %1 through %9 in the
1052 Log the time after which a greet_pause delay triggered. Patch
1054 If a client is rejected via TCP wrapper or some other check
1057 of the University of Illinois at Urbana-Champaign.
1058 If a client terminates the SMTP connection during a pause
1059 introduced by greet_pause, then a misleading message
1065 of a message, its parameter is the size of the message.
1067 is a header address it also distinguishes between
1070 When a macro is set in check_relay, then its value is accessible
1077 enabled, the MTA can be asked to select a shared memory
1078 key itself by setting SharedMemoryKey to -1 and specifying
1079 a file where to store the selected key.
1085 X-Actual-Recipient lines in DSNs revealing the actual
1087 New options B, z, and Z for DNS maps:
1088 -B: specify a domain that is always appended to queries.
1089 -z: specify the delimiter at which to cut off the result of
1090 a query if it is too long.
1091 -Z: specify the maximum number of entries to be concatenated
1092 to form the result of a lookup.
1099 Fix a potential race condition caused by a signal handler for
1101 When a milter deleted a recipient, that recipient could cause a
1104 New operator 'r' for the arith map to return a random number.
1111 If sendmail received input that contained a CR without subsequent LF
1115 Restarting persistent queue runners by sending a HUP signal to
1120 If ARPANET mode (-ba) was selected STARTTLS would fail (due to
1121 a missing initialization call for that case). Problem
1123 If sendmail is linked against a library that initializes Cyrus-SASL
1124 before sendmail did it (such as libnss-ldap), then SMTP AUTH
1125 could fail for the sendmail client. A patch by Moritz Both
1126 works around the API design flaw of Cyrus-SASLv2.
1129 the MTA will not attempt to open a statistics file on
1136 clients which provide a HELO/EHLO argument which is either
1142 (MAIL) whose domain part resolves to a "bad" MX record.
1150 macros a milter should receive at those stages in the
1157 CONTRIB: cidrexpand uses a hash symbol as comment character and
1159 preceded by a backslash.
1160 DEVTOOLS: New macro confMKDIR: if set to a program that creates
1165 LIBMILTER: A new version of the milter API has been created that
1171 it is not user/milter-programmer visible). Additionally,
1172 a version function smfi_version() has been introduced such
1173 that a milter program can check the libmilter version also
1174 at runtime which is useful if a shared library is used.
1175 LIBMILTER: A new callback xxfi_negotiate() can be used to
1178 specify which of these a milter wants to use. This allows
1181 LIBMILTER: A new callback xxfi_data() is available so milters
1183 LIBMILTER: A new callback xxfi_unknown() is available so milters
1185 LIBMILTER: A new return code SMFIS_NOREPLY has been added which
1191 is useful if a milter can make a decision based on the
1195 LIBMILTER: A new function smfi_addrcpt_par() can be used to add
1197 LIBMILTER: A new function smfi_chgfrom() can be used to change the
1199 LIBMILTER: A milter can now request to be informed about rejected
1202 a RCPT has been rejected can be checked by comparing the
1204 LIBMILTER: A milter can now override the list of macros that it
1208 LIBMILTER: A milter can receive header field values with all
1211 does not add a leading space to headers that are added,
1213 LIBMILTER: If a milter sets the reply code to "421" for the HELO
1233 libsm/t-memstat.c
1234 libsm/t-qic.c
1240 Fix a regression in 8.13.7: if shared memory is activated, then
1246 Fix a regression in 8.13.7: the PidFile could be removed after
1248 sendmail -bd is invoked. Problem reported by Kan Sasaki
1252 Avoid a crash when finishing due to referencing a freed variable.
1263 A malformed MIME structure with many parts can cause sendmail to
1264 crash while trying to send a mail due to a stack overflow,
1265 e.g., if the stack size is limited (ulimit -s). This
1270 a depth of MAXMIMENESTING (20); message content after this
1273 The changes to the I/O layer in 8.13.6 caused a regression for
1275 DIGEST-MD5. Problem noted by Robert Stampfli.
1276 If a timeout occurs while reading a message (during the DATA phase)
1277 a df file might have been left behind in the queue.
1280 Several minor problems have been fixed that were found by a
1283 Note: the scan generated also a lot of "false positives",
1289 If the start of the sendmail daemon fails due to a configuration
1296 bug work-around. Hence if sendmail is linked against
1298 the padding bug work-around is turned off. Based on
1301 blackholes.mail-abuse.org as default domain for lookups,
1313 a buffer in sm_syslog() which could have been used as an
1316 Problem detected by Mark Dowd of ISS X-Force.
1320 configuration by restricting the size of a header, and on
1323 If a server returns 421 for an RSET command when trying to start
1324 another transaction in a session while sending mail, do
1327 If a server returns a 5xy error code (other than 501) in response
1328 to a STARTTLS command despite the fact that it advertised
1330 2487 treat it nevertheless as a permanent failure instead
1331 of a protocol error (which has been changed to a
1333 A. Earickson of Colby College.
1334 Clear SMTP state after a HELO/EHLO command. Patch from John
1340 resume a stored TLS session.
1342 a configured value (MaxDaemonChildren) is not exceeded.
1352 -1 and set errno instead of returning an error code
1364 is enough free disk space when selecting a queue, hence
1365 without this change queue selection could fail if a df/
1366 subdirectory exists and is on a different filesystem
1369 checking whether a link(2) operation can be used to split
1381 When a server responds with 421 to the STARTTLS command then treat
1382 it as a temporary error, not as protocol error. Problem
1390 LIBMILTER: Recognize "421" also in a multi-line reply to terminate
1393 has a properly working snprintf(3) to get rid
1406 broken systems misinterpret it as a permanent error.
1408 Some default values in a generated cf file did not match
1419 The bug fixes in 8.13.3 for connection handling uncovered a
1421 stay in CLOSE_WAIT state due to a variable that was not
1436 Undo a change made in 8.13.0 to silently truncate long strings
1441 The internal stab map did not obey the -m flag. Patch from
1443 The socket map did not obey the -f flag. Problem noted by
1446 the LDAP map -1 argument which tells the MTA to only
1447 return success if and only if a single LDAP match is found.
1449 to avoid a possible segmentation fault. Based on patch
1452 does not assign a value to its output parameter. Based
1470 libsm/t-sem.c
1475 Make sure a connection is not reused after it has been closed
1476 due to a 421 error. Problem found by Allan E Johannesen
1479 closing a connection. Problem found by Allan E Johannesen
1481 Regression: a change in 8.13.2 caused sendmail not to try the
1483 connection open, the current server returns a 4xy or 5xy
1488 buffer size. Previously a part of such a header would
1494 If a server returns a 421 reply to the RSET command between
1501 Deal with clients which use AUTH but negotiate a smaller buffer size
1504 When passing ESMTP arguments for RCPT to a milter, do not cut
1505 them off at a comma. Problem noted by Krzysztof Oledzki.
1512 to a hostname for use with SASL. Problem noted by Ken Jones;
1517 xxfi_eom() for a message if some timeouts were triggered.
1524 MAIL.LOCAL: make strip-mail.local used a wrong path to access
1542 Fix support for a fallback smart host for system where DNS is
1544 Fix SuperSafe=PostMilter behavior when a milter replaces a body
1548 Fix certificate revocation list support; if a CRL was specified
1549 but the other side presented a cert that was signed by
1550 a different (trusted) CA than the one which issued the CRL,
1553 the F=S mailer flag is set without a U= mailer equate.
1556 Patch from Sung-hoon Choi of DreamWiz Inc.
1557 CONFIG: Emit a warning if FEATURE(`access_db') is used after
1567 Fix a 64 bit problem in the socket map code. Problem
1571 a system. Patch from Andrew Brown.
1572 Add a README file in doc/op/ to explain potential
1579 Do not include AUTH data in a bounce to avoid leaking confidential
1584 Fix compilation error in libsm/clock.c for -D_FFR_SLEEP_USE_SELECT=n
1585 and -DSM_CONF_SETITIMER=0. Problem noted by Juergen Georgi
1587 Fix bug in conversion from 8bit to quoted-printable. Problem found
1591 LDAP queries to return a new query, a DN, or an LDAP
1600 New option for LDAP maps: the -w option allows you to specify the
1603 New option for LDAP maps: the -H option allows you to specify an
1604 LDAP URI instead of specifying the LDAP server via -h host
1605 and -p port. This also allows for the use of LDAP over
1610 If MaxDaemonChildren is set and a command is repeated too often
1611 during a SMTP session then terminate it just like it is
1618 A new option ConnectionRateWindowSize (default: 60s)
1627 greeting. If any traffic is received before then, a 554
1630 If 32 NOOP (or unknown/bad) commands are issued by a client the SMTP
1631 server could sleep for a very long time. Fix based on
1633 Fix a potential memory leak in persistent queue runners if the
1637 misinterpret it as a permanent error.
1642 New macro {msg_id} which contains the value of the Message-Id:
1654 for a discussion of the implications of this, including
1657 Support per-daemon input filter lists which override the default
1666 unless specifically requested with -qQ. Quarantined queue
1667 files are named with an hf prefix instead of a qf prefix.
1668 The -q command line option now can specify which queue to display
1669 or run. -qQ operates on quarantined queue items. -qL
1672 quarantined reason using -qQtext to run or display
1674 given text. Similarly, -q!Qtext will run or display
1678 new -Q option. See doc/op/op.me for more information.
1679 When displaying the quarantine mailq with 'mailq -qQ', the
1680 quarantine reason is shown in a new line prefixed by
1682 A new error code for the $#error mailer, $@ quarantine, can be used
1686 Add a new quarantine count to the mailstats collected.
1687 Add a new macro ${quarantine} which is the quarantine reason for a
1689 New map type "socket" for a trivial query protocol over UNIX domain
1697 Add a new macro ${nbadrcpts} which contains the number of bad
1698 recipients received so far in a transaction.
1702 Treat Delivery-Receipt-To: headers the same as Return-Receipt-To:
1703 headers (turn them into DSNs). Delivery-Receipt-To: is
1710 Add a new AuthOption=m flag to require the use of mechanisms which
1725 Add basic support for certificate revocation lists. Note: if a
1729 DIGEST-MD5 and LOGIN.
1739 If the MSP is invoked with the verbose option (-v) then it will
1744 If a daemon is refusing connections for longer than the time specified
1748 Remove the ability for non-trusted users to raise the value of
1750 New mailer flag 'B' to strip leading backslashes, which is a
1755 it off, add -DMILTER=0 to the compile time options.
1763 New command line option -D logfile to send debug output to
1778 Add support for a fallback smart host (option FallbackSmartHost) to
1779 be tried as a last resort after all other fallbacks. This
1785 Remove deprecated -v option for PH map, use -k instead. Patch from
1786 Mark Roth of the University of Illinois at Urbana-Champaign.
1788 then compile with -DNPH_VERSION=10100. Patch from Mark Roth
1789 of the University of Illinois at Urbana-Champaign.
1796 terminate the SMTP session with a 421 error message.
1800 compile with -DUSE_TTYPATH=1.
1819 The Linux kernel version 2.4 series has a broken flock() so
1829 Add support for Darwin 7.0/Mac OS X 10.3 (a.k.a. Panther).
1830 Extend support to Darwin 7.x/Mac OS X 10.3 (a.k.a. Panther).
1844 CONFIG: Add a new access DB value of QUARANTINE:reason which
1847 CONFIG: Use "dns -R A" as map type for dnsbl (just as for enhdnsbl)
1849 DNS records than just A.
1871 this requires a change in a mc file. Requested by
1878 CONFIG: Add a third optional argument to local_lmtp to specify
1879 the A= argument.
1894 CONFIG: FEATURE(nodns) has been removed, it was a no-op since 8.9.
1902 CONFIG: Add a new value (sendertoo) for the third argument to
1906 CONFIG: Add a fifth argument to FEATURE(`ldap_routing') which
1907 instructs the rulesets on whether or not to do a domain
1908 lookup if a full address lookup doesn't match. See cf/README
1910 CONFIG: Add a sixth argument to FEATURE(`ldap_routing') which
1916 CONFIG: New option confMESSAGEID_HEADER to define a different
1917 Message-Id: header format. Patch from Bastiaan Bakker
1929 LIBMILTER: If a milter sets the reply code to "421", the SMTP server
1931 LIBMILTER: Upon filter shutdown, libmilter will not remove a
1940 filter to return a multi-line SMTP reply.
1944 LIBMILTER: Fix a descriptor leak in the sample program found in
1958 MAKEMAP: Add new flag -D to specify the comment character to use
1960 VACATION: Add new flag -j to auto-respond to messages regardless of
1963 VACATION: Add new flag -R to specify the envelope sender address
1964 for the auto-response message.
1978 devtools/OS/UNICOS-mk
1979 devtools/OS/UNICOS-mp
2001 Use QueueFileMode when opening qf files. This error was a
2004 Properly count the number of queue runners in a work group and
2015 When a milter invokes smfi_delrcpt() compare the supplied
2024 Undo change of algorithm for MIME 7-bit base64 encoding to 8-bit
2027 To get the 8.12.3-8.12.10 version, compile sendmail with
2028 -DMIME7TO8_OLD=0. If you have an example of improper
2031 the one specified by check_relay or a milter for a
2037 then a possible race condition for creating qf files
2052 Add support for Darwin 7.0/Mac OS X 10.3 (a.k.a. Panther).
2055 LIBMILTER: Add extra checks in case a broken MTA sends bogus data
2063 SECURITY: Fix a buffer overflow in address parsing. Problem
2066 Fix a potential buffer overflow in ruleset parsing. This problem
2068 only if non-standard rulesets recipient (2), final (4), or
2069 mailer-specific envelope recipients rulesets are used then
2070 a problem may occur. Problem noted by Timo Sirainen.
2074 Properly count message size when performing 7->8 or 8->7 bit MIME
2083 Better error handling in case of (very unlikely) queue-id conflicts.
2085 encountering a comment that is too long. Problem noted by
2090 Reset SASL connection context after a failed authentication attempt.
2096 When a milter adds recipients and one of them causes an error,
2100 lack a DSN, i.e., "error:### Text". Problem noted by
2106 Richard A. Nelson of Debian and Paul Szabo.
2109 mailbox is fsync()'ed and a new message is delivered
2111 MAIL.LOCAL: If mail delivery fails, do not leave behind a
2116 of Washington for providing access to a computer
2123 Use strerror(3) on Linux. If this causes a problem on
2125 -DHASSTRERROR=0 and tell sendmail.org about it.
2130 SECURITY: Fix a buffer overflow in address parsing due to
2131 a char to int conversion problem which is potentially
2139 -DALLOW_255 or use the command line option -d82.101.
2141 performing 7->8 or 8->7 bit MIME conversions, the default
2143 Note: this does have a performance impact, and it only
2145 To disable the checks and return to pre-8.12.9 defaults,
2147 Do not complain about -ba when submitting mail. Problem noted
2158 CONTRIB: buildvirtuser: New option -t builds the virtusertable
2163 This can be overridden by using -DSM_CONF_GETOPT=0
2167 SECURITY: Fix a remote buffer overflow in header parsing by
2170 of ISS X-Force.
2171 Fix a potential non-exploitable buffer overflow in parsing the
2175 Fix ETRN #queuegroup command: actually start a queue run for
2177 If MaxMimeHeaderLength is set and a malformed MIME header is fixed,
2180 CONFIG: Fix regression bug in proto.m4 that caused a bogus
2183 a mailbox has more than one link or whether it is not
2184 a regular file. Patch from John Beck of Sun Microsystems.
2190 to erroneously allow a connection. Problem noted
2206 users. Problem noted by Martin J. Dellwo of 3-Dimensional
2214 Do not process a queue group if Runners is set to 0, regardless
2215 of whether F=f or sendmail is run in verbose mode (-v).
2216 The use of -qGname will still force queue group "name"
2218 Change the level for logging the fact that a daemon is refusing
2223 Re-enable ForkEachJob which was lost in 8.12.0. Problem noted by
2227 Fix a potential memory leak in envelope splitting. Problem noted
2237 If -f "" is specified, set the sender address to "<>". Problem
2244 and pass a NULL pointer to an option which requires
2247 by using -DSM_CONF_GETOPT=0. Problem noted by
2249 Support for nph-1.2.0 from Mark D. Roth of the University
2250 of Illinois at Urbana-Champaign.
2272 mail to non-existing users. Problem noted by Mark Roth of
2273 the University of Illinois at Urbana-Champaign.
2286 MAIL.LOCAL: Fix a truncation race condition if the close() on
2289 MAIL.LOCAL: Fix a potential file descriptor leak if mkstemp(3)
2292 used for a command. Problem noted by David Endler of
2300 returned by the bestmx map when -z is used as option.
2304 Properly split owner- mailing list messages when SuperSafe is set
2310 Do not send a bounce message if a message is completely collected
2313 Provide an 'install-submit-st' target for sendmail/Makefile to
2317 Queue up mail with a temporary error if setusercontext() fails
2318 during a delivery attempt. Patch from Todd C. Miller of
2325 Prevent a segmentation fault if a program passed a NULL envp using
2327 Document a problem with the counting of queue runners that may
2330 If discarding a message based on a recipient, don't try to look up
2335 If applying a header check to a header with unstructured data,
2348 CONFIG: There was a seemingly minor change in 8.12.4 with respect
2355 modification causes a change of behavior if an IP net/address
2356 is listed in the access map with REJECT and a host/domain
2370 LIBMILTER: Protect a free(3) operation from being called with a
2379 SECURITY: The DNS map can cause a buffer overflow if the user
2380 specifies a dns map using TXT records in the configuration
2381 file and a rogue DNS server is queried. None of the
2388 Require a suboption when setting the Milter option. Problem noted
2393 Prevent a segmentation fault when clearing the event list by
2397 Close a potential race condition in transitioning a memory buffered
2403 A. McGrail of Peregrine Hardware.
2409 -DHASFLOCK=0. Be sure to update other sendmail
2414 can leave systems open to a local denial of service
2423 Fix a potential core dump problem if the environment variable
2424 NAME is set. Problem noted by Beth A. Chaney of
2430 replaces the body of a message. Problem noted by Gisle Aas
2433 initial zero-length response to "=" per RFC 2554. Patches
2436 inserting a MIME-Version: header when MaxMimeHeaderLength
2443 Set ${msg_size} macro when reading a message from the command line
2454 Leibniz-Rechenzentrum Munich.
2460 non-compliant. Problem noted by Martin Mokrejs of
2466 CONFIG: Using 'local:' as a mailertable value with
2469 CONFIG: Provide a workaround for DNS based rejection lists that
2473 be accepted if the machine isn't connected to a nameserver
2479 CONFIG: Avoid a duplicate '@domain' virtusertable lookup if no
2490 LIBMILTER: Mark the listening socket as close-on-exec in case
2491 a user's filter starts other applications.
2499 VACATION: When listing the vacation database (-l), don't show
2500 bogus timestamps for excluded (-x) addresses. Problem
2508 not to be delivered if a queue file is repeatedly moved
2530 Matching queue IDs with -qI should be case sensitive. Problem
2536 contains a trailing slash. Based on patch from Dirk Meyer
2543 do not have a From: header. Problem noted by Bas Haakman.
2544 Change timeout check such that cached information about a connection
2554 a milter filter and buffered file I/O is being used.
2558 Prevent a file descriptor leak on mail delivery if the initial
2561 Properly deal with a case where sendmail is called by root running
2562 a set-user-ID (non-root) program. Problem noted by Jon
2565 directories are used and mail is sent to a mailing list
2566 which has an owner- alias. Problem noted by Anne Bennett
2570 The SMTP daemon no longer tries to fix up improperly dot-stuffed
2571 incoming messages. A leading dot is always stripped by the
2574 Fix corruption when doing automatic MIME 7-bit quoted-printable or
2575 base64 encoding to 8-bit text. Problem noted by Mark
2582 non-ASCII characters, and properly create DSNs if necessary.
2586 Prevent a race condition on child cleanup for delivery to files.
2596 Do not try to send a second SMTP QUIT command if the remote
2597 responds to a MAIL command with a 421 reply or on I/O
2598 errors. By doing so, the host was marked as having a
2610 Define HPUX10 when building on HP-UX 10.X. That platform
2617 Add /sbin/sh as an acceptable user shell on HP-UX. From
2618 Rajesh Somasund of Hewlett-Packard.
2619 CONFIG: Add FEATURE(`authinfo') to allow a separate database for
2621 8.12.0 but a release note was not included.
2623 parameter is set and the LDAP lookup returns a temporary
2634 This will only have an effect if a parameter is specified,
2639 submit.cf) to use $TZ for time stamps. This is a compromise
2644 University of Illinois at Urbana-Champaign, solution proposed
2646 CONFIG: Mac OS X (Darwin) ships with mail.local as non-set-user-ID
2649 CONTRIB: Add a warning to qtool.pl to not move queue files around
2651 CONTRIB: buildvirtuser: Add -f option to force rebuild.
2652 CONTRIB: smcontrol.pl: Add -f option to specify control socket.
2662 LIBMILTER: If smfi_setreply() sets a custom reply code of '4XX' but
2668 LIBSM: Add SM_CONF_LDAP_MEMFREE as a configuration define. Set
2671 LIBSMDB: Avoid a file creation race condition for Berkeley DB 1.X
2678 VACATION: Don't ignore -C option. Based on patch by Bryan Costales.
2688 following -b) has been specified.
2695 Remove newlines from recipients read via sendmail -t to prevent
2700 chunk sent by a filter. Problem noted by Kari Hurtta of
2708 Shut down "nullserver" and ETRN-only connections after 25 bad
2715 message sender if the sender had used a deprecated RFC822
2721 For systems on which stat(2) does not return a value for st_blksize
2725 regular files, and a lower and upper limit for other file
2727 Fix a potential deadlock if two events are supposed to occur at
2733 Allow selection of queue group for mailq using -qGgroup.
2740 Correct a few LDAP related memory leaks. Patch from David Powell
2745 CRAM-MD5. Problem noted by Bjoern Voigt of TU Berlin.
2746 Avoid a potential information leak if AUTH PLAIN is used and the
2753 Allow local mailers (F=l) to specify a host for TCP connections
2757 Re-enable support for -M option which was broken in 8.12.1. Problem
2759 If a remote server violates the SMTP standard by unexpectedly
2764 Do not use a size estimate of 100 for postmaster bounces, it's
2772 Fix IPv6 network interface probing on HP-UX 11.X. Based on
2774 Mac OS X (aka Darwin) has a broken setreuid() call, but a
2776 Use proper type for a 32-bit integer on SINIX. From Ganu
2778 Set SM_IO_MIN_BUF (4K) and SM_IO_MAX_BUF (8K) for HP-UX.
2779 Reduce optimization from +O3 to +O2 on HP-UX 11. This
2780 fixes a problem that caused additional bogus
2786 information. From Mark Bixby of Hewlett-Packard.
2790 Hewlett-Packard.
2791 If an OS doesn't have a method of finding free disk space
2793 From Mark Bixby of Hewlett-Packard.
2798 Do not assume that strerror() always returns a string.
2803 CONFIG: Add OSTYPE(mpeix) and a generic .mc file for HP MPE/iX
2804 systems. From Mark Bixby of Hewlett-Packard.
2805 CONFIG: Add support for selecting a queue group for all mailers.
2812 Hewlett-Packard.
2813 LIBMILTER: Fix bug that prevented the removal of a socket after
2820 LIBMILTER: Fix a theoretical memory leak and a possible attempt
2822 LIBSM: Fix a potential segmentation violation in the I/O library.
2830 cf/cf/generic-mpeix.cf
2831 cf/cf/generic-mpeix.mc
2835 devtools/OS/MPE-iX
2846 privileges by disabling debugging (command line -d flag)
2847 during queue runs and disabling ETRN when sendmail -bs is
2854 If debugging is turned on (-d0.10) print not just the default
2863 canonical name for a host.
2865 line flags (i.e., -G, -h, -F, etc.) to mail submission
2866 operating modes (i.e., -bm, -bs, -bv, etc.). Idea based on
2887 Richard A. Nelson of Debian.
2890 LIBSMDB: Fix a lock race condition that affects makemap, praliases,
2893 not contain a value for a key. Based on patch from
2894 Mark Bixby from Hewlett-Packard.
2908 set-user-ID root anymore. You need to create a new user and
2909 a new group before installing sendmail (both called smmsp by
2925 Fixed problem of a global variable being used for a timeout jump
2928 a corrupted stack causing a core dump. The timeout is now
2931 If sendmail is set-group-ID then that group ID is used for permission
2932 checks (group ID of RunAsUser). This allows use of a
2933 set-group-ID sendmail binary for initial message submission
2934 and no set-user-ID root sendmail is needed. For details
2936 Log a warning if a non-trusted user changes the syslog label.
2939 with a fallback of sendmail.cf as configuration file. See
2942 files if the group is the same as that of a set-group-ID
2944 The .cf file is chosen based on the operation mode. For -bm (default),
2945 -bs, and -t it is submit.cf if it exists for all others it
2947 can be changed by the new option -Ac or -Am (alternative .cf
2959 a 14 character file name length limit are no longer
2974 If sendmail receives a temporary error on a RCPT TO: command, it will
2976 DefaultAuthInfo can contain a list of mechanisms to be used for
2977 outgoing (client-side) SMTP Authentication.
2978 New modifier 'A' for DaemonPortOptions/ClientPortOptions to disable
2979 AUTH (overrides 'a' modifier in DaemonPortOptions). Based
2982 A new ruleset authinfo can be used to return client side
2987 requires 334. Mercury 1.48 is a known offender.
2998 New ruleset tls_rcpt to decide whether to send e-mail to a particular
2999 recipient; useful to decide whether a connection is secure
3000 enough on a per recipient basis.
3006 using/offering STARTTLS when delivering/receiving e-mail.
3009 Generate an ephemeral RSA key for a STARTTLS connection only if
3010 really required. This change results in a noticeable
3015 If the new option FastSplit (defaults to one) has a value greater
3022 by a queue run.
3028 group (one or more queues in a multi-queue environment
3036 the pattern to be negated. For -qI, -qR and -qS it is
3037 permissible for -q!I, -q!R and -q!S to mean remove members
3039 New -qp[time] option is similar to -qtime, except that instead of
3040 periodically forking a child to process the queue, a single
3042 runs. A SIGHUP signal can be sent to restart this
3044 The SIGHUP signal now restarts a timed queue run process (i.e., a
3046 sendmail -q15m).
3049 sendmail will run the queue(s) in the background when invoked with -q
3050 unless the new -qf option or -v is used.
3056 a client to specify an amount of time within which an e-mail
3059 Non-printable characters (ASCII: 0-31, 127) in mailbox addresses are
3061 Add support for a generic DNS map. Based on a patch contributed
3070 for queues, if shared memory is available and if a key is set
3074 If shared memory is compiled in the option -bP can be used to print
3079 Remove '-U' (initial user submission) command line option as
3081 Remove support for non-standard SMTP command XUSR. Use an MSA instead.
3085 Two new options for host maps: -d (retransmission timeout),
3086 -r (number of retries).
3087 New option for LDAP maps: the -V<sep> allows you to specify a
3088 separator such that a lookup can return both an attribute
3109 DialDelay option applies only to mailers with flag 'Z'. Patch from
3114 all connections for a single delivery attempt to succeed.
3116 a threshold number of recipients has been rejected (option
3117 BadRcptThrottle). From Gregory A Lundberg of the WU-FTPD
3121 change the previous behavior. A value greater than 0
3125 Use a dynamic (instead of fixed-size) buffer for the list of
3126 recipients that are sent during a connection to a mailer.
3127 This also introduces a new mailer field 'r' which defines
3134 IPC is no longer available as first mailer argument (A=) for [IPC]
3138 University of Illinois at Urbana-Champaign.
3142 case of failures. Based on patch by Jun-ichiro itojun
3144 Add Disposition-Notification-To: (RFC 2298) to the list of headers
3145 whose content is rewritten similar to Reply-To:.
3162 Added libsm, a C library of general purpose abstractions including
3179 Add per-recipient status information to mailq -v output.
3181 When compiling with "gcc -O -Wall" specify "-DSM_OMIT_BOGUS_WARNINGS"
3183 sendmail -d now has general support for named debug categories.
3190 Do not issue a DSN if the ruleset localaddr resolves to the $#error
3193 Deal with a case of multiple deliveries on misconfigured systems
3195 from an address to which a DSN cannot be returned and
3196 in which at least one recipient address is non-deliverable,
3202 Log the command line in daemon/queue-run mode at LogLevel 10 and
3205 attempting to canonify a hostname, some broken nameservers
3206 will return SERVFAIL (a temporary failure) on T_AAAA (IPv6)
3210 Urbana-Champaign.
3217 sendmail to use a default alias schema as outlined in the
3220 Add a new syntax for the 'F' (file class) sendmail.cf command. If
3221 the first character after the class name is not a '/' or a
3223 rest of the line will be parsed as a map lookup. This
3224 allows classes to be filled via a map lookup. See op.me
3232 Unless DontBlameSendmail=RunProgramInUnsafeDirPath is set, log a
3233 warning if a program being run from a mailer or file class
3235 Unless DontBlameSendmail=RunWritableProgram is set, log a warning
3236 if a program being run from a mailer or file class
3241 pre-8.12 behavior of only probing non-loopback interfaces.
3253 when the -bv option is given by users who are neither root
3255 forwards, or :include: files. It also will override the -v
3263 the University of Illinois at Urbana-Champaign.
3284 MTA is running. For example, during a queue run.
3285 Add "use_inet6" as a new ResolverOptions flag to control the
3297 Setting a value to 0 disables the check. Patch from Bryan
3299 The header syntax H?${MyMacro}?X-My-Header: now not only checks if
3304 Be sure to include the proper Final-Recipient: DSN header in bounce
3311 file systems that require to call fsync() for a directory
3312 if the meta-data in it has been changed. This should be
3322 from Peter A. Friend of EarthLink.
3332 of man pages and user-executable to root/sys, set
3340 CONFIG: Add an install target and a README file in cf/cf.
3341 CONFIG: Don't accept addresses of the form a@b@, a@b@c, a@[b]c, etc.
3343 CONFIG: The access map uses an option of -T<TMPF> to deal with
3351 CONFIG: Entries for virtusertable can make use of a third parameter
3352 "%3" which contains "+detail" of a wildcard match, i.e., an
3354 using %1%3 as the RHS. Additionally, a "+" wildcard has been
3355 introduced to match only non-empty details of addresses.
3359 after MAILER(`smtp') if uucp-dom and uucp-uudom are used.
3363 CONFIG: If FEATURE(`delay_checks') is used, make sure that a lookup
3390 CONFIG: confAUTH_OPTIONS allows setting of Cyrus-SASL specific
3405 CONFIG: New FEATURE(`compat_check') to look up a key consisting
3412 CONFIG: Don't use MAILER-DAEMON for error messages delivered
3426 CONFIG: Add a fourth argument to FEATURE(`ldap_routing') which
3430 CONFIG: When chosing a new destination via LDAP Routing, also look
3477 CONFIG: New FEATURE(`queuegroup') to select a queue group based
3478 on the full e-mail address or the domain of the recipient.
3485 relay-domains and local-host-names files.
3486 CONFIG: OSTYPE(aux) has been renamed to OSTYPE(a-ux).
3489 exceptions from a file. Suggested by Trey Breckenridge of
3492 (LOCAL_USER() -- $={L}) entries from a file.
3493 CONTRIB: dnsblaccess.m4 is a further enhanced version of enhdnsbl.m4
3504 local mail recipients. New option -D mbdb specifies the
3506 MAIL.LOCAL: New option "-h filename" which instructs mail.local to
3509 patch from Doug Hardie of the Los Angeles Free-Net.
3510 MAILSTATS: New command line option -P which acts the same as -p but
3512 MAKEMAP: Add new option -t to specify a different delimiter
3514 RMAIL: Invoke sendmail with '-G' to indicate this is a gateway
3518 VACATION: Change Auto-Submitted: header value from auto-generated to
3519 auto-replied. From Kenneth Murchison of Oceana Matrix Ltd.
3520 VACATION: New option -d to send error/debug messages to stdout
3522 VACATION: New option -U which prevents the attempt to lookup login
3523 in the password file. The -f and -m options must be used
3528 from the sendmail.cf file. New option -C cffile which
3547 devtools/M4/UNIX/sm-test.m4
3576 cf/cf/generic-solaris2.mc => cf/cf/generic-solaris.mc
3577 cf/cf/generic-solaris2.cf => cf/cf/generic-solaris.cf
3578 cf/ostype/aux.m4 => cf/ostype/a-ux.m4
3581 SECURITY: Fix a remote buffer overflow in header parsing by
3584 of ISS X-Force.
3585 SECURITY: Fix a buffer overflow in address parsing due to
3586 a char to int conversion problem which is potentially
3594 -DALLOW_255 or use the command line option -d82.101.
3596 performing 7->8 or 8->7 bit MIME conversions, the default
3598 Note: this does have a performance impact, and it only
3600 To disable the checks and return to pre-8.11.7 defaults,
3605 to erroneously allow a connection. Problem noted
3608 canonical name for a host.
3609 Fix a memory leak when closing Hesiod maps.
3610 Set ${msg_size} macro when reading a message from the command line
3612 Prevent a segmentation fault when clearing the event list by
3616 Fix a potential core dump problem if the environment variable
3617 NAME is set. Problem noted by Beth A. Chaney of
3619 Prevent a race condition on child cleanup for delivery to files.
3623 parameter is set and the LDAP lookup returns a temporary
3625 CONFIG: Fix a syntax error in the try_tls ruleset if
3627 LIBSMDB: Fix a lock race condition that affects makemap, praliases,
3629 LIBSMDB: Avoid a file creation race condition for Berkeley DB 1.X
3632 not contain a value for a key. Based on patch from
3633 Mark Bixby from Hewlett-Packard.
3634 MAIL.LOCAL: Fix a truncation race condition if the close() on
3638 used for a command. Problem noted by David Endler of
3642 SECURITY: Fix a possible memory access violation when specifying
3643 out-of-bounds debug parameters. Problem detected by
3646 happen if a connection is aborted, several mails had been
3649 noted by Dileepan Moorkanat of Hewlett-Packard.
3650 Fix a possible segmentation violation when specifying too many
3651 wildcard operators in a rule. Problem detected by
3653 Avoid a segmentation fault on non-matching Hesiod lookups. Problem
3657 Fix a possible race condition when sending a HUP signal to restart
3659 starting a new daemon. Problem reported by Wolfgang Breyha
3661 Only apply MaxHeadersLength when receiving a message via SMTP or
3663 When finding the system's local hostname on an IPv6-enabled system
3668 Wrappers, the ETRN command was not giving a response.
3669 Incoming IPv4 connections on a Family=inet6 daemon (using
3670 IPv4-mapped addresses) were incorrectly labeled as "may be
3676 out of band signals) before invoking a delivery agent.
3683 their sub-suboptions in the .cf file, e.g., -O
3685 to 2 days. Problem noted by Roger B.A. Klorese.
3687 BSD/OS has a broken setreuid() implementation. Problem
3702 instantaneous due to this change. Also, non-root users can
3703 no longer send out-of-band signals. Problem reported by
3708 If a server offers "AUTH=" and "AUTH " and the list of mechanisms is
3711 Fix an IP address lookup problem on Solaris 2.0 - 2.3. Patch
3715 If a process is interrupted while closing a map, don't try to close
3720 If Timeout.QueueReturn was set to a value less the time it took
3721 to write a new queue file (e.g., 0 seconds), the bounce
3727 When closing an LDAP map due to a temporary error, close all of the
3738 Avoid a segmentation fault trying to dereference a NULL pointer
3739 when logging a MaxHopCount exceeded error with an empty
3747 OpenBSD has a broken setreuid() implementation.
3763 Prevent a segmentation fault when a bogus value was used in the
3764 LDAPDefaultSpec option's -r, -s, or -M flags and if a bogus
3768 could be too long if the last copied character was a quote.
3772 Jun-ichiro itojun Hagino of the KAME Project.
3779 Properly deal with open failures on non-optional maps used in
3780 check_* rulesets by returning a temporary failure.
3786 to the wrong hostname (of a previous connection), which may
3789 Ignore F=z (LMTP) mailer flag if $u is given in the mailer A=
3797 Prevent a CPU loop in trying to expand a macro which doesn't exist
3798 in a queue run. Problem noted by Gordon Lack of Glaxo
3800 If delivering via a program and that program exits with EX_TEMPFAIL,
3809 Fix a compilation problem for mail.local and rmail if SFIO
3813 Jun-ichiro itojun Hagino of the KAME Project.
3815 higher has BSDI-style login classes. Patch from
3818 sendmail is being compiled with -kthread. Problem
3829 MAIL.LOCAL: If LMTP mode is set, give a temporary error if users
3838 Prevent a segmentation fault when trying to set a class in
3839 address test mode due to a negative array index. Audit
3846 APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TESTMODE_DROP_PRIVS')
3849 Fix potential problem with Cyrus-SASL security layer which may have
3850 caused I/O errors, especially for mechanism DIGEST-MD5.
3853 sort sub-optimal. Problem noted by Jeff Earickson of
3857 Initialize Cyrus-SASL library before the SMTP daemon is started.
3859 a restart of the daemon, e.g., Sendmail.conf, new SASL
3861 Properly set the STARTTLS related macros during a queue run for
3862 a cached connection. Bug reported by Michael Kellen of
3869 Fix delivery to set-user-ID files that are expanded from aliases in
3872 Fix LDAP map -m (match only) flag. Problem noted by Jeff Giuliano
3874 Avoid using a negative argument for sleep() calls when delaying answers
3882 Jun-ichiro itojun Hagino of the KAME Project.
3889 When delivering to a file directly from an alias, do not call
3897 socket. A future version may change this to per socket
3908 Jun-ichiro itojun Hagino of the KAME Project.
3909 Avoid a typedef compile conflict with Berkeley DB 3.X and
3916 CONFIG: Reject addresses of the form a!b if FEATURE(`nouucp', `r')
3920 FEATURE(`dnsbl') to blackholes.mail-abuse.org.
3934 CONTRIB: domainmap.m4: Handle domains with '-' in them. From Mark
3935 Roth of the University of Illinois at Urbana-Champaign.
3940 RMAIL: Undo the 8.11.1 change to use -G when calling sendmail. It
3942 installations where sendmail is actually a wrapper to
3943 another MTA. The change will re-appear in a future
3946 and SunOS 5.8. Requested by Jeff A. Earickson of Colby
3949 VACATION: Don't reply to addresses of the form owner-*
3950 or *-owner.
3957 Fix SMTP EXPN command output if the address expands to a single
3966 Do not try to cache LDAP connections across processes as a parent
3972 read the LDAP secret from a file.
3973 Prevent SIGTERM from removing a command line submitted item after
3982 non-existent instead of treating it as /. Problem noted by
3984 Don't drop duplicate headers when reading a queued item. Problem
3995 If a non-optional map used in a check_* ruleset can't be opened,
3996 return a temporary failure to the remote SMTP client
3999 Avoid a race condition when queuing up split envelopes by saving
4001 Fix a bug in the PH_MAP code which caused mail to bounce instead of
4003 Roth of the University of Illinois at Urbana-Champaign.
4004 Prevent QueueSortOrder=Filename from interfering with -qR, -qS, and
4009 Prevent overwriting the argument of -B on certain OS. Problem
4010 noted by Matteo Gelosa of I.NET S.p.A.
4019 On HP-UX 10.X and 11.X, use /usr/sbin/sendmail instead of
4021 Jeff A. Earickson of Colby College.
4022 On HP-UX 11.X, use /usr/sbin instead of /usr/libexec (which
4023 does not exist). From Jeff A. Earickson of Colby
4025 Avoid using the UCB subsystem on NCR MP-RAS 3.x. From
4045 matches pre-8.10 nullclient behavior. From Per Hedeland of
4052 MAKEMAP: Do not change a map's owner to the TrustedUser if using
4056 RMAIL: Invoke sendmail with '-G' to indicate this is a gateway
4060 VACATION: Do not cut off vacation.msg files which have a single
4066 SECURITY: If sendmail is installed as a non-root set-user-ID binary
4068 keep a saved-uid of the effective-uid when sendmail tries
4071 saved-uid as well, exit with an error. Problem noted by
4077 -DSNPRINTF_IS_BROKEN=1. Use test/t_snprintf.c to test your
4079 sendmail-bugs@sendmail.org and your OS vendor. Problem
4102 LDAP's -1 (single match only) flag was not honored if the -z
4110 documented, unless a family is specified in a
4116 by Jun-ichiro itojun Hagino of the KAME Project.
4119 Not doing so was creating a mismatch between the socket
4137 to protect from a bug in Solaris 2.6's putc(). Problem
4139 The LDAP map -n option (return attribute names only) wasn't working.
4145 Prevent a segmentation fault in a child SMTP process from getting
4149 is defined to avoid a core dump due to incompatibilities
4154 Convert the free disk space shown in a control socket status query
4156 If TryNullMXList is True and there is a temporary DNS failure
4157 looking up the hostname, requeue the message for a later
4158 attempt. Problem noted by Ari Heikkinen of Pohjois-Savo
4164 Avoid getting into an endless loop if a non-hoststat directory exists
4167 Make sure Timeout.queuereturn=now returns a bounce message to the
4169 If a message data file can't be opened at delivery time, panic and
4170 abort the attempt instead of delivering a message that
4182 If a cached LDAP connection is used for multiple maps, make sure
4184 it so a later map close doesn't break the connection for
4198 NCRUNIX MP-RAS 3.02 SO_REUSEADDR socket option does not
4202 NetBSD uses a .0 extension of formatted man pages. From
4209 CONFIG: Catch invalid addresses containing a ',' at the wrong place.
4225 called due to a STARTTLS command.
4229 the access map and relaying to a domain without using a To:
4248 CONFIG: Use A=TCP ... instead of A=IPC ... in SMTP mailers.
4251 CONTRIB: passwd-to-alias.pl: More protection from special characters;
4255 CONTRIB: qtool.pl: Add missing last_modified_time method and fix a
4257 CONTRIB: re-mqueue.pl: Improve handling of a race between re-mqueue
4259 CONTRIB: re-mqueue.pl: Don't exit(0) at end so can be called as
4262 calling re-mqueue.pl) and movemail.conf (configuration
4264 CONTRIB: Add cidrexpand (expands CIDR blocks as a preprocessor to
4277 MAIL.LOCAL: Prevent a possible DoS attack when compiled with
4278 -DCONTENTLENGTH. Based on patch from 3APA3A@SECURITY.NNOV.RU.
4279 MAILSTATS: Fix usage statement (-p and -o are optional).
4281 and -man on Solaris 7. Patch from Larry Williamson.
4284 RMAIL: Prevent a segmentation fault if the incoming message does not
4285 have a From line.
4299 On Linux, a normal user process has the ability to subvert
4300 the setuid() call such that it is impossible for a root
4309 SECURITY: Limit the choice of outgoing (client-side) SMTP
4321 Prevent a malformed ruleset (missing right hand side) from causing
4322 a segmentation fault when using address test mode. Based on
4335 Ensure that a header check which resolves to $#discard actually
4343 SECURITY: Specify a run-time shared library search path for
4350 DGUX requires -lsocket -lnsl and has a non-standard install
4352 HPUX 11.0 has a broken res_search() function.
4354 from J. P. McCann of E I A.
4358 Modern (post-199912) OpenBSD versions include working
4371 CONTRIB: Remove converting.sun.configs -- it is obsolete.
4378 overloaded -L option. Problem noted by Valdis Kletnieks of
4381 confNROFF. Problem noted by Glenn A. Malling of Syracuse
4390 LIBSMDB: Allow a database to be opened for updating and created if
4402 particular keys in a database by specifying the keys on the
4407 VACATION: Fix -t option which is ignored but available for
4423 * the tragic loss of a key member of our engineering team. *
4427 * support that has made this release a success. Julie died *
4428 * on October 26, 1999 of cancer. We have lost a leader, a *
4429 * coach, and a friend. *
4442 SECURITY: There is a potential for a denial of service attack if
4443 the AutoRebuildAliases option is set as a user can kill the
4446 its use is deprecated and will be removed from a future
4453 a large number of files. See cf/README for more details.
4463 distributions), use memory-buffered files to reduce
4466 New option DataFileBufferSize to control the maximum size of a
4467 memory-buffered data (df) file before a disk-based file is
4469 New option XscriptFileBufferSize to control the maximum size of a
4470 memory-buffered transcript (xf) file before a disk-based
4475 to run a Message Submission Agent (MSA); this is turned
4476 on by default in m4-generated .cf files; it can be turned
4480 message submission. XUSR may disappear from a future release.
4481 The new '-G' (relay (gateway) submission) command line option
4487 The '-U' (initial user submission) command line option is
4488 deprecated and may be removed from a future release.
4489 Mail user agents should begin using '-G' to indicate that
4490 this is a relay submission (the inverse of -U).
4494 If sendmail doesn't have enough privileges to run a .forward
4505 Prevent logging of unsafe directory paths for non-existent forward
4509 a control socket request.
4518 seconds) for the first attempt to deliver a message.
4524 Sets the number of times to retransmit a resolver
4528 Sets the number of times to retransmit a resolver
4529 query for the first attempt to deliver a message.
4531 Sets the number of times to retransmit a resolver
4536 a QueueDirectory option value ending with an asterisk. For
4541 while sendmail is running. Queue runs create a separate
4543 given on a non-daemon queue run. New items are randomly
4544 assigned to a queue. Contributed by Exactis.com, Inc.
4552 New queue file naming system which uses a filename guaranteed to be
4560 New command line option '-L tag' which sets the identifier used for
4568 Allow trusted users (those on a T line or in $=t) to set the
4569 QueueDirectory (Q) option without an X-Authentication-Warning:
4574 In low-disk space situations, where sendmail would previously refuse
4578 The [IPC] builtin mailer now allows delivery to a UNIX domain socket
4580 local delivery agents which listen on a named socket. An
4583 S=10, R=20/40, T=DNS/RFC822/X-Unix,
4584 A=FILE /var/run/lmtpd
4588 The first mailer argument in the [IPC] mailer is now checked for a
4590 connections), IPC (which will be deprecated in a future
4604 Mitchell Blank Jr of Exec-PC.
4611 Avoid a segmentation fault when using the LDAP map. Patch from
4616 New ruleset trust_auth to determine whether a given AUTH=
4643 a local address. From Motonori Nakamura of Kyoto University.
4649 Return-Receipt-To: header implies DSN request if option RrtImpliesDsn
4651 Flag -S for maps to specify the character which is substituted
4653 Flag -D for maps: perform no lookup in deferred delivery mode.
4654 This flag is set by default for the host map. Based on a
4658 New option MaxHeadersLength allows to specify a maximum length
4660 a denial-of-service attack.
4669 Entries in the alias file can be continued by putting a backslash
4671 New option DeadLetterDrop to define the location of the system-wide
4674 default), sendmail will not attempt to save to a
4675 system-wide dead.letter file if it can not bounce the mail
4681 New option ProcessTitlePrefix specifies a prefix string for the
4697 If a message being accepted via a method other than SMTP and
4698 would be rejected by a header check, do not send the message.
4703 Jan Krueger of Unix-AG of University of Hannover.
4705 H*: allows to specify a default ruleset for header checks. This
4708 Krueger of Unix-AG of University of Hannover.
4714 Avoid removing the Content-Transfer-Encoding MIME header on
4718 Avoid duplicate Content-Transfer-Encoding MIME header on
4719 messages with 8-bit text in headers. Problem noted by
4722 Avoid keeping maps locked longer than necessary when re-opening a
4725 Resolving to the $#error mailer with a temporary failure code (e.g.,
4730 something other than 250 is received. Based on a patch
4732 New option TrustedUser allows to specify a user who can own
4736 Fix another instance (similar to one in 8.9.3) of a network failure
4737 being mis-logged as "Illegal Seek" instead of whatever
4739 $? tests also whether the macro is non-null.
4740 Print an error message if a mailer definition contains an invalid
4742 New mailer equate /= to specify a directory to chroot() into before
4746 Only free memory from the process list when adding a new process
4747 into a previously filled slot. Previously, the memory was
4748 freed at removal time. Since removal can happen in a
4750 inconsistent state. Problem noted by Jeff A. Earickson and
4752 When using the UserDB @hostname catch-all, do not try to lookup
4757 Support LDAP authorization via either a file containing the
4759 '-ddistinguished_name', '-Mmethod', and '-Pfilename'. The
4767 deprecated and will be removed in a future version.
4768 If the result of an LDAP search returns a multi-valued attribute
4770 response into a delimiter separated string. The LDAP map
4774 idea from Philip A. Prindeville of Mirapoint, Inc.
4775 Support return of multiple values for a single LDAP lookup. The
4776 values to be returned should be in a comma separated string.
4777 For example, `-v "email,emailother"'. Patch from
4783 breaking up a single entry into multiple entries. This is
4790 a single connection to that host.
4799 replaced with the literal contents of the map lookup key --
4800 note that this means a lookup can be done using the LDAP
4803 For example, if the LDAP map specification contains '-k
4804 "(user=%s)"' and a lookup is done on "*", this would be
4805 equivalent to '-k "(user=*)"' -- matching ANY record with a
4807 contains '-k "(user=%0)"' and a lookup is done on "*", this
4808 would be equivalent to '-k "(user=\2A)"' -- matching a user
4810 New LDAP map flags: "-1" requires a single match to be returned, if
4812 being found; "-r never|always|search|find" sets the LDAP
4813 alias dereference option; "-Z size" limits the number of
4815 New option LDAPDefaultSpec allows a default map specification for
4817 settings such as "-h host -p port -d bindDN", etc. The
4828 On network-related temporary failures, record the hostname which
4831 Add new F=% mailer flag to allow for a store and forward
4833 delivery on initial receipt of a message or on queue runs
4835 -qI/-qR/-qS queue run modifiers or an ETRN request. Code
4837 New option ControlSocketName which, when set, creates a daemon
4840 via a named socket, similar to the ctlinnd interface to the
4862 connection-based denial of service attacks.
4867 Log the DSN code for each recipient if one is available as a new
4872 of the University of Illinois at Urbana-Champaign.
4873 Detect temporary lookup failures in the host map if looking up a
4876 Do not report a Remote-MTA on local deliveries. Problem noted by
4878 When a forward file points to an alias which runs a program, run
4884 Prevent attempts to save a dead.letter file for a user with
4887 Include message delay and number of tries when logging that a
4890 Log the sender of a message even if none of the recipients were
4893 Check the root directory (/) when checking a path for safety.
4903 skipped and a version line (#vers) is introduced. The
4905 version is found, a warning is logged. The '#vers'
4907 Use fsync() when delivering to a file to guarantee the delivery to
4909 If delivery to a file is unsuccessful, truncate the file back to its
4911 If a forward points to a filename for delivery, change to the
4916 purgestat and sendmail -bH purge only expired (Timeout.hoststatus)
4925 Based on an idea from Jan Krueger of Unix-AG of University
4928 operation (+, -, *, /, l (for less than), and =) is given
4934 include the header based on a macro rather than a mailer
4936 H?${MyMacro}?X-My-Header: ${MyMacro}
4938 It can be used for adding headers to a message based on
4949 option is deprecated and will be removed from a future
4954 if referencing a named ruleset.
4960 then they will have a much better opportunity to use the
4961 connection cache if available. This should be a reasonable
4964 If a message is rejected by a header check ruleset, log who would
4969 up to 4 minutes delay (compare MAX{BAD,NOOP,HELO,VRFY,ETRN}-
4973 New suboptions for DaemonPortOptions: Name (a name used for
4975 a require authentication
4990 If a mailer dies, print the status in decimal instead of octal
4997 Requires a post-2.7.5 version of Berkeley DB.
4998 Support writing traffic log (sendmail -X option) to a FIFO.
5000 Do not ignore Timeout settings in the .cf file when a Timeout
5001 sub-options is set on the command line. Problem noted by
5004 attempted via a new connection to a host instead of once per
5010 If a message is bounced due to bad MIME conformance, avoid bouncing
5011 the bounce for the same reason. If the body is not 8-bit
5015 The timeout for sending a message via SMTP has been changed from
5016 '${msgsize} / 16 + (${nrcpts} * 300)' to a timeout which
5021 Prevent a segmentation fault on systems which give a partial filled
5025 Add a compile-time configuration macro, MAXINTERFACES, which
5032 Allow ruleset 0 to have a name. Problem noted by Neil Rickert of
5034 Expand the Return-Path: header at delivery time, after "owner-"
5038 Add a "/quit" command to address test mode.
5039 Include the proper sender in the UNIX "From " line and Return-Path:
5043 The contents of a class can now be copied to another class using
5047 split (owner-) envelopes to see the original errors when
5052 Prevent a segmentation fault when bouncing a split-envelope
5054 If the specification for the queue run interval (-q###) has a
5059 login name to the RunAsUserName when starting as a daemon.
5066 Prevent a core dump when using 'sendmail -bv' on an address which
5067 resolves to the $#error mailer with a temporary failure.
5070 Prevent multiple deliveries of a message with a "non-local alias"
5071 pointing to a local user, if canonicalization fails
5076 Avoid incorrect Final-Recipient, Action, and X-Actual-Recipient
5077 success DSN fields as well as duplicate entries for a
5084 Do not append @MyHostName to non-RFC822 addresses output by the EXPN
5085 command or on Final-Recipient: and X-Actual-Recipient: DSN
5086 headers. Non-RFC822 addresses include deliveries to
5088 Fix logic for determining if a local user is using -f or -bs to
5093 owned by a uid that doesn't map to a username and the
5094 :include: file contains delivery to a file or program.
5096 Avoid the attempt of trying to send a second SMTP QUIT command if
5097 the remote server responds to the first QUIT with a 4xx
5101 If a hostname lookup times out and ServiceSwitchFile is set but the
5103 a permanent failure instead of a temporary failure. Fix
5112 'sendmail -bs'.
5116 Avoid bogus 'errbody: I/O Error -7' log messages when sending
5117 success DSN messages for messages relayed to non-DSN aware
5122 Add H_FORCE flag for the X-Authentication-Warning: header, so it
5126 This prevents a remote system from flooding the connection
5130 Properly process user-supplied headers beginning with '?'. Problem
5135 RFC 1891 requires "hexchar" in a "xtext" to be upper case. Patch
5138 prevent the now common delays associated with mailing to a
5141 is available in the in-memory cache. Problem noted by Per
5144 representation and a leading backslash. This avoids problems
5153 If a resolver ANY query is larger than the UDP packet size, the
5156 fails whereas an MX or A record might succeed. Therefore,
5162 Allow '_' and '.' in map names when parsing a sequence map
5168 Use a more descriptive entry to log "null" connections, i.e.,
5170 Fix a file descriptor leak in ONEX mode.
5209 NCR MP-RAS 3.x includes regular expression support. From
5211 NEC EWS-UX/V series settings for _PATH_VENDOR_CF and
5215 NEWS-OS 6.X listed SYSLOG_BUFSIZE as 256 in confENVDEF and
5226 of E I A.
5240 Use the 60-second load average instead of the 5 second load
5249 HI-UX/WE2 4.02, 6.10 and 7.10 from Motonori
5253 not lookup a service by name over NIS, such as
5254 HI-UX. Patch from Motonori NAKAMURA of Kyoto
5262 Set confSTDIO_TYPE to torek for BSD-OS, FreeBSD, NetBSD,
5264 A recent Compaq Ultrix 4.5 Y2K patch has broken detection
5269 affects a large number of files. See cf/README for more
5275 deprecated and may be removed from a future release.
5277 CONFIG: OpenBSD 2.4 installs mail.local non-set-user-ID root. This
5278 requires a new OSTYPE(`openbsd'). From Todd C. Miller of
5281 CONFIG: A syntax error in check_mail would cause fake top-level
5293 routing. See cf/README for a complete description of the
5322 CONFIG: Add a fifth mailer definition to MAILER(`smtp') called
5323 "dsmtp". This mail provides on-demand delivery using the
5331 the DSN Diagnostic-Code type for the local mailer. The
5333 CONFIG: FEATURE(`local_lmtp') now sets the DSN Diagnostic-Code type
5336 there there is a problem with a map, sendmail will
5345 CONFIG: A list of exceptions for FEATURE(`nocanonify') can be
5347 i.e., a list of domains which are passed to $[ ... $]
5352 a hostname, e.g., <user@host>, will be canonified.
5353 CONFIG: If FEATURE(`nocanonify') is turned on, a trailing dot is
5362 treated as canonical in SCanonify2, i.e., a trailing dot
5383 CONFIG: Add MAILER(`qpage') to define a new pager mailer. Contributed
5384 by Philip A. Prindeville of Enteka Enterprise Technology
5392 CONFIG: LOCAL_MAILER_FLAGS now includes 'P' (Add Return-Path:
5400 who authenticated via a "trusted" mechanism, i.e., one that
5410 CONFIG: Route addresses are stripped, i.e., <@a,@b,@c:user@d> is
5414 CONFIG: FEATURE(`nullclient') now provides the full rulesets of a
5415 normal configuration, allowing anti-spam checks to be
5417 CONFIG: Don't return a permanent error (Relaying denied) if
5427 to rewrite an address from a mailer which has the F=5 flag
5428 set. If the ruleset returns a mailer, the appropriate
5431 and cf/ostype/solaris2.m4 is now a copy of solaris2.ml.m4.
5446 Patch from Richard A. Nelson of IBM.
5449 CONFIG: Remove `l' flag from USENET_MAILER_FLAGS as it is not a
5451 CONTRIB: Added bounce-resender.pl from Brian R. Gaeke of the
5454 Illinois at Urbana-Champaign.
5457 CONTRIB: Patches for re-mqueue.pl by Graeme Hewson of Oracle
5463 DEVTOOLS: 'Build -M' will display the obj.* directory which will
5465 DEVTOOLS: 'Build -A' will display the architecture that would be
5466 used for a fresh build.
5470 DEVTOOLS: 'Build -O <path>' will have the object files build in
5498 DEVTOOLS: Don't allow 'Build -f file' if an object directory already
5501 the path to the sendmail source directory. confSRCDIR is a
5508 DEVTOOLS: 'Build -Q prefix' uses devtools/Site/prefix.*.m4 for
5510 Complains as 'Build -f file' does for existing object
5524 DEVTOOLS: Remove spaces in `uname -r` output when determining
5532 install-strip target.
5537 MAIL.LOCAL: Will not be installed set-user-ID root. To use mail.local
5544 MAIL.LOCAL: New -7 option which causes LMTP mode not to advertise
5549 -lmail. Patch from Neil Rickert of Northern Illinois
5551 MAIL.LOCAL: Create a Content-Length: header if CONTENTLENGTH is
5557 the getservbyname() is done before any seteuid to a possibly
5559 on a Solaris system, this avoids syslog messages such as,
5564 set to the gid to use (-DMAILGID=6) when compiling.
5566 MAIL.LOCAL: When a mail message included lines longer than 2046
5568 line up into 2046-character output lines (excluding the
5570 (excluding CRLF) and the last character was a '.',
5577 MAIL.LOCAL: New option -b to return a permanent error instead of a
5578 temporary error if a mailbox exceeds quota. Suggested by
5580 MAIL.LOCAL: The creation of a lockfile is subject to a global
5583 local-parts. Problem noted by Ronald F. Guilmette of
5586 MAILSTATS: New -p option to invoke program mode in which stats are
5587 printed in a machine readable fashion and the stats file
5593 MAKEMAP: New -C option to accept an alternate sendmail
5596 MAKEMAP: New -u option to dump (unmap) a database. Based on
5598 MAKEMAP: New -e option to allow empty values. Suggested by Philip
5599 A. Prindeville of Enteka Enterprise Technology Services.
5600 MAKEMAP: Compile cleanly on 64-bit operating systems. Problem
5614 alias file(s) if the -f option is not used. Patch from
5616 PRALIASES: New -C option to specify an alternate sendmail
5624 VACATION: Added vacation auto-responder to sendmail distribution.
5632 All the manual pages are now written against -man and not
5633 -mandoc as they were previously.
5634 Add a simple Makefile to every directory so make instead
5656 cf/cf/generic-linux.cf
5657 cf/cf/generic-linux.mc
5668 contrib/bounce-resender.pl
5714 SECURITY: Limit message headers to a maximum of 32K bytes (total
5715 of all headers in a single message) to prevent a denial of
5731 Allow -T to work for bestmx maps. Fix from Aaron Schrab of
5733 During the transfer of a message in an SMTP transaction, if a
5736 "Illegal Seek" instead of a timeout. Problem noted by
5739 Prevent multiple deliveries on a self-referencing alias if the
5743 Do not strip empty headers but if there is no value and a
5748 in SMTP (-bs) mode, since this might be called from inetd.
5756 softlink /usr/lib/libbind.a which should
5758 built into libc.a. "bind" has been removed
5770 Linux doesn't have a standard way to get the timezone
5773 a timezone. Problem reported by Igor S. Livshits
5774 of the University of Illinois at Urbana-Champaign
5776 Reliant UNIX, the new name for SINIX, from Gert-Jan Looy
5782 CONFIG: Handle <@bestmx-host:user@otherhost> addressing properly
5785 CONFIG: Properly handle source routed and %-hack addresses on
5804 for a denial of service attack.
5812 Missing columns in a text map could cause a segmentation fault.
5815 noetrn flag. This is scheduled to change in a future
5819 When trying to do host canonification in a Wildcard MX
5829 a segmentation fault. Patch from Wayne Knowles of the
5832 verification (-bv). Problem noted by Kari Hurtta of the
5835 daemon is rejecting connections due to a disk full
5843 its memory pool. Closing a map opened by another process
5845 parent process leaving things in a bad state. For
5859 failures unless the -t flag is used in the map definition.
5868 be careful not to miss a multi-part boundary if that
5869 boundary is preceded by a boundary-like line. Problem
5881 Claus Assmann of Christian-Albrechts-University of Kiel.
5890 Avoid a clash with IRIX 6.2 getopt.h and the UserDatabase
5897 AIX 4.x use -qstrict with -O3 to prevent the optimized
5904 IRIX 5.x has a syslog buffer size of 512 bytes. From
5906 IRIX 6.5 64-bit Build support.
5913 NCR MP-RAS 3.x needs -lresolv for confLIBS. From
5916 of E I A.
5917 System V Rel 5.x (a.k.a UnixWare7 w/o BSD-Compatibility Libs)
5927 Claus Assmann of Christian-Albrechts-University of Kiel.
5933 when stripping down a recipient address to check for
5935 Christian-Albrechts-University of Kiel and Neil W Rickert
5938 from Claus Assmann of Christian-Albrechts-University of
5943 from Claus Assmann of Christian-Albrechts-University of
5945 CONFIG: If a recipient using % addressing is used, e.g.
5950 Claus Assmann of Christian-Albrechts-University of Kiel.
5957 MAIL.LOCAL: Substitute MAILER-DAEMON for the LMTP empty sender in
5960 Problem noted by Glenn A. Malling of Syracuse University.
5964 the -s flag. Problem noted by Curt Sampson of Internet
5978 If both an OS specific site configuration file and a generic
6011 compilation. Installation may be done from a read-only
6026 non-local deliveries, if the message is larger than the
6035 BSD-OS uses .0 for man page extensions. From Jeff Polk
6038 ship a unistd.h. Fixes from Takanobu Ishimura of
6041 J. P. McCann of E I A.
6048 CONFIG: Do not try to resolve non-DNS hostnames such as UUCP,
6056 RMAIL: Do not install rmail by default, require 'make force-install'
6074 SECURITY: Make sure ServiceSwitchFile option file is not a link if
6075 it is in a world writable directory.
6076 SECURITY: Never pass a tty to a mailer -- if a mailer can get at the
6078 Unfortunately this breaks -v mode. Problem noted by
6083 privileges. Problem reported by Wolfgang Ley of DFN-CERT.
6086 that has a non-zero uid. If none of these exist, sendmail
6088 This is a security problem for Linux which has chosen that
6092 SECURITY: Since 8.8.7, the check for non-set-user-ID binaries
6098 Remove support for OLD_NEWDB (pre-1.5 version of Berkeley DB). Users
6102 From Jan Krueger of Unix-AG of University of Hannover.
6112 last argument was either "-q" or "-d". Problem noted by
6115 mail.local on the F=z flag.
6116 Macro-expand the contents of the ErrMsgFile. Previously this was
6125 DSN success bounces generated from an invocation of sendmail -t
6126 would be sent to both the sender and MAILER-DAEMON.
6128 Christian-Albrechts-University of Kiel.
6129 Avoid "Error 0" messages on delivery mailers which exit with a
6136 recipients that will be accepted in a single SMTP
6141 for spamming). Note: a better approach is to restrict
6143 Fixed pointer initialization for LDAP lmap struct, fixed -s option
6147 Allow multiple -qI, -qR, or -qS queue run limiters. For example,
6148 '-qRfoo -qRbar' would deliver mail to recipients with foo or
6151 The bestmx map will now return a list of the MX servers for a host if
6152 passed a column delimiter via the -z map flag. This can be
6154 of a message. This can be used to help prevent relaying.
6155 Patch from Mitchell Blank Jr of Exec-PC.
6164 when the -v flag is given (i.e., sendmail -bt -v) to make
6167 The LDAP map -s flag was not properly parsed and the error message
6218 a forward (A) DNS lookup on the result of the PTR lookup
6222 New map flag: -Tx appends "x" to lookups that return temporary failure
6223 (i.e, it is like -ax for the temporary failure case, in
6225 New syntax to do limited checking of header syntax. A config line
6229 when read. This ruleset works like the check_* rulesets --
6239 A= equate of the mailer definition instead of $u. It also
6242 a mailer which delivers to the same file regardless of the
6243 recipient (e.g., 'A=FILE /dev/null' to discard unwanted mail).
6244 Do not assume the identity of a remote connection is root@localhost
6251 No longer is the src/obj*/Makefile selected from a large list -- it
6252 is now generated using the information in BuildTools/OS/ --
6255 The other programs in the sendmail distribution -- mail.local,
6256 mailstats, makemap, praliases, rmail, and smrsh -- now use
6259 Make 4xx reply codes to the SMTP MAIL command be non-sticky (i.e.,
6260 a failure on one message won't affect future messages to the
6262 a 451 error if the domain of the sender does not resolve
6263 as is common in anti-spam configurations. Problem noted
6264 by Mitchell Blank Jr of Exec-PC.
6272 All but the last cloned envelope of a split envelope were queued
6276 Syslog an error if a user forward file could not be read due to
6278 Use the first name returned on machine lookups when canonifying a
6281 macros when delivering a bounce message to prevent
6282 rejection by a check_compat ruleset which uses these macros.
6291 Sendmail would get a segmentation fault if a mailer exited with an
6301 which have owner- aliases. Problem noted by Kari Hurtta
6303 Properly display delayed-expansion macros ($&{macroname}) in
6304 address test mode (-bt). Problem noted by Bryan Costales
6306 -qR could sometimes match names incorrectly. Problem noted by
6308 Include a magic number and version in the StatusFile for the
6322 Mitchell Blank Jr. of Exec-PC.
6323 If the system lock table is full, only attempt to create a new
6332 Properly quote a full name passed via the -F command line option,
6333 the Full-Name: header, or the NAME environment variable if
6336 Avoid possible race condition that unlocked a mail job before
6338 In some cases, this might result in a "Transcript Unavailable"
6340 Accept SMTP replies which contain only a reply code and no
6355 HP-UX 11.x from Richard Allen of Opin Kerfi HF and
6390 include $z/.forward.$w+$h and $z/.forward+$h which allow
6411 used for class 'R'. Defaults to /etc/mail/relay-domains.
6417 CONFIG: new FEATURE(loose_relay_check). Normally, if a recipient
6424 domain portion of the mail sender is a local host. This
6426 a window for spammers. Patch from Randall S. Winchester of
6437 MAIL FROM: senders which do not include a domain.
6446 rules using LOCAL_RULESETS. If a Local_check_* ruleset
6448 returns a mailer, the appropriate action is taken, else
6455 CONFIG: FEATURE(nodns) now warns the user that the feature is a
6456 no-op. Patch from Kari Hurtta of the Finnish
6469 MAIL.LOCAL: support -l flag to run LMTP on stdin/stdout. This
6470 SMTP-like protocol allows detailed reporting of delivery
6471 status on a per-user basis. Code donated by John Myers of
6473 MAIL.LOCAL: HP-UX support from Randall S. Winchester of the
6475 compatible with the stock HP-UX mail format. Be sure to
6477 MAIL.LOCAL: Prevent other mail delivery agents from stealing a
6487 MAKEMAP: New -s flag to ignore safety checks on database map files
6504 BuildTools/M4/depend/CC-M.m4
6512 BuildTools/OS/HP-UX.11.x
6528 cf/cf/generic-hpux10.cf
6591 If an SMTP mailer used a non-standard port number for the outgoing
6595 to internal form. Suggested by Bob Kupiec of GES-Verio.
6603 If SingleThreadDelivery was enabled and the remote server returned a
6608 If queueing up a message due to an expensive mailer, don't increment
6614 "Processed by _username_ with -C _filename_" would be logged
6617 Use a better heuristic for detecting GDBM.
6622 results during a single message processing (but would
6625 Do not log failures such as "User unknown" on -bv or SMTP VRFY
6628 Do not send a bounce message back to the sender regarding bad
6633 sendmail via a UNIX pipe. This will allow rulesets using
6636 A combination of deferred delivery mode, a double bounce situation,
6637 and the inability to save a bounce message to
6638 /var/tmp/dead.letter would cause sendmail to send a bounce
6640 queue causing it to create a new bounce message each time the
6647 Starting with sendmail 8.8.6, mail sent with the '-t' option would be
6652 Use Timeout.fileopen when delivering mail to a file. Suggested by
6654 Display the proper Final-Recipient on DSN messages for non-SMTP
6661 a HUP signal. This will give room for the process title.
6663 Mail could be delivered without a body if the machine does not
6669 Make sure non-rebuildable database maps are opened before the
6677 Return a temporary error instead of a permanent error if an LDAP map
6682 not pad bare linefeeds with a space. Problem noted by Theo
6685 Non-standard C compilers may have had a problem compiling
6686 conf.c due to a standard C external declaration of
6689 AUX: has a broken O_EXCL implementation. Reported by Jim
6714 used on a Solaris machine. Problem noted by
6718 MAKEMAP: Use a better heuristic for detecting GDBM.
6724 If using Berkeley DB on systems without O_EXLOCK (open a file with
6725 an exclusive lock already set -- i.e., almost all systems
6726 except 4.4-BSD derived systems), the initial attempt at
6738 When a NEWDB database map was rebuilt at the same time it was being
6739 used by a queue run, the maps could be left locked for the
6742 In some cases, NoRecipientAction=add-bcc was being ignored, so the
6751 Avoid extra calls to gethostbyname for addresses for which a
6753 from gethostbyaddr that look like a dotted quad.
6760 Better handling of non-set-user-ID binaries -- avoids certain obnoxious
6764 If the AllowBogusHELO option were set and an EHLO with a bad or
6765 missing parameter were issued, the EHLO behaved like a HELO.
6768 had a .forward file. From Nik Conwell of Boston University.
6769 On some non-Posix systems, the decision of whether chown(2) permits
6772 Fix race condition that could cause the body of a message to be
6774 on systems that do not use flock(2), and only when a queue
6775 runner runs during a critical section in another message
6776 delivery. Based on a patch from Steve Schweinhart of
6778 If a qf file was found in a mail queue directory that had a problem
6784 include it when reporting that a file has changed after open.
6785 This adds a new compile flag, HAS_ST_GEN (0/1 option).
6787 theoretically possible for an attacker to remove a file after
6789 same i-number, but some filesystems (notably AFS) return
6791 has changed. As a practical matter this is not a security
6794 have two files on the same filesystem with the same i-number
6796 Delete the root Makefile from the distribution -- it is only for
6798 Fix botch that caused the second MAIL FROM: command in a single
6802 a trailing slash. (And a pox on vendors that decide to
6808 In certain cases, 7->8 bit MIME decoding of Base64 text could leave
6811 on a patch from Christophe Wolfhugel.
6825 Linux, Dynix, UNICOS: Remove -DNDBM and -lgdbm from
6827 NCR MP-RAS 3.x with STREAMware TCP/IP: SIOCGIFNUM ioctl
6832 HP-UX 9.x: fix compile warnings for old select API. Problem
6837 SCO 4.2: compile problems caused by a change in the type of
6849 CONFIG: SCO UnixWare 2.1: Support for OSTYPE(sco-uw-2.1)
6855 CONFIG: MAILER(fax) called a program that hasn't existed for a long
6858 CONFIG: Improve sample anti-spam rulesets in cf/cf/knecht.mc. These
6861 MAIL.LOCAL: Make error messages a bit more explicit, for example,
6866 CONTRIB: passwd-to-alias.pl: Handle 8 bit characters and '-'.
6871 cf/ostype/sco-uw-2.1.m4
6882 SECURITY: A few systems allow an open with the O_EXCL|O_CREAT open
6883 mode bits set to create a file that is a symbolic link that
6884 points nowhere. This makes it possible to create a root
6886 into a writable directory after the initial lstat(2) check
6888 example of a system having these odd semantics for O_EXCL
6889 and symbolic links was HP-UX prior to version 9.07. Most
6890 systems do not have the problem, since a exclusive create
6891 of a file disallows symbolic links. Systems that have been
6893 DEC OSF/1, HP-UX 9.07 and higher, Linux, SunOS, Solaris,
6894 and Ultrix. This is a potential exposure on systems that
6895 have this bug and which do not have a MAILER-DAEMON alias
6896 pointing at a legitimate account, since this will cause old
6905 and probing for accounts), or as a denial-of-service attack
6921 have a safe (restricted to root) chown even on files that
6928 group writable. This might allow someone who has a legitimate
6930 become another non-root user if the :include: file is in a
6931 non-writable directory on an NFS-mounted filesystem where
6933 actually permitted. I believe this to be a very small set
6935 NFS-mounted filesystems.
6936 SECURITY: When setting a numeric group id using the RunAsUser option
6944 by Wolfgang Ley of DFN-CERT.
6945 Make 55x reply codes to the SMTP DATA-"." be non-sticky (i.e., a
6959 Andrey A. Chernov and Gregory Neil Shapiro.
6961 a signal handler. Problem noted by John Beck of Sun
6969 have errors and have owner- aliases. Problem noted by Michael
6972 multipart/mixed Content-Type: header. Problem noted by
6974 Always print error messages during newaliases (-bi) even if the
6977 Test mode could core dump if you did a /map lookup in an optional map
6978 that could not be opened. Based on a fix from John Beck of
6981 a host that does not have an A record, but other MX records
6983 with a "host unknown" error. Note that this should really
6986 If a map fails (e.g., DNS times out) on all recipient addresses, mark
6988 run will not realize that this is a second attempt and will
6991 If the clock is set backwards, and a MinQueueAge is set, no jobs
6996 sendmail will not process the queue at all) during a queue
7001 non-functional -- either the entire queue was processed or
7003 does no queue run if a single recipient zero size job will
7005 If there is a fatal ("panic") message that will cause sendmail to
7008 Force ErrorMode=print in -bt mode so that all errors are printed
7013 The -m (match only) flag now works on host class maps.
7016 erroneous results during a single message processing
7019 files are at least ten minutes old. This avoids a potential
7021 a file descriptor. The queue runner locks it and deletes it
7023 descriptor that is now for a disconnected file, and the
7024 job goes away. Based on a suggestion by Bryan Costales.
7025 When determining the "validated" host name ($_ macro), do a forward
7026 (A) DNS lookup on the result of the PTR lookup and compare
7036 If a message cannot be sent because of a 552 (exceeded storage
7037 allocation) response to the MAIL FROM:<>, and a SIZE= parameter
7039 is a very good chance that the message will double-bounce.
7040 Fix possible line truncation if a quoted-printable had an =00 escape
7043 Notify flags (e.g., -NSUCCESS) were lost on user+detail addresses.
7051 run the "sendmail -bd" and "sendmail -q30m" jobs separately
7054 Always give a message in newaliases if alias files cannot be
7058 Some older versions of the resolver could return with h_errno == -1
7062 If a :include: file is owned by a user that does not have an entry
7063 in the passwd file, sendmail could dereference a null pointer.
7067 Fix a possible race condition that can cause a SIGALRM to come in
7068 immediately after a SIGHUP, causing the new sendmail to die.
7077 A/UX: from Jim Jagielski of NASA/GSFC.
7078 glibc: SOCK_STREAM was changed from a #define to an enum,
7081 defined. Problem reported by A Sun of the University
7090 Unfortunately releasing them opens a race condition,
7094 Solaris: a bug in strcasecmp caused characters with the
7096 letters -- for example, $| (0233) matches "i" and "I".
7106 CONFIG: Some canonification was still done for UUCP-like addresses
7115 CONFIG: Retain "+detail" information when forwarding mail to a
7119 rules are the same as for aliasing. Based on a patch from
7123 possible to have better anti-spam rulesets in the future.
7126 In some cases this can be used as a denial-of-service attack.
7130 MAILER(procmail), but do pass F=Pn9 (include Return-Path:,
7131 don't include From_, and convert to 8-bit). Suggestions
7138 "slip in" a symbolic link between the lstat(2) call and the
7139 exclusive open. This is only a problem on System V derived
7148 MAKEMAP: Handle cases where O_EXLOCK is #defined to be 0. A similar
7152 symbolic links; although makemap is not set-user-ID root, it is
7162 CONTRIB: Add passwd-to-alias.pl, contributed by Kari Hurtta. This
7171 contrib/passwd-to-alias.pl
7182 SECURITY: Make purgestat (-bH) be root-only. This is not in response
7188 Use of a -f flag with a phrase attached (e.g., "-f 'Full Name <addr>'")
7189 would truncate the address after "Full". Although the -f
7193 Fix a possible null pointer dereference when converting 8-bit data
7194 to a 7-bit format. Problem noted by Jim Hutchins of
7199 it possible for a message to be converted from 8->7->8->7
7200 bits several times), it shouldn't have failed with a syserr.
7204 Let F lines in the configuration file actually read root-only
7205 files if the configuration file is safe. Based on a
7214 If sendmail finds a qf file in its queue directory that is an unknown
7218 William A. Gianopoulos of Raytheon Company.
7219 Start a new session when doing background delivery; currently it
7220 ignored signals but didn't start a new signal, that caused
7221 some problems if a background process tried to send mail
7224 Simplify test for skipping a queue run to just check if the current
7231 (25) commands; this helps prevent a bad guy from putting
7232 you into a tight loop as a denial-of-service attack. Based
7233 on an e-mail conversation with Brad Knowles of AOL.
7235 this helps prevent a class of denial-of-service attacks.
7241 These will probably be configurable in a future release.
7247 Mail that was Quoted-Printable encoded and had a soft line break on
7251 to be a better "fail soft" approach. Based on a patch from
7253 If AllowBogusHELO and PrivacyOptions=needmailhelo are both set, a
7257 Handle "sendmail -bp -qSfoobar" properly if restrictqrun is set
7258 in PrivacyOptions. The -q shouldn't turn this command off.
7260 based on a patch from Gregory Neil Shapiro of WPI.
7262 in a DATA transaction to be sticky; these can occur because
7263 a message is too large, and smaller messages should still go
7299 Sup�rieure des Mines de Paris (CRI-ENSMP).
7303 local machine (e.g., in a mailertable entry for "host",
7309 detail information). Inspired by a report from Michael Fuhr.
7315 OP.ME: documentation was inconsistent about whether sendmail did a
7316 NOOP or a RSET to probe the connection (it does a RSET).
7319 a duplex printer. From Matthew Black of Cal State University,
7326 files that have hard links -- this will affect .forward,
7328 Kyriacopoulos of Interlog Internet Services. As a
7329 workaround, set UnsafeGroupWrites -- always a good idea.
7330 SECURITY: the TryNullMXList (w) option should not be safe -- if it
7331 is, it is possible to do a denial-of-service attack on
7336 a denial-of-service attack is probably possible, but in theory
7342 Processes got "lost" when counting children due to a race condition.
7346 and HP-UX), mail transactions would print the message "451
7347 SMTP-MAIL: lost child: No child processes". Problem noted
7356 of NCR (a.k.a., AT&T Global Information Solutions).
7357 Avoid the possibility of having a child daemon run to completion
7359 had a chance to close the socket; this can cause the parent
7360 to hang for a long time waiting for the socket to drain.
7362 If the fork() failed in a queue run, the queue runners would not be
7376 caused stale information to be maintained. Based on a patch
7384 Make it possible to compile with -DDAEMON=0 (previously it had some
7387 compile flag; use NETINET instead. Solution based on a
7390 AIX4: getpwnam() and getpwuid() do a sequential scan of the
7395 SCO 5.x: include -lprot in the Makefile. Patch from Bill
7397 NEWS-OS 4.x: need a definition for MODE_T to compile. Patch
7405 I believe this to have only been a problem if you
7406 compiled with -DUSE_VENDOR_CF_PATH -- another reason
7415 to take a very long time. Problem noted by Yoshiro YONEYA
7422 SECURITY: it was possible to get a root shell by lying to sendmail
7423 about argv[0] and then sending it a signal. Problem noted
7425 best-of-security list.
7427 (%d) exceeds program functionality (%d) message" -- this
7430 Fix a problem that occurs when you open an SMTP connection and then
7431 do one or more ETRN commands followed by a MAIL command; at
7433 "451 SMTP-MAIL: lost child: No child processes". Problem
7435 When doing text-based host canonification (typically /etc/hosts
7436 lookup), a null host name would match any /etc/hosts entry
7441 Increase the size of the DNS answer buffer -- the standard UDP packet
7455 due to a race condition. Problem reported by Kyle Jones of
7460 Change it to check for O_EXLOCK non-zero. Problem noted by
7472 When MIME was being 7->8 bit decoded, "From " lines weren't being
7486 If a message exceeded the fixed maximum size on input, the body of
7491 AIX4: 4.1 doesn't have a working setreuid(2); change the
7503 HP-UX 10.0 gripes about the (perfectly legal!) forward
7509 IRIX: don't default to using gcc. IRIX is a civilized
7510 operating system that comes with a decent compiler
7515 pointed out by Teddy Hogeborn <teddy@fukt.hk-r.se>.
7522 return any entry in /etc/hosts that had a space at the end
7535 SECURITY: fix a botch in the 7-bit MIME patch; the previous patch
7549 SECURITY: in some cases an illegal 7-bit MIME-encoded text/plain
7550 message could overflow a buffer if it was converted back
7552 for a remote attack. Problem first noted by Gregory Shapiro
7560 If a Base64 encoded text/plain message has no trailing newline in
7563 If running with a RunAsUser, sendmail would give bogus "cannot
7566 Always print error messages in -bv mode -- previously, -bv would
7568 to (say) mail-back. Problem noted by Kyle Jones of UUNET.
7569 If -qI/R/S is set (or the ETRN command is used), ignore all long
7571 to do this when you know a host has just come back up.
7575 If a service (such as NIS) is specified as the last entry in the
7577 would return a temporary failure when an entry was not found
7594 on a patch from Eric Hagberg of Morgan Stanley.
7601 Log a warning if the sendmail daemon is invoked without a full
7602 pathname, which prevents "kill -1" from working. I was
7603 urged to put this in by Andrey A. Chernov of DEMOS (Russia).
7609 if a FallbackMXHost was specified in the configuration file
7610 -- all mail would be sent to the fallback even if the original
7613 A message that didn't terminate with a newline would (sometimes) not
7616 The DaemonPortOptions suboption to bind to a particular address was
7617 incorrect and nonfunctional due to a misunderstanding of the
7618 semantics of binding on a passive socket. Patch from
7620 Increase the number of MX hosts for a single name to 100 to better
7624 slightly increased in size, to 12.8K from 10.2K -- this means
7625 that if a single name had 100 MX records, the average size
7633 Support IPv6-style domain literals, which can have colons between
7636 this is an attempt to track down a bug that one person seems
7637 to be having (it may be a Solaris bug!).
7641 Christian-Albrechts-University of Kiel.
7644 would count as a delivery as far as the statistics were
7649 Move buffer overflow checking -- these primarily involve distrusting
7651 4.4-BSD-derived systems, including FreeBSD, NetBSD, and BSD/OS didn't
7652 include <paths.h> and hence had the wrong pathnames for a few
7655 values being interpreted as non-urgent except for non-urgent,
7657 The -o (optional) flag was being ignored on hash and btree maps
7659 Content-Types listed in class "q" will always be encoded as
7660 Quoted-Printable (or more accurately, will never be encoded
7662 or full types (e.g., "text/plain"). Based on a suggestion by
7666 Define ${bodytype} to be the body type (from the -B flag or the
7672 Implement ESMTP ETRN command to flush the queue for a specific host.
7673 The command takes a host name; data for that host is
7675 the -qR implementation, other hosts may be attempted, but
7678 Add three new command line flags to pass in DSN parameters: -V envid
7679 (equivalent to ENVID=envid on the MAIL command), -R ret
7680 (equivalent to RET=ret on the MAIL command), and -Nnotify
7682 that the -N flag applies to all recipients; there is no way
7683 to specify per-address notifications on the command line,
7684 nor is there an equivalent for the ORCPT= per-address
7693 a match. This was causing the wrong values to be found (and
7694 had a memory leak). Found by Bastian Schleuter of TU-Berlin.
7702 Add MustQuoteChars option. This is a list of characters that must
7708 that do not include a host name for back compatibility with
7716 Add ConnectionRateThrottle option. If set to a positive value, the
7718 in a single second is limited to this number. Connections are
7725 specifies how long cached information about the state of a
7729 between runs; otherwise, it applies only within a single queue
7731 that take a very long time to run.
7733 into being a single line even if they had newlines in them
7734 when read. This is to get around a botch in Lotus Notes.
7735 Text class maps were totally broken -- if you ever retrieved the last
7736 item in a table it would be truncated. Problem noted by
7738 Extend the lines printed by the mailq command (== the -bp flag) when
7739 -v is given to 120 characters; this allows more information
7742 this was treated as end-of-input. Problem noted by Bryan
7747 Close /var/tmp/dead.letter after a successful write -- otherwise
7748 if this happens in a queue run it can cause nasty delays.
7751 values for a given key, the database cursor would get
7754 a comma-separated list; thus, the -v output will be somewhat
7756 Fix buffer allocation problem with Hesiod-based userdb maps when
7757 HES_GETMAILHOST is defined. Based on a patch by Betty Lee
7759 When envelopes were split due to aliases with owner- aliases, and
7766 When using F=U to get "ugly UUCP" From_ lines, a buffer could in
7774 have changed the return value to unsigned, so a check for an
7775 error return of -1 doesn't work. Use INADDR_NONE instead.
7779 DSNs were inconsistent if a failure occurred during the DATA phase
7783 Add -U command line flag and the XUSR ESMTP extension, both indicating
7784 that this is the initial MUA->MTA submission. The flag current
7788 Default end-of-line string (E= specification on mailer [M] lines)
7789 to \r\n on SMTP mailers. Default remains \n on non-SMTP
7796 Don't assume that IDENT servers close the connection after a query;
7805 After 25 EXPN or VRFY commands, start pausing for a second before
7806 processing each one. This avoids a certain form of denial
7816 (the $| is a meta-symbol used to separate the two addresses);
7817 it can give a "this sender can't send to this recipient"
7832 Allow IDA-style recursive function calls. Code contributed by Mark
7834 Eliminate the "No ! in UUCP From address!" message" -- instead, create
7835 a virtual UUCP address using either a domain address or the $k
7842 Allow -dANSI to turn on ANSI escape sequences in debug output; this
7845 distinguish between the single-character metasymbol $+ and the
7847 Changed ruleset 89 (executed in dumpstate()) to a named ruleset,
7850 files that are group writable are considered "unsafe" -- that
7853 Delete bogosity test for FallBackMXhost; this prevented it to be a
7854 name that was not in DNS or was a domain-literal. Problem
7857 permanent from temporary failures; if both existed in a
7863 Add a heuristic to improve the handling of unbalanced `<' signs in
7866 Check for bogus characters in the 0200-0237 range; since these are
7870 Implement 7 -> 8 bit MIME conversions. This only takes place if the
7878 this change is a no-op.
7879 The -o map flag was ignored for text maps. Problem noted by Bryan
7881 The -a map flag was ignored for dequote maps. Problem noted by
7883 Fix core dump when a lookup of a class "prog" map returns no
7893 Add new mode, -bD, that acts like -bd in all respects except that
7894 it runs in foreground. This is useful for using with a
7905 on a suggestion by Motonori Nakamura.
7915 conjunction with -qRhost.domain. In fact, there are very few
7918 If a map lookup in ruleset 5 returns tempfail, queue the message in
7919 the same manner as other rulesets. Previously a temporary
7922 Don't proceed to the next MX host if an SMTP MAIL command returns a
7925 or if the MAIL command returns a 4yz (temporary failure) code.
7929 Add new "-t" flag for map definitions (the "K" line in the .cf file).
7930 This causes map lookups that get a temporary failure (e.g.,
7938 you are not running set-user-ID; this makes management of
7942 maintained within a single queue run in disk files that are
7945 not set, persistent host status is turned off. If not a full
7946 pathname, it is relative to the queue directory. A common
7949 * -bh prints the status of hosts that have had recent
7951 * -bH purges the host statuses. No attempt is made to save
7962 be delayed (for example, if one sendmail is delivering a huge
7966 ConnectionCacheSize to avoid running out of per-process
7969 Allow sending to non-simple files (e.g., /dev/null) even if the
7972 The -qR flag mistakenly matched flags in the "R" line of the queue
7974 If a job was aborted using the interrupt signal (e.g., control-C from
7985 case when creating the map unless the -f flag is specified on
7989 When a job was read from the queue, the bits causing notification on
7997 "550 Access denied". -DTCPWRAPPERS will include support for
7998 TCP wrappers; you will need to add -lwrap to the link line.
8000 Don't include the "THIS IS A WARNING MESSAGE ONLY" banner on postmaster
8004 Add new RunAsUser option; this causes sendmail to do a setuid to that
8019 Fix a problem on Solaris that occasionally causes programs
8021 to a UDP port. It also created some signal handling problems.
8026 will do instead of just a /etc/passwd lookup. This adds
8028 The Timeout.* options are not safe -- they can be used to create a
8029 denial-of-service attack. Problem noted by Christophe
8031 Don't send PostmasterCopy messages in the event of a "delayed"
8040 to queue even if a "fall back" .forward was found. Problem
8041 noted by Ann-Kian Yeo of the Dept. of Information Systems
8043 Don't do 8->7 bit conversions when bouncing a MIME message that
8044 is bouncing because of a MIME error during 8->7 bit conversion;
8045 the encapsulated message will bounce again, causing a loop.
8048 instead of 0644. Suggested by Ann-Kian Yeo of the
8059 work on the first recipient of a message due to a
8061 use, you can define DEC_OSF_BROKEN_GETPWENT=1 for a
8064 FreeBSD 1.1.5.1 uname -r returns a string containing
8069 Solaris 2.x: omit the UUCP grade parameter (-g flag) because
8070 it is system-dependent. Problem noted by J.J. Bailey
8074 HP-UX 10.x compile glitches, reported by Anne Brink of the
8083 NCR SVR4 MP-RAS 3.x support from Tom Moore of NCR.
8089 NetInfo maps (improved debugging and multi-valued aliases)
8098 Solaris 2.5 has a working setreuid. Noted by David Linn of
8101 Previously you had to add -DSOLARIS in Makefile.dist;
8102 this auto-detects. Based on a patch from Randall
8104 CONFIG: add generic-nextstep3.3.mc file. Contributed by
8110 CONFIG: hooks for IPv6-style domain literals.
8117 domains listed in a MASQUERADE_DOMAIN macro are masqueraded.
8121 themselves. For example, if a configuration had
8126 CONFIG: add FEATURE(genericstable) to do a more general rewriting of
8127 outgoing addresses. Defaults to ``hash -o /etc/genericstable''.
8134 incoming addresses. Defaults to ``hash -o /etc/virtusertable''.
8136 part (with the @ sign). For example, a table containing:
8137 info@foo.com foo-info
8138 info@bar.com bar-info
8140 would send all mail destined for info@foo.com to foo-info
8142 to bar-info, and anything addressed to anyone at baz.org will
8145 a great many people.
8151 passes the original user@host in to procmail-style local
8160 on a suggestion by Ribert Kiessling of Easynet.
8173 CONFIG: fix cases where a three- (or more-) stage route-addr could
8174 be misinterpreted as a list:...; syntax. Based on a patch by
8183 new address is still on the local host. Based on a suggestion
8186 However, the class is not pre-initialized to contain root.
8190 CONTRIB: Add re-mqueue.pl, contributed by Paul Pomes of Qualcomm.
8192 well: this produces a slightly different mailbox format (no
8193 Content-Length: headers), file ownerships and modes are
8199 was a delivery error, such as if the ownership on the file
8206 MAKEMAP: The -d flag (to allow duplicate keys) to a btree map wasn't
8213 src/Makefiles/Makefile.NCR.MP-RAS.3.x
8218 cf/cf/generic-nextstep3.3.mc
8228 contrib/re-mqueue.pl
8234 src/Makefiles/Makefile.NCR3000 => Makefile.NCR.MP-RAS.2.x
8243 as the default user. This is not exploitable from off-site.
8244 Workarounds include using a unique user for the DefaultUser
8247 a local user to get root. This is not known to be exploitable
8248 from off-site. The workaround is to disable chfn(1) commands.
8260 insert newlines into a queue file, thus allowing access to
8262 CONFIG: no changes -- it is not a bug that the configuration
8270 negative array subscripting. Not a security problem since
8273 Fix -d21 debug output for long macro names. Pointed out by Bryan
8289 valid recipient headers (To:, Cc: or Apparently-To:, the
8290 last being a historic botch, of course). If Bcc: is the
8294 to see that a Bcc: went to _someone_.
8295 Include queue id on ``Authentication-Warning: <host>: <user> set
8296 sender to <address> using -f'' syslog messages. Suggested
8298 If a sequence or switch map lookup entry gets a tempfail but then
8300 return a temporary failure from the sequence or switch map.
8302 with a tempfail, the hosts map will go on and search files,
8303 but if it fails the whole thing should be a tempfail, not
8304 a permanent (host unknown) failure, even though that is the
8308 owned by bar mode 700 and inbox being set-user-ID bar stopped
8311 An SMTP RCPT command referencing a host that gave a nameserver
8312 timeout would return a 451 command (8.6 accepted it and
8317 -- mail gets lost!); this was pointed out by Stuart Pook of
8319 Fix possible buffer overflow in munchstring(). This was not a security
8321 without first giving up root privileges, but it is still a
8334 Fix overcounting of recipients -- only happened when sending to an
8337 If a message is sent to an address that fails, the error message that
8349 should be controlled by the -f flag like other maps. Pointed
8355 When converting a message to Quoted-Printable, prevent any lines with
8356 dots alone on a line by themselves. This is because of the
8359 Fix F{macro}/file construct -- it previously did nothing. Pointed
8361 Announce whether a cached connection is SMTP or ESMTP (in -v mode).
8363 Delete check for text format of alias files -- it should be legal
8373 Queue run processes would re-spawn daemons when given a SIGHUP; only
8376 If MinQueueAge was set and a message was considered but not run
8377 during a queue run and the Timeout.queuereturn interval was
8378 reached, a "timed out" error message would be returned that
8379 didn't include the failed address (and claimed to be a warning
8386 distributions do not have this routine. Based on a patch
8388 Extensive cleanups to map open code to handle a locking race condition
8390 non-4.4-BSD based) OS architectures. This should solve the
8392 has plagued me for quite some time. Based on a patch from
8398 DomainOS: Makefile.DomainOS doesn't require -ldbm. From
8400 HP-UX 10: rename Makefile.HP-UX.10 => Makefile.HP-UX.10.x
8403 Also, use -Aa -D_HPUX_SOURCE instead of -Ae, which
8406 CONFIG: FAX mailer wasn't setting .FAX as a pseudo-domain unless
8407 you also had a FAX_RELAY. From Thomas.Tornblom@Hax.SE.
8408 CONFIG: Minor glitch in S21 -- attachment of local domain name
8417 a bug report submitted by Paul Hoffman of Proper Publishing.
8433 Fix strange case of an executable called by a program map that
8434 returns a value but also a non-zero exit status; this
8438 non-zero exit status. From Tom Moore of AT&T GIS.
8439 Shorten parameters passed to syslog() in some contexts to avoid a
8441 this isn't really a bug in sendmail per se, and my solution
8442 has to assume that syslog() has at least a 1K buffer size
8444 dramatically -- they're on their own), sendmail is a popular
8449 Fix a problem that might cause a non-standard -B (body type)
8452 If a filesystem was at > 100% utilization, the freediskspace()
8456 sort first within a given preference. This forces the bestmx
8465 sendmail would sleep to try to find a FQDN, which it really
8467 next map type if it can't find a FQDN -- i.e., if the hosts
8468 file doesn't have a FQDN, it will try dns even though the
8469 short name was found in /etc/hosts. This is probably a crock,
8472 Log a high-priority message if you can't find your FQDN during startup.
8476 Apparently at least some versions of Linux have a 90 !minute! TCP
8477 connection timeout in the kernel. Add a new "connect" timeout
8481 Under some circumstances, a failed message would not be properly
8496 SunOS Makefile was including -ldbm, which is for the old
8501 CONFIG: don't allow an alias file in nullclient configurations --
8504 CONFIG: local mailer on Solaris 2 should always get a -f flag because
8514 Fix a problem that could cause sendmail to run out of file
8515 descriptors due to a trashed data structure after a
8518 Change the VRFY response if you have disabled VRFY -- some
8522 that it only did a stat, but it would have set the
8528 Move ruleset entry/exit debugging from 21.2 to 21.1 -- this is
8529 useful enough to make it worthwhile printing on "-d".
8532 If you have a name with a trailing dot, and you try looking it
8539 There is nothing that says you can't have a long
8546 a bad idea, but can be useful on firewall machines. This
8547 should really be broken out on a separate flag, I suppose.
8550 Avoid possible incorrect diagnosis of DNS-related errors caused
8552 $[ ... $] -- the fix is to clear h_errno at appropriate
8554 SECURITY: avoid denial-of-service attacks possible by destroying
8556 This involves adding two new compile-time options:
8559 is available -- the Release 3 form is used). The former
8560 is assumed on BSD-based systems, the latter on System
8561 V-based systems. Attack noted by Phil Brandenberger of
8563 New syntaxes in test (-bt) mode:
8569 ``-ddebug-spec'' is equivalent to the command-line
8570 -d debug flag.
8588 Somewhat better handling of UNIX-domain socket addresses -- it
8590 Restore ``-ba'' mode -- this reads a file from stdin and parses
8596 Fix a fix in previous release -- if gethostname and gethostbyname
8597 return a name without dots, and if an attempt to canonify
8601 listed in /etc/hosts or your NIS map have a dot.
8605 Relax chownsafe rules slightly -- old version said that if you
8609 you are on a BSD system or not. This is important for
8617 would cause a "warning" message to be sent to the Postmaster
8620 Rewrite collect and putbody to handle full 8-bit data, including
8623 Allow full words for option names -- if the option letter is
8624 (apparently) a space, then take the word following -- e.g.,
8629 A AliasFile
8630 a AliasWait
8674 z ClassFactor
8675 Z RetryFactor
8681 $q (deleted -- not necessary)
8686 Change address parsing to properly note that a phrase before a
8687 colon and a trailing semicolon are essentially the same
8691 assume that ``group name:'' is a comment on the first
8692 address and the ``;'' is a comment on the last address).
8697 A Addresses are aliasable.
8716 Pre-level 6 configuration files set A, w, 5, :, |, /, and @
8719 Eight-to-seven bit MIME conversions. This borrows ideas from
8720 John Beck of Hewlett-Packard, who generously contributed
8723 EightBitMode option (a.k.a. `8') and an F=8 mailer flag
8724 to control handling of 8-bit data. These have to cope with
8725 two types of 8-bit data: unlabelled 8-bit data (that is,
8726 8-bit data that is entered without declaring it as 8-bit
8727 MIME -- technically this is illegal according to the
8728 specs) and labelled 8-bit data (that is, it was declared
8730 -B8BITMIME command line flag). If the F=8 mailer flag is
8731 set then 8-bit data is sent to non-8BITMIME machines
8733 just-send-8 semantics). The values for EightBitMode are:
8734 m convert unlabelled 8-bit input to 8BITMIME, and do
8737 p pass unlabelled 8-bit input, but convert labelled
8739 s strict adherence: reject unlabelled 8-bit input,
8742 Unlabelled 8-bit data is rejected in mode `s' regardless of
8744 Add new internal class 'n', which is the set of MIME Content-Types
8753 Content-Transfer-Encodings that can be converted to
8754 a seven bit format (Quoted-Printable or Base64). It is
8758 Content-Type: header when doing encoding of an 8-bit message
8762 If neither is set, it defaults to "unknown-8bit" as
8764 Allow ``U=user:group'' field in mailer definition to set a default
8765 user and group that a mailer will be executed as. This
8769 numeric or symbolic; if only a symbolic user is given (no
8773 Allow `u' option to also accept user:group as a value, in the same
8776 a comment). This adds a new compile-time configuration
8778 of (struct tm *)->tm_name), TZ_TM_ZONE (use the value
8779 of (struct tm *)->tm_zone), TZ_TZNAME (use extern char
8780 *tzname[(struct tm *)->tm_isdst]), TZ_TIMEZONE (use
8795 backlogs under some circumstances. This is probably a
8798 something like PPP on a 14.4 modem. Based on code
8801 Save i-number of df file in qf file to simplify rebuilding of queue
8805 are NOT back compatible with 8.6 -- that is, you can convert
8808 route-addrs in envelopes; this is because in some cases
8811 Don't include error file (option E) with return-receipts; this
8813 Don't send "Warning: cannot send" messages to owner-* or
8814 *-request addresses. Suggested by Christophe Wolfhugel
8816 Allow -O command line flag to set long form options.
8819 (-q value) is five minutes, but the minimum queue age
8823 queue-only.
8826 Add "-k", "-v", and "-z" flags to map definitions; these set the
8828 delimiter. The field delimiter can be a single character
8831 Change maps to always strip quotes before lookups; the -q flag
8833 Add "nisplus" map class. Takes -k and -v flags to choose the
8840 Add "netinfo" (NeXT NetInfo) map class. Maps can have a -k flag to
8842 key and a -v flag to specify the name of the property that
8847 text files. The -z flag specifies a column delimiter
8848 (defaults to any sequence of white space), the -k flag
8849 sets the key column number, and the -v flag sets the
8856 Add "sequence" map class -- searches maps in sequence until it
8857 finds a match. For example, the declarations:
8861 defines a map "mapseq" that first searches map1; if the
8876 Add "user" map class -- looks up users using getpwnam. Takes a
8877 "-v field" flag on the definition that tells what passwd
8878 entry to return -- legal values are name, passwd, uid, gid,
8880 the -m (matchonly) flag.
8881 Add "bestmx" map class -- returns the best MX value for the host
8884 Add "userdb" map class -- looks up entries in the user database.
8890 three values. If a Priority: is set and has value "normal",
8891 "urgent", or "non-urgent" the corresponding timeouts are
8893 if negative, non-urgent timeouts are used; if greater than
8896 queue{warn,return}.{urgent,normal,non-urgent}.
8897 Fix problem when a mail address is resolved to a $#error mailer
8898 with a temporary failure indication; it works in SMTP,
8902 When using /etc/hosts or NIS-style lookups, don't assume that
8903 the first name in the list is the best one -- instead,
8904 search for the first one with a dot. For example, if
8909 Change dequote map to replace spaces in quoted text with a value
8910 indicated by the -s flag on the dequote map definition.
8911 For example, ``Mdequote dequote -s_'' will change
8918 a leading lower case letter or punctuation characters are
8920 should use names that begin with a capital letter. Based
8922 Fix core dump if getgrgid returns a null group list (as opposed
8923 to an empty group list, that is, a pointer to a list
8925 Fix possible core dump if malloc fails -- if the malloc in xalloc
8931 IPC-connected host, so a series of (say) local mail
8936 this can fill your mqueue partition -- this is a possible
8937 denial-of-service attack.
8939 defined. It turns out that Posix allows all-numeric
8941 Add service switch support. If the local OS has a service
8944 to using a local mechanism based on the ServiceSwitchFile
8957 Return-Receipt-To: headers, which are bogus anyhow --
8959 Add T=mts-name-type/address-type/diagnostic-type keyletter to mailer
8963 five-character string "ESMTP" anywhere in the 220 greeting
8969 Map newlines to spaces in logged message-ids; some versions of
8972 Move up forking for job runs so that if a message is split into
8973 multiple envelopes you don't get "fork storms" -- this
8978 Relax rules on when a file can be written when referenced from
8980 real uid/gid. This allows you to create a file owned by
8982 all the time (without having the set-user-ID bit set). Change
8983 suggested by Shau-Ping Lo and Andrew Cheng of Sun
8986 delay for dial on demand systems. If this is non-zero
8987 and a connect fails, sendmail will wait this long and
8993 previously, it could be delayed a while for SMTP mail
8999 Add xdelay= field in logs -- this is a transaction delay, telling
9004 If a map cannot be opened, and that map is non-optional, and
9006 map instead of bouncing it. This involves creating a
9007 pseudo-class of maps called "bogus-map" -- if a required
9008 map cannot be opened, the class is changed to bogus-map;
9009 all queries against bogus-map return "tempfail". The
9010 bogus-map class is not directly accessible. A sample
9013 Fix a possible core dump when mailing to a program that talks
9018 as a file. Problem noted by Brian Hill of U.C. Davis.
9019 Accept a -1 signal to re-exec the daemon. This only works if
9020 argv[0] is a full path to sendmail.
9021 Fix bug in "addr=..." field in O option on little-endian machines
9022 -- the network number wasn't being converted to network
9025 Pre-initialize the resolver early on; this is to avoid a bug with
9029 Restore T line (trusted users) in config file -- but instead of
9030 locking out the -f flag, they just tell whether or not
9031 an X-Authentication-Warning: will be added. This really
9033 can be used to read trusted user names from a file.
9035 if they have a shell that isn't in /etc/shells.
9038 a MAYBENEXTRELEASE feature in 8.6.9.
9046 Skip checking for directory permissions in the path to a file
9048 succeeded -- it is unnecessary in that case. This avoids
9050 files. Based on a suggestion by Win Bent of USC.
9053 to assign a specific ruleset number. Reference is
9055 underscore, or hyphen (first character must be non-numeric).
9056 Allow -o flag on AliasFile lines to make the alias file optional.
9065 Add-To Add a To: header with any
9069 Add-Apparently-To Add an Apparently-To: header. This
9073 Add-To-Undisclosed Add a header reading
9074 To: undisclosed-recipients:;
9078 Add-Bcc To add an empty Bcc: header.
9079 There is a chance that mailers down
9087 be non-conforming -- although it does imply that non-blind
9088 recipients can see that a Bcc: was sent, albeit not to whom.
9091 checks. Also, if the option is non-null then it is used as
9092 the name of a directory that is used as a chroot(2)
9097 then aliases should reference "/arch/rest/of/path". If a
9101 Support -A flag for alias files; this will comma concatenate like
9106 OAhash:-A /etc/aliases
9108 without -A you will get an error on the second and subsequent
9110 Line-buffer transcript file. Suggested by Liudvikas Bukys.
9111 Fix a problem that could cause very long addresses to core dump in
9118 (If you -really- want this, define PICKY_QF_NAME_CHECK
9126 the `q' changed to a `d', of course).
9128 "expensive" -- this can be a major cost on some systems.
9131 Avoid sending a null message in some rather unusual circumstances
9132 (specifically, the RCPT command returns a temporary
9136 Change makesendmail to use a somewhat more rational naming scheme:
9141 and anything after the first dot in a release number can
9144 Change makesendmail to do a "make depend" in the target directory
9155 Log Authentication-Warning:s. Suggested by Motonori Nakamura.
9158 a rather ugly heuristic. From Motonori Nakamura.
9162 qualified. This is useful if you have a wildcard MX record,
9165 Eliminate default two-line SMTP greeting message. Instead of
9175 Allow on-line comments in .forward and :include: files; they are
9177 is a space or a tab. This is intended for native
9178 representation of non-ASCII sets such as Japanese, where
9180 data -- for example,
9183 <motonori@cs.ritsumei.ac.jp> =?ISO-2022-JP?B?GyRCQ2ZCPBsoQg==?=
9184 =?ISO-2022-JP?B?GyRCQUdFNRsoQg==?=
9187 (native encoding with ISO-2022-JP)
9189 Based on a fix from (surprise!) Motonori Nakamura.
9197 Add Nice=N mailer option to set the niceness at which a mailer will
9198 run. This is actually a relative niceness (that is, an
9203 Allow the error mailer to accept a DSN-style error status code
9205 Anything with a dot will be interpreted as a DSN-style code.
9206 Add new mailer flag: F=3 will tell translations to Quoted-Printable
9211 Change check for mailing to files to look for a pathname of [FILE]
9214 allows you to implement the *file* mailer as a separate
9215 program, for example, to insert a Content-Length: header
9225 whom mail is being forwarded, and cannot be a symbolic link.
9247 alias databases -- new algorithm looks for the substring
9255 be handled in a single queue run. Based on code contributed
9257 Log message when a message is dropped because it exceeds the maximum
9259 Allow trusted users (those on a T line or in $=t) to use -bs without
9260 an X-Authentication-Warning: added. Suggested by Mark Thomas
9262 Announce state of compile flags on -d0.1 (-d0.10 throws in the
9263 OS-dependent defines). The old semantic of -d0.1 to not
9264 run the daemon in background has been moved to -d99.100,
9271 If -t is used but no addresses are found in the header, give an
9283 a CNAME for Cruft.Foo.ORG, then when sitting on a machine in
9284 the Foo.ORG domain a lookup of "FTP" returns "Cruft.Foo.ORG"
9288 this option is not sufficient to guarantee that a downstream
9290 Add "-m" flag to makesendmail script -- this tells you what object
9296 file" line -- any data after that line is prohibited.
9299 either -DUSE_VENDOR_CF_PATH to get the vendor location
9301 _PATH_SENDMAILCF (which is a "hard override"). This allows
9307 Fix problem that didn't notice that timeout on file open was a
9310 Allow comments (lines beginning with a `#') in files read for
9317 (e.g., `s' for -bs, `t' for -bt, etc.). Suggested by
9320 Kind of like queue-only mode (Odq) except it tries to avoid
9321 any external service requests; for dial-on-demand hosts that
9324 of your local host name does not do a DNS lookup.
9329 Improve "cannot send message for N days" message -- now says "could
9337 or otherwise does not resolve to a canonical triple.
9338 Fix a problem that could cause multiple bounce messages if a bad
9339 address was sent along with a good address to an SMTP
9340 site where that SMTP site returned a 4yz code in response
9343 Add "volatile" declarations so that gcc -O2 will work. Patches
9345 Delete duplicates in MX lists -- believe it or not, there are sites
9348 had A=5, B=10, A=15 would leave both As, but one that had
9349 A=5, A=10, B=15 would reduce to A, B. This is intentional,
9353 a bad guy can read your private files.
9359 System V Release 4 from Kimmo Suominen -- initgroups(3)
9361 System V Release 4 from sob@sculley.ffg.com -- some versions
9364 Linux getusershell(3) is broken in Slackware 2.0 --
9376 get the old behavior, use -DDGUX_5_4_2.
9379 Tandem NonStop-UX from Rick McCarty <mccarty@mpd.tandem.com>.
9389 SVR4: running in background gets a SIGTTOU because the
9394 library, sockets can get into a "wedged" state where
9395 they just return EPROTO; closing and re-opening the
9398 Hitachi 3050R & 3050RX running HI-UX/WE2: portability
9410 DG-UX fixes from Bruce Nagel of Data General.
9418 OSF/1 running on Intel Paragon from Jeff A. Earickson
9421 Amdahl UTS System V 2.1.5 (SVr3-based) from Janet Jackson
9424 Durand of I.M.A.G.
9425 HP-UX 10.x multiprocessor load average changes from
9432 IRIX 4.0.5 from David Ashton-Reader of CADcentre.
9434 HP-UX 9.xx on the 8xx series machines from Remy Giraud
9436 HP-UX configuration from Tom Lane <tgl@sss.pgh.pa.us>.
9439 Sony NEWS-OS 4.2.1R and 6.0.3 from Motonori Nakamura.
9440 Omron LUNA unios-b, mach from Motonori Nakamura.
9441 NEC EWS-UX/V 4.2 from Motonori Nakamura.
9444 HP-UX 10.0 from John Beck of Hewlett-Packard.
9445 Ultrix: allow -DBROKEN_RES_SEARCH=0 if you are using a
9446 non-DEC resolver. Suggested by Allan Johannesen.
9452 MAKEMAP: allow -d flag to allow insertion of duplicate aliases
9456 lookups while the rebuild is going on. There is a race
9467 CONTRIB: a patch to rmail.c from Bill Gianopoulos of Raytheon
9476 of BSDI. This has a lot of comments to help people out.
9477 CONFIG: Don't have .mc files include(../m4/cf.m4) -- instead,
9480 arbitrary directory -- use either:
9483 m4 -I${CFDIR} m4/cf.m4 config.mc > config.cf
9486 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 ...
9491 MAILER-DAEMON on local addresses.
9497 CONFIG: Catch and reject "." as a host address.
9500 CONFIG: Delete OLD_SENDMAIL support -- as near as I can tell, it
9502 CONFIG: Set flags A, w, 5, :, /, |, and @ on the "local" mailer
9507 for system aliases such as root and postmaster to a
9510 CONFIG: add smtp8 mailer; this has the F=8 (just-send-8) flag set.
9514 the name of the UUCP_RELAY -- in some cases, this is the
9526 but it is a no-op.
9527 CONFIG: Add LUSER_RELAY -- the host to which unrecognized user
9536 return-path. From Kimmo Suominen.
9539 the "detail" part is passed to procmail via the -a flag.
9547 CONFIG: use -a$g as default to UUCP mailers, instead of -a$f.
9549 MAILER-DAEMON; otherwise UUCP gets horribly confused.
9580 The old name will still be accepted for a while at least.
9582 mail (.DECNET pseudo-domain or node::user) will be sent.
9587 CONFIG: change confCHECK_ALIASES to default to False -- it has poor
9599 ``error:code message''. The ``code'' is a status code
9600 derived from the sysexits codes -- e.g., NOHOST or UNAVAILABLE.
9607 in a file using MASQUERADE_DOMAIN_FILE(filename).
9611 CONFIG: add MAILER(phquery) to define a new "ph" mailer; this can be
9612 accessed from a mailertable to do CCSO ph lookups. Contributed
9614 CONFIG: add MAILER(cyrus) to define a new Cyrus mailer; this can be
9620 cf/cf/cs-hpux10.mc
9621 cf/cf/cs-solaris2.mc
9623 cf/cf/generic-bsd4.4.mc
9624 cf/cf/generic-hpux10.mc
9625 cf/cf/generic-hpux9.mc
9626 cf/cf/generic-osf1.mc
9627 cf/cf/generic-solaris2.mc
9628 cf/cf/generic-sunos4.1.mc
9629 cf/cf/generic-ultrix4.mc
9631 cf/domain/berkeley-only.m4
9644 cf/ostype/amdahl-uts.m4
9661 src/Makefiles/Makefile.EWS-UX_V
9662 src/Makefiles/Makefile.HP-UX.10
9667 src/Makefiles/Makefile.NEWS-OS.4.x
9668 src/Makefiles/Makefile.NEWS-OS.6.x
9670 src/Makefiles/Makefile.NonStop-UX
9686 cf/cf/alpha.mc => cf/cf/s2k-osf1.mc
9688 cf/cf/hpux-cs-exposed.mc => cf/cf/cs-hpux9.mc
9689 cf/cf/osf1-cs-exposed.mc => cf/cf/cs-osf1.mc
9690 cf/cf/s2k.mc => cf/cf/s2k-ultrix4.mc
9691 cf/cf/sunos4.1-cs-exposed.mc => cf/cf/cs-sunos4.1.mc
9692 cf/cf/ultrix4.1-cs-exposed.mc => cf/cf/cs-ultrix4.mc
9695 cf/domain/cs-exposed.m4 => cf/domain/CS.Berkeley.EDU.m4
9696 cf/domain/eecs-hidden.m4 => cf/domain/EECS.Berkeley.EDU.m4
9702 src/Makefile.AUX => src/Makefiles/Makefile.A-UX
9703 src/Makefile.BSDI => src/Makefiles/Makefile.BSD-OS
9709 cf/cf/cs-exposed.mc
9710 cf/cf/cs-hidden.mc
9711 cf/cf/hpux-cs-hidden.mc
9713 cf/cf/osf1-cs-hidden.mc
9714 cf/cf/sunos3.5-cs-exposed.mc
9715 cf/cf/sunos3.5-cs-hidden.mc
9716 cf/cf/sunos4.1-cs-hidden.mc
9717 cf/cf/ultrix4.1-cs-hidden.mc
9718 cf/domain/cs-hidden.m4
9719 contrib/rcpt-streaming
9724 insert newlines into a queue file, thus allowing access to
9726 CONFIG: no changes -- it is not a bug that the configuration
9734 Warwick University (all arrived within a few hours of
9736 Fix a problem that could cause large jobs to run out of
9742 than necessary if you are using Pine as a user agent.
9749 When reading the IDENT response a loop is needed around the
9752 Password entries without any shell listed (that is, a null
9755 When running BIND 4.9.x a problem could occur because the
9757 was historically -- this requires that sendmail call
9783 Fix a problem causing error messages about DNS problems when
9784 the host name contained a percent sign to act oddly
9785 because it was passed as a printf-style format string.
9790 Fix a problem that would silently drop "too many hops" error
9794 Fix a bug that caused core dumps on some systems if -d11.2 was
9795 set and e->e_message was null. Fix from Bruce Nagel of
9799 Chang and Shau-Ping Lo of SunSoft.
9800 Fix a problem that can cause buffer overflows on very long
9801 user names (as might occur if you piped to a program
9802 with a lot of arguments).
9803 Avoid returning an error and re-queueing if the host signature
9810 Universite de Versailles - St Quentin, and Jacky
9812 Make a local copy of the line being sent via senttolist() -- in
9826 Fix multi-line values for $e (SMTP greeting message). Reported
9834 Fix a problem that failed to set the "authentic" host name (that
9836 sendmail -bs from inetd. Based on code contributed by
9838 of Dakota State University). This also fixes a related
9841 Parameterize "nroff -h" in all the Makefiles so people with
9850 If the initial hostname name gathering results in a name
9851 without a dot (usually caused by NIS misconfiguration)
9861 sound a bit less threatening. Suggested by Stan Janet
9864 requested return-receipt immediately, and strip the
9865 Return-Receipt-To: header from the subsequent message.
9866 This prevents a certain class of denial of service
9868 moves things more towards what will probably become a
9871 Add a "noreceipts" privacy flag to turn off all return receipts
9879 Check for the $j macro getting undefined, losing a dot, or getting
9880 lost from $=w in the daemon before accepting a connection;
9881 if it is, it dumps state, prints a LOG_ALERT message,
9883 track down a bug that I thought was long since gone.
9886 Change OLD_NEWDB from a #ifdef to a #if so it can be turned off
9887 with -DOLD_NEWDB=0 on the command line. From Christophe
9892 This ensures that the other end gets a quick "connection
9901 incorrect. A better approach might be to accept the
9902 connection and give a 421 code, but that could break
9905 Fix a glitch in TCP-level debugging that caused flag 16.101 to
9907 When creating a df* temporary file, be sure you truncate any
9908 existing data in the file -- otherwise system crashes
9910 DOC: Replace the CHANGES-R5-R8 readme file with a paper in the
9917 probably have converted all the way over to uucp-uudom
9918 instead of uucp-{new,old}, but the failure mode was to
9933 HP-UX from Tor Lillqvist.
9948 values to the -d flag. Thanks to Alain Durand of
9953 SECURITY: the ability to give files away on System V-based
9954 systems proved dangerous -- don't run as the owner
9955 of a :include: file on a system that allows giveaways.
9956 Unfortunately, this also applies to determining a
9959 in the connection cache for a long time under some
9964 Fix a glitch that snuck in that caused programs to be run as
9966 from a local user to another local user. From
9968 Fix "wildcard" on /etc/shells matching -- instead of looking
9972 instead of HASSTATFS and/or HASUSTAT with a ton of
9973 tweaking in conf.c, there is a single #define called
9976 syscall, SFS_4ARGS for a four argument statfs(2) call,
9977 and SFS_VFS, SFS_MOUNT, or SFS_STATFS for a two argument
9983 Change HASFLOCK from defined/not-defined to a 0/1 definition
9984 to allow Linux to turn it off even though it is a
9985 BSD-like system.
9988 Make 7-bit stripping local to a connection (instead of to a
9989 mailer); this allows you to specify that SMTP is a
9990 7-bit channel, but revert to 8-bit should it advertise
9997 Fix a problem that made it impossible to rebuild the alias
9998 file if it was on a read-only file system. From
10002 Fix a minor glitch causing a bogus message to be printed (used
10003 %s instead of %d in a printf string for the line number)
10004 when a bad queue file was read. From Harry Edmon.
10006 sure this is necessary, but a lot of people have complained
10007 about it, and there is a legitimate question as to whether
10008 "localhost" is legal as an 822-style domain.
10009 Fix a problem with very short line lengths (mailer L= flag) in
10010 headers. This causes a leading space to be added onto
10014 Reported by Lars-Johan Liman of SUNET Operations Center.
10017 Fix address logging of cached connections -- it used to always
10018 log the numeric address as zero. This is a somewhat
10022 Tighten up handling of short syslog buffers even more -- there
10024 to share a line with delay= and mailer= logging.
10026 per envelope -- previously the overhead was three
10027 descriptors. This was in response to a problem reported
10032 Fix potential string overrun if you macro evaluate a string that
10033 has a naked $ at the end. Problem noted by James Matheson
10046 Avoid core dump if you are running a version of sendmail where
10050 Diagnose bizarre case where res_search returns a failure value,
10051 but sets h_errno to a success value.
10056 sometimes -- unfortunately, I can't seem to reproduce
10060 and the target account was an alias or had a .forward file.
10070 Fix configuration for HASFLOCK -- there were some spots where
10071 a #ifndef was incorrectly #ifdef. Pointed out by
10073 Fix a typo in savemail() that could cause the error message To:
10076 Fix a glitch that can cause duplicate error messages on split
10077 envelopes where an address on one of the lists has a
10083 re-queued the message. Changed to just re-queue the
10088 Avoid giving ``warning: foo owned process doing -bs'' messages
10091 Change the NAMED_BIND compile flag to be a 0/1 flag so you can
10092 override it easily in the Makefile -- that is, you can
10093 turn it off using -DNAMED_BIND=0.
10094 If a gethostbyname(...) of an address with a trailing dot fails,
10096 you have a version of gethostbyname() that falls back
10102 a chance.
10103 PRALIASES: fix bogus output on non-null-terminated strings.
10106 This was in code intended to only catch the self-literal
10122 CONFIG: When mail is forwarded to a LOCAL_RELAY or a MAIL_HUB,
10125 CONFIG: Fix route-addr syntax in nullrelay configuration set.
10132 CONFIG: Don't include -z by default on uux line -- most systems
10135 CONFIG: Fix some bugs with mailertables -- for example, if your
10139 to match anything -- essentially, take over SMART_HOST.
10147 locally, even if a hub or relay exists) by default.
10149 both a LOCAL_RELAY and a MAIL_HUB causes $=L to ignore
10167 NetBSD from Adam Glass <glass@sun-lamp.cs.berkeley.edu>.
10195 Although this does not respond to a specific known
10196 attack, it's just a good idea. Suggested by
10198 Security fix: if a user had an NFS mounted home directory on
10199 a system with a restricted shell listed in their
10203 appear in /etc/shells before allowing a .forward to
10204 execute a program or write a file. You can disable
10206 permit world-writable :include: files to reference
10208 These behaviors are only one level deep -- for
10209 example, it is legal for a world-writable :include:
10210 file to reference an alias that writes a file, on
10214 allow a cracker to examine files that were publicly
10215 readable but in a non-publicly searchable directory.
10216 Fix a problem that causes an error on QUIT on a cached
10220 Reset CurrentLA in sendall() -- this makes sendmail queue
10221 runs more responsive to load average, and fixes a
10226 Revert to using flock() whenever possible -- there are just
10229 Fix a bug that causes the connection cache to get confused
10240 Diagnose unrecognized I option values -- from Mortin Forssen
10243 code associated with it -- previously it returned OK
10244 even though there was a real problem. Now it assumes
10249 Fix core dump on SMTP mail to programs that failed -- it tried
10250 to go to a "next MX host" when none existed, causing
10251 a core dump. From der Mouse at McGill University.
10252 Change IDENTPROTO from a defined/not defined to a 0/1 switch;
10254 -DIDENTPROTO=0 in the Makefile). From der Mouse.
10261 Fix Ultrix problem: gethostbyname() can return a very large
10265 Don't assume "-a." on host lookups if NAMED_BIND is not
10266 defined -- this confuses gethostbyname on hosts
10269 Log SMTP server subprocesses that die with a signal instead
10270 of from a clean exit.
10271 If you don't have option "I" set, don't assume that a DNS
10272 "host unknown" message is authoritative -- it
10274 Fix a problem that would cause Deferred: messages to be sent
10276 actual cause of a message was more severe than that.
10281 versions of syslog(3). This adds a new compile time
10284 Fix quotes inside of comments in addresses -- previously
10292 Change -qI, -qR, and -qS flags to be case-insensitive as
10298 Fix a problem that caused a seg fault if you got a 421 error
10301 the other end, but it shouldn't give a seg fault in
10303 Fix core dump caused by a ruleset call that returns null.
10305 Full-Name: field was being ignored. Fix from Motonori Nakamura
10307 Fix a possible problem with very long input lines in setproctitle.
10309 Avoid putting "This is a warning message" out on return receipts.
10313 Initialize non-alias maps during alias rebuilds -- they may be
10318 Don't reflect the owner-list contents into the envelope sender
10321 Efficiency hack for toktype macro -- from Craig Partridge of
10323 Clean up DNS error printing so that a host name is always
10328 canonification as the name of a file with per-user host
10332 using [IPC]) should die on a core dump.
10337 to include a host name or other useful information.
10340 Fix a glitch that sometimes caused :include:s that pointed to
10345 Fix a problem that could cause a core dump if the input sequence
10346 had (or somehow acquired) a \231 character.
10347 Make sure that route-addrs always have <angle brackets> around
10348 them in non-SMTP envelopes (SMTP envelopes already do
10351 ``Joe User <user)'' -- this caused reference to the
10353 Fix a problem that caused an alias "user: user@local.host" to
10357 very hard to to set up satellite sites that had a few
10358 local accounts, with everything else forwarded to a
10365 non-idempotent unless a mailer-specific ruleset did
10370 -C config -v -q'' it would choke on the -q because
10371 the -C would stop looking for old-format arguments.
10395 HP-UX from various people. NOTA BENE: the location
10397 to match the HP-UX version of sendmail.
10406 CONFIG: fix thumb-fumble in default UUCP relaying in ruleset
10411 CONFIG: Add trailing "." on pseudo-domains for consistency;
10412 this fixes a problem (noted by Al Whaley of Sunnyside)
10415 CONFIG: catch "@host" syntax errors (i.e., null local-parts)
10418 CONFIG: add uucp-uudom mailer variant, based on code posted
10420 has uucp-dom semantics but old UUCP syntax. This
10421 also permits "uucp-old" as an alias for "uucp" and
10422 "uucp-new" as a synonym for "suucp" for consistency.
10425 CONFIG: drop CSNET_RELAY support -- CSNET is long gone.
10433 CONFIG: changes to UUCP rewriting to simulate IDA-style "V"
10438 CONFIG: portability fixes for HP-UX.
10445 SIGNIFICANT USER- OR SYSAD-VISIBLE CHANGES:
10446 On HP-UX, /etc/sendmail.cf has been moved to
10448 Permissions have been tightened up on world-writable
10473 Repair core-dump problem (write to read-only memory segment)
10474 if you fall back to the return-to-Postmaster case in
10480 in a few critical places.
10481 Minor problem in initsys() that reversed a condition for
10485 and High-Energy Physics.
10487 such as double-reading the Errors-To: header. From
10490 data file) were getting suppressed in SMTP -- this
10493 Some changes to support AF_UNIX sockets -- this will only
10503 Fix a problem that caused error messages to be discarded if
10513 CONFIG: change uucp-dom mailer so that "<>" translates to $n;
10521 Put a "successful delivery" message in the transcript for
10522 addresses that get return-receipts.
10523 Put a prominent "this is only a warning" message in warning
10524 messages -- some people don't read carefully enough
10533 If there is an error when writing the body of a message,
10534 don't send the trailing dot and wait for a response
10541 Fix a problem that can cause srvrsmtp to reject mail if the
10542 name server is down -- it accepts the RCPT but rejects
10545 Fix a problem that can cause core dumps if the config file
10546 incorrectly resolves to a null hostname. Reported by
10548 Non-root use of -C flag, dangerous -f flags, and use of -oQ
10549 by non-root users were not put into
10550 X-Authentication-Warning:s as intended because the
10552 from Sven-Ove Westberg of the University of Lulea.
10554 could get confused as to whether a database was
10556 Check "vendor code" on the end of V lines -- this is
10557 intended to provide a hook for vendor-specific
10558 configuration syntax. (This is a "new feature",
10559 but I've made an exception to my rule in a belief
10560 that this is a highly exceptional case.)
10562 SCO Unix (from Murray Kucherawy), A/UX, and OSF/1
10567 Portability fixes for A/UX and Encore UMAX V.
10568 Fix error message handling -- if you had a name server down
10576 getdtablesize() instead of sysconf(); a disturbingly
10583 in the header of the message (e.g., a bad Errors-To:
10586 is an IDA-ism suggested by Christophe Wolfhugel.
10611 Fix a couple of efficiency problems where newstr was double-
10615 Fix null pointer dereference in putoutmsg -- only on an error
10616 condition from a non-SMTP mailer. From Motonori
10619 "CX $Z" works.
10622 is closed during a DATA command after getting an error
10625 Fix reply to NOOP to be 250 instead of 200 -- this is a long
10627 Fix a nasty bug causing core dumps when returning the "warning:
10628 cannot deliver for N hours -- will keep trying" message;
10634 Don't do a chdir into the queue directory in -bt mode to make
10635 ruleset testing a bit easier.
10636 Don't allow users to turn off logging (using -oL) on the command
10637 line -- command line can only raise, not lower, logging
10642 specs, because it does not guarantee a domain on the
10644 Fix a problem that dumped error messages on bad addresses if
10645 you used the -t flag. Problem noted by Josh Smith of
10647 Given an address such as ``<foo> <bar>'', auto-quote the first
10651 Fix a null pointer dereference if you set option "l", have
10652 an Errors-To: header in the message, and have Errors-To:
10654 Put YPCOMPAT on #ifdef NIS instead -- it's one less thing to get
10656 Fix a problem that could pass negative SIZE parameter if the
10658 give a temporary failure, making the problem even worse.
10666 to the FQDN; $m remains as before. This lets well-behaved
10669 Add makesendmail script in src to try to automate multi-architecture
10670 builds. I know, this is sub-optimal, but it is still
10672 Fix very obscure race condition that can cause a queue run to
10673 get a queue file for an already completed job. This
10676 Fix a problem that caused the raw sender name to be passed to
10677 udbsender instead of the canonified name -- this caused
10679 Relax check of name on HELO packet so that a program using -bs
10682 buildaddr -- this requires passing a lot of flags to get
10685 Fix a bug that caused core dumps in config files that cannot
10691 would get returned), and then re-reading the queue from
10693 Fix a problem that caused aliases that redefine an otherwise
10696 ways (e.g, if they pointed at a list:; syntax address).
10701 using both -odb and -t flags. Problem noted by Rob
10706 Add "restrictqrun" privacy flag -- without this, anyone can run
10712 Put all [...] address forms into $=w -- this eliminates the need
10715 Fix a bug that can cause qf files to be left around even after
10718 Don't send a PostmasterCopy to errors when the Precedence: is
10725 run over a slow slip line you may need to set these down
10735 Fix makemap -f flag to turn off case folding (it was turning it
10736 on instead). THIS IS A USER VISIBLE CHANGE!!!
10737 Fix a problem that caused multiple error messages to be sent if
10738 you used "sendmail -t -oem -odb", your system uses fcntl
10746 Fix a problem that caused aliaswait to go into infinite recursion
10750 Do a better estimation of the size of error messages when NoReturn
10752 Fix a problem causing the "c" option (don't connect to expensive
10760 Re-enable Return-Receipt-To: -- people seem to want this stupid
10764 Be more generous at assigning $z to the home directory -- do this
10765 for programs that are specified through a .forward file.
10767 Always save a fatal error message in preference to a non-fatal
10773 CONFIG: class $=Z is a set of UUCP hosts that use uucp-dom
10774 connections (domain-ized UUCP).
10775 CONFIG: fix bug in default maps (-o must be before database file
10781 of the standards, since it doesn't guarantee a domain
10783 CONFIG: don't assume "m" in local mailer flags -- this means that
10790 CONFIG: add FEATURE(nullclient) to create a config file that
10791 forwards all mail to a hub without ever looking at the
10794 used to change .BITNET form into %-hack form.
10795 CONFIG: fix a problem that caused infinite loops if presented
10798 the reverse "PTR" mapping is broken. There's a better
10804 Serious bug: if you used a command line recipient that was unknown
10805 sendmail would not send a return message (it was treating
10806 everything as though it had an SMTP-style client that
10809 even during a T_ANY query. This actually didn't break
10816 Fix a problem causing error messages to always include "The
10820 version of "test" doesn't have the -x flag). Change it
10821 to use -f instead. From John Myers.
10822 CONFIG: 8.4 mistakenly set the default SMTP-style mailer to
10823 esmtp -- it should be smtp.
10825 to "relay" (a variant of "smtp") if MAILER(smtp) is used,
10827 this cleans up the configs somewhat. This fixes a serious
10828 problem that caused route-addrs to get mistaken as relays,
10834 Add option `w'. If you receive a message that comes to you because
10839 `w' is not set, this case is a configuration error.
10845 Fix a problem that caused the incoming socket to be left open
10848 entire list was processed and the child closed -- a
10852 addresses, one of which was a bad address, to completely
10855 EF_GLOBALERRS flag. This also fixes a potential problem
10856 with duplicate error messages if there is a syntax error
10857 in the header of a message that isn't noticed until late
10859 of Harvey Mudd College. This release includes quite a bit
10862 will only hurt already-broken software and should help
10864 Fix a problem that broke aliases when neither NDBM nor NEWDB were
10875 Fix a bug causing getmxrr to add a dot to the end of unqualified
10876 domains that do not have MX records -- this would cause
10880 Fix invocation of setvbuf when passed a -X flag -- I had
10883 Diagnose self-destructive alias loops on RCPT as well as EXPN.
10900 Fix a problem that inappropriately added a ctladdr to addresses
10901 that shouldn't have had one during a queue run. This
10903 a queue run than a direct run.
10905 the direct run of the queue from srvrsmtp -- this was
10908 auto-restart the daemon with all appropriate arguments.
10909 Use "kill `head -1 /etc/sendmail.pid`" to stop the
10910 daemon, and "eval `tail -1 /etc/sendmail.pid`" to
10912 Remove the ``setuid(getuid())'' in main -- this caused the
10916 to have a bug causing seteuid() to set the saved uid
10921 fallback to yourself -- most of the code was there,
10932 any call from a shell that creates a process group id
10938 Support -M as equivalent to -oM on Ultrix -- apparently
10939 DECnet calls sendmail with -MrDECnet -Ms<HOST> -bs
10943 SGI IRIX -- this includes several changes that should
10945 SCO Unix -- from Murray Kucherawy of HookUp Communication
10955 several people have made a good argument that this
10958 CONFIG: generalize all the relays to accept a "mailer:host"
10960 CONFIG: move local processing in ruleset 0 into a new ruleset
10961 98 (8 on old sendmail). Domain literal [a.b.c.d]
10964 internet-style addresses would "fall off the end" of
10965 ruleset zero and be interpreted as local -- however,
10968 CONFIG: USENET rules weren't included in S0 because of a mistaken
10975 Prompted by a comment by Bill Wisner of The Well.
10978 to esmtp but use a mailertable or other override to
10988 involved a new compile flag "HASSETEUID" that takes
10989 the place of the old _POSIX_SAVED_IDS -- it turns out
10992 HP-UX. Also fixes problems where the real uid is
10994 Fix a problem that caused timed out messages to not report the
10999 Further Solaris portability changes -- doesn't require the BSD
11000 compatibility library. This also adds a new
11006 Fix a problem that can cause duplicate error messages to be
11009 to an account that has a .forward file (whew!).
11010 Fix a problem causing messages to be discarded if checkcompat()
11014 on fdopen(-1) returning NULL, which isn't the case. This
11018 messages sent through UUCP-family mailers. Suggested
11021 include a "uucp-dom" mailer that uses domain-style
11029 Don't drop out on config file parse errors in -bt mode.
11030 On older configuration files, assume option "l" (use Errors-To
11032 imply an endorsement of the Errors-To: header in any way.
11033 Accept -x flag on AIX-3 as well as OSF/1. Why, why, why???
11034 Don't log errors on EHLO -- it isn't a "real" error for an old
11043 Debugging: -d17 was overloaded (hostsignature and usersmtp.c);
11044 move usersmtp (smtpinit and smtpmailfrom) to -d18 to
11052 Clean up statistics gathering; it was over-reporting because of
11054 Fix problem that causes old Return-Path: line to override new
11055 Return-Path: line (conf.c needs H_FORCE to avoid
11056 re-using old value). From Motonori Nakamura.
11057 Fix broken -m flag in K definition -- even if -m (match only)
11074 reading a .forward file; this gets around some problems
11078 Additional HP-UX portability enhancements from Brian Bullen.
11079 Add a timeout around SMTP message writes; this assumes you can
11085 Change map code to set the "include null" flag adaptively --
11087 matching without a null it never tries again with a
11088 null and vice versa. If -N is specified, it never
11089 tries without the null and creates new maps with a
11090 null byte. If -O is specified, it never tries with
11091 the null (for efficiency). If -N and -O are specified,
11092 you get -NO (get it?) lookup at all, so this would
11093 be a bad idea. If you don't specify either -N or -O,
11100 log. For example, if you lost a connection, don't
11104 one being closed when execing a mailer; it seems to
11108 Add "-X filename" command line flag, which logs both sides of
11111 it up, send a message from a mailer that is failing,
11117 have a local net that should get direct connects, you
11120 CONFIG: add LOCAL_MAILER_ARGS (default: `mail -d $u') to handle
11121 sites that don't use the -d flag.
11133 to override the "system name" as your UUCP name --
11134 in particular, to use domain-ized UUCP names. From
11138 but could be used in a mailertable entry.
11143 If a subroutine returns a fully qualified address, return it
11145 This fixes a problem with mailertable lookups.
11148 8.1B/8.1A 1993/06/12
11153 8.1A/8.1A 1993/06/08