1 2 3 K N O W N B U G S I N S E N D M A I L 4 5 6The following are bugs or deficiencies in sendmail that we are aware of 7but which have not been fixed in the current release. You probably 8want to get the most up to date version of this from ftp.sendmail.org 9in /pub/sendmail/KNOWNBUGS. For descriptions of bugs that have been 10fixed, see the file RELEASE_NOTES (in the root directory of the sendmail 11distribution). 12 13This list is not guaranteed to be complete. 14 15* Delivery to programs that generate too much output may cause problems 16 17 If e-mail is delivered to a program which generates too much 18 output, then sendmail may issue an error: 19 20 timeout waiting for input from local during Draining Input 21 22 Make sure that the program does not generate output beyond a 23 status message (corresponding to the exit status). This may 24 require a wrapper around the actual program to redirect output 25 to /dev/null. 26 27 Such a problem has been reported for bulk_mailer. 28 29* Null bytes are not handled properly in headers. 30 31 Sendmail should handle full binary data. As it stands, it handles 32 all values in the body, but not 0x00 in the header. Changing 33 this would require a major restructuring of the code -- for 34 example, almost no C library support could be used to handle 35 strings. 36 37* Header checks are not called if header value is too long or empty. 38 39 If the value of a header is longer than 1250 (MAXNAME + MAXATOM - 6) 40 characters or it contains a single word longer than 256 (MAXNAME) 41 characters then no header check is done even if one is configured for 42 the header. 43 44* Header lines which are too long will be split incorrectly. 45 46 Header lines which are longer than 2045 characters will be split 47 but some characters might be lost. Fix: obey RFC (2)822 and do not 48 send lines that are longer than 1000 characters. 49 50* Sender addresses whose domain part cause a temporary A record lookup 51 failure but have a valid MX record will be temporarily rejected in 52 the default configuration. Solution: fix the DNS at the sender side. 53 If that's not easy to achieve, possible workarounds are: 54 - add an entry to the access map: 55 dom.ain OK 56 - (only for advanced users) replace 57 58# Resolve map (to check if a host exists in check_mail) 59Kresolve host -a<OKR> -T<TEMP> 60 61 with 62 63# Resolve map (to check if a host exists in check_mail) 64Kcanon host -a<OKR> -T<TEMP> 65Kdnsmx dns -R MX -a<OKR> -T<TEMP> 66Kresolve sequence dnsmx canon 67 68 69* Duplicate error messages. 70 71 Sometimes identical, duplicate error messages can be generated. As 72 near as I can tell, this is rare and relatively innocuous. 73 74* Misleading error messages. 75 76 If an illegal address is specified on the command line together 77 with at least one valid address and PostmasterCopy is set, the 78 DSN does not contain the illegal address, but only the valid 79 address(es). 80 81* \231 considered harmful. 82 83 Header addresses that have the \231 character (and possibly others 84 in the range \201 - \237) behave in odd and usually unexpected ways. 85 86* accept() problem on SVR4. 87 88 Apparently, the sendmail daemon loop (doing accept()s on the network) 89 can get into a weird state on SVR4; it starts logging ``SYSERR: 90 getrequests: accept: Protocol Error''. The workaround is to kill 91 and restart the sendmail daemon. We don't have an SVR4 system at 92 Berkeley that carries more than token mail load, so I can't validate 93 this. It is likely to be a glitch in the sockets emulation, since 94 "Protocol Error" is not possible error code with Berkeley TCP/IP. 95 96 I've also had someone report the message ``sendmail: accept: 97 SIOCGPGRP failed errno 22'' on an SVR4 system. This message is 98 not in the sendmail source code, so I assume it is also a bug 99 in the sockets emulation. (Errno 22 is EINVAL "Invalid Argument" 100 on all the systems I have available, including Solaris 2.x.) 101 Apparently, this problem is due to linking -lc before -lsocket; 102 if you are having this problem, check your Makefile. 103 104* accept() problem on Linux. 105 106 The accept() in sendmail daemon loop can return ETIMEDOUT. An 107 error is reported to syslog: 108 109 Jun 9 17:14:12 hostname sendmail[207]: NOQUEUE: SYSERR(root): 110 getrequests: accept: Connection timed out 111 112 "Connection timed out" is not documented as a valid return from 113 accept(2) and this was believed to be a bug in the Linux kernel. 114 Later information from the Linux kernel group states that Linux 115 2.0 kernels follow RFC1122 while sendmail follows the original BSD 116 (now POSIX 1003.1g draft) specification. The 2.1.X and later kernels 117 will follow the POSIX draft. 118 119* Excessive mailing list nesting can run out of file descriptors. 120 121 If you have a mailing list that includes lots of other mailing 122 lists, each of which has a separate owner, you can run out of 123 file descriptors. Each mailing list with a separate owner uses 124 one open file descriptor (prior to 8.6.6 it was three open 125 file descriptors per list). This is particularly egregious if 126 you have your connection cache set to be large. 127 128* Connection caching breaks if you pass the port number as an argument. 129 130 If you have a definition such as: 131 132 Mport, P=[IPC], F=kmDFMuX, S=11/31, R=21, 133 M=2100000, T=DNS/RFC822/SMTP, 134 A=IPC [127.0.0.1] $h 135 136 (i.e., where $h is the port number instead of the host name) the 137 connection caching code will break because it won't notice that 138 two messages addressed to different ports should use different 139 connections. 140 141* ESMTP SIZE underestimates the size of a message 142 143 Sendmail makes no allowance for headers that it adds, nor does it 144 account for the SMTP on-the-wire \r\n expansion. It probably doesn't 145 allow for 8->7 bit MIME conversions either. 146 147* Client ignores SIZE parameter. 148 149 When sendmail acts as client and the server specifies a limit 150 for the mail size, sendmail will ignore this and try to send the 151 mail anyway. The server will usually reject the MAIL command 152 which specifies the size of the message and hence this problem 153 is not significant. 154 155* Paths to programs being executed and the mode of program files are 156 not checked. Essentially, the RunProgramInUnsafeDirPath and 157 RunWritableProgram bits in the DontBlameSendmail option are always 158 set. This is not a problem if your system is well managed (that is, 159 if binaries and system directories are mode 755 instead of something 160 foolish like 777). 161 162* 8-bit data in GECOS field 163 164 If the GECOS (personal name) information in the passwd file contains 165 8-bit characters, those characters can be included in the message 166 header, which can cause problems when sending SMTP to hosts that 167 only accept 7-bit characters. 168 169* 8->7 bit MIME conversion 170 171 When sendmail is doing 8->7 bit MIME conversions, and the message 172 contains certain MIME body types that cannot be converted to 7-bit, 173 sendmail will pass the message as 8-bit. 174 175* 7->8 bit MIME conversion 176 177 If a message that is encoded as 7-bit MIME is converted to 8-bit and 178 that message when decoded is illegal (e.g., because of long lines or 179 illegal characters), sendmail can produce an illegal message. 180 181* MIME encoded full name phrases in the From: header 182 183 If a full name phrase includes characters from MustQuoteChars, sendmail 184 will quote the entire full name phrase. If MustQuoteChars includes 185 characters which are not special characters according to STD 11 (RFC 186 822), this quotation can interfere with MIME encoded full name phrases. 187 By default, sendmail includes the single quote character (') in 188 MustQuoteChars even though it is not listed as a special character in 189 STD 11. 190 191* bestmx map with -z flag truncates the list of MX hosts 192 193 A bestmx map configured with the -z flag will truncate the list 194 of MX hosts. This prevents creation of strings which are too 195 long for ruleset parsing. This can have an adverse effect on the 196 relay_based_on_MX feature. 197 198* Saving to ~sender/dead.letter fails if su'ed to root 199 200 If ErrorMode is set to print and an error in sending mail occurs, 201 the normal action is to print a message to the screen and append 202 the message to a dead.letter file in the sender's home directory. 203 In the case where the sender is using su to act as root, the file 204 safety checks prevent sendmail from saving the dead.letter file 205 because the sender's uid and the current real uid do not match. 206 207* Berkeley DB 2.X race condition with fcntl() locking 208 209 There is a race condition for Berkeley DB 2.X databases on 210 operating systems which use fcntl() style locking, such as 211 Solaris. Sendmail locks the map before calling db_open() to 212 prevent others from modifying the map while it is being opened. 213 Unfortunately, Berkeley DB opens the map, closes it, and then 214 reopens it. fcntl() locking drops the lock when any file 215 descriptor pointing to the file is closed, even if it is a 216 different file descriptor than the one used to initially lock 217 the file. As a result there is a possibility that entries in a 218 map might not be found during a map rebuild. As a workaround, 219 you can use makemap to build a map with a new name and then 220 "mv" the new db file to replace the old one. 221 222 Sleepycat Software has added code to avoid this race condition to 223 Berkeley DB versions after 2.7.5. 224 225* File open timeouts not available on hard mounted NFS file systems 226 227 Since SIGALRM does not interrupt an RPC call for hard mounted 228 NFS file systems, it is impossible to implement a timeout on a file 229 open operation. Therefore, while the NFS server is not responding, 230 attempts to open a file on that server will hang. Systems with 231 local mail delivery and NFS hard mounted home directories should be 232 avoided, as attempts to open the forward files could hang. 233 234* Race condition for delivery to set-user-ID files 235 236 Sendmail will deliver to a fail if the file is owned by the DefaultUser 237 or has the set-user-ID bit set. Unfortunately, some systems clear that bit 238 when a file is modified. Sendmail compensates by resetting the file mode 239 back to it's original settings. Unfortunately, there's still a 240 permission failure race as sendmail checks the permissions before locking 241 the file. This is unavoidable as sendmail must verify the file is safe 242 to open before opening it. A file can not be locked until it is open. 243 244* MAIL_HUB always takes precedence over LOCAL_RELAY 245 246 Despite the information in the documentation, MAIL_HUB ($H) will always 247 be used if set instead of LOCAL_RELAY ($R). This will be fixed in a 248 future version. 249 250$Revision: 8.59 $, Last updated $Date: 2007/02/21 23:13:58 $ 251