Frequently Asked Questions Last updated April 3, 2007 _________________________________________________________________ Top 5 - the most frequently asked questions about sendmail 1. Local config error: see 4.5 2. Relaying denied: see 3.27 3. Directory permissions: see 3.33 4. Virtual hosting: see 3.7 & 3.28 5. POP / IMAP: see 4.19 _________________________________________________________________ Table of Contents * 0. Plain-text version now available. * 1. COPYRIGHT NOTICE / REDISTRIBUTION REQUIREMENTS * 2. INTRODUCTION / MISCELLANEOUS + 2.1 What is this newsgroup? + 2.2 What is the scope of this FAQ? + 2.3 Where can I find the latest version of this FAQ? + 2.4 Where can I send comments, questions and bug reports? + 2.5 Where can I ask email-related DNS questions? + 2.6 How can I subscribe to these newsgroups? + 2.7 Which version of sendmail should I run? + 2.8 What is the latest release of sendmail? + 2.9 Where can I find it? + 2.10 What are the differences between Version 8 and other versions? + 2.11 What's the best platform for running sendmail? + 2.12 What is BIND and where can I get the latest version? + 2.13 What is smrsh and where can I get it? + 2.14 What is smap and where can I get it? + 2.15 What is TCP-Wrappers and where can I get it? + 2.16 Why won't db 1.85 build on my machine? + 2.17 What is makemap and where can I get it? * 3. VERSION 8 SPECIFIC ISSUES + 3.1 How do I make all my addresses appear to be from a single host? + 3.2 How do I rewrite my "From:" lines to read ``First_Last@My.Domain'' or ``Different_Name@My.Domain''? + 3.3 But what about fully-qualified addresses, such as those from Pine or FEATURE(always_add_domain)? + 3.4 So what was the user database feature intended for? + 3.5 Why the hostility toward using full names for email addresses? + 3.6 deprecated + 3.7 How do I manage several (virtual) domains? + 3.8 There are four UUCP mailers listed in the configuration files. Which one should I use? + 3.9 deprecated + 3.10 How do I solve "collect: I/O error on connection" or "reply: read error from host.name" errors? + 3.11 Why can't my users forward their mail to a program? + 3.12 Why do connections to the SMTP port take such a long time? + 3.13 Why do I get "unknown mailer error 5 -- mail: options MUST PRECEDE recipients" errors? + 3.14 Why does version 8 sendmail panic my SunOS box? + 3.15 Why does the Unix From line get mysteriously munged when I send to an alias? + 3.16 Why doesn't MASQUERADE_AS (or the user database) work for envelope addresses as well as header addresses? + 3.17 How do I run version 8 sendmail and support the MAIL11V3 protocol? + 3.18 Why do messages disappear from my queue unsent? + 3.19 When is sendmail going to support RFC 2047 MIME header encoding? + 3.20 Why can't I get mail to some places, but instead always get the error "reply: read error from name.of.remote.host"? + 3.21 Why doesn't "FEATURE(xxx)" work? + 3.22 How do I configure sendmail not to use DNS? + 3.23 How do I get all my queued mail delivered to my Unix box from my ISP? + 3.24 Why do I get the error message unable to write /etc/mail/sendmail.pid? + 3.25 Why can't I compile sendmail with Berkeley DB 2.X? + 3.26 What operating systems has Berkeley sendmail been ported to? + 3.27 How do I prevent Relaying Denied errors for my clients? + 3.28 Why isn't virtual hosting working, even after I added a Kvirtuser line to sendmail.cf ? + 3.29 How can I add a header specifying the actual recipient when having multiple users in a virtual domain go to a single mailbox? + 3.30 What do I do when Build fails because groff was not found? + 3.31 What does "class hash not available" mean? + 3.32 How do I configure majordomo with sendmail 8.9 without relaxing the DontBlameSendmail option? + 3.33 How do I configure my system in general with sendmail 8.9? + 3.34 What does "foo not available for sendmail programs" mean? + 3.35 How do I add a footer/signature to all (outgoing) e-mail messages? + 3.36 What does "Cannot open hash database ... Invalid argument" mean? + 3.37 What does "parse error before `NDBM'" mean? + 3.38 What does "may be forged" mean? + 3.39 How do I send using an alternate port? + 3.40 Why can't I use BerkeleyDB 4.1.x? + 3.41 How do I use CIDR notation in the access map (or other places)? + 3.42 Why isn't CIDR notation directly supported by sendmail? + 3.43 What does "Need to recompile with -DNEWDB for hash support" mean? + 3.44 I disabled sendmail on some machines which don't receive mail, but since upgrading to 8.12 they can't send mail either; why? * 4. GENERAL SENDMAIL ISSUES + 4.1 Should I use a wildcard MX for my domain? + 4.2 How can I set up an auto-responder? + 4.3 How can I get sendmail to deliver local mail to $HOME/.mail instead of into /usr/spool/mail (or /usr/mail)? + 4.4 Why does it deliver the mail interactively when I'm trying to get it to go into queue only mode? + 4.5 How can I solve "MX list for hostname points back to hostname" and "config error: mail loops back to myself" messages? + 4.6 Why does my sendmail process sometimes hang when connecting over a SLIP/PPP link? + 4.7 How can I summarize the statistics generated by sendmail in the syslog? + 4.8 How can I check my sendmail.cf to ensure that it's re-writing addresses correctly? + 4.9 What is procmail, and where can I get it? + 4.10 How can I solve "cannot alias non-local names" errors? + 4.11 Is sendmail Year 2000 (Y2K) compliant? + 4.12 How can I batch remote mail to be sent using my ISP while delivering local mail immediately? + 4.13 What does "unknown mailer error 1" mean? + 4.14 How do I queue mail for another domain? + 4.15 How do I create attachments with sendmail? + 4.16 How do I find sendmail's version number? + 4.17 How do I handle user names with upper-case characters? + 4.18 What does "NOQUEUE: Null connection from ..." mean? + 4.19 How do I configure sendmail for POP/IMAP/... ? + 4.20 How can I automatically copy messages based on sender or recipient addresses? + 4.21 How can I send mail to all users? + 4.22 Why can't I receive external mail? + 4.23 How do I restrict attachments with sendmail? + 4.24 Can I get sendmail to verify an entire e-mail address instead of just the domain? * 5. VENDOR/OS SPECIFIC SENDMAIL ISSUES + 5.1 Sun Microsystems SunOS/Solaris 1.x/2.x o 5.1.1 How can I solve "line 273: replacement $3 out of bounds" errors? o 5.1.2 How can I solve "line 445: bad ruleset 96 (50 max)" errors? o 5.1.3 Why does version 8 sendmail (< 8.7.5) sometimes hang under Solaris 2.5? o 5.1.4 Why can't I use SunOS/Solaris to get email to certain large sites? o 5.1.5 Why do I have trouble compiling on Solaris? o 5.1.6 How does 8.X compare to 8.X+Sun? + 5.2 IBM AIX o 5.2.1 The system resource controller always reports sendmail as "inoperative". What's wrong? o 5.2.2 Why can't I use AIX to get email to some sites? o 5.2.3 Why can't I get sendmail 8.7.1 to use MX records with AIX 3.2.5? + 5.3 Linux o 5.3.1 Red Hat # 5.3.1.1 Why do I have so many sendmail problems after configuring sendmail with linuxconf? # 5.3.1.2 I built sendmail.cf from sendmail.mc and it works until the next reboot of the machine. What is going on? # 5.3.1.3 Why can't I receive mail with Red Hat 7.1 and later? o 5.3.2 SuSE # 5.3.2.1 Where is the sendmail.mc file on SuSE Linux? * 6. ADDITIONAL INFORMATION SOURCES (RFC 1807 bibliography format) + 6.1 Reference material devoted exclusively to sendmail + 6.2 Reference material with chapters or sections on sendmail + 6.3 Reference material on subjects related to sendmail + 6.4 World-wide web index pages on sendmail + 6.5 World-wide web index pages Internet email in general + 6.6 Online tutorials for sendmail + 6.7 Online archives of mailing lists and Usenet newsgroups, relating to Internet email * 7. THANKS! sendmail.org 1. COPYRIGHT NOTICE / REDISTRIBUTION REQUIREMENTS The entire contents of this document are copyright 1997 - 2000 by the Sendmail Consortium, all rights reserved. This document may be freely distributed for non-profit purposes (including, but not limited to: posting to mailing lists, Usenet newsgroups, and world-wide-web pages; inclusion on CD-ROM or other distribution media; and insertion into text retrieval systems), so long as it is the latest version available at the time, all parts are distributed together, and it is kept completely intact without editing, changes, deletions, or additions. Non-profit redistribution in accordance with these guidelines does not require contact with or approval from the copyright holder. Redistribution of this document for profit without express prior permission is not allowed. At the very least, expect to provide the copyright holder a free copy of the product (exactly as it would be sold to customers, all distribution media intact), or a percentage of the gross revenue from said product and sufficient proof that the integrity and completeness requirements set for non-profit distribution will be met. In the event that the copyright holder discovers a redistributed version that is not in compliance with the above requirements, he will make a good-faith effort to get it corrected or removed, and failing that, at least note its deprecated status in a new version. Legal action will likely be taken against redistribution for profit that is not in compliance with the above requirements. sendmail.org 2. INTRODUCTION / MISCELLANEOUS * 2.1 What is this newsgroup? * 2.2 What is the scope of this FAQ? * 2.3 Where can I find the latest version of this FAQ? * 2.4 Where can I send comments, questions and bug reports? * 2.5 Where can I ask email-related DNS questions? * 2.6 How can I subscribe to these newsgroups? * 2.7 Which version of sendmail should I run? * 2.8 What is the latest release of sendmail? * 2.9 Where can I find it? * 2.10 What are the differences between Version 8 and other versions? * 2.11 What's the best platform for running sendmail? * 2.12 What is BIND and where can I get the latest version? * 2.13 What is smrsh and where can I get it? * 2.14 What is smap and where can I get it? * 2.15 What is TCP-Wrappers and where can I get it? * 2.16 Why won't db 1.85 build on my machine? * 2.17 What is makemap and where can I get it? _________________________________________________________________ Q2.1 -- What is this newsgroup? Date: May 28, 1996 The Usenet newsgroup comp.mail.sendmail is dedicated to the discussion of the program named "sendmail" in all its various forms. It is most commonly found on computers running a flavor of the Operating System known as Unix, or derived from Unix. This program has been ported to other OSes, but those versions have typically been ported by a particular vendor and are considered proprietary. There are many versions of sendmail, but the original author (Eric Allman) is continuing development on a particular version typically referred to as "Version Eight" or sometimes just "V8". This is considered by many to be the One True Version. This is also the version that this FAQ is centered around. If you have a question that amounts to "How do I send mail to my friend?", then you're in the wrong newsgroup. You should first check with your System or E-Mail Administrator(s), BBS SysOp(s), etc... before you post your question publicly, since the answer will likely be very highly dependent on what software and hardware you have. You also don't want to embarrass yourself publicly, nor do you want to annoy the kinds of people who are likely to be the counterparts of your System or E-Mail Administrator(s), BBS SysOp(s), etc.... If asking them doesn't do you any good, make sure you read this FAQ and the other mail-related FAQs at the archive sites listed below. If you have a question about another program similar to sendmail (technically referred to as an "SMTP MTA"), an SMTP Gateway package, or a LAN email package, then you should see if there is another group in the comp.mail hierarchy that more closely matches the particular program you want to ask a question about. For example, the SMTP MTA known as Smail has comp.mail.smail dedicated to it. The Mail User Agent (MUA) Eudora has two newsgroups dedicated to it (comp.mail.eudora.mac and comp.mail.eudora.ms-windows), depending on which hardware platform you use. If there isn't a more appropriate newsgroup, try comp.mail.misc. Again, make sure your question isn't already addressed in one of the mail-related FAQs or other available documentation. See the IMC website (more info below) for a good list of mail-related FAQs. If you have a question about an older or vendor-proprietary version of sendmail, be prepared for a lot of answers that amount to "Get V8". Version 8 isn't a panacea, but it does solve many problems known to plague previous versions, as well as having many new features that make it much easier to administer large or complex sites. In many cases, it makes at least possible what was previously virtually impossible, and relatively easy the previously difficult. There are, of course, many alternative programs that have sprung up in an attempt to answer one or another weakness or perceived fault of sendmail, but so far, none of them have had the kind of success it would require to unseat it as the de facto standard program for sending Internet mail. Obviously, this forum should not be used to discuss the merits of any of the alternative programs versus sendmail. These kinds of discussions should be taken to comp.mail.misc, or you should agitate to get a new newsgroup or newsgroup hierarchy created where that sort of thing is acceptable (or even the norm, such as a comp.mail.advocacy or news:comp.mail.mta.advocacy newsgroup). _________________________________________________________________ Subject: Q2.2 -- What is the scope of this FAQ? Date: April 9, 1997 This FAQ is strongly centered around version 8 sendmail, for many reasons. First and foremost, this is the area of most interest on the part of the maintainers of this FAQ. Secondly, version 8 is where most of the additional development is being concentrated. Version 8 sendmail is also the best documented of all SMTP MTAs, by virtue of the book by Bryan Costales (see entry sendmail-faq//book/ISBN/1-56592-222-0 in Q6.1). Other versions of sendmail get mentioned in passing, and some interesting interactions between version 8 and various OSes is also covered. This FAQ is aimed primarily at the experienced Unix System Administrator/Postmaster/DNS Domain Administrator. If you're looking for introductory texts, see the references in Q6.1. _________________________________________________________________ Q2.3 -- Where can I find the latest version of this FAQ? Date: February 20, 1998 We post changes as they occur to the sendmail FAQ support page at http://www.sendmail.org/faq/. _________________________________________________________________ Q2.4 -- Where can I send comments, questions and bug reports? Date: April 26, 2006 First, please refer to our E-mail Addresses page (http://www.sendmail.org/misc/email-addresses.php), which has a more complete answer. Next, if you have a question about sendmail, then please post it to the Usenet group comp.mail.sendmail. This newsgroup is dedicated to sendmail. Please make sure you check the usual resources before posting and follow the netiquette. Also, if you do not have access to an NNTP server, you might want to use Google Groups. Finally, e-mail addresses to contact sendmail.org are (do not send questions about sendmail to these addresses, see above instead; replace YYYY with the current year, e.g., 2006, in all of these addresses): * < sendmail-YYYY (at) support.sendmail.org > for contributing patches, feature requests, and general comments but not questions how to use, install, or configure sendmail; * < sendmail-bugs-YYYY (at) support.sendmail.org > to report implementation bugs; * < sendmail-faq-YYYY (at) support.sendmail.org > only for comments / questions about the FAQ. Please mark your mail clearly with "FAQ: item" where item is the entry in the faq to which you are referring. If it is a general comment about the FAQ, use "FAQ: general", if it is an addition, use "FAQ: new". * < sendmail-security-YYYY (at) support.sendmail.org > (use this only to report security related bugs or problems in sendmail). Please do not use this to ask about problems with your configuration, including how to stop spam, how to set up your own certificate authority, how to make sendmail work with S/MIME, etc. All such questions should be asked in comp.mail.sendmail. Also, please do not tell us that you were able to forge mail by using telnet to connect to port 25; this is fundamental to the Internet design for SMTP, and not a sendmail bug. Please use PGP for encryption to send mail to this address. * < sendmail-mirror-YYYY (at) support.sendmail.org > for updates about a mirror (e.g., a new mirror or an address change). * < webmaster-YYYY (at) support.sendmail.org > for comments about the website. Note: remove all spaces in those addresses and replace "(at)" with "@" (without the quotes). If you post a message to comp.mail.sendmail and send it to one of the above addresses, please clearly indicate so at the top of your message. Also, please don't send HTML or graphics; plain text is sufficient. _________________________________________________________________ Q2.5 -- Where can I ask email-related DNS questions? Date: March 23, 1996 Depending on how deeply they get into the DNS, they can be asked here. However, you'll probably be told that you should send them to the Usenet newsgroup comp.protocols.tcp-ip.domains (DNS in general) or to the Info-BIND mailing list (if the question is specific to that program). _________________________________________________________________ Q2.6 -- How can I subscribe to these? Date: June 19, 1997 For comp.protocols.tcp-ip.domains, you have to be on Usenet. They don't have a news-to-mail gateway yet (I'm working on this), but they do have a FAQ. Questions from all levels of experience can be found on this newsgroup (as well as people to answer them), so don't be shy about asking a question you think may be too simple. Some more information from the BIND 8.1 src/README file: CAPTION: Kits, Questions, Comments, and Bug Reports URL Purpose ftp.isc.org/isc/bind/src/cur current non-test release ftp.isc.org/isc/bind/src/testing latest public test kit _________________________________________________________________ comp.protocols.dns.bind using BIND comp.protocols.dns.ops DNS operations in general comp.protocols.dns.std DNS standards in general _________________________________________________________________ bind-users-request@vix.com gw'd to c.p.d.bind namedroppers-request@internic.net gw'd to c.p.d.std bind-workers-request@vix.com code warriors only please _________________________________________________________________ www.isc.org/bind.html the BIND home page bind-bugs@isc.org bug reports _________________________________________________________________ Q2.7 -- Which version of sendmail should I run? Date: April 8, 1997 Updated: March 7, 2000 If you're concerned at all about the security of your machines, you should make sure you're at least running a recent release of version 8 sendmail (either from your vendor or the public version detailed in Q2.8). Check the CERT Alerts and Summaries to make sure that you're running a version that is free of known security holes. Just because the sendmail program provided by your vendor isn't listed doesn't mean that you're not vulnerable, however. If your particular vendor or version isn't listed, check with your vendor and on the appropriate Internet mailing lists and Usenet newsgroups to verify. If nothing else, the most recent public version is usually a pretty good bet, although you should check comp.mail.sendmail to see if anyone has posted recent comments that haven't yet been folded into a new release. That said, you need to look at what the primary function is for the machine. If its primary function is to run some CAD/CAM package on the desk of an engineer, then there's probably not much sense in replacing the vendor-supplied version of sendmail (assuming it's secure, according to the CERT Alerts and Summaries). Just set the machine up to forward all outbound mail to a central mail relay, and then worry about making that central mail relay the best it can be. Also arrange to have all their inbound mail pass through a central Mail eXchanger (probably the same machine as the central Mail Relay), for the same reasons. If the primary function for a machine is to act as that central Mail Relay/Mail eXchanger, then we *strongly* recommend the best version of sendmail you can get, and in our opinion that is the latest release of version 8. IDA sendmail is also pretty good, but virtually everything it does, version 8 does better, and version 8 has the additional advantage of having continued development as well. If fighting spam is a concern, then by all means upgrade to 8.10.X . 8.9.X has good anti-spam features, but 8.10.X has even more features, and the anti-spam ones are more flexible than those in 8.9.X . However, keep in mind that version 8 still hasn't been ported (so far as we know) to some of the older (and perhaps more esoteric) platforms, and if you're stuck using one of them, you may not have much choice. Some vendors have started shipping (or announced that they will soon ship) version 8 sendmail pre-configured for their machines. Unfortunately, in most cases this means you get a pre-compiled binary and a sendmail.cf file (that may need a bit of tweaking), but not much else of the "standard" version 8 sendmail installation kit. Silicon Graphics (SGI) and Hewlett-Packard are known to already be shipping version 8 sendmail in this fashion. Sun Microsystems did the same with SunOS 5.5, 5.5.1 and 5.6, shipping a version based on 8.6 with their own proprietary config files. Recent patches for 5.5.1 and 5.6, however, upgrade to a version based on 8.8.8 with a sendmail.cf that is only slightly tweaked. More importantly, a cf hierarchy is available under /usr/lib/mail/. More details are available at the Sun migration page. _________________________________________________________________ Q2.8 -- What is the latest release of sendmail? Date: October 24, 1997 Updated: April 3, 2007 For version 8 sendmail, there are six release trees. For those people who, for whatever reason, are unable or unwilling to upgrade to version 8.14.x, releases of versions 8.13, 8.12, 8.11, 8.10 and 8.9 sendmail are still available but are not being updated. The last release of version 8.9 sendmail was 8.9.3; the last release of 8.10 was 8.10.2; the last release of 8.11 was 8.11.6; the last release of 8.12 was 8.12.11; the last release of 8.13 was 8.13.8 . Version 8.14.1 was released on April 3, 2007. Version 8.14.0 was released on January 31, 2007. Version 8.13.8 was released on August 9, 2006. Version 8.13.7 was released on June 14, 2006. Version 8.13.6 was released on March 22, 2006. Version 8.13.5 was released on September 16, 2005. Version 8.13.4 was released on March 27, 2005. Version 8.13.3 was released on January 11, 2005. Version 8.13.2 was released on December 15, 2004. Version 8.13.1 was released on July 30, 2004. Version 8.13.0 was released on June 20, 2004. Version 8.12.11 was released on January 18, 2004. Version 8.12.10 was released on September 17, 2003. Version 8.12.9 was released on March 29, 2003. Version 8.12.8 was released on March 3, 2003. Version 8.12.7 was released on December 29, 2002. Version 8.12.6 was released on August 26, 2002. Version 8.12.5 was released on June 25, 2002. Version 8.12.4 was released on June 3, 2002. Version 8.12.3 was released on April 5, 2002. Version 8.12.2 was released on January 13, 2002. Version 8.12.1 was released on October 1, 2001. Version 8.12.0 was released on September 8, 2001. Version 8.11.6 was released on August 20, 2001. Version 8.11.5 was released on July 31, 2001. Version 8.11.4 was released on May 28, 2001. Version 8.11.3 was released on February 27, 2001. Version 8.11.2 was released on December 29, 2000. Version 8.11.1 was released on September 28, 2000. Version 8.11.0 was released on July 19, 2000. Version 8.10.2 was released on June 7, 2000. Version 8.10.1 was released on April 7, 2000. Version 8.10.0 was released on March 7, 2000. Version 8.9.3 was released on February 4, 1999. Version 8.9.2 was released on December 31, 1998. Version 8.9.1 was released on July 2, 1998. Version 8.9.0 was released on May 20, 1998. On machines exposed directly to the Internet, you should either already be running sendmail 8.14.1 or plan on upgrading in the immediate future. 8.14.1 is considered "stable", has fixes included that will not be found in any previous release, and therefore supercedes all previous releases. There is no further support for previous releases of sendmail. _________________________________________________________________ Q2.9 -- Where can I find it? Date: January 21, 1997 Updated: March 7, 2000 By anonymous FTP from ftp.sendmail.org in /pub/sendmail, or (in URL form) via ftp://ftp.sendmail.org/pub/sendmail/. If you care, there should be files in this directory that end with the extension ".sig" which you can check with PGP to make sure that corresponding archives haven't been modified. You'll need to have the PGP signing key of Sendmail.ORG on your public keyring to be able to verify these archives with their associated .sig files. There are no other known official version 8 sendmail mirrors. Check the sendmail home page at http://www.sendmail.org/ for late-breaking updates and other useful information. If you want to be notified regarding future updates to sendmail and other items of potential interest, you may want to subscribe to the sendmail-announce mailing list. Address your subscription requests to "majordomo@lists.sendmail.org" with "subscribe sendmail-announce" as the body of the message. _________________________________________________________________ Q2.10 -- What are the differences between Version 8 and other versions? Date: March 23, 1996 See doc/changes/changes.{me,ps} in the distribution. See also RELEASE_NOTES at the top level. _________________________________________________________________ Q2.11 -- What's the best platform for running sendmail? Date: April 8, 1997 Generally speaking, I adhere to the old axiom that you should choose what software you want to run first, then choose the platform (hardware and OS) that best runs this software. By this token, if sendmail is the software, then a recent version of BSD Unix would probably be best, since sendmail was developed at UC Berkeley on BSD Unix. FreeBSD and BSD/OS are two known implementations of BSD Unix for Intel-based PC's (among other hardware platforms), and this would make them the most "native" OSes for sendmail. FreeBSD is freely available by anonymous ftp or on CD-ROM, and BSD/OS is a commercial product. However, not everyone has this kind of "luxury". If you're on a homogeneous network (i.e., completely composed of only one type of hardware and OS), then you should probably be running the same OS as the rest of the machines on the network, regardless of the axiom stated above. You may have other problems, but you should at least be able to get some local support on the OS for your machine. Either way, if the primary function of the machine is to handle "large" quantities of mail (for whatever value you define "large" to be), I strongly recommend getting the latest stable release of version 8 sendmail. You may be surprised to find that it is easier for you to support only one version of sendmail across all the various platforms than it is to try to support multiple versions of sendmail, each unique for their particular platform. In that case, the easy solution is to put version 8 sendmail everywhere, and not have to worry about vendor-specific problems with older versions. For more information on BSD Unix in general, see the Usenet newsgroups under comp.unix.bsd, comp.bugs.4bsd, comp.os.386bsd. For more information on BSD/OS, see the BSD newsgroups mentioned above, or the BSD/OS Home Page at http://www.bsdi.com/. For more information on FreeBSD, see the Usenet newsgroups under news:comp.unix.bsd.freebsd, or the FreeBSD Home Page at http://www.freebsd.org/. _________________________________________________________________ Q2.12 -- What is BIND and where can I get the latest version? Date: June 24, 1997 BIND stands for "Berkeley Internet Name Daemon", and is the Internet de-facto standard program for turning host names into IP addresses. The BIND Home Page is at http://www.isc.org/bind.html, which provides pointers to the most recent release of BIND. In May of 1997, the first production version of BIND-8 was released. The ISC has deprecated BIND-4 other than for security related patches. No new features or portability changes will be added to BIND-4. You should be using BIND-8. Note that there are bugs in older resolver libraries, which can cause problems getting to large sites (that list more than five IP addresses for a particular name), or represent a huge security hole as they do not check the returned data to see if it will fit in the amount of space pre-allocated for it. If at all possible, you should get the most recent "release" version of BIND and make a serious attempt to integrate it into your configuration, since virtually all vendor-provided resolver libraries are woefully out of date. Note that since the release of BIND version 8.1, many people building sendmail have experienced problems compiling and linking with the new BIND include files and libraries under /usr/local/. A section in our Compiling Sendmail page explains this. _________________________________________________________________ Q2.13 -- What is smrsh and where can I get it? Date: July 9, 1996 Updated: July 1, 2000 smrsh is a restricted shell utility that provides the ability to specify, through a configuration, an explicit list of executable programs. When used in conjunction with sendmail, smrsh effectively limits sendmail's scope of program execution to only those programs specified in smrsh's configuration. smrsh has been written with portability in mind, and uses traditional Unix library utilities. As such, smrsh should compile on most Unix C compilers. The purpose for restricting the list of programs that can be executed in this manner is to keep mail messages (either through an alias or the .forward file in a user's home directory) from being sent to arbitrary programs which are not necessarily known to be sufficiently paranoid in checking their input, and can therefore be easily subverted (this is related to, but different from, the /etc/shells feature discussed in Q3.11). More information regarding the CERT-CC can be found at their web site, http://www.cert.org. For more information on CERT Alerts and CERT Summaries, see their advisories and summaries, respectively. You can find smrsh in the most recent sendmail source archive. Other very useful programs can be found in http://www.cert.org/other_sources/tool_sources.html. _________________________________________________________________ Q2.14 -- What is smap and where can I get it? Date: July 5, 1996 Smap (and smapd) are tools out of the Trusted Information Systems (TIS) Firewall Toolkit (fwtk). They were originally written by firewall expert Marcus Ranum under contract to TIS, and TIS is continuing what maintenance there is. Here is a link to the toolkit. Support questions regarding the toolkit may be sent to fwall-support@tis.com, while you may join their mailing list fwall-users@tis.com by sending electronic mail to fwall-users-request@tis.com. The concept of smap and smapd is that sendmail is a huge, monolithic setuid root program that is virtually impossible to verify as being "correct" and free from bugs (historically, sendmail has been rather buggy and an easy mark for system crackers to exploit, although with the advent of version 8 sendmail, this becomes much more difficult). In contrast, smap and smapd are very small (only a few hundred lines long), and relatively easy to verify as being correct and functioning as designed (however, as you will see later, we can question their design). According to the theory, it is therefore safer and "better" to run smap and smapd as "wrappers" around sendmail, which would no longer need to be run setuid root. Unfortunately, smap and smapd have a few problems of their own, and don't appear to have been updated since late March 1996. There have been conflicting reports of incompatibilities between smapd and sendmail 8.7.y (both cannot be run on the same machine, although if you're running sendmail 8.6.x and smap/smapd on the local machine, people on the outside can still use sendmail 8.7.y to talk to you). For further information on smap and smapd, see the documentation that comes with the TIS Firewall Toolkit. For more information on firewalls, see the Firewalls FAQ at http://www.interhack.net/pubs/fwfaq/ _________________________________________________________________ Q2.15 -- What is TCP-Wrappers and where can I get it? Date: April 8, 1997 Updated: April 2, 2001 TCP-Wrappers is another security enhancement package. The theory is that you take programs being run under inetd (see /etc/inetd.conf) and before you run the program to do the real work (ftpd, telnetd, etc...), you first run the connection attempt through a package that checks to see if the IP address of the source packet is coming from a host known to be either good or bad (you may filter connection attempts by source host name, domain name, raw IP address, port they are attempting to connect to; and either allow known good connections through thus refusing unknown connections, or accept all connections except those known to be bad). The practice of TCP-Wrappers actually follows the theory quite well. It is a very useful and important tool in the System Administrator's Bag of Things To Help You Secure Your Machine From Crackers, Spammers, Junkmailers, and Other Undesirables. However, it only works for programs that communicate via TCP packets (not UDP, such as NFS) started up out of inetd. It does not work for RPC-based services, and programs that start up a daemon outside of inetd and just leave it running obviously don't benefit beyond the initial connection that gets the daemon started (however, see the FTP URL below for other packages that can help secure RPC and portmapper-based services). However, most sendmail installations tend to start up a daemon and leave it running at all times. If you did run sendmail out of inetd, you'd lose the benefit of the load average checking code that is executed only in daemon mode, and for systems that handle a lot of mail, this is vitally important. You can get TCP-Wrappers from ftp://ftp.porcupine.org/pub/security/, a site that has a whole host of other useful security tools, such as securelib, portmap, satan, cops, crack, etc... You can also find pointers to many other useful security tools at http://ciac.llnl.gov/ciac/SecurityTools.html, and the COAST Archive at http://www.cerias.purdue.edu/coast/ is a veritable cornucopia of all things security related. For the adventurous, you can get a source patch for version 8 sendmail (created for 8.7.6, but, with work, applicable to older releases) that will take the core TCP-Wrappers code and integrate it into the daemon, so that you get the best of both worlds. However, this isn't as smoothly integrated as it should be, is not for the faint-of-heart, and is certainly not officially supported by the original author of sendmail (Eric Allman). This functionality is integrated in a different fashion into version 8.8.5 sendmail. You should be able to find the unsupported patch at ftp://ftp.porcupine.org/pub/security/sendmail-tcpd.patch. _________________________________________________________________ Q2.16 -- Why won't db 1.85 build on my machine? Date: April 8, 1997 Updated: May 20, 1997 URL Updated: July 27, 1999 As of release 8.9.X of sendmail, db 1.85 is no longer needed, as support for db 2.X is included (starting with 2.3.16). More details are given at Q3.25. The rest of this answer only applies if you have not yet upgraded to 8.9.X . The db 1.85 package as available from http://www.sleepycat.com/register.html provides Irix support up to Irix 4.05F, but 5.{2,3} need a slightly patched version, as does HP-UX 10.20. Some vendors also provide db standard with their OS (DEC Unix 4.0, for example). A tarball incorporating these changes for Irix 5.x is available at ftp://ftp.his.com/pub/brad/sendmail/irix5.tar.gz. This will extract into ./db.1.85/PORT/irix.5.2, with a symbolic link created from ./db.1.85/PORT/irix.5.3 to this same directory. Make sure you extract this archive into the same directory where you extracted the db 1.85 archive as available from ftp.cs.berkeley.edu. (see Q3.5 for more information on getting the db 1.85 package). An ASCII context diff of this same patch is at ftp://ftp.his.com/pub/brad/sendmail/irix4-5.diff. A version of db 1.85 that has supposedly been patched to compile under Irix 6.2 has been made available at http://reality.sgi.com/ariel/freeware/#db, but I haven't had a chance to download and check it out yet. The context diffs required to get db 1.85 working under HP-UX 10.20 are available at ftp://ftp.his.com/pub/brad/sendmail/hpux.10.20.diff. A tarball incorporating these changes is available at ftp://ftp.his.com/pub/brad/sendmail/hp-ux.10.20.tar.gz. This will extract into ./db.1.85/PORT/hpux.10.20, so make sure you extract this archive into the same directory where you extracted the db 1.85 archive as available from ftp.cs.berkeley.edu. _________________________________________________________________ Q2.17 -- What is makemap and where can I get it? Date: August 30, 1996 The program "makemap" is used to build the databases used by version 8 sendmail, for things like the UserDB, mailertables, etc.... It is distributed as part of the basic operating system from some vendors, but source code for it is also included at the root level of the sendmail archive (at least, it is for sendmail 8.6.12 and 8.7.5, and presumably will continue to be as newer releases come out). However, it is not considered a "supported" part of version 8 sendmail. Just like the other source provided in the archive, the Makefile will likely need some tweaking for your specific site. It turns out that Irix 5.3 doesn't appear to have the dbm or ndbm libraries, but to compile makemap.c, you need to have -DNDBM on the "DBMDEF=" line (some necessary things are defined only in /usr/include/ndbm.h). Try just leaving off "-lndbm" from the "LIBS=" line in the Makefile for makemap. If you plan on using makemap with db 1.85 on an SGI machine running a version of Irix later than 4.x, see Q2.16 for some additional steps to get db 1.85 compiled on your machine. sendmail.org 3. VERSION 8 SPECIFIC ISSUES * 3.1 How do I make all my addresses appear to be from a single host? * 3.2 How do I rewrite my "From:" lines to read ``First_Last@My.Domain'' or ``Different_Name@My.Domain''? * 3.3 But what about fully-qualified addresses, such as those from Pine or FEATURE(always_add_domain)? * 3.4 So what was the user database feature intended for? * 3.5 Why the hostility toward using full names for email addresses? * 3.6 (deprecated) * 3.7 How do I manage several (virtual) domains? * 3.8 There are four UUCP mailers listed in the configuration files. Which one should I use? * 3.9 (deprecated) * 3.10 How do I solve "collect: I/O error on connection" or "reply: read error from host.name" errors? * 3.11 Why can't my users forward their mail to a program? * 3.12 Why do connections to the SMTP port take such a long time? * 3.13 Why do I get "unknown mailer error 5 -- mail: options MUST PRECEDE recipients" errors? * 3.14 Why does version 8 sendmail panic my SunOS box? * 3.15 Why does the Unix From line get mysteriously munged when I send to an alias? * 3.16 Why doesn't MASQUERADE_AS (or the user database) work for envelope addresses as well as header addresses? * 3.17 How do I run version 8 sendmail and support the MAIL11V3 protocol? * 3.18 Why do messages disappear from my queue unsent? * 3.19 When is sendmail going to support RFC 2047 MIME header encoding? * 3.20 Why can't I get mail to some places, but instead always get the error "reply: read error from name.of.remote.host"? * 3.21 Why doesn't "FEATURE(xxx)" work? * 3.22 How do I configure sendmail not to use DNS? * 3.23 How do I get all my queued mail delivered to my Unix box from my ISP? * 3.24 Why do I get the error message unable to write /etc/mail/sendmail.pid on Solaris 2.x? * 3.25 Why can't I compile sendmail with Berkeley DB 2.X? * 3.26 What operating systems has Berkeley sendmail been ported to? * 3.27 How do I prevent Relaying Denied errors for my clients? * 3.28 Why isn't virtual hosting working, even after I added a Kvirtuser line to sendmail.cf ? * 3.29 How can I add a header specifying the actual recipient when having multiple users in a virtual domain go to a single mailbox? * 3.30 What do I do when Build fails because groff was not found? * 3.31 What does "class hash not available" mean? * 3.32 How do I configure majordomo with sendmail 8.9 without relaxing the DontBlameSendmail option? * 3.33 How do I configure my system in general with sendmail 8.9? * 3.34 What does "foo not available for sendmail programs" mean? * 3.35 How do I add a footer/signature to all (outgoing) e-mail messages? * 3.36 What does "Cannot open hash database ... Invalid argument" mean? * 3.37 What does "parse error before `NDBM'" mean? * 3.38 What does "may be forged" mean? * 3.39 How do I send using an alternate port? * 3.40 Why can't I use BerkeleyDB 4.1.x? * 3.41 How do I use CIDR notation in the access map (or other places)? * 3.42 Why isn't CIDR notation directly supported by sendmail? * 3.43 What does "Need to recompile with -DNEWDB for hash support" mean? * 3.44 I disabled sendmail on some machines which don't receive mail, but since upgrading to 8.12 they can't send mail either; why? _________________________________________________________________ Q3.1 -- How do I make all my addresses appear to be from a single host? This question is answered in detail at the configuration Masquerading and Relaying page. _________________________________________________________________ Q3.2 -- How do I rewrite my From: lines to read ``First_Last@My.Domain''' or ``Different_Name@My.Domain''? Date: September 23, 1997 Updated: November 8, 1999 Use the generics table, as described in steps 6 and 7 of the Virtual Hosting page. _________________________________________________________________ Q3.3 -- But what about fully-qualified addresses, such as those from Pine or FEATURE(always_add_domain)? Date: July 19, 1996 Updated: November 8, 1999 Updated: January 25, 2000 Note: this question used to be "How do I get the user database to work with Pine or with FEATURE(always_add_domain)?" But the user database is no longer the recommended solution for this problem, so the question has been clarified appropriately. The proper solution is to use the generics table, as described in steps 6 and 7 of the Virtual Hosting page. The important thing to note is that the host/domain part of the fully-qualified address must be specified via GENERICS_DOMAIN() or GENERICS_DOMAIN_FILE(). _________________________________________________________________ Q3.4 -- So what was the user database feature intended for? Date: May 12, 1997 The intent was to have all information for a given user (where the user is the unique login name, not an inherently non-unique full name) in one place. This would include phone numbers, addresses, and so forth. The "maildrop" feature is because Berkeley does not use a centralized mail server (there are a number of reasons for this that are mostly historic), and so we need to know where each user gets his or her mail delivered -- i.e., the mail drop. UC Berkeley is (was) in the process of setting up their environment so that mail sent to an unqualified "name" goes to that person's preferred maildrop; mail sent to "name@host" goes to that host. The purpose of "FEATURE(notsticky)" is to cause "name@host" to be looked up in the user database for delivery to the maildrop. _________________________________________________________________ Q3.5 -- Why the hostility toward using full names for email addresses? Date: May 12, 1997 Updated: April 7, 2004 Because full names are not unique. For example, the computer community has two Peter Deutsches. At one time, Bell Labs had two Stephen R. Bournes with offices a few doors apart. You can create alternative addresses (e.g., Stephen_R_Bourne_2), but that's even worse -- which one of them has to have their name desecrated in this way? And you can bet that one of them will get most of the other person's email. Moreover, at institutions with high turnover (such as universities), a given name may refer to different people at different times, which can again lead to mail going to the wrong person. So called "full names" are just an attempt to create longer versions of unique names. Rather that lulling people into a sense of security, I'd rather that it be clear that these handles are arbitrary. People should use good user agents that have alias mappings so that they can attach arbitrary names for their personal use to those with whom they correspond (such as the MH alias file). The problem is even worse outside of America, where non-ASCII characters (e.g., characters with umlauts or the Norwegian Ø) are used in names. Since non-ASCII characters cannot be used in the SMTP envelope or e-mail headers, the full names are mangled anyway. Even worse is fuzzy matching in email -- this can make good addresses turn bad. For example, Eric Allman is currently (to the best of our knowledge) the only ``Allman'' at Berkeley, so mail sent to should get to him. But if another Allman ever appears, this address could suddenly become ambiguous. He's been the only Allman at Berkeley for over fifteen years -- to suddenly have this "good address" bounce mail because it is ambiguous would be a heinous wrong. Directory services should be as fuzzy as possible (within reason, of course). Mail services should be unique. _________________________________________________________________ Q3.6 -- has been deprecated. _________________________________________________________________ Q3.7 -- How do I manage several (virtual) domains? This question is answered in detail at the Virtual Hosting page. _________________________________________________________________ Q3.8 -- There are four UUCP mailers listed in the configuration files. Which one should I use? This question is answered in detail at the configuration Using UUCP Mailers page. _________________________________________________________________ Q3.9 -- has been deprecated. _________________________________________________________________ Q3.10 -- How do I solve "collect: I/O error on connection" or "reply: read error from host.name" errors? Date: April 8, 1997 Updated: May 9, 2000 Updated: June 8, 2002 Updated: March 2, 2003 If you are just getting occasional such messages, they're probably due to a temporary network problem, or the remote host crashing or otherwise abruptly terminating the connection. If you are getting a lot of these from a single host, there is probably some incompatibility between 8.x and that host (see Q3.12 and Q3.20). If you get a lot of them in general, you may have network problems that are causing connections to get reset. Note that this problem is sometimes caused by incompatible values of the MTU (Maximum Transmission Unit) size on a SLIP or PPP connection. Be sure that your MTU size is configured to be the same value as what your ISP has configured for your connection. If you are still having problems, then have your ISP configure your MTU size for 1500 (the maximum value), and you configure your MTU size similarly. Another possibility is that you have a router/firewall filtering out all incoming ICMP messages, while your OS is doing "Path MTU discovery" (e.g. modern TCP/IP stacks do this by default). Path MTU discovery relies on certain ICMP messages being allowed through back to the host originating the traffic - see our tip on Path MTU Discovery and RFC 1191 for the details. Lastly, here is part of a post from comp.mail.sendmail about a SCO 7.1.0 specific bug which may produce similar problems. Subject: Re: Recipient mail server times out sendmail connection Date: 5 Jun 2002 21:37:02 -0700 From: maillist@screamingplants.com (ike) I ran a packet sniffer on mail traffic that was causing problems and found that the tcp checksums for large packets were all off by 14. I found out later that there is a network bug in the OS (SCO 7.1.0). After applying a few patches, the problem appears to have been resolved. _________________________________________________________________ Q3.11 -- Why can't my users forward their mail to a program? Date: July 9, 1996 Updated: November 19, 1999 I just upgraded to version 8 sendmail and now when my users try to forward their mail to a program they get an "illegal shell" or "cannot mail to programs" message and their mail is not delivered. What's wrong? In order for people to be able to run a program from their .forward file, version 8 sendmail insists that their shell (that is, the shell listed for that user in the passwd entry) be a "valid" shell, meaning a shell listed in /etc/shells. If /etc/shells does not exist, a default list is used, typically consisting of /bin/sh and /bin/csh. This is to support environments that may have NFS-shared directories mounted on machines on which users do not have login permission. For example, many people make their file server inaccessible for performance or security reasons; although users have directories, their shell on the server is /usr/local/etc/nologin or some such. If you allowed them to run programs anyway you might as well let them log in. If you are willing to let users run programs from their .forward file even though they cannot telnet or rsh in (as might be reasonable if you run smrsh to control the list of programs they can run) then add the line: /SENDMAIL/ANY/SHELL/ to /etc/shells. This must be typed exactly as indicated, in caps, with the trailing slash. NOTA BENE: DO NOT list /usr/local/etc/nologin in /etc/shells -- this will open up other security problems. IBM AIX does not use /etc/shells -- a list of allowable login shells is contained, along with many other login parameters, in /etc/security/login.cfg. You can copy the information in the "shells=" stanza into a /etc/shells on your system so sendmail will have something to use. Do NOT add "/usr/lib/uucp/uucico" or any other non-login shell into /etc/shells. Also note that there are some weird things that AFS throws into the mix, and these can keep a program from running or running correctly out of .forward files or the system-wide aliases. See also "smrsh" in Q2.13 and Q3.34, and "directory permissions" in Q3.33. _________________________________________________________________ Q3.12 -- Why do connections to the SMTP port take such a long time? Date: November 24, 1996 Updated: August 29, 2001 I just upgraded to version 8 sendmail and suddenly connections to the SMTP port take a long time. What is going wrong? It's probably something weird in your TCP implementation that makes the IDENT code act oddly. On most systems version 8 sendmail tries to do a ``callback'' to the connecting host to get a validated user name (see RFC 1413 for detail). If the connecting host does not support such a service it will normally fail quickly with "Connection refused", but certain kinds of packet filters and certain TCP implementations just time out. To test this (pre-8.7.y sendmail), set the IDENT timeout to zero using: define(`confREAD_TIMEOUT',`Ident=0')dnl in the .mc file used by m4 to generate your sendmail.cf file. Alternatively, if you don't use m4, you can put ``OrIdent=0'' in the configuration file (we recommend the m4 solution, since that makes maintenance much easier for people who don't understand sendmail re-write rules, or after you've been away from it for a while). Either way, this will completely disable all use of the IDENT protocol. For version 8.7.y sendmail (and above), you should instead use: define(`confTO_IDENT',`0s')dnl Another possible problem is that you have your name server and/or resolver configured improperly. Make sure that all "nameserver" entries in /etc/resolv.conf point to functional servers. If you are running your own server, make certain that all the servers listed in your root cache are up to date (this file is usually called something like "/var/namedb/root.cache"; see your /etc/named.boot file to get your value). Either of these can cause long delays. You may also wish to check out our tips on how to set up DNS for your private address space. _________________________________________________________________ Q3.13 -- Why do I get "unknown mailer error 5 -- mail: options MUST PRECEDE recipients" errors? Date: March 23, 1996 I just upgraded to version 8 sendmail and suddenly I get errors such as ``unknown mailer error 5 -- mail: options MUST PRECEDE recipients.'' What is going wrong? You need OSTYPE(systype) in your .mc file, where "systype" is set correctly for your hardware & OS combination -- otherwise the configurations use a default that probably disagrees with your local mail system. See the configuration OSTYPE page for details. If this is on a Sun workstation, you might also want to take a look at the local mailer flags in the Sun-supplied sendmail.cf and compare them to the local mailer flags generated for your version 8 sendmail.cf. If they differ, you might try changing the V8 flags to match the Sun flags. _________________________________________________________________ Q3.14 -- Why does version 8 sendmail panic my SunOS box? Date: March 24, 1996 Updated: November 4, 1997 Sendmail 8.7.y panics SunOS 4.1.3_U1 (at least for 1 <= y <= 3) and SunOS 4.1.3, and sendmail 8.6.x seems fine on both machines (at least for 9 <= x <= 12). The problem is that a kernel patch is missing, specifically 100584-08 (4.1.3), 102010-05 (4.1.3_U1), or 102517 (4.1.4). This should be available from your hardware vendor through your support contract or their online support facilities (including being available on the SunSolve CD). _________________________________________________________________ Q3.15 -- Why does the Unix From line get mysteriously munged when I send to an alias? Date: December 3, 1997 ``It's not a bug, it's a feature.'' This happens when you have an owner-list alias and you send to list. V8 propagates the owner information into the SMTP envelope sender field (which appears as the Unix From line [sometimes incorrectly referred to as the From-space "header"] on Unix mail or as the Return-Path: header) so that downstream errors are properly returned to the mailing list owner instead of to the sender. In order to make this appear as sensible as possible to end users, I recommend making the owner point to a "request" address -- for example: list: :include:/path/name/list.list owner-list: list-request list-request: eric This will make message sent to list come out as being "From list-request" instead of "From eric". _________________________________________________________________ Q3.16 -- Why doesn't MASQUERADE_AS (or the user database) work for envelope addresses as well as header addresses? Date: November 24, 1996 Believe it or not, this is intentional. The interpretation of the standards by the version 8 sendmail development group was that this was an inappropriate rewriting, and that if the rewriting were incorrect at least the envelope would contain a valid return address. If you're using version 8.7.y sendmail (or later), you can use FEATURE(masquerade_envelope) in your sendmail.mc file to change this behavior. This is discussed in greater detail at the configuration Masquerading and Relaying page. _________________________________________________________________ Q3.17 -- How do I run version 8 sendmail and support the MAIL11V3 protocol? Date: March 23, 1996 URL updated: November 15, 2002 Get the reimplementation of the mail11 protocol by Keith Moore from ftp://gatekeeper.dec.com/pub/misc/vixie/ (with contributions from Paul Vixie). _________________________________________________________________ Q3.18 -- Why do messages disappear from my queue unsent? Date: March 23, 1996 When I look in the queue directory I see that qf* files have been renamed to Qf*, and sendmail doesn't see these. What's wrong? If you look closely you should find that the Qf files are owned by users other than root. Since sendmail runs as root it refuses to believe information in non-root-owned qf files, and it renames them to Qf to get them out of the way and make it easy for you to find. The usual cause of this is twofold: first, you have the queue directory world writable (which is probably a mistake -- this opens up other security problems) and someone is calling sendmail with an "unsafe" flag, usually a -o flag that sets an option that could compromise security. When sendmail sees this it gives up setuid root permissions. The usual solution is to not use the problematic flags. If you must use them, you have to write a special queue directory and have them processed by the same uid that submitted the job in the first place. _________________________________________________________________ Q3.19 -- When is sendmail going to support RFC 2047 MIME header encoding? Date: March 23, 1996 Updated: September 5, 1999 This is considered to be a MUA issue rather than an MTA issue. Quoth Eric Allman: The primary reason is that the information necessary to do the encoding (that is, 8->7 bit) is unknown to the MTA. In specific, the character set used to encode names in headers is _NOT_ necessarily the same as used to encode the body (which is already encoded in MIME in the charset parameter of the Content-Type: header). Furthermore, it is perfectly reasonable for, say, a Swede to be living and working in Korea, or a Russian living and working in Germany, and want their name to be encoded in their native character set; it could even be that the sender was Japanese, the recipient Russian, and the body encoded in ISO 8859-1. If all I have are 8-bit characters, I can't choose the charset properly. Similarly, when doing 7->8 bit conversions, I don't want to throw away this information, as it is necessary for proper presentation to the end user. _________________________________________________________________ Q3.20 -- Why can't I get mail to some places, but instead always get the error "reply: read error from name.of.remote.host"? Date: January 17, 1997 This is usually caused by a bug in the remote host's mail server, or Mail Transport Agent (MTA). The "EHLO" command of ESMTP causes the remote server to drop the SMTP connection. There are several MTAs that have this problem, but one of the most common server implementations can be identified by the "220 All set, fire away" greeting it gives when you telnet to its SMTP port. To work around this problem, you can configure sendmail to use a mailertable with an entry telling sendmail to use plain SMTP when talking to that host: name.of.remote.host smtp:name.of.remote.host Sites which must run a host with this broken SMTP implementation should do so by having a site running sendmail or some other reliable (and reasonably modern) SMTP MTA act as an MX server for the problem host. There is also a problem wherein some TCP/IP implementations are broken, and if any connection attempt to a remote end gets a "connection refused", then *all* connections to that site will get closed. Of course, if you try to use the IDENT protocol across a firewall (at either end), this is highly likely to result in the same apparent kind of "read error". The fix is simple -- on those machines with broken TCP/IP implementations, do not attempt to use IDENT. When compiling newer releases of version 8 sendmail, the compiler should automatically detect whether you're on a machine that is known to have this kind of TCP/IP networking problem, and make sure that sendmail does not attempt to use IDENT. If you've since patched your machine so that it no longer has this problem, you'll need to go back in and explicitly configure sendmail for support of IDENT, if you want that feature. _________________________________________________________________ Q3.21 -- Why doesn't "FEATURE(xxx)" work? Date: January 17, 1996 When creating m4 Master Config (".mc") files for version 8 sendmail, many FEATURE() macros simply change the definition of internal variables that are referenced in the MAILER() definitions. To make sure that everything works as desired, you need to make sure that OSTYPE() macros are put at the very beginning of the file, followed by FEATURE() and HACK() macros, local definitions, and at the very bottom, the MAILER() definitions. See the configuration Introduction and Example page for more details. _________________________________________________________________ Q3.22 -- How do I configure sendmail not to use DNS? Date: March 24, 1997 Updated: April 6, 2000 Updated: June 4, 2002 Updated: January 14, 2004 In situations where you're behind a firewall, or across a dial-up line, there are times when you need to make sure that programs (such as sendmail) do not use the DNS at all. With older releases of version 8 sendmail (8.7 and earlier), you needed to recompile the binary and make sure that "NAMED_BIND" was turned off in src/conf.h. With versions 8.8 and later, you change the service switch file to omit "DNS" and use only NIS, files, and other map types as appropriate. More information about the service switch file can be found under the ServiceSwitchFile option in §5.6 (Options) of the Installation and Operation Guide and all of §4.9 (Name Server Access). And note that you'll need to forward all your outbound mail to another machine as a "relay" (one that does use DNS, and understands how to properly use MX records, etc...), otherwise you won't be able to get mail to any site(s) other than the one(s) you configure in your /etc/hosts file (or whatever). The use of a smart host is one way to do this; the following in your .mc will do: define(`SMART_HOST', `name.of.smart.host')dnl Also, starting with 8.9, it may help to include the following in your .mc file: FEATURE(`accept_unresolvable_domains')dnl FEATURE(`accept_unqualified_senders')dnl And starting with 8.12, changes to submit.cf are required as well; the following in your submit.mc can minimize the problem: define(`confDIRECT_SUBMISSION_MODIFIERS', `C')dnl _________________________________________________________________ Q3.23 -- How do I get all my queued mail delivered to my Unix box from my ISP? Date: June 6, 1997 Updated: October 8, 1998 In the contrib directory of the sendmail distribution is a Perl script called etrn.pl. Assuming you're running sendmail or some other SMTP MTA on some sort of a Unix host, and your ISP uses version 8.8 sendmail and they queue all mail for your domain (as opposed to stuffing it all in one file that you need to download via POP3 or some such), the command etrn.pl mail.myisp.com mydomain.com will do the trick. You can learn about Perl at the Perl Language Home Page. The O'Reilly book is also very helpful. If you don't have Perl, something like the following script should do the trick: #!/bin/sh telnet mail.myisp.com. 25 << __EOF__ EHLO me.mydomain.com ETRN mydomain.com QUIT __EOF__ Note that this is indented for readability, and the real script would have column position #1 of the file be the first printable character in each line. Of course, you'll have to fill in the appropriate details for "mail.myisp.com", "mydomain.com", etc.... If your ISP doesn't use version 8.8 sendmail, you may have to cobble together alternative solutions. They may have a "ppplogin" script that is executed every time your machines dials them up, and if so, you may be able to have them modified this script so as to put a "sendmail -qRmydomain.com" in it (which is effectively what the "ETRN" command does, but in a safer fashion). Alternatively, they may have a hacked finger daemon, so that you'd put "finger mydomain.com@theirhost.theirdomain.com" in your script. Or, they may have some other solution for you. However, only they would be able to answer what solutions they have available to them. Obviously, the easiest and most "standard" solution is to have them upgrade their system to the most recent stable release of version 8 sendmail. See Q2.8 to find out what exact version this is. _________________________________________________________________ Q3.24 -- Why do I get the error message unable to write /etc/mail/sendmail.pid? Date: August 6, 1997 sendmail checks if it has write access to the directory in which it wants to create a file without granting special privileges to 'root'. To have sendmail run properly, the directories /etc, /etc/mail, and/or /var/run should be owned by root and be writable by its owner. _________________________________________________________________ Q3.25 -- Why can't I compile sendmail with Berkeley DB 2.X? Date: August 12, 1997 Updated: May 20, 1998 sendmail 8.8 only supports Berkeley DB 1.85. It will not work with newer Berkeley DB versions, even in compatibility mode Sendmail 8.9, however, does include support for Berkeley DB 2.X, starting with 2.3.16 . _________________________________________________________________ Q3.26 -- What operating systems has Berkeley sendmail been ported to? Date: December 18, 1997 Updated: September 9, 1999 Berkeley sendmail 8.9.3 supports most known flavors of UNIX, including: 386BSD A-UX AIX Altos BSD-OS BSD43 CLIX CSOS ConvexOS Dell DomainOS Dynix EWS-UX_V FreeBSD HP-UX IRIX ISC KSR LUNA Linux Mach386 NCR.MP-RAS NEWS-OS NeXT NetBSD NonStop-UX OSF1 OpenBSD PTX Paragon PowerUX RISCos SCO SINIX SMP_DC.OSx.NILE Solaris SVR4 SunOS Titan ULTRIX UMAX UNICOS UNIX_SV.4.x.i386 UX4800 UXPDS Utah dgux maxion uts.systemV Also, a Windows NT version is available from Sendmail, Inc.. _________________________________________________________________ Q3.27 -- How do I prevent Relaying Denied errors for my clients? Date: April 12, 1998 Last updated: June 19, 2000 You need to add the fully-qualified host name and/or IP address of each client to class R, the set of relay-allowed domains. For version 8.8.X, this is typically defined by the file /etc/sendmail.cR ; for 8.9.X, it is typically /etc/mail/relay-domains . Note: if your DNS is problematic, you should list the IP address (e.g., 1.2.3.4); in general, however, this should not be necessary. Once you've updated the appropriate file, SIGHUP your sendmail daemon and you should be OK. Further details are available on our Allowing controlled SMTP relaying in Sendmail 8.9 page. _________________________________________________________________ Q3.28 -- Why isn't virtual hosting working, even after I added a Kvirtuser line to sendmail.cf? Date: April 12, 1998 Just adding the proper Kvirtuser line to sendmail.cf is not enough to enable the virtual user table feature, a key ingredient for virtual hosting. You need to use the m4 technique FEATURE(virtusertable); detailed instructions are provided at our Virtual Hosting with Sendmail page. _________________________________________________________________ Q3.29 -- How can I add a header specifying the actual recipient when having multiple users in a virtual domain go to a single mailbox? Date: July 2, 1998 Updated: June 21, 2002 Fixed typo: October 10, 2003 Updated URL: April 6, 2004 Stuffing multiple user's mail into a single mail box is not a good method of distributing user mail but if you must do this, the following solution should allow a tool like fetchmail to separate the messages for individual users. 1. Use FEATURE(local_procmail) in your .mc file so procmail (which you must install separately) will deliver mail to the mailbox. 2. Use FEATURE(virtusertable) to create a virtual user table entry for the domain as follows: @domain.com domuser+%1 where domuser is the username of the mailbox you will be using. Note that "domuser" must be an actual username, *not* an alias. It may be necessary to append "@localhost", as follows @domain.com domuser+%1@localhost 3. Put this in the respective domuser's $HOME/.procmailrc: DOMAIN=domain.com ENV_TO=$1 :0f * ENV_TO ?? . | formail -i "X-Envelope-To: $ENV_TO@$DOMAIN" :0fE | formail -i "X-Envelope-To: UNKNOWN" This will insert an X-Envelope-To header with the original envelope recipient address when the message is delivered the normal way via the virtusertable, and UNKNOWN if for some reason it was sent directly to domuser. You may be tempted to eliminate variable ENV_TO and use $1 directly. It won't work, so don't bother. FEATURE(local_procmail) causes sendmail to deliver email to procmail directly. A .forward file is not only unnecessary, it would prevent procmail from setting $1 with the necessary text, so don't use one. You may need to replace formail with /usr/local/bin/formail or some such, depending on whether procmail can find it or not. Another possible solution from Andrzej Filip. _________________________________________________________________ Q3.30 -- What do I do when Build fails because groff was not found? Date: September 24, 1998 You can get groff from ftp://ftp.gnu.org/pub/gnu/. But it's not a big deal, because: 1. You've already successfully built the sendmail binary to get this far. 2. You can just use the preformatted man pages anyway: % cp *.0 obj* _________________________________________________________________ Q3.31 -- What does "class hash not available" mean? Date: September 24, 1998 You've built sendmail and/or makemap without NEWDB specified in your DBMDEF configuration, but you specified the class hash in sendmail.cf or on a makemap command. The class hash requires NEWDB support, for which you need the Berkeley database. Please refer to the Database Definitions section of our Compiling Sendmail web page. _________________________________________________________________ Q3.32 -- How do I configure majordomo with sendmail 8.9 without relaxing the DontBlameSendmail option? Date: January 26, 1999 Updated: October 30, 2001 We have had some queries about this, as majordomo apparently suggests some configuration values which sendmail 8.9 does not like. Here is what one expert suggests: The sendmail.cf contains: O AliasFile=/etc/aliases, /etc/majordomo.aliases O DontBlameSendmail=Safe /etc/aliases contains the general majordomo aliases: # Majordomo majordomo: "|/usr/local/lib/majordomo/wrapper majordomo" owner-majordomo: postmaster majordomo-owner: postmaster /etc/majordomo.aliases contains the majordomo lists of the form: wookie: "|/usr/local/lib/majordomo/wrapper resend -l wookie wookie-list" wookie-list: :include:/usr/local/lib/majordomo/lists/wookie owner-wookie: head-wookie wookie-approval: owner-wookie wookie-request: "|/usr/local/lib/majordomo/wrapper majordomo -l wookie" The various directory owners/groups/permissions: drwxr-xr-x 20 root root 1024 Dec 1 15:20 / drwxr-xr-x 25 root root 3072 Jan 26 01:26 /etc drwxr-xr-x 20 root root 1024 Feb 4 1998 /usr drwxr-xr-x 18 root root 1024 Jan 16 18:40 /usr/local drwxr-xr-x 5 root root 1024 Feb 6 1996 /usr/local/lib lrwxrwxrwx 1 root root 16 Dec 1 10:01 /usr/local/lib/majordomo -> majordomo-1.94.4 drwxr-x--x 5 majordom majordom 1024 Jan 25 23:12 /usr/local/lib/majordomo -1.94.4 drwxr-xr-x 2 majordom majordom 32768 Jan 26 00:49 /usr/local/lib/majordomo -1.94.4/lists -rw-rw-r-- 1 majordom majordom 655 Nov 3 17:03 /usr/local/lib/majordomo -1.94.4/lists/wookie -rw-rw---- 1 majordom majordom 14588 Jan 19 10:28 /usr/local/lib/majordomo -1.94.4/lists/wookie.config -rw-rw-r-- 1 majordom majordom 23 Jan 14 1997 /usr/local/lib/majordomo -1.94.4/lists/wookie.info Now the differences that make this work that may not be the same as instructed by the majordomo instructions: 1. Put the majordomo.aliases file in /etc, not in the majordomo install directory (/usr/local/lib/majordomo). If you can't move the aliases file out of the majordomo directory, you'll need to create the database backing file by hand the first time as root: # touch /usr/local/lib/majordomo/aliases # newaliases -OAliasFile=/usr/local/lib/majordomo/aliases 2. Make the permissions on /usr/local/lib/majordomo 0751, not 0775. 3. Make the permissions on /usr/local/lib/majordomo/Log 0664, owned by majordom, group majordom. 4. /usr/local/lib/majordomo/lists is mode 0755, owner majordom, group majordom. 5. The permissions/owners for the lists should be as shown above. These permissions/ownership allow majordom to continue to manage the lists. _________________________________________________________________ Q3.33 -- How do I configure my system in general with sendmail 8.9? Date: May 24, 1999 The following is taken directly from the DIRECTORY PERMISSIONS section of the top-level README file in the sendmail distribution. Sendmail often gets blamed for many problems that are actually the result of other problems, such as overly permissive modes on directories. For this reason, sendmail checks the modes on system directories and files to determine if can have been trusted. For sendmail to run without complaining, you MUST execute the following command: chmod go-w / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue chown root / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue You will probably have to tweak this for your environment (for example, some systems put the spool directory into /usr/spool instead of /var/spool and use /etc/mail for aliases file instead of /etc). If you set the RunAsUser option in your sendmail.cf, the /var/spool/mqueue directory will have to be owned by the RunAsUser user. As a general rule, after you have compiled sendmail, run the command sendmail -v -bi to initialize the alias database. If it gives messages such as WARNING: writable directory /etc WARNING: writable directory /usr/spool/mqueue then the directories listed have inappropriate write permissions and should be secured to avoid various possible security attacks. Beginning with sendmail 8.9, these checks have become more strict to prevent users from being able to access files they would normally not be able to read. In particular, .forward and :include: files in unsafe directory paths (directory paths which are group or world writable) will no longer be allowed. This would mean that if user joe's home directory was writable by group staff, sendmail would not use his .forward file. This behavior can be altered, at the expense of system security, by setting the DontBlameSendmail option. For example, to allow .forward files in group writable directories: O DontBlameSendmail=forwardfileingroupwritabledirpath Or to allow them in both group and world writable directories: O DontBlameSendmail=forwardfileinunsafedirpath Items from these unsafe .forward and :include: files will be marked as unsafe addresses -- the items can not be deliveries to files or programs. This behavior can also be altered via DontBlameSendmail: O DontBlameSendmail=forwardfileinunsafedirpath, forwardfileinunsafedirpathsafe The first flag allows the .forward file to be read, the second allows the items in the file to be marked as safe for file and program delivery. Other files affected by this strengthened security include class files (i.e. Fw /etc/sendmail.cw), persistent host status files, and the files specified by the ErrorHeader and HelpFile options. Similar DontBlameSendmail flags are available for the class, ErrorHeader, and HelpFile files. If you have an unsafe configuration of .forward and :include: files, you can make it safe by finding all such files, and doing a "chmod go-w $FILE" on each. Also, do a "chmod go-w $DIR" for each directory in the file's path. _________________________________________________________________ Q3.34 -- What does "foo not available for sendmail programs" mean? Date: September 24, 1999 It means that you are using smrsh, the sendmail restricted shell; see Q2.13 for details on this. To fix this problem, you need to create a sym-link from smrsh's directory for restricted programs to the program foo. The default location of this directory for restricted programs is /usr/adm/sm.bin in the Open Source version, but vendor versions differ. For example, RedHat Linux 6.0 uses /etc/smrsh, and Solaris 8 uses /var/adm/sm.bin . If you don't know the directory for your OS, first check the smrsh man page, then if that fails, try: % strings /path/to/smrsh | grep ^/ where /path/to/smrsh is the P= argument on the Mprog line in sendmail.cf . So for example: % cd /usr/adm/sm.bin % ln -s /usr/bin/vacation would allow the vacation program to be run from a user's .forward file or an alias which uses the "|program" syntax. Finally, if you want to disable use of smrsh, remove the FEATURE(`smrsh') line from the .mc file used to build sendmail.cf; see cf/README for details on this. _________________________________________________________________ Q3.35 -- How do I add a footer/signature to all (outgoing) e-mail messages? Date: October 9, 2000 Updated: August 1, 2001 Updated: May 16, 2002 Updated: February 22, 2003 This is quite complicated. At first sight it might be simple: just "cat" some text (taken from a file or whatever) to the end of an e-mail message passing through sendmail. However, there is a big problem: what about structured e-mail messages, i.e., MIME messages? These can be arbitrarily complex and just "cat"ting a footer to the end of the body can break the MIME structure. (A MIME aware MUA will just not show such a footer, so it's pretty useless in any case.) But signed messages (think: PGP) will break. Another problem is the character set used by the mime part to which the disclaimer is added needs to match the actual character set of the disclaimer itself. Hence, there is no easy solution to this problem! If you know enough about MIME and some C programming, then take a look at sendmail 8.11 (or later) and libmilter/README. It now offers the functionality to achieve this goal. Some open source milters are capable of adding footers, e.g. MIMEDefang. _________________________________________________________________ Q3.36 -- What does "Cannot open hash database ... Invalid argument" mean? Date: January 3, 2001 Updated: February 8, 2001 It's an error returned from the Berkeley DB library. It normally means that the db file was built with a different version of Berkeley DB than the one sendmail is currently using. You need to recompile makemap with the same version of Berkeley DB that sendmail was compiled with, and re-make your maps with that new version of makemap. From a typical Unix 'errno' man page: 22 EINVAL Invalid argument. Some invalid argument was supplied. From the Berkeley DB 2.x 'db_open' man page (1.x 'dbopen' is similar): EINVAL ... There is a mismatch between the version number of file and the software. Berkeley DB 3.x uses a special errno value for this - from its 'db_open' man page: DB_OLD_VERSION The database cannot be opened without being first upgraded. Unfortunately this isn't specifically handled by sendmail upto and including 8.11.2, resulting in an error message that says something like "Error -30990" instead of "Invalid argument". Here is a table mapping versions of Berkeley DB with the corresponding sendmail versions in which they are supported: Berkeley DB Sendmail 0.X - 1.4 (OLD_NEWDB) 8.1 - 8.8.8 1.5 and later 1.X 8.1 and later 2.0.0-2.6.3 8.9.0 and later 2.6.4 and later 2.X 8.9.2 and later 3.0 and later 3.X 8.10.0 and later _________________________________________________________________ Q3.37 -- What does "parse error before `NDBM'" mean? Date: April 21, 2001 This error is generally accompanied by a message indicating which file it occurred in, and which line number of that file, usually: ERROR NDBM or NEWDB must be defined. You are supposed to read that line, and do something about it. Normally, on Linux and the various BSDs, NEWDB is used, whereas on the "commercial" Unix variants (Solaris, HP-UX, possibly others), NDBM is used. Perhaps you failed to install the required libraries when you installed your system. Please refer to 3.31 and the Database Definitions section of our Compiling Sendmail web page for further details. _________________________________________________________________ Q3.38 -- What does "may be forged" mean? Date: November 12, 2001 After sendmail does a hostname look-up on the IP address of the connecting client, the IP addresses of that hostname are looked up. If the client IP address does not appear in that list, then the may be forged tag is added. _________________________________________________________________ Q3.39 -- How do I send using an alternate port? Date: May 5, 2002 Updated: January 10, 2004 The port used for outgoing SMTP connections can be changed via the respective *_MAILER_ARGS macros for the various SMTP mailers. In a default configuration, sendmail uses either the relay mailer (for e.g. SMART_HOST when no mailer is specified) or the esmtp mailer (when sending directly to the MX of the recipient domain). So, if you want all outgoing SMTP connections to use port 2525, you can use this in your .mc file: define(`RELAY_MAILER_ARGS', `TCP $h 2525') define(`ESMTP_MAILER_ARGS', `TCP $h 2525') If you want to use an alternate port only for specific destinations, change (e.g.) only the RELAY_MAILER_ARGS, and make sure the relay mailer is not used for anything else. E.g. you can have sendmail use port 2525 only when sending to your domain with this in your .mc file: FEATURE(`mailertable') define(`confRELAY_MAILER', `esmtp') define(`RELAY_MAILER_ARGS', `TCP $h 2525') and then in your mailertable: yourdomain.com relay:mail.yourdomain.com This will force sendmail to use port 2525 for connections to yourdomain.com. Of course, change 2525 to whatever alternate port number you wish to use. _________________________________________________________________ Q3.40 -- Why can't I use BerkeleyDB 4.1.x? Date: November 15, 2002 Updated: December 29, 2002 SleepyCat changed the API from Berkeley DB 4.0 to 4.1. Hence it is not supported in sendmail 8.12.6. Moreover, the semantics of the open() call have been changed, hence sendmail doesn't work with DB 4.1.x (x <= 24), even if the "obvious" API changes are made. However, with the release of Berkeley DB 4.1.25 and sendmail 8.12.7, things should work again with these versions (or greater, when the time comes). _________________________________________________________________ Q3.41 -- How do I use CIDR notation in the access map (or other places)? Date: December 3, 2002 Use contrib/cidrexpand to pre-process the data into a format that is supported by sendmail. For example: cidrexpand < access | makemap hash access _________________________________________________________________ Q3.42 -- Why isn't CIDR notation directly supported by sendmail? Date: December 3, 2002 Because it is in general very expensive to do this. Here's an explanation from Per Hedeland: And not just more complex, it would have to do many more (comparatively expensive) lookups - there's no way, given (e.g.) the IP address 66.205.192.123, to find the matching "66.205.192.0/19" with a single lookup in a general key/value hashed map. The code would have to look for "66.205.192.123", "66.205.192.122/31", "66.205.192.120/30", "66.205.192.120/29", etc, etc - 14 lookups to find a /19, 32 to establish a non-match. which is 8 times more than the available octet boundary lookup. I haven't done any measurements, but I wouldn't be surprised if even in the absolute worst case, that your map is 128 times bigger than it "needs" to be, the time for a single lookup won't even double - i.e. you'll lose already on the second lookup. _________________________________________________________________ Q3.43 -- What does "Need to recompile with -DNEWDB for hash support" mean? Date: December 24, 2002 See Q3.31. This is the newer form of the same error message, updated to be more informative and clueful. The actual line of code contains: "%s: Need to recompile with -D%s for %s support\n" where the first %s gets replaced by the name of the program (generally makemap), the second %s gets replaced by the name of the macro which needs to be defined (see the Database Definitions section of our Compiling Sendmail web page for the full list), and the third %s gets replaced by the argument to makemap which could not be handled. _________________________________________________________________ Q3.44 -- I disabled sendmail on some machines which don't receive mail, but since upgrading to 8.12 they can't send mail either; why? Date: January 13, 2003 Updated: October 19, 2005 8.12 uses a new paradigm: the binary is no longer setuid-root; to make this work, there are now two queues, a "main" queue and a client-only queue. To match these, there are two config files: one for the main queue (sendmail.cf) and one for the client-only queue (submit.cf). There are also two sendmail processes which need to run: a daemon and a client queue runner. In the default configuration of sendmail, the client queue runner must be able to submit mail to the daemon on the local SMTP port. If the daemon is not listening on the SMTP port, the mail remains in the client-only queue. If you don't want to accept mail from other machines, you should add some or all of the following lines to your .mc file: FEATURE(`no_default_msa')dnl DAEMON_OPTIONS(`NAME=NoMTA4, Family=inet, Addr=127.0.0.1')dnl DAEMON_OPTIONS(`Name=MSA4, Family=inet, Addr=127.0.0.1, Port=587, M=E')dnl DAEMON_OPTIONS(`NAME=NoMTA6, Family=inet6, Addr=::1')dnl DAEMON_OPTIONS(`Name=MSA6, Family=inet6, Addr=::1, Port=587, M=E')dnl Use the FEATURE line regardless, then if your machine has IPv4 addresses configured, use the first two DAEMON_OPTIONS lines; likewise, use the second two DAEMON_OPTIONS lines if it has IPv6 addresses configured, and all four if both types of addresses are configured. Then build a new .cf file from your .mc file, install it as /etc/mail/sendmail.cf and start sendmail. In some cases, however, it might be better instead to modify submit.mc, to use FEATURE(`msp', `smart_host')dnl instead of the default FEATURE(`msp', `[127.0.0.1]')dnl This has the advantage that you don't have to run a daemon on the local host, but a disadvantage of introducing a dependency on the smart_host machine. Which of the two solutions is better for you depends on whether or not your network architecture has such a smart_host, how reliable you deem that smart_host to be, and how inconvenient running a daemon locally would be. sendmail.org 4. GENERAL SENDMAIL ISSUES * 4.1 Should I use a wildcard MX for my domain? * 4.2 How can I set up an auto-responder? * 4.3 How can I get sendmail to deliver local mail to $HOME/.mail instead of into /usr/spool/mail (or /usr/mail)? * 4.4 Why does it deliver the mail interactively when I'm trying to get it to go into queue only mode? * 4.5 How can I solve "MX list for hostname points back to hostname" and "config error: mail loops back to myself" messages? * 4.6 Why does my sendmail process sometimes hang when connecting over a SLIP/PPP link? * 4.7 How can I summarize the statistics generated by sendmail in the syslog? * 4.8 How can I check my sendmail.cf to ensure that it's re-writing addresses correctly? * 4.9 What is procmail, and where can I get it? * 4.10 How can I solve "cannot alias non-local names" errors? * 4.11 Is sendmail Year-2000 (Y2K) compliant? * 4.12 How can I batch remote mail to be sent using my ISP while delivering local mail immediately? * 4.13 What does "unknown mailer error 1" mean? * 4.14 How do I queue mail for another domain? * 4.15 How do create attachments with sendmail? * 4.16 How do I find sendmail's version number? * 4.17 How do I handle user names with upper-case characters? * 4.18 What does "NOQUEUE: Null connection from ..." mean? * 4.19 How do I configure sendmail for POP/IMAP/... ? * 4.20 How can I automatically copy messages based on sender or recipient addresses? * 4.21 How can I send mail to all users? * 4.22 Why can't I receive external mail? * 4.23 How do restrict attachments with sendmail? * 4.24 Can I get sendmail to verify an entire e-mail address instead of just the domain? _________________________________________________________________ Q4.1 -- Should I use a wildcard MX for my domain? Date: July 9, 1996 Updated: November 5, 1997 If at all possible, no. Wildcard MX records have lots of semantic "gotcha"s. For example, they will match a host "unknown.your.domain" -- if you don't explicitly test for unknown hosts in your domain, you will get "MX list for hostname points back to hostname" or "config error: mail loops back to myself". See RFCs 1535, 1536, and 1912 (updates RFC 1537) for more detail and other related (or common) problems. See also _DNS and BIND_ by Albitz and Liu. They can also cause your system to add your domain to outgoing FQDNs in a desperate attempt to get the mail to where it's supposed to go, but because *.your.domain is valid due to the wildcard MX, delivery to not.real.domain.your.domain will get dumped on you, and you may even find yourself in a loop as the domain keeps getting tacked on time after time after time (the "config error: mail loops back to myself" problem). Wildcard MX records are just a bad idea, plain and simple. They don't work the way you'd expect, and virtually no one gets them right. Avoid them at all costs. _________________________________________________________________ Q4.2 -- How can I set up an auto-responder? Date: March 23, 1996 Updated: February 16, 1999 Updated: July 30, 2002 This is a local mailer issue, not a sendmail issue. Depending on what you're doing, look at procmail (see Q4.9), ftpmail, Majordomo or of course vacation, which is part of the sendmail (8.10.0 and later) distribution. The latest version of Majordomo can be found at ftp://ftp.greatcircle.com/pub/majordomo/. It is written in Perl and requires either Perl 4.036, and appears to run with only minor tweaks under 5.001a or later. Make sure to check out the web interface for Majordomo called LWGate at http://www.netspace.org/users/dwb/lwgate.html. The latest versions of Perl (both 4.x and 5.x) can be found in http://www.metronet.com/perlinfo/src/. More information about Perl can be found at http://www.metronet.com/perlinfo/perl5.html The latest version of ftpmail can be found at ftp://src.doc.ic.ac.uk/packages/ftpmail or any comp.sources.misc archive (volume 37). _________________________________________________________________ Subject: Q4.3 -- How can I get sendmail to deliver local mail to $HOME/.mail instead of into /usr/spool/mail (or /usr/mail)? Date: July 9, 1996 Updated: January 7, 1999 Again, this is a local mailer issue, not a sendmail issue. Either modify your local mailer (source code will be required) or change the program called in the "local" mailer configuration description to be a new program that does this local delivery. One program that is capable of doing this is procmail (see Q4.9), although there are probably many others as well. _________________________________________________________________ Subject: Q4.4 -- Why does it deliver the mail interactively when I'm trying to get it to go into queue only mode? Date: March 23, 1996 Updated: August 14, 2000 Or, I'm trying to use the "don't deliver to expensive mailer" flag, and it delivers the mail interactively anyway. I can see it does it: here's the output of "sendmail -v foo@somehost" (or Mail -v or equivalent). The -v flag to sendmail (which is implied by the -v flag to Mail and other programs in that family) tells sendmail to watch the transaction. Since you have explicitly asked to see what's going on, it assumes that you do not want to to auto-queue, and turns that feature off. Remove the -v flag and use a "tail -f" of the log instead to see what's going on. If you are trying to use the "don't deliver to expensive mailer" flag (mailer flag "e"), be sure you also turn on global option "HoldExpensive" (whose old one-character name was "c") -- otherwise it ignores the mailer flag. _________________________________________________________________ Subject: Q4.5 -- How can I solve "MX list for hostname points back to hostname" and "config error: mail loops back to myself" messages? Date: January 17, 1997 Updated: May 8, 2000 Updated: January 24, 2002 I'm getting these error messages: 553 MX list for domain.net points back to relay.domain.net 554 ... Local configuration error How can I solve this problem? You have asked mail to a domain (e.g., domain.net) to be forwarded to a specific host (in this case, relay.domain.net) by using an MX record, but the relay machine doesn't recognize itself as domain.net. Add domain.net to /etc/mail/local-host-names [known as /etc/sendmail.cw prior to version 8.10] (if you are using FEATURE(`use_cw_file')) or add "Cw domain.net" to your configuration file. There are a couple of additional cases where you don't actually want local delivery, and thus adding domain.net to class w is not the right fix: * When relay.domain.net should just be acting as a forwarder, e.g. a firewall/gateway box. The proper fix could be to set up a mailertable entry for domain.net. * When relay.domain.net is a secondary (etc.) MX, and the MX mistakenly points to a CNAME or other "non-canonical" name [this gives "config error: mail loops back to me (MX problem?)"]. The proper fix is to point the MX at the actual name, a "work-around" to add the MX target to class w. IMPORTANT: When making changes to your configuration file, be sure you kill and restart the sendmail daemon (for any change in the configuration, not just this one): kill -HUP `head -1 /var/run/sendmail.pid` Note: You can also get this error message (MX loops ...) when two sendmail systems talk to each other, and both have the same value of $j . The best solution is "don't do that." _________________________________________________________________ Subject: Q4.6 -- Why does my sendmail process sometimes hang when connecting over a SLIP/PPP link? Date: March 23, 1996 I'm connected to the network via a SLIP/PPP link. Sometimes my sendmail process hangs (although it looks like part of the message has been transfered). Everything else works. What's wrong? Most likely, the problem isn't sendmail at all, but the low level network connection. It's important that the MTU (Maximum Transfer Unit) for the SLIP connection be set properly at both ends. If they disagree, large packets will be trashed and the connection will hang. _________________________________________________________________ Subject: Q4.7 -- How can I summarize the statistics generated by sendmail in the syslog? Date: April 9, 1997 Updated: January 4, 1999 Updated: March 27, 2000 Updated: July 13, 2000 Updated: May, 2001 Updated: August, 2001 Updated: November, 2001 Updated: May, 2006 This question is addressed on pages 445-449 of _sendmail, 2nd Ed_ (see page 319 of first edition) by Bryan Costales (see entry sendmail-faq//book/ISBN/1-56592-222-0 in Q6.1). To see what else is available today, check the Comprehensive Perl Archive Network. For more information, see the comp.lang.perl.* FAQs at ftp://rtfm.mit.edu/pub/usenet-by-hierarchy/comp/lang/perl/. If you're interested in using these kinds of tools to help you do some near real-time monitoring of your system, you might be interested in MEWS (Mail Early Warning System). From the README: If you've ever written a perl script to parse sendmail log files looking for errors, MEWS might be of interest to you. If you've ever thought about writing a perl script to munge sendmail log files, cringed a little and hurriedly came up with an excuse not to do it, read on. If you don't have a Solaris 2.5 machine, you can probably stop reading here. The Mail Early Warning System (MEWS) gives postmasters immediate notification of trouble spots on your mail backbone. It only works with sendmail. To explain it in a nutshell, whenever sendmail returns a 4xx or 5xx SMTP code, with the MEWS modifications, it also sends the code over UDP to a daemon which then replays the error message to interested parties. The man pages go into a little bit more detail. If this sounds like something you might be interested in getting more details about, you can find the MEWS archive at ftp://ftp.qualcomm.com/pub/people/eamonn/mews.tar.Z. Here's an update from Stephane Lentz on June 29, 2000: * anteater - written in C++ (+ STL lib), fast, really promising (you can add modules) * mreport - written in C, works fine on small logs but not with big hubs' log (all data are stored into memory) See also John Oliver's sendmail tools page for pointers to several related scripts. (May 25, 2001) Brad Knowles's links for popstats, smtpstats and syslog_stats have been revived at a new location. (May 29, 2001) Two new links (November 12, 2001): * Counterpane: Log Analysis Resources * LogReport _________________________________________________________________ Subject: Q4.8 -- How can I check my sendmail.cf to ensure that it's re-writing addresses correctly? Date: June 3, 2002 Sendmail's test mode is best for this. See the Sendmail Installation and Operation Guide, § 3.8 (Testing Configuration files); here is a short sample: % sendmail -bt -C /path/to/test/sendmail.cf ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter
> /tryflags hs > /try esmtp user@domain.com Trying header sender address user@domain.com for mailer esmtp ... > /quit % _________________________________________________________________ Subject: Q4.9 -- What is procmail, and where can I get it? Date: April 8, 1997 Updated: February 28, 1999 The program "procmail" is a replacement for the local mailer (variously called /bin/mail, /usr/bin/mail, mail.local, rmail, etc...). It has been ported to run on virtually every Unix-like OS you're likely to run into, and has a whole host of features. It is typically about 30% faster performing the job of the local mailer than programs such as /bin/mail or /usr/bin/mail, it has been hammered on widely to make it extremely secure (much more so than most local mailers) and very robust. Procmail is also capable of helping you put a quota on a user's mailbox through the standard Unix quota mechanism (see Q4.3). In short, whatever you've got, you're almost guaranteed that procmail is better (if nothing else, the author has been able to focus lots of time and energy into making it the best and fastest tool available, while most system vendors just throw something together as fast as they can and move on to the whole rest of the OS). However, this only begins to scratch the surface of what procmail is capable of. It's most important feature is the fact that it gives you a standard way to create rules (procmail calls them "recipes") to process your mail before the messages get put into your mailbox, and for that feature alone, it is one of the most important tools any administrator can have in their repertoire. By filtering out or automatically dealing with 80% of your daily cruft, it lets you spend more time on the hard 20%. Note that recent releases of version 8 sendmail natively support using procmail as an alternate local mailer (see "FEATURE(local_procmail)" for version 8.7 and above). They also support procmail as an additional local mailer, if you're concerned about flat-out replacing your current local mailer with procmail (see "MAILER(procmail)" in version 8.7 and above). You can also install procmail as a user and run it out of your .forward file, although this tends to be a bit slower and less efficient. More information about procmail can be found at http://www.procmail.org/ and the latest version can be found at ftp://ftp.procmail.org/pub/procmail/. Procmail is also the core to a mailing list management package called "SmartList", so if you've already got procmail, adding SmartList may be a good option. Some listowners prefer Majordomo, Listserv, or one of those other programs, but SmartList has more than a few adherents as well. Your personal tastes will dictate whether you swear by SmartList or at it. _________________________________________________________________ Subject: Q4.10 -- How can I solve "cannot alias non-local names" errors? Date: March 24, 1997 I upgraded from my vendor's sendmail to the latest version and now I'm getting these error messages when I run "newaliases": /etc/aliases: line 13: MAILER-DAEMON... cannot alias non-local names /etc/aliases: line 14: postmaster... cannot alias non-local names How can I solve this problem? Your local mailer doesn't have the "A" flag specified. Edit the Mlocal line in sendmail.cf and add "A" to the flags listed after "F=". Better yet, if you're running a recent version of sendmail that uses m4 to generate .cf files from .mc files, regenerate your sendmail.cf and see if that fixes the problem. Remember to install the new sendmail.cf and restart the sendmail daemon. _________________________________________________________________ Subject: Q4.11 -- Is sendmail Year-2000 (Y2K) compliant? Date: April 24, 1997 Updated: July 7, 1999 Please refer to the Sendmail Year 2000 Readiness Disclosure page. _________________________________________________________________ Subject: Q4.12 -- How can I batch remote mail to be sent using my ISP while delivering local mail immediately? Date: October 14, 1997 Updated: February 9, 1999 Updated: May 19, 2004 First, you need to get sendmail not to use DNS on your local machine so your host doesn't trying to connect to your ISP for a DNS query. See Q3.22 for more information. You also need to designate a "smart host" or external relay to handle all mail that you can't deliver locally (this would be your ISP's mailhost). You need to configure it so that the smtp mailer is considered "expensive" by adding the F=e mailer flag and tell sendmail not to connect to expensive mailers by default by setting the HoldExpensive option to True. You need to add mydomain.com to the sendmail.cw file or the Cw line in the sendmail.cf. See Q4.5. Finally, you need to run a program periodically to check in with your ISP and get them to deliver any mail they may have queued for you. See Q3.23. Andrzej Filip offers a different solution based on use of the dsmtp mailer (introduced in 8.10) instead of expensive mailers. _________________________________________________________________ Subject: Q4.13 -- What does "unknown mailer error 1" mean? Date: September 24, 1998 In general, sendmail does not perform final delivery of messages, but relies on a local delivery agent instead. Such an agent, mail.local, is provided with the sendmail distribution. Any such agent that sendmail invokes for message delivery, as specified on an M line in sendmail.cf, must exit with code 0 (success), or one of the failure codes noted in src/sysexits.h. These generally run in the range 64 - 78, so 1 would be out of range, and lead to sendmail generating the above error. _________________________________________________________________ Subject: Q4.14 -- How do I queue mail for another domain? Date: April 28, 1999 Updated: December 21, 2000 Updated: May 19, 2004 Situation: Your system mailserver.my.domain should act as a backup mailserver for mailserver.destination.domain. The client wants to receive mail for the address user@destination.domain. This requires: 1. MX Records: destination.domain. IN MX 10 mailserver.destination.domain. destination.domain. IN MX 20 mailserver.my.domain. mailserver.destination.domain. IN MX 10 mailserver.destination.domain. mailserver.destination.domain. IN MX 20 mailserver.my.domain. The last two records are there "just in case" (someone forgot masquerading). Make sure you use the real names of all systems. mailserver.my.domain must know its own name, otherwise you'll get the famous mail loops back to myself error. Instead of using MX records that point to mailserver.destination.domain, you can use the FEATURE(mailertable) on mailserver.my.domain as explained in cf/README for routing e-mails. 2. On your system: do nothing unless you have anti-relay rules installed (which you really should have!). In this case, add destination.domain to the required files (8.9) (or for 8.8). Don't add destination.domain or mailserver.destination.domain to class w on your system! If you want finer-grained control, then instead of updating /etc/mail/relay-domains, add the following to /etc/mail/access, as the access map entries allows relaying only "To:" a domain, while relay-domains allows both directions. To:destination.domain RELAY 3. sendmail on your system will try to deliver mail during queue runs, however, the client may trigger delivery by using the ETRN command. _________________________________________________________________ Subject: Q4.15 -- How do I create attachments with sendmail? Date: May 26, 1999 You don't. Sendmail is a mail transfer agent (MTA). Creating e-mail messages, including adding attachments or signatures, is the function of a mail user agent (MUA). Some popular MUAs include mutt, elm, exmh, Netscape, Eudora and Pine. Some specialized packages (metamail, some Perl modules, etc.) can also be used to create messages with attachments. _________________________________________________________________ Subject: Q4.16 -- How do I find sendmail's version number? Date: August 2, 1999 Updated: July 19, 2000 Updated: December 28, 2001 To find out which version is actually running, from without, telnet to the SMTP port (port 25). The daemon usually announces its name and version number, as in thishost% telnet that.host 25 Trying IP_addr... Connected to that.host. Escape character is '^]'. 220 that.host ESMTP Sendmail 8.12.1/8.12.1; Fri, 28 Dec 2001 11:39:34 -0800 QUIT To query a binary on your local host, the following command should display its version number, along with some extra configuration information, possibly including the configuration version number: % echo \$Z | /usr/sbin/sendmail -bt -d0 Version 8.12.1 Compiled with: MAP_REGEX LOG MATCHGECOS MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETUNIX NEWDB NIS QUEUE SCANF SMTP USERDB XDEBUG ============ SYSTEM IDENTITY (after readcf) ============ (short domain name) $w = knecht (canonical domain name) $j = knecht.Sendmail.ORG (subdomain name) $m = Sendmail.ORG (node name) $k = knecht.Sendmail.ORG ======================================================== ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter
> 8.12.1 % Adjust the pathname as needed; /usr/lib and /usr/sbin are the most common locations. _________________________________________________________________ Subject: Q4.17 -- How do I handle user names with upper-case characters? Date: November 18, 1999 Updated: August 8, 2001 You really shouldn't, because upper case characters in user names are contrary to the Unix tradition. If you do, then e-mail addresses will be case sensitive, so that mail to will bounce instead of being delivered to . As this is contrary to the expectations of many, it is not recommended. But if you insist on doing so anyway, and you have version 8.10, put the following in your .mc file: MODIFY_MAILER_FLAGS(`LOCAL', `+u')dnl If you don't have 8.10, you will need to redefine the LOCAL_MAILER_FLAGS m4 variable, but the initial value varies from OS to OS, so this is yet another reason not to mess with this flag. Another hack is the creation of aliases for Uppercase local users in the form: # lowercase version to real one uppercase: Uppercase It will make sendmail deliver messages to uppercase local recipients in a case insensitive manner. _________________________________________________________________ Subject: Q4.18 -- What does "NOQUEUE: Null connection from ..." mean? Date: February 24, 2000 Updated: March 12, 2000 An entry like: NOQUEUE: Null connection from host.domain [IP.AD.DD.RESS] in the logfile means that host.domain connected to your MTA but neither initiated transmission of a message (by issuing the MAIL command), nor used any of the commands that are logged separately (EXPN/VRFY/ETRN). Unless this happens very often, you can ignore this. If it happens very often, it's either someone playing around or it's a network problem. Note 1: The significant part of the message isn't the NOQUEUE, but the "Null connection from ...". In particular, NOQUEUE isn't an error indication, but just a "place-holder" when no queue ID has been assigned, typically because message collection hasn't started (yet). It can occur in other messages too, and there too the significant part is what comes after the NOQUEUE. Note 2: In 8.10, the text which led to the confusion has been changed to: "... did not issue MAIL/EXPN/VRFY/ETRN during connection to ...". _________________________________________________________________ Subject: Q4.19 -- How do I configure sendmail for POP/IMAP/... ? Date: March 12, 2000 You don't. Sendmail is a mail transfer agent whose primary purpose is to send and receive e-mail (primarily via SMTP). Sendmail does not implement any remote access protocols such as POP or IMAP. But if you want to learn more about these and other (non-sendmail) e-mail related things, please refer to our Other (Non-Sendmail) E-Mail Related Links page. _________________________________________________________________ Subject: Q4.20 -- How can I automatically copy messages based on sender or recipient addresses? Date: June 30, 2000 Updated: February 27, 2001 Updated: June 5, 2001 Updated: February 13, 2003 It would require custom programming. You could either write a mail filter using the new Milter API in sendmail 8.10 and later (see libmilter/README) or you could look at some of these other unsupported hints: * Axel Reinhold's logall.c module * Message-Id: <33AA593A.4B701C3F@syntegra.nl> * the procmailrc man page Note that no such feature has been added to sendmail. When asked about this one of the sendmail developers said it was "because we still believe a bit in privacy." _________________________________________________________________ Subject: Q4.21 -- How can I send mail to all users? Date: December 12, 2000 There is no magic short-cut for this. But it is not hard to set up: create an aliases entry alluser: :include:/etc/mail/allusers Don't forget to run 'newaliases'. Then list your users, one per line, in the file '/etc/mail/allusers'. You might be able to do that with awk -F: '$3 > 100 { print $1 }' /etc/passwd > /etc/mail/allusers _________________________________________________________________ Subject: Q4.22 -- Why can't I receive external mail? Date: December 4, 2002 Updated: August 16, 2004 Several vendors have changed the way that sendmail is run. They decided that most people need a client-only version of sendmail. So it is listening only on the localhost interface. Check the system documentation on how to change your .mc file. Here is a partial table of where some vendors ship their sendmail configuration hierarchy: sendmail distribution ./cf Solaris 7,8,9 /usr/lib/mail Solaris 10 /etc/mail/cf Red Hat 6.2 /usr/lib/sendmail-cf Red Hat 7 /usr/share/sendmail-cf Slackware 7.1 /usr/src/sendmail/cf But you should check for yourself on your own system. When in doubt, do a find for "proto.m4", then go up the tree one level. When you find the .mc file, look for the string "DAEMON_OPTIONS" and for the comment lines near that string. See also 5.3.1.3 for discussion about this problem as it relates specifically to Red Hat 7.1 and later. _________________________________________________________________ Subject: Q4.23 -- How do I restrict attachments with sendmail? Date: May 19, 2004 sendmail itself does not look at the content of a message, so it is not in a position to strip attachments. You need a filtering package that works with sendmail. You might want to look at www.milter.org for some open source solutions that use our "milter" facility. There's also something called MIMEDefang that can do it. You can also get commercial products to do it (see www.sendmail.com for example). _________________________________________________________________ Subject: Q4.24 -- Can I get sendmail to verify an entire e-mail address instead of just the domain? Date: May 19, 2004 If the e-mail comes from example.com, you have to look up the MX or A records for example.com to figure out which mail server to ask if the user is valid. The DNS could be slow or unresponsive. The remote server could be slow or unresponsive. If you were to make such checks, a bad guy could bombard you with mail claiming to come from hotmail.com users, and then suddenly you would be connection-bombing Hotmail's mail servers asking them about the recipients the bad guy is claiming to be. The only safe way to do this is to verify that the sender exists when the sender claims to be in your domain. Naturally you are then in a position to confirm or deny the sender is valid. sendmail.org 5. VENDOR/OS SPECIFIC SENDMAIL ISSUES * 5.1 Sun Microsystems SunOS/Solaris 1.x/2.x + 5.1.1 How can I solve "line 273: replacement $3 out of bounds" errors? + 5.1.2 How can I solve "line 445: bad ruleset 96 (50 max)" errors? + 5.1.3 Why does version 8 sendmail (< 8.7.5) sometimes hang under Solaris 2.5? + 5.1.4 Why can't I use SunOS/Solaris to get email to certain large sites? + 5.1.5 Why do I have trouble compiling on Solaris? + 5.1.6 How does 8.X compare to 8.X+Sun? * 5.2 IBM AIX + 5.2.1 The system resource controller always reports sendmail as "inoperative". What's wrong? + 5.2.2 Why can't I use AIX to get email to some sites? + 5.2.3 Why can't I get sendmail 8.7.1 to use MX records with AIX 3.2.5? * 5.3 Linux + 5.3.1 Red Hat o 5.3.1.1 Why do I have so many sendmail problems after configuring sendmail with linuxconf? o 5.3.1.2 I built sendmail.cf from sendmail.mc and it works until the next reboot of the machine. What is going on? o 5.3.1.3 Why can't I receive mail with Red Hat 7.1 and later? + 5.3.2 SuSE o 5.3.2.1 Where is the sendmail.cf file on SuSe Linux? _________________________________________________________________ 5.1 -- Sun Microsystems SunOS/Solaris 1.x/2.x _________________________________________________________________ Q5.1.1 -- How can I solve "line 273: replacement $3 out of bounds" errors? Date: March 23, 1996 When I use sendmail V8 with a Sun config file I get lines like: /etc/sendmail.cf: line 273: replacement $3 out of bounds the line in question reads: R$*<@$%y>$* $1<@$2.LOCAL>$3 user@ether what does this mean? How do I fix it? V8 doesn't recognize the Sun "$%y" syntax, so as far as it is concerned, there is only a $1 and a $2 (but no $3) in this line. Read Rick McCarty's paper on "Converting Standard Sun Config Files to Sendmail Version 8", in the contrib directory (file "converting.sun.configs") in the latest version 8 sendmail distribution for a full discussion of how to do this. _________________________________________________________________ Q5.1.2 -- How can I solve "line 445: bad ruleset 96 (50 max)" errors? Date: March 23, 1996 When I use sendmail V8 on a Sun, I sometimes get lines like: /etc/sendmail.cf: line 445: bad ruleset 96 (50 max) what does this mean? How do I fix it? You're somehow trying to start up the old Sun sendmail (or sendmail.mx) with a version 8 sendmail config file, which Sun's sendmail doesn't like. Check your /etc/rc.local, any procedures that have been created to stop and re-start the sendmail processes, etc.... Make sure that you've switched everything over to using the new sendmail. To keep this problem from ever happening again, try the following (make sure you're logged in as root): mv /usr/lib/sendmail /usr/lib/sendmail.old ln -s /usr/local/lib/sendmail.v8 /usr/lib/sendmail mv /usr/lib/sendmail.mx /usr/lib/sendmail.mx.old ln -s /usr/local/lib/sendmail.v8 /usr/lib/sendmail.mx chmod 0000 /usr/lib/sendmail.old chmod 0000 /usr/lib/sendmail.mx.old Assuming, of course, that you have installed sendmail V8 in /usr/local/lib/sendmail.v8. _________________________________________________________________ Q5.1.3 -- Why does version 8 sendmail (< 8.7.5) sometimes hang under Solaris 2.5? Date: May 23, 1996 In moving from Solaris 2.4 to Solaris 2.5, the kernel changed its name and is now in /kernel/genunix instead of /kernel/unix, so _PATH_UNIX in conf.h is pointing to the wrong place. If you can't upgrade to the latest release of sendmail 8.8.z, the next best thing to do is change _PATH_UNIX in conf.h (in the solaris2 part) to point to the generic interface /dev/ksyms, like so: # define _PATH_UNIX "/dev/ksyms" _________________________________________________________________ Q5.1.4 -- Why can't I use SunOS/Solaris to get email to certain large sites? Date: November 24, 1996 This is most likely a problem in your resolver libraries (DNS, /etc/hosts, NIS, etc...). Older Sun (and Solaris?) resolver libraries allocated enough room for only five IP addresses for each host name, and if any program ever ran across a name with more than five IP addresses for it, the program would crash. For example, this would keep you from getting mail to CompuServe, since (at the time of this writing) they list eleven IP addresses for mx1.compuserve.com (one of the named MXes for compuserve.com). This will affect you even if you use version 8 sendmail, since it's a problem in the resolver libraries, and not in sendmail itself. You should either get patches to the resolver libraries from Sun, or the latest version of BIND (see Q2.12) and install their resolver library routines. Between the two, installing BIND is a bit more work, but it typically gives you much more up-to-date code to help you resist attacks to your systems, more capable programs to be used for serving the DNS (including support for IPv6 and several other features), and some very useful utility programs. _________________________________________________________________ Q5.1.5 -- Why do I have trouble compiling on Solaris? Date: October 20, 1997 Many people have experienced compilation problems on Solaris, with the compiler typically complaining about tm_zone or TopFrame. The Solaris section of our Compiling Sendmail page explains these. _________________________________________________________________ Q5.1.6 -- How does 8.X compare to 8.X+Sun? Date: August 29, 1998 With a Vn/Berkeley config file, they're identical. There are a few minor differences between 8.X with a Vn/Berkeley config file and 8.X+Sun with the same config file, but the V line changed to Vn/Sun. But most differences are the backwards compatibility hacks needed for 8.X+Sun to support old V1/Sun config files. There are three web pages which discuss these in detail: Berkeley migration (from SMI-8.6 to 8.X), Sun migration (from SMI-8.6 to 8.X+Sun), and Differences (5 sections comparing and contrasting config files and binaries). _________________________________________________________________ 5.2 -- IBM AIX _________________________________________________________________ Q5.2.1 -- The system resource controller always reports sendmail as "inoperative". What's wrong? Date: July 5, 1996 Updated: January 30, 2002 When I use version 8 sendmail on an IBM RS/6000 running AIX, the system resource controller always reports sendmail as "inoperative", even though it's actually running. What's wrong? When running as a daemon, sendmail detaches from its parent process, fooling the SRC into thinking that sendmail has exited. To fix this, issue the commands: kill `head -1 /etc/sendmail.pid` chssys -s sendmail -f 9 -n 15 -S -a "-bD" startsrc -s sendmail -a "-bd -q30m" # your sendmail args may vary Now the SRC should report the correct status of sendmail. For more information, read up on the System Resource Controller, the lssrc command and the chssys command in the online AIX documentation. _________________________________________________________________ Q5.2.2 -- Why can't I use AIX to get email to some sites? Date: April 8, 1997 When I use IBM's sendmail on an IBM RS/6000 running AIX trying to get to certain sites, it seems that I can get to some of them and not others. What's wrong? There are two possible problems here: 1) Your version of sendmail is not configured to recognize MX records in the DNS. Search through your sendmail.cf looking for "OK MX" or "OK ALL". Older configurations had this line commented out, and this will cause mail from you to some sites to fail (because those sites have MX records, but no A records in their DNS for the specific Fully Qualified Domain Name you're trying to mail to). For more information, see the comp.unix.aix FAQ ftp://rtfm.mit.edu/pub/usenet/news.answers/aix-faq/. 2) There is a negative caching bug in AIX 3.2.5 with /usr/sbin/named executables that are less than 103000 bytes long. Ask your IBM representative to give you PMP 3251, or the most recent patch that fixes this problem for your particular configuration and version of the OS. _________________________________________________________________ Q5.2.3 -- Why can't I get sendmail 8.7.1 to use MX records with AIX 3.2.5? Date: July 5, 1996 IBM, in their infinite wisdom, provided a header file that would easily mis-compile. This resulted in the struct{} for the DNS query to be mis-allocated, and MX processing would barf. Fix 1) upgrade to 8.7.5 - this has a code fix for this problem. Fix 2) Install the BIND 4.9.4 libraries and include files and tweak the Makefile.AIX to use them - I *think* these Get It Right (if not, at least it'll die during compile rather than failing weirdly at runtime). Fix 3) Hack Makefile.AIX to pass a -DBIT_ZERO_ON_LEFT to cause the headers to use the right #ifdefs. _________________________________________________________________ 5.3 -- Linux _________________________________________________________________ 5.3.1 -- Red Hat _________________________________________________________________ 5.3.1.1 -- Why do I have so many sendmail problems after configuring sendmail with linuxconf? Date: June 15, 2000 Updated: September 27, 2000 Do not edit sendmail.cf with linuxconf. This tool and its module "mailconf" are broken and based on very old rulesets from 8.8.7 . You will have many troubles if you do this. First make sure that the sendmail-cf RPM is installed. Then create your own myhost.mc file in /usr/lib/sendmail-cf/cf: % cd /usr/lib/sendmail-cf/cf % cp redhat.mc myhost.mc (Edit myhost.mc) % m4 ../m4/cf.m4 myhost.mc > myhost.cf (Test this new myhost.cf; once it's known good, install it:) (If 8.9.x or earlier:) % cp myhost.cf /etc/sendmail.cf % chown root /etc/sendmail.cf (If 8.10.x or later:) % cp myhost.cf /etc/mail/sendmail.cf % chown root /etc/mail/sendmail.cf See /usr/doc/sendmail/README.cf (or just README) for features and detailed instructions how to do this. _________________________________________________________________ 5.3.1.2 -- I built sendmail.cf from sendmail.mc and it works until the next reboot of the machine. What is going on? Date: June 15, 2000 If you have used linuxconf's module "mailconf" just once, it will rewrite your sendmail.cf on every reboot if it sees that sendmail.cf is changed from linuxconf. The solution is to remove the mailconf module from linuxconf. Turn on linuxconf and go to item Control files and systems > Configure Linuxconf modules Scroll down to "Module path -> mailconf" and turn off the button "this module is active", then click "Accept" and "quit" to quit linuxconf. This will disable linuxconf's control of sendmail. Build sendmail.cf again from sendmail.mc (see 5.3.1), and restart sendmail. _________________________________________________________________ 5.3.1.3 -- Why can't I receive mail with Red Hat 7.1 and later? Date: May 3, 2001 Updated: June 11, 2001 Updated: December 4, 2002 Red Hat, like some other vendors, changed the way that sendmail is run. (See 4.22 for a more general discussion of this problem.) They decided that most people need a client-only version of sendmail. So it is listening only on the localhost interface. Check the RH documentation on how to change that: Make sure that you have installed the "sendmail-cf" package on your system -- it should be on your install media. Then check the file "sendmail.mc" (probably in "/etc/mail"). Look for the string "DAEMON_OPTIONS" and for the comment lines near that string. Also note that Red Hat 7.1 and later build sendmail with tcpwrapper support, and provide a hosts.deny file that rejects all external mail. The sendmail:ALL addition to hosts.allow fixes this. _________________________________________________________________ 5.3.2 -- SuSE _________________________________________________________________ 5.3.2.1 -- Where is the sendmail.mc file on SuSE Linux? Date: May 5, 2002 On SuSE Linux systems there is no real sendmail.mc file. This file is generated 'on the fly' by SuSEconfig using several variables in /etc/rc.config and /etc/rc.config.d/sendmail.rc.config (SuSE <= 7.3) or /etc/sysconfig/sendmail (SuSE >= 8.0). SuSEconfig executes the script /sbin/conf.d/SuSEconfig.sendmail to a) build a temorary .mc file b) execute m4 to generate /etc/sendmail.cf and c) delete the temporary .mc file afterwards. To make customisations you cannot achieve by modifying the variables in the configuration files mentioned above (using YaST or YaST2), you have two options: 1. Use /etc/mail/linux.mc (or /etc/mail/linux.nullclient.mc) as a starting point. Both files contain several helpful comments. 2. To get a .mc file based on your current configuration, modify /sbin/conf.d/SuSEconfig.sendmail to keep the temporary .mc file and execute SuSEconfig afterwards. Then use that copy as starting point. In both cases you have to build your /etc/sendmail.cf (note: SuSE still uses /etc not /etc/mail as suggested in the manual) using the m4 macroprocessor: m4 your.mc.file > /etc/sendmail.cf Then reload sendmail with "rcsendmail reload". To prevent SuSEconfig from overiding your new sendmail.cf in future runs, set the variable "SENDMAIL_TYPE" in /etc/rc.config.d/sendmail.rc.config to "no" (SuSE Linux <= 7.3). On systems >= 8.0 you probably will have to set an "exit" command atop of the file /sbin/conf.d/SuSEconfig.sendmail to do the same. SuSE 8.0 does not know the SENDMAIL_TYPE variable. sendmail.org 6. ADDITIONAL INFORMATION SOURCES (RFC 1807 bibliography format) * 6.1 Reference material devoted exclusively to sendmail * 6.2 Reference material with chapters or sections on sendmail * 6.3 Reference material on subjects related to sendmail * 6.4 World-wide web index pages on sendmail * 6.5 World-wide web index pages Internet email in general * 6.6 Online tutorials for sendmail * 6.7 Online archives of mailing lists and Usenet newsgroups, relating to Internet email _________________________________________________________________ Q6 -- Additional information sources Date: April 8, 1997 Updated: July 20, 2002 This probably isn't in strict RFC 1807 format, but I'm getting closer. Unfortunately, the format detailed in RFC 1807 was never intended to be used in this fashion, so I'm doing a bit of square-peg fitting into round holes. Note that the publisher ids that I've assigned should not be misconstrued to imply that I have actually published all these documents, it's just that I need some sort of reasonable entry for the RFC 1807 "ID" field, and in lieu of information to the contrary indicating what the actual publishers have registered, I have assigned my own, independent, "third-party" IDs. Hopefully, the bibliographic entries below make it obvious who the real publishers of the various documents are. _________________________________________________________________ 6.1 Reference material devoted exclusively to sendmail BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/reference/1 ENTRY:: March 23, 1996 TYPE:: Reference manual, available online in printable format REVISION:: July 19, 2002 TITLE:: Sendmail Installation and Operation Guide AUTHOR:: Allman, Eric AUTHOR:: Shapiro, Gregory AUTHOR:: Aßmann, Claus CONTACT:: DATE:: July 20, 2002 PAGES:: 100 RETRIEVAL:: Contents of manual is in doc/op/op.ps of sendmail source archive KEYWORD:: version 8.12.5 sendmail LANGUAGE:: English NOTES:: {g|n}roff "me" macro format version is in doc/op/op.me See: URL:http://www.sendmail.org/ ABSTRACT:: The documentation written by Eric Allman himself, comes with the sendmail distribution. It is absolutely necessary to have this guide at hand at all times. Section one tells how to do an installation. Section two explains day to day information you should know to run a mail system. Tuning, queue management and features for access control are all documented in this guide. The file in doc/op/op.me (nroff "me" macro format) may have a different number of pages depending on the type of device it is printed on, etc.... Check the sendmail home page for late-breaking updates and other useful information. If you want to be notified regarding future updates to sendmail and other items of potential interest, you may want to subscribe to the sendmail-announce mailing list. Address your subscription requests to "majordomo@lists.sendmail.org" with "subscribe sendmail-announce" as the body of the message. END:: sendmail-faq//online/reference/1 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/1-56592-222-0 ENTRY:: March 23, 1996 REVISION:: April 8, 1997; Updated entire entry re: 2nd Ed. TYPE:: Reference book, hardcopy TITLE:: sendmail AUTHOR:: Costales, Bryan AUTHOR:: Allman, Eric CONTACT:: Bryan Costales O'Reilly & Associates, Inc. 103 Morris Street, Suite A Sebastapol, CA 95472 Order by phone: 800-998-9938 (US/Canada inquiries) 800-889-8969 (US/Canada credit card orders) 707-829-0515 (local/overseas) DATE:: January, 1997 PAGES:: 1021 COPYRIGHT:: Copyright (c) 1997 O'Reilly & Associates, Inc. All rights reserved. LANGUAGE:: English NOTES:: See: URL:http://www.ora.com/catalog/sendmail2/ ABSTRACT:: The definitive reference for version 8 sendmail (specifically, version 8.8). If you can have only one book on the subject of sendmail, this one is it. Bryan provides his consulting to the world in the form of his book, unless you're willing to compensate him for his services as well. Like Eric, you should make sure you've exhausted all other courses of action before you spend any of his valuable time. END:: sendmail-faq//book/ISBN/1-56592-222-0 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/1-55558-127-7 ENTRY:: March 23, 1996 TYPE:: Reference book, hardcopy REVISION:: Sep 9, 1996; fixed typo TITLE:: Sendmail: Theory and Practice AUTHOR:: Avolio, Frederick M. AUTHOR:: Vixie, Paul A. CONTACT:: Fred Avolio , Paul Vixie Digital Press 225 Wildwood Avenue Woburn, MA 01801, USA Ordering Info: voice 1 800 366 2665 fax 1 800 446 6520 DATE:: 1994 PAGES:: 262 COPYRIGHT:: Copyright (c) by 1995 Butterworth-Heinemann LANGUAGE:: English NOTES:: See: URL:http://www.vix.com/vix/smtap/ ABSTRACT:: Centers more on IDA sendmail (at least partly because version 8 didn't exist when they began the book). Written more like a college Sophomore or Junior level textbook. While you'll probably never let the Costales book out of your grubby little hands (especially if you do much work with version 8 sendmail), this is a book you'll probably read once or maybe twice, learn some very valuable things, but then likely put on a shelf and not read or reference again (unless you have to write up a bibliographic entry for it). Makes a better introduction to sendmail for management types, especially if you don't want them getting their hands on too much "dangerous" technical information. Also a *lot* smaller and less imposing. If possible, I recommend getting both, but if you can only get one, get Costales unless you're going to be working exclusively with IDA sendmail, in which case Avolio & Vixie will probably be more useful. Note that Paul Vixie is extremely busy working on further development of BIND, the Internet de facto standard program for serving the DNS, upon which all Internet services depend, mail being only one of them. Like Eric and Bryan, he's also very busy. Unless you're willing to compensate him for his services, please let him get real work done. END:: sendmail-faq//book/ISBN/1-55558-127-7 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/1-56592-278-6 ENTRY:: April 14, 1999 REVISION:: TYPE:: Pocket size reference, hardcopy TITLE:: sendmail Desktop Reference AUTHOR:: Costales, Bryan AUTHOR:: Allman, Eric CONTACT:: Bryan Costales O'Reilly & Associates, Inc. 103 Morris Street, Suite A Sebastapol, CA 95472 Order by phone: 800-998-9938 (US/Canada inquiries) 800-889-8969 (US/Canada credit card orders) 707-829-0515 (local/overseas) DATE:: June, 1997 PAGES:: 68 COPYRIGHT:: Copyright (c) 1997 O'Reilly & Associates, Inc. All rights reserved. LANGUAGE:: English NOTES:: See: URL:http://www.ora.com/catalog/sendmailqr/ ABSTRACT:: A companion to the sendmail book. This small guide fits in pocket and saves you having to carry the thousand page book in your briefcase. For detail or tutorial information, see the full sendmail book. There are sections on the config file, databases and configuring with m4. There are extensive cross-references to the full sendmail book. END:: sendmail-faq//book/ISBN/1-56592-278-6 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/0-7821-2737-1 ENTRY:: July 19, 2002 TYPE:: Reference book, hardcopy TITLE:: Linux Sendmail Administration AUTHOR:: Hunt, Craig CONTACT:: SYBEX, Inc. 1151 Marina Village Parkway Alameda, CA 94501 Order on-line: www.sybex.com also: Bookpool.com (www.bookpoolcom) DATE:: February 2001 PAGES:: 457 LANGUAGE:: English ABSTRACT:: This book is useful whether you run Linux or some other Unix version. It attempts to simplify sendmail by covering only configuration options usually needed, which reduces some complexity for new sendmail administrators. Covered are: using the m4 language to build a sendmail configuration, using sendmail databases such as access maps, testing and debugging and using sendmail authentication techniques. Covers some things not in the Costales book (the "Bat Book") which was last updated for sendmail 8.8. END:: sendmail-faq//book/ISBN/0-7821-2737-1 END:: sendmail-faq//book/ISBN/0-321-11570-8 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/0-321-11570-8 ENTRY:: October 12, 2002 REVISION:: TYPE:: Reference book, hardcopy TITLE:: sendmail Performance Tuning AUTHOR:: Christenson, Nick CONTACT:: Nick Christenson Addison-Wesley Professional 75 Arlington St., Suite 300 Boston, MA 02116 USA Order on the web at: http://www.pearsonptg.com/book_detail/0,3771,0321115708,00.html DATE:: September, 2002 PAGES:: 256 COPYRIGHT:: Copyright (c) 2003 by Pearson Eduction, Inc., All rights reserved. LANGUAGE:: English NOTES:: See: URL:http://www.jetcafe.org/~npc/book/sendmail/ ABSTRACT:: As email traffic continues to increase, system administrators must be able to guarantee that their email servers can deliver reliable performance today and bear larger loads tomorrow. "sendmail Performance Tuning" is a practical guide to building, tuning, and testing email servers based on sendmail to function more efficiently, handle more messages, and resist both accidental and malicious load-related incidents. END:: sendmail-faq//book/ISBN/0-321-11570-8 _________________________________________________________________ 6.2 Reference material with chapters or sections on sendmail BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/0-13-151051-7 ENTRY:: March 23, 1996 TYPE:: Reference book, hardcopy REVISION:: May 23, 1996; Updated abstract. TITLE:: Unix System Administration Handbook, Second Edition AUTHOR:: Nemeth, Evi AUTHOR:: Snyder, Garth AUTHOR:: Seebass, Scott AUTHOR:: Hein, Trent R. CONTACT:: Prentice-Hall, Inc. Upper Saddle River, New Jersey 07458 DATE:: January, 1995 PAGES:: 780 COPYRIGHT:: Copyright (c) 1995 by Prentice Hall PTR LANGUAGE:: English NOTES:: See: URL:http://www.admin.com/ ABSTRACT:: Still the best hands-on Unix System Administration book around. Covers far more than just sendmail, but the sixty-four pages (pages 455-518 in the third printing) it does devote are very well written and quite useful. Also provides a version of Rob Kolstad's checksendmail script on the accompanying CD-ROM. Note that Eric Allman and Marshall Kirk McKusick wrote the Foreword for the Second Edition. This should give you at least an inkling as to how essential this book is, even for experienced Unix administrators. END:: sendmail-faq//book/ISBN/0-13-151051-7 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/0-201-58629=0 ENTRY:: March 23, 1996 TYPE:: Reference book, hardcopy REVISION:: March 27, 1996; Changed ID format to include ISBN, moved URL to NOTES field from OTHER_ACCESS field, also updated ABSTRACT REVISION:: March 29, 1996; Updated ID, PAGES, COPYRIGHT, and ABSTRACT TITLE:: Practical Internetworking With TCP/IP and UNIX AUTHOR:: Carl-Mitchell, Smoot AUTHOR:: Quarterman, John S. CONTACT:: Addison Wesley Publishing Company Computer Science & Engineering Division One Jacob Way Reading, MA 01867 USA Orders: voice://800-822-6339 (USA) fax://617-942-1117 DATE:: 1993 PAGES:: 476 COPYRIGHT:: Copyright (c) 1993 by Addison-Wesley Publishing Company, Inc. LANGUAGE:: English NOTES:: See URL:http://heg-school.aw.com/cseng/authors/mitchell/ practical/practical.html ABSTRACT:: Devotes 50 pages (most of chapter 8) to discussion of sendmail. As far as TCP/IP networking books go that also happen to discuss sendmail, it seems well-written and clear (better than I recall Hunt's book being), but rather dated in the face of books devoted to the topic and all the recent development activity in the sendmail community. Forget about the references, though. The newest sendmail-related reference listed is dated 1983, ten years before the date on this book and most certainly wildly out-of-date now. There are other books written on the subject of Internetworking with TCP/IP (most notably Comer), but this particular book seems to have a unique mix of theory (if perhaps a bit dated) and practical advice. Other books tend to have lots of one or the other, or split their theory and nitty-gritty details into separate books in a series (like Comer). Assuming that an update will be coming out soon, it probably deserves a place on the shelf of most System or Network Administrators, right next to _Internetworking with TCP/IP_ by Comer, _Managing Internet Information Services_ by Liu, et. al., _DNS and BIND_ by Albitz and Liu, _Unix System Administration_ by Nemeth, et. al., and last, but certainly not least, _sendmail_ by Costales. However, it deserves this place more because of the non-sendmail related material, as opposed to what sendmail-related material there is. END:: sendmail-faq//book/ISBN/0-201-58629-0 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/1-56592-322-7 ENTRY:: April 14, 1999 TYPE:: Reference book, hardcopy REVISION:: July 20, 2002 TITLE:: TCP/IP Network Administration 3rd Edition AUTHOR:: Hunt, Craig CONTACT:: O'Reilly & Associates, Inc. 1005 Gravenstein Highway North Sebastapol, CA 95472 Bookstores Carrying O'Reilly Books: www.oreilly.com/sales/bookstores also: Bookpool.com (www.bookpool.com) DATE:: April, 2002 PAGES:: 725 LANGUAGE:: English NOTES:: See: URL:http://www.ora.com/catalog/tcp3/ ABSTRACT:: Chapter 10 consists of 50 pages devoted to sendmail. Appendix E is a 60 page sendmail reference which covers compiling sendmail, m4 compiler options, sendmail command line arguments, and sendmail configuration. A very good treatment of sendmail, less daunting and more current than the 2nd edition Costales book. The introductary chapters of the book are also helpful in understanding the big picture of network services. END:: sendmail-faq//book/ISBN/1-56592-322-7 _________________________________________________________________ 6.3 Reference material on subjects related to sendmail BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/1-56592-512-2 ENTRY:: April 14, 1999 TYPE:: Reference book, hardcopy REVISION:: April 14, 1999; Updated entire entry for 3rd Ed. TITLE:: DNS and BIND 3rd Edition AUTHOR:: Albitz, Paul AUTHOR:: Liu, Cricket CONTACT:: O'Reilly & Associates, Inc. 103 Morris Street, Suite A Order by phone: 800-998-9938 (US/Canada inquiries) 800-889-8969 (US/Canada credit card orders) 707-829-0515 (local/overseas) DATE:: September, 1998 PAGES:: 502 COPYRIGHT:: Copyright (c) 1998 O'Reilly & Associates, Inc. All rights reserved. LANGUAGE:: English NOTES:: See: URL:http://www.ora.com/catalog/dns3/ ABSTRACT:: As definitive as Costales is on sendmail, this book is on the subject of the Domain Name System (DNS) and the most common server software for the DNS, namely BIND. The third edition deals with the new 8.1.2 version of BIND as well as the older 4.9 versions. Wherever there is a difference in behavior of the versions, the book points out which version does what. Anyone still using the first edition should strongly consider replacing it now since the new features will be the basis for the next generation of name servers. Since the sending of Internet mail is so very heavily dependent on the DNS, it obviously also belongs on the shelf of any Postmaster or System Administrator whose site does Internet email. That means virtually every administrator of every site on the Internet. END:: sendmail-faq//book/ISBN/1-56592-512-2 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//book/ISBN/1-56592-153-4 ENTRY:: April 8, 1997 TYPE:: Reference book, hardcopy TITLE:: Using & Managing UUCP AUTHOR:: Ravin, Ed AUTHOR:: O'Reilly, Tim AUTHOR:: Dougherty, Dale AUTHOR:: Todino, Grace CONTACT:: O'Reilly & Associates, Inc. 103 Morris Street, Suite A Order by phone: 800-998-9938 (US/Canada inquiries) 800-889-8969 (US/Canada credit card orders) 707-829-0515 (local/overseas) DATE:: September, 1996 PAGES:: 424 LANGUAGE:: English NOTES:: See: URL:http://www.ora.com/catalog/umuucp/ ABSTRACT:: Replaces _Managing UUCP and Usenet_ by Todino and O'Reilly as the definitive book for using, installing, and managing UUCP. The general assumption with version 8 sendmail is that virtually no one uses UUCP to send email anymore, but if that assumption isn't true for you, then you probably need this book. END:: sendmail-faq//book/ISBN/1-56592-153-4 _________________________________________________________________ 6.4 World-wide web index/resource pages on sendmail BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/index/10 ENTRY:: March 23, 1996 TYPE:: Online sendmail index REVISION:: April 14, 1999; updated to sendmail.org address TITLE:: sendmail FAQ Support Page AUTHOR:: Beck, John CONTACT:: John Beck OTHER_ACCESS:: URL:http://www.sendmail.org/faq/ LANGUAGE:: English ABSTRACT:: Support Page for this FAQ. END:: sendmail-faq//online/index/10 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/index/17 ENTRY:: March 25, 1996 TYPE:: Online sendmail index REVISION:: April 14, 1999; updated to sendmail.org address TITLE:: comp.mail.sendmail Most Frequently Asked Questions Support Page AUTHOR:: Aßmann, Claus CONTACT:: Claus Aßmann OTHER_ACCESS:: URL:http://www.sendmail.org/~ca/email/english.html LANGUAGE:: English ABSTRACT:: Most Frequently Asked Questions on comp.mail.sendmail and their answers. Also has some links to a few other resources. END:: sendmail-faq//online/index/17 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/resources/22 ENTRY:: November 24, 1996 TITLE:: IICONS Sendmail Resources AUTHOR:: Caloca, Paul CONTACT:: Paul Caloca COPYRIGHT:: Copyright (c) 1996 Paul Caloca. All Rights Reserved. OTHER_ACCESS:: URL:http://www.iicons.com/sendmail/index.html LANGUAGE:: English ABSTRACT:: Provides information on how to compile Sendmail and the NEWDB db.1.85 for Solaris 2. Also has a section on which Sun patches update Solaris 2 to BIND 4.9.3. Has pointers to some non-Sun/Solaris sendmail resources, especially including CERT Advisories related to sendmail. END:: sendmail-faq//online/index/22 _________________________________________________________________ 6.5 World-wide web index pages and other reference on Internet email in general BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/index/12 ENTRY:: March 23, 1996 TYPE:: Online general Internet email index REVISION:: March 27, 1996; moved URL from RETRIEVAL field to OTHER_ACCESS field. TITLE:: Internet Mail Consortium web site CORP-AUTHOR:: Internet Mail Consortium CONTACT:: OTHER_ACCESS:: URL:http://www.imc.org/ LANGUAGE:: English ABSTRACT:: If it has to do with Internet email, you'll probably find it here or a link to it from here. They have or have information on email-related Usenet FAQs, RFCs, Internet Drafts (documents that are in the process of becoming RFCs), IETF Working Groups, security standards, and are running a few email-related mailing lists. Tends to be focussed on the standards issues. If you care about Internet email, you should make it your duty in life to check this site frequently. END:: sendmail-faq//online/index/12 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/index/13 ENTRY:: March 23, 1996 TYPE:: Online general Internet email index REVISION:: August 20, 1996; Updated URL. TITLE:: Email References AUTHOR:: Wohler, Bill CONTACT:: Bill Wohler OTHER_ACCESS:: URL:http://www.worldtalk.com/html/msg_resources/email_ref.html LANGUAGE:: English ABSTRACT:: The most exhaustive index site I know of for Internet email related documents outside of the Internet Mail Consortium. Also has pointers to other organizations that relate to Internet email, such as the Electronic Messaging Association and the European Electronic Messaging Association. Tends to be focussed on the server and standards issues. END:: sendmail-faq//online/index/13 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/index/14 ENTRY:: March 23, 1996 TYPE:: Online general Internet email index REVISION:: June 28, 1996; Added acronym for SMTPRD TITLE:: SMTP Resources Directory (SMTPRD) AUTHOR:: Salamon, Andras AUTHOR:: Knowles, Brad CONTACT:: Andras Salamon OTHER_ACCESS:: URL:http://www.dns.net/smtprd/ LANGUAGE:: English ABSTRACT:: Another good index site, but still very much in the early phases of gestation. Based very heavily on the DNS Resources Directory, also by Andras Salamon. A well-rounded site, for the amount of material it covers so far. END:: sendmail-faq//online/index/14 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/index/15 ENTRY:: March 23, 1996 TYPE:: Online general Internet email index REVISION:: March 27, 1996; moved URL from RETRIEVAL field to OTHER_ACCESS field. TITLE:: E-Mail Web Resources AUTHOR:: Wall, Matt CONTACT:: Matt Wall OTHER_ACCESS:: URL:http://andrew2.andrew.cmu.edu/cyrus/email/email.html LANGUAGE:: English ABSTRACT:: Another good index site, tends to be more focussed on client side and LAN email packages. Also lists some email services, which no one else that I've seen appears to have taken the time to catalog. Excellent side-by-side feature comparison of various MUAs and their compliance with various Internet protocols. END:: sendmail-faq//online/index/15 _________________________________________________________________ 6.6 Online tutorials for sendmail BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/tutorial/9 ENTRY:: March 23, 1996 TYPE:: Online sendmail tutorial REVISION:: March 27, 1996; moved URL from RETRIEVAL field to OTHER_ACCESS field. REVISION:: August 29, 1998; updated URL. TITLE:: Sendmail V8: A (Smoother) Engine Powers Network Email AUTHOR:: Reich, Richard CONTACT:: Richard Reich DATE:: February 8, 1996 COPYRIGHT:: Copyright (c) 1995 The McGraw-Hill Companies, Inc. All Rights Reserved. OTHER_ACCESS:: URL:http://www.networkcomputing.com/unixworld/tutorial/ 008/008.txt.html LANGUAGE:: English NOTES:: UnixWorld Online: Tutorial: Article No. 008 ABSTRACT:: Good technical introduction. Some useful references. Notably does not reference this FAQ as a place to get more information. END:: sendmail-faq//online/article/9 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/tutorial/16 ENTRY:: March 23, 1996 TYPE:: Online sendmail tutorial REVISION:: March 27, 1996; moved URL from RETRIEVAL field to OTHER_ACCESS field. TITLE:: Sendmail -- Care and Feeding AUTHOR:: Quinton, Reg CONTACT:: Reg Quinton Computing and Communications Services The University of Western Ontario London, Ontario N6A 5B7 Canada DATE:: March 24, 1992 OTHER_ACCESS:: URL:ftp://ftp.sterling.com/mail/sendmail/uwo-course/ sendmail.txt.Z LANGUAGE:: English NOTES:: Postscript version also available. See ftp://ftp.sterling.com/ mail/sendmail/uwo-course/sendmail.ps.Z ABSTRACT:: Dated. Only here until I find better. END:: sendmail-faq//online/tutorial/16 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/tutorial/21 ENTRY:: March 27, 1996 TYPE:: Online sendmail tutorial REVISION:: August 29, 1998; updated URL. TITLE:: Explosion in a Punctuation Factory AUTHOR:: Bryan Costales CONTACT:: Becca Thomas DATE:: January 1994 COPYRIGHT:: Copyright (c) 1995 The McGraw-Hill Companies, Inc. All Rights Reserved. OTHER_ACCESS:: URL:http://www.networkcomputing.com/unixworld/tutorial/ 01/01.txt.html LANGUAGE:: English ABSTRACT:: Good introduction on how sendmail re-write rules work. END:: sendmail-faq//online/article/21 _________________________________________________________________ 6.7 Online archives of mailing lists and Usenet newsgroups, relating to Internet email BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/archive/18 ENTRY:: March 25, 1996 TYPE:: Online Usenet newgroup archive REVISION:: March 27, 1996; moved URL from RETRIEVAL field to OTHER_ACCESS field. TITLE:: DejaNews OTHER_ACCESS:: URL:http://www.dejanews.com LANGUAGE:: English NOTES:: Archives/indexes only Usenet news. ABSTRACT:: The first, and still most focussed, Usenet news archive/index site. Others archive/index news as well as other things, but none that I've seen do it better. Go to "Power Search" then "Query Filter" if you wish to restrict the newsgroups you search on to something like just comp.mail.sendmail and not all newsgroups. END:: sendmail-faq//online/archive/18 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/archive/19 ENTRY:: March 25, 1996 TYPE:: Online Usenet newgroup archive REVISION:: March 27, 1996; moved URL from RETRIEVAL field to OTHER_ACCESS field. TITLE:: AltaVista OTHER_ACCESS:: URL:http://www.altavista.digital.com LANGUAGE:: English NOTES:: Archives/indexes Usenet news and World-wide web pages. ABSTRACT:: One of the leading indexes of world-wide web pages, and their archive/index of Usenet news is obviously secondary. END:: sendmail-faq//online/archive/19 BIB-VERSION:: CS-TR-v2.1 ID:: sendmail-faq//online/archive/20 ENTRY:: March 16, 2001 TYPE:: Online Usenet newgroup archive REVISION:: TITLE:: Google Advance Search OTHER_ACCESS:: URL:http://www.google.com/advanced_search LANGUAGE:: English ABSTRACT:: Google has acquired DejaNews. This is the search tool for news archive. It works very well and you can see a whole thread in one web screen which makes it quick and easy to read responses which follow any question. END:: sendmail-faq//online/archive/20 sendmail.org 7. THANKS! Special thanks to: Eric Allman The core of the material here comes from his FAQ for version 8.6.9 sendmail. I couldn't even have gotten started were it not for him. And if he hadn't written sendmail, there obviously wouldn't even be a FAQ. Heck, there might not even be an Internet. Paul Southworth Provides FAQ posting services, useful comments on various sections, and the mailclient-faq. I couldn't have kept doing this were it not for his help. Ed Ravin Virtually all the material regarding the use of sendmail on AIX is his, and most of it has been carried over verbatim. Thanks also to: Neil Hoggarth, Andras Salamon, Johan Svensson, Christopher X. Candreva, Bill Wohler, Matthew Wall, Henry W. Farkas, Claus Assmann, Curt Sampson, Rebecca Lasher, Jim Davis, David Keegel, Betty Lee, Alain Durand, Walter Schweizer, Christophe Wolfhugel, Al Gilman, Valdis Kletnieks, John Gardiner Myers, Paul DuBois, Adam Bentley, Dave Sill, Dave Wreski, Paul Caloca, Eamonn Coleman, Michael Fuhr, Betty Lee, Derrell Lipman, Era Eriksson, Richard Troxel, and the readers and posters of comp.mail.sendmail.