1 SENDMAIL RELEASE NOTES 2 @(#)RELEASE_NOTES 8.7.Beta (Berkeley) 05/31/95 3 4This listing shows the version of the sendmail binary, the version 5of the sendmail configuration files, the date of release, and a 6summary of the changes in that release. 7 88.7/8.7 95/xx/xx CURRENTLY IN BETA PRERELEASE!!! 9 Fix a problem that could cause sendmail to run out of file 10 descriptors due to a trashed data structure after a 11 vfork. Fix from Brian Coan of the Institute for 12 Global Communications. 13 Change the VRFY response if you have disabled VRFY -- some 14 people seemed to think that it was too rude. 15 Avoid reference to uninitialized file descriptor if HASFLOCK 16 was not defined. This was used "safely" in the sense 17 that it only did a stat, but it would have set the 18 map modification time improperly. Problem pointed out 19 by Roy Mongiovi of Georgia Tech. 20 Clean up the Subject: line on warning messages and return 21 receipts so that they don't say "Returned mail:"; this 22 can be confusing. 23 Move ruleset entry/exit debugging from 21.2 to 21.1 -- this is 24 useful enough to make it worthwhile printing on "-d". 25 Avoid logging alias statistics every time you read the alias 26 file on systems with no database method compiled in. 27 If you have a name with a trailing dot, and you try looking it 28 up using gethostbyname without the dot (for /etc/hosts 29 compatibility), be sure to turn off RES_DEFNAMES and 30 RES_DNSRCH to avoid finding the wrong name accidently. 31 Problem noted by Charles Amos of the University of 32 Maryland. 33 Don't do timeouts in collect if you are not running SMTP. 34 There is nothing that says you can't have a long 35 running program piped into sendmail (possibly via 36 /bin/mail, which just execs sendmail). Problem reported 37 by Don "Truck" Lewis of Silicon Systems. 38 Try gethostbyname() even if the DNS lookup fails iff option I 39 is not set. This allows you to have hosts listed in 40 NIS or /etc/hosts that are not known to DNS. It's normally 41 a bad idea, but can be useful on firewall machines. This 42 should really be broken out on a separate flag, I suppose. 43 Avoid compile warnings against BIND 4.9.3, which uses function 44 prototypes. From Don Lewis of Silicon Systems. 45 Avoid possible incorrect diagnosis of DNS-related errors caused 46 by things like attempts to resolve uucp names using 47 $[ ... $] -- the fix is to clear h_errno at appropriate 48 times. From Kyle Jones of UUNET. 49 SECURITY: avoid denial-of-service attacks possible by destroying 50 the alias database file by setting resource limits low. 51 This involves adding two new compile-time options: 52 HASSETRLIMIT (indicating that setrlimit(2) support is 53 available) and HASULIMIT (indicating that ulimit(2) support 54 is available -- the Release 3 form is used). The former 55 is assumed on BSD-based systems, the latter on System 56 V-based systems. Attack noted by Phil Brandenberger of 57 Swarthmore University. 58 New syntaxes in test (-bt) mode: 59 ``.Dmvalue'' will define macro "m" to "value". 60 ``.Ccvalue'' will add "value" to class "c". 61 ``.Sruleset'' will dump the contents of the indicated 62 ruleset. 63 ``-ddebug-spec'' is equivalent to the command-line 64 -d debug flag. 65 ``$m'' will print the value of macro "m". 66 ``/mx host'' returns the MX records for ``host''. 67 ``/try address'' will parse address, returning the value of 68 crackaddr (essentially, the comment information) 69 and the parsed address (the same as -bv). 70 Somewhat better handling of UNIX-domain socket addresses -- it 71 should show the pathname rather than hex bytes. 72 Restore ``-ba'' mode -- this reads a file from stdin and parses 73 the header for envelope sender information and uses 74 CR-LF as message terminators. It was thought to be 75 obsolete (used only for Arpanet NCP protocols), but it 76 turns out that the UK ``Grey Book'' protocols require 77 that functionality. 78 Fix a fix in previous release -- if gethostname and gethostbyname 79 return a name without dots, and if a DNS lookup of that 80 name fails, wait one minute and try again even if DNS 81 not specified in the config file -- the problem is that 82 this code is executed before the config file is read. 83 This can result in an extra 60 second delay on startup 84 if (1) you have DNS compiled in, (2) you are not running 85 DNS, (3) your system hostname (as returned by hostname(1)) 86 has no dot, AND (4) the canonical name listed in /etc/hosts 87 or your NIS map has no dot. 88 Check for proper domain name on HELO and EHLO commands per 89 RFC 1123 section 5.2.5. Problem noted by Thomas Dwyer III 90 of Michigan Technological University. 91 Relax chownsafe rules slightly -- old version said that if you 92 can't tell if _POSIX_CHOWN_RESTRICTED is set (that is, 93 if fpathconf returned EINVAL or ENOSYS), assume that 94 chown is not safe. The new version falls back to whether 95 you are on a BSD system or not. This is important for 96 SunOS, which apparently always returns one of those 97 error codes. This impacts whether you can mail to files 98 or not. 99 Syntax errors such as unbalanced parentheses in the configuration 100 file could be omitted if you had "Oem" prior to the 101 syntax error in the config file. Change to always print 102 the error message. It was especially wierd because it 103 would cause a "warning" message to be sent to the Postmaster 104 for every message sent (but with no transcript). Problem 105 noted by Gregory Paris of Motorola. 106 Rewrite collect and putbody to handle full 8-bit data, including 107 zero bytes. These changes are internally extensive, but 108 should have minimal impact on external function. 109 Allow full words for option names -- if the option letter is 110 (apparently) a space, then take the word following -- e.g., 111 O MatchGECOS=TRUE 112 The full list of old and new names is as follows: 113 7 SevenBitInput 114 8 EightBitMode 115 A AliasFile 116 a AliasWait 117 B BlankSub 118 b MinFreeBlocks/MaxMessageSize 119 C CheckpointInterval 120 c HoldExpensive 121 D AutoRebuildAliases 122 d DeliveryMode 123 E ErrorHeader 124 e ErrorMode 125 f SaveFromLine 126 F TempFileMode 127 G MatchGECOS 128 H HelpFile 129 h MaxHopCount 130 i IgnoreDots 131 I ResolverOptions 132 J ForwardPath 133 j SendMimeErrors 134 k ConnectionCacheSize 135 K ConnectionCacheTimeout 136 L LogLevel 137 l UseErrorsTo 138 m MeToo 139 n CheckAliases 140 O DaemonPortOptions 141 o OldStyleHeaders 142 P PostmasterCopy 143 p PrivacyOptions 144 Q QueueDirectory 145 q QueueFactor 146 R DontPruneRoutes 147 r, T Timeout 148 S StatusFile 149 s SuperSafe 150 t TimeZoneSpec 151 u DefaultUser 152 U UserDatabaseSpec 153 V FallbackMXhost 154 v Verbose 155 w TryNullMXList 156 x QueueLA 157 X RefuseLA 158 Y ForkEachJob 159 y RecipientFactor 160 z ClassFactor 161 Z RetryFactor 162 To avoid possible problems with an older sendmail, 163 configuration level 6 is accepted by this version of 164 sendmail; any config file using the new names should 165 specify "V6" in the configuration. 166 Change address parsing to properly note that a phrase before a 167 colon and a trailing semicolon are essentially the same 168 as text outside of angle brackets (i.e., sendmail should 169 treat them as comments). This is to handle the 170 ``group name: addr1, addr2, ..., addrN;'' syntax (it will 171 assume that ``group name:'' is a comment on the first 172 address and the ``;'' is a comment on the last address). 173 This requires config file support to get right. It does 174 understand that :: is NOT this syntax, and can be turned 175 off completely by setting the ColonOkInAddresses option. 176 Level 6 config files added with new mailer flags: 177 A Addresses are aliasable. 178 i Do udb rewriting on envelope as well as header 179 sender lines. Applies to the from address mailer 180 flags rather than the recipient mailer flags. 181 j Do udb rewriting on header recipient addresses. 182 Applies to the sender mailer flags rather than the 183 recipient mailer flags. 184 k Disable check for loops when doing HELO command. 185 o Always run as the mail recipient, even on local 186 delivery. 187 w Check for an /etc/passwd entry for this user. 188 5 Pass addresses through ruleset 5. 189 : Check for :include: on this address. 190 | Check for |program on this address. 191 / Check for /file on this address. 192 @ Look up sender header addresses in the user 193 database. Applies to the mailer flags for the 194 mailer corresponding to the envelope sender 195 address, rather than to recipient mailer flags. 196 Pre-level 6 configuration files set A, w, 5, :, |, /, and @ 197 on the "local" mailer, the o flag on the "prog" and "*file*" 198 mailers, and the ColonOkInAddresses option. 199 Eight-to-seven bit MIME conversions. This borrows ideas from 200 John Beck of Hewlett-Packard, who generously contributed 201 their implementation to me, which I then didn't use (see 202 mime.c for an explanation of why). This adds the 203 EightBitMode option (a.k.a. `8') and an F=8 mailer flag 204 to control handling of 8-bit data. These have to cope with 205 two types of 8-bit data: unlabelled 8-bit data (that is, 206 8-bit data that is entered without declaring it as 8-bit 207 MIME -- technically this is illegal according to the 208 specs) and labelled 8-bit data (that is, it was declared 209 as 8BITMIME in the ESMTP session or by using the 210 -B8BITMIME command line flag). If the F=8 mailer flag is 211 set then 8-bit data is sent to non-8BITMIME machines 212 instead of converting to 7 bit (essentially using 213 just-send-8 semantics). The values for EightBitMode are: 214 m convert unlabelled 8-bit input to 8BITMIME, and do 215 any necessary conversion of 8BITMIME to 7BIT 216 (essentially, the full MIME option). 217 p pass unlabelled 8-bit input, but convert labelled 218 8BITMIME input to 7BIT as required (default). 219 s strict adherence: reject unlabelled 8-bit input, 220 convert 8BITMIME to 7BIT as required. The F=8 221 flag is ignored. 222 Unlabelled 8-bit data is rejected in mode `s' regardless of 223 the setting of F=8. 224 Add new internal class 'n', which is the set of MIME Content-Types 225 which can not be 8 to 7 bit encoded because of other 226 considerations. Types "multipart/*" and "message/*" are 227 never directly encoded (although their components can be). 228 Add new internal class 'e'. This is the set of MIME 229 Content-Transfer-Encodings that can be converted to 230 a seven bit format (Quoted-Printable or Base64). It is 231 preinitialized to contain "7bit", "8bit", and "binary". 232 Add C=charset mailer parameter and the the DefaultCharSet option (no 233 short name) to set the default character set to use in the 234 Content-Type: header when doing encoding of an 8-bit message 235 which isn't marked as MIME into MIME format. If the C= 236 parameter is set on the Envelope From address, use that as 237 the default encoding; else use the DefaultCharSet option. 238 If neither is set, it defaults to "unknown-8bit" as 239 suggested by RFC 1428 section 3. 240 Allow ``U=user:group'' field in mailer definition to set a default 241 user and group that a mailer will be executed as. This 242 overrides the 'u' and 'g' options, and if the `F=S' flag is 243 also set, it is the uid/gid that will always be used (that 244 is, the controlling address is ignored). The values may be 245 numeric or symbolic; if only a symbolic user is given (no 246 group) that user's default group in the passwd file is used 247 as the group. Based on code donated by Chip Rosenthal of 248 Unicom. 249 Allow `u' option to also accept user:group as a value, in the same 250 fashion as the U= mailer option. 251 Add the symbolic time zone name in the Arpanet format dates (as 252 a comment). This adds a new compile-time configuration 253 flag: TZ_TYPE can be set to TZ_TM_NAME (use the value 254 of (struct tm *)->tm_name), TZ_TM_ZONE (use the value 255 of (struct tm *)->tm_zone), TZ_TZNAME (use extern char 256 *tzname[(struct tm *)->tm_isdst]), TZ_TIMEZONE (use 257 timezone()), or TZ_NONE (don't include the comment). Code 258 from Chip Rosenthal. 259 The "Timeout" option (formerly "r") is extended to allow suboptions. 260 For example, 261 O Timeout.helo = 2m 262 There are also two new suboptions "queuereturn" and 263 "queuewarn"; these subsume the old T option. Thus, to 264 set them both the preferred new syntax is 265 O Timeout.queuereturn = 5d 266 O Timeout.queuewarn = 4h 267 Sort queue by host name instead of by message priority if the 268 QueueSortOrder option (no short name) is set is set to 269 ``host''. This makes better use of the connection cache, 270 but may delay more ``interactive'' messages behind large 271 backlogs under some circumstances. This is probably a 272 good option if you have high speed links or don't do lots 273 of ``batch'' messages, but less good if you are using 274 something like PPP on a 14.4 modem. Based on code 275 contributed by Roy Mongiovi of Georgia Tech (my main 276 contribution was to make it configurable). 277 Save i-number of df file in qf file to simplify rebuilding of queue 278 after disasterous disk crash. Suggested by Kyle Jones of 279 UUNET; closely based on code from KJS DECWRL code written 280 by Paul Vixie. NOTA BENE: The qf files produced by 8.7 281 are NOT back compatible with 8.6 -- that is, you can convert 282 from 8.6 to 8.7, but not the other direction. 283 Add ``F=d'' mailer flag to disable all use of angle brackets in 284 route-addrs in envelopes; this is because in some cases 285 they can be sent to the shell, which interprets them as 286 I/O redirection. 287 Don't include error file (option E) with return-receipts; this 288 can be confusing. 289 Don't send "Warning: cannot send" messages to owner-* or 290 *-request addresses. Suggested by Christophe Wolfhugel 291 of the Institut Pasteur, Paris. 292 Allow -O command line flag to set long form options. 293 Add "MinQueueAge" option to set the minimum time between attempts 294 to run the queue. For example, if the queue interval 295 (-q value) is five minutes, but the minimum queue age 296 is fifteen minutes, jobs won't be tried more often than 297 once every fifteen minutes. This can be used to give 298 you more responsiveness if your delivery mode is set to 299 queue-only. 300 Allow "fileopen" timeout (default: 60 seconds) for opening 301 :include: and .forward files. 302 Add "-k", "-v", and "-z" flags to map definitions; these set the 303 key field name, the value field name, and the field 304 delimiter. The field delimiter can be a single character 305 or the sequence "\t" or "\n" for tab or newline. 306 These are for use by NIS+ and similar access methods. 307 Change maps to always strip quotes before lookups; the -q flag 308 turns off this behaviour. Suggested by Motonori Nakamura. 309 Add "nisplus" map class. Takes -k and -v flags to choose the 310 key and value field names respectively. Code donated by 311 Sun Microsystems. 312 Add "hesiod" map class. The "file name" is used as the 313 "HesiodNameType" parameter to hes_resolve(3). Returns the 314 first value found for the match. Code donated by Scott 315 Hutton of Indiana University. 316 Add "netinfo" (NeXT NetInfo) map class. Maps can have a -k flag to 317 specify the name of the property that is searched as the 318 key and a -v flag to specify the name of the property that 319 is returned as the value (defaults to "members"). The 320 default map is "/aliases". 321 Add "text" map class. This does slow, linear searches through 322 text files. The -z flag specifies a column delimiter 323 (defaults to any sequence of white space), the -k flag 324 sets the key column number, and the -v flag sets the 325 value column number. Lines beginning with `#' are treated 326 as comments. 327 Add "program" map class to execute arbitrary programs. The search 328 key is presented as the last argument; the output is one 329 line read from the programs standard output. Exit statuses 330 are from sysexits.h. 331 Add "sequence" map class -- searches maps in sequence until it 332 finds a match. For example, the declarations: 333 Kmap1 ... 334 Kmap2 ... 335 Kmapseq sequence map1 map2 336 defines a map "mapseq" that first searches map1; if the 337 value is found it is returned immediately, otherwise 338 map2 is searched and the value returned. 339 Add "switch" map class. This is much like "sequence" except that 340 the ordering is fetched from an external file, usually 341 the system service switch. The parameter is the name of 342 the service to switch on, and the maps that it will use 343 are this name followed by ".service_type". For example, 344 if the declaration of the map is 345 Ksample switch hosts 346 and the system service switch specifies that hosts are 347 looked up using dns and nis in that order, then this is 348 equivalent to 349 Ksample sequence hosts.dns hosts.nis 350 The subordinate maps must already be defined. 351 Add "user" map class -- looks up users using getpwnam. Takes a 352 "-v field" flag on the definition that tells what passwd 353 entry to return -- legal values are name, passwd, uid, gid, 354 gecos, dir, and shell. Generally expected to be used with 355 the -m (matchonly) flag. 356 Add "bestmx" map class -- returns the best MX value for the host 357 listed as the value. If there are several "best" MX records 358 for this host, one will be chosen at random. 359 Add "userdb" map class -- looks up entries in the user database. 360 The "file name" is actually the tag that will be used, 361 typically "mailname". If there are multiple entries 362 matching the name, the one chosen is undefined. 363 Add multiple queue timeouts (both return and warning). These are 364 set by the Precedence: or Priority: header fields to one of 365 three values. If a Priority: is set and has value "normal", 366 "urgent", or "non-urgent" the corresponding timeouts are 367 used. If no priority is set, the Precedence: is consulted; 368 if negative, non-urgent timeouts are used; if greater than 369 zero, urgent timeouts are used. Otherwise, normal timeouts 370 are used. The timeouts are set by setting the six timeouts 371 queue{warn,return}.{urgent,normal,non-urgent}. 372 Fix problem when a mail address is resolved to a $#error mailer 373 with a temporary failure indication; it works in SMTP, 374 but when delivering locally the mail is silently discarded. 375 This patch, from Kyle Jones of UUNET, bounces it instead 376 of queueing it (queueing is very hard). 377 When using /etc/hosts or NIS-style lookups, don't assume that 378 the first name in the list is the best one -- instead, 379 search for the first one with a dot. For example, if 380 an /etc/hosts entry reads 381 128.32.149.68 mammoth mammoth.CS.Berkeley.EDU 382 this change will use the second name as the canonical 383 machine name instead of the initial, unqualified name. 384 This heuristic is only used for finding your own name on 385 startup, when the system may not be fully configured yet. 386 Change dequote map to replace spaces in quoted text with a value 387 indicated by the -s flag on the dequote map definition. 388 For example, ``Mdequote dequote -s_'' will change 389 "Foo Bar" into an unquoted Foo_Bar instead of leaving it 390 quoted (because of the space character). Suggested by Dan 391 Oscarsson for use in X.400 addresses. 392 Implement long macro names as ${name}; long class names can 393 be similarly referenced as $={name} and $~{name}. 394 Definitions are (e.g.) ``D{name}value''. Names that have 395 a leading lower case letter or punctuation characters are 396 reserved for internal use by sendmail; i.e., config files 397 should use names that begin with a capital letter. Based 398 on code contributed by Dan Oscarsson. 399 Fix core dump if getgrgid returns a null group list (as opposed 400 to an empty group list, that is, a pointer to a list 401 with no members). Fix from Andrew Chang of Sun Microsystems. 402 Fix possible core dump if malloc fails -- if the malloc in xalloc 403 failed, it called syserr which called newstr which called 404 xalloc.... The newstr is now avoided for "panic" messages. 405 Reported by Stuart Kemp of James Cook University. 406 Improve connection cache timeouts; previously, they were not even 407 checked if you were delivering to anything other than an 408 IPC-connected host, so a series of (say) local mail 409 deliveries could cause cached connections to be open 410 much longer than the specified timeout. 411 If an incoming message exceeds the maximum message size, stop 412 writing the incoming bytes to the queue data file, since 413 this can fill your mqueue partition -- this is a possible 414 denial-of-service attack. 415 Don't reject all numeric local user names unless HESIOD is 416 defined. It turns out that Posix allows all-numeric 417 user names. Fix from Tony Sanders of BSDI. 418 Add service switch support. If the local OS has a service 419 switch (e.g., /etc/nsswitch.conf on Solaris or /etc/svc.conf 420 on DEC systems) that will be used; otherwise, it falls back 421 to using a local mechanism based on the ServiceSwitchFile 422 option (default: /etc/service.switch). For example, if the 423 service switch lists "files" and "nis" for the aliases 424 service, that will be the default lookup order. the "files" 425 ("local" on DEC) service type expands to any alias files 426 you listed in the configuration file, even if they aren't 427 actually file lookups. 428 Option I (NameServerOptions) no longer sets the "UseNameServer" 429 variable which tells whether or not DNS should be considered 430 canonical. This is now determined based on whether or not 431 "dns" is in the service list for "hosts". 432 Add preliminary support for the ESMTP "DSN" extension (Delivery 433 Status Notifications). This is not yet a standard 434 and the implementation is for experimentation only. 435 For this reason it only announces itself as "X-DSN-0" 436 instead of "DSN". DSN notifications override 437 Return-Receipt-To:. 438 Add T=mtstype keyletter to mailer definitions to define the value 439 for the Final-MTS-Type: and Remote-MTS-Type: fields in the 440 DSN-standard return message. 441 Extend heuristic to force running in ESMTP mode to look for the 442 six-character string "ESMTP " anywhere in the 220 greeting 443 message (not just the second line). This is to provide 444 better compatibility with other ESMTP servers. 445 Print sequence number of job when running the queue so you can 446 easily see how much progress you have made. Suggested 447 by Peter Wemm of DIALix. 448 Map newlines to spaces in logged message-ids; some versions of 449 syslog truncate the rest of the line after newlines. 450 Suggested by Fletcher Mattox of U. Texas. 451 Move up forking for job runs so that if a message is split into 452 multiple envelopes you don't get "fork storms" -- this 453 also improves the connection cache utilization. 454 Accept "<<>>", "<<<>>>", and so forth as equivalent to "<>" for 455 the purposes of refusing to send error returns. Suggested 456 by Motonori Nakamura of Ritsumeikan University. 457 Relax rules on when a file can be written when referenced from 458 the aliases file: use the default uid/gid instead of the 459 real uid/gid. This allows you to create a file owned by 460 and writable only by the default uid/gid that will work 461 all the time (without having the setuid bit set). Change 462 suggested by Shau-Ping Lo and Andrew Cheng of Sun 463 Microsystems. 464 Add "DialDelay" option (no short name) to provide an "extra" 465 delay for dial on demand systems. If this is non-zero 466 and a connect fails, sendmail will wait this long and 467 then try again. If it takes longer than the kernel 468 timeout interval to establish the connection, this 469 option can give the network software time to establish 470 the link. The default units are seconds. 471 Move logging of sender information to be as early as possible; 472 previously, it could be delayed a while for SMTP mail 473 sent to aliases. Suggested by Brad Knowles of the 474 Defense Information Systems Agency. 475 Call res_init() before setting RES_DEBUG; this is required by 476 BIND 4.9.3, or so I'm told. From Douglas Anderson of 477 the National Computer Security Center. 478 Add xdelay= field in logs -- this is a transaction delay, telling 479 you how long it took to deliver to this address on the 480 last try. It is intended to be used for sorting mailing 481 lists to favor "quick" addresses. Provided for use by 482 the mailprio scripts (see below). 483 If a map cannot be opened, and that map is non-optional, and 484 an address requires that map for resolution, queue the 485 map instead of bouncing it. This involves creating a 486 pseudo-class of maps called "bogus-map" -- if a required 487 map cannot be opened, the class is changed to bogus-map; 488 all queries against bogus-map return "tempfail". The 489 bogus-map class is not directly accessible. A sample 490 implementation was donated by Jem Taylor of Glasgow 491 University Computing Service. 492 Don't make a bad ``MAIL FROM:'' address on one message blow away 493 other messages to the same host later in the queue. 494 Problem noted by Eric Prestemon of American University. 495 Fix a possible core dump when mailing to a program that talks 496 SMTP on its standard input. Fix from Keith Moore of 497 the University of Kentucky. 498 Make it possible to resolve filenames to $#local $: @ /filename; 499 previously, the "@" would cause it to not be recognized 500 as a file. Problem noted by Brian Hill of U.C. Davis. 501 Accept a -1 signal to re-exec the daemon. This only works if 502 argv[0] is a full path to sendmail. 503 Fix bug in "addr=..." field in O option on little-endian machines 504 -- the network number wasn't being converted to network 505 byte order. Patch from Kurt Lidl of Pix Technologies 506 Corporation. 507 Pre-initialize the resolver early on; this is to avoid a bug with 508 BIND 4.9.3 that can cause the _res.retry field to get 509 reset to zero, causing all name server lookups to time 510 out. Fix from Matt Day of Artisoft. 511 Restore T line (trusted users) in config file -- but instead of 512 locking out the -f flag, they just tell whether or not 513 an X-Authentication-Warning: will be added. This really 514 just creates new entries in class 't', so "Ft/file/name" 515 can be used to read trusted user names from a file. 516 Improve NEWDB alias file rebuilding so it will create them 517 properly if they do not already exist. This had been 518 a MAYBENEXTRELEASE feature in 8.6.9. 519 Check for @:@ entry in NIS maps before starting up to avoid 520 (but not prevent, sigh) race conditions. This ought to 521 be handled properly in ypserv, but isn't. Suggested by 522 Michael Beirne of Motorola. 523 Refuse connections if there isn't enough space on the filesystem 524 holding the queue. Contributed by Robert Dana of Wolf 525 Communications. 526 Skip checking for directory permissions in the path to a file 527 when checking for file permissions iff setreuid() 528 succeeded -- it is unnecessary in that case. This avoids 529 significant performance problems when looking for .forward 530 files. Based on a suggestion by Win Bent of USC. 531 Allow symbolic ruleset names. Syntax can be "Sname" to get an 532 arbitrary ruleset number assigned or "Sname = integer" 533 to assign a specific ruleset number. Reference is 534 $>name_or_number. Names can be composed of alphas, digits, 535 underscore, or hyphen (first character must be non-numeric). 536 Allow -o flag on AliasFile lines to make the alias file optional. 537 From Bryan Costales of ICSI. 538 Add NoRecipientAction option to handle the case where there is 539 no legal recipient header in the message. It can take 540 on values: 541 None Leave the message as is. The 542 message will be passed on even 543 though it is in technically 544 illegal syntax. 545 Add-To Add a To: header with any 546 recipients that it can find from 547 the envelope. This risks exposing 548 Bcc: recipients. 549 Add-Apparently-To Add an Apparently-To: header. This 550 has almost no redeeming social value, 551 and is provided only for back 552 compatibility. 553 Add-To-Undisclosed Add a header reading 554 To: undisclosed-recipients:; 555 which will have the effect of 556 making the message legal without 557 exposing Bcc: recipients. 558 Add-Bcc To add an empty Bcc: header. 559 There is a chance that mailers down 560 the line will delete this header, 561 which could cause exposure of Bcc: 562 recipients. 563 The default is NoRecipientAction=None. 564 Truncate (rather than delete) Bcc: lines in the header. This 565 should prevent later sendmails (at least, those that don't 566 themselves delete Bcc:) from considering this message to 567 be non-conforming -- although it does imply that non-blind 568 recipients can see that a Bcc: was sent, albeit not to whom. 569 Add SafeFileEnvironment option. If declared, files named as delivery 570 targets must be regular files in addition to the regular 571 checks. Also, if the option is non-null then it is used as 572 the name of a directory that is used as a chroot(2) 573 environment for the delivery; the file names listed in an 574 alias or forward should include the name of this root. 575 For example, if you run with 576 O SafeFileEnvironment=/arch 577 then aliases should reference "/arch/rest/of/path". If a 578 value is given, sendmail also won't try to save to 579 /usr/tmp/dead.letter (instead it just leaves the job in the 580 queue as Qfxxxxxx). Inspired by *Hobbit*'s sendmail patch kit. 581 Support -A flag for alias files; this will comma concatenate like 582 entries. For example, given the aliases: 583 list: member1 584 list: member2 585 and an alias file declared as: 586 OAhash:-A /etc/aliases 587 the final alias inserted will be "list: member1,member2"; 588 without -A you will get an error on the second and subsequent 589 alias for "list". Contributed by Bryan Costales of ICSI. 590 Line-buffer transcript file. Suggested by Liudvikas Bukys. 591 Fix a problem that could cause very long addresses to core dump in 592 some special circumstances. Problem pointed out by Allan 593 Johannesen. 594 (Internal change.) Change interface to expand() (macro expansion) 595 to be simpler and more consistent. 596 Delete check for funny qf file names. This didn't really give 597 any extra security and caused some people some problems. 598 (If you -really- want this, define PICKY_QF_NAME_CHECK 599 at compile time.) Suggested by Kyle Jones of UUNET. 600 (Internal change.) Change EF_NORETURN to EF_NO_BODY_RETN and 601 merge with DSN code; this is simpler and more consistent. 602 This may affect some people who have written their own 603 checkcompat() routine. 604 (Internal change.) Eliminate `D' line in qf file. The df file 605 is now assumed to be the same name as the qf file (with 606 the `q' changed to a `d', of course). 607 Avoid forking for delivery if all recipient mailers are marked as 608 "expensive" -- this can be a major cost on some systems. 609 Essentially, this forces sendmail into "queue only" mode 610 if all it is going to do is queue anyway. 611 Avoid sending a null message in some rather unusual circumstances 612 (specifically, the RCPT command returns a temporary 613 failure but the connection is lost before the DATA 614 command). Fix from Scott Hammond of Secure Computing 615 Corporation. 616 Change makesendmail to use a somewhat more rational naming scheme: 617 Makefiles and obj directories are named $os.$rel.$arch, 618 where $os is the operating system (e.g., SunOS), $rel is 619 the release number (e.g., 5.3), and $arch is the machine 620 architecture (e.g., sun4). Any of these can be omitted, 621 and anything after the first dot in a release number can 622 be replaced with "x" (e.g., SunOS.4.x.sun4). The previous 623 version used $os.$arch.$rel and was rather less general. 624 Ignore IDENT return value if the OSTYPE field returns "OTHER", 625 as indicated by RFC 1413. Pointed out by Kari Hurtta 626 of the Finnish Meteorological Institute. 627 Fix problem that could cause multiple responses to DATA command 628 on header syntax errors (e.g., lines beginning with colons). 629 Problem noted by Jens Thomassen of the University of Oslo. 630 Don't let null bytes in headers cause truncation of the rest of 631 the header. 632 Log Authentication-Warning:s. Suggested by Motonori Nakamura. 633 Increase timeouts on message data puts to allow time for receivers 634 to canonify addresses in headers on the fly. This is still 635 a rather ugly heuristic. From Motonori Nakamura. 636 Add "HasWildcardMX" suboption to ResolverOptions; if set, MX 637 records are not used when canonifying names. This is 638 useful if you have a wildcard MX record, although it 639 may cause other problems. In general, don't use wildcard 640 MX records. Patch from Motonori Nakamura. 641 Eliminate default two-line SMTP greeting message. Instead of 642 adding an extra "ESMTP spoken here" line, the word "ESMTP" 643 is added between the first and second word of the first 644 line of the greeting message (i.e., immediately after the 645 host name). This eliminates the need for the BROKEN_SMTP_PEERS 646 compile flag. Old sendmails won't see the ESMTP, but that's 647 acceptable because SIZE was the only useful extension that 648 old sendmails understand. 649 Avoid gethostbyname calls on UNIX domain sockets during SIGUSR1 650 invoked state dumps. From Masaharu Onishi. 651 Allow on-line comments in .forward and :include: files; they are 652 introduced by the string "<LWSP>#@#<LWSP>", where <LWSP> 653 is a space or a tab. This is intended for native 654 representation of non-ASCII sets such as Japanese, where 655 existing encodings would be unreadable or would lose 656 data -- for example, 657 <motonori@cs.ritsumei.ac.jp> NAKAMURA Motonori 658 (romanized/less information) 659 <motonori@cs.ritsumei.ac.jp> =?ISO-2022-JP?B?GyRCQ2ZCPBsoQg==?= 660 =?ISO-2022-JP?B?GyRCQUdFNRsoQg==?= 661 (with MIME encoding, not human readable) 662 <motonori@cs.ritsumei.ac.jp> #@# ^[$BCfB<^[(B ^[$BAGE5^[(B 663 (native encoding with ISO-2022-JP) 664 The last form is human readable in the Japanese environment. 665 Based on a fix from (surprise!) Motonori Nakamura. 666 Don't make SMTP error returns on MAIL FROM: line be "sticky" for all 667 messages to that host; these are most frequently associated 668 with addresses rather than the host, with the exception of 669 421 (service shutting down). The effect was to cause queues 670 to sometimes take an excessive time to flush. Reported by 671 Robert Sargent of Southern Geographics Technologies. 672 Add Nice=N mailer option to set the niceness at which a mailer will 673 run. 674 When looking for a default config file (that is, not specified using 675 a -C flag), try a configuration file name extended by the 676 binary version number -- e.g., sendmail.8.7.Alpha.9.cf, 677 sendmail.8.7.Alpha.cf, sendmail.8.7.cf, sendmail.8.cf, and 678 sendmail.cf in that order. This should make it easier to 679 test new versions in a shared environment. 680 Log queue runs that are skipped due to high loads. They are logged 681 at LOG_INFO priority iff the log level is > 8. Contributed 682 by Bruce Nagel of Data General. 683 Allow the error mailer to accept a DSN-style error status code 684 instead of an sysexits status code in the host part. 685 Anything with a dot will be interpreted as a DSN-style code. 686 Add new mailer flag: F=3 will tell translations to Quoted-Printable 687 to encode characters that might be munged by an EBCDIC system 688 in addition to the set required by RFC 1521. The additional 689 characters are !, ", #, $, @, [, \, ], ^, `, {, |, }, and ~. 690 (Think of "IBM 360" as the mnemonic for this flag.) 691 Change check for mailing to files to look for a pathname of [FILE] 692 rather than looking for the mailer named *file*. The mapping 693 of leading slashes still goes to the *file* mailer. This 694 allows you to implement the *file* mailer as a separate 695 program, for example, to insert a Content-Length: header 696 or do special security policy. However, note that the usual 697 initial checking for the file permissions is still done, and 698 the program in question needs to be very careful about how 699 it does the file write to avoid security problems. 700 Be able to read ~root/.forward even if the path isn't accessible to 701 regular users. This is disrecommended because sendmail 702 sometimes does not run as root (e.g., when an unsafe option 703 is specified on the command line), but should otherwise be 704 safe because .forward files must be owned by the user for 705 whom mail is being forwarded, and cannot be a symbolic link. 706 Suggested by Forrest Aldrich of Wang Laboratories. 707 Add new "HostsFile" option that is the pathname to the /etc/hosts 708 file. This is used for canonifying hostnames when the 709 service type is "files". 710 Implement programs on F (read class from file) line. The syntax is 711 Fc|/path/to/program to read the output from the program 712 into class "c". 713 Probe the network interfaces to find alternate names for this 714 host. Requires the SIOCGIFCONF ioctl call. Code 715 contributed by SunSoft. 716 Add "E" configuration line to set or propogate environment 717 variables into children. "E<envar>" will propogate 718 the named variable from the environment when sendmail 719 was invoked into any children it calls; "E<envar>=<value>" 720 sets the named variable to the indicated value. Any 721 variables not explicitly named will not be in the child 722 environment. However, sendmail still forces an 723 "AGENT=sendmail" environment variable, in part to enforce 724 at least one environment variable, since many programs and 725 libraries die horribly if this is not guaranteed. 726 Change heuristic for rebuilding both NEWDB and NDBM versions of 727 alias databases -- new algorithm looks for the substring 728 "/yp/" in the file name. This is more portable and involves 729 less overhead. Suggested by Motonori Nakamura. 730 Dynamically allocate the queue work list so that you don't lose 731 jobs in large queue runs. The old QUEUESIZE compile parameter 732 is replaced by QUEUESEGSIZE (the unit of allocation, which 733 should not need to be changed) and the MaxQueueRunSize option, 734 which is the absolute maximum number of jobs that will ever 735 be handled in a single queue run. Based on code contributed 736 by Brian Coan of the Institute for Global Communications. 737 Log message when a message is dropped because it exceeds the maximum 738 message size. Suggested by Leo Bicknell of Virginia Tech. 739 Allow trusted users (those on a T line or in $=t) to use -bs without 740 an X-Authentication-Warning: added. Suggested by Mark Thomas 741 of Mark G. Thomas Consulting. 742 PORTABILITY FIXES: 743 Solaris 2 from Rob McMahon <cudcv@csv.warwick.ac.uk>. 744 System V Release 4 from Motonori Nakamura of Ritsumeikan 745 University. This expands the disk size 746 checking to include all (?) SVR4 configurations. 747 System V Release 4 from Kimmo Suominen -- initgroups(3) 748 and setrlimit(2) are both available. 749 System V Release 4 from sob@sculley.ffg.com -- some versions 750 apparently "have EX_OK defined in other headerfiles." 751 Linux Makefile typo. 752 Linux getusershell(3) is broken in Slackware 2.0 -- 753 from Andrew Pam of Xanadu Australia. 754 More Linux tweaking from John Kennedy of California State 755 University, Chico. 756 Cray changes from Eric Wassenaar: ``On Cray, shorts, 757 ints, and longs are all 64 bits, and all structs 758 are multiples of 64 bits. This means that the 759 sizeof operator returns only multiples of 8. 760 This requires adaptation of code that really 761 deals with 32 bit or 16 bit fields, such as IP 762 addresses or nameserver fields.'' 763 DG/UX 5.4.3 from Mark T. Robinson <mtr@ornl.gov>. To 764 get the old behaviour, use -DDGUX_5_4_2. 765 DG/UX hack: add _FORCE_MAIL_LOCAL_=yes environment 766 variable to fix bogus /bin/mail behaviour. 767 Tandem NonStop-UX from Rick McCarty <mccarty@mpd.tandem.com>. 768 This also cleans up some System V Release 4 compile 769 problems. 770 Solaris 2: sendmail.cw file should be in /etc/mail to 771 match all the other configuration files. Fix 772 from Glenn Barry of Emory University. 773 Solaris 2.3: compile problem in conf.c. Fix from Alain 774 Nissen of the University of Liege, Belgium. 775 Ultrix: freespace calculation was incorrect. Fix from 776 Takashi Kizu of Osaka University. 777 SVR4: running in background gets a SIGTTOU because the 778 emulation code doesn't realize that "getpeername" 779 doesn't require reading the file. Fix from Peter 780 Wemm of DIALix. 781 Solaris 2.3: due to an apparent bug in the socket emulation 782 library, sockets can get into a "wedged" state where 783 they just return EPROTO; closing and re-opening the 784 socket clears the problem. Fix from Bob Manson 785 of Ohio State University. 786 Hitachi 3050R & 3050RX running HI-UX/WE2: portability 787 fixes from Akihiro Hashimoto ("Hash") of Chiba 788 University. 789 AIX changes to allow setproctitle to work from Rainer Sch�pf 790 of Zentrum f�r Datenverarbeitung der Universit�t 791 Mainz. 792 SCO Unix from Chip Rosenthal of Unicom (code was using the 793 wrong statfs call). 794 ANSI C fixes from Adam Glass (NetBSD project). 795 Stardent Titan/ANSI C fixes from Kate Hedstrom of Rutgers 796 University. 797 DG-UX fixes from Bruce Nagel of Data General. 798 IRIX64 updates from Mark Levinson of the University of 799 Rochester Medical Center. 800 Altos System V (``the first UNIX/XENIX merge the Altos 801 did for their Series 1000 & Series 2000 line; 802 their merged code was licenced back to AT&T and 803 Microsoft and became System V release 3.2'') from 804 Tim Rice <timr@crl.com>. 805 OSF/1 running on Intel Paragon from Jeff A. Earickson 806 <jeff@ssd.intel.com> of Intel Scalable Systems 807 Divison. 808 Amdahl UTS System V 2.1.5 (SVr3-based) from Janet Jackson 809 <janet@dialix.oz.au>. 810 System V Release 4 (statvfs semantic fix) from Alain 811 Durand of I.M.A.G. 812 HP-UX 10.x multiprocessor load average changes from 813 Scott Hutton and Jeff Sumler of Indiana University. 814 Cray CSOS from Scott Bolte of Cray Computer Corporation. 815 Unicos 8.0 from Douglas K. Rand of the University of North 816 Dakota, Scientific Computing Center. 817 Solaris 2.4 fixes from Sanjay Dani of Dani Communications. 818 ConvexOS 11.0 from Christophe Wolfhugel. 819 IRIX 4.0.5 from David Ashton-Reader of CADcentre. 820 ISC UNIX from J. J. Bailey. 821 HP-UX 9.xx on the 8xx series machines from Remy Giraud 822 of Meteo France. 823 HP-UX configuration from Tom Lane <tgl@sss.pgh.pa.us>. 824 IRIX 5.2 and 5.3 from Kari E. Hurtta. 825 FreeBSD 2.0 from Mike Hickey of Federal Data Corporation. 826 Sony NEWS-OS 4.2.1R and 6.0.3 from Motonori Nakamura. 827 Omron LUNA unios-b, mach from Motonori Nakamura. 828 NEC EWS-UX/V 4.2 from Motonori Nakamura. 829 NeXT 2.1 from Bryan Costales. 830 AUX patch thanks to Mike Erwin of Apple Computer. 831 HP-UX 10.0 from John Beck of Hewlett-Packard. 832 Ultrix: allow -DBROKEN_RES_SEARCH=0 if you are using a 833 non-DEC resolver. Suggested by Allan Johannesen. 834 MAKEMAP: allow -d flag to allow insertion of duplicate aliases 835 in type ``btree'' maps. The semantics of this are undefined 836 for regular maps, but it can be useful for the user database. 837 MAKEMAP: lock database file while rebuilding to avoid sendmail 838 lookups while the rebuild is going on. There is a race 839 condition between the open(... O_TRUNC ...) and the lock 840 on the file, but it should be quite small. 841 SMRSH: sendmail restricted shell added to the release. This can 842 be used as an alternative to /bin/sh for the "prog" mailer, 843 giving the local administrator more control over what 844 programs can be run from sendmail. 845 MAIL.LOCAL: add this local mailer to the tape. It is not really 846 part of the release proper, and isn't fully supported; in 847 particular, it does not run on System V based systems and 848 never will. 849 CONTRIB: a patch to rmail.c from Bill Gianopoulos of Raytheon 850 to allow rmail to compile on systems that don't have 851 function prototypes and systems that don't have snprintf. 852 CONTRIB: add the "mailprio" scripts that will help you sort mailing 853 lists by transaction delay times so that addresses that 854 respond quickly get sent first. This is to prevent very 855 sluggish servers from delaying other peoples' mail. 856 Contributed by Tony Sanders of BSDI. 857 CONTRIB: add the "bsdi.mc" file as contributed by Tony Sanders 858 of BSDI. This has a lot of comments to help people out. 859 CONFIG: fix mail from <> so it will properly convert to 860 MAILER-DAEMON on local addresses. 861 CONFIG: fix code that was supposed to catch colons in host 862 names. Problem noted by John Gardiner Myers of CMU. 863 CONFIG: allow use of SMTP_MAILER_MAX in nullclient configuration. 864 From Paul Riddle of the University of Maryland, Baltimore 865 County. 866 CONFIG: Catch and reject "." as a host address. 867 CONFIG: Generalize domaintable to look up all domains, not 868 just unqualified ones. 869 CONFIG: Delete OLD_SENDMAIL support -- as near as I can tell, it 870 was never used and didn't work anyway. 871 CONFIG: Set flags A, w, 5, :, /, |, and @ on the "local" mailer 872 and d on all mailers in the UUCP class. 873 CONFIG: Allow "user+detail" to be aliased specially: it will first 874 look for an alias for "user+detail", then for "user+*", and 875 finally for "user". This is intended for forwarding mail 876 for system aliases such as root and postmaster to a 877 centralized hub. 878 CONFIG: add confEIGHT_BIT_HANDLING to set option 8 (see above). 879 CONFIG: add smtp8 mailer; this has the F=8 (just-send-8) flag set. 880 The F=8 flag is also set on the "relay" mailer, since 881 this is expected to be another sendmail. 882 CONFIG: avoid qualifying all UUCP addresses sent via SMTP with 883 the name of the UUCP_RELAY -- in some cases, this is the 884 wrong value (e.g., when we have local UUCP connections), 885 and this can create unreplyable addresses. From Chip 886 Rosenthal of Unicom. 887 CONFIG: add confRECEIVED_HEADER to change the format of the 888 Received: header inserted into all messages. Suggested by 889 Gary Mills of the University of Manitoba. 890 CONFIG: Make "notsticky" the default; use FEATURE(stickyhost) 891 to get the old behaviour. I did this upon observing 892 that almost everyone needed this feature, and that the 893 concept I was trying to make happen didn't work with 894 some user agents anyway. FEATURE(notsticky) still works, 895 but it is a no-op. 896 CONFIG: Add LUSER_RELAY -- the host to which unrecognized user 897 names are sent, rather than immediately diagnosing them 898 as User Unknown. 899 CONFIG: Add SMTP_MAILER_ARGS, ESMTP_MAILER_ARGS, SMTP8_MAILER_ARGS, 900 and RELAY_MAILER_ARGS to set the arguments for the 901 indicated mailers. All default to "IPC $h". Patch from 902 Larry Parmelee of Cornell University. 903 CONFIG: pop mailer needs F=n flag to avoid "annoying side effects 904 on the client side" and F=P to get an appropriate 905 return-path. From Kimmo Suominen. 906 CONFIG: add FEATURE(local_procmail) to use the procmail program 907 as the local mailer. For addresses of the form "user+detail" 908 the "detail" part is passed to procmail via the -a flag. 909 Contributed by Kimmo Suominen. 910 CONFIG: add MAILER(procmail) to add an interface to procmail for 911 use from mailertables. This lets you execute arbitrary 912 procmail scripts. Contributed by Kimmo Suominen. 913 CONFIG: add T= fields (MTS type) to local, smtp, and uucp mailers. 914 CONFIG: add OSTYPE(ptx2) for DYNIX/ptx 2.x from Sequent. From 915 Paul Southworth of CICNet Systems Support. 916 CONFIG: use -a$g as default to UUCP mailers, instead of -a$f. 917 This causes the null return path to be rewritten as 918 MAILER-DAEMON; otherwise UUCP gets horribly confused. 919 From Michael Hohmuth of Technische Universitat Dresden. 920 CONFIG: Add FEATURE(bestmx_is_local) to cause any hosts that 921 list us as the best possible MX record to be treated as 922 though they were local (essentially, assume that they 923 are included in $=w). This can cause additional DNS 924 traffic, but is easier to administer if this fits your 925 local model. It does not work reliably if there are 926 multiple hosts that share the best MX preference. 927 Code contributed by John Oleynick of Rutgers. 928 CONFIG: Add FEATURE(smrsh) to use smrsh (the SendMail Restricted 929 SHell) instead of /bin/sh as the program used for delivery 930 to programs. If an argument is included, it is used as 931 the path to smrsh; otherwise, /usr/local/etc/smrsh is 932 assumed. 933 CONFIG: Add LOCAL_MAILER_MAX and PROCMAILER_MAILER_MAX to limit the 934 size of messages to the local and procmail mailers 935 respectively. Contributed by Brad Knowles of the Defense 936 Information Systems Agency. 937 CONFIG: Handle leading ``phrase:'' and trailing ``;'' as comments 938 (just like text outside of angle brackets) in order to 939 properly deal with ``group: addr1, ... addrN;'' syntax. 940 CONFIG: Require OSTYPE macro (the defaults really don't apply to 941 any real systems any more) and tweak the DOMAIN macro 942 so that it is less likely that users will accidently use 943 the Berkeley defaults. Also, create some generic files 944 that really can be used in the real world. 945 CONFIG: Add new configuration macros to set character sets for 946 messages _arriving from_ various mailers: LOCAL_MAILER_CHARSET, 947 SMTP_MAILER_CHARSET, and UUCP_MAILER_CHARSET. 948 CONFIG: Change UUCP_MAX_SIZE to UUCP_MAILER_MAX for consistency. 949 The old name will still be accepted for a while at least. 950 CONFIG: Implement DECNET_RELAY as spec for host to which DECNET 951 mail (.DECNET pseudo-domain or node::user) will be sent. 952 As with all relays, it can be ``mailer:hostname''. Suggested 953 by Scott Hutton. 954 CONFIG: Add MAILER(mail11) to get DECnet support. Code contributed 955 by Barb Dijker of Labyrinth Computer Services. 956 CONFIG: change confCHECK_ALIASES to default to False -- it has poor 957 performance for large alias files, and this confused many 958 people. 959 NEW FILES: 960 cf/cf/cs-hpux10.mc 961 cf/cf/cs-solaris2.mc 962 cf/cf/generic-hpux10.mc 963 cf/cf/generic-hpux9.mc 964 cf/cf/generic-osf1.mc 965 cf/cf/generic-solaris2.mc 966 cf/cf/generic-sunos4.1.mc 967 cf/cf/generic-ultrix4.mc 968 cf/cf/huginn.cs.mc 969 cf/domain/berkeley-only.m4 970 cf/domain/generic.m4 971 cf/feature/bestmx_is_local.m4 972 cf/feature/local_procmail.m4 973 cf/feature/smrsh.m4 974 cf/feature/stickydomain.m4 975 cf/mailer/mail11.m4 976 cf/mailer/procmail.m4 977 cf/ostype/amdahl-uts.m4 978 cf/ostype/hpux10.m4 979 cf/ostype/ptx2.m4 980 cf/ostype/unknown.m4 981 contrib/bsdi.mc 982 contrib/mailprio 983 contrib/rmail.oldsys.patch 984 smrsh/README 985 smrsh/smrsh.8 986 smrsh/smrsh.c 987 src/Makefiles/Makefile.CSOS 988 src/Makefiles/Makefile.EWS-UX_V 989 src/Makefiles/Makefile.IRIX.5.x 990 src/Makefiles/Makefile.IRIX64 991 src/Makefiles/Makefile.ISC 992 src/Makefiles/Makefile.NEWS-OS.4.x 993 src/Makefiles/Makefile.NEWS-OS.6.x 994 src/Makefiles/Makefile.NonStop-UX 995 src/Makefiles/Makefile.Paragon 996 src/Makefiles/Makefile.SunOS.5.3 997 src/Makefiles/Makefile.SunOS.5.4 998 src/Makefiles/Makefile.SunOS.5.5 999 src/Makefiles/Makefile.UNIX_SV.4.2.i386 1000 src/Makefiles/Makefile.uts.systemV 1001 src/mime.c 1002 test/t_seteuid.c 1003 RENAMED FILES: 1004 cf/cf/alpha.mc => cf/cf/s2k-osf1.mc 1005 cf/cf/chez.mc => cf/cf/chez.cs.mc 1006 cf/cf/hpux-cs-exposed.mc => cf/cf/cs-hpux9.mc 1007 cf/cf/osf1-cs-exposed.mc => cf/cf/cs-osf1.mc 1008 cf/cf/s2k.mc => cf/cf/s2k-ultrix4.mc 1009 cf/cf/sunos4.1-cs-exposed.mc => cf/cf/cs-sunos4.1.mc 1010 cf/cf/ultrix4.1-cs-exposed.mc => cf/cf/cs-ultrix4.mc 1011 cf/cf/vangogh.mc => cf/cf/vangogh.cs.mc 1012 cf/domain/Berkeley.m4 => cf/domain/Berkeley.EDU.m4 1013 cf/domain/cs-exposed.m4 => cf/domain/CS.Berkeley.EDU.m4 1014 cf/domain/eecs-hidden.m4 => cf/domain/EECS.Berkeley.EDU.m4 1015 cf/domain/s2k.m4 => cf/domain/S2K.Berkeley.EDU.m4 1016 cf/ostype/hpux.m4 => cf/ostype/hpux9.m4 1017 cf/ostype/ultrix4.1.m4 => cf/ostype/ultrix4.m4 1018 src/Makefile.* => src/Makefiles/Makefile.* 1019 src/Makefile.SunOS.4.0.3 => src/Makefiles/Makefile.SunOS.4.0 1020 OBSOLETED FILES: 1021 cf/cf/cogsci.mc 1022 cf/cf/cs-exposed.mc 1023 cf/cf/cs-hidden.mc 1024 cf/cf/hpux-cs-hidden.mc 1025 cf/cf/knecht.mc 1026 cf/cf/osf1-cs-hidden.mc 1027 cf/cf/sunos3.5-cs-exposed.mc 1028 cf/cf/sunos3.5-cs-hidden.mc 1029 cf/cf/sunos4.1-cs-hidden.mc 1030 cf/cf/ultrix4.1-cs-hidden.mc 1031 cf/domain/cs-hidden.m4 1032 contrib/rcpt-streaming 1033 src/Makefiles/Makefile.SunOS.5.x 1034 10358.6.12/8.6.12 95/03/28 1036 Fix to IDENT code (it was getting the size of the reply buffer 1037 too small, so nothing was ever accepted). Fix from several 1038 people, including Allan Johannesen, Shane Castle of the 1039 Boulder County Information Services, and Jeff Smith of 1040 Warwick University (all arrived within a few hours of 1041 each other!). 1042 Fix a problem that could cause large jobs to run out of 1043 file descriptors on systems that use vfork() rather 1044 than fork(). 1045 10468.6.11/8.6.11 95/03/08 1047 The ``possible attack'' message would be logged more often 1048 than necessary if you are using Pine as a user agent. 1049 The wrong host would be reported in the ``possible attack'' 1050 message when attempted from IDENT. 1051 In some cases the syslog buffer could be overflowed when 1052 reporting the ``possible attack'' message. This can 1053 cause denial of service attacks. Truncate the message 1054 to 80 characters to prevent this problem. 1055 When reading the IDENT response a loop is needed around the 1056 read from the network to ensure that you don't get 1057 partial lines. 1058 Password entries without any shell listed (that is, a null 1059 shell) wouldn't match as "ok". Problem noted by 1060 Rob McMahon. 1061 When running BIND 4.9.x a problem could occur because the 1062 _res.options field is initialized differently than it 1063 was historically -- this requires that sendmail call 1064 res_init before it tweaks any bits. 1065 Fix an incompatibility in openxscript() between the file open mode 1066 and the stdio mode passed to fdopen. This caused UnixWare 1067 2.0 to have conniptions. Fix from Martin Sohnius of 1068 Novell Labs Europe. 1069 Fix problem with static linking of local getopt routine when 1070 using GNU's ld command. Fix from John Kennedy of 1071 Cal State Chico. 1072 It was possible to turn off privacy flags. Problem noted by 1073 *Hobbit*. 1074 Be more paranoid about writing files. Suggestions by *Hobbit* 1075 and Liudvikas Bukys. 1076 MAKEMAP: fixes for 64 bit machines (DEC Alphas in particular) 1077 from Spider Boardman. 1078 CONFIG: No changes (version number only, to keep it in sync 1079 with the binaries). 1080 10818.6.10/8.6.10 95/02/10 1082 SECURITY: Diagnose bogus values to some command line flags that 1083 could allow trash to get into headers and qf files. 1084 Validate the name of the user returned by the IDENT protocol. 1085 Some systems that really dislike IDENT send intentionally 1086 bogus information. Problem pointed out by Michael Bushnell 1087 of the Free Software Foundation. Has some security 1088 implications. 1089 Fix a problem causing error messages about DNS problems when 1090 the host name contained a percent sign to act oddly 1091 because it was passed as a printf-style format string. 1092 In some cases this could cause core dumps. 1093 Avoid possible buffer overrun in returntosender() if error 1094 message is quite ling. From Fletcher Mattox of the 1095 University of Texas. 1096 Fix a problem that would silently drop "too many hops" error 1097 messages if and only if you were sending to an alias. 1098 From Jon Giltner of the University of Colorado and 1099 Dan Harton of Oak Ridge National Laboratory. 1100 Fix a bug that caused core dumps on some systems if -d11.2 was 1101 set and e->e_message was null. Fix from Bruce Nagel of 1102 Data General. 1103 Fix problem that can still cause df files to be left around 1104 after "hop count exceeded" messages. Fix from Andrew 1105 Chang and Shau-Ping Lo of SunSoft. 1106 Fix a problem that can cause buffer overflows on very long 1107 user names (as might occur if you piped to a program 1108 with a lot of arguments). 1109 Avoid returning an error and re-queueing if the host signature 1110 is null; this can occur on addresses like ``user@.''. 1111 Problem noted by Wesley Craig and the University of 1112 Michigan. 1113 Avoid possible calls to malloc(0) if MCI caching is turned 1114 off. Bug fix from Pierre David of the Laboratoire 1115 Parallelisme, Reseaux, Systemes et Modelisation (PRiSM), 1116 Universite de Versailles - St Quentin, and Jacky 1117 Thibault. 1118 Make a local copy of the line being sent via senttolist() -- in 1119 some cases, buffers could get trashed by map lookups 1120 causing it to do unexpected things. This also simplifies 1121 some of the map code. 1122 CONFIG: No changes (version number only, to keep it in sync 1123 with the binaries). 1124 11258.6.9/8.6.9 94/04/19 1126 Do all mail delivery completely disconnected from any terminal. 1127 This provides consistency with daemon delivery and 1128 may have some security implications. 1129 Make sure that malloc doesn't get called with zero size, 1130 since that fails on some systems. Reported by Ed 1131 Hill of the University of Iowa. 1132 Fix multi-line values for $e (SMTP greeting message). Reported 1133 by Mike O'Connor of Ford Motor Company. 1134 Avoid syserr if no NIS domain name is defined, but the map it 1135 is trying to open is optional. From Win Bent of USC. 1136 Changes for picky compilers from Ed Gould of Digital Equipment. 1137 Hesiod support for UDB from Todd Miller of the University of 1138 Colorado. Use "hesiod" as the service name in the U 1139 option. 1140 Fix a problem that failed to set the "authentic" host name (that 1141 is, the one derived from the socket info) if you called 1142 sendmail -bs from inetd. Based on code contributed by 1143 Todd Miller (this problem was also reported by Guy Helmer 1144 of Dakota State University). This also fixes a related 1145 problem reported by Liudvikas Bukys of the University of 1146 Rochester. 1147 Parameterize "nroff -h" in all the Makefiles so people with 1148 variant versions can use them easily. Suggested by 1149 Peter Collinson of Hillside Systems. 1150 SMTP "MAIL" commands with multiple ESMTP parameters required two 1151 spaces between parameters instead of one. Reported by 1152 Valdis Kletnieks of Virginia Tech. 1153 Reduce the number of system calls during message collection by 1154 using global timeouts around the collect() loop. This 1155 code was contributed by Eric Wassenaar. 1156 If the initial hostname name gathering results in a name 1157 without a dot (usually caused by NIS misconfiguration) 1158 and BIND is compiled in, directly access DNS to get 1159 the canonical name. This should make life easier for 1160 Solaris systems. If it still can't be resolved, and 1161 if the name server is listed as "required", try again 1162 in 30 seconds. If that also fails, exit immediately to 1163 avoid bogus "config error: mail loops back to myself" 1164 messages. 1165 Improve the "MAIL DELETED BECAUSE OF LACK OF DISK SPACE" error 1166 message to explain how much space was available and 1167 sound a bit less threatening. Suggested by Stan Janet 1168 of the National Institute of Standards and Technology. 1169 If mail is delivered to an alias that has an owner, deliver any 1170 requested return-receipt immediately, and strip the 1171 Return-Receipt-To: header from the subsequent message. 1172 This prevents a certain class of denial of service 1173 attack, arguably gives more reasonable semantics, and 1174 moves things more towards what will probably become a 1175 network standard. Suggested by Christopher Davis of 1176 Kapor Enterprises. 1177 Add a "noreceipts" privacy flag to turn off all return receipts 1178 without recompiling. 1179 Avoid printing ESMTP parameters as part of the error message 1180 if there are errors during parsing. This change is 1181 purely cosmetic. 1182 Avoid sending out error messages during the collect phase of 1183 SMTP; there is an MVS mailer from UCLA that gets 1184 confused by this. Of course, I think it's their bug.... 1185 Check for the $j macro getting undefined, losing a dot, or getting 1186 lost from $=w in the daemon before accepting a connection; 1187 if it is, it dumps state, prints a LOG_ALERT message, 1188 and drops core for debugging. This is an attempt to 1189 track down a bug that I thought was long since gone. 1190 If you see this, please forward the log fragment to 1191 sendmail@CS.Berkeley.EDU. 1192 Change OLD_NEWDB from a #ifdef to a #if so it can be turned off 1193 with -DOLD_NEWDB=0 on the command line. From Christophe 1194 Wolfhugel. 1195 Instead of trying to truncate the listen queue for the server 1196 SMTP port when the load average is too high, just close 1197 the port completely and reopen it later as needed. 1198 This ensures that the other end gets a quick "connection 1199 refused" response, and that the connection can be 1200 recovered later. In particular, some socket emulations 1201 seem to get confused if you tweak the listen queue 1202 size around and can never start listening to connections 1203 again. The down side is that someone could start up 1204 another daemon process in the interim, so you could 1205 have multiple daemons all not listening to connections; 1206 this could in turn cause the sendmail.pid file to be 1207 incorrect. A better approach might be to accept the 1208 connection and give a 421 code, but that could break 1209 other mailers in mysterious ways and have paging behaviour 1210 implications. 1211 Fix a glitch in TCP-level debugging that caused flag 16.101 to 1212 set debugging on the wrong socket. From Eric Wassenaar. 1213 When creating a df* temporary file, be sure you truncate any 1214 existing data in the file -- otherwise system crashes 1215 and the like could result in extra data being sent. 1216 DOC: Replace the CHANGES-R5-R8 readme file with a paper in the 1217 doc directory. This includes some additional 1218 information. 1219 CONFIG: change UUCP rules to never add $U! or $k! on the front 1220 of recipient envelope addresses. This should have been 1221 handled by the $&h trick, but broke if people were 1222 mixing domainized and UUCP addresses. They should 1223 probably have converted all the way over to uucp-uudom 1224 instead of uucp-{new,old}, but the failure mode was to 1225 loop the mail, which was bad news. 1226 Portability fixes: 1227 Newer BSDI systems (several people). 1228 Older BSDI systems from Christophe Wolfhugel. 1229 Intergraph CLIX, from Paul Southworth of CICNet. 1230 UnixWare, from Evan Champion. 1231 NetBSD from Adam Glass. 1232 Solaris from Quentin Campbell of the University of 1233 Newcastle upon Tyne. 1234 IRIX from Dean Cookson and Bill Driscoll of Mitre 1235 Corporation. 1236 NCR 3000 from Kevin Darcy of Chrysler Financial Corporation. 1237 SunOS (it has setsid() and setvbuf() calls) from 1238 Jonathan Kamens of OpenVision Technologies. 1239 HP-UX from Tor Lillqvist. 1240 New Files: 1241 src/Makefile.CLIX 1242 src/Makefile.NCR3000 1243 doc/changes/Makefile 1244 doc/changes/changes.me 1245 doc/changes/changes.ps 1246 12478.6.8/8.6.6 94/03/21 1248 SECURITY: it was possible to read any file as root using the 1249 E (error message) option. Reported by Richard Jones; 1250 fixed by Michael Corrigan and Christophe Wolfhugel. 1251 12528.6.7/8.6.6 94/03/14 1253 SECURITY: it was possible to get root access by using wierd 1254 values to the -d flag. Thanks to Alain Durand of 1255 INRIA for forwarding me the notice from the bugtraq 1256 list. 1257 12588.6.6/8.6.6 94/03/13 1259 SECURITY: the ability to give files away on System V-based 1260 systems proved dangerous -- don't run as the owner 1261 of a :include: file on a system that allows giveaways. 1262 Unfortunately, this also applies to determining a 1263 valid shell. 1264 IMPORTANT: Previous versions weren't expiring old connections 1265 in the connection cache for a long time under some 1266 circumstances. This could result in resource exhaustion, 1267 both at your end and at the other end. This checks the 1268 connections for timeouts much more frequently. From 1269 Doug Anderson of NCSC. 1270 Fix a glitch that snuck in that caused programs to be run as 1271 the sender instead of the recipient if the mail was 1272 from a local user to another local user. From 1273 Motonori Nakamura of Kyoto University. 1274 Fix "wildcard" on /etc/shell matching -- instead of looking 1275 for "*", look for "/SENDMAIL/ANY/SHELL/". From 1276 Bryan Costales of ICSI. 1277 Change the method used to declare the "statfs" availability; 1278 instead of HASSTATFS and/or HASUSTAT with a ton of 1279 tweaking in conf.c, there is a single #define called 1280 SFS_TYPE which takes on one of six values (SFS_NONE 1281 for no statfs availability, SFS_USTAT for the ustat(2) 1282 syscall, SFS_4ARGS for a four argument statfs(2) call, 1283 and SFS_VFS, SFS_MOUNT, or SFS_STATFS for a two argument 1284 statfs(2) call with the declarations in <sys/vfs.h>, 1285 <sys/mount.h>, or <sys/statfs.h> respectively). 1286 Fix glitch in NetInfo support that could return garbage if 1287 there was no "/locations/sendmail" property. From 1288 David Meyer of the University of Virginia. 1289 Change HASFLOCK from defined/not-defined to a 0/1 definition 1290 to allow Linux to turn it off even though it is a 1291 BSD-like system. 1292 Allow setting of "ident" timeout to zero to turn off the ident 1293 protocol entirely. 1294 Make 7-bit stripping local to a connection (instead of to a 1295 mailer); this allows you to specify that SMTP is a 1296 7-bit channel, but revert to 8-bit should it advertise 1297 that it supports 8BITMIME. You still have to specify 1298 mailer flag 7 to get this stripping at all. 1299 Improve makesendmail script so it handles more cases automatically. 1300 Tighten up restrictions on taking ownership of :include: files 1301 to avoid problems on systems that allow you to give away 1302 files. 1303 Fix a problem that made it impossible to rebuild the alias 1304 file if it was on a read-only file system. From 1305 Harry Edmon of the University of Washington. 1306 Improve MX randomization function. From John Gardiner Myers 1307 of CMU. 1308 Fix a minor glitch causing a bogus message to be printed (used 1309 %s instead of %d in a printf string for the line number) 1310 when a bad queue file was read. From Harry Edmon. 1311 Allow $s to remain NULL on locally generated mail. I'm not 1312 sure this is necessary, but a lot of people have complained 1313 about it, and there is a legitimate question as to whether 1314 "localhost" is legal as an 822-style domain. 1315 Fix a problem with very short line lengths (mailer L= flag) in 1316 headers. This causes a leading space to be added onto 1317 continuation lines (including in the body!), and also 1318 tries to wrap headers containing addresses (From:, To:, 1319 etc) intelligently at the shorter line lengths. Problem 1320 Reported by Lars-Johan Liman of SUNET Operations Center. 1321 Log the real user name when logging syserrs, since these can have 1322 security implications. Suggested by several people. 1323 Fix address logging of cached connections -- it used to always 1324 log the numeric address as zero. This is a somewhat 1325 bogus implementation in that it does an extra system 1326 call, but it should be an inexpensive one. Fix from 1327 Motonori Nakamura. 1328 Tighten up handling of short syslog buffers even more -- there 1329 were cases where the outgoing relay= name was too long 1330 to share a line with delay= and mailer= logging. 1331 Limit the overhead on split envelopes to one open file descriptor 1332 per envelope -- previously the overhead was three 1333 descriptors. This was in response to a problem reported 1334 by P{r (Pell) Emanuelsson. 1335 Fixes to better handle the case of unexpected connection closes; 1336 this redirects the output to the transcript so the info 1337 is not lost. From Eric Wassenaar. 1338 Fix potential string overrun if you macro evaluate a string that 1339 has a naked $ at the end. Problem noted by James Matheson 1340 <jmrm@eng.cam.ac.uk>. 1341 Make default error number on $#error messages 553 (``Requested 1342 action not taken: mailbox name not allowed'') instead of 1343 501 (``Syntax error in parameters or arguments'') to 1344 avoid bogus "protocol error" messages. 1345 Strip off any existing trailing dot on names during $[ ... $] 1346 lookup. This prevents it from ending up with two dots 1347 on the end of dot terminated names. From Wesley Craig 1348 of the University of Michigan and Bryan Costales of ICSI. 1349 Clean up file class reading so that the debugging information is 1350 more informative. It hadn't been using setclass, so you 1351 didn't see the class items being added. 1352 Avoid core dump if you are running a version of sendmail where 1353 NIS is compiled in, and you specify an NIS map, but 1354 NIS is not running. Fix from John Oleynick of 1355 Rutgers. 1356 Diagnose bizarre case where res_search returns a failure value, 1357 but sets h_errno to a success value. 1358 Make sure that "too many hops" messages are considered important 1359 enough to send an error to the Postmaster (that is, the 1360 address specified in the P option). This fix should 1361 help problems that cause the df file to be left around 1362 sometimes -- unfortunately, I can't seem to reproduce 1363 the problem myself. 1364 Avoid core dump (null pointer reference) on EXPN command; this 1365 only occurred if your log level was set to 10 or higher 1366 and the target account was an alias or had a .forward file. 1367 Problem noted by Janne Himanka. 1368 Avoid "denial of service" attacks by someone who is flooding your 1369 SMTP port with bad commands by shutting the connection 1370 after 25 bad commands are issued. From Kyle Jones of 1371 UUNET. 1372 Fix core dump on error messages with very long "to" buffers; 1373 fmtmsg overflows the message buffer. Fixed by trimming 1374 the to address to 203 characters. Problem reported by 1375 John Oleynick. 1376 Fix configuration for HASFLOCK -- there were some spots where 1377 a #ifndef was incorrectly #ifdef. Pointed out by 1378 George Baltz of the University of Maryland. 1379 Fix a typo in savemail() that could cause the error message To: 1380 lists to be incorrect in some places. From Motonori 1381 Nakamura. 1382 Fix a glitch that can cause duplicate error messages on split 1383 envelopes where an address on one of the lists has a 1384 name server failure. Fix from Voradesh Yenbut of the 1385 University of Washington. 1386 Fix possible bogus pointer reference on ESMTP parameters that 1387 don't have an ``=value'' part. 1388 CNAME loops caused an error message to be generated, but also 1389 re-queued the message. Changed to just re-queue the 1390 message (it's really hard to just bounce it because 1391 of the wierd way the name server works in the presence 1392 of CNAME loops). Problem noted by James M.R.Matheson 1393 of Cambridge University. 1394 Avoid giving ``warning: foo owned process doing -bs'' messages 1395 if they use ``MAIL FROM:<foo>'' where foo is their true 1396 user name. Suggested by Andreas Stolcke of ICSI. 1397 Change the NAMED_BIND compile flag to be a 0/1 flag so you can 1398 override it easily in the Makefile -- that is, you can 1399 turn it off using -DNAMED_BIND=0. 1400 If a gethostbyname(...) of an address with a trailing dot fails, 1401 try it without the trailing dot. This is because if 1402 you have a version of gethostbyname() that falls back 1403 to NIS or the /etc/hosts file it will fail to find 1404 perfectly reasonable names that just don't happen to 1405 be dot terminated in the hosts file. You don't want to 1406 strip the dot first though because we're trying to ensure 1407 that country names that match one of your subdomains get 1408 a chance. 1409 PRALIASES: fix bogus output on non-null-terminated strings. 1410 From Bill Gianopoulos of Raytheon. 1411 CONFIG: Avoid rewriting anything that matches $w to be $j. 1412 This was in code intended to only catch the self-literal 1413 address (that is, [1.2.3.4], where 1.2.3.4 is your 1414 IP address), but the code was broken. However, it will 1415 still do this if $M is defined; this is necessary to 1416 get client configurations to work (sigh). Note that this 1417 means that $M overrides :mailname entries in the user 1418 database! Problem noted by Paul Southworth. 1419 CONFIG: Fix definition of Solaris help file location. From 1420 Steve Cliffe <steve@gorgon.cs.uow.edu.au>. 1421 CONFIG: Fix bug that broke news.group.USENET mappings. 1422 CONFIG: Allow declaration of SMTP_MAILER_MAX, FAX_MAILER_MAX, 1423 and USENET_MAILER_MAX to tweak the maximum message 1424 size for various mailers. 1425 CONFIG: Change definition of USENET_MAILER_ARGS to include argv[0] 1426 instead of assuming that it is "inews" for consistency 1427 with other mailers. From Michael Corrigan of UC San Diego. 1428 CONFIG: When mail is forwarded to a LOCAL_RELAY or a MAIL_HUB, 1429 qualify the address in the SMTP envelope as user@{relay|hub} 1430 instead of user@$j. From Bill Wisner of The Well. 1431 CONFIG: Fix route-addr syntax in nullrelay configuration set. 1432 CONFIG: Don't turn off case mapping of user names in the local 1433 mailer for IRIX. This was different than most every other 1434 system. 1435 CONFIG: Avoid infinite loops on certainly list:; syntaxes in 1436 envelope. Noted by Thierry Besancon 1437 <besancon@excalibur.ens.fr>. 1438 CONFIG: Don't include -z by default on uux line -- most systems 1439 don't want it set by default. Pointed out by Philippe 1440 Michel of Thomson CSF. 1441 CONFIG: Fix some bugs with mailertables -- for example, if your 1442 host name was foo.bar.ray.com and you matched against 1443 ".ray.com", the old implementation bound %1 to "bar" 1444 instead of "foo.bar". Also, allow "." in the mailertable 1445 to match anything -- essentially, take over SMART_HOST. 1446 This also moves matching of explicit local host names 1447 before the mailertable so they don't have to be special 1448 cased in the mailertable data. Reported by Bill 1449 Gianopoulos of Raytheon; the fix for the %1 binding 1450 problem was contributed by Nicholas Comanos of the 1451 University of Sydney. 1452 CONFIG: Don't include "root" in class $=L (users to deliver 1453 locally, even if a hub or relay exists) by default. 1454 This is because of the known bug where definition of 1455 both a LOCAL_RELAY and a MAIL_HUB causes $=L to ignore 1456 both and deliver into the local mailbox. 1457 CONFIG: Move up bitdomain and uudomain handling so that they 1458 are done before .UUCP class matching; uudomain was 1459 reported as ineffective before. This also frees up 1460 diversion 8 for future use. Problem reported by Kimmo 1461 Suominen. 1462 CONFIG: Don't try to convert dotted IP address (e.g., [1.2.3.4]) 1463 into host names. As pointed out by Jonathan Kamens, 1464 these are often used because either the forward or reverse 1465 mapping is broken; this translation makes it broken again. 1466 DOC: Clarify $@ and $: in the Install & Op Guide. From Kimmo 1467 Suominen. 1468 Portability fixes: 1469 Unicos from David L. Kensiski of Sterling Sofware. 1470 DomainOS from Don Lewis of Silicon Systems. 1471 GNU m4 1.0.3 from Karst Koymans of Utrecht University. 1472 Convex from Kimmo Suominen <kim@tac.nyc.ny.us>. 1473 NetBSD from Adam Glass <glass@sun-lamp.cs.berkeley.edu>. 1474 BSD/386 from Tony Sanders of BSDI. 1475 Apollo from Eric Wassenaar. 1476 DGUX from Doug Anderson. 1477 Sequent DYNIX/ptx 2.0 from Tim Wright of Sequent. 1478 NEW FILES: 1479 src/Makefile.DomainOS 1480 src/Makefile.PTX 1481 src/Makefile.SunOS.5.1 1482 src/Makefile.SunOS.5.2 1483 src/Makefile.SunOS.5.x 1484 src/mailq.1 1485 cf/ostype/domainos.m4 1486 doc/op/Makefile 1487 doc/intro/Makefile 1488 doc/usenix/Makefile 1489 14908.6.5/8.6.5 94/01/13 1491 Security fix: /.forward could be owned by anyone (the test 1492 to allow root to own any file was backwards). From 1493 Bob Campbell at U.C. Berkeley. 1494 Security fix: group ids were not completely set when programs 1495 were invoked. This caused programs to have group 1496 permissions they should not have had (usually group 1497 daemon instead of their own group). In particular, 1498 Perl scripts would refuse to run. 1499 Security: check to make sure files that are written are not 1500 symbolic links (at least under some circumstances). 1501 Although this does not respond to a specific known 1502 attack, it's just a good idea. Suggested by 1503 Christian Wettergren. 1504 Security fix: if a user had an NFS mounted home directory on 1505 a system with a restricted shell listed in their 1506 /etc/passwd entry, they could still execute any 1507 program by putting that in their .forward file. 1508 This fix prevents that by insisting that their shell 1509 appear in /etc/shells before allowing a .forward to 1510 execute a program or write a file. You can disable 1511 this by putting "*" in /etc/shells. It also won't 1512 permit world-writable :include: files to reference 1513 programs or files (there's no way to disable this). 1514 These behaviours are only one level deep -- for 1515 example, it is legal for a world-writable :include: 1516 file to reference an alias that writes a file, on 1517 the assumption that the alias file is well controlled. 1518 Security fix: root was not treated suspiciously enough when 1519 looking into subdirectories. This would potentially 1520 allow a cracker to examine files that were publically 1521 readable but in a non-publically searchable directory. 1522 Fix a problem that causes an error on QUIT on a cached 1523 connection to create problems on the current job. 1524 These are typically unrelated, so errors occur in 1525 the wrong place. 1526 Reset CurrentLA in sendall() -- this makes sendmail queue 1527 runs more responsive to load average, and fixes a 1528 problem that ignored the load average in locally 1529 generated mail. From Eric Wassenaar. 1530 Fix possible core dump on aliases with null LHS. From 1531 John Orthoefer of BB&N. 1532 Revert to using flock() whenever possible -- there are just 1533 too many bugs in fcntl() locking, particularly over 1534 NFS, that cause sendmail to fail in perverse ways. 1535 Fix a bug that causes the connection cache to get confused 1536 when sending error messages. This resulted in 1537 "unexpected close" messages. It should fix itself 1538 on the following queue run. Problem noted by 1539 Liudvikas Bukys of the University of Rochester. 1540 Include $k in $=k as documented in the Install & Op Guide. 1541 This seems odd, but it was documented.... From 1542 Michael Corrigan of UCSD. 1543 Fix problem that caused :include:s from alias files to be 1544 forced to be owned by root instead of daemon 1545 (actually DefUid). From Tim Irvin. 1546 Diagnose unrecognized I option values -- from Mortin Forssen 1547 of the Chalmers University of Technology. 1548 Make "error" mailer work consistently when there is no error 1549 code associated with it -- previously it returned OK 1550 even though there was a real problem. Now it assumes 1551 EX_UNAVAILABLE. 1552 Fix bug that caused the last header line of messages that had 1553 no body and which were terminated with EOF instead of 1554 "." to be discarded. Problem noted by Liudvikas Bukys. 1555 Fix core dump on SMTP mail to programs that failed -- it tried 1556 to go to a "next MX host" when none existed, causing 1557 a core dump. From der Mouse at McGill University. 1558 Change IDENTPROTO from a defined/not defined to a 0/1 switch; 1559 this makes it easier to turn it off (using 1560 -DIDENTPROTO=0 in the Makefile). From der Mouse. 1561 Fix YP_MASTER_NAME store to use the unupdated result of 1562 gethostname() (instead of myhostname(), which tries 1563 to fully qualify the name) to be consistent with 1564 SunOS. If your hostname is unqualified, this fixes 1565 transfers to slave servers. Bug noted by Keith 1566 McMillan of Ameritech Services, Inc. 1567 Fix Ultrix problem: gethostbyname() can return a very large 1568 (> 500) h_length field, which causes the sockaddr 1569 to be trashed. Use the size of the sockaddr instead. 1570 Fix from Bob Manson of Ohio State. 1571 Don't assume "-a." on host lookups if NAMED_BIND is not 1572 defined -- this confuses gethostbyname on hosts 1573 file lookups, which doesn't understand the trailing 1574 dot convention. 1575 Log SMTP server subprocesses that die with a signal instead 1576 of from a clean exit. 1577 If you don't have option "I" set, don't assume that a DNS 1578 "host unknown" message is authoritative -- it 1579 might still be found in /etc/hosts. 1580 Fix a problem that would cause Deferred: messages to be sent 1581 as the subject of an error message, even though the 1582 actual cause of a message was more severe than that. 1583 Problem noted by Chris Seabrook of OSSI. 1584 Fix race condition in DBM alias file locking. From Kyle 1585 Jones of UUNET. 1586 Limit delivery syslog line length to avoid bugs in some 1587 versions of syslog(3). This adds a new compile time 1588 variable SYSLOG_BUFSIZE. From Jay Plett of Princeton 1589 University, which is in turn derived from IDA. 1590 Fix quotes inside of comments in addresses -- previously 1591 it insisted that they be balanced, but the 822 spec 1592 says that they should be ignored. 1593 Dump open file state to syslog upon receiving SIGUSR1 (for 1594 debugging). This also evaluates ruleset 89, if set 1595 (with the null input), and logs the result. This 1596 should be used sparingly, since the rewrite process 1597 is not reentrant. 1598 Change -qI, -qR, and -qS flags to be case-insensitive as 1599 documented in the Bat Book. 1600 If the mailer returned EX_IOERR or EX_OSERR, sendmail did not 1601 return an error message and did not requeue the message. 1602 Fix based on code from Roland Dirlewanger of 1603 Reseau Regional Aquarel, Bordeaux, France. 1604 Fix a problem that caused a seg fault if you got a 421 error 1605 code during some parts of connection initialization. 1606 I've only seen this when talking to buggy mailers on 1607 the other end, but it shouldn't give a seg fault in 1608 any case. From Amir Plivatsky. 1609 Fix core dump caused by a ruleset call that returns null. 1610 Fix from Bryan Costales of ICSI. 1611 Full-Name: field was being ignored. Fix from Motonori Nakamura 1612 of Kyoto University. 1613 Fix a possible problem with very long input lines in setproctitle. 1614 From P{r Emanuelsson. 1615 Avoid putting "This is a warning message" out on return receipts. 1616 Suggested by Douglas Anderson. 1617 Detect loops caused by recursive ruleset calls. Suggested by 1618 Bryan Costales. 1619 Initialize non-alias maps during alias rebuilds -- they may be 1620 needed for parsing. Problem noted by Douglas Anderson. 1621 Log sender address even if no message was collected in SMTP 1622 (e.g., if all RCPTs failed). Suggested by Motonori 1623 Nakamura. 1624 Don't reflect the owner-list contents into the envelope sender 1625 address if the value contains ", :, /, or | (to avoid 1626 illegal addresses appearing there). 1627 Efficiency hack for toktype macro -- from Craig Partridge of 1628 BB&N. 1629 Clean up DNS error printing so that a host name is always 1630 included. 1631 Remember to set $i during queue runs. Reported by Stephen 1632 Campbell of Dartmouth University. 1633 If ${HOSTALIASES} is set, use it during canonification so that 1634 headers are properly mapped. Reported by Anne Bennett 1635 of Concordia University. 1636 Avoid printing misleading error message if SMTP mailer (not 1637 using [IPC]) should die on a core dump. 1638 Avoid incorrect diagnosis of "file 1 closed" when it is caused 1639 by the other end closing the connection. From 1640 Dave Morrison of Oracle. 1641 Improve several of the error messages printed by "mailq" 1642 to include a host name or other useful information. 1643 Add NetInfo preliminary support for NeXT systems. From Vince 1644 DeMarco. 1645 Fix a glitch that sometimes caused :include:s that pointed to 1646 NFS filesystems that were down to give an "aliasing/ 1647 forwarding loop broken" message instead of queueing 1648 the message for retry. Noted by William C Fenner of 1649 the NRL Connection Machine Facility. 1650 Fix a problem that could cause a core dump if the input sequence 1651 had (or somehow acquired) a \231 character. 1652 Make sure that route-addrs always have <angle brackets> around 1653 them in non-SMTP envelopes (SMTP envelopes already do 1654 this properly). 1655 Avoid wierd headers on unbalanced punctuation of the form: 1656 ``Joe User <user)'' -- this caused reference to the 1657 null macro. Fix from Rick McCarty of IO.COM. 1658 Fix a problem that caused an alias "user: user@local.host" to 1659 not have the QNOTREMOTE bit set; this caused configs 1660 to act as if FEATURE(notsticky) was defined even when 1661 it was not. The effect of the problem was to make it 1662 very hard to to set up satellite sites that had a few 1663 local accounts, with everything else forwarded to a 1664 corporate hub. Reported by Detlef Drewanz of the 1665 University of Rostock and Mark Frost of NCD. 1666 Change queuing to not call rulesets 3, {1 or 2}, 4 on header 1667 addresses. This is more efficient (fewer name server 1668 calls) and fixes certain unusual configurations, such 1669 as those that have ruleset 4 do something that is 1670 non-idempotent unless a mailer-specific ruleset did 1671 something else. Problem reported by Brian J. Coan 1672 of the Institute for Global Communications. 1673 Fix the "obsolete argument" routine in main to better understand 1674 new arguments. For example, if you used ``sendmail 1675 -C config -v -q'' it would choke on the -q because 1676 the -C would stop looking for old-format arguments. 1677 Fix the code that was intended to allow two users to forward their 1678 mail to the same program and have them appear unique. 1679 Portability fixes for: 1680 SCO UNIX from Murray Kucherawy. 1681 SCO Open Server 3.2v4 from Philippe Brand. 1682 System V Release 4 from Rick Ellis and others. 1683 OSF/1 from Steve Campbell. 1684 DG/UX from Ben Mesander of the USGS and Bryan Curnutt 1685 of Stoner Associates. 1686 Motorola SysV88 from Kevin Johnson of Motorola. 1687 Solaris 2.3 from Casper H.S. Dik of the University 1688 of Amsterdam and John Caruso of University 1689 of Maryland. 1690 FreeBSD from Ollivier Robert. 1691 NetBSD from Adam Glass. 1692 TitanOS from Kate Hedstrom of Rutgers University. 1693 Irix from Bryan Curnutt. 1694 Dynix from Jim Davis of the University of Arizona. 1695 RISC/os. 1696 Linux from John Kennedy of California State University 1697 at Chico. 1698 Solaris 2.x from Tony Boner of the U.S. Air Force. 1699 NEXTSTEP 3.x from Vince DeMarco. 1700 HP-UX from various people. NOTA BENE: the location 1701 of the config file has moved to /usr/lib 1702 to match the HP-UX version of sendmail. 1703 CONFIG: Don't do any recipient rewriting on relay mailer; 1704 since this is intended only for internal use, the 1705 usual RFC 821/822/1123 rules can be relaxed. The 1706 main point of this is to avoid munging (ugh) UUCP 1707 addresses when relaying internally. 1708 CONFIG: fix typo in mailer/uucp.m4 that mutilates list:; 1709 syntax addresses delivered via UUCP. Solution 1710 provided by Peter Wemm. 1711 CONFIG: fix thumb-fumble in default UUCP relaying in ruleset 1712 zero; it caused double @ signs in addresses. From 1713 Irving Reid of the University of Toronto. 1714 CONFIG: Portability fixes for SCO Unix 3.2 with TCP/IP 1.2.1 1715 from Markku Toijala of ICL Personal Systems Oy. 1716 CONFIG: Add trailing "." on pseudo-domains for consistency; 1717 this fixes a problem (noted by Al Whaley of Sunnyside) 1718 that made it hard to recognize your own pseudodomain 1719 names. 1720 CONFIG: catch "@host" syntax errors (i.e., null local-parts) 1721 rather than letting them get "local configuration 1722 error"s. Problem noted by John Gardiner Myers. 1723 CONFIG: add uucp-uudom mailer variant, based on code posted 1724 by Spider Boardman <spider@Orb.Nashua.NH.US>; this 1725 has uucp-dom semantics but old UUCP syntax. This 1726 also permits "uucp-old" as an alias for "uucp" and 1727 "uucp-new" as a synonym for "suucp" for consistency. 1728 CONFIG: add POP mailer support (from Kimmo Suominen 1729 <kim@grendel.lut.fi>). 1730 CONFIG: drop CSNET_RELAY support -- CSNET is long gone. 1731 CONFIG: fix bug caused with domain literal addresses (e.g., 1732 ``[128.32.131.12]'') when FEATURE(allmasquerade) 1733 was set; it would get an additional @masquerade.host 1734 added to the address. Problem noted by Peter Wan 1735 of Georgia Tech. 1736 CONFIG: make sure that the local UUCP name is in $=w. From 1737 Jim Murray of Stratus. 1738 CONFIG: changes to UUCP rewriting to simulate IDA-style "V" 1739 mailer flag. Briefly, if you are sending to host 1740 "foo", then it rewrites "foo!...!baz" to "...!baz", 1741 "foo!baz" remains "foo!baz", and anything else has 1742 the local name prepended. 1743 CONFIG: portability fixes for HP-UX. 1744 DOC: several minor problems fixed in the Install & Op Guide. 1745 MAKEMAP: fix core dump problem on lines that are too long or 1746 which lack newline. From Mark Delany. 1747 MAILSTATS: print sums of columns (total messages & kbytes 1748 in and out of the system). From Tom Ferrin of UC 1749 San Francisco Computer Graphics Lab. 1750 SIGNIFICANT USER- OR SYSAD-VISIBLE CHANGES: 1751 On HP-UX, /etc/sendmail.cf has been moved to 1752 /usr/lib/sendmail.cf to match HP sendmail. 1753 Permissions have been tightened up on world-writable 1754 :include: files and accounts that have shells 1755 that are not listed in /etc/shells. This may 1756 cause some .forward files that have worked 1757 before to start failing. 1758 SIGUSR1 dumps some state to the log. 1759 NEW FILES: 1760 src/Makefile.DGUX 1761 src/Makefile.Dynix 1762 src/Makefile.FreeBSD 1763 src/Makefile.Mach386 1764 src/Makefile.NetBSD 1765 src/Makefile.RISCos 1766 src/Makefile.SCO 1767 src/Makefile.SVR4 1768 src/Makefile.Titan 1769 cf/mailer/pop.m4 1770 cf/ostype/bsdi1.0.m4 1771 cf/ostype/dgux.m4 1772 cf/ostype/dynix3.2.m4 1773 cf/ostype/sco3.2.m4 1774 makemap/Makefile.dist 1775 praliases/Makefile.dist 1776 17778.6.4/8.6.4 93/10/31 1778 Repair core-dump problem (write to read-only memory segment) 1779 if you fall back to the return-to-Postmaster case in 1780 savemail. Problem reported by Richard Liu. 1781 Immediately diagnose bogus sender addresses in SMTP. This 1782 makes quite certain that crackers can't use this 1783 class of attack. 1784 Reliability Fix: check return value from fclose() and fsync() 1785 in a few critical places. 1786 Minor problem in initsys() that reversed a condition for 1787 redirecting the output channel on queue runs. It's 1788 not clear this code even does anything. From Eric 1789 Wassenaar of the Dutch National Institute for Nuclear 1790 and High-Energy Physics. 1791 Fix some problems that caused queue runs to do "too much work", 1792 such as double-reading the Errors-To: header. From 1793 Eric Wassenaar. 1794 Error messages on writing the temporary file (including the 1795 data file) were getting suppressed in SMTP -- this 1796 fix causes them to be properly reported. From Eric 1797 Wassenaar. 1798 Some changes to support AF_UNIX sockets -- this will only 1799 really become relevant in the next release, but some 1800 people need it for local patches. From Michael 1801 Corrigan of UC San Diego. 1802 Use dynamically allocated memory (instead of static buffers) 1803 for macros defined in initsys() and settime(); since 1804 these can have different values depending on which 1805 envelope they are in. From Eric Wassenaar. 1806 Improve logging to show ctladdr on to= logging; this tells you 1807 what uid/gid processes ran as. 1808 Fix a problem that caused error messages to be discarded if 1809 the sender address was unparseable for some reason; 1810 this was supposed to fall back to the "return to 1811 postmaster" case. 1812 Improve aliaswait backoff algorithm. 1813 Portability patches for Linux (8.6.3 required another header 1814 file) (from Karl London) and SCO UNIX. 1815 CONFIG: patch prog mailer to not strip host name off of envelope 1816 addresses (so that it matches local again). From 1817 Christopher Davis. 1818 CONFIG: change uucp-dom mailer so that "<>" translates to $n; 1819 this prevents uux from seeing lines with null names like 1820 ``From Sat Oct 30 14:55:31 1993''. From Motonori 1821 Nakamura of Kyoto University. 1822 CONFIG: handle <list:;> syntax correctly. This isn't legal, but 1823 it shouldn't fail miserably. From Motonori Nakamura. 1824 18258.6.3/8.6.3 93/10/24 1826 IMPORTANT FIX: Fix several problems that caused open files to 1827 be "lost" during queue runs; this overflowed the open 1828 file table on large runs. An assumption that fdopen 1829 always succeeds sometimes resulted in core dumps when 1830 this happens; sometimes the message is delivered twice, 1831 sometimes (probably) infinite times. This problem in 1832 various form was reported by P{r (Pell) Emanuelsson and 1833 Robert Campbell of U.C. Berkeley. 1834 Special diagnosis of EMFILE error conditions -- it now prints 1835 the known open file descriptors so you can figure out 1836 what is consuming so much resources. 1837 Fix a couple of problems caused by early address parsing 1838 errors -- one caused it to return a "this is only a 1839 warning" when it really wasn't, and the other started 1840 parsing through a random pointer. The first was 1841 noted by Eric Wassenaar. 1842 Fix an infinite loop problem caused by null components in the 1843 host signature. Problem noted by Jan Sorensen. 1844 Be sure to reset the "current date" when sending an error 1845 message -- PostMasterCopy messages were being sent 1846 with an old Date: header. 1847 Fix a problem that caused duplicated mail when sendmail was 1848 (1) compiled without HASFLOCK, (2) you are sending to 1849 an alias that has an owner-* alias, (3) you execute 1850 sendmail with -t flag, (4) you run in -odb mode, and 1851 (5) the sender specifies both the alias name and 1852 another alias [i.e., the envelope is split], then 1853 duplicate messages are sent. The problem description 1854 and one-line fix are from Motonori Nakamura of Kyoto 1855 University. 1856 Avoid a problem that causes error messages to be discarded 1857 in some cases -- this was the result of a "fix" to 1858 avoid duplicate error messages, but two are better 1859 than zero. Reported by Tim Rylance. 1860 Fix a minor botch in checkfd012() -- fix from Dave Hill of 1861 Computervision R&D Ltd. 1862 Remove "X-Authentication-Warning: <user> set sender to <address> 1863 using -f" entirely -- it is far too eager to include 1864 this, and it is confusing folks. I'll try to make it 1865 work "right" in 8.7. Problem noted by Yoshitaka 1866 Tokugawa of dit Co., Ltd. 1867 Fix a race condition with the errno value in tick() and 1868 reapchild() -- this caused occasional misdiagnosis 1869 of problems. Kyle Jones of UUNET helped this along. 1870 Repair rule loop-detection code. From Michael Corrigan of 1871 U.C. San Diego. 1872 Fix a problem that caused sender domain addition (C mailer 1873 flag to be ignored if you use -odq or use -odb with 1874 a high load average. Problem reported by Jim Murray 1875 of Stratus. 1876 Fix ident protocol on multi-homed machines. It was not 1877 always using the correct interface. Fix from J.R. 1878 Oldroyd of Opal. 1879 Previously, sendmail assumed that any SMTP greeting message 1880 that wasn't 2xx was a temporary failure -- it should 1881 only take 4xx as a temporary failure, and return a 1882 solid error message on anything else -- for example, 1883 to allow you to reject connections on a workstation 1884 that is MXed to a mail server. 1885 Portability enhancements for 386BSD/FreeBSD/NetBSD from 1886 Ollivier Robert. 1887 CONFIG: FEATURE(always_add_domain) didn't always add the domain; 1888 in particular, on local mail it modified the header sender 1889 but not the header recipient address(es). Reported by 1890 Jeffrey Honig of Cornell University. Also, strip 1891 any host from envelope recipient address(es), since 1892 local mailers don't understand host names -- this is 1893 to help mailertable entries. From Christopher Davis. 1894 CONFIG: masquerading didn't apply to addresses that already 1895 had a domain. This change replaces a local hostname 1896 by the masquerade name in the SMTP mailer (previously 1897 it only added the masquerade name if it didn't already 1898 have a domain name). Several people complained about 1899 this. 1900 19018.6.2/8.6.2 93/10/15 1902 Put a "successful delivery" message in the transcript for 1903 addresses that get return-receipts. 1904 Put a prominent "this is only a warning" message in warning 1905 messages -- some people don't read carefully enough 1906 and end up sending the message several times. 1907 Include reason for temporary failure in the "warning" return 1908 message. Currently, it just says "cannot send for 1909 four hours". 1910 Fix the "Original message received" time generated for 1911 returntosender messages. It was previously listed as 1912 the current time. Bug reported by Eric Hagberg of 1913 Cornell University Medical College. 1914 If there is an error when writing the body of a message, 1915 don't send the trailing dot and wait for a response 1916 in sender SMTP, as this could cause the connection to 1917 hang up under some bizarre circumstances. From Eric 1918 Wassenaar. 1919 Fix some server SMTP synchronization problems caused when 1920 connections fail during message collection. From 1921 Eric Wassenaar. 1922 Fix a problem that can cause srvrsmtp to reject mail if the 1923 name server is down -- it accepts the RCPT but rejects 1924 the DATA command. Problem reported by Jim Murray of 1925 Stratus. 1926 Fix a problem that can cause core dumps if the config file 1927 incorrectly resolves to a null hostname. Reported by 1928 Allan Johannesen of WPI. 1929 Non-root use of -C flag, dangerous -f flags, and use of -oQ 1930 by non-root users were not put into 1931 X-Authentication-Warning:s as intended because the 1932 config file hadn't set the PrivacyFlags yet. Fix 1933 from Sven-Ove Westberg of the University of Lulea. 1934 Under very odd circumstances, the alias file rebuild code 1935 could get confused as to whether a database was 1936 open or not. 1937 Check "vendor code" on the end of V lines -- this is 1938 intended to provide a hook for vendor-specific 1939 configuration syntax. (This is a "new feature", 1940 but I've made an exception to my rule in a belief 1941 that this is a highly exceptional case.) 1942 Portability fixes for DG/UX (from Douglas Anderson of NCSC), 1943 SCO Unix (from Murray Kucherawy), A/UX, and OSF/1 1944 (from Jon Forrest of UC Berkeley) 1945 CONFIG: fix ``mailer:host'' form of UUCP relay naming. 1946 19478.6.1/8.6 93/10/08 1948 Portability fixes for A/UX and Encore UMAX V. 1949 Fix error message handling -- if you had a name server down 1950 causing an error during parsing, that message was never 1951 propogated to the queue file. 1952 19538.6/8.6 93/10/05 1954 Configuration cleanup: make it easier to undo IDENTPROTO in 1955 conf.h (other systems have the same bug). 1956 If HASGETDTABLESIZE and _SC_OPEN_MAX are both defined, assume 1957 getdtablesize() instead of sysconf(); a disturbingly 1958 large number of systems defined _SC_OPEN_MAX in the 1959 header files but don't have the syscall. 1960 Another patch to really truly ignore MX records in getcanonname 1961 if trymx == FALSE. 1962 Fix problem that caused the "250 IAA25499 Message accepted for 1963 delivery" message to be omitted if there was an error 1964 in the header of the message (e.g., a bad Errors-To: 1965 line). Pointed out by Michael Corrigan of UCSD. 1966 Announce name of host we are chatting when we get errors; this 1967 is an IDA-ism suggested by Christophe Wolfhugel. 1968 Portability fixes for Alpha OSF/1 (from Anthony Baxter of the 1969 Australian Artificial Intelligence Institute), SCO Unix 1970 (from Murray Kucherawy of Hookup Communication Corp.), 1971 NeXT (from Vince DeMarco and myself), Linux (from 1972 Karl London <karl@borg.demon.co.uk>), BSDI (from 1973 Christophe Wolfhugel, and SVR4 on Dell (from Kimmo 1974 Suominen), AUX 3.0 on Macintosh, and ANSI C compilers. 1975 Some changes to get around gcc optimizer bugs. From Takahiro 1976 Kanbe. 1977 Fix error recovery in queueup if another tf file of the same 1978 name already exists. Problem stumbled over by Bill 1979 Wisner of The Well. 1980 Output YP_MASTER_NAME and YP_LAST_MODIFIED without null bytes. 1981 Problem noted by Keith McMillan of Ameritech Services. 1982 Deal with group permissions properly when opening .forward and 1983 :include: files. This relaxes the 8.1C restrictions 1984 slightly more. This includes proper setting of groups 1985 when reading :include: files, allowing you to read some 1986 files that you should be able to read but have previously 1987 been denied unless you owned them or they had "other" 1988 read permission. 1989 Make certain that $j is in $=w (after the .cf is read) so that 1990 if the user is forced to override some silly system, 1991 MX suppression will still work. 1992 Fix a couple of efficiency problems where newstr was double- 1993 calling expensive routines. In at least one case, it 1994 wasn't guaranteed that they would always return the 1995 same result. Problem noted by Christophe Wolfhugel. 1996 Fix null pointer dereference in putoutmsg -- only on an error 1997 condition from a non-SMTP mailer. From Motonori 1998 Nakamura. 1999 Macro expand "C" line class definitions before scanning so that 2000 "CX $Z" works. 2001 Fix problem that caused error message to be sent while still 2002 trying to send the original message if the connection 2003 is closed during a DATA command after getting an error 2004 on an RCPT command (pretty obscure). Problem reported 2005 by John Myers of CMU. 2006 Fix reply to NOOP to be 250 instead of 200 -- this is a long 2007 term bug. 2008 Fix a nasty bug causing core dumps when returning the "warning: 2009 cannot deliver for N hours -- will keep trying" message; 2010 it only occurred if you had PostMasterCopy set and 2011 only on some architectures. Although sendmail would 2012 keep trying, it would send error messages on each 2013 queue interval. This is an important fix. 2014 Allow u and g options to take user and group names respectively. 2015 Don't do a chdir into the queue directory in -bt mode to make 2016 ruleset testing a bit easier. 2017 Don't allow users to turn off logging (using -oL) on the command 2018 line -- command line can only raise, not lower, logging 2019 level. 2020 Set $u to the original recipient on the SMTP transaction or on 2021 the command line. This is only done if there is exactly 2022 one recipient. Technically, this does not meet the 2023 specs, because it does not guarantee a domain on the 2024 address. 2025 Fix a problem that dumped error messages on bad addresses if 2026 you used the -t flag. Problem noted by Josh Smith of 2027 Harvey Mudd College. 2028 Given an address such as ``<foo> <bar>'', auto-quote the first 2029 ``<foo>'' part, giving ``"<foo>" <bar>''. This is to 2030 avoid the problem of people who use angle brackets in 2031 their full name information. 2032 Fix a null pointer dereference if you set option "l", have 2033 an Errors-To: header in the message, and have Errors-To: 2034 defined in the config file H lines. From J.R. Oldroyd. 2035 Put YPCOMPAT on #ifdef NIS instead -- it's one less thing to get 2036 wrong when compiling. Suggested by Rick McCarty of TI. 2037 Fix a problem that could pass negative SIZE parameter if the 2038 df file got lost; this would cause servers to always 2039 give a temporary failure, making the problem even worse. 2040 Problem noted by Allan Johannesen of WPI. 2041 Add "ident" timeout (one of the "r" option selectors) for IDENT 2042 protocol timeouts (30s default). Requested by Murray 2043 Kucherawy of HookUp Communication Corp. to handle bogus 2044 PC TCP/IP implementations. 2045 Change $w default definition to be just the first component of 2046 the domain name on config level 5. The $j macro defaults 2047 to the FQDN; $m remains as before. This lets well-behaved 2048 config files use any of the short, long, or subdomain 2049 names. 2050 Add makesendmail script in src to try to automate multi-architecture 2051 builds. I know, this is sub-optimal, but it is still 2052 helpful. 2053 Fix very obscure race condition that can cause a queue run to 2054 get a queue file for an already completed job. This 2055 problem has existed for years. Problem noted by the 2056 long suffering Allan Johannesen of WPI. 2057 Fix a problem that caused the raw sender name to be passed to 2058 udbsender instead of the canonified name -- this caused 2059 it to sometimes miss records that it should have found. 2060 Relax check of name on HELO packet so that a program using -bs 2061 that claims to be itself works properly. 2062 Restore rewriting of $: part of address through 2, R, 4 in 2063 buildaddr -- this requires passing a lot of flags to get 2064 it right. Unlike old versions, this ONLY rewrites 2065 recipient addresses, not sender addresses. 2066 Fix a bug that caused core dumps in config files that cannot 2067 resolve /file/name style addresses. Fix from Jonathan 2068 Kamens of OpenVision Technologies. 2069 Fix problem with fcntl locking that can cause error returns to 2070 be lost if the lock is lost; this required fully 2071 queueing everything, dropping the envelope (so errors 2072 would get returned), and then re-reading the queue from 2073 scratch. 2074 Fix a problem that caused aliases that redefine an otherwise 2075 true address to still send to the original address 2076 if and only if the alias failed in certain bizarre 2077 ways (e.g, if they pointed at a list:; syntax address). 2078 Problem pointed out by Jonathan Kamens. 2079 Remove support for frozen configuration files. They caused 2080 more trouble than it was worth. 2081 Fix problem that can cause error messages to get ignored when 2082 using both -odb and -t flags. Problem noted by Rob 2083 McNicholas at U.C. Berkeley. 2084 Include all "normal" variations on hostname in $=w. For example, 2085 if the host name is vangogh.cs.berkeley.edu, $=w will 2086 contain vangogh, vangogh.cs, and vangogh.cs.berkeley.edu. 2087 Add "restrictqrun" privacy flag -- without this, anyone can run 2088 the queue. 2089 Reset SmtpPhase global on initial connection creation so that 2090 messages don't come out with stale information. 2091 Pass an "ext" argument to lockfile so that error/log messages 2092 will properly reflect the true filename being locked. 2093 Put all [...] address forms into $=w -- this eliminates the need 2094 for MAXIPADDR in conf.h. Suggested by John Gardiner 2095 Myers of CMU. 2096 Fix a bug that can cause qf files to be left around even after 2097 an SMTP RSET command. Problem and fix from Michael 2098 Corrigan. 2099 Don't send a PostMasterCopy to errors when the Precedence: is 2100 negative. Error reports still go to the envelope 2101 sender address. 2102 Add LA_SHORT for load averages. 2103 Lock sendmail.st file when posting statistics. 2104 Add "SendBufSize" and "RcvBufSize" suboptions to "O" option to 2105 set the size of the TCP send and receive buffers; if you 2106 run over a slow slip line you may need to set these down 2107 (although it would be better to fix the SLIP implementation 2108 so that it's not necessary to recompile every program 2109 that does bulk data transfer). 2110 Allow null defaults on $( ... $) lookups. Problem reported by 2111 Amir Plivatsky. 2112 Diagnose crufty S and V config lines. This resulted from an 2113 observation that some people were using the SITE macro 2114 without the SITECONFIG macro first, which was causing 2115 bogus config files that were not caught. 2116 Fix makemap -f flag to turn off case folding (it was turning it 2117 on instead). THIS IS A USER VISIBLE CHANGE!!! 2118 Fix a problem that caused multiple error messages to be sent if 2119 you used "sendmail -t -oem -odb", your system uses fcntl 2120 locking, and one of the recipient addresses is unknown. 2121 Reset uid earlier in include() so that recursive .forwards or 2122 :include:s don't use the wrong uid. 2123 If file descriptor 0, 1, or 2 was closed when sendmail was 2124 called, the code to recover the descriptor was broken. 2125 This sometimes (only sometimes) caused problems with the 2126 alias file. Fix from Motonori Nakamura. 2127 Fix a problem that caused aliaswait to go into infinite recursion 2128 if the @:@ metasymbol wasn't found in the alias file. 2129 Improve error message on newaliases if database files cannot be 2130 opened or if running with no database format defined. 2131 Do a better estimation of the size of error messages when NoReturn 2132 is set. Problem noted by P{r (Pell) Emanuelsson. 2133 Fix a problem causing the "c" option (don't connect to expensive 2134 mailers) to be ignored in SMTP. Problem noted and the 2135 solution suggested by Robert Elz of Munnari University. 2136 Improve connection caching algorithm by passing "[host]" to 2137 hostsignature, which strips the square brackets and 2138 returns the real name. This allows mailertable entries 2139 to match regular entries. 2140 Re-enable Return-Receipt-To: -- people seem to want this stupid 2141 feature, even if it doesn't work right. 2142 Catch and log attempts to try the "wiz" command in server SMTP. 2143 This also ups the log level from LOG_NOTICE to LOG_CRIT. 2144 Be more generous at assigning $z to the home directory -- do this 2145 for programs that are specified through a .forward file. 2146 Fix from Andrew Chang of Sun Microsystems. 2147 Always save a fatal error message in preference to a non-fatal 2148 error message so that the "subject" line of return 2149 messages is the best possible. 2150 CONFIG: reduce the number of quotes needed to quote configuration 2151 parameters with commas: two quotes should work now, e.g., 2152 define(ALIAS_FILE, ``/etc/aliases,/etc/aliases.local''). 2153 CONFIG: class $=Z is a set of UUCP hosts that use uucp-dom 2154 connections (domain-ized UUCP). 2155 CONFIG: fix bug in default maps (-o must be before database file 2156 name). Pointed out by Christophe Wolfhugel. 2157 CONFIG: add FEATURE(nodns) to state that we are not relying on 2158 DNS. This would presumably be used in UUCP islands. 2159 CONFIG: add OSTYPE(nextstep) and OSTYPE(linux). 2160 CONFIG: log $u in Received: line. This is in technical violation 2161 of the standards, since it doesn't guarantee a domain 2162 on the address. 2163 CONFIG: don't assume "m" in local mailer flags -- this means that 2164 if you redefine LOCAL_MAILER_FLAGS you will have to include 2165 the "m" flag should you want it. Apparently some Solaris 2.2 2166 installations can't handle multiple local recipients. 2167 Problem noted by Josh Smith. 2168 CONFIG: add confDOMAIN_NAME to set $j (if undefined, $j defaults). 2169 CONFIG: change default version level from 4 to 5. 2170 CONFIG: add FEATURE(nullclient) to create a config file that 2171 forwards all mail to a hub without ever looking at the 2172 addresses in any detail. 2173 CONFIG: properly strip mailer: information off of relays when 2174 used to change .BITNET form into %-hack form. 2175 CONFIG: fix a problem that caused infinite loops if presented 2176 with an address such as "!foo". 2177 CONFIG: check for self literal (e.g., [128.32.131.12]) even if 2178 the reverse "PTR" mapping is broken. There's a better 2179 way to do this, but the change is fairly major and I 2180 want to hold it for another release. Problem noted by 2181 Bret Marquis. 2182 21838.5/8.5 93/07/23 2184 Serious bug: if you used a command line recipient that was unknown 2185 sendmail would not send a return message (it was treating 2186 everything as though it had an SMTP-style client that 2187 would do the return itself). Problem noted by Josh Smith. 2188 Change "trymx" option in getcanonname() to ignore all MX data, 2189 even during a T_ANY query. This actually didn't break 2190 anything, because the only time you called getcanonname 2191 with !trymx was if you already knew there were no MX 2192 records, but it is somewhat cleaner. From Motonori 2193 Nakamura. 2194 Don't call getcanonname from getmxrr if you already know there 2195 are no DNS records matching the name. 2196 Fix a problem causing error messages to always include "The 2197 original message was received ... from localhost". 2198 The correct original host information is now included. 2199 Previous change to cf/sh/makeinfo.sh doesn't port to Ultrix (their 2200 version of "test" doesn't have the -x flag). Change it 2201 to use -f instead. From John Myers. 2202 CONFIG: 8.4 mistakenly set the default SMTP-style mailer to 2203 esmtp -- it should be smtp. 2204 CONFIG: send all relayed mail using confRELAY_MAILER (defaults 2205 to "relay" (a variant of "smtp") if MAILER(smtp) is used, 2206 else "suucp" if MAILER(uucp) is used, else "unknown"); 2207 this cleans up the configs somewhat. This fixes a serious 2208 problem that caused route-addrs to get mistaken as relays, 2209 pointed out by John Myers. WARNING: this also causes 2210 the default on SMART_HOST to change from "suucp" to 2211 "relay" if you have MAILER(smtp) specified. 2212 22138.4/8.4 93/07/22 2214 Add option `w'. If you receive a message that comes to you because 2215 you are the best (lowest preference) target of an MX, and 2216 you haven't explicitly recognized the source MX host in 2217 your .cf file, this option will cause you to try the target 2218 host directly (as if there were no MX for it at all). If 2219 `w' is not set, this case is a configuration error. 2220 Beware: if `w' is set, senders may get bogus errors like 2221 "message timed out" or "host unknown" for problems that 2222 are really configuration errors. This option is 2223 disrecommended, provided only for compatibility with 2224 UIUC sendmail. 2225 Fix a problem that caused the incoming socket to be left open 2226 when sendmail forks after the DATA command. This caused 2227 calling systems to wait in FIN_WAIT_2 state until the 2228 entire list was processed and the child closed -- a 2229 potentially prodigious amount of time. Problem noted 2230 by Neil Rickert. 2231 Fix problem (created in 6.64) that caused mail sent to multiple 2232 addresses, one of which was a bad address, to completely 2233 suppress the sending of the message. This changes 2234 handling of EF_FATALERRS somewhat, and adds an 2235 EF_GLOBALERRS flag. This also fixes a potential problem 2236 with duplicate error messages if there is a syntax error 2237 in the header of a message that isn't noticed until late 2238 in processing. Original problem pointed out by Josh Smith 2239 of Harvey Mudd College. This release includes quite a bit 2240 of dickering with error handling (see below). 2241 Back out SMTP transaction if MAIL gets nested 501 error. This 2242 will only hurt already-broken software and should help 2243 humans. 2244 Fix a problem that broke aliases when neither NDBM nor NEWDB were 2245 compiled in. It would never read the alias file. 2246 Repair unbalanced `)' and `>' (the "open" versions are already 2247 repaired). 2248 Logging of "done" in dropenvelope() was incorrect: it would 2249 log this even when the queue file still existed. Change 2250 this to only log "done" (at log level 11) when the 2251 queue file is actually removed. From John Myers. 2252 Log "lost connection" in server SMTP at log level 20 if there 2253 is no pending transaction. Some senders just close the 2254 connection rather than sending QUIT. 2255 Fix a bug causing getmxrr to add a dot to the end of unqualified 2256 domains that do not have MX records -- this would cause 2257 the subsequent host name lookup to fail. The problem 2258 only occurred if you had FEATURE(nocanonify) set. 2259 Problem noted by Rick McCarty of Texas Instruments. 2260 Fix invocation of setvbuf when passed a -X flag -- I had 2261 unwittingly used an ANSI C extension, and this caused 2262 core dumps on some machines. 2263 Diagnose self-destructive alias loops on RCPT as well as EXPN. 2264 Previously it just gave an empty send queue, which 2265 then gave either "Need RCPT (recipient)" at the DATA 2266 (confusing, since you had given an RCPT command which 2267 returned 250) or just dropped the email, depending on 2268 whether you were running VERBose mode. Now it usually 2269 diagnoses this case as "aliasing/forwarding loop broken". 2270 Unfortunately, it still doesn't adequately diagnose 2271 some true error conditions. 2272 Add internal concept of "warning messages" using 6xx codes. 2273 These are not reported only to Postmaster. Unbalanced 2274 parens, brackets, and quotes are printed as 653 codes. 2275 They are always mapped to 5xx codes before use in SMTP. 2276 Clean up error messages to tell both the actual address that 2277 failed and the alias they arose from. This makes it 2278 somewhat easier to diagnose problems. Difficulty noted 2279 by Motonori Nakamura. 2280 Fix a problem that inappropriately added a ctladdr to addresses 2281 that shouldn't have had one during a queue run. This 2282 caused error messages to be handled differently during 2283 a queue run than a direct run. 2284 Don't print the qf name and line number if you get errors during 2285 the direct run of the queue from srvrsmtp -- this was 2286 just extra stuff for users to crawl through. 2287 Put command line flags on second line of pid file so you can 2288 auto-restart the daemon with all appropriate arguments. 2289 Use "kill `head -1 /etc/sendmail.pid`" to stop the 2290 daemon, and "eval `tail -1 /etc/sendmail.pid`" to 2291 restart it. 2292 Remove the ``setuid(getuid())'' in main -- this caused the 2293 IDENT daemon to screw up. This required that I change 2294 HASSETEUID to HASSETREUID and complicate the mode 2295 changing somewhat because both Ultrix and SunOS seem 2296 to have a bug causing seteuid() to set the saved uid 2297 as well as the effective. The program test/t_setreuid.c 2298 will test to see if your implementation of setreuid(2) 2299 is appropriately functional. 2300 The FallBackMX (option V) handling failed to properly identify 2301 fallback to yourself -- most of the code was there, 2302 but it wasn't being enabled. Problem noted by Murray 2303 Kucherawy of the University of Waterloo. 2304 Change :include: open timeout from ETIMEDOUT to an internal 2305 code EOPENTIMEOUT; this avoids adding "during SmtpPhase 2306 with CurHostName" in error messages, which can be 2307 confusing. Reported by Jonathan Kamens of OpenVision 2308 Technologies. 2309 Back out setpgrp (setpgid on POSIX systems) call to reset the 2310 process group id. The original fix was to get around 2311 some problems with recalcitrant MUAs, but it breaks 2312 any call from a shell that creates a process group id 2313 different from the process id. I could try to fix 2314 this by diddling the tty owner (using tcsetpgrp or 2315 equivalent) but this is too likely to break other 2316 things. 2317 Portability changes: 2318 Support -M as equivalent to -oM on Ultrix -- apparently 2319 DECnet calls sendmail with -MrDECnet -Ms<HOST> -bs 2320 instead of using standard flags. Oh joy. This 2321 behaviour reported by Jon Giltner of University 2322 of Colorado. 2323 SGI IRIX -- this includes several changes that should 2324 help other strict ANSI compilers. 2325 SCO Unix -- from Murray Kucherawy of HookUp Communication 2326 Corporation. 2327 Solaris running the Sun C compiler (which despite the 2328 documentation apparently doesn't define 2329 __STDC__ by default). 2330 ConvexOS from Eric Schnoebelen of Convex. 2331 Sony NEWS workstations and Omron LUNA workstations from 2332 Motonori Nakamura. 2333 CONFIG: add confTRY_NULL_MX_LIST to set option `w'. 2334 CONFIG: delete `C' and `e' from default SMTP mailers flags; 2335 several people have made a good argument that this 2336 creates more problems than it solves (although this 2337 may prove painful in the short run). 2338 CONFIG: generalize all the relays to accept a "mailer:host" 2339 format. 2340 CONFIG: move local processing in ruleset 0 into a new ruleset 2341 98 (8 on old sendmail). Domain literal [a.b.c.d] 2342 addresses are also passed through this ruleset. 2343 CONFIG: if neither SMART_HOST nor MAILER(smtp) were defined, 2344 internet-style addresses would "fall off the end" of 2345 ruleset zero and be interpreted as local -- however, 2346 the angle brackets confused the recursive call. 2347 These are now diagnosed as "Unrecognized host name". 2348 CONFIG: USENET rules weren't included in S0 because of a mistaken 2349 ifdef(`_MAILER_USENET_') instead of 2350 ifdef(`_MAILER_usenet_'). Problem found by Rein Tollevik 2351 of SINTEF RUNIT, Oslo. 2352 CONFIG: move up LOCAL_RULE_0 processing so that it happens very 2353 early in ruleset 0; this allows .mc authors to bypass 2354 things like the "short circuit" code for local addresses. 2355 Prompted by a comment by Bill Wisner of The Well. 2356 CONFIG: add confSMTP_MAILER to define the mailer used (smtp or 2357 esmtp) to send SMTP mail. This allows you to default 2358 to esmtp but use a mailertable or other override to 2359 deal with broken servers. This logic was pointed out 2360 to me by Bill Wisner. Ditto for confLOCAL_MAILER. 2361 Changes to cf/sh/makeinfo.sh to make it portable to SVR4 2362 environments. Ugly as sin. 2363 23648.3/8.3 93/07/13 2365 Fix setuid problems introduced in 8.2 that caused messages 2366 like "Cannot create qfXXXXXX: Invalid argument" 2367 or "Cannot reopen dfXXXXXX: Permission denied". This 2368 involved a new compile flag "HASSETEUID" that takes 2369 the place of the old _POSIX_SAVED_IDS -- it turns out 2370 that the POSIX interface is broken enough to break 2371 some systems badly. This includes some fixes for 2372 HP-UX. Also fixes problems where the real uid is 2373 not reset properly on startup (from Neil Rickert). 2374 Fix a problem that caused timed out messages to not report the 2375 addresses that timed out. Error messages are also more 2376 "user friendly". 2377 Drop required bandwidth on connections from 64 bytes/sec to 2378 16 bytes/sec. 2379 Further Solaris portability changes -- doesn't require the BSD 2380 compatibility library. This also adds a new 2381 "HASGETDTABLESIZE" compile flag which can be used if 2382 you want to use getdtablesize(2) instead of sysconf(2). 2383 These are loosely based on changes from David Meyer at 2384 University of Oregon. This now seems to work, at least 2385 for quick test cases. 2386 Fix a problem that can cause duplicate error messages to be 2387 sent if you are in SMTP, you send to multiple addresses, 2388 and at least one of those addresses is good and points 2389 to an account that has a .forward file (whew!). 2390 Fix a problem causing messages to be discarded if checkcompat() 2391 returned EX_TEMPFAIL (because it didn't properly mark 2392 the "to" address). Problem noted by John Myers. 2393 Fix dfopen to return NULL if the open failed; I was depending 2394 on fdopen(-1) returning NULL, which isn't the case. This 2395 isn't serious, but does result in wierd error diagnoses. 2396 From Michael Corrigan. 2397 CONFIG: add UUCP_MAX_SIZE M4 macro to set the maximum size of 2398 messages sent through UUCP-family mailers. Suggested 2399 by Bill Wisner of The Well. 2400 CONFIG: if both MAILER(uucp) and MAILER(smtp) are specified, 2401 include a "uucp-dom" mailer that uses domain-style 2402 addressing. Suggested by Bill Wisner. 2403 CONFIG: Add LOCAL_SHELL_FLAGS and LOCAL_SHELL_ARGS to match 2404 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS. Suggested by 2405 Christophe Wolfhugel. 2406 CONFIG: Add OSTYPE(aix3). From Christophe Wolfhugel. 2407 24088.2/8.2 93/07/11 2409 Don't drop out on config file parse errors in -bt mode. 2410 On older configuration files, assume option "l" (use Errors-To 2411 header) for back compatibility. NOTE: this DOES NOT 2412 imply an endorsement of the Errors-To: header in any way. 2413 Accept -x flag on AIX-3 as well as OSF/1. Why, why, why??? 2414 Don't log errors on EHLO -- it isn't a "real" error for an old 2415 SMTP server to give an error on this command, and 2416 logging it in the transcript can be confusing. Fix 2417 from Bill Wisner. 2418 IRIX compatibility changes provided by Dan Rich 2419 <drich@sandman.lerc.nasa.gov>. 2420 Solaris 2 compatibility changes. Provided by Bob Cunningham 2421 <bob@kahala.soest.hawaii.edu>, John Oleynick 2422 <juo@klinzhai.rutgers.edu> 2423 Debugging: -d17 was overloaded (hostsignature and usersmtp.c); 2424 move usersmtp (smtpinit and smtpmailfrom) to -d18 to 2425 match the other flags in that file. 2426 Flush transcript before fork in mailfile(). From Eric Wassenaar. 2427 Save h_errno in mci struct and improve error message display. 2428 Changes from Eric Wassenaar. 2429 Open /dev/null for the transcript if the create of the xf file 2430 failed; this avoids at least one possible null pointer 2431 reference in very wierd cases. From Eric Wassenaar. 2432 Clean up statistics gathering; it was over-reporting because of 2433 forks. From Eric Wassenaar. 2434 Fix problem that causes old Return-Path: line to override new 2435 Return-Path: line (conf.c needs H_FORCE to avoid 2436 re-using old value). From Motonori Nakamura. 2437 Fix broken -m flag in K definition -- even if -m (match only) 2438 was specified, it would still replace the key with the 2439 value. Noted by Rick McCarty of Texas Instruments. 2440 If the name server timed out over several days, no "timed out" 2441 message would ever be sent back. The timeout code 2442 has been moved from markfailure() to dropenvelope() 2443 so that all such failures should be diagnosted. Pointed 2444 out by Christophe Wolfhugel and others. 2445 Relax safefile() constraints: directories in an include or 2446 forward path must be readable by self if the controlling 2447 user owns the entry, readable by all otherwise (e.g., 2448 when reading your .forward file, you have to own and 2449 have X permssion in it; everyone needs X permission in 2450 the root and directories leading up to your home); 2451 include files must be readable by anyone, but need not 2452 be owned by you. 2453 If _POSIX_SAVED_IDS is defined, setuid to the owner before 2454 reading a .forward file; this gets around some problems 2455 on NFS mounts if root permission is not exported and 2456 the user's home directory isn't x'able. 2457 Additional NeXT portability enhancements from Axel Zinser. 2458 Additional HP-UX portability enhancements from Brian Bullen. 2459 Add a timeout around SMTP message writes; this assumes you can 2460 get throughput of at least 64 bytes/second. Note that 2461 this does not impact the "datafinal" default, which 2462 is separate; this is just intended to work around 2463 network clogs that will occur before the final dot 2464 is sent. From Eric Wassenaar. 2465 Change map code to set the "include null" flag adaptively -- 2466 it initially tries both, but if it finds anything 2467 matching without a null it never tries again with a 2468 null and vice versa. If -N is specified, it never 2469 tries without the null and creates new maps with a 2470 null byte. If -O is specified, it never tries with 2471 the null (for efficiency). If -N and -O are specified, 2472 you get -NO (get it?) lookup at all, so this would 2473 be a bad idea. If you don't specify either -N or -O, 2474 it adapts. 2475 Fix recognition of "same from address" so that MH submissions 2476 will insert the appropriate full name information; 2477 this used to work and got broken somewhere along the 2478 way. 2479 Some changes to eliminate some unnecessary SYSERRs in the 2480 log. For example, if you lost a connection, don't 2481 bother reporting that fact on the connection you lost. 2482 Add some "extended debugging" flags to try to track down 2483 why we get occassional problems with file descriptor 2484 one being closed when execing a mailer; it seems to 2485 only happen when there has been another error in the 2486 same transaction. This requires XDEBUG, defined 2487 by default in conf.h. 2488 Add "-X filename" command line flag, which logs both sides of 2489 all SMTP transactions. This is intended ONLY for 2490 debugging bad implementations of other mailers; start 2491 it up, send a message from a mailer that is failing, 2492 and then kill it off and examine the indicated log. 2493 This output is not intended to be particularly human 2494 readable. This also adds the HASSETVBUF compile 2495 flag, defaulted on if your compiler defines __STDC__. 2496 CONFIG: change SMART_HOST to override an SMTP mailer. If you 2497 have a local net that should get direct connects, you 2498 will need to use LOCAL_NET_CONFIG to catch these hosts. 2499 See cf/README for an example. 2500 CONFIG: add LOCAL_MAILER_ARGS (default: `mail -d $u') to handle 2501 sites that don't use the -d flag. 2502 CONFIG: hide recipient addresses as well as sender addresses 2503 behind $M if FEATURE(allmasquerade) is specified; this 2504 has been requested by several people, but can break 2505 local aliases. For example, if you mail to "localalias" 2506 this will be rewritten as "localalias@masqueradehost"; 2507 although initial delivery will work, replies will be 2508 broken. Use it sparingly. 2509 CONFIG: add FEATURE(domaintable). This maps unqualified domains 2510 to qualified domains in headers. I believe this is 2511 largely equivalent to the IDA feature of the same name. 2512 CONFIG: use $U as UUCP name instead of $k. This permits you 2513 to override the "system name" as your UUCP name -- 2514 in particular, to use domain-ized UUCP names. From 2515 Bill Wisner of The Well. 2516 CONFIG: create new mailer "esmtp" that always tries EHLO 2517 first. This is currently unused in the config files, 2518 but could be used in a mailertable entry. 2519 25208.1C/8.1B 93/06/27 2521 Serious security bug fix: it was possible to read any file on 2522 the system, regardless of ownership and permissions. 2523 If a subroutine returns a fully qualified address, return it 2524 immediately instead of feeding it back into rewriting. 2525 This fixes a problem with mailertable lookups. 2526 CONFIG: fix some M4 frotz (concat => CONCAT) 2527 25288.1B/8.1A 93/06/12 2529 Serious bug fix: pattern matching backup algorithm stepped by 2530 two tokens in classes instead of one. Found by Claus 2531 Assmann at University of Kiel, Germany. 2532 25338.1A/8.1A 93/06/08 2534 Another mailertable fix.... 2535 25368.1/8.1 93/06/07 2537 4.4BSD freeze. No semantic changes. 2538 25396.65/6.34 93/06/06 2540 Fix some lintish problems. 2541 Fix some cases where server SMTP behaved poorly when handed bogus 2542 input, pointed out by Eric Wassenaar. 2543 CONFIG: fix some more (sigh) mailertable bugs -- thanks to 2544 Motonori Nakamura of Kyoto University (again). 2545 25466.64/6.33 93/06/05 2547 Don't send 050 (-v) information after the 250 response to a QUIT 2548 command in srvrsmtp -- clients usually close the connection 2549 at this point, and it causes bogus error messages. 2550 Don't send messages that have errors on input (such as unbalanced 2551 parentheses) during SMTP transactions, since a return 2552 message has (probably) already been sent. 2553 Give better diagnostics on timeouts during network reads, including 2554 information similar to the SMTP phase. 2555 Fix bug that caused SMTP messages to deliver synchronously; this 2556 happened after the DATA 250, and hence caused reading the 2557 next command to be delayed. 2558 Ignore Errors-To: header unless 'l' (lower case el) header is 2559 specified. The Errors-To: header violates RFC 1123. 2560 Errors-To: was only needed to take the place of the 2561 envelope sender in the days when most Unix mailers 2562 didn't understand about the two kinds of senders. 2563 Don't send warning messages in response to automatically generated 2564 messages (that is, those From:<>). 2565 CONFIG: fix some rather stupid typos in the mailertable code 2566 pointed out by Motonori Nakamura of Kyoto University. 2567 CONFIG: add confUSE_ERRORS_TO configuration option. 2568 CONFIG: if ALWAYS_ADD_DOMAIN is selected, try to use $M 2569 (masquerade name) instead of $j. 2570 CONFIG: don't add dots to relay names (added in 6.29); it breaks 2571 several things, and can be simulated by dot terminating 2572 the names of relays. For example, use: 2573 DBbit.net.relay. 2574 (note the trailing dot). 2575 25766.63/6.32 93/06/01 2577 Fix prototypes to eliminate chars in argument lists -- some 2578 compilers are pissy about this. 2579 Log protocol ($r) and body type if set so we can determine if 2580 the adaptive algorithms are working. 2581 Pessimize on locking of database files (particularly for NEWDB 2582 databases) during opens. There were problems with 2583 processes opening the file while it was rebuilt; since 2584 NEWDB caches heavily, the reader opened an empty file, 2585 which is an error. If your system has the ability to 2586 lock atomically on open, this works properly; otherwise, 2587 there are race conditions. 2588 Check mod time on .pag file instead of .dir in NDBM aliases 2589 because the .dir file doesn't get updated for small 2590 alias files. From John Gardiner Myers of CMU. 2591 More Solaris portability -- it now compiles on Solaris, but 2592 hangs up in gethostbyname(). 2593 Move setting of RES_DEBUG flag before first myhostname() call 2594 so we can see name server traffic on that call. 2595 Fsync() queue files. 2596 Fix a problem that causes -bi to try to rebuild maps other than 2597 the alias file(s). 2598 Fix a problem that caused udb to reject entries from any but 2599 the first database listed. 2600 Rearrange doc subdirectory for 4.4BSD release tape. 2601 CONFIG: put $r into the Received line. This was an oversight. 2602 CONFIG: fix typo (call to ruleset 99 should have been rulset 90). 2603 CONFIG: move "auxiliary" subroutines to be in ruleset 90-99 2604 range -- in the long run, single digit rulesets may 2605 become reserved for builtin use by sendmail. 2606 CONFIG: fix major problem that causes host aliases (that is, 2607 anything in $=w != $j) to not be recognized. This has 2608 been around since 6.30. 2609 26106.62/6.31 93/05/28 2611 BETA RELEASE 2612 Fix recursive syserr (if there is an error printing a syserr 2613 message). This makes the code much less eager to consider 2614 a write error as serious. This also includes some 2615 heuristics to be clever about closed connections. 2616 Lock NEWDB files during gets. This requires version 1.5 or later 2617 of the db library. If you have an older version, you 2618 can use -DOLD_NEWDB. This will go away in a few weeks. 2619 Fix problem causing aliases that use host maps to get overwritten. 2620 Do appropriate byte swapping on port numbers in ident protocol 2621 code. Fix from Allan Johannesen of WPI. 2622 Defer opening of map files to the same time as alias files so that 2623 the daemon will tend to pick up new versions more promptly. 2624 Prototype a bunch more functions. 2625 Some Solaris 2.1 changes (still doesn't link though). 2626 Try to simplify Makefiles by including more subordinate #defines 2627 in conf.h (based on OS type). 2628 CONFIG: check for domains if FEATURE(mailertable) is defined. 2629 For example, if the host name is "knecht.cs.berkeley.edu" 2630 it will search the following mailertable keys: 2631 knecht.cs.berkeley.edu 2632 .cs.berkeley.edu 2633 .berkeley.edu 2634 .edu 2635 This could be used to replace the special relays for bitnet 2636 and similar nets. 2637 26386.61/6.30 93/05/24 2639 Fix problem that prevented appending dots on canonified host 2640 names. This breaks tons of config files -- very 2641 important fix. 2642 Fix improper pointer dereference in response to HELO command. 2643 Fix core dump if debugging set in map_rewrite. 2644 CONFIG: add FEATURE(always_add_domain) to always attach the 2645 local domain (only impacts local mail). 2646 CONFIG: try to avoid turning names into $j -- although 2647 technically a host can only have one "canonical name", 2648 it seems to be common practice to have several. 2649 26506.60/6.29 93/05/22 2651 Major change: merge alias databases with maps. This expands and 2652 changes the map class interface but fixes a bunch of bugs. 2653 The important user-visible change is that the file name 2654 in a K line now does not include the ".db" extension; this 2655 is added automatically. Also, the -d (NIS domain) flag is 2656 missing from the K config line; use @domain instead. 2657 When compiling, the *_MAP names are gone -- just compile 2658 in NDBM, NEWDB, and/or NIS support. 2659 Announce mailer/host/user triple on -bv flag -- from Brian 2660 Bullen of Stirling University. 2661 Don't send more than one line in response to HELO -- it confuses 2662 Pony Express, which then behaves very badly. However, 2663 this change does send two line 220 greetings, with the 2664 second line reading "ESMTP spoken here". The usersmtp 2665 module recognizes this and goes into ESMTP mode regardless 2666 of the setting of the "a" mailer flag. Thus, "a" means 2667 "always try EHLO". 2668 AIX portability changes (thanks to Christophe Wolfhugel of 2669 Herve Schauer Consultants (Paris) for providing me with 2670 an INSA account for this purpose). Lightly tested. Use 2671 -D_AIX3. This probably breaks compatibility with some 2672 older systems (e.g., 4.2bsd) but still works on SunOS 2673 4.1.2, Ultrix 4.2A, HP-UX 8.07, OSF/1 T1.3, and AIX 3.2.3. 2674 Fix a problem causing an error message loop if the output channel 2675 is hosed. 2676 Add the Makefiles that I use for various environments -- some are 2677 Berkeley make versions and some are old make versions. 2678 My makefile for the NeXT box has gotten lost, alas! 2679 PRALIASES: support for printing NEWDB databases. From 2680 Michael J. Corrigan of U.C. San Diego. 2681 CONFIG: don't pass pseudo-domains to $[ ... $] (if you have 2682 a wildcard MX it can have wierd results). From 2683 Christophe Wolfhugel. 2684 CONFIG: dot terminate relay hostnames in S0. From Christophe 2685 Wolfhugel. 2686 26876.59/6.28 93/05/13 2688 Log version with SMTP daemon startup message. 2689 Adjust setproctitle to work on NetBSD and BSD/386. 2690 Fix null pointer reference in MX fallback code. 2691 A bunch of minor fixes from Eric Wassenaar: 2692 If deliver cannot execv the mailer, return EX_OSERR 2693 instead of EX_TEMPFAIL (to give better 2694 error messages). 2695 Consistently malloc e_message. 2696 Catch degenerate case of calling returntosender() 2697 with an empty returnq. 2698 MIME reformatting. 2699 27006.58/6.28 93/05/13 2701 Fix bug that can cause incorrect verbose display of user smtp 2702 messages. 2703 Disable SMTP VERB command if PRIV_NOEXPN is set (since this 2704 could reveal the same information. 2705 Allow failure when reading SMTP greeting message to go on to 2706 next MX host. 2707 Add "MIME-Version: 1.0" header if using MIME (this was NOT 2708 included in RFC 1344, but Bill King of Allan-Bradley 2709 Company forwarded me email from Nathaniel Borenstein 2710 claiming that it was an inadvertent omission). 2711 Don't use Content-Type: X-message-header. According to John 2712 Myers of CMU, many MIME readers will completely ignore 2713 the data if they don't recognize it. Instead, just 2714 add a blank line to make it a legal (empty) message. 2715 Fix problem causing dots to keep getting appended to cached 2716 hostnames. This can cause buffer overrun conditions. 2717 The problem was found by Erik Forsberg of Retix, 2718 although I used a different bug fix than he provided. 2719 Fix parsing of split header/envelope rewriting specs -- from 2720 Eric Forsberg. 2721 Fix from Eric Wassenaar to correct To: lists in error messages. 2722 27236.57/6.28 93/05/11 2724 Fix minor glitch causing extra ctladdrs to be output to queue 2725 file. Just an annoyance. 2726 Cache results of name server canonification lookups to avoid 2727 backed up queue runs. 2728 Major rewrite of alias.c: considerable cleanup, plus sample 2729 (untested) support for NIS aliases. The "A" option 2730 can now be a comma separated list (or be repeated) -- 2731 that is, you can have multiple alias databases. Each 2732 database can have the syntax ``class:file''; if no class 2733 is specified, the "implicit" class is assumed. Implicit 2734 searches through a list of compiled in types -- hash, 2735 dbm, nis, and stab. Alias files are searched in the 2736 order they are listed. For example: 2737 OAhash:/etc/aliases.local,/etc/aliases 2738 OAnis:mail.aliases@my.nis.domain 2739 first searches the hash database /etc/aliases.local, 2740 then the regular /etc/aliases database, then the NIS 2741 map "mail.aliases" in the NIS domain "my.nis.domain". 2742 If in Verbose mode (probably from VERB command) run SMTP job 2743 in foreground and don't do RCPT optimizations. 2744 Add udb :mailsender as equivalent to owner- for regular aliases. 2745 Delete option 8; add option 7 that means the opposite. That is, 2746 default to 8-bit mode; a special option is needed to 2747 force sendmail into 7 bit mode. 2748 Send error messages in encapsulated MIME format. 2749 New compile flag "NIS" that turns on NIS alias and NIS map 2750 support. 2751 Add "j" option to send error messages in MIME (RFC 1341) 2752 encapsulated message format per RFC 1344. The 2753 syntax is pretty ugly if you don't have MIME-aware 2754 user agents. 2755 Clean up message handling (for display in mailq output). 2756 New setproctitle implementation for 4.4bsd. 2757 Create files (such as ~/dead.letter) using mode FileMode (the 2758 F option value) instead of 0666. 2759 Fix bug causing output of EXPN command to not be fully qualified. 2760 This may cause some problems with UUCP addresses that 2761 will require some config file assistance -- specifically, 2762 the $: part has to include the host name for this output 2763 to make sense. 2764 Fix a problem that sometimes diagnosed errors and still sent the 2765 message if the header syntax was bad. 2766 Fix a bug that caused an error message to be emailed when sendmail 2767 was operating in -bv mode. 2768 Add "ListenQueueSize" keyword to daemon options option (OO) to 2769 set the queue size parameter passed to listen(). You 2770 will normally have to tweak your kernel to up this. 2771 Strip spaces off of beginning of message-id before logging (in 2772 case it was folded across lines). 2773 Tweak compile flags in daemon.c -- there were some cases where 2774 it wouldn't work without NETINET. 2775 Change *file* mailer to output all the usual default headers 2776 (From, Date, Message-Id). It gets used when sending 2777 back error messages. 2778 CONFIG: explicitly catch and diagnose list:; syntax in ruleset 2779 zero -- this is not a valid recipient syntax according 2780 to RFC 821. 2781 CONFIG: add confMIME_FORMAT_ERRORS to send error messages in 2782 MIME format. Defaults to on. 2783 CONFIG: add SMTP_MAILER_FLAGS and UUCP_MAILER_FLAGS to augment 2784 the flags for those mailers. 2785 27866.56/6.27 93/05/01 2787 Fix problem that causes the fallback mail to postmaster 2788 (case ESM_POSTMASTER in savemail()) to not look at 2789 aliases (ugh). 2790 Some more HPUX tweaking (compile flag hpux => __hpux so it 2791 still works in ANSI mode). 2792 Don't try to flock non-regular files when mailing to a file. 2793 In particular, this was a problem if you tried to 2794 send to /dev/null. 2795 Fix a wierd bug that can cause senders to be queued as 2796 recipients if the name server is down when the mail 2797 is initially sent. This hack just ignores sender 2798 deletion (essentially, it sets the MeToo flag) if there 2799 is a TEMPFAIL during processing of the sender address. 2800 Obscure. 2801 Fix a dangling else problem -- from Brian Bullen from University 2802 of Stirling, UK. 2803 Add the "b" mailer flag to force a blank line on the end of 2804 messages. Some brilliant versions of /bin/mail insist 2805 on this but do not add it themselves. 2806 Add the "g" mailer flag to prevent user SMTP from sending 2807 "MAIL From:<>". This is only intended to be a 2808 transitional gesture, and should not be used if at 2809 all possible. It appears that Berkeley and IDA 2810 config files have always handled this properly; the 2811 UK config kit apparently does not. 2812 Don't lowercase and then capitalize header field names -- leave 2813 them with original capitalization. Fixes from Bill 2814 King of Allen-Bradley Company. 2815 Further cleanup and improved reporting of error messages, 2816 particularly conditions that cause messages to be 2817 requeued for future delivery. 2818 Tweak syslog priorities in some cases. 2819 CONFIG: clean up route-addr on UUCP addresses. 2820 28216.55/6.25 93/04/27 2822 HPUX 8.07 compatibility changes in getla() -- I had to make 2823 these changes to get it to work at Berkeley, although 2824 others seem to have been working before (???). 2825 Various patches to XLA code. 2826 Fix problem that causes setuid bit on files to be ignored from 2827 SMTP or in queue runs. Problem noted by Jason Ornstein 2828 of Under The Wire, Inc. 2829 Fix problem that can cause CNAMEs to be ignored. 2830 Generalize getmxrr to match local host in $=w instead of a 2831 single name passed in. 2832 Some cleanup from Eric Wassenaar: 2833 Use FileMailer instead of ProgMailer in two places. 2834 Eliminate duplicate 8th-bit stripping in commaize. 2835 Fix a problem with mis-parsing of backslash escapes 2836 under some circumstances. 2837 NIS map fix (was always including trailing null character) 2838 from Mike Glendinning of Ingres UK. 2839 Add "a" mailer flag to try using ESMTP. It tries the EHLO 2840 command and if that fails falls back to regular SMTP. 2841 Also parses EHLO option keywords. If host supports 2842 SIZE extension, this is added to the MAIL FROM: 2843 command. 2844 Extend "b" option to include a second value which is the 2845 maximum message size this server is willing to accept. 2846 For example, a value of "10/1000000" says that there 2847 must be ten blocks free, and sendmail will reject 2848 any message larger than one megabyte. 2849 Some portability hooks for NeXT (this could be applicable 2850 to Mach in general). You have to create an empty 2851 file called "unistd.h" to get it to compile. 2852 Adjust config values (MAXLINE, MAXATOM, and PSBUFSIZE) to 2853 be more generous. 2854 Add X400-Received: to the list of headers tagged with H_TRACE 2855 in conf.c. From Bill King, Allen-Bradley Co. 2856 28576.54/6.25 93/04/19 2858 Fix problem that caused redefinition of SMTP and QUEUE compile 2859 flags. Pointed out by Jon Forrest of the Sequoia 2000 2860 project at Berkeley. 2861 Properly handle \! hack -- it was treating host\!user as one 2862 token (host!user) instead of three (host, !, user). 2863 Fix from Eric Wassenaar of NIKHEF-H. 2864 Fix compilation problem in getauthinfo() if IDENTPROTO is off. 2865 Turn off DEFNAMES and DNSRCH when getting the hostsignature 2866 (i.e., MX records) in level 1 configuration files; this 2867 matches the old behaviour. From Motonori Nakamura of 2868 Kyoto University. 2869 Improve error message printing -- if sent through an alias, 2870 error messages include the name of the alias in the 2871 message. Unfortunately, in order to make this work 2872 properly in queue runs, this changes the format of the 2873 C line in the qf file. The relatively uselessness of 2874 the previous information was pointed out to me by 2875 Allan E Johannesen of WPI. 2876 Add XLA compile flag to add hooks to Christophe Wolfhugel's 2877 extended load average code. This is still in very early 2878 form. For information regarding the guts of the xla 2879 code, contact Christophe.Wolfhugel@grasp.insa-lyon.fr. 2880 Additional hooks for detecting tempfails in rewriting rules 2881 (that is, in map lookups). 2882 28836.53/6.25 93/04/15 2884 Properly diagnose ruleset zero returning null (instead of a mailer 2885 triple). From Motonori Nakamura of Kyoto University. 2886 More generalization of socket code for other protocols. 2887 Shorten timeouts on reverse name lookups -- since they are done 2888 during connection establishment, long timeouts here can 2889 cause higher level timeouts. This mainly serves to accept 2890 mail from hosts that do not have proper reverse (PTR) DNS 2891 records set up. 2892 Reset e_statmsg before each mailer invocation to avoid bogus 2893 messages in the log. 2894 Redefine $r, $s, and $_ in error envelopes so you don't get 2895 incorrect cruft in the error message. Problem noted by 2896 Motonori Nakamura of Kyoto University. 2897 Fix a problem that can cause failure to return errors to Postmaster 2898 in certain cases. From Motonori Nakamura. 2899 Fix a problem that can cause some systems to give duplicate error 2900 messages when a bad syntax address such as "<a" is presented 2901 to an SMTP server. It doesn't seem to occur on all 2902 machines. From Motonori Nakamura. 2903 Default IDENTPROTO off for Ultrix and HPUX, which apparently have 2904 the interesting "feature" that when they receive a "Host 2905 unreachable" message they closes all open connections to 2906 that host. However, some firewall gateways send this message 2907 if you try to connect to an unauthorized port, such as the 2908 IDENT port (113). Thus, no email can be received from such 2909 hosts. There is some evidence that versions of Ultrix before 2910 4.3 do not have this problem. Thanks to Tom Ivar Helbekkmo 2911 for pointing out this behaviour to me and to Michael Corrigan 2912 of U.C. San Diego for informing me about the HPUX problem. 2913 Allow IPC mailers to return a colon-separated list of hosts in the 2914 $@ clause; these are searched in order as though they were 2915 MX records. 2916 When sending an error report, print the list of addresses tagged 2917 as bad. Requested by Allan E Johannesen of WPI. 2918 Change map function calls to return a status code. This gets 2919 passed back as the result of rewrite. Parseaddr marks 2920 the address as a QUEUEUP address if the return code is 2921 EX_TEMPFAIL. All this to queue properly if the name 2922 server is down. This code is not well tested. This code 2923 changes the interface to map lookup functions (a fifth 2924 parameter, int *statp, is added). Feature requested by 2925 Dan Oscarsson. 2926 Don't delete quotes (in the dequote map) if there are spaces in 2927 the string, since this would cause them to be replaced by 2928 the SpaceSub character. 2929 Accept BODY=8BITMIME on SMTP MAIL command. This isn't advertised 2930 because the 8BIT to 7BIT translation doesn't exist yet. 2931 This does add a "bodytype" field to both envelope and 2932 queue file and a -B command line flag to pass the type in 2933 during direct invocations. 2934 Discard return error messages only on responses to responses to 2935 responses, not on responses to responses. That is, the 2936 algorithm is to try return to sender, then return to 2937 postmaster, then discard. Previously it discarded 2938 immediately if the return to sender pass failed. 2939 CONFIG: back out change to hide unqualified hostnames behind %-hack. 2940 This screws up local aliases and .forward files. 2941 CONFIG: add FEATURE(nocanonify) to turn off calls to $[ ... $]; 2942 some sites only handle completely canonified names. 2943 Requested by John Gardiner Myers of CMU. 2944 CONFIG: some UUCP code was still included even if FEATURE(nouucp) 2945 was specified. 2946 29476.52/6.24 93/04/10 2948 Clean up some minor glitches on error return messages pointed out 2949 by Motonori Nakamura of Kyoto University. 2950 Fix reply() to not reset SmtpReplyBuffer on fatal errors; this 2951 was supposed to reset SmtpMsg Buffer. This makes the 2952 client side code virtually useless. Reported by Allan 2953 E Johannesen of WPI and Phil Brandenberger of Swarthmore. 2954 Better debug messages if fuzzy is disabled, suggested by Allan 2955 E Johannesen of WPI. 2956 Offset SmtpReplyBuffer by four in usersmtp when checking for 2957 loopback. From Eric Wassenaar. 2958 Don't set $s until after runinchild in srvrsmtp -- otherwise 2959 it gets cleared. From Eric Wassenaar. 2960 Implement IDA-style $&x for deferred macro expansion. 2961 More POSIX compatibility. 2962 CONFIG: Hide unqualified hostnames behind %-hack using $s as the 2963 actual sender. This is only done if $r is non-null, that 2964 is, if this is not locally submitted mail. 2965 CONFIG: Add FEATURE(bitdomain) allowing mapping of BITNET host 2966 names to internet domains. A program contributed by 2967 John Gardiner Myers of CMU to create the maps is included 2968 in the contrib directory (in the "misc" tar file). 2969 CONFIG: Add FEATURE(uucpdomain) for a similar mapping for UUCP 2970 hosts. There is currently no tool to create this map. 2971 29726.51/6.23 93/04/04 2973 Add D= mailer flag to specify a path of possible working directories 2974 in which to execute the mailer. This is intended for the 2975 prog mailer; some shells can get upset if they don't have 2976 access to the current directory. 2977 Add RFC 1413 (IDENT) protocol support. This is only very loosely 2978 tested. This adds a $_ macro to be the authenticated 2979 info (in ``user@domain [address]'' form) and debug flag 2980 9 to trace the protocol. 2981 Check for loopbacks in usersmtp instead of srvrsmtp -- there is no 2982 reason for a local agent to not be talking to the localhost 2983 (although the inverse is not true). 2984 Add a few hooks for automated map rebuilding. This is certainly 2985 not done yet. 2986 CONFIG: Have prog mailer specify a path of ``D=$z:/'' -- that is, 2987 user's home directory then the root. 2988 CONFIG: Log RFC 1413 identification in Received: line. 2989 29906.50/6.22 93/04/01 2991 Fixes to requeueing code to make it compute priority, nrcpts, 2992 and the like properly. 2993 29946.49/6.22 93/04/01 2995 Diagnose incorrect privacy flags. Suggested by Bryan Costales 2996 of ICSI. 2997 Some ANSI C fixes. 2998 Arrange to quote backslashes as well as other special characters 2999 in the phrase part of a route-addr. 3000 Some fixes to FallBackMX code suggested by Motonori Nakamura of 3001 Kyoto University. 3002 More vigorous zeroing of CurHostAddr to avoid logging of bogus 3003 host addresses when you are actually just printing 3004 information from the MCI structure; problem noted by 3005 Michael Corrigan of U.C. San Diego. 3006 Don't ignore rest of queue if any job is not runnable. This can 3007 also cause an incorrect job to be lost. Fix from 3008 Eric Wassenaar. 3009 Always respond "quickly" to RCPT command; do alias expansion and 3010 the like later. This also means that mail for lists that 3011 have errors will be acccepted, and an error sent back 3012 later. This is done by instantiating the queue file 3013 and then immediately running and requeueing it. 3014 30156.48/6.22 93/03/30 3016 Fix incorrect diagnosis of infinite loop in ruleset. Problem noted 3017 by several people. 3018 Improve information printed when infinite loops are discovered. 3019 Zero CurHostAddr to fix erroneous internet addresses in log when no 3020 addresses can be bound. Pointed out by Motonori Nakamura 3021 of Kyoto University. 3022 "Probe" SMTP connections using RSET instead of NOOP "just in case". 3023 Suggested by John Gardiner Myers of CMU. 3024 Don't warn about -f if you are setting sender to yourself. 3025 30266.47/6.22 93/03/29 3027 Fix incompatible call to endmailer in smtpquit which causes core 3028 dumps. Noted by Allan E Johannesen of WPI. 3029 HPUX portability changes from Michael J. Corrigan of UC San Diego. 3030 Require MAIL before RCPT command in srvrsmtp.c. This had been 3031 intentional from the 821 draft days when the order wasn't 3032 clear, but is silly now. 3033 Fix bug in nis_magic routine that was initializing parameters 3034 incorrectly. Fix from Takahiro Kanbe of Fuji Xerox 3035 Information Systems Co., Ltd. 3036 Change default for PrivacyFlags in conf.c to 0 -- since it always 3037 "or"s in new values, there was no way to turn off the 3038 AuthWarning stuff. 3039 Add O option to set SMTP daemon options. 3040 Add V option to set fallback MX host. This always sorts at lower 3041 priority than anything it gets from the name server. It 3042 should only be used for environments with very bad network 3043 connectivity. Requested by several people. 3044 Log sending info. It's not clear this is a good idea. 3045 CONFIG: fix typo in mailertable code. Noted by Phil Brandenberger 3046 of Swarthmore. 3047 CONFIG: add confDAEMON_OPTIONS and confFALLBACK_MX to set options 3048 O and V, respectively. 3049 30506.46/6.21 93/03/26 3051 Fix botch in server SMTP that broke transactions that did not 3052 use HELO first (like MH). Fix from Michael Corrigan 3053 of U.C. San Diego. 3054 Fall back to other MX records if there is an error anywhere 3055 in delivery (actually on MAIL or DATA -- RCPT is harder). 3056 Suggested by John Gardiner Myers and Motonori Nakamura. 3057 Revert to non-prototypes -- it turns out that our ANSI C 3058 compiler is more forgiving than most others about 3059 mixing prototyped extern declarations with non-prototyped 3060 function definitions. 3061 Fix a problem with multi-word class matching pointed out by 3062 Neil Rickert. Given: 3063 CX b a.b.c 3064 R$+ $=X $+ $: $1 < $2 > $3 3065 the input "user@a.b.c" failed instead of being properly 3066 rewritten as "user@a.<b>.c". 3067 Neil also convinced me that it was correct that $~ should match 3068 only one token -- the problem is that it's always possible 3069 to add another token, so $~ matches far too eagerly. 3070 30716.45/6.21 93/03/25 3072 Implement multi-word classes (properly!). 3073 30746.44/6.21 93/03/25 3075 Add X-Authentication-Warning: headers to clue users into possible 3076 attempts to forge mail. This is on the authwarnings 3077 privacy flag, but is the default. Suggested by Bryan 3078 Costales of ICSI. 3079 Pass default units for convtime in so they can be more reasonable. 3080 Allow config files to always add a new Comments: header (i.e., 3081 they will be added even if an old one already exists). 3082 Suggested by Bryan Costales of ICSI. 3083 Allow config files to delete an existing Return-Path: header. 3084 These should only be added at final delivery. Suggested 3085 by Bryan Costales of ICSI. 3086 Some debugging additions. Suggested by Bryan Costales of ICSI. 3087 Clean up logging of Family 0 addresses. Noted by David Muir 3088 Sharnoff and others. 3089 Add a "dequote" map class. This allows config files to strip 3090 quotes off of addresses. Note that this is not a builtin 3091 map, just a class -- so you have to define the map 3092 using the K line. 3093 Fix a bug in the queueup() loop getting a locked tf where in 3094 very odd cases it can fall off the bottom and core dump. 3095 Of course, it was P{r Emanuelsson who found it.... 3096 Open a new transcript when splitting an envelope. Problem found 3097 by Allan E Johannesen of WPI. 3098 Improved error output in endmailer if the mailer core dumps. 3099 CONFIG: Fix typo in UUCP mailer definition. 3100 CONFIG: Default several of the new options on: eight bit input, 3101 privacy flags set to "authwarnings", and message warning 3102 set to 4h. 3103 CONFIG: Use dequote map. 3104 31056.43/6.20 93/03/23 3106 Fix problem with assumption of an sa_len field in a generic 3107 sockaddr -- it turns out that most vendors haven't 3108 picked up this (very important) fix. 3109 Change compilation flags for daemon code -- select one or both 3110 of NETINET or NETISO, but don't ever set DAEMON manually. 3111 CONFIG: add FEATURE(mailertable) to do IDA-style mailertables. 3112 31136.42/6.19 93/03/19 3114 Use Postmaster as default fallback return address, not root. 3115 POSIX changes for file descriptor handling. 3116 Diagnose errors writing new queue file. 3117 If you change the owner using an owner- alias, also change the 3118 error mode to EM_MAIL so that errors don't get dropped 3119 into an inappropriate directory. Problem noted by 3120 Allan E Johannesen of WPI. 3121 If you are su'ed to root, send email as who you really are, not 3122 as root. From Brian Kantor of U.C. San Diego. 3123 Allow warning messages to be sent after a configurable interval 3124 has passed without delivery. The message is sent only 3125 once per envelope. This changes the format of the qf 3126 file to have an F line, and the format of the T option 3127 to accept take the format "return/warn" (both intervals). 3128 Don't force all local names to lower case -- this was left over 3129 from the wierd handling of case mapping on aliases. It 3130 is now driven (as expected) by the "u" mailer flag. 3131 Problem noted by P{r Emanuelsson. 3132 Fix problem that caused headers on returned email to be trashed; 3133 they were getting freed, but are still accessible via 3134 BlankEnvelope. 3135 Fix problem that caused bogus ids to be created on returned 3136 mail. 3137 Add support for ISO and other non-INET networking. This is by 3138 no means finished yet. This does assume a lot of other 3139 system support, like a version of gethostbyname that 3140 returns non-AF_INET addresses. 3141 CONFIG: change default on prog mailer to keep upper case in 3142 user names (i.e., in the program command line). 3143 CONFIG: strip trailing dots off of hosts in uucp mailer before 3144 convert to bang format. 3145 CONFIG: create new "relay" mailer for $R (LOCAL_RELAY) and $H 3146 (MAIL_HUB) delivery that doesn't add local domain. Note 3147 that this violates 821, but is probably "more correct" 3148 for what we are trying to do. Problem pointed out by 3149 Michael Graff of Iowa State. 3150 31516.41/6.18 93/03/18 3152 Clean up unnecessary creates of queue ids (i.e., empty qf files) 3153 when not needed, such as when starting up an SMTP 3154 connection. 3155 Fix problem where split envelopes aren't instantiated in the queue. 3156 This is quite a serious bug. 3157 Owner- aliases had problems with leading spaces causing a 3158 premature delimitation. 3159 31606.40/6.18 93/03/18 3161 Have ending 250 (after DATA) include the id; suggested by 3162 Brian Kantor of UC San Diego. 3163 Add logging on envelope splitting. 3164 Change queue ids to have one more letter encoding the hour of 3165 the day so that during a single day there is a greater 3166 likelihood of uniqueness; requested by Brian Kantor. 3167 31686.39/6.18 93/03/18 3169 Fix minor compile problem if LOCKF is defined. 3170 Define size of tobuf in conf.h. Observed by Toshinari Takahashi 3171 of Toshiba. 3172 Restore e_sender -- this is equivalent to e_from.q_paddr without 3173 decorations such as angle brackets and comments. 3174 OSF/1 on Alpha changes from Allan E Johannesen of WPI. 3175 CONFIG: fix typo in S3 for list syntax (;: => :;). Thanks to 3176 Christopher Hoover for noting the problem. 3177 31786.38/6.17 93/03/17 3179 Pass envelope to disconnect to avoid another use of CurEnv, which 3180 can apparently end up being null at inopportune times. 3181 Log "received from" as "relay=" for consistency (suggested by 3182 John Gardiner Myers). 3183 Fix major bug in header handling: if no From: line existed in 3184 the header (so sendmail inserts one), and the sender is 3185 an alias that has an owner, the From: line shows the 3186 owner (as well as the envelope). Fixed by early binding 3187 the headers (which will change debugging output). 3188 HPUX portability patches from Michael J. Corrigan of UC San Diego. 3189 Some attempts to adapt better to out of open file conditions. 3190 Some changes to ctladdr handling in queue files. 3191 31926.37/6.17 93/03/16 3193 MAJOR CHANGE: delete e_sender and e_returnpath (why are these 3194 different from e_from?) and $< macro. 3195 Log correct IP address in relay= field even if the connection 3196 times out. 3197 Log "received from [RESPONSE]" on EF_RESPONSE messages (from 3198 John Gardiner Myers). 3199 Fixes to SysExMsg logging (sometimes just got "message: %s" 3200 instead of "message: error message"), noted by Eric 3201 Wassenaar. Also reported by Motonori Nakamura. 3202 Improvements to MX piggybacking code, from Motonori Nakamura. 3203 Fix case where CurHostName points to an auto variable that has 3204 been deallocated (from Motonori Nakamura). 3205 Fix bug causing newlines to be included in aliases if option 3206 "n" (check alias RHS) is set; bug noted by David Muir 3207 Sharnoff. 3208 Fix problem causing user names that should be mapped to lower 3209 case to not be mapped if they are sent during a queue 3210 run. This greatly simplifies the case mapping code. 3211 Problem noted by Allan E Johannesen of WPI. 3212 Don't do recipient address rewriting in buildaddr. This 3213 improperly did recipient rewriting on sender addresses, 3214 and just seems bogus in general -- but the change could 3215 break some .cf files. 3216 Pass TZ envariable to child processes for System V. 3217 CONFIG: allow LOCAL_RULE_1 and LOCAL_RULE_2 if you want to 3218 define those rulesets. 3219 KNOWN PROBLEM: I have seen some problems on SunOS that causes 3220 the User Data Base to give errors on some addresses. I 3221 have tracked the problem back at least as far as 93.02.15 3222 (version 6.22). Running with debugging on makes it 3223 go away, so I conclude that it is referencing uninitialized 3224 stack data. I haven't been able to track this down yet. 3225 32266.36/6.16 93/03/08 3227 Allow local mailer to specify $@host -- this lets you assign the 3228 "foo" part of jgm+foo to $h for passing in to the local 3229 mailer. 3230 Additional debug printing in getcanonname (show query type). 3231 Don't add the e_fromdomain on sender addresses -- this interacts 3232 wierdly with the owner- code. 3233 Improve delivery logging to not log obvious or meaningless stuff. 3234 Include numeric IP address in Received: lines per RFC 1123 section 3235 5.2.8. 3236 Fixed a bug in checking stat() return value if restrictmailq is 3237 set. Also, check the entire group set instead of just the 3238 primary group. Both from John Gardiner Myers. 3239 Don't have usrerr automatically print errno, since this is often 3240 misleading. 3241 Use transienterror() in makeconnection after connect() fails and 3242 in openmailer after execve() fails (from Eric Wassenaar). 3243 Also moved transienterror() from util.c to conf.c. 3244 Clean up from= logging on response messages. 3245 Undo patch allowing prescan to return a null vector -- it breaks 3246 too many things. 3247 Config: FEATURE(notsticky) lets you use UDB for everything coming 3248 in to the machine, even if it is specifically targetted 3249 to this machine. Without it, UDB is bypassed if the user 3250 name is fully qualified. 3251 Config: fix another minor botch with <> (local mailer wasn't 3252 mapping them properly). 3253 32546.35/6.15 93/03/05 3255 Fix getrealhostname to return null if sinlen <= 0 -- this can 3256 occur if stdin is a pipe. 3257 Avoid infinite loop in getcanonname if name server return 3258 NO_DATA (for example). 3259 Config: avoid having C flag qualify list syntax and error syntax. 3260 32616.34/6.14 93/03/05 3262 Fix logging in deliver to not pass too many parameters to Ultrix 3263 versions of syslog. 3264 Don't write the pid file until after the daemon has actually 3265 opened and conditioned the connection. 3266 Consider addresses "different" if their q_uids differ (so that 3267 two users forwarding to the same program will be seen 3268 as different, rather than the same). 3269 Fix problem with bad parameters in main() -- they set ExitStat 3270 but don't exit. 3271 Fix null pointer references through RealHostName -- painfully 3272 discovered by Allan E Johannesen of WPI. 3273 Fix bug causing user@@localhost to core dump (yuch). 3274 Config: don't put two @host.dom.ain on users in $=E in SMTP 3275 mailer. Also, catch user@ (no host) in ruleset 0. 3276 32776.33/6.13 93/03/03 3278 Config: add confCW_FILE as the name of the cw configuration file 3279 (defaults to /etc/sendmail.cw). From P{r Emanuelsson. 3280 Allow prescan to return a pointer to an empty list -- this is 3281 not an error. Also, clean up error reporting to avoid 3282 double errors (prescan reports once, then the caller 3283 reports again). 3284 Changes to avoid trusting T_ANY queries -- run them, but if you 3285 don't get the info you expected, do T_A and T_MX queries 3286 anyhow. This also fixes an oversight where _res.options 3287 bits were being ignored. 3288 If PRIV_NOVRFY is set, use 252 response code instead of 502 per 3289 RFC 1123 section 5.2.3. It's not 100% clear that this 3290 is correct, but it probably works better with stupid 3291 mailers that do a VRFY and only check the first digit. 3292 32936.32/6.12 93/03/02 3294 Fix uninitialized variable "protocol" in smtp code. 3295 Include <unistd.h> in sendmail.h -- move towards POSIX/ANSI. 3296 Additional hooks for RFC 1427 (ESMTP SIZE extension). This 3297 includes requiring that enoughspace() know the system 3298 block size, which will undoubtedly break most ports. 3299 Trace flag 19 in use for srvrsmtp.c. 3300 Additional logging -- notably the sending mailer name. This 3301 also changes the delivery logging to strict field=value 3302 syntax. 3303 Fix some problems with messages getting sent even to addresses 3304 that had been marked bad -- from Eric Wassenaar. 3305 More WIDE changes: accept host name inside [...] as non-MXed 3306 host. This is intended ONLY for use inside firewalled 3307 environments, where the MX points at the gateway. 3308 Change .cf file conventions so that mapping for <> addresses 3309 don't have an @ in them (to avoid confusing the C mailer 3310 flag). Pointed out by Neil Rickert. 3311 Config extensions for Sam Leffler's FlexFAX software. 3312 33136.31/6.10 93/02/28 3314 Fix some more bugs in alias owner code -- there were some wierd 3315 cases where an error in a non-aliased name would override 3316 the return info in an aliased name with an owner. 3317 Changes from WIDE Project, forwarded to me by Motonori Nakamura: 3318 Log actual delivery host (after MX et al); from 3319 yasuhiro@dcl.co.jp. 3320 Log daemon startup. 3321 Deliver Postmaster copies without a body. 3322 Better logging of SMTP senders. 3323 Send all program email as daemon even when local. 3324 As requested in various forms from many people, accept -qIstring 3325 to limit queue runs to jobs with queue-id matching string. 3326 Similarly for -qRstring for recipients, -qSstring for 3327 senders. 3328 Initial hooks for ESMTP support (see RFC 1425). 3329 Fixed a syntax error in the UUCP mailer specification that caused 3330 core dumps on startup. 3331 Check for missing A= or P= arguments in mailer definitions. 3332 33336.30/6.10 93/02/27 3334 Require FROZENCONFIG compilation flag to include frozen 3335 configuration code. Frozen configuration is really 3336 not a very good idea any more, particularly in shared 3337 library environments. 3338 Do better checking of errno after opens of :include: and .forward 3339 files to defer delivery on network and other transient 3340 errors. Suggestion from Craig Everhart. 3341 Fix minor botch in read timeout macro processing. 3342 Add FEATURE(nouucp) to config files for sites that know absolutely 3343 nothing about UUCP. 3344 Add built cf files to distribution tape and clarify how to build 3345 them if you don't have the Berkeley make. 3346 Some sizeof(long) portability changes for the Alpha, from Allan 3347 E Johannesen. 3348 Add "restrictmailq" privacy flag -- if set, only people in the same 3349 group as your queue directory can print the queue. If you 3350 set this, be sure you also restrict access to log files.... 3351 Fix another bug in owner-list stuff that can cause data files to 3352 be "lost". 3353 Fix a bug with queue runs that cause forwards to yourself to go 3354 into alias/forwarding loops. I'm still iffy about this 3355 fix. 3356 Fix from Eric Wassenaar for suppression of return message code. 3357 33586.29/6.9 93/02/24 3359 Fix yet another problem in alias owner code -- put the wrong return 3360 address on the enclosed return-to-sender letter. 3361 33626.28/6.9 93/02/24 3363 Fix botch in alias owner code that caused it to not operate if the 3364 error was detected locally. 3365 33666.27/6.9 93/02/24 3367 M_LOCAL => M_LOCALMAILER to avoid conflict with Ultrix include 3368 file <sys/mount.h>. 3369 Miscellaneous bug fixes from Eric Wassenaar: 3370 sendmail -bv -t logs the from line even though in verify 3371 mode only. 3372 sendmail -v can go into queue mode if shouldqueue returns 3373 TRUE. 3374 Add route-addr pruning per RFC 1123 section 5.3.3. This can be 3375 disabled using the "R" option. 3376 Delete (always undocumented) -R flag (save original recipients); 3377 there are ways to syslog(3) these now. 3378 Clean up SMTP reply codes -- specify them as needed in the code, 3379 instead of in conf.c -- this was needed during the NCP to 3380 TCP transition, but seems silly now. This also changes 3381 parameters to message and nmessage. 3382 Have mailstats read the .cf file to find the sendmail.st file and 3383 get text versions of mailer names. An initial version of 3384 this code was provided by Tuominen Keijo (although the 3385 comments indicate the good bits were written by "E.V."). 3386 Add yet more System V compatibility hacks. 3387 Fix bug in VRFY code (assumes everything must be a local user). 3388 Allow specification of any of the hard-wired pathnames in the 3389 Makefile. 3390 Delete concept of "trusted users" -- this really didn't provide 3391 any security anyway, and caused some problems. 3392 Delete last vestige of support for the word "at" as an equivalent 3393 to the character "@". 3394 Propagate owner-foo alias information into the envelope sender. 3395 Based on code from John Gardiner Myers. This is a major 3396 semantic change -- beware! 3397 Allow $@ on LHS to indicate "match zero" -- this is used to match 3398 the null expression. 3399 34006.26/6.8 93/02/21 3401 Don't "lose" queue runs. Very important fix from (who else?) 3402 Eric Wassenaar. 3403 Completely reset state on RSET command -- from Eric Wassenaar. 3404 Send error messages and return receipts using an envelope sender 3405 of <> regardless of the setting of $n. Rewriting rules 3406 can undo this if they feel the necessity, as might be 3407 needed for networks that don't understand the syntax. 3408 This is permitted by RFC 821 section 3.6 and required by 3409 RFC 1123 section 5.3.3. THIS REQUIRES VERSION 4 CONFIG 3410 FILES because the rulesets must be able to parse <> 3411 properly. 3412 Don't ever send error messages to "<>" -- they will get sent to 3413 the local postmaster or dumped in /usr/tmp/dead.letter 3414 instead. Per RFC 1123 section 5.3.3. 3415 Explicitly check for email to yourself as a dotted quad. You 3416 have to call $[ [ ... ] $] to get this. 3417 Up the message timeout to five days per RFC 1123 section 5.3.1.1. 3418 Make all read timeouts individually configurable, as strongly 3419 recommended by RFC 1123 section 5.3.2. 3420 Use f_bavail (blocks available to regular users) instead of f_bfree 3421 (blocks available to superuser) in free block checks. 3422 Change $d macro to be the current time, not the origination time, 3423 since this is consistent with how it is used now. 3424 Generalization of enoughspace from Eric Wassenaar covering 3425 SGI, Apollo, HPUX, Ultrix, and SunOS. 3426 Ignore process group signals -- some front ends can do this if 3427 you kill a window too quickly. From Eric Wassenaar. 3428 Change umask to 022. 3429 34306.25/6.8 93/02/20 3431 Close all cached connections before calling mailers and after 3432 forking for delivery (caused double closes which resulted 3433 in false errors). 3434 Add FEATURE(redirect) in config files -- this allows you to alias 3435 old addresses to a pointer to the new address that will 3436 give a 551 error message, but not deliver the mail. 3437 Some code changes to make the 551 errors look pretty. 3438 Names of M4 program paths in config files have changed -- they 3439 are all XXX_MAILER_PATH now, to match XXX_MAILER_FLAGS. 3440 Fix a bug in the QSELFREF code having to do with empty .forward 3441 files, reported by Eric Wassenaar. 3442 Add option "p" (privacy flags); this allows you to tune how 3443 picky the SMTP server will be. This also adds the 3444 confPRIVACY_FLAGS M4 macro in the config files. 3445 Add option "b" (minimum blocks free). If there are fewer than 3446 this number of blocks free on the filesystem containing 3447 the queue directory, the SMTP MAIL command will return 3448 a 452 response and ask you to try again later. This 3449 also adds the confMIN_FREE_BLOCKS M4 macro in the config 3450 files. 3451 Made VRFY just verify (doesn't expand aliases and .forward files); 3452 EXPN does full expansion. RCPT in queue-only mode also 3453 doesn't chase aliases and .forward. 3454 34556.24/6.7 93/02/19 3456 Increase the number of domain search entries in domain.c to allow 3457 for the extra "" entry indicating the root domain. 3458 Reported by Motonori Nakamura of Kyoto U. 3459 Add a "SMART_HOST" in the configs for UUCP-connected sites that 3460 want to forward all mail with extra "@"s to that site. 3461 Also allows SMART_HOST, LOCAL_RELAY, and MAIL_HUB to 3462 be specified as ``mailer:hostname'' to use an alternate 3463 mailer. 3464 Clarified and updated some wording in the Operations Guide. 3465 Add the "c" mailer flag -- this suppresses all comment parts of 3466 addresses (requested by John Curran of NEARnet). 3467 Have -v print prompts in -bt mode even if stdin is not a terminal 3468 (default behaviour is to be silent if not reading from 3469 a terminal). Suggested by Bryan Costales, ICSI. 3470 Move the metacharacters from C0 space (\001-\037) into C1 space 3471 (\201-\237). This also fixes a bunch of potential bugs 3472 with G1 characters (\240-\276) in headers relating to 3473 negative numbers passed to isspace() et al. 3474 Add YP_LAST_MODIFIED and YP_MASTER_NAME to DBM version of alias 3475 database if YPCOMPAT is #defined. Enhancement from 3476 Takahiro Kanbe of Fuji Xerox Information Systems Co., Ltd. 3477 Add "list" Precedence (-30); this can be used with old sendmails 3478 which will map to precedence 0 (which will return error 3479 messages). Suggested by Stephen R. van den Berg. 3480 Many bug fixes from Eric Wassenaar of the National Institute for 3481 Nuclear and High-Energy Physics, Amsterdam: 3482 Clear timeouts properly on open failures in include(). 3483 Don't dereference through NULL if no home directory found. 3484 Re-establish SIGCHLD signal on System 5 in reapchild(). 3485 Avoid NULL pointer reference on -pFOO flag. 3486 Properly handle backslash escapes in comments. 3487 Correctly check reply status on SMTP NOOP command. 3488 Properly save SMTP error message if peer gives 3489 "Service Shutting Down" message. 3490 Avoid writing to the transcript if it couldn't be opened. 3491 Signal errors in SMTP children to parent properly. 3492 Handle self references in a list more globally (include a 3493 QSELFREF bit in the address flags). This enhancement 3494 was suggested by Eric Wassenaar. 3495 Use initgroups() in hpux, even though it's System-V based. The 3496 HASINITGROUPS compile flag can set this on other systems. 3497 This HPUX behaviour was pointed out by Eric Wassenaar. 3498 34996.23/6.6 93/02/16 3500 Clean up handling of LogLevel to make it easier to figure out 3501 what's on what level. 3502 Change log levels to have some consistency: 3503 1 serious system failures, security problems 3504 2 lost communications, protocol failures 3505 3 other serious failures 3506 4 minor errors 3507 5 message collection 3508 6 vrfy logging, creation of return-to-sender 3509 7 delivery failures 3510 8 delivery successes 3511 9 delivery tempfails (queue ups) 3512 10 database expansion 3513 >64 debugging 3514 Allow IDA-style separated processing on S= and R= in Mailer 3515 definition lines. Note that rulesets 1 and 2 are 3516 still used for both addresses as before. Bruce Lilly 3517 gave a convincing argument that RFC976 insists on 3518 this behaviour. 3519 Added some time zones to arpatounix -- they may not be in the 3520 standards, but they are in use. However, I may delete 3521 arpatounix entirely -- there appears to be no reason 3522 for it to exist. 3523 Change to UUCP mailer (in cf directory) to try to do a saner job. 3524 I'm still not certain about this mailer in general. 3525 35266.22/6.5 93/02/15 3527 Fix bug that prevents saving letters in ~/dead.letter. 3528 Don't add angle brackets in VRFY command if angle brackets already 3529 exist in the address. 3530 Fix bogus error message in udbexpand. 3531 Null terminate host buffers in buildaddr (broken in 6.21) -- 3532 IMPORTANT FIX!! 3533 35346.21/6.5 93/02/15 3535 Fix another incorrect error message in alias.c, found by Azuma 3536 Okamoto. 3537 Fix a couple of problems in the more-configurable config files, 3538 found by Tom Ivar Helbekkmo. 3539 Fix problem with quoted :include: entries. 3540 Don't duplicate the filename on verbose printing of .forward and 3541 :include: contents. 3542 Extend size of prescan buffer (to allow bigger addresses). Also, 3543 detect some buffer overflows. 3544 Log user SMTP protocol errors (log level 4). 3545 35466.20/6.4 93/02/14 3547 Fix another problem in the MCI state machine caused when there 3548 were errors generated from the other end to commands 3549 other than RCPT. 3550 35516.19/6.4 93/02/14 3552 Include load average support for DEC Alpha running OSF/1. 3553 Fix multiple-response problem with errors in MAIL From: line. 3554 Fix SMTP reply codes for invalid address syntaxes (give 501; 3555 never give multiple error messages for a single message). 3556 Fix problem where a cached connection timeout rejects all 3557 later connects to that host. 3558 Fix incorrect error message if alias.c is compiled with DBM only. 3559 Additional changes to fix nested conditionals (from Bruce Lilly). 3560 Recover more gracefully from operating system failures, particularly 3561 NULL returns from openmailer (from Noritoshi Demizu, 3562 OMRON Corporation). 3563 Log forward, alias, and userdb expand operations on log level 10; 3564 concept suggested by P{r (Pell) Emanuelsson. 3565 Changes for HPUX 8.07 compatibility. 3566 35676.18/6.4 93/02/12 3568 Allow any config option to be set using an M4 define. 3569 Change UNAME compile flag to HASUNAME for IDA compatibility 3570 (besides, it's a better name). 3571 Note in README that on SunOS it must be linked -Bstatic. 3572 Fairly major change in domain.c to handle wildcard MX records 3573 more rationally. NOTE: the "w" option (no wildcard MX 3574 records match local domain) has been eliminated. 3575 Fix some unset variable references pointed out by Bruce Lilly. 3576 Fix host name in process titles when using cached connection. 3577 35786.17/6.3 93/01/28 3579 Fix System 5 compatibility changes to be compatible with the rest 3580 of the world. 3581 35826.16/6.3 93/01/28 3583 Experimental fix for problem handling errors in the SMTP 3584 protocol in conjunction with connection caching. 3585 System 5 compatibility changes. 3586 35876.15/6.3 93/01/26 3588 Fix a bug that causes local mail delivered using -odq to be 3589 eliminated as a duplicate (because it matched the 3590 ctladdr, now passed in as a C line). These changes 3591 are pretty tricky...... 3592 35936.14/6.3 93/01/25 3594 Add debugging for some MCI errors. 3595 35966.13/6.3 93/01/22 3597 Fix -e compatibility flag to take a value. 3598 Fix a couple of minor compilation warnings on Sun cc. 3599 Improve error messages in a few cases to be more self-explanatory. 3600 36016.12/6.3 93/01/21 3602 Fix yet-another problem with environment handling, pointed out 3603 by Yoshitaka Tokugawa and Tom Ivar Helbekkmo. 3604 Some heuristics to try to limit resource exhaustion problems 3605 if a downstream host has been down for a long time. 3606 Fix problem with incorrect host name being logged in "Connection 3607 timed out" messages (from Tom Ivar Helbekkmo). 3608 Fix some ANSI C problems (from Takahiro Kanbe). 3609 Properly log message sender on returned mail during queue run. 3610 Count number of recipients properly. 3611 Fix a problem in yp map code. 3612 Diagnose "message timed out" (from Motonori Nakamura). 3613 36146.11/6.3 93/01/20 3615 Fix problem with address delimitor inside quotes. 3616 Define $k and $=k to be the UUCP name (from the uname call) 3617 based on code from Bruce Lilly. 3618 36196.10/6.2 93/01/18 3620 Implement arpatounix (largely code from Bruce Lilly). 3621 Log more info (suggested by John Myers). 3622 Allow nested $?...$|...$. (inspired by code from Bruce Lilly of 3623 Sony US). 3624 POSIX compatibility (noted by Keith Bostic). 3625 Handle SMTP MAIL command errors properly (urged by several people, 3626 notably John Myers of CMU). 3627 Do early diagnosis of .cf errors (notably referencing a RHS 3628 substitution that isn't on the LHS). 3629 Adjust checkpointing to better handle batched recipients, suggested 3630 by John Myers. 3631 Fix miscellaneous bugs. 3632 (config files:) Implement MAIL_HUB for all local mail (to handle 3633 NFS-mounted directories) as urged by Tom Ivar Helbekkmo 3634 of the Norwegian School of Economics. 3635 36366.9/6.1 93/01/13 3637 Environment handling simplification/bug fix -- child processes 3638 get a minimal, fixed environment. This avoids different 3639 behaviour in queue runs. 3640 Handle commas inside comments properly. 3641 Properly limit large messages submitted in -obq mode. 3642 36436.8/6.1 93/01/10 3644 Check mtime of thaw file against .cf and sendmail binary, based on 3645 code from John Myers. 3646 36476.7/6.1 93/01/10 3648 MX piggybacking, based on code from John Myers@CMU. 3649 Allow checkcompat to return -1 to mean tempfail. 3650 Bug fix in m_mno computation. 3651 36526.6/6.1 93/01/09 3653 Tuning of queueing functions as recommended by John Gardiner Myers. 3654 Return mail headers (no body) on messages with negative precedence. 3655 Minor other bug fixes. 3656 36576.5/6.1 93/01/03 3658 Fix botch causing queued headers to have ?XX? prefixes. 3659 36606.4/6.1 93/01/02 3661 Changes to recognize special mailer types (e.g., file) early. 3662 36636.3/6.1 93/01/01 3664 Pass timeouts to sfgets. 3665 Check for control characters in addresses. 3666 Fixed deferred error reporting. 3667 Report duplicate aliases. 3668 Handle mixed case recursive aliases. 3669 Misc bug fixes. 3670 36716.2/6.1 92/12/30 3672 Put return-receipt-to on a conf.c flag (but don't set it). 3673 Fix minor syslog problem. 3674