1 SENDMAIL RELEASE NOTES 2 @(#)RELEASE_NOTES 8.7.Beta (Berkeley) 05/27/95 3 4This listing shows the version of the sendmail binary, the version 5of the sendmail configuration files, the date of release, and a 6summary of the changes in that release. 7 88.7/8.7 95/xx/xx CURRENTLY IN BETA PRERELEASE!!! 9 Fix a problem that could cause sendmail to run out of file 10 descriptors due to a trashed data structure after a 11 vfork. Fix from Brian Coan of the Institute for 12 Global Communications. 13 Change the VRFY response if you have disabled VRFY -- some 14 people seemed to think that it was too rude. 15 Avoid reference to uninitialized file descriptor if HASFLOCK 16 was not defined. This was used "safely" in the sense 17 that it only did a stat, but it would have set the 18 map modification time improperly. Problem pointed out 19 by Roy Mongiovi of Georgia Tech. 20 Clean up the Subject: line on warning messages and return 21 receipts so that they don't say "Returned mail:"; this 22 can be confusing. 23 Move ruleset entry/exit debugging from 21.2 to 21.1 -- this is 24 useful enough to make it worthwhile printing on "-d". 25 Avoid logging alias statistics every time you read the alias 26 file on systems with no database method compiled in. 27 If you have a name with a trailing dot, and you try looking it 28 up using gethostbyname without the dot (for /etc/hosts 29 compatibility), be sure to turn off RES_DEFNAMES and 30 RES_DNSRCH to avoid finding the wrong name accidently. 31 Problem noted by Charles Amos of the University of 32 Maryland. 33 Don't do timeouts in collect if you are not running SMTP. 34 There is nothing that says you can't have a long 35 running program piped into sendmail (possibly via 36 /bin/mail, which just execs sendmail). Problem reported 37 by Don "Truck" Lewis of Silicon Systems. 38 Try gethostbyname() even if the DNS lookup fails iff option I 39 is not set. This allows you to have hosts listed in 40 NIS or /etc/hosts that are not known to DNS. It's normally 41 a bad idea, but can be useful on firewall machines. This 42 should really be broken out on a separate flag, I suppose. 43 Avoid compile warnings against BIND 4.9.3, which uses function 44 prototypes. From Don Lewis of Silicon Systems. 45 Avoid possible incorrect diagnosis of DNS-related errors caused 46 by things like attempts to resolve uucp names using 47 $[ ... $] -- the fix is to clear h_errno at appropriate 48 times. From Kyle Jones of UUNET. 49 SECURITY: avoid denial-of-service attacks possible by destroying 50 the alias database file by setting resource limits low. 51 This involves adding two new compile-time options: 52 HASSETRLIMIT (indicating that setrlimit(2) support is 53 available) and HASULIMIT (indicating that ulimit(2) support 54 is available -- the Release 3 form is used). The former 55 is assumed on BSD-based systems, the latter on System 56 V-based systems. Attack noted by Phil Brandenberger of 57 Swarthmore University. 58 New syntaxes in test (-bt) mode: 59 ``.Dmvalue'' will define macro "m" to "value". 60 ``.Ccvalue'' will add "value" to class "c". 61 ``.Sruleset'' will dump the contents of the indicated 62 ruleset. 63 ``-ddebug-spec'' is equivalent to the command-line 64 -d debug flag. 65 ``$m'' will print the value of macro "m". 66 ``/mx host'' returns the MX records for ``host''. 67 ``/try address'' will parse address, returning the value of 68 crackaddr (essentially, the comment information) 69 and the parsed address (the same as -bv). 70 Somewhat better handling of UNIX-domain socket addresses -- it 71 should show the pathname rather than hex bytes. 72 Restore ``-ba'' mode -- this reads a file from stdin and parses 73 the header for envelope sender information and uses 74 CR-LF as message terminators. It was thought to be 75 obsolete (used only for Arpanet NCP protocols), but it 76 turns out that the UK ``Grey Book'' protocols require 77 that functionality. 78 Fix a fix in previous release -- if gethostname and gethostbyname 79 return a name without dots, and if a DNS lookup of that 80 name fails, wait one minute and try again even if DNS 81 not specified in the config file -- the problem is that 82 this code is executed before the config file is read. 83 This can result in an extra 60 second delay on startup 84 if (1) you have DNS compiled in, (2) you are not running 85 DNS, (3) your system hostname (as returned by hostname(1)) 86 has no dot, AND (4) the canonical name listed in /etc/hosts 87 or your NIS map has no dot. 88 Check for proper domain name on HELO and EHLO commands per 89 RFC 1123 section 5.2.5. Problem noted by Thomas Dwyer III 90 of Michigan Technological University. 91 Relax chownsafe rules slightly -- old version said that if you 92 can't tell if _POSIX_CHOWN_RESTRICTED is set (that is, 93 if fpathconf returned EINVAL or ENOSYS), assume that 94 chown is not safe. The new version falls back to whether 95 you are on a BSD system or not. This is important for 96 SunOS, which apparently always returns one of those 97 error codes. This impacts whether you can mail to files 98 or not. 99 Syntax errors such as unbalanced parentheses in the configuration 100 file could be omitted if you had "Oem" prior to the 101 syntax error in the config file. Change to always print 102 the error message. It was especially wierd because it 103 would cause a "warning" message to be sent to the Postmaster 104 for every message sent (but with no transcript). Problem 105 noted by Gregory Paris of Motorola. 106 Rewrite collect and putbody to handle full 8-bit data, including 107 zero bytes. These changes are internally extensive, but 108 should have minimal impact on external function. 109 Allow full words for option names -- if the option letter is 110 (apparently) a space, then take the word following -- e.g., 111 O MatchGECOS=TRUE 112 The full list of old and new names is as follows: 113 7 SevenBitInput 114 8 EightBitMode 115 A AliasFile 116 a AliasWait 117 B BlankSub 118 b MinFreeBlocks/MaxMessageSize 119 C CheckpointInterval 120 c HoldExpensive 121 D AutoRebuildAliases 122 d DeliveryMode 123 E ErrorHeader 124 e ErrorMode 125 f SaveFromLine 126 F TempFileMode 127 G MatchGECOS 128 H HelpFile 129 h MaxHopCount 130 i IgnoreDots 131 I ResolverOptions 132 J ForwardPath 133 j SendMimeErrors 134 k ConnectionCacheSize 135 K ConnectionCacheTimeout 136 L LogLevel 137 l UseErrorsTo 138 m MeToo 139 n CheckAliases 140 O DaemonPortOptions 141 o OldStyleHeaders 142 P PostmasterCopy 143 p PrivacyOptions 144 Q QueueDirectory 145 q QueueFactor 146 R DontPruneRoutes 147 r, T Timeout 148 S StatusFile 149 s SuperSafe 150 t TimeZoneSpec 151 u DefaultUser 152 U UserDatabaseSpec 153 V FallbackMXhost 154 v Verbose 155 w TryNullMXList 156 x QueueLA 157 X RefuseLA 158 Y ForkEachJob 159 y RecipientFactor 160 z ClassFactor 161 Z RetryFactor 162 To avoid possible problems with an older sendmail, 163 configuration level 6 is accepted by this version of 164 sendmail; any config file using the new names should 165 specify "V6" in the configuration. 166 Change address parsing to properly note that a phrase before a 167 colon and a trailing semicolon are essentially the same 168 as text outside of angle brackets (i.e., sendmail should 169 treat them as comments). This is to handle the 170 ``group name: addr1, addr2, ..., addrN;'' syntax (it will 171 assume that ``group name:'' is a comment on the first 172 address and the ``;'' is a comment on the last address). 173 This requires config file support to get right. It does 174 understand that :: is NOT this syntax, and can be turned 175 off completely by setting the ColonOkInAddresses option. 176 Level 6 config files added with new mailer flags: 177 A Addresses are aliasable. 178 i Do udb rewriting on envelope as well as header 179 sender lines. Applies to the from address mailer 180 flags rather than the recipient mailer flags. 181 j Do udb rewriting on header recipient addresses. 182 Applies to the sender mailer flags rather than the 183 recipient mailer flags. 184 k Disable check for loops when doing HELO command. 185 o Always run as the mail recipient, even on local 186 delivery. 187 w Check for an /etc/passwd entry for this user. 188 5 Pass addresses through ruleset 5. 189 : Check for :include: on this address. 190 | Check for |program on this address. 191 / Check for /file on this address. 192 @ Look up sender header addresses in the user 193 database. Applies to the mailer flags for the 194 mailer corresponding to the envelope sender 195 address, rather than to recipient mailer flags. 196 Pre-level 6 configuration files set A, w, 5, :, |, /, and @ 197 on the "local" mailer, the o flag on the "prog" and "*file*" 198 mailers, and the ColonOkInAddresses option. 199 Eight-to-seven bit MIME conversions. This borrows ideas from 200 John Beck of Hewlett-Packard, who generously contributed 201 their implementation to me, which I then didn't use (see 202 mime.c for an explanation of why). This adds the 203 EightBitMode option (a.k.a. `8') and an F=8 mailer flag 204 to control handling of 8-bit data. These have to cope with 205 two types of 8-bit data: unlabelled 8-bit data (that is, 206 8-bit data that is entered without declaring it as 8-bit 207 MIME -- technically this is illegal according to the 208 specs) and labelled 8-bit data (that is, it was declared 209 as 8BITMIME in the ESMTP session or by using the 210 -B8BITMIME command line flag). If the F=8 mailer flag is 211 set then 8-bit data is sent to non-8BITMIME machines 212 instead of converting to 7 bit (essentially using 213 just-send-8 semantics). The values for EightBitMode are: 214 m convert unlabelled 8-bit input to 8BITMIME, and do 215 any necessary conversion of 8BITMIME to 7BIT 216 (essentially, the full MIME option). 217 p pass unlabelled 8-bit input, but convert labelled 218 8BITMIME input to 7BIT as required (default). 219 s strict adherence: reject unlabelled 8-bit input, 220 convert 8BITMIME to 7BIT as required. The F=8 221 flag is ignored. 222 Unlabelled 8-bit data is rejected in mode `s' regardless of 223 the setting of F=8. 224 Add new internal class 'n', which is the set of MIME Content-Types 225 which can not be 8 to 7 bit encoded because of other 226 considerations. Types "multipart/*" and "message/*" are 227 never directly encoded (although their components can be). 228 Add new internal class 'e'. This is the set of MIME 229 Content-Transfer-Encodings that can be converted to 230 a seven bit format (Quoted-Printable or Base64). It is 231 preinitialized to contain "7bit", "8bit", and "binary". 232 Add C=charset mailer parameter and the the DefaultCharSet option (no 233 short name) to set the default character set to use in the 234 Content-Type: header when doing encoding of an 8-bit message 235 which isn't marked as MIME into MIME format. If the C= 236 parameter is set on the Envelope From address, use that as 237 the default encoding; else use the DefaultCharSet option. 238 If neither is set, it defaults to "unknown-8bit" as 239 suggested by RFC 1428 section 3. 240 Allow ``U=user:group'' field in mailer definition to set a default 241 user and group that a mailer will be executed as. This 242 overrides the 'u' and 'g' options, and if the `F=S' flag is 243 also set, it is the uid/gid that will always be used (that 244 is, the controlling address is ignored). The values may be 245 numeric or symbolic; if only a symbolic user is given (no 246 group) that user's default group in the passwd file is used 247 as the group. Based on code donated by Chip Rosenthal of 248 Unicom. 249 Allow `u' option to also accept user:group as a value, in the same 250 fashion as the U= mailer option. 251 Add the symbolic time zone name in the Arpanet format dates (as 252 a comment). This adds a new compile-time configuration 253 flag: TZ_TYPE can be set to TZ_TM_NAME (use the value 254 of (struct tm *)->tm_name), TZ_TM_ZONE (use the value 255 of (struct tm *)->tm_zone), TZ_TZNAME (use extern char 256 *tzname[(struct tm *)->tm_isdst]), TZ_TIMEZONE (use 257 timezone()), or TZ_NONE (don't include the comment). Code 258 from Chip Rosenthal. 259 The "Timeout" option (formerly "r") is extended to allow suboptions. 260 For example, 261 O Timeout.helo = 2m 262 There are also two new suboptions "queuereturn" and 263 "queuewarn"; these subsume the old T option. Thus, to 264 set them both the preferred new syntax is 265 O Timeout.queuereturn = 5d 266 O Timeout.queuewarn = 4h 267 Sort queue by host name instead of by message priority if the 268 QueueSortOrder option (no short name) is set is set to 269 ``host''. This makes better use of the connection cache, 270 but may delay more ``interactive'' messages behind large 271 backlogs under some circumstances. This is probably a 272 good option if you have high speed links or don't do lots 273 of ``batch'' messages, but less good if you are using 274 something like PPP on a 14.4 modem. Based on code 275 contributed by Roy Mongiovi of Georgia Tech (my main 276 contribution was to make it configurable). 277 Save i-number of df file in qf file to simplify rebuilding of queue 278 after disasterous disk crash. Suggested by Kyle Jones of 279 UUNET; closely based on code from KJS DECWRL code written 280 by Paul Vixie. NOTA BENE: The qf files produced by 8.7 281 are NOT back compatible with 8.6 -- that is, you can convert 282 from 8.6 to 8.7, but not the other direction. 283 Add ``F=d'' mailer flag to disable all use of angle brackets in 284 route-addrs in envelopes; this is because in some cases 285 they can be sent to the shell, which interprets them as 286 I/O redirection. 287 Don't include error file (option E) with return-receipts; this 288 can be confusing. 289 Don't send "Warning: cannot send" messages to owner-* or 290 *-request addresses. Suggested by Christophe Wolfhugel 291 of the Institut Pasteur, Paris. 292 Allow -O command line flag to set long form options. 293 Add "MinQueueAge" option to set the minimum time between attempts 294 to run the queue. For example, if the queue interval 295 (-q value) is five minutes, but the minimum queue age 296 is fifteen minutes, jobs won't be tried more often than 297 once every fifteen minutes. This can be used to give 298 you more responsiveness if your delivery mode is set to 299 queue-only. 300 Allow "fileopen" timeout (default: 60 seconds) for opening 301 :include: and .forward files. 302 Add "-k", "-v", and "-z" flags to map definitions; these set the 303 key field name, the value field name, and the field 304 delimiter. The field delimiter can be a single character 305 or the sequence "\t" or "\n" for tab or newline. 306 These are for use by NIS+ and similar access methods. 307 Change maps to always strip quotes before lookups; the -q flag 308 turns off this behaviour. Suggested by Motonori Nakamura. 309 Add "nisplus" map class. Takes -k and -v flags to choose the 310 key and value field names respectively. Code donated by 311 Sun Microsystems. 312 Add "hesiod" map class. The "file name" is used as the 313 "HesiodNameType" parameter to hes_resolve(3). Returns the 314 first value found for the match. Code donated by Scott 315 Hutton of Indiana University. 316 Add "netinfo" (NeXT NetInfo) map class. Maps can have a -k flag to 317 specify the name of the property that is searched as the 318 key and a -v flag to specify the name of the property that 319 is returned as the value (defaults to "members"). The 320 default map is "/aliases". 321 Add "text" map class. This does slow, linear searches through 322 text files. The -z flag specifies a column delimiter 323 (defaults to any sequence of white space), the -k flag 324 sets the key column number, and the -v flag sets the 325 value column number. Lines beginning with `#' are treated 326 as comments. 327 Add "program" map class to execute arbitrary programs. The search 328 key is presented as the last argument; the output is one 329 line read from the programs standard output. Exit statuses 330 are from sysexits.h. 331 Add "sequence" map class -- searches maps in sequence until it 332 finds a match. For example, the declarations: 333 Kmap1 ... 334 Kmap2 ... 335 Kmapseq sequence map1 map2 336 defines a map "mapseq" that first searches map1; if the 337 value is found it is returned immediately, otherwise 338 map2 is searched and the value returned. 339 Add "switch" map class. This is much like "sequence" except that 340 the ordering is fetched from an external file, usually 341 the system service switch. The parameter is the name of 342 the service to switch on, and the maps that it will use 343 are this name followed by ".service_type". For example, 344 if the declaration of the map is 345 Ksample switch hosts 346 and the system service switch specifies that hosts are 347 looked up using dns and nis in that order, then this is 348 equivalent to 349 Ksample sequence hosts.dns hosts.nis 350 The subordinate maps must already be defined. 351 Add "user" map class -- looks up users using getpwnam. Takes a 352 "-v field" flag on the definition that tells what passwd 353 entry to return -- legal values are name, passwd, uid, gid, 354 gecos, dir, and shell. Generally expected to be used with 355 the -m (matchonly) flag. 356 Add "bestmx" map class -- returns the best MX value for the host 357 listed as the value. If there are several "best" MX records 358 for this host, one will be chosen at random. 359 Add "userdb" map class -- looks up entries in the user database. 360 The "file name" is actually the tag that will be used, 361 typically "mailname". If there are multiple entries 362 matching the name, the one chosen is undefined. 363 Add multiple queue timeouts (both return and warning). These are 364 set by the Precedence: or Priority: header fields to one of 365 three values. If a Priority: is set and has value "normal", 366 "urgent", or "non-urgent" the corresponding timeouts are 367 used. If no priority is set, the Precedence: is consulted; 368 if negative, non-urgent timeouts are used; if greater than 369 zero, urgent timeouts are used. Otherwise, normal timeouts 370 are used. The timeouts are set by setting the six timeouts 371 queue{warn,return}.{urgent,normal,non-urgent}. 372 Fix problem when a mail address is resolved to a $#error mailer 373 with a temporary failure indication; it works in SMTP, 374 but when delivering locally the mail is silently discarded. 375 This patch, from Kyle Jones of UUNET, bounces it instead 376 of queueing it (queueing is very hard). 377 When using /etc/hosts or NIS-style lookups, don't assume that 378 the first name in the list is the best one -- instead, 379 search for the first one with a dot. For example, if 380 an /etc/hosts entry reads 381 128.32.149.68 mammoth mammoth.CS.Berkeley.EDU 382 this change will use the second name as the canonical 383 machine name instead of the initial, unqualified name. 384 This heuristic is only used for finding your own name on 385 startup, when the system may not be fully configured yet. 386 Change dequote map to replace spaces in quoted text with a value 387 indicated by the -s flag on the dequote map definition. 388 For example, ``Mdequote dequote -s_'' will change 389 "Foo Bar" into an unquoted Foo_Bar instead of leaving it 390 quoted (because of the space character). Suggested by Dan 391 Oscarsson for use in X.400 addresses. 392 Implement long macro names as ${name}; long class names can 393 be similarly referenced as $={name} and $~{name}. 394 Definitions are (e.g.) ``D{name}value''. Names that have 395 a leading lower case letter or punctuation characters are 396 reserved for internal use by sendmail; i.e., config files 397 should use names that begin with a capital letter. Based 398 on code contributed by Dan Oscarsson. 399 Fix core dump if getgrgid returns a null group list (as opposed 400 to an empty group list, that is, a pointer to a list 401 with no members). Fix from Andrew Chang of Sun Microsystems. 402 Fix possible core dump if malloc fails -- if the malloc in xalloc 403 failed, it called syserr which called newstr which called 404 xalloc.... The newstr is now avoided for "panic" messages. 405 Reported by Stuart Kemp of James Cook University. 406 Improve connection cache timeouts; previously, they were not even 407 checked if you were delivering to anything other than an 408 IPC-connected host, so a series of (say) local mail 409 deliveries could cause cached connections to be open 410 much longer than the specified timeout. 411 If an incoming message exceeds the maximum message size, stop 412 writing the incoming bytes to the queue data file, since 413 this can fill your mqueue partition -- this is a possible 414 denial-of-service attack. 415 Don't reject all numeric local user names unless HESIOD is 416 defined. It turns out that Posix allows all-numeric 417 user names. Fix from Tony Sanders of BSDI. 418 Add service switch support. If the local OS has a service 419 switch (e.g., /etc/nsswitch.conf on Solaris) that will 420 be used; otherwise, it falls back to using a local 421 mechanism based on the ServiceSwitchFile option 422 (default: /etc/service.switch). For example, if the 423 service switch lists "files" and "nis" for the aliases 424 service, that will be the default lookup order. Note 425 that you can still stack aliases files however, although 426 you have to list them explicitly as "implicit:filename". 427 Option I (NameServerOptions) no longer sets the "UseNameServer" 428 variable which tells whether or not DNS should be considered 429 canonical. This is now determined based on whether or not 430 "dns" is in the service list for "hosts". 431 Add preliminary support for the ESMTP "DSN" extension (Delivery 432 Status Notifications). This is not yet a standard 433 and the implementation is for experimentation only. 434 For this reason it only announces itself as "X-DSN-0" 435 instead of "DSN". DSN notifications override 436 Return-Receipt-To:. 437 Add T=mtstype keyletter to mailer definitions to define the value 438 for the Final-MTS-Type: and Remote-MTS-Type: fields in the 439 DSN-standard return message. 440 Extend heuristic to force running in ESMTP mode to look for the 441 six-character string "ESMTP " anywhere in the 220 greeting 442 message (not just the second line). This is to provide 443 better compatibility with other ESMTP servers. 444 Print sequence number of job when running the queue so you can 445 easily see how much progress you have made. Suggested 446 by Peter Wemm of DIALix. 447 Map newlines to spaces in logged message-ids; some versions of 448 syslog truncate the rest of the line after newlines. 449 Suggested by Fletcher Mattox of U. Texas. 450 Move up forking for job runs so that if a message is split into 451 multiple envelopes you don't get "fork storms" -- this 452 also improves the connection cache utilization. 453 Accept "<<>>", "<<<>>>", and so forth as equivalent to "<>" for 454 the purposes of refusing to send error returns. Suggested 455 by Motonori Nakamura of Ritsumeikan University. 456 Relax rules on when a file can be written when referenced from 457 the aliases file: use the default uid/gid instead of the 458 real uid/gid. This allows you to create a file owned by 459 and writable only by the default uid/gid that will work 460 all the time (without having the setuid bit set). Change 461 suggested by Shau-Ping Lo and Andrew Cheng of Sun 462 Microsystems. 463 Add "DialDelay" option (no short name) to provide an "extra" 464 delay for dial on demand systems. If this is non-zero 465 and a connect fails, sendmail will wait this long and 466 then try again. If it takes longer than the kernel 467 timeout interval to establish the connection, this 468 option can give the network software time to establish 469 the link. The default units are seconds. 470 Move logging of sender information to be as early as possible; 471 previously, it could be delayed a while for SMTP mail 472 sent to aliases. Suggested by Brad Knowles of the 473 Defense Information Systems Agency. 474 Call res_init() before setting RES_DEBUG; this is required by 475 BIND 4.9.3, or so I'm told. From Douglas Anderson of 476 the National Computer Security Center. 477 Add xdelay= field in logs -- this is a transaction delay, telling 478 you how long it took to deliver to this address on the 479 last try. It is intended to be used for sorting mailing 480 lists to favor "quick" addresses. Provided for use by 481 the mailprio scripts (see below). 482 If a map cannot be opened, and that map is non-optional, and 483 an address requires that map for resolution, queue the 484 map instead of bouncing it. This involves creating a 485 pseudo-class of maps called "bogus-map" -- if a required 486 map cannot be opened, the class is changed to bogus-map; 487 all queries against bogus-map return "tempfail". The 488 bogus-map class is not directly accessible. A sample 489 implementation was donated by Jem Taylor of Glasgow 490 University Computing Service. 491 Don't make a bad ``MAIL FROM:'' address on one message blow away 492 other messages to the same host later in the queue. 493 Problem noted by Eric Prestemon of American University. 494 Fix a possible core dump when mailing to a program that talks 495 SMTP on its standard input. Fix from Keith Moore of 496 the University of Kentucky. 497 Make it possible to resolve filenames to $#local $: @ /filename; 498 previously, the "@" would cause it to not be recognized 499 as a file. Problem noted by Brian Hill of U.C. Davis. 500 Accept a -1 signal to re-exec the daemon. This only works if 501 argv[0] is a full path to sendmail. 502 Fix bug in "addr=..." field in O option on little-endian machines 503 -- the network number wasn't being converted to network 504 byte order. Patch from Kurt Lidl of Pix Technologies 505 Corporation. 506 Pre-initialize the resolver early on; this is to avoid a bug with 507 BIND 4.9.3 that can cause the _res.retry field to get 508 reset to zero, causing all name server lookups to time 509 out. Fix from Matt Day of Artisoft. 510 Restore T line (trusted users) in config file -- but instead of 511 locking out the -f flag, they just tell whether or not 512 an X-Authentication-Warning: will be added. This really 513 just creates new entries in class 't', so "Ft/file/name" 514 can be used to read trusted user names from a file. 515 Improve NEWDB alias file rebuilding so it will create them 516 properly if they do not already exist. This had been 517 a MAYBENEXTRELEASE feature in 8.6.9. 518 Check for @:@ entry in NIS maps before starting up to avoid 519 (but not prevent, sigh) race conditions. This ought to 520 be handled properly in ypserv, but isn't. Suggested by 521 Michael Beirne of Motorola. 522 Refuse connections if there isn't enough space on the filesystem 523 holding the queue. Contributed by Robert Dana of Wolf 524 Communications. 525 Skip checking for directory permissions in the path to a file 526 when checking for file permissions iff setreuid() 527 succeeded -- it is unnecessary in that case. This avoids 528 significant performance problems when looking for .forward 529 files. Based on a suggestion by Win Bent of USC. 530 Allow symbolic ruleset names. Syntax can be "Sname" to get an 531 arbitrary ruleset number assigned or "Sname = integer" 532 to assign a specific ruleset number. Reference is 533 $>name_or_number. Names can be composed of alphas, digits, 534 underscore, or hyphen (first character must be non-numeric). 535 Allow -o flag on AliasFile lines to make the alias file optional. 536 From Bryan Costales of ICSI. 537 Add NoRecipientAction option to handle the case where there is 538 no legal recipient header in the message. It can take 539 on values: 540 None Leave the message as is. The 541 message will be passed on even 542 though it is in technically 543 illegal syntax. 544 Add-To Add a To: header with any 545 recipients that it can find from 546 the envelope. This risks exposing 547 Bcc: recipients. 548 Add-Apparently-To Add an Apparently-To: header. This 549 has almost no redeeming social value, 550 and is provided only for back 551 compatibility. 552 Add-To-Undisclosed Add a header reading 553 To: undisclosed-recipients:; 554 which will have the effect of 555 making the message legal without 556 exposing Bcc: recipients. 557 Add-Bcc To add an empty Bcc: header. 558 There is a chance that mailers down 559 the line will delete this header, 560 which could cause exposure of Bcc: 561 recipients. 562 The default is NoRecipientAction=None. 563 Truncate (rather than delete) Bcc: lines in the header. This 564 should prevent later sendmails (at least, those that don't 565 themselves delete Bcc:) from considering this message to 566 be non-conforming -- although it does imply that non-blind 567 recipients can see that a Bcc: was sent, albeit not to whom. 568 Add SafeFileEnvironment option. If declared, files named as delivery 569 targets must be regular files in addition to the regular 570 checks. Also, if the option is non-null then it is used as 571 the name of a directory that is used as a chroot(2) 572 environment for the delivery; the file names listed in an 573 alias or forward should include the name of this root. 574 For example, if you run with 575 O SafeFileEnvironment=/arch 576 then aliases should reference "/arch/rest/of/path". If a 577 value is given, sendmail also won't try to save to 578 /usr/tmp/dead.letter (instead it just leaves the job in the 579 queue as Qfxxxxxx). Inspired by *Hobbit*'s sendmail patch kit. 580 Support -A flag for alias files; this will comma concatenate like 581 entries. For example, given the aliases: 582 list: member1 583 list: member2 584 and an alias file declared as: 585 OAhash:-A /etc/aliases 586 the final alias inserted will be "list: member1,member2"; 587 without -A you will get an error on the second and subsequent 588 alias for "list". Contributed by Bryan Costales of ICSI. 589 Line-buffer transcript file. Suggested by Liudvikas Bukys. 590 Fix a problem that could cause very long addresses to core dump in 591 some special circumstances. Problem pointed out by Allan 592 Johannesen. 593 (Internal change.) Change interface to expand() (macro expansion) 594 to be simpler and more consistent. 595 Delete check for funny qf file names. This didn't really give 596 any extra security and caused some people some problems. 597 (If you -really- want this, define PICKY_QF_NAME_CHECK 598 at compile time.) Suggested by Kyle Jones of UUNET. 599 (Internal change.) Change EF_NORETURN to EF_NO_BODY_RETN and 600 merge with DSN code; this is simpler and more consistent. 601 This may affect some people who have written their own 602 checkcompat() routine. 603 (Internal change.) Eliminate `D' line in qf file. The df file 604 is now assumed to be the same name as the qf file (with 605 the `q' changed to a `d', of course). 606 Avoid forking for delivery if all recipient mailers are marked as 607 "expensive" -- this can be a major cost on some systems. 608 Essentially, this forces sendmail into "queue only" mode 609 if all it is going to do is queue anyway. 610 Avoid sending a null message in some rather unusual circumstances 611 (specifically, the RCPT command returns a temporary 612 failure but the connection is lost before the DATA 613 command). Fix from Scott Hammond of Secure Computing 614 Corporation. 615 Change makesendmail to use a somewhat more rational naming scheme: 616 Makefiles and obj directories are named $os.$rel.$arch, 617 where $os is the operating system (e.g., SunOS), $rel is 618 the release number (e.g., 5.3), and $arch is the machine 619 architecture (e.g., sun4). Any of these can be omitted, 620 and anything after the first dot in a release number can 621 be replaced with "x" (e.g., SunOS.4.x.sun4). The previous 622 version used $os.$arch.$rel and was rather less general. 623 Ignore IDENT return value if the OSTYPE field returns "OTHER", 624 as indicated by RFC 1413. Pointed out by Kari Hurtta 625 of the Finnish Meteorological Institute. 626 Fix problem that could cause multiple responses to DATA command 627 on header syntax errors (e.g., lines beginning with colons). 628 Problem noted by Jens Thomassen of the University of Oslo. 629 Don't let null bytes in headers cause truncation of the rest of 630 the header. 631 Log Authentication-Warning:s. Suggested by Motonori Nakamura. 632 Increase timeouts on message data puts to allow time for receivers 633 to canonify addresses in headers on the fly. This is still 634 a rather ugly heuristic. From Motonori Nakamura. 635 Add "HasWildcardMX" suboption to ResolverOptions; if set, MX 636 records are not used when canonifying names. This is 637 useful if you have a wildcard MX record, although it 638 may cause other problems. In general, don't use wildcard 639 MX records. Patch from Motonori Nakamura. 640 Eliminate default two-line SMTP greeting message. Instead of 641 adding an extra "ESMTP spoken here" line, the word "ESMTP" 642 is added between the first and second word of the first 643 line of the greeting message (i.e., immediately after the 644 host name). This eliminates the need for the BROKEN_SMTP_PEERS 645 compile flag. Old sendmails won't see the ESMTP, but that's 646 acceptable because SIZE was the only useful extension that 647 old sendmails understand. 648 Avoid gethostbyname calls on UNIX domain sockets during SIGUSR1 649 invoked state dumps. From Masaharu Onishi. 650 Allow on-line comments in .forward and :include: files; they are 651 introduced by the string "<LWSP>#@#<LWSP>", where <LWSP> 652 is a space or a tab. This is intended for native 653 representation of non-ASCII sets such as Japanese, where 654 existing encodings would be unreadable or would lose 655 data -- for example, 656 <motonori@cs.ritsumei.ac.jp> NAKAMURA Motonori 657 (romanized/less information) 658 <motonori@cs.ritsumei.ac.jp> =?ISO-2022-JP?B?GyRCQ2ZCPBsoQg==?= 659 =?ISO-2022-JP?B?GyRCQUdFNRsoQg==?= 660 (with MIME encoding, not human readable) 661 <motonori@cs.ritsumei.ac.jp> #@# ^[$BCfB<^[(B ^[$BAGE5^[(B 662 (native encoding with ISO-2022-JP) 663 The last form is human readable in the Japanese environment. 664 Based on a fix from (surprise!) Motonori Nakamura. 665 Don't make SMTP error returns on MAIL FROM: line be "sticky" for all 666 messages to that host; these are most frequently associated 667 with addresses rather than the host, with the exception of 668 421 (service shutting down). The effect was to cause queues 669 to sometimes take an excessive time to flush. Reported by 670 Robert Sargent of Southern Geographics Technologies. 671 Add Nice=N mailer option to set the niceness at which a mailer will 672 run. 673 When looking for a default config file (that is, not specified using 674 a -C flag), try a configuration file name extended by the 675 binary version number -- e.g., sendmail.8.7.Alpha.9.cf, 676 sendmail.8.7.Alpha.cf, sendmail.8.7.cf, sendmail.8.cf, and 677 sendmail.cf in that order. This should make it easier to 678 test new versions in a shared environment. 679 Log queue runs that are skipped due to high loads. They are logged 680 at LOG_INFO priority iff the log level is > 8. Contributed 681 by Bruce Nagel of Data General. 682 Allow the error mailer to accept a DSN-style error status code 683 instead of an sysexits status code in the host part. 684 Anything with a dot will be interpreted as a DSN-style code. 685 Add new mailer flag: F=3 will tell translations to Quoted-Printable 686 to encode characters that might be munged by an EBCDIC system 687 in addition to the set required by RFC 1521. The additional 688 characters are !, ", #, $, @, [, \, ], ^, `, {, |, }, and ~. 689 (Think of "IBM 360" as the mnemonic for this flag.) 690 Change check for mailing to files to look for a pathname of [FILE] 691 rather than looking for the mailer named *file*. The mapping 692 of leading slashes still goes to the *file* mailer. This 693 allows you to implement the *file* mailer as a separate 694 program, for example, to insert a Content-Length: header 695 or do special security policy. However, note that the usual 696 initial checking for the file permissions is still done, and 697 the program in question needs to be very careful about how 698 it does the file write to avoid security problems. 699 Be able to read ~root/.forward even if the path isn't accessible to 700 regular users. This is disrecommended because sendmail 701 sometimes does not run as root (e.g., when an unsafe option 702 is specified on the command line), but should otherwise be 703 safe because .forward files must be owned by the user for 704 whom mail is being forwarded, and cannot be a symbolic link. 705 Suggested by Forrest Aldrich of Wang Laboratories. 706 Add new "HostsFile" option that is the pathname to the /etc/hosts 707 file. This is used for canonifying hostnames when the 708 service type is "files". 709 Implement programs on F (read class from file) line. The syntax is 710 Fc|/path/to/program to read the output from the program 711 into class "c". 712 Probe the network interfaces to find alternate names for this 713 host. Requires the SIOCGIFCONF ioctl call. Code 714 contributed by SunSoft. 715 Add "E" configuration line to set or propogate environment 716 variables into children. "E<envar>" will propogate 717 the named variable from the environment when sendmail 718 was invoked into any children it calls; "E<envar>=<value>" 719 sets the named variable to the indicated value. Any 720 variables not explicitly named will not be in the child 721 environment. However, sendmail still forces an 722 "AGENT=sendmail" environment variable, in part to enforce 723 at least one environment variable, since many programs and 724 libraries die horribly if this is not guaranteed. 725 Change heuristic for rebuilding both NEWDB and NDBM versions of 726 alias databases -- new algorithm looks for the substring 727 "/yp/" in the file name. This is more portable and involves 728 less overhead. Suggested by Motonori Nakamura. 729 Dynamically allocate the queue work list so that you don't lose 730 jobs in large queue runs. The old QUEUESIZE compile parameter 731 is replaced by QUEUESEGSIZE (the unit of allocation, which 732 should not need to be changed) and the MaxQueueRunSize option, 733 which is the absolute maximum number of jobs that will ever 734 be handled in a single queue run. Based on code contributed 735 by Brian Coan of the Institute for Global Communications. 736 Log message when a message is dropped because it exceeds the maximum 737 message size. Suggested by Leo Bicknell of Virginia Tech. 738 PORTABILITY FIXES: 739 Solaris 2 from Rob McMahon <cudcv@csv.warwick.ac.uk>. 740 System V Release 4 from Motonori Nakamura of Ritsumeikan 741 University. This expands the disk size 742 checking to include all (?) SVR4 configurations. 743 System V Release 4 from Kimmo Suominen -- initgroups(3) 744 and setrlimit(2) are both available. 745 System V Release 4 from sob@sculley.ffg.com -- some versions 746 apparently "have EX_OK defined in other headerfiles." 747 Linux Makefile typo. 748 Linux getusershell(3) is broken in Slackware 2.0 -- 749 from Andrew Pam of Xanadu Australia. 750 More Linux tweaking from John Kennedy of California State 751 University, Chico. 752 Cray changes from Eric Wassenaar: ``On Cray, shorts, 753 ints, and longs are all 64 bits, and all structs 754 are multiples of 64 bits. This means that the 755 sizeof operator returns only multiples of 8. 756 This requires adaptation of code that really 757 deals with 32 bit or 16 bit fields, such as IP 758 addresses or nameserver fields.'' 759 DG/UX 5.4.3 from Mark T. Robinson <mtr@ornl.gov>. To 760 get the old behaviour, use -DDGUX_5_4_2. 761 DG/UX hack: add _FORCE_MAIL_LOCAL_=yes environment 762 variable to fix bogus /bin/mail behaviour. 763 Tandem NonStop-UX from Rick McCarty <mccarty@mpd.tandem.com>. 764 This also cleans up some System V Release 4 compile 765 problems. 766 Solaris 2: sendmail.cw file should be in /etc/mail to 767 match all the other configuration files. Fix 768 from Glenn Barry of Emory University. 769 Solaris 2.3: compile problem in conf.c. Fix from Alain 770 Nissen of the University of Liege, Belgium. 771 Ultrix: freespace calculation was incorrect. Fix from 772 Takashi Kizu of Osaka University. 773 SVR4: running in background gets a SIGTTOU because the 774 emulation code doesn't realize that "getpeername" 775 doesn't require reading the file. Fix from Peter 776 Wemm of DIALix. 777 Solaris 2.3: due to an apparent bug in the socket emulation 778 library, sockets can get into a "wedged" state where 779 they just return EPROTO; closing and re-opening the 780 socket clears the problem. Fix from Bob Manson 781 of Ohio State University. 782 Hitachi 3050R & 3050RX running HI-UX/WE2: portability 783 fixes from Akihiro Hashimoto ("Hash") of Chiba 784 University. 785 AIX changes to allow setproctitle to work from Rainer Sch�pf 786 of Zentrum f�r Datenverarbeitung der Universit�t 787 Mainz. 788 SCO Unix from Chip Rosenthal of Unicom (code was using the 789 wrong statfs call). 790 ANSI C fixes from Adam Glass (NetBSD project). 791 Stardent Titan/ANSI C fixes from Kate Hedstrom of Rutgers 792 University. 793 DG-UX fixes from Bruce Nagel of Data General. 794 IRIX64 updates from Mark Levinson of the University of 795 Rochester Medical Center. 796 Altos System V (``the first UNIX/XENIX merge the Altos 797 did for their Series 1000 & Series 2000 line; 798 their merged code was licenced back to AT&T and 799 Microsoft and became System V release 3.2'') from 800 Tim Rice <timr@crl.com>. 801 OSF/1 running on Intel Paragon from Jeff A. Earickson 802 <jeff@ssd.intel.com> of Intel Scalable Systems 803 Divison. 804 Amdahl UTS System V 2.1.5 (SVr3-based) from Janet Jackson 805 <janet@dialix.oz.au>. 806 System V Release 4 (statvfs semantic fix) from Alain 807 Durand of I.M.A.G. 808 HP-UX 10.x multiprocessor load average changes from 809 Scott Hutton and Jeff Sumler of Indiana University. 810 Cray CSOS from Scott Bolte of Cray Computer Corporation. 811 Unicos 8.0 from Douglas K. Rand of the University of North 812 Dakota, Scientific Computing Center. 813 Solaris 2.4 fixes from Sanjay Dani of Dani Communications. 814 ConvexOS 11.0 from Christophe Wolfhugel. 815 IRIX 4.0.5 from David Ashton-Reader of CADcentre. 816 ISC UNIX from J. J. Bailey. 817 HP-UX 9.xx on the 8xx series machines from Remy Giraud 818 of Meteo France. 819 HP-UX configuration from Tom Lane <tgl@sss.pgh.pa.us>. 820 IRIX 5.2 and 5.3 from Kari E. Hurtta. 821 FreeBSD 2.0 from Mike Hickey of Federal Data Corporation. 822 Sony NEWS-OS 4.2.1R and 6.0.3 from Motonori Nakamura. 823 Omron LUNA unios-b, mach from Motonori Nakamura. 824 NEC EWS-UX/V 4.2 from Motonori Nakamura. 825 NeXT 2.1 from Bryan Costales. 826 AUX patch thanks to Mike Erwin of Apple Computer. 827 HP-UX 10.0 from John Beck of Hewlett-Packard. 828 Ultrix: allow -DBROKEN_RES_SEARCH=0 if you are using a 829 non-DEC resolver. Suggested by Allan Johannesen. 830 MAKEMAP: allow -d flag to allow insertion of duplicate aliases 831 in type ``btree'' maps. The semantics of this are undefined 832 for regular maps, but it can be useful for the user database. 833 MAKEMAP: lock database file while rebuilding to avoid sendmail 834 lookups while the rebuild is going on. There is a race 835 condition between the open(... O_TRUNC ...) and the lock 836 on the file, but it should be quite small. 837 SMRSH: sendmail restricted shell added to the release. This can 838 be used as an alternative to /bin/sh for the "prog" mailer, 839 giving the local administrator more control over what 840 programs can be run from sendmail. 841 CONTRIB: a patch to rmail.c from Bill Gianopoulos of Raytheon 842 to allow rmail to compile on systems that don't have 843 function prototypes and systems that don't have snprintf. 844 CONTRIB: add the "mailprio" scripts that will help you sort mailing 845 lists by transaction delay times so that addresses that 846 respond quickly get sent first. This is to prevent very 847 sluggish servers from delaying other peoples' mail. 848 Contributed by Tony Sanders of BSDI. 849 CONTRIB: add the "bsdi.mc" file as contributed by Tony Sanders 850 of BSDI. This has a lot of comments to help people out. 851 CONFIG: fix mail from <> so it will properly convert to 852 MAILER-DAEMON on local addresses. 853 CONFIG: fix code that was supposed to catch colons in host 854 names. Problem noted by John Gardiner Myers of CMU. 855 CONFIG: allow use of SMTP_MAILER_MAX in nullclient configuration. 856 From Paul Riddle of the University of Maryland, Baltimore 857 County. 858 CONFIG: Catch and reject "." as a host address. 859 CONFIG: Generalize domaintable to look up all domains, not 860 just unqualified ones. 861 CONFIG: Delete OLD_SENDMAIL support -- as near as I can tell, it 862 was never used and didn't work anyway. 863 CONFIG: Set flags A, w, 5, :, /, |, and @ on the "local" mailer 864 and d on all mailers in the UUCP class. 865 CONFIG: Allow "user+detail" to be aliased specially: it will first 866 look for an alias for "user+detail", then for "user+*", and 867 finally for "user". This is intended for forwarding mail 868 for system aliases such as root and postmaster to a 869 centralized hub. 870 CONFIG: add confEIGHT_BIT_HANDLING to set option 8 (see above). 871 CONFIG: add smtp8 mailer; this has the F=8 (just-send-8) flag set. 872 The F=8 flag is also set on the "relay" mailer, since 873 this is expected to be another sendmail. 874 CONFIG: avoid qualifying all UUCP addresses sent via SMTP with 875 the name of the UUCP_RELAY -- in some cases, this is the 876 wrong value (e.g., when we have local UUCP connections), 877 and this can create unreplyable addresses. From Chip 878 Rosenthal of Unicom. 879 CONFIG: add confRECEIVED_HEADER to change the format of the 880 Received: header inserted into all messages. Suggested by 881 Gary Mills of the University of Manitoba. 882 CONFIG: Make "notsticky" the default; use FEATURE(stickyhost) 883 to get the old behaviour. I did this upon observing 884 that almost everyone needed this feature, and that the 885 concept I was trying to make happen didn't work with 886 some user agents anyway. FEATURE(notsticky) still works, 887 but it is a no-op. 888 CONFIG: Add LUSER_RELAY -- the host to which unrecognized user 889 names are sent, rather than immediately diagnosing them 890 as User Unknown. 891 CONFIG: Add SMTP_MAILER_ARGS, ESMTP_MAILER_ARGS, SMTP8_MAILER_ARGS, 892 and RELAY_MAILER_ARGS to set the arguments for the 893 indicated mailers. All default to "IPC $h". Patch from 894 Larry Parmelee of Cornell University. 895 CONFIG: pop mailer needs F=n flag to avoid "annoying side effects 896 on the client side" and F=P to get an appropriate 897 return-path. From Kimmo Suominen. 898 CONFIG: add FEATURE(local_procmail) to use the procmail program 899 as the local mailer. For addresses of the form "user+detail" 900 the "detail" part is passed to procmail via the -a flag. 901 Contributed by Kimmo Suominen. 902 CONFIG: add MAILER(procmail) to add an interface to procmail for 903 use from mailertables. This lets you execute arbitrary 904 procmail scripts. Contributed by Kimmo Suominen. 905 CONFIG: add T= fields (MTS type) to local, smtp, and uucp mailers. 906 CONFIG: add OSTYPE(ptx2) for DYNIX/ptx 2.x from Sequent. From 907 Paul Southworth of CICNet Systems Support. 908 CONFIG: use -a$g as default to UUCP mailers, instead of -a$f. 909 This causes the null return path to be rewritten as 910 MAILER-DAEMON; otherwise UUCP gets horribly confused. 911 From Michael Hohmuth of Technische Universitat Dresden. 912 CONFIG: Add FEATURE(bestmx_is_local) to cause any hosts that 913 list us as the best possible MX record to be treated as 914 though they were local (essentially, assume that they 915 are included in $=w). This can cause additional DNS 916 traffic, but is easier to administer if this fits your 917 local model. It does not work reliably if there are 918 multiple hosts that share the best MX preference. 919 Code contributed by John Oleynick of Rutgers. 920 CONFIG: Add FEATURE(smrsh) to use smrsh (the SendMail Restricted 921 SHell) instead of /bin/sh as the program used for delivery 922 to programs. If an argument is included, it is used as 923 the path to smrsh; otherwise, /usr/local/etc/smrsh is 924 assumed. 925 CONFIG: Add LOCAL_MAILER_MAX and PROCMAILER_MAILER_MAX to limit the 926 size of messages to the local and procmail mailers 927 respectively. Contributed by Brad Knowles of the Defense 928 Information Systems Agency. 929 CONFIG: Handle leading ``phrase:'' and trailing ``;'' as comments 930 (just like text outside of angle brackets) in order to 931 properly deal with ``group: addr1, ... addrN;'' syntax. 932 CONFIG: Require OSTYPE macro (the defaults really don't apply to 933 any real systems any more) and tweak the DOMAIN macro 934 so that it is less likely that users will accidently use 935 the Berkeley defaults. Also, create some generic files 936 that really can be used in the real world. 937 CONFIG: Add new configuration macros to set character sets for 938 messages _arriving from_ various mailers: LOCAL_MAILER_CHARSET, 939 SMTP_MAILER_CHARSET, and UUCP_MAILER_CHARSET. 940 CONFIG: Change UUCP_MAX_SIZE to UUCP_MAILER_MAX for consistency. 941 The old name will still be accepted for a while at least. 942 CONFIG: Implement DECNET_RELAY as spec for host to which DECNET 943 mail (.DECNET pseudo-domain or node::user) will be sent. 944 As with all relays, it can be ``mailer:hostname''. Suggested 945 by Scott Hutton. 946 CONFIG: Add MAILER(mail11) to get DECnet support. Code contributed 947 by Barb Dijker of Labyrinth Computer Services. 948 CONFIG: change confCHECK_ALIASES to default to False -- it has poor 949 performance for large alias files, and this confused many 950 people. 951 NEW FILES: 952 cf/cf/cs-hpux10.mc 953 cf/cf/cs-solaris2.mc 954 cf/cf/generic-hpux10.mc 955 cf/cf/generic-hpux9.mc 956 cf/cf/generic-osf1.mc 957 cf/cf/generic-solaris2.mc 958 cf/cf/generic-sunos4.1.mc 959 cf/cf/generic-ultrix4.mc 960 cf/cf/huginn.cs.mc 961 cf/domain/berkeley-only.m4 962 cf/domain/generic.m4 963 cf/feature/bestmx_is_local.m4 964 cf/feature/local_procmail.m4 965 cf/feature/smrsh.m4 966 cf/feature/stickydomain.m4 967 cf/mailer/mail11.m4 968 cf/mailer/procmail.m4 969 cf/ostype/amdahl-uts.m4 970 cf/ostype/hpux10.m4 971 cf/ostype/ptx2.m4 972 cf/ostype/unknown.m4 973 contrib/bsdi.mc 974 contrib/mailprio 975 contrib/rmail.oldsys.patch 976 smrsh/README 977 smrsh/smrsh.8 978 smrsh/smrsh.c 979 src/Makefiles/Makefile.CSOS 980 src/Makefiles/Makefile.EWS-UX_V 981 src/Makefiles/Makefile.IRIX.5.x 982 src/Makefiles/Makefile.IRIX64 983 src/Makefiles/Makefile.ISC 984 src/Makefiles/Makefile.NEWS-OS.4.x 985 src/Makefiles/Makefile.NEWS-OS.6.x 986 src/Makefiles/Makefile.NonStop-UX 987 src/Makefiles/Makefile.Paragon 988 src/Makefiles/Makefile.SunOS.5.3 989 src/Makefiles/Makefile.SunOS.5.4 990 src/Makefiles/Makefile.UNIX_SV.4.2.i386 991 src/Makefiles/Makefile.uts.systemV 992 src/mime.c 993 test/t_seteuid.c 994 RENAMED FILES: 995 cf/cf/alpha.mc => cf/cf/s2k-osf1.mc 996 cf/cf/chez.mc => cf/cf/chez.cs.mc 997 cf/cf/hpux-cs-exposed.mc => cf/cf/cs-hpux9.mc 998 cf/cf/osf1-cs-exposed.mc => cf/cf/cs-osf1.mc 999 cf/cf/s2k.mc => cf/cf/s2k-ultrix4.mc 1000 cf/cf/sunos4.1-cs-exposed.mc => cf/cf/cs-sunos4.1.mc 1001 cf/cf/ultrix4.1-cs-exposed.mc => cf/cf/cs-ultrix4.mc 1002 cf/cf/vangogh.mc => cf/cf/vangogh.cs.mc 1003 cf/domain/Berkeley.m4 => cf/domain/Berkeley.EDU.m4 1004 cf/domain/cs-exposed.m4 => cf/domain/CS.Berkeley.EDU.m4 1005 cf/domain/eecs-hidden.m4 => cf/domain/EECS.Berkeley.EDU.m4 1006 cf/domain/s2k.m4 => cf/domain/S2K.Berkeley.EDU.m4 1007 cf/ostype/hpux.m4 => cf/ostype/hpux9.m4 1008 cf/ostype/ultrix4.1.m4 => cf/ostype/ultrix4.m4 1009 src/Makefile.* => src/Makefiles/Makefile.* 1010 src/Makefile.SunOS.4.0.3 => src/Makefiles/Makefile.SunOS.4.0 1011 OBSOLETED FILES: 1012 cf/cf/cogsci.mc 1013 cf/cf/cs-exposed.mc 1014 cf/cf/cs-hidden.mc 1015 cf/cf/hpux-cs-hidden.mc 1016 cf/cf/knecht.mc 1017 cf/cf/osf1-cs-hidden.mc 1018 cf/cf/sunos3.5-cs-exposed.mc 1019 cf/cf/sunos3.5-cs-hidden.mc 1020 cf/cf/sunos4.1-cs-hidden.mc 1021 cf/cf/ultrix4.1-cs-hidden.mc 1022 cf/domain/cs-hidden.m4 1023 contrib/rcpt-streaming 1024 src/Makefiles/Makefile.SunOS.5.x 1025 10268.6.12/8.6.12 95/03/28 1027 Fix to IDENT code (it was getting the size of the reply buffer 1028 too small, so nothing was ever accepted). Fix from several 1029 people, including Allan Johannesen, Shane Castle of the 1030 Boulder County Information Services, and Jeff Smith of 1031 Warwick University (all arrived within a few hours of 1032 each other!). 1033 Fix a problem that could cause large jobs to run out of 1034 file descriptors on systems that use vfork() rather 1035 than fork(). 1036 10378.6.11/8.6.11 95/03/08 1038 The ``possible attack'' message would be logged more often 1039 than necessary if you are using Pine as a user agent. 1040 The wrong host would be reported in the ``possible attack'' 1041 message when attempted from IDENT. 1042 In some cases the syslog buffer could be overflowed when 1043 reporting the ``possible attack'' message. This can 1044 cause denial of service attacks. Truncate the message 1045 to 80 characters to prevent this problem. 1046 When reading the IDENT response a loop is needed around the 1047 read from the network to ensure that you don't get 1048 partial lines. 1049 Password entries without any shell listed (that is, a null 1050 shell) wouldn't match as "ok". Problem noted by 1051 Rob McMahon. 1052 When running BIND 4.9.x a problem could occur because the 1053 _res.options field is initialized differently than it 1054 was historically -- this requires that sendmail call 1055 res_init before it tweaks any bits. 1056 Fix an incompatibility in openxscript() between the file open mode 1057 and the stdio mode passed to fdopen. This caused UnixWare 1058 2.0 to have conniptions. Fix from Martin Sohnius of 1059 Novell Labs Europe. 1060 Fix problem with static linking of local getopt routine when 1061 using GNU's ld command. Fix from John Kennedy of 1062 Cal State Chico. 1063 It was possible to turn off privacy flags. Problem noted by 1064 *Hobbit*. 1065 Be more paranoid about writing files. Suggestions by *Hobbit* 1066 and Liudvikas Bukys. 1067 MAKEMAP: fixes for 64 bit machines (DEC Alphas in particular) 1068 from Spider Boardman. 1069 CONFIG: No changes (version number only, to keep it in sync 1070 with the binaries). 1071 10728.6.10/8.6.10 95/02/10 1073 SECURITY: Diagnose bogus values to some command line flags that 1074 could allow trash to get into headers and qf files. 1075 Validate the name of the user returned by the IDENT protocol. 1076 Some systems that really dislike IDENT send intentionally 1077 bogus information. Problem pointed out by Michael Bushnell 1078 of the Free Software Foundation. Has some security 1079 implications. 1080 Fix a problem causing error messages about DNS problems when 1081 the host name contained a percent sign to act oddly 1082 because it was passed as a printf-style format string. 1083 In some cases this could cause core dumps. 1084 Avoid possible buffer overrun in returntosender() if error 1085 message is quite ling. From Fletcher Mattox of the 1086 University of Texas. 1087 Fix a problem that would silently drop "too many hops" error 1088 messages if and only if you were sending to an alias. 1089 From Jon Giltner of the University of Colorado and 1090 Dan Harton of Oak Ridge National Laboratory. 1091 Fix a bug that caused core dumps on some systems if -d11.2 was 1092 set and e->e_message was null. Fix from Bruce Nagel of 1093 Data General. 1094 Fix problem that can still cause df files to be left around 1095 after "hop count exceeded" messages. Fix from Andrew 1096 Chang and Shau-Ping Lo of SunSoft. 1097 Fix a problem that can cause buffer overflows on very long 1098 user names (as might occur if you piped to a program 1099 with a lot of arguments). 1100 Avoid returning an error and re-queueing if the host signature 1101 is null; this can occur on addresses like ``user@.''. 1102 Problem noted by Wesley Craig and the University of 1103 Michigan. 1104 Avoid possible calls to malloc(0) if MCI caching is turned 1105 off. Bug fix from Pierre David of the Laboratoire 1106 Parallelisme, Reseaux, Systemes et Modelisation (PRiSM), 1107 Universite de Versailles - St Quentin, and Jacky 1108 Thibault. 1109 Make a local copy of the line being sent via senttolist() -- in 1110 some cases, buffers could get trashed by map lookups 1111 causing it to do unexpected things. This also simplifies 1112 some of the map code. 1113 CONFIG: No changes (version number only, to keep it in sync 1114 with the binaries). 1115 11168.6.9/8.6.9 94/04/19 1117 Do all mail delivery completely disconnected from any terminal. 1118 This provides consistency with daemon delivery and 1119 may have some security implications. 1120 Make sure that malloc doesn't get called with zero size, 1121 since that fails on some systems. Reported by Ed 1122 Hill of the University of Iowa. 1123 Fix multi-line values for $e (SMTP greeting message). Reported 1124 by Mike O'Connor of Ford Motor Company. 1125 Avoid syserr if no NIS domain name is defined, but the map it 1126 is trying to open is optional. From Win Bent of USC. 1127 Changes for picky compilers from Ed Gould of Digital Equipment. 1128 Hesiod support for UDB from Todd Miller of the University of 1129 Colorado. Use "hesiod" as the service name in the U 1130 option. 1131 Fix a problem that failed to set the "authentic" host name (that 1132 is, the one derived from the socket info) if you called 1133 sendmail -bs from inetd. Based on code contributed by 1134 Todd Miller (this problem was also reported by Guy Helmer 1135 of Dakota State University). This also fixes a related 1136 problem reported by Liudvikas Bukys of the University of 1137 Rochester. 1138 Parameterize "nroff -h" in all the Makefiles so people with 1139 variant versions can use them easily. Suggested by 1140 Peter Collinson of Hillside Systems. 1141 SMTP "MAIL" commands with multiple ESMTP parameters required two 1142 spaces between parameters instead of one. Reported by 1143 Valdis Kletnieks of Virginia Tech. 1144 Reduce the number of system calls during message collection by 1145 using global timeouts around the collect() loop. This 1146 code was contributed by Eric Wassenaar. 1147 If the initial hostname name gathering results in a name 1148 without a dot (usually caused by NIS misconfiguration) 1149 and BIND is compiled in, directly access DNS to get 1150 the canonical name. This should make life easier for 1151 Solaris systems. If it still can't be resolved, and 1152 if the name server is listed as "required", try again 1153 in 30 seconds. If that also fails, exit immediately to 1154 avoid bogus "config error: mail loops back to myself" 1155 messages. 1156 Improve the "MAIL DELETED BECAUSE OF LACK OF DISK SPACE" error 1157 message to explain how much space was available and 1158 sound a bit less threatening. Suggested by Stan Janet 1159 of the National Institute of Standards and Technology. 1160 If mail is delivered to an alias that has an owner, deliver any 1161 requested return-receipt immediately, and strip the 1162 Return-Receipt-To: header from the subsequent message. 1163 This prevents a certain class of denial of service 1164 attack, arguably gives more reasonable semantics, and 1165 moves things more towards what will probably become a 1166 network standard. Suggested by Christopher Davis of 1167 Kapor Enterprises. 1168 Add a "noreceipts" privacy flag to turn off all return receipts 1169 without recompiling. 1170 Avoid printing ESMTP parameters as part of the error message 1171 if there are errors during parsing. This change is 1172 purely cosmetic. 1173 Avoid sending out error messages during the collect phase of 1174 SMTP; there is an MVS mailer from UCLA that gets 1175 confused by this. Of course, I think it's their bug.... 1176 Check for the $j macro getting undefined, losing a dot, or getting 1177 lost from $=w in the daemon before accepting a connection; 1178 if it is, it dumps state, prints a LOG_ALERT message, 1179 and drops core for debugging. This is an attempt to 1180 track down a bug that I thought was long since gone. 1181 If you see this, please forward the log fragment to 1182 sendmail@CS.Berkeley.EDU. 1183 Change OLD_NEWDB from a #ifdef to a #if so it can be turned off 1184 with -DOLD_NEWDB=0 on the command line. From Christophe 1185 Wolfhugel. 1186 Instead of trying to truncate the listen queue for the server 1187 SMTP port when the load average is too high, just close 1188 the port completely and reopen it later as needed. 1189 This ensures that the other end gets a quick "connection 1190 refused" response, and that the connection can be 1191 recovered later. In particular, some socket emulations 1192 seem to get confused if you tweak the listen queue 1193 size around and can never start listening to connections 1194 again. The down side is that someone could start up 1195 another daemon process in the interim, so you could 1196 have multiple daemons all not listening to connections; 1197 this could in turn cause the sendmail.pid file to be 1198 incorrect. A better approach might be to accept the 1199 connection and give a 421 code, but that could break 1200 other mailers in mysterious ways and have paging behaviour 1201 implications. 1202 Fix a glitch in TCP-level debugging that caused flag 16.101 to 1203 set debugging on the wrong socket. From Eric Wassenaar. 1204 When creating a df* temporary file, be sure you truncate any 1205 existing data in the file -- otherwise system crashes 1206 and the like could result in extra data being sent. 1207 DOC: Replace the CHANGES-R5-R8 readme file with a paper in the 1208 doc directory. This includes some additional 1209 information. 1210 CONFIG: change UUCP rules to never add $U! or $k! on the front 1211 of recipient envelope addresses. This should have been 1212 handled by the $&h trick, but broke if people were 1213 mixing domainized and UUCP addresses. They should 1214 probably have converted all the way over to uucp-uudom 1215 instead of uucp-{new,old}, but the failure mode was to 1216 loop the mail, which was bad news. 1217 Portability fixes: 1218 Newer BSDI systems (several people). 1219 Older BSDI systems from Christophe Wolfhugel. 1220 Intergraph CLIX, from Paul Southworth of CICNet. 1221 UnixWare, from Evan Champion. 1222 NetBSD from Adam Glass. 1223 Solaris from Quentin Campbell of the University of 1224 Newcastle upon Tyne. 1225 IRIX from Dean Cookson and Bill Driscoll of Mitre 1226 Corporation. 1227 NCR 3000 from Kevin Darcy of Chrysler Financial Corporation. 1228 SunOS (it has setsid() and setvbuf() calls) from 1229 Jonathan Kamens of OpenVision Technologies. 1230 HP-UX from Tor Lillqvist. 1231 New Files: 1232 src/Makefile.CLIX 1233 src/Makefile.NCR3000 1234 doc/changes/Makefile 1235 doc/changes/changes.me 1236 doc/changes/changes.ps 1237 12388.6.8/8.6.6 94/03/21 1239 SECURITY: it was possible to read any file as root using the 1240 E (error message) option. Reported by Richard Jones; 1241 fixed by Michael Corrigan and Christophe Wolfhugel. 1242 12438.6.7/8.6.6 94/03/14 1244 SECURITY: it was possible to get root access by using wierd 1245 values to the -d flag. Thanks to Alain Durand of 1246 INRIA for forwarding me the notice from the bugtraq 1247 list. 1248 12498.6.6/8.6.6 94/03/13 1250 SECURITY: the ability to give files away on System V-based 1251 systems proved dangerous -- don't run as the owner 1252 of a :include: file on a system that allows giveaways. 1253 Unfortunately, this also applies to determining a 1254 valid shell. 1255 IMPORTANT: Previous versions weren't expiring old connections 1256 in the connection cache for a long time under some 1257 circumstances. This could result in resource exhaustion, 1258 both at your end and at the other end. This checks the 1259 connections for timeouts much more frequently. From 1260 Doug Anderson of NCSC. 1261 Fix a glitch that snuck in that caused programs to be run as 1262 the sender instead of the recipient if the mail was 1263 from a local user to another local user. From 1264 Motonori Nakamura of Kyoto University. 1265 Fix "wildcard" on /etc/shell matching -- instead of looking 1266 for "*", look for "/SENDMAIL/ANY/SHELL/". From 1267 Bryan Costales of ICSI. 1268 Change the method used to declare the "statfs" availability; 1269 instead of HASSTATFS and/or HASUSTAT with a ton of 1270 tweaking in conf.c, there is a single #define called 1271 SFS_TYPE which takes on one of six values (SFS_NONE 1272 for no statfs availability, SFS_USTAT for the ustat(2) 1273 syscall, SFS_4ARGS for a four argument statfs(2) call, 1274 and SFS_VFS, SFS_MOUNT, or SFS_STATFS for a two argument 1275 statfs(2) call with the declarations in <sys/vfs.h>, 1276 <sys/mount.h>, or <sys/statfs.h> respectively). 1277 Fix glitch in NetInfo support that could return garbage if 1278 there was no "/locations/sendmail" property. From 1279 David Meyer of the University of Virginia. 1280 Change HASFLOCK from defined/not-defined to a 0/1 definition 1281 to allow Linux to turn it off even though it is a 1282 BSD-like system. 1283 Allow setting of "ident" timeout to zero to turn off the ident 1284 protocol entirely. 1285 Make 7-bit stripping local to a connection (instead of to a 1286 mailer); this allows you to specify that SMTP is a 1287 7-bit channel, but revert to 8-bit should it advertise 1288 that it supports 8BITMIME. You still have to specify 1289 mailer flag 7 to get this stripping at all. 1290 Improve makesendmail script so it handles more cases automatically. 1291 Tighten up restrictions on taking ownership of :include: files 1292 to avoid problems on systems that allow you to give away 1293 files. 1294 Fix a problem that made it impossible to rebuild the alias 1295 file if it was on a read-only file system. From 1296 Harry Edmon of the University of Washington. 1297 Improve MX randomization function. From John Gardiner Myers 1298 of CMU. 1299 Fix a minor glitch causing a bogus message to be printed (used 1300 %s instead of %d in a printf string for the line number) 1301 when a bad queue file was read. From Harry Edmon. 1302 Allow $s to remain NULL on locally generated mail. I'm not 1303 sure this is necessary, but a lot of people have complained 1304 about it, and there is a legitimate question as to whether 1305 "localhost" is legal as an 822-style domain. 1306 Fix a problem with very short line lengths (mailer L= flag) in 1307 headers. This causes a leading space to be added onto 1308 continuation lines (including in the body!), and also 1309 tries to wrap headers containing addresses (From:, To:, 1310 etc) intelligently at the shorter line lengths. Problem 1311 Reported by Lars-Johan Liman of SUNET Operations Center. 1312 Log the real user name when logging syserrs, since these can have 1313 security implications. Suggested by several people. 1314 Fix address logging of cached connections -- it used to always 1315 log the numeric address as zero. This is a somewhat 1316 bogus implementation in that it does an extra system 1317 call, but it should be an inexpensive one. Fix from 1318 Motonori Nakamura. 1319 Tighten up handling of short syslog buffers even more -- there 1320 were cases where the outgoing relay= name was too long 1321 to share a line with delay= and mailer= logging. 1322 Limit the overhead on split envelopes to one open file descriptor 1323 per envelope -- previously the overhead was three 1324 descriptors. This was in response to a problem reported 1325 by P{r (Pell) Emanuelsson. 1326 Fixes to better handle the case of unexpected connection closes; 1327 this redirects the output to the transcript so the info 1328 is not lost. From Eric Wassenaar. 1329 Fix potential string overrun if you macro evaluate a string that 1330 has a naked $ at the end. Problem noted by James Matheson 1331 <jmrm@eng.cam.ac.uk>. 1332 Make default error number on $#error messages 553 (``Requested 1333 action not taken: mailbox name not allowed'') instead of 1334 501 (``Syntax error in parameters or arguments'') to 1335 avoid bogus "protocol error" messages. 1336 Strip off any existing trailing dot on names during $[ ... $] 1337 lookup. This prevents it from ending up with two dots 1338 on the end of dot terminated names. From Wesley Craig 1339 of the University of Michigan and Bryan Costales of ICSI. 1340 Clean up file class reading so that the debugging information is 1341 more informative. It hadn't been using setclass, so you 1342 didn't see the class items being added. 1343 Avoid core dump if you are running a version of sendmail where 1344 NIS is compiled in, and you specify an NIS map, but 1345 NIS is not running. Fix from John Oleynick of 1346 Rutgers. 1347 Diagnose bizarre case where res_search returns a failure value, 1348 but sets h_errno to a success value. 1349 Make sure that "too many hops" messages are considered important 1350 enough to send an error to the Postmaster (that is, the 1351 address specified in the P option). This fix should 1352 help problems that cause the df file to be left around 1353 sometimes -- unfortunately, I can't seem to reproduce 1354 the problem myself. 1355 Avoid core dump (null pointer reference) on EXPN command; this 1356 only occurred if your log level was set to 10 or higher 1357 and the target account was an alias or had a .forward file. 1358 Problem noted by Janne Himanka. 1359 Avoid "denial of service" attacks by someone who is flooding your 1360 SMTP port with bad commands by shutting the connection 1361 after 25 bad commands are issued. From Kyle Jones of 1362 UUNET. 1363 Fix core dump on error messages with very long "to" buffers; 1364 fmtmsg overflows the message buffer. Fixed by trimming 1365 the to address to 203 characters. Problem reported by 1366 John Oleynick. 1367 Fix configuration for HASFLOCK -- there were some spots where 1368 a #ifndef was incorrectly #ifdef. Pointed out by 1369 George Baltz of the University of Maryland. 1370 Fix a typo in savemail() that could cause the error message To: 1371 lists to be incorrect in some places. From Motonori 1372 Nakamura. 1373 Fix a glitch that can cause duplicate error messages on split 1374 envelopes where an address on one of the lists has a 1375 name server failure. Fix from Voradesh Yenbut of the 1376 University of Washington. 1377 Fix possible bogus pointer reference on ESMTP parameters that 1378 don't have an ``=value'' part. 1379 CNAME loops caused an error message to be generated, but also 1380 re-queued the message. Changed to just re-queue the 1381 message (it's really hard to just bounce it because 1382 of the wierd way the name server works in the presence 1383 of CNAME loops). Problem noted by James M.R.Matheson 1384 of Cambridge University. 1385 Avoid giving ``warning: foo owned process doing -bs'' messages 1386 if they use ``MAIL FROM:<foo>'' where foo is their true 1387 user name. Suggested by Andreas Stolcke of ICSI. 1388 Change the NAMED_BIND compile flag to be a 0/1 flag so you can 1389 override it easily in the Makefile -- that is, you can 1390 turn it off using -DNAMED_BIND=0. 1391 If a gethostbyname(...) of an address with a trailing dot fails, 1392 try it without the trailing dot. This is because if 1393 you have a version of gethostbyname() that falls back 1394 to NIS or the /etc/hosts file it will fail to find 1395 perfectly reasonable names that just don't happen to 1396 be dot terminated in the hosts file. You don't want to 1397 strip the dot first though because we're trying to ensure 1398 that country names that match one of your subdomains get 1399 a chance. 1400 PRALIASES: fix bogus output on non-null-terminated strings. 1401 From Bill Gianopoulos of Raytheon. 1402 CONFIG: Avoid rewriting anything that matches $w to be $j. 1403 This was in code intended to only catch the self-literal 1404 address (that is, [1.2.3.4], where 1.2.3.4 is your 1405 IP address), but the code was broken. However, it will 1406 still do this if $M is defined; this is necessary to 1407 get client configurations to work (sigh). Note that this 1408 means that $M overrides :mailname entries in the user 1409 database! Problem noted by Paul Southworth. 1410 CONFIG: Fix definition of Solaris help file location. From 1411 Steve Cliffe <steve@gorgon.cs.uow.edu.au>. 1412 CONFIG: Fix bug that broke news.group.USENET mappings. 1413 CONFIG: Allow declaration of SMTP_MAILER_MAX, FAX_MAILER_MAX, 1414 and USENET_MAILER_MAX to tweak the maximum message 1415 size for various mailers. 1416 CONFIG: Change definition of USENET_MAILER_ARGS to include argv[0] 1417 instead of assuming that it is "inews" for consistency 1418 with other mailers. From Michael Corrigan of UC San Diego. 1419 CONFIG: When mail is forwarded to a LOCAL_RELAY or a MAIL_HUB, 1420 qualify the address in the SMTP envelope as user@{relay|hub} 1421 instead of user@$j. From Bill Wisner of The Well. 1422 CONFIG: Fix route-addr syntax in nullrelay configuration set. 1423 CONFIG: Don't turn off case mapping of user names in the local 1424 mailer for IRIX. This was different than most every other 1425 system. 1426 CONFIG: Avoid infinite loops on certainly list:; syntaxes in 1427 envelope. Noted by Thierry Besancon 1428 <besancon@excalibur.ens.fr>. 1429 CONFIG: Don't include -z by default on uux line -- most systems 1430 don't want it set by default. Pointed out by Philippe 1431 Michel of Thomson CSF. 1432 CONFIG: Fix some bugs with mailertables -- for example, if your 1433 host name was foo.bar.ray.com and you matched against 1434 ".ray.com", the old implementation bound %1 to "bar" 1435 instead of "foo.bar". Also, allow "." in the mailertable 1436 to match anything -- essentially, take over SMART_HOST. 1437 This also moves matching of explicit local host names 1438 before the mailertable so they don't have to be special 1439 cased in the mailertable data. Reported by Bill 1440 Gianopoulos of Raytheon; the fix for the %1 binding 1441 problem was contributed by Nicholas Comanos of the 1442 University of Sydney. 1443 CONFIG: Don't include "root" in class $=L (users to deliver 1444 locally, even if a hub or relay exists) by default. 1445 This is because of the known bug where definition of 1446 both a LOCAL_RELAY and a MAIL_HUB causes $=L to ignore 1447 both and deliver into the local mailbox. 1448 CONFIG: Move up bitdomain and uudomain handling so that they 1449 are done before .UUCP class matching; uudomain was 1450 reported as ineffective before. This also frees up 1451 diversion 8 for future use. Problem reported by Kimmo 1452 Suominen. 1453 CONFIG: Don't try to convert dotted IP address (e.g., [1.2.3.4]) 1454 into host names. As pointed out by Jonathan Kamens, 1455 these are often used because either the forward or reverse 1456 mapping is broken; this translation makes it broken again. 1457 DOC: Clarify $@ and $: in the Install & Op Guide. From Kimmo 1458 Suominen. 1459 Portability fixes: 1460 Unicos from David L. Kensiski of Sterling Sofware. 1461 DomainOS from Don Lewis of Silicon Systems. 1462 GNU m4 1.0.3 from Karst Koymans of Utrecht University. 1463 Convex from Kimmo Suominen <kim@tac.nyc.ny.us>. 1464 NetBSD from Adam Glass <glass@sun-lamp.cs.berkeley.edu>. 1465 BSD/386 from Tony Sanders of BSDI. 1466 Apollo from Eric Wassenaar. 1467 DGUX from Doug Anderson. 1468 Sequent DYNIX/ptx 2.0 from Tim Wright of Sequent. 1469 NEW FILES: 1470 src/Makefile.DomainOS 1471 src/Makefile.PTX 1472 src/Makefile.SunOS.5.1 1473 src/Makefile.SunOS.5.2 1474 src/Makefile.SunOS.5.x 1475 src/mailq.1 1476 cf/ostype/domainos.m4 1477 doc/op/Makefile 1478 doc/intro/Makefile 1479 doc/usenix/Makefile 1480 14818.6.5/8.6.5 94/01/13 1482 Security fix: /.forward could be owned by anyone (the test 1483 to allow root to own any file was backwards). From 1484 Bob Campbell at U.C. Berkeley. 1485 Security fix: group ids were not completely set when programs 1486 were invoked. This caused programs to have group 1487 permissions they should not have had (usually group 1488 daemon instead of their own group). In particular, 1489 Perl scripts would refuse to run. 1490 Security: check to make sure files that are written are not 1491 symbolic links (at least under some circumstances). 1492 Although this does not respond to a specific known 1493 attack, it's just a good idea. Suggested by 1494 Christian Wettergren. 1495 Security fix: if a user had an NFS mounted home directory on 1496 a system with a restricted shell listed in their 1497 /etc/passwd entry, they could still execute any 1498 program by putting that in their .forward file. 1499 This fix prevents that by insisting that their shell 1500 appear in /etc/shells before allowing a .forward to 1501 execute a program or write a file. You can disable 1502 this by putting "*" in /etc/shells. It also won't 1503 permit world-writable :include: files to reference 1504 programs or files (there's no way to disable this). 1505 These behaviours are only one level deep -- for 1506 example, it is legal for a world-writable :include: 1507 file to reference an alias that writes a file, on 1508 the assumption that the alias file is well controlled. 1509 Security fix: root was not treated suspiciously enough when 1510 looking into subdirectories. This would potentially 1511 allow a cracker to examine files that were publically 1512 readable but in a non-publically searchable directory. 1513 Fix a problem that causes an error on QUIT on a cached 1514 connection to create problems on the current job. 1515 These are typically unrelated, so errors occur in 1516 the wrong place. 1517 Reset CurrentLA in sendall() -- this makes sendmail queue 1518 runs more responsive to load average, and fixes a 1519 problem that ignored the load average in locally 1520 generated mail. From Eric Wassenaar. 1521 Fix possible core dump on aliases with null LHS. From 1522 John Orthoefer of BB&N. 1523 Revert to using flock() whenever possible -- there are just 1524 too many bugs in fcntl() locking, particularly over 1525 NFS, that cause sendmail to fail in perverse ways. 1526 Fix a bug that causes the connection cache to get confused 1527 when sending error messages. This resulted in 1528 "unexpected close" messages. It should fix itself 1529 on the following queue run. Problem noted by 1530 Liudvikas Bukys of the University of Rochester. 1531 Include $k in $=k as documented in the Install & Op Guide. 1532 This seems odd, but it was documented.... From 1533 Michael Corrigan of UCSD. 1534 Fix problem that caused :include:s from alias files to be 1535 forced to be owned by root instead of daemon 1536 (actually DefUid). From Tim Irvin. 1537 Diagnose unrecognized I option values -- from Mortin Forssen 1538 of the Chalmers University of Technology. 1539 Make "error" mailer work consistently when there is no error 1540 code associated with it -- previously it returned OK 1541 even though there was a real problem. Now it assumes 1542 EX_UNAVAILABLE. 1543 Fix bug that caused the last header line of messages that had 1544 no body and which were terminated with EOF instead of 1545 "." to be discarded. Problem noted by Liudvikas Bukys. 1546 Fix core dump on SMTP mail to programs that failed -- it tried 1547 to go to a "next MX host" when none existed, causing 1548 a core dump. From der Mouse at McGill University. 1549 Change IDENTPROTO from a defined/not defined to a 0/1 switch; 1550 this makes it easier to turn it off (using 1551 -DIDENTPROTO=0 in the Makefile). From der Mouse. 1552 Fix YP_MASTER_NAME store to use the unupdated result of 1553 gethostname() (instead of myhostname(), which tries 1554 to fully qualify the name) to be consistent with 1555 SunOS. If your hostname is unqualified, this fixes 1556 transfers to slave servers. Bug noted by Keith 1557 McMillan of Ameritech Services, Inc. 1558 Fix Ultrix problem: gethostbyname() can return a very large 1559 (> 500) h_length field, which causes the sockaddr 1560 to be trashed. Use the size of the sockaddr instead. 1561 Fix from Bob Manson of Ohio State. 1562 Don't assume "-a." on host lookups if NAMED_BIND is not 1563 defined -- this confuses gethostbyname on hosts 1564 file lookups, which doesn't understand the trailing 1565 dot convention. 1566 Log SMTP server subprocesses that die with a signal instead 1567 of from a clean exit. 1568 If you don't have option "I" set, don't assume that a DNS 1569 "host unknown" message is authoritative -- it 1570 might still be found in /etc/hosts. 1571 Fix a problem that would cause Deferred: messages to be sent 1572 as the subject of an error message, even though the 1573 actual cause of a message was more severe than that. 1574 Problem noted by Chris Seabrook of OSSI. 1575 Fix race condition in DBM alias file locking. From Kyle 1576 Jones of UUNET. 1577 Limit delivery syslog line length to avoid bugs in some 1578 versions of syslog(3). This adds a new compile time 1579 variable SYSLOG_BUFSIZE. From Jay Plett of Princeton 1580 University, which is in turn derived from IDA. 1581 Fix quotes inside of comments in addresses -- previously 1582 it insisted that they be balanced, but the 822 spec 1583 says that they should be ignored. 1584 Dump open file state to syslog upon receiving SIGUSR1 (for 1585 debugging). This also evaluates ruleset 89, if set 1586 (with the null input), and logs the result. This 1587 should be used sparingly, since the rewrite process 1588 is not reentrant. 1589 Change -qI, -qR, and -qS flags to be case-insensitive as 1590 documented in the Bat Book. 1591 If the mailer returned EX_IOERR or EX_OSERR, sendmail did not 1592 return an error message and did not requeue the message. 1593 Fix based on code from Roland Dirlewanger of 1594 Reseau Regional Aquarel, Bordeaux, France. 1595 Fix a problem that caused a seg fault if you got a 421 error 1596 code during some parts of connection initialization. 1597 I've only seen this when talking to buggy mailers on 1598 the other end, but it shouldn't give a seg fault in 1599 any case. From Amir Plivatsky. 1600 Fix core dump caused by a ruleset call that returns null. 1601 Fix from Bryan Costales of ICSI. 1602 Full-Name: field was being ignored. Fix from Motonori Nakamura 1603 of Kyoto University. 1604 Fix a possible problem with very long input lines in setproctitle. 1605 From P{r Emanuelsson. 1606 Avoid putting "This is a warning message" out on return receipts. 1607 Suggested by Douglas Anderson. 1608 Detect loops caused by recursive ruleset calls. Suggested by 1609 Bryan Costales. 1610 Initialize non-alias maps during alias rebuilds -- they may be 1611 needed for parsing. Problem noted by Douglas Anderson. 1612 Log sender address even if no message was collected in SMTP 1613 (e.g., if all RCPTs failed). Suggested by Motonori 1614 Nakamura. 1615 Don't reflect the owner-list contents into the envelope sender 1616 address if the value contains ", :, /, or | (to avoid 1617 illegal addresses appearing there). 1618 Efficiency hack for toktype macro -- from Craig Partridge of 1619 BB&N. 1620 Clean up DNS error printing so that a host name is always 1621 included. 1622 Remember to set $i during queue runs. Reported by Stephen 1623 Campbell of Dartmouth University. 1624 If ${HOSTALIASES} is set, use it during canonification so that 1625 headers are properly mapped. Reported by Anne Bennett 1626 of Concordia University. 1627 Avoid printing misleading error message if SMTP mailer (not 1628 using [IPC]) should die on a core dump. 1629 Avoid incorrect diagnosis of "file 1 closed" when it is caused 1630 by the other end closing the connection. From 1631 Dave Morrison of Oracle. 1632 Improve several of the error messages printed by "mailq" 1633 to include a host name or other useful information. 1634 Add NetInfo preliminary support for NeXT systems. From Vince 1635 DeMarco. 1636 Fix a glitch that sometimes caused :include:s that pointed to 1637 NFS filesystems that were down to give an "aliasing/ 1638 forwarding loop broken" message instead of queueing 1639 the message for retry. Noted by William C Fenner of 1640 the NRL Connection Machine Facility. 1641 Fix a problem that could cause a core dump if the input sequence 1642 had (or somehow acquired) a \231 character. 1643 Make sure that route-addrs always have <angle brackets> around 1644 them in non-SMTP envelopes (SMTP envelopes already do 1645 this properly). 1646 Avoid wierd headers on unbalanced punctuation of the form: 1647 ``Joe User <user)'' -- this caused reference to the 1648 null macro. Fix from Rick McCarty of IO.COM. 1649 Fix a problem that caused an alias "user: user@local.host" to 1650 not have the QNOTREMOTE bit set; this caused configs 1651 to act as if FEATURE(notsticky) was defined even when 1652 it was not. The effect of the problem was to make it 1653 very hard to to set up satellite sites that had a few 1654 local accounts, with everything else forwarded to a 1655 corporate hub. Reported by Detlef Drewanz of the 1656 University of Rostock and Mark Frost of NCD. 1657 Change queuing to not call rulesets 3, {1 or 2}, 4 on header 1658 addresses. This is more efficient (fewer name server 1659 calls) and fixes certain unusual configurations, such 1660 as those that have ruleset 4 do something that is 1661 non-idempotent unless a mailer-specific ruleset did 1662 something else. Problem reported by Brian J. Coan 1663 of the Institute for Global Communications. 1664 Fix the "obsolete argument" routine in main to better understand 1665 new arguments. For example, if you used ``sendmail 1666 -C config -v -q'' it would choke on the -q because 1667 the -C would stop looking for old-format arguments. 1668 Fix the code that was intended to allow two users to forward their 1669 mail to the same program and have them appear unique. 1670 Portability fixes for: 1671 SCO UNIX from Murray Kucherawy. 1672 SCO Open Server 3.2v4 from Philippe Brand. 1673 System V Release 4 from Rick Ellis and others. 1674 OSF/1 from Steve Campbell. 1675 DG/UX from Ben Mesander of the USGS and Bryan Curnutt 1676 of Stoner Associates. 1677 Motorola SysV88 from Kevin Johnson of Motorola. 1678 Solaris 2.3 from Casper H.S. Dik of the University 1679 of Amsterdam and John Caruso of University 1680 of Maryland. 1681 FreeBSD from Ollivier Robert. 1682 NetBSD from Adam Glass. 1683 TitanOS from Kate Hedstrom of Rutgers University. 1684 Irix from Bryan Curnutt. 1685 Dynix from Jim Davis of the University of Arizona. 1686 RISC/os. 1687 Linux from John Kennedy of California State University 1688 at Chico. 1689 Solaris 2.x from Tony Boner of the U.S. Air Force. 1690 NEXTSTEP 3.x from Vince DeMarco. 1691 HP-UX from various people. NOTA BENE: the location 1692 of the config file has moved to /usr/lib 1693 to match the HP-UX version of sendmail. 1694 CONFIG: Don't do any recipient rewriting on relay mailer; 1695 since this is intended only for internal use, the 1696 usual RFC 821/822/1123 rules can be relaxed. The 1697 main point of this is to avoid munging (ugh) UUCP 1698 addresses when relaying internally. 1699 CONFIG: fix typo in mailer/uucp.m4 that mutilates list:; 1700 syntax addresses delivered via UUCP. Solution 1701 provided by Peter Wemm. 1702 CONFIG: fix thumb-fumble in default UUCP relaying in ruleset 1703 zero; it caused double @ signs in addresses. From 1704 Irving Reid of the University of Toronto. 1705 CONFIG: Portability fixes for SCO Unix 3.2 with TCP/IP 1.2.1 1706 from Markku Toijala of ICL Personal Systems Oy. 1707 CONFIG: Add trailing "." on pseudo-domains for consistency; 1708 this fixes a problem (noted by Al Whaley of Sunnyside) 1709 that made it hard to recognize your own pseudodomain 1710 names. 1711 CONFIG: catch "@host" syntax errors (i.e., null local-parts) 1712 rather than letting them get "local configuration 1713 error"s. Problem noted by John Gardiner Myers. 1714 CONFIG: add uucp-uudom mailer variant, based on code posted 1715 by Spider Boardman <spider@Orb.Nashua.NH.US>; this 1716 has uucp-dom semantics but old UUCP syntax. This 1717 also permits "uucp-old" as an alias for "uucp" and 1718 "uucp-new" as a synonym for "suucp" for consistency. 1719 CONFIG: add POP mailer support (from Kimmo Suominen 1720 <kim@grendel.lut.fi>). 1721 CONFIG: drop CSNET_RELAY support -- CSNET is long gone. 1722 CONFIG: fix bug caused with domain literal addresses (e.g., 1723 ``[128.32.131.12]'') when FEATURE(allmasquerade) 1724 was set; it would get an additional @masquerade.host 1725 added to the address. Problem noted by Peter Wan 1726 of Georgia Tech. 1727 CONFIG: make sure that the local UUCP name is in $=w. From 1728 Jim Murray of Stratus. 1729 CONFIG: changes to UUCP rewriting to simulate IDA-style "V" 1730 mailer flag. Briefly, if you are sending to host 1731 "foo", then it rewrites "foo!...!baz" to "...!baz", 1732 "foo!baz" remains "foo!baz", and anything else has 1733 the local name prepended. 1734 CONFIG: portability fixes for HP-UX. 1735 DOC: several minor problems fixed in the Install & Op Guide. 1736 MAKEMAP: fix core dump problem on lines that are too long or 1737 which lack newline. From Mark Delany. 1738 MAILSTATS: print sums of columns (total messages & kbytes 1739 in and out of the system). From Tom Ferrin of UC 1740 San Francisco Computer Graphics Lab. 1741 SIGNIFICANT USER- OR SYSAD-VISIBLE CHANGES: 1742 On HP-UX, /etc/sendmail.cf has been moved to 1743 /usr/lib/sendmail.cf to match HP sendmail. 1744 Permissions have been tightened up on world-writable 1745 :include: files and accounts that have shells 1746 that are not listed in /etc/shells. This may 1747 cause some .forward files that have worked 1748 before to start failing. 1749 SIGUSR1 dumps some state to the log. 1750 NEW FILES: 1751 src/Makefile.DGUX 1752 src/Makefile.Dynix 1753 src/Makefile.FreeBSD 1754 src/Makefile.Mach386 1755 src/Makefile.NetBSD 1756 src/Makefile.RISCos 1757 src/Makefile.SCO 1758 src/Makefile.SVR4 1759 src/Makefile.Titan 1760 cf/mailer/pop.m4 1761 cf/ostype/bsdi1.0.m4 1762 cf/ostype/dgux.m4 1763 cf/ostype/dynix3.2.m4 1764 cf/ostype/sco3.2.m4 1765 makemap/Makefile.dist 1766 praliases/Makefile.dist 1767 17688.6.4/8.6.4 93/10/31 1769 Repair core-dump problem (write to read-only memory segment) 1770 if you fall back to the return-to-Postmaster case in 1771 savemail. Problem reported by Richard Liu. 1772 Immediately diagnose bogus sender addresses in SMTP. This 1773 makes quite certain that crackers can't use this 1774 class of attack. 1775 Reliability Fix: check return value from fclose() and fsync() 1776 in a few critical places. 1777 Minor problem in initsys() that reversed a condition for 1778 redirecting the output channel on queue runs. It's 1779 not clear this code even does anything. From Eric 1780 Wassenaar of the Dutch National Institute for Nuclear 1781 and High-Energy Physics. 1782 Fix some problems that caused queue runs to do "too much work", 1783 such as double-reading the Errors-To: header. From 1784 Eric Wassenaar. 1785 Error messages on writing the temporary file (including the 1786 data file) were getting suppressed in SMTP -- this 1787 fix causes them to be properly reported. From Eric 1788 Wassenaar. 1789 Some changes to support AF_UNIX sockets -- this will only 1790 really become relevant in the next release, but some 1791 people need it for local patches. From Michael 1792 Corrigan of UC San Diego. 1793 Use dynamically allocated memory (instead of static buffers) 1794 for macros defined in initsys() and settime(); since 1795 these can have different values depending on which 1796 envelope they are in. From Eric Wassenaar. 1797 Improve logging to show ctladdr on to= logging; this tells you 1798 what uid/gid processes ran as. 1799 Fix a problem that caused error messages to be discarded if 1800 the sender address was unparseable for some reason; 1801 this was supposed to fall back to the "return to 1802 postmaster" case. 1803 Improve aliaswait backoff algorithm. 1804 Portability patches for Linux (8.6.3 required another header 1805 file) (from Karl London) and SCO UNIX. 1806 CONFIG: patch prog mailer to not strip host name off of envelope 1807 addresses (so that it matches local again). From 1808 Christopher Davis. 1809 CONFIG: change uucp-dom mailer so that "<>" translates to $n; 1810 this prevents uux from seeing lines with null names like 1811 ``From Sat Oct 30 14:55:31 1993''. From Motonori 1812 Nakamura of Kyoto University. 1813 CONFIG: handle <list:;> syntax correctly. This isn't legal, but 1814 it shouldn't fail miserably. From Motonori Nakamura. 1815 18168.6.3/8.6.3 93/10/24 1817 IMPORTANT FIX: Fix several problems that caused open files to 1818 be "lost" during queue runs; this overflowed the open 1819 file table on large runs. An assumption that fdopen 1820 always succeeds sometimes resulted in core dumps when 1821 this happens; sometimes the message is delivered twice, 1822 sometimes (probably) infinite times. This problem in 1823 various form was reported by P{r (Pell) Emanuelsson and 1824 Robert Campbell of U.C. Berkeley. 1825 Special diagnosis of EMFILE error conditions -- it now prints 1826 the known open file descriptors so you can figure out 1827 what is consuming so much resources. 1828 Fix a couple of problems caused by early address parsing 1829 errors -- one caused it to return a "this is only a 1830 warning" when it really wasn't, and the other started 1831 parsing through a random pointer. The first was 1832 noted by Eric Wassenaar. 1833 Fix an infinite loop problem caused by null components in the 1834 host signature. Problem noted by Jan Sorensen. 1835 Be sure to reset the "current date" when sending an error 1836 message -- PostMasterCopy messages were being sent 1837 with an old Date: header. 1838 Fix a problem that caused duplicated mail when sendmail was 1839 (1) compiled without HASFLOCK, (2) you are sending to 1840 an alias that has an owner-* alias, (3) you execute 1841 sendmail with -t flag, (4) you run in -odb mode, and 1842 (5) the sender specifies both the alias name and 1843 another alias [i.e., the envelope is split], then 1844 duplicate messages are sent. The problem description 1845 and one-line fix are from Motonori Nakamura of Kyoto 1846 University. 1847 Avoid a problem that causes error messages to be discarded 1848 in some cases -- this was the result of a "fix" to 1849 avoid duplicate error messages, but two are better 1850 than zero. Reported by Tim Rylance. 1851 Fix a minor botch in checkfd012() -- fix from Dave Hill of 1852 Computervision R&D Ltd. 1853 Remove "X-Authentication-Warning: <user> set sender to <address> 1854 using -f" entirely -- it is far too eager to include 1855 this, and it is confusing folks. I'll try to make it 1856 work "right" in 8.7. Problem noted by Yoshitaka 1857 Tokugawa of dit Co., Ltd. 1858 Fix a race condition with the errno value in tick() and 1859 reapchild() -- this caused occasional misdiagnosis 1860 of problems. Kyle Jones of UUNET helped this along. 1861 Repair rule loop-detection code. From Michael Corrigan of 1862 U.C. San Diego. 1863 Fix a problem that caused sender domain addition (C mailer 1864 flag to be ignored if you use -odq or use -odb with 1865 a high load average. Problem reported by Jim Murray 1866 of Stratus. 1867 Fix ident protocol on multi-homed machines. It was not 1868 always using the correct interface. Fix from J.R. 1869 Oldroyd of Opal. 1870 Previously, sendmail assumed that any SMTP greeting message 1871 that wasn't 2xx was a temporary failure -- it should 1872 only take 4xx as a temporary failure, and return a 1873 solid error message on anything else -- for example, 1874 to allow you to reject connections on a workstation 1875 that is MXed to a mail server. 1876 Portability enhancements for 386BSD/FreeBSD/NetBSD from 1877 Ollivier Robert. 1878 CONFIG: FEATURE(always_add_domain) didn't always add the domain; 1879 in particular, on local mail it modified the header sender 1880 but not the header recipient address(es). Reported by 1881 Jeffrey Honig of Cornell University. Also, strip 1882 any host from envelope recipient address(es), since 1883 local mailers don't understand host names -- this is 1884 to help mailertable entries. From Christopher Davis. 1885 CONFIG: masquerading didn't apply to addresses that already 1886 had a domain. This change replaces a local hostname 1887 by the masquerade name in the SMTP mailer (previously 1888 it only added the masquerade name if it didn't already 1889 have a domain name). Several people complained about 1890 this. 1891 18928.6.2/8.6.2 93/10/15 1893 Put a "successful delivery" message in the transcript for 1894 addresses that get return-receipts. 1895 Put a prominent "this is only a warning" message in warning 1896 messages -- some people don't read carefully enough 1897 and end up sending the message several times. 1898 Include reason for temporary failure in the "warning" return 1899 message. Currently, it just says "cannot send for 1900 four hours". 1901 Fix the "Original message received" time generated for 1902 returntosender messages. It was previously listed as 1903 the current time. Bug reported by Eric Hagberg of 1904 Cornell University Medical College. 1905 If there is an error when writing the body of a message, 1906 don't send the trailing dot and wait for a response 1907 in sender SMTP, as this could cause the connection to 1908 hang up under some bizarre circumstances. From Eric 1909 Wassenaar. 1910 Fix some server SMTP synchronization problems caused when 1911 connections fail during message collection. From 1912 Eric Wassenaar. 1913 Fix a problem that can cause srvrsmtp to reject mail if the 1914 name server is down -- it accepts the RCPT but rejects 1915 the DATA command. Problem reported by Jim Murray of 1916 Stratus. 1917 Fix a problem that can cause core dumps if the config file 1918 incorrectly resolves to a null hostname. Reported by 1919 Allan Johannesen of WPI. 1920 Non-root use of -C flag, dangerous -f flags, and use of -oQ 1921 by non-root users were not put into 1922 X-Authentication-Warning:s as intended because the 1923 config file hadn't set the PrivacyFlags yet. Fix 1924 from Sven-Ove Westberg of the University of Lulea. 1925 Under very odd circumstances, the alias file rebuild code 1926 could get confused as to whether a database was 1927 open or not. 1928 Check "vendor code" on the end of V lines -- this is 1929 intended to provide a hook for vendor-specific 1930 configuration syntax. (This is a "new feature", 1931 but I've made an exception to my rule in a belief 1932 that this is a highly exceptional case.) 1933 Portability fixes for DG/UX (from Douglas Anderson of NCSC), 1934 SCO Unix (from Murray Kucherawy), A/UX, and OSF/1 1935 (from Jon Forrest of UC Berkeley) 1936 CONFIG: fix ``mailer:host'' form of UUCP relay naming. 1937 19388.6.1/8.6 93/10/08 1939 Portability fixes for A/UX and Encore UMAX V. 1940 Fix error message handling -- if you had a name server down 1941 causing an error during parsing, that message was never 1942 propogated to the queue file. 1943 19448.6/8.6 93/10/05 1945 Configuration cleanup: make it easier to undo IDENTPROTO in 1946 conf.h (other systems have the same bug). 1947 If HASGETDTABLESIZE and _SC_OPEN_MAX are both defined, assume 1948 getdtablesize() instead of sysconf(); a disturbingly 1949 large number of systems defined _SC_OPEN_MAX in the 1950 header files but don't have the syscall. 1951 Another patch to really truly ignore MX records in getcanonname 1952 if trymx == FALSE. 1953 Fix problem that caused the "250 IAA25499 Message accepted for 1954 delivery" message to be omitted if there was an error 1955 in the header of the message (e.g., a bad Errors-To: 1956 line). Pointed out by Michael Corrigan of UCSD. 1957 Announce name of host we are chatting when we get errors; this 1958 is an IDA-ism suggested by Christophe Wolfhugel. 1959 Portability fixes for Alpha OSF/1 (from Anthony Baxter of the 1960 Australian Artificial Intelligence Institute), SCO Unix 1961 (from Murray Kucherawy of Hookup Communication Corp.), 1962 NeXT (from Vince DeMarco and myself), Linux (from 1963 Karl London <karl@borg.demon.co.uk>), BSDI (from 1964 Christophe Wolfhugel, and SVR4 on Dell (from Kimmo 1965 Suominen), AUX 3.0 on Macintosh, and ANSI C compilers. 1966 Some changes to get around gcc optimizer bugs. From Takahiro 1967 Kanbe. 1968 Fix error recovery in queueup if another tf file of the same 1969 name already exists. Problem stumbled over by Bill 1970 Wisner of The Well. 1971 Output YP_MASTER_NAME and YP_LAST_MODIFIED without null bytes. 1972 Problem noted by Keith McMillan of Ameritech Services. 1973 Deal with group permissions properly when opening .forward and 1974 :include: files. This relaxes the 8.1C restrictions 1975 slightly more. This includes proper setting of groups 1976 when reading :include: files, allowing you to read some 1977 files that you should be able to read but have previously 1978 been denied unless you owned them or they had "other" 1979 read permission. 1980 Make certain that $j is in $=w (after the .cf is read) so that 1981 if the user is forced to override some silly system, 1982 MX suppression will still work. 1983 Fix a couple of efficiency problems where newstr was double- 1984 calling expensive routines. In at least one case, it 1985 wasn't guaranteed that they would always return the 1986 same result. Problem noted by Christophe Wolfhugel. 1987 Fix null pointer dereference in putoutmsg -- only on an error 1988 condition from a non-SMTP mailer. From Motonori 1989 Nakamura. 1990 Macro expand "C" line class definitions before scanning so that 1991 "CX $Z" works. 1992 Fix problem that caused error message to be sent while still 1993 trying to send the original message if the connection 1994 is closed during a DATA command after getting an error 1995 on an RCPT command (pretty obscure). Problem reported 1996 by John Myers of CMU. 1997 Fix reply to NOOP to be 250 instead of 200 -- this is a long 1998 term bug. 1999 Fix a nasty bug causing core dumps when returning the "warning: 2000 cannot deliver for N hours -- will keep trying" message; 2001 it only occurred if you had PostMasterCopy set and 2002 only on some architectures. Although sendmail would 2003 keep trying, it would send error messages on each 2004 queue interval. This is an important fix. 2005 Allow u and g options to take user and group names respectively. 2006 Don't do a chdir into the queue directory in -bt mode to make 2007 ruleset testing a bit easier. 2008 Don't allow users to turn off logging (using -oL) on the command 2009 line -- command line can only raise, not lower, logging 2010 level. 2011 Set $u to the original recipient on the SMTP transaction or on 2012 the command line. This is only done if there is exactly 2013 one recipient. Technically, this does not meet the 2014 specs, because it does not guarantee a domain on the 2015 address. 2016 Fix a problem that dumped error messages on bad addresses if 2017 you used the -t flag. Problem noted by Josh Smith of 2018 Harvey Mudd College. 2019 Given an address such as ``<foo> <bar>'', auto-quote the first 2020 ``<foo>'' part, giving ``"<foo>" <bar>''. This is to 2021 avoid the problem of people who use angle brackets in 2022 their full name information. 2023 Fix a null pointer dereference if you set option "l", have 2024 an Errors-To: header in the message, and have Errors-To: 2025 defined in the config file H lines. From J.R. Oldroyd. 2026 Put YPCOMPAT on #ifdef NIS instead -- it's one less thing to get 2027 wrong when compiling. Suggested by Rick McCarty of TI. 2028 Fix a problem that could pass negative SIZE parameter if the 2029 df file got lost; this would cause servers to always 2030 give a temporary failure, making the problem even worse. 2031 Problem noted by Allan Johannesen of WPI. 2032 Add "ident" timeout (one of the "r" option selectors) for IDENT 2033 protocol timeouts (30s default). Requested by Murray 2034 Kucherawy of HookUp Communication Corp. to handle bogus 2035 PC TCP/IP implementations. 2036 Change $w default definition to be just the first component of 2037 the domain name on config level 5. The $j macro defaults 2038 to the FQDN; $m remains as before. This lets well-behaved 2039 config files use any of the short, long, or subdomain 2040 names. 2041 Add makesendmail script in src to try to automate multi-architecture 2042 builds. I know, this is sub-optimal, but it is still 2043 helpful. 2044 Fix very obscure race condition that can cause a queue run to 2045 get a queue file for an already completed job. This 2046 problem has existed for years. Problem noted by the 2047 long suffering Allan Johannesen of WPI. 2048 Fix a problem that caused the raw sender name to be passed to 2049 udbsender instead of the canonified name -- this caused 2050 it to sometimes miss records that it should have found. 2051 Relax check of name on HELO packet so that a program using -bs 2052 that claims to be itself works properly. 2053 Restore rewriting of $: part of address through 2, R, 4 in 2054 buildaddr -- this requires passing a lot of flags to get 2055 it right. Unlike old versions, this ONLY rewrites 2056 recipient addresses, not sender addresses. 2057 Fix a bug that caused core dumps in config files that cannot 2058 resolve /file/name style addresses. Fix from Jonathan 2059 Kamens of OpenVision Technologies. 2060 Fix problem with fcntl locking that can cause error returns to 2061 be lost if the lock is lost; this required fully 2062 queueing everything, dropping the envelope (so errors 2063 would get returned), and then re-reading the queue from 2064 scratch. 2065 Fix a problem that caused aliases that redefine an otherwise 2066 true address to still send to the original address 2067 if and only if the alias failed in certain bizarre 2068 ways (e.g, if they pointed at a list:; syntax address). 2069 Problem pointed out by Jonathan Kamens. 2070 Remove support for frozen configuration files. They caused 2071 more trouble than it was worth. 2072 Fix problem that can cause error messages to get ignored when 2073 using both -odb and -t flags. Problem noted by Rob 2074 McNicholas at U.C. Berkeley. 2075 Include all "normal" variations on hostname in $=w. For example, 2076 if the host name is vangogh.cs.berkeley.edu, $=w will 2077 contain vangogh, vangogh.cs, and vangogh.cs.berkeley.edu. 2078 Add "restrictqrun" privacy flag -- without this, anyone can run 2079 the queue. 2080 Reset SmtpPhase global on initial connection creation so that 2081 messages don't come out with stale information. 2082 Pass an "ext" argument to lockfile so that error/log messages 2083 will properly reflect the true filename being locked. 2084 Put all [...] address forms into $=w -- this eliminates the need 2085 for MAXIPADDR in conf.h. Suggested by John Gardiner 2086 Myers of CMU. 2087 Fix a bug that can cause qf files to be left around even after 2088 an SMTP RSET command. Problem and fix from Michael 2089 Corrigan. 2090 Don't send a PostMasterCopy to errors when the Precedence: is 2091 negative. Error reports still go to the envelope 2092 sender address. 2093 Add LA_SHORT for load averages. 2094 Lock sendmail.st file when posting statistics. 2095 Add "SendBufSize" and "RcvBufSize" suboptions to "O" option to 2096 set the size of the TCP send and receive buffers; if you 2097 run over a slow slip line you may need to set these down 2098 (although it would be better to fix the SLIP implementation 2099 so that it's not necessary to recompile every program 2100 that does bulk data transfer). 2101 Allow null defaults on $( ... $) lookups. Problem reported by 2102 Amir Plivatsky. 2103 Diagnose crufty S and V config lines. This resulted from an 2104 observation that some people were using the SITE macro 2105 without the SITECONFIG macro first, which was causing 2106 bogus config files that were not caught. 2107 Fix makemap -f flag to turn off case folding (it was turning it 2108 on instead). THIS IS A USER VISIBLE CHANGE!!! 2109 Fix a problem that caused multiple error messages to be sent if 2110 you used "sendmail -t -oem -odb", your system uses fcntl 2111 locking, and one of the recipient addresses is unknown. 2112 Reset uid earlier in include() so that recursive .forwards or 2113 :include:s don't use the wrong uid. 2114 If file descriptor 0, 1, or 2 was closed when sendmail was 2115 called, the code to recover the descriptor was broken. 2116 This sometimes (only sometimes) caused problems with the 2117 alias file. Fix from Motonori Nakamura. 2118 Fix a problem that caused aliaswait to go into infinite recursion 2119 if the @:@ metasymbol wasn't found in the alias file. 2120 Improve error message on newaliases if database files cannot be 2121 opened or if running with no database format defined. 2122 Do a better estimation of the size of error messages when NoReturn 2123 is set. Problem noted by P{r (Pell) Emanuelsson. 2124 Fix a problem causing the "c" option (don't connect to expensive 2125 mailers) to be ignored in SMTP. Problem noted and the 2126 solution suggested by Robert Elz of Munnari University. 2127 Improve connection caching algorithm by passing "[host]" to 2128 hostsignature, which strips the square brackets and 2129 returns the real name. This allows mailertable entries 2130 to match regular entries. 2131 Re-enable Return-Receipt-To: -- people seem to want this stupid 2132 feature, even if it doesn't work right. 2133 Catch and log attempts to try the "wiz" command in server SMTP. 2134 This also ups the log level from LOG_NOTICE to LOG_CRIT. 2135 Be more generous at assigning $z to the home directory -- do this 2136 for programs that are specified through a .forward file. 2137 Fix from Andrew Chang of Sun Microsystems. 2138 Always save a fatal error message in preference to a non-fatal 2139 error message so that the "subject" line of return 2140 messages is the best possible. 2141 CONFIG: reduce the number of quotes needed to quote configuration 2142 parameters with commas: two quotes should work now, e.g., 2143 define(ALIAS_FILE, ``/etc/aliases,/etc/aliases.local''). 2144 CONFIG: class $=Z is a set of UUCP hosts that use uucp-dom 2145 connections (domain-ized UUCP). 2146 CONFIG: fix bug in default maps (-o must be before database file 2147 name). Pointed out by Christophe Wolfhugel. 2148 CONFIG: add FEATURE(nodns) to state that we are not relying on 2149 DNS. This would presumably be used in UUCP islands. 2150 CONFIG: add OSTYPE(nextstep) and OSTYPE(linux). 2151 CONFIG: log $u in Received: line. This is in technical violation 2152 of the standards, since it doesn't guarantee a domain 2153 on the address. 2154 CONFIG: don't assume "m" in local mailer flags -- this means that 2155 if you redefine LOCAL_MAILER_FLAGS you will have to include 2156 the "m" flag should you want it. Apparently some Solaris 2.2 2157 installations can't handle multiple local recipients. 2158 Problem noted by Josh Smith. 2159 CONFIG: add confDOMAIN_NAME to set $j (if undefined, $j defaults). 2160 CONFIG: change default version level from 4 to 5. 2161 CONFIG: add FEATURE(nullclient) to create a config file that 2162 forwards all mail to a hub without ever looking at the 2163 addresses in any detail. 2164 CONFIG: properly strip mailer: information off of relays when 2165 used to change .BITNET form into %-hack form. 2166 CONFIG: fix a problem that caused infinite loops if presented 2167 with an address such as "!foo". 2168 CONFIG: check for self literal (e.g., [128.32.131.12]) even if 2169 the reverse "PTR" mapping is broken. There's a better 2170 way to do this, but the change is fairly major and I 2171 want to hold it for another release. Problem noted by 2172 Bret Marquis. 2173 21748.5/8.5 93/07/23 2175 Serious bug: if you used a command line recipient that was unknown 2176 sendmail would not send a return message (it was treating 2177 everything as though it had an SMTP-style client that 2178 would do the return itself). Problem noted by Josh Smith. 2179 Change "trymx" option in getcanonname() to ignore all MX data, 2180 even during a T_ANY query. This actually didn't break 2181 anything, because the only time you called getcanonname 2182 with !trymx was if you already knew there were no MX 2183 records, but it is somewhat cleaner. From Motonori 2184 Nakamura. 2185 Don't call getcanonname from getmxrr if you already know there 2186 are no DNS records matching the name. 2187 Fix a problem causing error messages to always include "The 2188 original message was received ... from localhost". 2189 The correct original host information is now included. 2190 Previous change to cf/sh/makeinfo.sh doesn't port to Ultrix (their 2191 version of "test" doesn't have the -x flag). Change it 2192 to use -f instead. From John Myers. 2193 CONFIG: 8.4 mistakenly set the default SMTP-style mailer to 2194 esmtp -- it should be smtp. 2195 CONFIG: send all relayed mail using confRELAY_MAILER (defaults 2196 to "relay" (a variant of "smtp") if MAILER(smtp) is used, 2197 else "suucp" if MAILER(uucp) is used, else "unknown"); 2198 this cleans up the configs somewhat. This fixes a serious 2199 problem that caused route-addrs to get mistaken as relays, 2200 pointed out by John Myers. WARNING: this also causes 2201 the default on SMART_HOST to change from "suucp" to 2202 "relay" if you have MAILER(smtp) specified. 2203 22048.4/8.4 93/07/22 2205 Add option `w'. If you receive a message that comes to you because 2206 you are the best (lowest preference) target of an MX, and 2207 you haven't explicitly recognized the source MX host in 2208 your .cf file, this option will cause you to try the target 2209 host directly (as if there were no MX for it at all). If 2210 `w' is not set, this case is a configuration error. 2211 Beware: if `w' is set, senders may get bogus errors like 2212 "message timed out" or "host unknown" for problems that 2213 are really configuration errors. This option is 2214 disrecommended, provided only for compatibility with 2215 UIUC sendmail. 2216 Fix a problem that caused the incoming socket to be left open 2217 when sendmail forks after the DATA command. This caused 2218 calling systems to wait in FIN_WAIT_2 state until the 2219 entire list was processed and the child closed -- a 2220 potentially prodigious amount of time. Problem noted 2221 by Neil Rickert. 2222 Fix problem (created in 6.64) that caused mail sent to multiple 2223 addresses, one of which was a bad address, to completely 2224 suppress the sending of the message. This changes 2225 handling of EF_FATALERRS somewhat, and adds an 2226 EF_GLOBALERRS flag. This also fixes a potential problem 2227 with duplicate error messages if there is a syntax error 2228 in the header of a message that isn't noticed until late 2229 in processing. Original problem pointed out by Josh Smith 2230 of Harvey Mudd College. This release includes quite a bit 2231 of dickering with error handling (see below). 2232 Back out SMTP transaction if MAIL gets nested 501 error. This 2233 will only hurt already-broken software and should help 2234 humans. 2235 Fix a problem that broke aliases when neither NDBM nor NEWDB were 2236 compiled in. It would never read the alias file. 2237 Repair unbalanced `)' and `>' (the "open" versions are already 2238 repaired). 2239 Logging of "done" in dropenvelope() was incorrect: it would 2240 log this even when the queue file still existed. Change 2241 this to only log "done" (at log level 11) when the 2242 queue file is actually removed. From John Myers. 2243 Log "lost connection" in server SMTP at log level 20 if there 2244 is no pending transaction. Some senders just close the 2245 connection rather than sending QUIT. 2246 Fix a bug causing getmxrr to add a dot to the end of unqualified 2247 domains that do not have MX records -- this would cause 2248 the subsequent host name lookup to fail. The problem 2249 only occurred if you had FEATURE(nocanonify) set. 2250 Problem noted by Rick McCarty of Texas Instruments. 2251 Fix invocation of setvbuf when passed a -X flag -- I had 2252 unwittingly used an ANSI C extension, and this caused 2253 core dumps on some machines. 2254 Diagnose self-destructive alias loops on RCPT as well as EXPN. 2255 Previously it just gave an empty send queue, which 2256 then gave either "Need RCPT (recipient)" at the DATA 2257 (confusing, since you had given an RCPT command which 2258 returned 250) or just dropped the email, depending on 2259 whether you were running VERBose mode. Now it usually 2260 diagnoses this case as "aliasing/forwarding loop broken". 2261 Unfortunately, it still doesn't adequately diagnose 2262 some true error conditions. 2263 Add internal concept of "warning messages" using 6xx codes. 2264 These are not reported only to Postmaster. Unbalanced 2265 parens, brackets, and quotes are printed as 653 codes. 2266 They are always mapped to 5xx codes before use in SMTP. 2267 Clean up error messages to tell both the actual address that 2268 failed and the alias they arose from. This makes it 2269 somewhat easier to diagnose problems. Difficulty noted 2270 by Motonori Nakamura. 2271 Fix a problem that inappropriately added a ctladdr to addresses 2272 that shouldn't have had one during a queue run. This 2273 caused error messages to be handled differently during 2274 a queue run than a direct run. 2275 Don't print the qf name and line number if you get errors during 2276 the direct run of the queue from srvrsmtp -- this was 2277 just extra stuff for users to crawl through. 2278 Put command line flags on second line of pid file so you can 2279 auto-restart the daemon with all appropriate arguments. 2280 Use "kill `head -1 /etc/sendmail.pid`" to stop the 2281 daemon, and "eval `tail -1 /etc/sendmail.pid`" to 2282 restart it. 2283 Remove the ``setuid(getuid())'' in main -- this caused the 2284 IDENT daemon to screw up. This required that I change 2285 HASSETEUID to HASSETREUID and complicate the mode 2286 changing somewhat because both Ultrix and SunOS seem 2287 to have a bug causing seteuid() to set the saved uid 2288 as well as the effective. The program test/t_setreuid.c 2289 will test to see if your implementation of setreuid(2) 2290 is appropriately functional. 2291 The FallBackMX (option V) handling failed to properly identify 2292 fallback to yourself -- most of the code was there, 2293 but it wasn't being enabled. Problem noted by Murray 2294 Kucherawy of the University of Waterloo. 2295 Change :include: open timeout from ETIMEDOUT to an internal 2296 code EOPENTIMEOUT; this avoids adding "during SmtpPhase 2297 with CurHostName" in error messages, which can be 2298 confusing. Reported by Jonathan Kamens of OpenVision 2299 Technologies. 2300 Back out setpgrp (setpgid on POSIX systems) call to reset the 2301 process group id. The original fix was to get around 2302 some problems with recalcitrant MUAs, but it breaks 2303 any call from a shell that creates a process group id 2304 different from the process id. I could try to fix 2305 this by diddling the tty owner (using tcsetpgrp or 2306 equivalent) but this is too likely to break other 2307 things. 2308 Portability changes: 2309 Support -M as equivalent to -oM on Ultrix -- apparently 2310 DECnet calls sendmail with -MrDECnet -Ms<HOST> -bs 2311 instead of using standard flags. Oh joy. This 2312 behaviour reported by Jon Giltner of University 2313 of Colorado. 2314 SGI IRIX -- this includes several changes that should 2315 help other strict ANSI compilers. 2316 SCO Unix -- from Murray Kucherawy of HookUp Communication 2317 Corporation. 2318 Solaris running the Sun C compiler (which despite the 2319 documentation apparently doesn't define 2320 __STDC__ by default). 2321 ConvexOS from Eric Schnoebelen of Convex. 2322 Sony NEWS workstations and Omron LUNA workstations from 2323 Motonori Nakamura. 2324 CONFIG: add confTRY_NULL_MX_LIST to set option `w'. 2325 CONFIG: delete `C' and `e' from default SMTP mailers flags; 2326 several people have made a good argument that this 2327 creates more problems than it solves (although this 2328 may prove painful in the short run). 2329 CONFIG: generalize all the relays to accept a "mailer:host" 2330 format. 2331 CONFIG: move local processing in ruleset 0 into a new ruleset 2332 98 (8 on old sendmail). Domain literal [a.b.c.d] 2333 addresses are also passed through this ruleset. 2334 CONFIG: if neither SMART_HOST nor MAILER(smtp) were defined, 2335 internet-style addresses would "fall off the end" of 2336 ruleset zero and be interpreted as local -- however, 2337 the angle brackets confused the recursive call. 2338 These are now diagnosed as "Unrecognized host name". 2339 CONFIG: USENET rules weren't included in S0 because of a mistaken 2340 ifdef(`_MAILER_USENET_') instead of 2341 ifdef(`_MAILER_usenet_'). Problem found by Rein Tollevik 2342 of SINTEF RUNIT, Oslo. 2343 CONFIG: move up LOCAL_RULE_0 processing so that it happens very 2344 early in ruleset 0; this allows .mc authors to bypass 2345 things like the "short circuit" code for local addresses. 2346 Prompted by a comment by Bill Wisner of The Well. 2347 CONFIG: add confSMTP_MAILER to define the mailer used (smtp or 2348 esmtp) to send SMTP mail. This allows you to default 2349 to esmtp but use a mailertable or other override to 2350 deal with broken servers. This logic was pointed out 2351 to me by Bill Wisner. Ditto for confLOCAL_MAILER. 2352 Changes to cf/sh/makeinfo.sh to make it portable to SVR4 2353 environments. Ugly as sin. 2354 23558.3/8.3 93/07/13 2356 Fix setuid problems introduced in 8.2 that caused messages 2357 like "Cannot create qfXXXXXX: Invalid argument" 2358 or "Cannot reopen dfXXXXXX: Permission denied". This 2359 involved a new compile flag "HASSETEUID" that takes 2360 the place of the old _POSIX_SAVED_IDS -- it turns out 2361 that the POSIX interface is broken enough to break 2362 some systems badly. This includes some fixes for 2363 HP-UX. Also fixes problems where the real uid is 2364 not reset properly on startup (from Neil Rickert). 2365 Fix a problem that caused timed out messages to not report the 2366 addresses that timed out. Error messages are also more 2367 "user friendly". 2368 Drop required bandwidth on connections from 64 bytes/sec to 2369 16 bytes/sec. 2370 Further Solaris portability changes -- doesn't require the BSD 2371 compatibility library. This also adds a new 2372 "HASGETDTABLESIZE" compile flag which can be used if 2373 you want to use getdtablesize(2) instead of sysconf(2). 2374 These are loosely based on changes from David Meyer at 2375 University of Oregon. This now seems to work, at least 2376 for quick test cases. 2377 Fix a problem that can cause duplicate error messages to be 2378 sent if you are in SMTP, you send to multiple addresses, 2379 and at least one of those addresses is good and points 2380 to an account that has a .forward file (whew!). 2381 Fix a problem causing messages to be discarded if checkcompat() 2382 returned EX_TEMPFAIL (because it didn't properly mark 2383 the "to" address). Problem noted by John Myers. 2384 Fix dfopen to return NULL if the open failed; I was depending 2385 on fdopen(-1) returning NULL, which isn't the case. This 2386 isn't serious, but does result in wierd error diagnoses. 2387 From Michael Corrigan. 2388 CONFIG: add UUCP_MAX_SIZE M4 macro to set the maximum size of 2389 messages sent through UUCP-family mailers. Suggested 2390 by Bill Wisner of The Well. 2391 CONFIG: if both MAILER(uucp) and MAILER(smtp) are specified, 2392 include a "uucp-dom" mailer that uses domain-style 2393 addressing. Suggested by Bill Wisner. 2394 CONFIG: Add LOCAL_SHELL_FLAGS and LOCAL_SHELL_ARGS to match 2395 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS. Suggested by 2396 Christophe Wolfhugel. 2397 CONFIG: Add OSTYPE(aix3). From Christophe Wolfhugel. 2398 23998.2/8.2 93/07/11 2400 Don't drop out on config file parse errors in -bt mode. 2401 On older configuration files, assume option "l" (use Errors-To 2402 header) for back compatibility. NOTE: this DOES NOT 2403 imply an endorsement of the Errors-To: header in any way. 2404 Accept -x flag on AIX-3 as well as OSF/1. Why, why, why??? 2405 Don't log errors on EHLO -- it isn't a "real" error for an old 2406 SMTP server to give an error on this command, and 2407 logging it in the transcript can be confusing. Fix 2408 from Bill Wisner. 2409 IRIX compatibility changes provided by Dan Rich 2410 <drich@sandman.lerc.nasa.gov>. 2411 Solaris 2 compatibility changes. Provided by Bob Cunningham 2412 <bob@kahala.soest.hawaii.edu>, John Oleynick 2413 <juo@klinzhai.rutgers.edu> 2414 Debugging: -d17 was overloaded (hostsignature and usersmtp.c); 2415 move usersmtp (smtpinit and smtpmailfrom) to -d18 to 2416 match the other flags in that file. 2417 Flush transcript before fork in mailfile(). From Eric Wassenaar. 2418 Save h_errno in mci struct and improve error message display. 2419 Changes from Eric Wassenaar. 2420 Open /dev/null for the transcript if the create of the xf file 2421 failed; this avoids at least one possible null pointer 2422 reference in very wierd cases. From Eric Wassenaar. 2423 Clean up statistics gathering; it was over-reporting because of 2424 forks. From Eric Wassenaar. 2425 Fix problem that causes old Return-Path: line to override new 2426 Return-Path: line (conf.c needs H_FORCE to avoid 2427 re-using old value). From Motonori Nakamura. 2428 Fix broken -m flag in K definition -- even if -m (match only) 2429 was specified, it would still replace the key with the 2430 value. Noted by Rick McCarty of Texas Instruments. 2431 If the name server timed out over several days, no "timed out" 2432 message would ever be sent back. The timeout code 2433 has been moved from markfailure() to dropenvelope() 2434 so that all such failures should be diagnosted. Pointed 2435 out by Christophe Wolfhugel and others. 2436 Relax safefile() constraints: directories in an include or 2437 forward path must be readable by self if the controlling 2438 user owns the entry, readable by all otherwise (e.g., 2439 when reading your .forward file, you have to own and 2440 have X permssion in it; everyone needs X permission in 2441 the root and directories leading up to your home); 2442 include files must be readable by anyone, but need not 2443 be owned by you. 2444 If _POSIX_SAVED_IDS is defined, setuid to the owner before 2445 reading a .forward file; this gets around some problems 2446 on NFS mounts if root permission is not exported and 2447 the user's home directory isn't x'able. 2448 Additional NeXT portability enhancements from Axel Zinser. 2449 Additional HP-UX portability enhancements from Brian Bullen. 2450 Add a timeout around SMTP message writes; this assumes you can 2451 get throughput of at least 64 bytes/second. Note that 2452 this does not impact the "datafinal" default, which 2453 is separate; this is just intended to work around 2454 network clogs that will occur before the final dot 2455 is sent. From Eric Wassenaar. 2456 Change map code to set the "include null" flag adaptively -- 2457 it initially tries both, but if it finds anything 2458 matching without a null it never tries again with a 2459 null and vice versa. If -N is specified, it never 2460 tries without the null and creates new maps with a 2461 null byte. If -O is specified, it never tries with 2462 the null (for efficiency). If -N and -O are specified, 2463 you get -NO (get it?) lookup at all, so this would 2464 be a bad idea. If you don't specify either -N or -O, 2465 it adapts. 2466 Fix recognition of "same from address" so that MH submissions 2467 will insert the appropriate full name information; 2468 this used to work and got broken somewhere along the 2469 way. 2470 Some changes to eliminate some unnecessary SYSERRs in the 2471 log. For example, if you lost a connection, don't 2472 bother reporting that fact on the connection you lost. 2473 Add some "extended debugging" flags to try to track down 2474 why we get occassional problems with file descriptor 2475 one being closed when execing a mailer; it seems to 2476 only happen when there has been another error in the 2477 same transaction. This requires XDEBUG, defined 2478 by default in conf.h. 2479 Add "-X filename" command line flag, which logs both sides of 2480 all SMTP transactions. This is intended ONLY for 2481 debugging bad implementations of other mailers; start 2482 it up, send a message from a mailer that is failing, 2483 and then kill it off and examine the indicated log. 2484 This output is not intended to be particularly human 2485 readable. This also adds the HASSETVBUF compile 2486 flag, defaulted on if your compiler defines __STDC__. 2487 CONFIG: change SMART_HOST to override an SMTP mailer. If you 2488 have a local net that should get direct connects, you 2489 will need to use LOCAL_NET_CONFIG to catch these hosts. 2490 See cf/README for an example. 2491 CONFIG: add LOCAL_MAILER_ARGS (default: `mail -d $u') to handle 2492 sites that don't use the -d flag. 2493 CONFIG: hide recipient addresses as well as sender addresses 2494 behind $M if FEATURE(allmasquerade) is specified; this 2495 has been requested by several people, but can break 2496 local aliases. For example, if you mail to "localalias" 2497 this will be rewritten as "localalias@masqueradehost"; 2498 although initial delivery will work, replies will be 2499 broken. Use it sparingly. 2500 CONFIG: add FEATURE(domaintable). This maps unqualified domains 2501 to qualified domains in headers. I believe this is 2502 largely equivalent to the IDA feature of the same name. 2503 CONFIG: use $U as UUCP name instead of $k. This permits you 2504 to override the "system name" as your UUCP name -- 2505 in particular, to use domain-ized UUCP names. From 2506 Bill Wisner of The Well. 2507 CONFIG: create new mailer "esmtp" that always tries EHLO 2508 first. This is currently unused in the config files, 2509 but could be used in a mailertable entry. 2510 25118.1C/8.1B 93/06/27 2512 Serious security bug fix: it was possible to read any file on 2513 the system, regardless of ownership and permissions. 2514 If a subroutine returns a fully qualified address, return it 2515 immediately instead of feeding it back into rewriting. 2516 This fixes a problem with mailertable lookups. 2517 CONFIG: fix some M4 frotz (concat => CONCAT) 2518 25198.1B/8.1A 93/06/12 2520 Serious bug fix: pattern matching backup algorithm stepped by 2521 two tokens in classes instead of one. Found by Claus 2522 Assmann at University of Kiel, Germany. 2523 25248.1A/8.1A 93/06/08 2525 Another mailertable fix.... 2526 25278.1/8.1 93/06/07 2528 4.4BSD freeze. No semantic changes. 2529 25306.65/6.34 93/06/06 2531 Fix some lintish problems. 2532 Fix some cases where server SMTP behaved poorly when handed bogus 2533 input, pointed out by Eric Wassenaar. 2534 CONFIG: fix some more (sigh) mailertable bugs -- thanks to 2535 Motonori Nakamura of Kyoto University (again). 2536 25376.64/6.33 93/06/05 2538 Don't send 050 (-v) information after the 250 response to a QUIT 2539 command in srvrsmtp -- clients usually close the connection 2540 at this point, and it causes bogus error messages. 2541 Don't send messages that have errors on input (such as unbalanced 2542 parentheses) during SMTP transactions, since a return 2543 message has (probably) already been sent. 2544 Give better diagnostics on timeouts during network reads, including 2545 information similar to the SMTP phase. 2546 Fix bug that caused SMTP messages to deliver synchronously; this 2547 happened after the DATA 250, and hence caused reading the 2548 next command to be delayed. 2549 Ignore Errors-To: header unless 'l' (lower case el) header is 2550 specified. The Errors-To: header violates RFC 1123. 2551 Errors-To: was only needed to take the place of the 2552 envelope sender in the days when most Unix mailers 2553 didn't understand about the two kinds of senders. 2554 Don't send warning messages in response to automatically generated 2555 messages (that is, those From:<>). 2556 CONFIG: fix some rather stupid typos in the mailertable code 2557 pointed out by Motonori Nakamura of Kyoto University. 2558 CONFIG: add confUSE_ERRORS_TO configuration option. 2559 CONFIG: if ALWAYS_ADD_DOMAIN is selected, try to use $M 2560 (masquerade name) instead of $j. 2561 CONFIG: don't add dots to relay names (added in 6.29); it breaks 2562 several things, and can be simulated by dot terminating 2563 the names of relays. For example, use: 2564 DBbit.net.relay. 2565 (note the trailing dot). 2566 25676.63/6.32 93/06/01 2568 Fix prototypes to eliminate chars in argument lists -- some 2569 compilers are pissy about this. 2570 Log protocol ($r) and body type if set so we can determine if 2571 the adaptive algorithms are working. 2572 Pessimize on locking of database files (particularly for NEWDB 2573 databases) during opens. There were problems with 2574 processes opening the file while it was rebuilt; since 2575 NEWDB caches heavily, the reader opened an empty file, 2576 which is an error. If your system has the ability to 2577 lock atomically on open, this works properly; otherwise, 2578 there are race conditions. 2579 Check mod time on .pag file instead of .dir in NDBM aliases 2580 because the .dir file doesn't get updated for small 2581 alias files. From John Gardiner Myers of CMU. 2582 More Solaris portability -- it now compiles on Solaris, but 2583 hangs up in gethostbyname(). 2584 Move setting of RES_DEBUG flag before first myhostname() call 2585 so we can see name server traffic on that call. 2586 Fsync() queue files. 2587 Fix a problem that causes -bi to try to rebuild maps other than 2588 the alias file(s). 2589 Fix a problem that caused udb to reject entries from any but 2590 the first database listed. 2591 Rearrange doc subdirectory for 4.4BSD release tape. 2592 CONFIG: put $r into the Received line. This was an oversight. 2593 CONFIG: fix typo (call to ruleset 99 should have been rulset 90). 2594 CONFIG: move "auxiliary" subroutines to be in ruleset 90-99 2595 range -- in the long run, single digit rulesets may 2596 become reserved for builtin use by sendmail. 2597 CONFIG: fix major problem that causes host aliases (that is, 2598 anything in $=w != $j) to not be recognized. This has 2599 been around since 6.30. 2600 26016.62/6.31 93/05/28 2602 BETA RELEASE 2603 Fix recursive syserr (if there is an error printing a syserr 2604 message). This makes the code much less eager to consider 2605 a write error as serious. This also includes some 2606 heuristics to be clever about closed connections. 2607 Lock NEWDB files during gets. This requires version 1.5 or later 2608 of the db library. If you have an older version, you 2609 can use -DOLD_NEWDB. This will go away in a few weeks. 2610 Fix problem causing aliases that use host maps to get overwritten. 2611 Do appropriate byte swapping on port numbers in ident protocol 2612 code. Fix from Allan Johannesen of WPI. 2613 Defer opening of map files to the same time as alias files so that 2614 the daemon will tend to pick up new versions more promptly. 2615 Prototype a bunch more functions. 2616 Some Solaris 2.1 changes (still doesn't link though). 2617 Try to simplify Makefiles by including more subordinate #defines 2618 in conf.h (based on OS type). 2619 CONFIG: check for domains if FEATURE(mailertable) is defined. 2620 For example, if the host name is "knecht.cs.berkeley.edu" 2621 it will search the following mailertable keys: 2622 knecht.cs.berkeley.edu 2623 .cs.berkeley.edu 2624 .berkeley.edu 2625 .edu 2626 This could be used to replace the special relays for bitnet 2627 and similar nets. 2628 26296.61/6.30 93/05/24 2630 Fix problem that prevented appending dots on canonified host 2631 names. This breaks tons of config files -- very 2632 important fix. 2633 Fix improper pointer dereference in response to HELO command. 2634 Fix core dump if debugging set in map_rewrite. 2635 CONFIG: add FEATURE(always_add_domain) to always attach the 2636 local domain (only impacts local mail). 2637 CONFIG: try to avoid turning names into $j -- although 2638 technically a host can only have one "canonical name", 2639 it seems to be common practice to have several. 2640 26416.60/6.29 93/05/22 2642 Major change: merge alias databases with maps. This expands and 2643 changes the map class interface but fixes a bunch of bugs. 2644 The important user-visible change is that the file name 2645 in a K line now does not include the ".db" extension; this 2646 is added automatically. Also, the -d (NIS domain) flag is 2647 missing from the K config line; use @domain instead. 2648 When compiling, the *_MAP names are gone -- just compile 2649 in NDBM, NEWDB, and/or NIS support. 2650 Announce mailer/host/user triple on -bv flag -- from Brian 2651 Bullen of Stirling University. 2652 Don't send more than one line in response to HELO -- it confuses 2653 Pony Express, which then behaves very badly. However, 2654 this change does send two line 220 greetings, with the 2655 second line reading "ESMTP spoken here". The usersmtp 2656 module recognizes this and goes into ESMTP mode regardless 2657 of the setting of the "a" mailer flag. Thus, "a" means 2658 "always try EHLO". 2659 AIX portability changes (thanks to Christophe Wolfhugel of 2660 Herve Schauer Consultants (Paris) for providing me with 2661 an INSA account for this purpose). Lightly tested. Use 2662 -D_AIX3. This probably breaks compatibility with some 2663 older systems (e.g., 4.2bsd) but still works on SunOS 2664 4.1.2, Ultrix 4.2A, HP-UX 8.07, OSF/1 T1.3, and AIX 3.2.3. 2665 Fix a problem causing an error message loop if the output channel 2666 is hosed. 2667 Add the Makefiles that I use for various environments -- some are 2668 Berkeley make versions and some are old make versions. 2669 My makefile for the NeXT box has gotten lost, alas! 2670 PRALIASES: support for printing NEWDB databases. From 2671 Michael J. Corrigan of U.C. San Diego. 2672 CONFIG: don't pass pseudo-domains to $[ ... $] (if you have 2673 a wildcard MX it can have wierd results). From 2674 Christophe Wolfhugel. 2675 CONFIG: dot terminate relay hostnames in S0. From Christophe 2676 Wolfhugel. 2677 26786.59/6.28 93/05/13 2679 Log version with SMTP daemon startup message. 2680 Adjust setproctitle to work on NetBSD and BSD/386. 2681 Fix null pointer reference in MX fallback code. 2682 A bunch of minor fixes from Eric Wassenaar: 2683 If deliver cannot execv the mailer, return EX_OSERR 2684 instead of EX_TEMPFAIL (to give better 2685 error messages). 2686 Consistently malloc e_message. 2687 Catch degenerate case of calling returntosender() 2688 with an empty returnq. 2689 MIME reformatting. 2690 26916.58/6.28 93/05/13 2692 Fix bug that can cause incorrect verbose display of user smtp 2693 messages. 2694 Disable SMTP VERB command if PRIV_NOEXPN is set (since this 2695 could reveal the same information. 2696 Allow failure when reading SMTP greeting message to go on to 2697 next MX host. 2698 Add "MIME-Version: 1.0" header if using MIME (this was NOT 2699 included in RFC 1344, but Bill King of Allan-Bradley 2700 Company forwarded me email from Nathaniel Borenstein 2701 claiming that it was an inadvertent omission). 2702 Don't use Content-Type: X-message-header. According to John 2703 Myers of CMU, many MIME readers will completely ignore 2704 the data if they don't recognize it. Instead, just 2705 add a blank line to make it a legal (empty) message. 2706 Fix problem causing dots to keep getting appended to cached 2707 hostnames. This can cause buffer overrun conditions. 2708 The problem was found by Erik Forsberg of Retix, 2709 although I used a different bug fix than he provided. 2710 Fix parsing of split header/envelope rewriting specs -- from 2711 Eric Forsberg. 2712 Fix from Eric Wassenaar to correct To: lists in error messages. 2713 27146.57/6.28 93/05/11 2715 Fix minor glitch causing extra ctladdrs to be output to queue 2716 file. Just an annoyance. 2717 Cache results of name server canonification lookups to avoid 2718 backed up queue runs. 2719 Major rewrite of alias.c: considerable cleanup, plus sample 2720 (untested) support for NIS aliases. The "A" option 2721 can now be a comma separated list (or be repeated) -- 2722 that is, you can have multiple alias databases. Each 2723 database can have the syntax ``class:file''; if no class 2724 is specified, the "implicit" class is assumed. Implicit 2725 searches through a list of compiled in types -- hash, 2726 dbm, nis, and stab. Alias files are searched in the 2727 order they are listed. For example: 2728 OAhash:/etc/aliases.local,/etc/aliases 2729 OAnis:mail.aliases@my.nis.domain 2730 first searches the hash database /etc/aliases.local, 2731 then the regular /etc/aliases database, then the NIS 2732 map "mail.aliases" in the NIS domain "my.nis.domain". 2733 If in Verbose mode (probably from VERB command) run SMTP job 2734 in foreground and don't do RCPT optimizations. 2735 Add udb :mailsender as equivalent to owner- for regular aliases. 2736 Delete option 8; add option 7 that means the opposite. That is, 2737 default to 8-bit mode; a special option is needed to 2738 force sendmail into 7 bit mode. 2739 Send error messages in encapsulated MIME format. 2740 New compile flag "NIS" that turns on NIS alias and NIS map 2741 support. 2742 Add "j" option to send error messages in MIME (RFC 1341) 2743 encapsulated message format per RFC 1344. The 2744 syntax is pretty ugly if you don't have MIME-aware 2745 user agents. 2746 Clean up message handling (for display in mailq output). 2747 New setproctitle implementation for 4.4bsd. 2748 Create files (such as ~/dead.letter) using mode FileMode (the 2749 F option value) instead of 0666. 2750 Fix bug causing output of EXPN command to not be fully qualified. 2751 This may cause some problems with UUCP addresses that 2752 will require some config file assistance -- specifically, 2753 the $: part has to include the host name for this output 2754 to make sense. 2755 Fix a problem that sometimes diagnosed errors and still sent the 2756 message if the header syntax was bad. 2757 Fix a bug that caused an error message to be emailed when sendmail 2758 was operating in -bv mode. 2759 Add "ListenQueueSize" keyword to daemon options option (OO) to 2760 set the queue size parameter passed to listen(). You 2761 will normally have to tweak your kernel to up this. 2762 Strip spaces off of beginning of message-id before logging (in 2763 case it was folded across lines). 2764 Tweak compile flags in daemon.c -- there were some cases where 2765 it wouldn't work without NETINET. 2766 Change *file* mailer to output all the usual default headers 2767 (From, Date, Message-Id). It gets used when sending 2768 back error messages. 2769 CONFIG: explicitly catch and diagnose list:; syntax in ruleset 2770 zero -- this is not a valid recipient syntax according 2771 to RFC 821. 2772 CONFIG: add confMIME_FORMAT_ERRORS to send error messages in 2773 MIME format. Defaults to on. 2774 CONFIG: add SMTP_MAILER_FLAGS and UUCP_MAILER_FLAGS to augment 2775 the flags for those mailers. 2776 27776.56/6.27 93/05/01 2778 Fix problem that causes the fallback mail to postmaster 2779 (case ESM_POSTMASTER in savemail()) to not look at 2780 aliases (ugh). 2781 Some more HPUX tweaking (compile flag hpux => __hpux so it 2782 still works in ANSI mode). 2783 Don't try to flock non-regular files when mailing to a file. 2784 In particular, this was a problem if you tried to 2785 send to /dev/null. 2786 Fix a wierd bug that can cause senders to be queued as 2787 recipients if the name server is down when the mail 2788 is initially sent. This hack just ignores sender 2789 deletion (essentially, it sets the MeToo flag) if there 2790 is a TEMPFAIL during processing of the sender address. 2791 Obscure. 2792 Fix a dangling else problem -- from Brian Bullen from University 2793 of Stirling, UK. 2794 Add the "b" mailer flag to force a blank line on the end of 2795 messages. Some brilliant versions of /bin/mail insist 2796 on this but do not add it themselves. 2797 Add the "g" mailer flag to prevent user SMTP from sending 2798 "MAIL From:<>". This is only intended to be a 2799 transitional gesture, and should not be used if at 2800 all possible. It appears that Berkeley and IDA 2801 config files have always handled this properly; the 2802 UK config kit apparently does not. 2803 Don't lowercase and then capitalize header field names -- leave 2804 them with original capitalization. Fixes from Bill 2805 King of Allen-Bradley Company. 2806 Further cleanup and improved reporting of error messages, 2807 particularly conditions that cause messages to be 2808 requeued for future delivery. 2809 Tweak syslog priorities in some cases. 2810 CONFIG: clean up route-addr on UUCP addresses. 2811 28126.55/6.25 93/04/27 2813 HPUX 8.07 compatibility changes in getla() -- I had to make 2814 these changes to get it to work at Berkeley, although 2815 others seem to have been working before (???). 2816 Various patches to XLA code. 2817 Fix problem that causes setuid bit on files to be ignored from 2818 SMTP or in queue runs. Problem noted by Jason Ornstein 2819 of Under The Wire, Inc. 2820 Fix problem that can cause CNAMEs to be ignored. 2821 Generalize getmxrr to match local host in $=w instead of a 2822 single name passed in. 2823 Some cleanup from Eric Wassenaar: 2824 Use FileMailer instead of ProgMailer in two places. 2825 Eliminate duplicate 8th-bit stripping in commaize. 2826 Fix a problem with mis-parsing of backslash escapes 2827 under some circumstances. 2828 NIS map fix (was always including trailing null character) 2829 from Mike Glendinning of Ingres UK. 2830 Add "a" mailer flag to try using ESMTP. It tries the EHLO 2831 command and if that fails falls back to regular SMTP. 2832 Also parses EHLO option keywords. If host supports 2833 SIZE extension, this is added to the MAIL FROM: 2834 command. 2835 Extend "b" option to include a second value which is the 2836 maximum message size this server is willing to accept. 2837 For example, a value of "10/1000000" says that there 2838 must be ten blocks free, and sendmail will reject 2839 any message larger than one megabyte. 2840 Some portability hooks for NeXT (this could be applicable 2841 to Mach in general). You have to create an empty 2842 file called "unistd.h" to get it to compile. 2843 Adjust config values (MAXLINE, MAXATOM, and PSBUFSIZE) to 2844 be more generous. 2845 Add X400-Received: to the list of headers tagged with H_TRACE 2846 in conf.c. From Bill King, Allen-Bradley Co. 2847 28486.54/6.25 93/04/19 2849 Fix problem that caused redefinition of SMTP and QUEUE compile 2850 flags. Pointed out by Jon Forrest of the Sequoia 2000 2851 project at Berkeley. 2852 Properly handle \! hack -- it was treating host\!user as one 2853 token (host!user) instead of three (host, !, user). 2854 Fix from Eric Wassenaar of NIKHEF-H. 2855 Fix compilation problem in getauthinfo() if IDENTPROTO is off. 2856 Turn off DEFNAMES and DNSRCH when getting the hostsignature 2857 (i.e., MX records) in level 1 configuration files; this 2858 matches the old behaviour. From Motonori Nakamura of 2859 Kyoto University. 2860 Improve error message printing -- if sent through an alias, 2861 error messages include the name of the alias in the 2862 message. Unfortunately, in order to make this work 2863 properly in queue runs, this changes the format of the 2864 C line in the qf file. The relatively uselessness of 2865 the previous information was pointed out to me by 2866 Allan E Johannesen of WPI. 2867 Add XLA compile flag to add hooks to Christophe Wolfhugel's 2868 extended load average code. This is still in very early 2869 form. For information regarding the guts of the xla 2870 code, contact Christophe.Wolfhugel@grasp.insa-lyon.fr. 2871 Additional hooks for detecting tempfails in rewriting rules 2872 (that is, in map lookups). 2873 28746.53/6.25 93/04/15 2875 Properly diagnose ruleset zero returning null (instead of a mailer 2876 triple). From Motonori Nakamura of Kyoto University. 2877 More generalization of socket code for other protocols. 2878 Shorten timeouts on reverse name lookups -- since they are done 2879 during connection establishment, long timeouts here can 2880 cause higher level timeouts. This mainly serves to accept 2881 mail from hosts that do not have proper reverse (PTR) DNS 2882 records set up. 2883 Reset e_statmsg before each mailer invocation to avoid bogus 2884 messages in the log. 2885 Redefine $r, $s, and $_ in error envelopes so you don't get 2886 incorrect cruft in the error message. Problem noted by 2887 Motonori Nakamura of Kyoto University. 2888 Fix a problem that can cause failure to return errors to Postmaster 2889 in certain cases. From Motonori Nakamura. 2890 Fix a problem that can cause some systems to give duplicate error 2891 messages when a bad syntax address such as "<a" is presented 2892 to an SMTP server. It doesn't seem to occur on all 2893 machines. From Motonori Nakamura. 2894 Default IDENTPROTO off for Ultrix and HPUX, which apparently have 2895 the interesting "feature" that when they receive a "Host 2896 unreachable" message they closes all open connections to 2897 that host. However, some firewall gateways send this message 2898 if you try to connect to an unauthorized port, such as the 2899 IDENT port (113). Thus, no email can be received from such 2900 hosts. There is some evidence that versions of Ultrix before 2901 4.3 do not have this problem. Thanks to Tom Ivar Helbekkmo 2902 for pointing out this behaviour to me and to Michael Corrigan 2903 of U.C. San Diego for informing me about the HPUX problem. 2904 Allow IPC mailers to return a colon-separated list of hosts in the 2905 $@ clause; these are searched in order as though they were 2906 MX records. 2907 When sending an error report, print the list of addresses tagged 2908 as bad. Requested by Allan E Johannesen of WPI. 2909 Change map function calls to return a status code. This gets 2910 passed back as the result of rewrite. Parseaddr marks 2911 the address as a QUEUEUP address if the return code is 2912 EX_TEMPFAIL. All this to queue properly if the name 2913 server is down. This code is not well tested. This code 2914 changes the interface to map lookup functions (a fifth 2915 parameter, int *statp, is added). Feature requested by 2916 Dan Oscarsson. 2917 Don't delete quotes (in the dequote map) if there are spaces in 2918 the string, since this would cause them to be replaced by 2919 the SpaceSub character. 2920 Accept BODY=8BITMIME on SMTP MAIL command. This isn't advertised 2921 because the 8BIT to 7BIT translation doesn't exist yet. 2922 This does add a "bodytype" field to both envelope and 2923 queue file and a -B command line flag to pass the type in 2924 during direct invocations. 2925 Discard return error messages only on responses to responses to 2926 responses, not on responses to responses. That is, the 2927 algorithm is to try return to sender, then return to 2928 postmaster, then discard. Previously it discarded 2929 immediately if the return to sender pass failed. 2930 CONFIG: back out change to hide unqualified hostnames behind %-hack. 2931 This screws up local aliases and .forward files. 2932 CONFIG: add FEATURE(nocanonify) to turn off calls to $[ ... $]; 2933 some sites only handle completely canonified names. 2934 Requested by John Gardiner Myers of CMU. 2935 CONFIG: some UUCP code was still included even if FEATURE(nouucp) 2936 was specified. 2937 29386.52/6.24 93/04/10 2939 Clean up some minor glitches on error return messages pointed out 2940 by Motonori Nakamura of Kyoto University. 2941 Fix reply() to not reset SmtpReplyBuffer on fatal errors; this 2942 was supposed to reset SmtpMsg Buffer. This makes the 2943 client side code virtually useless. Reported by Allan 2944 E Johannesen of WPI and Phil Brandenberger of Swarthmore. 2945 Better debug messages if fuzzy is disabled, suggested by Allan 2946 E Johannesen of WPI. 2947 Offset SmtpReplyBuffer by four in usersmtp when checking for 2948 loopback. From Eric Wassenaar. 2949 Don't set $s until after runinchild in srvrsmtp -- otherwise 2950 it gets cleared. From Eric Wassenaar. 2951 Implement IDA-style $&x for deferred macro expansion. 2952 More POSIX compatibility. 2953 CONFIG: Hide unqualified hostnames behind %-hack using $s as the 2954 actual sender. This is only done if $r is non-null, that 2955 is, if this is not locally submitted mail. 2956 CONFIG: Add FEATURE(bitdomain) allowing mapping of BITNET host 2957 names to internet domains. A program contributed by 2958 John Gardiner Myers of CMU to create the maps is included 2959 in the contrib directory (in the "misc" tar file). 2960 CONFIG: Add FEATURE(uucpdomain) for a similar mapping for UUCP 2961 hosts. There is currently no tool to create this map. 2962 29636.51/6.23 93/04/04 2964 Add D= mailer flag to specify a path of possible working directories 2965 in which to execute the mailer. This is intended for the 2966 prog mailer; some shells can get upset if they don't have 2967 access to the current directory. 2968 Add RFC 1413 (IDENT) protocol support. This is only very loosely 2969 tested. This adds a $_ macro to be the authenticated 2970 info (in ``user@domain [address]'' form) and debug flag 2971 9 to trace the protocol. 2972 Check for loopbacks in usersmtp instead of srvrsmtp -- there is no 2973 reason for a local agent to not be talking to the localhost 2974 (although the inverse is not true). 2975 Add a few hooks for automated map rebuilding. This is certainly 2976 not done yet. 2977 CONFIG: Have prog mailer specify a path of ``D=$z:/'' -- that is, 2978 user's home directory then the root. 2979 CONFIG: Log RFC 1413 identification in Received: line. 2980 29816.50/6.22 93/04/01 2982 Fixes to requeueing code to make it compute priority, nrcpts, 2983 and the like properly. 2984 29856.49/6.22 93/04/01 2986 Diagnose incorrect privacy flags. Suggested by Bryan Costales 2987 of ICSI. 2988 Some ANSI C fixes. 2989 Arrange to quote backslashes as well as other special characters 2990 in the phrase part of a route-addr. 2991 Some fixes to FallBackMX code suggested by Motonori Nakamura of 2992 Kyoto University. 2993 More vigorous zeroing of CurHostAddr to avoid logging of bogus 2994 host addresses when you are actually just printing 2995 information from the MCI structure; problem noted by 2996 Michael Corrigan of U.C. San Diego. 2997 Don't ignore rest of queue if any job is not runnable. This can 2998 also cause an incorrect job to be lost. Fix from 2999 Eric Wassenaar. 3000 Always respond "quickly" to RCPT command; do alias expansion and 3001 the like later. This also means that mail for lists that 3002 have errors will be acccepted, and an error sent back 3003 later. This is done by instantiating the queue file 3004 and then immediately running and requeueing it. 3005 30066.48/6.22 93/03/30 3007 Fix incorrect diagnosis of infinite loop in ruleset. Problem noted 3008 by several people. 3009 Improve information printed when infinite loops are discovered. 3010 Zero CurHostAddr to fix erroneous internet addresses in log when no 3011 addresses can be bound. Pointed out by Motonori Nakamura 3012 of Kyoto University. 3013 "Probe" SMTP connections using RSET instead of NOOP "just in case". 3014 Suggested by John Gardiner Myers of CMU. 3015 Don't warn about -f if you are setting sender to yourself. 3016 30176.47/6.22 93/03/29 3018 Fix incompatible call to endmailer in smtpquit which causes core 3019 dumps. Noted by Allan E Johannesen of WPI. 3020 HPUX portability changes from Michael J. Corrigan of UC San Diego. 3021 Require MAIL before RCPT command in srvrsmtp.c. This had been 3022 intentional from the 821 draft days when the order wasn't 3023 clear, but is silly now. 3024 Fix bug in nis_magic routine that was initializing parameters 3025 incorrectly. Fix from Takahiro Kanbe of Fuji Xerox 3026 Information Systems Co., Ltd. 3027 Change default for PrivacyFlags in conf.c to 0 -- since it always 3028 "or"s in new values, there was no way to turn off the 3029 AuthWarning stuff. 3030 Add O option to set SMTP daemon options. 3031 Add V option to set fallback MX host. This always sorts at lower 3032 priority than anything it gets from the name server. It 3033 should only be used for environments with very bad network 3034 connectivity. Requested by several people. 3035 Log sending info. It's not clear this is a good idea. 3036 CONFIG: fix typo in mailertable code. Noted by Phil Brandenberger 3037 of Swarthmore. 3038 CONFIG: add confDAEMON_OPTIONS and confFALLBACK_MX to set options 3039 O and V, respectively. 3040 30416.46/6.21 93/03/26 3042 Fix botch in server SMTP that broke transactions that did not 3043 use HELO first (like MH). Fix from Michael Corrigan 3044 of U.C. San Diego. 3045 Fall back to other MX records if there is an error anywhere 3046 in delivery (actually on MAIL or DATA -- RCPT is harder). 3047 Suggested by John Gardiner Myers and Motonori Nakamura. 3048 Revert to non-prototypes -- it turns out that our ANSI C 3049 compiler is more forgiving than most others about 3050 mixing prototyped extern declarations with non-prototyped 3051 function definitions. 3052 Fix a problem with multi-word class matching pointed out by 3053 Neil Rickert. Given: 3054 CX b a.b.c 3055 R$+ $=X $+ $: $1 < $2 > $3 3056 the input "user@a.b.c" failed instead of being properly 3057 rewritten as "user@a.<b>.c". 3058 Neil also convinced me that it was correct that $~ should match 3059 only one token -- the problem is that it's always possible 3060 to add another token, so $~ matches far too eagerly. 3061 30626.45/6.21 93/03/25 3063 Implement multi-word classes (properly!). 3064 30656.44/6.21 93/03/25 3066 Add X-Authentication-Warning: headers to clue users into possible 3067 attempts to forge mail. This is on the authwarnings 3068 privacy flag, but is the default. Suggested by Bryan 3069 Costales of ICSI. 3070 Pass default units for convtime in so they can be more reasonable. 3071 Allow config files to always add a new Comments: header (i.e., 3072 they will be added even if an old one already exists). 3073 Suggested by Bryan Costales of ICSI. 3074 Allow config files to delete an existing Return-Path: header. 3075 These should only be added at final delivery. Suggested 3076 by Bryan Costales of ICSI. 3077 Some debugging additions. Suggested by Bryan Costales of ICSI. 3078 Clean up logging of Family 0 addresses. Noted by David Muir 3079 Sharnoff and others. 3080 Add a "dequote" map class. This allows config files to strip 3081 quotes off of addresses. Note that this is not a builtin 3082 map, just a class -- so you have to define the map 3083 using the K line. 3084 Fix a bug in the queueup() loop getting a locked tf where in 3085 very odd cases it can fall off the bottom and core dump. 3086 Of course, it was P{r Emanuelsson who found it.... 3087 Open a new transcript when splitting an envelope. Problem found 3088 by Allan E Johannesen of WPI. 3089 Improved error output in endmailer if the mailer core dumps. 3090 CONFIG: Fix typo in UUCP mailer definition. 3091 CONFIG: Default several of the new options on: eight bit input, 3092 privacy flags set to "authwarnings", and message warning 3093 set to 4h. 3094 CONFIG: Use dequote map. 3095 30966.43/6.20 93/03/23 3097 Fix problem with assumption of an sa_len field in a generic 3098 sockaddr -- it turns out that most vendors haven't 3099 picked up this (very important) fix. 3100 Change compilation flags for daemon code -- select one or both 3101 of NETINET or NETISO, but don't ever set DAEMON manually. 3102 CONFIG: add FEATURE(mailertable) to do IDA-style mailertables. 3103 31046.42/6.19 93/03/19 3105 Use Postmaster as default fallback return address, not root. 3106 POSIX changes for file descriptor handling. 3107 Diagnose errors writing new queue file. 3108 If you change the owner using an owner- alias, also change the 3109 error mode to EM_MAIL so that errors don't get dropped 3110 into an inappropriate directory. Problem noted by 3111 Allan E Johannesen of WPI. 3112 If you are su'ed to root, send email as who you really are, not 3113 as root. From Brian Kantor of U.C. San Diego. 3114 Allow warning messages to be sent after a configurable interval 3115 has passed without delivery. The message is sent only 3116 once per envelope. This changes the format of the qf 3117 file to have an F line, and the format of the T option 3118 to accept take the format "return/warn" (both intervals). 3119 Don't force all local names to lower case -- this was left over 3120 from the wierd handling of case mapping on aliases. It 3121 is now driven (as expected) by the "u" mailer flag. 3122 Problem noted by P{r Emanuelsson. 3123 Fix problem that caused headers on returned email to be trashed; 3124 they were getting freed, but are still accessible via 3125 BlankEnvelope. 3126 Fix problem that caused bogus ids to be created on returned 3127 mail. 3128 Add support for ISO and other non-INET networking. This is by 3129 no means finished yet. This does assume a lot of other 3130 system support, like a version of gethostbyname that 3131 returns non-AF_INET addresses. 3132 CONFIG: change default on prog mailer to keep upper case in 3133 user names (i.e., in the program command line). 3134 CONFIG: strip trailing dots off of hosts in uucp mailer before 3135 convert to bang format. 3136 CONFIG: create new "relay" mailer for $R (LOCAL_RELAY) and $H 3137 (MAIL_HUB) delivery that doesn't add local domain. Note 3138 that this violates 821, but is probably "more correct" 3139 for what we are trying to do. Problem pointed out by 3140 Michael Graff of Iowa State. 3141 31426.41/6.18 93/03/18 3143 Clean up unnecessary creates of queue ids (i.e., empty qf files) 3144 when not needed, such as when starting up an SMTP 3145 connection. 3146 Fix problem where split envelopes aren't instantiated in the queue. 3147 This is quite a serious bug. 3148 Owner- aliases had problems with leading spaces causing a 3149 premature delimitation. 3150 31516.40/6.18 93/03/18 3152 Have ending 250 (after DATA) include the id; suggested by 3153 Brian Kantor of UC San Diego. 3154 Add logging on envelope splitting. 3155 Change queue ids to have one more letter encoding the hour of 3156 the day so that during a single day there is a greater 3157 likelihood of uniqueness; requested by Brian Kantor. 3158 31596.39/6.18 93/03/18 3160 Fix minor compile problem if LOCKF is defined. 3161 Define size of tobuf in conf.h. Observed by Toshinari Takahashi 3162 of Toshiba. 3163 Restore e_sender -- this is equivalent to e_from.q_paddr without 3164 decorations such as angle brackets and comments. 3165 OSF/1 on Alpha changes from Allan E Johannesen of WPI. 3166 CONFIG: fix typo in S3 for list syntax (;: => :;). Thanks to 3167 Christopher Hoover for noting the problem. 3168 31696.38/6.17 93/03/17 3170 Pass envelope to disconnect to avoid another use of CurEnv, which 3171 can apparently end up being null at inopportune times. 3172 Log "received from" as "relay=" for consistency (suggested by 3173 John Gardiner Myers). 3174 Fix major bug in header handling: if no From: line existed in 3175 the header (so sendmail inserts one), and the sender is 3176 an alias that has an owner, the From: line shows the 3177 owner (as well as the envelope). Fixed by early binding 3178 the headers (which will change debugging output). 3179 HPUX portability patches from Michael J. Corrigan of UC San Diego. 3180 Some attempts to adapt better to out of open file conditions. 3181 Some changes to ctladdr handling in queue files. 3182 31836.37/6.17 93/03/16 3184 MAJOR CHANGE: delete e_sender and e_returnpath (why are these 3185 different from e_from?) and $< macro. 3186 Log correct IP address in relay= field even if the connection 3187 times out. 3188 Log "received from [RESPONSE]" on EF_RESPONSE messages (from 3189 John Gardiner Myers). 3190 Fixes to SysExMsg logging (sometimes just got "message: %s" 3191 instead of "message: error message"), noted by Eric 3192 Wassenaar. Also reported by Motonori Nakamura. 3193 Improvements to MX piggybacking code, from Motonori Nakamura. 3194 Fix case where CurHostName points to an auto variable that has 3195 been deallocated (from Motonori Nakamura). 3196 Fix bug causing newlines to be included in aliases if option 3197 "n" (check alias RHS) is set; bug noted by David Muir 3198 Sharnoff. 3199 Fix problem causing user names that should be mapped to lower 3200 case to not be mapped if they are sent during a queue 3201 run. This greatly simplifies the case mapping code. 3202 Problem noted by Allan E Johannesen of WPI. 3203 Don't do recipient address rewriting in buildaddr. This 3204 improperly did recipient rewriting on sender addresses, 3205 and just seems bogus in general -- but the change could 3206 break some .cf files. 3207 Pass TZ envariable to child processes for System V. 3208 CONFIG: allow LOCAL_RULE_1 and LOCAL_RULE_2 if you want to 3209 define those rulesets. 3210 KNOWN PROBLEM: I have seen some problems on SunOS that causes 3211 the User Data Base to give errors on some addresses. I 3212 have tracked the problem back at least as far as 93.02.15 3213 (version 6.22). Running with debugging on makes it 3214 go away, so I conclude that it is referencing uninitialized 3215 stack data. I haven't been able to track this down yet. 3216 32176.36/6.16 93/03/08 3218 Allow local mailer to specify $@host -- this lets you assign the 3219 "foo" part of jgm+foo to $h for passing in to the local 3220 mailer. 3221 Additional debug printing in getcanonname (show query type). 3222 Don't add the e_fromdomain on sender addresses -- this interacts 3223 wierdly with the owner- code. 3224 Improve delivery logging to not log obvious or meaningless stuff. 3225 Include numeric IP address in Received: lines per RFC 1123 section 3226 5.2.8. 3227 Fixed a bug in checking stat() return value if restrictmailq is 3228 set. Also, check the entire group set instead of just the 3229 primary group. Both from John Gardiner Myers. 3230 Don't have usrerr automatically print errno, since this is often 3231 misleading. 3232 Use transienterror() in makeconnection after connect() fails and 3233 in openmailer after execve() fails (from Eric Wassenaar). 3234 Also moved transienterror() from util.c to conf.c. 3235 Clean up from= logging on response messages. 3236 Undo patch allowing prescan to return a null vector -- it breaks 3237 too many things. 3238 Config: FEATURE(notsticky) lets you use UDB for everything coming 3239 in to the machine, even if it is specifically targetted 3240 to this machine. Without it, UDB is bypassed if the user 3241 name is fully qualified. 3242 Config: fix another minor botch with <> (local mailer wasn't 3243 mapping them properly). 3244 32456.35/6.15 93/03/05 3246 Fix getrealhostname to return null if sinlen <= 0 -- this can 3247 occur if stdin is a pipe. 3248 Avoid infinite loop in getcanonname if name server return 3249 NO_DATA (for example). 3250 Config: avoid having C flag qualify list syntax and error syntax. 3251 32526.34/6.14 93/03/05 3253 Fix logging in deliver to not pass too many parameters to Ultrix 3254 versions of syslog. 3255 Don't write the pid file until after the daemon has actually 3256 opened and conditioned the connection. 3257 Consider addresses "different" if their q_uids differ (so that 3258 two users forwarding to the same program will be seen 3259 as different, rather than the same). 3260 Fix problem with bad parameters in main() -- they set ExitStat 3261 but don't exit. 3262 Fix null pointer references through RealHostName -- painfully 3263 discovered by Allan E Johannesen of WPI. 3264 Fix bug causing user@@localhost to core dump (yuch). 3265 Config: don't put two @host.dom.ain on users in $=E in SMTP 3266 mailer. Also, catch user@ (no host) in ruleset 0. 3267 32686.33/6.13 93/03/03 3269 Config: add confCW_FILE as the name of the cw configuration file 3270 (defaults to /etc/sendmail.cw). From P{r Emanuelsson. 3271 Allow prescan to return a pointer to an empty list -- this is 3272 not an error. Also, clean up error reporting to avoid 3273 double errors (prescan reports once, then the caller 3274 reports again). 3275 Changes to avoid trusting T_ANY queries -- run them, but if you 3276 don't get the info you expected, do T_A and T_MX queries 3277 anyhow. This also fixes an oversight where _res.options 3278 bits were being ignored. 3279 If PRIV_NOVRFY is set, use 252 response code instead of 502 per 3280 RFC 1123 section 5.2.3. It's not 100% clear that this 3281 is correct, but it probably works better with stupid 3282 mailers that do a VRFY and only check the first digit. 3283 32846.32/6.12 93/03/02 3285 Fix uninitialized variable "protocol" in smtp code. 3286 Include <unistd.h> in sendmail.h -- move towards POSIX/ANSI. 3287 Additional hooks for RFC 1427 (ESMTP SIZE extension). This 3288 includes requiring that enoughspace() know the system 3289 block size, which will undoubtedly break most ports. 3290 Trace flag 19 in use for srvrsmtp.c. 3291 Additional logging -- notably the sending mailer name. This 3292 also changes the delivery logging to strict field=value 3293 syntax. 3294 Fix some problems with messages getting sent even to addresses 3295 that had been marked bad -- from Eric Wassenaar. 3296 More WIDE changes: accept host name inside [...] as non-MXed 3297 host. This is intended ONLY for use inside firewalled 3298 environments, where the MX points at the gateway. 3299 Change .cf file conventions so that mapping for <> addresses 3300 don't have an @ in them (to avoid confusing the C mailer 3301 flag). Pointed out by Neil Rickert. 3302 Config extensions for Sam Leffler's FlexFAX software. 3303 33046.31/6.10 93/02/28 3305 Fix some more bugs in alias owner code -- there were some wierd 3306 cases where an error in a non-aliased name would override 3307 the return info in an aliased name with an owner. 3308 Changes from WIDE Project, forwarded to me by Motonori Nakamura: 3309 Log actual delivery host (after MX et al); from 3310 yasuhiro@dcl.co.jp. 3311 Log daemon startup. 3312 Deliver Postmaster copies without a body. 3313 Better logging of SMTP senders. 3314 Send all program email as daemon even when local. 3315 As requested in various forms from many people, accept -qIstring 3316 to limit queue runs to jobs with queue-id matching string. 3317 Similarly for -qRstring for recipients, -qSstring for 3318 senders. 3319 Initial hooks for ESMTP support (see RFC 1425). 3320 Fixed a syntax error in the UUCP mailer specification that caused 3321 core dumps on startup. 3322 Check for missing A= or P= arguments in mailer definitions. 3323 33246.30/6.10 93/02/27 3325 Require FROZENCONFIG compilation flag to include frozen 3326 configuration code. Frozen configuration is really 3327 not a very good idea any more, particularly in shared 3328 library environments. 3329 Do better checking of errno after opens of :include: and .forward 3330 files to defer delivery on network and other transient 3331 errors. Suggestion from Craig Everhart. 3332 Fix minor botch in read timeout macro processing. 3333 Add FEATURE(nouucp) to config files for sites that know absolutely 3334 nothing about UUCP. 3335 Add built cf files to distribution tape and clarify how to build 3336 them if you don't have the Berkeley make. 3337 Some sizeof(long) portability changes for the Alpha, from Allan 3338 E Johannesen. 3339 Add "restrictmailq" privacy flag -- if set, only people in the same 3340 group as your queue directory can print the queue. If you 3341 set this, be sure you also restrict access to log files.... 3342 Fix another bug in owner-list stuff that can cause data files to 3343 be "lost". 3344 Fix a bug with queue runs that cause forwards to yourself to go 3345 into alias/forwarding loops. I'm still iffy about this 3346 fix. 3347 Fix from Eric Wassenaar for suppression of return message code. 3348 33496.29/6.9 93/02/24 3350 Fix yet another problem in alias owner code -- put the wrong return 3351 address on the enclosed return-to-sender letter. 3352 33536.28/6.9 93/02/24 3354 Fix botch in alias owner code that caused it to not operate if the 3355 error was detected locally. 3356 33576.27/6.9 93/02/24 3358 M_LOCAL => M_LOCALMAILER to avoid conflict with Ultrix include 3359 file <sys/mount.h>. 3360 Miscellaneous bug fixes from Eric Wassenaar: 3361 sendmail -bv -t logs the from line even though in verify 3362 mode only. 3363 sendmail -v can go into queue mode if shouldqueue returns 3364 TRUE. 3365 Add route-addr pruning per RFC 1123 section 5.3.3. This can be 3366 disabled using the "R" option. 3367 Delete (always undocumented) -R flag (save original recipients); 3368 there are ways to syslog(3) these now. 3369 Clean up SMTP reply codes -- specify them as needed in the code, 3370 instead of in conf.c -- this was needed during the NCP to 3371 TCP transition, but seems silly now. This also changes 3372 parameters to message and nmessage. 3373 Have mailstats read the .cf file to find the sendmail.st file and 3374 get text versions of mailer names. An initial version of 3375 this code was provided by Tuominen Keijo (although the 3376 comments indicate the good bits were written by "E.V."). 3377 Add yet more System V compatibility hacks. 3378 Fix bug in VRFY code (assumes everything must be a local user). 3379 Allow specification of any of the hard-wired pathnames in the 3380 Makefile. 3381 Delete concept of "trusted users" -- this really didn't provide 3382 any security anyway, and caused some problems. 3383 Delete last vestige of support for the word "at" as an equivalent 3384 to the character "@". 3385 Propagate owner-foo alias information into the envelope sender. 3386 Based on code from John Gardiner Myers. This is a major 3387 semantic change -- beware! 3388 Allow $@ on LHS to indicate "match zero" -- this is used to match 3389 the null expression. 3390 33916.26/6.8 93/02/21 3392 Don't "lose" queue runs. Very important fix from (who else?) 3393 Eric Wassenaar. 3394 Completely reset state on RSET command -- from Eric Wassenaar. 3395 Send error messages and return receipts using an envelope sender 3396 of <> regardless of the setting of $n. Rewriting rules 3397 can undo this if they feel the necessity, as might be 3398 needed for networks that don't understand the syntax. 3399 This is permitted by RFC 821 section 3.6 and required by 3400 RFC 1123 section 5.3.3. THIS REQUIRES VERSION 4 CONFIG 3401 FILES because the rulesets must be able to parse <> 3402 properly. 3403 Don't ever send error messages to "<>" -- they will get sent to 3404 the local postmaster or dumped in /usr/tmp/dead.letter 3405 instead. Per RFC 1123 section 5.3.3. 3406 Explicitly check for email to yourself as a dotted quad. You 3407 have to call $[ [ ... ] $] to get this. 3408 Up the message timeout to five days per RFC 1123 section 5.3.1.1. 3409 Make all read timeouts individually configurable, as strongly 3410 recommended by RFC 1123 section 5.3.2. 3411 Use f_bavail (blocks available to regular users) instead of f_bfree 3412 (blocks available to superuser) in free block checks. 3413 Change $d macro to be the current time, not the origination time, 3414 since this is consistent with how it is used now. 3415 Generalization of enoughspace from Eric Wassenaar covering 3416 SGI, Apollo, HPUX, Ultrix, and SunOS. 3417 Ignore process group signals -- some front ends can do this if 3418 you kill a window too quickly. From Eric Wassenaar. 3419 Change umask to 022. 3420 34216.25/6.8 93/02/20 3422 Close all cached connections before calling mailers and after 3423 forking for delivery (caused double closes which resulted 3424 in false errors). 3425 Add FEATURE(redirect) in config files -- this allows you to alias 3426 old addresses to a pointer to the new address that will 3427 give a 551 error message, but not deliver the mail. 3428 Some code changes to make the 551 errors look pretty. 3429 Names of M4 program paths in config files have changed -- they 3430 are all XXX_MAILER_PATH now, to match XXX_MAILER_FLAGS. 3431 Fix a bug in the QSELFREF code having to do with empty .forward 3432 files, reported by Eric Wassenaar. 3433 Add option "p" (privacy flags); this allows you to tune how 3434 picky the SMTP server will be. This also adds the 3435 confPRIVACY_FLAGS M4 macro in the config files. 3436 Add option "b" (minimum blocks free). If there are fewer than 3437 this number of blocks free on the filesystem containing 3438 the queue directory, the SMTP MAIL command will return 3439 a 452 response and ask you to try again later. This 3440 also adds the confMIN_FREE_BLOCKS M4 macro in the config 3441 files. 3442 Made VRFY just verify (doesn't expand aliases and .forward files); 3443 EXPN does full expansion. RCPT in queue-only mode also 3444 doesn't chase aliases and .forward. 3445 34466.24/6.7 93/02/19 3447 Increase the number of domain search entries in domain.c to allow 3448 for the extra "" entry indicating the root domain. 3449 Reported by Motonori Nakamura of Kyoto U. 3450 Add a "SMART_HOST" in the configs for UUCP-connected sites that 3451 want to forward all mail with extra "@"s to that site. 3452 Also allows SMART_HOST, LOCAL_RELAY, and MAIL_HUB to 3453 be specified as ``mailer:hostname'' to use an alternate 3454 mailer. 3455 Clarified and updated some wording in the Operations Guide. 3456 Add the "c" mailer flag -- this suppresses all comment parts of 3457 addresses (requested by John Curran of NEARnet). 3458 Have -v print prompts in -bt mode even if stdin is not a terminal 3459 (default behaviour is to be silent if not reading from 3460 a terminal). Suggested by Bryan Costales, ICSI. 3461 Move the metacharacters from C0 space (\001-\037) into C1 space 3462 (\201-\237). This also fixes a bunch of potential bugs 3463 with G1 characters (\240-\276) in headers relating to 3464 negative numbers passed to isspace() et al. 3465 Add YP_LAST_MODIFIED and YP_MASTER_NAME to DBM version of alias 3466 database if YPCOMPAT is #defined. Enhancement from 3467 Takahiro Kanbe of Fuji Xerox Information Systems Co., Ltd. 3468 Add "list" Precedence (-30); this can be used with old sendmails 3469 which will map to precedence 0 (which will return error 3470 messages). Suggested by Stephen R. van den Berg. 3471 Many bug fixes from Eric Wassenaar of the National Institute for 3472 Nuclear and High-Energy Physics, Amsterdam: 3473 Clear timeouts properly on open failures in include(). 3474 Don't dereference through NULL if no home directory found. 3475 Re-establish SIGCHLD signal on System 5 in reapchild(). 3476 Avoid NULL pointer reference on -pFOO flag. 3477 Properly handle backslash escapes in comments. 3478 Correctly check reply status on SMTP NOOP command. 3479 Properly save SMTP error message if peer gives 3480 "Service Shutting Down" message. 3481 Avoid writing to the transcript if it couldn't be opened. 3482 Signal errors in SMTP children to parent properly. 3483 Handle self references in a list more globally (include a 3484 QSELFREF bit in the address flags). This enhancement 3485 was suggested by Eric Wassenaar. 3486 Use initgroups() in hpux, even though it's System-V based. The 3487 HASINITGROUPS compile flag can set this on other systems. 3488 This HPUX behaviour was pointed out by Eric Wassenaar. 3489 34906.23/6.6 93/02/16 3491 Clean up handling of LogLevel to make it easier to figure out 3492 what's on what level. 3493 Change log levels to have some consistency: 3494 1 serious system failures, security problems 3495 2 lost communications, protocol failures 3496 3 other serious failures 3497 4 minor errors 3498 5 message collection 3499 6 vrfy logging, creation of return-to-sender 3500 7 delivery failures 3501 8 delivery successes 3502 9 delivery tempfails (queue ups) 3503 10 database expansion 3504 >64 debugging 3505 Allow IDA-style separated processing on S= and R= in Mailer 3506 definition lines. Note that rulesets 1 and 2 are 3507 still used for both addresses as before. Bruce Lilly 3508 gave a convincing argument that RFC976 insists on 3509 this behaviour. 3510 Added some time zones to arpatounix -- they may not be in the 3511 standards, but they are in use. However, I may delete 3512 arpatounix entirely -- there appears to be no reason 3513 for it to exist. 3514 Change to UUCP mailer (in cf directory) to try to do a saner job. 3515 I'm still not certain about this mailer in general. 3516 35176.22/6.5 93/02/15 3518 Fix bug that prevents saving letters in ~/dead.letter. 3519 Don't add angle brackets in VRFY command if angle brackets already 3520 exist in the address. 3521 Fix bogus error message in udbexpand. 3522 Null terminate host buffers in buildaddr (broken in 6.21) -- 3523 IMPORTANT FIX!! 3524 35256.21/6.5 93/02/15 3526 Fix another incorrect error message in alias.c, found by Azuma 3527 Okamoto. 3528 Fix a couple of problems in the more-configurable config files, 3529 found by Tom Ivar Helbekkmo. 3530 Fix problem with quoted :include: entries. 3531 Don't duplicate the filename on verbose printing of .forward and 3532 :include: contents. 3533 Extend size of prescan buffer (to allow bigger addresses). Also, 3534 detect some buffer overflows. 3535 Log user SMTP protocol errors (log level 4). 3536 35376.20/6.4 93/02/14 3538 Fix another problem in the MCI state machine caused when there 3539 were errors generated from the other end to commands 3540 other than RCPT. 3541 35426.19/6.4 93/02/14 3543 Include load average support for DEC Alpha running OSF/1. 3544 Fix multiple-response problem with errors in MAIL From: line. 3545 Fix SMTP reply codes for invalid address syntaxes (give 501; 3546 never give multiple error messages for a single message). 3547 Fix problem where a cached connection timeout rejects all 3548 later connects to that host. 3549 Fix incorrect error message if alias.c is compiled with DBM only. 3550 Additional changes to fix nested conditionals (from Bruce Lilly). 3551 Recover more gracefully from operating system failures, particularly 3552 NULL returns from openmailer (from Noritoshi Demizu, 3553 OMRON Corporation). 3554 Log forward, alias, and userdb expand operations on log level 10; 3555 concept suggested by P{r (Pell) Emanuelsson. 3556 Changes for HPUX 8.07 compatibility. 3557 35586.18/6.4 93/02/12 3559 Allow any config option to be set using an M4 define. 3560 Change UNAME compile flag to HASUNAME for IDA compatibility 3561 (besides, it's a better name). 3562 Note in README that on SunOS it must be linked -Bstatic. 3563 Fairly major change in domain.c to handle wildcard MX records 3564 more rationally. NOTE: the "w" option (no wildcard MX 3565 records match local domain) has been eliminated. 3566 Fix some unset variable references pointed out by Bruce Lilly. 3567 Fix host name in process titles when using cached connection. 3568 35696.17/6.3 93/01/28 3570 Fix System 5 compatibility changes to be compatible with the rest 3571 of the world. 3572 35736.16/6.3 93/01/28 3574 Experimental fix for problem handling errors in the SMTP 3575 protocol in conjunction with connection caching. 3576 System 5 compatibility changes. 3577 35786.15/6.3 93/01/26 3579 Fix a bug that causes local mail delivered using -odq to be 3580 eliminated as a duplicate (because it matched the 3581 ctladdr, now passed in as a C line). These changes 3582 are pretty tricky...... 3583 35846.14/6.3 93/01/25 3585 Add debugging for some MCI errors. 3586 35876.13/6.3 93/01/22 3588 Fix -e compatibility flag to take a value. 3589 Fix a couple of minor compilation warnings on Sun cc. 3590 Improve error messages in a few cases to be more self-explanatory. 3591 35926.12/6.3 93/01/21 3593 Fix yet-another problem with environment handling, pointed out 3594 by Yoshitaka Tokugawa and Tom Ivar Helbekkmo. 3595 Some heuristics to try to limit resource exhaustion problems 3596 if a downstream host has been down for a long time. 3597 Fix problem with incorrect host name being logged in "Connection 3598 timed out" messages (from Tom Ivar Helbekkmo). 3599 Fix some ANSI C problems (from Takahiro Kanbe). 3600 Properly log message sender on returned mail during queue run. 3601 Count number of recipients properly. 3602 Fix a problem in yp map code. 3603 Diagnose "message timed out" (from Motonori Nakamura). 3604 36056.11/6.3 93/01/20 3606 Fix problem with address delimitor inside quotes. 3607 Define $k and $=k to be the UUCP name (from the uname call) 3608 based on code from Bruce Lilly. 3609 36106.10/6.2 93/01/18 3611 Implement arpatounix (largely code from Bruce Lilly). 3612 Log more info (suggested by John Myers). 3613 Allow nested $?...$|...$. (inspired by code from Bruce Lilly of 3614 Sony US). 3615 POSIX compatibility (noted by Keith Bostic). 3616 Handle SMTP MAIL command errors properly (urged by several people, 3617 notably John Myers of CMU). 3618 Do early diagnosis of .cf errors (notably referencing a RHS 3619 substitution that isn't on the LHS). 3620 Adjust checkpointing to better handle batched recipients, suggested 3621 by John Myers. 3622 Fix miscellaneous bugs. 3623 (config files:) Implement MAIL_HUB for all local mail (to handle 3624 NFS-mounted directories) as urged by Tom Ivar Helbekkmo 3625 of the Norwegian School of Economics. 3626 36276.9/6.1 93/01/13 3628 Environment handling simplification/bug fix -- child processes 3629 get a minimal, fixed environment. This avoids different 3630 behaviour in queue runs. 3631 Handle commas inside comments properly. 3632 Properly limit large messages submitted in -obq mode. 3633 36346.8/6.1 93/01/10 3635 Check mtime of thaw file against .cf and sendmail binary, based on 3636 code from John Myers. 3637 36386.7/6.1 93/01/10 3639 MX piggybacking, based on code from John Myers@CMU. 3640 Allow checkcompat to return -1 to mean tempfail. 3641 Bug fix in m_mno computation. 3642 36436.6/6.1 93/01/09 3644 Tuning of queueing functions as recommended by John Gardiner Myers. 3645 Return mail headers (no body) on messages with negative precedence. 3646 Minor other bug fixes. 3647 36486.5/6.1 93/01/03 3649 Fix botch causing queued headers to have ?XX? prefixes. 3650 36516.4/6.1 93/01/02 3652 Changes to recognize special mailer types (e.g., file) early. 3653 36546.3/6.1 93/01/01 3655 Pass timeouts to sfgets. 3656 Check for control characters in addresses. 3657 Fixed deferred error reporting. 3658 Report duplicate aliases. 3659 Handle mixed case recursive aliases. 3660 Misc bug fixes. 3661 36626.2/6.1 92/12/30 3663 Put return-receipt-to on a conf.c flag (but don't set it). 3664 Fix minor syslog problem. 3665