1 SENDMAIL RELEASE NOTES 2 @(#)RELEASE_NOTES 8.7.Beta (Berkeley) 06/11/95 3 4This listing shows the version of the sendmail binary, the version 5of the sendmail configuration files, the date of release, and a 6summary of the changes in that release. 7 88.7/8.7 95/xx/xx CURRENTLY IN BETA PRERELEASE!!! 9 Fix a problem that could cause sendmail to run out of file 10 descriptors due to a trashed data structure after a 11 vfork. Fix from Brian Coan of the Institute for 12 Global Communications. 13 Change the VRFY response if you have disabled VRFY -- some 14 people seemed to think that it was too rude. 15 Avoid reference to uninitialized file descriptor if HASFLOCK 16 was not defined. This was used "safely" in the sense 17 that it only did a stat, but it would have set the 18 map modification time improperly. Problem pointed out 19 by Roy Mongiovi of Georgia Tech. 20 Clean up the Subject: line on warning messages and return 21 receipts so that they don't say "Returned mail:"; this 22 can be confusing. 23 Move ruleset entry/exit debugging from 21.2 to 21.1 -- this is 24 useful enough to make it worthwhile printing on "-d". 25 Avoid logging alias statistics every time you read the alias 26 file on systems with no database method compiled in. 27 If you have a name with a trailing dot, and you try looking it 28 up using gethostbyname without the dot (for /etc/hosts 29 compatibility), be sure to turn off RES_DEFNAMES and 30 RES_DNSRCH to avoid finding the wrong name accidently. 31 Problem noted by Charles Amos of the University of 32 Maryland. 33 Don't do timeouts in collect if you are not running SMTP. 34 There is nothing that says you can't have a long 35 running program piped into sendmail (possibly via 36 /bin/mail, which just execs sendmail). Problem reported 37 by Don "Truck" Lewis of Silicon Systems. 38 Try gethostbyname() even if the DNS lookup fails iff option I 39 is not set. This allows you to have hosts listed in 40 NIS or /etc/hosts that are not known to DNS. It's normally 41 a bad idea, but can be useful on firewall machines. This 42 should really be broken out on a separate flag, I suppose. 43 Avoid compile warnings against BIND 4.9.3, which uses function 44 prototypes. From Don Lewis of Silicon Systems. 45 Avoid possible incorrect diagnosis of DNS-related errors caused 46 by things like attempts to resolve uucp names using 47 $[ ... $] -- the fix is to clear h_errno at appropriate 48 times. From Kyle Jones of UUNET. 49 SECURITY: avoid denial-of-service attacks possible by destroying 50 the alias database file by setting resource limits low. 51 This involves adding two new compile-time options: 52 HASSETRLIMIT (indicating that setrlimit(2) support is 53 available) and HASULIMIT (indicating that ulimit(2) support 54 is available -- the Release 3 form is used). The former 55 is assumed on BSD-based systems, the latter on System 56 V-based systems. Attack noted by Phil Brandenberger of 57 Swarthmore University. 58 New syntaxes in test (-bt) mode: 59 ``.Dmvalue'' will define macro "m" to "value". 60 ``.Ccvalue'' will add "value" to class "c". 61 ``.Sruleset'' will dump the contents of the indicated 62 ruleset. 63 ``-ddebug-spec'' is equivalent to the command-line 64 -d debug flag. 65 ``$m'' will print the value of macro "m". 66 ``/mx host'' returns the MX records for ``host''. 67 ``/try address'' will parse address, returning the value of 68 crackaddr (essentially, the comment information) 69 and the parsed address (the same as -bv). 70 Somewhat better handling of UNIX-domain socket addresses -- it 71 should show the pathname rather than hex bytes. 72 Restore ``-ba'' mode -- this reads a file from stdin and parses 73 the header for envelope sender information and uses 74 CR-LF as message terminators. It was thought to be 75 obsolete (used only for Arpanet NCP protocols), but it 76 turns out that the UK ``Grey Book'' protocols require 77 that functionality. 78 Fix a fix in previous release -- if gethostname and gethostbyname 79 return a name without dots, and if a DNS lookup of that 80 name fails, wait one minute and try again even if DNS 81 not specified in the config file -- the problem is that 82 this code is executed before the config file is read. 83 This can result in an extra 60 second delay on startup 84 if (1) you have DNS compiled in, (2) you are not running 85 DNS, (3) your system hostname (as returned by hostname(1)) 86 has no dot, AND (4) the canonical name listed in /etc/hosts 87 or your NIS map has no dot. 88 Check for proper domain name on HELO and EHLO commands per 89 RFC 1123 section 5.2.5. Problem noted by Thomas Dwyer III 90 of Michigan Technological University. 91 Relax chownsafe rules slightly -- old version said that if you 92 can't tell if _POSIX_CHOWN_RESTRICTED is set (that is, 93 if fpathconf returned EINVAL or ENOSYS), assume that 94 chown is not safe. The new version falls back to whether 95 you are on a BSD system or not. This is important for 96 SunOS, which apparently always returns one of those 97 error codes. This impacts whether you can mail to files 98 or not. 99 Syntax errors such as unbalanced parentheses in the configuration 100 file could be omitted if you had "Oem" prior to the 101 syntax error in the config file. Change to always print 102 the error message. It was especially wierd because it 103 would cause a "warning" message to be sent to the Postmaster 104 for every message sent (but with no transcript). Problem 105 noted by Gregory Paris of Motorola. 106 Rewrite collect and putbody to handle full 8-bit data, including 107 zero bytes. These changes are internally extensive, but 108 should have minimal impact on external function. 109 Allow full words for option names -- if the option letter is 110 (apparently) a space, then take the word following -- e.g., 111 O MatchGECOS=TRUE 112 The full list of old and new names is as follows: 113 7 SevenBitInput 114 8 EightBitMode 115 A AliasFile 116 a AliasWait 117 B BlankSub 118 b MinFreeBlocks/MaxMessageSize 119 C CheckpointInterval 120 c HoldExpensive 121 D AutoRebuildAliases 122 d DeliveryMode 123 E ErrorHeader 124 e ErrorMode 125 f SaveFromLine 126 F TempFileMode 127 G MatchGECOS 128 H HelpFile 129 h MaxHopCount 130 i IgnoreDots 131 I ResolverOptions 132 J ForwardPath 133 j SendMimeErrors 134 k ConnectionCacheSize 135 K ConnectionCacheTimeout 136 L LogLevel 137 l UseErrorsTo 138 m MeToo 139 n CheckAliases 140 O DaemonPortOptions 141 o OldStyleHeaders 142 P PostmasterCopy 143 p PrivacyOptions 144 Q QueueDirectory 145 q QueueFactor 146 R DontPruneRoutes 147 r, T Timeout 148 S StatusFile 149 s SuperSafe 150 t TimeZoneSpec 151 u DefaultUser 152 U UserDatabaseSpec 153 V FallbackMXhost 154 v Verbose 155 w TryNullMXList 156 x QueueLA 157 X RefuseLA 158 Y ForkEachJob 159 y RecipientFactor 160 z ClassFactor 161 Z RetryFactor 162 To avoid possible problems with an older sendmail, 163 configuration level 6 is accepted by this version of 164 sendmail; any config file using the new names should 165 specify "V6" in the configuration. 166 Change address parsing to properly note that a phrase before a 167 colon and a trailing semicolon are essentially the same 168 as text outside of angle brackets (i.e., sendmail should 169 treat them as comments). This is to handle the 170 ``group name: addr1, addr2, ..., addrN;'' syntax (it will 171 assume that ``group name:'' is a comment on the first 172 address and the ``;'' is a comment on the last address). 173 This requires config file support to get right. It does 174 understand that :: is NOT this syntax, and can be turned 175 off completely by setting the ColonOkInAddresses option. 176 Level 6 config files added with new mailer flags: 177 A Addresses are aliasable. 178 i Do udb rewriting on envelope as well as header 179 sender lines. Applies to the from address mailer 180 flags rather than the recipient mailer flags. 181 j Do udb rewriting on header recipient addresses. 182 Applies to the sender mailer flags rather than the 183 recipient mailer flags. 184 k Disable check for loops when doing HELO command. 185 o Always run as the mail recipient, even on local 186 delivery. 187 w Check for an /etc/passwd entry for this user. 188 5 Pass addresses through ruleset 5. 189 : Check for :include: on this address. 190 | Check for |program on this address. 191 / Check for /file on this address. 192 @ Look up sender header addresses in the user 193 database. Applies to the mailer flags for the 194 mailer corresponding to the envelope sender 195 address, rather than to recipient mailer flags. 196 Pre-level 6 configuration files set A, w, 5, :, |, /, and @ 197 on the "local" mailer, the o flag on the "prog" and "*file*" 198 mailers, and the ColonOkInAddresses option. 199 Eight-to-seven bit MIME conversions. This borrows ideas from 200 John Beck of Hewlett-Packard, who generously contributed 201 their implementation to me, which I then didn't use (see 202 mime.c for an explanation of why). This adds the 203 EightBitMode option (a.k.a. `8') and an F=8 mailer flag 204 to control handling of 8-bit data. These have to cope with 205 two types of 8-bit data: unlabelled 8-bit data (that is, 206 8-bit data that is entered without declaring it as 8-bit 207 MIME -- technically this is illegal according to the 208 specs) and labelled 8-bit data (that is, it was declared 209 as 8BITMIME in the ESMTP session or by using the 210 -B8BITMIME command line flag). If the F=8 mailer flag is 211 set then 8-bit data is sent to non-8BITMIME machines 212 instead of converting to 7 bit (essentially using 213 just-send-8 semantics). The values for EightBitMode are: 214 m convert unlabelled 8-bit input to 8BITMIME, and do 215 any necessary conversion of 8BITMIME to 7BIT 216 (essentially, the full MIME option). 217 p pass unlabelled 8-bit input, but convert labelled 218 8BITMIME input to 7BIT as required (default). 219 s strict adherence: reject unlabelled 8-bit input, 220 convert 8BITMIME to 7BIT as required. The F=8 221 flag is ignored. 222 Unlabelled 8-bit data is rejected in mode `s' regardless of 223 the setting of F=8. 224 Add new internal class 'n', which is the set of MIME Content-Types 225 which can not be 8 to 7 bit encoded because of other 226 considerations. Types "multipart/*" and "message/*" are 227 never directly encoded (although their components can be). 228 Add new internal class 'e'. This is the set of MIME 229 Content-Transfer-Encodings that can be converted to 230 a seven bit format (Quoted-Printable or Base64). It is 231 preinitialized to contain "7bit", "8bit", and "binary". 232 Add C=charset mailer parameter and the the DefaultCharSet option (no 233 short name) to set the default character set to use in the 234 Content-Type: header when doing encoding of an 8-bit message 235 which isn't marked as MIME into MIME format. If the C= 236 parameter is set on the Envelope From address, use that as 237 the default encoding; else use the DefaultCharSet option. 238 If neither is set, it defaults to "unknown-8bit" as 239 suggested by RFC 1428 section 3. 240 Allow ``U=user:group'' field in mailer definition to set a default 241 user and group that a mailer will be executed as. This 242 overrides the 'u' and 'g' options, and if the `F=S' flag is 243 also set, it is the uid/gid that will always be used (that 244 is, the controlling address is ignored). The values may be 245 numeric or symbolic; if only a symbolic user is given (no 246 group) that user's default group in the passwd file is used 247 as the group. Based on code donated by Chip Rosenthal of 248 Unicom. 249 Allow `u' option to also accept user:group as a value, in the same 250 fashion as the U= mailer option. 251 Add the symbolic time zone name in the Arpanet format dates (as 252 a comment). This adds a new compile-time configuration 253 flag: TZ_TYPE can be set to TZ_TM_NAME (use the value 254 of (struct tm *)->tm_name), TZ_TM_ZONE (use the value 255 of (struct tm *)->tm_zone), TZ_TZNAME (use extern char 256 *tzname[(struct tm *)->tm_isdst]), TZ_TIMEZONE (use 257 timezone()), or TZ_NONE (don't include the comment). Code 258 from Chip Rosenthal. 259 The "Timeout" option (formerly "r") is extended to allow suboptions. 260 For example, 261 O Timeout.helo = 2m 262 There are also two new suboptions "queuereturn" and 263 "queuewarn"; these subsume the old T option. Thus, to 264 set them both the preferred new syntax is 265 O Timeout.queuereturn = 5d 266 O Timeout.queuewarn = 4h 267 Sort queue by host name instead of by message priority if the 268 QueueSortOrder option (no short name) is set is set to 269 ``host''. This makes better use of the connection cache, 270 but may delay more ``interactive'' messages behind large 271 backlogs under some circumstances. This is probably a 272 good option if you have high speed links or don't do lots 273 of ``batch'' messages, but less good if you are using 274 something like PPP on a 14.4 modem. Based on code 275 contributed by Roy Mongiovi of Georgia Tech (my main 276 contribution was to make it configurable). 277 Save i-number of df file in qf file to simplify rebuilding of queue 278 after disasterous disk crash. Suggested by Kyle Jones of 279 UUNET; closely based on code from KJS DECWRL code written 280 by Paul Vixie. NOTA BENE: The qf files produced by 8.7 281 are NOT back compatible with 8.6 -- that is, you can convert 282 from 8.6 to 8.7, but not the other direction. 283 Add ``F=d'' mailer flag to disable all use of angle brackets in 284 route-addrs in envelopes; this is because in some cases 285 they can be sent to the shell, which interprets them as 286 I/O redirection. 287 Don't include error file (option E) with return-receipts; this 288 can be confusing. 289 Don't send "Warning: cannot send" messages to owner-* or 290 *-request addresses. Suggested by Christophe Wolfhugel 291 of the Institut Pasteur, Paris. 292 Allow -O command line flag to set long form options. 293 Add "MinQueueAge" option to set the minimum time between attempts 294 to run the queue. For example, if the queue interval 295 (-q value) is five minutes, but the minimum queue age 296 is fifteen minutes, jobs won't be tried more often than 297 once every fifteen minutes. This can be used to give 298 you more responsiveness if your delivery mode is set to 299 queue-only. 300 Allow "fileopen" timeout (default: 60 seconds) for opening 301 :include: and .forward files. 302 Add "-k", "-v", and "-z" flags to map definitions; these set the 303 key field name, the value field name, and the field 304 delimiter. The field delimiter can be a single character 305 or the sequence "\t" or "\n" for tab or newline. 306 These are for use by NIS+ and similar access methods. 307 Change maps to always strip quotes before lookups; the -q flag 308 turns off this behaviour. Suggested by Motonori Nakamura. 309 Add "nisplus" map class. Takes -k and -v flags to choose the 310 key and value field names respectively. Code donated by 311 Sun Microsystems. 312 Add "hesiod" map class. The "file name" is used as the 313 "HesiodNameType" parameter to hes_resolve(3). Returns the 314 first value found for the match. Code donated by Scott 315 Hutton of Indiana University. 316 Add "netinfo" (NeXT NetInfo) map class. Maps can have a -k flag to 317 specify the name of the property that is searched as the 318 key and a -v flag to specify the name of the property that 319 is returned as the value (defaults to "members"). The 320 default map is "/aliases". 321 Add "text" map class. This does slow, linear searches through 322 text files. The -z flag specifies a column delimiter 323 (defaults to any sequence of white space), the -k flag 324 sets the key column number, and the -v flag sets the 325 value column number. Lines beginning with `#' are treated 326 as comments. 327 Add "program" map class to execute arbitrary programs. The search 328 key is presented as the last argument; the output is one 329 line read from the programs standard output. Exit statuses 330 are from sysexits.h. 331 Add "sequence" map class -- searches maps in sequence until it 332 finds a match. For example, the declarations: 333 Kmap1 ... 334 Kmap2 ... 335 Kmapseq sequence map1 map2 336 defines a map "mapseq" that first searches map1; if the 337 value is found it is returned immediately, otherwise 338 map2 is searched and the value returned. 339 Add "switch" map class. This is much like "sequence" except that 340 the ordering is fetched from an external file, usually 341 the system service switch. The parameter is the name of 342 the service to switch on, and the maps that it will use 343 are this name followed by ".service_type". For example, 344 if the declaration of the map is 345 Ksample switch hosts 346 and the system service switch specifies that hosts are 347 looked up using dns and nis in that order, then this is 348 equivalent to 349 Ksample sequence hosts.dns hosts.nis 350 The subordinate maps must already be defined. 351 Add "user" map class -- looks up users using getpwnam. Takes a 352 "-v field" flag on the definition that tells what passwd 353 entry to return -- legal values are name, passwd, uid, gid, 354 gecos, dir, and shell. Generally expected to be used with 355 the -m (matchonly) flag. 356 Add "bestmx" map class -- returns the best MX value for the host 357 listed as the value. If there are several "best" MX records 358 for this host, one will be chosen at random. 359 Add "userdb" map class -- looks up entries in the user database. 360 The "file name" is actually the tag that will be used, 361 typically "mailname". If there are multiple entries 362 matching the name, the one chosen is undefined. 363 Add multiple queue timeouts (both return and warning). These are 364 set by the Precedence: or Priority: header fields to one of 365 three values. If a Priority: is set and has value "normal", 366 "urgent", or "non-urgent" the corresponding timeouts are 367 used. If no priority is set, the Precedence: is consulted; 368 if negative, non-urgent timeouts are used; if greater than 369 zero, urgent timeouts are used. Otherwise, normal timeouts 370 are used. The timeouts are set by setting the six timeouts 371 queue{warn,return}.{urgent,normal,non-urgent}. 372 Fix problem when a mail address is resolved to a $#error mailer 373 with a temporary failure indication; it works in SMTP, 374 but when delivering locally the mail is silently discarded. 375 This patch, from Kyle Jones of UUNET, bounces it instead 376 of queueing it (queueing is very hard). 377 When using /etc/hosts or NIS-style lookups, don't assume that 378 the first name in the list is the best one -- instead, 379 search for the first one with a dot. For example, if 380 an /etc/hosts entry reads 381 128.32.149.68 mammoth mammoth.CS.Berkeley.EDU 382 this change will use the second name as the canonical 383 machine name instead of the initial, unqualified name. 384 This heuristic is only used for finding your own name on 385 startup, when the system may not be fully configured yet. 386 Change dequote map to replace spaces in quoted text with a value 387 indicated by the -s flag on the dequote map definition. 388 For example, ``Mdequote dequote -s_'' will change 389 "Foo Bar" into an unquoted Foo_Bar instead of leaving it 390 quoted (because of the space character). Suggested by Dan 391 Oscarsson for use in X.400 addresses. 392 Implement long macro names as ${name}; long class names can 393 be similarly referenced as $={name} and $~{name}. 394 Definitions are (e.g.) ``D{name}value''. Names that have 395 a leading lower case letter or punctuation characters are 396 reserved for internal use by sendmail; i.e., config files 397 should use names that begin with a capital letter. Based 398 on code contributed by Dan Oscarsson. 399 Fix core dump if getgrgid returns a null group list (as opposed 400 to an empty group list, that is, a pointer to a list 401 with no members). Fix from Andrew Chang of Sun Microsystems. 402 Fix possible core dump if malloc fails -- if the malloc in xalloc 403 failed, it called syserr which called newstr which called 404 xalloc.... The newstr is now avoided for "panic" messages. 405 Reported by Stuart Kemp of James Cook University. 406 Improve connection cache timeouts; previously, they were not even 407 checked if you were delivering to anything other than an 408 IPC-connected host, so a series of (say) local mail 409 deliveries could cause cached connections to be open 410 much longer than the specified timeout. 411 If an incoming message exceeds the maximum message size, stop 412 writing the incoming bytes to the queue data file, since 413 this can fill your mqueue partition -- this is a possible 414 denial-of-service attack. 415 Don't reject all numeric local user names unless HESIOD is 416 defined. It turns out that Posix allows all-numeric 417 user names. Fix from Tony Sanders of BSDI. 418 Add service switch support. If the local OS has a service 419 switch (e.g., /etc/nsswitch.conf on Solaris or /etc/svc.conf 420 on DEC systems) that will be used; otherwise, it falls back 421 to using a local mechanism based on the ServiceSwitchFile 422 option (default: /etc/service.switch). For example, if the 423 service switch lists "files" and "nis" for the aliases 424 service, that will be the default lookup order. the "files" 425 ("local" on DEC) service type expands to any alias files 426 you listed in the configuration file, even if they aren't 427 actually file lookups. 428 Option I (NameServerOptions) no longer sets the "UseNameServer" 429 variable which tells whether or not DNS should be considered 430 canonical. This is now determined based on whether or not 431 "dns" is in the service list for "hosts". 432 Add preliminary support for the ESMTP "DSN" extension (Delivery 433 Status Notifications). This is not yet a standard 434 and the implementation is for experimentation only. 435 For this reason it only announces itself as "X-DSN-0" 436 instead of "DSN". DSN notifications override 437 Return-Receipt-To:. 438 Add T=mtstype keyletter to mailer definitions to define the value 439 for the Final-MTS-Type: and Remote-MTS-Type: fields in the 440 DSN-standard return message. 441 Extend heuristic to force running in ESMTP mode to look for the 442 six-character string "ESMTP " anywhere in the 220 greeting 443 message (not just the second line). This is to provide 444 better compatibility with other ESMTP servers. 445 Print sequence number of job when running the queue so you can 446 easily see how much progress you have made. Suggested 447 by Peter Wemm of DIALix. 448 Map newlines to spaces in logged message-ids; some versions of 449 syslog truncate the rest of the line after newlines. 450 Suggested by Fletcher Mattox of U. Texas. 451 Move up forking for job runs so that if a message is split into 452 multiple envelopes you don't get "fork storms" -- this 453 also improves the connection cache utilization. 454 Accept "<<>>", "<<<>>>", and so forth as equivalent to "<>" for 455 the purposes of refusing to send error returns. Suggested 456 by Motonori Nakamura of Ritsumeikan University. 457 Relax rules on when a file can be written when referenced from 458 the aliases file: use the default uid/gid instead of the 459 real uid/gid. This allows you to create a file owned by 460 and writable only by the default uid/gid that will work 461 all the time (without having the setuid bit set). Change 462 suggested by Shau-Ping Lo and Andrew Cheng of Sun 463 Microsystems. 464 Add "DialDelay" option (no short name) to provide an "extra" 465 delay for dial on demand systems. If this is non-zero 466 and a connect fails, sendmail will wait this long and 467 then try again. If it takes longer than the kernel 468 timeout interval to establish the connection, this 469 option can give the network software time to establish 470 the link. The default units are seconds. 471 Move logging of sender information to be as early as possible; 472 previously, it could be delayed a while for SMTP mail 473 sent to aliases. Suggested by Brad Knowles of the 474 Defense Information Systems Agency. 475 Call res_init() before setting RES_DEBUG; this is required by 476 BIND 4.9.3, or so I'm told. From Douglas Anderson of 477 the National Computer Security Center. 478 Add xdelay= field in logs -- this is a transaction delay, telling 479 you how long it took to deliver to this address on the 480 last try. It is intended to be used for sorting mailing 481 lists to favor "quick" addresses. Provided for use by 482 the mailprio scripts (see below). 483 If a map cannot be opened, and that map is non-optional, and 484 an address requires that map for resolution, queue the 485 map instead of bouncing it. This involves creating a 486 pseudo-class of maps called "bogus-map" -- if a required 487 map cannot be opened, the class is changed to bogus-map; 488 all queries against bogus-map return "tempfail". The 489 bogus-map class is not directly accessible. A sample 490 implementation was donated by Jem Taylor of Glasgow 491 University Computing Service. 492 Don't make a bad ``MAIL FROM:'' address on one message blow away 493 other messages to the same host later in the queue. 494 Problem noted by Eric Prestemon of American University. 495 Fix a possible core dump when mailing to a program that talks 496 SMTP on its standard input. Fix from Keith Moore of 497 the University of Kentucky. 498 Make it possible to resolve filenames to $#local $: @ /filename; 499 previously, the "@" would cause it to not be recognized 500 as a file. Problem noted by Brian Hill of U.C. Davis. 501 Accept a -1 signal to re-exec the daemon. This only works if 502 argv[0] is a full path to sendmail. 503 Fix bug in "addr=..." field in O option on little-endian machines 504 -- the network number wasn't being converted to network 505 byte order. Patch from Kurt Lidl of Pix Technologies 506 Corporation. 507 Pre-initialize the resolver early on; this is to avoid a bug with 508 BIND 4.9.3 that can cause the _res.retry field to get 509 reset to zero, causing all name server lookups to time 510 out. Fix from Matt Day of Artisoft. 511 Restore T line (trusted users) in config file -- but instead of 512 locking out the -f flag, they just tell whether or not 513 an X-Authentication-Warning: will be added. This really 514 just creates new entries in class 't', so "Ft/file/name" 515 can be used to read trusted user names from a file. 516 Improve NEWDB alias file rebuilding so it will create them 517 properly if they do not already exist. This had been 518 a MAYBENEXTRELEASE feature in 8.6.9. 519 Check for @:@ entry in NIS maps before starting up to avoid 520 (but not prevent, sigh) race conditions. This ought to 521 be handled properly in ypserv, but isn't. Suggested by 522 Michael Beirne of Motorola. 523 Refuse connections if there isn't enough space on the filesystem 524 holding the queue. Contributed by Robert Dana of Wolf 525 Communications. 526 Skip checking for directory permissions in the path to a file 527 when checking for file permissions iff setreuid() 528 succeeded -- it is unnecessary in that case. This avoids 529 significant performance problems when looking for .forward 530 files. Based on a suggestion by Win Bent of USC. 531 Allow symbolic ruleset names. Syntax can be "Sname" to get an 532 arbitrary ruleset number assigned or "Sname = integer" 533 to assign a specific ruleset number. Reference is 534 $>name_or_number. Names can be composed of alphas, digits, 535 underscore, or hyphen (first character must be non-numeric). 536 Allow -o flag on AliasFile lines to make the alias file optional. 537 From Bryan Costales of ICSI. 538 Add NoRecipientAction option to handle the case where there is 539 no legal recipient header in the message. It can take 540 on values: 541 None Leave the message as is. The 542 message will be passed on even 543 though it is in technically 544 illegal syntax. 545 Add-To Add a To: header with any 546 recipients that it can find from 547 the envelope. This risks exposing 548 Bcc: recipients. 549 Add-Apparently-To Add an Apparently-To: header. This 550 has almost no redeeming social value, 551 and is provided only for back 552 compatibility. 553 Add-To-Undisclosed Add a header reading 554 To: undisclosed-recipients:; 555 which will have the effect of 556 making the message legal without 557 exposing Bcc: recipients. 558 Add-Bcc To add an empty Bcc: header. 559 There is a chance that mailers down 560 the line will delete this header, 561 which could cause exposure of Bcc: 562 recipients. 563 The default is NoRecipientAction=None. 564 Truncate (rather than delete) Bcc: lines in the header. This 565 should prevent later sendmails (at least, those that don't 566 themselves delete Bcc:) from considering this message to 567 be non-conforming -- although it does imply that non-blind 568 recipients can see that a Bcc: was sent, albeit not to whom. 569 Add SafeFileEnvironment option. If declared, files named as delivery 570 targets must be regular files in addition to the regular 571 checks. Also, if the option is non-null then it is used as 572 the name of a directory that is used as a chroot(2) 573 environment for the delivery; the file names listed in an 574 alias or forward should include the name of this root. 575 For example, if you run with 576 O SafeFileEnvironment=/arch 577 then aliases should reference "/arch/rest/of/path". If a 578 value is given, sendmail also won't try to save to 579 /usr/tmp/dead.letter (instead it just leaves the job in the 580 queue as Qfxxxxxx). Inspired by *Hobbit*'s sendmail patch kit. 581 Support -A flag for alias files; this will comma concatenate like 582 entries. For example, given the aliases: 583 list: member1 584 list: member2 585 and an alias file declared as: 586 OAhash:-A /etc/aliases 587 the final alias inserted will be "list: member1,member2"; 588 without -A you will get an error on the second and subsequent 589 alias for "list". Contributed by Bryan Costales of ICSI. 590 Line-buffer transcript file. Suggested by Liudvikas Bukys. 591 Fix a problem that could cause very long addresses to core dump in 592 some special circumstances. Problem pointed out by Allan 593 Johannesen. 594 (Internal change.) Change interface to expand() (macro expansion) 595 to be simpler and more consistent. 596 Delete check for funny qf file names. This didn't really give 597 any extra security and caused some people some problems. 598 (If you -really- want this, define PICKY_QF_NAME_CHECK 599 at compile time.) Suggested by Kyle Jones of UUNET. 600 (Internal change.) Change EF_NORETURN to EF_NO_BODY_RETN and 601 merge with DSN code; this is simpler and more consistent. 602 This may affect some people who have written their own 603 checkcompat() routine. 604 (Internal change.) Eliminate `D' line in qf file. The df file 605 is now assumed to be the same name as the qf file (with 606 the `q' changed to a `d', of course). 607 Avoid forking for delivery if all recipient mailers are marked as 608 "expensive" -- this can be a major cost on some systems. 609 Essentially, this forces sendmail into "queue only" mode 610 if all it is going to do is queue anyway. 611 Avoid sending a null message in some rather unusual circumstances 612 (specifically, the RCPT command returns a temporary 613 failure but the connection is lost before the DATA 614 command). Fix from Scott Hammond of Secure Computing 615 Corporation. 616 Change makesendmail to use a somewhat more rational naming scheme: 617 Makefiles and obj directories are named $os.$rel.$arch, 618 where $os is the operating system (e.g., SunOS), $rel is 619 the release number (e.g., 5.3), and $arch is the machine 620 architecture (e.g., sun4). Any of these can be omitted, 621 and anything after the first dot in a release number can 622 be replaced with "x" (e.g., SunOS.4.x.sun4). The previous 623 version used $os.$arch.$rel and was rather less general. 624 Ignore IDENT return value if the OSTYPE field returns "OTHER", 625 as indicated by RFC 1413. Pointed out by Kari Hurtta 626 of the Finnish Meteorological Institute. 627 Fix problem that could cause multiple responses to DATA command 628 on header syntax errors (e.g., lines beginning with colons). 629 Problem noted by Jens Thomassen of the University of Oslo. 630 Don't let null bytes in headers cause truncation of the rest of 631 the header. 632 Log Authentication-Warning:s. Suggested by Motonori Nakamura. 633 Increase timeouts on message data puts to allow time for receivers 634 to canonify addresses in headers on the fly. This is still 635 a rather ugly heuristic. From Motonori Nakamura. 636 Add "HasWildcardMX" suboption to ResolverOptions; if set, MX 637 records are not used when canonifying names. This is 638 useful if you have a wildcard MX record, although it 639 may cause other problems. In general, don't use wildcard 640 MX records. Patch from Motonori Nakamura. 641 Eliminate default two-line SMTP greeting message. Instead of 642 adding an extra "ESMTP spoken here" line, the word "ESMTP" 643 is added between the first and second word of the first 644 line of the greeting message (i.e., immediately after the 645 host name). This eliminates the need for the BROKEN_SMTP_PEERS 646 compile flag. Old sendmails won't see the ESMTP, but that's 647 acceptable because SIZE was the only useful extension that 648 old sendmails understand. 649 Avoid gethostbyname calls on UNIX domain sockets during SIGUSR1 650 invoked state dumps. From Masaharu Onishi. 651 Allow on-line comments in .forward and :include: files; they are 652 introduced by the string "<LWSP>#@#<LWSP>", where <LWSP> 653 is a space or a tab. This is intended for native 654 representation of non-ASCII sets such as Japanese, where 655 existing encodings would be unreadable or would lose 656 data -- for example, 657 <motonori@cs.ritsumei.ac.jp> NAKAMURA Motonori 658 (romanized/less information) 659 <motonori@cs.ritsumei.ac.jp> =?ISO-2022-JP?B?GyRCQ2ZCPBsoQg==?= 660 =?ISO-2022-JP?B?GyRCQUdFNRsoQg==?= 661 (with MIME encoding, not human readable) 662 <motonori@cs.ritsumei.ac.jp> #@# ^[$BCfB<^[(B ^[$BAGE5^[(B 663 (native encoding with ISO-2022-JP) 664 The last form is human readable in the Japanese environment. 665 Based on a fix from (surprise!) Motonori Nakamura. 666 Don't make SMTP error returns on MAIL FROM: line be "sticky" for all 667 messages to that host; these are most frequently associated 668 with addresses rather than the host, with the exception of 669 421 (service shutting down). The effect was to cause queues 670 to sometimes take an excessive time to flush. Reported by 671 Robert Sargent of Southern Geographics Technologies. 672 Add Nice=N mailer option to set the niceness at which a mailer will 673 run. 674 When looking for a default config file (that is, not specified using 675 a -C flag), try a configuration file name extended by the 676 binary version number -- e.g., sendmail.8.7.Alpha.9.cf, 677 sendmail.8.7.Alpha.cf, sendmail.8.7.cf, sendmail.8.cf, and 678 sendmail.cf in that order. This should make it easier to 679 test new versions in a shared environment. 680 Log queue runs that are skipped due to high loads. They are logged 681 at LOG_INFO priority iff the log level is > 8. Contributed 682 by Bruce Nagel of Data General. 683 Allow the error mailer to accept a DSN-style error status code 684 instead of an sysexits status code in the host part. 685 Anything with a dot will be interpreted as a DSN-style code. 686 Add new mailer flag: F=3 will tell translations to Quoted-Printable 687 to encode characters that might be munged by an EBCDIC system 688 in addition to the set required by RFC 1521. The additional 689 characters are !, ", #, $, @, [, \, ], ^, `, {, |, }, and ~. 690 (Think of "IBM 360" as the mnemonic for this flag.) 691 Change check for mailing to files to look for a pathname of [FILE] 692 rather than looking for the mailer named *file*. The mapping 693 of leading slashes still goes to the *file* mailer. This 694 allows you to implement the *file* mailer as a separate 695 program, for example, to insert a Content-Length: header 696 or do special security policy. However, note that the usual 697 initial checking for the file permissions is still done, and 698 the program in question needs to be very careful about how 699 it does the file write to avoid security problems. 700 Be able to read ~root/.forward even if the path isn't accessible to 701 regular users. This is disrecommended because sendmail 702 sometimes does not run as root (e.g., when an unsafe option 703 is specified on the command line), but should otherwise be 704 safe because .forward files must be owned by the user for 705 whom mail is being forwarded, and cannot be a symbolic link. 706 Suggested by Forrest Aldrich of Wang Laboratories. 707 Add new "HostsFile" option that is the pathname to the /etc/hosts 708 file. This is used for canonifying hostnames when the 709 service type is "files". 710 Implement programs on F (read class from file) line. The syntax is 711 Fc|/path/to/program to read the output from the program 712 into class "c". 713 Probe the network interfaces to find alternate names for this 714 host. Requires the SIOCGIFCONF ioctl call. Code 715 contributed by SunSoft. 716 Add "E" configuration line to set or propogate environment 717 variables into children. "E<envar>" will propogate 718 the named variable from the environment when sendmail 719 was invoked into any children it calls; "E<envar>=<value>" 720 sets the named variable to the indicated value. Any 721 variables not explicitly named will not be in the child 722 environment. However, sendmail still forces an 723 "AGENT=sendmail" environment variable, in part to enforce 724 at least one environment variable, since many programs and 725 libraries die horribly if this is not guaranteed. 726 Change heuristic for rebuilding both NEWDB and NDBM versions of 727 alias databases -- new algorithm looks for the substring 728 "/yp/" in the file name. This is more portable and involves 729 less overhead. Suggested by Motonori Nakamura. 730 Dynamically allocate the queue work list so that you don't lose 731 jobs in large queue runs. The old QUEUESIZE compile parameter 732 is replaced by QUEUESEGSIZE (the unit of allocation, which 733 should not need to be changed) and the MaxQueueRunSize option, 734 which is the absolute maximum number of jobs that will ever 735 be handled in a single queue run. Based on code contributed 736 by Brian Coan of the Institute for Global Communications. 737 Log message when a message is dropped because it exceeds the maximum 738 message size. Suggested by Leo Bicknell of Virginia Tech. 739 Allow trusted users (those on a T line or in $=t) to use -bs without 740 an X-Authentication-Warning: added. Suggested by Mark Thomas 741 of Mark G. Thomas Consulting. 742 Announce state of compile flags on -d0.1 (-d0.10 throws in the 743 OS-dependent defines). The old semantic of -d0.1 to not 744 run the daemon in background has been moved to -d99.100, 745 and the old 52.5 flag (to avoid disconnect() from closing 746 all output files) has been moved to 52.100. This makes 747 things more consistent (flags below .100 don't change 748 semantics) and separates out the backgrounding so that 749 IBM's SRC can be used. 750 If -t is used but no addresses are found in the header, give an 751 error message rather than just doing nothing. Fix from 752 Motonori Nakamura. 753 On systems (like SunOS) where the effective gid is not necessarily 754 included in the group list returned by getgroups(), the 755 `restrictmailq' option could sometimes cause an authorized 756 user to not be able to use `mailq'. Fix from Charles Hannum 757 of MIT. 758 Allow symbolic service names for [IPC] mailers. Suggested by 759 Gerry Magennis of Logica International. 760 Add DontExpandCnames option to prevent $[ ... $] from expanding CNAMEs 761 when running DNS. For example, if the name FTP.Foo.ORG is 762 a CNAME for Cruft.Foo.ORG, then when sitting on a machine in 763 the Foo.ORG domain a lookup of "FTP" returns "Cruft.Foo.ORG" 764 if this option is not set, or "FTP.Foo.ORG" if it is set. 765 This is technically illegal under RFC 822 and 1123, but the 766 IETF is moving toward legalizing it. Note that turning on 767 this option is not sufficient to guarantee that a downstream 768 neighbor won't rewrite the address for you. 769 Add "-m" flag to makesendmail script -- this tells you what object 770 directory and Makefile it will use, but doesn't actually do 771 the make. 772 PORTABILITY FIXES: 773 Solaris 2 from Rob McMahon <cudcv@csv.warwick.ac.uk>. 774 System V Release 4 from Motonori Nakamura of Ritsumeikan 775 University. This expands the disk size 776 checking to include all (?) SVR4 configurations. 777 System V Release 4 from Kimmo Suominen -- initgroups(3) 778 and setrlimit(2) are both available. 779 System V Release 4 from sob@sculley.ffg.com -- some versions 780 apparently "have EX_OK defined in other headerfiles." 781 Linux Makefile typo. 782 Linux getusershell(3) is broken in Slackware 2.0 -- 783 from Andrew Pam of Xanadu Australia. 784 More Linux tweaking from John Kennedy of California State 785 University, Chico. 786 Cray changes from Eric Wassenaar: ``On Cray, shorts, 787 ints, and longs are all 64 bits, and all structs 788 are multiples of 64 bits. This means that the 789 sizeof operator returns only multiples of 8. 790 This requires adaptation of code that really 791 deals with 32 bit or 16 bit fields, such as IP 792 addresses or nameserver fields.'' 793 DG/UX 5.4.3 from Mark T. Robinson <mtr@ornl.gov>. To 794 get the old behaviour, use -DDGUX_5_4_2. 795 DG/UX hack: add _FORCE_MAIL_LOCAL_=yes environment 796 variable to fix bogus /bin/mail behaviour. 797 Tandem NonStop-UX from Rick McCarty <mccarty@mpd.tandem.com>. 798 This also cleans up some System V Release 4 compile 799 problems. 800 Solaris 2: sendmail.cw file should be in /etc/mail to 801 match all the other configuration files. Fix 802 from Glenn Barry of Emory University. 803 Solaris 2.3: compile problem in conf.c. Fix from Alain 804 Nissen of the University of Liege, Belgium. 805 Ultrix: freespace calculation was incorrect. Fix from 806 Takashi Kizu of Osaka University. 807 SVR4: running in background gets a SIGTTOU because the 808 emulation code doesn't realize that "getpeername" 809 doesn't require reading the file. Fix from Peter 810 Wemm of DIALix. 811 Solaris 2.3: due to an apparent bug in the socket emulation 812 library, sockets can get into a "wedged" state where 813 they just return EPROTO; closing and re-opening the 814 socket clears the problem. Fix from Bob Manson 815 of Ohio State University. 816 Hitachi 3050R & 3050RX running HI-UX/WE2: portability 817 fixes from Akihiro Hashimoto ("Hash") of Chiba 818 University. 819 AIX changes to allow setproctitle to work from Rainer Sch�pf 820 of Zentrum f�r Datenverarbeitung der Universit�t 821 Mainz. 822 AIX changes for load average from Ed Ravin of NASA/Goddard. 823 SCO Unix from Chip Rosenthal of Unicom (code was using the 824 wrong statfs call). 825 ANSI C fixes from Adam Glass (NetBSD project). 826 Stardent Titan/ANSI C fixes from Kate Hedstrom of Rutgers 827 University. 828 DG-UX fixes from Bruce Nagel of Data General. 829 IRIX64 updates from Mark Levinson of the University of 830 Rochester Medical Center. 831 Altos System V (``the first UNIX/XENIX merge the Altos 832 did for their Series 1000 & Series 2000 line; 833 their merged code was licenced back to AT&T and 834 Microsoft and became System V release 3.2'') from 835 Tim Rice <timr@crl.com>. 836 OSF/1 running on Intel Paragon from Jeff A. Earickson 837 <jeff@ssd.intel.com> of Intel Scalable Systems 838 Divison. 839 Amdahl UTS System V 2.1.5 (SVr3-based) from Janet Jackson 840 <janet@dialix.oz.au>. 841 System V Release 4 (statvfs semantic fix) from Alain 842 Durand of I.M.A.G. 843 HP-UX 10.x multiprocessor load average changes from 844 Scott Hutton and Jeff Sumler of Indiana University. 845 Cray CSOS from Scott Bolte of Cray Computer Corporation. 846 Unicos 8.0 from Douglas K. Rand of the University of North 847 Dakota, Scientific Computing Center. 848 Solaris 2.4 fixes from Sanjay Dani of Dani Communications. 849 ConvexOS 11.0 from Christophe Wolfhugel. 850 IRIX 4.0.5 from David Ashton-Reader of CADcentre. 851 ISC UNIX from J. J. Bailey. 852 HP-UX 9.xx on the 8xx series machines from Remy Giraud 853 of Meteo France. 854 HP-UX configuration from Tom Lane <tgl@sss.pgh.pa.us>. 855 IRIX 5.2 and 5.3 from Kari E. Hurtta. 856 FreeBSD 2.0 from Mike Hickey of Federal Data Corporation. 857 Sony NEWS-OS 4.2.1R and 6.0.3 from Motonori Nakamura. 858 Omron LUNA unios-b, mach from Motonori Nakamura. 859 NEC EWS-UX/V 4.2 from Motonori Nakamura. 860 NeXT 2.1 from Bryan Costales. 861 AUX patch thanks to Mike Erwin of Apple Computer. 862 HP-UX 10.0 from John Beck of Hewlett-Packard. 863 Ultrix: allow -DBROKEN_RES_SEARCH=0 if you are using a 864 non-DEC resolver. Suggested by Allan Johannesen. 865 UnixWare 2.0 fixes from Petr Lampa of the Technical 866 University of Brno (Czech Republic). 867 MAKEMAP: allow -d flag to allow insertion of duplicate aliases 868 in type ``btree'' maps. The semantics of this are undefined 869 for regular maps, but it can be useful for the user database. 870 MAKEMAP: lock database file while rebuilding to avoid sendmail 871 lookups while the rebuild is going on. There is a race 872 condition between the open(... O_TRUNC ...) and the lock 873 on the file, but it should be quite small. 874 SMRSH: sendmail restricted shell added to the release. This can 875 be used as an alternative to /bin/sh for the "prog" mailer, 876 giving the local administrator more control over what 877 programs can be run from sendmail. 878 MAIL.LOCAL: add this local mailer to the tape. It is not really 879 part of the release proper, and isn't fully supported; in 880 particular, it does not run on System V based systems and 881 never will. 882 CONTRIB: a patch to rmail.c from Bill Gianopoulos of Raytheon 883 to allow rmail to compile on systems that don't have 884 function prototypes and systems that don't have snprintf. 885 CONTRIB: add the "mailprio" scripts that will help you sort mailing 886 lists by transaction delay times so that addresses that 887 respond quickly get sent first. This is to prevent very 888 sluggish servers from delaying other peoples' mail. 889 Contributed by Tony Sanders of BSDI. 890 CONTRIB: add the "bsdi.mc" file as contributed by Tony Sanders 891 of BSDI. This has a lot of comments to help people out. 892 CONFIG: fix mail from <> so it will properly convert to 893 MAILER-DAEMON on local addresses. 894 CONFIG: fix code that was supposed to catch colons in host 895 names. Problem noted by John Gardiner Myers of CMU. 896 CONFIG: allow use of SMTP_MAILER_MAX in nullclient configuration. 897 From Paul Riddle of the University of Maryland, Baltimore 898 County. 899 CONFIG: Catch and reject "." as a host address. 900 CONFIG: Generalize domaintable to look up all domains, not 901 just unqualified ones. 902 CONFIG: Delete OLD_SENDMAIL support -- as near as I can tell, it 903 was never used and didn't work anyway. 904 CONFIG: Set flags A, w, 5, :, /, |, and @ on the "local" mailer 905 and d on all mailers in the UUCP class. 906 CONFIG: Allow "user+detail" to be aliased specially: it will first 907 look for an alias for "user+detail", then for "user+*", and 908 finally for "user". This is intended for forwarding mail 909 for system aliases such as root and postmaster to a 910 centralized hub. 911 CONFIG: add confEIGHT_BIT_HANDLING to set option 8 (see above). 912 CONFIG: add smtp8 mailer; this has the F=8 (just-send-8) flag set. 913 The F=8 flag is also set on the "relay" mailer, since 914 this is expected to be another sendmail. 915 CONFIG: avoid qualifying all UUCP addresses sent via SMTP with 916 the name of the UUCP_RELAY -- in some cases, this is the 917 wrong value (e.g., when we have local UUCP connections), 918 and this can create unreplyable addresses. From Chip 919 Rosenthal of Unicom. 920 CONFIG: add confRECEIVED_HEADER to change the format of the 921 Received: header inserted into all messages. Suggested by 922 Gary Mills of the University of Manitoba. 923 CONFIG: Make "notsticky" the default; use FEATURE(stickyhost) 924 to get the old behaviour. I did this upon observing 925 that almost everyone needed this feature, and that the 926 concept I was trying to make happen didn't work with 927 some user agents anyway. FEATURE(notsticky) still works, 928 but it is a no-op. 929 CONFIG: Add LUSER_RELAY -- the host to which unrecognized user 930 names are sent, rather than immediately diagnosing them 931 as User Unknown. 932 CONFIG: Add SMTP_MAILER_ARGS, ESMTP_MAILER_ARGS, SMTP8_MAILER_ARGS, 933 and RELAY_MAILER_ARGS to set the arguments for the 934 indicated mailers. All default to "IPC $h". Patch from 935 Larry Parmelee of Cornell University. 936 CONFIG: pop mailer needs F=n flag to avoid "annoying side effects 937 on the client side" and F=P to get an appropriate 938 return-path. From Kimmo Suominen. 939 CONFIG: add FEATURE(local_procmail) to use the procmail program 940 as the local mailer. For addresses of the form "user+detail" 941 the "detail" part is passed to procmail via the -a flag. 942 Contributed by Kimmo Suominen. 943 CONFIG: add MAILER(procmail) to add an interface to procmail for 944 use from mailertables. This lets you execute arbitrary 945 procmail scripts. Contributed by Kimmo Suominen. 946 CONFIG: add T= fields (MTS type) to local, smtp, and uucp mailers. 947 CONFIG: add OSTYPE(ptx2) for DYNIX/ptx 2.x from Sequent. From 948 Paul Southworth of CICNet Systems Support. 949 CONFIG: use -a$g as default to UUCP mailers, instead of -a$f. 950 This causes the null return path to be rewritten as 951 MAILER-DAEMON; otherwise UUCP gets horribly confused. 952 From Michael Hohmuth of Technische Universitat Dresden. 953 CONFIG: Add FEATURE(bestmx_is_local) to cause any hosts that 954 list us as the best possible MX record to be treated as 955 though they were local (essentially, assume that they 956 are included in $=w). This can cause additional DNS 957 traffic, but is easier to administer if this fits your 958 local model. It does not work reliably if there are 959 multiple hosts that share the best MX preference. 960 Code contributed by John Oleynick of Rutgers. 961 CONFIG: Add FEATURE(smrsh) to use smrsh (the SendMail Restricted 962 SHell) instead of /bin/sh as the program used for delivery 963 to programs. If an argument is included, it is used as 964 the path to smrsh; otherwise, /usr/local/etc/smrsh is 965 assumed. 966 CONFIG: Add LOCAL_MAILER_MAX and PROCMAILER_MAILER_MAX to limit the 967 size of messages to the local and procmail mailers 968 respectively. Contributed by Brad Knowles of the Defense 969 Information Systems Agency. 970 CONFIG: Handle leading ``phrase:'' and trailing ``;'' as comments 971 (just like text outside of angle brackets) in order to 972 properly deal with ``group: addr1, ... addrN;'' syntax. 973 CONFIG: Require OSTYPE macro (the defaults really don't apply to 974 any real systems any more) and tweak the DOMAIN macro 975 so that it is less likely that users will accidently use 976 the Berkeley defaults. Also, create some generic files 977 that really can be used in the real world. 978 CONFIG: Add new configuration macros to set character sets for 979 messages _arriving from_ various mailers: LOCAL_MAILER_CHARSET, 980 SMTP_MAILER_CHARSET, and UUCP_MAILER_CHARSET. 981 CONFIG: Change UUCP_MAX_SIZE to UUCP_MAILER_MAX for consistency. 982 The old name will still be accepted for a while at least. 983 CONFIG: Implement DECNET_RELAY as spec for host to which DECNET 984 mail (.DECNET pseudo-domain or node::user) will be sent. 985 As with all relays, it can be ``mailer:hostname''. Suggested 986 by Scott Hutton. 987 CONFIG: Add MAILER(mail11) to get DECnet support. Code contributed 988 by Barb Dijker of Labyrinth Computer Services. 989 CONFIG: change confCHECK_ALIASES to default to False -- it has poor 990 performance for large alias files, and this confused many 991 people. 992 CONFIG: Add confCF_VERSION to append local information to the 993 configuration version number displayed during SMTP startup. 994 CONFIG: fix some.newsgroup.usenet@local.host syntax (previously it 995 would only work when locally addressed. Fix from 996 Edvard Tuinder of Cistron Internet Services. 997 NEW FILES: 998 cf/cf/cs-hpux10.mc 999 cf/cf/cs-solaris2.mc 1000 cf/cf/generic-hpux10.mc 1001 cf/cf/generic-hpux9.mc 1002 cf/cf/generic-osf1.mc 1003 cf/cf/generic-solaris2.mc 1004 cf/cf/generic-sunos4.1.mc 1005 cf/cf/generic-ultrix4.mc 1006 cf/cf/huginn.cs.mc 1007 cf/domain/berkeley-only.m4 1008 cf/domain/generic.m4 1009 cf/feature/bestmx_is_local.m4 1010 cf/feature/local_procmail.m4 1011 cf/feature/smrsh.m4 1012 cf/feature/stickydomain.m4 1013 cf/mailer/mail11.m4 1014 cf/mailer/procmail.m4 1015 cf/ostype/amdahl-uts.m4 1016 cf/ostype/hpux10.m4 1017 cf/ostype/ptx2.m4 1018 cf/ostype/unknown.m4 1019 contrib/bsdi.mc 1020 contrib/mailprio 1021 contrib/rmail.oldsys.patch 1022 smrsh/README 1023 smrsh/smrsh.8 1024 smrsh/smrsh.c 1025 src/Makefiles/Makefile.CSOS 1026 src/Makefiles/Makefile.EWS-UX_V 1027 src/Makefiles/Makefile.IRIX.5.x 1028 src/Makefiles/Makefile.IRIX64 1029 src/Makefiles/Makefile.ISC 1030 src/Makefiles/Makefile.NEWS-OS.4.x 1031 src/Makefiles/Makefile.NEWS-OS.6.x 1032 src/Makefiles/Makefile.NonStop-UX 1033 src/Makefiles/Makefile.Paragon 1034 src/Makefiles/Makefile.SunOS.5.3 1035 src/Makefiles/Makefile.SunOS.5.4 1036 src/Makefiles/Makefile.SunOS.5.5 1037 src/Makefiles/Makefile.UNIX_SV.4.x.i386 1038 src/Makefiles/Makefile.uts.systemV 1039 src/mime.c 1040 test/t_seteuid.c 1041 RENAMED FILES: 1042 cf/cf/alpha.mc => cf/cf/s2k-osf1.mc 1043 cf/cf/chez.mc => cf/cf/chez.cs.mc 1044 cf/cf/hpux-cs-exposed.mc => cf/cf/cs-hpux9.mc 1045 cf/cf/osf1-cs-exposed.mc => cf/cf/cs-osf1.mc 1046 cf/cf/s2k.mc => cf/cf/s2k-ultrix4.mc 1047 cf/cf/sunos4.1-cs-exposed.mc => cf/cf/cs-sunos4.1.mc 1048 cf/cf/ultrix4.1-cs-exposed.mc => cf/cf/cs-ultrix4.mc 1049 cf/cf/vangogh.mc => cf/cf/vangogh.cs.mc 1050 cf/domain/Berkeley.m4 => cf/domain/Berkeley.EDU.m4 1051 cf/domain/cs-exposed.m4 => cf/domain/CS.Berkeley.EDU.m4 1052 cf/domain/eecs-hidden.m4 => cf/domain/EECS.Berkeley.EDU.m4 1053 cf/domain/s2k.m4 => cf/domain/S2K.Berkeley.EDU.m4 1054 cf/ostype/hpux.m4 => cf/ostype/hpux9.m4 1055 cf/ostype/ultrix4.1.m4 => cf/ostype/ultrix4.m4 1056 src/Makefile.* => src/Makefiles/Makefile.* 1057 src/Makefile.BSDI => src/Makefiles/Makefile.BSD-OS 1058 src/Makefile.SunOS.4.0.3 => src/Makefiles/Makefile.SunOS.4.0 1059 OBSOLETED FILES: 1060 cf/cf/cogsci.mc 1061 cf/cf/cs-exposed.mc 1062 cf/cf/cs-hidden.mc 1063 cf/cf/hpux-cs-hidden.mc 1064 cf/cf/knecht.mc 1065 cf/cf/osf1-cs-hidden.mc 1066 cf/cf/sunos3.5-cs-exposed.mc 1067 cf/cf/sunos3.5-cs-hidden.mc 1068 cf/cf/sunos4.1-cs-hidden.mc 1069 cf/cf/ultrix4.1-cs-hidden.mc 1070 cf/domain/cs-hidden.m4 1071 contrib/rcpt-streaming 1072 src/Makefiles/Makefile.SunOS.5.x 1073 10748.6.12/8.6.12 95/03/28 1075 Fix to IDENT code (it was getting the size of the reply buffer 1076 too small, so nothing was ever accepted). Fix from several 1077 people, including Allan Johannesen, Shane Castle of the 1078 Boulder County Information Services, and Jeff Smith of 1079 Warwick University (all arrived within a few hours of 1080 each other!). 1081 Fix a problem that could cause large jobs to run out of 1082 file descriptors on systems that use vfork() rather 1083 than fork(). 1084 10858.6.11/8.6.11 95/03/08 1086 The ``possible attack'' message would be logged more often 1087 than necessary if you are using Pine as a user agent. 1088 The wrong host would be reported in the ``possible attack'' 1089 message when attempted from IDENT. 1090 In some cases the syslog buffer could be overflowed when 1091 reporting the ``possible attack'' message. This can 1092 cause denial of service attacks. Truncate the message 1093 to 80 characters to prevent this problem. 1094 When reading the IDENT response a loop is needed around the 1095 read from the network to ensure that you don't get 1096 partial lines. 1097 Password entries without any shell listed (that is, a null 1098 shell) wouldn't match as "ok". Problem noted by 1099 Rob McMahon. 1100 When running BIND 4.9.x a problem could occur because the 1101 _res.options field is initialized differently than it 1102 was historically -- this requires that sendmail call 1103 res_init before it tweaks any bits. 1104 Fix an incompatibility in openxscript() between the file open mode 1105 and the stdio mode passed to fdopen. This caused UnixWare 1106 2.0 to have conniptions. Fix from Martin Sohnius of 1107 Novell Labs Europe. 1108 Fix problem with static linking of local getopt routine when 1109 using GNU's ld command. Fix from John Kennedy of 1110 Cal State Chico. 1111 It was possible to turn off privacy flags. Problem noted by 1112 *Hobbit*. 1113 Be more paranoid about writing files. Suggestions by *Hobbit* 1114 and Liudvikas Bukys. 1115 MAKEMAP: fixes for 64 bit machines (DEC Alphas in particular) 1116 from Spider Boardman. 1117 CONFIG: No changes (version number only, to keep it in sync 1118 with the binaries). 1119 11208.6.10/8.6.10 95/02/10 1121 SECURITY: Diagnose bogus values to some command line flags that 1122 could allow trash to get into headers and qf files. 1123 Validate the name of the user returned by the IDENT protocol. 1124 Some systems that really dislike IDENT send intentionally 1125 bogus information. Problem pointed out by Michael Bushnell 1126 of the Free Software Foundation. Has some security 1127 implications. 1128 Fix a problem causing error messages about DNS problems when 1129 the host name contained a percent sign to act oddly 1130 because it was passed as a printf-style format string. 1131 In some cases this could cause core dumps. 1132 Avoid possible buffer overrun in returntosender() if error 1133 message is quite ling. From Fletcher Mattox of the 1134 University of Texas. 1135 Fix a problem that would silently drop "too many hops" error 1136 messages if and only if you were sending to an alias. 1137 From Jon Giltner of the University of Colorado and 1138 Dan Harton of Oak Ridge National Laboratory. 1139 Fix a bug that caused core dumps on some systems if -d11.2 was 1140 set and e->e_message was null. Fix from Bruce Nagel of 1141 Data General. 1142 Fix problem that can still cause df files to be left around 1143 after "hop count exceeded" messages. Fix from Andrew 1144 Chang and Shau-Ping Lo of SunSoft. 1145 Fix a problem that can cause buffer overflows on very long 1146 user names (as might occur if you piped to a program 1147 with a lot of arguments). 1148 Avoid returning an error and re-queueing if the host signature 1149 is null; this can occur on addresses like ``user@.''. 1150 Problem noted by Wesley Craig and the University of 1151 Michigan. 1152 Avoid possible calls to malloc(0) if MCI caching is turned 1153 off. Bug fix from Pierre David of the Laboratoire 1154 Parallelisme, Reseaux, Systemes et Modelisation (PRiSM), 1155 Universite de Versailles - St Quentin, and Jacky 1156 Thibault. 1157 Make a local copy of the line being sent via senttolist() -- in 1158 some cases, buffers could get trashed by map lookups 1159 causing it to do unexpected things. This also simplifies 1160 some of the map code. 1161 CONFIG: No changes (version number only, to keep it in sync 1162 with the binaries). 1163 11648.6.9/8.6.9 94/04/19 1165 Do all mail delivery completely disconnected from any terminal. 1166 This provides consistency with daemon delivery and 1167 may have some security implications. 1168 Make sure that malloc doesn't get called with zero size, 1169 since that fails on some systems. Reported by Ed 1170 Hill of the University of Iowa. 1171 Fix multi-line values for $e (SMTP greeting message). Reported 1172 by Mike O'Connor of Ford Motor Company. 1173 Avoid syserr if no NIS domain name is defined, but the map it 1174 is trying to open is optional. From Win Bent of USC. 1175 Changes for picky compilers from Ed Gould of Digital Equipment. 1176 Hesiod support for UDB from Todd Miller of the University of 1177 Colorado. Use "hesiod" as the service name in the U 1178 option. 1179 Fix a problem that failed to set the "authentic" host name (that 1180 is, the one derived from the socket info) if you called 1181 sendmail -bs from inetd. Based on code contributed by 1182 Todd Miller (this problem was also reported by Guy Helmer 1183 of Dakota State University). This also fixes a related 1184 problem reported by Liudvikas Bukys of the University of 1185 Rochester. 1186 Parameterize "nroff -h" in all the Makefiles so people with 1187 variant versions can use them easily. Suggested by 1188 Peter Collinson of Hillside Systems. 1189 SMTP "MAIL" commands with multiple ESMTP parameters required two 1190 spaces between parameters instead of one. Reported by 1191 Valdis Kletnieks of Virginia Tech. 1192 Reduce the number of system calls during message collection by 1193 using global timeouts around the collect() loop. This 1194 code was contributed by Eric Wassenaar. 1195 If the initial hostname name gathering results in a name 1196 without a dot (usually caused by NIS misconfiguration) 1197 and BIND is compiled in, directly access DNS to get 1198 the canonical name. This should make life easier for 1199 Solaris systems. If it still can't be resolved, and 1200 if the name server is listed as "required", try again 1201 in 30 seconds. If that also fails, exit immediately to 1202 avoid bogus "config error: mail loops back to myself" 1203 messages. 1204 Improve the "MAIL DELETED BECAUSE OF LACK OF DISK SPACE" error 1205 message to explain how much space was available and 1206 sound a bit less threatening. Suggested by Stan Janet 1207 of the National Institute of Standards and Technology. 1208 If mail is delivered to an alias that has an owner, deliver any 1209 requested return-receipt immediately, and strip the 1210 Return-Receipt-To: header from the subsequent message. 1211 This prevents a certain class of denial of service 1212 attack, arguably gives more reasonable semantics, and 1213 moves things more towards what will probably become a 1214 network standard. Suggested by Christopher Davis of 1215 Kapor Enterprises. 1216 Add a "noreceipts" privacy flag to turn off all return receipts 1217 without recompiling. 1218 Avoid printing ESMTP parameters as part of the error message 1219 if there are errors during parsing. This change is 1220 purely cosmetic. 1221 Avoid sending out error messages during the collect phase of 1222 SMTP; there is an MVS mailer from UCLA that gets 1223 confused by this. Of course, I think it's their bug.... 1224 Check for the $j macro getting undefined, losing a dot, or getting 1225 lost from $=w in the daemon before accepting a connection; 1226 if it is, it dumps state, prints a LOG_ALERT message, 1227 and drops core for debugging. This is an attempt to 1228 track down a bug that I thought was long since gone. 1229 If you see this, please forward the log fragment to 1230 sendmail@CS.Berkeley.EDU. 1231 Change OLD_NEWDB from a #ifdef to a #if so it can be turned off 1232 with -DOLD_NEWDB=0 on the command line. From Christophe 1233 Wolfhugel. 1234 Instead of trying to truncate the listen queue for the server 1235 SMTP port when the load average is too high, just close 1236 the port completely and reopen it later as needed. 1237 This ensures that the other end gets a quick "connection 1238 refused" response, and that the connection can be 1239 recovered later. In particular, some socket emulations 1240 seem to get confused if you tweak the listen queue 1241 size around and can never start listening to connections 1242 again. The down side is that someone could start up 1243 another daemon process in the interim, so you could 1244 have multiple daemons all not listening to connections; 1245 this could in turn cause the sendmail.pid file to be 1246 incorrect. A better approach might be to accept the 1247 connection and give a 421 code, but that could break 1248 other mailers in mysterious ways and have paging behaviour 1249 implications. 1250 Fix a glitch in TCP-level debugging that caused flag 16.101 to 1251 set debugging on the wrong socket. From Eric Wassenaar. 1252 When creating a df* temporary file, be sure you truncate any 1253 existing data in the file -- otherwise system crashes 1254 and the like could result in extra data being sent. 1255 DOC: Replace the CHANGES-R5-R8 readme file with a paper in the 1256 doc directory. This includes some additional 1257 information. 1258 CONFIG: change UUCP rules to never add $U! or $k! on the front 1259 of recipient envelope addresses. This should have been 1260 handled by the $&h trick, but broke if people were 1261 mixing domainized and UUCP addresses. They should 1262 probably have converted all the way over to uucp-uudom 1263 instead of uucp-{new,old}, but the failure mode was to 1264 loop the mail, which was bad news. 1265 Portability fixes: 1266 Newer BSDI systems (several people). 1267 Older BSDI systems from Christophe Wolfhugel. 1268 Intergraph CLIX, from Paul Southworth of CICNet. 1269 UnixWare, from Evan Champion. 1270 NetBSD from Adam Glass. 1271 Solaris from Quentin Campbell of the University of 1272 Newcastle upon Tyne. 1273 IRIX from Dean Cookson and Bill Driscoll of Mitre 1274 Corporation. 1275 NCR 3000 from Kevin Darcy of Chrysler Financial Corporation. 1276 SunOS (it has setsid() and setvbuf() calls) from 1277 Jonathan Kamens of OpenVision Technologies. 1278 HP-UX from Tor Lillqvist. 1279 New Files: 1280 src/Makefile.CLIX 1281 src/Makefile.NCR3000 1282 doc/changes/Makefile 1283 doc/changes/changes.me 1284 doc/changes/changes.ps 1285 12868.6.8/8.6.6 94/03/21 1287 SECURITY: it was possible to read any file as root using the 1288 E (error message) option. Reported by Richard Jones; 1289 fixed by Michael Corrigan and Christophe Wolfhugel. 1290 12918.6.7/8.6.6 94/03/14 1292 SECURITY: it was possible to get root access by using wierd 1293 values to the -d flag. Thanks to Alain Durand of 1294 INRIA for forwarding me the notice from the bugtraq 1295 list. 1296 12978.6.6/8.6.6 94/03/13 1298 SECURITY: the ability to give files away on System V-based 1299 systems proved dangerous -- don't run as the owner 1300 of a :include: file on a system that allows giveaways. 1301 Unfortunately, this also applies to determining a 1302 valid shell. 1303 IMPORTANT: Previous versions weren't expiring old connections 1304 in the connection cache for a long time under some 1305 circumstances. This could result in resource exhaustion, 1306 both at your end and at the other end. This checks the 1307 connections for timeouts much more frequently. From 1308 Doug Anderson of NCSC. 1309 Fix a glitch that snuck in that caused programs to be run as 1310 the sender instead of the recipient if the mail was 1311 from a local user to another local user. From 1312 Motonori Nakamura of Kyoto University. 1313 Fix "wildcard" on /etc/shell matching -- instead of looking 1314 for "*", look for "/SENDMAIL/ANY/SHELL/". From 1315 Bryan Costales of ICSI. 1316 Change the method used to declare the "statfs" availability; 1317 instead of HASSTATFS and/or HASUSTAT with a ton of 1318 tweaking in conf.c, there is a single #define called 1319 SFS_TYPE which takes on one of six values (SFS_NONE 1320 for no statfs availability, SFS_USTAT for the ustat(2) 1321 syscall, SFS_4ARGS for a four argument statfs(2) call, 1322 and SFS_VFS, SFS_MOUNT, or SFS_STATFS for a two argument 1323 statfs(2) call with the declarations in <sys/vfs.h>, 1324 <sys/mount.h>, or <sys/statfs.h> respectively). 1325 Fix glitch in NetInfo support that could return garbage if 1326 there was no "/locations/sendmail" property. From 1327 David Meyer of the University of Virginia. 1328 Change HASFLOCK from defined/not-defined to a 0/1 definition 1329 to allow Linux to turn it off even though it is a 1330 BSD-like system. 1331 Allow setting of "ident" timeout to zero to turn off the ident 1332 protocol entirely. 1333 Make 7-bit stripping local to a connection (instead of to a 1334 mailer); this allows you to specify that SMTP is a 1335 7-bit channel, but revert to 8-bit should it advertise 1336 that it supports 8BITMIME. You still have to specify 1337 mailer flag 7 to get this stripping at all. 1338 Improve makesendmail script so it handles more cases automatically. 1339 Tighten up restrictions on taking ownership of :include: files 1340 to avoid problems on systems that allow you to give away 1341 files. 1342 Fix a problem that made it impossible to rebuild the alias 1343 file if it was on a read-only file system. From 1344 Harry Edmon of the University of Washington. 1345 Improve MX randomization function. From John Gardiner Myers 1346 of CMU. 1347 Fix a minor glitch causing a bogus message to be printed (used 1348 %s instead of %d in a printf string for the line number) 1349 when a bad queue file was read. From Harry Edmon. 1350 Allow $s to remain NULL on locally generated mail. I'm not 1351 sure this is necessary, but a lot of people have complained 1352 about it, and there is a legitimate question as to whether 1353 "localhost" is legal as an 822-style domain. 1354 Fix a problem with very short line lengths (mailer L= flag) in 1355 headers. This causes a leading space to be added onto 1356 continuation lines (including in the body!), and also 1357 tries to wrap headers containing addresses (From:, To:, 1358 etc) intelligently at the shorter line lengths. Problem 1359 Reported by Lars-Johan Liman of SUNET Operations Center. 1360 Log the real user name when logging syserrs, since these can have 1361 security implications. Suggested by several people. 1362 Fix address logging of cached connections -- it used to always 1363 log the numeric address as zero. This is a somewhat 1364 bogus implementation in that it does an extra system 1365 call, but it should be an inexpensive one. Fix from 1366 Motonori Nakamura. 1367 Tighten up handling of short syslog buffers even more -- there 1368 were cases where the outgoing relay= name was too long 1369 to share a line with delay= and mailer= logging. 1370 Limit the overhead on split envelopes to one open file descriptor 1371 per envelope -- previously the overhead was three 1372 descriptors. This was in response to a problem reported 1373 by P{r (Pell) Emanuelsson. 1374 Fixes to better handle the case of unexpected connection closes; 1375 this redirects the output to the transcript so the info 1376 is not lost. From Eric Wassenaar. 1377 Fix potential string overrun if you macro evaluate a string that 1378 has a naked $ at the end. Problem noted by James Matheson 1379 <jmrm@eng.cam.ac.uk>. 1380 Make default error number on $#error messages 553 (``Requested 1381 action not taken: mailbox name not allowed'') instead of 1382 501 (``Syntax error in parameters or arguments'') to 1383 avoid bogus "protocol error" messages. 1384 Strip off any existing trailing dot on names during $[ ... $] 1385 lookup. This prevents it from ending up with two dots 1386 on the end of dot terminated names. From Wesley Craig 1387 of the University of Michigan and Bryan Costales of ICSI. 1388 Clean up file class reading so that the debugging information is 1389 more informative. It hadn't been using setclass, so you 1390 didn't see the class items being added. 1391 Avoid core dump if you are running a version of sendmail where 1392 NIS is compiled in, and you specify an NIS map, but 1393 NIS is not running. Fix from John Oleynick of 1394 Rutgers. 1395 Diagnose bizarre case where res_search returns a failure value, 1396 but sets h_errno to a success value. 1397 Make sure that "too many hops" messages are considered important 1398 enough to send an error to the Postmaster (that is, the 1399 address specified in the P option). This fix should 1400 help problems that cause the df file to be left around 1401 sometimes -- unfortunately, I can't seem to reproduce 1402 the problem myself. 1403 Avoid core dump (null pointer reference) on EXPN command; this 1404 only occurred if your log level was set to 10 or higher 1405 and the target account was an alias or had a .forward file. 1406 Problem noted by Janne Himanka. 1407 Avoid "denial of service" attacks by someone who is flooding your 1408 SMTP port with bad commands by shutting the connection 1409 after 25 bad commands are issued. From Kyle Jones of 1410 UUNET. 1411 Fix core dump on error messages with very long "to" buffers; 1412 fmtmsg overflows the message buffer. Fixed by trimming 1413 the to address to 203 characters. Problem reported by 1414 John Oleynick. 1415 Fix configuration for HASFLOCK -- there were some spots where 1416 a #ifndef was incorrectly #ifdef. Pointed out by 1417 George Baltz of the University of Maryland. 1418 Fix a typo in savemail() that could cause the error message To: 1419 lists to be incorrect in some places. From Motonori 1420 Nakamura. 1421 Fix a glitch that can cause duplicate error messages on split 1422 envelopes where an address on one of the lists has a 1423 name server failure. Fix from Voradesh Yenbut of the 1424 University of Washington. 1425 Fix possible bogus pointer reference on ESMTP parameters that 1426 don't have an ``=value'' part. 1427 CNAME loops caused an error message to be generated, but also 1428 re-queued the message. Changed to just re-queue the 1429 message (it's really hard to just bounce it because 1430 of the wierd way the name server works in the presence 1431 of CNAME loops). Problem noted by James M.R.Matheson 1432 of Cambridge University. 1433 Avoid giving ``warning: foo owned process doing -bs'' messages 1434 if they use ``MAIL FROM:<foo>'' where foo is their true 1435 user name. Suggested by Andreas Stolcke of ICSI. 1436 Change the NAMED_BIND compile flag to be a 0/1 flag so you can 1437 override it easily in the Makefile -- that is, you can 1438 turn it off using -DNAMED_BIND=0. 1439 If a gethostbyname(...) of an address with a trailing dot fails, 1440 try it without the trailing dot. This is because if 1441 you have a version of gethostbyname() that falls back 1442 to NIS or the /etc/hosts file it will fail to find 1443 perfectly reasonable names that just don't happen to 1444 be dot terminated in the hosts file. You don't want to 1445 strip the dot first though because we're trying to ensure 1446 that country names that match one of your subdomains get 1447 a chance. 1448 PRALIASES: fix bogus output on non-null-terminated strings. 1449 From Bill Gianopoulos of Raytheon. 1450 CONFIG: Avoid rewriting anything that matches $w to be $j. 1451 This was in code intended to only catch the self-literal 1452 address (that is, [1.2.3.4], where 1.2.3.4 is your 1453 IP address), but the code was broken. However, it will 1454 still do this if $M is defined; this is necessary to 1455 get client configurations to work (sigh). Note that this 1456 means that $M overrides :mailname entries in the user 1457 database! Problem noted by Paul Southworth. 1458 CONFIG: Fix definition of Solaris help file location. From 1459 Steve Cliffe <steve@gorgon.cs.uow.edu.au>. 1460 CONFIG: Fix bug that broke news.group.USENET mappings. 1461 CONFIG: Allow declaration of SMTP_MAILER_MAX, FAX_MAILER_MAX, 1462 and USENET_MAILER_MAX to tweak the maximum message 1463 size for various mailers. 1464 CONFIG: Change definition of USENET_MAILER_ARGS to include argv[0] 1465 instead of assuming that it is "inews" for consistency 1466 with other mailers. From Michael Corrigan of UC San Diego. 1467 CONFIG: When mail is forwarded to a LOCAL_RELAY or a MAIL_HUB, 1468 qualify the address in the SMTP envelope as user@{relay|hub} 1469 instead of user@$j. From Bill Wisner of The Well. 1470 CONFIG: Fix route-addr syntax in nullrelay configuration set. 1471 CONFIG: Don't turn off case mapping of user names in the local 1472 mailer for IRIX. This was different than most every other 1473 system. 1474 CONFIG: Avoid infinite loops on certainly list:; syntaxes in 1475 envelope. Noted by Thierry Besancon 1476 <besancon@excalibur.ens.fr>. 1477 CONFIG: Don't include -z by default on uux line -- most systems 1478 don't want it set by default. Pointed out by Philippe 1479 Michel of Thomson CSF. 1480 CONFIG: Fix some bugs with mailertables -- for example, if your 1481 host name was foo.bar.ray.com and you matched against 1482 ".ray.com", the old implementation bound %1 to "bar" 1483 instead of "foo.bar". Also, allow "." in the mailertable 1484 to match anything -- essentially, take over SMART_HOST. 1485 This also moves matching of explicit local host names 1486 before the mailertable so they don't have to be special 1487 cased in the mailertable data. Reported by Bill 1488 Gianopoulos of Raytheon; the fix for the %1 binding 1489 problem was contributed by Nicholas Comanos of the 1490 University of Sydney. 1491 CONFIG: Don't include "root" in class $=L (users to deliver 1492 locally, even if a hub or relay exists) by default. 1493 This is because of the known bug where definition of 1494 both a LOCAL_RELAY and a MAIL_HUB causes $=L to ignore 1495 both and deliver into the local mailbox. 1496 CONFIG: Move up bitdomain and uudomain handling so that they 1497 are done before .UUCP class matching; uudomain was 1498 reported as ineffective before. This also frees up 1499 diversion 8 for future use. Problem reported by Kimmo 1500 Suominen. 1501 CONFIG: Don't try to convert dotted IP address (e.g., [1.2.3.4]) 1502 into host names. As pointed out by Jonathan Kamens, 1503 these are often used because either the forward or reverse 1504 mapping is broken; this translation makes it broken again. 1505 DOC: Clarify $@ and $: in the Install & Op Guide. From Kimmo 1506 Suominen. 1507 Portability fixes: 1508 Unicos from David L. Kensiski of Sterling Sofware. 1509 DomainOS from Don Lewis of Silicon Systems. 1510 GNU m4 1.0.3 from Karst Koymans of Utrecht University. 1511 Convex from Kimmo Suominen <kim@tac.nyc.ny.us>. 1512 NetBSD from Adam Glass <glass@sun-lamp.cs.berkeley.edu>. 1513 BSD/386 from Tony Sanders of BSDI. 1514 Apollo from Eric Wassenaar. 1515 DGUX from Doug Anderson. 1516 Sequent DYNIX/ptx 2.0 from Tim Wright of Sequent. 1517 NEW FILES: 1518 src/Makefile.DomainOS 1519 src/Makefile.PTX 1520 src/Makefile.SunOS.5.1 1521 src/Makefile.SunOS.5.2 1522 src/Makefile.SunOS.5.x 1523 src/mailq.1 1524 cf/ostype/domainos.m4 1525 doc/op/Makefile 1526 doc/intro/Makefile 1527 doc/usenix/Makefile 1528 15298.6.5/8.6.5 94/01/13 1530 Security fix: /.forward could be owned by anyone (the test 1531 to allow root to own any file was backwards). From 1532 Bob Campbell at U.C. Berkeley. 1533 Security fix: group ids were not completely set when programs 1534 were invoked. This caused programs to have group 1535 permissions they should not have had (usually group 1536 daemon instead of their own group). In particular, 1537 Perl scripts would refuse to run. 1538 Security: check to make sure files that are written are not 1539 symbolic links (at least under some circumstances). 1540 Although this does not respond to a specific known 1541 attack, it's just a good idea. Suggested by 1542 Christian Wettergren. 1543 Security fix: if a user had an NFS mounted home directory on 1544 a system with a restricted shell listed in their 1545 /etc/passwd entry, they could still execute any 1546 program by putting that in their .forward file. 1547 This fix prevents that by insisting that their shell 1548 appear in /etc/shells before allowing a .forward to 1549 execute a program or write a file. You can disable 1550 this by putting "*" in /etc/shells. It also won't 1551 permit world-writable :include: files to reference 1552 programs or files (there's no way to disable this). 1553 These behaviours are only one level deep -- for 1554 example, it is legal for a world-writable :include: 1555 file to reference an alias that writes a file, on 1556 the assumption that the alias file is well controlled. 1557 Security fix: root was not treated suspiciously enough when 1558 looking into subdirectories. This would potentially 1559 allow a cracker to examine files that were publically 1560 readable but in a non-publically searchable directory. 1561 Fix a problem that causes an error on QUIT on a cached 1562 connection to create problems on the current job. 1563 These are typically unrelated, so errors occur in 1564 the wrong place. 1565 Reset CurrentLA in sendall() -- this makes sendmail queue 1566 runs more responsive to load average, and fixes a 1567 problem that ignored the load average in locally 1568 generated mail. From Eric Wassenaar. 1569 Fix possible core dump on aliases with null LHS. From 1570 John Orthoefer of BB&N. 1571 Revert to using flock() whenever possible -- there are just 1572 too many bugs in fcntl() locking, particularly over 1573 NFS, that cause sendmail to fail in perverse ways. 1574 Fix a bug that causes the connection cache to get confused 1575 when sending error messages. This resulted in 1576 "unexpected close" messages. It should fix itself 1577 on the following queue run. Problem noted by 1578 Liudvikas Bukys of the University of Rochester. 1579 Include $k in $=k as documented in the Install & Op Guide. 1580 This seems odd, but it was documented.... From 1581 Michael Corrigan of UCSD. 1582 Fix problem that caused :include:s from alias files to be 1583 forced to be owned by root instead of daemon 1584 (actually DefUid). From Tim Irvin. 1585 Diagnose unrecognized I option values -- from Mortin Forssen 1586 of the Chalmers University of Technology. 1587 Make "error" mailer work consistently when there is no error 1588 code associated with it -- previously it returned OK 1589 even though there was a real problem. Now it assumes 1590 EX_UNAVAILABLE. 1591 Fix bug that caused the last header line of messages that had 1592 no body and which were terminated with EOF instead of 1593 "." to be discarded. Problem noted by Liudvikas Bukys. 1594 Fix core dump on SMTP mail to programs that failed -- it tried 1595 to go to a "next MX host" when none existed, causing 1596 a core dump. From der Mouse at McGill University. 1597 Change IDENTPROTO from a defined/not defined to a 0/1 switch; 1598 this makes it easier to turn it off (using 1599 -DIDENTPROTO=0 in the Makefile). From der Mouse. 1600 Fix YP_MASTER_NAME store to use the unupdated result of 1601 gethostname() (instead of myhostname(), which tries 1602 to fully qualify the name) to be consistent with 1603 SunOS. If your hostname is unqualified, this fixes 1604 transfers to slave servers. Bug noted by Keith 1605 McMillan of Ameritech Services, Inc. 1606 Fix Ultrix problem: gethostbyname() can return a very large 1607 (> 500) h_length field, which causes the sockaddr 1608 to be trashed. Use the size of the sockaddr instead. 1609 Fix from Bob Manson of Ohio State. 1610 Don't assume "-a." on host lookups if NAMED_BIND is not 1611 defined -- this confuses gethostbyname on hosts 1612 file lookups, which doesn't understand the trailing 1613 dot convention. 1614 Log SMTP server subprocesses that die with a signal instead 1615 of from a clean exit. 1616 If you don't have option "I" set, don't assume that a DNS 1617 "host unknown" message is authoritative -- it 1618 might still be found in /etc/hosts. 1619 Fix a problem that would cause Deferred: messages to be sent 1620 as the subject of an error message, even though the 1621 actual cause of a message was more severe than that. 1622 Problem noted by Chris Seabrook of OSSI. 1623 Fix race condition in DBM alias file locking. From Kyle 1624 Jones of UUNET. 1625 Limit delivery syslog line length to avoid bugs in some 1626 versions of syslog(3). This adds a new compile time 1627 variable SYSLOG_BUFSIZE. From Jay Plett of Princeton 1628 University, which is in turn derived from IDA. 1629 Fix quotes inside of comments in addresses -- previously 1630 it insisted that they be balanced, but the 822 spec 1631 says that they should be ignored. 1632 Dump open file state to syslog upon receiving SIGUSR1 (for 1633 debugging). This also evaluates ruleset 89, if set 1634 (with the null input), and logs the result. This 1635 should be used sparingly, since the rewrite process 1636 is not reentrant. 1637 Change -qI, -qR, and -qS flags to be case-insensitive as 1638 documented in the Bat Book. 1639 If the mailer returned EX_IOERR or EX_OSERR, sendmail did not 1640 return an error message and did not requeue the message. 1641 Fix based on code from Roland Dirlewanger of 1642 Reseau Regional Aquarel, Bordeaux, France. 1643 Fix a problem that caused a seg fault if you got a 421 error 1644 code during some parts of connection initialization. 1645 I've only seen this when talking to buggy mailers on 1646 the other end, but it shouldn't give a seg fault in 1647 any case. From Amir Plivatsky. 1648 Fix core dump caused by a ruleset call that returns null. 1649 Fix from Bryan Costales of ICSI. 1650 Full-Name: field was being ignored. Fix from Motonori Nakamura 1651 of Kyoto University. 1652 Fix a possible problem with very long input lines in setproctitle. 1653 From P{r Emanuelsson. 1654 Avoid putting "This is a warning message" out on return receipts. 1655 Suggested by Douglas Anderson. 1656 Detect loops caused by recursive ruleset calls. Suggested by 1657 Bryan Costales. 1658 Initialize non-alias maps during alias rebuilds -- they may be 1659 needed for parsing. Problem noted by Douglas Anderson. 1660 Log sender address even if no message was collected in SMTP 1661 (e.g., if all RCPTs failed). Suggested by Motonori 1662 Nakamura. 1663 Don't reflect the owner-list contents into the envelope sender 1664 address if the value contains ", :, /, or | (to avoid 1665 illegal addresses appearing there). 1666 Efficiency hack for toktype macro -- from Craig Partridge of 1667 BB&N. 1668 Clean up DNS error printing so that a host name is always 1669 included. 1670 Remember to set $i during queue runs. Reported by Stephen 1671 Campbell of Dartmouth University. 1672 If ${HOSTALIASES} is set, use it during canonification so that 1673 headers are properly mapped. Reported by Anne Bennett 1674 of Concordia University. 1675 Avoid printing misleading error message if SMTP mailer (not 1676 using [IPC]) should die on a core dump. 1677 Avoid incorrect diagnosis of "file 1 closed" when it is caused 1678 by the other end closing the connection. From 1679 Dave Morrison of Oracle. 1680 Improve several of the error messages printed by "mailq" 1681 to include a host name or other useful information. 1682 Add NetInfo preliminary support for NeXT systems. From Vince 1683 DeMarco. 1684 Fix a glitch that sometimes caused :include:s that pointed to 1685 NFS filesystems that were down to give an "aliasing/ 1686 forwarding loop broken" message instead of queueing 1687 the message for retry. Noted by William C Fenner of 1688 the NRL Connection Machine Facility. 1689 Fix a problem that could cause a core dump if the input sequence 1690 had (or somehow acquired) a \231 character. 1691 Make sure that route-addrs always have <angle brackets> around 1692 them in non-SMTP envelopes (SMTP envelopes already do 1693 this properly). 1694 Avoid wierd headers on unbalanced punctuation of the form: 1695 ``Joe User <user)'' -- this caused reference to the 1696 null macro. Fix from Rick McCarty of IO.COM. 1697 Fix a problem that caused an alias "user: user@local.host" to 1698 not have the QNOTREMOTE bit set; this caused configs 1699 to act as if FEATURE(notsticky) was defined even when 1700 it was not. The effect of the problem was to make it 1701 very hard to to set up satellite sites that had a few 1702 local accounts, with everything else forwarded to a 1703 corporate hub. Reported by Detlef Drewanz of the 1704 University of Rostock and Mark Frost of NCD. 1705 Change queuing to not call rulesets 3, {1 or 2}, 4 on header 1706 addresses. This is more efficient (fewer name server 1707 calls) and fixes certain unusual configurations, such 1708 as those that have ruleset 4 do something that is 1709 non-idempotent unless a mailer-specific ruleset did 1710 something else. Problem reported by Brian J. Coan 1711 of the Institute for Global Communications. 1712 Fix the "obsolete argument" routine in main to better understand 1713 new arguments. For example, if you used ``sendmail 1714 -C config -v -q'' it would choke on the -q because 1715 the -C would stop looking for old-format arguments. 1716 Fix the code that was intended to allow two users to forward their 1717 mail to the same program and have them appear unique. 1718 Portability fixes for: 1719 SCO UNIX from Murray Kucherawy. 1720 SCO Open Server 3.2v4 from Philippe Brand. 1721 System V Release 4 from Rick Ellis and others. 1722 OSF/1 from Steve Campbell. 1723 DG/UX from Ben Mesander of the USGS and Bryan Curnutt 1724 of Stoner Associates. 1725 Motorola SysV88 from Kevin Johnson of Motorola. 1726 Solaris 2.3 from Casper H.S. Dik of the University 1727 of Amsterdam and John Caruso of University 1728 of Maryland. 1729 FreeBSD from Ollivier Robert. 1730 NetBSD from Adam Glass. 1731 TitanOS from Kate Hedstrom of Rutgers University. 1732 Irix from Bryan Curnutt. 1733 Dynix from Jim Davis of the University of Arizona. 1734 RISC/os. 1735 Linux from John Kennedy of California State University 1736 at Chico. 1737 Solaris 2.x from Tony Boner of the U.S. Air Force. 1738 NEXTSTEP 3.x from Vince DeMarco. 1739 HP-UX from various people. NOTA BENE: the location 1740 of the config file has moved to /usr/lib 1741 to match the HP-UX version of sendmail. 1742 CONFIG: Don't do any recipient rewriting on relay mailer; 1743 since this is intended only for internal use, the 1744 usual RFC 821/822/1123 rules can be relaxed. The 1745 main point of this is to avoid munging (ugh) UUCP 1746 addresses when relaying internally. 1747 CONFIG: fix typo in mailer/uucp.m4 that mutilates list:; 1748 syntax addresses delivered via UUCP. Solution 1749 provided by Peter Wemm. 1750 CONFIG: fix thumb-fumble in default UUCP relaying in ruleset 1751 zero; it caused double @ signs in addresses. From 1752 Irving Reid of the University of Toronto. 1753 CONFIG: Portability fixes for SCO Unix 3.2 with TCP/IP 1.2.1 1754 from Markku Toijala of ICL Personal Systems Oy. 1755 CONFIG: Add trailing "." on pseudo-domains for consistency; 1756 this fixes a problem (noted by Al Whaley of Sunnyside) 1757 that made it hard to recognize your own pseudodomain 1758 names. 1759 CONFIG: catch "@host" syntax errors (i.e., null local-parts) 1760 rather than letting them get "local configuration 1761 error"s. Problem noted by John Gardiner Myers. 1762 CONFIG: add uucp-uudom mailer variant, based on code posted 1763 by Spider Boardman <spider@Orb.Nashua.NH.US>; this 1764 has uucp-dom semantics but old UUCP syntax. This 1765 also permits "uucp-old" as an alias for "uucp" and 1766 "uucp-new" as a synonym for "suucp" for consistency. 1767 CONFIG: add POP mailer support (from Kimmo Suominen 1768 <kim@grendel.lut.fi>). 1769 CONFIG: drop CSNET_RELAY support -- CSNET is long gone. 1770 CONFIG: fix bug caused with domain literal addresses (e.g., 1771 ``[128.32.131.12]'') when FEATURE(allmasquerade) 1772 was set; it would get an additional @masquerade.host 1773 added to the address. Problem noted by Peter Wan 1774 of Georgia Tech. 1775 CONFIG: make sure that the local UUCP name is in $=w. From 1776 Jim Murray of Stratus. 1777 CONFIG: changes to UUCP rewriting to simulate IDA-style "V" 1778 mailer flag. Briefly, if you are sending to host 1779 "foo", then it rewrites "foo!...!baz" to "...!baz", 1780 "foo!baz" remains "foo!baz", and anything else has 1781 the local name prepended. 1782 CONFIG: portability fixes for HP-UX. 1783 DOC: several minor problems fixed in the Install & Op Guide. 1784 MAKEMAP: fix core dump problem on lines that are too long or 1785 which lack newline. From Mark Delany. 1786 MAILSTATS: print sums of columns (total messages & kbytes 1787 in and out of the system). From Tom Ferrin of UC 1788 San Francisco Computer Graphics Lab. 1789 SIGNIFICANT USER- OR SYSAD-VISIBLE CHANGES: 1790 On HP-UX, /etc/sendmail.cf has been moved to 1791 /usr/lib/sendmail.cf to match HP sendmail. 1792 Permissions have been tightened up on world-writable 1793 :include: files and accounts that have shells 1794 that are not listed in /etc/shells. This may 1795 cause some .forward files that have worked 1796 before to start failing. 1797 SIGUSR1 dumps some state to the log. 1798 NEW FILES: 1799 src/Makefile.DGUX 1800 src/Makefile.Dynix 1801 src/Makefile.FreeBSD 1802 src/Makefile.Mach386 1803 src/Makefile.NetBSD 1804 src/Makefile.RISCos 1805 src/Makefile.SCO 1806 src/Makefile.SVR4 1807 src/Makefile.Titan 1808 cf/mailer/pop.m4 1809 cf/ostype/bsdi1.0.m4 1810 cf/ostype/dgux.m4 1811 cf/ostype/dynix3.2.m4 1812 cf/ostype/sco3.2.m4 1813 makemap/Makefile.dist 1814 praliases/Makefile.dist 1815 18168.6.4/8.6.4 93/10/31 1817 Repair core-dump problem (write to read-only memory segment) 1818 if you fall back to the return-to-Postmaster case in 1819 savemail. Problem reported by Richard Liu. 1820 Immediately diagnose bogus sender addresses in SMTP. This 1821 makes quite certain that crackers can't use this 1822 class of attack. 1823 Reliability Fix: check return value from fclose() and fsync() 1824 in a few critical places. 1825 Minor problem in initsys() that reversed a condition for 1826 redirecting the output channel on queue runs. It's 1827 not clear this code even does anything. From Eric 1828 Wassenaar of the Dutch National Institute for Nuclear 1829 and High-Energy Physics. 1830 Fix some problems that caused queue runs to do "too much work", 1831 such as double-reading the Errors-To: header. From 1832 Eric Wassenaar. 1833 Error messages on writing the temporary file (including the 1834 data file) were getting suppressed in SMTP -- this 1835 fix causes them to be properly reported. From Eric 1836 Wassenaar. 1837 Some changes to support AF_UNIX sockets -- this will only 1838 really become relevant in the next release, but some 1839 people need it for local patches. From Michael 1840 Corrigan of UC San Diego. 1841 Use dynamically allocated memory (instead of static buffers) 1842 for macros defined in initsys() and settime(); since 1843 these can have different values depending on which 1844 envelope they are in. From Eric Wassenaar. 1845 Improve logging to show ctladdr on to= logging; this tells you 1846 what uid/gid processes ran as. 1847 Fix a problem that caused error messages to be discarded if 1848 the sender address was unparseable for some reason; 1849 this was supposed to fall back to the "return to 1850 postmaster" case. 1851 Improve aliaswait backoff algorithm. 1852 Portability patches for Linux (8.6.3 required another header 1853 file) (from Karl London) and SCO UNIX. 1854 CONFIG: patch prog mailer to not strip host name off of envelope 1855 addresses (so that it matches local again). From 1856 Christopher Davis. 1857 CONFIG: change uucp-dom mailer so that "<>" translates to $n; 1858 this prevents uux from seeing lines with null names like 1859 ``From Sat Oct 30 14:55:31 1993''. From Motonori 1860 Nakamura of Kyoto University. 1861 CONFIG: handle <list:;> syntax correctly. This isn't legal, but 1862 it shouldn't fail miserably. From Motonori Nakamura. 1863 18648.6.3/8.6.3 93/10/24 1865 IMPORTANT FIX: Fix several problems that caused open files to 1866 be "lost" during queue runs; this overflowed the open 1867 file table on large runs. An assumption that fdopen 1868 always succeeds sometimes resulted in core dumps when 1869 this happens; sometimes the message is delivered twice, 1870 sometimes (probably) infinite times. This problem in 1871 various form was reported by P{r (Pell) Emanuelsson and 1872 Robert Campbell of U.C. Berkeley. 1873 Special diagnosis of EMFILE error conditions -- it now prints 1874 the known open file descriptors so you can figure out 1875 what is consuming so much resources. 1876 Fix a couple of problems caused by early address parsing 1877 errors -- one caused it to return a "this is only a 1878 warning" when it really wasn't, and the other started 1879 parsing through a random pointer. The first was 1880 noted by Eric Wassenaar. 1881 Fix an infinite loop problem caused by null components in the 1882 host signature. Problem noted by Jan Sorensen. 1883 Be sure to reset the "current date" when sending an error 1884 message -- PostMasterCopy messages were being sent 1885 with an old Date: header. 1886 Fix a problem that caused duplicated mail when sendmail was 1887 (1) compiled without HASFLOCK, (2) you are sending to 1888 an alias that has an owner-* alias, (3) you execute 1889 sendmail with -t flag, (4) you run in -odb mode, and 1890 (5) the sender specifies both the alias name and 1891 another alias [i.e., the envelope is split], then 1892 duplicate messages are sent. The problem description 1893 and one-line fix are from Motonori Nakamura of Kyoto 1894 University. 1895 Avoid a problem that causes error messages to be discarded 1896 in some cases -- this was the result of a "fix" to 1897 avoid duplicate error messages, but two are better 1898 than zero. Reported by Tim Rylance. 1899 Fix a minor botch in checkfd012() -- fix from Dave Hill of 1900 Computervision R&D Ltd. 1901 Remove "X-Authentication-Warning: <user> set sender to <address> 1902 using -f" entirely -- it is far too eager to include 1903 this, and it is confusing folks. I'll try to make it 1904 work "right" in 8.7. Problem noted by Yoshitaka 1905 Tokugawa of dit Co., Ltd. 1906 Fix a race condition with the errno value in tick() and 1907 reapchild() -- this caused occasional misdiagnosis 1908 of problems. Kyle Jones of UUNET helped this along. 1909 Repair rule loop-detection code. From Michael Corrigan of 1910 U.C. San Diego. 1911 Fix a problem that caused sender domain addition (C mailer 1912 flag to be ignored if you use -odq or use -odb with 1913 a high load average. Problem reported by Jim Murray 1914 of Stratus. 1915 Fix ident protocol on multi-homed machines. It was not 1916 always using the correct interface. Fix from J.R. 1917 Oldroyd of Opal. 1918 Previously, sendmail assumed that any SMTP greeting message 1919 that wasn't 2xx was a temporary failure -- it should 1920 only take 4xx as a temporary failure, and return a 1921 solid error message on anything else -- for example, 1922 to allow you to reject connections on a workstation 1923 that is MXed to a mail server. 1924 Portability enhancements for 386BSD/FreeBSD/NetBSD from 1925 Ollivier Robert. 1926 CONFIG: FEATURE(always_add_domain) didn't always add the domain; 1927 in particular, on local mail it modified the header sender 1928 but not the header recipient address(es). Reported by 1929 Jeffrey Honig of Cornell University. Also, strip 1930 any host from envelope recipient address(es), since 1931 local mailers don't understand host names -- this is 1932 to help mailertable entries. From Christopher Davis. 1933 CONFIG: masquerading didn't apply to addresses that already 1934 had a domain. This change replaces a local hostname 1935 by the masquerade name in the SMTP mailer (previously 1936 it only added the masquerade name if it didn't already 1937 have a domain name). Several people complained about 1938 this. 1939 19408.6.2/8.6.2 93/10/15 1941 Put a "successful delivery" message in the transcript for 1942 addresses that get return-receipts. 1943 Put a prominent "this is only a warning" message in warning 1944 messages -- some people don't read carefully enough 1945 and end up sending the message several times. 1946 Include reason for temporary failure in the "warning" return 1947 message. Currently, it just says "cannot send for 1948 four hours". 1949 Fix the "Original message received" time generated for 1950 returntosender messages. It was previously listed as 1951 the current time. Bug reported by Eric Hagberg of 1952 Cornell University Medical College. 1953 If there is an error when writing the body of a message, 1954 don't send the trailing dot and wait for a response 1955 in sender SMTP, as this could cause the connection to 1956 hang up under some bizarre circumstances. From Eric 1957 Wassenaar. 1958 Fix some server SMTP synchronization problems caused when 1959 connections fail during message collection. From 1960 Eric Wassenaar. 1961 Fix a problem that can cause srvrsmtp to reject mail if the 1962 name server is down -- it accepts the RCPT but rejects 1963 the DATA command. Problem reported by Jim Murray of 1964 Stratus. 1965 Fix a problem that can cause core dumps if the config file 1966 incorrectly resolves to a null hostname. Reported by 1967 Allan Johannesen of WPI. 1968 Non-root use of -C flag, dangerous -f flags, and use of -oQ 1969 by non-root users were not put into 1970 X-Authentication-Warning:s as intended because the 1971 config file hadn't set the PrivacyFlags yet. Fix 1972 from Sven-Ove Westberg of the University of Lulea. 1973 Under very odd circumstances, the alias file rebuild code 1974 could get confused as to whether a database was 1975 open or not. 1976 Check "vendor code" on the end of V lines -- this is 1977 intended to provide a hook for vendor-specific 1978 configuration syntax. (This is a "new feature", 1979 but I've made an exception to my rule in a belief 1980 that this is a highly exceptional case.) 1981 Portability fixes for DG/UX (from Douglas Anderson of NCSC), 1982 SCO Unix (from Murray Kucherawy), A/UX, and OSF/1 1983 (from Jon Forrest of UC Berkeley) 1984 CONFIG: fix ``mailer:host'' form of UUCP relay naming. 1985 19868.6.1/8.6 93/10/08 1987 Portability fixes for A/UX and Encore UMAX V. 1988 Fix error message handling -- if you had a name server down 1989 causing an error during parsing, that message was never 1990 propogated to the queue file. 1991 19928.6/8.6 93/10/05 1993 Configuration cleanup: make it easier to undo IDENTPROTO in 1994 conf.h (other systems have the same bug). 1995 If HASGETDTABLESIZE and _SC_OPEN_MAX are both defined, assume 1996 getdtablesize() instead of sysconf(); a disturbingly 1997 large number of systems defined _SC_OPEN_MAX in the 1998 header files but don't have the syscall. 1999 Another patch to really truly ignore MX records in getcanonname 2000 if trymx == FALSE. 2001 Fix problem that caused the "250 IAA25499 Message accepted for 2002 delivery" message to be omitted if there was an error 2003 in the header of the message (e.g., a bad Errors-To: 2004 line). Pointed out by Michael Corrigan of UCSD. 2005 Announce name of host we are chatting when we get errors; this 2006 is an IDA-ism suggested by Christophe Wolfhugel. 2007 Portability fixes for Alpha OSF/1 (from Anthony Baxter of the 2008 Australian Artificial Intelligence Institute), SCO Unix 2009 (from Murray Kucherawy of Hookup Communication Corp.), 2010 NeXT (from Vince DeMarco and myself), Linux (from 2011 Karl London <karl@borg.demon.co.uk>), BSDI (from 2012 Christophe Wolfhugel, and SVR4 on Dell (from Kimmo 2013 Suominen), AUX 3.0 on Macintosh, and ANSI C compilers. 2014 Some changes to get around gcc optimizer bugs. From Takahiro 2015 Kanbe. 2016 Fix error recovery in queueup if another tf file of the same 2017 name already exists. Problem stumbled over by Bill 2018 Wisner of The Well. 2019 Output YP_MASTER_NAME and YP_LAST_MODIFIED without null bytes. 2020 Problem noted by Keith McMillan of Ameritech Services. 2021 Deal with group permissions properly when opening .forward and 2022 :include: files. This relaxes the 8.1C restrictions 2023 slightly more. This includes proper setting of groups 2024 when reading :include: files, allowing you to read some 2025 files that you should be able to read but have previously 2026 been denied unless you owned them or they had "other" 2027 read permission. 2028 Make certain that $j is in $=w (after the .cf is read) so that 2029 if the user is forced to override some silly system, 2030 MX suppression will still work. 2031 Fix a couple of efficiency problems where newstr was double- 2032 calling expensive routines. In at least one case, it 2033 wasn't guaranteed that they would always return the 2034 same result. Problem noted by Christophe Wolfhugel. 2035 Fix null pointer dereference in putoutmsg -- only on an error 2036 condition from a non-SMTP mailer. From Motonori 2037 Nakamura. 2038 Macro expand "C" line class definitions before scanning so that 2039 "CX $Z" works. 2040 Fix problem that caused error message to be sent while still 2041 trying to send the original message if the connection 2042 is closed during a DATA command after getting an error 2043 on an RCPT command (pretty obscure). Problem reported 2044 by John Myers of CMU. 2045 Fix reply to NOOP to be 250 instead of 200 -- this is a long 2046 term bug. 2047 Fix a nasty bug causing core dumps when returning the "warning: 2048 cannot deliver for N hours -- will keep trying" message; 2049 it only occurred if you had PostMasterCopy set and 2050 only on some architectures. Although sendmail would 2051 keep trying, it would send error messages on each 2052 queue interval. This is an important fix. 2053 Allow u and g options to take user and group names respectively. 2054 Don't do a chdir into the queue directory in -bt mode to make 2055 ruleset testing a bit easier. 2056 Don't allow users to turn off logging (using -oL) on the command 2057 line -- command line can only raise, not lower, logging 2058 level. 2059 Set $u to the original recipient on the SMTP transaction or on 2060 the command line. This is only done if there is exactly 2061 one recipient. Technically, this does not meet the 2062 specs, because it does not guarantee a domain on the 2063 address. 2064 Fix a problem that dumped error messages on bad addresses if 2065 you used the -t flag. Problem noted by Josh Smith of 2066 Harvey Mudd College. 2067 Given an address such as ``<foo> <bar>'', auto-quote the first 2068 ``<foo>'' part, giving ``"<foo>" <bar>''. This is to 2069 avoid the problem of people who use angle brackets in 2070 their full name information. 2071 Fix a null pointer dereference if you set option "l", have 2072 an Errors-To: header in the message, and have Errors-To: 2073 defined in the config file H lines. From J.R. Oldroyd. 2074 Put YPCOMPAT on #ifdef NIS instead -- it's one less thing to get 2075 wrong when compiling. Suggested by Rick McCarty of TI. 2076 Fix a problem that could pass negative SIZE parameter if the 2077 df file got lost; this would cause servers to always 2078 give a temporary failure, making the problem even worse. 2079 Problem noted by Allan Johannesen of WPI. 2080 Add "ident" timeout (one of the "r" option selectors) for IDENT 2081 protocol timeouts (30s default). Requested by Murray 2082 Kucherawy of HookUp Communication Corp. to handle bogus 2083 PC TCP/IP implementations. 2084 Change $w default definition to be just the first component of 2085 the domain name on config level 5. The $j macro defaults 2086 to the FQDN; $m remains as before. This lets well-behaved 2087 config files use any of the short, long, or subdomain 2088 names. 2089 Add makesendmail script in src to try to automate multi-architecture 2090 builds. I know, this is sub-optimal, but it is still 2091 helpful. 2092 Fix very obscure race condition that can cause a queue run to 2093 get a queue file for an already completed job. This 2094 problem has existed for years. Problem noted by the 2095 long suffering Allan Johannesen of WPI. 2096 Fix a problem that caused the raw sender name to be passed to 2097 udbsender instead of the canonified name -- this caused 2098 it to sometimes miss records that it should have found. 2099 Relax check of name on HELO packet so that a program using -bs 2100 that claims to be itself works properly. 2101 Restore rewriting of $: part of address through 2, R, 4 in 2102 buildaddr -- this requires passing a lot of flags to get 2103 it right. Unlike old versions, this ONLY rewrites 2104 recipient addresses, not sender addresses. 2105 Fix a bug that caused core dumps in config files that cannot 2106 resolve /file/name style addresses. Fix from Jonathan 2107 Kamens of OpenVision Technologies. 2108 Fix problem with fcntl locking that can cause error returns to 2109 be lost if the lock is lost; this required fully 2110 queueing everything, dropping the envelope (so errors 2111 would get returned), and then re-reading the queue from 2112 scratch. 2113 Fix a problem that caused aliases that redefine an otherwise 2114 true address to still send to the original address 2115 if and only if the alias failed in certain bizarre 2116 ways (e.g, if they pointed at a list:; syntax address). 2117 Problem pointed out by Jonathan Kamens. 2118 Remove support for frozen configuration files. They caused 2119 more trouble than it was worth. 2120 Fix problem that can cause error messages to get ignored when 2121 using both -odb and -t flags. Problem noted by Rob 2122 McNicholas at U.C. Berkeley. 2123 Include all "normal" variations on hostname in $=w. For example, 2124 if the host name is vangogh.cs.berkeley.edu, $=w will 2125 contain vangogh, vangogh.cs, and vangogh.cs.berkeley.edu. 2126 Add "restrictqrun" privacy flag -- without this, anyone can run 2127 the queue. 2128 Reset SmtpPhase global on initial connection creation so that 2129 messages don't come out with stale information. 2130 Pass an "ext" argument to lockfile so that error/log messages 2131 will properly reflect the true filename being locked. 2132 Put all [...] address forms into $=w -- this eliminates the need 2133 for MAXIPADDR in conf.h. Suggested by John Gardiner 2134 Myers of CMU. 2135 Fix a bug that can cause qf files to be left around even after 2136 an SMTP RSET command. Problem and fix from Michael 2137 Corrigan. 2138 Don't send a PostMasterCopy to errors when the Precedence: is 2139 negative. Error reports still go to the envelope 2140 sender address. 2141 Add LA_SHORT for load averages. 2142 Lock sendmail.st file when posting statistics. 2143 Add "SendBufSize" and "RcvBufSize" suboptions to "O" option to 2144 set the size of the TCP send and receive buffers; if you 2145 run over a slow slip line you may need to set these down 2146 (although it would be better to fix the SLIP implementation 2147 so that it's not necessary to recompile every program 2148 that does bulk data transfer). 2149 Allow null defaults on $( ... $) lookups. Problem reported by 2150 Amir Plivatsky. 2151 Diagnose crufty S and V config lines. This resulted from an 2152 observation that some people were using the SITE macro 2153 without the SITECONFIG macro first, which was causing 2154 bogus config files that were not caught. 2155 Fix makemap -f flag to turn off case folding (it was turning it 2156 on instead). THIS IS A USER VISIBLE CHANGE!!! 2157 Fix a problem that caused multiple error messages to be sent if 2158 you used "sendmail -t -oem -odb", your system uses fcntl 2159 locking, and one of the recipient addresses is unknown. 2160 Reset uid earlier in include() so that recursive .forwards or 2161 :include:s don't use the wrong uid. 2162 If file descriptor 0, 1, or 2 was closed when sendmail was 2163 called, the code to recover the descriptor was broken. 2164 This sometimes (only sometimes) caused problems with the 2165 alias file. Fix from Motonori Nakamura. 2166 Fix a problem that caused aliaswait to go into infinite recursion 2167 if the @:@ metasymbol wasn't found in the alias file. 2168 Improve error message on newaliases if database files cannot be 2169 opened or if running with no database format defined. 2170 Do a better estimation of the size of error messages when NoReturn 2171 is set. Problem noted by P{r (Pell) Emanuelsson. 2172 Fix a problem causing the "c" option (don't connect to expensive 2173 mailers) to be ignored in SMTP. Problem noted and the 2174 solution suggested by Robert Elz of Munnari University. 2175 Improve connection caching algorithm by passing "[host]" to 2176 hostsignature, which strips the square brackets and 2177 returns the real name. This allows mailertable entries 2178 to match regular entries. 2179 Re-enable Return-Receipt-To: -- people seem to want this stupid 2180 feature, even if it doesn't work right. 2181 Catch and log attempts to try the "wiz" command in server SMTP. 2182 This also ups the log level from LOG_NOTICE to LOG_CRIT. 2183 Be more generous at assigning $z to the home directory -- do this 2184 for programs that are specified through a .forward file. 2185 Fix from Andrew Chang of Sun Microsystems. 2186 Always save a fatal error message in preference to a non-fatal 2187 error message so that the "subject" line of return 2188 messages is the best possible. 2189 CONFIG: reduce the number of quotes needed to quote configuration 2190 parameters with commas: two quotes should work now, e.g., 2191 define(ALIAS_FILE, ``/etc/aliases,/etc/aliases.local''). 2192 CONFIG: class $=Z is a set of UUCP hosts that use uucp-dom 2193 connections (domain-ized UUCP). 2194 CONFIG: fix bug in default maps (-o must be before database file 2195 name). Pointed out by Christophe Wolfhugel. 2196 CONFIG: add FEATURE(nodns) to state that we are not relying on 2197 DNS. This would presumably be used in UUCP islands. 2198 CONFIG: add OSTYPE(nextstep) and OSTYPE(linux). 2199 CONFIG: log $u in Received: line. This is in technical violation 2200 of the standards, since it doesn't guarantee a domain 2201 on the address. 2202 CONFIG: don't assume "m" in local mailer flags -- this means that 2203 if you redefine LOCAL_MAILER_FLAGS you will have to include 2204 the "m" flag should you want it. Apparently some Solaris 2.2 2205 installations can't handle multiple local recipients. 2206 Problem noted by Josh Smith. 2207 CONFIG: add confDOMAIN_NAME to set $j (if undefined, $j defaults). 2208 CONFIG: change default version level from 4 to 5. 2209 CONFIG: add FEATURE(nullclient) to create a config file that 2210 forwards all mail to a hub without ever looking at the 2211 addresses in any detail. 2212 CONFIG: properly strip mailer: information off of relays when 2213 used to change .BITNET form into %-hack form. 2214 CONFIG: fix a problem that caused infinite loops if presented 2215 with an address such as "!foo". 2216 CONFIG: check for self literal (e.g., [128.32.131.12]) even if 2217 the reverse "PTR" mapping is broken. There's a better 2218 way to do this, but the change is fairly major and I 2219 want to hold it for another release. Problem noted by 2220 Bret Marquis. 2221 22228.5/8.5 93/07/23 2223 Serious bug: if you used a command line recipient that was unknown 2224 sendmail would not send a return message (it was treating 2225 everything as though it had an SMTP-style client that 2226 would do the return itself). Problem noted by Josh Smith. 2227 Change "trymx" option in getcanonname() to ignore all MX data, 2228 even during a T_ANY query. This actually didn't break 2229 anything, because the only time you called getcanonname 2230 with !trymx was if you already knew there were no MX 2231 records, but it is somewhat cleaner. From Motonori 2232 Nakamura. 2233 Don't call getcanonname from getmxrr if you already know there 2234 are no DNS records matching the name. 2235 Fix a problem causing error messages to always include "The 2236 original message was received ... from localhost". 2237 The correct original host information is now included. 2238 Previous change to cf/sh/makeinfo.sh doesn't port to Ultrix (their 2239 version of "test" doesn't have the -x flag). Change it 2240 to use -f instead. From John Myers. 2241 CONFIG: 8.4 mistakenly set the default SMTP-style mailer to 2242 esmtp -- it should be smtp. 2243 CONFIG: send all relayed mail using confRELAY_MAILER (defaults 2244 to "relay" (a variant of "smtp") if MAILER(smtp) is used, 2245 else "suucp" if MAILER(uucp) is used, else "unknown"); 2246 this cleans up the configs somewhat. This fixes a serious 2247 problem that caused route-addrs to get mistaken as relays, 2248 pointed out by John Myers. WARNING: this also causes 2249 the default on SMART_HOST to change from "suucp" to 2250 "relay" if you have MAILER(smtp) specified. 2251 22528.4/8.4 93/07/22 2253 Add option `w'. If you receive a message that comes to you because 2254 you are the best (lowest preference) target of an MX, and 2255 you haven't explicitly recognized the source MX host in 2256 your .cf file, this option will cause you to try the target 2257 host directly (as if there were no MX for it at all). If 2258 `w' is not set, this case is a configuration error. 2259 Beware: if `w' is set, senders may get bogus errors like 2260 "message timed out" or "host unknown" for problems that 2261 are really configuration errors. This option is 2262 disrecommended, provided only for compatibility with 2263 UIUC sendmail. 2264 Fix a problem that caused the incoming socket to be left open 2265 when sendmail forks after the DATA command. This caused 2266 calling systems to wait in FIN_WAIT_2 state until the 2267 entire list was processed and the child closed -- a 2268 potentially prodigious amount of time. Problem noted 2269 by Neil Rickert. 2270 Fix problem (created in 6.64) that caused mail sent to multiple 2271 addresses, one of which was a bad address, to completely 2272 suppress the sending of the message. This changes 2273 handling of EF_FATALERRS somewhat, and adds an 2274 EF_GLOBALERRS flag. This also fixes a potential problem 2275 with duplicate error messages if there is a syntax error 2276 in the header of a message that isn't noticed until late 2277 in processing. Original problem pointed out by Josh Smith 2278 of Harvey Mudd College. This release includes quite a bit 2279 of dickering with error handling (see below). 2280 Back out SMTP transaction if MAIL gets nested 501 error. This 2281 will only hurt already-broken software and should help 2282 humans. 2283 Fix a problem that broke aliases when neither NDBM nor NEWDB were 2284 compiled in. It would never read the alias file. 2285 Repair unbalanced `)' and `>' (the "open" versions are already 2286 repaired). 2287 Logging of "done" in dropenvelope() was incorrect: it would 2288 log this even when the queue file still existed. Change 2289 this to only log "done" (at log level 11) when the 2290 queue file is actually removed. From John Myers. 2291 Log "lost connection" in server SMTP at log level 20 if there 2292 is no pending transaction. Some senders just close the 2293 connection rather than sending QUIT. 2294 Fix a bug causing getmxrr to add a dot to the end of unqualified 2295 domains that do not have MX records -- this would cause 2296 the subsequent host name lookup to fail. The problem 2297 only occurred if you had FEATURE(nocanonify) set. 2298 Problem noted by Rick McCarty of Texas Instruments. 2299 Fix invocation of setvbuf when passed a -X flag -- I had 2300 unwittingly used an ANSI C extension, and this caused 2301 core dumps on some machines. 2302 Diagnose self-destructive alias loops on RCPT as well as EXPN. 2303 Previously it just gave an empty send queue, which 2304 then gave either "Need RCPT (recipient)" at the DATA 2305 (confusing, since you had given an RCPT command which 2306 returned 250) or just dropped the email, depending on 2307 whether you were running VERBose mode. Now it usually 2308 diagnoses this case as "aliasing/forwarding loop broken". 2309 Unfortunately, it still doesn't adequately diagnose 2310 some true error conditions. 2311 Add internal concept of "warning messages" using 6xx codes. 2312 These are not reported only to Postmaster. Unbalanced 2313 parens, brackets, and quotes are printed as 653 codes. 2314 They are always mapped to 5xx codes before use in SMTP. 2315 Clean up error messages to tell both the actual address that 2316 failed and the alias they arose from. This makes it 2317 somewhat easier to diagnose problems. Difficulty noted 2318 by Motonori Nakamura. 2319 Fix a problem that inappropriately added a ctladdr to addresses 2320 that shouldn't have had one during a queue run. This 2321 caused error messages to be handled differently during 2322 a queue run than a direct run. 2323 Don't print the qf name and line number if you get errors during 2324 the direct run of the queue from srvrsmtp -- this was 2325 just extra stuff for users to crawl through. 2326 Put command line flags on second line of pid file so you can 2327 auto-restart the daemon with all appropriate arguments. 2328 Use "kill `head -1 /etc/sendmail.pid`" to stop the 2329 daemon, and "eval `tail -1 /etc/sendmail.pid`" to 2330 restart it. 2331 Remove the ``setuid(getuid())'' in main -- this caused the 2332 IDENT daemon to screw up. This required that I change 2333 HASSETEUID to HASSETREUID and complicate the mode 2334 changing somewhat because both Ultrix and SunOS seem 2335 to have a bug causing seteuid() to set the saved uid 2336 as well as the effective. The program test/t_setreuid.c 2337 will test to see if your implementation of setreuid(2) 2338 is appropriately functional. 2339 The FallBackMX (option V) handling failed to properly identify 2340 fallback to yourself -- most of the code was there, 2341 but it wasn't being enabled. Problem noted by Murray 2342 Kucherawy of the University of Waterloo. 2343 Change :include: open timeout from ETIMEDOUT to an internal 2344 code EOPENTIMEOUT; this avoids adding "during SmtpPhase 2345 with CurHostName" in error messages, which can be 2346 confusing. Reported by Jonathan Kamens of OpenVision 2347 Technologies. 2348 Back out setpgrp (setpgid on POSIX systems) call to reset the 2349 process group id. The original fix was to get around 2350 some problems with recalcitrant MUAs, but it breaks 2351 any call from a shell that creates a process group id 2352 different from the process id. I could try to fix 2353 this by diddling the tty owner (using tcsetpgrp or 2354 equivalent) but this is too likely to break other 2355 things. 2356 Portability changes: 2357 Support -M as equivalent to -oM on Ultrix -- apparently 2358 DECnet calls sendmail with -MrDECnet -Ms<HOST> -bs 2359 instead of using standard flags. Oh joy. This 2360 behaviour reported by Jon Giltner of University 2361 of Colorado. 2362 SGI IRIX -- this includes several changes that should 2363 help other strict ANSI compilers. 2364 SCO Unix -- from Murray Kucherawy of HookUp Communication 2365 Corporation. 2366 Solaris running the Sun C compiler (which despite the 2367 documentation apparently doesn't define 2368 __STDC__ by default). 2369 ConvexOS from Eric Schnoebelen of Convex. 2370 Sony NEWS workstations and Omron LUNA workstations from 2371 Motonori Nakamura. 2372 CONFIG: add confTRY_NULL_MX_LIST to set option `w'. 2373 CONFIG: delete `C' and `e' from default SMTP mailers flags; 2374 several people have made a good argument that this 2375 creates more problems than it solves (although this 2376 may prove painful in the short run). 2377 CONFIG: generalize all the relays to accept a "mailer:host" 2378 format. 2379 CONFIG: move local processing in ruleset 0 into a new ruleset 2380 98 (8 on old sendmail). Domain literal [a.b.c.d] 2381 addresses are also passed through this ruleset. 2382 CONFIG: if neither SMART_HOST nor MAILER(smtp) were defined, 2383 internet-style addresses would "fall off the end" of 2384 ruleset zero and be interpreted as local -- however, 2385 the angle brackets confused the recursive call. 2386 These are now diagnosed as "Unrecognized host name". 2387 CONFIG: USENET rules weren't included in S0 because of a mistaken 2388 ifdef(`_MAILER_USENET_') instead of 2389 ifdef(`_MAILER_usenet_'). Problem found by Rein Tollevik 2390 of SINTEF RUNIT, Oslo. 2391 CONFIG: move up LOCAL_RULE_0 processing so that it happens very 2392 early in ruleset 0; this allows .mc authors to bypass 2393 things like the "short circuit" code for local addresses. 2394 Prompted by a comment by Bill Wisner of The Well. 2395 CONFIG: add confSMTP_MAILER to define the mailer used (smtp or 2396 esmtp) to send SMTP mail. This allows you to default 2397 to esmtp but use a mailertable or other override to 2398 deal with broken servers. This logic was pointed out 2399 to me by Bill Wisner. Ditto for confLOCAL_MAILER. 2400 Changes to cf/sh/makeinfo.sh to make it portable to SVR4 2401 environments. Ugly as sin. 2402 24038.3/8.3 93/07/13 2404 Fix setuid problems introduced in 8.2 that caused messages 2405 like "Cannot create qfXXXXXX: Invalid argument" 2406 or "Cannot reopen dfXXXXXX: Permission denied". This 2407 involved a new compile flag "HASSETEUID" that takes 2408 the place of the old _POSIX_SAVED_IDS -- it turns out 2409 that the POSIX interface is broken enough to break 2410 some systems badly. This includes some fixes for 2411 HP-UX. Also fixes problems where the real uid is 2412 not reset properly on startup (from Neil Rickert). 2413 Fix a problem that caused timed out messages to not report the 2414 addresses that timed out. Error messages are also more 2415 "user friendly". 2416 Drop required bandwidth on connections from 64 bytes/sec to 2417 16 bytes/sec. 2418 Further Solaris portability changes -- doesn't require the BSD 2419 compatibility library. This also adds a new 2420 "HASGETDTABLESIZE" compile flag which can be used if 2421 you want to use getdtablesize(2) instead of sysconf(2). 2422 These are loosely based on changes from David Meyer at 2423 University of Oregon. This now seems to work, at least 2424 for quick test cases. 2425 Fix a problem that can cause duplicate error messages to be 2426 sent if you are in SMTP, you send to multiple addresses, 2427 and at least one of those addresses is good and points 2428 to an account that has a .forward file (whew!). 2429 Fix a problem causing messages to be discarded if checkcompat() 2430 returned EX_TEMPFAIL (because it didn't properly mark 2431 the "to" address). Problem noted by John Myers. 2432 Fix dfopen to return NULL if the open failed; I was depending 2433 on fdopen(-1) returning NULL, which isn't the case. This 2434 isn't serious, but does result in wierd error diagnoses. 2435 From Michael Corrigan. 2436 CONFIG: add UUCP_MAX_SIZE M4 macro to set the maximum size of 2437 messages sent through UUCP-family mailers. Suggested 2438 by Bill Wisner of The Well. 2439 CONFIG: if both MAILER(uucp) and MAILER(smtp) are specified, 2440 include a "uucp-dom" mailer that uses domain-style 2441 addressing. Suggested by Bill Wisner. 2442 CONFIG: Add LOCAL_SHELL_FLAGS and LOCAL_SHELL_ARGS to match 2443 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS. Suggested by 2444 Christophe Wolfhugel. 2445 CONFIG: Add OSTYPE(aix3). From Christophe Wolfhugel. 2446 24478.2/8.2 93/07/11 2448 Don't drop out on config file parse errors in -bt mode. 2449 On older configuration files, assume option "l" (use Errors-To 2450 header) for back compatibility. NOTE: this DOES NOT 2451 imply an endorsement of the Errors-To: header in any way. 2452 Accept -x flag on AIX-3 as well as OSF/1. Why, why, why??? 2453 Don't log errors on EHLO -- it isn't a "real" error for an old 2454 SMTP server to give an error on this command, and 2455 logging it in the transcript can be confusing. Fix 2456 from Bill Wisner. 2457 IRIX compatibility changes provided by Dan Rich 2458 <drich@sandman.lerc.nasa.gov>. 2459 Solaris 2 compatibility changes. Provided by Bob Cunningham 2460 <bob@kahala.soest.hawaii.edu>, John Oleynick 2461 <juo@klinzhai.rutgers.edu> 2462 Debugging: -d17 was overloaded (hostsignature and usersmtp.c); 2463 move usersmtp (smtpinit and smtpmailfrom) to -d18 to 2464 match the other flags in that file. 2465 Flush transcript before fork in mailfile(). From Eric Wassenaar. 2466 Save h_errno in mci struct and improve error message display. 2467 Changes from Eric Wassenaar. 2468 Open /dev/null for the transcript if the create of the xf file 2469 failed; this avoids at least one possible null pointer 2470 reference in very wierd cases. From Eric Wassenaar. 2471 Clean up statistics gathering; it was over-reporting because of 2472 forks. From Eric Wassenaar. 2473 Fix problem that causes old Return-Path: line to override new 2474 Return-Path: line (conf.c needs H_FORCE to avoid 2475 re-using old value). From Motonori Nakamura. 2476 Fix broken -m flag in K definition -- even if -m (match only) 2477 was specified, it would still replace the key with the 2478 value. Noted by Rick McCarty of Texas Instruments. 2479 If the name server timed out over several days, no "timed out" 2480 message would ever be sent back. The timeout code 2481 has been moved from markfailure() to dropenvelope() 2482 so that all such failures should be diagnosted. Pointed 2483 out by Christophe Wolfhugel and others. 2484 Relax safefile() constraints: directories in an include or 2485 forward path must be readable by self if the controlling 2486 user owns the entry, readable by all otherwise (e.g., 2487 when reading your .forward file, you have to own and 2488 have X permssion in it; everyone needs X permission in 2489 the root and directories leading up to your home); 2490 include files must be readable by anyone, but need not 2491 be owned by you. 2492 If _POSIX_SAVED_IDS is defined, setuid to the owner before 2493 reading a .forward file; this gets around some problems 2494 on NFS mounts if root permission is not exported and 2495 the user's home directory isn't x'able. 2496 Additional NeXT portability enhancements from Axel Zinser. 2497 Additional HP-UX portability enhancements from Brian Bullen. 2498 Add a timeout around SMTP message writes; this assumes you can 2499 get throughput of at least 64 bytes/second. Note that 2500 this does not impact the "datafinal" default, which 2501 is separate; this is just intended to work around 2502 network clogs that will occur before the final dot 2503 is sent. From Eric Wassenaar. 2504 Change map code to set the "include null" flag adaptively -- 2505 it initially tries both, but if it finds anything 2506 matching without a null it never tries again with a 2507 null and vice versa. If -N is specified, it never 2508 tries without the null and creates new maps with a 2509 null byte. If -O is specified, it never tries with 2510 the null (for efficiency). If -N and -O are specified, 2511 you get -NO (get it?) lookup at all, so this would 2512 be a bad idea. If you don't specify either -N or -O, 2513 it adapts. 2514 Fix recognition of "same from address" so that MH submissions 2515 will insert the appropriate full name information; 2516 this used to work and got broken somewhere along the 2517 way. 2518 Some changes to eliminate some unnecessary SYSERRs in the 2519 log. For example, if you lost a connection, don't 2520 bother reporting that fact on the connection you lost. 2521 Add some "extended debugging" flags to try to track down 2522 why we get occassional problems with file descriptor 2523 one being closed when execing a mailer; it seems to 2524 only happen when there has been another error in the 2525 same transaction. This requires XDEBUG, defined 2526 by default in conf.h. 2527 Add "-X filename" command line flag, which logs both sides of 2528 all SMTP transactions. This is intended ONLY for 2529 debugging bad implementations of other mailers; start 2530 it up, send a message from a mailer that is failing, 2531 and then kill it off and examine the indicated log. 2532 This output is not intended to be particularly human 2533 readable. This also adds the HASSETVBUF compile 2534 flag, defaulted on if your compiler defines __STDC__. 2535 CONFIG: change SMART_HOST to override an SMTP mailer. If you 2536 have a local net that should get direct connects, you 2537 will need to use LOCAL_NET_CONFIG to catch these hosts. 2538 See cf/README for an example. 2539 CONFIG: add LOCAL_MAILER_ARGS (default: `mail -d $u') to handle 2540 sites that don't use the -d flag. 2541 CONFIG: hide recipient addresses as well as sender addresses 2542 behind $M if FEATURE(allmasquerade) is specified; this 2543 has been requested by several people, but can break 2544 local aliases. For example, if you mail to "localalias" 2545 this will be rewritten as "localalias@masqueradehost"; 2546 although initial delivery will work, replies will be 2547 broken. Use it sparingly. 2548 CONFIG: add FEATURE(domaintable). This maps unqualified domains 2549 to qualified domains in headers. I believe this is 2550 largely equivalent to the IDA feature of the same name. 2551 CONFIG: use $U as UUCP name instead of $k. This permits you 2552 to override the "system name" as your UUCP name -- 2553 in particular, to use domain-ized UUCP names. From 2554 Bill Wisner of The Well. 2555 CONFIG: create new mailer "esmtp" that always tries EHLO 2556 first. This is currently unused in the config files, 2557 but could be used in a mailertable entry. 2558 25598.1C/8.1B 93/06/27 2560 Serious security bug fix: it was possible to read any file on 2561 the system, regardless of ownership and permissions. 2562 If a subroutine returns a fully qualified address, return it 2563 immediately instead of feeding it back into rewriting. 2564 This fixes a problem with mailertable lookups. 2565 CONFIG: fix some M4 frotz (concat => CONCAT) 2566 25678.1B/8.1A 93/06/12 2568 Serious bug fix: pattern matching backup algorithm stepped by 2569 two tokens in classes instead of one. Found by Claus 2570 Assmann at University of Kiel, Germany. 2571 25728.1A/8.1A 93/06/08 2573 Another mailertable fix.... 2574 25758.1/8.1 93/06/07 2576 4.4BSD freeze. No semantic changes. 2577 25786.65/6.34 93/06/06 2579 Fix some lintish problems. 2580 Fix some cases where server SMTP behaved poorly when handed bogus 2581 input, pointed out by Eric Wassenaar. 2582 CONFIG: fix some more (sigh) mailertable bugs -- thanks to 2583 Motonori Nakamura of Kyoto University (again). 2584 25856.64/6.33 93/06/05 2586 Don't send 050 (-v) information after the 250 response to a QUIT 2587 command in srvrsmtp -- clients usually close the connection 2588 at this point, and it causes bogus error messages. 2589 Don't send messages that have errors on input (such as unbalanced 2590 parentheses) during SMTP transactions, since a return 2591 message has (probably) already been sent. 2592 Give better diagnostics on timeouts during network reads, including 2593 information similar to the SMTP phase. 2594 Fix bug that caused SMTP messages to deliver synchronously; this 2595 happened after the DATA 250, and hence caused reading the 2596 next command to be delayed. 2597 Ignore Errors-To: header unless 'l' (lower case el) header is 2598 specified. The Errors-To: header violates RFC 1123. 2599 Errors-To: was only needed to take the place of the 2600 envelope sender in the days when most Unix mailers 2601 didn't understand about the two kinds of senders. 2602 Don't send warning messages in response to automatically generated 2603 messages (that is, those From:<>). 2604 CONFIG: fix some rather stupid typos in the mailertable code 2605 pointed out by Motonori Nakamura of Kyoto University. 2606 CONFIG: add confUSE_ERRORS_TO configuration option. 2607 CONFIG: if ALWAYS_ADD_DOMAIN is selected, try to use $M 2608 (masquerade name) instead of $j. 2609 CONFIG: don't add dots to relay names (added in 6.29); it breaks 2610 several things, and can be simulated by dot terminating 2611 the names of relays. For example, use: 2612 DBbit.net.relay. 2613 (note the trailing dot). 2614 26156.63/6.32 93/06/01 2616 Fix prototypes to eliminate chars in argument lists -- some 2617 compilers are pissy about this. 2618 Log protocol ($r) and body type if set so we can determine if 2619 the adaptive algorithms are working. 2620 Pessimize on locking of database files (particularly for NEWDB 2621 databases) during opens. There were problems with 2622 processes opening the file while it was rebuilt; since 2623 NEWDB caches heavily, the reader opened an empty file, 2624 which is an error. If your system has the ability to 2625 lock atomically on open, this works properly; otherwise, 2626 there are race conditions. 2627 Check mod time on .pag file instead of .dir in NDBM aliases 2628 because the .dir file doesn't get updated for small 2629 alias files. From John Gardiner Myers of CMU. 2630 More Solaris portability -- it now compiles on Solaris, but 2631 hangs up in gethostbyname(). 2632 Move setting of RES_DEBUG flag before first myhostname() call 2633 so we can see name server traffic on that call. 2634 Fsync() queue files. 2635 Fix a problem that causes -bi to try to rebuild maps other than 2636 the alias file(s). 2637 Fix a problem that caused udb to reject entries from any but 2638 the first database listed. 2639 Rearrange doc subdirectory for 4.4BSD release tape. 2640 CONFIG: put $r into the Received line. This was an oversight. 2641 CONFIG: fix typo (call to ruleset 99 should have been rulset 90). 2642 CONFIG: move "auxiliary" subroutines to be in ruleset 90-99 2643 range -- in the long run, single digit rulesets may 2644 become reserved for builtin use by sendmail. 2645 CONFIG: fix major problem that causes host aliases (that is, 2646 anything in $=w != $j) to not be recognized. This has 2647 been around since 6.30. 2648 26496.62/6.31 93/05/28 2650 BETA RELEASE 2651 Fix recursive syserr (if there is an error printing a syserr 2652 message). This makes the code much less eager to consider 2653 a write error as serious. This also includes some 2654 heuristics to be clever about closed connections. 2655 Lock NEWDB files during gets. This requires version 1.5 or later 2656 of the db library. If you have an older version, you 2657 can use -DOLD_NEWDB. This will go away in a few weeks. 2658 Fix problem causing aliases that use host maps to get overwritten. 2659 Do appropriate byte swapping on port numbers in ident protocol 2660 code. Fix from Allan Johannesen of WPI. 2661 Defer opening of map files to the same time as alias files so that 2662 the daemon will tend to pick up new versions more promptly. 2663 Prototype a bunch more functions. 2664 Some Solaris 2.1 changes (still doesn't link though). 2665 Try to simplify Makefiles by including more subordinate #defines 2666 in conf.h (based on OS type). 2667 CONFIG: check for domains if FEATURE(mailertable) is defined. 2668 For example, if the host name is "knecht.cs.berkeley.edu" 2669 it will search the following mailertable keys: 2670 knecht.cs.berkeley.edu 2671 .cs.berkeley.edu 2672 .berkeley.edu 2673 .edu 2674 This could be used to replace the special relays for bitnet 2675 and similar nets. 2676 26776.61/6.30 93/05/24 2678 Fix problem that prevented appending dots on canonified host 2679 names. This breaks tons of config files -- very 2680 important fix. 2681 Fix improper pointer dereference in response to HELO command. 2682 Fix core dump if debugging set in map_rewrite. 2683 CONFIG: add FEATURE(always_add_domain) to always attach the 2684 local domain (only impacts local mail). 2685 CONFIG: try to avoid turning names into $j -- although 2686 technically a host can only have one "canonical name", 2687 it seems to be common practice to have several. 2688 26896.60/6.29 93/05/22 2690 Major change: merge alias databases with maps. This expands and 2691 changes the map class interface but fixes a bunch of bugs. 2692 The important user-visible change is that the file name 2693 in a K line now does not include the ".db" extension; this 2694 is added automatically. Also, the -d (NIS domain) flag is 2695 missing from the K config line; use @domain instead. 2696 When compiling, the *_MAP names are gone -- just compile 2697 in NDBM, NEWDB, and/or NIS support. 2698 Announce mailer/host/user triple on -bv flag -- from Brian 2699 Bullen of Stirling University. 2700 Don't send more than one line in response to HELO -- it confuses 2701 Pony Express, which then behaves very badly. However, 2702 this change does send two line 220 greetings, with the 2703 second line reading "ESMTP spoken here". The usersmtp 2704 module recognizes this and goes into ESMTP mode regardless 2705 of the setting of the "a" mailer flag. Thus, "a" means 2706 "always try EHLO". 2707 AIX portability changes (thanks to Christophe Wolfhugel of 2708 Herve Schauer Consultants (Paris) for providing me with 2709 an INSA account for this purpose). Lightly tested. Use 2710 -D_AIX3. This probably breaks compatibility with some 2711 older systems (e.g., 4.2bsd) but still works on SunOS 2712 4.1.2, Ultrix 4.2A, HP-UX 8.07, OSF/1 T1.3, and AIX 3.2.3. 2713 Fix a problem causing an error message loop if the output channel 2714 is hosed. 2715 Add the Makefiles that I use for various environments -- some are 2716 Berkeley make versions and some are old make versions. 2717 My makefile for the NeXT box has gotten lost, alas! 2718 PRALIASES: support for printing NEWDB databases. From 2719 Michael J. Corrigan of U.C. San Diego. 2720 CONFIG: don't pass pseudo-domains to $[ ... $] (if you have 2721 a wildcard MX it can have wierd results). From 2722 Christophe Wolfhugel. 2723 CONFIG: dot terminate relay hostnames in S0. From Christophe 2724 Wolfhugel. 2725 27266.59/6.28 93/05/13 2727 Log version with SMTP daemon startup message. 2728 Adjust setproctitle to work on NetBSD and BSD/386. 2729 Fix null pointer reference in MX fallback code. 2730 A bunch of minor fixes from Eric Wassenaar: 2731 If deliver cannot execv the mailer, return EX_OSERR 2732 instead of EX_TEMPFAIL (to give better 2733 error messages). 2734 Consistently malloc e_message. 2735 Catch degenerate case of calling returntosender() 2736 with an empty returnq. 2737 MIME reformatting. 2738 27396.58/6.28 93/05/13 2740 Fix bug that can cause incorrect verbose display of user smtp 2741 messages. 2742 Disable SMTP VERB command if PRIV_NOEXPN is set (since this 2743 could reveal the same information. 2744 Allow failure when reading SMTP greeting message to go on to 2745 next MX host. 2746 Add "MIME-Version: 1.0" header if using MIME (this was NOT 2747 included in RFC 1344, but Bill King of Allan-Bradley 2748 Company forwarded me email from Nathaniel Borenstein 2749 claiming that it was an inadvertent omission). 2750 Don't use Content-Type: X-message-header. According to John 2751 Myers of CMU, many MIME readers will completely ignore 2752 the data if they don't recognize it. Instead, just 2753 add a blank line to make it a legal (empty) message. 2754 Fix problem causing dots to keep getting appended to cached 2755 hostnames. This can cause buffer overrun conditions. 2756 The problem was found by Erik Forsberg of Retix, 2757 although I used a different bug fix than he provided. 2758 Fix parsing of split header/envelope rewriting specs -- from 2759 Eric Forsberg. 2760 Fix from Eric Wassenaar to correct To: lists in error messages. 2761 27626.57/6.28 93/05/11 2763 Fix minor glitch causing extra ctladdrs to be output to queue 2764 file. Just an annoyance. 2765 Cache results of name server canonification lookups to avoid 2766 backed up queue runs. 2767 Major rewrite of alias.c: considerable cleanup, plus sample 2768 (untested) support for NIS aliases. The "A" option 2769 can now be a comma separated list (or be repeated) -- 2770 that is, you can have multiple alias databases. Each 2771 database can have the syntax ``class:file''; if no class 2772 is specified, the "implicit" class is assumed. Implicit 2773 searches through a list of compiled in types -- hash, 2774 dbm, nis, and stab. Alias files are searched in the 2775 order they are listed. For example: 2776 OAhash:/etc/aliases.local,/etc/aliases 2777 OAnis:mail.aliases@my.nis.domain 2778 first searches the hash database /etc/aliases.local, 2779 then the regular /etc/aliases database, then the NIS 2780 map "mail.aliases" in the NIS domain "my.nis.domain". 2781 If in Verbose mode (probably from VERB command) run SMTP job 2782 in foreground and don't do RCPT optimizations. 2783 Add udb :mailsender as equivalent to owner- for regular aliases. 2784 Delete option 8; add option 7 that means the opposite. That is, 2785 default to 8-bit mode; a special option is needed to 2786 force sendmail into 7 bit mode. 2787 Send error messages in encapsulated MIME format. 2788 New compile flag "NIS" that turns on NIS alias and NIS map 2789 support. 2790 Add "j" option to send error messages in MIME (RFC 1341) 2791 encapsulated message format per RFC 1344. The 2792 syntax is pretty ugly if you don't have MIME-aware 2793 user agents. 2794 Clean up message handling (for display in mailq output). 2795 New setproctitle implementation for 4.4bsd. 2796 Create files (such as ~/dead.letter) using mode FileMode (the 2797 F option value) instead of 0666. 2798 Fix bug causing output of EXPN command to not be fully qualified. 2799 This may cause some problems with UUCP addresses that 2800 will require some config file assistance -- specifically, 2801 the $: part has to include the host name for this output 2802 to make sense. 2803 Fix a problem that sometimes diagnosed errors and still sent the 2804 message if the header syntax was bad. 2805 Fix a bug that caused an error message to be emailed when sendmail 2806 was operating in -bv mode. 2807 Add "ListenQueueSize" keyword to daemon options option (OO) to 2808 set the queue size parameter passed to listen(). You 2809 will normally have to tweak your kernel to up this. 2810 Strip spaces off of beginning of message-id before logging (in 2811 case it was folded across lines). 2812 Tweak compile flags in daemon.c -- there were some cases where 2813 it wouldn't work without NETINET. 2814 Change *file* mailer to output all the usual default headers 2815 (From, Date, Message-Id). It gets used when sending 2816 back error messages. 2817 CONFIG: explicitly catch and diagnose list:; syntax in ruleset 2818 zero -- this is not a valid recipient syntax according 2819 to RFC 821. 2820 CONFIG: add confMIME_FORMAT_ERRORS to send error messages in 2821 MIME format. Defaults to on. 2822 CONFIG: add SMTP_MAILER_FLAGS and UUCP_MAILER_FLAGS to augment 2823 the flags for those mailers. 2824 28256.56/6.27 93/05/01 2826 Fix problem that causes the fallback mail to postmaster 2827 (case ESM_POSTMASTER in savemail()) to not look at 2828 aliases (ugh). 2829 Some more HPUX tweaking (compile flag hpux => __hpux so it 2830 still works in ANSI mode). 2831 Don't try to flock non-regular files when mailing to a file. 2832 In particular, this was a problem if you tried to 2833 send to /dev/null. 2834 Fix a wierd bug that can cause senders to be queued as 2835 recipients if the name server is down when the mail 2836 is initially sent. This hack just ignores sender 2837 deletion (essentially, it sets the MeToo flag) if there 2838 is a TEMPFAIL during processing of the sender address. 2839 Obscure. 2840 Fix a dangling else problem -- from Brian Bullen from University 2841 of Stirling, UK. 2842 Add the "b" mailer flag to force a blank line on the end of 2843 messages. Some brilliant versions of /bin/mail insist 2844 on this but do not add it themselves. 2845 Add the "g" mailer flag to prevent user SMTP from sending 2846 "MAIL From:<>". This is only intended to be a 2847 transitional gesture, and should not be used if at 2848 all possible. It appears that Berkeley and IDA 2849 config files have always handled this properly; the 2850 UK config kit apparently does not. 2851 Don't lowercase and then capitalize header field names -- leave 2852 them with original capitalization. Fixes from Bill 2853 King of Allen-Bradley Company. 2854 Further cleanup and improved reporting of error messages, 2855 particularly conditions that cause messages to be 2856 requeued for future delivery. 2857 Tweak syslog priorities in some cases. 2858 CONFIG: clean up route-addr on UUCP addresses. 2859 28606.55/6.25 93/04/27 2861 HPUX 8.07 compatibility changes in getla() -- I had to make 2862 these changes to get it to work at Berkeley, although 2863 others seem to have been working before (???). 2864 Various patches to XLA code. 2865 Fix problem that causes setuid bit on files to be ignored from 2866 SMTP or in queue runs. Problem noted by Jason Ornstein 2867 of Under The Wire, Inc. 2868 Fix problem that can cause CNAMEs to be ignored. 2869 Generalize getmxrr to match local host in $=w instead of a 2870 single name passed in. 2871 Some cleanup from Eric Wassenaar: 2872 Use FileMailer instead of ProgMailer in two places. 2873 Eliminate duplicate 8th-bit stripping in commaize. 2874 Fix a problem with mis-parsing of backslash escapes 2875 under some circumstances. 2876 NIS map fix (was always including trailing null character) 2877 from Mike Glendinning of Ingres UK. 2878 Add "a" mailer flag to try using ESMTP. It tries the EHLO 2879 command and if that fails falls back to regular SMTP. 2880 Also parses EHLO option keywords. If host supports 2881 SIZE extension, this is added to the MAIL FROM: 2882 command. 2883 Extend "b" option to include a second value which is the 2884 maximum message size this server is willing to accept. 2885 For example, a value of "10/1000000" says that there 2886 must be ten blocks free, and sendmail will reject 2887 any message larger than one megabyte. 2888 Some portability hooks for NeXT (this could be applicable 2889 to Mach in general). You have to create an empty 2890 file called "unistd.h" to get it to compile. 2891 Adjust config values (MAXLINE, MAXATOM, and PSBUFSIZE) to 2892 be more generous. 2893 Add X400-Received: to the list of headers tagged with H_TRACE 2894 in conf.c. From Bill King, Allen-Bradley Co. 2895 28966.54/6.25 93/04/19 2897 Fix problem that caused redefinition of SMTP and QUEUE compile 2898 flags. Pointed out by Jon Forrest of the Sequoia 2000 2899 project at Berkeley. 2900 Properly handle \! hack -- it was treating host\!user as one 2901 token (host!user) instead of three (host, !, user). 2902 Fix from Eric Wassenaar of NIKHEF-H. 2903 Fix compilation problem in getauthinfo() if IDENTPROTO is off. 2904 Turn off DEFNAMES and DNSRCH when getting the hostsignature 2905 (i.e., MX records) in level 1 configuration files; this 2906 matches the old behaviour. From Motonori Nakamura of 2907 Kyoto University. 2908 Improve error message printing -- if sent through an alias, 2909 error messages include the name of the alias in the 2910 message. Unfortunately, in order to make this work 2911 properly in queue runs, this changes the format of the 2912 C line in the qf file. The relatively uselessness of 2913 the previous information was pointed out to me by 2914 Allan E Johannesen of WPI. 2915 Add XLA compile flag to add hooks to Christophe Wolfhugel's 2916 extended load average code. This is still in very early 2917 form. For information regarding the guts of the xla 2918 code, contact Christophe.Wolfhugel@grasp.insa-lyon.fr. 2919 Additional hooks for detecting tempfails in rewriting rules 2920 (that is, in map lookups). 2921 29226.53/6.25 93/04/15 2923 Properly diagnose ruleset zero returning null (instead of a mailer 2924 triple). From Motonori Nakamura of Kyoto University. 2925 More generalization of socket code for other protocols. 2926 Shorten timeouts on reverse name lookups -- since they are done 2927 during connection establishment, long timeouts here can 2928 cause higher level timeouts. This mainly serves to accept 2929 mail from hosts that do not have proper reverse (PTR) DNS 2930 records set up. 2931 Reset e_statmsg before each mailer invocation to avoid bogus 2932 messages in the log. 2933 Redefine $r, $s, and $_ in error envelopes so you don't get 2934 incorrect cruft in the error message. Problem noted by 2935 Motonori Nakamura of Kyoto University. 2936 Fix a problem that can cause failure to return errors to Postmaster 2937 in certain cases. From Motonori Nakamura. 2938 Fix a problem that can cause some systems to give duplicate error 2939 messages when a bad syntax address such as "<a" is presented 2940 to an SMTP server. It doesn't seem to occur on all 2941 machines. From Motonori Nakamura. 2942 Default IDENTPROTO off for Ultrix and HPUX, which apparently have 2943 the interesting "feature" that when they receive a "Host 2944 unreachable" message they closes all open connections to 2945 that host. However, some firewall gateways send this message 2946 if you try to connect to an unauthorized port, such as the 2947 IDENT port (113). Thus, no email can be received from such 2948 hosts. There is some evidence that versions of Ultrix before 2949 4.3 do not have this problem. Thanks to Tom Ivar Helbekkmo 2950 for pointing out this behaviour to me and to Michael Corrigan 2951 of U.C. San Diego for informing me about the HPUX problem. 2952 Allow IPC mailers to return a colon-separated list of hosts in the 2953 $@ clause; these are searched in order as though they were 2954 MX records. 2955 When sending an error report, print the list of addresses tagged 2956 as bad. Requested by Allan E Johannesen of WPI. 2957 Change map function calls to return a status code. This gets 2958 passed back as the result of rewrite. Parseaddr marks 2959 the address as a QUEUEUP address if the return code is 2960 EX_TEMPFAIL. All this to queue properly if the name 2961 server is down. This code is not well tested. This code 2962 changes the interface to map lookup functions (a fifth 2963 parameter, int *statp, is added). Feature requested by 2964 Dan Oscarsson. 2965 Don't delete quotes (in the dequote map) if there are spaces in 2966 the string, since this would cause them to be replaced by 2967 the SpaceSub character. 2968 Accept BODY=8BITMIME on SMTP MAIL command. This isn't advertised 2969 because the 8BIT to 7BIT translation doesn't exist yet. 2970 This does add a "bodytype" field to both envelope and 2971 queue file and a -B command line flag to pass the type in 2972 during direct invocations. 2973 Discard return error messages only on responses to responses to 2974 responses, not on responses to responses. That is, the 2975 algorithm is to try return to sender, then return to 2976 postmaster, then discard. Previously it discarded 2977 immediately if the return to sender pass failed. 2978 CONFIG: back out change to hide unqualified hostnames behind %-hack. 2979 This screws up local aliases and .forward files. 2980 CONFIG: add FEATURE(nocanonify) to turn off calls to $[ ... $]; 2981 some sites only handle completely canonified names. 2982 Requested by John Gardiner Myers of CMU. 2983 CONFIG: some UUCP code was still included even if FEATURE(nouucp) 2984 was specified. 2985 29866.52/6.24 93/04/10 2987 Clean up some minor glitches on error return messages pointed out 2988 by Motonori Nakamura of Kyoto University. 2989 Fix reply() to not reset SmtpReplyBuffer on fatal errors; this 2990 was supposed to reset SmtpMsg Buffer. This makes the 2991 client side code virtually useless. Reported by Allan 2992 E Johannesen of WPI and Phil Brandenberger of Swarthmore. 2993 Better debug messages if fuzzy is disabled, suggested by Allan 2994 E Johannesen of WPI. 2995 Offset SmtpReplyBuffer by four in usersmtp when checking for 2996 loopback. From Eric Wassenaar. 2997 Don't set $s until after runinchild in srvrsmtp -- otherwise 2998 it gets cleared. From Eric Wassenaar. 2999 Implement IDA-style $&x for deferred macro expansion. 3000 More POSIX compatibility. 3001 CONFIG: Hide unqualified hostnames behind %-hack using $s as the 3002 actual sender. This is only done if $r is non-null, that 3003 is, if this is not locally submitted mail. 3004 CONFIG: Add FEATURE(bitdomain) allowing mapping of BITNET host 3005 names to internet domains. A program contributed by 3006 John Gardiner Myers of CMU to create the maps is included 3007 in the contrib directory (in the "misc" tar file). 3008 CONFIG: Add FEATURE(uucpdomain) for a similar mapping for UUCP 3009 hosts. There is currently no tool to create this map. 3010 30116.51/6.23 93/04/04 3012 Add D= mailer flag to specify a path of possible working directories 3013 in which to execute the mailer. This is intended for the 3014 prog mailer; some shells can get upset if they don't have 3015 access to the current directory. 3016 Add RFC 1413 (IDENT) protocol support. This is only very loosely 3017 tested. This adds a $_ macro to be the authenticated 3018 info (in ``user@domain [address]'' form) and debug flag 3019 9 to trace the protocol. 3020 Check for loopbacks in usersmtp instead of srvrsmtp -- there is no 3021 reason for a local agent to not be talking to the localhost 3022 (although the inverse is not true). 3023 Add a few hooks for automated map rebuilding. This is certainly 3024 not done yet. 3025 CONFIG: Have prog mailer specify a path of ``D=$z:/'' -- that is, 3026 user's home directory then the root. 3027 CONFIG: Log RFC 1413 identification in Received: line. 3028 30296.50/6.22 93/04/01 3030 Fixes to requeueing code to make it compute priority, nrcpts, 3031 and the like properly. 3032 30336.49/6.22 93/04/01 3034 Diagnose incorrect privacy flags. Suggested by Bryan Costales 3035 of ICSI. 3036 Some ANSI C fixes. 3037 Arrange to quote backslashes as well as other special characters 3038 in the phrase part of a route-addr. 3039 Some fixes to FallBackMX code suggested by Motonori Nakamura of 3040 Kyoto University. 3041 More vigorous zeroing of CurHostAddr to avoid logging of bogus 3042 host addresses when you are actually just printing 3043 information from the MCI structure; problem noted by 3044 Michael Corrigan of U.C. San Diego. 3045 Don't ignore rest of queue if any job is not runnable. This can 3046 also cause an incorrect job to be lost. Fix from 3047 Eric Wassenaar. 3048 Always respond "quickly" to RCPT command; do alias expansion and 3049 the like later. This also means that mail for lists that 3050 have errors will be acccepted, and an error sent back 3051 later. This is done by instantiating the queue file 3052 and then immediately running and requeueing it. 3053 30546.48/6.22 93/03/30 3055 Fix incorrect diagnosis of infinite loop in ruleset. Problem noted 3056 by several people. 3057 Improve information printed when infinite loops are discovered. 3058 Zero CurHostAddr to fix erroneous internet addresses in log when no 3059 addresses can be bound. Pointed out by Motonori Nakamura 3060 of Kyoto University. 3061 "Probe" SMTP connections using RSET instead of NOOP "just in case". 3062 Suggested by John Gardiner Myers of CMU. 3063 Don't warn about -f if you are setting sender to yourself. 3064 30656.47/6.22 93/03/29 3066 Fix incompatible call to endmailer in smtpquit which causes core 3067 dumps. Noted by Allan E Johannesen of WPI. 3068 HPUX portability changes from Michael J. Corrigan of UC San Diego. 3069 Require MAIL before RCPT command in srvrsmtp.c. This had been 3070 intentional from the 821 draft days when the order wasn't 3071 clear, but is silly now. 3072 Fix bug in nis_magic routine that was initializing parameters 3073 incorrectly. Fix from Takahiro Kanbe of Fuji Xerox 3074 Information Systems Co., Ltd. 3075 Change default for PrivacyFlags in conf.c to 0 -- since it always 3076 "or"s in new values, there was no way to turn off the 3077 AuthWarning stuff. 3078 Add O option to set SMTP daemon options. 3079 Add V option to set fallback MX host. This always sorts at lower 3080 priority than anything it gets from the name server. It 3081 should only be used for environments with very bad network 3082 connectivity. Requested by several people. 3083 Log sending info. It's not clear this is a good idea. 3084 CONFIG: fix typo in mailertable code. Noted by Phil Brandenberger 3085 of Swarthmore. 3086 CONFIG: add confDAEMON_OPTIONS and confFALLBACK_MX to set options 3087 O and V, respectively. 3088 30896.46/6.21 93/03/26 3090 Fix botch in server SMTP that broke transactions that did not 3091 use HELO first (like MH). Fix from Michael Corrigan 3092 of U.C. San Diego. 3093 Fall back to other MX records if there is an error anywhere 3094 in delivery (actually on MAIL or DATA -- RCPT is harder). 3095 Suggested by John Gardiner Myers and Motonori Nakamura. 3096 Revert to non-prototypes -- it turns out that our ANSI C 3097 compiler is more forgiving than most others about 3098 mixing prototyped extern declarations with non-prototyped 3099 function definitions. 3100 Fix a problem with multi-word class matching pointed out by 3101 Neil Rickert. Given: 3102 CX b a.b.c 3103 R$+ $=X $+ $: $1 < $2 > $3 3104 the input "user@a.b.c" failed instead of being properly 3105 rewritten as "user@a.<b>.c". 3106 Neil also convinced me that it was correct that $~ should match 3107 only one token -- the problem is that it's always possible 3108 to add another token, so $~ matches far too eagerly. 3109 31106.45/6.21 93/03/25 3111 Implement multi-word classes (properly!). 3112 31136.44/6.21 93/03/25 3114 Add X-Authentication-Warning: headers to clue users into possible 3115 attempts to forge mail. This is on the authwarnings 3116 privacy flag, but is the default. Suggested by Bryan 3117 Costales of ICSI. 3118 Pass default units for convtime in so they can be more reasonable. 3119 Allow config files to always add a new Comments: header (i.e., 3120 they will be added even if an old one already exists). 3121 Suggested by Bryan Costales of ICSI. 3122 Allow config files to delete an existing Return-Path: header. 3123 These should only be added at final delivery. Suggested 3124 by Bryan Costales of ICSI. 3125 Some debugging additions. Suggested by Bryan Costales of ICSI. 3126 Clean up logging of Family 0 addresses. Noted by David Muir 3127 Sharnoff and others. 3128 Add a "dequote" map class. This allows config files to strip 3129 quotes off of addresses. Note that this is not a builtin 3130 map, just a class -- so you have to define the map 3131 using the K line. 3132 Fix a bug in the queueup() loop getting a locked tf where in 3133 very odd cases it can fall off the bottom and core dump. 3134 Of course, it was P{r Emanuelsson who found it.... 3135 Open a new transcript when splitting an envelope. Problem found 3136 by Allan E Johannesen of WPI. 3137 Improved error output in endmailer if the mailer core dumps. 3138 CONFIG: Fix typo in UUCP mailer definition. 3139 CONFIG: Default several of the new options on: eight bit input, 3140 privacy flags set to "authwarnings", and message warning 3141 set to 4h. 3142 CONFIG: Use dequote map. 3143 31446.43/6.20 93/03/23 3145 Fix problem with assumption of an sa_len field in a generic 3146 sockaddr -- it turns out that most vendors haven't 3147 picked up this (very important) fix. 3148 Change compilation flags for daemon code -- select one or both 3149 of NETINET or NETISO, but don't ever set DAEMON manually. 3150 CONFIG: add FEATURE(mailertable) to do IDA-style mailertables. 3151 31526.42/6.19 93/03/19 3153 Use Postmaster as default fallback return address, not root. 3154 POSIX changes for file descriptor handling. 3155 Diagnose errors writing new queue file. 3156 If you change the owner using an owner- alias, also change the 3157 error mode to EM_MAIL so that errors don't get dropped 3158 into an inappropriate directory. Problem noted by 3159 Allan E Johannesen of WPI. 3160 If you are su'ed to root, send email as who you really are, not 3161 as root. From Brian Kantor of U.C. San Diego. 3162 Allow warning messages to be sent after a configurable interval 3163 has passed without delivery. The message is sent only 3164 once per envelope. This changes the format of the qf 3165 file to have an F line, and the format of the T option 3166 to accept take the format "return/warn" (both intervals). 3167 Don't force all local names to lower case -- this was left over 3168 from the wierd handling of case mapping on aliases. It 3169 is now driven (as expected) by the "u" mailer flag. 3170 Problem noted by P{r Emanuelsson. 3171 Fix problem that caused headers on returned email to be trashed; 3172 they were getting freed, but are still accessible via 3173 BlankEnvelope. 3174 Fix problem that caused bogus ids to be created on returned 3175 mail. 3176 Add support for ISO and other non-INET networking. This is by 3177 no means finished yet. This does assume a lot of other 3178 system support, like a version of gethostbyname that 3179 returns non-AF_INET addresses. 3180 CONFIG: change default on prog mailer to keep upper case in 3181 user names (i.e., in the program command line). 3182 CONFIG: strip trailing dots off of hosts in uucp mailer before 3183 convert to bang format. 3184 CONFIG: create new "relay" mailer for $R (LOCAL_RELAY) and $H 3185 (MAIL_HUB) delivery that doesn't add local domain. Note 3186 that this violates 821, but is probably "more correct" 3187 for what we are trying to do. Problem pointed out by 3188 Michael Graff of Iowa State. 3189 31906.41/6.18 93/03/18 3191 Clean up unnecessary creates of queue ids (i.e., empty qf files) 3192 when not needed, such as when starting up an SMTP 3193 connection. 3194 Fix problem where split envelopes aren't instantiated in the queue. 3195 This is quite a serious bug. 3196 Owner- aliases had problems with leading spaces causing a 3197 premature delimitation. 3198 31996.40/6.18 93/03/18 3200 Have ending 250 (after DATA) include the id; suggested by 3201 Brian Kantor of UC San Diego. 3202 Add logging on envelope splitting. 3203 Change queue ids to have one more letter encoding the hour of 3204 the day so that during a single day there is a greater 3205 likelihood of uniqueness; requested by Brian Kantor. 3206 32076.39/6.18 93/03/18 3208 Fix minor compile problem if LOCKF is defined. 3209 Define size of tobuf in conf.h. Observed by Toshinari Takahashi 3210 of Toshiba. 3211 Restore e_sender -- this is equivalent to e_from.q_paddr without 3212 decorations such as angle brackets and comments. 3213 OSF/1 on Alpha changes from Allan E Johannesen of WPI. 3214 CONFIG: fix typo in S3 for list syntax (;: => :;). Thanks to 3215 Christopher Hoover for noting the problem. 3216 32176.38/6.17 93/03/17 3218 Pass envelope to disconnect to avoid another use of CurEnv, which 3219 can apparently end up being null at inopportune times. 3220 Log "received from" as "relay=" for consistency (suggested by 3221 John Gardiner Myers). 3222 Fix major bug in header handling: if no From: line existed in 3223 the header (so sendmail inserts one), and the sender is 3224 an alias that has an owner, the From: line shows the 3225 owner (as well as the envelope). Fixed by early binding 3226 the headers (which will change debugging output). 3227 HPUX portability patches from Michael J. Corrigan of UC San Diego. 3228 Some attempts to adapt better to out of open file conditions. 3229 Some changes to ctladdr handling in queue files. 3230 32316.37/6.17 93/03/16 3232 MAJOR CHANGE: delete e_sender and e_returnpath (why are these 3233 different from e_from?) and $< macro. 3234 Log correct IP address in relay= field even if the connection 3235 times out. 3236 Log "received from [RESPONSE]" on EF_RESPONSE messages (from 3237 John Gardiner Myers). 3238 Fixes to SysExMsg logging (sometimes just got "message: %s" 3239 instead of "message: error message"), noted by Eric 3240 Wassenaar. Also reported by Motonori Nakamura. 3241 Improvements to MX piggybacking code, from Motonori Nakamura. 3242 Fix case where CurHostName points to an auto variable that has 3243 been deallocated (from Motonori Nakamura). 3244 Fix bug causing newlines to be included in aliases if option 3245 "n" (check alias RHS) is set; bug noted by David Muir 3246 Sharnoff. 3247 Fix problem causing user names that should be mapped to lower 3248 case to not be mapped if they are sent during a queue 3249 run. This greatly simplifies the case mapping code. 3250 Problem noted by Allan E Johannesen of WPI. 3251 Don't do recipient address rewriting in buildaddr. This 3252 improperly did recipient rewriting on sender addresses, 3253 and just seems bogus in general -- but the change could 3254 break some .cf files. 3255 Pass TZ envariable to child processes for System V. 3256 CONFIG: allow LOCAL_RULE_1 and LOCAL_RULE_2 if you want to 3257 define those rulesets. 3258 KNOWN PROBLEM: I have seen some problems on SunOS that causes 3259 the User Data Base to give errors on some addresses. I 3260 have tracked the problem back at least as far as 93.02.15 3261 (version 6.22). Running with debugging on makes it 3262 go away, so I conclude that it is referencing uninitialized 3263 stack data. I haven't been able to track this down yet. 3264 32656.36/6.16 93/03/08 3266 Allow local mailer to specify $@host -- this lets you assign the 3267 "foo" part of jgm+foo to $h for passing in to the local 3268 mailer. 3269 Additional debug printing in getcanonname (show query type). 3270 Don't add the e_fromdomain on sender addresses -- this interacts 3271 wierdly with the owner- code. 3272 Improve delivery logging to not log obvious or meaningless stuff. 3273 Include numeric IP address in Received: lines per RFC 1123 section 3274 5.2.8. 3275 Fixed a bug in checking stat() return value if restrictmailq is 3276 set. Also, check the entire group set instead of just the 3277 primary group. Both from John Gardiner Myers. 3278 Don't have usrerr automatically print errno, since this is often 3279 misleading. 3280 Use transienterror() in makeconnection after connect() fails and 3281 in openmailer after execve() fails (from Eric Wassenaar). 3282 Also moved transienterror() from util.c to conf.c. 3283 Clean up from= logging on response messages. 3284 Undo patch allowing prescan to return a null vector -- it breaks 3285 too many things. 3286 Config: FEATURE(notsticky) lets you use UDB for everything coming 3287 in to the machine, even if it is specifically targetted 3288 to this machine. Without it, UDB is bypassed if the user 3289 name is fully qualified. 3290 Config: fix another minor botch with <> (local mailer wasn't 3291 mapping them properly). 3292 32936.35/6.15 93/03/05 3294 Fix getrealhostname to return null if sinlen <= 0 -- this can 3295 occur if stdin is a pipe. 3296 Avoid infinite loop in getcanonname if name server return 3297 NO_DATA (for example). 3298 Config: avoid having C flag qualify list syntax and error syntax. 3299 33006.34/6.14 93/03/05 3301 Fix logging in deliver to not pass too many parameters to Ultrix 3302 versions of syslog. 3303 Don't write the pid file until after the daemon has actually 3304 opened and conditioned the connection. 3305 Consider addresses "different" if their q_uids differ (so that 3306 two users forwarding to the same program will be seen 3307 as different, rather than the same). 3308 Fix problem with bad parameters in main() -- they set ExitStat 3309 but don't exit. 3310 Fix null pointer references through RealHostName -- painfully 3311 discovered by Allan E Johannesen of WPI. 3312 Fix bug causing user@@localhost to core dump (yuch). 3313 Config: don't put two @host.dom.ain on users in $=E in SMTP 3314 mailer. Also, catch user@ (no host) in ruleset 0. 3315 33166.33/6.13 93/03/03 3317 Config: add confCW_FILE as the name of the cw configuration file 3318 (defaults to /etc/sendmail.cw). From P{r Emanuelsson. 3319 Allow prescan to return a pointer to an empty list -- this is 3320 not an error. Also, clean up error reporting to avoid 3321 double errors (prescan reports once, then the caller 3322 reports again). 3323 Changes to avoid trusting T_ANY queries -- run them, but if you 3324 don't get the info you expected, do T_A and T_MX queries 3325 anyhow. This also fixes an oversight where _res.options 3326 bits were being ignored. 3327 If PRIV_NOVRFY is set, use 252 response code instead of 502 per 3328 RFC 1123 section 5.2.3. It's not 100% clear that this 3329 is correct, but it probably works better with stupid 3330 mailers that do a VRFY and only check the first digit. 3331 33326.32/6.12 93/03/02 3333 Fix uninitialized variable "protocol" in smtp code. 3334 Include <unistd.h> in sendmail.h -- move towards POSIX/ANSI. 3335 Additional hooks for RFC 1427 (ESMTP SIZE extension). This 3336 includes requiring that enoughspace() know the system 3337 block size, which will undoubtedly break most ports. 3338 Trace flag 19 in use for srvrsmtp.c. 3339 Additional logging -- notably the sending mailer name. This 3340 also changes the delivery logging to strict field=value 3341 syntax. 3342 Fix some problems with messages getting sent even to addresses 3343 that had been marked bad -- from Eric Wassenaar. 3344 More WIDE changes: accept host name inside [...] as non-MXed 3345 host. This is intended ONLY for use inside firewalled 3346 environments, where the MX points at the gateway. 3347 Change .cf file conventions so that mapping for <> addresses 3348 don't have an @ in them (to avoid confusing the C mailer 3349 flag). Pointed out by Neil Rickert. 3350 Config extensions for Sam Leffler's FlexFAX software. 3351 33526.31/6.10 93/02/28 3353 Fix some more bugs in alias owner code -- there were some wierd 3354 cases where an error in a non-aliased name would override 3355 the return info in an aliased name with an owner. 3356 Changes from WIDE Project, forwarded to me by Motonori Nakamura: 3357 Log actual delivery host (after MX et al); from 3358 yasuhiro@dcl.co.jp. 3359 Log daemon startup. 3360 Deliver Postmaster copies without a body. 3361 Better logging of SMTP senders. 3362 Send all program email as daemon even when local. 3363 As requested in various forms from many people, accept -qIstring 3364 to limit queue runs to jobs with queue-id matching string. 3365 Similarly for -qRstring for recipients, -qSstring for 3366 senders. 3367 Initial hooks for ESMTP support (see RFC 1425). 3368 Fixed a syntax error in the UUCP mailer specification that caused 3369 core dumps on startup. 3370 Check for missing A= or P= arguments in mailer definitions. 3371 33726.30/6.10 93/02/27 3373 Require FROZENCONFIG compilation flag to include frozen 3374 configuration code. Frozen configuration is really 3375 not a very good idea any more, particularly in shared 3376 library environments. 3377 Do better checking of errno after opens of :include: and .forward 3378 files to defer delivery on network and other transient 3379 errors. Suggestion from Craig Everhart. 3380 Fix minor botch in read timeout macro processing. 3381 Add FEATURE(nouucp) to config files for sites that know absolutely 3382 nothing about UUCP. 3383 Add built cf files to distribution tape and clarify how to build 3384 them if you don't have the Berkeley make. 3385 Some sizeof(long) portability changes for the Alpha, from Allan 3386 E Johannesen. 3387 Add "restrictmailq" privacy flag -- if set, only people in the same 3388 group as your queue directory can print the queue. If you 3389 set this, be sure you also restrict access to log files.... 3390 Fix another bug in owner-list stuff that can cause data files to 3391 be "lost". 3392 Fix a bug with queue runs that cause forwards to yourself to go 3393 into alias/forwarding loops. I'm still iffy about this 3394 fix. 3395 Fix from Eric Wassenaar for suppression of return message code. 3396 33976.29/6.9 93/02/24 3398 Fix yet another problem in alias owner code -- put the wrong return 3399 address on the enclosed return-to-sender letter. 3400 34016.28/6.9 93/02/24 3402 Fix botch in alias owner code that caused it to not operate if the 3403 error was detected locally. 3404 34056.27/6.9 93/02/24 3406 M_LOCAL => M_LOCALMAILER to avoid conflict with Ultrix include 3407 file <sys/mount.h>. 3408 Miscellaneous bug fixes from Eric Wassenaar: 3409 sendmail -bv -t logs the from line even though in verify 3410 mode only. 3411 sendmail -v can go into queue mode if shouldqueue returns 3412 TRUE. 3413 Add route-addr pruning per RFC 1123 section 5.3.3. This can be 3414 disabled using the "R" option. 3415 Delete (always undocumented) -R flag (save original recipients); 3416 there are ways to syslog(3) these now. 3417 Clean up SMTP reply codes -- specify them as needed in the code, 3418 instead of in conf.c -- this was needed during the NCP to 3419 TCP transition, but seems silly now. This also changes 3420 parameters to message and nmessage. 3421 Have mailstats read the .cf file to find the sendmail.st file and 3422 get text versions of mailer names. An initial version of 3423 this code was provided by Tuominen Keijo (although the 3424 comments indicate the good bits were written by "E.V."). 3425 Add yet more System V compatibility hacks. 3426 Fix bug in VRFY code (assumes everything must be a local user). 3427 Allow specification of any of the hard-wired pathnames in the 3428 Makefile. 3429 Delete concept of "trusted users" -- this really didn't provide 3430 any security anyway, and caused some problems. 3431 Delete last vestige of support for the word "at" as an equivalent 3432 to the character "@". 3433 Propagate owner-foo alias information into the envelope sender. 3434 Based on code from John Gardiner Myers. This is a major 3435 semantic change -- beware! 3436 Allow $@ on LHS to indicate "match zero" -- this is used to match 3437 the null expression. 3438 34396.26/6.8 93/02/21 3440 Don't "lose" queue runs. Very important fix from (who else?) 3441 Eric Wassenaar. 3442 Completely reset state on RSET command -- from Eric Wassenaar. 3443 Send error messages and return receipts using an envelope sender 3444 of <> regardless of the setting of $n. Rewriting rules 3445 can undo this if they feel the necessity, as might be 3446 needed for networks that don't understand the syntax. 3447 This is permitted by RFC 821 section 3.6 and required by 3448 RFC 1123 section 5.3.3. THIS REQUIRES VERSION 4 CONFIG 3449 FILES because the rulesets must be able to parse <> 3450 properly. 3451 Don't ever send error messages to "<>" -- they will get sent to 3452 the local postmaster or dumped in /usr/tmp/dead.letter 3453 instead. Per RFC 1123 section 5.3.3. 3454 Explicitly check for email to yourself as a dotted quad. You 3455 have to call $[ [ ... ] $] to get this. 3456 Up the message timeout to five days per RFC 1123 section 5.3.1.1. 3457 Make all read timeouts individually configurable, as strongly 3458 recommended by RFC 1123 section 5.3.2. 3459 Use f_bavail (blocks available to regular users) instead of f_bfree 3460 (blocks available to superuser) in free block checks. 3461 Change $d macro to be the current time, not the origination time, 3462 since this is consistent with how it is used now. 3463 Generalization of enoughspace from Eric Wassenaar covering 3464 SGI, Apollo, HPUX, Ultrix, and SunOS. 3465 Ignore process group signals -- some front ends can do this if 3466 you kill a window too quickly. From Eric Wassenaar. 3467 Change umask to 022. 3468 34696.25/6.8 93/02/20 3470 Close all cached connections before calling mailers and after 3471 forking for delivery (caused double closes which resulted 3472 in false errors). 3473 Add FEATURE(redirect) in config files -- this allows you to alias 3474 old addresses to a pointer to the new address that will 3475 give a 551 error message, but not deliver the mail. 3476 Some code changes to make the 551 errors look pretty. 3477 Names of M4 program paths in config files have changed -- they 3478 are all XXX_MAILER_PATH now, to match XXX_MAILER_FLAGS. 3479 Fix a bug in the QSELFREF code having to do with empty .forward 3480 files, reported by Eric Wassenaar. 3481 Add option "p" (privacy flags); this allows you to tune how 3482 picky the SMTP server will be. This also adds the 3483 confPRIVACY_FLAGS M4 macro in the config files. 3484 Add option "b" (minimum blocks free). If there are fewer than 3485 this number of blocks free on the filesystem containing 3486 the queue directory, the SMTP MAIL command will return 3487 a 452 response and ask you to try again later. This 3488 also adds the confMIN_FREE_BLOCKS M4 macro in the config 3489 files. 3490 Made VRFY just verify (doesn't expand aliases and .forward files); 3491 EXPN does full expansion. RCPT in queue-only mode also 3492 doesn't chase aliases and .forward. 3493 34946.24/6.7 93/02/19 3495 Increase the number of domain search entries in domain.c to allow 3496 for the extra "" entry indicating the root domain. 3497 Reported by Motonori Nakamura of Kyoto U. 3498 Add a "SMART_HOST" in the configs for UUCP-connected sites that 3499 want to forward all mail with extra "@"s to that site. 3500 Also allows SMART_HOST, LOCAL_RELAY, and MAIL_HUB to 3501 be specified as ``mailer:hostname'' to use an alternate 3502 mailer. 3503 Clarified and updated some wording in the Operations Guide. 3504 Add the "c" mailer flag -- this suppresses all comment parts of 3505 addresses (requested by John Curran of NEARnet). 3506 Have -v print prompts in -bt mode even if stdin is not a terminal 3507 (default behaviour is to be silent if not reading from 3508 a terminal). Suggested by Bryan Costales, ICSI. 3509 Move the metacharacters from C0 space (\001-\037) into C1 space 3510 (\201-\237). This also fixes a bunch of potential bugs 3511 with G1 characters (\240-\276) in headers relating to 3512 negative numbers passed to isspace() et al. 3513 Add YP_LAST_MODIFIED and YP_MASTER_NAME to DBM version of alias 3514 database if YPCOMPAT is #defined. Enhancement from 3515 Takahiro Kanbe of Fuji Xerox Information Systems Co., Ltd. 3516 Add "list" Precedence (-30); this can be used with old sendmails 3517 which will map to precedence 0 (which will return error 3518 messages). Suggested by Stephen R. van den Berg. 3519 Many bug fixes from Eric Wassenaar of the National Institute for 3520 Nuclear and High-Energy Physics, Amsterdam: 3521 Clear timeouts properly on open failures in include(). 3522 Don't dereference through NULL if no home directory found. 3523 Re-establish SIGCHLD signal on System 5 in reapchild(). 3524 Avoid NULL pointer reference on -pFOO flag. 3525 Properly handle backslash escapes in comments. 3526 Correctly check reply status on SMTP NOOP command. 3527 Properly save SMTP error message if peer gives 3528 "Service Shutting Down" message. 3529 Avoid writing to the transcript if it couldn't be opened. 3530 Signal errors in SMTP children to parent properly. 3531 Handle self references in a list more globally (include a 3532 QSELFREF bit in the address flags). This enhancement 3533 was suggested by Eric Wassenaar. 3534 Use initgroups() in hpux, even though it's System-V based. The 3535 HASINITGROUPS compile flag can set this on other systems. 3536 This HPUX behaviour was pointed out by Eric Wassenaar. 3537 35386.23/6.6 93/02/16 3539 Clean up handling of LogLevel to make it easier to figure out 3540 what's on what level. 3541 Change log levels to have some consistency: 3542 1 serious system failures, security problems 3543 2 lost communications, protocol failures 3544 3 other serious failures 3545 4 minor errors 3546 5 message collection 3547 6 vrfy logging, creation of return-to-sender 3548 7 delivery failures 3549 8 delivery successes 3550 9 delivery tempfails (queue ups) 3551 10 database expansion 3552 >64 debugging 3553 Allow IDA-style separated processing on S= and R= in Mailer 3554 definition lines. Note that rulesets 1 and 2 are 3555 still used for both addresses as before. Bruce Lilly 3556 gave a convincing argument that RFC976 insists on 3557 this behaviour. 3558 Added some time zones to arpatounix -- they may not be in the 3559 standards, but they are in use. However, I may delete 3560 arpatounix entirely -- there appears to be no reason 3561 for it to exist. 3562 Change to UUCP mailer (in cf directory) to try to do a saner job. 3563 I'm still not certain about this mailer in general. 3564 35656.22/6.5 93/02/15 3566 Fix bug that prevents saving letters in ~/dead.letter. 3567 Don't add angle brackets in VRFY command if angle brackets already 3568 exist in the address. 3569 Fix bogus error message in udbexpand. 3570 Null terminate host buffers in buildaddr (broken in 6.21) -- 3571 IMPORTANT FIX!! 3572 35736.21/6.5 93/02/15 3574 Fix another incorrect error message in alias.c, found by Azuma 3575 Okamoto. 3576 Fix a couple of problems in the more-configurable config files, 3577 found by Tom Ivar Helbekkmo. 3578 Fix problem with quoted :include: entries. 3579 Don't duplicate the filename on verbose printing of .forward and 3580 :include: contents. 3581 Extend size of prescan buffer (to allow bigger addresses). Also, 3582 detect some buffer overflows. 3583 Log user SMTP protocol errors (log level 4). 3584 35856.20/6.4 93/02/14 3586 Fix another problem in the MCI state machine caused when there 3587 were errors generated from the other end to commands 3588 other than RCPT. 3589 35906.19/6.4 93/02/14 3591 Include load average support for DEC Alpha running OSF/1. 3592 Fix multiple-response problem with errors in MAIL From: line. 3593 Fix SMTP reply codes for invalid address syntaxes (give 501; 3594 never give multiple error messages for a single message). 3595 Fix problem where a cached connection timeout rejects all 3596 later connects to that host. 3597 Fix incorrect error message if alias.c is compiled with DBM only. 3598 Additional changes to fix nested conditionals (from Bruce Lilly). 3599 Recover more gracefully from operating system failures, particularly 3600 NULL returns from openmailer (from Noritoshi Demizu, 3601 OMRON Corporation). 3602 Log forward, alias, and userdb expand operations on log level 10; 3603 concept suggested by P{r (Pell) Emanuelsson. 3604 Changes for HPUX 8.07 compatibility. 3605 36066.18/6.4 93/02/12 3607 Allow any config option to be set using an M4 define. 3608 Change UNAME compile flag to HASUNAME for IDA compatibility 3609 (besides, it's a better name). 3610 Note in README that on SunOS it must be linked -Bstatic. 3611 Fairly major change in domain.c to handle wildcard MX records 3612 more rationally. NOTE: the "w" option (no wildcard MX 3613 records match local domain) has been eliminated. 3614 Fix some unset variable references pointed out by Bruce Lilly. 3615 Fix host name in process titles when using cached connection. 3616 36176.17/6.3 93/01/28 3618 Fix System 5 compatibility changes to be compatible with the rest 3619 of the world. 3620 36216.16/6.3 93/01/28 3622 Experimental fix for problem handling errors in the SMTP 3623 protocol in conjunction with connection caching. 3624 System 5 compatibility changes. 3625 36266.15/6.3 93/01/26 3627 Fix a bug that causes local mail delivered using -odq to be 3628 eliminated as a duplicate (because it matched the 3629 ctladdr, now passed in as a C line). These changes 3630 are pretty tricky...... 3631 36326.14/6.3 93/01/25 3633 Add debugging for some MCI errors. 3634 36356.13/6.3 93/01/22 3636 Fix -e compatibility flag to take a value. 3637 Fix a couple of minor compilation warnings on Sun cc. 3638 Improve error messages in a few cases to be more self-explanatory. 3639 36406.12/6.3 93/01/21 3641 Fix yet-another problem with environment handling, pointed out 3642 by Yoshitaka Tokugawa and Tom Ivar Helbekkmo. 3643 Some heuristics to try to limit resource exhaustion problems 3644 if a downstream host has been down for a long time. 3645 Fix problem with incorrect host name being logged in "Connection 3646 timed out" messages (from Tom Ivar Helbekkmo). 3647 Fix some ANSI C problems (from Takahiro Kanbe). 3648 Properly log message sender on returned mail during queue run. 3649 Count number of recipients properly. 3650 Fix a problem in yp map code. 3651 Diagnose "message timed out" (from Motonori Nakamura). 3652 36536.11/6.3 93/01/20 3654 Fix problem with address delimitor inside quotes. 3655 Define $k and $=k to be the UUCP name (from the uname call) 3656 based on code from Bruce Lilly. 3657 36586.10/6.2 93/01/18 3659 Implement arpatounix (largely code from Bruce Lilly). 3660 Log more info (suggested by John Myers). 3661 Allow nested $?...$|...$. (inspired by code from Bruce Lilly of 3662 Sony US). 3663 POSIX compatibility (noted by Keith Bostic). 3664 Handle SMTP MAIL command errors properly (urged by several people, 3665 notably John Myers of CMU). 3666 Do early diagnosis of .cf errors (notably referencing a RHS 3667 substitution that isn't on the LHS). 3668 Adjust checkpointing to better handle batched recipients, suggested 3669 by John Myers. 3670 Fix miscellaneous bugs. 3671 (config files:) Implement MAIL_HUB for all local mail (to handle 3672 NFS-mounted directories) as urged by Tom Ivar Helbekkmo 3673 of the Norwegian School of Economics. 3674 36756.9/6.1 93/01/13 3676 Environment handling simplification/bug fix -- child processes 3677 get a minimal, fixed environment. This avoids different 3678 behaviour in queue runs. 3679 Handle commas inside comments properly. 3680 Properly limit large messages submitted in -obq mode. 3681 36826.8/6.1 93/01/10 3683 Check mtime of thaw file against .cf and sendmail binary, based on 3684 code from John Myers. 3685 36866.7/6.1 93/01/10 3687 MX piggybacking, based on code from John Myers@CMU. 3688 Allow checkcompat to return -1 to mean tempfail. 3689 Bug fix in m_mno computation. 3690 36916.6/6.1 93/01/09 3692 Tuning of queueing functions as recommended by John Gardiner Myers. 3693 Return mail headers (no body) on messages with negative precedence. 3694 Minor other bug fixes. 3695 36966.5/6.1 93/01/03 3697 Fix botch causing queued headers to have ?XX? prefixes. 3698 36996.4/6.1 93/01/02 3700 Changes to recognize special mailer types (e.g., file) early. 3701 37026.3/6.1 93/01/01 3703 Pass timeouts to sfgets. 3704 Check for control characters in addresses. 3705 Fixed deferred error reporting. 3706 Report duplicate aliases. 3707 Handle mixed case recursive aliases. 3708 Misc bug fixes. 3709 37106.2/6.1 92/12/30 3711 Put return-receipt-to on a conf.c flag (but don't set it). 3712 Fix minor syslog problem. 3713