Functions That Distinguish sendmail.cf From submit.cf
The sendmail.cf configuration file is for the daemon mode. When using this file, sendmail is acting as a mail transfer agent (MTA), which is started by root.
/usr/lib/sendmail -L sm-mta -bd -q1h |
See the following list of other distinguishing functions for sendmail.cf:
By default, sendmail.cf accepts SMTP connections on ports 25 and 587.
By default, sendmail.cf runs the main queue, /var/spool/mqueue.
Functional Changes in sendmail
With the addition of submit.cf, the following functional changes have occurred:
In version 8.12 of sendmail, only root can run the mail queue. For further details, refer to the changes that are described in the mailq(1) man page. For new task information, refer to "Administering the Queue Directories (Task Map)".
Because the mail submission program mode runs without root privilege, which might prevent sendmail from having access to certain files (such as, the .forward files), the -bv option for sendmail could give the user misleading output. No workaround is available.
Prior to sendmail version 8.12, if you were not running the sendmail daemon (that is, running in daemon mode), you would only prevent the delivery of inbound mail. Now, in sendmail version 8.12, if you are not running the sendmail daemon with the default configuration, you also prevent the delivery of outbound mail. The client queue runner (also known as the mail submission program) must be able to submit mail to the daemon on the local SMTP port. If the client queue runner tries to open an SMTP session with the local host and the daemon is not listening on the SMTP port, the mail remains in the queue. The default configuration does run a daemon, so this problem does not occur if you are using the default configuration. However, if you have disabled your daemon, refer to "Managing Mail Delivery by Using an Alternate Configuration (Task)" for a way to resolve this problem.
New or Deprecated Command-Line Options
The following table describes new command-line options for sendmail. Other command-line options are described in the sendmail(1M) man page.
Table 27-1 New Command-Line Options for sendmail
Option | Description |
|---|---|
Indicates that you want to use the configuration file, submit.cf, even if the operation mode does not indicate an initial mail submission. For more information about submit.cf, refer to "New Configuration File, submit.cf". | |
Indicates that you want to use the configuration file, sendmail.cf, even if the operation mode indicates an initial mail submission. For more information, refer to "New Configuration File, submit.cf". | |
Indicates that you are printing the number of entries in each queue. | |
Indicates that the message that is being submitted from the command line is for relaying, not for initial submission. The message is rejected if the addresses are not fully qualified. No canonicalization is done. As is noted in the Release Notes that are part of the sendmail distribution on ftp://ftp.sendmail.org, improperly formed messages might be rejected in future releases. | |
Sets the identifier that is used for syslog messages to the supplied tag. | |
Processes only jobs that contain this substring of one of the recipients. When ! is added, the option processes only jobs that do not have this substring of one of the recipients. | |
Processes only jobs that contain this substring of the queue ID. When ! is added, the option processes only jobs that do not have this substring of the queue ID. | |
Processes only jobs that contain this substring of the sender. When ! is added, the option processes only jobs that do not have this substring of the sender. | |
Processes saved messages in the queue once, without using the fork system call, and runs the process in the foreground. Refer to the fork(2) man page. | |
Processes only the messages in the name queue group. | |
Processes saved messages in the queue at a specific interval of time with a single child that is forked for each queue. The child sleeps between queue runs. This new option is similar to the -qtime, which periodically forks a child to process the queue. | |
As is noted in the Release Notes that are part of the sendmail distribution on ftp://ftp.sendmail.org, this option is not available in version 8.12. Mail user agents should use the -G argument. |
New and Revised Configuration File Options and Related Topics
This section contains a table of new and revised configuration file options and information on the following related topics.
"Deprecated and Unsupported Configuration File Options for sendmail"
"Additional Arguments for the PidFileand ProcessTitlePrefix Options"
When you declare these options, use one of the following syntaxes.
O OptionName=argument # for the configuration file -OOptionName=argument # for the command line define(`m4Name',argument) # for m4 configuration |
If you need to build a new sendmail.cf file, refer to "Building the sendmail.cf Configuration File (Task)" in Chapter 25, Mail Services (Tasks).
The following table describes new and revised options for sendmail.
Table 27-2 New and Revised Options for sendmail
Option | Description |
|---|---|
m4 name: confBAD_RCPT_THROTTLE Argument: number The new option limits the rate that recipients in the SMTP envelope are accepted after a threshold number of recipients has been rejected. | |
For details, see "New ClientPortOptions Option". | |
m4 name: confCONNECTION_RATE_THROTTLE Argument: number The option ConnectionRateThrottle now limits the number of connections per second to each daemon, not the total number of connections. | |
m4 name: confCONTROL_SOCKET_NAME Argument: filename. The recommended socket name is /var/spool/mqueue/.smcontrol. For security, this UNIX domain socket must be in a directory that is accessible only by root. When it is set, this new option creates a control socket for daemon management. This option enables an external program to control and query the status of the running sendmail daemon by way of a named socket. The socket is similar to the ctlinnd interface to the INN news server. If this option is not set, no control socket is available. | |
For details, see "Changes to DaemonPortOptions Option". | |
m4 name: confDF_BUFFER_SIZE Argument: number The new option controls the maximum size (in bytes) of a memory-buffered data (df) file before a disk-based file is used. The default is 4096 bytes. You should not have to change the default for the Solaris operating environment. | |
m4 name: confDEAD_LETTER_DROP Argument: filename The new option, which you should not need to set, defines the location of the system-wide dead.letter file, which was formerly hard-coded to /usr/tmp/dead.letter. | |
m4 name: confDELAY_LA Argument: number If this new option is set to a value greater than zero, the option does the following: Delays connections by one second when the load averages exceed a specified value Delays the execution of most SMTP commands by one second Otherwise, if the option is not set, the default value, which is zero, does not change the behavior of sendmail. | |
m4 name: confDELIVER_BY_MIN Argument: time The new option enables a client to specify a minimum amount of time for an email message to be delivered, as specified in RFC 2852, Deliver By SMTP Service Extension. If the time is set to zero, no time is listed. If the time is set to less than zero, the extension is not offered. If the time is set to greater than zero, the extension is listed as the minimum time for the EHLO keyword, DELIVERBY. | |
m4 name: confDIRECT_SUBMISSION_MODIFIERS Argument: modifiers The new option defines ${daemon_flags} for direct (command-line) submissions. If this option is not set, the value of ${daemon_flags} is either CC f, if the option -G is used, or c u. | |
You can use the following new arguments. The argument, NonRootSafeAddr, has been added. When sendmail does not have enough privileges to run a .forward program or deliver to a file as the owner of that file, addresses are marked unsafe. Furthermore, if RunAsUser is set, users cannot use programs or deliver to files in their .forward programs. Use NonRootSafeAddr to resolve these problems. | |
m4 name: confDOUBLE_BOUNCE_ADDRESS Argument: address. The default is postmaster. If an error occurs when sendmail is sending an error message, sendmail sends the "double-bounced" error message to the address that is specified by the argument to this option. | |
m4 name: confFALLBACK_MX Argument: fully qualified domain name. This option now includes MX record lookups. To use the old behavior of no MX record lookups, you must put the name in square brackets. | |
m4 name: confFAST_SPLIT Argument: number. The default value is one. This new option does the following: If the option is set to a value greater than zero, the initial MX lookups on addresses are suppressed when they are sorted, which might result in faster envelope splitting. If the mail is submitted from the command line, the value can limit the number of processes that are used to deliver the envelopes. If more envelopes are created, they are put in the queue and must be resolved with a queue run. | |
m4 name: confLDAP_DEFAULT_SPEC Argument: Class switch with appropriate definition (for example, -hhost, -pport, -dbind DN). The new option allows a default map specification for LDAP maps. The assigned default settings are used for all LDAP maps unless other individual map specifications are made with the K command. Set this option before defining any LDAP maps. | |
m4 name: confMAILBOX_DATABASE Argument: pw, which uses getpwnam(), is the default value. No other values are supported. The new option specifies the type of mailbox database that is used to check for local recipients. | |
m4 name: confMAX_HEADERS_LENGTH Argument: number This option specifies a maximum length for the sum of all headers and can be used to prevent a denial-of-service attack. The default is 32768. A warning is issued if a value less than 16384 is used. You should not have to change the default value for the Solaris operating environment. | |
m4 name: confMAX_MIME_HEADER_LENGTH Argument: number This option sets the maximum length of certain MIME header field values to x number of characters. Also, for parameters within headers, you can specify a maximum length of y. The combined values look like x/y. If y is not specified, half of x is used. If no values are set, the default is 0, which means no checks are made. This option is intended to protect mail user agents from buffer-overflow attacks. The suggested values are in the range of 256/128 to 1024/256. A warning is issued if values less than 128/40 are used. | |
m4 name: confMAX_QUEUE_CHILDREN Argument: number This new option limits the number of concurrently active queue-runner processes to the number that is specified in the argument. The option helps to limit the system resources that are used when the queue is processed. When the total number of queue runners for multiple queue groups exceeds the defined argument, the remaining queue groups are run later. | |
m4 name: confMAX_RCPTS_PER_MESSAGE Argument: number If it is set, this option allows no more than the specified number of recipients in an SMTP envelope. The minimum argument is 100. You can still declare this option from both the command line and the configuration file. However, normal users can now set it from the command line to enable the override of messages that are submitted through sendmail -bs. In this instance, sendmail does not relinquish its root privileges. | |
m4 name: confMAX_RUNNERS_PER_QUEUE Argument: number. The default is one. Consider your resources carefully and do not set this value too high. This new option specifies the maximum number of queue runners per queue group. The queue runners work in parallel on a queue group's messages, which is useful when the processing of a message might delay the processing of subsequent messages. | |
m4 name: confNICE_QUEUE_RUN Argument: number This new option sets the priority of queue runners. Refer to the nice(1) man page. | |
m4 name: confPID_file Argument: See "Additional Arguments for the PidFileand ProcessTitlePrefix Options". This new option defines the location of the pid file. The file name is macro expanded before it is opened. The default is /var/run/sendmail.pid. | |
For details, see "Changes to the PrivacyOptions Option". | |
m4 name: confPROCESS_TITLE_PREFIX Argument: See "Additional Arguments for the PidFileand ProcessTitlePrefix Options". The new option specifies a prefix string for the process title that is shown in /usr/ucb/ps auxww listings. The string is macro processed. You should not have to make any changes for the Solaris operating environment. | |
m4 name: confQUEUE_FILE_MODE Argument: number This new option provides the default permissions in octal for queue files. If this option is not set, sendmail uses 0600. However, if the option's real and effective user ID is different, sendmail uses 0644. | |
m4 name: confQUEUE_LA Argument: number The default value has changed from eight to eight times the number of processors online when the system starts. For single-processor machines, this change has no effect. Changing this value overrides the default and prevents the number of processors from being considered. Therefore, the effect of any value changes should be well understood. | |
m4 name: confQUEUE_SORT_ORDER This option sets the algorithm that is used for sorting the queue. The default value is priority, which sorts the queue by message priority. Note the following changes. The host argument now reverses the host name before sorting, which means domains are grouped to run through the queue together. This improvement provides better opportunities for use of the connection cache, if available. The new filename argument sorts the queue by file name, which avoids the opening and reading of each queue file when preparing to run the queue. The new modification argument sorts the queue by time of modification, starting with the oldest entries of the qf file. The new random argument sorts the queue randomly, which avoids contention, if several queue runners have manually been started. For more information, refer to QueueSortOrder in the sendmail(1M) man page. | |
m4 name: confREFUSE_LA Argument: number The default value has changed from 12 to 12 times the number of processors online when the system starts. For single-processor machines, this change has no effect. A change of this value overrides the default and prevents the number of processors from being considered. Therefore, the effect of any value changes should be well understood. | |
Two changes have been made. When attempting to canonify a host name, some name servers that are down return a temporary failure message, SERVFAIL, for IPv6 T_AAAA lookups. You can use this new argument, WorkAroundBrokenAAAA, to avoid this behavior. Also, the RES_USE_INET6 argument is controlled by a new flag, use_inet6. For more information, refer to the resolver(3RESOLV) man page. | |
m4 name: confRRT_IMPLIES_DSN Argument: true or false If the new option is set, a "Return-Receipt-To:" header causes the request of a delivery status notification (DSN), which is sent to the envelope sender, not to the address that is specified in the header. | |
m4 name: confMIME_FORMAT_ERRORS Argument: true or false The default is now true. | |
m4 name: confSHARED_MEMORY_KEY Argument: number This new option permits you to use shared memory, if it is available, to store free space for queue file systems. This option minimizes the number of system calls to check for available space. | |
m4 name: confSAFE_QUEUE Argument: true, false, or interactive. The default and recommended value is true. Avoid using false. If this option is set to true, the queue file is always instantiated, even if you are attempting immediate delivery. You can use the interactive value together with DeliveryMode=i to skip some synchronization calls that are doubled in the code execution path for this mode. | |
For details, see "Changes to the Timeout Option". | |
m4 name: confTRUSTED_USER Argument: user name or user numeric ID The new option enables you to specify a user name (instead of root) to own important files. If this option is set, generated alias databases and the control socket--if configured--are automatically owned by this user. This option requires HASFCHOWN. For information about HASFCHOWN, see "Flags Used and Not Used to Compile sendmail". Only TrustedUser, root, and class t ($=t) users can rebuild the alias map. | |
m4 name: confUSE_MSP Argument: true or false. The default is false. This new option permits group-writable queue files, if the group is the same as that of a set-group-id sendmail binary. In submit.cf, this option must be set to true. | |
m4 name: confXF_BUFFER_SIZE Argument: number The new option controls the maximum size (in bytes) of a memory-buffered transcript (xf) file before a disk-based file is used. The default is 4096 bytes. You should not have to change this default for the Solaris operating environment. |