sendmail 8.13 Companion | O'Reilly Media

Content preview·Buy reprint rights for this chapter

Each release of sendmail is packaged with a file called RELEASE_NOTES, located in the top level of the source distribution. The RELEASE_NOTES file itemizes new features that have been added to each particular version of sendmail since Version 8.1 (released in 1993). This file is very complete but, on the downside, can be difficult to parse.

In this chapter, we first show you the parts of a RELEASE_NOTES file, then we provide the code for a short program that makes reading the RELEASE_NOTES file easier.

Basically, the RELEASE_NOTES file is divided into sections, each of which deals with a separate release of sendmail. These sections are left-justified in the file. Each begins with a single line that contains the version number of the sendmail release, followed by a slash, followed by the version number of the configuration file release, followed by the date of the release. For example:

8.13.0/8.13.0   2004/06/20

Here, the first release of the V8.13 series (8.13.0) is indicated. The release of sendmail and its configuration file are the same. The date of the release is in the form year (first), month, and day.

Each such release section is then followed by indented sections that document a change in the sendmail binary. Some indented sections are prefixed with a keyword and colon. For the most part, those keyword sections describe a change in something other than the binary and can look like this, for example:

SECURITY: Some security matter was fixed, and the description of
        that fix will appear here.
This item describes a change made to the sendmail binary.
LIBMILTER: This documents a change made to one of the files in the
        libmilter directory.

The keywords and the meaning of each is shown in Table 1-1.

Table 1-1: RELEASE_NOTES file keywords
Keyword	Description
SECURITY:	This type of information is usually very important. You should read it first, as it contains information about a security matter and may involve some vital action.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

Basically, the RELEASE_NOTES file is divided into sections, each of which deals with a separate release of sendmail. These sections are left-justified in the file. Each begins with a single line that contains the version number of the sendmail release, followed by a slash, followed by the version number of the configuration file release, followed by the date of the release. For example:

8.13.0/8.13.0   2004/06/20

Here, the first release of the V8.13 series (8.13.0) is indicated. The release of sendmail and its configuration file are the same. The date of the release is in the form year (first), month, and day.

Each such release section is then followed by indented sections that document a change in the sendmail binary. Some indented sections are prefixed with a keyword and colon. For the most part, those keyword sections describe a change in something other than the binary and can look like this, for example:

SECURITY: Some security matter was fixed, and the description of
        that fix will appear here.
This item describes a change made to the sendmail binary.
LIBMILTER: This documents a change made to one of the files in the
        libmilter directory.

The keywords and the meaning of each is shown in Table 1-1.

Table 1-1: RELEASE_NOTES file keywords
Keyword	Description
SECURITY:	This type of information is usually very important. You should read it first, as it contains information about a security matter and may involve some vital action.
NOTICE:	This documents something you need to be aware of, usually an important change that might otherwise be overlooked.
none	This item documents the `sendmail` binary.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

The rnote program is a simple way to keep track of which version did what. Just compile it and run:

% rnote RELEASE_NOTES | more

The program itself is written in C and should compile on most systems. The numbers along the left are for descriptive purposes and are not a part of the code.

# include <stdio.h>
# include <ctype.h>
# include <stdlib.h>
# include <strings.h>
# include <errno.h>

int
main(int argc, char **argv)
{
        char *c, *cp, *prefix = NULL;
        FILE *fp;
        char buf[BUFSIZ];

        if (argc != 2)
        {
                (void) printf("Usage: rnote RELEASE_NOTES\n");
                exit(EINVAL);
        }

        if ((fp = fopen(argv[1], "r")) == NULL)
        { 
                (void) fprintf(stderr, "rnote: %s: %s\n",
                        argv[1], strerror(errno));
                (void) exit(errno);
        }

        while ((cp = fgets(buf, BUFSIZ, fp)) != NULL)
        {
                if (isdigit((int)*cp))
                {
                        if ((c = strchr(cp, '/')) != NULL)
                        {
                                *c = '\0';
                                if (prefix != NULL)
                                        (void) free(prefix);
                                prefix = strdup(cp);
                                continue;
                        }
                }
                if (prefix == NULL)
                        continue;
                
                (void) printf("%-7.7s%s", prefix, cp);
        }
        if (ferror(fp))
        { 
                (void) fprintf(stderr, "rnote: %s: %s\n",
                        argv[1], strerror(errno));
                (void) exit(errno);
        }
        return 0;
}

After opening the RELEASE_NOTES file, it is read in a loop, one line at a time. If a line of the file begins with a digit, it is presumed to be a release number (such as 8.12.11). Everything following the first slash character is removed and the result becomes the new prefix for all following file lines. Each line of the file is then prefixed with the release that created it and printed.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

V8.12.6 sendmail introduced one new Build m4-macro that arrived too late for inclusion in the third edition of the sendmail book: the confMSP_STFILE Build m4-macro (Section 2.1.1 ^[V8.13]).

Beginning with V8.12.6 sendmail, the confMSP_STFILE Build macro may be used to define a new name under which the statistics file (24.9.106^[3ed]) used by the MSP (2.6.2.4^[3ed]) invocation of sendmail can be installed. It is used like this:

               define(`confMSP_STFILE´, `mspstats´)

Here, a statistics file with the new name mspstats will be installed in the default directory /var/spool/clientmqueue (unless you redefine the default directory using the confMSP_QUEUE_DIR (2.8.37^[3ed]) Build macro). The default name for this statistics file is sm-client.st.

Note that if you rename this MSP statistics file, you will also have to redefine the StatusFile option (24.9.106^[3ed]) in the submit.cf file (2.6.2.4[3ed]) to reflect the new name. The proper way to modify that file is to first edit the cf/cf/submit.mc file in the source distribution and then to regenerate a new submit.cf file, like this:

# cd cf/cf
... edit the submit.mc file here
# make install-submit-cf
... the submit.cf file is recreated and installed

Or, run make submit.cf rather than make install-submit-cf if you want to check the result before installation.

See also the mailstats program and its -c command-line switch (5.4.4.1^[3ed]), which is used to print the contents of this statistics file.

This section contains two tables of information that are useful for building and installing sendmail:

Table 2-1 (Section 2.2.1 ^[V8.13]) shows the directories and files that will populate the source directory after you extract the sendmail source.
Table 2-2 (Section 2.2.2 ^[V8.13]) shows the m4 directives that determine how the sendmail program (and its companion programs) will be built.

The files and directories that appear after you unpack

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

V8.12.6 sendmail introduced one new Build m4-macro that arrived too late for inclusion in the third edition of the sendmail book: the confMSP_STFILE Build m4-macro (Section 2.1.1 ^[V8.13]).

Beginning with V8.12.6 sendmail, the confMSP_STFILE Build macro may be used to define a new name under which the statistics file (24.9.106^[3ed]) used by the MSP (2.6.2.4^[3ed]) invocation of sendmail can be installed. It is used like this:

               define(`confMSP_STFILE´, `mspstats´)

Here, a statistics file with the new name mspstats will be installed in the default directory /var/spool/clientmqueue (unless you redefine the default directory using the confMSP_QUEUE_DIR (2.8.37^[3ed]) Build macro). The default name for this statistics file is sm-client.st.

Note that if you rename this MSP statistics file, you will also have to redefine the StatusFile option (24.9.106^[3ed]) in the submit.cf file (2.6.2.4[3ed]) to reflect the new name. The proper way to modify that file is to first edit the cf/cf/submit.mc file in the source distribution and then to regenerate a new submit.cf file, like this:

# cd cf/cf
... edit the submit.mc file here
# make install-submit-cf
... the submit.cf file is recreated and installed

Or, run make submit.cf rather than make install-submit-cf if you want to check the result before installation.

See also the mailstats program and its -c command-line switch (5.4.4.1^[3ed]), which is used to print the contents of this statistics file.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

This section contains two tables of information that are useful for building and installing sendmail:

Table 2-1 (Section 2.2.1 ^[V8.13]) shows the directories and files that will populate the source directory after you extract the sendmail source.
Table 2-2 (Section 2.2.2 ^[V8.13]) shows the m4 directives that determine how the sendmail program (and its companion programs) will be built.

The files and directories that appear after you unpack sendmail into its source directory are listed in Table 2-1. They are described in detail in the sections indicated.

Table 2-1: Files and directories in the distribution directory
File/Directory	sendmail text reference	Description
Build	2.2.1.1^[3ed]	A top-level `Build` script
CACerts	^[V8.13]	A list of CA certificates used by members of the sendmail consortium
cf	4.2^[3ed]	Top of the tree for building a configuration file
contrib	2.2.1.2^[3ed]

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

For most users, the default sendmail that is produced by running Build is perfectly suitable. For others, however, support for certain desirable features—such as hesiod, LDAP, or NIS—will have to be added. The open source distribution of sendmail has many such support items that you can include or exclude from your compiled binary using compile-time macros.

V8.13 has introduced six new compile-time macros:

The new SOCKETMAP compile-time macro enables use of the new socket database-map type (Section 3.1.1 ^[V8.13]).
The new SM_CONF_LDAP_INITIALIZE compile-time macro (Section 3.1.2 ^[V8.13]) if set, declares that the ldap_initialize(3) routine exists in your LDAP library.
The new NEEDINTERRNO compile-time macro, if set, says that errno is not declared in your system's errno.h file.
The new SM_CONF_POLL compile-time macro causes poll(2) to be used instead of select(2) in the Milter library.
The new HASCLOSEFROM compile-time macro may be defined if your system has the closefrom(3) C-library function.
The new HASFDWALK compile-time macro may be defined if your system has the fdwalk(3) C-library function.

The SOCKETMAP compile-time macro enables use of the new socket database-map type (Section 23.1.5 ^[V8.13]). Define SOCKETMAP inside your Build m4 file with a line like this:

               APPENDDEF(`confMAPDEF´, `-DSOCKETMAP´)

If you use a vendor supplied sendmail program, you may check to see whether it includes SOCKETMAP support by running a command like the following:

% /usr/sbin/sendmail -bt -d0.4 < /dev/null | grep SOCKETMAP

If a line of text is printed containing SOCKETMAP, you indeed have support for it. If not, you will either need to contact your vendor or download and build open source sendmail.

When sendmail is built with LDAPMAP defined (3.4.19^[3ed]), LDAP database-maps are available for use. If the LDAP library contains an ldap_initialize( ) routine, and if this SM_CONF_LDAP_INITIALIZE macro is defined,

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

V8.13 has introduced six new compile-time macros:

The new SOCKETMAP compile-time macro enables use of the new socket database-map type (Section 3.1.1 ^[V8.13]).
The new SM_CONF_LDAP_INITIALIZE compile-time macro (Section 3.1.2 ^[V8.13]) if set, declares that the ldap_initialize(3) routine exists in your LDAP library.
The new NEEDINTERRNO compile-time macro, if set, says that errno is not declared in your system's errno.h file.
The new SM_CONF_POLL compile-time macro causes poll(2) to be used instead of select(2) in the Milter library.
The new HASCLOSEFROM compile-time macro may be defined if your system has the closefrom(3) C-library function.
The new HASFDWALK compile-time macro may be defined if your system has the fdwalk(3) C-library function.

The SOCKETMAP compile-time macro enables use of the new socket database-map type (Section 23.1.5 ^[V8.13]). Define SOCKETMAP inside your Build m4 file with a line like this:

               APPENDDEF(`confMAPDEF´, `-DSOCKETMAP´)

If you use a vendor supplied sendmail program, you may check to see whether it includes SOCKETMAP support by running a command like the following:

% /usr/sbin/sendmail -bt -d0.4 < /dev/null | grep SOCKETMAP

If a line of text is printed containing SOCKETMAP, you indeed have support for it. If not, you will either need to contact your vendor or download and build open source sendmail.

When sendmail is built with LDAPMAP defined (3.4.19^[3ed]), LDAP database-maps are available for use. If the LDAP library contains an ldap_initialize( ) routine, and if this SM_CONF_LDAP_INITIALIZE macro is defined, ldap_initialize( ) is called if your LDAP server supports direct use of URIs.

Note that LDAP URIs can still be used even if SM_CONF_LDAP_INITIALIZE is not set, but the scheme:// in (scheme://host:port/...) is ignored. Therefore, if SM_CONF_LDAP_INITIALIZE is not available, the scheme ldap:// is always used, but the schemes ldaps:// and ldapi://, if used, may result in an error.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

In Table 3-1, we list all the compile-time macros that are available as of V8.13 sendmail. See Table 3-2^[3ed] in §3.2^[3ed] for a full description of each, including how each is used to port, tune, or debug sendmail.

Table 3-1: Define macros for compiling sendmail
Compile-time macro	sendmail text reference	Description
ARBPTR_T	3.4.68^[3ed]	How to cast an arbitrary pointer
AUTO_NIS_ALIASES	3.4.1^[3ed]	Add fallback alias techniques
BROKEN_RES_SEARCH	3.4.17^[3ed]	Broken resolver fix (e.g., Ultrix)
BSD4_3	3.4.2^[3ed]	BSD 4.3-style signal handling
BSD4_4	3.4.3^[3ed]	Compile for BSD 4.4 Unix
DATA_PROGRESS_TIMEOUT	3.4.4^[3ed]	Timeout inbound DATA phase
DNSMAP	3.4.5^[3ed]	Enable use of dns databases
DSN

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

In the cf subdirectory of the V8 sendmail source distribution, you will find the file README. It contains easy-to-understand, step-by-step instructions that will allow you to create a custom configuration file for your site. This chapter supplements that file.

Three new mc configuration macros have been introduced (which correspond to three new sendmail configuration file options):

The new confREJECT_LOG_INTERVAL mc macro (Section 4.1.1 ^[V8.13]) sets the new RejectLogInterval option (Section 24.1.11 ^[V8.13]). It specifies how often a message advising that connections are still being refused should be logged.
The new confREQUIRES_DIR_FSYNC mc macro (Section 4.1.2 ^[V8.13]) sets the new RequiresDirfsync option (Section 24.1.12 ^[V8.13]). It causes sendmail to change the effect if the compile-time flag REQUIRES_DIR_FSYNC (3.4.47^[3ed]) at runtime.
The new confCONNECTION_RATE_WINDOW_SIZE mc macro (Section 4.1.3 ^[V8.13]) sets the new ConnectionRateWindowSize option (Section 24.1.13 ^[V8.13]). It defines the window of time over which a count of the number of connections is maintained in order to enable connection rate-control.

Two existing options have been given new extensions that require two new mc configuration macros:

The new confTO_QUEUERETURN_DSN mc macro (Section 4.1.4[V8.13]) adds a new timeout to the Timeout.queuereturn option (24.9.109.18^[3ed]). This affects only normal DSN messages.
The new confTO_QUEUEWARN_DSN mc macro (Section 4.1.5[V8.13]) adds a new timeout to the Timeout.queuewarn option (24.9.109.19^[3ed]). This affects only normal DSN messages.

One feature has been eliminated:

The nodns feature (4.8.29[3ed]) has been removed. It was present prior to V8.13, but has done nothing since V8.9. If you wish to disable DNS, use your service-switch file (24.9.100

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

Three new mc configuration macros have been introduced (which correspond to three new sendmail configuration file options):

The new confREJECT_LOG_INTERVAL mc macro (Section 4.1.1 ^[V8.13]) sets the new RejectLogInterval option (Section 24.1.11 ^[V8.13]). It specifies how often a message advising that connections are still being refused should be logged.
The new confREQUIRES_DIR_FSYNC mc macro (Section 4.1.2 ^[V8.13]) sets the new RequiresDirfsync option (Section 24.1.12 ^[V8.13]). It causes sendmail to change the effect if the compile-time flag REQUIRES_DIR_FSYNC (3.4.47^[3ed]) at runtime.
The new confCONNECTION_RATE_WINDOW_SIZE mc macro (Section 4.1.3 ^[V8.13]) sets the new ConnectionRateWindowSize option (Section 24.1.13 ^[V8.13]). It defines the window of time over which a count of the number of connections is maintained in order to enable connection rate-control.

Two existing options have been given new extensions that require two new mc configuration macros:

The new confTO_QUEUERETURN_DSN mc macro (Section 4.1.4[V8.13]) adds a new timeout to the Timeout.queuereturn option (24.9.109.18^[3ed]). This affects only normal DSN messages.
The new confTO_QUEUEWARN_DSN mc macro (Section 4.1.5[V8.13]) adds a new timeout to the Timeout.queuewarn option (24.9.109.19^[3ed]). This affects only normal DSN messages.

One feature has been eliminated:

The nodns feature (4.8.29[3ed]) has been removed. It was present prior to V8.13, but has done nothing since V8.9. If you wish to disable DNS, use your service-switch file (24.9.100^[3ed]).

Two features have been changed in small, but significant, ways. If you use either of them, you should note these changes:

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

The m4 method of creating a configuration file using an mc configuration file is covered in Chapter 4[3ed]. In Table 4-1, we list nearly all of the macros available to use when creating your configuration file.

Note that most of these mc macros are defined with the define method. For example:

define(`ALIAS_FILE´, `/etc/mail/aliases´)

In the table, these are shown without trailing parentheses.

Others macros are self-defining. For example:

CANONIFY_DOMAIN_FILE(`/etc/mail/canonify-domains´)

In Table 4-1, these are shown with trailing parentheses. For example:

ALIAS_FILE                       
            
             use with define( )
CANONIFY_DOMAIN_FILE( )           
            
             use by itself

Table 4-1: mc configuration macros and directives
Item	sendmail text reference	Description
ALIAS_FILE	24.9.1^[3ed]	Define the location of the `aliases` files
BITNET_RELAY	21.9.11^[3ed]	Define the BITNET relay host
CANONIFY_DOMAIN( )	4.8.28^[3ed]	Add a value to the `$={Canonify}` class
CANONIFY_DOMAIN_FILE( )	4.8.28^[3ed]	Add values to the `$={Canonify}` class from a file
CLIENT_OPTIONS( )	24.9.17^[3ed]	Define client port option settings

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

The sendmail distribution comes complete with several companion programs that can help you use sendmail.

Beginning with V8.13, sendmail offers expanded output for one program and new command-line switches for a couple of others:

A new mailstats display (Section 5.1.1[V8.13]) includes a count of quarantined messages.
A new makemap -D command-line switch (Section 5.1.2[V8.13]) allows you to define an alternative to # as a comment character.
A new vacation -j command-line switch (Section 5.1.3 ^[V8.13]) allows vacation to respond to messages, even if a user's name does not appear in a To: or Cc: header.
A new vacation -R command-line switch (Section 5.1.4 ^[V8.13]) allows you to redefine the envelope-sender address from <> to one of your own choice.

As of V8.13, sendmail can quarantine messages based on the sender address so that they may be reviewed before being sent (Section 11.1.2 ^[V8.13]). The sendmail program keeps track of the number of messages quarantined by updating the information in the statistics file (24.9.106^[3ed]), while the mailstats program (5.4^[3ed]) summarizes that information.

Prior to V8.13, the output produced by mailstats ended with the column that displayed the number of discarded messages (the msgsdis column). Beginning with V8.13, a new rightmost column has been added (called msgsqur) that shows the number of messages that have been quarantined:

# mailstats
Statistics from Sun Apr  6 09:47:44 2003
 M   msgsfr  bytes_from   msgsto    bytes_to  msgsrej msgsdis msgsqur  Mailer
 0   0       0K           15544     46975K    0       0       0        prog
 3   678     9590K        0         0K        62      0       0        local
 5   21430   264395K      1055      2082K     12969   0       0        esmtp
=====================================================================
 T    22108    273985K    16599     49057K    13031   0       0
 C    28551                          1980                     13031

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

Beginning with V8.13, sendmail offers expanded output for one program and new command-line switches for a couple of others:

A new mailstats display (Section 5.1.1[V8.13]) includes a count of quarantined messages.
A new makemap -D command-line switch (Section 5.1.2[V8.13]) allows you to define an alternative to # as a comment character.
A new vacation -j command-line switch (Section 5.1.3 ^[V8.13]) allows vacation to respond to messages, even if a user's name does not appear in a To: or Cc: header.
A new vacation -R command-line switch (Section 5.1.4 ^[V8.13]) allows you to redefine the envelope-sender address from <> to one of your own choice.

As of V8.13, sendmail can quarantine messages based on the sender address so that they may be reviewed before being sent (Section 11.1.2 ^[V8.13]). The sendmail program keeps track of the number of messages quarantined by updating the information in the statistics file (24.9.106^[3ed]), while the mailstats program (5.4^[3ed]) summarizes that information.

Prior to V8.13, the output produced by mailstats ended with the column that displayed the number of discarded messages (the msgsdis column). Beginning with V8.13, a new rightmost column has been added (called msgsqur) that shows the number of messages that have been quarantined:

# mailstats
Statistics from Sun Apr  6 09:47:44 2003
 M   msgsfr  bytes_from   msgsto    bytes_to  msgsrej msgsdis msgsqur  Mailer
 0   0       0K           15544     46975K    0       0       0        prog
 3   678     9590K        0         0K        62      0       0        local
 5   21430   264395K      1055      2082K     12969   0       0        esmtp
=====================================================================
 T    22108    273985K    16599     49057K    13031   0       0
 C    28551                          1980                     13031

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

In this section, we have tables that contain the command-line switches for the following companion programs:

The Build program (Section 5.2.1 ^[V8.13])
The editmap program (Section 5.2.2 ^[V8.13])
The mail.local program (Section 5.2.3 ^[V8.13])
The mailstats program (Section 5.2.4 ^[V8.13])
The makemap program (Section 5.2.5 ^[V8.13])
The praliases program (Section 5.2.6 ^[V8.13])
The vacation program (Section 5.2.7 ^[V8.13])

Even though the Build program is a shell script, it can use command-line switches just like a program. Table 5-1 lists the current Build command-line switches and describes what each does.

Table 5-1: Build command-line switches
Switch	sendmail text reference	Description
`-A`	5.1.1^[3ed]	Show the architecture for the build
`-c`	5.1.2^[3ed]	Clean out an existing object tree
`-E`	5.1.3^[3ed]	Pass environment variables to `Build`
`-f`	5.1.4^[3ed]

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

When sendmail is installed with near-default settings, it provides excellent email services for most machines. But when installed to service high loads, high volumes, or high rates, special tuning becomes a requirement.

There are a few new items in V8.13 that affect performance tuning. They are described in other chapters but referenced here. In this chapter, we augment some of the knowledge imparted in the third edition of the sendmail book.

The RequiresDirfsync option (Section 24.1.12 ^[V8.13]) turns off the REQUIRES_DIR_FSYNC (3.4.47[3ed]) compile-time macro's setting at runtime. Turning off directory fsyncs increases performance—but at (possibly) increased risk.
The existing SuperSafe option (24.9.107[3ed]) now accepts a new PostMilter setting that delays fsync( )ing the df file until after all Milters have reviewed the message. This improves performance when a great deal of email is rejected by Milters that review the message body.
The Timeout.queuereturn.dsn (Section 24.1.15[V8.13]) and Timeout.queuewarn.dsn (Section 24.1.16 ^[V8.13]) options have been added. Use them to lower bounce timeouts, and thereby to create less congested queues and increase performance.
Some sites have developed delivery agents that receive messages using SMTP over standard input/output. Such delivery agents use the P=[LPC] equate (20.5.11[3ed]) to achieve this effect. Beginning with V8.13, sendmail enables connection caching (24.7.5^[3ed]) for such delivery agents, thereby increasing delivery performance.

Although this is not a V8.13 improvement, you can safely increase the performance of your queue disks under Solaris 7 and above, and other operating systems by mounting them with the following mount(1) options:

logging,noatime

Here, the logging causes transactions (such as creating and deleting files) to be stored in a log before they are applied to the disk. Once a transaction is logged, it can be applied to the underlying disk layout later. This speeds up disk I/O and can help a machine to reboot faster.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

There are a few new items in V8.13 that affect performance tuning. They are described in other chapters but referenced here. In this chapter, we augment some of the knowledge imparted in the third edition of the sendmail book.

The RequiresDirfsync option (Section 24.1.12 ^[V8.13]) turns off the REQUIRES_DIR_FSYNC (3.4.47[3ed]) compile-time macro's setting at runtime. Turning off directory fsyncs increases performance—but at (possibly) increased risk.
The existing SuperSafe option (24.9.107[3ed]) now accepts a new PostMilter setting that delays fsync( )ing the df file until after all Milters have reviewed the message. This improves performance when a great deal of email is rejected by Milters that review the message body.
The Timeout.queuereturn.dsn (Section 24.1.15[V8.13]) and Timeout.queuewarn.dsn (Section 24.1.16 ^[V8.13]) options have been added. Use them to lower bounce timeouts, and thereby to create less congested queues and increase performance.
Some sites have developed delivery agents that receive messages using SMTP over standard input/output. Such delivery agents use the P=[LPC] equate (20.5.11[3ed]) to achieve this effect. Beginning with V8.13, sendmail enables connection caching (24.7.5^[3ed]) for such delivery agents, thereby increasing delivery performance.

Although this is not a V8.13 improvement, you can safely increase the performance of your queue disks under Solaris 7 and above, and other operating systems by mounting them with the following mount(1) options:

logging,noatime

Here, the logging causes transactions (such as creating and deleting files) to be stored in a log before they are applied to the disk. Once a transaction is logged, it can be applied to the underlying disk layout later. This speeds up disk I/O and can help a machine to reboot faster.

The noatime prevents inodes from being updated each time a file is read. This eliminates a disk write that has no significant value. The speed increase will be most noticeable when many queued files are being retried in parallel.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

There are no tables from the third edition available for inclusion in this chapter.

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

V8.13 has been augmented in several ways that benefit your ability to detect and reject spam email.

The confREJECT_MSG mc macro no longer auto-inserts quotation marks around its value (Section 7.1.1 ^[V8.13]).
Envelope quarantining has been added as a means to hold mail for review. (See Section 11.1.2 ^[V8.13] for a complete discussion of quarantining.)
The Milter library has been enhanced by the addition of a smfi_quarantine( ) routine (Section 7.1.2.1 ^[V8.13]), a smfi_progress( ) routine (Section 7.1.2.2 ^[V8.13]), a smfi_stop( ) routine (Section 7.1.2.3 ^[V8.13]), a smfi_setdbg( ) routine (Section 7.1.2.4 ^[V8.13]), a smfi_setmlreply( ) routine (Section 7.1.2.5 ^[V8.13]), a smfi_setbacklog( ) routine (Section 7.1.2.6 ^[V8.13]) and a smfi_opensocket( ) routine(Section 7.1.2.7[V8.13]). Support for a 421 SMTP return (Section 7.1.2.9 ^[V8.13]) has been added, the removal of the socket by root (Section 7.1.2.10[V8.13]) has been prevented, and macros may now be passed to a Milter's end-of-message routine (Section 24.1.17 ^[V8.13]).
The check_relay ruleset (7.1.1^[3ed]) is now called with the value of ${client_name} macro (21.9.20[3ed]) so that it can deal with bogus DNS entries (Section 9.1.2 ^[V8.13]).
The new greet_pause feature allows protection from SMTP slamming (Section 7.1.3 ^[V8.13]).
The new (experimental) mtamark feature implements MTA marking by looking up TXT records in the in-addr.arpa domain (Section 7.1.4 ^[V8.13]).
The new use_client_ptr feature (Section 7.1.5[V8.13]) causes the check_relay rule set to use the ${client_ptr} macro as its first argument.

Prior to V8.13, the confREJECT_MSG mc macro was declared in cf/proto.m4, in part, like this:

ifdef(`confREJECT_MSG´, `$: "confREJECT_MSG"´, `$@ 5.7.1 $: "550 Access denied"´)

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

V8.13 has been augmented in several ways that benefit your ability to detect and reject spam email.

The confREJECT_MSG mc macro no longer auto-inserts quotation marks around its value (Section 7.1.1 ^[V8.13]).
Envelope quarantining has been added as a means to hold mail for review. (See Section 11.1.2 ^[V8.13] for a complete discussion of quarantining.)
The Milter library has been enhanced by the addition of a smfi_quarantine( ) routine (Section 7.1.2.1 ^[V8.13]), a smfi_progress( ) routine (Section 7.1.2.2 ^[V8.13]), a smfi_stop( ) routine (Section 7.1.2.3 ^[V8.13]), a smfi_setdbg( ) routine (Section 7.1.2.4 ^[V8.13]), a smfi_setmlreply( ) routine (Section 7.1.2.5 ^[V8.13]), a smfi_setbacklog( ) routine (Section 7.1.2.6 ^[V8.13]) and a smfi_opensocket( ) routine(Section 7.1.2.7[V8.13]). Support for a 421 SMTP return (Section 7.1.2.9 ^[V8.13]) has been added, the removal of the socket by root (Section 7.1.2.10[V8.13]) has been prevented, and macros may now be passed to a Milter's end-of-message routine (Section 24.1.17 ^[V8.13]).
The check_relay ruleset (7.1.1^[3ed]) is now called with the value of ${client_name} macro (21.9.20[3ed]) so that it can deal with bogus DNS entries (Section 9.1.2 ^[V8.13]).
The new greet_pause feature allows protection from SMTP slamming (Section 7.1.3 ^[V8.13]).
The new (experimental) mtamark feature implements MTA marking by looking up TXT records in the in-addr.arpa domain (Section 7.1.4 ^[V8.13]).
The new use_client_ptr feature (Section 7.1.5[V8.13]) causes the check_relay rule set to use the ${client_ptr} macro as its first argument.

Prior to V8.13, the confREJECT_MSG mc macro was declared in cf/proto.m4, in part, like this:

ifdef(`confREJECT_MSG´, `$: "confREJECT_MSG"´, `$@ 5.7.1 $: "550 Access denied"´)

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

Two tables are of interest for aiding the suppression of spam:

Table 7-1 lists the mc configuration features useful for regulating relaying
Table 7-2 lists the righthand-side values useful in the access database

Several mc configuration features affect relaying. Table 7-1 lists the features that determine how mail will, or will not, be relayed.

Table 7-1: Relay features
Feature	sendmail text reference	Description
`access_db`	7.5^[3ed]	Screen addresses and set policy
`loose_relay_check`	7.4.2^[3ed]	Allow percent-hack relaying
`promiscuous_relay`	7.4.3^[3ed]	Allow all relaying
`relay_based_on_MX`	7.4.4^[3ed]	Relay for any site for which you are an MX server
`relay_entire_domain`	7.4.5^[3ed]

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·Buy reprint rights for this chapter

The sendmail program offers a mode of operation (called rule-testing mode) that allows you to observe the flow of addresses through rule sets. The -bt command-line switch causes sendmail to run in rule-testing mode.

V8.13 offers no new commands to aid in rule-testing.

Beginning with V8.7 sendmail, rule-testing mode offers 13 simple commands that will help you understand your configuration file. They are listed in Table 8-1.

Table 8-1: Available -bt commands
Command	sendmail text reference	Description
`.D`	8.2.1^[3ed]	Give a macro a value
`.C`	8.2.2^[3ed]	Add a value to a class
`=S`	8.4.1^[3ed]	Show a rule set's rules
`=M`	8.4.2^[3ed]	List all delivery agents
`-d`	16.1^[3ed]	Turn debugging on or off
`$`

Additional content appearing in this section has been removed.
Purchase this book now or read it online at Safari to get the whole thing!

Content preview·

Table of Contents