
               Changes in Sendmail Version 8*

                        Eric Allman
             _U_n_i_v_e_r_s_i_t_y _o_f _C_a_l_i_f_o_r_n_i_a_, _B_e_r_k_e_l_e_y
                      _M_a_m_m_o_t_h _P_r_o_j_e_c_t

                          ABSTRACT

    Version  8  of  _s_e_n_d_m_a_i_l  includes a number of major
    changes from previous versions.  This paper gives  a
    very short history of _s_e_n_d_m_a_i_l, a summary of the ma-
    jor differences between version 5 (the  last  publi-
    cally  available  version)  and  version 8, and some
    discussion of future directions.

     In 1987, the author stopped major work on _s_e_n_d_m_a_i_l  due

to other time committments, only to return to active work in

1991.  This paper explores why work resumed and what changes

have been made.

     Section  1  gives  a  short history of _s_e_n_d_m_a_i_l through

version 5 and the motivation behind working  on  version  8.

Section  2  has  a  rather  detailed description of what has

changed between version 5 and version 8.  The paper finishes

off with some thoughts about what still needs to be done.

____________________
   *An earlier version of this paper was printed in the Pro-
ceedings of the 1994 AUUG Queensland Summer  Technical  Con-
ference, Gateway Hotel, Brisbane, March 1994.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                              11

22                              CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

11..  HHIISSTTOORRYY

        As  discussed elsewhere, [Allman83a, Allman83b, All-

   man&Amos85] sendmail has existed in various  forms  since

   1980.  It was released under the name _d_e_l_i_v_e_r_m_a_i_l in 4BSD

   and 4.1BSD, and as _s_e_n_d_m_a_i_l in 4.2BSD.  It quickly became

   the dominant mail system for networked UNIX systems.

        Prior  the  release  of 4.3BSD in November 1986, the

   author had left the University for private industry,  but

   continued  to  do  some  work  on  _s_e_n_d_m_a_i_l with activity

   slowly trailing  off  until  effectively  stopping  after

   February  1987.   There  was minimal support done by many

   people for several years, until July  of  1991  when  the

   original author, who had returned the University, started

   active work on it again.

        There were several reasons for renewed work on _s_e_n_d_-

   _m_a_i_l.   There  was  a  desire at Berkeley to convert to a

   subdomained structure so that individuals were identified

   by  their subdomain rather than by their individual work-

   station; although possible in the old  code,  there  were

   some  problems,  and the author was the obvious person to

   address  them.   The  Computer  Systems  Research   Group

   (CSRG),  the  group  that  produced the Berkeley Software

   Distributions, was  working  on  4.4BSD,  and  wanted  an

   update to the mail system.  Bryan Costales was working on

   a book on _s_e_n_d_m_a_i_l that was being reviewed by the author,

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                              33

   which  encouraged  him  to  make some revisions.  And the

   author wanted to try to unify some of the disparate  ver-

   sions of _s_e_n_d_m_a_i_l that had been permitted to proliferate.

        During the 1987-91 fallow period, many  vendors  and

   outside  volunteers  had  produced  variants of _s_e_n_d_m_a_i_l.

   Perhaps the best known is the IDA version [IDA87].  Orig-

   inally  intended  to be a new set of configuration files,

   IDA expanded into a fairly large set of patches  for  the

   code.   Originally  produced  in  Sweden, IDA development

   passed to the University of Illinois, and was widely used

   by  the  fairly large set of people who prefer to get and

   compile their own source code rather than use vendor-sup-

   plied binaries.

        In  about the same time frame, attempts were made to

   clean up and extend the Simple  Mail  Transport  Protocol

   (SMTP)  [RFC821].   This  involved clarifications of some

   ambiguities in the protocol, and correction of some prob-

   lem areas [RFC1123], as well as extensions for additional

   functionality (dubbed Extended Simple Mail Transport Pro-

   tocol, or ESMTP) [RFC1425, RFC1426, RFC1427] and a richer

   set of semantics in the body of messages  (the  Multipur-

   pose  Internet  Mail  Extensions,  a.k.a. MIME) [RFC1521,

   RFC1344].  Neither the IDA group nor  most  vendors  were

   modifying _s_e_n_d_m_a_i_l to conform to these new standards.  It

   seemed clear that these were ``good things'' that  should

   be  encouraged.   However,  since no one was working on a

44                              CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

   publically  available  version  of  _s_e_n_d_m_a_i_l  with  these

   updates,  they  were  unlikely  to be widely deployed any

   time in the near future.

        There are, of course, other  mail  transport  agents

   available,  such  as  _M_M_D_F  _z_m_a_i_l_e_r _s_m_a_i_l and _P_P However,

   none of these seemed to  be  gaining  the  prominence  of

   _s_e_n_d_m_a_i_l;  it appeared that most companies would not con-

   vert to another mail transport  agent  any  time  in  the

   forseeable  future.   However, they might be persuaded to

   convert to a newer version of _s_e_n_d_m_a_i_l.

        All of these convinced  the  author  to  work  on  a

   updated version of _s_e_n_d_m_a_i_l for public distribution.

        The  new  version of _s_e_n_d_m_a_i_l is referred to as ver-

   sion eight (V8).  Versions six  and  seven  were  skipped

   because of an agreement that all files in 4.4BSD would be

   numbered as "8.1".  Rather than have an external  version

   number that differed from the file version numbers, _s_e_n_d_-

   _m_a_i_l just jumped directly to V8.

22..  CCHHAANNGGEESS IINN VVEERRSSIIOONN EEIIGGHHTT

        The following is a summary of  the  changes  between

   the  last  commonly  available  version  of sendmail from

   Berkeley (5.67) and the latest version (8.6.6).

        Many of these are ideas that had been tried in  IDA,

   but many of them were generalized in V8.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                              55

   22..11..  PPeerrffoorrmmaannccee EEnnhhaanncceemmeennttss

           Instead  of closing SMTP connections immediately,

      open connections are cached for possible  future  use.

      There  is  a  limit to the number of simultaneous open

      connections and the idle time of any  individual  con-

      nection.

           This  is  of  best  help  during queue processing

      (since there is the potential of many  different  mes-

      sages  going  to  one site), although it can also help

      when processing MX records which aren't handled by  MX

      Piggybacking.

           If  two  hosts  with  different names in a single

      message happen to have the same set of MX hosts,  they

      can  be  sent  in  the  same  transaction.   Version 8

      notices this and tries to batch the messages.

           For  example,  if  two  sites   ``foo.com''   and

      ``bar.com''  are  both served by UUNET, they will have

      the same set of MX hosts  and  will  be  sent  in  one

      transaction.   UUNET  will  then split the message and

      send it to the two individual hosts.

   22..22..  RRFFCC 11112233 CChhaannggeess

           A number of changes have been made to make  send-

      mail  ``conditionally  compliant'' (that is, it satis-

      fies all of the MUST clauses and most but not  all  of

66                              CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

      the SHOULD clauses in RFC 1123).

           The  major  areas  of change are (numbers are RFC

      1123 section numbers):

      S5.2.7 Response to RCPT command is fast.   Previously,

             sendmail  expanded  all  aliases  as  far as it

             could -- this could take a very long time, par-

             ticularly  if  there  were  name server delays.

             Version 8 only checks for the existence  of  an

             alias  and  does  the expansion later.  It does

             still do a DNS lookup if there is  an  explicit

             host name in the RCPT command, but this time is

             bounded.

      S5.2.8 Numeric IP addresses are  logged  in  Received:

             lines.  This helps tracing spoofed messages.

      S5.2.17Self  domain literal is properly handled.  Pre-

             viously, if  someone  sent  to  user@[1.2.3.4],

             where  1.2.3.4  is  your  IP  address, the mail

             would probably be rejected with a  ``configura-

             tion  error''.   Version  8  can  handle  these

             addresses.

      S5.3.2 Better control over individual  timeouts.   RFC

             821  specified  no timeouts.  Older versions of

             sendmail had a single timeout, typically set to

             two  hours.  Version 8 allows the configuration

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                              77

             file to set timeouts for various SMTP  commands

             individually.

      S5.3.3 Error  messages  are sent as From:<>.  This was

             urged by RFC 821 and reiterated  by  RFC  1123,

             but older versions of sendmail never really did

             it properly.  Version 8  does.   However,  some

             systems  cannot  handle  this  perfectly  legal

             address; if necessary, you can create a special

             mailer  that uses the `g' flag to disable this.

      S5.3.3 Error messages are never sent  to  <>.   Previ-

             ously, sendmail was happy to send responses-to-

             responses   which   sometimes    resulted    in

             responses-to-responses-to-responses       which

             resulted in ....  you get the idea.

      S5.3.3 Route-addrs              (the              ugly

             ``<@hosta,@hostb:user@hostc>''    syntax)   are

             pruned.  RFC 821 urged the use of this  bletch-

             erous  syntax.  RFC 1123 has seen the light and

             officially deprecates them, further urging that

             you eliminate all but ``user@hostc'' should you

             receive one of  these  things.   Version  8  is

             slightly  more generous than the standards sug-

             gest; instead of stripping off  all  the  route

             addressees,  it only strips hosts off up to the

             one before the last  one  known  to  DNS,  thus

88                              CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

             allowing  you  to  have  pseudo-hosts  such  as

             foo.BITNET.  The `R' option will turn this off.

      The  areas  in which sendmail is not ``unconditionally

      compliant'' are:

      S5.2.6 Sendmail does do header munging.

      S5.2.10Sendmail doesn't always use the exact SMTP mes-

             sage text from RFC 821.  This is a rather silly

             requirement.

      S5.3.1.1

             Sendmail doesn't guarantee only one connect for

             each  host  on  queue runs.  Connection caching

             gives you most of this, but it does not provide

             a guarantee.

      S5.3.1.1

             Sendmail  doesn't  always  provide  an adequate

             limit on concurrency.  That is,  there  can  be

             several  independent sendmails running at once.

             My feeling is  that  doing  an  absolute  limit

             would  be  a  mistake  (it might result in lost

             mail).  However, if you use the XLA contributed

             software,  most of this will be guaranteed (but

             I don't guarantee the guarantee).

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                              99

   22..33..  EExxtteennddeedd SSMMTTPP SSuuppppoorrtt

           Version 8 includes  both  sending  and  receiving

      support  for  Extended  SMTP support as defined by RFC

      1425 (basic) and RFC 1427 (SIZE); and limited  support

      for  RFC  1426  (BODY).   The  body support is minimal

      because the "8BITMIME"  body  type  is  not  currently

      advertised.    Although  such  a  body  type  will  be

      accepted, it will not be correctly converted to 7 bits

      if speaking to a non-8-bit-MIME aware SMTP server.

           _S_e_n_d_m_a_i_l tries to speak ESMTP if you have the `a'

      flag set in the flags for the mailer descriptor, or if

      the  other  end  advertises  the  fact  that it speaks

      ESMTP.  This is a non-standard advertisement: _s_e_n_d_m_a_i_l

      announces  "ESMTP spoken here" during the initial con-

      nection message, and client sendmails search for  this

      message.  This creates some problems for some PC-based

      mailers, which do  not  understand  two-line  greeting

      messages as required by RFC 821.

   22..44..  EEiigghhtt--BBiitt CClleeaann

           Previous  versions  of sendmail used the 0200 bit

      for quoting.  This version avoids that use.   However,

      you  can set option `7' to get seven bit stripping for

      compatibility with RFC 821, which is a 7-bit protocol.

      This option says ``strip to 7 bits on input''.

1100                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

           Individual  mailers  can  still produce seven bit

      out put using the `7' mailer  flag.   This  flag  says

      ``strip to 7 bits on output''.

   22..55..  UUsseerr DDaattaabbaassee

           The User Database (UDB) is an as-yet experimental

      attempt to provide unified  large-site  name  support.

      We  are installing it at Berkeley; future versions may

      show significant modifications.  Briefly, UDB contains

      a  database  that  is intended to contain all the per-

      user information for your workgroup, such as  people's

      full  names,  their  .plan information, their outgoing

      mail name, and their mail drop.

           The user database allows you to map both incoming

      and  outgoing  addresses, much like IDA.  However, the

      interface is still better with IDA; in particular, the

      alias  file with incoming/outgoing marks provides bet-

      ter locality of information.

   22..66..  IImmpprroovveedd BBIINNDD SSuuppppoorrtt

           The BIND support, particularly  for  MX  records,

      had  a number of annoying ``features'' which have been

      removed in this release.  In  particular,  these  more

      tightly  bind  (pun intended) the name server to send-

      mail, so that the name  server  resolution  rules  are

      incorporated directly into sendmail.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             1111

           The  major  change  has  been  that the $[ ... $]

      operator didn't fully qualify names that were  in  DNS

      as  A  or  MX records.  Version 8 does this qualifica-

      tion.

           This has proven to be an annoyance in Sun  shops,

      who often still run without BIND support.  However, it

      is really critical that this be  supported,  since  MX

      records are mandatory.  In SunOS you can choose either

      MX support or NIS support,  but  not  both.   This  is

      fixed  in  Solaris, and some _s_e_n_d_m_a_i_l support to allow

      this in  SunOS  should  be  forthcoming  in  a  future

      release.

   22..77..  KKeeyyeedd FFiilleess

           Generalized keyed files is an idea taken directly

      from IDA sendmail (albeit with a completely  different

      implementation).  They can be useful on large sites.

           Version  8  includes  the  following built-in map

      classes:

      dbm    Support for the ndbm(3) library.

      hash   Support for the  ``Hash''  type  from  the  new

             Berkeley  db(3) library.  this library provides

             substantially  better  database  support   than

             ndbm(3), including in-memory caching, arbitrar-

             ily long  keys  and  values,  and  better  disk

1122                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

             utilization.

      btree  Support  for  the  ``B-Tree'' type from the new

             Berkeley db(3) library.  B-Trees provide better

             clustering  than Hashed files if you are fetch-

             ing lots of records  that  have  similar  keys,

             such as searching a dictionary for words begin-

             ning with ``detr''.

      nis    Support for NIS (a.k.a. YP) maps.  NIS+ is  not

             supported in this version.

      host   Support for DNS lookups.

      dequoteA  ``pseudo-map''  (that is, once that does not

             have any external data) that allows a  configu-

             ration  file  to break apart a quoted string in

             the address.  This is necessary  primarily  for

             DECnet   addresses,  which  often  have  quoted

             addresses that need to be  unwrapped  on  gate-

             ways.

   22..88..  MMuullttii--WWoorrdd CCllaasssseess && MMaaccrrooss iinn CCllaasssseess

           Classes can now be multiple words.  For example,

          CShofmann.CS.Berkeley.EDU

      allows   you   to   match  the  entire  string  ``hof-

      mann.CS.Berkeley.EDU''  using  the  single   construct

      ``$=S''.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             1133

           Class  definitions  are  now  allowed  to include

      macros -- for example:

          Cw$k

      is legal.

   22..99..  IIDDEENNTT PPrroottooccooll SSuuppppoorrtt

           The  IDENT  protocol  as  defined  in  RFC   1413

      [RFC1413]  is supported.  However, many systems have a

      TCP/IP bug that renders this useless, and the  feature

      must  be  turned off.  Roughly, if one of these system

      receives a "No route to host"  message  (ICMP  message

      ICMP_UNREACH_HOST)  on _a_n_y connection, all connections

      to that host are closed.  Some firewalls  return  this

      error  if you try to connect to the IDENT port, so you

      can't receive email from these hosts on these systems.

      It's  possible  that  if the firewall used a more spe-

      cific   message   (such   as    ICMP_UNREACH_PROTOCOL,

      ICMP_UNREACH_PORT or ICMP_UNREACH_NET_PROHIB) it would

      work, but this hasn't been verified.

           IDENT protocol support cannot be used on  4.3BSD,

      Apollo  DomainOS,  Apple  A/UX, ConvexOS, Data General

      DG/UX, HP-UX, Sequent Dynix, or Ultrix 4.x,  x  <=  3.

      It  seems  to  work on 4.4BSD, IBM AIX 3.x, OSF/1, SGI

      IRIX, Solaris, SunOS, and Ultrix 4.4.

1144                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

   22..1100..  SSeeppaarraattee EEnnvveellooppee//HHeeaaddeerr PPrroocceessssiinngg

           Since the From: line is passed in separately from

      the  envelope  sender, these have both been made visi-

      ble; the $g macro is set to the envelope sender during

      processing  of  mailer argument vectors and the header

      sender during processing of headers.

           It is also  possible  to  specify  separate  per-

      mailer  envelope  and  header processing.  The Sender-

      RWSet and RecipientRWset arguments for mailers can  be

      specified  as  ``envelope/header''  to  give different

      rewritings for envelope versus header addresses.

   22..1111..  OOwwnneerr--LLiisstt PPrrooppaaggaatteess ttoo EEnnvveellooppee

           When an alias has an associated owner-list  name,

      that  alias  is  used  to  change  the envelope sender

      address.  This will  cause  downstream  errors  to  be

      returned to that owner.

           Some people find this confusing because the enve-

      lope sender is what appears  in  the  first  ``From_''

      line  in  UNIX  messages  (that is, the line beginning

      ``From<space>'' instead of ``From:'';  the  latter  is

      the header from, which _d_o_e_s indicate the sender of the

      message).  In previous versions, _s_e_n_d_m_a_i_l has tried to

      avoid  changing  the envelope sender for back compati-

      bility with UNIX convention; at this point  that  back

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             1155

      compatibility is creating too many problems, and it is

      necessary to move forward into the 1980s.

   22..1122..  CCoommmmaanndd LLiinnee FFllaaggss

           The --BB flag has been added to pass in  body  type

      information.

           The  --pp  flag  has been added to pass in protocol

      information that was previously passed in by  defining

      the $$rr and $$ss macros.

           The  --XX  flag  has been added to allow logging of

      all protocol in and out  of  sendmail  for  debugging.

      You  can  set  "-X filename" and a complete transcript

      will be logged in that file.  This gets big fast:  the

      option is only for debugging.

           The  --qq  flag can limit limit a queue run to spe-

      cific recipients, senders, or queue ids using  -qRsub-

      string, -qSsubstring, or -qIsubstring respectively.

   22..1133..  NNeeww CCoonnffiigguurraattiioonn LLiinnee TTyyppeess

           The  `T'  (Trusted  users) configuration line has

      been deleted.  It will still be accepted but  will  be

      ignored.

           The  `K'  line has been added to declare database

      maps.

1166                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

           The `V' line has been added to declare  the  con-

      figuration version level.

           The `M' (mailer) line takes a D= field to specify

      execution directory.

   22..1144..  NNeeww aanndd EExxtteennddeedd OOppttiioonnss

           Several new options have been added, many to sup-

      port  new  features,  others  to allow tuning that was

      previously available only by recompiling.  Briefly:

      A    The alias file specification can now be a list of

           alias files.  Also, the configuration can specify

           a class of file.  For example, to search the  NIS

           aliases, use "OAnis:mail.aliases".

      b    Insist on a minimum number of disk blocks.

      C    Delivery  checkpoint  interval.   Checkpoint  the

           queue (to avoid  duplicate  deliveries)  every  C

           addresses.

      E    Default error message.  This message (or the con-

           tents of the indicated  file)  are  prepended  to

           error messages.

      G    Enable GECOS matching.  If you can't find a local

           user name  and  this  option  is  enabled,  do  a

           sequential  scan  of  the  passwd  file  to match

           against full names.  Previously a compile option.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             1177

      h    Maximum  hop count.  Previously this was compiled

           in.

      I    This option has been extended to allow setting of

           resolver parameters.

      j    Send errors in MIME-encapsulated format.

      J    Forward  file path.  Where to search for .forward

           files -- defaults to $HOME/.forward.

      k    Connection cache size.  The total number of  con-

           nections that will be kept open at any time.

      K    Connection  cache  lifetime.   The amount of time

           any connection will be permitted to sit idle.

      l    Enable Errors-To: header.  These headers  violate

           RFC 1123; this option is included to provide back

           compatibility with old versions of sendmail.

      O    Incoming daemon options (e.g., use alternate SMTP

           port).

      p    Privacy  options.  These can be used to make your

           SMTP server less friendly.

      r    This option has  been  extended  to  allow  finer

           grained  control over timeouts.  For example, you

           can set the timeout for SMTP  commands  individu-

           ally.

1188                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

      R    Don't  prune route-addrs.  Normally, if version 8

           sees an address like "<@hostA,@hostB:user@hostC>,

           sendmail  will try to strip off as much as it can

           (up to user@hostC)  as  suggested  by  RFC  1123.

           This option disables that behaviour.

      T    The  "Return To Sender" timeout has been extended

           to  allow  specification  of  a  warning  message

           interval,  typically  something  on  the order of

           four hours.  If a message cannot be delivered  in

           that  interval, a warning message is sent back to

           the sender but the message continues to be tried.

      U    User  database spec.  This is still experimental.

      V    Fallback ``MX'' host.  This can be thought of  as

           an MX host that applies to all addresses that has

           a very high preference value  (that  is,  use  it

           only if everything else fails).

      w    If  set,  assume that if you are the best MX host

           for a host, you  should  send  directly  to  that

           host.   This  is  intended for compatibility with

           UIUC sendmail, and may have  some  use  on  fire-

           walls.

      7    Do  not  run  eight  bit clean.  Technically, you

           have to assert this option to be RFC 821 compati-

           ble.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             1199

   22..1155..  NNeeww MMaaiilleerr DDeeffiinniittiioonnss

      L=   Set  the  allowable  line  length.   In V5, the L

           mailer flag implied a line length  limit  of  990

           characters;  this is now settable to an arbitrary

           value.

      F=a  Try to use ESMTP.  It will fall back to  SMTP  if

           the initial EHLO packet is rejected.

      F=b  Ensure a blank line at the end of messages.  Use-

           ful on the *file* mailer.

      F=c  Strip all comments from  addresses;  this  should

           only  be  used as a last resort when dealing with

           cranky mailers.

      F=g  Never use the null sender as the envelope sender,

           even  when running SMTP.  This violates RFC 1123.

      F=7  Strip all output to this mailer to 7 bits.

      F=L  Used to set the line limit to 990 bytes for  SMTP

           compatibility.   It  now does that only if the L=

           keyletter is not specified.  This flag  is  obso-

           lete and should not be used.

   22..1166..  NNeeww oorr CChhaannggeedd PPrree--DDeeffiinneedd MMaaccrrooss

      $k   UUCP node name from uname(2).

2200                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

      $m   Domain part of our full hostname.

      $_   RFC 1413-provided sender address.

      $w   Previously  was  sometimes  the full domain name,

           sometimes just the first word.  Now guaranteed to

           be  the  first word of the domain name (i.e., the

           host name).

      $j   Previously had to be defined -- it is now  prede-

           fined  to be the full domain name, if that can be

           determined.  That is, it is equivalent to  $w.$m.

   22..1177..  NNeeww aanndd CChhaannggeedd CCllaasssseess

      $=k  Initialized to contain $k.

      $=w  Now  includes  "[1.2.3.4]" (where 1.2.3.4 is your

           IP address) to allow the  configuration  file  to

           recognize your own IP address.

   22..1188..  NNeeww RReewwrriittiinngg TTookkeennss

           The  $$&&  construct  has  been adopted from IDA to

      defer macro evaluation.  Normally, macros in  rulesets

      are  bound  when  the  rule  is  first  parsed  during

      startup.  Some macros change during processing and are

      uninteresting during startup.  However, that macro can

      be referenced using "$&x" to defer the  evaulation  of

      $x until the rule is processed.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             2211

           The  tokens  $$((  and  $$)) have been added to allow

      specification of map rewriting.

           Version 8 allows $$@@ on the Left Hand Side  of  an

      `R' line to match zero tokens.  This is intended to be

      used to match the null input.

   22..1199..  BBiiggggeerr DDeeffaauullttss

           Version 8 allows up to 100  rulesets  instead  of

      30.   It  is recommended that rulesets 0-9 be reserved

      for sendmail's dedicated use in future releases.

           The total number of MX records that can  be  used

      has been raised to 20.

           The number of queued messages that can be handled

      at one time has been raised from 600 to 1000.

   22..2200..  DDiiffffeerreenntt DDeeffaauulltt TTuunniinngg PPaarraammeetteerrss

           Version 8 has changed the default parameters  for

      tuning  queue  costs  to make the number of recipients

      more important than the size of the message (for small

      messages).   This  is  reasonable if you are connected

      with reasonably fast links.

   22..2211..  AAuuttoo--QQuuoottiinngg iinn AAddddrreesssseess

           Previously, the  ``Full  Name  <email  address>''

      syntax  would  generate  incorrect  protocol output if

2222                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

      ``Full Name'' had  special  characters  such  as  dot.

      This version puts quotes around such names.

   22..2222..  SSyymmbboolliicc NNaammeess OOnn EErrrroorr MMaaiilleerr

           Several  names  have been built in to the $@ por-

      tion of the $#error mailer.  For example:

          $#error $@NOHOST $: Host unknown

      Prints the indicated message and sets the exit  status

      of _s_e_n_d_m_a_i_l to EX_NOHOST.

   22..2233..  NNeeww BBuuiilltt--IInn MMaaiilleerrss

           Two   new  mailers,  *file*  and  *include*,  are

      included to define options when mailing to a file or a

      :include:  file  respectively.   Previously these were

      overloaded on the local mailer.

   22..2244..  SSMMTTPP VVRRFFYY DDooeessnn''tt EExxppaanndd

           Previous versions of sendmail  treated  VRFY  and

      EXPN  the  same.  In this version, VRFY doesn't expand

      aliases or follow .forward files.

           As an optimization, if you run with your  default

      delivery  mode being queue-only, the RCPT command will

      also not chase aliases and .forward  files.   It  will

      chase  them  when it processes the queue.  This speeds

      up RCPT processing.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             2233

   22..2255..  [[IIPPCC]] MMaaiilleerrss AAllllooww MMuullttiippllee HHoossttss

           When an address resolves to  a  mailer  that  has

      ``[IPC]'' as its ``Path'', the $@ part (host name) can

      be a colon-separated list of hosts instead of a single

      hostname.   This  asks sendmail to search the list for

      the first entry that is available exactly as though it

      were  an  MX  record.  The intent is to route internal

      traffic through internal networks  without  publishing

      an  MX  record to the net.  MX expansion is still done

      on the individual items.

   22..2266..  AAlliiaasseess EExxtteennddeedd

           The implementation has  been  merged  with  maps.

      Among other things, this supports multiple alias files

      and NIS-based aliases.  For example:

          OA/etc/aliases,nis:mail.aliases

      will search first the  local  database  "/etc/aliases"

      followed by the NIS map

   22..2277..  PPoorrttaabbiilliittyy aanndd SSeeccuurriittyy EEnnhhaanncceemmeennttss

           A  number  of  internal changes have been made to

      enhance portability.

           Several fixes have  been  made  to  increase  the

      paranoia factor.

2244                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

           In particular, the permissions required for .for-

      ward and :include: files have been tightened  up  con-

      siderably.   V5  would  pretty  much  read any file it

      could get to as  root,  which  exposed  some  security

      holes.   V8 insists that all directories leading up to

      the .forward or :include: file be searchable ("x" per-

      mission)  by  the  controlling  user" (defined below),

      that the file itself be readable  by  the  controlling

      user, and that .forward files be owned by the user who

      is being forwarded to or root.

           The "controlling  user"  is  the  user  on  whose

      behalf  the  mail is being delivered.  For example, if

      you mail to "user1"  then  the  controlling  user  for

      ~user1/.forward  and any mailers invoked by that .for-

      ward file, including :include: files.

           Previously, anyone who had a home directory could

      create  a  .forward  could forward to a program.  Now,

      sendmail  checks  to  make  sure  that  they  have  an

      "approved  shell",  that  is,  a  shell  listed in the

      /etc/shells file.

   22..2288..  MMiisscceellllaanneeoouuss FFiixxeess aanndd EEnnhhaanncceemmeennttss

           A number of small bugs having to do  with  things

      like  backslash-escaped quotes inside of comments have

      been fixed.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             2255

           The fixed size limit on  header  lines  (such  as

      "To:"  and  "Cc:")  has been eliminated; those buffers

      are dynamically allocated now.

           Sendmail writes a /etc/sendmail.pid file with the

      current process id and the current invocation flags.

           Two  people using the same program (e.g., submit)

      are considered "different" so that duplicate  elimina-

      tion  doesn't  delete  one  of them.  For example, two

      people forwarding  their  email  to  |submit  will  be

      treated as two recipients.

           The  mailstats  program  prints  mailer names and

      gets  the  location  of  the  sendmail.st  file   from

      /etc/sendmail.cf.

           Many minor bugs have been fixed, such as handling

      of backslashes inside of quotes.

           A hook has been added to allow rewriting of local

      addresses after aliasing.

33..  FFUUTTUURREE WWOORRKK

        The  previous  section describes _s_e_n_d_m_a_i_l as of ver-

   sion 8.6.6.  There is still much to be done.   Some  high

   points  are  described  below.   This list is by no means

   exhaustive.

2266                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

   33..11..  FFuullll MMIIMMEE SSuuppppoorrtt

           Currently _s_e_n_d_m_a_i_l only supports seven  bit  MIME

      messages.   Although  it  can pass eight bit MIME mes-

      sages, it cannot advertise that fact because the stan-

      dards say that the mail agent must be able to do 8- to

      7-bit conversion to have  full  8-bit  support.   This

      requires  far  more extensive modification of the mes-

      sage body than is currently supported.

           The best way to do this would be to  support  the

      general concept of an external ``message filter'' that

      could do arbitrary modifications of the message.  This

      would  allow MIME conversion as well as such things as

      automatic encryption of messages  sent  over  external

      links.   This  is  probably  an  extremely non-trivial

      change.

   33..22..  SSeerrvviiccee SSwwiittcchh AAbbssttrraaccttiioonn

           Most modern systems include  some  concept  of  a

      "service switch" -- for example, to look up host names

      you can try DNS, NIS, NIS+, text tables,  NetInfo,  or

      other  services in some arbitrary order.  This is cur-

      rently very clumsy in _s_e_n_d_m_a_i_l, with only limited con-

      trol of the services provided.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             2277

   33..33..  MMoorree CCoonnttrrooll ooff LLooccaall AAddddrreesssseess

           Currently  some addresses are declared as "local"

      and are handled specially --  for  example,  they  may

      have  .forward  files,  may be translated into program

      calls or file deliveries, and so forth.  These  should

      be  broken  out into separate flags to allow the local

      system administrator to have more fine-grained control

      over operations.

   33..44..  MMoorree RRuunn--TTiimmee CCoonnffiigguurraattiioonn OOppttiioonnss

           There  are  many  options  that are configured at

      compile time, such as the method of file  locking  and

      the use of the IDENT protocol [RFC1413].  These should

      be transfered to run time by adding new options.

           Similarly, some options are currently overloaded,

      that is, a single option controls more than one thing.

      These should probably  be  broken  out  into  separate

      options.

           This implies that options will change from single

      characters to words.

   33..55..  MMoorree CCoonnffiigguurraattiioonn CCoonnttrrooll OOvveerr EErrrroorrss

           Currently, the configuration file can generate an

      error  message  during  parsing.   However,  it cannot

      tweak other operations,  such  as  issuing  a  warning

2288                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

      message  to  the  system  postmaster.  Similarly, some

      errors should not be triggered if they are in  aliases

      during  an alias file rebuild, but should be triggered

      if that alias is actually used.

   33..66..  LLoonngg TTeerrmm HHoosstt SSttaattee

           Currently, _s_e_n_d_m_a_i_l only  remembers  host  status

      during  a  single queue run.  This should be converted

      to long term status stored on disk so it can be shared

      between instantiations of _s_e_n_d_m_a_i_l.  Entries will have

      to be timestamped so they can  time  out.   This  will

      allow  _s_e_n_d_m_a_i_l  to  implement  exponential backoff on

      queue runs on a per-host basis.

   33..77..  CCoonnnneeccttiioonn CCoonnttrrooll

           Modern networks have different types  of  connec-

      tivity  than  the  past.   In  particular,  the rising

      prominence of dialup IP has created certain challenges

      for  automated  servers.  It is not uncommon to try to

      make a connection to a host and  have  it  fail,  even

      though  if you tried again it would succeed.  The con-

      nection management could be a bit cleverer to  try  to

      adapt to such situations.

   33..88..  OOtthheerr CCaacchhiinngg

           When  you do an MX record lookup, the name server

      automatically  returns  the  IP   addresses   of   the

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             2299

      associated  MX servers.  This information is currently

      ignored, and another query is done to get this  infor-

      mation.   It  should  be  cached  to avoid excess name

      server traffic.

44..  RREEFFEERREENNCCEESS

   [Allman83a]

        "Sendmail -- An Internetwork Mail Router."  E.  All-

        man.   In  _U_n_i_x  _P_r_o_g_r_a_m_m_e_r_s_'_s  _M_a_n_u_a_l_, 4.2 Berkeley

        Software Distribution, volume 2C.  August 1983.

   [Allman83b]

        "Mail Systems and Addressing in 4.2BSD."  E.  Allman

        In  _U_N_I_C_O_M _C_o_n_f_e_r_e_n_c_e _P_r_o_c_e_e_d_i_n_g_s_.  San Diego, Cali-

        fornia.  January 1983.

   [Allman&Amos85]

        ``Sendmail Revisited.''  E. Allman and M. Amos.   In

        _U_s_e_n_i_x  _S_u_m_m_e_r  _1_9_8_5  _C_o_n_f_e_r_e_n_c_e _P_r_o_c_e_e_d_i_n_g_s_.  Port-

        land, Oregon.  June 1985.

   [IDA87]

        _E_l_e_c_t_r_o_n_i_c _M_a_i_l _A_d_d_r_e_s_s_i_n_g _i_n  _T_h_e_o_r_y  _a_n_d  _P_r_a_c_t_i_c_e

        _w_i_t_h  _t_h_e _I_D_A _S_e_n_d_m_a_i_l _E_n_h_a_n_c_e_m_e_n_t _K_i_t _(_o_r _T_h_e _P_o_s_t_-

        _m_a_s_t_e_r_'_s  _L_a_s_t   _W_i_l_l   _a_n_d   _T_e_s_t_a_m_e_n_t_)_.    Lennart

        Lo..vstrand.   Department  of Computer and Information

        Science, University of Linko..ping, Sweden, Report no.

        LiTH-IDA-Ex-8715.  May 1987.

3300                             CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88

   [RFC821]

        _S_i_m_p_l_e  _M_a_i_l _T_r_a_n_s_p_o_r_t _P_r_o_t_o_c_o_l_.  J. Postel.  August

        1982.

   [RFC1123]

        _R_e_q_u_i_r_e_m_e_n_t_s _f_o_r _I_n_t_e_r_n_e_t _H_o_s_t_s _-_-  _A_p_p_l_i_c_a_t_i_o_n  _a_n_d

        _S_u_p_p_o_r_t_.    Internet   Engineering  Task  Force,  R.

        Braden, Editor.  October 1989.

   [RFC1344]

        _I_m_p_l_i_c_a_t_i_o_n_s _o_f _M_I_M_E _f_o_r _I_n_t_e_r_n_e_t _M_a_i_l _G_a_t_e_w_a_y_s_.  N.

        Borenstein.  June 1992.

   [RFC1413]

        _I_d_e_n_t_i_f_i_c_a_t_i_o_n  _P_r_o_t_o_c_o_l_.   M.  St. Johns.  February

        1993.

   [RFC1425]

        _S_M_T_P _S_e_r_v_i_c_e _E_x_t_e_n_s_i_o_n_s_.  J. Klensin, N.  Freed,  M.

        Rose,  E. Stefferud, and D. Crocker.  February 1993.

   [RFC1426]

        _S_M_T_P _S_e_r_v_i_c_e _E_x_t_e_n_s_i_o_n _f_o_r  _8_b_i_t_-_M_I_M_E_t_r_a_n_s_p_o_r_t_.   J.

        Klensin,  N.  Freed,  M.  Rose, E. Stefferud, and D.

        Crocker.  February 1993.

   [RFC1427]

        _S_M_T_P _S_e_r_v_i_c_e _E_x_t_e_n_s_i_o_n _f_o_r _M_e_s_s_a_g_e _S_i_z_e _D_e_c_l_a_r_a_t_i_o_n_.

        J.  Klensin, N. Freed, and K. Moore.  February 1993.

CChhaannggeess iinn SSeennddmmaaiill VVeerrssiioonn 88                             3311

   [RFC1521]

        _M_I_M_E _(_M_u_l_t_i_p_u_r_p_o_s_e _I_n_t_e_r_n_e_t  _M_a_i_l  _E_x_t_e_n_s_i_o_n_s_)  _P_a_r_t

        _O_n_e_:  _M_e_c_h_a_n_i_s_m_s  _f_o_r  _S_p_e_c_i_f_y_i_n_g _a_n_d _D_e_s_c_r_i_b_i_n_g _t_h_e

        _F_o_r_m_a_t _o_f _I_n_t_e_r_n_e_t _M_e_s_s_a_g_e  _B_o_d_i_e_s_.   N.  Borenstein

        and N. Freed.  September 1993.