This is very interesting. I've been running it since yesterday afternoon and
it seems to be very stable. Has some rather paranoid security checks as well.
-s
______________________________________________
From: Claus Assmann <[EMAIL PROTECTED]>
Newsgroups: comp.mail.sendmail
Subject: First public beta version of sendmail 8.12.0 available
Date: 12 Mar 2001 12:37:11 -0000
Message-ID: <98iftn$6a8$[EMAIL PROTECTED]>
-----BEGIN PGP SIGNED MESSAGE-----
Sendmail, Inc., and the Sendmail Consortium proudly announce the
first public beta version of sendmail 8.12.0.
sendmail 8.12 has been developed with two main topics in mind:
enhanced security and better performance.
The first goal has been achieved by describing how to install and
configure sendmail such that it does not need to be set-user-id
root; see the file sendmail/SECURITY for further information. This
means that sendmail can no longer be used as a vector to exploit
bugs in an OS affecting set-user-id binaries.
Several measures have been taken to significantly improve the
performance of sendmail. These are:
.... a new I/O layer that provides buffered file I/O on all platforms.
.... e-mails to multiple recipients can now be split into several
envelopes to enable concurrent delivery, which can significantly
reduce the delivery times for mailing lists or large aliases.
.... introduction of queue groups to allow control over the selection
of queue directories and queue related policies, e.g.,
how often queues are run and how many processes are used to
run queue groups.
In addition to these two main topics, several new features have
been added. A complete list can be found in the RELEASE NOTES
that are attached below. A few important items are:
.... SMTP PIPELINING per RFC 1854
.... Mailbox database abstraction to look up local mail recipients in
databases other than the password file.
.... Even better LDAP support, e.g., for aliases, maps, and classes.
.... More aggressive use of MX piggybacking
.... More control over the use of SMTP AUTH
.... Fined-grained control over connections that should use STARTTLS,
including the possibility to turn off the request of a client
certificate and more features to deal with bugs in other MTAs/MUAs
.... Deliver By SMTP Service Extension per RFC 2852.
.... Generic DNS map type
.... Two new queue sorting order algorithms:
+ Random sorts the queue randomly, which is useful if several queue
runners are started by hand to avoid contention.
+ Modification sorts the queue by the modification time of the qf file
(older entries first).
This beta release basically contains all functionality that will
be in 8.12; however, some features might be added, removed, or
changed before 8.12.0 is released.
There are several changes in the behavior of sendmail compared to
previous versions which may affect configuration files and programs
using sendmail:
+ Check for group and world writable forward and :include: files.
+ MX records will be looked up for FallBackMXhost. To use the old
behavior (no MX lookups), put the name in square brackets.
+ sendmail will run the queue(s) in the background when invoked with -q
unless the new -qf option or -v is used.
+ Remove AutoRebuildAliases option.
+ Remove sendmail '-U' (initial user submission) command line option.
+ Remove support for non-standard SMTP command XUSR.
+ Honor the resolver option RES_NOALIASES when canonifying hostnames.
+ The deprecated [TCP] builtin mailer name is gone. Use [IPC] instead.
+ IPC is no longer available as first mailer argument for [IPC] mailers.
Use TCP instead.
+ Sfio is no longer needed.
+ Loopback interfaces (e.g., "lo0") are now probed for class {w} hostnames.
Setting DontProbeInterfaces to "loopback" (without quotes) will disable
this and return to the pre-8.12 behavior of only probing non-loopback
interfaces.
+ Remove support for AIX 2.X
+ CONFIG: Don't accept addresses of the form a@b@, a@b@c, etc.
+ CONFIG: Numbers for rulesets used by MAILERs have been removed.
+ CONFIG: Removed deprecated FEATURE(`rbl').
+ SMRSH: Use the vendor supplied directory on FreeBSD 3.3 and later.
Please send bug reports to [EMAIL PROTECTED] and general
feedback to [EMAIL PROTECTED]
The version can be found at
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.0.Beta5.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.0.Beta5.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.0.Beta5.tar.sig
MD5 signatures:
c8f1b8584f488880a96dcd9bff08363b sendmail.8.12.0.Beta5.tar.Z
916c77b2b284f906e4971de0e3845e33 sendmail.8.12.0.Beta5.tar.gz
ce03d3d2639292f4b99a04327f76cf06 sendmail.8.12.0.Beta5.tar.sig
You only need one of the first two files (either the gzip'ed version or the
compressed version). The .sig file contains the PGP signature of the tar
file (after uncompressing it). The PGP signature was created using the
Sendmail Signing Key/2001, available on the web site
(http://www.sendmail.org/) or on the public key servers.
Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
SENDMAIL RELEASE NOTES
$Id: RELEASE_NOTES,v 8.995 2001/03/10 22:53:14 ca Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.12.0/8.12.0 2001/??/??
SECURITY: Check for group and world writable forward and :include:
files. These checks can be turned off if absolutely
necessary using the DontBlameSendmail option and the new
flags:
GroupWritableForwardFile
WorldWritableForwardFile
GroupWritableIncludeFile
WorldWritableIncludeFile
Problem noted by Slawek Zak of Politechnika Warszawska,
SECURITY: Drop privileges when using address test mode. Suggested
by Michal Zalewski of the "Internet for Schools" project
(IdS).
Fixed problem of a global variable being used for a timeout jump
point where the variable could become overused for more than
one timeout concurrently. This erroneous behavior resulted in
a corrupted stack causing a core dump. The timeout is now
handled via libsm. Problem noted by Michael Shapiro,
John Beck and Carl Smith of Sun Microsystems.
If sendmail is setgid then that group ID is used for permission
checks (group ID of RunAsUser). This allows use of a setgid
sendmail binary for initial message submission and no setuid
root sendmail is needed. For details see sendmail/SECURITY.
Log a warning if a non-trusted user changes the syslog label.
Based on notice from Bryan Costales of SL3D, Inc.
If sendmail is called for initial delivery, try to use submit.cf
with a fallback of sendmail.cf as configuration file. See
sendmail/SECURITY.
New option UseMSP to allow group writable queue files if the group
is the same as that of a setgid sendmail binary. See
sendmail/SECURITY.
The SMTP server no longer forks on each MAIL command. The ONEX
command has been removed.
Implement SMTP PIPELINING per RFC 1854. It can be turned off
at compile time or per host (ruleset).
New option MailboxDatabase specifies the type of mailbox database
used to look up local mail recipients; the default value
is "pw", which means to use getpwnam(). New mailbox database
types can be added by adding custom code to libsm/mbdb.c.
Queue file names are now 15 characters long, rather than 14 characters
long. File systems with a 14 character file name length limit
are no longer supported.
Recipient list used for delivery now gets internally ordered by
hostsignature (character string version of MX RR). This orders
recipients for the same MX RR's together meaning smaller
portions of the list need to be scanned (instead of the whole
list) each delivery() pass to determine piggybacking. The
significance of the change is better the larger the recipient
list. Hostsignature is now created during recipient list
creation rather than just before delivery.
Enhancements for more opportunistic piggybacking. Previous
piggybacking (called coincidental) extended to coattail
piggybacking. Rather than complete MX RR matching
(coincidental) piggybacking is done if just the lowest value
preference matches (coattail).
If sendmail receives a temporary error on a RCPT TO: command, it will
try other MX hosts if available.
DefaultAuthInfo can contain a list of mechanisms to be used for
outgoing (client-side) SMTP Authentication.
New modifier 'A' for DaemonPortOptions to disable AUTH (overrides
'a' modifier). Based on patch from Lyndon Nerenberg of
Messaging Direct.
Enable AUTH mechanism EXTERNAL if STARTTLS is used.
A new ruleset authinfo can be used to return client side
authentication information for AUTH instead of DefaultAuthInfo.
Therefore the DefaultAuthInfo option is deprecated and will be
removed in future versions.
Add new option AuthMaxBits to limit the maximum encryption strength
for the security layer in SMTP AUTH (SASL).
Introduce new STARTTLS related macros {cn_issuer}, {cn_subject},
{cert_md5} which hold the CN (common name) of the CA that
signed the presented certificate, the CN and the MD5 hash
of the presented certificate, respectively.
New ruleset try_tls to decide whether to try (as client) STARTTLS.
New ruleset srv_features to enable/disable certain features in the
server per connection. See doc/op/op.me for details.
New ruleset tls_rcpt to decide whether to send e-mail to a particular
recipient; useful to decide whether a conection is secure
enough on a per recipient basis.
New option TLSSrvOptions to modify some aspects of the server
for STARTTLS.
If no certificate has been requested, the macro {verify} has the
value "NOT".
New M=S modifier for ClientPortOptions/DaemonPortOptions to turn off
using/offering STARTTLS when delivering/receiving e-mail.
Macro expand filenames/directories for certs and keys in the .cf file.
Proposed by Neil Rickert of Northern Illinois University.
Generate an ephemeral RSA key for a STARTTLS connection only if
really required. This should barely ever be the case but
previous versions used a different method that would almost
always generate a new ephemeral RSA key. This change results
in a noticable performance gains on most machines. Moreover,
if shared memory is in use, reuse the key several times.
Add queue groups which can be used to group queue directories with
the same behavior together. See doc/op/op.me for details.
An envelope is assigned to a queue group based on its first recipient.
Boolean option 'SplitAcrossQueueGroups' instructs sendmail
to split an envelope with multiple recipients across multiple
queue groups.
The check for 'enough disk space' now pays attention to which file
system each queue directory resides in.
All queue runners can be cleanly terminated via SIGTERM to parent.
New option QueueFileMode for the default permissions of queue files.
Add parallel queue runner code. Allows multiple queue runners per work
group (one or more queues in a multi-queue environment
collected together) to process the same work list at the
same time.
Option MaxQueueChildren added to limit the number of concurrently
active queue runner processes.
New option MaxRunnersPerQueue to specify the maximum number of queue
runners per queue group.
Queue member selection by substring pattern matching now allows
the pattern to be negated. For -qI, -qR and -qS it is
permissible for -q!I, -q!R and -q!S to mean remove members
of the queue that match during processing.
New -qp[time] option is similar to -qtime, except that instead of
periodically forking a child to process the queue, a single
child is forked for each queue that sleeps between queue runs.
New option NiceQueueRun to set the priority of queue runners.
sendmail will run the queue(s) in the background when invoked with -q
unless the new -qf option or -v is used.
QueueSortOrder=Random sorts the queue randomly, which is useful if
several queue runners are started by hand to avoid contention.
QueueSortOrder=Modification sorts the queue by the modification time
of the qf file (older entries first).
Support Deliver By SMTP Service Extension (RFC 2852) which allows
a client to specify an amount of time within which an e-mail
should be delivered. New option DeliverByMin added to set the
minimum amount of time or disable the extension.
Non-printable characters (ASCII: 0-31, 127) in mailbox addresses are
not allowed unless escaped or quoted.
Add support for a generic DNS map. Based on a patch contributed
by Leif Johansson of Stockholm University, which was based on
work by Assar Westerlund of Swedish Institute of Computer
Science, Kista, and Johan Danielsson of Royal Institute of
Technology, Stockholm, Sweden.
MX records will be looked up for FallBackMXhost. To use the old
behavior (no MX lookups), put the name in square brackets.
Use shared memory to store free space of filesystems that are used
for queues, if shared memory is available and if a key is set
via SharedMemoryKey. This minimizes the number of system
calls to check the available space. See doc/op/op.me for
details.
If shared memory is compiled in the option -bP can be used to print
the number of entries in the queue(s).
Remove AutoRebuildAliases option, deprecated since 8.10.
Remove '-U' (initial user submission) command line option as
announced in 8.10.
Remove support for non-standard SMTP command XUSR. Use an MSA instead.
New macro {addr_type} which contains whether the current address is
an envelope sender or recipient address. Suggested by
Neil Rickert of Northern Illinois University.
Two new options for host maps: -d (retransmission timeout),
-r (number of retries).
New option for LDAP maps: the -V<sep> allows you to specify a
separator such that a lookup can return both an attribute
and value separated by the given separator.
Add new operators '%', '|', '&' (modulo, binary or, binary and)
to map class arith.
If DoubleBounceAddress expands to an empty string, ``double bounces''
(errors that occur when sending an error message) are dropped.
New DontBlameSendmail options GroupReadableSASLDBFile and
GroupWritableSASLDBFile to relax requirements for sasldb files.
Properly handle quoted filenames for class files (to allow for
filenames with spaces).
Honor the resolver option RES_NOALIASES when canonifying hostnames.
Add macros to avoid the reuse of {if_addr} etc:
{if_name_out} hostname of interface of outgoing connection.
{if_addr_out} address of interface of outgoing connection.
{if_family_out} family of interface of outgoing connection.
The latter two are only set if the interface does not belong
to the loopback net.
Add macro {nrcpts} which holds the number of (validated) recipients.
DialDelay option applies only to mailers with flag 'Z'. Patch from
Juergen Georgi of RUS University of Stuttgart.
New Timeout.lhlo,auth,starttls options to limit the time waiting for
an answer to the LMTP LHLO, SMTP AUTH or STARTTLS command.
New Timeout.aconnect option to limit the overall waiting time for
all connections for a single delivery attempt to succeed.
New program editmap for editing maps as supplement to makemap.
Limit the rate recipients in the SMTP envelope are accepted once
a threshold number of recipients has been rejected (option
BadRcptThrottle). From Gregory A Lundberg of the WU-FTPD
Development Group.
New option DelayLA to delay connections if the load averages
exceeds the specified value. The default of 0 does not
change the previous behavior. A value greater than 0
will cause sendmail to sleep for one second on most
SMTP commands and before accepting connections if that
load average is exceeded.
Use a dynamic (instead of fixed-size) buffer for the list of
recipients that are sent during a connection to a mailer.
This also introduces a new mailer field 'r' which defines
the maximum number of recipients (defaults to 100).
Based on patch by Motonori Nakamura of Kyoto University.
Add new F=1 mailer flag to disable sending of null characters ('\0').
Add new F=2 mailer flag to disable use of ESMTP, using SMTP instead.
The deprecated [TCP] builtin mailer name is gone. Use [IPC]
instead.
IPC is no longer available as first mailer argument for [IPC]
mailers. Use TCP instead.
PH map code updated to use the new libphclient API instead of the
old libqiapi library. Contributed by Mark Roth of the
University of Illinois at Urbana-Champaign.
New option DirectSubmissionModifiers to define {daemon_flags}
for direct submissions.
New M=O modifier for DaemonPortOptions to ignore the socket in
case of failures. Based on patch by Jun-ichiro itojun
Hagino of the KAME Project.
Add Disposition-Notification-To: (RFC 2298) to the list of headers
whose content is rewritten similar to Reply-To:.
Proposed by Andrzej Filip.
Use STARTTLS/AUTH=server/client for logging incoming/outgoing
STARTTLS/AUTH connections; log incoming connections at level
9 or higher. Use AUTH/STARTTLS instead of SASL/TLS for SMTP
AUTH/STARTTLS related logfile entries.
Add additional log messages for milter at various LogLevel's.
Convert unprintable characters (and backslash) into octal or C format
before logging.
Log recipients if no message is transferred but QUIT/RSET is given
(at LogLevel 9/10 or higher).
Log discarded recipients at LogLevel 10 or higher.
Do not log "did not issue MAIL/EXPN/VRFY/ETRN" for connections
in which most commands are rejected due to check_relay or
TCP Wrappers if the host tries one of those commands anyway.
Change logging format for cloned envelopes to be similar to that for
DSNs ("old id: new id: clone"). Suggested by Ulrich Windl
of the Universitat Regensburg.
Added libsm, a C library of general purpose abstractions including
assertions, tracing and debugging with named debug categories,
exception handling, malloc debugging, resource pools,
portability abstractions, and an extensible buffered I/O
package. It will at some point replace libsmutil.
See libsm/index.html for details.
Fixed most memory leaks in sendmail which were previously taken
care of by fork() and exit().
Use new sm_io*() functions in place of stdio calls. Allows for
more consistent portablity amongst different platforms
new and old (from new libsm).
Common I/O pkg means just one buffering method needed instead of two
('bf_portable' and 'bf_torek' now just 'bf').
Sfio no longer needed as SASL/TLS code uses sm_io*() API's.
Add per-recipient status information to mailq -v output.
T_ANY queries are no longer used by sendmail.
When compiling with "gcc -O -Wall" specify "-DSM_OMIT_BOGUS_WARNINGS"
too (see include/sm/cdefs.h for more info).
sendmail -d now has general support for named debug categories.
See libsm/debug.html and section 3.4 of doc/op/op.me
for details.
Eliminate the "postmaster warning" DSNs on address parsing errors
such as unbalanced angle brackets or parentheses. The DSNs
generated by this condition were illegal. Problem noted by
Ulrich Windl of the Universitat Regensburg.
The compilation options SMTP, DAEMON, and QUEUE have been removed,
i.e., the corresponding code is always compiled in now.
Log the command line in daemon/queue-run mode at LogLevel 10 and
higher. Suggested by Robert Harker of Harker Systems.
New ResolverOptions setting: WorkAroundBrokenAAAA. When
attempting to canonify a hostname, some broken nameservers
will return SERVFAIL (a temporary failure) on T_AAAA (IPv6)
lookups. If you want to excuse this behavior, use this new
flag. Suggested by Chris Foote of SE Network Access and
Mark Roth of the University of Illinois at
Urbana-Champaign.
Free the memory allocated by getipnodeby{addr,name}(). Problem
noted by Joy Latten of IBM.
ConnectionRateThrottle limits the number of connections per second
to each daemon individually, not the overall number of
connections.
Specifying only "ldap:" as an AliasFile specification will force
sendmail to use a default alias schema as outlined in the
``USING LDAP FOR ALIASES, MAPS, and CLASSES'' section of
cf/README.
Add a new syntax for the 'F' (file class) sendmail.cf command. If
the first character after the class name is an '@', the
rest of the line will be parsed as a map lookup. This
allows classes to be filled via a map lookup.
Specifically, this can be used for commands such as
VIRTUSER_DOMAIN_FILE() to read the list of domains via LDAP
(see the ``USING LDAP FOR ALIASES, MAPS, and CLASSES''
section of cf/README for an example).
The new macro ${LDAPCluster} determines the LDAP cluster for the
default schema used in the above two items.
Unless DontBlameSendmail=RunProgramInUnsafeDirPath is set, log a
warning if a program being run from a mailer or file class
(e.g., F|/path/to/prog) is in an unsafe directory path.
Unless DontBlameSendmail=RunWritableProgram is set, log a warning
if a program being run from a mailer or file class
(e.g., F|/path/to/prog) is group or world writable.
Loopback interfaces (e.g., "lo0") are now probed for class {w}
hostnames. Setting DontProbeInterfaces to "loopback"
(without quotes) will disable this and return to the
pre-8.12 behavior of only probing non-loopback interfaces.
Suggested by Bryan Stansell of GNAC.
In accordance with the IETF DRUMS SMTP update section 4.1.4, accept
multiple HELO/EHLO commands.
Multiple ClientPortOptions settings are now allowed, one for each
possible protocol family which may be used for outgoing
connections. Restrictions placed on one family only affect
outgoing connections on that particular family. Because of
this change, the ${client_flags} macro is not set until the
connection is established. Based on patch from Motonori
Nakamura of Kyoto University.
PrivacyOptions=restrictexpand instructs sendmail to drop privileges
when the -bv option is given by users who are neither root
nor the TrustedUser so users can not read private aliases,
forwards, or :include: files. It also will override the -v
(verbose) command line option.
If the M=b modifier is set in DaemonPortOptions and the interface
address can't be used for the outgoing connection, fall
back to the settings in ClientPortOptions (if set).
Problem noted by John Beck of Sun Microsystems.
New named config file rule check_data for DATA command. Based
on patch from Mark Roth of the University of Illinois at
Urbana-Champaign.
Add support for ETRN queue selection per RFC 1985. The queue group
can be specified using the '#' option character. For
example, 'ETRN #queuegroup'.
If an LDAP server times out or becomes unavailable, close the
current connection and reopen to get to one of the fallback
servers. Patch from Paul Hilchey of the University of
British Columbia.
Portability:
Remove support for AIX 2, which supports only 14 character
filenames and is outdated anyway. Suggested by
Valdis Kletnieks of Virginia Tech.
CONFIG: Increment version number of config file to 10.
CONFIG: Don't accept addresses of the form a@b@, a@b@c, etc.
CONFIG: The access map uses an option of -T<TMPF> to deal with
temporary lookup failures.
CONFIG: New value for access map: SKIP, which causes the default
action to be taken by aborting the search for domain names
or IP nets.
CONFIG: check_rcpt can deal with TEMPFAIL for either recipient or
relay address as long as the other part allows the email
to get through.
CONFIG: Entries for virtusertable can make use of a third parameter
"%3" which contains "+detail" of a wildcard match, i.e., an
entry like user+*@domain. This allows handling of details by
using %1%3 as the RHS. Additionally, a "+" wildcard has been
introduced to match only non-empty details of addresses.
CONFIG: Numbers for rulesets used by MAILERs have been removed
and hence there is no required order within the MAILER
section anymore except for MAILER(`uucp') which must come
after MAILER(`smtp') if uucp-dom and uucp-uudom are used.
CONFIG: Hosts listed in the generics domain class {G}
(GENERICS_DOMAIN() and GENERICS_DOMAIN_FILE()) are treated
as canonical. Suggested by Per Hedeland of Ericsson.
CONFIG: If FEATURE(`delay_checks') is used, make sure that a lookup
in the access map which returns OK or RELAY actually
terminates check_* ruleset checking.
CONFIG: New tag TLS_Rcpt: for access map to be used by ruleset
tls_rcpt, see cf/README for details.
CONFIG: Use "Spam:" as tag for lookups for FEATURE(`delay_checks')
options friends/haters instead of "To:" and enable
specification of whole domains instead of just users.
Notice: this change is not backward compatible.
Suggested by Chris Adams from HiWAAY Informations Services.
CONFIG: Allow for local extensions for most new rulesets, see
cf/README for details.
CONFIG: New FEATURE(`lookupdotdomain') to lookup also .domain in
the access map. Proposed by Randall Winchester of the
University of Maryland.
CONFIG: New FEATURE(`local_no_masquerade') to avoid masquerading for
the local mailer. Proposed by Ingo Brueckl of Wupper Online.
CONFIG: confRELAY_MSG/confREJECT_MSG can override the default
messages for an unauthorized relaying attempt/for access
map entries with RHS REJECT, respectively.
CONFIG: FEATURE(`always_add_domain') takes an optional argument
to specify another domain to be added instead of the local one.
Suggested by Richard H. Gumpertz of Computer Problem
Solving.
CONFIG: confAUTH_OPTIONS allows setting of Cyrus-SASL specific
options, see doc/op/op.me for details.
CONFIG: confAUTH_MAX_BITS sets the maximum encryption strength for
the security layer in SMTP AUTH (SASL).
CONFIG: If Local_localaddr resolves to $#ok, localaddr is terminated
immediately.
CONFIG: FEATURE(`enhdnsbl') is an enhanced version of dnsbl which
allows checking of the return values of the DNS lookups.
See cf/README for details.
CONFIG: FEATURE(`dnsbl') allows now to specify the behavior for
temporary lookup failures.
CONFIG: New option confDELIVERBYMIN to specify minimum time for
Deliver By (RFC 2852) or to turn off the extension.
CONFIG: New option confSHAREDMEMORYKEY to set the key for shared
memory use.
CONFIG: New FEATURE(`compat_check') to look up sender<@>recipient
in the access map. Based on code contributed by Mathias
Koerber of Singapore Telecommunications Ltd.
CONFIG: Add EXPOSED_USER_FILE() command to allow an exposed user
file. Suggested by John Beck of Sun Microsystems.
CONFIG: Don't use MAILER-DAEMON for error messages delivered
via LMTP. Problem reported by Larry Greenfield of CMU.
CONFIG: New FEATURE(`preserve_luser_host') to preserve the name of
the recipient host if LUSER_RELAY is used.
CONFIG: New FEATURE(`preserve_local_plus_detail') to preserve the
+detail portion of the address when passing address to
local delivery agent. Disables alias and .forward +detail
stripping. Only use if LDA supports this.
CONFIG: Removed deprecated FEATURE(`rbl').
CONFIG: Add LDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE()
which allow you to specify 'equivalent' hosts for LDAP
Routing lookups. Equivalent hostnames are replaced by the
masquerade domain name for lookups. See cf/README for
additional details.
CONFIG: When chosing a new destination via LDAP Routing, also look
up the new routing address/host in the mailertable. Based
on patch from Don Badrak of the United States Census Bureau.
CONFIG: Provide LDAP support for the remaining database map
features. See the ``USING LDAP FOR ALIASES AND MAPS''
section of cf/README for more information.
CONFIG: Add confLDAP_CLUSTER which defines the ${LDAPCluster} macro
used for LDAP searches as described above in ``USING LDAP
FOR ALIASES, MAPS, AND CLASSES''.
CONFIG: confCLIENT_OPTIONS has been replaced by CLIENT_OPTIONS(),
which takes the options as argument and can be used
multiple times; see cf/README for details.
CONFIG: Add configuration macros for new options:
confBAD_RCPT_THROTTLE BadRcptThrottle
confDIRECT_SUBMISSION_MODIFIERS DirectSubmissionModifiers
confMAILBOX_DATABASE MailboxDatabase
confMAIL_SUBMISSION_QUEUE MailSubmissionQueue
confMAX_QUEUE_CHILDREN MaxQueueChildren
confMAX_RUNNERS_PER_QUEUE MaxRunnersPerQueue
confNICE_QUEUE_RUN NiceQueueRun
confQUEUE_FILE_MODE QueueFileMode
confSPLIT_ACROSS_QUEUEGROUPS SplitAcrossQueueGroups
confTLS_SRV_OPTIONS TLSSrvOptions
See above (and related documentation) for further information.
CONFIG: Add configuration variables for new timeout options:
confTO_ACONNECT Timeout.aconnect
confTO_AUTH Timeout.auth
confTO_LHLO Timeout.lhlo
confTO_STARTTLS Timeout.starttls
CONFIG: Add support for accepting temporarily unresolvable domains.
See cf/README for details. Based on patch by Motonori
Nakamura of Kyoto University.
CONFIG: confDEQUOTE_OPTS can be used to specify options for the
dequote map.
DEVTOOLS: Add new options for installation of include and library
files: confINCGRP, confINCMODE, confINCOWN, confLIBGRP,
confLIBMODE, confLIBOWN.
MAIL.LOCAL: Mail.local now uses the libsm mbdb package to look up
local mail recipients. New option -D mbdb specifies the
mailbox database type.
MAKEMAP: Add new option -t to specify a different delimiter
instead of white space.
RMAIL: Invoke sendmail with '-G' to indicate this is a gateway
submission. Problem noted by Kari Hurtta of the Finnish
Meteorological Institute.
SMRSH: Use the vendor supplied directory on FreeBSD 3.3 and later.
VACATION: Change Auto-Submitted: header value from auto-generated to
auto-replied. From Kenneth Murchison of Oceana Matrix Ltd.
VACATION: New option -d to send error/debug messages to stdout
instead of syslog.
VACATION: New option -U which prevents the attempt to lookup login
in the password file. The -f and -m options must be used
to specify the database and message file since there is no
home directory for the default settings for these options.
VACATION: Vacation now uses the libsm mbdb package to look up
local mail recipients; it reads the MailboxDatabase option
from the sendmail.cf file. New option -C cffile which
specifies the path of the sendmail.cf file.
New Files:
cf/cf/msp.mc
cf/feature/authinfo.m4
cf/feature/compat_check.m4
cf/feature/enhdnsbl.m4
cf/feature/msp.m4
cf/feature/local_no_masquerade.m4
cf/feature/lookupdotdomain.m4
cf/feature/preserve_luser_host.m4
cf/feature/preserve_local_plus_detail.m4
cf/sendmail.schema
devtools/M4/UNIX/sm-test.m4
editmap/*
include/sm/*
libsm/*
libsmutil/cf.c
libsmutil/err.c
sendmail/SECURITY
sendmail/bf.c
sendmail/bf.h
sendmail/sasl.c
sendmail/sm_resolve.c
sendmail/sm_resolve.h
sendmail/tls.c
Deleted Files:
cf/feature/rbl.m4
cf/ostype/aix2.m4
devtools/OS/AIX.2
include/sendmail/cdefs.h
include/sendmail/errstring.h
include/sendmail/useful.h
libsmutil/errstring.c
sendmail/bf_portable.c
sendmail/bf_portable.h
sendmail/bf_torek.c
sendmail/bf_torek.h
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (OpenBSD)
Comment: For info see http://www.gnupg.org
iQCVAwUBOqrQYjgi20fMN08tAQGQlgQAwuaCzAOncJFtKdOn0P/uU8bY78O/a7Tl
v3TdMUeQpow28bRfZpGqfUdNd8Jp8guZP2nGskataJ66Rf1wmoF4oPVwW+RjtkT1
bp1sTNTSsb5xDd/qNJWqWbGh6Iw47+y3iaK/sWsHvIt+CKjR8yk/B7eF/2QbFIVS
loMcUQvxF2U=
=pDQw
-----END PGP SIGNATURE-----
----------------------------------------------
LIH is all for free speech. But it was created
for a purpose. Violations of the rules of
this list will result in stern action.
