What's New with sendmail

Version 8.9 of sendmail has been included with the Solaris 7 release. Here is a list of the important or user-visible changes that are included in this new version:

• A new system for building configuration files. Instructions for using the new system is included in "Building a sendmail Configuration File".

• The permissions and the ownership of several directories have been changed in order to increase security. When the Solaris 7 release is installed, /etc/mail and /var/spool/mqueue and the parent directories will have the correct permissions.

• Increased security on .forward files requires that the default shells (as listed in /etc/passwd) of all users trying to employ a .forward file to forward mail to a program or to a file must be listed in /etc/shells for the file to be accessed. See "How to Create and Populate /etc/shells" for more information.

• Additional restrictions have been put in place on .forward and :include: files. These files and the directory structure that they are placed in cannot be group- or world-writable. A script called /usr/lib/mail/sh/check-permissions is included to help identify files with unsafe permissions.

• The use of .forward files has been enhanced. A .forward.hostname file can be used to reroute mail sent to a user at a specific host. Also, a .forward+detail file can be used to determine who is using an alias. These files are described in ".forward Files".

• The way sendmail acts when an owner alias exists has changed. A full description of the change can be found in "Mailbox". You can download a script called check-aliases.sh, which checks all alias files listed in /etc/mail/sendmail.cf for misconfigured owner-aliases.

• The sendmail program requires a fully qualified host name when starting. A script called /usr/lib/mail/sh/check-hostname is included with the release to identify host configurations that do not support fully qualified host names.

Additional information on the Solaris version of sendmail can be found at http://www.sendmail.org/sun-specific/migration+sun.html.

The New Configuration Files

In order to customize your mail system, it can be necessary to re-configure sendmail. Earlier Solaris releases contained a large file that included many cryptic options, that needed to be manually edited to make any changes to the way sendmail functions. In the Solaris 7 release, a new configuration system has been included, which uses m4 to build the configuration file (see the m4(1) man page).

Changes to the sendmail Command Line Options

The options listed in the following table are the new options for the Solaris 7 release. A complete description of these options can be found in sendmail, Second Edition, by Bryan Costales.

Table 3-1 sendmail Command-Line Arguments Changes

Argument		Description
-bD		Run as a daemon, but do not fork so that sendmail always runs in the foreground.
-bH		Purge persistent host status.
-bh		Print persistent host status.
-M		Assign a macro value.
-N		Append the DSN NOTIFY command to the ESMTP RCPT command.
-O		Use to set a multicharacter configuration option.
-p		Set the protocol and hostname.
-R		Include the DSN RET command to the ESMTP MAIL command.
-U		Used to indicate that this is the very first step in this submission.
-V		Specify the envelope indentifier for outgoing messages.

Changes to the sendmail Configuration File Options

The options listed in the following table are the new configuration options for the Solaris 7 release. These options are sorted by their multicharacter name. If the option still has a single character name, it is displayed parenthetically. Many of the single character options supported in 2.6 are still supported in the Solaris 7 release. A complete description of these options can be found in sendmail, Second Edition, by Bryan Costales.

Table 3-2 sendmail Configuration File Option Changes

Argument		Description
AllowBogusHELO		Allow no hostname with HELO or EHLO.
ColonOkInAddr		Allow colons in addresses.
ConnectionRateThrottle		Slow the acceptance rate of new connections.
DefaultCharSet		Define default character set.
DialDelay		Set delay time for second connect() attempt.
DontBlameSendmail		Disable parts of security checking.
DontExpandCnames		Prevent canonical name expansion.
DontInitGroups		Do not use initgroups().
DontProbeInterfaces		Disable automatic probing of interfaces.
DoubleBounceAddress		Set email address for error notifications.
EightBitMode		Specify how to handle unlabeled 8-bit data.
ErrorHeader (E)		Append custom text ahead of error message text.
ForwardPath (J)		Set alternative locations of the .forward file.
HostsFile		Specify an alternative location for the /etc/hosts file.
HostStatusDirectory		Set the location of the directory containing persistent host status data.
MaxDaemonChildren		Limit the number of forked children of sendmail.
MaxMessageSize		Set the maximum messages size.
MaxMimeHeaderLength		Set the maximum length of certain MIME header field values.
MaxRecipientsPerMessage		Set the maximum number of message recipients.
MaxQueueRunSize		Set the number of queued messages that can be processed in one run.
MinQueueAge		Determine the minimum amount of time a message must be in the queue before processing.
MustQuoteChars		Set the list of characters that must be quoted in nonaddress information.
NoRecipientAction		Determine how to handle headers without recipients.
OperatorChars or $o		Establishe the list of separation operators.
QueueSortOrder		Specify how to sort the queue.
RunAsUser		Run sendmail as a non-root user.
SafeFileEnvironment		Select the directory for safe file writes.
ServiceSwitchFile		Specify the location of the switch file for name services.
SingleLineFromHeader		Convert all newlines in the From: header to space characters.
SingleThreadDelivery		Select single threaded delivery.
UnsafeGroupWrites		Check for unsafe group permissions.