Part V Mail Services Topics

Chapter 21, Mail Services (Overview)

Provides overview information for the mail service

Chapter 22, Mail Services (Tasks)

Provides step-by-step instructions for setting up and troubleshooting the mail service

Chapter 23, Mail Services (Reference)

Provides background information on the mail service

Chapter 24, What's New With Mail Services (Reference)

Provides information on what's new for the mail service

Chapter 21 Mail Services (Overview)

Setting up and maintaining an electronic mail service involves complex tasks that are critical to the daily operation of your network. As a network administrator, you might need to expand an existing mail service. Alternately, you might need to set up a mail service on a new network or a subnet. The chapters on mail services can help you plan and set up a mail service for your network. This chapter provides a list of new features in sendmail, as well as a list of other sources of information. The chapter also provides overviews of the software and hardware components that are required to establish a mail service.

• What's New in Version 8.12 of sendmail

• Introduction to the Components of Mail Services

Look in Chapter 22, Mail Services (Tasks) for procedural information on how to set up and administer mail services. For details, refer to Task Map for Mail Services.

Look in Chapter 23, Mail Services (Reference) for a more detailed description of the components of mail services. This chapter also describes the mail service programs and files, the mail routing process, and the interactions of sendmail with name services.

What's New in Version 8.12 of sendmail

Version 8.12 of sendmail has been included in this Solaris 9 release. Chapter 24, What's New With Mail Services (Reference) describes all of its new features. The following list highlights some of the important changes to sendmail.

• New Configuration File, submit.cf

• New or Deprecated Command-Line Options

• New and Revised Configuration File Options and Related Topics

• New and Revised m4 Configuration Macros for sendmail

• New Delivery Agent Flags

• New Equates for Delivery Agents

• Changes to Files

Chapter 24, What's New With Mail Services (Reference) also describes these other changes.

• Changes to mail.local

• Changes to mailstats

• Changes to makemap

• New Command, editmap

• Other Changes and Features of Interest

Other sendmail Information Sources

The following is a list of additional information sources about sendmail.

• Costales, Bryan. sendmail, Second Edition. O'Reilly & Associates, Inc., 1997.

• Home page for sendmail – http://www.sendmail.org.

• FAQ for sendmail – http://www.sendmail.org/faq.

• README for new sendmail configuration files – http://www.sendmail.org/m4/readme.html.

• A guide for issues that are related to migrating to more recent versions of sendmail – http://www.sendmail.org/vendor/sun/.

Introduction to the Components of Mail Services

Many software and hardware components are required to establish a mail service. The following sections give a quick introduction to these components. These sections also provide some of the terms that are used to describe the components.

The first section, Overview of the Software Components, defines the terms that are used when discussing the software parts of the mail delivery system. The next section, Overview of the Hardware Components, focuses on the functions of the hardware systems in a mail configuration.

Overview of the Software Components

The following table introduces some of the software components of a mail system. Refer to Software Components for a complete description of all of the software components.

Overview of the Hardware Components

A mail configuration requires three elements, which you can combine on the same system or provide in separate systems.

• A mail host – A system that is configured to handle email addresses that are difficult to resolve

• A minimum of one mail server – A system that is configured to hold one or more mailboxes

• Mail clients – Systems that access mail from a mail server

If users are to communicate with networks outside your domain, you must also add a fourth element, a mail gateway.

Figure 21–1 shows a typical electronic mail configuration, using the three basic mail elements plus a mail gateway.

Figure 21–1 Typical Electronic Mail Configuration

Each element is described in detail in Hardware Components.

Chapter 22 Mail Services (Tasks)

This chapter describes how to set up and administer mail services. If you are not familiar with administering mail services, read Chapter 21, Mail Services (Overview) for an introduction to the components of mail services. This chapter also provides a description of a typical mail service configuration, as shown in Figure 21–1. The following list can help you find groups of related procedures that are covered in this chapter.

• Task Map for Mail Services

• Setting Up Mail Services (Task Map)

• Administering Mail Alias Files (Task Map)

• Administering the Queue Directories (Task Map)

• Administering .forward Files (Task Map)

• Troubleshooting Procedures and Tips for Mail Services (Task Map)

See Chapter 23, Mail Services (Reference) for a more detailed description of the components of mail services. This chapter also describes the mail service programs and files, the mail routing process, and the interactions of sendmail with name services.

See Chapter 24, What's New With Mail Services (Reference) for a description of the new features that are included in version 8.12 of sendmail. You can also read about changes to mail.local, mailstats, and makemap. Chapter 24, What's New With Mail Services (Reference) also provides a description of a new maintenance command, editmap.

Task Map for Mail Services

The following table refers you to other task maps that focus on a specific group of procedures.

Planning Your Mail System

The following list describes some concerns that should be part of your planning process.

• Determine the type of mail configuration that meets your requirements. This section describes two basic types of mail configuration and briefly lists what you need to set up each configuration. If you need to set up a new mail system or if you are expanding an existing one, you might find this section useful. Local Mail Only describes the first configuration type, and Local Mail and a Remote Connection describes the second type.

• As necessary, choose the systems that are to act as mail servers, mail hosts, and mail gateways.

• Make a list of all the mail clients for which you are providing service and include the location of their mailboxes. This list can help you when you are ready to create mail aliases for your users.

• Decide how you plan to update aliases and forward mail messages. You might set up an aliases mailbox as a place for users to send requests for mail forwarding. Users could also use this mailbox to send requests for changes to their default mail alias. If your system uses NIS or NIS+, you can administer mail forwarding, rather than requiring users to manage mail forwarding. Administering Mail Alias Files (Task Map) provides a list of tasks that are related to aliasing. Administering .forward Files (Task Map) provides a list of tasks that are related to managing .forward files.

After you have completed the planning process, set up the systems on your site to perform the functions that are described in Setting Up Mail Services (Task Map). For other task information, refer to Task Map for Mail Services.

Local Mail Only

The simplest mail configuration, as shown in Figure 22–1, is two or more workstations that are connected to one mail host. Mail is completely local. All the clients store mail on their local disks, and the clients act as mail servers. Mail addresses are parsed by using the /etc/mail/aliases files.

Figure 22–1 Local Mail Configuration

To set up this kind of mail configuration, you need the following.

• The default /etc/mail/sendmail.cf file, which requires no editing, on each mail client system.

• A server that is designated as the mail host. You can make this designation by adding mailhost.domain_name to the /etc/hosts file on the mail host. Then, if you are not running NIS or NIS+, add the mail host IP address line to the /etc/hosts file of all mail clients.

• Unless you are running NIS or NIS+, you need matching /etc/mail/aliases files on any system that has a local mailbox.

• Enough space in /var/mail on each mail client system to hold the mailboxes.

For task information on setting up your mail service, refer to Setting Up Mail Services (Tasks). If you are looking for a particular procedure that is related to setting up your mail service, refer to Setting Up Mail Services (Task Map).

Local Mail and a Remote Connection

The most common mail configuration in a small network is shown in Figure 22–2. One system includes the mail server, the mail host, and the mail gateway that provides the remote connection. Mail is distributed by using the /etc/mail/aliases files on the mail gateway. No name service is required.

Figure 22–2 Local Mail Configuration With a UUCP Connection

In this configuration, you can assume that the mail clients mount their mail files from /var/mail on the mail host. To set up this kind of mail configuration, you need the following.

• The main.cf file on the mail gateway. This file requires no editing if Mail Exchanger (MX) records are used.

• The default /etc/mail/sendmail.cf file on each mail client system. This file does not require any editing.

• A server that is designated as the mail host. You can make this designation by adding mailhost.domain_name to the /etc/hosts file on the mail host. Then, if you are not running NIS or NIS+, you must provide additional information. Add the IP address line for the mail host to the /etc/hosts file of every mail client.

• Unless you are running NIS or NIS+, you need matching /etc/mail/aliases files on any system that has a local mailbox.

• Enough space in /var/mail on the mail server to hold the client mailboxes.

For task information on setting up your mail service, refer to Setting Up Mail Services (Tasks). If you are looking for a particular procedure that is related to setting up your mail service, refer to Setting Up Mail Services (Task Map).

Setting Up Mail Services (Task Map)

The following table describes the procedures for setting up mail services.

Setting Up Mail Services (Tasks)

You can readily set up a mail service if your site does not provide connections to email services outside your company or if your company is in a single domain.

Mail requires two types of configurations for local mail. Refer to Figure 22–1 in Local Mail Only for a representation of these configurations. Mail requires two more configurations for communication with networks outside your domain. Refer to Figure 21–1 in Overview of the Hardware Components or Figure 22–2 in Local Mail and a Remote Connection for a representation of these configurations. You can combine these configurations on the same system or provide these configurations on separate systems. For example, if your mail host and mail server functions are on the same system, follow the directions in this section for setting up that system as a mail host. Then, follow the directions in this section for setting up the same system as a mail server.

The following procedures for setting up a mail server and mail client apply when mailboxes are NFS mounted. However, mailboxes typically are maintained in locally mounted /var/mail directories, which eliminates the need for the following procedures.

How to Set Up a Mail Server

No special steps are required to set up a mail server that is only serving mail for local users. The user must have an entry in the password file or in the namespace. Also, for mail to be delivered, the user should have a local home directory for checking the ~/.forward file. For this reason, home directory servers are often set up as the mail server. Hardware Components in Chapter 23, Mail Services (Reference) provides more information about the mail server.

The mail server can route mail for many mail clients. This type of mail server must have adequate spooling space for client mailboxes.

For clients to access their mailboxes, the /var/mail directory should be available for remote mounting. Alternately, a service such as Post Office Protocol (POP) or Internet Message Access Protocol (IMAP) should be available from the server. The following task shows you how to set up a mail server by using the /var/mail directory. To provide configuration guidelines for POP or IMAP is beyond the scope of this document.

For the following task, ensure that the /etc/dfs/dfstab file shows that the /var/mail directory is exported.

1. Become superuser on the mail server or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Stop sendmail.

   # /etc/init.d/sendmail stop

3. Check if the /var/mail directory is available for remote access.

   # share

   If the /var/mail directory is listed, proceed to step 5.

   If the /var/mail directory is not listed or if no list appears, continue with the appropriate substep.

   1. (Optional) If no list appears, start NFS services.

      Follow the procedure, How to Set Up Automatic File-System Sharing, to use the /var/mail directory to start NFS services.

   2. (Optional) If the /var/mail directory is not included in the list, add the directory to /etc/dfs/dfstab.

      Add the following command line to the /etc/dfs/dfstab file.

      share -F nfs -o rw /var/mail

4. Make the file system available for mounting.

   # shareall

5. Ensure that your name service has been started.

   1. (Optional) If you are running NIS, use this command.

      # ypwhich

      For more information, refer to the ypwhich(1) man page.

   2. (Optional) If you are running NIS+, use this command.

      # nisls

      For more information, refer to the nisls(1) man page.

   3. (Optional) If you are running DNS, use this command.

      # nslookup hostname

      hostname

      Use your host name.

      For more information, refer to the nslookup(1M) man page.

   4. (Optional) If you are running LDAP, use this command.

      # ldaplist

      For more information, refer to the ldaplist(1) man page.

6. Restart sendmail.

   # /etc/init.d/sendmail start

The mail.local program automatically creates mailboxes in the /var/mail directory the first time a message is delivered. You do not need to create individual mailboxes for your mail clients.

How to Set Up a Mail Client

A mail client is a user of mail services with a mailbox on a mail server. Additionally, the mail client has a mail alias in the /etc/mail/aliases file that points to the location of the mailbox. Hardware Components in Chapter 23, Mail Services (Reference) provides a brief description of a mail client.

You can also perform the task of setting up a mail client by using a service such as Post Office Protocol (POP) or Internet Message Access Protocol (IMAP). However, to provide configuration guidelines for POP or IMAP is beyond the scope of this document.

1. Become superuser on the mail client's system or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Stop sendmail.

   # /etc/init.d/sendmail stop

3. Ensure that a /var/mail mount point exists on the mail client's system.

   The mount point should have been created during the installation process. You can use ls to ensure that the file system exists. The following example shows the response that you receive if the file system has not been created.

   # ls -l /var/mail /var/mail not found

4. Ensure that no files are in the /var/mail directory.

   If mail files do exist in this directory, you should move them so that they are not covered when the /var/mail directory is mounted from the server.

5. Mount the /var/mail directory from the mail server.

   You can mount the mail directory automatically or at boot time.

   1. (Optional) Mount /var/mail automatically.

      Add an entry such as the following to the /etc/auto_direct file.

      /var/mail -rw,hard,actimeo=0 server:/var/mail

      server

      Use the assigned server name.

   2. (Optional) Mount /var/mail at boot time.

      Add the following entry to the /etc/vfstab file. This entry permits the /var/mail directory on the mail server that is specified to mount the local /var/mail directory.

      server:/var/mail - /var/mail nfs - no rw,hard,actimeo=0

      The client's mailbox is automatically mounted whenever the system is rebooted. If you are not rebooting the system, type the following command to mount the client mailbox.

      # mountall

      ---

      Caution –

      For mailbox locking and mailbox access to work properly, you must include the actimeo=0 option when mounting mail from an NFS server.

      ---

6. Update /etc/hosts.

   Edit the /etc/hosts file and add an entry for the mail server. This step is not required if you are using a name service.

   # cat /etc/hosts # # Internet host table # .. IP_address mailhost mailhost mailhost.example.com

   IP_address

   Use the assigned IP addresses.

   example.com

   Use the assigned domain.

   mailhost

   Use the assigned mailhost.

   For more information, refer to the hosts(4) man page.

7. Add an entry for the client to one of the alias files.

   Refer to Administering Mail Alias Files (Task Map) for a task map about administering mail alias files.

   ---

   Note –

   The mail.local program automatically creates mailboxes in the /var/mail directory the first time a message is delivered. You do not need to create individual mailboxes for your mail clients.

   ---

8. Restart sendmail.

   # /etc/init.d/sendmail start

How to Set Up a Mail Host

A mail host resolves email addresses and reroutes mail within your domain. A good candidate for a mail host is a system that provides your network with a remote connection or connects your network to a parent domain. The following procedure shows you how to set up a mail host.

1. Become superuser on the mail host system or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Stop sendmail.

   # /etc/init.d/sendmail stop

3. Verify the host-name configuration.

   Run the check-hostname script to verify that sendmail can identify the fully qualified host name for this server.

   % /usr/lib/mail/sh/check-hostname hostname phoenix OK: fully qualified as phoenix.example.com

   If this script is not successful in identifying the fully qualified host name, you need to add the fully qualified host name as the first alias for the host in /etc/hosts.

4. Update the /etc/hosts file.

   Choose the step that is appropriate for you.

   1. (Optional) If you are using NIS or NIS+, edit the /etc/hosts file on the system that is to be the new mail host.

      Add the word mailhost and mailhost.domain after the IP address and system name of the mail host system.

      IP_address mailhost mailhost mailhost.domain loghost

      IP_address

      Use the assigned IP address.

      mailhost

      Use the system name of the mail host system.

      domain

      Use the expanded domain name.

      The system is now designated as a mail host. The domain should be identical to the string that is given as the subdomain name in the output of the following command.

      % /usr/lib/sendmail -bt -d0 </dev/null Version 8.12.0+Sun Compiled with: LDAPMAP MAP_REGEX LOG MATCHGECOS MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB NIS NISPLUS QUEUE SCANF SMTP USERDB XDEBUG ============ SYSTEM IDENTITY (after readcf) ============ (short domain name) $w = phoenix (canonical domain name) $j = phoenix.example.com (subdomain name) $m = example.com (node name) $k = phoenix ========================================================

      See the following example of how the hosts file should look after these changes.

      # cat /etc/hosts # # Internet host table # 172.31.255.255 localhost 192.168.255.255 phoenix mailhost mailhost.example.com loghost

   2. (Optional) If you are not using NIS or NIS+, edit the /etc/hosts file on each system in the network. Create the following entry.

      IP_address mailhost mailhost mailhost.domain loghost

5. Select the correct configuration file to copy and rename.

   The following command copies and renames the /etc/mail/main.cf file.

   # cp /etc/mail/main.cf /etc/mail/sendmail.cf

6. Restart sendmail.

   # /etc/init.d/sendmail start

7. Test your mail configuration.

   See How to Test the Mail Configuration for instructions.

For further information about mail hosts, refer to Hardware Components in Chapter 23, Mail Services (Reference).

How to Set Up a Mail Gateway

A mail gateway manages communication with networks outside your domain. The mailer on the sending mail gateway can match the mailer on the receiving system.

A good candidate for a mail gateway is a system that is attached to Ethernet and phone lines. Another good candidate is a system that is configured as a router to the Internet. You can configure the mail host or another system as the mail gateway. You might choose to configure more than one mail gateway for your domain. If you have UNIX-to-UNIX Copy Program (UUCP) connections, you should configure the system (or systems) with UUCP connections as the mail gateway.

1. Become superuser on the mail gateway or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Stop sendmail.

   # /etc/init.d/sendmail stop

3. Select the correct configuration file to copy and rename.

   The following command copies and renames the main.cf file.

   # cp /etc/mail/main.cf /etc/mail/sendmail.cf

4. Verify the host-name configuration.

   Run the check-hostname script to verify that sendmail can identify the fully qualified host name for this server.

   # /usr/lib/mail/sh/check-hostname hostname phoenix OK: fully qualified as phoenix.example.com

   If this script is not successful in identifying the fully qualified host name, you need to add the fully qualified host name as the first alias for the host in /etc/hosts. If you need help with this step, refer to Step 4 of How to Set Up a Mail Host.

5. Ensure that your name service has been started.

   1. (Optional) If you are running NIS, use this command.

      # ypwhich

      For more information, refer to the ypwhich(1) man page.

   2. (Optional) If you are running NIS+, use this command.

      # nisls

      For more information, refer to the nisls(1) man page.

   3. (Optional) If you are running DNS, use this command.

      # nslookup hostname

      hostname

      Use your host name.

      For more information, refer to the nslookup(1M) man page.

   4. (Optional) If you are running LDAP, use this command.

      # ldaplist

      For more information, refer to the ldaplist(1) man page.

6. Restart sendmail.

   # /etc/init.d/sendmail start

7. Test your mail configuration

   See How to Test the Mail Configuration for instructions.

For more information about the mail gateway, refer to Hardware Components in Chapter 23, Mail Services (Reference).

How to Use DNS With sendmail

The DNS name service does not support aliases for individuals. This name service does support aliases for hosts or domains that use Mail Exchanger (MX) records and CNAME records. You can specify host names, domain names, or both names in the DNS database. For more information about sendmail and DNS, see Interactions of sendmail With Name Services in Chapter 23, Mail Services (Reference), or see the System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

1. Become superuser or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Enable DNS host lookups (NIS+ only).

   Edit the /etc/nsswitch.conf file and remove the # from the hosts definition that includes the dns flag. The host entry must include the dns flag, as the following example shows, in order for the DNS host aliases to be used.

   # grep hosts /etc/nsswitch.conf #hosts: nisplus [NOTFOUND=return] files hosts: dns nisplus [NOTFOUND=return] files

3. Check for a mailhost and mailhost.domain entry.

   Use nslookup to ensure that an entry exists for mailhost and mailhost.domain in the DNS database. For more information, refer to the nslookup(1M) man page.

How to Set Up a Virtual Host

If you need to assign more than one IP address to a host, see this Web site: http://www.sendmail.org/virtual-hosting.html. This site provides complete instructions on how to use sendmail to set up a virtual host. However, in the “Sendmail Configuration” section, do not perform step 3b, as shown in the following.

# cd sendmail-VERSION/cf/cf
# ./Build mailserver.cf
# cp mailserver.cf /etc/mail/sendmail.cf

Instead, for the Solaris operating environment, perform the following steps.

# cd /usr/lib/mail/cf
# /usr/ccs/bin/make mailserver.cf
# cp mailserver.cf /etc/mail/sendmail.cf

mailserver

Use the name of the .cf file.

Building the sendmail.cf Configuration File (Task) outlines the same three steps as part of the build process.

After you have generated your /etc/mail/sendmail.cf file, you can continue with the next steps to create a virtual user table.

Building the sendmail.cf Configuration File (Task)

How to Build a New sendmail.cf File shows you how to build the configuration file. Although you can still use older versions of sendmail.cf files, the best practice is to use the new format.

For more details, you should read from the following resources.

• /usr/lib/mail/README provides a complete description of the configuration process.

• http://www.sendmail.org provides online information about sendmail configuration.

• Versions of the Configuration File and sendmail Configuration File, in Chapter 23, Mail Services (Reference), also provide some guidance.

The following sections in Chapter 24, What's New With Mail Services (Reference) identify new m4 configuration features.

• New and Revised Configuration File Options and Related Topics

• New and Revised m4 Configuration Macros for sendmail

How to Build a New sendmail.cf File

The following procedure shows you how to build a new configuration file.

/usr/lib/mail/cf/main-v7sun.mc is now /usr/lib/mail/cf/main.mc.

1. Become superuser or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Stop sendmail.

   # /etc/init.d/sendmail stop

3. Make a copy of the configuration files that you are changing.

   # cd /usr/lib/mail/cf # cp main.mc myhost.mc

   myhost

   Select a new name for your .mc file.

4. Edit the new configuration files (for example, myhost.mc), as necessary.

   For example, add the following command line to enable domain masquerading.

   # cat myhost.mc .. MASQUERADE_AS(`host.domain')

   host.domain

   Use the desired host name and domain name.

   In this example, MASQUERADE_AS causes sent mail to be labeled as originating from host.domain, rather than $j.

5. Build the configuration file by using m4.

   # /usr/ccs/bin/make myhost.cf

6. Test the new configuration file by using the -C option to specify the new file.

   # /usr/lib/sendmail -C myhost.cf -v testaddr </dev/null

   While this command displays messages, it sends a message to testaddr. Only outgoing mail can be tested without restarting the sendmail service on the system. For systems that are not handling mail yet, use the full testing procedure in How to Test the Mail Configuration.

7. Install the new configuration file after making a copy of the original.

   # cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.save # cp myhost.cf /etc/mail/sendmail.cf

8. Restart the sendmail service.

   # /etc/init.d/sendmail start

Managing Mail Delivery by Using an Alternate Configuration (Task)

To facilitate the transport of inbound mail and outbound mail, the new default configuration of sendmail uses a daemon and a client queue runner. If you have disabled your daemon, you should perform the following task. For a detailed explanation, refer to New Configuration File, submit.cf.

How to Manage Mail Delivery by Using an Alternate Configuration of sendmail.cf

In the default configuration of sendmail, the client queue runner must be able to submit mail to the daemon on the local SMTP port. If the daemon is not listening on the SMTP port, the mail remains in the queue. To avoid this problem, perform the following task. For more information about the daemon and client queue runner and to understand why you might have to use this alternate configuration, refer to New Configuration File, submit.cf.

This procedure ensures that your daemon runs only to accept connections from the local host.

1. Become superuser or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Stop sendmail.

   # /etc/init.d/sendmail stop

3. Make a copy of the configuration file that you are changing. You could copy either subsidiary.mc or main.mc, depending on your requirements. In this example, the subsidiary.mc file is used.

   # cd /usr/lib/mail/cf # cp subsidiary.mc myhost.mc

   myhost

   Select a new name for your .mc file.

4. Edit the new configuration file (for example, myhost.mc).

   Add the following line before the MAILER() lines.

   # cat myhost.mc .. DAEMON_OPTIONS(`NAME=NoMTA4, Family=inet, Addr=127.0.0.1')dnl

   1. (Optional) If your host has an IPv6 local host address that is enabled, edit the new configuration file as follows.

      Add both of the following lines before the MAILER() lines.

      # cat myhost.mc .. DAEMON_OPTIONS(`NAME=NoMTA4, Family=inet, Addr=127.0.0.1')dnl DAEMON_OPTIONS(`NAME=NoMTA6, Family=inet6, Addr=::1')dnl

   2. (Optional) To see if your host has an IPv6 local host address that is enbled, run the following command.

      # /usr/sbin/ifconfig -a

      If IPv6 is enabled, you should see output that is similar to the following.

      lo0: flags=2000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6> mtu 8252 index 1 inet6 ::1/128

5. Build the configuration file by using m4.

   # /usr/ccs/bin/make myhost.cf

6. Install the new configuration file after making a copy of the original.

   # cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.save # cp myhost.cf /etc/mail/sendmail.cf

7. Restart the sendmail service.

   # /etc/init.d/sendmail start

Administering Mail Alias Files (Task Map)

The following table describes the procedures for administering mail alias files. For more information on this topic, refer to Mail Alias Files in Chapter 23, Mail Services (Reference).

Administering Mail Alias Files (Tasks)

Mail aliases must be unique within the domain. This section provides the procedures for administering mail alias files. Alternately, you can use the AdminTool's Database Manager application to perform these tasks on the aliases database.

In addition, you can create database files for the local mail host by using makemap. Refer to the makemap(1M) man page. The use of these database files does not provide all of the advantages of using a name service such as NIS or NIS+. However, you should be able to retrieve the data from these local database files faster because no network lookups are involved. For more information, refer to Interactions of sendmail With Name Services and Mail Alias Files in Chapter 23, Mail Services (Reference).

How to Manage Alias Entries in an NIS+ mail_aliases Table

To manage entries in an NIS+ table, you can use the aliasadm command. To list, add, modify, or delete table entries with the aliasadm command, you begin a particular task with the following steps.

1. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Complete your task by following the instructions from the example that meets your requirements.

   • Example—Initiating an NIS+ mail_aliases Table

   • Example—Listing the Entire Contents of the NIS+ mail_aliases Table

   • Example—Listing an Individual Entry From the NIS+ mail_aliases Table

   • Example—Listing Partial Matches From the NIS+ mail_aliases Table

   • Example—Adding Aliases to the NIS+ mail_aliases Table From the Command Line

   • Example—Adding Entries by Editing an NIS+ mail_aliases Table

   • Example—Editing Entries in an NIS+ mail_aliases Table

   • Example—Deleting Entries From an NIS+ mail_aliases Table

In some instances, you should begin the task by compiling a list of each of your mail clients, the locations of their mailboxes, and the names of the mail server systems.

Example—Initiating an NIS+ mail_aliases Table

To create a table, follow these instructions.

1. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Initiate an NIS+ table.

   # aliasadm -I

3. Add entries to the table.

   • To add two or three aliases, refer to Example—Adding Aliases to the NIS+ mail_aliases Table From the Command Line.

   • To add more than two or three aliases, refer to Example—Adding Entries by Editing an NIS+ mail_aliases Table.

For more information, refer to the aliasadm(1M) man page.

Example—Listing the Entire Contents of the NIS+ mail_aliases Table

To see a complete list of the contents of the table, follow these instructions.

1. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. List all of the entries in alphabetical order by alias.

   # aliasadm -1

For more information, refer to the aliasadm(1M) man page.

Example—Listing an Individual Entry From the NIS+ mail_aliases Table

To see an individual entry from the table, follow these instructions.

1. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. List an individual entry.

   # aliasadm -m ignatz ignatz: ignatz@saturn # Alias for Iggy Ignatz

   The command matches only the complete alias name, not partial strings. You cannot use metacharacters, such as * and ?, with aliasadm -m.

For more information, refer to the aliasadm(1M) man page.

Example—Listing Partial Matches From the NIS+ mail_aliases Table

To see partial matches from the table, follow these instructions.

1. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. List partial matches from the table.

   # aliasadm -l | grep partial_string

   partial_string

   Use the string of your choice for your search.

For more information, refer to the aliasadm(1M) man page.

Example—Adding Aliases to the NIS+ mail_aliases Table From the Command Line

To add two or three aliases to the table, follow these instructions.

1. Compile a list of each of your mail clients, the locations of their mailboxes, and the names of the mail server systems.

2. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

3. (Optional) If necessary, initiate an NIS+ table.

   If you are creating a completely new NIS+ mail_aliases table, you must first initiate the table. To complete this task, refer to Example—Initiating an NIS+ mail_aliases Table.

4. Add aliases to the table.

   See this example of a typical entry.

   # aliasadm -a iggy iggy.ignatz@saturn "Iggy Ignatz"

   The following list describes the input from the preceding example.

   -a

   The option for adding an alias

   iggy

   The short form of the alias name

   iggy.ignatz@saturn

   The expanded alias name

   "Iggy Ignatz"

   The name for the alias in quotation marks

5. Display the entry that you created and ensure that the entry is correct.

   # aliasadm -m alias

   alias

   The entry that you created

For more information, refer to the aliasadm(1M) man page.

Example—Adding Entries by Editing an NIS+ mail_aliases Table

To add more than two or three aliases to the table, follow these instructions.

1. Compile a list of each of your mail clients, the locations of their mailboxes, and the names of the mail server systems.

2. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

3. Display and edit the aliases table.

   # aliasadm -e

   This command displays the table and enables you to edit the table. The editor that you use has been set with the $EDITOR environment variable. If this variable is not set, vi is the default editor.

4. Use the following format to type each alias on a separate line.

   alias: expanded_alias # ["option" # "comments"]

   alias

   This column is for the short form of the alias name.

   expanded_alias

   This column is for the expanded alias name.

   option

   This column is reserved for future use.

   comments

   This column is used for comments about the individual alias, such as a name for the alias.

   If you leave the option column blank, type an empty pair of quotation marks ("") and add the comments.

   The order of the entries is not important to the NIS+ mail_aliases table. The aliasadm -l command sorts the list and displays the entries in alphabetical order.

   For more information, refer to Mail Alias Files and the aliasadm(1M) man page.

Example—Editing Entries in an NIS+ mail_aliases Table

To edit entries in the table, follow these instructions.

1. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Display the alias entry.

   # aliasadm -m alias

   alias

   Use the assigned alias name.

3. Edit the alias entry, as necessary.

   # aliasadm -c alias expanded_alias [options comments]

   alias

   If necessary, edit the alias name.

   expanded_alias

   If necessary, edit the expanded alias name.

   options

   If necessary, edit the option.

   comments

   If necessary, edit the comment for this entry.

   For more information, refer to the aliasadm(1M) man page, as well as Mail Alias Files.

4. Display the entry that you have edited and ensure that the entry is correct.

   # aliasadm -m alias

For more information, refer to the aliasadm(1M) man page.

Example—Deleting Entries From an NIS+ mail_aliases Table

To delete entries from the table, follow these instructions.

1. Either be a member of the NIS+ group that owns the table, or become root on the mail server, or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Delete an entry from the table.

   # aliasadm -d alias

   alias

   Use the alias name for the entry that you are deleting.

For more information, refer to the aliasadm(1M) man page.

How to Set Up an NIS mail.aliases Map

Use the following procedure to facilitate aliasing with an NIS mail.aliases map.

1. Compile a list of each of your mail clients, the locations of their mailboxes, and the names of the mail server systems.

2. Become root on the NIS master server or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

3. Edit the /etc/mail/aliases file, and make the following entries.

   1. Add an entry for each mail client.

      # cat /etc/mail/aliases .. alias:expanded_alias

      alias

      Use the short alias name.

      expanded_alias

      Use the expanded alias name (user@host.domain.com).

   2. Ensure that you have a Postmaster: root entry.

      # cat /etc/mail/aliases .. Postmaster: root

   3. Add an alias for root. Use the mail address of the person who is designated as the postmaster.

      # cat /etc/mail/aliases .. root: user@host.domain.com

      user@host.domain.com

      Use the assigned address of the designated postmaster.

4. Ensure that the NIS master server is running a name service to resolve the host names on each mail server.

5. Change to the /var/yp directory.

   # cd /var/yp

6. Apply the make command.

   # make

   The changes in the /etc/hosts and /etc/mail/aliases files are propagated to NIS slave systems. The changes are active in only a few minutes, at most.

How to Set Up a Local Mail Alias File

Use the following procedure to resolve aliases with a local mail alias file.

1. Compile a list of each of your users and the locations of their mailboxes.

2. Become root on the mail server or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

3. Edit the /etc/mail/aliases file and make the following entries.

   1. Add an entry for each user.

      user1: user2@host.domain

      user1

      Use the new alias name.

      user2@host.domain

      Use the actual address for the new alias.

   2. Ensure that you have a Postmaster: root entry.

      # cat /etc/mail/aliases .. Postmaster: root

   3. Add an alias for root. Use the mail address of the person who is designated as the postmaster.

      # cat /etc/mail/aliases .. root: user@host.domain.com

      user@host.domain.com

      Use the assigned address of the designated postmaster.

4. Rebuild the alias database.

   # newaliases

   The configuration of the AliasFile option in /etc/mail/sendmail.cf determines whether this command generates in binary form either the single file, /etc/mail/aliases.db, or the pair of files, /etc/mail/aliases.dir and /etc/mail/aliases.pag.

5. Perform one of the following steps to copy the file or files that were generated.

   1. (Optional) Copy the /etc/mail/aliases, the /etc/mail/aliases.dir, and the/etc/mail/aliases.pag files to each of the other systems.

      You can copy the three files by using the rcp or rdist commands. Refer to the rcp(1) man page or the rdist(1) man page for more information. Alternately, you can create a script for this purpose.

      When you copy these files, you do not need to run the newaliases command on each of the other systems. However, remember that you must update all the /etc/mail/aliases files each time you add or remove a mail client.

   2. (Optional) Copy the /etc/mail/aliases.db file to each of the other systems.

      You can copy the file by using the rcp or rdist commands. Refer to the rcp(1) man page or the rdist(1) man page for more information. Alternately, you can create a script for this purpose.

      When you copy this file, you do not need to run the newaliases command on each of the other systems. However, remember that you must update all the /etc/mail/aliases files each time you add or remove a mail client.

How to Create a Keyed Map File

To create a keyed map file, follow these instructions.

1. Become superuser on the mail server or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Create an input file.

   Entries can have the following syntax.

   old_name@newdomain.com new_name@newdomain.com old_name@olddomain.com error:nouser No such user here @olddomain.com %1@newdomain.com

   old_name@newdomain.com

   Use the user name that was previously assigned with the domain that is newly assigned.

   new_name@newdomain.com

   Use the address that is newly assigned.

   old_name@olddomain.com

   Use the user name that was previously assigned with the domain that was previously assigned.

   olddomain.com

   Use the domain that was previously assigned.

   newdomain.com

   Use the domain that is newly assigned.

   The first entry redirects mail to a new alias. The next entry creates a message when an incorrect alias is used. The last entry redirects all incoming mail from olddomain to newdomain.

3. Create the database file.

   # /usr/sbin/makemap maptype newmap < newmap

   maptype

   Select a database type, such as dbm, btree, or hash.

   newmap

   Use the name of the input file and the first part of the name of the database file. If the dbm database type is selected, then the database files are created by using a .pag and a .dir suffix. For the other two database types, the file name is followed by .db.

Managing the postmaster Alias

Every system must be able to send mail to a postmaster mailbox. You can create an NIS or NIS+ alias for postmaster, or you can create the alias in each local /etc/mail/aliases file. Refer to these procedures.

• How to Create a postmaster Alias in Each Local /etc/mail/aliases File

• How to Create a Separate Mailbox for postmaster

• How to Add the postmaster Mailbox to the Aliases in the /etc/mail/aliases File

How to Create a postmaster Alias in Each Local /etc/mail/aliases File

If you are creating the postmaster alias in each local /etc/mail/aliases file, follow these instructions.

1. Become superuser on each local system or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. View the /etc/mail/aliases entry.

   # cat /etc/mail/aliases # Following alias is required by the mail protocol, RFC 2821 # Set it to the address of a HUMAN who deals with this system's # mail problems. Postmaster: root

3. Edit each system's /etc/mail/aliases file.

   Change root to the mail address of the person who is designated as the postmaster.

   Postmaster: mail_address

   mail_address

   Use the assigned address for the person who is designated as the postmaster.

4. (Optional) Create a separate mailbox for the postmaster.

   You can create a separate mailbox for the postmaster to keep postmaster mail separate from personal mail. If you create a separate mailbox, use the mailbox address instead of the postmaster's personal mail address when you edit the /etc/mail/aliases files. For details, refer to How to Create a Separate Mailbox for postmaster.

How to Create a Separate Mailbox for postmaster

If you are creating a separate mailbox for postmaster, follow these instructions.

1. Become root on the mail server or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Create a user account for the person who is designated as postmaster. Put an asterisk (*) in the password field.

   For details about adding a user account, refer to “Managing User Accounts and Groups (Tasks)” in System Administration Guide: Basic Administration.

3. After mail has been delivered, enable the mail program to read and write to the mailbox name.

   # mail -f postmaster

   postmaster

   Use the assigned address.

How to Add the postmaster Mailbox to the Aliases in the /etc/mail/aliases File

If you are adding a postmaster mailbox to the aliases in the /etc/mail/aliases file, follow these instructions.

1. Become root on each system or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Add an alias for root. Use the mail address of the person who is designated as the postmaster.

   # cat /etc/mail/aliases .. root: user@host.domain.com

   user@host.domain.com

   Use the assigned address of the person who is designated as postmaster.

3. On the postmaster's local system, create an entry in the /etc/mail/aliases file that defines the name of the alias. sysadmin is an example. Also, include the path to the local mailbox.

   # cat /etc/mail/aliases .. sysadmin: /usr/somewhere/somefile

   sysadmin

   Create a name for a new alias.

   /usr/somewhere/somefile

   Use the path to the local mailbox.

4. Rebuild the alias database.

   # newaliases

Administering the Queue Directories (Task Map)

The following table describes the procedures for administering the mail queue.

Administering the Queue Directories (Tasks)

This section describes some helpful tasks for queue administration. For information about the client-only queue, refer to New Configuration File, submit.cf. For other related information, you can refer to New Queue Features.

How to Display the Contents of the Mail Queue, /var/spool/mqueue

Use this procedure to see how many messages are in the queue and how fast they are being cleared from the queue.

Use the following command to display this information.

• The queue IDs

• The size of the message

• The date that the message entered the queue

• The message status

• The sender and the recipients

# /usr/bin/mailq | more

This command now checks for the authorization attribute, solaris.admin.mail.mailq. If the check is successful, the equivalent of specifying the -bp flag with sendmail is executed. If the check fails, an error message is printed. By default, this authorization attribute is enabled for all users. The authorization attribute can be disabled by modifying the user entry in prof_attr. For more information, refer to the man pages for prof_attr(4) and mailq(1).

How to Force Mail Queue Processing in the Mail Queue, /var/spool/mqueue

Use this procedure, for example, to process messages to a system that was previously unable to receive messages.

1. Become root or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Force queue processing and display the progress of the jobs as the queue is cleared.

   # /usr/lib/sendmail -q -v

How to Run a Subset of the Mail Queue, /var/spool/mqueue

Use this procedure, for example, to force a substring of an address, such as a host name, to be processed. Also, use this procedure to force a particular message from the queue.

1. Become root or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Run a subset of the mail queue at any time with -qRstring.

   # /usr/lib/sendmail -qRstring

   string

   Use a recipient's alias or a substring of user@host.domain, such as a host name.

   Alternately, you can run a subset of the mail queue with -qInnnnn.

   # /usr/lib/sendmail -qInnnnn

   nnnnn

   Use a queue ID.

How to Move the Mail Queue, /var/spool/mqueue

If you are moving the mail queue, follow these instructions.

1. Become root on the mail host or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Kill the sendmail daemon.

   # /etc/init.d/sendmail stop

   Now, sendmail is no longer processing the queue directory.

3. Change to the /var/spool directory.

   # cd /var/spool

4. Move the directory, mqueue, and all its contents to the omqueue directory. Then create a new empty directory that is named mqueue.

   # mv mqueue omqueue; mkdir mqueue

5. Set the permissions of the directory to read/write/execute by owner, and read/execute by group. Also, set the owner and group to daemon.

   # chmod 750 mqueue; chown root:bin mqueue

6. Start sendmail.

   # /etc/init.d/sendmail start

How to Run the Old Mail Queue, /var/spool/omqueue

To run an old mail queue, follow these instructions.

1. Become root or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Run the old mail queue.

   # /usr/lib/sendmail -oQ/var/spool/omqueue -q

   The -oQ flag specifies an alternate queue directory. The -q flag says to run every job in the queue. Use the -v flag if you are displaying the verbose output on the screen.

3. Remove the empty directory.

   # rmdir /var/spool/omqueue

Administering .forward Files (Task Map)

The following table describes the procedures for administering .forward files. For more information, refer to .forward Files in Chapter 23, Mail Services (Reference).

Administering .forward Files (Tasks)

This section contains several procedures that are related to .forward file administration. Because these files can be edited by users, the files can cause problems. For more information, refer to .forward Files in Chapter 23, Mail Services (Reference).

How to Disable .forward Files

This procedure, which prevents automated forwarding, disables the .forward file for a particular host.

1. Become root or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Make a copy of /usr/lib/mail/domain/solaris-generic.m4 or your site-specific domain m4 file.

   # cd /usr/lib/mail/domain # cp solaris-generic.m4 mydomain.m4

   mydomain

   Use the file name of your choice.

3. Add the following line to the file that you just created.

   define(`confFORWARD_PATH',`')dnl

   If a value for confFORWARD_PATH already exists in the m4 file, replace the value with this null value.

4. Build and install a new configuration file.

   If you need help with this step, refer to How to Build a New sendmail.cf File.

   ---

   Note –

   When you edit the .mc file, remember to change DOMAIN(`solaris-generic') to DOMAIN(`mydomain').

   ---

How to Change the .forward File Search Path

If, for example, you want to put all .forward files in a common directory, follow these instructions.

1. Become root or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

2. Make a copy of /usr/lib/mail/domain/solaris-generic.m4 or your site-specific domain m4 file.

   # cd /usr/lib/mail/domain # cp solaris-generic.m4 mydomain.m4

   mydomain

   Use the file name of your choice.

3. Add the following line to the file that you just created.

   define(`confFORWARD_PATH',`$z/.forward:/var/forward/$u')dnl

   If a value for confFORWARD_PATH already exists in the m4 file, replace the value with this new value.

4. Build and install a new configuration file.

   If you need help with this step, refer to How to Build a New sendmail.cf File.

   ---

   Note –

   When you edit the .mc file, remember to change DOMAIN(`solaris-generic') to DOMAIN(`mydomain').

   ---

How to Create and Populate /etc/shells

This file is not included in the standard release. You must add the file if users are to be allowed to use .forward files to forward mail to a program or to a file. You can create the file manually by using grep to identify all of the shells that are listed in your password file. You can then type the shells into the file. However, the following procedure, which employs a script that can be downloaded, is easier to use.

1. Download the script.

   http://www.sendmail.org/vendor/sun/gen-etc-shells.html

2. Become root or assume an equivalent role.

   For information about roles, refer to “Using Privileged Applications” in System Administration Guide: Security Services.

3. To generate a list of shells, run the gen-etc-shells script.

   # ./gen-etc-shells.sh > /tmp/shells

   This script uses the getent command to collect the names of shells that are included in the password file sources that are listed in /etc/nsswitch.conf.

4. Inspect and edit the list of shells in /tmp/shells.

   With the editor of your choice, remove any shells that you are not including.

5. Move the file to /etc/shells.

   # mv /tmp/shells /etc/shells

Troubleshooting Procedures and Tips for Mail Services (Task Map)

The following table describes troubleshooting procedures and tips for mail services.

Troubleshooting Procedures and Tips for Mail Services (Tasks)

This section provides some procedures and tips that you can use for troubleshooting problems with mail services.

How to Test the Mail Configuration

To test the changes that you make to your configuration file, follow these instructions.

1. Restart sendmail on any system that has a revised configuration file.

   # /etc/init.d/sendmail restart

2. Send test messages from each system.

   # /usr/lib/sendmail -v names </dev/null

   names

   Specify a recipient's email address.

   This command sends a null message to the specified recipient and displays the message activity on your monitor.

3. Send mail to yourself or other people on the local system by addressing the message to a regular user name.

4. (Optional) If you are connected to a network, send mail in three directions to someone on another system.

   • From the main system to a client system

   • From a client system to the main system

   • From a client system to another client system

5. (Optional) If you have a mail gateway, send mail from the mail host to another domain to ensure that the relay mailer and host are configured properly.

6. (Optional) If you have set up a UUCP connection on your phone line to another host, send mail to someone at that host. Have that person send mail back or call you when the message is received.

7. Ask someone to send mail to you over the UUCP connection.

   The sendmail program cannot detect whether the message is delivered because the program passes the message to UUCP for delivery.

8. From different systems, send a message to postmaster and ensure that the message is delivered to your postmaster's mailbox.

How to Check Mail Aliases

The following example shows you how to verify an alias.

% mconnect
connecting to host localhost (127.0.0.1), port 25
connection open
220 your.domain.com ESMTP Sendmail 8.12.6+Sun/8.12.6; Tue, 12 Nov 2002 13:34:13 -0800 (PST)
expn sandy
250 2.1.5 <sandy@phoenix.example.com>
quit
221 2.0.0 your.domain.com closing connection
% 

In this example, the mconnect program opened a connection to a mail server on a local host and enabled you to test that connection. The program runs interactively, so you can issue various diagnostic commands. For a complete description, see the mconnect(1) man page. The entry, expn sandy, provided the expanded address, sandy@phoenix.example.com. Thus, you have verified that mail can be delivered when using the alias, sandy.

Remember to avoid loops and inconsistent databases when both local and domain-wide aliases are used. Be especially careful to avoid the creation of alias loops when you move a user from one system to another system.

How to Test the sendmail Rule Sets

To check the input and returns of the sendmail rule sets, follow these instructions.

1. Change to address test mode.

   # /usr/lib/sendmail -bt

2. Test a mail address.

   Provide the following numbers and address at the last prompt (>).

   > 3,0 mail_address

   mail_address

   Use the mail address that you are testing.

3. End the session.

   Press Control-d.

The following is an example of the output.

% /usr/lib/sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> 3,0 sandy@phoenix
canonify           input: sandy @ phoenix
Canonify2          input: sandy < @ phoenix >
Canonify2        returns: sandy < @ phoenix . example . com . >
canonify         returns: sandy < @ phoenix . example . com . >
parse              input: sandy < @ phoenix . example . com . >
Parse0             input: sandy < @ phoenix . example . com . >
Parse0           returns: sandy < @ phoenix . example . com . >
ParseLocal         input: sandy < @ phoenix . example . com . >
ParseLocal       returns: sandy < @ phoenix . example . com . >
Parse1             input: sandy < @ phoenix . example . com . >
MailerToTriple     input: < mailhost . phoenix . example . com > 
     sandy < @ phoenix . example . com . >
MailerToTriple   returns: $# relay $@ mailhost . phoenix . example . com 
     $: sandy < @ phoenix . example . com . >
Parse1           returns: $# relay $@ mailhost . phoenix . example . com 
     $: sandy < @ phoenix . example . com . >
parse            returns: $# relay $@ mailhost . phoenix . example . com 
     $: sandy < @ phoenix . example . com . >

How to Verify Connections to Other Systems

The mconnect program opens a connection to a mail server on a host that you specify and enables you to test that connection. The program runs interactively, so you can issue various diagnostic commands. See the mconnect(1) man page for a complete description. The following example verifies that mail to the user name sandy is deliverable.

% mconnect phoenix

connecting to host phoenix (172.31.255.255), port 25
connection open
220 phoenix.example.com ESMTP Sendmail 8.12.0+Sun/8.12.0;Sun, 4 Sep 2001 3:52:56 -0700(PDT)
expn sandy
250 2.1.5 <sandy@phoenix.example.com>
quit

If you cannot use mconnect to connect to an SMTP port, check these conditions.

• Is the system load too high?

• Is the sendmail daemon running?

• Does the system have the appropriate /etc/mail/sendmail.cf file?

• Is port 25, the port that sendmail uses, active?

Logging Error Messages

Your mail service logs most error messages by using the syslogd program. By default, the syslogd program sends these messages to a system that is called loghost, which is specified in the /etc/hosts file. You can define loghost to hold all logs for an entire NIS domain. If no loghost is specified, error messages from syslogd are not reported.

The /etc/syslog.conf file controls where the syslogd program forwards messages. You can change the default configuration by editing the /etc/syslog.conf file. You must restart the syslog daemon for any changes to become active. To gather information about mail, you can add the following selections to the file.

• mail.alert – Messages about conditions that should be fixed now

• mail.crit – Critical messages

• mail.warning – Warning messages

• mail.notice – Messages that are not errors, but might need attention

• mail.info – Informational messages

• mail.debug – Debugging messages

The following entry in the /etc/syslog.conf file sends a copy of all critical, informational, and debug messages to /var/log/syslog.

mail.crit;mail.info;mail.debug			/var/log/syslog

Each line in the system log contains a timestamp, the name of the system that generated the line, and a message. The syslog file can log a large amount of information.

The log is arranged in a succession of levels. At the lowest level, only unusual occurrences are logged. At the highest level, even the most mundane and uninteresting events are recorded. As a convention, log levels under 10 are considered “useful.” Log levels that are higher than 10 are usually used for debugging. See the “Customizing System Message Logging” in System Administration Guide: Advanced Administration for information about loghost and the syslogd program.

Other Sources for Mail Diagnostic Information

For other diagnostic information, check the following sources.

• Look at the Received lines in the header of the message. These lines trace the route that the message took as the message was relayed. Remember to consider time–zone differences.

• Look at the messages from MAILER-DAEMON. These messages typically report delivery problems.

• Check the system log that records delivery problems for your group of systems. The sendmail program always records its activities in the system log. You might want to modify the crontab file to run a shell script nightly. The script searches the log for SYSERR messages and mails any messages that it finds to the postmaster.

• Use the mailstats program to test mail types and determine the number of incoming messages and outgoing messages.

Resolving Error Messages

This section describes how you can resolve some sendmail–related error messages that are in the Solaris 9 operating environment. You can also refer to http://www.sendmail.org/faq/.

The following error messages contain two or more of the following types of information.

• Cause: What might have happened to cause the message

• Description: What the user was doing when the error message occurred

• Action: What you can do to fix the problem or to continue with your work

• Technical Notes: Background information that might be interesting or helpful to a technical audience, such as developers

• See Also: Suggests further reading

451 timeout waiting for input during source

Cause: When sendmail reads from any source that might time out, such as an SMTP connection, the program sets a timer to the value of various Timeout options before reading begins. If the read is not completed before the timer expires, this message appears and reading stops. Usually, this situation occurs during RCPT. The mail message is then queued for later delivery.

Action: If you see this message often, increase the value of various Timeout options in the /etc/mail/sendmail.cf file. If the timer is already set to a large number, look for hardware problems, such as poor network cabling or connections.

See Also: For more information about the Timeout option, refer to Changes to the Timeout Option. If you are using online documentation, the term “timeouts” is a good search string.

550 hostname... Host unknown

Cause: This sendmail message indicates that the destination host machine, which is specified by the portion of the address after the at sign (@), was not found during domain name system (DNS) lookup.

Action: Use the nslookup command to verify that the destination host exists in that domain or other domains, perhaps with a slightly different spelling. Otherwise, contact the intended recipient and ask for a proper address.

550 username... User unknown

Cause: This sendmail message indicates that the intended recipient, who is specified by the portion of the address before the at sign (@), could not be located on the destination host machine.

Action: Check the email address and try again, perhaps with a slightly different spelling. If this remedy does not work, contact the intended recipient and ask for a proper address.

554 hostname... Local configuration error

Cause: This sendmail message usually indicates that the local host is trying to send mail to itself.

Action: Check the value of the $j macro in the /etc/mail/sendmail.cf file to ensure that this value is a fully qualified domain name.

Technical Notes: When the sending system provides its host name to the receiving system in the SMTP HELO command, the receiving system compares its name to the sender's name. If these names are the same, the receiving system issues this error message and closes the connection. The name that is provided in the HELO command is the value of the $j macro.

See Also: For additional information, refer to http://www.sendmail.org/faq/section4.html#4.5.

config error: mail loops back to myself.

Cause: This error message occurs if you set up an MX record and make host bar the mail exchanger for domain foo. However, you fail to configure host bar to know that it is the mail exchanger for domain foo.

Also, another possibility is that both the sending system and the receiving system are identifying as the same domain.

Action: For instructions, refer to http://www.sendmail.org/faq/section4.html#4.5.

host name configuration error

Action: Follow the instructions that were provided for resolving this error message, 554 hostname... Local configuration error.

Technical Notes: This is an old sendmail message, which replaced I refuse to talk to myself and is now replaced by the Local configuration error message.

user unknown

Description: When you try to send mail to a user, the error Username... user unknown is displayed. The user is on the same system.

Action: Check for a typographical error in the entered email address. Otherwise, the user could be aliased to a nonexistent email address in /etc/mail/aliases or in the user's .mailrc file. Also, check for uppercase characters in the user name. Preferably, email addresses should not be case sensitive.

See Also: For additional information, refer to http://www.sendmail.org/faq/section4.html#4.17.

Chapter 23 Mail Services (Reference)

The sendmail program is a mail transport agent. The program uses a configuration file to provide aliasing and forwarding, automatic routing to network gateways, and flexible configuration. The Solaris operating environment supplies standard configuration files that most sites can use. Chapter 21, Mail Services (Overview) provided an introduction to the components of mail services and a description of a typical mail service configuration. Chapter 22, Mail Services (Tasks) explained how to set up and administer an electronic mail system. This chapter provides information on the following topics.

• Solaris Version of sendmail

• Software and Hardware Components of Mail Services

• Mail Service Programs and Files

• Mail Addresses and Mail Routing

• Interactions of sendmail With Name Services

See Chapter 24, What's New With Mail Services (Reference) for a description of the new features that are included in version 8.12 of sendmail. You can also read about changes to mail.local, mailstats, makemap, and about a new maintenance utility, editmap. For details that are not covered in these chapters, see the man pages for sendmail(1M), mail.local(1M), mailstats(1), makemap(1M), and editmap(1M).

Solaris Version of sendmail

This section, which includes the following topics, describes some of the differences in the Solaris version of sendmail as compared to the generic Berkeley version.

• Flags Used and Not Used to Compile sendmail

• Alternative sendmail Commands

• Versions of the Configuration File

Flags Used and Not Used to Compile sendmail

The following tables list the flags that are used when compiling the version of sendmail that is delivered with the Solaris 9 release. If your configuration requires other flags, you need to download the source and recompile the binary. You can find information about this process at http://www.sendmail.org.

The following table lists generic flags that are not used to compile the version of sendmail that is delivered with the Solaris 9 release.

To see a list of the flags that are used to compile sendmail, use the following command.

% /usr/lib/sendmail -bt -d0.10 < /dev/null

The preceding command does not list the flags that are specific to Sun.

Alternative sendmail Commands

The Solaris release does not include all of the command synonyms that are provided in the generic release from Berkeley. This table includes a complete list of the command aliases. The table also lists whether the commands are included in the Solaris release and how to generate the same behavior by using sendmail.

Versions of the Configuration File

The Solaris 9 version of sendmail includes a configuration option that enables you to define the version of the sendmail.cf file. This option enables older configuration files to be used with the current version of sendmail. You can set the version level to values between 0 and 10. You can also define the vendor. Either Berkeley or Sun is a valid vendor option. If a version level is specified but no vendor is defined, Sun is used as the default vendor setting. The following table lists some of the valid options.

You are urged not to use V1/Sun. For more information, refer to http://www.sendmail.org/vendor/sun/differences.html#4.

For task information, refer to Building the sendmail.cf Configuration File (Task) in Chapter 22, Mail Services (Tasks).

Software and Hardware Components of Mail Services

This section describes the software and hardware components of a mail system.

• Software Components

• Hardware Components

Software Components

Each mail service includes at least one of each of the following software components.

• Mail User Agent

• Mail Transfer Agent

• Local Delivery Agent

This section also describes these software components.

• Mailers

• Mail Addresses

• Mailbox Files

• Mail Aliases

Mail User Agent

The mail user agent is the program that acts as the interface between the user and mail transfer agent. The sendmail program is a mail transfer agent. The Solaris operating environment supplies the following mail user agents.

• /usr/bin/mail

• /usr/bin/mailx

• $OPENWINHOME/bin/mailtool

• /usr/dt/bin/dtmail

Mail Transfer Agent

The mail transfer agent is responsible for the routing of mail messages and the resolution of mail addresses. This agent is also known as a mail transport agent. The transfer agent for the Solaris operating environment is sendmail. The transfer agent performs these functions.

• Accepts messages from the mail user agent

• Resolves destination addresses

• Selects a proper delivery agent to deliver the mail

• Receives incoming mail from other mail transfer agents

Local Delivery Agent

A local delivery agent is a program that implements a mail delivery protocol. The following local delivery agents are provided with the Solaris operating environment.

• The UUCP local delivery agent, which uses uux to deliver mail

• The local delivery agent, which is mail.local in the standard Solaris release

Chapter 24, What's New With Mail Services (Reference) provides information on these related topics.

• New Delivery Agent Flags

• New Equates for Delivery Agents

• Changes to mail.local

Mailers

Mailer is a sendmail-specific term. A mailer is used by sendmail to identify a specific instance of a customized local delivery agent or a customized mail transfer agent. You need to specify at least one mailer in your sendmail.cf file. For task information, refer to Building the sendmail.cf Configuration File (Task) in Chapter 22, Mail Services (Tasks). This section provides a brief description of two types of mailers.

• Simple Mail Transfer Protocol (SMTP) Mailers

• UNIX-to-UNIX Copy Program (UUCP) Mailers

For additional information about mailers, see http://www.sendmail.org/m4/readme.html or /usr/lib/mail/README.

Simple Mail Transfer Protocol (SMTP) Mailers

SMTP is the standard mail protocol that is used on the Internet. This protocol defines these mailers.

• smtp provides regular SMTP transfers to other servers

• esmtp provides extended SMTP transfers to other servers

• smtp8 provides SMTP transfers to other servers without converting 8–bit data to MIME

• dsmtp provides on-demand delivery by using the F=% mailer flag. Refer to Changes to the MAILER() Declaration and New Delivery Agent Flags in Chapter 24, What's New With Mail Services (Reference).

UNIX-to-UNIX Copy Program (UUCP) Mailers

If possible, avoid using UUCP. For an explanation, refer to http://www.sendmail.org/m4/uucp.html or do a search in /usr/lib/mail/README on this string: USING UUCP MAILERS.

UUCP defines these mailers.

uucp-old

Names in the $=U class are sent to uucp-old. uucp is the obsolete name for this mailer. The uucp-old mailer uses an exclamation-point address in the headers.

uucp-new

Names in the $=Y class are sent to uucp-new. Use this mailer when you know that the receiving UUCP mailer can manage multiple recipients in one transfer. suucp is the obsolete name for this mailer. The uucp-new mailer also uses an exclamation-point address in the headers.

If MAILER(smtp) is also specified in your configuration, two more mailers are defined.

uucp-dom

This mailer uses domain-style addresses and, basically, applies the SMTP rewriting rules.

uucp-uudom

Names in the $=Z class are sent to uucp-uudom. uucp-uudom and uucp-dom use the same header address format, domain-style addresses.

Because the smtp mailer modifies the UUCP mailer, always put MAILER(smtp) before MAILER(uucp) in your .mc file.

Mail Addresses

The mail address contains the name of the recipient and the system to which the mail message is delivered. When you administer a small mail system that does not use a name service, addressing mail is easy. The login names uniquely identify the users. Complexity is introduced if you are administering a mail system that has more than one system with mailboxes or that has one or more domains. Additional complexity can be generated if you have a UUCP (or other) mail connection to servers outside your network. The information in the following sections can help you understand the parts and complexities of a mail address.

• Domains and Subdomains

• Name Service Domain Name and Mail Domain Name

• Typical Format for Mail Addresses

• Route–Independent Mail Addresses

Domains and Subdomains

Email addressing uses domains. A domain is a directory structure for network address naming. A domain can have one or more subdomains. The domain and subdomains of an address can be compared to the hierarchy of a file system. Just as a subdirectory is considered to be inside the directory above it, each subdomain in a mail address is considered to be inside the location to its right.

The following table shows some top-level domains.

Domains are case insensitive. You can use uppercase, lowercase, or mixed-case letters in the domain part of an address without making any difference.

For more information about domains, refer to “Domain Name System (Overview)” in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

Name Service Domain Name and Mail Domain Name

When you are working with name service domain names and mail domain names, remember the following.

• By default, the sendmail program strips the first component from the NIS or NIS+ domain name to form the mail domain name. For example, if an NIS+ domain name were bldg5.example.com, its mail domain name would be example.com.

• Although mail domain addresses are case insensitive, the NIS or NIS+ domain name is not. For the best results, use lowercase characters when setting up the mail and NIS or NIS+ domain names.

• The DNS domain name and the mail domain name must be identical.

For more information, refer to Interactions of sendmail With Name Services.

Typical Format for Mail Addresses

Typically, a mail address has the following format. For further details, refer to Route–Independent Mail Addresses.

user@subdomain. ... .subdomain2.subdomain1.top-level-domain

The part of the address to the left of the @ sign is the local address. The local address can contain the following.

• Information about routing with another mail transport (for example, bob::vmsvax@gateway or smallberries%mill.uucp@gateway)

• An alias (for example, iggy.ignatz)

The receiving mailer is responsible for determining what the local part of the address means. For information about mailers, refer to Mailers.

The part of the address to the right of the @ sign shows the domain levels, which is where the local address resides. A dot separates each subdomain. The domain part of the address can be an organization, a physical area, or a geographic region. Furthermore, the order of domain information is hierarchical—the more local the subdomain, the closer the subdomain is to the @ sign.

Route–Independent Mail Addresses

Mail addresses can be route independent. Route-independent addressing requires the sender of an email message to specify the name of the recipient and the final destination. A high-speed network, such as the Internet, uses route-independent addresses. Route-independent addresses can have this format.

user@host.domain

Route-independent addresses for UUCP connections can have this address format.

host.domain!user

The increased popularity of the domain-hierarchical naming scheme for computers is making route-independent addresses more common. Actually, the most common route-independent address omits the host name and relies on the domain name service to properly identify the final destination of the email message.

user@domain

Route-independent addresses are first read by searching for the @ sign. The domain hierarchy is then read from the right (the highest level) to the left (the most specific part of the address to the right of the @ sign).

Mailbox Files

A mailbox is a file that is the final destination for email messages. The name of the mailbox can be the user name or the identity of a specific function, such as the postmaster. Mailboxes are in the /var/mail/username file, which can exist either on the user's local system or on a remote mail server. In either instance, the mailbox is on the system to which the mail is delivered.

Mail should always be delivered to a local file system so that the user agent can pull mail from the mail spool and store it readily in the local mailbox. Do not use NFS-mounted file systems as the destination for a user's mailbox. Specifically, do not direct mail to a mail client that is mounting the /var/mail file system from a remote server. Mail for the user, in this instance, should be addressed to the mail server and not to the client host name. NFS-mounted file systems can cause problems with mail delivery and handling.

The /etc/mail/aliases file and name services such as NIS and NIS+ provide mechanisms for creating aliases for electronic mail addresses. So, users do not need to know the precise local name of a user's mailbox.

The following table shows some common naming conventions for special-purpose mailboxes.

Starting with sendmail version 8, the envelope sender for mail that is sent to a group alias has been changed to the address that is expanded from the owner alias, if an owner alias exists. This change enables any mail errors to be sent to the alias owner, rather than being returned to the sender. With this change, users notice that mail that was sent to an alias looks as if the mail came from the alias owner, when delivered. The following alias format helps with some of the problems that are associated with this change.

mygroup: :include:/pathname/mygroup.list
owner-mygroup: mygroup-request
mygroup-request: sandys, ignatz

In this example, the mygroup alias is the actual mail alias for the group. The owner-mygroup alias receives error messages. The mygroup-request alias should be used for administrative requests. This structure means that in mail sent to the mygroup alias, the envelope sender changes to mygroup-request.

Mail Aliases

An alias is an alternate name. For email, you can use aliases to assign a mailbox location or to define mailing lists. For a task map, refer to Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks). Also, you can refer to Mail Alias Files in this chapter.

For large sites, the mail alias typically defines the location of a mailbox. Providing a mail alias is like providing a room number as part of the address for an individual at a large corporation that occupies multiple rooms. If you do not provide the room number, the mail is delivered to a central address. Without a room number, extra effort is required to determine where within the building the mail is to be delivered. So, the possibility of an error increases. For example, if two people who are named Kevin Smith are in the same building, only one of them might get mail. To correct the problem, each Kevin Smith should have a room number added to his address.

Use domains and location-independent addresses as much as possible when you create mailing lists. To enhance portability and flexibility of alias files, make your alias entries in mailing lists as generic and system independent as possible. For example, if you have a user who is named ignatz on system mars, in domain example.com, create the alias ignatz@example instead of ignatz@mars. If user ignatz changes the name of his system but remains within the example domain, you do not need to update alias files to reflect the change in system name.

When you create alias entries, type one alias per line. You should have only one entry that contains the user's system name. For example, you could create the following entries for user ignatz.

ignatz: iggy.ignatz
iggyi: iggy.ignatz
iggy.ignatz: ignatz@mars

You can create an alias for local names or domains. For example, an alias entry for user fred, who has a mailbox on the system mars and is in the domain planets, could have this entry in the NIS+ aliases table.

fred: fred@planets

When you create mail lists that include users outside your domain, create the alias with the user name and the domain name. For example, if you have a user who is named smallberries on system privet, in domain example.com, create the alias as smallberries@example.com. The email address of the sender is now automatically translated to a fully qualified domain name when mail goes outside the user's domain.

The following list describes methods for creating and administering mail alias files.

• You can create mail aliases for global use in the NIS+ mail_aliases table, the NIS aliases map, or in local /etc/mail/aliases files. You can also create and administer mailing lists that use the same alias files.

• Depending on the configuration of your mail services, you can administer aliases by using the NIS or NIS+ name service to maintain a global aliases database. Otherwise, you could update all the local /etc/mail/aliases files to keep the aliases synchronized.

• Users can also create and use aliases. Users can create aliases either in their local ~/.mailrc file, which only the user can use, or in their local /etc/mail/aliases file, which anyone can use. Users cannot normally create or administer NIS or NIS+ alias files.

Hardware Components

You can provide the three required elements of mail configuration in the same system or have separate systems provide these elements.

• Mail Host

• Mail Server

• Mail Client

When users are to communicate with networks outside your domain, you must also add a fourth element, a mail gateway. For more information, refer to Mail Gateway. The following sections describe each hardware component.

Mail Host

A mail host is the machine that you designate as the main mail machine on your network. A mail host is the machine to which other systems at the site forward mail that cannot be delivered. You designate a system as a mail host in the hosts database by adding the word mailhost to the right of the IP address in the local /etc/hosts file. Alternately, you can add the word mailhost similarly to the hosts file in the name service. You must also use the main.cf file as the mail configuration file on the mail host system. For detailed task information, refer to How to Set Up a Mail Host in Chapter 22, Mail Services (Tasks).

A good candidate for a mail host is a system on the local area network that also has a modem for setting up PPP or UUCP links over telephone lines. Another good candidate is a system that is configured as a router from your network to the Internet global network. For more information, refer to Chapter 25, Solaris PPP 4.0 (Overview), Chapter 34, Overview of UUCP, and “Configuring Routers” in System Administration Guide: IP Services. If no systems on your local network have a modem, designate a system as the mail host.

Some sites use standalone machines that are not networked in a time-sharing configuration. Specifically, the standalone machine serves terminals that are attached to its serial ports. You can set up electronic mail for this configuration by designating the standalone system as the mail host of a single-system network. Overview of the Hardware Components in Chapter 21, Mail Services (Overview) provides a figure that shows a typical email configuration.

Mail Server

A mailbox is a single file that contains email for a particular user. Mail is delivered to the system where the user's mailbox resides, which can be on a local machine or a remote server. A mail server is any system that maintains user mailboxes in its /var/mail directory. For task information, refer to How to Set Up a Mail Server in Chapter 22, Mail Services (Tasks).

The mail server routes all mail from a client. When a client sends mail, the mail server puts the mail in a queue for delivery. After the mail is in the queue, a user can reboot or turn off the client without losing those mail messages. When the recipient gets mail from a client, the path in the "From " line of the message contains the name of the mail server. If the recipient responds, the response goes to the user's mailbox. Good candidates for mail servers are systems that provide a home directory for users or systems that are backed up regularly.

If the mail server is not the user's local system, users in configurations that use NFS software can mount the /var/mail directory by using the /etc/vfstab file, if they have root access. Otherwise, users can use the automounter. If NFS support is not available, users can log in to the server to read their mail.

If users on your network send other types of mail, such as audio files or files from desktop publishing systems, you need to allocate more space on the mail server for mailboxes.

By establishing a mail server for all mailboxes, you can simplify your process of doing backups. Backups can be difficult to do when mail is spread over many systems. The disadvantage of storing many mailboxes on one server is that the server can be a single point of failure for many users. However, the advantages of providing good backups usually make the risk worthwhile.

Mail Client

A mail client is any system that receives mail on a mail server and does not have a local /var/mail directory. This type of configuration is known as remote mode. Remote mode is enabled by default in /etc/mail/subsidiary.cf.

You must check that the mail client has the appropriate entry in the /etc/vfstab file. Ensure that the mail client has a mount point to mount the mailbox from the mail server. Also, ensure that the alias for the client is directed to the mail server's host name, not to the client's name. For task information, refer to How to Set Up a Mail Client in Chapter 22, Mail Services (Tasks).

Mail Gateway

The mail gateway is a machine that handles connections between networks that run different communications protocols or communications between different networks that use the same protocol. For example, a mail gateway might connect a TCP/IP network to a network that runs the Systems Network Architecture (SNA) protocol suite.

The simplest mail gateway to set up is the mail gateway that connects two networks that use the same protocol or mailer. This system handles mail with an address for which sendmail cannot find a recipient in your domain. If a mail gateway exists, sendmail uses the gateway to send and receive mail outside your domain.

You can set up a mail gateway between two networks that use unmatched mailers, as shown in the next figure. To support this configuration, you must customize the sendmail.cf file on the mail gateway system, which can be a difficult and time-consuming process.

Figure 23–1 Gateway Between Different Communications Protocols

If you have to set up a mail gateway, you should find a gateway configuration file that is close to what you need and modify it to conform to your situation.

If you have a machine that provides connections to the Internet, you can configure that machine as the mail gateway. Carefully consider your site's security needs before you configure a mail gateway. You might need to create a firewall gateway between your corporate network and other networks, and set up that gateway as the mail gateway. For task information, refer to How to Set Up a Mail Gateway in Chapter 22, Mail Services (Tasks).

Mail Service Programs and Files

Mail services include many programs and daemons that interact with each other. This section introduces the files, programs, terms, and concepts that are related to administering electronic mail.

• Contents of the /usr/bin Directory

• Contents of the /etc/mail Directory

• Contents of the /usr/lib Directory

• Other Files Used for Mail Services

• Interactions of Mail Programs

• sendmail Program

• Mail Alias Files

• .forward Files

• /etc/default/sendmail File

Contents of the /usr/bin Directory

The following table shows the contents of the /usr/bin directory, which is used for mail services.

Contents of the /etc/mail Directory

The following table shows the contents of the /etc/mail directory.

Contents of the /usr/lib Directory

Table 23–9 shows the contents of the /usr/lib directory, which is used for mail services.

Contents of the /usr/lib/mail Directory

Within the /usr/lib directory is a subdirectory, mail, that contains all of the necessary files to build a sendmail.cf file. The contents of mail are shown in Table 23–10.

Other Files Used for Mail Services

Several other files and directories are used for mail services, as shown in Table 23–11.

Interactions of Mail Programs

Mail services are provided by a combination of the following programs, which interact as shown in the simplified illustration in Figure 23–2.

Figure 23–2 Interactions of Mail Programs

For a more detailed illustration, refer to the figure in sendmail Features.

The following is a description of the interactions of mail programs.

1. Users send messages by using programs such as mailx or mailtool. See the man pages for mailx(1) or mailtool(1) for information about these programs.

2. The message is collected by the program that generated the message, and the message is passed to the sendmail daemon.

3. The sendmail daemon parses the addresses (divides them into identifiable segments) in the message. The daemon uses information from the configuration file, /etc/mail/sendmail.cf, to determine network name syntax, aliases, forwarding information, and network topology. By using this information, sendmail determines which route a message must follow to get to a recipient.

4. The sendmail daemon passes the message to the appropriate system.

5. The /usr/lib/mail.local program on the local system delivers the mail to the mailbox in the /var/mail/username directory of the recipient of the message.

6. The recipient is notified that mail has arrived and retrieves the mail by using mail, mailx, mailtool, or a similar program.

sendmail Program

The following list describes some of the capabilities of the sendmail program.

• sendmail can use different types of communications protocols, such as TCP/IP and UUCP.

• sendmail implements an SMTP server, message queueing, and mailing lists.

• sendmail controls name interpretation by using a pattern-matching system that can work with the following naming conventions.

  • Domain-based naming convention. The domain technique separates the issue of physical versus logical naming. For more information on domains, refer to Mail Addresses.

  • Improvised techniques, such as providing network names that appear local to hosts on other networks.

  • Arbitrary (older) naming syntaxes.

  • Disparate naming schemes.

The Solaris operating environment uses the sendmail program as a mail router. The following list describes some of its functions.

• sendmail is responsible for receiving and delivering email messages.

• sendmail is an interface between mail-reading programs such as mail, mailx, and mailtool, and mail-transport programs such as uucp.

• sendmail controls email messages that users send.

  • By evaluating the recipients' addresses

  • By choosing an appropriate delivery program

  • By rewriting the addresses in a format that the delivery agent can handle

  • By reformatting the mail headers as required

  • By finally passing the transformed message to the mail program for delivery

For more information about the sendmail program, refer to the following topics.

• sendmail and Its Rerouting Mechanisms

• sendmail Features

• sendmail Configuration File

sendmail and Its Rerouting Mechanisms

The sendmail program supports three mechanisms for mail rerouting. The mechanism that you choose depends on the type of change that is involved.

• A server change

• A domain-wide change

• A change for one user

Additionally, the rerouting mechanism that you choose can affect the level of administration that is required. Consider the following options.

1. One rerouting mechanism is aliasing.

   Aliasing can map names to addresses on a server-wide basis or a name service-wide basis, depending on the type of file that you use.

   Consider the following advantages and disadvantages of name service aliasing.

   • The use of a name service alias file permits mail rerouting changes to be administered from a single source. However, name service aliasing can create lag time when the rerouting change is propagated.

   • Name service administration is usually restricted to a select group of system administrators. A normal user would not administer this file.

   Consider the following advantages and disadvantages of using a server alias file.

   • By using a server alias file, rerouting can be managed by anyone who can become root on the designated server.

   • Server aliasing should create little or no lag time when the rerouting change is propagated.

   • The change only affects the local server, which might be acceptable if most of the mail is sent to one server. However, if you need to propagate this change to many mail servers, use a name service.

   • A normal user would not administer this change.

   For more information, refer to Mail Alias Files in this chapter. For a task map, refer to Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

2. The next mechanism is forwarding.

   This mechanism permits users to administer mail rerouting. Local users can reroute their incoming mail to the following.

   • Another mailbox

   • A different mailer

   • Another mail host

   This mechanism is supported through the use of .forward files. For more information about these files, refer to .forward Files in this chapter. For a task map, refer to Administering .forward Files (Task Map) in Chapter 22, Mail Services (Tasks).

3. The last rerouting mechanism is inclusion.

   This mechanism allows users to maintain alias lists instead of requiring root access. To provide this feature, the root user must create an appropriate entry in the alias file on the server. After this entry is created, the user can reroute mail as necessary. For more information on inclusion, refer to /etc/mail/aliases File in this chapter. For a task map, refer to Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

Figure 23–3 shows how sendmail uses aliases. Programs that read mail, such as /usr/bin/mailx, can have aliases of their own, which are expanded before the message reaches sendmail. The aliases for sendmail can originate from a number of name service sources, such as local files, NIS, or NIS+. The order of the lookup is determined by the nsswitch.conf file. Refer to the nsswitch.conf(4) man page.

Figure 23–3 How sendmail Uses Aliases

sendmail Features

The sendmail program provides the following features.

• sendmail is reliable. The program is designed to correctly deliver every message. No message should ever become completely lost.

• sendmail uses existing software for delivery whenever possible.

• sendmail can be configured to handle complex environments, including multiple connections to a single network type, such as UUCP or Ethernet. sendmail checks the contents of an address as well as its syntax to determine which mailer to use.

• sendmail uses configuration files to control mail configuration instead of requiring that configuration information be compiled into the code.

• Users can maintain their own mailing lists. Additionally, individuals can specify their own forwarding mechanism without modifying the domain-wide alias file, typically located in the domain-wide aliases that are maintained by NIS or NIS+.

• Each user can specify a custom mailer to process incoming mail. The custom mailer can provide functions such as returning a message that reads: “I am on vacation.” See the vacation(1) man page for more information.

• sendmail batches addresses to a single host to reduce network traffic.

Figure 23–4 shows how sendmail interacts with the other programs in the mail system.

Figure 23–4 Interaction of sendmail With Other Mail Programs

As shown in Figure 23–4, the user interacts with a mail-generating and mail-sending program. When the mail is submitted, the mail-generating program calls sendmail, which routes the message to the correct mailers. Because some of the senders might be network servers and some of the mailers might be network clients, you can use sendmail as an Internet mail gateway. See Interactions of Mail Programs for a more detailed description of the process.

sendmail Configuration File

A configuration file controls the way that sendmail performs its functions. The configuration file determines the choice of delivery agents, address rewriting rules, and the format of the mail header.

The sendmail program uses the information from the /etc/mail/sendmail.cf file to perform its functions. Each system has a default sendmail.cf file that is installed in the /etc/mail directory. You do not need to edit or change the default configuration file for mail servers or mail clients. The only systems that require a customized configuration file are mail hosts and mail gateways.

The Solaris operating environment provides three default configuration files in the /etc/mail directory.

1. A configuration file that is named main.cf for the system, or systems, you designate as the mail host or a mail gateway.

2. A configuration file that is named subsidiary.cf, which is a duplicate copy of the default sendmail.cf file.

3. A configuration file that is named submit.cf, which is used to run sendmail in mail-submission program mode, instead of daemon mode. For more information, refer to New Configuration File, submit.cf.

The configuration file that you use on a system depends on the role of the system in your mail service.

• For mail clients or mail servers, you do not need to do anything to set up or edit the default configuration file.

• To set up a mail host or mail gateway, copy the main.cf file and rename the file to sendmail.cf in the /etc/mail directory. Then reconfigure the sendmail configuration file to set the relay mailer and relay host parameters that are needed for your mail configuration. For task information, refer to Setting Up Mail Services (Task Map) or Building the sendmail.cf Configuration File (Task) in Chapter 22, Mail Services (Tasks).

The following list describes some configuration parameters that you can change, depending on the requirements of your site.

• Time values, which specify the following information.

  • Read timeouts. Refer to Changes to the Timeout Option.

  • Length of time a message remains undelivered in the queue before the message is returned to the sender. Refer to New Queue Features. For a task map, refer to Administering the Queue Directories (Task Map).

• Delivery modes, which specify how quickly mail is delivered.

• Load limits, which increase efficiency during busy periods by not attempting to deliver large messages, messages to many recipients, and messages to sites that have been down for a long time.

• Log level, which specifies the kinds of problems that are logged.

Mail Alias Files

You can use any of the following files, maps, or tables to maintain aliases.

• .mailrc Aliases

• /etc/mail/aliases File

• NIS aliases Map

• NIS+ mail_aliases Table

Your method of maintaining aliases depends on who uses the alias and who needs to be able to change the alias. Each type of alias has unique format requirements.

If you are looking for task information, refer to Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

.mailrc Aliases

Aliases that are listed in a .mailrc file are accessible only by the user who owns the file. This restriction enables users to establish an alias file that they control and that is usable only by its owner. Aliases in a .mailrc file adhere to the following format.

alias aliasname value value value ...

aliasname is the name that the user uses when sending mail, and value is a valid email address.

If a user establishes a personal alias for scott that does not match the email address for scott in the name service, mail is routed to the wrong person when people try to reply to mail that is generated by this user. The only workaround is to use any of the other aliasing mechanisms.

/etc/mail/aliases File

Any alias that is established in the /etc/mail/aliases file can be used by any user who knows the name of the alias and the host name of the system that contains the file. Distribution list formats in a local /etc/mail/aliases file adhere to the following format.

aliasname: value,value,value ...

aliasname is the name that the user uses when sending mail to this alias, and value is a valid email address.

If your network is not running a name service, the /etc/mail/aliases file of each system should contain entries for all mail clients. You can either edit the file on each system or edit the file on one system and copy the file to each of the other systems.

The aliases in the /etc/mail/aliases file are stored in text form. When you edit the /etc/mail/aliases file, you need to run the newaliases program. This program recompiles the database and makes the aliases available in binary form to the sendmail program. For task information, refer to How to Set Up a Local Mail Alias File in Chapter 22, Mail Services (Tasks). Otherwise, you can use the AdminTool's Database Manager to administer the mail aliases that are stored in the local /etc files.

You can create aliases for only local names—a current host name or no host name. For example, an alias entry for user ignatz who has a mailbox on the system saturn would have the following entry in the /etc/mail/aliases file.

ignatz: ignatz@saturn

You should create an administrative account for each mail server. You create such an account by assigning a mailbox on the mail server to root and by adding an entry for root to the /etc/mail/aliases file. For example, if the system saturn is a mailbox server, add the entry root: sysadmin@saturn to the /etc/mail/aliases file.

Normally, only the root user can edit this file. However, when you use the AdminTool, all users in group 14, which is the sysadmin group, can change the local file. Another option is to create the following entry.

aliasname: :include:/path/aliasfile

aliasname is the name that the user uses when sending mail, and /path/aliasfile is the full path to the file that contains the alias list. The alias file should include email entries, one entry on each line, and no other notations.

user1@host1
user2@host2

You can define additional mail files in /etc/mail/aliases to keep a log or a backup copy. The following entry stores all mail that is sent to aliasname in filename.

aliasname: /home/backup/filename

You can also route the mail to another process. The following example stores a copy of the mail message in filename and prints a copy.

aliasname: "|tee -a /home/backup/filename |lp"

For a task map, refer to Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

NIS aliases Map

All users in a local domain can use the entries that are in the NIS aliases map. The reason is that the sendmail program can use the NIS aliases map instead of the local /etc/mail/aliases files to determine mailing addresses. For more information, refer to the nsswitch.conf(4) man page.

Aliases in the NIS aliases map adhere to the following format.

aliasname: value,value,value ...

aliasname is the name that the user uses when sending mail, and value is a valid email address.

The NIS aliases map should contain entries for all mail clients. In general, only the root user on the NIS master can change these entries. This type of alias might not be a good choice for aliases that are constantly changing. However, such aliases can be useful if the aliases point to another alias file, as in the following syntax example.

aliasname: aliasname@host

aliasname is the name that the user uses when sending mail, and host is the host name for the server that contains an /etc/mail/alias file.

For task information, refer to How to Set Up an NIS mail.aliases Map in Chapter 22, Mail Services (Tasks).

NIS+ mail_aliases Table

The NIS+ mail_aliases table contains the names by which a system or person is known in the local domain. The sendmail program can use the NIS+ mail_aliases table, instead of the local /etc/mail/aliases files, to determine mailing addresses. Refer to the aliasadm(1M) and nsswitch.conf(4) man pages for more information.

Aliases in the NIS+ mail_aliases table adhere to the following format:

alias: expansion # ["options	" # "comments"]

Table 23–12 describes the four columns that are in an NIS+ mail_aliases table.

The NIS+ mail_aliases table should contain entries for all mail clients. You can list, create, modify, and delete entries in the NIS+ aliases table with the aliasadm command. To use the aliasadm command, you must be a member of the NIS+ group that owns the aliases table. For task information, refer to How to Manage Alias Entries in an NIS+ mail_aliases Table in Chapter 22, Mail Services (Tasks). Alternately, you can use the AdminTool's Database Manager to administer the NIS+ mail aliases.

If you are creating a new NIS+ aliases table, you must initialize the table before you create the entries. If the table exists, no initialization is needed.

.forward Files

Users can create a .forward file in their home directories that sendmail, along with other programs, can use to redirect mail or send mail. Refer to the following topics.

• Situations to Avoid

• Controls for .forward files

• .forward.hostname File

• .forward+detail File

For a task map, refer to Administering .forward Files (Task Map) in Chapter 22, Mail Services (Tasks).

Situations to Avoid

The following list describes some situations that you can avoid or easily fix.

• If mail is not being delivered to the expected address, check the user's .forward file. The user might have put the .forward file in the home directory of host1, which forwards mail to user@host2. When the mail arrives at host2, sendmail checks for user in the NIS or NIS+ aliases and sends the message back to user@host1, which results in a loop and more bounced mail.

• To avoid security problems, never put .forward files in the root and bin accounts. If necessary, forward the mail by using the aliases file instead.

Controls for .forward files

For the .forward files to be an effective part of mail delivery, ensure that the following controls (mostly permissions settings) are correctly applied.

• The .forward file must be writable only by the owner of the file. This restriction prevents other users from breaking security.

• The paths that lead to the home directory must be owned and writable by root only. For example, if a .forward file is in /export/home/terry, /export and /export/home must be owned and writable by root only.

• The actual home directory should be writable only by the user.

• The .forward file cannot be a symbolic link, and this file cannot have more than one hard link.

.forward.hostname File

You can create a .forward.hostname file to redirect mail that is sent to a specific host. For example, if a user's alias has changed from sandy@phoenix.example.com to sandy@example.com, place a .forward.phoenix file in the home directory for sandy.

% cat .forward.phoenix
sandy@example.com
"|/usr/bin/vacation sandy"
% cat .vacation.msg
From: sandy@example.com (via the vacation program)
Subject: my alias has changed

My alias has changed to sandy@example.com.
Please use this alias in the future.
The mail that I just received from you
has been forwarded to my new address.

Sandy

In this example, mail can be forwarded to the correct place while the sender is notified of the alias change. Because the vacation program permits only one message file, you can forward only one message at a time. However, if the message is not host specific, one vacation message file can be used by .forward files for many hosts.

.forward+detail File

Another extension to the forwarding mechanism is the .forward+detail file. The detail string can be any sequence of characters except operator characters. The operator characters are .:%&!^[]+. By using this type of file, you can determine if someone else is using your email address without your knowledge. For instance, if a user tells someone to use the email address sandy+test1@example.com, the user would be able to identify any future mail that was delivered to this alias. By default, any mail that is sent to the sandy+test1@example.com alias is checked against the alias and the .forward+detail files. If no matches are made, the mail falls back to delivery to sandy@example.com, but the user is able to see a change in the To: mail header.

/etc/default/sendmail File

This file is used to store startup options for sendmail so that the options are not removed when a host is upgraded. The following variables can be used.

CLIENTOPTIONS=“string”

Selects additional options to be used with the client daemon, which looks in the client-only queue (/var/spool/clientmqueue) and acts as a client queue runner. No syntax checking is done, so be careful when making changes to this variable.

CLIENTQUEUEINTERVAL=#

Similar to the QUEUEINTERVAL option, CLIENTQUEUEINTERVAL sets the time interval for mail queue runs. However, the CLIENTQUEUEINTERVAL option controls the functions of the client daemon, instead of the functions of the master daemon. Typically, the master daemon is able to deliver all messages to the SMTP port. However, if the message load is too high or the master daemon is not running, then messages go into the client-only queue, /var/spool/clientmqueue. The client daemon, which checks in the client-only queue, then acts as a client queue processor.

ETRN_HOSTS=“string”

Enables an SMTP client and server to interact immediately without waiting for the queue run intervals, which are periodic. The server can immediately deliver the portion of its queue that goes to the specified hosts. For more information, refer to the etrn(1M) man page.

MODE=-bd

Selects the mode to start sendmail with. Use the -bd option or leave it undefined.

OPTIONS=string

Selects additional options to be used with the master daemon. No syntax checking is done, so be careful when making changes to this variable.

QUEUEINTERVAL=#

Sets the interval for mail queue runs on the master daemon. # can be a positive integer that is followed by either s for seconds, m for minutes, h for hours, d for days, or w for weeks. The syntax is checked before sendmail is started. If the interval is negative or if the entry does not end with an appropriate letter, the interval is ignored and sendmail starts with a queue interval of 15 minutes.

QUEUEOPTIONS=p

Enables one persistent queue runner that sleeps between queue run intervals, instead of a new queue runner for each queue run interval. You can set this option to p, which is the only setting available. Otherwise, this option is not set.

Mail Addresses and Mail Routing

The path that a mail message follows during delivery depends on the setup of the client system and the topology of the mail domain. Each additional level of mail hosts or mail domains can add another alias resolution, but the routing process is basically the same on most hosts.

You can set up a client system to receive mail locally. Receiving mail locally is known as running sendmail in local mode. Local mode is the default for all mail servers and some clients. On a mail server or a mail client in local mode, a mail message is routed the following way.

The following example assumes that you are using the default rule set in the sendmail.cf file.

1. Expand the mail alias, if possible, and restart the local routing process.

   The mail address is expanded by checking for the mail alias in the name service and substituting the new value, if a new value is found. This new alias is then checked again.

2. If the mail is local, deliver the mail to /usr/lib/mail.local.

   The mail is delivered to a local mailbox.

3. If the mail address includes a host in this mail domain, deliver the mail to that host.

4. If the address does not include a host in this domain, forward the mail to the mail host.

   The mail host uses the same routing process as the mail server. However, the mail host can receive mail that is addressed to the domain name as well as to the host name.

Interactions of sendmail With Name Services

This section describes domain names as they apply to sendmail and name services. Furthermore, this section describes the rules for effective use of name services, and the specific interactions of sendmail with name services. For details, refer to the following topics.

• sendmail.cf and Mail Domains

• sendmail and Name Services

• Interactions of NIS and sendmail

• Interactions of sendmail With NIS and DNS

• Interactions of NIS+ and sendmail

• Interactions of sendmail With NIS+ and DNS

If you are looking for related task information, refer to How to Use DNS With sendmail or Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

sendmail.cf and Mail Domains

The standard sendmail.cf file uses mail domains to determine whether mail is delivered directly or through a mail host. Intradomain mail is delivered through a direct SMTP connection, while interdomain mail is forwarded to a mail host.

In a secure network, only a few selected hosts are authorized to generate packets that are targeted to external destinations. Even if a host has the IP address of the remote host that is external to the mail domain, the establishment of an SMTP connection is not guaranteed. The standard sendmail.cf assumes the following.

• The current host is not authorized to send packets directly to a host outside the mail domain.

• The mail host is capable of forwarding the mail to an authorized host that can transmit packets directly to an external host. Actually, the mail host can be an authorized host.

With these assumptions, the mail host is responsible for delivering or forwarding interdomain mail.

sendmail and Name Services

sendmail imposes various requirements on name services. To improve your understanding of these requirements, this section first describes the relationship of mail domains to name service domains. Then the section describes the various requirements. Refer to the following.

• Mail Domains and Name Service Domains

• Host Name Service Data

• Man pages for in.named(1M), nis+(1), nisaddent(1M), and nsswitch.conf(4)

Mail Domains and Name Service Domains

The mail domain name must be a suffix of the name service domain. For example, if the domain name of the name service is A.B.C.D, the mail domain name could be one of the following.

• A.B.C.D

• B.C.D

• C.D

• D

When first established, the mail domain name is often identical to the name service domain. As the network grows, the name service domain can be divided into smaller pieces to make the name service more manageable. However, the mail domain often remains undivided to provide consistent aliasing.

Host Name Service Data

This section describes the requirements that sendmail imposes on name services.

A host table or map in a name service must be set up to support three types of gethostbyname() queries.

• mailhost – Some name service configurations satisfy this requirement automatically.

• Full host name (for example, smith.admin.acme.com) – Many name service configurations satisfy this requirement.

• Short host name (for example, smith) – sendmail must connect to the mail host in order to forward external mail. To determine if a mail address is within the current mail domain, gethostbyname() is invoked with the full host name. If the entry is found, the address is considered internal.

  NIS, NIS+, and DNS support gethostbyname() with a short host name as an argument, so this requirement is automatically satisfied.

Two additional rules about the host-name service need to be followed to establish efficient sendmail services within a name service.

• gethostbyname() with full host-name argument and short host-name argument should yield consistent results. For example, gethostbyname(smith.admin.acme.com) should return the same result as gethostbyname(smith), if both functions are called from the mail domain admin.acme.com.

• For all name service domains under a common mail domain, gethostbyname() with a short host name should yield the same result. For example, if the mail domain smith.admin.acme.com is given, gethostbyname(smith) should return the same result when the call originates from either the ebb.admin.acme.com domain or the esg.admin.acme.com domain. The mail domain name is usually shorter than the name service domain, which gives this requirement special implications for various name services.

For more information about the gethostbyname() function, refer to the gethostbyname(3NSL) man page.

Interactions of NIS and sendmail

The following list describes the interactions of sendmail and NIS and provides some guidance.

• Mail domain name – If you are setting up NIS as the primary name service, sendmail automatically strips the first component of the NIS domain name and uses the result as the mail domain name. For example, ebs.admin.acme.com becomes admin.acme.com.

• Mail host name – You must have a mailhost entry in the NIS host map.

• Full host names – The normal NIS setup does not “understand” the full host name. Rather than trying to make NIS understand the full host name, turn off this requirement from the sendmail side by editing the sendmail.cf file and replacing all occurrences of %l with %y. This change turns off sendmail's interdomain mail detection. If the target host can be resolved to an IP address, a direct SMTP delivery is attempted. Ensure that your NIS host map does not contain any host entry that is external to the current mail domain. Otherwise, you need to further customize the sendmail.cf file.

• Matching full host names and short host names – Follow the previous instructions on how to turn off gethostbyname() for a full host name.

• Multiple NIS domains in one mail domain – All NIS host maps under a common mail domain should have the same set of host entries. For example, the host map in the ebs.admin.acme.com domain should be the same as the host map in the esg.admin.acme.com. Otherwise, one address might work in one NIS domain, but fail in the other NIS domain.

For task information, refer to Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

Interactions of sendmail With NIS and DNS

The following list describes the interactions of sendmail with NIS and DNS and provides some guidance.

• Mail domain name – If you are setting up NIS as the primary name service, sendmail automatically strips the first component of the NIS domain name and uses the result as the mail domain name. For example, ebs.admin.acme.com becomes admin.acme.com.

• Mail host name – When the DNS forwarding feature is turned on, queries that NIS cannot resolve are forwarded to DNS, so you do not need a mailhost entry in the NIS host map.

• Full host names – Although NIS does not “understand” full host names, DNS does understand. This requirement is satisfied when you follow the regular procedure for setting up NIS and DNS.

• Matching full host names and short host names – For every host entry in the NIS host table, you must have a corresponding host entry in DNS.

• Multiple NIS domains in one mail domain – All NIS host maps under a common mail domain should have the same set of host entries. For example, the host map in the ebs.admin.acme.com domain should be the same as the host map in the esg.admin.acme.com domain. Otherwise, one address might work in one NIS domain, but fail in the other NIS domain.

For task information, refer to How to Use DNS With sendmail and Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

Interactions of NIS+ and sendmail

The following list describes the interactions of sendmail with NIS+ and provides some guidance.

• Mail domain name - If you are setting up NIS+ as your primary name service, sendmail can check the mail domain from the NIS+ sendmailvars table. This NIS+ table has one key column and one value column. To set up your mail domain, you must add one entry to this table. This entry should have the key column set to the literal string maildomain and the value column set to your mail domain name. An example is admin.acme.com. Although NIS+ allows any string in the sendmailvars table, the suffix rule still applies for the mail system to work correctly. You can use nistbladm to add the maildomain entry to the sendmailvars table. Notice in the following example that the mail domain is a suffix of the NIS+ domain.

  nistbladm -A key="maildomain" value=<mail domain> sendmailvars.org_dir.<NIS+ domain>

• Mailhost host name - You must have a mailhost entry in the NIS+ hosts table.

• Full host names – NIS+ “understands” the full host name. Following the regular NIS+ setup procedure satisfies this requirement.

• Matching full host names and short host names – To satisfy this requirement, you can duplicate the entries in the host table. Otherwise, you can enter all host entries in the user name service domains into a master host table at mail domain level.

• Multiple NIS domains in one mail domain – To satisfy this requirement, you can duplicate the entries in all the host tables. Otherwise, you can type all host entries in the user name service domains into a master host table at mail domain level. Effectively, you are merging multiple host tables that are logical or physcial into one host table. Therefore, the same host name cannot be reused in the multiple name service domain that shares a common mail domain.

For task information, refer to Administering Mail Alias Files (Task Map) in Chapter 22, Mail Services (Tasks).

Interactions of sendmail With NIS+ and DNS

The following list describes the interactions of sendmail with NIS+ and DNS and provides some guidance.

• Mail domain name – If you are setting up NIS+ as your primary name service, sendmail can check the mail domain from the NIS+ sendmailvars table. This NIS+ table has one key column and one value column. To set up your mail domain, you must add one entry to this table. This entry should have the key column set to the literal string maildomain and the value column set to your mail domain name. An example is admin.acme.com. Although NIS+ allows any string in the sendmailvars table, the suffix rule still applies for the mail system to work correctly. You can use nistbladm to add the maildomain entry to the sendmailvars table. Notice in the following example that the mail domain is a suffix of the NIS+ domain.

  nistbladm -A key="maildomain" value=<mail domain> sendmailvars.org_dir.<NIS+ domain>

• Mailhost host name – If your network uses both NIS+ and DNS as the source for the host database, you can put the mailhost entry in either the NIS+ or DNS host table. Ensure that your users include both NIS+ and DNS as the source for the host database in the /etc/nsswitch.conf file.

• Full host names – Both NIS+ and DNS “understand” full host names. Following the regular NIS+ and DNS setup procedures satisfies this requirement.

• Matching full host names and short host names – For every host entry in the NIS+ host table, you must have a corresponding host entry in DNS.

• Multiple NIS domains in one mail domain – To satisfy this requirement, you can duplicate the entries in all the host tables Alternately, you can type all host entries in the user name service domains into a master host table at the mail domain level.

For task information, refer to Administering Mail Alias Files (Task Map) and How to Use DNS With sendmail in Chapter 22, Mail Services (Tasks).

Chapter 24 What's New With Mail Services (Reference)

Chapter 21, Mail Services (Overview) provides an introduction to the components of mail services and a description of a typical mail configuration. Chapter 22, Mail Services (Tasks) explains how to set up and administer an electronic mail system with standard configuration files. Chapter 23, Mail Services (Reference) describes in greater detail the components of mail services. Chapter 23, Mail Services (Reference) also describes the mail service programs and files, the mail routing process, and the interactions of sendmail with name services. This chapter describes the new features that are included in version 8.12 of sendmail, the version that is in this Solaris 9 release. You can also read about changes to mail.local, mailstats, and makemap. This chapter also describes a new maintenance utility, editmap. The following list can help you in your search on a specific topic.

• Changes to sendmail

• Changes to mail.local

• Changes to mailstats

• Changes to makemap

• New Command, editmap

• Other Changes and Features of Interest

Changes to sendmail

This section contains information on the following topics.

• New Configuration File, submit.cf

• New or Deprecated Command-Line Options

• New and Revised Configuration File Options and Related Topics

• New Defined Macros for sendmail

• New and Revised m4 Configuration Macros for sendmail

• New Delivery Agent Flags

• New Equates for Delivery Agents

• New Queue Features

• Changes for LDAP in sendmail

• New Built-in Mailer Feature

• New Rule Sets

• Changes to Files

• IPv6 Addresses in Configuration

New Configuration File, submit.cf

Version 8.12 of sendmail includes an additional configuration file, /etc/mail/submit.cf. This new file, submit.cf, is used to run sendmail in mail-submission program mode instead of daemon mode. Mail-submission program mode, unlike daemon mode, does not require root privilege, so this new paradigm provides better security.

See the following list of functions for submit.cf:

• sendmail uses submit.cf to run in mail submission program (MSP) mode, which submits email messages and can be invoked by programs (such as mailx), as well as by users. Refer to the description of the -Ac option and the -Am option in New or Deprecated Command-Line Options.

• submit.cf is used in the following operating modes:

  • -bm, which is the default operating mode

  • -bs, which uses standard input to run SMTP

  • -bt, which is the test mode that is used to resolve addresses

• sendmail, when using submit.cf, does not run as an SMTP daemon.

• sendmail, when using submit.cf, uses /var/spool/clientmqueue, the client-only mail queue, which holds messages that were not delivered to the sendmail daemon. Messages in the client-only queue are delivered by the client “daemon,” which is really acting as a client queue runner.

• By default, sendmail uses submit.cf periodically to run the MSP queue (otherwise known as the client-only queue), /var/spool/clientmqueue.

  /usr/lib/sendmail -Ac -q15m

Note the following:

• submit.cf is provided automatically when you install or upgrade to the Solaris 9 operating environment.

• submit.cf requires no planning or preliminary procedures prior to the installation of the Solaris 9 operating environment.

• Unless you specify a configuration file, sendmail automatically uses submit.cf as required. Basically, sendmail knows which tasks are appropriate for submit.cf and which tasks are appropriate for sendmail.cf.

• submit.cf is not to be modified.

Functions That Distinguish sendmail.cf From submit.cf

The sendmail.cf configuration file is for the daemon mode. When using this file, sendmail is acting as a mail transfer agent (MTA), which is started by root.

/usr/lib/sendmail -L sm-mta -bd -q1h

See the following list of other distinguishing functions for sendmail.cf:

• By default, sendmail.cf accepts SMTP connections on ports 25 and 587.

• By default, sendmail.cf runs the main queue, /var/spool/mqueue.

Functional Changes in sendmail

With the addition of submit.cf, the following functional changes have occurred:

• In version 8.12 of sendmail, only root can run the mail queue. For further details, refer to the changes that are described in the mailq(1) man page. For new task information, refer to Administering the Queue Directories (Task Map).

• The mail-submission program mode runs without root privilege, which might prevent sendmail from having access to certain files (such as the .forward files). Therefore, the -bv option for sendmail could give the user misleading output. No workaround is available.

• Prior to sendmail version 8.12, if you were not running the sendmail daemon (that is, running in daemon mode), you would only prevent the delivery of inbound mail. Now, in sendmail version 8.12, if you are not running the sendmail daemon with the default configuration, you also prevent the delivery of outbound mail. The client queue runner (also known as the mail submission program) must be able to submit mail to the daemon on the local SMTP port. If the client queue runner tries to open an SMTP session with the local host and the daemon is not listening on the SMTP port, the mail remains in the queue. The default configuration does run a daemon, so this problem does not occur if you are using the default configuration. However, if you have disabled your daemon, refer to Managing Mail Delivery by Using an Alternate Configuration (Task) for a way to resolve this problem.

New or Deprecated Command-Line Options

The following table describes new command-line options for sendmail. Other command-line options are described in the sendmail(1M) man page.

New and Revised Configuration File Options and Related Topics

This section contains a table of new and revised configuration file options and information on the following related topics.

• Deprecated and Unsupported Configuration File Options for sendmail

• New ClientPortOptions Option

• Changes to DaemonPortOptions Option

• Additional Arguments for the PidFile and ProcessTitlePrefix Options

• Changes to the PrivacyOptions Option

• Changes to the Timeout Option

When you declare these options, use one of the following syntaxes.

O OptionName=argument          # for the configuration file
-OOptionName=argument          # for the command line
define(`m4Name',argument)     # for m4 configuration

If you need to build a new sendmail.cf file, refer to Building the sendmail.cf Configuration File (Task) in Chapter 22, Mail Services (Tasks).

The following table describes new and revised options for sendmail.

Deprecated and Unsupported Configuration File Options for sendmail

Refer to the following table for a list of deprecated configuration file options. The table includes the AutoRebuildAliases option, which is not in version 8.12 of sendmail.

New ClientPortOptions Option

The new ClientPortOptions option is for outgoing connections and is similar to the DaemonPortOptions option. This option sets the client SMTP options, which are a sequence of key=value pairs. To declare this option, use one of the following syntaxes. For formatting purposes, the example includes two pairs. However, you can apply one or more pairs.

O ClientPortOptions=pair,pair              # for the configuration file
-OClientPortOptions=pair,pair              # for the command line
define(`confCLIENT_OPTIONS',`pair,pair')   # for m4 configuration

If you need to build a new sendmail.cf file, refer to Building the sendmail.cf Configuration File (Task) in Chapter 22, Mail Services (Tasks).

The following table describes the new keys for this option.