Changes From Version 8.12 of sendmail
This section contains information about the following topics.
Support for TCP Wrappers From Version 8.12 of sendmail
TCP wrappers provide a way of implementing access controls by checking the address of
a host requesting a particular network service against an access control list (ACL). Requests are
granted or denied, accordingly. Besides providing this access control mechanism, TCP wrappers also log
host requests for network services, which is a useful monitoring function. Examples of network
services that might be placed under access control include rlogind, telnetd, and ftpd.
Starting with version 8.12, sendmail enables the use of TCP wrappers. This check
does not bypass other security measures. By enabling TCP wrappers in sendmail, a
check has been added to validate the source of a network request before the
request is granted. See the hosts_access(4) man page.
Note - Support for TCP wrappers in inetd(1M) and sshd(1M) started with the Solaris 9 release.
For information about ACLs, see Using Access Control Lists to Protect Files in System Administration Guide: Security Services.
submit.cf Configuration File From Version 8.12 of sendmail
Starting with version 8.12, sendmail includes an additional configuration file, /etc/mail/submit.cf. This file, submit.cf, is used
to run sendmail in mail-submission program mode instead of daemon mode. Mail-submission program mode, unlike
daemon mode, does not require root privilege, so this new paradigm provides better security.
See the following list of functions for submit.cf:
sendmail uses submit.cf to run in mail-submission program (MSP) mode, which submits email messages and can be started by programs (such as mailx), as well as by users. Refer to the descriptions of the -Ac option and the -Am option in the sendmail(1M) man page.
submit.cf is used in the following operating modes:
-bm, which is the default operating mode
-bs, which uses standard input to run SMTP
-bt, which is the test mode that is used to resolve addresses
sendmail, when using submit.cf, does not run as an SMTP daemon.
sendmail, when using submit.cf, uses /var/spool/clientmqueue, the client-only mail queue, which holds messages that were not delivered to the sendmail daemon. Messages in the client-only queue are delivered by the client “daemon,” which is really acting as a client queue runner.
By default, sendmail uses submit.cf periodically to run the MSP queue (otherwise known as the client-only queue), /var/spool/clientmqueue.
/usr/lib/sendmail -Ac -q15m
Note the following:
Starting with the Solaris 9 release, submit.cf is provided automatically.
submit.cf does not require any planning or preliminary procedures prior to the installation of the Solaris 9 release or a more recent release.
Unless you specify a configuration file, sendmail automatically uses submit.cf as required. Basically, sendmail knows which tasks are appropriate for submit.cf and which tasks are appropriate for sendmail.cf.
submit.cf is not to be modified.
Functions That Distinguish sendmail.cf From submit.cf
The sendmail.cf configuration file is for the daemon mode. When using this file, sendmail
is acting as a mail transfer agent (MTA), which is started by root.
/usr/lib/sendmail -L sm-mta -bd -q1h
See the following list of other distinguishing functions for sendmail.cf:
By default, sendmail.cf accepts SMTP connections on ports 25 and 587.
By default, sendmail.cf runs the main queue, /var/spool/mqueue.
Functional Changes From Version 8.12 of sendmail
With the addition of submit.cf, the following functional changes have occurred:
Starting with version 8.12 of sendmail, only root can run the mail queue. For further details, refer to the changes that are described in the mailq(1) man page. For new task information, refer to Administering the Queue Directories (Task Map).
The mail-submission program mode runs without root privilege, which might prevent sendmail from having access to certain files (such as the .forward files). Therefore, the -bv option for sendmail could give the user misleading output. No workaround is available.
Prior to sendmail version 8.12, if you were not running sendmail in daemon mode, you would only prevent the delivery of inbound mail. Starting with sendmail version 8.12, if you are not running the sendmail daemon with the default configuration, you also prevent the delivery of outbound mail. The client queue runner (also known as the mail submission program) must be able to submit mail to the daemon on the local SMTP port. If the client queue runner tries to open an SMTP session with the local host and the daemon is not listening on the SMTP port, the mail remains in the queue. The default configuration does run a daemon, so this problem does not occur if you are using the default configuration. However, if you have disabled your daemon, refer to Managing Mail Delivery by Using an Alternate Configuration for a way to resolve this problem.
Additional or Deprecated Command-Line Options From Version 8.12 of sendmail
The following table describes additional or deprecated command-line options for sendmail. Other command-line options are
described in the sendmail(1M) man page.
Table 14-19 Additional or Deprecated Command-Line Options From Version 8.12 of sendmail
Option |
Description |
|---|
-Ac |
Indicates that you want to use the configuration file, submit.cf,
even if the operation mode does not indicate an initial mail submission. For more
information about submit.cf, refer to submit.cf Configuration File From Version 8.12 of sendmail. |
-Am |
Indicates that you want to use the configuration file, sendmail.cf,
even if the operation mode indicates an initial mail submission. For more information, refer
to submit.cf Configuration File From Version 8.12 of sendmail. |
-bP |
Indicates that you are printing the number of entries in each queue. |
-G |
Indicates
that the message that is being submitted from the command line is for relaying,
not for initial submission. The message is rejected if the addresses are not fully
qualified. No canonicalization is done. As is noted in the Release Notes that
are part of the sendmail distribution on ftp://ftp.sendmail.org, improperly formed messages might be rejected in future
releases. |
-L tag |
Sets the identifier that is used for syslog messages to the supplied
tag. |
-q[!]I substring |
Processes only jobs that contain this substring of one of the recipients. When
! is added, the option processes only jobs that do not have this substring
of one of the recipients. |
-q[!]R substring |
Processes only jobs that contain this substring of the
queue ID. When ! is added, the option processes only jobs that do not
have this substring of the queue ID. |
-q[!]S substring |
Processes only jobs that contain this
substring of the sender. When ! is added, the option processes only jobs that do
not have this substring of the sender. |
-qf |
Processes saved messages in the queue once,
without using the fork system call, and runs the process in the foreground.
Refer to the fork(2) man page. |
-qGname |
Processes only the messages in the name queue group. |
-qptime |
Processes saved messages
in the queue at a specific interval of time with a single child that
is forked for each queue. The child sleeps between queue runs. This new option
is similar to the -qtime, which periodically forks a child to process the queue. |
-U |
As
is noted in the Release Notes that are part of the sendmail distribution on
ftp://ftp.sendmail.org, this option is not available as of version 8.12. Mail user agents should use
the -G argument. |
Additional Arguments for the PidFile and ProcessTitlePrefix Options From Version 8.12 of sendmail
The following table describes additional macro-processed arguments for the PidFile and ProcessTitlePrefix options. For more
information about these options, see the sendmail(1M) man page.
Table 14-20 Arguments for the PidFile and ProcessTitlePrefix Options
Macro |
Description |
|---|
${daemon_addr} |
Provides daemon address (for example, 0.0.0.0) |
${daemon_family} |
Provides daemon
family (for example, inet, and inet6) |
${daemon_info} |
Provides daemon information (for example,
SMTP+queueing@00:30:00) |
${daemon_name} |
Provides
daemon name (for example, MSA) |
${daemon_port} |
Provides daemon port (for example, 25) |
${queue_interval} |
Provides queue run interval (for example,
00:30:00) |
Additional Defined Macros From Version 8.12 of sendmail
The following table describes additional macros that are reserved for use by the sendmail
program. The macros' values are assigned internally. For more information, refer to the sendmail(1M)
man page.
Table 14-21 Additional Defined Macros for sendmail
Macro |
Description |
|---|
${addr_type} |
Identifies the current address as an envelope sender or a recipient address. |
${client_resolve} |
Holds the result
of the resolve call for ${client_name}: OK, FAIL, FORGED, or TEMP. |
${deliveryMode} |
Specifies the current
delivery mode sendmail is using instead of the value of the DeliveryMode option. |
${dsn_notify}, ${dsn_envid},
${dsn_ret} |
Holds the corresponding DSN parameter values. |
${if_addr} |
Provides the interface's address for the incoming connection if
the interface does not belong to the loopback net. This macro is especially useful for
virtual hosting. |
${if_addr_out}, ${if_name_out}, ${if_family_out} |
Avoids the reuse of ${if_addr}. Holds the following values respectively. The
address of the interface for the outgoing connection The host name of the interface for
the outgoing connection The family of the interface for the outgoing connection |
${if_name} |
Provides the interface's
host name for the incoming connection and is especially useful for virtual hosting. |
${load_avg} |
Checks
and reports the current average number of jobs in the run queue. |
${msg_size} |
Holds the value
of the message size (SIZE=parameter) in an ESMTP dialogue before the message has been collected.
Thereafter, the macro holds the message size as computed by sendmail and is used in
check_compat. For information about check_compat, refer to Table 14-25. |
${nrcpts} |
Holds the number of validated recipients. |
${ntries} |
Holds the
number of delivery attempts. |
${rcpt_mailer}, ${rcpt_host}, ${rcpt_addr}, ${mail_mailer}, ${mail_host}, ${mail_addr} |
Holds the results of parsing the
RCPT and MAIL arguments, which is the resolved right-hand side (RHS) triplet from the
mail delivery agent ($#mailer), the host ($@host), and the user ($:addr). |
Additional Macros From Version 8.12 of sendmail
In this section, you can find a table that describes the additional macros that
are used to build the sendmail configuration file.
Table 14-22 Additional Macros Used to Build the sendmail Configuration File
Macro |
Description |
|---|
LOCAL_MAILER_EOL |
Overrides the default end-of-line string for
the local mailer. |
LOCAL_MAILER_FLAGS |
Adds Return-Path: header by default. |
MAIL_SETTINGS_DIR |
Contains the path (including the trailing slash) for
the mail settings directory. |
MODIFY_MAILER_FLAGS |
Improves the *_MAILER_FLAGS. This macro sets, adds, or deletes flags. |
RELAY_MAILER_FLAGS |
Defines additional
flags for the relay mailer. |
Additional MAX Macros From Version 8.12 of sendmail
Use the following macros to configure the maximum number of commands that can be
received before sendmail slows its delivery. You can set these MAX macros at compile
time. The maximum values in the following table also represent the current default values.
Table 14-23 Additional MAX Macros
Macro |
Maximum
Value |
Commands Checked by Each Macro |
|---|
MAXBADCOMMANDS |
25 |
Unknown commands |
MAXNOOPCOMMANDS |
20 |
NOOP, VERB, ONEX, XUSR |
MAXHELOCOMMANDS |
3 |
HELO, EHLO |
MAXVRFYCOMMANDS |
6 |
VRFY, EXPN |
MAXETRNCOMMANDS |
8 |
ETRN |
Note - You can disable a macro's check by setting the macro's value to zero.
Additional and Revised m4 Configuration Macros From Version 8.12 of sendmail
This section contains a table of additional and revised m4 configuration macros for sendmail.
Use the following syntax to declare these macros.
symbolic-name(`value')
If you need to build a new sendmail.cf file, refer to Building the sendmail.cf Configuration File in
Chapter 13, Mail Services (Tasks).
Table 14-24 Additional and Revised m4 Configuration Macros for sendmail
m4 Macro |
Description |
|---|
FEATURE() |
For details, refer to Changes to the FEATURE() Declaration From Version 8.12 of sendmail. |
LOCAL_DOMAIN() |
This macro adds entries to class w
($=w). |
MASQUERADE_EXCEPTION() |
A new macro that defines hosts or subdomains that cannot be masqueraded. |
SMART_HOST() |
This macro
can now be used for bracketed addresses, such as user@[host]. |
VIRTUSER_DOMAIN() or VIRTUSER_DOMAIN_FILE() |
When these
macros are used, include $={VirtHost} in $=R. As a reminder, $=R is the
set of host names that are allowed to relay. |
Changes to the FEATURE() Declaration From Version 8.12 of sendmail
Refer to the following tables for information about the specific changes to the FEATURE()
declarations.
To use the new and revised FEATURE names, use the following syntax.
FEATURE(`name', `argument')
If you need to build a new sendmail.cf file, refer to Building the sendmail.cf Configuration File in Chapter 13, Mail Services (Tasks).
Table 14-25 Additional and Revised FEATURE() Declarations
Name
of FEATURE() |
Description |
|---|
compat_check |
Argument: Refer to the example in the following paragraph. This new FEATURE() enables you
to look for a key in the access map that consists of the
sender address and the recipient address. This FEATURE() is delimited by the following string,
<@>. sender@sdomain<@>recipient@rdomain is an example. |
delay_checks |
Argument: friend, which enables a spam-friend test, or hater, which enables
a spam-hater test. A new FEATURE() that delays all checks. By using FEATURE(`delay_checks'), the
rule sets check_mail and check_relay are not called when a client connects or issues
a MAIL command respectively. Instead, these rule sets are called by the check_rcpt
rule set. For details, refer to the /etc/mail/cf/README file. |
dnsbl |
Argument: This FEATURE()accepts a maximum of
two arguments:
DNS server name Rejection message
A new FEATURE() that you can include multiple times to check the return
values for DNS lookups. Note that this FEATURE() enables you to specify the behavior
of temporary lookup failures. |
enhdnsbl |
Argument: domain name. A new FEATURE() that is an enhanced version of
dnsbl, which enables you to check the return values for DNS lookups. For more
information, refer to /etc/mail/cf/README. |
generics_entire_domain |
Argument: None. A new FEATURE() that you can also use to apply
genericstable to subdomains of $=G. |
ldap_routing |
Argument: For details, refer to the “Release Notes” in https://www.sendmail.org. A
new FEATURE() that implements LDAP address routing. |
local_lmtp |
Argument: Path name of an
LMTP-capable mailer. The default is mail.local, which is LMTP capable in this Solaris release. A
FEATURE() that now sets the delivery status notification (DSN) diagnostic-code type for the local mailer
to the proper value of SMTP. |
local_no_masquerade |
Argument: None. A new FEATURE() that you can use
to avoid masquerading for the local mailer. |
lookupdotdomain |
Argument: None. A new FEATURE() that you can also
use to look up the .domain in the access map. |
nocanonify |
Argument: canonify_hosts or nothing. A FEATURE()
that now includes the following features. Enables a list of domains, as specified by CANONIFY_DOMAIN
or CANONIFY_DOMAIN_FILE, to be passed to the $[ and $] operators for canonification. Enables
addresses that have only a host name, such as <user@host>, to be canonified,
if canonify_hosts is specified as its parameter. Adds a trailing dot to addresses with more
than one component. |
no_default_msa |
Argument: None. A new FEATURE() that turns off sendmail's default setting from m4–generated configuration
files to “listen” on several different ports, an implementation of RFC 2476. |
nouucp |
Argument: reject, which does
not allow the ! token, or nospecial, which does allow the ! token. A FEATURE()
that determines whether to allow the ! token in the local part of an
address. |
nullclient |
Argument: None. A FEATURE() that now provides the full rule sets of a normal configuration,
allowing antispam checks to be performed. |
preserve_local_plus_detail |
Argument: None. A new FEATURE() that enables you to preserve
the +detail portion of the address when sendmail passes the address to the local
delivery agent. |
preserve_luser_host |
Argument: None. A new FEATURE() that enables you to preserve the name of the recipient
host, if LUSER_RELAY is used. |
queuegroup |
Argument: None. A new FEATURE() that enables you to select
a queue group that is based on the full email address or on the
domain of the recipient. |
relay_mail_from |
Argument: The domain is an optional argument. A new FEATURE() that allows
relaying if the mail sender is listed as a RELAY in the access map
and is tagged with the From: header line. If the optional domain argument is
given, the domain portion of the mail sender is also checked. |
virtuser_entire_domain |
Argument: None. A FEATURE() that you
can now use to apply $={VirtHost}, a new class for matching virtusertable
entries that can be populated by VIRTUSER_DOMAIN or VIRTUSER_DOMAIN_FILE. FEATURE(`virtuser_entire_domain') can also apply
the class $={VirtHost} to entire subdomains. |
The following FEATURE() declarations are no longer supported.
Table 14-26 Unsupported FEATURE() Declarations
Name of FEATURE() |
Replacement |
|---|
rbl |
FEATURE(`dnsbl') and FEATURE(`enhdnsbl') replace this
FEATURE(), which has been removed. |
remote_mode |
MASQUERADE_AS(`$S') replaces FEATURE(`remote_mode') in /etc/mail/cf/subsidiary.mc. $S is the SMART_HOST
value in sendmail.cf. |
sun_reverse_alias_files |
FEATURE(`genericstable'). |
sun_reverse_alias_nis |
FEATURE(`genericstable'). |
sun_reverse_alias_nisplus |
FEATURE(`genericstable'). |
Changes to the MAILER() Declaration From Version 8.12 of sendmail
The MAILER() declaration specifies support for delivery agents. To declare a delivery agent, use
the following syntax.
MAILER(`symbolic-name')
Note the following changes.
In this new version of sendmail, the MAILER(`smtp') declaration now includes an additional mailer, dsmtp, which provides on-demand delivery by using the F=% mailer flag. The dsmtp mailer definition uses the new DSMTP_MAILER_ARGS, which defaults to IPC $h.
Numbers for rule sets that are used by MAILERs have been removed. You now have no required order for listing your MAILERs except for MAILER(`uucp'), which must follow MAILER(`smtp') if uucp-dom and uucp-uudom are used.
For more information about mailers, refer to Mailers and sendmail. If you need to build a
new sendmail.cf file, refer to Building the sendmail.cf Configuration File in Chapter 13, Mail Services (Tasks).
Additional Delivery Agent Flags From Version 8.12 of sendmail
The following table describes additional delivery agent flags, which by default are not set.
These single-character flags are Boolean. You can set or unset a flag by including
or excluding it in the F= statement of your configuration file, as shown in the
following example.
Mlocal, P=/usr/lib/mail.local, F=lsDFMAw5:/|@qSXfmnz9, S=10/30, R=20/40,
Mprog, P=/bin/sh, F=lsDFMoqeu9, S=10/30, R=20/40, D=$z:/,
Msmtp, P=[IPC], F=mDFMuX, S=11/31, R=21, E=\r\n, L=990,
Mesmtp, P=[IPC], F=mDFMuXa, S=11/31, R=21, E=\r\n, L=990,
Msmtp8, P=[IPC], F=mDFMuX8, S=11/31, R=21, E=\r\n, L=990,
Mrelay, P=[IPC], F=mDFMuXa8, S=11/31, R=61, E=\r\n, L=2040,
Table 14-27 Additional Mailer Flags
Flag |
Description |
|---|
% |
Mailers that use this flag do not attempt delivery to the initial recipient
of a message or to queue runs unless the queued message is selected by
using an ETRN request or one of the following queue options: -qI, -qR, or
-qS. |
1 |
This flag disables the ability of the mailer to send null characters (for example,
\0). |
2 |
This flag disables the use of ESMTP and requires that SMTP be used instead. |
6 |
This
flag enables mailers to strip headers to 7 bit. |
Additional Equates for Delivery Agents From Version 8.12 of sendmail
The following table describes additional equates that you can use with the M delivery-agent definition
command. The following syntax shows you how to append new equates or new arguments
to the equates that already exist in the configuration file.
Magent-name, equate, equate, ...
The following example includes the new W= equate. This equate specifies the maximum time to
wait for the mailer to return after all data has been sent.
Msmtp, P=[IPC], F=mDFMuX, S=11/31, R=21, E=\r\n, L=990, W=2m
When you modify the definition of a value for m4 configuration, use the syntax
that is provided in the following example.
define(`SMTP_MAILER_MAXMSGS', `1000')
The preceding example places a limit of 1000 on the number of messages that
are delivered per connection on an smtp mailer.
If you need to build a new sendmail.cf file, refer to Building the sendmail.cf Configuration File in
Chapter 13, Mail Services (Tasks).
Note - Typically, you modify the equate definitions in the mailer directory only when you fine-tune.
Table 14-28 Additional Equates for Delivery Agents
Equate |
Description |
|---|
/= |
Argument:
Path to a directory Specifies a directory to apply chroot() to before the
mailer program is executed |
m= |
Argument: Any of the following m4 values that have previously been
defined with the define() routine
SMTP_MAILER_MAXMSGS, for the smtp mailer LOCAL_MAILER_MAXMSGS, for the local mailer RELAY_MAILER_MAXMSGS, for the relay mailer
Limits the number of messages that are delivered per
connection on an smtp, local, or relay mailer |
W= |
Argument: An increment of time Specifies the
maximum time to wait for the return of the mailer after all data has
been sent |
Additional Queue Features From Version 8.12 of sendmail
The following list provides details about additional queue features.
This release supports multiple queue directories. To use multiple queues, supply a QueueDirectory option value in the configuration file that ends with an asterisk (*), as is shown in the following example.
O QueueDirectory=/var/spool/mqueue/q*
The option value, /var/spool/mqueue/q*, uses all of the directories (or symbolic links to directories) that begin with “q” as queue directories. Do not change the queue directory structure while sendmail is running. Queue runs create a separate process for running each queue unless the verbose flag (-v) is used on a nondaemon queue run. The new items are randomly assigned to a queue.
The new queue file-naming system uses file names that are guaranteed to be unique for 60 years. This system allows queue IDs to be assigned without complex file-system locking and simplifies the movement of queued items between queues.
Starting with version 8.12, only root can run the mail queue. For further details, refer to the changes that are described in the mailq(1) man page. For new task information, refer to Administering the Queue Directories (Task Map).
To accommodate envelope splitting, queue file names are now 15–characters long, rather than 14–characters long. File systems with a 14–character name limit are no longer supported.
For task information, refer to Administering the Queue Directories (Task Map).
Changes for LDAP From Version 8.12 of sendmail
The following list describes changes in the use of the Lightweight Directory Access Protocol
(LDAP) with sendmail.
LDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE() permit you to specify equivalent host names, which are replaced by the masquerade domain name for LDAP routing lookups. For more information, refer to /etc/mail/cf/README.
As noted in the Release Notes that are part of the sendmail distribution at ftp://ftp.sendmail.org, the LDAPX map has been renamed to LDAP. Use the following syntax for LDAP.
Kldap ldap options
This release supports the return of multiple values for a single LDAP lookup. Place the values to be returned in a comma-separated string with the -v option, as is shown.
Kldap ldap -v"mail,more-mail"
If no LDAP attributes are specified in an LDAP map declaration, all attributes that are found in the match are returned.
This version of sendmail prevents commas in quoted key and value strings in the specifications of the LDAP alias file from dividing a single entry into multiple entries.
This version of sendmail has a new option for LDAP maps. The option -Vseparator enables you to specify a separator so that a lookup can return both an attribute and a value that are separated by the relevant separator.
In addition to using the %s token to parse an LDAP filter specification, you can use the new token, %0, to encode the key buffer. The %0 token applies a literal meaning to LDAP special characters.
The following example shows how these tokens differ for a “*” lookup.
Table 14-29 Comparison of Tokens
LDAP Map
Specification |
Specification Equivalent |
Result |
|---|
-k"uid=%s" |
-k"uid=*" |
Matches any record with a user attribute |
-k"uid=%0" |
-k"uid=\2A" |
Matches a user with the name
“*” |
The following table describes additional LDAP map flags.
Table 14-30 Additional LDAP Map Flags
Flag |
Description |
|---|
-1 |
Requires a single match to be returned.
If more than one match is returned, the results are the equivalent of no
records being found. |
-r never|always|search|find |
Sets the LDAP alias dereference option. |
-Z size |
Limits the number of matches to return. |
Change to the Built-In Mailer From Version 8.12 of sendmail
The old [TCP] built-in mailer is not available. Use the P=[IPC] built-in
mailer instead. The interprocess communications ([IPC]) built-in mailer now enables delivery to a UNIX domain socket
on systems that support it. You can use this mailer with LMTP delivery
agents that listen on a named socket. An example mailer might resemble the
following.
Mexecmail, P=[IPC], F=lsDFMmnqSXzA5@/:|, E=\r\n,
S=10, R=20/40, T=DNS/RFC822/X-Unix, A=FILE /var/run/lmtpd
The first mailer argument in the [IPC] mailer is now checked for a legitimate
value. The following table provides possible values for the first mailer argument.
Table 14-31 Possible Values for the First Mailer Argument
Value |
Description |
|---|
A=FILE |
Use for
UNIX domain socket delivery |
A=TCP |
Use for TCP/IP connections |
A=IPC |
Is no longer available as a first
mailer argument |
Additional Rule Sets From Version 8.12 of sendmail
The following table lists the additional rule sets and describes what the rule sets
do.
Table 14-32 New Rule Sets
Set |
Description |
|---|
check_eoh |
Correlates information that is gathered between headers and checks for missing headers. This
rule set is used with the macro storage map and is called after all
of the headers have been collected. |
check_etrn |
Uses the ETRN command (as check_rcpt uses RCPT). |
check_expn |
Uses
the EXPN command (as check_rcpt uses RCPT). |
check_vrfy |
Uses the VRFY command (as check_rcpt uses RCPT). |
The following list describes additional rule set features.
Numbered rule sets are also named, but the rule sets can still be accessed by their numbers.
The H header configuration file command allows for a default rule set to be specified for header checks. This rule set is called only if the individual header has not been assigned its own rule set.
Comments in rule sets (that is, text within parentheses) are not removed if the configuration file version is nine or greater. For example, the following rule matches the input token (1), but does not match the input token.
R$+ (1) $@ 1
sendmail accepts the SMTP RSET command even when it rejects commands because of TCP wrappers or the check_relay rule set.
You receive a warning if you set the OperatorChars option multiple times. Also, do not set OperatorChars after the rule sets are defined.
The name of the rule set, as well as its lines, are ignored if an invalid rule set is declared. The rule set lines are not added to S0.
Changes to Files From Version 8.12 of sendmail
Note the following changes.
Starting in the Solaris 10 release, to support a read-only /usr file system, the contents of the /usr/lib/mail directory has been moved to the /etc/mail/cf directory. For details, refer to Contents of the /etc/mail/cf Directory. Note, however, that the shell scripts /usr/lib/mail/sh/check-hostname and /usr/lib/mail/sh/check-permissions are now in the /usr/sbin directory. See Other Files Used for Mail Services. For backward compatibility, symbolic links point to each file's new location.
The new name for /usr/lib/mail/cf/main-v7sun.mc is /etc/mail/cf/cf/main.mc.
The new name for /usr/lib/mail/cf/subsidiary-v7sun.mc is /etc/mail/cf/cf/subsidiary.mc.
The helpfile is now located in /etc/mail/helpfile. The old name (/etc/mail/sendmail.hf) has a symbolic link that points to the new name.
The trusted-users file is now located in /etc/mail/trusted-users. During an upgrade, if the old name (/etc/mail/sendmail.ct) is detected, but not the new name, a hard link from the old name to the new name is created. Otherwise, no change is made. The default content is root.
The local-host-names file is now located in /etc/mail/local-host-names. During an upgrade, if the old name (/etc/mail/sendmail.cw) is detected, but not the new name, a hard link from the old name to the new name is created. Otherwise, no change is made. The default content is zero length.
sendmail Version 8.12 and IPv6 Addresses in Configuration
Starting with version 8.12 of sendmail, IPv6 addresses that are used in configuration should be
prefixed with the IPv6: tag to identify the address properly. If you are
not identifying an IPv6 address, a prefix tag is not used.
