لطفا منتظر باشید ...
Configuring sendmail
The file /etc/mail/sendmail.cf contains the configuration information and optional values used to direct the behavior of the sendmail daemon. The entire file is over 1,700 lines in length, making it rather difficult to deal with. The sendmail.mc file was created as a way to simplify the creation of the sendmail.cf file. So, the steps I recommend for configuring sendmail are as follows:
Edit the /etc/sendmail.mc file. Most of what you need to do to configure sendmail can be done by editing this file.
Generate the sendmail.cf file from the edited sendmail.mc file. This is done using the m4 processor.
Review your sendmail.cf configuration. If you want to make changes, modify the sendmail.mc file and regenerate sendmail.cf.Note
The m4 macros you use in the sendmail.mc file are different from the resulting settings in the sendmail.cf file. To find out what macros to use for a setting you find in the sendmail.cf file, refer to the /usr/share/doc/sendmail/README.cf file.
Restart the sendmail server.Warning
Because of the way sendmail in configured in Red Hat Linux, you should not directly modify the sendmail.cf file. The sendmail.cf file is automatically regenerated when sendmail restarts if sendmail.mc changes. As a result, any modifications made directly to sendmail.cf will be lost.
The following sections provide details for this process.
Configuring the sendmail.mc file
The following code samples are from the /etc/mail/sendmail.mc file that accompanies Red Hat's version of sendmail.
| Note | Lines that begin with dnl (delete to new line) followed by comment characters (###) in the sendmail.mc file are comment lines. In most cases, I have left them out in the examples shown. |
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
The first few lines of the sendmail.mc file do some housekeeping. The divert line removes extra output when the configuration file is generated. The include line causes rule sets needed by sendmail to be included. The VERSIONID line identifies the configuration file as being for Red Hat (though this setting is not checked, so it could be anything you like). The OSTYPE, however, must be set to linux to get the proper location of files needed by sendmail.
dnl define(`SMART_HOST',`smtp.your.provider')
By default, the sendmail daemon tries to send your outgoing e-mails directly to the mail server to which they are addressed. If you want all e-mail to be relayed through a particular mail server instead, you can remove the comment (dnl, which stands for "delete to new line") from the SMART_HOST line above. Then, change smtp.your.provider to the fully qualified domain name of the mail server you want to use.
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTRUSTED_USER', `smmsp')dnl
Instead of running as the root user, the daemon runs as the mail user (UID 8) and mail group (GID 12), based on the confDEF_USER_ID line set previously. This is a good policy, since it prevents someone who might compromise your mail server from gaining root access to your machine. The confTRUSTED_USER line adds smmsp to the list of users that are trusted by sendmail. Other trusted users are root, uucp, and daemon. (The smmsp user is assigned ownership to some sendmail spool directories and mail database files.)
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
If you remove the dnl, the confAUTO_REBUILD line will tell sendmail to automatically rebuild the aliases database, if necessary. The confTO_CONNECT line sets the time the sendmail will wait for an initial connection to complete to one minute (1m).
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
With confTRY_NULL_MX_LIST true, if a receiving server is the best mail exchange (MX) for a host, try connecting to that host directly. If confDONT_PROBE_INTERFACES is true, the sendmail daemon will not insert local network interfaces into the list of known equivalent addresses.
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
The next three lines (PROCMAIL_MAILER_PATH, ALIAS_FILE, and STATUS_FILE) set locations for the program that distributes incoming mail (procmail, by default), the mail aliases database, and the mail statistics file, respectively.
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
The UUCP_MAILER_MAX line sets the maximum size (in bytes) for messages received by the UUCP mailer. The confUSERDB_SPEC line sets the location of the user database (where you can override the default mail server for specific users). The confPRIVACY_FLAGS line causes sendmail to insist on certain mail protocols. For example, authwarnings causes X-Authentication-Warning headers to be used and noted in log files. The novrfy and noexpn settings prevent those services from being requested. The restrictqrun option prevents the -q option to sendmail.
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')dnl
dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
The group of lines just shown (all beginning with dnl, so they are commented out) can be uncommented (remove the initial dnl) to provide certain features. The confAUTH_OPTIONS line sets options used with SMTP authentication. This example (with A and p options) allows authenticated users with plain text logins to relay mail. The TRUST_AUTH_MECH line would cause sendmail to allow authentication mechanisms other than plain passwords. The next four lines above should be uncommented to enable certificates (with the last line above set if the key file needs to be readable by applications other than sendmail).
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
The commented lines above actually show the default values set for certain timeout conditions. You can remove comments and change these values if you like. The confTO_QUEUEWARN sets how long after delivery of a message has been deferred to send a warning message to the sender. Four hours (4h) is the default. The confTO_QUEUERETURN option sets how long before an undeliverable message is returned. The confQUEUE_LA and confREFUSE_LA set the system load average levels at which mail received is queued or refused, respectively. The confTO_IDENT option sets the timeout when waiting for a response to an IDENT query to be received (by default it is 0, which means no timeout).
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
The FEATURE macro is used to set some special sendmail features. The smrsh feature defines /usr/sbin/smrsh as the simple shell used by sendmail to receive commands. The mailertable and virtusertable options set the locations of the mailertable and virtusertable databases. The redirect option allows you to reject mail for users who have moved and provide new addresses. The always_add_domain option causes the local domain name to be added to the host name on all delivered mail. The use_cw_file and use_ct_file options tell sendmail to use the file /etc/mail/local-host-names for alternative host names for this mail server and /etc/mail/trusted-users for trusted user names, respectively. (A trusted user can send mail as another user without resulting in a warning message.)The local_procmail option sets the command used to deliver local mail (procmail), as well as options to that command (including the $h hostname and $u user name). The access_db option sets the location of the access database, which identifies which hosts are allowed to relay mail through the server. The blacklist_recipients option turns on the ability of the server to block incoming mail for selected users, hosts, or addresses. (The access_db and blacklist_recipients features are useful for blocking spam.)
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
As it stands, the DAEMON_OPTIONS line allows only incoming mail created by the local host to be accepted. Be sure to comment this line out if you want to allow incoming mail from the Internet or other network interface (such as the local LAN).
FEATURE(`accept_unresolvable_domains')dnl
The accept_unresolvable_domains option is on, causing you to accept mail from host computers that don't have resolvable domain names. If you have client computers (such as dial-up computers) that need to use your mail server, leave this option on. Turning it off, however, can help eliminate spam.
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
The LOCAL_DOMAIN option here causes the name localhost.localdomain to be accepted as a name for your local computer. The last lines in your sendmail.mc file define the mailers to use on your server. The /usr/share/sendmail-cf/mailer directory contains definitions for smtp, procmail, and other mailers.After you have made the changes you want to the sendmail.mc file, you can regenerate the sendmail.cf file as described in the next section.
Generating the sendmail.cf file
Once you have tuned the sendmail.mc file to your liking, you must process it into a sendmail.cf file. To generate the sendmail.cf file from sendmail.mc, run the following as root:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Instead of running m4, you can restart the sendmail service to have m4 run automatically. Details on the configuration options available through the m4 macro preprocessor can be found at www.sendmail.org/m4/tweaking_configl. The rest of this section describes the contents of the sendmail.cf file that are created from sendmail.mc.
Understanding the sendmail.cf file
The sendmail.cf file contains the definitions that drive the behavior of your sendmail mail server. The sendmail.mc file used to generate sendmail.cf doesn't explicitly define every setting that ends up in the sendmail.cf file. Therefore, understanding the contents of your sendmail.cf file can help you go back and make corrections to sendmail.mc.
sendmail component files
The first part of the sendmail.cf file contains a listing of component files used to create the sendmail.cf file. It also contains information about the configuration file's format and version. The following is an example of the beginning of the sendmail.cf file:
######################################################################
##### SENDMAIL CONFIGURATION FILE
##### built by root@ab.handsonhistory.com on Sun Jul 27 02:53:51 PDT 2003
##### in /etc/mail
##### using /usr/share/sendmail-cf/ as configuration include directory
#####
######################################################################
##### DO NOT EDIT THIS FILE! Only edit the source .mc file.
######################################################################
##### $Id: cfhead.m4,v 8.108.2.1 2002/08/27 18:53:24 ca Exp $ #####
##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ #####
##### setup for Red Hat Linux #####
##### $Id: linux.m4,v 8.13 2000/09/17 17:30:00 gshapiro Exp $ #####
##### $Id: local_procmail.m4,v 8.21.42.1 2002/11/17 05:06:23 ca Exp $ ##
.
.
.
Note the warning that you shouldn't edit the sendmail.cf file directly. In the rest of this section, the comments show which component m4 macro files (from subdirectories of the /usr/share/sendmail-cf directory) were used to create this sendmail.cf file.The following setting from the sendmail.cf file indicates the version and vendor associated with the configuration file.
V10/Berkeley
The preceding line identifies this configuration file as corresponding with the open-source Berkeley distribution of sendmail V10. The next line refers to a certain security feature:
#O DontBlameSendmail=safe
This version of sendmail is, by default, somewhat paranoid, judging from the preceding commented lines. By leaving DontBlameSendmail=safe commented out, sendmail won't accept forward files, include files, incoming mailboxes, configuration files, class files, or hashed map files that are group- or world-writable, or located in a directory that is group- or world-writable. (Set confDONT_BLAME_SENDMAIL to safe in the sendmail.mc file to override file safety checks.) The next line relates to LDAP maps.
#O LDAPDefaultSpec=-h localhost
With the LDAPDefaultSpec option, you can add default LDAP maps that include LDAP-specific settings. By default, none are set. Add a conf LDAP_DEFAULT_SPEC line to sendmail.mc to identify maps by host (-h host), port (-p port) or domain name (-d bindDN).
sendmail local info entries
The next entries in the sendmail.cf file appear under the local info heading. They reflect configuration information that is specific to your local host computer. Here are the first settings in that section:
Cwlocalhost
Fw/etc/mail/local-host-names
The Cwlocalhost line defines the class macro w, which contains a list of all possible host names given to the machine. This includes any DNS aliases, all references in /etc/hosts, and perhaps even incorrect names used by individuals with accounts on that machine (to avoid having those messages bounced). Because this could become quite an extensive list on some hosts, the Fw/etc/mail/local-host-names line defines the file class macro w, which enables these host names to be stored in a separate file, /etc/mail/local-host-name in this case.
#Dj$w.Foo.COM
If you had set the confDOMAIN_NAME in your sendmail.mc file, the preceding line would be uncommented and your domain name would replace Foo.COM. With this line commented, however, sendmail will try to determine your computer's domain name on its own. It is recommended that you let sendmail determine the canonical name. The next line configures smart relay and other options:
CP.
DS
CO @ % !
C..
C[[
The preceding DS line (set to nothing) indicates that no smart relay host is defined. Although it is more commonly used with UUCP as a transport mechanism, smart relay hosts can also be useful if the machine doesn't have a reliable connection to the entire network (perhaps it's only on a local network). The relay accepts mail from this machine and handles delivering the mail to the appropriate recipients.The other lines define class macros that become important within the rewriting rules. The CP. and C.. lines define the classes P and ., each of which consists of only a period (.). The CO @ % ! line defines the class O, which lists three characters that are invalid within user names (@, %, and !). The C[[ line defines the class [, which consists of a left bracket.Next, the FR-o line identifies a file that can be configured to allow mail relaying.
FR-o /etc/mail/relay-domains
The preceding line declares file class R, which is a list of hosts to which mail can relayed, stored in the file /etc/mail/relay-domains. The next line has to do with dequoting:
Kdequote dequote
The Kdequote line declares the dequote database of class dequote. This is used to remove quotation marks from addresses within the rewriting rules. The next line relates to the way user names and domain names are exposed to the outside world:
C{E}rootThe preceding class E line (CE root) indicates that mail from the user root should always have the appropriate full host name and domain name, even if other directives indicate that the host name should be masquerading as some other name. Besides class E, class L could be used to list those user names that should receive mail on the local host, even if other directives indicate that all mail should be relayed elsewhere. The class M could be used to indicate which domains should have their host names masqueraded (as set in the following M macro). The class N could be used to indicate host names that should not be masqueraded.The next lines shown identify sendmail databases:
Kmailertable hash -o /etc/mail/mailertable.db
Kvirtuser hash -o /etc/mail/virtusertable.db
Kaccess hash -T<TMPF> -o /etc/mail/access.db
The previous Kmailertable, Kvirtuser, and Kacess lines define key database files. You can route mail for particular addresses to particular servers by adding definitions to the Mailer table database (/etc/mail/mailertable which creates /etc/mail/mailertable.db file).The Virtual user table database (/etc/mail/virtusertable.db) is created from the hashed output of the /etc/mail/virtusertable text file. The Access list (/etc/mail/access.db) database, created from the /etc/mail/access file, lets you discard and reject e-mail from certain users to prevent spamming. See the sidebar "Forwarding E-mail and Stopping Spam," which describes how to set up the virtual user and access list databases.
CPREDIRECT
DZ8.12.8
The CPREDIRECT line adds the text REDIRECT to the class P. This is used in conjunction with the redirect feature (enabled in the m4 configuration files), which allows aliases to be created for accounts that are no longer active. For example, if this is in /etc/aliases:
jefft: jefft@newplace.com.REDIRECT
The files mailertable, virtusertable, and access (in /etc/mail) can be set up to forward or discard e-mail based on addresses. The mailertable file lets you forward e-mail for a particular domain to a selected server. For example, this mailertable entry forwards handsonhistory.com mail to mx1.linuxtoys.net:
handsonhistory.com smtp:[mx1.linuxtoys.net]
The virtusertable file is often used to redirect mail for particular users in multiple domains. Here are examples of mappings that could be in the virtusertable file:
videotech@myotherbox.org hadji
sales@verysmallcompany.com george@wehavenomoney.com
The first line redirects mail intended for videotech@myotherbox.org to the local user account hadji. The second redirects mail for sales@verysmallcompany.com to the remote user george@wehavenomoney.com.Similarly, the Access list database is created from /etc/mail/access. It can be used to selectively accept, reject, relay, or discard any message based on the address, host name, domain name, or IP address contained within the header:
ads@freestuff.net DISCARD
junkmail.com REJECT
coupons.junkmail.com OK
spam.junkmail.com 550 Unsolicited bulk email will
be stored and handled for a fee of $500/KB
The first line in the preceding block discards (without no error messages) all mail from ads@freestuff.net. The second rejects all mail from the junkmail.com domain, returning a general delivery status message to the sender. The third line overrides the previous setting by allowing mail from coupons.junkmail.com, and the fourth line returns the specified error code to the annoying spam.junkmail.com domain.The contents of the mailertable, virtusertable, and access files are all incorporated into their respective .db files when the sendmail service starts. After changing any of those files, type /etc/init.d/sendmail restart to have changes take effect.
Any mail sent to jefft on the local machine would result in an informational message being returned to the original sender, indicating the changed address. The original mail message will not be forwarded to the address listed in the preceding jefft example. The DZ8.12.8 line sets the macro Z, which contains the full version information for the sendmail daemon.
sendmail options
The sendmail.cf file contains a long list of options that you can set for sendmail on your Red Hat Linux system. Option definitions start after the Options block. Here are examples:
O SevenBitInput=False
# O EightBitMode=pass8
The SevenBitInput option indicates that sendmail should not clear the most significant bit from each byte of all mail messages. The EightBitMode option dictates how sendmail should handle message data that is not explicitly labeled as 8-bit. The pass8 option allows any 8-bit data to be delivered unaltered; mimefy converts any unspecified data to a MIME-encoded type; strict rejects any unlabeled 8-bit data. Note that this option has no effect on data that is specified as 8-bit. The next lines relate to alias files:
O AliasWait=10
O AliasFile=/etc/aliases
Before rebuilding the aliases database, sendmail performs several checks to make sure that no other processes are attempting to do the same. The AliasWait option specifies the number of minutes that sendmail alternates between waiting and performing its checks. The AliasFile option specifies the location of the plain-text file containing mail aliases. The next lines relate to the way disk space is allocated for sendmail:
O MinFreeBlocks=100
#O MaxMessageSize=1000000
The MinFreeBlocks option specifies that a message will be rejected if the acceptance of that message would cause there to be fewer than 100 free blocks (100K) available on the file system where messages are stored. The MaxMessageSize, if uncommented, can impose a limit on the maximum size of an incoming e-mail message (1MB in the preceding line). By default, there is no restriction on the size of a message. The next line substitutes characters for blank space:
O BlankSub=.
The BlankSub option substitutes the specified character (a . here) in place of a blank space (which is an illegal character) in an e-mail address. The next line avoids expensive mailers:
O HoldExpensive=False
If an MDA definition (explained later in this section) includes the option F=e, the mailer is classified as expensive, which simply indicates that delivering that mail may involve a slow connection or other processing delay. The HoldExpensive option allows messages handled by an expensive MDA to be queued rather than processed immediately. The preceding line disables this option. The next line relates to checkpoint queues:
#O CheckpointInterval=10
When delivering messages to many addresses (as with mailing lists), sendmail at times needs to record which recipients have already received the message. The CheckpointInterval option sets the number of recipient addresses processed between updates of the qf file. The preceding line is commented out, but the default value is still 10. The next line relates to delivery mode:
O DeliveryMode=background
The four possible DeliveryMode values are as follows:
background — Sendmail forks (splits off) a copy of itself and asynchronously processes the message. The default mode is background.
deferred — The message is queued and all processing, including DNS lookups and database accesses, is deferred until the queue is run.
interactive — The queue is processed synchronously, in the foreground.
queueonly — Much like deferred, but host names are resolved and databases are queried immediately.
The next lines relate to error message headers and error modes:
#O ErrorHeader=/etc/mail/error-header
#O ErrorMode=print
The ErrorHeader option allows the text of a specified file to be included in all delivery status messages returned to the sender, along with any error messages from the xf file. The ErrorMode option provides five possible methods of displaying error messages to users on the local machine who encounter problems while attempting to send mail:
e — Mail an error message to the sender, but terminate successfully.
m — Mail an error message, and exit with an error code.
p — Print error to user's terminal and save the message in ~/dead.letter. ( default)
q — Quietly ignore all delivery errors.
w — Write the error message to the user's terminal.
The next line relates to the From lines in e-mail messages:
#O SaveFromLine=False
By default, the SaveFromLine option is disabled (False). The result is that lines within mail messages that begin with the text "From" (a special token that differentiates the end of one message from the headers of the next) will be prefaced by a > in the delivered message. The next line relates to permissions of temporary files:
O TempFileMode=0600
The TempFileMode option sets file permissions of temporary files to be readable only by the file's owner. Other modes are highly discouraged. The next line relates to the GECOS field:
#O MatchGECOS=False
The MatchGECOS option lets sendmail deliver mail to a converted form of a user's full name, as specified in the GECOS field of the /etc/passwd file. For example, if the full name of user wharris (according to the GECOS field) is Wayne Harris, that user could receive mail as wharris@mybox.com, Wayne_Harris@mybox.com, or Wayne.Harris@mybox.com. This option is not recommended, because it could lead to ambiguities, and users could change their GECOS fields in a way that could subvert sendmail's usual delivery mechanisms.The next line relates to hop counts:
#O MaxHopCount=25
The MaxHopCount option specifies the largest number of hops (a transmission of the message from one machine to another) before a message is returned to the sender as undeliverable. The default value is 25. The next line relates to the sendmail help file:
O HelpFile=/etc/mail/helpfile
The HelpFile option lists the name of the file containing the online help text. To view this data, execute the command telnet localhost 25 and type help. Help is also available for most SMTP commands using the help command via help command name. The next line relates to dots as terminators:
#O IgnoreDots=False
The IgnoreDots option determines the behavior of sendmail when presented with a message that contains a single period on a line. With the option nonexistent, commented, or False, the single dot is treated as the end of the message (the behavior specified in RFC 821). If the option is True, the dot assumes no special significance. The next line relates to resolver options:
#O ResolverOptions=+AAONLY
The ResolverOptions option can tune the behavior of DNS lookups. Descriptions of valid flags are in the resolver man page (type man resolver). The next line relates to MIME errors:
O SendMimeErrors=True
The SendMimeErrors option defines whether delivery status notification messages should be MIME-encoded or left as plain text. The next line relates to search paths used for forwarding e-mail messages:
O ForwardPath=$z/.forward.$w:$z/.forward
The ForwardPath option specifies the search path for an individual user's .forward file. In the preceding line, $z represents the user's home directory, and $w indicates the local machine's host name. For example, if /home/kzabon were the home directory for the user kzabon on the local machine al, sendmail would first look for the file /home/kzabon/.forward.al, followed by /home/kzabon/.forward. If neither file existed, the mail would be delivered to the incoming mailbox file /var/spool/mail/kzabon. The next lines relate to caching on open connections:
O ConnectionCacheSize=2
O ConnectionCacheTimeout=5m
Rather than open a connection to a host, send a message, close the connection, and then open another connection to the same host, connection caching allows sendmail to send multiple mail messages to the same machine over one connection. This ConnectionCacheSize option can reduce the overhead of creating and destroying connections. The default value of 2 says up to two simultaneous connections are allowed. The ConnectionCacheTimeout value limits the time that a connection can be open. The default value is 5m (five minutes). The next lines relate to the host status directory and thread deliveries:
#O HostStatusDirectory=.hoststat
#O SingleThreadDelivery=False
The HostStatusDirectory option can establish a directory (relative to the queue directory /var/spool/mqueue if a full path name isn't specified) that stores status information for all machines with which sendmail has established a connection. This option is not set by default, because its implementation consumes resources but may not provide a substantial gain.The SingleThreadDelivery option ensures that there is always a maximum of one connection to any given machine. This, too, may not be desirable. Not only does it require the HostStatusDirectory option, it may also prevent any outgoing messages to a host if the local machine is currently processing a high volume of mail from that same machine. The next line relates to the Errors-To header:
O UseErrorsTo=False
The UseErrorsTo option allows sendmail to utilize or ignore the "Errors-To:" header line. If it is set to True, any delivery errors are reported to the address specified in the header line. Otherwise, this line is ignored. The option is set to False by default because this behavior violates RFC 1123. The next line relates to the log level:
O LogLevel=9
The LogLevel option sets the priority and severity of logging messages sent to the syslog facility. Values range from 0 (only severe errors are reported) to 98 (maximum debugging information is logged, along with all important messages). Unless you need to view tons of debugging information while tracking down a mail delivery problem, the default value of 9 is probably okay. The next line defines how messages are sent to the message sender:
#O MeToo=True
The MeToo option selects sendmail's behavior when the sender of a message is also on the mailing list's distribution list. Unless a value of True is specified, the sender does not receive the message (based on the assumption that if the sender wrote the message, the sender doesn't need to see it again). The next line has to do with evaluating addresses:
O CheckAliases=False
If the value is set to True, the CheckAliases option evaluates addresses on the left side of the colon and guarantees a valid delivery agent for addresses on the right side. The default value is False. The next line relates to old-style headers:
O OldStyleHeaders=True
Lists of recipients were originally delimited by spaces. More recently, commas have been used because recipient names frequently contain spaces. When set to True, the OldStyleHeaders option allows comma-delimited lists, but unquoted spaces are converted to commas. If the option is set to False (the default), uncommented spaces are converted to the character specified by the BlankSub option. The next lines relate to SMTP daemon options:
O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA
#0 ClientPortOptions=Family=inet, Address=0.0.0.0
The DaemonPortOptions option can be used to restrict the port number and network on which sendmail will listen for incoming connections, the number of simultaneous incoming connections, and the size of the TCP/IP send and receive buffers.
The ClientPortOptions option is the same as DaemonPortOptions, except that it works for outgoing connections rather than incoming connections. By default, outgoing is not restricted to the local host since the line is commented out. The next line relates to privacy:
O PrivacyOptions=authwarnings,novrfy,noexpn,restrictqrun
The PrivacyOptions option can require that incoming connections strictly adhere to correct SMTP behavior, disable the EXPN (noxepn) or VRFY (novrfy) functions, disable return receipts, and restrict the users who may run the mailq and sendmail -q commands (restrictqrun). The mailq command shows all entries in the queue, while the sendmail -q command synchronously processes the queue. The PrivacyOptions option also utilizes the "X-Authentication-Warning:" header line. The next line relates to copies of error messages:
#O PostMasterCopy=Postmaster
The PostMasterCopy option can specify an address (or several) that should receive copies of any delivery status notifications that are sent to message senders. The default is to send no copies. The next lines relate to the mail queue:
#O QueueFactor=600000
#O QueueSortOrder=priority
#O MinQueueAge=30m
#O MaxQueueRunSize=10000
O QueueDirectory=/var/spool/mqueue
A variety of queue options are available to tune queues and the runners that handle them. The latest sendmail (version 8.12.9-7) also includes a concept of queue groups. For servers that deliver a high volume of mail, setting up queue groups allows you to set up separate directories of outgoing e-mail. Separate queue runners can then be used to handle each queue.
| Note | By splitting outgoing e-mail across directories on different hard disks, you can reduce bottlenecks that occur on servers that deliver a lot of mail (such as those that handle large mailing lists). For low-volume mail servers, the default /var/spool/mqueue directory is fine. For more information on queue groups, see the Sendmail Installation and Operation Guide at http://www.sendmail.org/~ca/email/doc8.12/op. |
The QueueFactor option uses the current system load average to implement a cutoff value where outbound messages are queued rather than immediately sent. The QueueSortOrder option, which can select the method used to determine the queue priority, can be set to host (the messages in the queue are sorted based on the receiving host and the priority), priority (the traditional precedence scale), and time (based on order of submission). MinQueueAge sets the least amount of time a failed message transfer waits in the buffer before transmission is retried.
The MaxQueueRunSize option indicates Table 19-1 earlier in this chapter. The next lines relate to timeout values used by sendmail:
O Timeout.connect=1m
O Timeout.ident=0
O Timeout.queuereturn=5d
O Timeout.queuewarn=4h
Several options relating to timeouts while waiting for events can be specified, as shown in the preceding lines. (Many more that are commented out are not shown.) These values limit the amount of time sendmail spends waiting for an event to occur or complete. The actual time values can be specified in seconds, minutes, hours, or days (with each specified as an integer followed by s, m, h, or d, respectively). An explanation for each is given in Table 19-3. Each timeout option is in the form Timeout.event, where event is replaced by the timeout events listed in the table.
The next line relates to pruning routes:
#O DontPruneRoutes=False
With the DontPruneRoutes option, an address can be specified as a "route address" where an explicit path through a sequence of hosts is indicated. If the option is set to True, this route is followed. Otherwise, the route is pruned. The next line relates to where messages are stored as they are being delivered:
O SuperSafe=True
If the SuperSafe option is False, sendmail reads a message into memory before delivering it. If the machine were to crash at this point, the message would be lost. When the SuperSafe option is set to True, the message always exists on the file system until delivery is completed. No good reason exists for this option to be set to False. The next line relates to the status file:
O StatusFile=/etc/mail/statistics
The StatusFile option specifies a file where mail delivery statistics are stored. The file is parsed by the mailstats program to display: the number of messages sent and the size of those messages (in kilobytes); the number of messages received and the size of those messages (also in kilobytes); the number of messages rejected; and the number of messages discarded. The first column and the last column indicate the MDA. The last row displays totals for each column. The following is a sample of output from the mailstats command:
Statistics from Sun Aug 17 13:05:24 2003
M msgsfr bytes_from msgsto bytes_to msgsrej msgsdis Mailer
4 414 3845K 23 894K 0 0 smtp
8 10 19K 8 13K 0 0 local
=============================================================
T 424 3864K 31 907K 0 0
The next line relates to how time zones are handled:
#O TimeZoneSpec=
The TimeZoneSpec option lets you explicitly choose the local time zone, overriding the value in the TZ environment if it exists. The next line relates to the UID and GID used by sendmail:
O DefaultUser=8:12
The DefaultUser option specifies the UID and GID of the default user to which sendmail switches when delivering mail. In this case, it is set to mail:mail (UID 8 and GID 12). The next line relates to the location of the user database file:
O UserDatabaseSpec=/etc/mail/userdb.db
The UserDatabaseSpec option lets you choose another database to redirect incoming messages and rewrite header fields of outgoing messages. The next lines can create fallback connections:
#O FallbackMXhost=fall.back.host.net
O TryNullMXList=true
The FallbackMXhost option can be used by sites that don't have a reliable connection to the Internet, where it would be preferable to relay the messages to another host with a better connection rather than queue the mail on the local machine.If the host sending a message is also an MX (mail exchanger) host for the receiving host, all hosts with a higher MX preference are deemed invalid. If this results in no available mail exchangers, the message is returned to the sender if the TryNullMXList option is set to False. If the option is set to True, sendmail tries to send mail directly to the receiving host before returning the message as undelivered. The next lines relate to responses to high load averages:
#O QueueLA=8
#O RefuseLA=12
The QueueLA option specifies system load average after which mail is not delivered at once but queued to process later. The RefuseLA option sets the point at which incoming mail is no longer accepted. The next lines can set child processes and new connections:
#O MaxDaemonChildren=0
#O ConnectionRateThrottle=0
Sendmail forks a copy of itself to handle each incoming message and to process the queue. The MaxDaemonChildren option restricts the number of children of the original sendmail process that can exist simultaneously. Though this sounds like a good idea, it also makes it easier for someone to implement a Denial-of-Service attack on your machine by keeping all available child processes occupied.
A better idea (if you must limit incoming connections) is to use the ConnectionRateThrottle option. Rather than deny connections beyond a certain threshold, the ConnectionRateThrottle option slows down acceptance of messages. Using a value of three as an example, if eight connections arrive at once, three are handled immediately; three more are processed after a one-second delay; and the remaining two are handled after a two-second delay. The next line relates to processes for queued jobs:
#O ForkEachJob=False
The ForkEachJob option instructs sendmail to fork a copy of itself to handle each individual message in the queue. This may be useful for machines with limited amounts of memory but should generally not be used (or set to False). The next lines are related to message priority:
#O RecipientFactor=30000
#O ClassFactor=1800
#O RetryFactor=90000
The ClassFactor and RecipientFactor options change the order in which queued messages are sent, based on precedence class or number of recipients. The RetryFactor option can be used to alter the priority of a message in the queue that has already been processed but couldn't be delivered. The next line relates to the character set:
#O DefaultCharSet=iso-8859-1
The DefaultCharSet option defines the MIME type used when converting 8-bit messages into 7-bit messages. The next line defines the location of the service.switch file:
#O ServiceSwitchFile=/etc/mail/service.switch
Because the /etc/nsswitch.conf file already dictates the order for resolving various database requests, the ServiceSwitchFile option is ignored, even if defined. It is best to leave it commented out. The next line lets you redefine the location of the /etc/hosts file:
#O HostsFile=/etc/hosts
The HostsFile option specifies the path to the file containing locally customized IP address-to-host name translations. The default value is /etc/hosts. The next line relates to dial-up delays when the connection fails:
#O DialDelay=10s
When a dial-up connection to the Internet needs to be established, the time required to secure the connection can vary greatly. The DialDelay option allows a number of seconds or minutes to be specified, which represents the amount of time sendmail sleeps if its initial connection attempt fails. The next line lets you define what to do if there is no recipient in the message:
#O NoRecipientAction=add-to-undisclosed
The NoRecipientAction option instructs sendmail what to do if a message has no recipients specified in the header lines. The valid parameters include add-apparently-to (adds an "Apparently-To:" header), add-bcc (adds an empty "Bcc:" header line to comply with RFC 821), add-to (adds a "To:" header with recipients from the message "envelope"), add-to-undisclosed (adds an empty "To: undisclosed-recipients:" header), and none (delivers the message without change). The next line can change the root directory used by sendmail:
#O SafeFileEnvironment=/arch
The SafeFileEnvironment option provides a more secure location for delivering mail to files by using a chroot system call. The next line defines whether colons are okay in an address:
#O ColonOkInAddr=True
The ColonOkInAddr option determines whether colons are valid within addresses. The default value is False, indicating that a colon within an e-mail address represents an error. The next line relates to expanding CNAMES:
#O DontExpandCnames=False
The DontExpandCnames option controls whether sendmail accepts a CNAME record as the canonical host name. If the DontExpandCnames option is set to True, the CNAME record is considered valid within the rewriting rules. If it is set to False (the default value), the CNAME record must be translated into a valid address record for use within the rewriting rules. The next line relates to the SMTP login message:
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b
The SmtpGreetingMessage option defines the banner text presented when a client connects to the sendmail daemon on the local machine. In the preceding line, $j evaluates to the FQDN of the local machine; $v and $Z represent the configuration file and executable program versions, respectively; $b is the current local date and time. This prints a line similar to the following:
220 al.mybox.com ESMTP Sendmail 8.12.8-4/8.12.8-4;
Mon, 9 Sep 2002 18:47:23 -0400
The next line defines the UnixFromLine option:
O UnixFromLine=From $g $d
The UnixFromLine option defines the format of the "From" header line that is used as a message separator within mailbox files. The default value of $g $d prints the sender's e-mail address, followed by two blank spaces and the local date and time at which the message was received. The next line defines how to handle embedded newlines:
#O SingleLineFromHeader=False
If the SingleLineFromHeader option is set to True, any newlines within the "From:" header are converted into spaces. Otherwise, the split header lines are retained. The next line relates to how SMTP responds to a HELO request not associated with a host name:
#O AllowBogusHELO=False
If the AllowBogusHELO option is set to True, the restriction that a host name must follow a HELO command is not enforced. If it is set to False (the default), the behavior specified by RFC 1123 is required. The next line relates to quoting special characters:
#O MustQuoteChars=.
By default (and according to RFC 821), the nine characters enumerated in the comment in the first line must be quoted if they appear in a nonaddress portion of an address (for example, the user's name or nickname). The . and ' characters can be specified in the MustQuoteChars option to require quoting as well. The next line relates to delimiter characters:
O OperatorChars=.:%@!^/[]+
The OperatorChars option lists the characters (in addition to the set of ()<>,;\"\r\n already defined by sendmail) that can be used as separators within an address. This option should not be altered. The next line relates to initgroups:
#O DontInitGroups=False
The DontInitGroups option (if set to True) forces sendmail to not process the initgroups system call. This is useful if groups have many members or a slow name service is used. The default value is False. The next line relates to an obsolete function:
#O UnsafeGroupWrites=True
The UnsafeGroupWrites option has been replaced by arguments to DontBlameSendmail, which was discussed early in this section. The next lines relate to sending errors:
#O DoubleBounceAddress=postmaster
#O DeadLetterDrop=/var/tmp/dead.letter
The DoubleBounceAddress option specifies the recipient of error messages that result from a failure to deliver an earlier error message. The default value is the postmaster alias. The DeadLetterDrop option sets the backup location for saving bounced e-mail if the bounced e-mail can't be written to other locations (by default, it is /var/tmp/dead.letter). The next line relates to the user ID used for sendmail processing:
#O RunAsUser=sendmail
By using the RunAsUser option, sendmail can be configured to perform most of its processing (other than reading the configuration file and listening for incoming connections on a privileged port) as an unprivileged user. The RunAsUser option specifies the user name or UID of the user. This may sound like a good idea, but it has the side effect of requiring the unprivileged user to have access to all .forward files, :include: files, and the queue directory. This will likely require liberal use of the DontBlameSendmail options and could cause more problems than it solves. The next line relates to the recipients in an SMTP envelope:
#O MaxRecipientsPerMessage=100
The MaxRecipientsPerMessage option specifies the upper boundary on the number of individual recipients per message in an effort to block mail spam (unsolicited commercial / bulk e-mail), which is commonly sent to large distribution lists. By default, there is no restriction. The next line limits the rate of recipient rejections in an SMTP envelope:
#O BadRcptThrottle=20
If the number of recipients rejected from a single SMTP envelope exceeds the value of BadRcptThrottle, sendmail will sleep one second after each rejected receipt. This is meant to slow down some denial-of-service attacks. The next line relates to getting local names:
O DontProbeInterfaces=true
The DontProbeInterfaces option (if True) keeps sendmail from automatically modifying the class macro Cw with hostnames and addresses of all network interfaces. By default, equivalent hosts and addresses are added to Cw. The next line relates to delivery status notification:
#O RrtImpliesDsn=False
The RtrImpliesDsn option sends a delivery status notification to the envelope sender instead of to the address in the header. The next option lets you override a connection address:
#O ConnectOnlyTo=0.0.0.0
To force all mail delivery to a particular address, add an IP address to the ConnectOnlyTo option. This is useful for testing. The next option relates to defining a trusted user:
#O TrustedUser=smmsp
The TrustedUser option can be used to set which user on your system is trusted to own sendmail-related files and to run sendmail daemons. The user name can be either the name or user ID contained in the /etc/passwd file. To be more secure, the TrustedUser recently changed from root to smmsp.A variety of authentication options are included in the next section. The only active option is the following AuthOptions option:
O AuthOptions=A
The AuthOptions option with an A value causes the AUTH= parameter for the MAIL FROM command to be issued when authentication succeeds. The final set of options in this section that may interest you are used to indicate the locations of certificate authority (CA) certificates and private keys on your system:
#O CACertPath
#O CACertFile
#O ServerCertFile
#O ServerKeyFile
#O ClientCertFile
#O ClientKeyFile
The CACertPath option lets you indicate a directory that contains CA certificates. CACertFile lets you indicate an individual CA certificate. ServerCertFile and ServerKeyFile let you identify the CA certificate and associated private key, respectively, that sendmail should use when it is acting as a server. ClientCertFile and ClientKeyFile let you identify the CA certificate and associated private key that sendmail should use when it is acting as a client.
Message precedences
Precedences can be associated with e-mail messages in an attempt to give some messages higher authority for transferring than others. The Message precedences section of the sendmail.cf file sets how different message precedences are handled. The following lines appear at the beginning of the section:
Pfirst-class=0
Pspecial-delivery=100
Plist=-30
Pbulk=-60
Pjunk=-100
The previous lines equate precedence values with the possible precedence names in message headers. The meaning of each precedence name is indicated in Table 19-4. The numbers by themselves aren't significant, except in relation to other precedence names. Also note that incoming mail is processed immediately by default, so these priority values apply only to messages in the queue.
Name | Meaning |
|---|---|
special-delivery | A high-priority message that should be delivered from the queue before any others. |
first-class | Unless overridden in the message header, this is the default priority. |
list | This precedence name should be used for most messages emanating from mailing lists. |
bulk | A relatively noncrucial broadcast message. This also indicates that if there are delivery troubles, the body of the message will not be included in bounce notices. |
junk | Worthless e-mail that is possibly the output of a program or a test message. The body is also discarded from bounce notices. |
Trusted users
You can allow users you trust to send messages that have sender names other than their real user names. These lines appear in the Trusted users section for setting trusted user values:
Ft/etc/mail/trusted-users
Troot
Tdaemon
Tuucp
These names specify users who are allowed to use sendmail's -f flag to set a sender other than the user running the command. You probably won't want to specify any normal user accounts here. However, if you use a mailing list manager (see the next section) that lets you specify the sender of outgoing messages, you may want to include the line Tmajordomo. Otherwise, all outgoing mail to list recipients will contain the error X-Authentication-Warning: localhost: majordomo set sender to owner-bigmailinglist using -f in the message header. If you have lots of trusted users, use file class t to specify a file that contains the list of names.
Format of headers
The format of the mail headers used with sendmail is set in your /etc/sendmail.cf file. The following lines appear at the beginning of that section:
H?P?Return-Path: <$g>
HReceived: $?sfrom $s $.$?_($?s$|from $.$_)
$.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.)
$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}
(version=${tls_version} cipher=${cipher} bits=${cipher_bits}
verify=${verify})$.$?u
for $u; $|;
$.$b
H?D?Resent-Date: $a
H?D?Date: $a
H?F?Resent-From: $?x$x <$g>$|$g$.
H?F?From: $?x$x <$g>$|$g$.
H?x?Full-Name: $x
# HPosted-Date: $a
# H?l?Received-Date: $b
H?M?Resent-Message-Id: <$t.$i@$j>
H?M?Message-Id: <$t.$i@$j>
These lines dictate the format of message headers. After the appropriate values are substituted into the preceding variables, this block of text becomes a qf file in /var/spool/mqueue.
Rewriting rules
The Rewriting rules section of the sendmail.cf file contains a complex set of rules needed to handle your sendmail service. The rules cover such things as converting addresses and dealing with local host names. You should not change entries in this section arbitrarily.
Mailer definitions
Mail Delivery Agents (MDAs) are described in the mailer definitions. Specifically, the section defines the Mlocal and Mprog MDAs used (procmail and smrsh), respectively:
Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9,
S=EnvFromL/HdrFromL,
R=EnvToL/HdrToL,
T=DNS/RFC822/X-Unix,
A=procmail -Y -a $h -d $u
Mprog, P=/usr/sbin/smrsh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL,
R=EnvToL/HdrToL, D=$z:/,
T=X-Unix/X-Unix/X-Unix,
A=smrsh -c $u
In general, you shouldn't need to modify the options specified in the mailer definitions. However, the Mlocal and Mprog mailer definitions, shown previously, are worthy of note. The Mlocal definition is for delivering messages to a local account. The procmail MDA is used (rather than the old UNIX standard of /bin/mail) to place the mail in the local user's mailbox.The Mprog mailer definition is used when the recipient of a message is actually a program (as in the case of majordomo, described in the next section). To direct a message to a program, sendmail uses a program called smrsh (SendMail Restricted Shell). Allowing mail to be piped directly into a program is not a great idea from a security standpoint, but smrsh makes the process a bit safer. For the program to successfully execute, a link to the program must exist within the /etc/smrsh directory. This restriction ensures that only programs installed by the administrator can directly receive mail, and other random executable programs are denied.
Redirecting mail
At times, you may want to redirect mail to some place other than the recipient's mailbox on the local server. Each user can redirect his mail using the .forward file. System-wide, you can set aliases to redirect mail in the /etc/aliases file.
The .forward file
One way for users to redirect their own mail is through the use of the .forward file, as described within the previously listed sendmail.cf file. The format of a plain-text .forward file is a comma-separated list of mail recipients. Common uses of the .forward file include:
Piping mail to a program to filter the mailbox contents:"| /usr/bin/procmail"
Sending mail destined for one user (for example, jkpat) to another (for example, cht09, on a different machine in this case):cht09@other.mybox.com
Delivering mail to the local user (jkpat again) and sending it to two others (cht09 and brannigan):\jkpat, cht09@other.mybox.com, brannigan
The aliases file
A more flexible method of handling mail delivery (system-wide rather than being specific to one particular user) involves the /etc/aliases file, which is also a plain-text file. The aliases file (described earlier in the sendmail.cf section) contains a name followed by a colon, and then a user name, another alias, a list of addresses, a file, or a program to which mail will be delivered. The name on the left side of the colon (which can be a valid user name or just an alias) can then be used as an e-mail recipient on the local machine. Using the aliases file for mail-aliasing allows for several extensions to normal mail-handling behavior:
One account can receive mail under several different names:patterson: jkpat
This indicates that any mail addressed to patterson@mybox.com (just an alias) will arrive in the mailbox of jkpat (an actual user account).
Mail can be received under a name that isn't a valid (or reasonable) user name:Charlie.Jackson.II@mybox.com: jackson
He wouldn't really want to type Charlie.Jackson.II as a user name, but that doesn't mean he can't receive mail as such.
Messages intended for one user can be redirected to another account (or to several accounts):oldemployee: bradford
consultant: bradford, jackson, patterson
users: :include:/root/mail/lists/users
Here, any message for oldemployee@mybox.com would be delivered to the mailbox of user bradford. Also, the users bradford, jackson, and patterson would receive any mail addressed to consultant. The third line indicates that the recipients of the "users" alias are specified in the file /root/mail/lists/users.
Mail can be sent directly to a file on the local machine:acsp-bugs: /dev/null
trouble-ticket: /var/spool/trouble/incoming
In the first line, because the fictional ACSP program is no longer used on the machine, there's no need to track its errors, so the mail is effectively ignored. The second line stores incoming trouble tickets in the /var/spool/trouble/incoming file. Remember that if you enable this, anyone anywhere can send you a sufficiently large message to fill up the partition on which that directory resides. This is a security risk and should be carefully evaluated before being implemented.
Incoming messages can be piped directly into an executable program:majordomo: "| /usr/lib/majordomo/wrapper majordomo"
