[12553] | 1 | |
---|
| 2 | |
---|
| 3 | K N O W N B U G S I N S E N D M A I L |
---|
| 4 | |
---|
| 5 | |
---|
[19203] | 6 | The following are bugs or deficiencies in sendmail that we are aware of |
---|
[12553] | 7 | but which have not been fixed in the current release. You probably |
---|
[19203] | 8 | want to get the most up to date version of this from ftp.sendmail.org |
---|
[12553] | 9 | in /pub/sendmail/KNOWNBUGS. For descriptions of bugs that have been |
---|
| 10 | fixed, see the file RELEASE_NOTES (in the root directory of the sendmail |
---|
| 11 | distribution). |
---|
| 12 | |
---|
| 13 | This list is not guaranteed to be complete. |
---|
| 14 | |
---|
[19203] | 15 | * Delivery to programs that generate too much output may cause problems |
---|
[12553] | 16 | |
---|
[19203] | 17 | If e-mail is delivered to a program which generates too much |
---|
| 18 | output, then sendmail may issue an error: |
---|
| 19 | |
---|
| 20 | timeout waiting for input from local during Draining Input |
---|
| 21 | |
---|
| 22 | Make sure that the program does not generate output beyond a |
---|
| 23 | status message (corresponding to the exit status). This may |
---|
| 24 | require a wrapper around the actual program to redirect output |
---|
| 25 | to /dev/null. |
---|
| 26 | |
---|
| 27 | Such a problem has been reported for bulk_mailer. |
---|
| 28 | |
---|
[12553] | 29 | * Null bytes are not handled properly in headers. |
---|
| 30 | |
---|
| 31 | Sendmail should handle full binary data. As it stands, it handles |
---|
| 32 | all values in the body, but only 0x01-0x80 and 0xA0-0xFF in |
---|
| 33 | the header. Notably missing is 0x00, which would require a major |
---|
| 34 | restructuring of the code -- for example, almost no C library support |
---|
| 35 | could be used to handle strings. |
---|
| 36 | |
---|
[19203] | 37 | * Header checks are not called if header value is too long or empty. |
---|
| 38 | |
---|
| 39 | If the value of a header is longer than 1250 (MAXNAME + MAXATOM - 6) |
---|
| 40 | characters or it contains a single word longer than 256 (MAXNAME) |
---|
| 41 | characters then no header check is done even if one is configured for |
---|
| 42 | the header. |
---|
| 43 | |
---|
| 44 | * Sender addresses whose domain part cause a temporary A record lookup |
---|
| 45 | failure but have a valid MX record will be temporarily rejected in |
---|
| 46 | the default configuration. Solution: fix the DNS at the sender side. |
---|
| 47 | If that's not easy to achieve, possible workarounds are: |
---|
| 48 | - add an entry to the access map: |
---|
| 49 | dom.ain OK |
---|
| 50 | - (only for advanced users) replace |
---|
| 51 | |
---|
| 52 | # Resolve map (to check if a host exists in check_mail) |
---|
| 53 | Kresolve host -a<OKR> -T<TEMP> |
---|
| 54 | |
---|
| 55 | with |
---|
| 56 | |
---|
| 57 | # Resolve map (to check if a host exists in check_mail) |
---|
| 58 | Kcanon host -a<OKR> -T<TEMP> |
---|
| 59 | Kdnsmx dns -R MX -a<OKR> -T<TEMP> |
---|
| 60 | Kresolve sequence dnsmx canon |
---|
| 61 | |
---|
| 62 | |
---|
[12553] | 63 | * Duplicate error messages. |
---|
| 64 | |
---|
| 65 | Sometimes identical, duplicate error messages can be generated. As |
---|
| 66 | near as I can tell, this is rare and relatively innocuous. |
---|
| 67 | |
---|
[19203] | 68 | * Misleading error messages. |
---|
[12553] | 69 | |
---|
[19203] | 70 | If an illegal address is specified on the command line together |
---|
| 71 | with at least one valid address and PostmasterCopy is set, the |
---|
| 72 | DSN does not contain the illegal address, but only the valid |
---|
| 73 | address(es). |
---|
[12553] | 74 | |
---|
| 75 | * \231 considered harmful. |
---|
| 76 | |
---|
| 77 | Header addresses that have the \231 character (and possibly others |
---|
| 78 | in the range \201 - \237) behave in odd and usually unexpected ways. |
---|
| 79 | |
---|
| 80 | * accept() problem on SVR4. |
---|
| 81 | |
---|
| 82 | Apparently, the sendmail daemon loop (doing accept()s on the network) |
---|
| 83 | can get into a weird state on SVR4; it starts logging ``SYSERR: |
---|
| 84 | getrequests: accept: Protocol Error''. The workaround is to kill |
---|
| 85 | and restart the sendmail daemon. We don't have an SVR4 system at |
---|
| 86 | Berkeley that carries more than token mail load, so I can't validate |
---|
| 87 | this. It is likely to be a glitch in the sockets emulation, since |
---|
| 88 | "Protocol Error" is not possible error code with Berkeley TCP/IP. |
---|
| 89 | |
---|
| 90 | I've also had someone report the message ``sendmail: accept: |
---|
| 91 | SIOCGPGRP failed errno 22'' on an SVR4 system. This message is |
---|
| 92 | not in the sendmail source code, so I assume it is also a bug |
---|
| 93 | in the sockets emulation. (Errno 22 is EINVAL "Invalid Argument" |
---|
| 94 | on all the systems I have available, including Solaris 2.x.) |
---|
| 95 | Apparently, this problem is due to linking -lc before -lsocket; |
---|
| 96 | if you are having this problem, check your Makefile. |
---|
| 97 | |
---|
| 98 | * accept() problem on Linux. |
---|
| 99 | |
---|
| 100 | The accept() in sendmail daemon loop can return ETIMEDOUT. An |
---|
| 101 | error is reported to syslog: |
---|
| 102 | |
---|
| 103 | Jun 9 17:14:12 hostname sendmail[207]: NOQUEUE: SYSERR(root): |
---|
| 104 | getrequests: accept: Connection timed out |
---|
| 105 | |
---|
| 106 | "Connection timed out" is not documented as a valid return from |
---|
| 107 | accept(2) and this was believed to be a bug in the Linux kernel. |
---|
| 108 | Later information from the Linux kernel group states that Linux |
---|
| 109 | 2.0 kernels follow RFC1122 while sendmail follows the original BSD |
---|
| 110 | (now POSIX 1003.1g draft) specification. The 2.1.X and later kernels |
---|
| 111 | will follow the POSIX draft. |
---|
| 112 | |
---|
| 113 | * Excessive mailing list nesting can run out of file descriptors. |
---|
| 114 | |
---|
| 115 | If you have a mailing list that includes lots of other mailing |
---|
| 116 | lists, each of which has a separate owner, you can run out of |
---|
| 117 | file descriptors. Each mailing list with a separate owner uses |
---|
| 118 | one open file descriptor (prior to 8.6.6 it was three open |
---|
| 119 | file descriptors per list). This is particularly egregious if |
---|
| 120 | you have your connection cache set to be large. |
---|
| 121 | |
---|
| 122 | * Connection caching breaks if you pass the port number as an argument. |
---|
| 123 | |
---|
| 124 | If you have a definition such as: |
---|
| 125 | |
---|
| 126 | Mport, P=[IPC], F=kmDFMuX, S=11/31, R=21, |
---|
| 127 | M=2100000, T=DNS/RFC822/SMTP, |
---|
| 128 | A=IPC [127.0.0.1] $h |
---|
| 129 | |
---|
| 130 | (i.e., where $h is the port number instead of the host name) the |
---|
| 131 | connection caching code will break because it won't notice that |
---|
| 132 | two messages addressed to different ports should use different |
---|
| 133 | connections. |
---|
| 134 | |
---|
| 135 | * ESMTP SIZE underestimates the size of a message |
---|
| 136 | |
---|
| 137 | Sendmail makes no allowance for headers that it adds, nor does it |
---|
| 138 | account for the SMTP on-the-wire \r\n expansion. It probably doesn't |
---|
| 139 | allow for 8->7 bit MIME conversions either. |
---|
| 140 | |
---|
[19203] | 141 | * Client ignores SIZE parameter. |
---|
| 142 | |
---|
| 143 | When sendmail acts as client and the server specifies a limit |
---|
| 144 | for the mail size, sendmail will ignore this and try to send the |
---|
| 145 | mail anyway. The server will usually reject the MAIL command |
---|
| 146 | which specifies the size of the message and hence this problem |
---|
| 147 | is not significant. |
---|
| 148 | |
---|
[12553] | 149 | * Paths to programs being executed and the mode of program files are |
---|
| 150 | not checked. Essentially, the RunProgramInUnsafeDirPath and |
---|
| 151 | RunWritableProgram bits in the DontBlameSendmail option are always |
---|
| 152 | set. This is not a problem if your system is well managed (that is, |
---|
| 153 | if binaries and system directories are mode 755 instead of something |
---|
| 154 | foolish like 777). |
---|
| 155 | |
---|
| 156 | * 8-bit data in GECOS field |
---|
| 157 | |
---|
| 158 | If the GECOS (personal name) information in the passwd file contains |
---|
| 159 | 8-bit characters, those characters can be included in the message |
---|
| 160 | header, which can cause problems when sending SMTP to hosts that |
---|
| 161 | only accept 7-bit characters. |
---|
| 162 | |
---|
| 163 | * 8->7 bit MIME conversion |
---|
| 164 | |
---|
| 165 | When sendmail is doing 8->7 bit MIME conversions, and the message |
---|
| 166 | contains certain MIME body types that cannot be converted to 7-bit, |
---|
| 167 | sendmail will strip the message to 7-bit. |
---|
| 168 | |
---|
| 169 | * 7->8 bit MIME conversion |
---|
| 170 | |
---|
| 171 | If a message that is encoded as 7-bit MIME is converted to 8-bit and |
---|
| 172 | that message when decoded is illegal (e.g., because of long lines or |
---|
| 173 | illegal characters), sendmail can produce an illegal message. |
---|
| 174 | |
---|
| 175 | * MIME encoded full name phrases in the From: header |
---|
| 176 | |
---|
[19203] | 177 | If a full name phrase includes characters from MustQuoteChars, sendmail |
---|
| 178 | will quote the entire full name phrase. If MustQuoteChars includes |
---|
| 179 | characters which are not special characters according to STD 11 (RFC |
---|
| 180 | 822), this quotation can interfere with MIME encoded full name phrases. |
---|
[12553] | 181 | By default, sendmail includes the single quote character (') in |
---|
| 182 | MustQuoteChars even though it is not listed as a special character in |
---|
| 183 | STD 11. |
---|
| 184 | |
---|
| 185 | * bestmx map with -z flag truncates the list of MX hosts |
---|
| 186 | |
---|
| 187 | A bestmx map configured with the -z flag will truncate the list |
---|
| 188 | of MX hosts. This prevents creation of strings which are too |
---|
| 189 | long for ruleset parsing. This can have an adverse effect on the |
---|
| 190 | relay_based_on_MX feature. |
---|
| 191 | |
---|
| 192 | * Saving to ~sender/dead.letter fails if su'ed to root |
---|
| 193 | |
---|
| 194 | If ErrorMode is set to print and an error in sending mail occurs, |
---|
| 195 | the normal action is to print a message to the screen and append |
---|
| 196 | the message to a dead.letter file in the sender's home directory. |
---|
| 197 | In the case where the sender is using su to act as root, the file |
---|
| 198 | safety checks prevent sendmail from saving the dead.letter file |
---|
| 199 | because the sender's uid and the current real uid do not match. |
---|
[19203] | 200 | |
---|
[12553] | 201 | * Berkeley DB 2.X race condition with fcntl() locking |
---|
| 202 | |
---|
| 203 | There is a race condition for Berkeley DB 2.X databases on |
---|
| 204 | operating systems which use fcntl() style locking, such as |
---|
| 205 | Solaris. Sendmail locks the map before calling db_open() to |
---|
| 206 | prevent others from modifying the map while it is being opened. |
---|
| 207 | Unfortunately, Berkeley DB opens the map, closes it, and then |
---|
| 208 | reopens it. fcntl() locking drops the lock when any file |
---|
| 209 | descriptor pointing to the file is closed, even if it is a |
---|
| 210 | different file descriptor than the one used to initially lock |
---|
| 211 | the file. As a result there is a possibility that entries in a |
---|
| 212 | map might not be found during a map rebuild. As a workaround, |
---|
| 213 | you can use makemap to build a map with a new name and then |
---|
| 214 | "mv" the new db file to replace the old one. |
---|
| 215 | |
---|
[19203] | 216 | Sleepycat Software has added code to avoid this race condition to |
---|
| 217 | Berkeley DB versions after 2.7.5. |
---|
| 218 | |
---|
[12553] | 219 | * File open timeouts not available on hard mounted NFS file systems |
---|
| 220 | |
---|
| 221 | Since SIGALRM does not interrupt an RPC call for hard mounted |
---|
| 222 | NFS file systems, it is impossible to implement a timeout on a file |
---|
| 223 | open operation. Therefore, while the NFS server is not responding, |
---|
| 224 | attempts to open a file on that server will hang. Systems with |
---|
| 225 | local mail delivery and NFS hard mounted home directories should be |
---|
| 226 | avoided, as attempts to open the forward files could hang. |
---|
| 227 | |
---|
[19203] | 228 | * Race condition for delivery to set-user-ID files |
---|
| 229 | |
---|
| 230 | Sendmail will deliver to a fail if the file is owned by the DefaultUser |
---|
| 231 | or has the set-user-ID bit set. Unfortunately, some systems clear that bit |
---|
| 232 | when a file is modified. Sendmail compensates by resetting the file mode |
---|
| 233 | back to it's original settings. Unfortunately, there's still a |
---|
| 234 | permission failure race as sendmail checks the permissions before locking |
---|
| 235 | the file. This is unavoidable as sendmail must verify the file is safe |
---|
| 236 | to open before opening it. A file can not be locked until it is open. |
---|
| 237 | |
---|
| 238 | * MAIL_HUB always takes precedence over LOCAL_RELAY |
---|
| 239 | |
---|
| 240 | Despite the information in the documentation, MAIL_HUB ($H) will always |
---|
| 241 | be used if set instead of LOCAL_RELAY ($R). This will be fixed in a |
---|
| 242 | future version. |
---|
| 243 | |
---|
| 244 | $Revision: 1.1.1.2 $, Last updated $Date: 2003-04-08 15:08:39 $ |
---|