1 | # Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. |
---|
2 | # All rights reserved. |
---|
3 | # Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. |
---|
4 | # Copyright (c) 1988 |
---|
5 | # The Regents of the University of California. All rights reserved. |
---|
6 | # |
---|
7 | # By using this file, you agree to the terms and conditions set |
---|
8 | # forth in the LICENSE file which can be found at the top level of |
---|
9 | # the sendmail distribution. |
---|
10 | # |
---|
11 | # |
---|
12 | # $Id: README,v 1.1.1.1 2003-04-08 15:09:19 zacheiss Exp $ |
---|
13 | # |
---|
14 | |
---|
15 | This directory contains the source files for sendmail(TM). |
---|
16 | |
---|
17 | ******************************************************************* |
---|
18 | !! Read sendmail/SECURITY for important installation information !! |
---|
19 | ******************************************************************* |
---|
20 | |
---|
21 | ********************************************************** |
---|
22 | ** Read below for more details on building sendmail. ** |
---|
23 | ********************************************************** |
---|
24 | |
---|
25 | ************************************************************************** |
---|
26 | ** IMPORTANT: Read the appropriate paragraphs in the section on ** |
---|
27 | ** ``Operating System and Compile Quirks''. ** |
---|
28 | ************************************************************************** |
---|
29 | |
---|
30 | For detailed instructions, please read the document ../doc/op/op.me: |
---|
31 | |
---|
32 | cd ../doc/op ; make op.ps op.txt |
---|
33 | |
---|
34 | Sendmail is a trademark of Sendmail, Inc. |
---|
35 | |
---|
36 | |
---|
37 | +-------------------+ |
---|
38 | | BUILDING SENDMAIL | |
---|
39 | +-------------------+ |
---|
40 | |
---|
41 | By far, the easiest way to compile sendmail is to use the "Build" |
---|
42 | script: |
---|
43 | |
---|
44 | sh Build |
---|
45 | |
---|
46 | This uses the "uname" command to figure out what architecture you are |
---|
47 | on and creates a proper Makefile accordingly. It also creates a |
---|
48 | subdirectory per object format, so that multiarchitecture support is |
---|
49 | easy. In general this should be all you need. IRIX 6.x users should |
---|
50 | read the note below in the OPERATING SYSTEM AND COMPILE QUIRKS section. |
---|
51 | |
---|
52 | If you need to look at other include or library directories, use the |
---|
53 | -I or -L flags on the command line, e.g., |
---|
54 | |
---|
55 | sh Build -I/usr/sww/include -L/usr/sww/lib |
---|
56 | |
---|
57 | It's also possible to create local site configuration in the file |
---|
58 | site.config.m4 (or another file settable with the -f flag). This |
---|
59 | file contains M4 definitions for various compilation values; the |
---|
60 | most useful are: |
---|
61 | |
---|
62 | confMAPDEF -D flags to specify database types to be included |
---|
63 | (see below) |
---|
64 | confENVDEF -D flags to specify other environment information |
---|
65 | confINCDIRS -I flags for finding include files during compilation |
---|
66 | confLIBDIRS -L flags for finding libraries during linking |
---|
67 | confLIBS -l flags for selecting libraries during linking |
---|
68 | confLDOPTS other ld(1) linker options |
---|
69 | |
---|
70 | Others can be found by examining Makefile.m4. Please read |
---|
71 | ../devtools/README for more information about the site.config.m4 |
---|
72 | file. |
---|
73 | |
---|
74 | You can recompile from scratch using the -c flag with the Build |
---|
75 | command. This removes the existing compilation directory for the |
---|
76 | current platform and builds a new one. The -c flag must also |
---|
77 | be used if any site.*.m4 file in devtools/Site/ is changed. |
---|
78 | |
---|
79 | Porting to a new Unix-based system should be a matter of creating |
---|
80 | an appropriate configuration file in the devtools/OS/ directory. |
---|
81 | |
---|
82 | |
---|
83 | +----------------------+ |
---|
84 | | DATABASE DEFINITIONS | |
---|
85 | +----------------------+ |
---|
86 | |
---|
87 | There are several database formats that can be used for the alias files |
---|
88 | and for general maps. When used for alias files they interact in an |
---|
89 | attempt to be backward compatible. |
---|
90 | |
---|
91 | The options are: |
---|
92 | |
---|
93 | NEWDB The new Berkeley DB package. Some systems (e.g., BSD/OS and |
---|
94 | Digital UNIX 4.0) have some version of this package |
---|
95 | pre-installed. If your system does not have Berkeley DB |
---|
96 | pre-installed, or the version installed is not version 2.0 |
---|
97 | or greater (e.g., is Berkeley DB 1.85 or 1.86), get the |
---|
98 | current version from http://www.sleepycat.com/. DO NOT |
---|
99 | use a version from any of the University of California, |
---|
100 | Berkeley "Net" or other distributions. If you are still |
---|
101 | running BSD/386 1.x, you will need to upgrade the included |
---|
102 | Berkeley DB library to a current version. NEWDB is included |
---|
103 | automatically if the Build script can find a library named |
---|
104 | libdb.a or libdb.so. |
---|
105 | See also OPERATING SYSTEM AND COMPILE QUIRKS about Berkeley |
---|
106 | DB versions, e.g., DB 4.1.x. |
---|
107 | NDBM The older NDBM implementation -- the very old V7 DBM |
---|
108 | implementation is no longer supported. |
---|
109 | NIS Network Information Services. To use this you must have |
---|
110 | NIS support on your system. |
---|
111 | NISPLUS NIS+ (the revised NIS released with Solaris 2). You must |
---|
112 | have NIS+ support on your system to use this flag. |
---|
113 | HESIOD Support for Hesiod (from the DEC/Athena distribution). You |
---|
114 | must already have Hesiod support on your system for this to |
---|
115 | work. You may be able to get this to work with the MIT/Athena |
---|
116 | version of Hesiod, but that's likely to be a lot of work. |
---|
117 | BIND 8.X also includes Hesiod support. |
---|
118 | LDAPMAP Lightweight Directory Access Protocol support. You will |
---|
119 | have to install the UMich or OpenLDAP |
---|
120 | (http://www.openldap.org/) ldap and lber libraries to use |
---|
121 | this flag. |
---|
122 | MAP_REGEX Regular Expression support. You will need to use an |
---|
123 | operating system which comes with the POSIX regex() |
---|
124 | routines or install a regexp library such as libregex from |
---|
125 | the Free Software Foundation. |
---|
126 | DNSMAP DNS map support. Requires NAMED_BIND. |
---|
127 | PH_MAP PH map support. You will need the libphclient library from |
---|
128 | the nph package (http://www-dev.cso.uiuc.edu/ph/nph/). |
---|
129 | MAP_NSD nsd map support (IRIX 6.5 and later). |
---|
130 | |
---|
131 | >>> NOTE WELL for NEWDB support: If you want to get ndbm support, for |
---|
132 | >>> Berkeley DB versions under 2.0, it is CRITICAL that you remove |
---|
133 | >>> ndbm.o from libdb.a before you install it and DO NOT install ndbm.h; |
---|
134 | >>> for Berkeley DB versions 2.0 through 2.3.14, remove dbm.o from libdb.a |
---|
135 | >>> before you install it. If you don't delete these, there is absolutely |
---|
136 | >>> no point to including -DNDBM, since it will just get you another |
---|
137 | >>> (inferior) API to the same format database. These files OVERRIDE |
---|
138 | >>> calls to ndbm routines -- in particular, if you leave ndbm.h in, |
---|
139 | >>> you can find yourself using the new db package even if you don't |
---|
140 | >>> define NEWDB. Berkeley DB versions later than 2.3.14 do not need |
---|
141 | >>> to be modified. Please also consult the README in the top level |
---|
142 | >>> directory of the sendmail distribution for other important information. |
---|
143 | >>> |
---|
144 | >>> Further note: DO NOT remove your existing /usr/include/ndbm.h -- |
---|
145 | >>> you need that one. But do not install an updated ndbm.h in |
---|
146 | >>> /usr/include, /usr/local/include, or anywhere else. |
---|
147 | |
---|
148 | If NEWDB and NDBM are defined (but not NIS), then sendmail will read |
---|
149 | NDBM format alias files, but the next time a newaliases is run the |
---|
150 | format will be converted to NEWDB; that format will be used forever |
---|
151 | more. This is intended as a transition feature. |
---|
152 | |
---|
153 | If NEWDB, NDBM, and NIS are all defined and the name of the file includes |
---|
154 | the string "/yp/", sendmail will rebuild BOTH the NEWDB and NDBM format |
---|
155 | alias files. However, it will only read the NEWDB file; the NDBM format |
---|
156 | file is used only by the NIS subsystem. This is needed because the NIS |
---|
157 | maps on an NIS server are built directly from the NDBM files. |
---|
158 | |
---|
159 | If NDBM and NIS are defined (regardless of the definition of NEWDB), |
---|
160 | and the filename includes the string "/yp/", sendmail adds the special |
---|
161 | tokens "YP_LAST_MODIFIED" and "YP_MASTER_NAME", both of which are |
---|
162 | required if the NDBM file is to be used as an NIS map. |
---|
163 | |
---|
164 | All of these flags are normally defined in a confMAPDEF setting in your |
---|
165 | site.config.m4. |
---|
166 | |
---|
167 | If you define NEWDB or HESIOD you get the User Database (USERDB) |
---|
168 | automatically. Generally you do want to have NEWDB for it to do |
---|
169 | anything interesting. See above for getting the Berkeley DB |
---|
170 | package (i.e., NEWDB). There is no separate "user database" |
---|
171 | package -- don't bother searching for it on the net. |
---|
172 | |
---|
173 | Hesiod and LDAP require libraries that may not be installed with your |
---|
174 | system. These are outside of my ability to provide support. See the |
---|
175 | "Quirks" section for more information. |
---|
176 | |
---|
177 | The regex map can be used to see if an address matches a certain regular |
---|
178 | expression. For example, all-numerics local parts are common spam |
---|
179 | addresses, so "^[0-9]+$" would match this. By using such a map in a |
---|
180 | check_* rule-set, you can block a certain range of addresses that would |
---|
181 | otherwise be considered valid. |
---|
182 | |
---|
183 | |
---|
184 | +---------------+ |
---|
185 | | COMPILE FLAGS | |
---|
186 | +---------------+ |
---|
187 | |
---|
188 | Wherever possible, I try to make sendmail pull in the correct |
---|
189 | compilation options needed to compile on various environments based on |
---|
190 | automatically defined symbols. Some machines don't seem to have useful |
---|
191 | symbols available, requiring that a compilation flag be defined in |
---|
192 | the Makefile; see the devtools/OS subdirectory for the supported |
---|
193 | architectures. |
---|
194 | |
---|
195 | If you are a system to which sendmail has already been ported you |
---|
196 | should not have to touch the following symbols. But if you are porting, |
---|
197 | you may have to tweak the following compilation flags in conf.h in order |
---|
198 | to get it to compile and link properly: |
---|
199 | |
---|
200 | SYSTEM5 Adjust for System V (not necessarily Release 4). |
---|
201 | SYS5SIGNALS Use System V signal semantics -- the signal handler |
---|
202 | is automatically dropped when the signal is caught. |
---|
203 | If this is not set, use POSIX/BSD semantics, where the |
---|
204 | signal handler stays in force until an exec or an |
---|
205 | explicit delete. Implied by SYSTEM5. |
---|
206 | SYS5SETPGRP Use System V setpgrp() semantics. Implied by SYSTEM5. |
---|
207 | HASNICE Define this to zero if you lack the nice(2) system call. |
---|
208 | HASRRESVPORT Define this to zero if you lack the rresvport(3) system call. |
---|
209 | HASFCHMOD Define this to one if you have the fchmod(2) system call. |
---|
210 | This improves security. |
---|
211 | HASFCHOWN Define this to one if you have the fchown(2) system call. |
---|
212 | This is required for the TrustedUser option if sendmail |
---|
213 | must rebuild an (alias) map. |
---|
214 | HASFLOCK Set this if you prefer to use the flock(2) system call |
---|
215 | rather than using fcntl-based locking. Fcntl locking |
---|
216 | has some semantic gotchas, but many vendor systems |
---|
217 | also interface it to lockd(8) to do NFS-style locking. |
---|
218 | Unfortunately, may vendors implementations of fcntl locking |
---|
219 | is just plain broken (e.g., locks are never released, |
---|
220 | causing your sendmail to deadlock; when the kernel runs |
---|
221 | out of locks your system crashes). For this reason, I |
---|
222 | recommend always defining this unless you are absolutely |
---|
223 | certain that your fcntl locking implementation really works. |
---|
224 | HASUNAME Set if you have the "uname" system call. Implied by |
---|
225 | SYSTEM5. |
---|
226 | HASUNSETENV Define this if your system library has the "unsetenv" |
---|
227 | subroutine. |
---|
228 | HASSETSID Define this if you have the setsid(2) system call. This |
---|
229 | is implied if your system appears to be POSIX compliant. |
---|
230 | HASINITGROUPS Define this if you have the initgroups(3) routine. |
---|
231 | HASSETVBUF Define this if you have the setvbuf(3) library call. |
---|
232 | If you don't, setlinebuf will be used instead. This |
---|
233 | defaults on if your compiler defines __STDC__. |
---|
234 | HASSETREUID Define this if you have setreuid(2) ***AND*** root can |
---|
235 | use setreuid to change to an arbitrary user. This second |
---|
236 | condition is not satisfied on AIX 3.x. You may find that |
---|
237 | your system has setresuid(2), (for example, on HP-UX) in |
---|
238 | which case you will also have to #define setreuid(r, e) |
---|
239 | to be the appropriate call. Some systems (such as Solaris) |
---|
240 | have a compatibility routine that doesn't work properly, |
---|
241 | but may have "saved user ids" properly implemented so you |
---|
242 | can ``#define setreuid(r, e) seteuid(e)'' and have it work. |
---|
243 | The important thing is that you have a call that will set |
---|
244 | the effective uid independently of the real or saved uid |
---|
245 | and be able to set the effective uid back again when done. |
---|
246 | There's a test program in ../test/t_setreuid.c that will |
---|
247 | try things on your system. Setting this improves the |
---|
248 | security, since sendmail doesn't have to read .forward |
---|
249 | and :include: files as root. There are certain attacks |
---|
250 | that may be unpreventable without this call. |
---|
251 | USESETEUID Define this to 1 if you have a seteuid(2) system call that |
---|
252 | will allow root to set only the effective user id to an |
---|
253 | arbitrary value ***AND*** you have saved user ids. This is |
---|
254 | preferable to HASSETREUID if these conditions are fulfilled. |
---|
255 | These are the semantics of the to-be-released revision of |
---|
256 | Posix.1. The test program ../test/t_seteuid.c will try |
---|
257 | this out on your system. If you define both HASSETREUID |
---|
258 | and USESETEUID, the former is ignored. |
---|
259 | HASSETEGID Define this if you have setegid(2) and it can be |
---|
260 | used to set the saved gid. Please run t_dropgid in |
---|
261 | test/ if you are not sure whether the call works. |
---|
262 | HASSETREGID Define this if you have setregid(2) and it can be |
---|
263 | used to set the saved gid. Please run t_dropgid in |
---|
264 | test/ if you are not sure whether the call works. |
---|
265 | HASSETRESGID Define this if you have setresgid(2) and it can be |
---|
266 | used to set the saved gid. Please run t_dropgid in |
---|
267 | test/ if you are not sure whether the call works. |
---|
268 | HASLSTAT Define this if you have symbolic links (and thus the |
---|
269 | lstat(2) system call). This improves security. Unlike |
---|
270 | most other options, this one is on by default, so you |
---|
271 | need to #undef it in conf.h if you don't have symbolic |
---|
272 | links (these days everyone does). |
---|
273 | HASSETRLIMIT Define this to 1 if you have the setrlimit(2) syscall. |
---|
274 | You can define it to 0 to force it off. It is assumed |
---|
275 | if you are running a BSD-like system. |
---|
276 | HASULIMIT Define this if you have the ulimit(2) syscall (System V |
---|
277 | style systems). HASSETRLIMIT overrides, as it is more |
---|
278 | general. |
---|
279 | HASWAITPID Define this if you have the waitpid(2) syscall. |
---|
280 | HASGETDTABLESIZE |
---|
281 | Define this if you have the getdtablesize(2) syscall. |
---|
282 | HAS_ST_GEN Define this to 1 if your system has the st_gen field in |
---|
283 | the stat structure (see stat(2)). |
---|
284 | HASSRANDOMDEV Define this if your system has the srandomdev(3) function |
---|
285 | call. |
---|
286 | HASURANDOMDEV Define this if your system has /dev/urandom(4). |
---|
287 | HASSTRERROR Define this if you have the libc strerror(3) function (which |
---|
288 | should be declared in <errno.h>), and it should be used |
---|
289 | instead of sys_errlist. |
---|
290 | SM_CONF_GETOPT Define this as 0 if you need a reimplementation of getopt(3). |
---|
291 | On some systems, getopt does very odd things if called |
---|
292 | to scan the arguments twice. This flag will ask sendmail |
---|
293 | to compile in a local version of getopt that works |
---|
294 | properly. You may also need this if you build with |
---|
295 | another library that introduces a non-standard getopt(3). |
---|
296 | NEEDSTRTOL Define this if your standard C library does not define |
---|
297 | strtol(3). This will compile in a local version. |
---|
298 | NEEDFSYNC Define this if your standard C library does not define |
---|
299 | fsync(2). This will try to simulate the operation using |
---|
300 | fcntl(2); if that is not available it does nothing, which |
---|
301 | isn't great, but at least it compiles and runs. |
---|
302 | HASGETUSERSHELL Define this to 1 if you have getusershell(3) in your |
---|
303 | standard C library. If this is not defined, or is defined |
---|
304 | to be 0, sendmail will scan the /etc/shells file (no |
---|
305 | NIS-style support, defaults to /bin/sh and /bin/csh if |
---|
306 | that file does not exist) to get a list of unrestricted |
---|
307 | user shells. This is used to determine whether users |
---|
308 | are allowed to forward their mail to a program or a file. |
---|
309 | NEEDPUTENV Define this if your system needs am emulation of the |
---|
310 | putenv(3) call. Define to 1 to implement it in terms |
---|
311 | of setenv(3) or to 2 to do it in terms of primitives. |
---|
312 | NOFTRUNCATE Define this if you don't have the ftruncate(2) syscall. |
---|
313 | If you don't have this system call, there is an unavoidable |
---|
314 | race condition that occurs when creating alias databases. |
---|
315 | GIDSET_T The type of entries in a gidset passed as the second |
---|
316 | argument to getgroups(2). Historically this has been an |
---|
317 | int, so this is the default, but some systems (such as |
---|
318 | IRIX) pass it as a gid_t, which is an unsigned short. |
---|
319 | This will make a difference, so it is important to get |
---|
320 | this right! However, it is only an issue if you have |
---|
321 | group sets. |
---|
322 | SLEEP_T The type returned by the system sleep() function. |
---|
323 | Defaults to "unsigned int". Don't worry about this |
---|
324 | if you don't have compilation problems. |
---|
325 | ARBPTR_T The type of an arbitrary pointer -- defaults to "void *". |
---|
326 | If you are an very old compiler you may need to define |
---|
327 | this to be "char *". |
---|
328 | SOCKADDR_LEN_T The type used for the third parameter to accept(2), |
---|
329 | getsockname(2), and getpeername(2), representing the |
---|
330 | length of a struct sockaddr. Defaults to int. |
---|
331 | SOCKOPT_LEN_T The type used for the fifth parameter to getsockopt(2) |
---|
332 | and setsockopt(2), representing the length of the option |
---|
333 | buffer. Defaults to int. |
---|
334 | LA_TYPE The type of load average your kernel supports. These |
---|
335 | can be one of: |
---|
336 | LA_ZERO (1) -- it always returns the load average as |
---|
337 | "zero" (and does so on all architectures). |
---|
338 | LA_INT (2) to read /dev/kmem for the symbol avenrun and |
---|
339 | interpret as a long integer. |
---|
340 | LA_FLOAT (3) same, but interpret the result as a floating |
---|
341 | point number. |
---|
342 | LA_SHORT (6) to interpret as a short integer. |
---|
343 | LA_SUBR (4) if you have the getloadavg(3) routine in your |
---|
344 | system library. |
---|
345 | LA_MACH (5) to use MACH-style load averages (calls |
---|
346 | processor_set_info()), |
---|
347 | LA_PROCSTR (7) to read /proc/loadavg and interpret it |
---|
348 | as a string representing a floating-point |
---|
349 | number (Linux-style). |
---|
350 | LA_READKSYM (8) is an implementation suitable for some |
---|
351 | versions of SVr4 that uses the MIOC_READKSYM ioctl |
---|
352 | call to read /dev/kmem. |
---|
353 | LA_DGUX (9) is a special implementation for DG/UX that uses |
---|
354 | the dg_sys_info system call. |
---|
355 | LA_HPUX (10) is an HP-UX specific version that uses the |
---|
356 | pstat_getdynamic system call. |
---|
357 | LA_IRIX6 (11) is an IRIX 6.x specific version that adapts |
---|
358 | to 32 or 64 bit kernels; it is otherwise very similar |
---|
359 | to LA_INT. |
---|
360 | LA_KSTAT (12) uses the (Solaris-specific) kstat(3k) |
---|
361 | implementation. |
---|
362 | LA_DEVSHORT (13) reads a short from a system file (default: |
---|
363 | /dev/table/avenrun) and scales it in the same manner |
---|
364 | as LA_SHORT. |
---|
365 | LA_INT, LA_SHORT, LA_FLOAT, and LA_READKSYM have several |
---|
366 | other parameters that they try to divine: the name of your |
---|
367 | kernel, the name of the variable in the kernel to examine, |
---|
368 | the number of bits of precision in a fixed point load average, |
---|
369 | and so forth. LA_DEVSHORT uses _PATH_AVENRUN to find the |
---|
370 | device to be read to find the load average. |
---|
371 | In desperation, use LA_ZERO. The actual code is in |
---|
372 | conf.c -- it can be tweaked if you are brave. |
---|
373 | FSHIFT For LA_INT, LA_SHORT, and LA_READKSYM, this is the number |
---|
374 | of bits of load average after the binary point -- i.e., |
---|
375 | the number of bits to shift right in order to scale the |
---|
376 | integer to get the true integer load average. Defaults to 8. |
---|
377 | _PATH_UNIX The path to your kernel. Needed only for LA_INT, LA_SHORT, |
---|
378 | and LA_FLOAT. Defaults to "/unix" on System V, "/vmunix" |
---|
379 | everywhere else. |
---|
380 | LA_AVENRUN For LA_INT, LA_SHORT, and LA_FLOAT, the name of the kernel |
---|
381 | variable that holds the load average. Defaults to "avenrun" |
---|
382 | on System V, "_avenrun" everywhere else. |
---|
383 | SFS_TYPE Encodes how your kernel can locate the amount of free |
---|
384 | space on a disk partition. This can be set to SFS_NONE |
---|
385 | (0) if you have no way of getting this information, |
---|
386 | SFS_USTAT (1) if you have the ustat(2) system call, |
---|
387 | SFS_4ARGS (2) if you have a four-argument statfs(2) |
---|
388 | system call (and the include file is <sys/statfs.h>), |
---|
389 | SFS_VFS (3), SFS_MOUNT (4), SFS_STATFS (5) if you have |
---|
390 | the two-argument statfs(2) system call with includes in |
---|
391 | <sys/vfs.h>, <sys/mount.h>, or <sys/statfs.h> respectively, |
---|
392 | or SFS_STATVFS (6) if you have the two-argument statvfs(2) |
---|
393 | call. The default if nothing is defined is SFS_NONE. |
---|
394 | SFS_BAVAIL with SFS_4ARGS you can also set SFS_BAVAIL to the field name |
---|
395 | in the statfs structure that holds the useful information; |
---|
396 | this defaults to f_bavail. |
---|
397 | SPT_TYPE Encodes how your system can display what a process is doing |
---|
398 | on a ps(1) command (SPT stands for Set Process Title). Can |
---|
399 | be set to: |
---|
400 | SPT_NONE (0) -- Don't try to set the process title at all. |
---|
401 | SPT_REUSEARGV (1) -- Pad out your argv with the information; |
---|
402 | this is the default if none specified. |
---|
403 | SPT_BUILTIN (2) -- The system library has setproctitle. |
---|
404 | SPT_PSTAT (3) -- Use the PSTAT_SETCMD option to pstat(2) |
---|
405 | to set the process title; this is used by HP-UX. |
---|
406 | SPT_PSSTRINGS (4) -- Use the magic PS_STRINGS pointer (4.4BSD). |
---|
407 | SPT_SYSMIPS (5) -- Use sysmips() supported by NEWS-OS 6. |
---|
408 | SPT_SCO (6) -- Write kernel u. area. |
---|
409 | SPT_CHANGEARGV (7) -- Write pointers to our own strings into |
---|
410 | the existing argv vector. |
---|
411 | SPT_PADCHAR Character used to pad the process title; if undefined, |
---|
412 | the space character (0x20) is used. This is ignored if |
---|
413 | SPT_TYPE != SPT_REUSEARGV |
---|
414 | ERRLIST_PREDEFINED |
---|
415 | If set, assumes that some header file defines sys_errlist. |
---|
416 | This may be needed if you get type conflicts on this |
---|
417 | variable -- otherwise don't worry about it. |
---|
418 | WAITUNION The wait(2) routine takes a "union wait" argument instead |
---|
419 | of an integer argument. This is for compatibility with |
---|
420 | old versions of BSD. |
---|
421 | SCANF You can set this to extend the F command to accept a |
---|
422 | scanf string -- this gives you a primitive parser for |
---|
423 | class definitions -- BUT it can make you vulnerable to |
---|
424 | core dumps if the target file is poorly formed. |
---|
425 | SYSLOG_BUFSIZE You can define this to be the size of the buffer that |
---|
426 | syslog accepts. If it is not defined, it assumes a |
---|
427 | 1024-byte buffer. If the buffer is very small (under |
---|
428 | 256 bytes) the log message format changes -- each |
---|
429 | e-mail message will log many more messages, since it |
---|
430 | will log each piece of information as a separate line |
---|
431 | in syslog. |
---|
432 | BROKEN_RES_SEARCH |
---|
433 | On Ultrix (and maybe other systems?) if you use the |
---|
434 | res_search routine with an unknown host name, it returns |
---|
435 | -1 but sets h_errno to 0 instead of HOST_NOT_FOUND. If |
---|
436 | you set this, sendmail considers 0 to be the same as |
---|
437 | HOST_NOT_FOUND. |
---|
438 | NAMELISTMASK If defined, values returned by nlist(3) are masked |
---|
439 | against this value before use -- a common value is |
---|
440 | 0x7fffffff to strip off the top bit. |
---|
441 | BSD4_4_SOCKADDR If defined, socket addresses have an sa_len field that |
---|
442 | defines the length of this address. |
---|
443 | SAFENFSPATHCONF Set this to 1 if and only if you have verified that a |
---|
444 | pathconf(2) call with _PC_CHOWN_RESTRICTED argument on an |
---|
445 | NFS filesystem where the underlying system allows users to |
---|
446 | give away files to other users returns <= 0. Be sure you |
---|
447 | try both on NFS V2 and V3. Some systems assume that their |
---|
448 | local policy apply to NFS servers -- this is a bad |
---|
449 | assumption! The test/t_pathconf.c program will try this |
---|
450 | for you -- you have to run it in a directory that is |
---|
451 | mounted from a server that allows file giveaway. |
---|
452 | SIOCGIFCONF_IS_BROKEN |
---|
453 | Set this if your system has an SIOCGIFCONF ioctl defined, |
---|
454 | but it doesn't behave the same way as "most" systems (BSD, |
---|
455 | Solaris, SunOS, HP-UX, etc.) |
---|
456 | SIOCGIFNUM_IS_BROKEN |
---|
457 | Set this if your system has an SIOCGIFNUM ioctl defined, |
---|
458 | but it doesn't behave the same way as "most" systems |
---|
459 | (Solaris, HP-UX). |
---|
460 | FAST_PID_RECYCLE |
---|
461 | Set this if your system can reuse the same PID in the same |
---|
462 | second. |
---|
463 | SO_REUSEADDR_IS_BROKEN |
---|
464 | Set this if your system has a setsockopt() SO_REUSEADDR |
---|
465 | flag but doesn't pay attention to it when trying to bind a |
---|
466 | socket to a recently closed port. |
---|
467 | NEEDSGETIPNODE Set this if your system supports IPv6 but doesn't include |
---|
468 | the getipnodeby{name,addr}() functions. Set automatically |
---|
469 | for Linux's glibc. |
---|
470 | PIPELINING Support SMTP PIPELINING (set by default). |
---|
471 | USING_NETSCAPE_LDAP |
---|
472 | Deprecated in favor of SM_CONF_LDAP_MEMFREE. See |
---|
473 | libsm/README. |
---|
474 | NEEDLINK Set this if your system doesn't have a link() call. It |
---|
475 | will create a copy of the file instead of a hardlink. |
---|
476 | USE_ENVIRON Set this to 1 to access process environment variables from |
---|
477 | the external variable environ instead of the third |
---|
478 | parameter of main(). |
---|
479 | USE_DOUBLE_FORK By default this is on (1). Set it to 0 to suppress the |
---|
480 | extra fork() used to avoid intermediate zombies. |
---|
481 | ALLOW_255 Do not convert (char)0xff to (char)0x7f in headers etc. |
---|
482 | This can also be done at runtime with the command line |
---|
483 | option -d82.101. |
---|
484 | |
---|
485 | |
---|
486 | +-----------------------+ |
---|
487 | | COMPILE-TIME FEATURES | |
---|
488 | +-----------------------+ |
---|
489 | |
---|
490 | There are a bunch of features that you can decide to compile in, such |
---|
491 | as selecting various database packages and special protocol support. |
---|
492 | Several are assumed based on other compilation flags -- if you want to |
---|
493 | "un-assume" something, you probably need to edit conf.h. Compilation |
---|
494 | flags that add support for special features include: |
---|
495 | |
---|
496 | NDBM Include support for "new" DBM library for aliases and maps. |
---|
497 | Normally defined in the Makefile. |
---|
498 | NEWDB Include support for Berkeley DB package (hash & btree) |
---|
499 | for aliases and maps. Normally defined in the Makefile. |
---|
500 | If the version of NEWDB you have is the old one that does |
---|
501 | not include the "fd" call (this call was added in version |
---|
502 | 1.5 of the Berkeley DB code), you must upgrade to the |
---|
503 | current version of Berkeley DB. |
---|
504 | NIS Define this to get NIS (YP) support for aliases and maps. |
---|
505 | Normally defined in the Makefile. |
---|
506 | NISPLUS Define this to get NIS+ support for aliases and maps. |
---|
507 | Normally defined in the Makefile. |
---|
508 | HESIOD Define this to get Hesiod support for aliases and maps. |
---|
509 | Normally defined in the Makefile. |
---|
510 | NETINFO Define this to get NeXT NetInfo support for aliases and maps. |
---|
511 | Normally defined in the Makefile. |
---|
512 | LDAPMAP Define this to get LDAP support for maps. |
---|
513 | PH_MAP Define this to get PH support for maps. |
---|
514 | MAP_NSD Define this to get nsd support for maps. |
---|
515 | USERDB Define this to 1 to include support for the User Information |
---|
516 | Database. Implied by NEWDB or HESIOD. You can use |
---|
517 | -DUSERDB=0 to explicitly turn it off. |
---|
518 | IDENTPROTO Define this as 1 to get IDENT (RFC 1413) protocol support. |
---|
519 | This is assumed unless you are running on Ultrix or |
---|
520 | HP-UX, both of which have a problem in the UDP |
---|
521 | implementation. You can define it to be 0 to explicitly |
---|
522 | turn off IDENT protocol support. If defined off, the code |
---|
523 | is actually still compiled in, but it defaults off; you |
---|
524 | can turn it on by setting the IDENT timeout in the |
---|
525 | configuration file. |
---|
526 | IP_SRCROUTE Define this to 1 to get IP source routing information |
---|
527 | displayed in the Received: header. This is assumed on |
---|
528 | most systems, but some (e.g., Ultrix) apparently have a |
---|
529 | broken version of getsockopt that doesn't properly |
---|
530 | support the IP_OPTIONS call. You probably want this if |
---|
531 | your OS can cope with it. Symptoms of failure will be that |
---|
532 | it won't compile properly (that is, no support for fetching |
---|
533 | IP_OPTIONs), or it compiles but source-routed TCP connections |
---|
534 | either refuse to open or open and hang for no apparent reason. |
---|
535 | Ultrix and AIX3 are known to fail this way. |
---|
536 | LOG Set this to get syslog(3) support. Defined by default |
---|
537 | in conf.h. You want this if at all possible. |
---|
538 | NETINET Set this to get TCP/IP support. Defined by default |
---|
539 | in conf.h. You probably want this. |
---|
540 | NETINET6 Set this to get IPv6 support. Other configuration may |
---|
541 | be needed in conf.h for your particular operating system. |
---|
542 | Also, DaemonPortOptions must be set appropriately for |
---|
543 | sendmail to accept IPv6 connections. |
---|
544 | NETISO Define this to get ISO networking support. |
---|
545 | NETUNIX Define this to get Unix domain networking support. Defined |
---|
546 | by default. A few bizarre systems (SCO, ISC, Altos) don't |
---|
547 | support this networking domain. |
---|
548 | NETNS Define this to get NS networking support. |
---|
549 | NETX25 Define this to get X.25 networking support. |
---|
550 | NAMED_BIND If non-zero, include DNS (name daemon) support, including |
---|
551 | MX support. The specs say you must use this if you run |
---|
552 | SMTP. You don't have to be running a name server daemon |
---|
553 | on your machine to need this -- any use of the DNS resolver, |
---|
554 | including remote access to another machine, requires this |
---|
555 | option. Defined by default in conf.h. Define it to zero |
---|
556 | ONLY on machines that do not use DNS in any way. |
---|
557 | MATCHGECOS Permit fuzzy matching of user names against the full |
---|
558 | name (GECOS) field in the /etc/passwd file. This should |
---|
559 | probably be on, since you can disable it from the config |
---|
560 | file if you want to. Defined by default in conf.h. |
---|
561 | MIME8TO7 If non-zero, include 8 to 7 bit MIME conversions. This |
---|
562 | also controls advertisement of 8BITMIME in the ESMTP |
---|
563 | startup dialogue. |
---|
564 | MIME7TO8 If non-zero, include 7 to 8 bit MIME conversions. |
---|
565 | HES_GETMAILHOST Define this to 1 if you are using Hesiod with the |
---|
566 | hes_getmailhost() routine. This is included with the MIT |
---|
567 | Hesiod distribution, but not with the DEC Hesiod distribution. |
---|
568 | XDEBUG Do additional internal checking. These don't cost too |
---|
569 | much; you might as well leave this on. |
---|
570 | TCPWRAPPERS Turns on support for the TCP wrappers library (-lwrap). |
---|
571 | See below for further information. |
---|
572 | SECUREWARE Enable calls to the SecureWare luid enabling/changing routines. |
---|
573 | SecureWare is a C2 security package added to several UNIX's |
---|
574 | (notably ConvexOS) to get a C2 Secure system. This |
---|
575 | option causes mail delivery to be done with the luid of the |
---|
576 | recipient. |
---|
577 | SHARE_V1 Support for the fair share scheduler, version 1. Setting to |
---|
578 | 1 causes final delivery to be done using the recipients |
---|
579 | resource limitations. So far as I know, this is only |
---|
580 | supported on ConvexOS. |
---|
581 | SASL Enables SMTP AUTH (RFC 2554). This requires the Cyrus SASL |
---|
582 | library (ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/). Please |
---|
583 | install at least version 1.5.13. See below for further |
---|
584 | information: SASL COMPILATION AND CONFIGURATION. If your |
---|
585 | SASL library is older than 1.5.10, you have to set this |
---|
586 | to its version number using a simple conversion: a.b.c |
---|
587 | -> c + b*100 + a*10000, e.g. for 1.5.9 define SASL=10509. |
---|
588 | Note: Using an older version than 1.5.5 of Cyrus SASL is |
---|
589 | not supported. Starting with version 1.5.10, setting SASL=1 |
---|
590 | is sufficient. Any value other than 1 (or 0) will be |
---|
591 | compared with the actual version found and if there is a |
---|
592 | mismatch, compilation will fail. |
---|
593 | EGD Define this if your system has EGD installed, see |
---|
594 | http://egd.sourceforge.net/ . It should be used to |
---|
595 | seed the PRNG for STARTTLS if HASURANDOMDEV is not defined. |
---|
596 | STARTTLS Enables SMTP STARTTLS (RFC 2487). This requires OpenSSL |
---|
597 | (http://www.OpenSSL.org/); use OpenSSL 0.9.5a or later |
---|
598 | (if compatible with this version), do not use 0.9.3. |
---|
599 | See STARTTLS COMPILATION AND CONFIGURATION for further |
---|
600 | information. |
---|
601 | TLS_NO_RSA Turn off support for RSA algorithms in STARTTLS. |
---|
602 | MILTER Turn on support for external filters using the Milter API. |
---|
603 | See libmilter/README for more information. |
---|
604 | REQUIRES_DIR_FSYNC Turn on support for file systems that require to |
---|
605 | call fsync() for a directory if the meta-data in it has |
---|
606 | been changed. This should be turned on at least for older |
---|
607 | versions of ReiserFS; it is enabled by default for Linux. |
---|
608 | According to some information this flag is not needed |
---|
609 | anymore for kernel 2.4.16 and newer. We would appreciate |
---|
610 | feedback about the semantics of the various file systems |
---|
611 | available for Linux. |
---|
612 | An alternative to this compile time flag is to mount the |
---|
613 | queue directory without the -async option, or using |
---|
614 | chattr +S on Linux. |
---|
615 | DBMMODE The default file permissions to use when creating new |
---|
616 | database files for maps and aliases. Defaults to 0640. |
---|
617 | |
---|
618 | Generic notice: If you enable a compile time option that needs |
---|
619 | libraries or include files that don't come with sendmail or are |
---|
620 | installed in a location that your C compiler doesn't use by default |
---|
621 | you should set confINCDIRS and confLIBDIRS as explained in the |
---|
622 | first section: BUILDING SENDMAIL. |
---|
623 | |
---|
624 | |
---|
625 | +---------------------+ |
---|
626 | | DNS/RESOLVER ISSUES | |
---|
627 | +---------------------+ |
---|
628 | |
---|
629 | Many systems have old versions of the resolver library. At a minimum, |
---|
630 | you should be running BIND 4.8.3; older versions may compile, but they |
---|
631 | have known bugs that should give you pause. |
---|
632 | |
---|
633 | Common problems in old versions include "undefined" errors for |
---|
634 | dn_skipname. |
---|
635 | |
---|
636 | Some people have had a problem with BIND 4.9; it uses some routines |
---|
637 | that it expects to be externally defined such as strerror(). It may |
---|
638 | help to link with "-l44bsd" to solve this problem. This has apparently |
---|
639 | been fixed in later versions of BIND, starting around 4.9.3. In other |
---|
640 | words, if you use 4.9.0 through 4.9.2, you need -l44bsd; for earlier or |
---|
641 | later versions, you do not. |
---|
642 | |
---|
643 | !PLEASE! be sure to link with the same version of the resolver as |
---|
644 | the header files you used -- some people have used the 4.9 headers |
---|
645 | and linked with BIND 4.8 or vice versa, and it doesn't work. |
---|
646 | Unfortunately, it doesn't fail in an obvious way -- things just |
---|
647 | subtly don't work. |
---|
648 | |
---|
649 | WILDCARD MX RECORDS ARE A BAD IDEA! The only situation in which they |
---|
650 | work reliably is if you have two versions of DNS, one in the real world |
---|
651 | which has a wildcard pointing to your firewall, and a completely |
---|
652 | different version of the database internally that does not include |
---|
653 | wildcard MX records that match your domain. ANYTHING ELSE WILL GIVE |
---|
654 | YOU HEADACHES! |
---|
655 | |
---|
656 | When attempting to canonify a hostname, some broken name servers will |
---|
657 | return SERVFAIL (a temporary failure) on T_AAAA (IPv6) lookups. If you |
---|
658 | want to excuse this behavior, include WorkAroundBrokenAAAA in |
---|
659 | ResolverOptions. However, instead, we recommend catching the problem and |
---|
660 | reporting it to the name server administrator so we can rid the world of |
---|
661 | broken name servers. |
---|
662 | |
---|
663 | |
---|
664 | +----------------------------------------+ |
---|
665 | | STARTTLS COMPILATION AND CONFIGURATION | |
---|
666 | +----------------------------------------+ |
---|
667 | |
---|
668 | Please read the documentation accompanying the OpenSSL library. You |
---|
669 | have to compile and install the OpenSSL libraries before you can compile |
---|
670 | sendmail. See devtools/README how to set the correct compile time |
---|
671 | parameters; you should at least set the following variables: |
---|
672 | |
---|
673 | APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') |
---|
674 | APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto') |
---|
675 | |
---|
676 | If you have installed the OpenSSL libraries and include files in |
---|
677 | a location that your C compiler doesn't use by default you should |
---|
678 | set confINCDIRS and confLIBDIRS as explained in the first section: |
---|
679 | BUILDING SENDMAIL. |
---|
680 | |
---|
681 | Configuration information can be found in doc/op/op.me (required |
---|
682 | certificates) and cf/README (how to tell sendmail about certificates). |
---|
683 | |
---|
684 | To perform an initial test, connect to your sendmail daemon |
---|
685 | (telnet localhost 25) and issue a EHLO localhost and see whether |
---|
686 | 250-STARTTLS |
---|
687 | is in the response. If it isn't, run the daemon with |
---|
688 | -O LogLevel=14 |
---|
689 | and try again. Then take a look at the logfile and see whether |
---|
690 | there are any problems listed about permissions (unsafe files) |
---|
691 | or the validity of X.509 certificates. |
---|
692 | |
---|
693 | From: Garrett Wollman <wollman@lcs.mit.edu> |
---|
694 | |
---|
695 | If your certificate authority is hierarchical, and you only include |
---|
696 | the top-level CA certificate in the CACertFile file, some mail clients |
---|
697 | may be unable to infer the proper certificate chain when selecting a |
---|
698 | client certificate. Including the bottom-level CA certificate(s) in |
---|
699 | the CACertFile file will allow these clients to work properly. This |
---|
700 | is not necessary if you are not using client certificates for |
---|
701 | authentication, or if all your clients are running Sendmail or other |
---|
702 | programs using the OpenSSL library (which get it right automatically). |
---|
703 | In addition, some mail clients are totally incapable of using |
---|
704 | certificate authentication -- even some of those which already support |
---|
705 | SSL/TLS for confidentiality. |
---|
706 | |
---|
707 | Further information can be found via: |
---|
708 | http://www.sendmail.org/tips/ |
---|
709 | |
---|
710 | |
---|
711 | +------------------------------------+ |
---|
712 | | SASL COMPILATION AND CONFIGURATION | |
---|
713 | +------------------------------------+ |
---|
714 | |
---|
715 | Please read the documentation accompanying the Cyrus SASL library |
---|
716 | (INSTALL and README). If you use Berkeley DB for Cyrus SASL then |
---|
717 | you must compile sendmail with the same version of Berkeley DB. |
---|
718 | See devtools/README for how to set the correct compile time parameters; |
---|
719 | you should at least set the following variables: |
---|
720 | |
---|
721 | APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL') |
---|
722 | APPENDDEF(`conf_sendmail_LIBS', `-lsasl') |
---|
723 | |
---|
724 | If you have installed the Cyrus SASL library and include files in |
---|
725 | a location that your C compiler doesn't use by default you should |
---|
726 | set confINCDIRS and confLIBDIRS as explained in the first section: |
---|
727 | BUILDING SENDMAIL. |
---|
728 | |
---|
729 | You have to select and install authentication mechanisms and tell |
---|
730 | sendmail where to find the sasl library and the include files (see |
---|
731 | devtools/README for the parameters to set). Set up the required |
---|
732 | users and passwords as explained in the SASL documentation. See |
---|
733 | also cf/README for authentication related options (especially |
---|
734 | DefaultAuthInfo if you want authentication between MTAs). |
---|
735 | |
---|
736 | To perform an initial test, connect to your sendmail daemon |
---|
737 | (telnet localhost 25) and issue a EHLO localhost and see whether |
---|
738 | 250-AUTH .... |
---|
739 | is in the response. If it isn't, run the daemon with |
---|
740 | -O LogLevel=14 |
---|
741 | and try again. Then take a look at the logfile and see whether |
---|
742 | there are any security related problems listed (unsafe files). |
---|
743 | |
---|
744 | Further information can be found via: |
---|
745 | http://www.sendmail.org/tips/ |
---|
746 | |
---|
747 | |
---|
748 | +-------------------------------------+ |
---|
749 | | OPERATING SYSTEM AND COMPILE QUIRKS | |
---|
750 | +-------------------------------------+ |
---|
751 | |
---|
752 | GCC problems |
---|
753 | When compiling with "gcc -O -Wall" specify "-DSM_OMIT_BOGUS_WARNINGS" |
---|
754 | too (see include/sm/cdefs.h for more info). |
---|
755 | |
---|
756 | ***************************************************************** |
---|
757 | ** IMPORTANT: DO NOT USE OPTIMIZATION (``-O'') IF YOU ARE ** |
---|
758 | ** RUNNING GCC 2.4.x or 2.5.x. THERE IS A BUG IN THE GCC ** |
---|
759 | ** OPTIMIZER THAT CAUSES SENDMAIL COMPILES TO FAIL MISERABLY. ** |
---|
760 | ***************************************************************** |
---|
761 | |
---|
762 | Jim Wilson of Cygnus believes he has found the problem -- it will |
---|
763 | probably be fixed in GCC 2.5.6 -- but until this is verified, be |
---|
764 | very suspicious of gcc -O. This problem is reported to have been |
---|
765 | fixed in gcc 2.6. |
---|
766 | |
---|
767 | A bug in gcc 2.5.5 caused problems compiling sendmail 8.6.5 with |
---|
768 | optimization on a Sparc. If you are using gcc 2.5.5, youi should |
---|
769 | upgrade to the latest version of gcc. |
---|
770 | |
---|
771 | Apparently GCC 2.7.0 on the Pentium processor has optimization |
---|
772 | problems. I recommend against using -O on that architecture. This |
---|
773 | has been seen on FreeBSD 2.0.5 RELEASE. |
---|
774 | |
---|
775 | Solaris 2.X users should use version 2.7.2.3 over 2.7.2. |
---|
776 | |
---|
777 | We have been told there are problems with gcc 2.8.0. If you are |
---|
778 | using this version, you should upgrade to 2.8.1 or later. |
---|
779 | |
---|
780 | Berkeley DB |
---|
781 | Berkeley DB 4.1.x with x <= 24 does not work with sendmail. |
---|
782 | You need at least 4.1.25. |
---|
783 | |
---|
784 | GDBM GDBM does not work with sendmail because the additional |
---|
785 | security checks and file locking cause problems. Unfortunately, |
---|
786 | gdbm does not provide a compile flag in its version of ndbm.h so |
---|
787 | the code can adapt. Until the GDBM authors can fix these problems, |
---|
788 | GDBM will not be supported. Please use Berkeley DB instead. |
---|
789 | |
---|
790 | Configuration file location |
---|
791 | Up to 8.6, sendmail tried to find the sendmail.cf file in the same |
---|
792 | place as the vendors had put it, even when this was obviously |
---|
793 | stupid. As of 8.7, sendmail ALWAYS looks for /etc/sendmail.cf. |
---|
794 | Beginning with 8.10, sendmail uses /etc/mail/sendmail.cf. |
---|
795 | You can get sendmail to use the stupid vendor .cf location by |
---|
796 | adding -DUSE_VENDOR_CF_PATH during compilation, but this may break |
---|
797 | support programs and scripts that need to find sendmail.cf. You |
---|
798 | are STRONGLY urged to use symbolic links if you want to use the |
---|
799 | vendor location rather than changing the location in the sendmail |
---|
800 | binary. |
---|
801 | |
---|
802 | NETINFO systems use NETINFO to determine the location of |
---|
803 | sendmail.cf. The full path to sendmail.cf is stored as the value of |
---|
804 | the "sendmail.cf" property in the "/locations/sendmail" |
---|
805 | subdirectory of NETINFO. Set the value of this property to |
---|
806 | "/etc/mail/sendmail.cf" (without the quotes) to use this new |
---|
807 | default location for Sendmail 8.10.0 and higher. |
---|
808 | |
---|
809 | ControlSocket permissions |
---|
810 | Paraphrased from BIND 8.2.1's README: |
---|
811 | |
---|
812 | Solaris and other pre-4.4BSD kernels do not respect ownership or |
---|
813 | protections on UNIX-domain sockets. The short term fix for this is to |
---|
814 | override the default path and put such control sockets into root- |
---|
815 | owned directories which do not permit non-root to r/w/x through them. |
---|
816 | The long term fix is for all kernels to upgrade to 4.4BSD semantics. |
---|
817 | |
---|
818 | HP MPE/iX |
---|
819 | The MPE-specific code within sendmail emulates a set-user-id root |
---|
820 | environment for the sendmail binary. But there is no root uid 0 on |
---|
821 | MPE, nor is there any support for set-user-id programs. Even when |
---|
822 | sendmail thinks it is running as uid 0, it will still have the file |
---|
823 | access rights of the underlying non-zero uid, but because sendmail is |
---|
824 | an MPE priv-mode program it will still be able to call setuid() to |
---|
825 | successfully switch to a new uid. |
---|
826 | |
---|
827 | MPE setgid() semantics don't quite work the way sendmail expects, so |
---|
828 | special emulation is done here also. |
---|
829 | |
---|
830 | This uid/gid emulation is enabled via the setuid/setgid file mode bits |
---|
831 | which are not currently used by MPE. Code in libsm/mpeix.c examines |
---|
832 | these bits and enables emulation if they have been set, i.e., |
---|
833 | chmod u+s,g+s /SENDMAIL/CURRENT/SENDMAIL. |
---|
834 | |
---|
835 | SunOS 4.x (Solaris 1.x) |
---|
836 | You may have to use -lresolv on SunOS. However, beware that |
---|
837 | this links in a new version of gethostbyname that does not |
---|
838 | understand NIS, so you must have all of your hosts in DNS. |
---|
839 | |
---|
840 | Some people have reported problems with the SunOS version of |
---|
841 | -lresolv and/or in.named, and suggest that you get a newer |
---|
842 | version. The symptoms are delays when you connect to the |
---|
843 | SMTP server on a SunOS machine or having your domain added to |
---|
844 | addresses inappropriately. There is a version of BIND |
---|
845 | version 4.9 on gatekeeper.DEC.COM in pub/BSD/bind/4.9. |
---|
846 | |
---|
847 | There is substantial disagreement about whether you can make |
---|
848 | this work with resolv+, which allows you to specify a search-path |
---|
849 | of services. Some people report that it works fine, others |
---|
850 | claim it doesn't work at all (including causing sendmail to |
---|
851 | drop core when it tries to do multiple resolv+ lookups for a |
---|
852 | single job). I haven't tried resolv+, as we use DNS exclusively. |
---|
853 | |
---|
854 | Should you want to try resolv+, it is on ftp.uu.net in |
---|
855 | /networking/ip/dns. |
---|
856 | |
---|
857 | Apparently getservbyname() can fail under moderate to high |
---|
858 | load under some circumstances. This will exhibit itself as |
---|
859 | the message ``554 makeconnection: service "smtp" unknown''. |
---|
860 | The problem has been traced to one or more blank lines in |
---|
861 | /etc/services on the NIS server machine. Delete these |
---|
862 | and it should work. This info is thanks to Brian Bartholomew |
---|
863 | <bb@math.ufl.edu> of I-Kinetics, Inc. |
---|
864 | |
---|
865 | NOTE: The SunOS 4.X linker uses library paths specified during |
---|
866 | compilation using -L for run-time shared library searches. |
---|
867 | Therefore, it is vital that relative and unsafe directory paths not |
---|
868 | be used when compiling sendmail. |
---|
869 | |
---|
870 | SunOS 4.0.2 (Sun 386i) |
---|
871 | Date: Fri, 25 Aug 1995 11:13:58 +0200 (MET DST) |
---|
872 | From: teus@oce.nl |
---|
873 | |
---|
874 | Sendmail 8.7.Beta.12 compiles and runs nearly out of the box with the |
---|
875 | following changes: |
---|
876 | * Don't use /usr/5bin in your PATH, but make /usr/5bin/uname |
---|
877 | available as "uname" command. |
---|
878 | * Use the defines "-DBSD4_3 -DNAMED_BIND=0" in |
---|
879 | devtools/OS/SunOS.4.0, which is selected via the "uname" command. |
---|
880 | I recommend to make available the db-library on the system first |
---|
881 | (and change the Makefile to use this library). |
---|
882 | Note that the sendmail.cf and aliases files are found in /etc. |
---|
883 | |
---|
884 | SunOS 4.1.3, 4.1.3_U1 |
---|
885 | Sendmail causes crashes on SunOS 4.1.3 and 4.1.3_U1. According |
---|
886 | to Sun bug number 1077939: |
---|
887 | |
---|
888 | If an application does a getsockopt() on a SOCK_STREAM (TCP) socket |
---|
889 | after the other side of the connection has sent a TCP RESET for |
---|
890 | the stream, the kernel gets a Bus Trap in the tcp_ctloutput() or |
---|
891 | ip_ctloutput() routine. |
---|
892 | |
---|
893 | For 4.1.3, this is fixed in patch 100584-08, available on the |
---|
894 | Sunsolve 2.7.1 or later CDs. For 4.1.3_U1, this was fixed in patch |
---|
895 | 101790-01 (SunOS 4.1.3_U1: TCP socket and reset problems), later |
---|
896 | obsoleted by patch 102010-05. |
---|
897 | |
---|
898 | Sun patch 100584-08 is not currently publicly available on their |
---|
899 | ftp site but a user has reported it can be found at other sites |
---|
900 | using a web search engine. |
---|
901 | |
---|
902 | Solaris 2.x (SunOS 5.x) |
---|
903 | To compile for Solaris, the Makefile built by Build must |
---|
904 | include a SOLARIS definition which reflects the Solaris version |
---|
905 | (i.e. -DSOLARIS=20400 for 2.4 or -DSOLARIS=20501 for 2.5.1). |
---|
906 | If you are using gcc, make sure -I/usr/include is not used (or |
---|
907 | it might complain about TopFrame). If you are using Sun's cc, |
---|
908 | make sure /opt/SUNWspro/bin/cc is used instead of /usr/ucb/cc |
---|
909 | (or it might complain about tm_zone). |
---|
910 | |
---|
911 | The Solaris 2.x (x <= 3) "syslog" function is apparently limited |
---|
912 | to something about 90 characters because of a kernel limitation. |
---|
913 | If you have source code, you can probably up this number. You |
---|
914 | can get patches that fix this problem: the patch ids are: |
---|
915 | |
---|
916 | Solaris 2.1 100834 |
---|
917 | Solaris 2.2 100999 |
---|
918 | Solaris 2.3 101318 |
---|
919 | |
---|
920 | Be sure you have the appropriate patch installed or you won't |
---|
921 | see system logging. |
---|
922 | |
---|
923 | Solaris 2.4 (SunOS 5.4) |
---|
924 | If you include /usr/lib at the end of your LD_LIBRARY_PATH you run |
---|
925 | the risk of getting the wrong libraries under some circumstances. |
---|
926 | This is because of a new feature in Solaris 2.4, described by |
---|
927 | Rod.Evans@Eng.Sun.COM: |
---|
928 | |
---|
929 | >> Prior to SunOS 5.4, any LD_LIBRARY_PATH setting was ignored by the |
---|
930 | >> runtime linker if the application was setxid (secure), thus your |
---|
931 | >> applications search path would be: |
---|
932 | >> |
---|
933 | >> /usr/local/lib LD_LIBRARY_PATH component - IGNORED |
---|
934 | >> /usr/lib LD_LIBRARY_PATH component - IGNORED |
---|
935 | >> /usr/local/lib RPATH - honored |
---|
936 | >> /usr/lib RPATH - honored |
---|
937 | >> |
---|
938 | >> the effect is that path 3 would be the first used, and this would |
---|
939 | >> satisfy your resolv.so lookup. |
---|
940 | >> |
---|
941 | >> In SunOS 5.4 we made the LD_LIBRARY_PATH a little more flexible. |
---|
942 | >> People who developed setxid applications wanted to be able to alter |
---|
943 | >> the library search path to some degree to allow for their own |
---|
944 | >> testing and debugging mechanisms. It was decided that the only |
---|
945 | >> secure way to do this was to allow a `trusted' path to be used in |
---|
946 | >> LD_LIBRARY_PATH. The only trusted directory we presently define |
---|
947 | >> is /usr/lib. Thus a set-user-ID root developer could play with some |
---|
948 | >> alternative shared object implementations and place them in |
---|
949 | >> /usr/lib (being root we assume they'ed have access to write in this |
---|
950 | >> directory). This change was made as part of 1155380 - after a |
---|
951 | >> *huge* amount of discussion regarding the security aspect of things. |
---|
952 | >> |
---|
953 | >> So, in SunOS 5.4 your applications search path would be: |
---|
954 | >> |
---|
955 | >> /usr/local/lib from LD_LIBRARY_PATH - IGNORED (untrustworthy) |
---|
956 | >> /usr/lib from LD_LIBRARY_PATH - honored (trustworthy) |
---|
957 | >> /usr/local/lib from RPATH - honored |
---|
958 | >> /usr/lib from RPATH - honored |
---|
959 | >> |
---|
960 | >> here, path 2 would be the first used. |
---|
961 | |
---|
962 | Solaris 2.5.1 (SunOS 5.5.1) and 2.6 (SunOS 5.6) |
---|
963 | Apparently Solaris 2.5.1 patch 103663-01 installs a new |
---|
964 | /usr/include/resolv.h file that defines the __P macro without |
---|
965 | checking to see if it is already defined. This new resolv.h is also |
---|
966 | included in the Solaris 2.6 distribution. This causes compile |
---|
967 | warnings such as: |
---|
968 | |
---|
969 | In file included from daemon.c:51: |
---|
970 | /usr/include/resolv.h:208: warning: `__P' redefined |
---|
971 | cdefs.h:58: warning: this is the location of the previous definition |
---|
972 | |
---|
973 | These warnings can be safely ignored or you can create a resolv.h |
---|
974 | file in the obj.SunOS.5.5.1.* or obj.SunOS.5.6.* directory that reads: |
---|
975 | |
---|
976 | #undef __P |
---|
977 | #include "/usr/include/resolv.h" |
---|
978 | |
---|
979 | This problem was fixed in Solaris 7 (Sun bug ID 4081053). |
---|
980 | |
---|
981 | Solaris 7 (SunOS 5.7) |
---|
982 | Solaris 7 includes LDAP libraries but the implementation was |
---|
983 | lacking a few things. The following settings can be placed in |
---|
984 | devtools/Site/site.SunOS.5.7.m4 if you plan on using those |
---|
985 | libraries. |
---|
986 | |
---|
987 | APPENDDEF(`confMAPDEF', `-DLDAPMAP') |
---|
988 | APPENDDEF(`confENVDEF', `-DLDAP_VERSION_MAX=3') |
---|
989 | APPENDDEF(`confLIBS', `-lldap') |
---|
990 | |
---|
991 | Also, Sun's patch 107555 is needed to prevent a crash in the call |
---|
992 | to ldap_set_option for LDAP_OPT_REFERRALS in ldapmap_setopts if |
---|
993 | LDAP support is compiled in sendmail. |
---|
994 | |
---|
995 | Solaris 8 and later (SunOS 5.8 and later) |
---|
996 | Solaris 8 and later can optionally install LDAP support. If you |
---|
997 | have installed the Entire Distribution meta-cluster, you can use |
---|
998 | the following in devtools/Site/site.SunOS.5.8.m4 (or other |
---|
999 | appropriately versioned file) to enable LDAP: |
---|
1000 | |
---|
1001 | APPENDDEF(`confMAPDEF', `-DLDAPMAP') |
---|
1002 | APPENDDEF(`confLIBS', `-lldap') |
---|
1003 | |
---|
1004 | Solaris 9 and later (SunOS 5.9 and later) |
---|
1005 | Solaris 9 and later have a revised LDAP library, libldap.so.5, |
---|
1006 | which is derived from a Netscape implementation, thus requiring |
---|
1007 | that SM_CONF_LDAP_MEMFREE be defined in conjunction with LDAPMAP: |
---|
1008 | |
---|
1009 | APPENDDEF(`confMAPDEF', `-DLDAPMAP') |
---|
1010 | APPENDDEF(`confENVDEF', `-DSM_CONF_LDAP_MEMFREE') |
---|
1011 | APPENDDEF(`confLIBS', `-lldap') |
---|
1012 | |
---|
1013 | Solaris |
---|
1014 | If you are using dns for hostname resolution on Solaris, make sure |
---|
1015 | that the 'dns' entry is last on the hosts line in |
---|
1016 | '/etc/nsswitch.conf'. For example, use: |
---|
1017 | |
---|
1018 | hosts: nisplus files dns |
---|
1019 | |
---|
1020 | Do not use: |
---|
1021 | |
---|
1022 | hosts: nisplus dns [NOTFOUND=return] files |
---|
1023 | |
---|
1024 | Note that 'nisplus' above is an illustration. The same comment |
---|
1025 | applies no matter what naming services you are using. If you have |
---|
1026 | anything other than dns last, even after "[NOTFOUND=return]", |
---|
1027 | sendmail may not be able to determine whether an error was |
---|
1028 | temporary or permanent. The error returned by the solaris |
---|
1029 | gethostbyname() is the error for the last lookup used, and other |
---|
1030 | naming services do not have the same concept of temporary failure. |
---|
1031 | |
---|
1032 | Ultrix |
---|
1033 | By default, the IDENT protocol is turned off on Ultrix. If you |
---|
1034 | are running Ultrix 4.4 or later, or if you have included patch |
---|
1035 | CXO-8919 for Ultrix 4.2 or 4.3 to fix the TCP problem, you can turn |
---|
1036 | IDENT on in the configuration file by setting the "ident" timeout. |
---|
1037 | |
---|
1038 | The Ultrix 4.5 Y2K patch (ULTV45-022-1) has changed the resolver |
---|
1039 | included in libc.a. Unfortunately, the __RES symbol hasn't changed |
---|
1040 | and therefore, sendmail can no longer automatically detect the |
---|
1041 | newer version. If you get a compiler error: |
---|
1042 | |
---|
1043 | /lib/libc.a(gethostent.o): local_hostname_length: multiply defined |
---|
1044 | |
---|
1045 | Then rebuild with this in devtools/Site/site.ULTRIX.m4: |
---|
1046 | |
---|
1047 | APPENDDEF(`conf_sendmail_ENVDEF', `-DNEEDLOCAL_HOSTNAME_LENGTH=0') |
---|
1048 | |
---|
1049 | Digital UNIX (formerly DEC OSF/1) |
---|
1050 | If you are compiling on OSF/1 (DEC Alpha), you must use |
---|
1051 | -L/usr/shlib (otherwise it core dumps on startup). You may also |
---|
1052 | need -mld to get the nlist() function, although some versions |
---|
1053 | apparently don't need this. |
---|
1054 | |
---|
1055 | Also, the enclosed makefile removed /usr/sbin/smtpd; if you need |
---|
1056 | it, just create the link to the sendmail binary. |
---|
1057 | |
---|
1058 | On DEC OSF/1 3.2 or earlier, the MatchGECOS option doesn't work |
---|
1059 | properly due to a bug in the getpw* routines. If you want to use |
---|
1060 | this, use -DDEC_OSF_BROKEN_GETPWENT=1. The problem is fixed in 3.2C. |
---|
1061 | |
---|
1062 | Digital's mail delivery agent, /bin/mail (aka /bin/binmail), will |
---|
1063 | only preserve the envelope sender in the "From " header if |
---|
1064 | DefaultUserID is set to daemon. Setting this to mailnull will |
---|
1065 | cause all mail to have the header "From mailnull ...". To use |
---|
1066 | a different DefaultUserID, you will need to use a different mail |
---|
1067 | delivery agent (such as mail.local found in the sendmail |
---|
1068 | distribution). |
---|
1069 | |
---|
1070 | On Digital UNIX 4.0 and later, Berkeley DB 1.85 is included with the |
---|
1071 | operating system and already has the ndbm.o module removed. However, |
---|
1072 | Digital has modified the original Berkeley DB db.h include file. |
---|
1073 | This results in the following warning while compiling map.c and udb.c: |
---|
1074 | |
---|
1075 | cc: Warning: /usr/include/db.h, line 74: The redefinition of the macro |
---|
1076 | "__signed" conflicts with a current definition because the replacement |
---|
1077 | lists differ. The redefinition is now in effect. |
---|
1078 | #define __signed signed |
---|
1079 | ------------------------^ |
---|
1080 | |
---|
1081 | This warning can be ignored. |
---|
1082 | |
---|
1083 | Digital UNIX's linker checks /usr/ccs/lib/ before /usr/lib/. |
---|
1084 | If you have installed a new version of BIND in /usr/include |
---|
1085 | and /usr/lib, you will experience difficulties as Digital ships |
---|
1086 | libresolv.a in /usr/ccs/lib/ as well. Be sure to replace both |
---|
1087 | copies of libresolv.a. |
---|
1088 | |
---|
1089 | IRIX |
---|
1090 | The header files on SGI IRIX are completely prototyped, and as |
---|
1091 | a result you can sometimes get some warning messages during |
---|
1092 | compilation. These can be ignored. There are two errors in |
---|
1093 | deliver only if you are using gcc, both of the form ``warning: |
---|
1094 | passing arg N of `execve' from incompatible pointer type''. |
---|
1095 | Also, if you compile with -DNIS, you will get a complaint |
---|
1096 | about a declaration of struct dom_binding in a prototype |
---|
1097 | when compiling map.c; this is not important because the |
---|
1098 | function being prototyped is not used in that file. |
---|
1099 | |
---|
1100 | In order to compile sendmail you will have had to install |
---|
1101 | the developers' option in order to get the necessary include |
---|
1102 | files. |
---|
1103 | |
---|
1104 | If you compile with -lmalloc (the fast memory allocator), you may |
---|
1105 | get warning messages such as the following: |
---|
1106 | |
---|
1107 | ld32: WARNING 85: definition of _calloc in /usr/lib32/libmalloc.so |
---|
1108 | preempts that definition in /usr/lib32/mips3/libc.so. |
---|
1109 | ld32: WARNING 85: definition of _malloc in /usr/lib32/libmalloc.so |
---|
1110 | preempts that definition in /usr/lib32/mips3/libc.so. |
---|
1111 | ld32: WARNING 85: definition of _realloc in /usr/lib32/libmalloc.so |
---|
1112 | preempts that definition in /usr/lib32/mips3/libc.so. |
---|
1113 | ld32: WARNING 85: definition of _free in /usr/lib32/libmalloc.so |
---|
1114 | preempts that definition in /usr/lib32/mips3/libc.so. |
---|
1115 | ld32: WARNING 85: definition of _cfree in /usr/lib32/libmalloc.so |
---|
1116 | preempts that definition in /usr/lib32/mips3/libc.so. |
---|
1117 | |
---|
1118 | These are unavoidable and innocuous -- just ignore them. |
---|
1119 | |
---|
1120 | According to Dave Sill <de5@ornl.gov>, there is a version of the |
---|
1121 | Berkeley DB library patched to run on Irix 6.2 available from |
---|
1122 | http://reality.sgi.com/ariel/freeware/#db . |
---|
1123 | |
---|
1124 | IRIX 6.x |
---|
1125 | If you are using XFS filesystem, avoid using the -32 ABI switch to |
---|
1126 | the cc compiler if possible. |
---|
1127 | |
---|
1128 | Broken inet_aton and inet_ntoa on IRIX using gcc: There's |
---|
1129 | a problem with gcc on IRIX, i.e., gcc can't pass structs |
---|
1130 | less than 16 bits long unless they are 8 bits; IRIX 6.2 has |
---|
1131 | some other sized structs. See |
---|
1132 | http://www.bitmechanic.com/mail-archives/mysql/current/0418.html |
---|
1133 | This problem seems to be fixed by gcc v2.95.2, gcc v2.8.1 |
---|
1134 | is reported as broken. Check your gcc version for this bug |
---|
1135 | before installing sendmail. |
---|
1136 | |
---|
1137 | IRIX 6.4 |
---|
1138 | The IRIX 6.5.4 version of /bin/m4 does not work properly with |
---|
1139 | sendmail. Either install fw_m4.sw.m4 off the Freeware_May99 CD and |
---|
1140 | use /usr/freeware/bin/m4 or install and use GNU m4. |
---|
1141 | |
---|
1142 | NeXT or NEXTSTEP |
---|
1143 | NEXTSTEP 3.3 and earlier ship with the old DBM library. Also, |
---|
1144 | Berkeley DB does not currently run on NEXTSTEP. |
---|
1145 | |
---|
1146 | If you are compiling on NEXTSTEP, you will have to create an |
---|
1147 | empty file "unistd.h" and create a file "dirent.h" containing: |
---|
1148 | |
---|
1149 | #include <sys/dir.h> |
---|
1150 | #define dirent direct |
---|
1151 | |
---|
1152 | (devtools/OS/NeXT should try to do both of these for you.) |
---|
1153 | |
---|
1154 | Apparently, there is a bug in getservbyname on Nextstep 3.0 |
---|
1155 | that causes it to fail under some circumstances with the |
---|
1156 | message "SYSERR: service "smtp" unknown" logged. You should |
---|
1157 | be able to work around this by including the line: |
---|
1158 | |
---|
1159 | OOPort=25 |
---|
1160 | |
---|
1161 | in your .cf file. |
---|
1162 | |
---|
1163 | BSDI (BSD/386) 1.0, NetBSD 0.9, FreeBSD 1.0 |
---|
1164 | The "m4" from BSDI won't handle the config files properly. |
---|
1165 | I haven't had a chance to test this myself. |
---|
1166 | |
---|
1167 | The M4 shipped in FreeBSD and NetBSD 0.9 don't handle the config |
---|
1168 | files properly. One must use either GNU m4 1.1 or the PD-M4 |
---|
1169 | recently posted in comp.os.386bsd.bugs (and maybe others). |
---|
1170 | NetBSD-current includes the PD-M4 (as stated in the NetBSD file |
---|
1171 | CHANGES). |
---|
1172 | |
---|
1173 | FreeBSD 1.0 RELEASE has uname(2) now. Use -DUSEUNAME in order to |
---|
1174 | use it (look into devtools/OS/FreeBSD). NetBSD-current may have |
---|
1175 | it too but it has not been verified. |
---|
1176 | |
---|
1177 | The latest version of Berkeley DB uses a different naming |
---|
1178 | scheme than the version that is supplied with your release. This |
---|
1179 | means you will be able to use the current version of Berkeley DB |
---|
1180 | with sendmail as long you use the new db.h when compiling |
---|
1181 | sendmail and link it against the new libdb.a or libdb.so. You |
---|
1182 | should probably keep the original db.h in /usr/include and the |
---|
1183 | new db.h in /usr/local/include. |
---|
1184 | |
---|
1185 | 4.3BSD |
---|
1186 | If you are running a "virgin" version of 4.3BSD, you'll have |
---|
1187 | a very old resolver and be missing some header files. The |
---|
1188 | header files are simple -- create empty versions and everything |
---|
1189 | will work fine. For the resolver you should really port a new |
---|
1190 | version (4.8.3 or later) of the resolver; 4.9 is available on |
---|
1191 | gatekeeper.DEC.COM in pub/BSD/bind/4.9. If you are really |
---|
1192 | determined to continue to use your old, buggy version (or as |
---|
1193 | a shortcut to get sendmail working -- I'm sure you have the |
---|
1194 | best intentions to port a modern version of BIND), you can |
---|
1195 | copy ../contrib/oldbind.compat.c into sendmail and add the |
---|
1196 | following to devtools/Site/site.config.m4: |
---|
1197 | |
---|
1198 | APPENDDEF(`confOBJADD', `oldbind.compat.o') |
---|
1199 | |
---|
1200 | OpenBSD (up to 2.9 Release), NetBSD, FreeBSD (up to 4.3-RELEASE) |
---|
1201 | m4 from *BSD won't handle libsm/Makefile.m4 properly, since the |
---|
1202 | maximum length for strings is too short. You need to use GNU m4 |
---|
1203 | or patch m4, see for example: |
---|
1204 | http://FreeBSD.org/cgi/cvsweb.cgi/src/usr.bin/m4/eval.c.diff?r1=1.11&r2=1.12 |
---|
1205 | |
---|
1206 | A/UX |
---|
1207 | Date: Tue, 12 Oct 1993 18:28:28 -0400 (EDT) |
---|
1208 | From: "Eric C. Hagberg" <hagberg@med.cornell.edu> |
---|
1209 | Subject: Fix for A/UX ndbm |
---|
1210 | |
---|
1211 | I guess this isn't really a sendmail bug, however, it is something |
---|
1212 | that A/UX users should be aware of when compiling sendmail 8.6. |
---|
1213 | |
---|
1214 | Apparently, the calls that sendmail is using to the ndbm routines |
---|
1215 | in A/UX 3.0.x contain calls to "broken" routines, in that the |
---|
1216 | aliases database will break when it gets "just a little big" |
---|
1217 | (sorry I don't have exact numbers here, but it broke somewhere |
---|
1218 | around 20-25 aliases for me.), making all aliases non-functional |
---|
1219 | after exceeding this point. |
---|
1220 | |
---|
1221 | What I did was to get the gnu-dbm-1.6 package, compile it, and |
---|
1222 | then re-compile sendmail with "-lgdbm", "-DNDBM", and using the |
---|
1223 | ndbm.h header file that comes with the gnu-package. This makes |
---|
1224 | things behave properly. |
---|
1225 | [NOTE: see comment above about GDBM] |
---|
1226 | |
---|
1227 | I suppose porting the New Berkeley DB package is another route, |
---|
1228 | however, I made a quick attempt at it, and found it difficult |
---|
1229 | (not easy at least); the gnu-dbm package "configured" and |
---|
1230 | compiled easily. |
---|
1231 | |
---|
1232 | [NOTE: Berkeley DB version 2.X runs on A/UX and can be used for |
---|
1233 | database maps.] |
---|
1234 | |
---|
1235 | SCO Unix |
---|
1236 | From: Thomas Essebier <tom@stallion.oz.au> |
---|
1237 | Organisation: Stallion Technologies Pty Ltd. |
---|
1238 | |
---|
1239 | It will probably help those who are trying to configure sendmail 8.6.9 |
---|
1240 | to know that if they are on SCO, they had better set |
---|
1241 | OI-dnsrch |
---|
1242 | or they will core dump as soon as they try to use the resolver. |
---|
1243 | i.e., although SCO has _res.dnsrch defined, and is kinda BIND 4.8.3, |
---|
1244 | it does not inititialise it, nor does it understand 'search' in |
---|
1245 | /etc/named.boot. |
---|
1246 | - sigh - |
---|
1247 | |
---|
1248 | According to SCO, the m4 which ships with UnixWare 2.1.2 is broken. |
---|
1249 | We recommend installing GNU m4 before attempting to build sendmail. |
---|
1250 | |
---|
1251 | On some versions a bogus error value is listed if connections |
---|
1252 | time out (large negative number). To avoid this explicitly set |
---|
1253 | Timeout.connect to a reasonable value (several minutes). |
---|
1254 | |
---|
1255 | DG/UX |
---|
1256 | Doug Anderson <dlander@afterlife.ncsc.mil> has successfully run |
---|
1257 | V8 on the DG/UX 5.4.2 and 5.4R3.x platforms under heavy usage. |
---|
1258 | Originally, the DG /bin/mail program wasn't compatible with |
---|
1259 | the V8 sendmail, since the DG /bin/mail requires the environment |
---|
1260 | variable "_FORCE_MAIL_LOCAL_=yes" be set. Version 8.7 now includes |
---|
1261 | this in the environment before invoking the local mailer. Some |
---|
1262 | have used procmail to avoid this problem in the past. It works |
---|
1263 | but some have experienced file locking problems with their DG/UX |
---|
1264 | ports of procmail. |
---|
1265 | |
---|
1266 | Apollo DomainOS |
---|
1267 | If you are compiling on Apollo, you will have to create an empty |
---|
1268 | file "unistd.h" (for DomainOS 10.3 and earlier) and create a file |
---|
1269 | "dirent.h" containing: |
---|
1270 | |
---|
1271 | #include <sys/dir.h> |
---|
1272 | #define dirent direct |
---|
1273 | |
---|
1274 | (devtools/OS/DomainOS will attempt to do both of these for you.) |
---|
1275 | |
---|
1276 | HP-UX 8.00 |
---|
1277 | Date: Mon, 24 Jan 1994 13:25:45 +0200 |
---|
1278 | From: Kimmo Suominen <Kimmo.Suominen@lut.fi> |
---|
1279 | Subject: 8.6.5 w/ HP-UX 8.00 on s300 |
---|
1280 | |
---|
1281 | Just compiled and fought with sendmail 8.6.5 on a HP9000/360 (i.e., |
---|
1282 | a series 300 machine) running HP-UX 8.00. |
---|
1283 | |
---|
1284 | I was getting segmentation fault when delivering to a local user. |
---|
1285 | With debugging I saw it was faulting when doing _free@libc... *sigh* |
---|
1286 | It seems the new implementation of malloc on s300 is buggy as of 8.0, |
---|
1287 | so I tried out the one in -lmalloc (malloc(3X)). With that it seems |
---|
1288 | to work just dandy. |
---|
1289 | |
---|
1290 | When linking, you will get the following error: |
---|
1291 | |
---|
1292 | ld: multiply defined symbol _freespace in file /usr/lib/libmalloc.a |
---|
1293 | |
---|
1294 | but you can just ignore it. You might want to add this info to the |
---|
1295 | README file for the future... |
---|
1296 | |
---|
1297 | Linux |
---|
1298 | Something broke between versions 0.99.13 and 0.99.14 of Linux: the |
---|
1299 | flock() system call gives errors. If you are running .14, you must |
---|
1300 | not use flock. You can do this with -DHASFLOCK=0. We have also |
---|
1301 | been getting complaints since version 2.4.X was released. Unless |
---|
1302 | the bug is fixed before sendmail 8.13 is shipped, 8.13 will change |
---|
1303 | the default locking method to fcntl() for Linux kernel version 2.4 |
---|
1304 | and later. Be sure to update other sendmail related programs to |
---|
1305 | match locking techniques (some examples, besides makemap and |
---|
1306 | mail.local, include procmail, mailx, mutt, elm, etc). |
---|
1307 | |
---|
1308 | Around the inclusion of bind-4.9.3 & Linux libc-4.6.20, the |
---|
1309 | initialization of the _res structure changed. If /etc/hosts.conf |
---|
1310 | was configured as "hosts, bind" the resolver code could return |
---|
1311 | "Name server failure" errors. This is supposedly fixed in |
---|
1312 | later versions of libc (>= 4.6.29?), and later versions of |
---|
1313 | sendmail (> 8.6.10) try to work around the problem. |
---|
1314 | |
---|
1315 | Some older versions (< 4.6.20?) of the libc/include files conflict |
---|
1316 | with sendmail's version of cdefs.h. Deleting sendmail's version |
---|
1317 | on those systems should be non-harmful, and new versions don't care. |
---|
1318 | |
---|
1319 | NOTE ON LINUX & BIND: By default, the Makefile generated for Linux |
---|
1320 | includes header files in /usr/local/include and libraries in |
---|
1321 | /usr/local/lib. If you've installed BIND on your system, the header |
---|
1322 | files typically end up in the search path and you need to add |
---|
1323 | "-lresolv" to the LIBS line in your Makefile. Really old versions |
---|
1324 | may need to include "-l44bsd" as well (particularly if the link phase |
---|
1325 | complains about missing strcasecmp, strncasecmp or strpbrk). |
---|
1326 | Complaints about an undefined reference to `__dn_skipname' in |
---|
1327 | domain.o are a sure sign that you need to add -lresolv to LIBS. |
---|
1328 | Newer versions of Linux are basically threaded BIND, so you may or |
---|
1329 | may not see complaints if you accidentally mix BIND |
---|
1330 | headers/libraries with virginal libc. If you have BIND headers in |
---|
1331 | /usr/local/include (resolv.h, etc) you *should* be adding -lresolv |
---|
1332 | to LIBS. Data structures may change and you'd be asking for a |
---|
1333 | core dump. |
---|
1334 | |
---|
1335 | A number of problems have been reported regarding the Linux 2.2.0 |
---|
1336 | kernel. So far, these problems have been tracked down to syslog() |
---|
1337 | and DNS resolution. We believe the problem is with the poll() |
---|
1338 | implementation in the Linux 2.2.0 kernel and poll()-aware versions |
---|
1339 | of glib (at least up to 2.0.111). |
---|
1340 | |
---|
1341 | glibc |
---|
1342 | glibc 2.2.1 (and possibly other versions) changed the value of |
---|
1343 | __RES in resolv.h but failed to actually provide the IPv6 API |
---|
1344 | changes that the change implied. Therefore, compiling with |
---|
1345 | -DNETINET6 fails. |
---|
1346 | |
---|
1347 | Workarounds: |
---|
1348 | 1) Compile without -DNETINET6 |
---|
1349 | 2) Build against a real BIND 8.2.2 include/lib tree |
---|
1350 | 3) Wait for glibc to fix it |
---|
1351 | |
---|
1352 | AIX 4.X |
---|
1353 | The AIX 4.X linker uses library paths specified during compilation |
---|
1354 | using -L for run-time shared library searches. Therefore, it is |
---|
1355 | vital that relative and unsafe directory paths not be using when |
---|
1356 | compiling sendmail. Because of this danger, by default, compiles |
---|
1357 | on AIX use the -blibpath option to limit shared libraries to |
---|
1358 | /usr/lib and /lib. If you need to allow more directories, such as |
---|
1359 | /usr/local/lib, modify your devtools/Site/site.AIX.4.2.m4, |
---|
1360 | site.AIX.4.3.m4, and/or site.AIX.4.x.m4 file(s) and set confLDOPTS |
---|
1361 | appropriately. For example: |
---|
1362 | |
---|
1363 | define(`confLDOPTS', `-blibpath:/usr/lib:/lib:/usr/local/lib') |
---|
1364 | |
---|
1365 | Be sure to only add (safe) system directories. |
---|
1366 | |
---|
1367 | The AIX version of GNU ld also exhibits this problem. If you are |
---|
1368 | using that version, instead of -blibpath, use its -rpath option. |
---|
1369 | For example: |
---|
1370 | |
---|
1371 | gcc -Wl,-rpath /usr/lib -Wl,-rpath /lib -Wl,-rpath /usr/local/lib |
---|
1372 | |
---|
1373 | AIX 4.X If the test program t-event (and most others) in libsm fails, |
---|
1374 | check your compiler settings. It seems that the flags -qnoro or |
---|
1375 | -qnoroconst on some AIX versions trigger a compiler bug. Check |
---|
1376 | your compiler settings or use cc instead of xlc. |
---|
1377 | |
---|
1378 | AIX 4.0-4.2, maybe some AIX 4.3 versions |
---|
1379 | The AIX m4 implements a different mechanism for ifdef which is |
---|
1380 | inconsistent with other versions of m4. Therefore, it will not |
---|
1381 | work properly with the sendmail Build architecture or m4 |
---|
1382 | configuration method. To work around this problem, please use |
---|
1383 | GNU m4 from ftp://ftp.gnu.org/pub/gnu/. |
---|
1384 | The problem seems to be solved in AIX 4.3.3 at least. |
---|
1385 | |
---|
1386 | AIX 4.3.3 |
---|
1387 | From: Valdis.Kletnieks@vt.edu |
---|
1388 | Date: Sun, 02 Jul 2000 03:58:02 -0400 |
---|
1389 | |
---|
1390 | Under AIX 4.3.3, after applying bos.adt.include 4.3.3.12 to close the |
---|
1391 | BIND 8.2.2 security holes, you can no longer build with -DNETINET6 |
---|
1392 | because they changed the value of __RES in resolv.h but failed to |
---|
1393 | actually provide the API changes that the change implied. |
---|
1394 | |
---|
1395 | Workarounds: |
---|
1396 | 1) Compile without -DNETINET6 |
---|
1397 | 2) Build against a real BIND 8.2.2 include/lib tree |
---|
1398 | 3) Wait for IBM to fix it |
---|
1399 | |
---|
1400 | AIX 3.x |
---|
1401 | This version of sendmail does not support MB, MG, and MR resource |
---|
1402 | records, which are supported by AIX sendmail. |
---|
1403 | |
---|
1404 | Several people have reported that the IBM-supplied named returns |
---|
1405 | fairly random results -- the named should be replaced. It is not |
---|
1406 | necessary to replace the resolver, which will simplify installation. |
---|
1407 | A new BIND resolver can be found at http://www.isc.org/isc/. |
---|
1408 | |
---|
1409 | AIX 3.1.x |
---|
1410 | The supplied load average code only works correctly for AIX 3.2.x. |
---|
1411 | For 3.1, use -DLA_TYPE=LA_SUBR and get the latest ``monitor'' |
---|
1412 | package by Jussi Maki <jmaki@hut.fi> from ftp.funet.fi in the |
---|
1413 | directory pub/unix/AIX/rs6000/monitor-1.12.tar.Z; use the loadavgd |
---|
1414 | daemon, and the getloadavg subroutine supplied with that package. |
---|
1415 | If you don't care about load average throttling, just turn off |
---|
1416 | load average checking using -DLA_TYPE=LA_ZERO. |
---|
1417 | |
---|
1418 | RISC/os |
---|
1419 | RISC/os from MIPS is a merged AT&T/Berkeley system. When you |
---|
1420 | compile on that platform you will get duplicate definitions |
---|
1421 | on many files. You can ignore these. |
---|
1422 | |
---|
1423 | System V Release 4 Based Systems |
---|
1424 | There is a single devtools OS that is intended for all SVR4-based |
---|
1425 | systems (built from devtools/OS/SVR4). It defines __svr4__, |
---|
1426 | which is predefined by some compilers. If your compiler already |
---|
1427 | defines this compile variable, you can delete the definition from |
---|
1428 | the generated Makefile or create a devtools/Site/site.config.m4 |
---|
1429 | file. |
---|
1430 | |
---|
1431 | It's been tested on Dell Issue 2.2. |
---|
1432 | |
---|
1433 | DELL SVR4 |
---|
1434 | Date: Mon, 06 Dec 1993 10:42:29 EST |
---|
1435 | From: "Kimmo Suominen" <kim@grendel.lut.fi> |
---|
1436 | Message-ID: <2d0352f9.lento29@lento29.UUCP> |
---|
1437 | To: eric@cs.berkeley.edu |
---|
1438 | Cc: sendmail@cs.berkeley.edu |
---|
1439 | Subject: Notes for DELL SVR4 |
---|
1440 | |
---|
1441 | Eric, |
---|
1442 | |
---|
1443 | Here are some notes for compiling Sendmail 8.6.4 on DELL SVR4. I ran |
---|
1444 | across these things when helping out some people who contacted me by |
---|
1445 | e-mail. |
---|
1446 | |
---|
1447 | 1) Use gcc 2.4.5 (or later?). Dell distributes gcc 2.1 with their |
---|
1448 | Issue 2.2 Unix. It is too old, and gives you problems with |
---|
1449 | clock.c, because sigset_t won't get defined in <sys/signal.h>. |
---|
1450 | This is due to a problematic protection rule in there, and is |
---|
1451 | fixed with gcc 2.4.5. |
---|
1452 | |
---|
1453 | 2) If you don't use the new Berkeley DB (-DNEWDB), then you need |
---|
1454 | to add "-lc -lucb" to the libraries to link with. This is because |
---|
1455 | the -ldbm distributed by Dell needs the bcopy, bcmp and bzero |
---|
1456 | functions. It is important that you specify both libraries in |
---|
1457 | the given order to be sure you only get the BSTRING functions |
---|
1458 | from the UCB library (and not the signal routines etc.). |
---|
1459 | |
---|
1460 | 3) Don't leave out "-lelf" even if compiling with "-lc -lucb". |
---|
1461 | The UCB library also has another copy of the nlist routines, |
---|
1462 | but we do want the ones from "-lelf". |
---|
1463 | |
---|
1464 | If anyone needs a compiled gcc 2.4.5 and/or a ported DB library, they |
---|
1465 | can use anonymous ftp to fetch them from lut.fi in the /kim directory. |
---|
1466 | They are copies of what I use on grendel.lut.fi, and offering them |
---|
1467 | does not imply that I would also support them. I have sent the DB |
---|
1468 | port for SVR4 back to Keith Bostic for inclusion in the official |
---|
1469 | distribution, but I haven't heard anything from him as of today. |
---|
1470 | |
---|
1471 | - gcc-2.4.5-svr4.tar.gz (gcc 2.4.5 and the corresponding libg++) |
---|
1472 | - db-1.72.tar.gz (with source, objects and a installed copy) |
---|
1473 | |
---|
1474 | Cheers |
---|
1475 | + Kim |
---|
1476 | -- |
---|
1477 | * Kimmo.Suominen@lut.fi * SysVr4 enthusiast at GRENDEL.LUT.FI * |
---|
1478 | * KIM@FINFILES.BITNET * Postmaster and Hostmaster at LUT.FI * |
---|
1479 | * + 358 200 865 718 * Unix area moderator at NIC.FUNET.FI * |
---|
1480 | |
---|
1481 | ConvexOS 10.1 and below |
---|
1482 | In order to use the name server, you must create the file |
---|
1483 | /etc/use_nameserver. If this file does not exist, the call |
---|
1484 | to res_init() will fail and you will have absolutely no |
---|
1485 | access to DNS, including MX records. |
---|
1486 | |
---|
1487 | Amdahl UTS 2.1.5 |
---|
1488 | In order to get UTS to work, you will have to port BIND 4.9. |
---|
1489 | The vendor's BIND is reported to be ``totally inadequate.'' |
---|
1490 | See sendmail/contrib/AmdahlUTS.patch for the patches necessary |
---|
1491 | to get BIND 4.9 compiled for UTS. |
---|
1492 | |
---|
1493 | UnixWare |
---|
1494 | According to Alexander Kolbasov <sasha@unitech.gamma.ru>, |
---|
1495 | the m4 on UnixWare 2.0 (still in Beta) will core dump on the |
---|
1496 | config files. GNU m4 and the m4 from UnixWare 1.x both work. |
---|
1497 | |
---|
1498 | According to Larry Rosenman <ler@lerami.lerctr.org>: |
---|
1499 | |
---|
1500 | UnixWare 2.1.[23]'s m4 chokes (not obviously) when |
---|
1501 | processing the 8.9.0 cf files. |
---|
1502 | |
---|
1503 | I had a LOCAL_RULE_0 that wound up AFTER the |
---|
1504 | SBasic_check_rcpt rules using the SCO supplied M4. |
---|
1505 | GNU M4 works fine. |
---|
1506 | |
---|
1507 | UNICOS 8.0.3.4 |
---|
1508 | Some people have reported that the -O flag on UNICOS can cause |
---|
1509 | problems. You may want to turn this off if you have problems |
---|
1510 | running sendmail. Reported by Jerry G. DeLapp <jgd@acl.lanl.gov>. |
---|
1511 | |
---|
1512 | Darwin/Mac OS X (10.X.X) |
---|
1513 | The linker errors produced regarding getopt() and its associated |
---|
1514 | variables can safely be ignored. |
---|
1515 | |
---|
1516 | From Mike Zimmerman <zimmy@torrentnet.com>: |
---|
1517 | |
---|
1518 | From scratch here is what Darwin users need to do to the standard |
---|
1519 | 10.0.0, 10.0.1 install to get sendmail working. |
---|
1520 | From http://www.macosx.com/forums/showthread.php?s=6dac0e9e1f3fd118a4870a8a9b559491&threadid=2242: |
---|
1521 | 1. chmod g-w / /private /private/etc |
---|
1522 | 2. Properly set HOSTNAME in /etc/hostconfig to your FQDN: |
---|
1523 | HOSTNAME=-my.domain.com- |
---|
1524 | 3. Edit /etc/rc.boot: |
---|
1525 | hostname my.domain.com |
---|
1526 | domainname domain.com |
---|
1527 | 4. Edit /System/Library/StartupItems/Sendmail/Sendmail: |
---|
1528 | Remove the "&" after the sendmail command: |
---|
1529 | /usr/sbin/sendmail -bd -q1h |
---|
1530 | |
---|
1531 | From Carsten Klapp <carsten.klapp@home.com>: |
---|
1532 | |
---|
1533 | The easiest workaround is to remove the group-writable permission |
---|
1534 | for the root directory and the symbolic /etc inherits this |
---|
1535 | change. While this does fix sendmail, the unfortunate side-effect |
---|
1536 | is the OS X admin will no longer be able to manipulate icons in the |
---|
1537 | top level of the Startup disk unless logged into the GUI as the |
---|
1538 | superuser. |
---|
1539 | |
---|
1540 | In applying the alternate workaround, care must be taken while |
---|
1541 | swapping the symlink /etc with the directory /private/etc. In all |
---|
1542 | likelihood any admin who is concerned with this sendmail error has |
---|
1543 | enough experience to not accidentally harm anything in the process. |
---|
1544 | |
---|
1545 | a. Swap the /etc symlink with /private/etc (as superuser): |
---|
1546 | rm /etc |
---|
1547 | mv /private/etc /etc |
---|
1548 | ln -s /etc /private/etc |
---|
1549 | |
---|
1550 | b. Set / to group unwritable (as superuser): |
---|
1551 | chmod g-w / |
---|
1552 | |
---|
1553 | Darwin/Mac OS X (10.1.5) |
---|
1554 | Apple's upgrade to sendmail 8.12 is incorrectly configured. You |
---|
1555 | will need to manually fix it up by doing the following: |
---|
1556 | |
---|
1557 | 1. chown smmsp:smmsp /var/spool/clientmqueue |
---|
1558 | 2. chmod 2770 /var/spool/clientmqueue |
---|
1559 | 3. chgrp smmsp /usr/sbin/sendmail |
---|
1560 | 4. chmod g+s /usr/sbin/sendmail |
---|
1561 | |
---|
1562 | From Daniel J. Luke <dluke@geeklair.net>: |
---|
1563 | |
---|
1564 | It appears that setting the sendmail.cf property in |
---|
1565 | /locations/sendmail in NetInfo on Mac OS X 10.1.5 with sendmail |
---|
1566 | 8.12.4 causes 'bad things' to happen. |
---|
1567 | |
---|
1568 | Specifically sendmail instances that should be getting their config |
---|
1569 | from /etc/mail/submit.cf don't (so mail/mutt/perl scripts which |
---|
1570 | open pipes to sendmail stop working as sendmail tries to write to |
---|
1571 | /var/spool/mqueue and cannot as sendmail is no longer suid root). |
---|
1572 | |
---|
1573 | Removing the entry from NetInfo fixes this problem. |
---|
1574 | |
---|
1575 | GNU getopt |
---|
1576 | I'm told that GNU getopt has a problem in that it gets confused |
---|
1577 | by the double call. Use the version in conf.c instead. |
---|
1578 | |
---|
1579 | BIND 4.9.2 and Ultrix |
---|
1580 | If you are running on Ultrix, be sure you read conf/Info.Ultrix |
---|
1581 | in the BIND distribution very carefully -- there is information |
---|
1582 | in there that you need to know in order to avoid errors of the |
---|
1583 | form: |
---|
1584 | |
---|
1585 | /lib/libc.a(gethostent.o): sethostent: multiply defined |
---|
1586 | /lib/libc.a(gethostent.o): endhostent: multiply defined |
---|
1587 | /lib/libc.a(gethostent.o): gethostbyname: multiply defined |
---|
1588 | /lib/libc.a(gethostent.o): gethostbyaddr: multiply defined |
---|
1589 | |
---|
1590 | during the link stage. |
---|
1591 | |
---|
1592 | BIND 8.X |
---|
1593 | BIND 8.X returns HOST_NOT_FOUND instead of TRY_AGAIN on temporary |
---|
1594 | DNS failures when trying to find the hostname associated with an IP |
---|
1595 | address (gethostbyaddr()). This can cause problems as |
---|
1596 | $&{client_name} based lookups in class R ($=R) and the access |
---|
1597 | database won't succeed. |
---|
1598 | |
---|
1599 | This will be fixed in BIND 8.2.1. For earlier versions, this can |
---|
1600 | be fixed by making "dns" the last name service queried for host |
---|
1601 | resolution in /etc/irs.conf: |
---|
1602 | |
---|
1603 | hosts local continue |
---|
1604 | hosts dns |
---|
1605 | |
---|
1606 | strtoul |
---|
1607 | Some compilers (notably gcc) claim to be ANSI C but do not |
---|
1608 | include the ANSI-required routine "strtoul". If your compiler |
---|
1609 | has this problem, you will get an error in srvrsmtp.c on the |
---|
1610 | code: |
---|
1611 | |
---|
1612 | # ifdef defined(__STDC__) && !defined(BROKEN_ANSI_LIBRARY) |
---|
1613 | e->e_msgsize = strtoul(vp, (char **) NULL, 10); |
---|
1614 | # else |
---|
1615 | e->e_msgsize = strtol(vp, (char **) NULL, 10); |
---|
1616 | # endif |
---|
1617 | |
---|
1618 | You can use -DBROKEN_ANSI_LIBRARY to get around this problem. |
---|
1619 | |
---|
1620 | Listproc 6.0c |
---|
1621 | Date: 23 Sep 1995 23:56:07 GMT |
---|
1622 | Message-ID: <95925101334.~INN-AUMa00187.comp-news@dl.ac.uk> |
---|
1623 | From: alansz@mellers1.psych.berkeley.edu (Alan Schwartz) |
---|
1624 | Subject: Listproc 6.0c + Sendmail 8.7 [Helpful hint] |
---|
1625 | |
---|
1626 | Just upgraded to sendmail 8.7, and discovered that listproc 6.0c |
---|
1627 | breaks, because it, by default, sends a blank "HELO" rather than |
---|
1628 | a "HELO hostname" when using the 'system' or 'telnet' mail method. |
---|
1629 | |
---|
1630 | The fix is to include -DZMAILER in the compilation, which will |
---|
1631 | cause it to use "HELO hostname" (which Z-mail apparently requires |
---|
1632 | as well. :) |
---|
1633 | |
---|
1634 | OpenSSL |
---|
1635 | OpenSSL versions prior to 0.9.6 use a macro named Free which |
---|
1636 | conflicts with existing macro names on some platforms, such as |
---|
1637 | AIX. |
---|
1638 | Do not use 0.9.3, but OpenSSL 0.9.5a or later if compatible with |
---|
1639 | 0.9.5a. |
---|
1640 | |
---|
1641 | PH |
---|
1642 | PH support is provided by Mark Roth <roth@uiuc.edu>. The map is |
---|
1643 | described at http://www-dev.cso.uiuc.edu/sendmail/ . |
---|
1644 | |
---|
1645 | NOTE: The "spacedname" pseudo-field which was used by earlier |
---|
1646 | versions of the PH map code is no longer supported! See the URL |
---|
1647 | listed above for more information. |
---|
1648 | |
---|
1649 | Please contact Mark Roth for support and questions regarding the |
---|
1650 | map. |
---|
1651 | |
---|
1652 | TCP Wrappers |
---|
1653 | If you are using -DTCPWRAPPERS to get TCP Wrappers support you will |
---|
1654 | also need to install libwrap.a and modify your site.config.m4 file |
---|
1655 | or the generated Makefile to include -lwrap in the LIBS line |
---|
1656 | (make sure that INCDIRS and LIBDIRS point to where the tcpd.h and |
---|
1657 | libwrap.a can be found). |
---|
1658 | |
---|
1659 | TCP Wrappers is available at ftp://ftp.porcupine.org/pub/security/. |
---|
1660 | |
---|
1661 | If you have alternate MX sites for your site, be sure that all of |
---|
1662 | your MX sites reject the same set of hosts. If not, a bad guy whom |
---|
1663 | you reject will connect to your site, fail, and move on to the next |
---|
1664 | MX site, which will accept the mail for you and forward it on to you. |
---|
1665 | |
---|
1666 | Regular Expressions (MAP_REGEX) |
---|
1667 | If sendmail linking fails with: |
---|
1668 | |
---|
1669 | undefined reference to 'regcomp' |
---|
1670 | |
---|
1671 | or sendmail gives an error about a regular expression with: |
---|
1672 | |
---|
1673 | pattern-compile-error: : Operation not applicable |
---|
1674 | |
---|
1675 | Your libc does not include a running version of POSIX-regex. Use |
---|
1676 | librx or regex.o from the GNU Free Software Foundation, |
---|
1677 | ftp://ftp.gnu.org/pub/gnu/rx-?.?.tar.gz or |
---|
1678 | ftp://ftp.gnu.org/pub/gnu/regex-?.?.tar.gz. |
---|
1679 | You can also use the regex-lib by Henry Spencer, |
---|
1680 | ftp://ftp.funet.fi/pub/languages/C/spencer/regex.shar.gz |
---|
1681 | Make sure, your compiler reads regex.h from the distribution, |
---|
1682 | not from /usr/include, otherwise sendmail will dump a core. |
---|
1683 | |
---|
1684 | |
---|
1685 | +--------------+ |
---|
1686 | | MANUAL PAGES | |
---|
1687 | +--------------+ |
---|
1688 | |
---|
1689 | The manual pages have been written against the -man macros, and |
---|
1690 | should format correctly with any reasonable *roff. |
---|
1691 | |
---|
1692 | |
---|
1693 | +-----------------+ |
---|
1694 | | DEBUGGING HOOKS | |
---|
1695 | +-----------------+ |
---|
1696 | |
---|
1697 | As of 8.6.5, sendmail daemons will catch a SIGUSR1 signal and log |
---|
1698 | some debugging output (logged at LOG_DEBUG severity). The |
---|
1699 | information dumped is: |
---|
1700 | |
---|
1701 | * The value of the $j macro. |
---|
1702 | * A warning if $j is not in the set $=w. |
---|
1703 | * A list of the open file descriptors. |
---|
1704 | * The contents of the connection cache. |
---|
1705 | * If ruleset 89 is defined, it is evaluated and the results printed. |
---|
1706 | |
---|
1707 | This allows you to get information regarding the runtime state of the |
---|
1708 | daemon on the fly. This should not be done too frequently, since |
---|
1709 | the process of rewriting may lose memory which will not be recovered. |
---|
1710 | Also, ruleset 89 may call non-reentrant routines, so there is a small |
---|
1711 | non-zero probability that this will cause other problems. It is |
---|
1712 | really only for debugging serious problems. |
---|
1713 | |
---|
1714 | A typical formulation of ruleset 89 would be: |
---|
1715 | |
---|
1716 | R$* $@ $>0 some test address |
---|
1717 | |
---|
1718 | |
---|
1719 | +-----------------------------+ |
---|
1720 | | DESCRIPTION OF SOURCE FILES | |
---|
1721 | +-----------------------------+ |
---|
1722 | |
---|
1723 | The following list describes the files in this directory: |
---|
1724 | |
---|
1725 | Build Shell script for building sendmail. |
---|
1726 | Makefile A convenience for calling ./Build. |
---|
1727 | Makefile.m4 A template for constructing a makefile based on the |
---|
1728 | information in the devtools directory. |
---|
1729 | README This file. |
---|
1730 | TRACEFLAGS My own personal list of the trace flags -- not guaranteed |
---|
1731 | to be particularly up to date. |
---|
1732 | alias.c Does name aliasing in all forms. |
---|
1733 | aliases.5 Man page describing the format of the aliases file. |
---|
1734 | arpadate.c A subroutine which creates ARPANET standard dates. |
---|
1735 | bf.c Routines to implement memory-buffered file system using |
---|
1736 | hooks provided by libsm now (formerly Torek stdio library). |
---|
1737 | bf.h Buffered file I/O function declarations and |
---|
1738 | data structure and function declarations for bf.c. |
---|
1739 | collect.c The routine that actually reads the mail into a temp |
---|
1740 | file. It also does a certain amount of parsing of |
---|
1741 | the header, etc. |
---|
1742 | conf.c The configuration file. This contains information |
---|
1743 | that is presumed to be quite static and non- |
---|
1744 | controversial, or code compiled in for efficiency |
---|
1745 | reasons. Most of the configuration is in sendmail.cf. |
---|
1746 | conf.h Configuration that must be known everywhere. |
---|
1747 | control.c Routines to implement control socket. |
---|
1748 | convtime.c A routine to sanely process times. |
---|
1749 | daemon.c Routines to implement daemon mode. |
---|
1750 | deliver.c Routines to deliver mail. |
---|
1751 | domain.c Routines that interface with DNS (the Domain Name |
---|
1752 | System). |
---|
1753 | envelope.c Routines to manipulate the envelope structure. |
---|
1754 | err.c Routines to print error messages. |
---|
1755 | headers.c Routines to process message headers. |
---|
1756 | helpfile An example helpfile for the SMTP HELP command and -bt mode. |
---|
1757 | macro.c The macro expander. This is used internally to |
---|
1758 | insert information from the configuration file. |
---|
1759 | mailq.1 Man page for the mailq command. |
---|
1760 | main.c The main routine to sendmail. This file also |
---|
1761 | contains some miscellaneous routines. |
---|
1762 | makesendmail A convenience for calling ./Build. |
---|
1763 | map.c Support for database maps. |
---|
1764 | mci.c Routines that handle mail connection information caching. |
---|
1765 | milter.c MTA portions of the mail filter API. |
---|
1766 | mime.c MIME conversion routines. |
---|
1767 | newaliases.1 Man page for the newaliases command. |
---|
1768 | parseaddr.c The routines which do address parsing. |
---|
1769 | queue.c Routines to implement message queueing. |
---|
1770 | readcf.c The routine that reads the configuration file and |
---|
1771 | translates it to internal form. |
---|
1772 | recipient.c Routines that manipulate the recipient list. |
---|
1773 | sasl.c Routines to interact with Cyrys-SASL. |
---|
1774 | savemail.c Routines which save the letter on processing errors. |
---|
1775 | sendmail.8 Man page for the sendmail command. |
---|
1776 | sendmail.h Main header file for sendmail. |
---|
1777 | sfsasl.c I/O interface between SASL/TLS and the MTA. |
---|
1778 | sfsasl.h Header file for sfsasl.c. |
---|
1779 | shmticklib.c Routines for shared memory counters. |
---|
1780 | sm_resolve.c Routines for DNS lookups (for DNS map type). |
---|
1781 | sm_resolve.h Header file for sm_resolve.c. |
---|
1782 | srvrsmtp.c Routines to implement server SMTP. |
---|
1783 | stab.c Routines to manage the symbol table. |
---|
1784 | stats.c Routines to collect and post the statistics. |
---|
1785 | statusd_shm.h Data structure and function declarations for shmticklib.c. |
---|
1786 | sysexits.c List of error messages associated with error codes |
---|
1787 | in sysexits.h. |
---|
1788 | sysexits.h List of error codes for systems that lack their own. |
---|
1789 | timers.c Routines to provide microtimers. |
---|
1790 | timers.h Data structure and function declarations for timers.h. |
---|
1791 | tls.c Routines for TLS. |
---|
1792 | trace.c The trace package. These routines allow setting and |
---|
1793 | testing of trace flags with a high granularity. |
---|
1794 | udb.c The user database interface module. |
---|
1795 | usersmtp.c Routines to implement user SMTP. |
---|
1796 | util.c Some general purpose routines used by sendmail. |
---|
1797 | version.c The version number and information about this |
---|
1798 | version of sendmail. |
---|
1799 | |
---|
1800 | (Version $Revision: 1.1.1.1 $, last update $Date: 2003-04-08 15:09:19 $ ) |
---|