README
上传用户:xu_441
上传日期:2007-01-04
资源大小:1640k
文件大小:67k
- # Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
- # All rights reserved.
- # Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
- # Copyright (c) 1988
- # The Regents of the University of California. All rights reserved.
- #
- # By using this file, you agree to the terms and conditions set
- # forth in the LICENSE file which can be found at the top level of
- # the sendmail distribution.
- #
- #
- # $Id: README,v 8.248 1999/12/02 23:05:54 ca Exp $
- #
- This directory contains the source files for sendmail(TM).
- *********************
- !! DO NOT USE MAKE !! in this directory to compile sendmail --
- ********************* instead, use the "Build" script located in
- the sendmail directory. It will build an appropriate Makefile, and
- create an appropriate obj.* subdirectory so that multiplatform
- support works easily.
- **********************************************************
- ** Read below for more details on building sendmail. **
- **********************************************************
- **************************************************************************
- ** IMPORTANT: Read the appropriate paragraphs in the section on **
- ** ``Operating System and Compile Quirks''. **
- **************************************************************************
- For detailed instructions, please read the document ../doc/op/op.me:
- eqn ../doc/op/op.me | pic | ditroff -me
- Sendmail is a trademark of Sendmail, Inc.
- +-------------------+
- | BUILDING SENDMAIL |
- +-------------------+
- By far, the easiest way to compile sendmail is to use the "Build"
- script:
- sh Build
- This uses the "uname" command to figure out what architecture you are
- on and creates a proper Makefile accordingly. It also creates a
- subdirectory per object format, so that multiarchitecture support is
- easy. In general this should be all you need. IRIX 6.x users should
- read the note below in the OPERATING SYSTEM AND COMPILE QUIRKS section.
- If you need to look at other include or library directories, use the
- -I or -L flags on the command line, e.g.,
- sh Build -I/usr/sww/include -L/usr/sww/lib
- It's also possible to create local site configuration in the file
- site.config.m4 (or another file settable with the -f flag). This
- file contains M4 definitions for various compilation values; the
- most useful are:
- confMAPDEF -D flags to specify database types to be included
- (see below)
- confENVDEF -D flags to specify other environment information
- confINCDIRS -I flags for finding include files during compilation
- confLIBDIRS -L flags for finding libraries during linking
- confLIBS -l flags for selecting libraries during linking
- confLDOPTS other ld(1) linker options
- Others can be found by examining Makefile.m4. Please read
- ../devtools/README for more information about the site.config.m4
- file.
- You can recompile from scratch using the -c flag with the Build
- command. This removes the existing compilation directory for the
- current platform and builds a new one.
- Porting to a new Unix-based system should be a matter of creating
- an appropriate configuration file in the devtools/OS/ directory.
- +----------------------+
- | DATABASE DEFINITIONS |
- +----------------------+
- There are several database formats that can be used for the alias files
- and for general maps. When used for alias files they interact in an
- attempt to be backward compatible.
- The options are:
- NEWDB The new Berkeley DB package. Some systems (e.g., BSD/OS and
- Digital UNIX 4.0) have some version of this package
- pre-installed. If your system does not have Berkeley DB
- pre-installed, or the version installed is not version 2.0
- or greater (e.g., is Berkeley DB 1.85 or 1.86), get the
- current version from http://www.sleepycat.com/. DO NOT
- use a version from any of the University of California,
- Berkeley "Net" or other distributions. If you are still
- running BSD/386 1.x, you will need to upgrade the included
- Berkeley DB library to a current version. NEWDB is included
- automatically if the Build script can find a library named
- libdb.a or libdb.so.
- NDBM The older NDBM implementation -- the very old V7 DBM
- implementation is no longer supported.
- NIS Network Information Services. To use this you must have
- NIS support on your system.
- NISPLUS NIS+ (the revised NIS released with Solaris 2). You must
- have NIS+ support on your system to use this flag.
- HESIOD Support for Hesiod (from the DEC/Athena distribution). You
- must already have Hesiod support on your system for this to
- work. You may be able to get this to work with the MIT/Athena
- version of Hesiod, but that's likely to be a lot of work.
- LDAPMAP Lightweight Directory Lookup Protocol support. You will
- have to install the UMich or OpenLDAP ldap and lber
- libraries to use this flag.
- MAP_REGEX Regular Expression support. You will need to use an
- operating system which comes with the POSIX regex()
- routines or install a regexp library such as libregex from
- the Free Software Foundation.
- PH_MAP PH map support. You will need the qi PH package.
- MAP_NSD nsd map support (IRIX 6.5 and later).
- >>> NOTE WELL for NEWDB support: If you want to get ndbm support, for
- >>> Berkeley DB versions under 2.0, it is CRITICAL that you remove
- >>> ndbm.o from libdb.a before you install it and DO NOT install ndbm.h;
- >>> for Berkeley DB versions 2.0 through 2.3.14, remove dbm.o from libdb.a
- >>> before you install it. If you don't delete these, there is absolutely
- >>> no point to including -DNDBM, since it will just get you another
- >>> (inferior) API to the same format database. These files OVERRIDE
- >>> calls to ndbm routines -- in particular, if you leave ndbm.h in,
- >>> you can find yourself using the new db package even if you don't
- >>> define NEWDB. Berkeley DB versions later than 2.3.14 do not need
- >>> to be modified. Please also consult the README in the top level
- >>> directory of the sendmail distribution for other important information.
- >>>
- >>> Further note: DO NOT remove your existing /usr/include/ndbm.h --
- >>> you need that one. But do not install an updated ndbm.h in
- >>> /usr/include, /usr/local/include, or anywhere else.
- If NEWDB and NDBM are defined (but not NIS), then sendmail will read
- NDBM format alias files, but the next time a newaliases is run the
- format will be converted to NEWDB; that format will be used forever
- more. This is intended as a transition feature.
- If NEWDB, NDBM, and NIS are all defined and the name of the file includes
- the string "/yp/", sendmail will rebuild BOTH the NEWDB and NDBM format
- alias files. However, it will only read the NEWDB file; the NDBM format
- file is used only by the NIS subsystem. This is needed because the NIS
- maps on an NIS server are built directly from the NDBM files.
- If NDBM and NIS are defined (regardless of the definition of NEWDB),
- and the filename includes the string "/yp/", sendmail adds the special
- tokens "YP_LAST_MODIFIED" and "YP_MASTER_NAME", both of which are
- required if the NDBM file is to be used as an NIS map.
- All of these flags are normally defined in the DBMDEF line in the
- Makefile.
- If you define NEWDB or HESIOD you get the User Database (USERDB)
- automatically. Generally you do want to have NEWDB for it to do
- anything interesting. See above for getting the Berkeley DB
- package (i.e., NEWDB). There is no separate "user database"
- package -- don't bother searching for it on the net.
- Hesiod and LDAP require libraries that may not be installed with your
- system. These are outside of my ability to provide support. See the
- "Quirks" section for more information.
- The regex map can be used to see if an address matches a certain regular
- expression. For example, all-numerics local parts are common spam
- addresses, so "^[0-9]+$" would match this. By using such a map in a
- check_* rule-set, you can block a certain range of addresses that would
- otherwise be considered valid.
- +---------------+
- | COMPILE FLAGS |
- +---------------+
- Wherever possible, I try to make sendmail pull in the correct
- compilation options needed to compile on various environments based on
- automatically defined symbols. Some machines don't seem to have useful
- symbols available, requiring that a compilation flag be defined in
- the Makefile; see the devtools/OS subdirectory for the supported
- architectures.
- If you are a system to which sendmail has already been ported you
- should not have to touch the following symbols. But if you are porting,
- you may have to tweak the following compilation flags in conf.h in order
- to get it to compile and link properly:
- SYSTEM5 Adjust for System V (not necessarily Release 4).
- SYS5SIGNALS Use System V signal semantics -- the signal handler
- is automatically dropped when the signal is caught.
- If this is not set, use POSIX/BSD semantics, where the
- signal handler stays in force until an exec or an
- explicit delete. Implied by SYSTEM5.
- SYS5SETPGRP Use System V setpgrp() semantics. Implied by SYSTEM5.
- HASFCHMOD Define this to one if you have the fchmod(2) system call.
- This improves security.
- HASFCHOWN Define this to one if you have the fchown(2) system call.
- This is required for the TrustedUser option.
- HASFLOCK Set this if you prefer to use the flock(2) system call
- rather than using fcntl-based locking. Fcntl locking
- has some semantic gotchas, but many vendor systems
- also interface it to lockd(8) to do NFS-style locking.
- Unfortunately, may vendors implementations of fcntl locking
- is just plain broken (e.g., locks are never released,
- causing your sendmail to deadlock; when the kernel runs
- out of locks your system crashes). For this reason, I
- recommend always defining this unless you are absolutely
- certain that your fcntl locking implementation really works.
- HASUNAME Set if you have the "uname" system call. Implied by
- SYSTEM5.
- HASUNSETENV Define this if your system library has the "unsetenv"
- subroutine.
- HASSETSID Define this if you have the setsid(2) system call. This
- is implied if your system appears to be POSIX compliant.
- HASINITGROUPS Define this if you have the initgroups(3) routine.
- HASSETVBUF Define this if you have the setvbuf(3) library call.
- If you don't, setlinebuf will be used instead. This
- defaults on if your compiler defines __STDC__.
- HASSETREUID Define this if you have setreuid(2) ***AND*** root can
- use setreuid to change to an arbitrary user. This second
- condition is not satisfied on AIX 3.x. You may find that
- your system has setresuid(2), (for example, on HP-UX) in
- which case you will also have to #define setreuid(r, e)
- to be the appropriate call. Some systems (such as Solaris)
- have a compatibility routine that doesn't work properly,
- but may have "saved user ids" properly implemented so you
- can ``#define setreuid(r, e) seteuid(e)'' and have it work.
- The important thing is that you have a call that will set
- the effective uid independently of the real or saved uid
- and be able to set the effective uid back again when done.
- There's a test program in ../test/t_setreuid.c that will
- try things on your system. Setting this improves the
- security, since sendmail doesn't have to read .forward
- and :include: files as root. There are certain attacks
- that may be unpreventable without this call.
- USESETEUID Define this to 1 if you have a seteuid(2) system call that
- will allow root to set only the effective user id to an
- arbitrary value ***AND*** you have saved user ids. This is
- preferable to HASSETREUID if these conditions are fulfilled.
- These are the semantics of the to-be-released revision of
- Posix.1. The test program ../test/t_seteuid.c will try
- this out on your system. If you define both HASSETREUID
- and USESETEUID, the former is ignored.
- HASLSTAT Define this if you have symbolic links (and thus the
- lstat(2) system call). This improves security. Unlike
- most other options, this one is on by default, so you
- need to #undef it in conf.h if you don't have symbolic
- links (these days everyone does).
- HASSETRLIMIT Define this to 1 if you have the setrlimit(2) syscall.
- You can define it to 0 to force it off. It is assumed
- if you are running a BSD-like system.
- HASULIMIT Define this if you have the ulimit(2) syscall (System V
- style systems). HASSETRLIMIT overrides, as it is more
- general.
- HASWAITPID Define this if you have the waitpid(2) syscall.
- HASGETDTABLESIZE
- Define this if you have the getdtablesize(2) syscall.
- HAS_ST_GEN Define this to 1 if your system has the st_gen field in
- the stat structure (see stat(2)).
- HASSRANDOMDEV Define this if your system has the srandomdev(3) function
- call.
- HASSTRERROR Define this if you have the libc strerror(3) function (which
- should be declared in <errno.h>), and it should be used
- instead of sys_errlist.
- NEEDGETOPT Define this if you need a reimplementation of getopt(3).
- On some systems, getopt does very odd things if called
- to scan the arguments twice. This flag will ask sendmail
- to compile in a local version of getopt that works
- properly.
- NEEDSTRTOL Define this if your standard C library does not define
- strtol(3). This will compile in a local version.
- NEEDVPRINTF Define this if your standard C library does not define
- vprintf(3). Note that the resulting fake implementation
- is not very elegant and may not even work on some
- architectures.
- NEEDFSYNC Define this if your standard C library does not define
- fsync(2). This will try to simulate the operation using
- fcntl(2); if that is not available it does nothing, which
- isn't great, but at least it compiles and runs.
- HASGETUSERSHELL Define this to 1 if you have getusershell(3) in your
- standard C library. If this is not defined, or is defined
- to be 0, sendmail will scan the /etc/shells file (no
- NIS-style support, defaults to /bin/sh and /bin/csh if
- that file does not exist) to get a list of unrestricted
- user shells. This is used to determine whether users
- are allowed to forward their mail to a program or a file.
- NEEDPUTENV Define this if your system needs am emulation of the
- putenv(3) call. Define to 1 to implement it in terms
- of setenv(3) or to 2 to do it in terms of primitives.
- NOFTRUNCATE Define this if you don't have the ftruncate(2) syscall.
- If you don't have this system call, there is an unavoidable
- race condition that occurs when creating alias databases.
- GIDSET_T The type of entries in a gidset passed as the second
- argument to getgroups(2). Historically this has been an
- int, so this is the default, but some systems (such as
- IRIX) pass it as a gid_t, which is an unsigned short.
- This will make a difference, so it is important to get
- this right! However, it is only an issue if you have
- group sets.
- SLEEP_T The type returned by the system sleep() function.
- Defaults to "unsigned int". Don't worry about this
- if you don't have compilation problems.
- ARBPTR_T The type of an arbitrary pointer -- defaults to "void *".
- If you are an very old compiler you may need to define
- this to be "char *".
- SOCKADDR_LEN_T The type used for the third parameter to accept(2),
- getsockname(2), and getpeername(2), representing the
- length of a struct sockaddr. Defaults to int.
- SOCKOPT_LEN_T The type used for the fifth parameter to getsockopt(2)
- and setsockopt(2), representing the length of the option
- buffer. Defaults to int.
- LA_TYPE The type of load average your kernel supports. These
- can be one of:
- LA_ZERO (1) -- it always returns the load average as
- "zero" (and does so on all architectures).
- LA_INT (2) to read /dev/kmem for the symbol avenrun and
- interpret as a long integer.
- LA_FLOAT (3) same, but interpret the result as a floating
- point number.
- LA_SHORT (6) to interpret as a short integer.
- LA_SUBR (4) if you have the getloadavg(3) routine in your
- system library.
- LA_MACH (5) to use MACH-style load averages (calls
- processor_set_info()),
- LA_PROCSTR (7) to read /proc/loadavg and interpret it
- as a string representing a floating-point
- number (Linux-style).
- LA_READKSYM (8) is an implementation suitable for some
- versions of SVr4 that uses the MIOC_READKSYM ioctl
- call to read /dev/kmem.
- LA_DGUX (9) is a special implementation for DG/UX that uses
- the dg_sys_info system call.
- LA_HPUX (10) is an HP-UX specific version that uses the
- pstat_getdynamic system call.
- LA_IRIX6 (11) is an IRIX 6.x specific version that adapts
- to 32 or 64 bit kernels; it is otherwise very similar
- to LA_INT.
- LA_KSTAT (12) uses the (Solaris-specific) kstat(3k)
- implementation.
- LA_DEVSHORT (13) reads a short from a system file (default:
- /dev/table/avenrun) and scales it in the same manner
- as LA_SHORT.
- LA_INT, LA_SHORT, LA_FLOAT, and LA_READKSYM have several
- other parameters that they try to divine: the name of your
- kernel, the name of the variable in the kernel to examine,
- the number of bits of precision in a fixed point load average,
- and so forth. LA_DEVSHORT uses _PATH_AVENRUN to find the
- device to be read to find the load average.
- In desperation, use LA_ZERO. The actual code is in
- conf.c -- it can be tweaked if you are brave.
- FSHIFT For LA_INT, LA_SHORT, and LA_READKSYM, this is the number
- of bits of load average after the binary point -- i.e.,
- the number of bits to shift right in order to scale the
- integer to get the true integer load average. Defaults to 8.
- _PATH_UNIX The path to your kernel. Needed only for LA_INT, LA_SHORT,
- and LA_FLOAT. Defaults to "/unix" on System V, "/vmunix"
- everywhere else.
- LA_AVENRUN For LA_INT, LA_SHORT, and LA_FLOAT, the name of the kernel
- variable that holds the load average. Defaults to "avenrun"
- on System V, "_avenrun" everywhere else.
- SFS_TYPE Encodes how your kernel can locate the amount of free
- space on a disk partition. This can be set to SFS_NONE
- (0) if you have no way of getting this information,
- SFS_USTAT (1) if you have the ustat(2) system call,
- SFS_4ARGS (2) if you have a four-argument statfs(2)
- system call (and the include file is <sys/statfs.h>),
- SFS_VFS (3), SFS_MOUNT (4), SFS_STATFS (5) if you have
- the two-argument statfs(2) system call with includes in
- <sys/vfs.h>, <sys/mount.h>, or <sys/statfs.h> respectively,
- or SFS_STATVFS (6) if you have the two-argument statvfs(2)
- call. The default if nothing is defined is SFS_NONE.
- SFS_BAVAIL with SFS_4ARGS you can also set SFS_BAVAIL to the field name
- in the statfs structure that holds the useful information;
- this defaults to f_bavail.
- SPT_TYPE Encodes how your system can display what a process is doing
- on a ps(1) command (SPT stands for Set Process Title). Can
- be set to:
- SPT_NONE (0) -- Don't try to set the process title at all.
- SPT_REUSEARGV (1) -- Pad out your argv with the information;
- this is the default if none specified.
- SPT_BUILTIN (2) -- The system library has setproctitle.
- SPT_PSTAT (3) -- Use the PSTAT_SETCMD option to pstat(2)
- to set the process title; this is used by HP-UX.
- SPT_PSSTRINGS (4) -- Use the magic PS_STRINGS pointer (4.4BSD).
- SPT_SYSMIPS (5) -- Use sysmips() supported by NEWS-OS 6.
- SPT_SCO (6) -- Write kernel u. area.
- SPT_CHANGEARGV (7) -- Write pointers to our own strings into
- the existing argv vector.
- SPT_PADCHAR Character used to pad the process title; if undefined,
- the space character (0x20) is used. This is ignored if
- SPT_TYPE != SPT_REUSEARGV
- ERRLIST_PREDEFINED
- If set, assumes that some header file defines sys_errlist.
- This may be needed if you get type conflicts on this
- variable -- otherwise don't worry about it.
- WAITUNION The wait(2) routine takes a "union wait" argument instead
- of an integer argument. This is for compatibility with
- old versions of BSD.
- SCANF You can set this to extend the F command to accept a
- scanf string -- this gives you a primitive parser for
- class definitions -- BUT it can make you vulnerable to
- core dumps if the target file is poorly formed.
- SYSLOG_BUFSIZE You can define this to be the size of the buffer that
- syslog accepts. If it is not defined, it assumes a
- 1024-byte buffer. If the buffer is very small (under
- 256 bytes) the log message format changes -- each
- e-mail message will log many more messages, since it
- will log each piece of information as a separate line
- in syslog.
- BROKEN_RES_SEARCH
- On Ultrix (and maybe other systems?) if you use the
- res_search routine with an unknown host name, it returns
- -1 but sets h_errno to 0 instead of HOST_NOT_FOUND. If
- you set this, sendmail considers 0 to be the same as
- HOST_NOT_FOUND.
- NAMELISTMASK If defined, values returned by nlist(3) are masked
- against this value before use -- a common value is
- 0x7fffffff to strip off the top bit.
- BSD4_4_SOCKADDR If defined, socket addresses have an sa_len field that
- defines the length of this address.
- SAFENFSPATHCONF Set this to 1 if and only if you have verified that a
- pathconf(2) call with _PC_CHOWN_RESTRICTED argument on an
- NFS filesystem where the underlying system allows users to
- give away files to other users returns <= 0. Be sure you
- try both on NFS V2 and V3. Some systems assume that their
- local policy apply to NFS servers -- this is a bad
- assumption! The test/t_pathconf.c program will try this
- for you -- you have to run it in a directory that is
- mounted from a server that allows file giveaway.
- SIOCGIFCONF_IS_BROKEN
- Set this if your system has an SIOCGIFCONF ioctl defined,
- but it doesn't behave the same way as "most" systems (BSD,
- Solaris, SunOS, HP-UX, etc.)
- SIOCGIFNUM_IS_BROKEN
- Set this if your system has an SIOCGIFNUM ioctl defined,
- but it doesn't behave the same way as "most" systems
- (Solaris, HP-UX).
- NEED_PERCENTQ Set this if your system doesn't support the printf
- format strings %lld or %llu. If this is set, %qd and
- %qu are used instead.
- FAST_PID_RECYCLE
- Set this if your system can reuse the same PID in the same
- second.
- +-----------------------+
- | COMPILE-TIME FEATURES |
- +-----------------------+
- There are a bunch of features that you can decide to compile in, such
- as selecting various database packages and special protocol support.
- Several are assumed based on other compilation flags -- if you want to
- "un-assume" something, you probably need to edit conf.h. Compilation
- flags that add support for special features include:
- NDBM Include support for "new" DBM library for aliases and maps.
- Normally defined in the Makefile.
- NEWDB Include support for Berkeley DB package (hash & btree)
- for aliases and maps. Normally defined in the Makefile.
- If the version of NEWDB you have is the old one that does
- not include the "fd" call (this call was added in version
- 1.5 of the Berkeley DB code), you must upgrade to the
- current version of Berkeley DB.
- NIS Define this to get NIS (YP) support for aliases and maps.
- Normally defined in the Makefile.
- NISPLUS Define this to get NIS+ support for aliases and maps.
- Normally defined in the Makefile.
- HESIOD Define this to get Hesiod support for aliases and maps.
- Normally defined in the Makefile.
- NETINFO Define this to get NeXT NetInfo support for aliases and maps.
- Normally defined in the Makefile.
- LDAPMAP Define this to get LDAP support for maps.
- PH_MAP Define this to get PH support for maps.
- MAP_NSD Define this to get nsd support for maps.
- USERDB Define this to 1 to include support for the User Information
- Database. Implied by NEWDB or HESIOD. You can use
- -DUSERDB=0 to explicitly turn it off.
- IDENTPROTO Define this as 1 to get IDENT (RFC 1413) protocol support.
- This is assumed unless you are running on Ultrix or
- HP-UX, both of which have a problem in the UDP
- implementation. You can define it to be 0 to explicitly
- turn off IDENT protocol support. If defined off, the code
- is actually still compiled in, but it defaults off; you
- can turn it on by setting the IDENT timeout to 30s in the
- configuration file.
- IP_SRCROUTE Define this to 1 to get IP source routing information
- displayed in the Received: header. This is assumed on
- most systems, but some (e.g., Ultrix) apparently have a
- broken version of getsockopt that doesn't properly
- support the IP_OPTIONS call. You probably want this if
- your OS can cope with it. Symptoms of failure will be that
- it won't compile properly (that is, no support for fetching
- IP_OPTIONs), or it compiles but source-routed TCP connections
- either refuse to open or open and hang for no apparent reason.
- Ultrix and AIX3 are known to fail this way.
- LOG Set this to get syslog(3) support. Defined by default
- in conf.h. You want this if at all possible.
- NETINET Set this to get TCP/IP support. Defined by default
- in conf.h. You probably want this.
- NETINET6 Set this to get IPv6 support. Other configuration may
- be needed in conf.h for your particular operating system.
- NETISO Define this to get ISO networking support.
- NETUNIX Define this to get Unix domain networking support. Defined
- by default. A few bizarre systems (SCO, ISC, Altos) don't
- support this networking domain.
- NETNS Define this to get NS networking support.
- NETX25 Define this to get X.25 networking support.
- SMTP Define this to get the SMTP code. Implied by NETINET
- or NETISO.
- NAMED_BIND If non-zero, include DNS (name daemon) support, including
- MX support. The specs say you must use this if you run
- SMTP. You don't have to be running a name server daemon
- on your machine to need this -- any use of the DNS resolver,
- including remote access to another machine, requires this
- option. Defined by default in conf.h. Define it to zero
- ONLY on machines that do not use DNS in any way.
- QUEUE Define this to get queueing code. Implied by NETINET
- or NETISO; required by SMTP. This gives you other good
- stuff -- it should be on.
- DAEMON Define this to get general network support. Implied by
- NETINET or NETISO. Defined by default in conf.h. You
- almost certainly want it on.
- MATCHGECOS Permit fuzzy matching of user names against the full
- name (GECOS) field in the /etc/passwd file. This should
- probably be on, since you can disable it from the config
- file if you want to. Defined by default in conf.h.
- MIME8TO7 If non-zero, include 8 to 7 bit MIME conversions. This
- also controls advertisement of 8BITMIME in the ESMTP
- startup dialogue.
- MIME7TO8 If non-zero, include 7 to 8 bit MIME conversions.
- HES_GETMAILHOST Define this to 1 if you are using Hesiod with the
- hes_getmailhost() routine. This is included with the MIT
- Hesiod distribution, but not with the DEC Hesiod distribution.
- XDEBUG Do additional internal checking. These don't cost too
- much; you might as well leave this on.
- TCPWRAPPERS Turns on support for the TCP wrappers library (-lwrap).
- See below for further information.
- SECUREWARE Enable calls to the SecureWare luid enabling/changing routines.
- SecureWare is a C2 security package added to several UNIX's
- (notably ConvexOS) to get a C2 Secure system. This
- option causes mail delivery to be done with the luid of the
- recipient.
- SHARE_V1 Support for the fair share scheduler, version 1. Setting to
- 1 causes final delivery to be done using the recipients
- resource limitations. So far as I know, this is only
- supported on ConvexOS.
- SASL Enables SMTP AUTH (RFC 2554). This requires the
- CYRUS-SASL library (ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/).
- Please install at least version 1.5.13. See below for further
- information: SASL COMPILATION AND CONFIGURATION.
- If your SASL library is older than 1.5.10, you have to set
- this to its version number using a simple conversion: a.b.c
- -> c + b*100 + a*10000, e.g. for 1.5.5 define SASL=10505.
- Note: Use at least version 1.5.5 of CYRUS-SASL. Starting with
- version 1.5.10, setting SASL=1 is sufficient. Any value other
- than 1 (or 0) will be compared with the actual version found
- and if there is a mismatch, compilation will fail.
- +---------------------+
- | DNS/RESOLVER ISSUES |
- +---------------------+
- Many systems have old versions of the resolver library. At a minimum,
- you should be running BIND 4.8.3; older versions may compile, but they
- have known bugs that should give you pause.
- Common problems in old versions include "undefined" errors for
- dn_skipname.
- Some people have had a problem with BIND 4.9; it uses some routines
- that it expects to be externally defined such as strerror(). It may
- help to link with "-l44bsd" to solve this problem. This has apparently
- been fixed in later versions of BIND, starting around 4.9.3. In other
- words, if you use 4.9.0 through 4.9.2, you need -l44bsd; for earlier or
- later versions, you do not.
- !PLEASE! be sure to link with the same version of the resolver as
- the header files you used -- some people have used the 4.9 headers
- and linked with BIND 4.8 or vice versa, and it doesn't work.
- Unfortunately, it doesn't fail in an obvious way -- things just
- subtly don't work.
- WILDCARD MX RECORDS ARE A BAD IDEA! The only situation in which they
- work reliably is if you have two versions of DNS, one in the real world
- which has a wildcard pointing to your firewall, and a completely
- different version of the database internally that does not include
- wildcard MX records that match your domain. ANYTHING ELSE WILL GIVE
- YOU HEADACHES!
- +------------------------------------+
- | SASL COMPILATION AND CONFIGURATION |
- +------------------------------------+
- Please read the docs accompanying the library (INSTALL and README).
- If you use Berkeley DB for Cyrus SASL then you must compile sendmail
- with the same version of Berkeley DB.
- You have to select and install authentication mechanisms and tell
- sendmail where to find the sasl library and the include files (see
- devtools/README for the parameters to set). Setup the required
- users and passwords as explained in the SASL documentation. See
- also cf/README for authentication related options (esp. DefaultAuthInfo
- if you want authentication between MTAs).
- To perform an initial test, connect to your sendmail daemon
- (telnet localhost 25) and issue a EHLO localhost and see whether
- 250-AUTH ....
- is in the response. If it isn't, run the daemon with
- -O LogLevel=14
- and try again. Then take a look at the logfile and see whether
- there are any security related problems listed (unsafe files).
- Further information can be found at:
- http://www.sendmail.org/~ca/email/auth.html
- +-------------------------------------+
- | OPERATING SYSTEM AND COMPILE QUIRKS |
- +-------------------------------------+
- GCC problems
- *****************************************************************
- ** IMPORTANT: DO NOT USE OPTIMIZATION (``-O'') IF YOU ARE **
- ** RUNNING GCC 2.4.x or 2.5.x. THERE IS A BUG IN THE GCC **
- ** OPTIMIZER THAT CAUSES SENDMAIL COMPILES TO FAIL MISERABLY. **
- *****************************************************************
- Jim Wilson of Cygnus believes he has found the problem -- it will
- probably be fixed in GCC 2.5.6 -- but until this is verified, be
- very suspicious of gcc -O. This problem is reported to have been
- fixed in gcc 2.6.
- A bug in gcc 2.5.5 caused problems compiling sendmail 8.6.5 with
- optimization on a Sparc. If you are using gcc 2.5.5, youi should
- upgrade to the latest version of gcc.
- Apparently GCC 2.7.0 on the Pentium processor has optimization
- problems. I recommend against using -O on that architecture. This
- has been seen on FreeBSD 2.0.5 RELEASE.
- Solaris 2.X users should use version 2.7.2.3 over 2.7.2.
- We have been told there are problems with gcc 2.8.0. If you are
- using this version, you should upgrade to 2.8.1 or later.
- GDBM GDBM does not work with sendmail 8.8 because the additional
- security checks and file locking cause problems. Unfortunately,
- gdbm does not provide a compile flag in its version of ndbm.h so
- the code can adapt. Until the GDBM authors can fix these problems,
- GDBM will not be supported. Please use Berkeley DB instead.
- Configuration file location
- Up to 8.6, sendmail tried to find the sendmail.cf file in the same
- place as the vendors had put it, even when this was obviously
- stupid. As of 8.7, sendmail ALWAYS looks for /etc/sendmail.cf.
- Beginning with 8.10, sendmail uses /etc/mail/sendmail.cf.
- You can get sendmail to use the stupid vendor .cf location by
- adding -DUSE_VENDOR_CF_PATH during compilation, but this may break
- support programs and scripts that need to find sendmail.cf. You
- are STRONGLY urged to use symbolic links if you want to use the
- vendor location rather than changing the location in the sendmail
- binary.
- ControlSocket permissions
- Paraphrased from BIND 8.2.1's README:
- Solaris and other pre-4.4BSD kernels do not respect ownership or
- protections on UNIX-domain sockets. The short term fix for this is to
- override the default path and put such control sockets into root-
- owned directories which do not permit non-root to r/w/x through them.
- The long term fix is for all kernels to upgrade to 4.4BSD semantics.
- SunOS 4.x (Solaris 1.x)
- You may have to use -lresolv on SunOS. However, beware that
- this links in a new version of gethostbyname that does not
- understand NIS, so you must have all of your hosts in DNS.
- Some people have reported problems with the SunOS version of
- -lresolv and/or in.named, and suggest that you get a newer
- version. The symptoms are delays when you connect to the
- SMTP server on a SunOS machine or having your domain added to
- addresses inappropriately. There is a version of BIND
- version 4.9 on gatekeeper.DEC.COM in pub/BSD/bind/4.9.
- There is substantial disagreement about whether you can make
- this work with resolv+, which allows you to specify a search-path
- of services. Some people report that it works fine, others
- claim it doesn't work at all (including causing sendmail to
- drop core when it tries to do multiple resolv+ lookups for a
- single job). I haven't tried resolv+, as we use DNS exclusively.
- Should you want to try resolv+, it is on ftp.uu.net in
- /networking/ip/dns.
- Apparently getservbyname() can fail under moderate to high
- load under some circumstances. This will exhibit itself as
- the message ``554 makeconnection: service "smtp" unknown''.
- The problem has been traced to one or more blank lines in
- /etc/services on the NIS server machine. Delete these
- and it should work. This info is thanks to Brian Bartholomew
- <bb@math.ufl.edu> of I-Kinetics, Inc.
- SunOS 4.0.2 (Sun 386i)
- Date: Fri, 25 Aug 1995 11:13:58 +0200 (MET DST)
- From: teus@oce.nl
- Sendmail 8.7.Beta.12 compiles and runs nearly out of the box with the
- following changes:
- * Don't use /usr/5bin in your PATH, but make /usr/5bin/uname
- available as "uname" command.
- * Use the defines "-DBSD4_3 -DNAMED_BIND=0" in
- devtools/OS/SunOS.4.0, which is selected via the "uname" command.
- I recommend to make available the db-library on the system first
- (and change the Makefile to use this library).
- Note that the sendmail.cf and aliases files are found in /etc.
- SunOS 4.1.3, 4.1.3_U1
- Sendmail causes crashes on SunOS 4.1.3 and 4.1.3_U1. According
- to Sun bug number 1077939:
- If an application does a getsockopt() on a SOCK_STREAM (TCP) socket
- after the other side of the connection has sent a TCP RESET for
- the stream, the kernel gets a Bus Trap in the tcp_ctloutput() or
- ip_ctloutput() routine.
- For 4.1.3, this is fixed in patch 100584-08, available on the
- Sunsolve 2.7.1 or later CDs. For 4.1.3_U1, this was fixed in patch
- 101790-01 (SunOS 4.1.3_U1: TCP socket and reset problems), later
- obsoleted by patch 102010-05.
- Sun patch 100584-08 is not currently publicly available on their
- ftp site but a user has reported it can be found at other sites
- using a web search engine.
- Solaris 2.x (SunOS 5.x)
- To compile for Solaris, the Makefile built by Build must
- include a SOLARIS definition which reflects the Solaris version
- (i.e. -DSOLARIS=20400 for 2.4 or -DSOLARIS=20501 for 2.5.1).
- If you are using gcc, make sure -I/usr/include is not used (or
- it might complain about TopFrame). If you are using Sun's cc,
- make sure /opt/SUNWspro/bin/cc is used instead of /usr/ucb/cc
- (or it might complain about tm_zone).
- To the best of my knowledge, Solaris does not have the
- gethostbyname problem described above. However, it does
- have another one:
- From a correspondent:
- For solaris 2.2, I have
- hosts: files dns
- in /etc/nsswitch.conf and /etc/hosts has to have the fully
- qualified host name. I think "files" has to be before "dns"
- in /etc/nsswitch.conf during bootup.
- From another correspondent:
- When running sendmail under Solaris, the gethostbyname()
- hack in conf.c which should perform proper canonicalization
- of host names could fail. Result: the host name is not
- canonicalized despite the hack, and you'll have to define $j
- and $m in sendmail.cf somewhere.
- The reason could be that /etc/nsswitch.conf is improperly
- configured (at least from sendmail's point of view). For
- example, the line
- hosts: files nisplus dns
- will make gethostbyname() look in /etc/hosts first, then ask
- nisplus, then dns. However, if /etc/hosts does not contain
- the full canonicalized hostname, then no amount of
- gethostbyname()s will work.
- Solution (or rather, a workaround): Ask nisplus first, then
- dns, then local files:
- hosts: nisplus dns [NOTFOUND=return] files
- The Solaris "syslog" function is apparently limited to something
- about 90 characters because of a kernel limitation. If you have
- source code, you can probably up this number. You can get patches
- that fix this problem: the patch ids are:
- Solaris 2.1 100834
- Solaris 2.2 100999
- Solaris 2.3 101318
- Be sure you have the appropriate patch installed or you won't
- see system logging.
- Solaris 2.4 (SunOS 5.4)
- If you include /usr/lib at the end of your LD_LIBRARY_PATH you run
- the risk of getting the wrong libraries under some circumstances.
- This is because of a new feature in Solaris 2.4, described by
- Rod.Evans@Eng.Sun.COM:
- >> Prior to SunOS 5.4, any LD_LIBRARY_PATH setting was ignored by the
- >> runtime linker if the application was setxid (secure), thus your
- >> applications search path would be:
- >>
- >> /usr/local/lib LD_LIBRARY_PATH component - IGNORED
- >> /usr/lib LD_LIBRARY_PATH component - IGNORED
- >> /usr/local/lib RPATH - honored
- >> /usr/lib RPATH - honored
- >>
- >> the effect is that path 3 would be the first used, and this would
- >> satisfy your resolv.so lookup.
- >>
- >> In SunOS 5.4 we made the LD_LIBRARY_PATH a little more flexible.
- >> People who developed setxid applications wanted to be able to alter
- >> the library search path to some degree to allow for their own
- >> testing and debugging mechanisms. It was decided that the only
- >> secure way to do this was to allow a `trusted' path to be used in
- >> LD_LIBRARY_PATH. The only trusted directory we presently define
- >> is /usr/lib. Thus a setuid root developer could play with some
- >> alternative shared object implementations and place them in
- >> /usr/lib (being root we assume they'ed have access to write in this
- >> directory). This change was made as part of 1155380 - after a
- >> *huge* amount of discussion regarding the security aspect of things.
- >>
- >> So, in SunOS 5.4 your applications search path would be:
- >>
- >> /usr/local/lib from LD_LIBRARY_PATH - IGNORED (untrustworthy)
- >> /usr/lib from LD_LIBRARY_PATH - honored (trustworthy)
- >> /usr/local/lib from RPATH - honored
- >> /usr/lib from RPATH - honored
- >>
- >> here, path 2 would be the first used.
- Solaris 2.6 (SunOS 5.6)
- If you built sendmail 8.8.1 through 8.8.4 inclusive on a Solaris 2.5
- system, that binary will not run on Solaris 2.6, due to problems with
- incompatible snprintf(3s) calls. This problem is fixed in sendmail
- 8.8.5.
- Solaris 2.5.1 (SunOS 5.5.1) and 2.6 (SunOS 5.6)
- Apparently Solaris 2.5.1 patch 103663-01 installs a new
- /usr/include/resolv.h file that defines the __P macro without
- checking to see if it is already defined. This new resolv.h is also
- included in the Solaris 2.6 distribution. This causes compile
- warnings such as:
- In file included from daemon.c:51:
- /usr/include/resolv.h:208: warning: `__P' redefined
- cdefs.h:58: warning: this is the location of the previous definition
- These warnings can be safely ignored or you can create a resolv.h
- file in the obj.SunOS.5.5.1.* or obj.SunOS.5.6.* directory that reads:
- #undef __P
- #include "/usr/include/resolv.h"
- Sun is aware of the problem (Sun bug ID 4081053) and it will be fixed
- in Solaris 2.7.
- Ultrix
- By default, the IDENT protocol is turned off on Ultrix. If you
- are running Ultrix 4.4 or later, or if you have included patch
- CXO-8919 for Ultrix 4.2 or 4.3 to fix the TCP problem, you can turn
- IDENT on in the configuration file by setting the "ident" timeout
- to 30 seconds.
- Digital UNIX (formerly DEC OSF/1)
- If you are compiling on OSF/1 (DEC Alpha), you must use
- -L/usr/shlib (otherwise it core dumps on startup). You may also
- need -mld to get the nlist() function, although some versions
- apparently don't need this.
- Also, the enclosed makefile removed /usr/sbin/smtpd; if you need
- it, just create the link to the sendmail binary.
- On DEC OSF/1 3.2 or earlier, the MatchGECOS option doesn't work
- properly due to a bug in the getpw* routines. If you want to use
- this, use -DDEC_OSF_BROKEN_GETPWENT=1. The problem is fixed in 3.2C.
- Digital's mail delivery agent, /bin/mail (aka /bin/binmail), will
- only preserve the envelope sender in the "From " header if
- DefaultUserID is set to daemon. Setting this to mailnull will
- cause all mail to have the header "From mailnull ...". To use
- a different DefaultUserID, you will need to use a different mail
- delivery agent (such as mail.local found in the sendmail
- distribution).
- On Digital UNIX 4.0 and later, Berkeley DB 1.85 is included with the
- operating system and already has the ndbm.o module removed. However,
- Digital has modified the original Berkeley DB db.h include file.
- This results in the following warning while compiling map.c and udb.c:
- cc: Warning: /usr/include/db.h, line 74: The redefinition of the macro
- "__signed" conflicts with a current definition because the replacement
- lists differ. The redefinition is now in effect.
- #define __signed signed
- ------------------------^
- This warning can be ignored.
- Digital UNIX's linker checks /usr/ccs/lib/ before /usr/lib/.
- If you have installed a new version of BIND in /usr/include
- and /usr/lib, you will experience difficulties as Digital ships
- libresolv.a in /usr/ccs/lib/ as well. Be sure to replace both
- copies of libresolv.a.
- IRIX
- The header files on SGI IRIX are completely prototyped, and as
- a result you can sometimes get some warning messages during
- compilation. These can be ignored. There are two errors in
- deliver only if you are using gcc, both of the form ``warning:
- passing arg N of `execve' from incompatible pointer type''.
- Also, if you compile with -DNIS, you will get a complaint
- about a declaration of struct dom_binding in a prototype
- when compiling map.c; this is not important because the
- function being prototyped is not used in that file.
- In order to compile sendmail you will have had to install
- the developers' option in order to get the necessary include
- files.
- If you compile with -lmalloc (the fast memory allocator), you may
- get warning messages such as the following:
- ld32: WARNING 85: definition of _calloc in /usr/lib32/libmalloc.so
- preempts that definition in /usr/lib32/mips3/libc.so.
- ld32: WARNING 85: definition of _malloc in /usr/lib32/libmalloc.so
- preempts that definition in /usr/lib32/mips3/libc.so.
- ld32: WARNING 85: definition of _realloc in /usr/lib32/libmalloc.so
- preempts that definition in /usr/lib32/mips3/libc.so.
- ld32: WARNING 85: definition of _free in /usr/lib32/libmalloc.so
- preempts that definition in /usr/lib32/mips3/libc.so.
- ld32: WARNING 85: definition of _cfree in /usr/lib32/libmalloc.so
- preempts that definition in /usr/lib32/mips3/libc.so.
- These are unavoidable and innocuous -- just ignore them.
- According to Dave Sill <de5@ornl.gov>, there is a version of the
- Berkeley DB library patched to run on Irix 6.2 available from
- http://reality.sgi.com/ariel/freeware/#db .
- IRIX 6.x
- If you are using XFS filesystem, avoid using the -32 ABI switch to
- the cc compiler if possible.
- IRIX 6.4
- The IRIX 6.5.4 version of /bin/m4 does not work properly with
- sendmail. Either install fw_m4.sw.m4 off the Freeware_May99 CD and
- use /usr/freeware/bin/m4 or install and use GNU m4.
- NeXT or NEXTSTEP
- NEXTSTEP 3.3 and earlier ship with the old DBM library. Also,
- Berkeley DB does not currently run on NEXTSTEP.
- If you are compiling on NEXTSTEP, you will have to create an
- empty file "unistd.h" and create a file "dirent.h" containing:
- #include <sys/dir.h>
- #define dirent direct
- (devtools/OS/NeXT should try to do both of these for you.)
- Apparently, there is a bug in getservbyname on Nextstep 3.0
- that causes it to fail under some circumstances with the
- message "SYSERR: service "smtp" unknown" logged. You should
- be able to work around this by including the line:
- OOPort=25
- in your .cf file.
- You may have to use -DNeXT.
- BSDI (BSD/386) 1.0, NetBSD 0.9, FreeBSD 1.0
- The "m4" from BSDI won't handle the config files properly.
- I haven't had a chance to test this myself.
- The M4 shipped in FreeBSD and NetBSD 0.9 don't handle the config
- files properly. One must use either GNU m4 1.1 or the PD-M4
- recently posted in comp.os.386bsd.bugs (and maybe others).
- NetBSD-current includes the PD-M4 (as stated in the NetBSD file
- CHANGES).
- FreeBSD 1.0 RELEASE has uname(2) now. Use -DUSEUNAME in order to
- use it (look into devtools/OS/FreeBSD). NetBSD-current may have
- it too but it has not been verified.
- The latest version of Berkeley DB uses a different naming
- scheme than the version that is supplied with your release. This
- means you will be able to use the current version of Berkeley DB
- with sendmail as long you use the new db.h when compiling
- sendmail and link it against the new libdb.a or libdb.so. You
- should probably keep the original db.h in /usr/include and the
- new db.h in /usr/local/include.
- 4.3BSD
- If you are running a "virgin" version of 4.3BSD, you'll have
- a very old resolver and be missing some header files. The
- header files are simple -- create empty versions and everything
- will work fine. For the resolver you should really port a new
- version (4.8.3 or later) of the resolver; 4.9 is available on
- gatekeeper.DEC.COM in pub/BSD/bind/4.9. If you are really
- determined to continue to use your old, buggy version (or as
- a shortcut to get sendmail working -- I'm sure you have the
- best intentions to port a modern version of BIND), you can
- copy ../contrib/oldbind.compat.c into sendmail and add
- oldbind.compat.o to OBJADD in the Makefile.
- A/UX
- Date: Tue, 12 Oct 1993 18:28:28 -0400 (EDT)
- From: "Eric C. Hagberg" <hagberg@med.cornell.edu>
- Subject: Fix for A/UX ndbm
- I guess this isn't really a sendmail bug, however, it is something
- that A/UX users should be aware of when compiling sendmail 8.6.
- Apparently, the calls that sendmail is using to the ndbm routines
- in A/UX 3.0.x contain calls to "broken" routines, in that the
- aliases database will break when it gets "just a little big"
- (sorry I don't have exact numbers here, but it broke somewhere
- around 20-25 aliases for me.), making all aliases non-functional
- after exceeding this point.
- What I did was to get the gnu-dbm-1.6 package, compile it, and
- then re-compile sendmail with "-lgdbm", "-DNDBM", and using the
- ndbm.h header file that comes with the gnu-package. This makes
- things behave properly.
- [NOTE: see comment above about GDBM]
- I suppose porting the New Berkeley DB package is another route,
- however, I made a quick attempt at it, and found it difficult
- (not easy at least); the gnu-dbm package "configured" and
- compiled easily.
- [NOTE: Berkeley DB version 2.X runs on A/UX and can be used for
- database maps.]
- SCO Unix
- From: Thomas Essebier <tom@stallion.oz.au>
- Organisation: Stallion Technologies Pty Ltd.
- It will probably help those who are trying to configure sendmail 8.6.9
- to know that if they are on SCO, they had better set
- OI-dnsrch
- or they will core dump as soon as they try to use the resolver.
- ie. although SCO has _res.dnsrch defined, and is kinda BIND 4.8.3, it
- does not inititialise it, nor does it understand 'search' in
- /etc/named.boot.
- - sigh -
- According to SCO, the m4 which ships with UnixWare 2.1.2 is broken.
- We recommend installing GNU m4 before attempting to build sendmail.
- DG/UX
- Doug Anderson <dlander@afterlife.ncsc.mil> has successfully run
- V8 on the DG/UX 5.4.2 and 5.4R3.x platforms under heavy usage.
- Originally, the DG /bin/mail program wasn't compatible with
- the V8 sendmail, since the DG /bin/mail requires the environment
- variable "_FORCE_MAIL_LOCAL_=yes" be set. Version 8.7 now includes
- this in the environment before invoking the local mailer. Some
- have used procmail to avoid this problem in the past. It works
- but some have experienced file locking problems with their DG/UX
- ports of procmail.
- Apollo DomainOS
- If you are compiling on Apollo, you will have to create an empty
- file "unistd.h" (for DomainOS 10.3 and earlier) and create a file
- "dirent.h" containing:
- #include <sys/dir.h>
- #define dirent direct
- (devtools/OS/DomainOS will attempt to do both of these for you.)
- HP-UX 8.00
- Date: Mon, 24 Jan 1994 13:25:45 +0200
- From: Kimmo Suominen <Kimmo.Suominen@lut.fi>
- Subject: 8.6.5 w/ HP-UX 8.00 on s300
- Just compiled and fought with sendmail 8.6.5 on a HP9000/360 (ie. a
- series 300 machine) running HP-UX 8.00.
- I was getting segmentation fault when delivering to a local user.
- With debugging I saw it was faulting when doing _free@libc... *sigh*
- It seems the new implementation of malloc on s300 is buggy as of 8.0,
- so I tried out the one in -lmalloc (malloc(3X)). With that it seems
- to work just dandy.
- When linking, you will get the following error:
- ld: multiply defined symbol _freespace in file /usr/lib/libmalloc.a
- but you can just ignore it. You might want to add this info to the
- README file for the future...
- Linux
- Something broke between versions 0.99.13 and 0.99.14 of Linux:
- the flock() system call gives errors. If you are running .14,
- you must not use flock. You can do this with -DHASFLOCK=0.
- Around the inclusion of bind-4.9.3 & Linux libc-4.6.20, the
- initialization of the _res structure changed. If /etc/hosts.conf
- was configured as "hosts, bind" the resolver code could return
- "Name server failure" errors. This is supposedly fixed in
- later versions of libc (>= 4.6.29?), and later versions of
- sendmail (> 8.6.10) try to work around the problem.
- Some older versions (< 4.6.20?) of the libc/include files conflict
- with sendmail's version of cdefs.h. Deleting sendmail's version
- on those systems should be non-harmful, and new versions don't care.
- Sendmail assumes that libc has snprintf, which has been true since
- libc 4.7.0. If you are running an older version, you will need to
- use -DHASSNPRINTF=0 in the Makefile. If may be able to use -lbsd
- (which includes snprintf) instead of turning this off on versions
- of libc between 4.4.4 and 4.7.0 (snprintf improves security, so
- you want to use this if at all possible).
- NOTE ON LINUX & BIND: By default, the Makefile generated for Linux
- includes header files in /usr/local/include and libraries in
- /usr/local/lib. If you've installed BIND on your system, the header
- files typically end up in the search path and you need to add
- "-lresolv" to the LIBS line in your Makefile. Really old versions
- may need to include "-l44bsd" as well (particularly if the link phase
- complains about missing strcasecmp, strncasecmp or strpbrk).
- Complaints about an undefined reference to `__dn_skipname' in
- domain.o are a sure sign that you need to add -lresolv to LIBS.
- Newer versions of Linux are basically threaded BIND, so you may or
- may not see complaints if you accidentally mix BIND
- headers/libraries with virginal libc. If you have BIND headers in
- /usr/local/include (resolv.h, etc) you *should* be adding -lresolv
- to LIBS. Data structures may change and you'd be asking for a
- core dump.
- A number of problems have been reported regarding the Linux 2.2.0
- kernel. So far, these problems have been tracked down to syslog()
- and DNS resolution. We believe the problem is with the poll()
- implementation in the Linux 2.2.0 kernel and poll()-aware versions
- of glib (at least up to 2.0.111).
- AIX 4.2
- The AIX m4 implements a different mechanism for ifdef which is
- inconsistent with other versions of m4. Therefore, it will not
- work properly with the sendmail Build architecture or m4
- configuration method. To work around this problem, please use
- GNU m4 from ftp://ftp.gnu.org/pub/gnu/.
- AIX 3.x
- This version of sendmail does not support MB, MG, and MR resource
- records, which are supported by AIX sendmail.
- Several people have reported that the IBM-supplied named returns
- fairly random results -- the named should be replaced. It is not
- necessary to replace the resolver, which will simplify installation.
- A new BIND resolver can be found at http://www.isc.org/isc/.
- AIX 3.1.x
- The supplied load average code only works correctly for AIX 3.2.x.
- For 3.1, use -DLA_TYPE=LA_SUBR and get the latest ``monitor''
- package by Jussi Maki <jmaki@hut.fi> from ftp.funet.fi in the
- directory pub/unix/AIX/rs6000/monitor-1.12.tar.Z; use the loadavgd
- daemon, and the getloadavg subroutine supplied with that package.
- If you don't care about load average throttling, just turn off
- load average checking using -DLA_TYPE=LA_ZERO.
- AIX 2.2.1
- Date: Mon Dec 4 14:14:56 CST 1995
- From: Mark Whetzel <markw@antimatr.houston.tx.us>
- Subject: Porting sendmail 8.7.2 to AIX V2 on the RT.
- This version of sendmail does not support MB, MG, and MR resource
- records, which are supported by AIX sendmail.
- AIX V2 on the RT does not have 'paths.h'. Create a null
- file in the 'obj' directory to remove this compile error.
- A patch file is needed to get the BSD 'db' library to compile
- for AIX/RT. I have sent the necessary updates to the author,
- but they may not be immediately available.
- [NOTE: Berkeley DB version 2.X runs on AIX/RT.]
- The original AIX/RT resolver libraries are very old, and you
- should get the latest BIND to replace it. The 4.8.3 version
- has been tested, but 4.9.x is out and should work.
- To make the load average code work correctly requires an
- external routine, as the kernel does not maintain system
- load averages, similar to AIX V3.1.x. A reverse port of the
- older 1.05 'monitor' load average daemon code written by
- Jussi Maki that will work on AIX V2 for the RT is available
- by E-mail to Mark Whetzel <markw@antimatr.houston.tx.us>.
- That code depends on an external daemon to collect system
- load information, and the external routine 'getloadavg',
- that will return that information. The 'LA_SUBR' define
- will handle this for AIX V2 on the RT.
- Note: You will have to change devtools/OS/AIX.2 to correctly
- point to the locatons of the updated BIND source tree and
- the location of the 'newdb' tree and library location.
- You will also have to change devtools/OS/AIX.2 to know
- about the location of the 'getloadavg' routine if you use
- the LA_SUBR define.
- Manual pages will format correctly if given the mandoc macros
- and used with nroff. I have not tried groff.
- RISC/os
- RISC/os from MIPS is a merged AT&T/Berkeley system. When you
- compile on that platform you will get duplicate definitions
- on many files. You can ignore these.
- System V Release 4 Based Systems
- There is a single devtools OS that is intended for all SVR4-based
- systems (built from devtools/OS/SVR4). It defines __svr4__,
- which is predefined by some compilers. If your compiler already
- defines this compile variable, you can delete the definition from
- the generated Makefile or create a devtools/Site/site.config.m4
- file.
- It's been tested on Dell Issue 2.2.
- DELL SVR4
- Date: Mon, 06 Dec 1993 10:42:29 EST
- From: "Kimmo Suominen" <kim@grendel.lut.fi>
- Message-ID: <2d0352f9.lento29@lento29.UUCP>
- To: eric@cs.berkeley.edu
- Cc: sendmail@cs.berkeley.edu
- Subject: Notes for DELL SVR4
- Eric,
- Here are some notes for compiling Sendmail 8.6.4 on DELL SVR4. I ran
- across these things when helping out some people who contacted me by
- e-mail.
- 1) Use gcc 2.4.5 (or later?). Dell distributes gcc 2.1 with their
- Issue 2.2 Unix. It is too old, and gives you problems with
- clock.c, because sigset_t won't get defined in <sys/signal.h>.
- This is due to a problematic protection rule in there, and is
- fixed with gcc 2.4.5.
- 2) If you don't use the new Berkeley DB (-DNEWDB), then you need
- to add "-lc -lucb" to the libraries to link with. This is because
- the -ldbm distributed by Dell needs the bcopy, bcmp and bzero
- functions. It is important that you specify both libraries in
- the given order to be sure you only get the BSTRING functions
- from the UCB library (and not the signal routines etc.).
- 3) Don't leave out "-lelf" even if compiling with "-lc -lucb".
- The UCB library also has another copy of the nlist routines,
- but we do want the ones from "-lelf".
- If anyone needs a compiled gcc 2.4.5 and/or a ported DB library, they
- can use anonymous ftp to fetch them from lut.fi in the /kim directory.
- They are copies of what I use on grendel.lut.fi, and offering them
- does not imply that I would also support them. I have sent the DB
- port for SVR4 back to Keith Bostic for inclusion in the official
- distribution, but I haven't heard anything from him as of today.
- - gcc-2.4.5-svr4.tar.gz (gcc 2.4.5 and the corresponding libg++)
- - db-1.72.tar.gz (with source, objects and a installed copy)
- Cheers
- + Kim
- --
- * Kimmo.Suominen@lut.fi * SysVr4 enthusiast at GRENDEL.LUT.FI *
- * KIM@FINFILES.BITNET * Postmaster and Hostmaster at LUT.FI *
- * + 358 200 865 718 * Unix area moderator at NIC.FUNET.FI *
- ConvexOS 10.1 and below
- In order to use the name server, you must create the file
- /etc/use_nameserver. If this file does not exist, the call
- to res_init() will fail and you will have absolutely no
- access to DNS, including MX records.
- Amdahl UTS 2.1.5
- In order to get UTS to work, you will have to port BIND 4.9.
- The vendor's BIND is reported to be ``totally inadequate.''
- See sendmail/contrib/AmdahlUTS.patch for the patches necessary
- to get BIND 4.9 compiled for UTS.
- UnixWare
- According to Alexander Kolbasov <sasha@unitech.gamma.ru>,
- the m4 on UnixWare 2.0 (still in Beta) will core dump on the
- config files. GNU m4 and the m4 from UnixWare 1.x both work.
- According to Larry Rosenman <ler@lerami.lerctr.org>:
- UnixWare 2.1.[23]'s m4 chokes (not obviously) when
- processing the 8.9.0 cf files.
- I had a LOCAL_RULE_0 that wound up AFTER the
- SBasic_check_rcpt rules using the SCO supplied M4.
- GNU M4 works fine.
- UNICOS 8.0.3.4
- Some people have reported that the -O flag on UNICOS can cause
- problems. You may want to turn this off if you have problems
- running sendmail. Reported by Jerry G. DeLapp <jgd@acl.lanl.gov>.
- GNU getopt
- I'm told that GNU getopt has a problem in that it gets confused
- by the double call. Use the version in conf.c instead.
- BIND 4.9.2 and Ultrix
- If you are running on Ultrix, be sure you read conf/Info.Ultrix
- in the BIND distribution very carefully -- there is information
- in there that you need to know in order to avoid errors of the
- form:
- /lib/libc.a(gethostent.o): sethostent: multiply defined
- /lib/libc.a(gethostent.o): endhostent: multiply defined
- /lib/libc.a(gethostent.o): gethostbyname: multiply defined
- /lib/libc.a(gethostent.o): gethostbyaddr: multiply defined
- during the link stage.
- BIND 8.X
- BIND 8.X returns HOST_NOT_FOUND instead of TRY_AGAIN on temporary
- DNS failures when trying to find the hostname associated with an IP
- address (gethostbyaddr()). This can cause problems as
- $&{client_name} based lookups in class R ($=R) and the access
- database won't succeed.
- This will be fixed in BIND 8.2.1. For earlier versions, this can
- be fixed by making "dns" the last name service queried for host
- resolution in /etc/irs.conf:
- hosts local continue
- hosts dns
- strtoul
- Some compilers (notably gcc) claim to be ANSI C but do not
- include the ANSI-required routine "strtoul". If your compiler
- has this problem, you will get an error in srvrsmtp.c on the
- code:
- # ifdef defined(__STDC__) && !defined(BROKEN_ANSI_LIBRARY)
- e->e_msgsize = strtoul(vp, (char **) NULL, 10);
- # else
- e->e_msgsize = strtol(vp, (char **) NULL, 10);
- # endif
- You can use -DBROKEN_ANSI_LIBRARY to get around this problem.
- Listproc 6.0c
- Date: 23 Sep 1995 23:56:07 GMT
- Message-ID: <95925101334.~INN-AUMa00187.comp-news@dl.ac.uk>
- From: alansz@mellers1.psych.berkeley.edu (Alan Schwartz)
- Subject: Listproc 6.0c + Sendmail 8.7 [Helpful hint]
- Just upgraded to sendmail 8.7, and discovered that listproc 6.0c
- breaks, because it, by default, sends a blank "HELO" rather than
- a "HELO hostname" when using the 'system' or 'telnet' mailmethod.
- The fix is to include -DZMAILER in the compilation, which will
- cause it to use "HELO hostname" (which Z-mail apparently requires
- as well. :)
- LDAP
- LDAP was originally provided by Booker Bense
- <bbense+ldap@stanford.edu> of Stanford University. From Booker:
- - The patch attached to this message implements an Ldap map class.
- Currently we are using this at stanford to support campus-wide
- email addressing. More information can be found at
- http://www.stanford.edu/~bbense/Inst.html.
- - Currently we are using the ldap map as follows:
- Kluser ldapx
- -h"localhost borax.stanford.edu borate.stanford.edu boron.stanford.edu"
- -k"mailacceptinggeneralid=%s" -v maildrop
- and in Rule set S5
- # Now attempt to lookup in luser (ldap map)
- R< $L > $+ $: < $L > $( luser $1 $)
- R< $* > $+ @ $+ $: < $3 > $2 Rewrite if forward
- - The map definition supports most of the standard Map args plus
- most of the command line options of ldapsearch. The software is
- currently limited to only accepting the first entry
- returned. It expects that the map defines an ldap filter that
- returns at most 1 valid entry. It requires the ldap and lber
- libraries from the Umich Ldap3.2 release.
- The software has been in production on Solaris.2.5.1 at Stanford
- for over 2 years.
- The LDAP map supports both the UMich LDAP 3.2 and 3.3 libraries as
- well as the OpenLDAP (http://www.openldap.org/) libraries.
- PH
- PH support is provided by Mark Roth <roth@uiuc.edu>. The map is
- described at http://www-wsg.cso.uiuc.edu/sendmail/patches/ .
- Please contact Mark Roth for support and questions regarding the
- map.
- TCP Wrappers
- If you are using -DTCPWRAPPERS to get TCP Wrappers support you will
- also need to install libwrap.a and modify your site.config.m4 file
- or the generated Makefile to include -lwrap in the LIBS line
- (make sure that INCDIRS and LIBDIRS point to where the tcpd.h and
- libwrap.a can be found).
- TCP Wrappers is available at ftp://ftp.porcupine.org/pub/security/.
- If you have alternate MX sites for your site, be sure that all of
- your MX sites reject the same set of hosts. If not, a bad guy whom
- you reject will connect to your site, fail, and move on to the next
- MX site, which will accept the mail for you and forward it on to you.
- Regular Expressions (MAP_REGEX)
- If sendmail linking fails with:
- undefined reference to 'regcomp'
- or sendmail gives an error about a regular expression with:
- pattern-compile-error: : Operation not applicable
- Your libc does not include a running version of POSIX-regex. Use
- librx or regex.o from the GNU Free Software Foundation,
- ftp://ftp.gnu.org/pub/gnu/rx-?.?.tar.gz or
- ftp://ftp.gnu.org/pub/gnu/regex-?.?.tar.gz.
- You can also use the regex-lib by Henry Spencer,
- ftp://ftp.funet.fi/pub/languages/C/spencer/regex.shar.gz
- Make sure, your compiler reads regex.h from the distribution,
- not from /usr/include, otherwise sendmail will dump a core.
- +--------------+
- | MANUAL PAGES |
- +--------------+
- The manual pages have been written against the -man macros, and
- should format correctly with any reasonable *roff.
- +-----------------+
- | DEBUGGING HOOKS |
- +-----------------+
- As of 8.6.5, sendmail daemons will catch a SIGUSR1 signal and log
- some debugging output (logged at LOG_DEBUG severity). The
- information dumped is:
- * The value of the $j macro.
- * A warning if $j is not in the set $=w.
- * A list of the open file descriptors.
- * The contents of the connection cache.
- * If ruleset 89 is defined, it is evaluated and the results printed.
- This allows you to get information regarding the runtime state of the
- daemon on the fly. This should not be done too frequently, since
- the process of rewriting may lose memory which will not be recovered.
- Also, ruleset 89 may call non-reentrant routines, so there is a small
- non-zero probability that this will cause other problems. It is
- really only for debugging serious problems.
- A typical formulation of ruleset 89 would be:
- R$* $@ $>0 some test address
- +-----------------------------+
- | DESCRIPTION OF SOURCE FILES |
- +-----------------------------+
- The following list describes the files in this directory:
- Makefile.m4 A template for constructing a makefile based on the
- information in the devtools directory.
- README This file.
- TRACEFLAGS My own personal list of the trace flags -- not guaranteed
- to be particularly up to date.
- alias.c Does name aliasing in all forms.
- arpadate.c A subroutine which creates ARPANET standard dates.
- bf.h Buffered file I/O function declarations.
- bf_portable.c Stub routines for systems lacking the Torek stdio library.
- bf_portable.h Data structure and function declarations for bf_portable.c.
- bf_torek.c Routines to implement memory-buffered file system using
- hooks provided by Torek stdio library.
- bf_torek.h Data structure and function declarations for bf_torek.c.
- clock.c Routines to implement real-time oriented functions
- in sendmail -- e.g., timeouts.
- collect.c The routine that actually reads the mail into a temp
- file. It also does a certain amount of parsing of
- the header, etc.
- conf.c The configuration file. This contains information
- that is presumed to be quite static and non-
- controversial, or code compiled in for efficiency
- reasons. Most of the configuration is in sendmail.cf.
- conf.h Configuration that must be known everywhere.
- convtime.c A routine to sanely process times.
- daemon.c Routines to implement daemon mode. This version is
- specifically for Berkeley 4.1 IPC.
- deliver.c Routines to deliver mail.
- domain.c Routines that interface with DNS (the Domain Name
- System).
- err.c Routines to print error messages.
- envelope.c Routines to manipulate the envelope structure.
- headers.c Routines to process message headers.
- macro.c The macro expander. This is used internally to
- insert information from the configuration file.
- main.c The main routine to sendmail. This file also
- contains some miscellaneous routines.
- map.c Support for database maps.
- mci.c Routines that handle mail connection information caching.
- mime.c MIME conversion routines.
- parseaddr.c The routines which do address parsing.
- queue.c Routines to implement message queueing.
- readcf.c The routine that reads the configuration file and
- translates it to internal form.
- recipient.c Routines that manipulate the recipient list.
- safefile.c Routines to do careful checking of file modes and permissions
- when opening or creating files.
- savemail.c Routines which save the letter on processing errors.
- sendmail.h Main header file for sendmail.
- shmticklib.c Routines for shared memory counters.
- snprintf.c Routines to manipulate strings but prevent buffer overflows.
- srvrsmtp.c Routines to implement server SMTP.
- stab.c Routines to manage the symbol table.
- stats.c Routines to collect and post the statistics.
- statusd_shm.h Data structure and function declarations for shmticklib.c.
- sysexits.c List of error messages associated with error codes
- in sysexits.h.
- timers.c Routines to provide microtimers.
- timers.h Data structure and function declarations for timers.h.
- trace.c The trace package. These routines allow setting and
- testing of trace flags with a high granularity.
- udb.c The user database interface module.
- usersmtp.c Routines to implement user SMTP.
- util.c Some general purpose routines used by sendmail.
- version.c The version number and information about this
- version of sendmail. Theoretically, this gets
- modified on every change.
- Eric Allman
- (Version $Revision: 8.248 $, last update $Date: 1999/12/02 23:05:54 $ )