SSeennddmmaaiill ---- CCaarree aanndd FFeeeeddiinngg _L_a_s_t _E_d_i_t _M_a_r_c_h _2_4_, _1_9_9_2 Reg Quinton Computing and Communications Services The University of Western Ontario London, Ontario N6A 5B7 Canada 11.. HHiissttoorryy//GGooaallss Our goal is to make system administrators self sufficient -- CCS cannot administer _y_o_u_r mail system. You have to take responsiblity (but we can help). Sendmail released with BSD 4.2 circa 1983 by Eric Allman. My first experiences with sendmail were in 1984 with BSD 4.2 on a DEC/Vax 750 called ddeeeepptthhoott. The original context: (1) DARPA network projects -- TCP/IP, RFC821/822 (2) MILnet, ARPAnet, Berknet (peer to peer) (3) UUCP, BITNET, Decnet ... Current version is 5.64 available by anonymous FTP from uuuunneett..uuuu..nneett (but most systems come with good versions -- 5.61++). 11 UUWWOO//SSeennddmmaaiill A goal of sendmail is to provide a _f_l_e_x_i_b_l_e mail router for (1) TCP/IP peer to peer (2) Gateway between nets (_e_g_. UUCP to ARPAnet) To be a gateway requires header and address rewriting (_m_u_n_g_- _i_n_g). These days that's minimized since most mail is deliv- ered from sender directly to recipient without having to go through any relays. UUWWOO//SSeennddmmaaiill 22 Sendmail is a _c_o_n_f_i_g_u_r_a_b_l_e system. Predated by delivermail (of BSD 4.1) which required edit/recompile to reconfigure. //uussrr//lliibb//sseennddmmaaiill -- the executable image. //uussrr//lliibb//sseennddmmaaiill..ccff -- the configuration file. Early distributions had ugly configuration files (but then life was complicated back then). There is a reputation that you have to be a _g_u_r_u to maintain sendmail -- this is simply not true! 33 UUWWOO//SSeennddmmaaiill Alternatives to sendmail? (The usual gripe is "I can't fig- ure out sendmail.cf"). In my humble opinion alternatives like MMDF, {X, Y, Z}mail, etc. should be aavvooiiddeedd. Sendmail is a mature product with few problems. Most Unix sites on the Internet are using sendmail. SSeennddmmaaiill iiss aallssoo tthhee pprroodduucctt CCCCSS ssuuppppoorrttss ---- cchhoooossee aannootthheerr aatt yyoouurr oowwnn rriisskk.. UUWWOO//SSeennddmmaaiill 44 11..11.. WWhheerree?? Instructions, etc. for supporting a sendmail system are available from jjuulliiaann..uuwwoo..ccaa in ~~ffttpp//nniicc//sseennddmmaaiill [[33::2277ppmm zzeebbrraa]] ffttpp jjuulliiaann..uuwwoo..ccaa CCoonnnneecctteedd ttoo jjuulliiaann..uuwwoo..ccaa.. 222200 jjuulliiaann..uuwwoo..ccaa FFTTPP sseerrvveerr ((VVeerrssiioonn 55..6655 ...... NNaammee ((jjuulliiaann..uuwwoo..ccaa::rreeggggeerrss)):: aannoonnyymmoouuss 333311 GGuueesstt llooggiinn ookk,, sseenndd iiddeenntt aass ppaasssswwoorrdd.. PPaasssswwoorrdd:: 223300 GGuueesstt llooggiinn ookk,, aacccceessss rreessttrriiccttiioonnss aappppllyy.. ffttpp>> ccdd nniicc//sseennddmmaaiill 225500 CCWWDD ccoommmmaanndd ssuucccceessssffuull.. ffttpp>> Alternatively ... [[33::2277ppmm jjuulliiaann]] ccdd ~~ffttpp//nniicc//sseennddmmaaiill [[33::2288ppmm jjuulliiaann]] llss CCoonnffiigguurree..sshh RREEAADDMMEE..aalliiaasseess RREEAADDMMEE aalliiaasseess..ddiissttrriibbuuttiioonn sseennddmmaaiill..ddiissttrriibbuuttiioonn 55 UUWWOO//SSeennddmmaaiill 22.. WWhhaatt iiss SSeennddmmaaiill?? 22..11.. RReeaadd tthhee mmaannuuaall ppaaggee!! Sendmail delivers/routes all mail on a Unix system. It accepts a number of _a_r_g_u_m_e_n_t_s (_e_g_. --bbdd means run as a dae- mon) and messages are usually received/piped as _s_t_d_i_n. [[33::2288ppmm jjuulliiaann]] mmaann sseennddmmaaiill SSEENNDDMMAAIILL((88)) EEPP//IIXX SSEENNDDMMAAIILL((88)) NNAAMMEE sseennddmmaaiill -- sseenndd mmaaiill oovveerr tthhee iinntteerrnneett SSYYNNOOPPSSIISS //uussrr//lliibb//sseennddmmaaiill [[ ffllaaggss ]] [[ aaddddrreessss ...... ]] nneewwaalliiaasseess mmaaiillqq [[ --vv ]] DDEESSCCRRIIPPTTIIOONN sseennddmmaaiill sseennddss aa mmeessssaaggee ttoo ...... UUWWOO//SSeennddmmaaiill 66 22..22.. SSeennddmmaaiill iiss aa pprroocceessss On jjuulliiaann..uuwwoo..ccaa we process about 1,000 -- 2,000 E-mail mes- sages a day -- all are handle by sendmail. When you say, _e_g_. "mmaaiill rreeggggeerrss", your message is piped (as stdin) to an instance of sendmail with rreeggggeerrss as an argu- ment (standard fork/exec/argv and pipe notions). If you look at processes you may catch an instance of send- mail delivering someone's mail. [[33::3300ppmm jjuulliiaann]] ppss --aaggxx || ggrreepp sseennddmmaaiill 331100 ?? IIWW 00::4455 //uussrr//lliibb//sseennddmmaaiill --bbdd --qq1155mm 33116611 qq55 SSWWNN 00::0000 //uussrr//lliibb//sseennddmmaaiill --eemm --ooii rreeggggeerrss You should always see at least one instance of sendmail -- the sendmail daemon (this process is started at boot time and persists like most daemons). 77 UUWWOO//SSeennddmmaaiill The instance with arguments `--bbdd --qq1155mm' is a daemon (--bbdd) that is retrying the queue every 15min (--qq1155mm). You can tell it's a daemon because it has no controlling terminal and it has a low process number (because it was started early). 331100 ?? IIWW 00::4455 //uussrr//lliibb//sseennddmmaaiill --bbdd --qq1155mm The instance with arguments `--eemm --ooii rreeggggeerrss' has been fork/exec'd from a program like "mmaaiill" -- delivering mail to `rreeggggeerrss': 33116611 qq55 SSWWNN 00::0000 //uussrr//lliibb//sseennddmmaaiill --eemm --ooii rreeggggeerrss UUWWOO//SSeennddmmaaiill 88 22..33.. SSeennddmmaaiill DDaaeemmoonn Sendmail exists as a daemon process started at boot time. (1) ppss --aaggxx || ggrreepp sseennddmmaaiill (2) ggrreepp sseennddmmaaiill //eettcc//rrcc** (3) nneettssttaatt --aa || ggrreepp ssmmttpp (4) mmccoonnnneecctt jjuulliiaann..uuwwoo..ccaa (5) tteellnneett jjuulliiaann..uuwwoo..ccaa 2255 Sendmail is the process that: shows up in a process list, is started out of your //eettcc//rrcc files, is listening on the SMTP port, you connect to with mmccoonnnneecctt, alternatively with telnet to the SMTP port. 99 UUWWOO//SSeennddmmaaiill The sendmail daemon has two principle jobs: (1) listens to SMTP port for mail arriving via TCP/IP. (2) processes messages spooled (usually) in //uussrr//ssppooooll//mmqquueeuuee SMTP port assigned in //eettcc//sseerrvviicceess as port 25 (that's a "Well Known Service" -- WKS records in DNS). Protocol defined in RFC821 "Simple Mail Transfer Protocol", Jon Postel, 1982. SMTP server started by standard fork/exec sequence -- child handles connection and parent listens for more. The peer is often another sendmail processing its mail queue. UUWWOO//SSeennddmmaaiill 1100 22..44.. SSeennddmmaaiill QQuueeuuee Messages are queued for delivery in a spool directory -- usually //uussrr//ssppooooll//mmqquueeuuee [[1100::0088aamm jjuulliiaann]] mmaaiillqq ... AAAA0088779900 110011 TTuuee MMaarr 2244 0099::5544 <> ((DDeeffeerrrreedd:: CCoonnnneeccttiioonn ttiimmeedd oouutt ...... <> AAAA0077333388 339966 TTuuee MMaarr 2244 0099::3388 <<33000022__440022@@uuwwoovvaaxx..uuwwoo..ccaa>> ((DDeeffeerrrreedd:: CCoonnnneeccttiioonn ttiimmeedd oouutt ...... <> AAAA2233004455 9955 MMoonn MMaarr 2233 1199::5500 <> AAAA1100880044 774444 MMoonn MMaarr 2233 1166::5566 <> Alternatively .... [[99::4499aamm jjuulliiaann]] llss //uussrr//ssppooooll//mmqquueeuuee ddffAAAA0000001144 ddffAAAA1100880044 ddffAAAA2277666611 qqffAAAA0000002222 qqffAAAA2200994499 ddffAAAA0000002222 ddffAAAA1188888822 ddffAAAA2277995544 qqffAAAA0077118800 qqffAAAA2233004455 ddffAAAA0077118800 ddffAAAA2200994499 ddffAABB1155996677 qqffAAAA0077333388 qqffAAAA2277666611 ddffAAAA0077333388 ddffAAAA2233004455 qqffAAAA0000001144 qqffAAAA1100880044 qqffAAAA2277995544 1111 UUWWOO//SSeennddmmaaiill 33.. SSeennddmmaaiill ffiilleess //uussrr//lliibb//sseennddmmaaiill -- the executable. Sendmail must be found here since programs like MMaaiill, MMHH, UUUUCCPP, etc. pipe into this pro- gram by fork/exec. //uussrr//lliibb//sseennddmmaaiill..ccff -- the configuration file. Sendmail looks for the con- figuration file here (on SunOS also //eettcc//sseennddmmaaiill..ccff). This is readable text -- it's not that tough. //uussrr//lliibb//sseennddmmaaiill..ffcc -- a frozen version of the configuration file. A "quick" image that needn't be parsed. Unreadable. Rebuild when you change the config file by saying [[99::4499aamm jjuulliiaann]] sseennddmmaaiill --bbzz Note: the daemon will still be using the old configura- tion file -- kill and restart it too. //uussrr//lliibb//sseennddmmaaiill..hhff -- the help file (try the HELP command to the SMTP ser- vice). UUWWOO//SSeennddmmaaiill 1122 //uussrr//ssppooooll//mmqquueeuuee -- directory of spooled messages (this is config- urable). Examine by saying [[99::4499aamm jjuulliiaann]] mmaaiillqq [[99::4499aamm jjuulliiaann]] sseennddmmaaiill --bbpp //uussrr//lliibb//aalliiaasseess -- a list of aliases for mail forwarding (this is con- figurable). Readable. //uussrr//lliibb//aalliiaasseess..{{ddiirr,,ppaagg}} -- data base versions of alias file. Aliases are _l_o_c_a_l addresses. If you change the aliases file create a new data base: [[99::4499aamm jjuulliiaann]] nneewwaalliiaasseess [[99::4499aamm jjuulliiaann]] sseennddmmaaiill --bbii //eettcc//ppaasssswwdd -- local users data base. ~~uusseerr//..ffoorrwwaarrdd -- per user forwarding. 1133 UUWWOO//SSeennddmmaaiill 33..11.. SSeennddmmaaiill AAuuddiitt TTrraaiill Sendmail is usually configured (by an Option) to send audit records to ssyyssllooggdd((88)) (yet another process started at boot time). Syslogd is configured by //eettcc//ssyysslloogg..ccoonnff. Ours will log lots of records for mail (anything at the debug level or above): [[33::3344ppmm jjuulliiaann]] ggrreepp mmaaiill //eettcc//ssyysslloogg..ccoonnff mmaaiill..ddeebbuugg //uussrr//ssppooooll//ssyysslloogg//mmaaiill Every site sending/receiving mail _s_h_o_u_l_d maintain a syslog of mail transactions. [[33::3344ppmm jjuulliiaann]] ttaaiill //uussrr//ssppooooll//ssyysslloogg//mmaaiill MMaarr 2233 1155::3344::2200 jjuulliiaann sseennddmmaaiill[[33446622]]:: AAAA0033446622:: mmeessssaaggee--iidd==<<99220033223322002244..AAAA0022668800@@jjuulliiaann..uuwwoo..ccaa>> MMaarr 2233 1155::3344::2200 jjuulliiaann sseennddmmaaiill[[33446622]]:: AAAA0033446622:: ffrroomm==<>,, ssiizzee==448888,, ccllaassss==00,, rreecceeiivveedd ffrroomm hhyyddrraa..uuwwoo..ccaa MMaarr 2233 1155::3344::2211 jjuulliiaann sseennddmmaaiill[[33446644]]:: AAAA0033446622:: ttoo==<>,, ddeellaayy==0000::0000::0011,, ssttaatt==SSeenntt UUWWOO//SSeennddmmaaiill 1144 44.. SSeennddmmaaiill PPaarraaddiiggmm Sendmail receives messages, delivers them, all under the control of configuration files. 44..11.. IInnppuutt ttoo sseennddmmaaiill There are really only two ways for messages to be given to sendmail. (1) from mmaaiill, mmhh, nneewwss, uuuuccpp, ccrroonn, etc. These programs fork/exec sendmail with stdin a message and argv a list of recipients and flags. (2) from other mail daemons as an SMTP service. These programs open a network connection to the SMTP ser- vice. The sendmail daemon fork/exec's a child to take care of the connection. (3) from //uussrr//ssppooooll//mmqquueeuuee (from above). The ddff**, and ccff** files define messages that need to be delivered (_e_g_. when a network connection is down files are spooled). The sendmail daemon fork/exec's a child every so often to handle these (--qq1155mm). 44..22.. CCoonnffiigguurraattiioonn ffiilleess There are lots of configuration files that control how mes- sages are delivered. (1) //uussrr//lliibb//sseennddmmaaiill..{{ccff,,ffcc}} defines parsing and deliv- ery rules -- tables _h_o_w to munge addresses and get rid of mail. (2) //uussrr//ssppooooll//mmqquueeuuee is where messages are spooled. The ddff**, and ccff** files are deferred messages. (3) //uussrr//lliibb//aalliiaasseess..{{ddiirr,,ppaagg}} aliases for local addresses. _e_g_. mail for "postmaster" is sent to "colleen". 1155 UUWWOO//SSeennddmmaaiill (4) //eettcc//ppaasssswwdd defines local addresses. Note that aalliiaasseess override ppaasssswwdd entries -- on our system we make sure that all users are entered into the alias file. UUWWOO//SSeennddmmaaiill 1166 44..33.. MMeessssaaggee ddeelliivveerryy There are really only two ways for sendmail to get rid of messages. (1) sendmail fork/exec/pipes messages to programs like uuuuxx (for UUCP) and bbiinnmmaaiill (for local delivery). Exit status determines success or failure. (2) sendmail talks SMTP over a TCP/IP socket to another mail daemon. 1177 UUWWOO//SSeennddmmaaiill 55.. SSeennddmmaaiill CCoonnffiigguurraattiioonn FFiillee //uussrr//lliibb//sseennddmmaaiill..ccff is a configuration file. Plain text, readable, edittable. The frozen version (..ffcc) is a compiled version that is easy to load. A supported distribution is available by anonymous ftp: jjuulliiaann..uuwwoo..ccaa::~~ffttpp//nniicc//sseennddmmaaiill There are a number of sections to consider. At first blush this looks frightening but it needn't be: ## ww ---- tthhee ddoommaaiinn nnaammee ooff tthhiiss mmaacchhiinnee ## ll ---- ffoorrmmaatt ooff tthhee UUnniixx ""FFrroomm aaddddrr ddaattee"" lliinnee ## nn ---- MMAAIILL--DDAAEEMMOONN''ss nnaammee ## oo ---- ooppeerraattoorrss ((ffoorr bbrreeaakkiinngg ssttrriinnggss iinnttoo ttookkeennss)) ## qq ---- ddeeffaauulltt ffoorrmmaatt ffoorr sseennddeerr aaddddrreessss ## DDee$$jj SSeennddmmaaiill $$vv//$$$$RReevviissiioonn:: 11..22 $$$$ rreeaaddyy aatt $$bb DDjjlluucciillllee..pphhyyssiiccss..uuwwoo..ccaa DDwwlluucciillllee..pphhyyssiiccss..uuwwoo..ccaa DDllFFrroomm $$gg $$dd DDnnMMAAIILL--DDAAEEMMOONN DDoo..%%@@!!::,,|| ##DDoo..::%%@@!!^^==//;; DDqq$$??xx$$xx $$..<<$$gg>> ##DDqq$$gg$$??xx (($$xx))$$.. UUWWOO//SSeennddmmaaiill 1188 55..11.. CCoommmmeennttss Any line beginning with a `#' is a comment to aid read- ablity. Our version should be readable -- there certainly are lots of comments. ## OOppttiioonnss...... ## AA<> wwhheerree iiss aalliiaass ffiillee llooccaatteedd?? ## aa<> wwaaiitt hhooww lloonngg ffoorr aalliiaasseess ttoo bbee rreebbuuiilltt?? ## BB<> ssuubbssttiittuuttee wwhhaatt ffoorr wwhhiittee ssppaaccee?? ((ddeeff.. ''..'')) ## CC<> cchheecckkppooiinntt aafftteerr tthhiiss mmaannyy rreecciippiieennttss ## cc qquueeuuee ffoorr eexxppeennssiivvee mmaaiilleerrss ## dd<> ddeelliivveerryy mmooddee -- ## ii::iinntteerraaccttiivvee,, bb::bbaacckkggrroouunndd,, qq::qquueeuuee ## DD rreebbuuiilldd aalliiaass ddaattaa bbaassee iiff rreeqquuiirreedd ## ee<> ddiissppoossee ooff eerrrroorrss -- ## pp::pprriinntt,, qq::ssttaattuuss aalloonnee,, mm::mmaaiill,, ## ww::wwrriittee,, ee::mmaaiill aanndd eexxiitt cclleeaann ## FF<> pprrootteeccttiioonn mmooddee ffoorr qquueeuueedd ffiilleess ## ff ssaavvee UUnniixx ssttyyllee FFrroomm lliinneess ## gg<> sseett ggiidd oonn mmaaiilleerrss ttoo nnuummbbeerr ## HH<> llooccaattiioonn ooff hheellpp ffiillee ## ii iiggnnoorree ddootttteedd lliinneess ((ttrreeaatt ddoottss aass tteexxtt)) ## LL<> aauuddiitt ttrraaiill llooggggiinngg ((00::nnoonnee,, 99::nniiccee)) ## mm sseenndd ttoo mmee ttoooo ((eevveenn iiff sseennddeerr ==== rreecciipp)) ## oo oolldd ssttyyllee ((uunniixx)) hheeaaddeerrss ssuuppppoorrtteedd ## PP<> PPoossttmmaasstteerr''ss nnaammee.... CCcc:: NNaakkss ttoo hhiimm ttoooo ## QQ<> wwhheerree ddoo II qquueeuuee?? 1199 UUWWOO//SSeennddmmaaiill 55..22.. OOppttiioonnss Any line beginning with an `O' is an option. Most options can be set on the command line as `--ooxx<>' (but few are). Some have numeric values, others letters, etc. ## uu<> mmaaiilleerrss rruunn uunnddeerr tthhiiss uuiidd ## vv vveerrbboossee mmooddee ## xx<> llooaadd aavveerraaggee wwhhiicchh ffoorrcceess ""ddqq"" ((ddeeff.. 88)) ## XX<> hhooww mmaannyy SSMMTTPP sseerrvveerrss ((ddeeff.. 1122)) ## OOAA//uussrr//llooccaall//lliibb//aalliiaasseess OOaa1100mm OODD OOddbb OOFF00664400 OOgg11 OOHH//uussrr//lliibb//sseennddmmaaiill..hhff OOLL99 OOmm OOoo ##OOPPppoossttmmaasstteerr OOQQ//uussrr//ssppooooll//mmqquueeuuee Recall that we said sendmail usually spools in //uussrr//ssppooooll//mmqquueeuuee -- the OOQQ option defines the spool area. UUWWOO//SSeennddmmaaiill 2200 55..33.. SSttrriinnggss Any line beginning with a `D' is a string definition. Strings are set to single letters and referred to with the $$jj notation. ## RReeqquuiirreedd mmaaccrrooss ((DDeeffiinneedd ssttrriinnggss)) ## ee ---- tthhee SSMMTTPP sseerrvviiccee rreeaaddyy mmeessssaaggee ## jj ---- tthhee mmaaiill--ddoommaaiinn nnaammee ooff tthhiiss mmaacchhiinnee ## ww ---- tthhee ddoommaaiinn nnaammee ooff tthhiiss mmaacchhiinnee ## ll ---- ffoorrmmaatt ooff tthhee UUnniixx ""FFrroomm aaddddrr ddaattee"" lliinnee ## nn ---- MMAAIILL--DDAAEEMMOONN''ss nnaammee ## oo ---- ooppeerraattoorrss ((ffoorr bbrreeaakkiinngg ssttrriinnggss iinnttoo ttookkeennss)) ## qq ---- ddeeffaauulltt ffoorrmmaatt ffoorr sseennddeerr aaddddrreessss ## DDee$$jj SSeennddmmaaiill $$vv//$$$$RReevviissiioonn:: 11..22 $$$$ rreeaaddyy aatt $$bb DDjjlluucciillllee..pphhyyssiiccss..uuwwoo..ccaa DDwwlluucciillllee..pphhyyssiiccss..uuwwoo..ccaa DDllFFrroomm $$gg $$dd DDnnMMAAIILL--DDAAEEMMOONN DDoo..%%@@!!::,,|| ##DDoo..::%%@@!!^^==//;; DDqq$$??xx$$xx $$..<<$$gg>> ##DDqq$$gg$$??xx (($$xx))$$.. Note, there are lots of reserved strings -- $$aa is the ARPA style date. Don't try to define these. 2211 UUWWOO//SSeennddmmaaiill 55..44.. CCllaasssseess Any line beginning with a "C" is a class definition (a set of tokens). ## HHaacckknneeyyeedd ddoommaaiinnss II rreeaacchh tthhrruu aa llooccaall rreellaayy hhoosstt CCRRbbiittnneett ccddnn uuuuccpp ## mmaajjoorr rreellaayy hhoosstt DDRRmmaaiill--rreellaayy..uuwwoo..ccaa Classes are set to single letters and referenced by the $$==YY notation. The only class we use is for the set of pseudo domains not supported in the DNS. We get mail to them by punting to mmaaiill--rreellaayy..uuwwoo..ccaa. Note distinction between $$RR (the string) and $$==RR (the class). In the example we define a class of pseudo domains CCRRbbiittnneett ccddnn uuuuccpp and a string for the name of a gateway machine DDRRmmaaiill--rreellaayy..uuwwoo..ccaa UUWWOO//SSeennddmmaaiill 2222 55..55.. HHeeaaddeerrss Any line beginning with a "H" is a header definition -- these are usually fine. ########################################################## ## FFoorrmmaatt ooff hheeaaddeerrss ## HH??RR??RReecceeiivveedd:: $$??ssffrroomm $$ss $$..bbyy $$jj$$??rr wwiitthh $$rr$$..;; ((iidd $$ii)) $$bb HH??MM??RReesseenntt--MMeessssaaggee--IIdd:: <<$$tt..$$ii@@$$jj>> HH??MM??MMeessssaaggee--IIdd:: <<$$tt..$$ii@@$$jj>> HH??DD??RReesseenntt--DDaattee:: $$aa HH??DD??DDaattee:: $$aa HH??FF??RReesseenntt--FFrroomm:: $$qq HH??FF??FFrroomm:: $$qq HH??xx??FFuullll--NNaammee:: $$xx HHSSuubbjjeecctt:: ## HHPPoosstteedd--DDaattee:: $$aa ## HH??ll??RReecceeiivveedd--DDaattee:: $$bb There's an interesting conditional construction: $$??ssffrroomm $$ss $$.. This means: if the string `ss' is defined then substitute `ffrroomm $$ss'. 2233 UUWWOO//SSeennddmmaaiill 55..66.. MMaaiilleerr Any line beginning with a "M" is a mailer definition. This defines how sendmail should communicate with different pro- grams, _e_g_. does the program accept multiple recipients on the same line? ## ## MMaaiilleerr ssppeecciiffiiccaattiioonnss...... ## MMllooccaall,, PP==//uussrr//llooccaall//lliibb//bbiinnmmaaiill,, FF==rrllssXXRRDDFFMMmmnnPP,, AA==mmaaiill --dd $$uu MMpprroogg,, PP==//bbiinn//sshh,, FF==llssDDFFMMeeuuPP,, AA==sshh --cc $$uu MMeetthheerr,, PP==[[IIPPCC]],, FF==mmssDDFFMMuuCCXX,, AA==IIPPCC $$hh,, EE==\\rr\\nn The IIPPCC mailer (ie. SMTP over TCP/IP) is built in -- send- mail takes care of the Inter Process Communcation without the aid of any delivery program. Sendmail uses a program to deliver mail locally -- that is not built in. We, optionally, support a mailer for routing over a UUCP link. UUWWOO//SSeennddmmaaiill 2244 55..77.. RRuulleess aanndd RRuullee SSeettss Any line beginning with an "S" defines a numbered rule set. _e_g_. S0 the message delivery rule set and S3 the preamble rule set. ######################################################################################################## ## RRee--wwrriittiinngg rruulleess aarree ttrriivviiaall,, II eeiitthheerr kknnooww aabboouutt ## tthhee MMXX wwoorrlldd oorr,, aalltteerrnnaattiivveellyy,, kknnooww ooff ssoommeeoonnee wwhhoo ## ddooeess.. TTwwoo rroouutteess aarree ssuuppppoorrtteedd ttoo tthhee ssmmaarrtt gguuyy ---- ## ssmmttpp//iipp oorr uuuuxx//uuuuccpp.. ## SS00 RR||$$**@@$$jj $$##pprroogg$$::$$11 llooccaall ppiippee RR$$**@@$$jj $$##llooccaall$$::$$11 llooccaall ppeerrssoonn RR$$**@@$$**..$$==RR $$##eetthheerr$$@@$$RR$$::$$11@@$$22..$$33 ttoo ggaatteewwaayy RR$$**@@$$** $$##eetthheerr$$@@$$22$$::$$11@@$$22 vviiaa mmxx mmeetthhoodd Certain rule sets are reserved (_e_g_. _a_l_l _o_f S0, S1, S2, S3 and S4 have special roles). Some are required, _e_g_. S0 is required (for obvious reasons). All else can be empty. 2255 UUWWOO//SSeennddmmaaiill 55..88.. RRuulleess Any line beginning with an "R" is a rewriting rule. A rule on how to munge an address. All rules look like R_p_a_t_t_e_r_n_r_e_w_r_i_t_e_-_r_u_l_e_c_o_m_m_e_n_t For example, the preamble rule set: SS33 RRllooccaall!!$$** $$::$$11 ttoo mmaakkee rrmmaaiill wwoorrkk RR<<>> $$@@$$nn@@$$jj ttuurrnn iinnttoo mmaaggiicc ttookkeenn RR$$**<<$$++>>$$** $$22 bbaassiicc RRFFCC882211//882222 ppaarrssiinngg RR@@$$**::$$** $$::$$22 aarroouunndd hheerree ((rreeqq)) RR$$-- aatt $$-- $$11@@$$22 oolldd ffaasshhiioonneedd,, aanndd dduummbb RR$$**@@$$-- $$@@$$11@@$$22..$$UU qquuaalliiffyy RR$$**@@$$ww $$@@$$11@@$$jj uussee pprreeffffeerreedd ddoommaaiinn RR$$**@@$$** $$@@$$11@@$$22 llooookkss ffiinnee RR$$** $$@@$$11@@$$jj In our sendmail configuration the function of S3 is to turn all addresses into strings that look like `uusseerr@@ddoo..mmaa..iinn'. UUWWOO//SSeennddmmaaiill 2266 55..88..11.. RRuullee SSeett FFllooww All addresses are munged by a sequence of `Rewriting Rule Sets'. The diagram shows the various sequences. For example, a _r_e_s_o_l_v_e_d _a_d_d_r_e_s_s is an address that has been munged by S3 then by S0. -->> SS00 -->> aa ``rreessoollvveedd aaddddrreessss'' // // -->> SS11 -->> SS -->> // // \\ aaddddrreessss -->> SS33 -->> DD -- -->> SS44 -->> mmeessssaaggee \\ // -->> SS22 -->> RR -->> All addresses are munged through S3, then follow the arrows as appropriate. The paths are for envelope addresses (S3 to S0) and message header addresses (S3, D, S1, S, and S4 for Sender addresses vs S3, D, S2, R, and S4 for Recipient addresses). 2277 UUWWOO//SSeennddmmaaiill (1) Recipient addresses then go through S3 then S0 where they're `resolved' to a delivery program and arg list; ie. $$##MMaaiilleerr$$@@......$$::...... (2) Rule D is implicit (ie. no written set here) and con- fusing -- if delivery to the sender is through a mailer with a C flag then any unqualified addresses get his domain. (3) All Sender addresses go through S1, a mailer specific rule set `S' (see mailer line), through S4, and into the message header. (4) All Recipient addresses go through S2, a mailer spe- cific rule set `R' (see mailer line), through S4, and into the message header. Rule set D is useful since many sites don't full qualify their mail -- ie. by `uusseerr' they mean `@@mmyy--ddoommaaiinn' and not `@@yyoouurr--ddoommaaiinn'. Rule sets S and R are useful when you communicate with non-compliant sites -- like dumb old UUCP. UUWWOO//SSeennddmmaaiill 2288 55..88..22.. RRuullee SSeemmaannttiiccss While the input string matches the left hand pattern apply the right hand rewrite rule. Else procede to next rule in the set. RR$$** aatt $$-- $$11@@$$22..BBIITTNNEETT yyeecchh,, pprrooffss In the sendmail.cf we support you'll find: (1) S1, S2, S4 are empty -- the important work is done in S0 and S3. (2) S3 turns all addresses into uusseerr@@ddoo..mmaa..iinn (note that the < and > are dropped). (3) S0, given input as uusseerr@@ddoo..mmaa..iinn, decides delivery mechanism by pattern matching on "ddoo..mmaa..iinn". Is it local? Is it a pseudo-domain (like UUCP and BITNET)? Is it an MX domain? (4) Rules sets for recipient S5 and sender S6 rewriting are defined as mailer specific rules -- the only given one is for UUCP. 2299 UUWWOO//SSeennddmmaaiill 55..88..33.. PPaatttteerrnn SSeemmaannttiiccss Strings are broken in "tokens" according to the special characters of "$$oo". DDoo..%%@@!!:: For example, the address aa336622%%uuwwoocccc11..bbiittnneett@@ccuunnyyvvmm..ccuunnyy..eedduu will be broken into a sequence of tokens for pattern match- ing and rewriting. The tokens in this example are: `aa336622' (a string), `%%' (a single character), `uuwwoocccc11', `..', `bbiittnneett', `@@', `ccuunnyyvvmm', `..', `ccuunnyy', `..', and finally `eedduu'. Some tokens are single characters, others are character strings. UUWWOO//SSeennddmmaaiill 3300 In the pattern matching the meta notations are: (1) $$** matches any sequence of tokens RRllooccaall!!$$** $$::$$11 _e_g_. local!julian.uwo.ca!reggers (2) $$++ matches any non-trivial sequence of tokens RR$$**<<$$++>>$$** $$::$$22 _e_g_. Reg Quinton (3) $$-- matches any single token. RR$$**@@$$-- $$::$$11@@$$22..$$UU _e_g_. reggers@uwovax 3311 UUWWOO//SSeennddmmaaiill (4) $$xx matches the ssttrriinngg defined by `DDxx'' RR$$**@@$$jj $$##llooccaall$$::$$11 _e_g_. rreeggggeerrss@@jjuulliiaann..uuwwoo..ccaa (5) $$==xx matches a ttookkeenn in the class defined by `CCxx'' RR$$**@@$$**..$$==RR $$##eetthheerr$$@@$$RR$$::$$11@@$$22..$$33 _e_g_. aa336622@@uuwwoocccc11..BBIITTNNEETT UUWWOO//SSeennddmmaaiill 3322 55..88..44.. RReewwrriittiinngg SSeemmaannttiiccss A rewriting rule is only applied if the string matches the pattern. The rule is applied until it fails, then on to the next in the rule set. In the rewriting the meta notations are: (1) $nn is _n_t_h patten match in the string (count only the $ matches). RR@@$$**::$$** $$::$$22 (2) $$::rruullee... apply the rule and procede to the next in rule set. RR<<>> $$::$$nn (3) $$@@rruullee... apply the rule and exit the rule set. RR$$-- $$@@$$11@@$$jj 3333 UUWWOO//SSeennddmmaaiill (4) $$##mmaaiilleerr... deliver to mailer (only in S0!) RR$$-- $$##llooccaall$$::$$11 Within a ##MMaaiilleerr rule $$:: names the user, $$@@ names the host. For example RR$$**@@$$**..$$==RR $$##eetthheerr$$@@$$RR$$::$$11@@$$22..$$33 The mailer is eetthheerr, the host $$RR, and the user is $$11@@$$22..$$33. This punts pseudo domains to a gateway machine. RR$$**@@$$** $$##eetthheerr$$@@$$22$$::$$11@@$$22 Again, the mailer is eetthheerr, but the host $$22, and the user is $$11@@$$22. This sends real domains to the machine listed in the MX record. UUWWOO//SSeennddmmaaiill 3344 66.. SSeennddmmaaiill TTeessttiinngg You can test whether an address is deliverable or how a list expands: [[1100::4433aamm jjuulliiaann]] sseennddmmaaiill --bbvv rreeggggeerrss@@uuwwoovvaaxx..uuwwoo..ccaa rreeggggeerrss@@uuwwoovvaaxx..uuwwoo..ccaa...... ddeelliivveerraabbllee You can test rule sets in a verbose mode: [[1100::4433aamm jjuulliiaann]] sseennddmmaaiill --bbtt AADDDDRREESSSS TTEESSTT MMOODDEE EEnntteerr <> <> >> 00 rreeggggeerrss@@uuwwoovvaaxx..uuwwoo..ccaa rreewwrriittee:: rruulleesseett 33 iinnppuutt:: ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" rreewwrriittee:: rruulleesseett 33 rreettuurrnnss:: ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" rreewwrriittee:: rruulleesseett 00 iinnppuutt:: ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" rreewwrriittee:: rruulleesseett 00 rreettuurrnnss:: ""^^VV"" ""eetthheerr"" ""^^WW"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" ""^^XX"" ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" Note that Rule Set 3 is always applied. Note also the token sequences displayed as input and output to th the rule sets. 3355 UUWWOO//SSeennddmmaaiill You can test a new configuration file: [[1100::4433aamm jjuulliiaann]] sseennddmmaaiill --bbtt --CCsseennddmmaaiill..ccff AADDDDRREESSSS TTEESSTT MMOODDEE EEnntteerr <> <> >> 00 rreeggggeerrss@@uuwwoovvaaxx..uuwwoo..ccaa Make sure you test things before you install them. Testing with rule set 0 is most common. [[1100::4433aamm jjuulliiaann]] sseennddmmaaiill --bbtt AADDDDRREESSSS TTEESSTT MMOODDEE EEnntteerr <> <> >> 00 rreeggggeerrss@@uuwwoovvaaxx..uuwwoo..ccaa rreewwrriittee:: rruulleesseett 33 iinnppuutt:: ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" rreewwrriittee:: rruulleesseett 33 rreettuurrnnss:: ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" rreewwrriittee:: rruulleesseett 00 iinnppuutt:: ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" rreewwrriittee:: rruulleesseett 00 rreettuurrnnss:: ""^^VV"" ""eetthheerr"" ""^^WW"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" ""^^XX"" ""rreeggggeerrss"" ""@@"" ""uuwwoovvaaxx"" "".."" ""uuwwoo"" "".."" ""ccaa"" The mailer is specified with ^V, the host with ^W, the user with ^X. Each as a sequence of tokens. UUWWOO//SSeennddmmaaiill 3366 77.. AAddddrreessss RReewwrriittiinngg We're trying to turn all addresses into user@do.ma.in. Here's what you have to deal with: uusseerr Easy, tack on local domain ($$jj). uusseerr@@ddoo..mmaa..iinn Easy, assume correct. <<@@ssiittee,,@@ssiittee::uusseerr@@ddoommaaiinn>> Easy, use the last part. But some sites don't qualify the trailing domain (that's their problem). This pre- dates the Domain Name System and shouldn't be used any- more. hhoosstt!!hhoosstt!!uusseerr Easy, write as uusseerr@@hhoosstt..UUUUCCPP (but requires that some- one support UUCP maps). Should only appear on julian.uwo.ca (and on uucp neighbors). hhoosstt!!ddoo..mmaa..iinn!!uusseerr Easy, write as uusseerr@@ddoo..mmaa..iinn 3377 UUWWOO//SSeennddmmaaiill uusseerr@@hhoosstt This is hard -- should we assume local domain, or UUCP, or BITNET, or what? No matter what you chose, you will be wrong in ssoommee instances. We assume local domain. This explains why one occasionally sees addresses of the form uusseerr@@hhoosstt..uuwwoo..ccaa when the host isn't in the local domain If everyone behaved, ie. used fully qualified registered domain names, we would have no problems. UUWWOO//SSeennddmmaaiill 3388 88.. MMXX sseennddmmaaiill A domain is listed in the Domain Name Service. Records detail things like AA (address), WWKKSS (well known services), HHIINNFFOO (machine type), MMXX (mail exchangeer), and other good stuff (the IINN records are Internet information, other records are possbile -- like Decnet, IPX, etc.). From the cogsci DNS data: ccooggssccii..uuwwoo..ccaa.. IINN AA 112299..110000..66..1100 IINN MMXX 00 ccooggssccii..uuwwoo..ccaa.. IINN MMXX 1100 jjuulliiaann..uuwwoo..ccaa.. IINN HHIINNFFOO SSuunn33//116600 ""SSuunn UUNNIIXX"" The MX records order the hosts that should be tried -- if you have mail for uusseerr@@ccooggssccii..uuwwoo..ccaa try to connect to ccooggssccii..uuwwoo..ccaa, if that fails try jjuulliiaann..uuwwoo..ccaa, and if that fails spool and try again later. Note that mail for cogsci.uwo.ca is delivered ddiirreeccttllyy to them. It is nnoott store and forward through some gateway. Very different from the old days of BITNET, UUCP, MLNET, and other store and forward nets. 3399 UUWWOO//SSeennddmmaaiill Alternatively ... [[1111::2266aamm jjuulliiaann]] nnssllooookkuupp DDeeffaauulltt SSeerrvveerr:: jjuulliiaann..uuwwoo..ccaa AAddddrreessss:: 112299..110000..22..1122 >> sseett ttyyppee==aannyy >> llrrii..uuwwoo..ccaa SSeerrvveerr:: jjuulliiaann..uuwwoo..ccaa AAddddrreessss:: 112299..110000..22..1122 llrrii..uuwwoo..ccaa pprreeffeerreennccee == 00,, mmaaiill eexxcchhaannggeerr == jjuulliiaann..uuwwoo..ccaa llrrii..uuwwoo..ccaa pprreeffeerreennccee == 1100,, mmaaiill eexxcchhaannggeerr == hhyyddrraa..uuwwoo..ccaa llrrii..uuwwoo..ccaa CCPPUU==SSGGII OOSS==UUnniixx jjuulliiaann..uuwwoo..ccaa iinneett aaddddrreessss == 112299..110000..22..1122 hhyyddrraa..uuwwoo..ccaa iinneett aaddddrreessss == 112299..110000..22..1133 >> Not all domains listed in the DNS have an IP address (_e_g_. **..ddeecc..ccoomm). If a domain is addressable by E-mail they either have an IP address or a MX record pointing at someone who does. You can mail to sites not on the Internet -- by mailing to MX gateways which can forward things on. UUWWOO//SSeennddmmaaiill 4400 Note that ssoommee mail addresses mention systems that are not listed in the DNS [[1111::2288aamm jjuulliiaann]] nnssllooookkuupp DDeeffaauulltt SSeerrvveerr:: jjuulliiaann..uuwwoo..ccaa AAddddrreessss:: 112299..110000..22..1122 >> sseett ttyyppee==aannyy >> uuwwoocccc11..bbiittnneett SSeerrvveerr:: jjuulliiaann..uuwwoo..ccaa AAddddrreessss:: 112299..110000..22..1122 ****** jjuulliiaann..uuwwoo..ccaa ccaann''tt ffiinndd uuwwoocccc11..bbiittnneett:: NNoonn--eexxiisstteenntt ddoommaaiinn >> wwaattmmaatthh..uuuuccpp SSeerrvveerr:: jjuulliiaann..uuwwoo..ccaa AAddddrreessss:: 112299..110000..22..1122 ****** jjuulliiaann..uuwwoo..ccaa ccaann''tt ffiinndd wwaattmmaatthh..uuuuccpp:: NNoonn--eexxiisstteenntt ddoommaaiinn 4411 UUWWOO//SSeennddmmaaiill Strictly speaking, pseudo-domains (like bitnet and uucp) should be hidden behind some real domain. rreeggggeerrss%%uuwwoocccc11..bbiittnneett@@hhyyddrraa..uuwwoo..ccaa But we support _s_o_m_e with a rule CCRRbbiittnneett uuuuccpp ccddnn _e_t_c _._._._._. RR$$**@@$$**..$$==RR $$##eetthheerr$$@@$$RR$$::$$11@@$$22..$$33 You can mail to uusseerr@@hhoosstt..bbiittnneett because your sendmail sys- tem has been configured to route that pseudo domain to a gateway machine. UUWWOO//SSeennddmmaaiill 4422 88..11.. MMXX rroouuttiinngg Consider the rule in S0: RR$$**@@$$** $$##eetthheerr$$@@$$RR$$::$$11@@$$22 This punts, via SMTP, everything to a gateway (usually mmaaiill-- rreellaayy..uuwwoo..ccaa). This requires that the gateway understand MX routing (or punt on to some who does). This also requires a cooperating gateway to do your work (recall our goal is to make you self sufficient). RR$$**@@$$** $$##eetthheerr$$@@$$22$$::$$11@@$$22 This punts, via SMTP, to the recipient domain. For non-MX sendmails this would require that you list all 250,000 domains in //eettcc//hhoossttss. For MX sendmail the DNS is queried and MX records are honored. An MX version of sendmail makes rule set S0 simple -- an address is either local, a pseudo-domain, or else a real domain. Fortunately the number of pseudo domains has decreased over the years. 4433 UUWWOO//SSeennddmmaaiill 99.. RRsseennddmmaaiill ---- NNFFSS eennvviirroonnmmeenntt The typical NFS environment around Western is a hidden domain with shared: (1) //eettcc//ppaasssswwdd (2) //uussrr//ssppooooll//mmaaiill Having configured sendmail on the server machine how do users submit mail? Two alternatives: (1) Configure a simple sendmail.cf for your clients that punts to the server. (2) Construct a simple sendmail for your clients that rsh's sendmail on the server. jjuulliiaann..uuwwoo..ccaa::~~ffttpp//nniicc//rrsseennddmmaaiill This has some minor problems, but is in use at many sites (especially within CCS). UUWWOO//SSeennddmmaaiill 4444