What's new in sendmail 8.8?

Last Update 1999-11-24
This WWW page gives an overview over the new features of sendmail 8.8 which are most interesting for me. The RELEASE_NOTES from sendmail 8.8 list all new features. I will further comment this list, as soon as I've tried these features, or someone else gives a more detailed description how to use them.

Here are some of the highlights:

ETRN

	Implement ESMTP ETRN command to flush the queue for a specific host.
		The command takes a host name; data for that host is
		immediately (and asynchronously) flushed.  Because this shares
		the -qR implementation, other hosts may be attempted, but
		there should be no security implications.  Implementation
		from John Beck of InReference, Inc.
RFC 1985 describes the new ETRN command, which is a safer version of the old TURN command, to start sending messages to rarely connected hosts.

DSN

	Add three new command line flags to pass in DSN parameters: -V envid
		(equivalent to ENVID=envid on the MAIL command), -R ret
		(equivalent to RET=ret on the MAIL command), and -Nnotify
		(equivalent to NOTIFY=notify on the RCPT command).  Note
		that the -N flag applies to all recipients; there is no way
		to specify per-address notifications on the command line,
		nor is there an equivalent for the ORCPT= per-address
		parameter.
How to get notified when an e-mail has been read/delivered? gives an introduction to DSN.

Control the number of connections

	Add MaxDaemonChildren option; if this is set, sendmail will start
		rejecting connections if it has more than this many
		outstanding children accepting mail.  Note that you may
		see more processes than this because of outgoing mail; this
		is for incoming connections only.
	Add ConnectionRateThrottle option.  If set to a positive value, the
		number of incoming SMTP connections that will be permitted
		in a single second is limited to this number.  Connections are
		not refused during this time, just deferred.  The intent is to
		flatten out demand so that load average limiting can kick in.
		It is less radical than MaxDaemonChildren, which will stop
		accepting connections even if all the connections are idle
		(e.g., due to connection caching).
	New SingleThreadDelivery option (requires HostStatusDirectory to
		operate).  Avoids letting two sendmails on the local machine
		open connections to the same remote host at the same time.  
		This reduces load on the other machine, but can cause mail to
		be delayed (for example, if one sendmail is delivering a huge
		message, other sendmails won't be able to send even small
		messages).  Also, it requires another file descriptor (for the
		lock file) per connection, so you may have to reduce
		ConnectionCacheSize to avoid running out of per-process
		file descriptors.  Based on the persistent host status code
		contributed by Paul Vixie and Mark Lovell.

Who can use your machine as a mail gateway?

	Allow new named (not numbered!) config file rules to do validity
		checking on SMTP arguments: check_mail for MAIL commands and
		check_rcpt for RCPT commands.  These rulesets can do anything
		they want; their result is ignored unless they resolve to the
		$#error mailer, in which case the indicated message is printed
		and the command is rejected.  Similarly, the check_compat
		ruleset is called before delivery with "from_addr $| to_addr"
		(the $| is a meta-symbol used to separate the two addresses);
		it can give a "this sender can't send to this recipient"
		notification.  Note that this patch allows $| to stand alone
		in rulesets.
	Define new macros ${client_name}, ${client_addr}, and ${client_port}
		that have the name, IP address, and port number (respectively)
		of the SMTP client (that is, the entity at the other end of
		the connection.  These can be used in (e.g.) check_rcpt to
		verify that someone isn't trying to relay mail through your
		host inappropriately.  Be sure to use the deferred evaluation
		form, for example $&{client_name}, to avoid having these bound
		when sendmail reads the configuration file.
	Add new config file rule check_relay to check the incoming connection
		information.  Like check_compat, it is passed the host name
		and host address separated by $| and can reject connections
		on that basis.
Using check_* in sendmail 8.8 gives an overview how to use these rulesets.

New Configuration Options/Features

General Changes

	CONFIG: allow mailertables to resolve to ``error:code message''
		(where "code" is an exit status) on domains (previously
		worked only on hosts).  Patch from Cor Bosman of Xs4all
		Foundation.
	CONFIG: allow mailertable entries to resolve to local:user; this
		passes the original user@host in to procmail-style local
		mailers as the "detail" information to allow them to do
		additional clever processing.  From Joe Pruett of
		Teleport Corporation.
	CONFIG: allow any context that takes "mailer:domain" to also take
		"mailer:user@domain" to force mailing to the given user;
		"local:user" can also be used to do local delivery.  This
		applies on *_RELAY and in the mailertable entries.  Based
		on a suggestion by Ribert Kiessling of Easynet.

Masquerading

	CONFIG: add FEATURE(limited_masquerade).  Without this feature, any
		domain listed in $=w is masqueraded.  With it, only those
		domains listed in a MASQUERADE_DOMAIN macro are masqueraded.
	CONFIG: add FEATURE(masquerade_entire_domain).  This causes
		masquerading specified by MASQUERADE_DOMAIN to apply to all
		hosts under those domains as well as the domain headers
		themselves.  For example, if a configuration had
		MASQUERADE_DOMAIN(foo.com), then without this feature only
		foo.com would be masqueraded; with it, *.foo.com would be
		masqueraded as well.  Based on an implementation by Richard
		(Pug) Bainter of U. Texas.

Generic Tables

	CONFIG: add FEATURE(genericstable) to do a more general rewriting of
		outgoing addresses.  Defaults to ``hash -o /etc/genericstable''.
		Keys are user names; values are outgoing mail addresses.  Yes,
		this does overlap with the user database, and figuring out
		just when to use which one may be tricky.  Based on code
		contributed by Richard (Pug) Bainter of U. Texas with updates
		from Per Hedeland of Ericsson.

Virtual Users/Domains

	CONFIG: add FEATURE(virtusertable) to do generalized rewriting of
		incoming addresses.  Defaults to ``hash -o /etc/virtusertable''.
		Keys are either fully qualified addresses or just the host
		part (with the @ sign).  For example, a table containing:
			info@foo.com	foo-info
			info@bar.com	bar-info
			@baz.org	jane@elsewhere.net
		would send all mail destined for info@foo.com to foo-info
		(which is presumably an alias), mail addressed to info@bar.com
		to bar-info, and anything addressed to anyone at baz.org will
		be sent to jane@elsewhere.net.  The names foo.com, bar.com,
		and baz.org must all be in $=w.  Based on discussions with
		a great many people.

Local Rulesets

	CONFIG: LOCAL_RULESETS introduces any locally defined rulesets,
		such as the check_rcpt ruleset.  Suggested by Gregory Shapiro
		of WPI.

[(links)] [Hints] [Avoiding UBE] [cf/README] [New]
Copyright © Claus Aßmann Please send comments to: <ca at sendmail.org>
Disclaimer: the information provided may be inaccurate or outdated or incomplete. Please contact me if you find an error.