O'Reilly logo

sendmail 8.13 Companion by Gregory Neil Shapiro, Claus Assmann, George Jansen, Bryan Costales

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4. Configure sendmail.cf with m4

In the cf subdirectory of the V8 sendmail source distribution, you will find the file README. It contains easy-to-understand, step-by-step instructions that will allow you to create a custom configuration file for your site. This chapter supplements that file.

What’s New with V8.13

Three new mc configuration macros have been introduced (which correspond to three new sendmail configuration file options):

  • The new confREJECT_LOG_INTERVAL mc macro (Section 4.1.1 [V8.13]) sets the new RejectLogInterval option (Section 24.1.11 [V8.13]). It specifies how often a message advising that connections are still being refused should be logged.

  • The new confREQUIRES_DIR_FSYNC mc macro (Section 4.1.2 [V8.13]) sets the new RequiresDirfsync option (Section 24.1.12 [V8.13]). It causes sendmail to change the effect if the compile-time flag REQUIRES_DIR_FSYNC (3.4.47[3ed]) at runtime.

  • The new confCONNECTION_RATE_WINDOW_SIZE mc macro (Section 4.1.3 [V8.13]) sets the new ConnectionRateWindowSize option (Section 24.1.13 [V8.13]). It defines the window of time over which a count of the number of connections is maintained in order to enable connection rate-control.

Two existing options have been given new extensions that require two new mc configuration macros:

  • The new confTO_QUEUERETURN_DSN mc macro (Section 4.1.4[V8.13]) adds a new timeout to the Timeout.queuereturn option (24.9.109.18[3ed]). This affects only normal DSN messages.

  • The new confTO_QUEUEWARN_DSN mc macro (Section 4.1.5[V8.13]) adds a new timeout to the Timeout.queuewarn option (24.9.109.19[3ed]). This affects only normal DSN messages.

One feature has been eliminated:

  • The nodns feature (4.8.29[3ed]) has been removed. It was present prior to V8.13, but has done nothing since V8.9. If you wish to disable DNS, use your service-switch file (24.9.100[3ed]).

Two features have been changed in small, but significant, ways. If you use either of them, you should note these changes:

  • The local_lmtp feature (4.8.19[3ed]) has added a third optional argument (Section 4.1.6 [V8.13]), which you may use to define additional or new command-line arguments for the mail.local program and other LMTP-enabled delivery agents (5.3[3ed]).

  • The dnsbl feature (7.2.1[3ed]) no longer uses the host database-map type to look up addresses. Instead, it uses the dns database-map type (Section 9.1.1 [V8.13]). The DNSBL_MAP_OPT mc macro (Section 9.1.1 [V8.13]) has been added to help tune the use of the dns database-map type with the dnsbl feature.

Three new features that control connections have been added:

  • The ratecontrol feature (Section 4.1.7[V8.13]) limits the incoming connection rate for specified hosts or networks.

  • The conncontrol feature (Section 4.1.8[V8.13]) limits the number of simultaneous connections from specified hosts or networks.

  • The greet_pause feature allows protection from SMTP slamming (Section 7.1.3 [V8.13]).

One new experimental feature has been added:

  • The (experimental) mtamark feature implements MTA marking by looking up TXT records in the in-addr.arpa domain (Section 7.1.4 [V8.13]).

A mc new macro has been added to enhance the use of the uucp delivery agents:

  • The LOCAL_UUCP mc macro (Section 4.1.9 [V8.13]) allows you to add new rules and rule sets to the uucp delivery agents.

confREJECT_LOG_INTERVAL

The confREJECT_LOG_INTERVAL mc configuration macro defines the logging interval used by the RejectLogInterval option. See Section 24.1.11 [V8.13] for a description of this option and the nature of the warning message that is logged.

confREQUIRES_DIR_FSYNC

The confREQUIRES_DIR_FSYNC mc configuration macro defines the RequiresDirfsync option and causes sendmail to change the effect of the compile-time flag REQUIRES_DIR_FSYNC (3.4.47[3ed]) at runtime. See Section 24.1.12 [V8.13] for a description of this new option and how it may be used.

confCONNECTION_RATE_WINDOW_SIZE

The new confCONNECTION_RATE_WINDOW_SIZE mc configuration macro defines the ConnectionRateWindowSize option as well as the window of time over which a count of the number of connections is maintained. See Section 24.1.13 [V8.13] for a description of this new option and how it may be used.

confTO_QUEUERETURN_DSN

Prior to V8.13, there were only three ways to modify the timeouts for the Timeout.queuereturn option (24.9.109.18[3ed]):

define(`confTO_QUEUERETURN_URGENT´,`timeout´)         
               
                V8.7 and later
define(`confTO_QUEUERETURN_NORMAL´,`timeout´)         
               
                V8.7 and later
define(`confTO_QUEUERETURN_NONURGENT´,`timeout´)      
               
               
                V8.7 and later

V8.13 has added a fourth way to modify that same option. If the precedence (25.10[3ed]) for the message is normal, and if the message is a DSN return message, the new Timeout.queuereturn.dsn timeout will be used:

define(`confTO_QUEUERETURN_DSN´,`timeout´)  
               
               
                V8.13 and later

See Section 24.1.15 [V8.13] for a description of this addition to an existing option and how it may be used.

confTO_QUEUEWARN_DSN

Prior to V8.13, there were only three ways to modify the timeouts for the Timeout.queuewarn option (24.9.109.19[3ed]):

define(`confTO_QUEUEWARN_URGENT´,`timeout´)        
               
                V8.7 and later
define(`confTO_QUEUEWARN_NORMAL´,`timeout´)        
               
                V8.7 and later
define(`confTO_QUEUEWARN_NONURGENT´,`timeout´)     
               
                V8.7 and later

V8.13 has added a fourth way to modify that same option. If the precedence (25.10[3ed]) for the message is normal, and if the message is a DSN return message, the new Timeout.queuewarn.dsn timeout will be used:

define(`confTO_QUEUEWARN_DSN´,`timeout´)  
               
               
                V8.13 and later

See Section 24.1.16 [V8.13] for a description of this addition to an existing option and how it may be used.

Feature local_lmtp Additional Argument

The Local Mail Transfer Protocol (LMTP) can be used to transfer mail from sendmail to the program that delivers mail to the local user. Historically, that has been a program such as /bin/mail that simply gathered a message on its standard input and wrote that message to the end of the file that the user reads. Beginning with V8.9, sendmail can speak LMTP to local delivery programs. The mail.local program (5.3[3ed]), supplied in source form with the sendmail open source distribution, is one such program, and procmail(1) is another.

The local_lmtp feature (4.8.19[3ed]) is used to enable the mail.local program. Prior to V8.13, that feature could only take one or, optionally, two arguments:

FEATURE(`local_lmtp´)
FEATURE(`local_lmtp´, `/usr/sbin/mail.local´)

Here, the first line both enables the use of the mail.local program and defines the location of that program by default, as the path /usr/libexec/mail.local. The second line supplies a second argument to the feature, which defines a different location for the program /usr/sbin/mail.local. Essentially, the second argument is supplied as the value to the P= equate (20.5.11[3ed]) for the local delivery agent.

V8.13 allows you to add a third, optional argument that supplies the command-line arguments for the mail.local program (as well as for any other program that uses LMTP, such as procmail). Essentially, the third argument is supplied as the value to the A= equate (20.5.2[3ed]). For example, the following supplies the -7 command-line switch for the mail.local program (don’t advertise 8-bit MIME support):

FEATURE(`local_lmtp´,, `mail.local -l -7´)

And the following enables procmail(1) to be used for LMTP delivery:

FEATURE(`local_lmtp´, `/mail/bin/procmail´, `procmail -Y -a $h -z´)

Note that the second argument, if unused, must be present and empty if you wish to specify a third argument. Also note that you should manually append new command-line switches to the default switches, rather than replace them.

The New ratecontrol Feature

The ratecontrol feature allows you to use the access database to control the rate at which other machines can connect to your server. The rate is based on the setting of the ConnectionRateWindowSize option (Section 24.1.13 [V8.13]), which defaults to 60 seconds. So, for example, it you want to reject more than 10 connections per minute (60 seconds) from the IP address 192.168.23.45, you would put the following into your access database source file:

               ClientRate:192.168.23.45     10

Here, if the host with the IP address 192.168.23.45 connects to your server more than 10 times in a given 60 seconds (the default window of time), the eleventh and subsequent connections during that interval will be rejected.

You enable the ratecontrol feature like this:

               FEATURE(`ratecontrol´)

But note, if you have not already declared the access database (7.5[3ed]), you must do so before declaring this new feature, or you will get the following error when building your new configuration file:

*** ERROR: FEATURE(ratecontrol) requires FEATURE(access_db)

Once you have successfully enabled this ratecontrol feature, you may use it to control the connection rate by the IP addresses of hosts or networks or to set the default limit:

ClientRate:192.168.23.45                   2
ClientRate:127.0.0.1                       0
ClientRate:                                10
ClientRate:10.5.2                          2
ClientRate:IPv6:2002:c0a8:51d2::23f4       5

Here, the first line (as you have seen) limits the number of connections from the IP address 123.45.67.89 to no more than two connections per minute (where the ConnectionRateWindowSize option, Section 24.1.13 [V8.13], is set to 60 seconds or one minute).

The second line specifies a limit of zero, which means there is no limit imposed on the rate. This is suitable for the loopback interface address (127.0.0.1), because that is where the local submission version of sendmail delivers its mail.

The third line omits the IP address entirely, thereby setting a default limit for all other IP (unspecified) addresses. Without this default setting, any unspecified address would be unlimited.

The fourth line shows how network addresses may also be limited. However, note that this does not apply to the entire network (only to individual hosts inside the network) because the values are not cumulative for a network.

The last line shows that IPV6 addresses can be specified merely by prefixing each with a literal IPv6:.

Note that the rates we show here are just examples, not recommendations. The rates you choose as limits will depend on your particular circumstances.

ratecontrol and delay checks

If you also declare the delay_checks feature (7.5.6[3ed]), rate-control checks will be delayed until after the first envelope recipient has been received. Clearly, this makes this rate-control check less useful than it should be. If you use delay_checks, you may add an additional argument to this ratecontrol feature to get it to run as early as possible despite the use of that delaying feature:

FEATURE(`ratecontrol´, `nodelay´)

Here, the nodelay is literal and prevents the delay_checks feature from having any effect on connection rate-controls. Note that if you declare both the delay_checks and ratecontrol features, the delay_checks feature must appear first in your mc file.

Terminate connections with 421

Normally, the ratecontrol feature rejects connections with a temporary error:

452 Connection rate limit exceeded

If the connecting client terminates the connection by sending an SMTP QUIT, rate-control terminates as you would expect. But if the client chooses to ignore that return value, the client will be given 4yz replies to all commands it sends until it sends an SMTP QUIT command. Clearly, this may not be acceptable at your site. If you want the excess connection rates terminated without regard to the connecting client’s other behavior, you may do so by adding a second argument to this ratecontrol feature:

FEATURE(`ratecontrol´, `nodelay´, `terminate´)
FEATURE(`ratecontrol´, , `terminate´)

Here, the terminate is literal and, when present, causes all rejected connections to be rejected with a 421 return code. Note that 421 is special, because it allows sendmail to terminate the connection without waiting for the client to send a QUIT. If you omit the nodelay first argument, you must use two commas (as in the second line of the example above) to make terminate the second argument.

The New conncontrol Feature

The conncontrol feature allows you to use the access database to control the number of simultaneous connections another machine may have to your server. The number of simultaneous connections allowed each interval is based on the setting of the ConnectionRateWindowSize option (Section 24.1.13 [V8.13]), which defaults to 60 seconds. So, for example, if you want to reject a host that has more than 10 simultaneous connections to your server (sometime in the last 60 seconds), where that host has the IP address 192.168.23.45, you would put the following into your access database source file:

               ClientConn:192.168.23.45       10

Here, if the host with the IP address 192.168.23.45 tries to set up an eleventh simultaneous connection to your server, that connection will be denied.

Enable the conncontrol feature like this:

               FEATURE(`conncontrol´)

But note, if you have not already declared the access database (7.5[3ed]), you must do so before declaring this new feature, or you will get the following error when building your new configuration file:

*** ERROR: FEATURE(conncontrol) requires FEATURE(access_db)

Once you have successfully enabled this conncontrol feature, you may use it to control the number of simultaneous connections, based on IP addresses of hosts or networks, or to set the default limit:

ClientConn:192.168.23.45                   2
ClientConn:127.0.0.1                       0
ClientConn:                                10
ClientConn:10.5.2                          2
ClientConn:IPv6:2002:c0a8:51d2::23f4       5

Here, the first line (as you have seen) limits the number of simultaneous connections from the IP address 1192.168.23.45 to two.

The second line specifies a limit of zero, which means that there is no limit imposed on the number of simultaneous connections. This is suitable for the loopback interface address (127.0.0.1), because that is where the local submission version of sendmail delivers its mail.

The third line omits the IP address entirely, thereby setting the default limit for all other IP (unspecified) addresses.

The fourth line shows how network addresses may also be limited.

The last line shows that IPV6 addresses may be specified merely by prefixing each with a literal IPv6:.

Note that the limits we show here are just examples, not recommendations. The limits you choose will depend on your particular circumstances.

conncontrol and delay checks

If you also declare the delay_checks feature (7.5.6[3ed]), connection-control checks will be delayed until after the first envelope recipient has been received. Clearly, this makes this connection check less useful than it should be. If you use delay_checks, you may add an additional argument to this conncontrol feature to get it to run as early as possible despite the use of that delaying feature:

FEATURE(`conncontrol´, `nodelay´)

Here, the nodelay is literal and prevents the delay_checks feature from having any effect on connection-controls. Note that if you declare both the delay_checks and conncontrol features, the delay_checks feature must appear first in your mc file.

Terminate connections with 421

Normally, the conncontrol feature rejects connections with a temporary error:

452 Too many open connections

If the connecting client terminates the connection by sending an SMTP QUIT, connection-control terminates as you would expect. But if the client chooses to ignore that return value, the client will be given 4yz replies to all commands it sends until it sends an SMTP QUIT command. Clearly, this may not be acceptable at your site. If you want the connection terminated without regard to the connecting client’s behavior, you may do so by adding a second argument to this conncontrol feature:

FEATURE(`conncontrol´, `nodelay´, `terminate´)
FEATURE(`conncontrol´,  ,`terminate´)

Here, the terminate is literal and, when present, causes all rejected connections to be rejected with a 421 return code. Note that 421 is special, because it allows sendmail to terminate the connection without waiting for the client to send a QUIT. If you omit the nodelay first argument, you must use two commas (as in the second line of the example above) to make terminate the second argument.

The LOCAL_UUCP mc Macro

Use of UUCP is enabled by declaring the uucp delivery agent (20.4.15[3ed]):

MAILER(`uucp´)

This mc file declaration causes delivery agents, rules, and rule sets to be added to your configuration file so that UUCP mail may be handled.

Inside the parse rule set 0, rules are added that select UUCP delivery agents. First, locally connected UUCP addresses are detected and the appropriate UUCP delivery agent is selected based on each such address found. Addresses in the class $=Z select the uucp-uudom delivery agent. Addresses in the class $=Y select the uucp-new delivery agent. And addresses in the class $=U select the uucp-old delivery agent.

Next, rules are included (which will be added to your sendmail configuration file) that detect remotely connected UUCP addresses.

But if you need to add rules between these two phases (between the detection of local UUCP addresses and remote UUCP addresses), you may do so by utilizing this new LOCAL_UUCP mc macro. For example, the following mc file entry:

               LOCAL_UUCP
               R$* < @ $={ServerUUCP} . UUCP. > $*        $#uucp-uudom $@ $2 $: $1 < @ $2 .UUCP.> $3

causes the above new rule to be added to the parse rule set 0 in the location shown here:

# resolve locally connected UUCP links
... 
                                                
               
               
                New rules added here.
# resolve remotely connected UUCP links (if any)

Note that the LOCAL_UUCP mc macro is not intended for casual use. It should only be used to solve special UUCP needs that cannot be solved using more conventional means.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required