diff options
Diffstat (limited to '')
-rw-r--r-- | man/man1/sendmail.1 | 512 |
1 files changed, 512 insertions, 0 deletions
diff --git a/man/man1/sendmail.1 b/man/man1/sendmail.1 new file mode 100644 index 0000000..22affe6 --- /dev/null +++ b/man/man1/sendmail.1 @@ -0,0 +1,512 @@ +.TH SENDMAIL 1 +.ad +.fi +.SH NAME +sendmail +\- +Postfix to Sendmail compatibility interface +.SH "SYNOPSIS" +.na +.nf +\fBsendmail\fR [\fIoption ...\fR] [\fIrecipient ...\fR] + +\fBmailq\fR +\fBsendmail \-bp\fR + +\fBnewaliases\fR +\fBsendmail \-I\fR +.SH DESCRIPTION +.ad +.fi +The Postfix \fBsendmail\fR(1) command implements the Postfix +to Sendmail compatibility interface. +For the sake of compatibility with existing applications, some +Sendmail command\-line options are recognized but silently ignored. + +By default, Postfix \fBsendmail\fR(1) reads a message from +standard input +until EOF or until it reads a line with only a \fB.\fR character, +and arranges for delivery. Postfix \fBsendmail\fR(1) relies on the +\fBpostdrop\fR(1) command to create a queue file in the \fBmaildrop\fR +directory. + +Specific command aliases are provided for other common modes of +operation: +.IP \fBmailq\fR +List the mail queue. Each entry shows the queue file ID, message +size, arrival time, sender, and the recipients that still need to +be delivered. If mail could not be delivered upon the last attempt, +the reason for failure is shown. The queue ID string is +followed by an optional status character: +.RS +.IP \fB*\fR +The message is in the \fBactive\fR queue, i.e. the message is +selected for delivery. +.IP \fB!\fR +The message is in the \fBhold\fR queue, i.e. no further delivery +attempt will be made until the mail is taken off hold. +.IP \fB#\fR +The message is forced to expire. See the \fBpostsuper\fR(1) +options \fB\-e\fR or \fB\-f\fR. +.RE +.IP +This mode of operation is implemented by executing the +\fBpostqueue\fR(1) command. +.IP \fBnewaliases\fR +Initialize the alias database. If no input file is specified (with +the \fB\-oA\fR option, see below), the program processes the file(s) +specified with the \fBalias_database\fR configuration parameter. +If no alias database type is specified, the program uses the type +specified with the \fBdefault_database_type\fR configuration parameter. +This mode of operation is implemented by running the \fBpostalias\fR(1) +command. +.sp +Note: it may take a minute or so before an alias database update +becomes visible. Use the "\fBpostfix reload\fR" command to eliminate +this delay. +.PP +These and other features can be selected by specifying the +appropriate combination of command\-line options. Some features are +controlled by parameters in the \fBmain.cf\fR configuration file. + +The following options are recognized: +.IP "\fB\-Am\fR (ignored)" +.IP "\fB\-Ac\fR (ignored)" +Postfix sendmail uses the same configuration file regardless of +whether or not a message is an initial submission. +.IP "\fB\-B \fIbody_type\fR" +The message body MIME type: \fB7BIT\fR or \fB8BITMIME\fR. +.IP \fB\-bd\fR +Go into daemon mode. This mode of operation is implemented by +executing the "\fBpostfix start\fR" command. +.IP "\fB\-bh\fR (ignored)" +.IP "\fB\-bH\fR (ignored)" +Postfix has no persistent host status database. +.IP \fB\-bi\fR +Initialize alias database. See the \fBnewaliases\fR +command above. +.IP \fB\-bl\fR +Go into daemon mode. To accept only local connections as +with Sendmail's \fB\-bl\fR option, specify "\fBinet_interfaces += loopback\fR" in the Postfix \fBmain.cf\fR configuration +file. +.IP \fB\-bm\fR +Read mail from standard input and arrange for delivery. +This is the default mode of operation. +.IP \fB\-bp\fR +List the mail queue. See the \fBmailq\fR command above. +.IP \fB\-bs\fR +Stand\-alone SMTP server mode. Read SMTP commands from +standard input, and write responses to standard output. +In stand\-alone SMTP server mode, mail relaying and other +access controls are disabled by default. To enable them, +run the process as the \fBmail_owner\fR user. +.sp +This mode of operation is implemented by running the +\fBsmtpd\fR(8) daemon. +.IP \fB\-bv\fR +Do not collect or deliver a message. Instead, send an email +report after verifying each recipient address. This is useful +for testing address rewriting and routing configurations. +.sp +This feature is available in Postfix version 2.1 and later. +.IP "\fB\-C \fIconfig_file\fR" +.IP "\fB\-C \fIconfig_dir\fR" +The path name of the Postfix \fBmain.cf\fR file, or of its +parent directory. This information is ignored with Postfix +versions before 2.3. + +With Postfix version 3.2 and later, a non\-default directory +must be authorized in the default \fBmain.cf\fR file, through +the alternate_config_directories or multi_instance_directories +parameters. + +With all Postfix versions, you can specify a directory pathname +with the MAIL_CONFIG environment variable to override the +location of configuration files. +.IP "\fB\-F \fIfull_name\fR" +Set the sender full name. This overrides the NAME environment +variable, and is used only with messages that +have no \fBFrom:\fR message header. +.IP "\fB\-f \fIsender\fR" +Set the envelope sender address. This is the address where +delivery problems are sent to. With Postfix versions before 2.1, the +\fBErrors\-To:\fR message header overrides the error return address. +.IP \fB\-G\fR +Gateway (relay) submission, as opposed to initial user +submission. Either do not rewrite addresses at all, or +update incomplete addresses with the domain information +specified with \fBremote_header_rewrite_domain\fR. + +This option is ignored before Postfix version 2.3. +.IP "\fB\-h \fIhop_count\fR (ignored)" +Hop count limit. Use the \fBhopcount_limit\fR configuration +parameter instead. +.IP \fB\-I\fR +Initialize alias database. See the \fBnewaliases\fR +command above. +.IP "\fB\-i\fR" +When reading a message from standard input, don't treat a line +with only a \fB.\fR character as the end of input. +.IP "\fB\-L \fIlabel\fR (ignored)" +The logging label. Use the \fBsyslog_name\fR configuration +parameter instead. +.IP "\fB\-m\fR (ignored)" +Backwards compatibility. +.IP "\fB\-N \fIdsn\fR (default: 'delay, failure')" +Delivery status notification control. Specify either a +comma\-separated list with one or more of \fBfailure\fR (send +notification when delivery fails), \fBdelay\fR (send +notification when delivery is delayed), or \fBsuccess\fR +(send notification when the message is delivered); or specify +\fBnever\fR (don't send any notifications at all). + +This feature is available in Postfix 2.3 and later. +.IP "\fB\-n\fR (ignored)" +Backwards compatibility. +.IP "\fB\-oA\fIalias_database\fR" +Non\-default alias database. Specify \fIpathname\fR or +\fItype\fR:\fIpathname\fR. See \fBpostalias\fR(1) for +details. +.IP "\fB\-O \fIoption=value\fR (ignored)" +Set the named \fIoption\fR to \fIvalue\fR. Use the equivalent +configuration parameter in \fBmain.cf\fR instead. +.IP "\fB\-o7\fR (ignored)" +.IP "\fB\-o8\fR (ignored)" +To send 8\-bit or binary content, use an appropriate MIME encapsulation +and specify the appropriate \fB\-B\fR command\-line option. +.IP "\fB\-oi\fR" +When reading a message from standard input, don't treat a line +with only a \fB.\fR character as the end of input. +.IP "\fB\-om\fR (ignored)" +The sender is never eliminated from alias etc. expansions. +.IP "\fB\-o \fIx value\fR (ignored)" +Set option \fIx\fR to \fIvalue\fR. Use the equivalent +configuration parameter in \fBmain.cf\fR instead. +.IP "\fB\-r \fIsender\fR" +Set the envelope sender address. This is the address where +delivery problems are sent to. With Postfix versions before 2.1, the +\fBErrors\-To:\fR message header overrides the error return address. +.IP "\fB\-R \fIreturn\fR" +Delivery status notification control. Specify "hdrs" to +return only the header when a message bounces, "full" to +return a full copy (the default behavior). + +The \fB\-R\fR option specifies an upper bound; Postfix will +return only the header, when a full copy would exceed the +bounce_size_limit setting. + +This option is ignored before Postfix version 2.10. +.IP \fB\-q\fR +Attempt to deliver all queued mail. This is implemented by +executing the \fBpostqueue\fR(1) command. + +Warning: flushing undeliverable mail frequently will result in +poor delivery performance of all other mail. +.IP "\fB\-q\fIinterval\fR (ignored)" +The interval between queue runs. Use the \fBqueue_run_delay\fR +configuration parameter instead. +.IP \fB\-qI\fIqueueid\fR +Schedule immediate delivery of mail with the specified queue +ID. This option is implemented by executing the +\fBpostqueue\fR(1) command, and is available with Postfix +version 2.4 and later. +.IP \fB\-qR\fIsite\fR +Schedule immediate delivery of all mail that is queued for the named +\fIsite\fR. This option accepts only \fIsite\fR names that are +eligible for the "fast flush" service, and is implemented by +executing the \fBpostqueue\fR(1) command. +See \fBflush\fR(8) for more information about the "fast flush" +service. +.IP \fB\-qS\fIsite\fR +This command is not implemented. Use the slower "\fBsendmail \-q\fR" +command instead. +.IP \fB\-t\fR +Extract recipients from message headers. These are added to any +recipients specified on the command line. + +With Postfix versions prior to 2.1, this option requires that +no recipient addresses are specified on the command line. +.IP "\fB\-U\fR (ignored)" +Initial user submission. +.IP "\fB\-V \fIenvid\fR" +Specify the envelope ID for notification by servers that +support DSN. + +This feature is available in Postfix 2.3 and later. +.IP "\fB\-XV\fR (Postfix 2.2 and earlier: \fB\-V\fR)" +Variable Envelope Return Path. Given an envelope sender address +of the form \fIowner\-listname\fR@\fIorigin\fR, each recipient +\fIuser\fR@\fIdomain\fR receives mail with a personalized envelope +sender address. +.sp +By default, the personalized envelope sender address is +\fIowner\-listname\fB+\fIuser\fB=\fIdomain\fR@\fIorigin\fR. The default +\fB+\fR and \fB=\fR characters are configurable with the +\fBdefault_verp_delimiters\fR configuration parameter. +.IP "\fB\-XV\fIxy\fR (Postfix 2.2 and earlier: \fB\-V\fIxy\fR)" +As \fB\-XV\fR, but uses \fIx\fR and \fIy\fR as the VERP delimiter +characters, instead of the characters specified with the +\fBdefault_verp_delimiters\fR configuration parameter. +.IP \fB\-v\fR +Send an email report of the first delivery attempt (Postfix +versions 2.1 and later). Mail delivery +always happens in the background. When multiple \fB\-v\fR +options are given, enable verbose logging for debugging purposes. +.IP "\fB\-X \fIlog_file\fR (ignored)" +Log mailer traffic. Use the \fBdebug_peer_list\fR and +\fBdebug_peer_level\fR configuration parameters instead. +.SH "SECURITY" +.na +.nf +.ad +.fi +By design, this program is not set\-user (or group) id. +It is prepared to handle message content from untrusted, +possibly remote, users. + +However, like most Postfix programs, this program does not +enforce a security policy on its command\-line arguments. +Instead, it relies on the UNIX system to enforce access +policies based on the effective user and group IDs of the +process. Concretely, this means that running Postfix commands +as root (from sudo or equivalent) on behalf of a non\-root +user is likely to create privilege escalation opportunities. + +If an application runs any Postfix programs on behalf of +users that do not have normal shell access to Postfix +commands, then that application MUST restrict user\-specified +command\-line arguments to avoid privilege escalation. +.IP \(bu +Filter all command\-line arguments, for example arguments +that contain a pathname or that specify a database access +method. These pathname checks must reject user\-controlled +symlinks or hardlinks to sensitive files, and must not be +vulnerable to TOCTOU race attacks. +.IP \(bu +Disable command options processing for all command arguments +that contain user\-specified data. For example, the Postfix +\fBsendmail\fR(1) command line MUST be structured as follows: + +.nf + \fB/path/to/sendmail\fR \fIsystem\-arguments\fR \fB\-\-\fR \fIuser\-arguments\fR +.fi + +Here, the "\fB\-\-\fR" disables command option processing for +all \fIuser\-arguments\fR that follow. +.IP +Without the "\fB\-\-\fR", a malicious user could enable Postfix +\fBsendmail\fR(1) command options, by specifying an email +address that starts with "\fB\-\fR". +.SH DIAGNOSTICS +.ad +.fi +Problems are logged to \fBsyslogd\fR(8) or \fBpostlogd\fR(8), +and to the standard error stream. +.SH "ENVIRONMENT" +.na +.nf +.ad +.fi +.IP \fBMAIL_CONFIG\fR +Directory with Postfix configuration files. +.IP "\fBMAIL_VERBOSE\fR (value does not matter)" +Enable verbose logging for debugging purposes. +.IP "\fBMAIL_DEBUG\fR (value does not matter)" +Enable debugging with an external command, as specified with the +\fBdebugger_command\fR configuration parameter. +.IP \fBNAME\fR +The sender full name. This is used only with messages that +have no \fBFrom:\fR message header. See also the \fB\-F\fR +option above. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this program. +The text below provides only a parameter summary. See +\fBpostconf\fR(5) for more details including examples. +.SH "COMPATIBILITY CONTROLS" +.na +.nf +.ad +.fi +Available with Postfix 2.9 and later: +.IP "\fBsendmail_fix_line_endings (always)\fR" +Controls how the Postfix sendmail command converts email message +line endings from <CR><LF> into UNIX format (<LF>). +.SH "TROUBLE SHOOTING CONTROLS" +.na +.nf +.ad +.fi +The DEBUG_README file gives examples of how to troubleshoot a +Postfix system. +.IP "\fBdebugger_command (empty)\fR" +The external command to execute when a Postfix daemon program is +invoked with the \-D option. +.IP "\fBdebug_peer_level (2)\fR" +The increment in verbose logging level when a nexthop destination, +remote client or server name or network address matches a pattern +given with the debug_peer_list parameter. +.IP "\fBdebug_peer_list (empty)\fR" +Optional list of nexthop destination, remote client or server +name or network address patterns that, if matched, cause the verbose +logging level to increase by the amount specified in $debug_peer_level. +.SH "ACCESS CONTROLS" +.na +.nf +.ad +.fi +Available in Postfix version 2.2 and later: +.IP "\fBauthorized_flush_users (static:anyone)\fR" +List of users who are authorized to flush the queue. +.IP "\fBauthorized_mailq_users (static:anyone)\fR" +List of users who are authorized to view the queue. +.IP "\fBauthorized_submit_users (static:anyone)\fR" +List of users who are authorized to submit mail with the \fBsendmail\fR(1) +command (and with the privileged \fBpostdrop\fR(1) helper command). +.SH "RESOURCE AND RATE CONTROLS" +.na +.nf +.ad +.fi +.IP "\fBbounce_size_limit (50000)\fR" +The maximal amount of original message text that is sent in a +non\-delivery notification. +.IP "\fBfork_attempts (5)\fR" +The maximal number of attempts to fork() a child process. +.IP "\fBfork_delay (1s)\fR" +The delay between attempts to fork() a child process. +.IP "\fBhopcount_limit (50)\fR" +The maximal number of Received: message headers that is allowed +in the primary message headers. +.IP "\fBqueue_run_delay (300s)\fR" +The time between deferred queue scans by the queue manager; +prior to Postfix 2.4 the default value was 1000s. +.SH "FAST FLUSH CONTROLS" +.na +.nf +.ad +.fi +The ETRN_README file describes configuration and operation +details for the Postfix "fast flush" service. +.IP "\fBfast_flush_domains ($relay_domains)\fR" +Optional list of destinations that are eligible for per\-destination +logfiles with mail that is queued to those destinations. +.SH "VERP CONTROLS" +.na +.nf +.ad +.fi +The VERP_README file describes configuration and operation +details of Postfix support for variable envelope return +path addresses. +.IP "\fBdefault_verp_delimiters (+=)\fR" +The two default VERP delimiter characters. +.IP "\fBverp_delimiter_filter (\-=+)\fR" +The characters Postfix accepts as VERP delimiter characters on the +Postfix \fBsendmail\fR(1) command line and in SMTP commands. +.SH "MISCELLANEOUS CONTROLS" +.na +.nf +.ad +.fi +.IP "\fBalias_database (see 'postconf -d' output)\fR" +The alias databases for \fBlocal\fR(8) delivery that are updated with +"\fBnewaliases\fR" or with "\fBsendmail \-bi\fR". +.IP "\fBcommand_directory (see 'postconf -d' output)\fR" +The location of all postfix administrative commands. +.IP "\fBconfig_directory (see 'postconf -d' output)\fR" +The default location of the Postfix main.cf and master.cf +configuration files. +.IP "\fBdaemon_directory (see 'postconf -d' output)\fR" +The directory with Postfix support programs and daemon programs. +.IP "\fBdefault_database_type (see 'postconf -d' output)\fR" +The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1) +and \fBpostmap\fR(1) commands. +.IP "\fBdelay_warning_time (0h)\fR" +The time after which the sender receives a copy of the message +headers of mail that is still queued. +.IP "\fBimport_environment (see 'postconf -d' output)\fR" +The list of environment variables that a privileged Postfix +process will import from a non\-Postfix parent process, or name=value +environment overrides. +.IP "\fBmail_owner (postfix)\fR" +The UNIX system account that owns the Postfix queue and most Postfix +daemon processes. +.IP "\fBqueue_directory (see 'postconf -d' output)\fR" +The location of the Postfix top\-level queue directory. +.IP "\fBremote_header_rewrite_domain (empty)\fR" +Don't rewrite message headers from remote clients at all when +this parameter is empty; otherwise, rewrite message headers and +append the specified domain name to incomplete addresses. +.IP "\fBsyslog_facility (mail)\fR" +The syslog facility of Postfix logging. +.IP "\fBsyslog_name (see 'postconf -d' output)\fR" +A prefix that is prepended to the process name in syslog +records, so that, for example, "smtpd" becomes "prefix/smtpd". +.PP +Postfix 3.2 and later: +.IP "\fBalternate_config_directories (empty)\fR" +A list of non\-default Postfix configuration directories that may +be specified with "\-c config_directory" on the command line (in the +case of \fBsendmail\fR(1), with the "\-C" option), or via the MAIL_CONFIG +environment parameter. +.IP "\fBmulti_instance_directories (empty)\fR" +An optional list of non\-default Postfix configuration directories; +these directories belong to additional Postfix instances that share +the Postfix executable files and documentation with the default +Postfix instance, and that are started, stopped, etc., together +with the default Postfix instance. +.SH "FILES" +.na +.nf +/var/spool/postfix, mail queue +/etc/postfix, configuration files +.SH "SEE ALSO" +.na +.nf +pickup(8), mail pickup daemon +qmgr(8), queue manager +smtpd(8), SMTP server +flush(8), fast flush service +postsuper(1), queue maintenance +postalias(1), create/update/query alias database +postdrop(1), mail posting utility +postfix(1), mail system control +postqueue(1), mail queue control +postlogd(8), Postfix logging +syslogd(8), system logging +.SH "README_FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +DEBUG_README, Postfix debugging howto +ETRN_README, Postfix ETRN howto +VERP_README, Postfix VERP howto +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA |