|
|
| |
SENDMAIL(1) |
FreeBSD General Commands Manual |
SENDMAIL(1) |
sendmail - Postfix to Sendmail compatibility interface
sendmail [option ...] [recipient ...]
mailq
sendmail -bp
newaliases
sendmail -I
The Postfix sendmail(1) command implements the Postfix to Sendmail
compatibility interface. For the sake of compatibility with existing
applications, some Sendmail command-line options are recognized but silently
ignored.
By default, Postfix sendmail(1) reads a message from
standard input until EOF or until it reads a line with only a .
character, and arranges for delivery. Postfix sendmail(1) relies on
the postdrop(1) command to create a queue file in the maildrop
directory.
Specific command aliases are provided for other common modes of
operation:
- mailq
- List the mail queue. Each entry shows the queue file ID, message size,
arrival time, sender, and the recipients that still need to be delivered.
If mail could not be delivered upon the last attempt, the reason for
failure is shown. The queue ID string is followed by an optional status
character:
- *
- The message is in the active queue, i.e. the message is selected
for delivery.
- !
- The message is in the hold queue, i.e. no further delivery attempt
will be made until the mail is taken off hold.
- #
- The message is forced to expire. See the postsuper(1) options
-e or -f.
- This mode of operation is implemented by executing the postqueue(1)
command.
- newaliases
- Initialize the alias database. If no input file is specified (with the
-oA option, see below), the program processes the file(s) specified
with the alias_database configuration parameter. If no alias
database type is specified, the program uses the type specified with the
default_database_type configuration parameter. This mode of
operation is implemented by running the postalias(1) command.
Note: it may take a minute or so before an alias database
update becomes visible. Use the "postfix reload"
command to eliminate this delay.
These and other features can be selected by specifying the
appropriate combination of command-line options. Some features are
controlled by parameters in the main.cf configuration file.
The following options are recognized:
- -Am (ignored)
- -Ac (ignored)
- Postfix sendmail uses the same configuration file regardless of whether or
not a message is an initial submission.
- -B body_type
- The message body MIME type: 7BIT or 8BITMIME.
- -bd
- Go into daemon mode. This mode of operation is implemented by executing
the "postfix start" command.
- -bh (ignored)
- -bH (ignored)
- Postfix has no persistent host status database.
- -bi
- Initialize alias database. See the newaliases command above.
- -bl
- Go into daemon mode. To accept only local connections as with Sendmail's
-bl option, specify "inet_interfaces =
loopback" in the Postfix main.cf configuration file.
- -bm
- Read mail from standard input and arrange for delivery. This is the
default mode of operation.
- -bp
- List the mail queue. See the mailq command above.
- -bs
- Stand-alone SMTP server mode. Read SMTP commands from standard input, and
write responses to standard output. In stand-alone SMTP server mode, mail
relaying and other access controls are disabled by default. To enable
them, run the process as the mail_owner user.
This mode of operation is implemented by running the
smtpd(8) daemon.
- -bv
- Do not collect or deliver a message. Instead, send an email report after
verifying each recipient address. This is useful for testing address
rewriting and routing configurations.
This feature is available in Postfix version 2.1 and
later.
- -C config_file
- -C config_dir
- The path name of the Postfix main.cf file, or of its parent
directory. This information is ignored with Postfix versions before 2.3.
With Postfix version 3.2 and later, a non-default directory
must be authorized in the default main.cf file, through the
alternate_config_directories or multi_instance_directories
parameters.
With all Postfix versions, you can specify a directory
pathname with the MAIL_CONFIG environment variable to override the
location of configuration files.
- -F full_name
- Set the sender full name. This overrides the NAME environment variable,
and is used only with messages that have no From: message
header.
- -f sender
- Set the envelope sender address. This is the address where delivery
problems are sent to. With Postfix versions before 2.1, the
Errors-To: message header overrides the error return address.
- -G
- Gateway (relay) submission, as opposed to initial user submission. Either
do not rewrite addresses at all, or update incomplete addresses with the
domain information specified with remote_header_rewrite_domain.
This option is ignored before Postfix version 2.3.
- -h hop_count (ignored)
- Hop count limit. Use the hopcount_limit configuration parameter
instead.
- -I
- Initialize alias database. See the newaliases command above.
- -i
- When reading a message from standard input, don't treat a line with only a
. character as the end of input.
- -L label (ignored)
- The logging label. Use the syslog_name configuration parameter
instead.
- -m (ignored)
- Backwards compatibility.
- -N dsn (default: 'delay, failure')
- Delivery status notification control. Specify either a comma-separated
list with one or more of failure (send notification when delivery
fails), delay (send notification when delivery is delayed), or
success (send notification when the message is delivered); or
specify never (don't send any notifications at all).
This feature is available in Postfix 2.3 and later.
- -n (ignored)
- Backwards compatibility.
- -oAalias_database
- Non-default alias database. Specify pathname or
type:pathname. See postalias(1) for details.
- -O option=value (ignored)
- Set the named option to value. Use the equivalent
configuration parameter in main.cf instead.
- -o7 (ignored)
- -o8 (ignored)
- To send 8-bit or binary content, use an appropriate MIME encapsulation and
specify the appropriate -B command-line option.
- -oi
- When reading a message from standard input, don't treat a line with only a
. character as the end of input.
- -om (ignored)
- The sender is never eliminated from alias etc. expansions.
- -o x value (ignored)
- Set option x to value. Use the equivalent configuration
parameter in main.cf instead.
- -r sender
- Set the envelope sender address. This is the address where delivery
problems are sent to. With Postfix versions before 2.1, the
Errors-To: message header overrides the error return address.
- -R return
- Delivery status notification control. Specify "hdrs" to return
only the header when a message bounces, "full" to return a full
copy (the default behavior).
The -R option specifies an upper bound; Postfix will
return only the header, when a full copy would exceed the
bounce_size_limit setting.
This option is ignored before Postfix version 2.10.
- -q
- Attempt to deliver all queued mail. This is implemented by executing the
postqueue(1) command.
Warning: flushing undeliverable mail frequently will result in
poor delivery performance of all other mail.
- -qinterval (ignored)
- The interval between queue runs. Use the queue_run_delay
configuration parameter instead.
- -qIqueueid
- Schedule immediate delivery of mail with the specified queue ID. This
option is implemented by executing the postqueue(1) command, and is
available with Postfix version 2.4 and later.
- -qRsite
- Schedule immediate delivery of all mail that is queued for the named
site. This option accepts only site names that are eligible
for the "fast flush" service, and is implemented by executing
the postqueue(1) command. See flush(8) for more information
about the "fast flush" service.
- -qSsite
- This command is not implemented. Use the slower "sendmail
-q" command instead.
- -t
- Extract recipients from message headers. These are added to any recipients
specified on the command line.
With Postfix versions prior to 2.1, this option requires that
no recipient addresses are specified on the command line.
- -U (ignored)
- Initial user submission.
- -V envid
- Specify the envelope ID for notification by servers that support DSN.
This feature is available in Postfix 2.3 and later.
- -XV (Postfix 2.2 and earlier: -V)
- Variable Envelope Return Path. Given an envelope sender address of the
form owner-listname@origin, each recipient
user@domain receives mail with a personalized envelope
sender address.
By default, the personalized envelope sender address is
owner-listname+user=domain@origin.
The default + and = characters are configurable with the
default_verp_delimiters configuration parameter.
- -XVxy (Postfix 2.2 and earlier: -Vxy)
- As -XV, but uses x and y as the VERP delimiter
characters, instead of the characters specified with the
default_verp_delimiters configuration parameter.
- -v
- Send an email report of the first delivery attempt (Postfix versions 2.1
and later). Mail delivery always happens in the background. When multiple
-v options are given, enable verbose logging for debugging
purposes.
- -X log_file (ignored)
- Log mailer traffic. Use the debug_peer_list and
debug_peer_level configuration parameters instead.
By design, this program is not set-user (or group) id. It is prepared to handle
message content from untrusted, possibly remote, users.
However, like most Postfix programs, this program does not enforce
a security policy on its command-line arguments. Instead, it relies on the
UNIX system to enforce access policies based on the effective user and group
IDs of the process. Concretely, this means that running Postfix commands as
root (from sudo or equivalent) on behalf of a non-root user is likely to
create privilege escalation opportunities.
If an application runs any Postfix programs on behalf of users
that do not have normal shell access to Postfix commands, then that
application MUST restrict user-specified command-line arguments to avoid
privilege escalation.
- Filter all command-line arguments, for example arguments that contain a
pathname or that specify a database access method. These pathname checks
must reject user-controlled symlinks or hardlinks to sensitive files, and
must not be vulnerable to TOCTOU race attacks.
- Disable command options processing for all command arguments that contain
user-specified data. For example, the Postfix sendmail(1) command
line MUST be structured as follows:
/path/to/sendmail system-arguments -- user-arguments
Here, the "--" disables command option
processing for all user-arguments that follow.
- Without the "--", a malicious user could enable Postfix
sendmail(1) command options, by specifying an email address that
starts with "-".
Problems are logged to syslogd(8) or postlogd(8), and to the
standard error stream.
- MAIL_CONFIG
- Directory with Postfix configuration files.
- MAIL_VERBOSE (value does not matter)
- Enable verbose logging for debugging purposes.
- MAIL_DEBUG (value does not matter)
- Enable debugging with an external command, as specified with the
debugger_command configuration parameter.
- NAME
- The sender full name. This is used only with messages that have no
From: message header. See also the -F option above.
The following main.cf parameters are especially relevant to this program.
The text below provides only a parameter summary. See postconf(5) for
more details including examples.
Available with Postfix 2.9 and later:
- sendmail_fix_line_endings (always)
- Controls how the Postfix sendmail command converts email message line
endings from <CR><LF> into UNIX format (<LF>).
The DEBUG_README file gives examples of how to troubleshoot a Postfix system.
- debugger_command (empty)
- The external command to execute when a Postfix daemon program is invoked
with the -D option.
- debug_peer_level (2)
- The increment in verbose logging level when a nexthop destination, remote
client or server name or network address matches a pattern given with the
debug_peer_list parameter.
- debug_peer_list (empty)
- Optional list of nexthop destination, remote client or server name or
network address patterns that, if matched, cause the verbose logging level
to increase by the amount specified in $debug_peer_level.
Available in Postfix version 2.2 and later:
- authorized_flush_users (static:anyone)
- List of users who are authorized to flush the queue.
- authorized_mailq_users (static:anyone)
- List of users who are authorized to view the queue.
- authorized_submit_users (static:anyone)
- List of users who are authorized to submit mail with the
sendmail(1) command (and with the privileged postdrop(1)
helper command).
- bounce_size_limit (50000)
- The maximal amount of original message text that is sent in a non-delivery
notification.
- fork_attempts (5)
- The maximal number of attempts to fork() a child process.
- fork_delay (1s)
- The delay between attempts to fork() a child process.
- hopcount_limit (50)
- The maximal number of Received: message headers that is allowed in the
primary message headers.
- queue_run_delay (300s)
- The time between deferred queue scans by the queue manager; prior to
Postfix 2.4 the default value was 1000s.
The ETRN_README file describes configuration and operation details for the
Postfix "fast flush" service.
- fast_flush_domains ($relay_domains)
- Optional list of destinations that are eligible for per-destination
logfiles with mail that is queued to those destinations.
The VERP_README file describes configuration and operation details of Postfix
support for variable envelope return path addresses.
- default_verp_delimiters (+=)
- The two default VERP delimiter characters.
- verp_delimiter_filter (-=+)
- The characters Postfix accepts as VERP delimiter characters on the Postfix
sendmail(1) command line and in SMTP commands.
- alias_database (see 'postconf -d' output)
- The alias databases for local(8) delivery that are updated with
"newaliases" or with "sendmail
-bi".
- command_directory (see 'postconf -d' output)
- The location of all postfix administrative commands.
- config_directory (see 'postconf -d' output)
- The default location of the Postfix main.cf and master.cf configuration
files.
- daemon_directory (see 'postconf -d' output)
- The directory with Postfix support programs and daemon programs.
- default_database_type (see 'postconf -d' output)
- The default database type for use in newaliases(1),
postalias(1) and postmap(1) commands.
- delay_warning_time (0h)
- The time after which the sender receives a copy of the message headers of
mail that is still queued.
- import_environment (see 'postconf -d' output)
- The list of environment variables that a privileged Postfix process will
import from a non-Postfix parent process, or name=value environment
overrides.
- mail_owner (postfix)
- The UNIX system account that owns the Postfix queue and most Postfix
daemon processes.
- queue_directory (see 'postconf -d' output)
- The location of the Postfix top-level queue directory.
- remote_header_rewrite_domain (empty)
- Don't rewrite message headers from remote clients at all when this
parameter is empty; otherwise, rewrite message headers and append the
specified domain name to incomplete addresses.
- syslog_facility (mail)
- The syslog facility of Postfix logging.
- syslog_name (see 'postconf -d' output)
- A prefix that is prepended to the process name in syslog records, so that,
for example, "smtpd" becomes "prefix/smtpd".
Postfix 3.2 and later:
- alternate_config_directories (empty)
- A list of non-default Postfix configuration directories that may be
specified with "-c config_directory" on the command line (in the
case of sendmail(1), with the "-C" option), or via the
MAIL_CONFIG environment parameter.
- multi_instance_directories (empty)
- An optional list of non-default Postfix configuration directories; these
directories belong to additional Postfix instances that share the Postfix
executable files and documentation with the default Postfix instance, and
that are started, stopped, etc., together with the default Postfix
instance.
/var/spool/postfix, mail queue
/usr/local/etc/postfix, configuration files
pickup(8), mail pickup daemon
qmgr(8), queue manager
smtpd(8), SMTP server
flush(8), fast flush service
postsuper(1), queue maintenance
postalias(1), create/update/query alias database
postdrop(1), mail posting utility
postfix(1), mail system control
postqueue(1), mail queue control
postlogd(8), Postfix logging
syslogd(8), system logging
Use "postconf readme_directory" or "postconf
html_directory" to locate this information.
DEBUG_README, Postfix debugging howto
ETRN_README, Postfix ETRN howto
VERP_README, Postfix VERP howto
The Secure Mailer license must be distributed with this software.
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
Visit the GSP FreeBSD Man Page Interface. Output converted with ManDoc. |