sendmail(1M)

A mode selected from those described in the "Modes" subsection below. Only one mode can be specified. The default is -bm.

The address of a recipient. Several addresses can be specified.

A flag selected from those described in the "Flags" subsection below. Several flags can be specified.

Go into ARPANET mode. All input lines must end with a CR-LF, and all messages will be generated with a CR-LF at the end. Also, the ``From:'' and ``Sender:'' fields are examined for the name of the sender.

Run as a daemon. sendmail will fork and run in background listening on socket 25 for incoming SMTP connections.

Run as a daemon, but run in foreground.

Print the persistent host status database.

Purge the persistent host status database.

Initialize the alias database for the mail aliases file. newaliases is identical to sendmail -bi. See newaliases(1M).

Deliver mail in the usual way (default).

Print a listing of the mail queue. mailq is identical to sendmail -bp. See mailq(1).

Use the SMTP protocol as described in RFC821 on standard input and output. This flag implies all the operations of the ba flag that are compatible with SMTP.

Run in address test mode. This mode reads addresses and shows the steps in parsing; it is used for debugging configuration tables.

Verify names only; i.e, do not try to collect or deliver a message. Verify mode is normally used for validating users or mailing lists.

Use the submit.cf file even if the operation mode does not indicate an initial mail submission.

Use the sendmail.cf file even if the operation mode indicates an initial mail submission.

Set the body type. type can be either 7BIT or 8BITMIME.

Use alternate configuration file. sendmail refuses to run as root if an alternate configuration file is specified.

Set debugging value to X. X can also be of the form category.level (eg; -d56.12). A low level or category produces less output; but a high level or category produces more output. The default for category is 0 and that for level is 1.

Set the full name of the sender.

Set the name of the ``from'' person (i.e., the sender of the mail) to name. If the user of the -f option is not a ``trusted'' user (normally root, daemon, and network) and if the name set using the -f option and the login name of the person actually sending the mail are not the same, then it results in an X-Authentication-Warning in the mail header.

Relay the message without any processing.

Set the hop count to N. The hop count is incremented every time the mail is processed. When it reaches a limit, the mail is returned with an error message, the victim of an aliasing loop. If not specified, ``Received:'' lines in the message are counted.

Ignore dots alone in lines by themselves in incoming messages. This should be set if you are reading from a file.

Specify an identifier to be used in syslog messages. The identifier is set to tag.

Do not do aliasing.

Set delivery status notification conditions. Following are the valid conditions to which dsn can be set:

Set the configuration option option to a specified value. Options are described below in "Processing Options."

Set option x to a specified value. Options are described below in "Processing Options."

Set the name of the protocol used to receive the message. This can be a simple protocol name such as UUCP or a protocol and hostname, such as UUCP:ucbvax.

Process saved messages in the queue at given intervals. If time is omitted, process the queue once. time is given as a tagged number, with s being seconds, m being minutes, h being hours, d being days, and w being weeks. For example, -q1h30m or -q90m would both set the timeout to one hour thirty minutes. If time is specified, sendmail will run in background. This option can be used safely with bd.

Similar to -qtime except that instead of periodically forking a child to process the queue, sendmail forks a single persistent child for each queue that alternates between processing the queue and sleeping. The sleep time is given as an argument and default value for the sleep time is 1 second. The process sleeps for at least 5 seconds if the queue was empty in the previous queue run.

Process saved messages in the queue once and do not fork(), but run in the foreground.

Process jobs only in the queue called name.

Limit processed jobs to those containing substr as a substring of the queue ID. When ! is specified, limit processed jobs to those not containing substr as a substring of the queue ID.

Limit processed jobs to quarantined jobs containing substr as a substring of the quarantine reason, or limit jobs to those not containing the substring when ! is specified.

Quarantine a normal queue with the given reason or unquarantine a quarantined queue if a reason is not given. This option must be used with a matching item.

Limit processed jobs to those containing substr as a substring of one of the recipients, or limit jobs to those not containing the substring when ! is specified.

Limit processed jobs to those containing substr as a substring of the sender, or limit jobs to those not containing the substring when ! is specified.

An alternate and obsolete form of the f flag.

Set the amount of the message to be returned if the message bounces. The values that can be set for return are as follows:

Read message for recipients. To:, Cc:, and Bcc: lines will be scanned for recipient addresses. The Bcc: line will be deleted before transmission.

Initial (user) submission. This flag should always be set when sendmail is called from a user agent such as mail or elm. This flag should never be set when called from a network delivery agent such as rmail.

Go into verbose mode. Alias expansions will be announced, etc.

Set the original envelope identification. This is propagated across SMTP to servers that support DSN's (delivery status notification) and is returned in DSN-compliant error messages.

Log all traffic in and out of mailers in the indicated logfile. This should only be used as a last resort for debugging mailer bugs. It will log a lot of data very quickly.

Stop processing command flags and use the rest of the arguments as addresses.

Use alternate alias file.

If set, sendmail logs transient error messages as LOG_ALERT messages at Loglevel>=2, else it logs as LOG_INFO messages at Loglevel>8.

On mailers that are considered ``expensive'' to connect to, do not initiate immediate connection. This requires queuing.

Checkpoint the queue file after every N successful deliveries (default 10). This avoids excessive duplicate deliveries when sending to long mailing lists interrupted by system crashes.

Set the delivery mode to x. The delivery modes are:

Set error processing to mode x. The valid modes are:

If the text of the message is not mailed back by modes m or w, and if the sender is local to this machine, then a copy of the message is appended to the file dead.letter in the sender's home directory.

Save UNIX -style ``From'' lines at the front of messages.

Use this option to set the maximum number of times a message is allowed to ``hop'' before it is considered in a loop.

Use this option to instruct sendmail to ignore dots in a line by themselves as a message terminator.

Send error messages in MIME format.

Set connection cache timeout.

Set connection cache size.

Set the log level.

Send to ``me'' (the sender) also if the sender is in an alias expansion.

Validate the right hand side of aliases during a newaliases command. See newaliases(1M).

Set this option to have old style headers in the message. If not set, this message is guaranteed to have new style headers (i.e., commas instead of spaces between addresses). If set, an adaptive algorithm is used that will correctly determine the header format in most cases.

Select the directory in which the messages are to be queued.

Use this option to save mail traffic statistics into the specified file.

Define the location of the system-wide dead.letter file.

Override the connection address (for testing).

Define trusted user for changing the file ownership and also for starting the daemon.

Set this option to create a daemon control socket. This socket allows an external program to control and query status from the running sendmail daemon via a named socket.

Limit the size of MIME headers and parameters within those headers. This option is intended to protect mail user agents (MUAs) from buffer overflow attacks.

Specify the maximum depth of alias recursion.

Define the location of the pid file. The /etc/mail/sendmail.pid file will be the default even if this option is not set.

Specify a prefix string for the process title shown in ps listings.

Control the maximum size of a memory-buffered data (df) file before a disk-based file is used.

Control the maximum size of a memory-buffered transcript (xf) file before a disk-based file is used.

Use this option to list all the authentication mechanisms used.

Set filename that contains authentication information for outgoing connections. This file must contain the user id, the authorization id, the password (plain text), and the realm to use, each on a separate line and must be readable by root (or the trusted user) only. If no realm is specified, $j will be used.

If this option is set to 'A' then the AUTH= parameter for the MAIL FROM command is issued only when the authentication succeeds.

Default map specification for LDAP maps. The value should contain only LDAP specific settings like ``-h host -p port -d bindDN'', etc. The settings will be used for all LDAP maps unless they are specified in the individual map specification (K command).

Path to directory with certs of CAs.

File containing one CA cert.

File containing the cert of the server; i.e., this cert is used when sendmail acts as a server.

File containing the private key belonging to the server cert.

File containing the cert of the client; i.e., this cert is used when sendmail acts as a client.

File containing the private key belonging to the client cert.

File containing the DH parameters.

File containing random data (use prefix file:) or the name of the UNIX socket if EGD is used (use prefix egd:).

Set this option to limit the total time spent in satisfying a control socket request.

Use this option to set the resolver's retransmission time interval in seconds. This also sets Timeout.resolver.retrans.first and Timeout.resolver.retrans.normal options.

Use this option to set the resolver's retransmission time interval in seconds for the first attempt to deliver a message.

Use this option to set the resolver's retransmission time interval in seconds for all resolver lookups except the first delivery attempt.

Use this option to set the number of times to retransmit a resolver query. This also sets Timeout.resolver.retry.first and Timeout.resolver.retry.normal options.

Use this option to set the number of times to retransmit a resolver query for the first attempt to deliver a message.

Use this option to set the number of times to retransmit a resolver query for all resolver lookups except the first delivery attempt.

Use this option to set the timeout on undelivered messages in the queue to the specified time. The failed messages will be returned to the sender after the delivery fails for this amount of time (e.g., because of a host being down). The default is three days.

Set this option to get forwarding information from the user database. You can consider this as an adjunct to the aliasing mechanism, except that the database is intended to be distributed; aliases are local to a particular host.

Use this option to fork each job during queue runs. This may be convenient on memory-poor machines.

Use this option to strip incoming messages to seven bits.

Set the handling of 8-bit input to 7-bit destinations. Mode can be set to the following values:

Use this option to set the time interval between attempts to send a message from the queue.

Use this option to set the default character-set used to label 8-bit data that is not otherwise labeled.

If opening a connection fails, sleep for sleeptime seconds and try again. This is useful on dial-on-demand sites.

Use this option to set the behaviour when there are no recipient headers (To:, Cc: or Bcc:) in a message to action. The action can be set to the following values:

Use this option to set the maximum number of children that an incoming SMTP daemon will allow to spawn at any time to N.

Use this option to set the maximum number of connections per second to the SMTP port to N.

Use this option to rebuild the alias database when needed. Setting this option may cause excessive overhead and is not recommended.

Use this option to turn off the inclusion of all the interface names in $=w on startup. In particular, if you have many virtual interfaces, this option speeds up the startup. However, unless you make other arrangements, mails sent to those addresses will bounce. This is useful for sending mail to hosts which have dynamically assigned names.

This options allows you to bypass some of sendmail file security checks at the expense of system security. This should be used only if you are aware of the consequences. The options available for DontBlameSendmail are:

Set this option to true, to prevent program deliveries from picking up extra group privileges.

Use this option to limit the number of recipients, no_of_recipients that will be accepted in a single SMTP transaction. After this number is reached, sendmail starts returning "452 Too many recipients" to all RCPT commands. This can be used to limit the number of recipients per envelope (in particular, to discourage use of the server for spamming). Note: A better approach is to restrict relaying entirely.

Use this option to specify the maximum length of the sum of all headers, max_header_length. This can be used to prevent a Denial-of-Service(DoS) attack.

Use this option to enable sendmail do a setuid to that user early in processing to avoid potential security problems. However, this means that /var/spool/mqueue directory owned by the user and all .forward and :include: files must be readable by that user, and all files to be written must be writable by that user, and all programs will be executed by that user. It is also incompatible with the SafeFileEnvironment option. In other words, it may not actually add much to security. However, it should be useful on firewalls and other places where users do not have accounts and the aliases file is well constrained.

Files named as delivery targets must be regular files in addition to the regular checks in order to use this option. Also, if the option is non-null, then it is used as the name of a directory that is used as a chroot() environment for the delivery; the file names listed in an alias or forward should include the name of this root.

Use this option to sort the queue based on the following values:

The flag can be set to the following values:

By default, authwarnings and restrictqrun are enabled.

The fields currently supported by sendmail are:

Following are the values to which the modifier flag can be set:

This option is similar to DaemonPortOptions but meant for outgoing connections. See DaemonPortOptions above for the option values available.