sendmail(1M)sendmail(1M)NAMEsendmail - send mail over the Internet
SYNOPSIS
[mode] [flags] [address ...]
DESCRIPTION
sends a message to one or more recipients or addresses and routes the
message over whatever networks are necessary. does internetwork for‐
warding as necessary to deliver the message to the correct place.
is not intended as a user interface routine. Other programs provide
user-friendly front ends. is used only to deliver pre-formatted mes‐
sages.
With no flags specified in the command line, reads its standard input
up to an end-of-file or a line consisting only of a single dot and
sends a copy of the message found there to all of the addresses listed
in the command line. It determines the network(s) to use based on the
syntax and contents of the addresses, according to information in the
configuration file. The default configuration file is
Local addresses are looked up in a file and aliased appropriately, and
also supports the use of NIS and LDAP for address lookup. Aliasing can
be prevented by preceding the address with a backslash Normally the
sender is not included in any alias expansions. For example, if `john'
sends to `group', and `group' includes `john' in the expansion, then
the letter will not be delivered to `john'.
If is invoked, will rebuild the alias database. is identical to See
newaliases(1M). Mail that is temporarily undeliverable is saved in a
mail queue. If is invoked, will print the contents of the mail queue.
The mail queue files are in the directory is identical to See mailq(1).
For mail delivery failures, users get a Delivery Status Notification
(DSN).
Note: DSNs resulting from attempts to relay a message to one or
more recipients will contain a "Diagnostic-Code" message citing
the reasons for failure. This message will not contain the
user's address.
A non-root user does not have access to the files and databases associ‐
ated with for example, and
Note: Only root users are privileged to kill any process. Non-
root users cannot send signals to their process.
Arguments
recognizes the following arguments:
mode A mode selected from those described in the "Modes"
subsection below. Only one mode can be specified. The
default is
address The address of a recipient. Several addresses can be
specified.
flags A flag selected from those described in the "Flags"
subsection below. Several flags can be specified.
Modes
operates in one of the following modes. The default is deliver mail in
the usual way.
Go into ARPANET mode.
All input lines must end with a CR-LF, and all messages
will be generated with a CR-LF at the end. Also, the
``From:'' and ``Sender:'' fields are examined for the
name of the sender.
Run as a daemon.
will fork and run in background listening on socket 25
for incoming SMTP connections.
Run as a daemon, but run in foreground.
Print the persistent host status database.
Purge the persistent host status database.
Initialize the alias database
for the mail aliases file. is identical to See
newaliases(1M).
Deliver mail in the usual way (default).
Print a listing of the mail queue.
is identical to See mailq(1).
Use the SMTP protocol as described in RFC821
on standard input and output. This flag implies all the
operations of the ba flag that are compatible with SMTP.
Run in address test mode.
This mode reads addresses and shows the steps in parsing;
it is used for debugging configuration tables.
Verify names only; i.e, do not try to collect or deliver a mes‐
sage.
Verify mode is normally used for validating users or
mailing lists.
Flags
recognizes the following flags:
Use the file even if the operation mode does not indicate an
initial mail submission.
Use the file even if the operation mode indicates an initial
mail submission.
Set the body type.
type can be either or
Use alternate configuration file.
refuses to run as root if an alternate configuration
file is specified.
Set debugging value to
X. X can also be of the form category.level (eg; A
low level or category produces less output; but a
high level or category produces more output. The
default for category is 0 and that for level is 1.
Set the full name of the sender.
Set the name of the ``from'' person
(i.e., the sender of the mail) to name. If the user
of the option is not a ``trusted'' user (normally
root, daemon, and network) and if the name set using
the option and the login name of the person actually
sending the mail are not the same, then it results
in an in the mail header.
Relay the message without any processing.
Set the hop count to
N. The hop count is incremented every time the mail
is processed. When it reaches a limit, the mail is
returned with an error message, the victim of an
aliasing loop. If not specified, ``Received:''
lines in the message are counted.
Ignore dots alone in lines by themselves in incoming messages.
This should be set if you are reading from a file.
Specify an identifier to be used in
messages. The identifier is set to tag.
Do not do aliasing.
Set delivery status notification conditions.
Following are the valid conditions to which dsn can
be set:
For no notifications.
If delivery failed.
If delivery is delayed.
When message is successfully delivered.
Set the configuration option
option to a specified value. Options are described
below in "Processing Options."
Set option x to a specified value. Options are described below
in "Processing Options."
Set the name of the protocol used to receive the message. This
can be a simple protocol name such as or a protocol
and hostname, such as
Process saved messages in the queue at given intervals.
If time is omitted, process the queue once. time is
given as a tagged number, with being seconds, being
minutes, being hours, being days, and being weeks.
For example, or would both set the timeout to one
hour thirty minutes. If time is specified, will run
in background. This option can be used safely with
Similar to except that instead of periodically forking a child
to process the queue, forks a single persistent
child for each queue that alternates between pro‐
cessing the queue and sleeping. The sleep time is
given as an argument and default value for the sleep
time is 1 second. The process sleeps for at least 5
seconds if the queue was empty in the previous queue
run.
Process saved messages in the queue once and do not
but run in the foreground.
Process jobs only in the queue called
name.
Limit processed jobs to those containing
substr as a substring of the queue ID. When is
specified, limit processed jobs to those not con‐
taining substr as a substring of the queue ID.
Limit processed jobs to quarantined jobs containing
substr as a substring of the quarantine reason, or
limit jobs to those not containing the substring
when is specified.
Quarantine a normal queue with the given reason or unquarantine
a quarantined queue if a reason is not given. This
option must be used with a matching item.
Limit processed jobs to those containing
substr as a substring of one of the recipients, or
limit jobs to those not containing the substring
when is specified.
Limit processed jobs to those containing
substr as a substring of the sender, or limit jobs
to those not containing the substring when is speci‐
fied.
An alternate and obsolete form of the
flag.
Set the amount of the message to be returned if the message
bounces.
The values that can be set for return are as fol‐
lows:
To return the entire message
To return only the headers.
Read message for recipients.
To:, Cc:, and Bcc: lines will be scanned for recipi‐
ent addresses. The Bcc: line will be deleted before
transmission.
Initial (user) submission. This flag should always be set when
is called from a user agent such as or This flag
should never be set when called from a network
delivery agent such as
Go into verbose mode.
Alias expansions will be announced, etc.
Set the original envelope identification. This is propagated
across SMTP
to servers that support DSN's (delivery status noti‐
fication) and is returned in DSN-compliant error
messages.
Log all traffic in and out of mailers in the indicated
logfile. This should only be used as a last resort
for debugging mailer bugs. It will log a lot of
data very quickly.
Stop processing command flags and use the rest of the arguments
as addresses.
Processing Options
There are various processing options available. Normally these will
only be used by a system administrator. Options may be set either on
the command line using the flag or in the configuration file, The
options are:
Use alternate alias file.
If set, logs transient error messages as messages at else it
logs as messages at
On mailers that are considered ``expensive'' to connect to,
do not initiate immediate connection. This requires
queuing.
Checkpoint the queue file after every
N successful deliveries (default 10). This avoids
excessive duplicate deliveries when sending to long
mailing lists interrupted by system crashes.
Set the delivery mode to
x. The delivery modes are:
background (asynchronous) delivery.
deferred; the same as
except that database lookups (DNS and NIS
lookups) are avoided.
interactive (synchronous) delivery.
queue only; expect the messages to be delivered
the next time when the queue is run.
Set error processing to mode
x. The valid modes are:
do special processing for the BerkNet.
mail back the error message.
print the errors on the terminal
(default).
throw away error messages
(only exit status is returned).
``write'' back the error message
(or mail it back if the sender is not logged
in).
If the text of the message is not mailed back by
modes or and if the sender is local to this machine,
then a copy of the message is appended to the file
in the sender's home directory.
Save UNIX -style
``From'' lines at the front of messages.
Use this option to set the maximum number of times a message is
allowed to
``hop'' before it is considered in a loop.
Use this option to instruct
to ignore dots in a line by themselves as a message
terminator.
Send error messages in MIME format.
Set connection cache timeout.
Set connection cache size.
Set the log level.
Send to ``me'' (the sender) also if the sender is in an alias
expansion.
Validate the right hand side of aliases during a
command. See newaliases(1M).
Set this option to have
old style headers in the message. If not set, this
message is guaranteed to have new style headers
(i.e., commas instead of spaces between addresses).
If set, an adaptive algorithm is used that will cor‐
rectly determine the header format in most cases.
Select the directory in which the messages are to be queued.
Use this option to save mail traffic statistics into the speci‐
fied
file.
Define the location of the system-wide
file.
Override the connection address (for testing).
Define trusted user for changing the file ownership and also for
starting the daemon.
Set this option to create a daemon control socket. This socket
allows an external program to control and query sta‐
tus from the running daemon via a named socket.
Limit the size of MIME
headers and parameters within those headers. This
option is intended to protect mail user agents
(MUAs) from buffer overflow attacks.
Specify the maximum depth of alias recursion.
Define the location of the pid file. The
file will be the default even if this option is not
set.
Specify a prefix string for the process title shown in
listings.
Control the maximum size of a memory-buffered data (df) file
before a
disk-based file is used.
Control the maximum size of a memory-buffered transcript (xf)
file before a
disk-based file is used.
Use this option to list all the authentication mechanisms used.
Set filename that contains authentication information for
outgoing connections. This file must contain the
user id, the authorization id, the password (plain
text), and the realm to use, each on a separate line
and must be readable by root (or the trusted user)
only. If no realm is specified, will be used.
If this option is set to 'A' then the
parameter for the MAIL FROM command is issued only
when the authentication succeeds.
Default map specification for LDAP maps. The
value should contain only LDAP specific settings
like etc. The settings will be used for all LDAP
maps unless they are specified in the individual map
specification command).
Path to directory with certs of CAs.
File containing one CA cert.
File containing the cert of the server; i.e., this cert
is used when acts as a server.
File containing the private key belonging to the server cert.
File containing the cert of the client; i.e., this cert is used
when
acts as a client.
File containing the private key belonging to the client cert.
File containing the DH parameters.
File containing random data (use prefix
or the name of the UNIX socket if EGD is used (use
prefix
Set this option to limit the total time spent in satisfying a
control
socket request.
Use this option to set the resolver's retransmission time inter‐
val in seconds.
This also sets and options.
Use this option to set the resolver's retransmission time inter‐
val in seconds
for the first attempt to deliver a message.
Use this option to set the resolver's retransmission time inter‐
val in seconds
for all resolver lookups except the first delivery
attempt.
Use this option to set the number of times to retransmit a
resolver query.
This also sets and options.
Use this option to set the number of times to retransmit a
resolver query for
the first attempt to deliver a message.
Use this option to set the number of times to retransmit a
resolver query for
all resolver lookups except the first delivery
attempt.
Use this option to set the timeout on undelivered messages in
the queue to the
specified time. The failed messages will be
returned to the sender after the delivery fails for
this amount of time (e.g., because of a host being
down). The default is three days.
Set this option to get forwarding information from the user
database. You
can consider this as an adjunct to the aliasing
mechanism, except that the database is intended to
be distributed; aliases are local to a particular
host.
Use this option to fork each job during queue runs.
This may be convenient on memory-poor machines.
Use this option to strip incoming messages to seven bits.
Set the handling of 8-bit input to 7-bit destinations. Mode can
be
set to the following values:
Convert to 7-bit MIME format.
Pass it as eight bits.
Bounce the mail.
Use this option to set the time interval between attempts to
send a message from the queue.
Use this option to set the default character-set used to label
8-bit data
that is not otherwise labeled.
If opening a connection fails, sleep for
sleeptime seconds and try again. This is useful on
dial-on-demand sites.
Use this option to set the behaviour when there are no recipient
headers
(To:, Cc: or Bcc:) in a message to action. The
action can be set to the following values:
Leaves the message unchanged.
Adds a header with the envelope recipients.
Adds an header with the envelope recipients.
Adds an empty
Adds a header reading
Use this option to set the maximum number of children that an
incoming
SMTP daemon will allow to spawn at any time to N.
Use this option to set the maximum number of connections per
second to
the SMTP port to N.
Use this option to rebuild the alias database
when needed. Setting this option may cause exces‐
sive overhead and is not recommended.
Use this option to turn off the inclusion of all
the interface names in on startup. In particular,
if you have many virtual interfaces, this option
speeds up the startup. However, unless you make
other arrangements, mails sent to those addresses
will bounce. This is useful for sending mail to
hosts which have dynamically assigned names.
This options allows you to bypass some of file security
checks at the expense of system security. This
should be used only if you are aware of the conse‐
quences. The options available for are:
Set
this
option
to
true,
to
pre‐
vent
pro‐
gram
deliv‐
er‐
ies
from
pick‐
ing
up
extra group
priv‐
i‐
leges.
Use
this
option
to
limit
the
num‐
ber
of
recip‐
i‐
ents, no_of_recip‐
i‐
ents
that
will
be
accepted
in
a
sin‐
gle
SMTP
trans‐
ac‐
tion.
After
this
num‐
ber
is
reached,
starts
return‐
ing
"452
Too
many
recip‐
i‐
ents"
to
all
com‐
mands.
This
can
be
used
to
limit
the
num‐
ber
of
recip‐
i‐
ents
per
enve‐
lope
(in
par‐
tic‐
u‐
lar,
to
dis‐
cour‐
age
use
of
the
server
for
spam‐
ming).
Note:
A
bet‐
ter
approach
is
to
restrict
relay‐
ing
entirely.
Use
this
option
to
spec‐
ify
the
max‐
i‐
mum
length
of
the
sum
of
all
head‐
ers, max_header_length.
This
can
be
used
to
pre‐
vent
a
Denial-
of-
Ser‐
vice(DoS)
attack.
Use
this
option
to
enable do
a
to
that
user
early
in
pro‐
cess‐
ing
to
avoid
poten‐
tial
secu‐
rity
prob‐
lems.
How‐
ever,
this
means
that
direc‐
tory
owned
by
the
user
and
all
and
files
must
be
read‐
able
by
that
user,
and
all
files
to
be
writ‐
ten
must
be
writable
by
that
user,
and
all
pro‐
grams
will
be
exe‐
cuted
by
that
user.
It
is
also
incom‐
pat‐
i‐
ble
with
the
option.
In
other
words,
it
may
not
actu‐
ally
add
much
to
secu‐
rity.
How‐
ever,
it
should
be
use‐
ful
on
fire‐
walls
and
other
places
where
users
do
not
have
accounts
and
the
file
is
well
con‐
strained.
Files
named
as
deliv‐
ery
tar‐
gets
must
be
reg‐
u‐
lar
files
in
addi‐
tion to
the
reg‐
u‐
lar
checks
in
order
to
use
this
option.
Also,
if
the
option
is
non-
null,
then
it
is
used
as
the
name
of
a
direc‐
tory
that
is
used
as
a
envi‐
ron‐
ment
for
the
deliv‐
ery;
the
file
names
listed
in
an
alias
or
for‐
ward
should
include
the
name
of
this
root.
Use
this
option
to
sort
the
queue
based
on
the
fol‐
low‐
ing
val‐
ues:
This
makes
bet‐
ter
use
of
the
con‐
nec‐
tion
cache,
but
may
delay
more ``inter‐
ac‐
tive''
mes‐
sages
behind
large
back‐
logs
under
some
cir‐
cum‐
stances.
It
is
rec‐
om‐
mended
to
use
this
option
if
you
have
high
speed
links
or
do
not
process
too
many
``batch''
mes‐
sages;
it
might
not
per‐
form
bet‐
ter,
if
you
are
using
some‐
thing
like
PPP
on
a
14.4
modem.
This
option
causes
the
queue
to
be
sorted
strictly
on
the
time
of
sub‐
mis‐
sion. This
might
adversely
affect
the
per‐
for‐
mance
over
slow
lines
and
on
nodes
with
heavy
traf‐
fic.
Also,
this
does
not
guar‐
an‐
tee
that
jobs
will
be
deliv‐
ered
in
sub‐
mis‐
sion
order
unless
you
set
option.
In
gen‐
eral,
it
should
be
used
only
on
the
com‐
mand
line,
and
in
con‐
junc‐
tion
with
This
option
sorts
the
queue
by
file‐
name.
This
avoids
open‐
ing and
read‐
ing
each
queue
file
while
pre‐
par‐
ing
to
run
the
queue.
This
will
speed
up
the
queue
pro‐
cess‐
ing.
The flag
can
be
set
to
the
fol‐
low‐
ing
val‐
ues:
Allow
open
access.
Insist
on
HELO
(or
EHLO)
before
the
MAIL
com‐
mand.
Insist
on
HELO
(or
EHLO)
before
the
EXPN
com‐
mand.
Dis‐
al‐
low
EXPN
com‐
mand
totally.
Insist
on
HELO
(or
EHLO)
before
the
VRFY
com‐
mand.
Dis‐
al‐
low
VRFY
com‐
mand
totally.
Restrict
mailq
com‐
mand.
Restrict
-q
com‐
mand-
line
flag.
Do
not
return
suc‐
cess
DSN's.
Dis‐
al‐
low
essen‐
tially
all
SMTP
sta‐
tus
queries.
Put head‐
ers
in
mes‐
sages
if
HELO
was
not
used
inside
SMTP
trans‐
ac‐
tion.
Flag
to
dis‐
able
the
SMTP
VERB
com‐
mand.
Flag
to
dis‐
able
the
SMTP
ETRN
com‐
mand.
By
default,
and
are
enabled.
The
fields
cur‐
rently
sup‐
ported
by are:
The
val‐
ues
can
be
either or
The
default
value
is
IP
address
or
host‐
name
Name
of
the
agent or
Port
num‐
ber
(for the
port
num‐
ber
should
be
587)
Send
buf‐
fer
size
Receive
buf‐
fer
size
Lis‐
ten
queue
size
Mod‐
i‐
fier
flags.
Fol‐
low‐
ing
are
the
val‐
ues
to
which
the
mod‐
i‐
fier
flag
can
be
set:
Require
authen‐
ti‐
ca‐
tion.
Bind
to
inter‐
face
through
which
mail
has
been
received.
Pass
the
address
for
canon‐
i‐
fi‐
ca‐
tion.
Enable
fully
qual‐
i‐
fied
address
for
From
address.
Use
name
of
inter‐
face
for
out‐
go‐
ing
HELO
com‐
mand.
Dis‐
able
fully
qual‐
i‐
fied
address
for
From
address.
Do
not
pass
the
address
for
canon‐
i‐
fi‐
ca‐
tion.
Turn
off
ETRN
con‐
nec‐
tions.
Note:
In
order
to
use
the
IPv6
fea‐
ture,
you
need
to
set
the
with
If
this
option
is
set
with
a
sep‐
a‐
rate
dae‐
mon
starts
at
port
587
that
acts
as
a
Mes‐
sage
Sub‐
mis‐
sion
Agent
(MSA).
This
option
is
sim‐
i‐
lar
to
but
meant
for
out‐
go‐
ing
con‐
nec‐
tions.
See
above
for
the
option
val‐
ues
avail‐
able.
Aliases
You
can
set
up
sys‐
tem
aliases
and
user
for‐
ward‐
ing.
The
and
files
are
described
in
the
aliases(5)
man‐
page.
EXIT
STA‐
TUS
returns
an
exit
sta‐
tus
describ‐
ing
what
it
did.
The
codes
are
defined
in
Suc‐
cess‐
ful
com‐
ple‐
tion
on
all
addresses.
User
name
not
rec‐
og‐
nized.
Catchall
mean‐
ing
nec‐
es‐
sary
resources were
not
avail‐
able.
Syn‐
tax
error
in
address.
Inter‐
nal
soft‐
ware
error, includ‐
ing
bad
argu‐
ments.
Tem‐
po‐
rary
oper‐
at‐
ing
sys‐
tem
error, such
as
``can‐
not
fork''
.
Host
name
not
rec‐
og‐
nized.
Mes‐
sage
could
not
be
sent
imme‐
di‐
ately, but
was
queued.
WARN‐
ING
Ter‐
mi‐
nat‐
ing
and
restart‐
ing
the
dae‐
mon
may
not
be
instan‐
ta‐
neous.
AUTHOR
The
com‐
mand
was
devel‐
oped
by
the
Uni‐
ver‐
sity
of
Cal‐
i‐
for‐
nia,
Berke‐
ley,
and
orig‐
i‐
nally
appeared
in
BSD
4.2.
FILES
User's
mail
for‐
ward‐
ing
file
User's
failed
mes‐
sage
file
Except
for
the
file
and
the
dae‐
mon
process
ID
file,
the
below
men‐
tioned
default
path‐
names
are
all
spec‐
i‐
fied
in
the
con‐
fig‐
u‐
ra‐
tion
file,
These
default
file
names
can
be
over‐
rid‐
den
in
the
con‐
fig‐
u‐
ra‐
tion
file.
raw
data
for
alias
names
data
base
of
alias
names
con‐
fig‐
u‐
ra‐
tion
file
help
file
col‐
lected
sta‐
tis‐
tics
mail
queue
files
The
process
id
of
the
dae‐
mon
The
list
of
all
host‐
names
that
are
rec‐
og‐
nized
as local,
which
causes
to
accept
mail
for
these
hosts
and
attempt
local
deliv‐
ery
con‐
fig‐
u‐
ra‐
tion
file
for
the
name-
ser‐
vice
switch
SEE
ALSO
elm(1),
expand_alias(1),
idlookup(1),
mail(1),
mailq(1),
mail‐
stats(1),
mailx(1),
praliases(1),
con‐
vert_awk(1M),
identd(1M),
killsm(1M),
mtail(1M),
newaliases(1M),
smrsh(1M),
aliases(5).
sendmail(1M)