SMM:08-64
Sendmail Installation and Operation Guide
a
always require authentication
b
bind to interface through which mail has been received
c
perform hostname canonification (.cf)
f
require fully qualified hostname (.cf)
s
Run smtps (SMTP over SSL) instead of smtp
u
allow unqualified addresses (.cf)
A
disable AUTH (overrides 'a' modifier)
C
don't perform hostname canonification
E
disallow ETRN (see RFC 2476)
O
optional; if opening the socket fails ignore it
S
don't offer STARTTLS
That is, one way to specify a message submission agent (MSA) that always
requires authentication is:
O DaemonPortOptions=Name=MSA, Port=587, M=Ea
The modifiers that are marked with "(.cf)" have only effect in the standard config-
uration file, in which they are available via ${daemon_flags}. Notice: Do not use
the ``a'' modifier on a public accessible MTA! It should only be used for a MSA
that is accessed by authorized users for initial mail submission. Users must
authenticate to use a MSA which has this option turned on. The flags ``c'' and
``C'' can change the default for hostname canonification in the sendmail.cf file.
See the relevant documentation for
FEATURE(nocanonify)
. The modifier ``f '' dis-
allows addresses of the form user@host unless they are submitted directly. The
flag ``u'' allows unqualified sender addresses, i.e., those without @host. ``b''
forces sendmail to bind to the interface through which the e-mail has been
received for the outgoing connection. WARNING: Use ``b'' only if outgoing
mail can be routed through the incoming connection's interface to its destination.
No attempt is made to catch problems due to a misconfiguration of this parameter,
use it only for virtual hosting where each virtual interface can connect to every
possible location. This will also override possible settings via ClientPortOp-
tions.
Note, sendmail will listen on a new socket for each occurence of the Dae-
monPortOptions
option in a configuration file. The modifier ``O'' causes send-
mail to ignore a socket if it can't be opened. This applies to failures from the
socket(2) and bind(2) calls.
DefaultAuthInfo [no short name] Filename that contains default authentication information for out-
going connections. This file must contain the user id, the authorization id, the
password (plain text), the realm and the list of mechanisms to use on separate
lines and must be readable by root (or the trusted user) only. If no realm is speci-
fied, $j is used. If no mechanisms are specified, the list given by AuthMecha-
nisms
is used. Notice: this option is deprecated and will be removed in future
versions. Moreover, it doesn't work for the MSP since it can't read the file (the
file must not be group/world-readable otherwise sendmail will complain). Use the
authinfo ruleset instead which provides more control over the usage of the data
anyway.
DefaultCharSet=charset
[no short name] When a message that has 8-bit characters but is not in MIME for-
mat is converted to MIME (see the EightBitMode option) a character set must be
included in the Content-Type: header. This character set is normally set from the
Charset= field of the mailer descriptor. If that is not set, the value of this option is
used. If this option is not set, the value "unknown-8bit" is used.
DataFileBufferSize=threshold
[no short name] Set the threshold, in bytes, before a memory-based queue data file