Some macros are assigned values from text that is supplied by outside connecting hosts, but such text cannot necessarily be trusted for use in rule sets or as keys in database-map lookups.

To protect itself, sendmail modifies this text by replacing each whitespace character (space or tab), nonprintable character (such as a newline or control character), and any of the following special characters with its corresponding hexadecimal value (based on US ASCII), where each new hexadecimal value is prefixed with a plus character.

< > ( ) " +

This is called xtext encoding (defined in RFC1891).

Beginning with V8.13, the values for the ${auth_author} and ${auth_authen} macros are also xtext encoded before being placed into those macros.

When a host connects to the listening sendmail server, that server forks a child copy of itself to handle the new connection. Before forking, the server increments the connection count associated with the IP number of the connecting client. When the forked child finishes and exits, the server decrements that count.

Beginning with V8.13 sendmail, the ${client_connections} macro holds that count as its value, making it available for you to use in rule sets.

With V8.13, if you declare the conncontrol feature (Section 4.1.8 ^[V8.13]), a rule set called ConnControl that looks up the current IP address in the access database will be added to your configuration file. The source text file for the access database may contain that address with a literal ClientConn: prefix—for example:

ClientConn:123.45.67.89          12

Note that the literal prefix is followed by the IP number to look up, tabs or spaces,^[27] and lastly the limit to impose for the maximum number of connections for that IP number.

If the number of connections (as stored in this ${client_connections} macro) exceed the limit imposed inside the access database, the new connection is rejected with the following error:

452 4.3.2 Too many open connections.

When a client host connects to the listening sendmail server, that server knows the IP number of the connecting client but not its hostname. To find the hostname, sendmail performs a reverse-lookup to find a PTR record that contains the host’s name. Beginning with V8.13, the result of that lookup (the hostname) is stored in the ${client_ptr} macro.

Note that if (and only if) the ${client_resolve} macro (21.9.22^[3ed]) contains a literal OK, this ${client_ptr} macro will hold the same value as the ${client_name} macro (21.9.20^[3ed]).

When a host connects to the listening sendmail server, the server forks a child to handle the new connection. Before forking, the server increments the connection count associated with the IP number of the connecting client. The rate of connections is then updated inside a window of time defined by the ConnectionRateWindowSize option (see Section 24.1.13 ^[V8.13]), which defaults to 60 seconds.

Beginning with V8.13 sendmail, the ${client_rate} macro holds that count as its value, making it available for you to use in rule sets.

With V8.13, if you declare the ratecontrol feature (Section 4.1.7 ^[V8.13]), a rule set called RateControl will be added to your configuration file, which looks up the current IP address in the access database. The source text file for the access database may contain that address with a literal ClientRate: prefix—for example:

ClientRate:123.45.67.89          4

Note that the literal prefix is followed by the IP number to look up, tabs or spaces,^[28] and lastly by the limit to impose for the maximum connection rate for that IP number.

If the current rate (as stored in this ${client_rate} macro) exceeds the limit imposed inside the access database, the new connection is rejected with the following error:

452 4.3.2 Connection rate limit exceeded.

If you are interested in knowing the total rate of connections for all clients, see the ${total_rate} macro (Section 21.1.9 ^[V8.13]).

The Message-Id: header (25.12.23[3ed]) is used to uniquely identify each mail message. It must be declared in the configuration file. Its field must be an expression in the syntax of a legal address enclosed in angle brackets (< and >), and it must be composed of elements that create an identifier that is truly unique worldwide.

Beginning with V8.13, when sendmail finds a Message-Id: header in the current message, it assigns the value for that header to this ${msg_id} macro. If sendmail finds no Message-Id: header, it creates one and assigns that new value to this ${msg_id} macro.

If a Message-Id: header appears in the original inbound message, its value can be made available to rule sets by using the H configuration command (25.5^[3ed]) and to Milters using an xxfi_header( ) routine. But if sendmail creates the Message-Id: header, its value can only be made available by using this ${msg_id} macro.

When sendmail receives an SMTP RCPT TO: command, it examines the recipient address contained in that command, accepts known local recipients, and rejects other recipients. If relaying is enabled for selected hosts, envelope recipients addressed to those hosts are also allowed. If the address is disallowed, it is rejected by sendmail and neither rule sets nor Milters ever see it.

Beginning with V8.13 sendmail, if knowing the number of rejected recipients for a given envelope is important to you, you may access that number using this ${nbadrcpts} macro.

If used in rule sets, the ${nbadrcpts} macro will only contain a true total after all envelope recipients have been processed. Thus, a good place to use it might be in the check_data rule set (19.9.1^[3ed]), because it is called just after the SMTP DATA command is received, but before that command is acknowledged (after all recipients have been processed):

LOCAL_RULESETS
Scheck_data
R $*                     $: $&{nbadrcpts}
R $+                     $: $(arith l $@ $1 $@ 25 $)
R FALSE                  $# error $@ 5.1.2 $: "553 Too many bad recipients"

Here, under the LOCAL_RULESETS portion of your mc configuration file, you first declare the check_data rule set, which contains three rules. The first rule simply matches anything on the LHS (the $*) and places the value of this ${nbadrcpts} macro into the workspace. The second rule compares that value (using the arith database-map; see 23.7.1^[3ed]) to the literal value 25. If the test fails (if there are 25 or more bad envelope recipients causing the second rule to return FALSE in the workspace), the message is rejected using the third rule.

This ${nbadrcpts} macro can also be used by Milters, but it is only reliable if you fetch its value after all envelope recipients have been processed. You may add this macro to those passed to your Milter with a line such as the following in your mc configuration file:

define(`confMILTER_MACROS_EOM´, confMILTER_MACROS_EOM``, {nbadrcpts}´Â´)

Note that the double half quotes are necessary because the second argument to the define command contains a comma. This line in your mc configuration file makes the ${nbadrcpts} macro available to your Milters after the entire envelope has been processed, but before the final dot has been acknowledged.

V8.13 introduced queue quarantining (Section 11.1.2[V8.13]), the process by which envelopes in the queue are marked as being ineligible for delivery. Such quarantined envelopes may then be reviewed manually or automatically.

When a message is quarantined, the reason it was quarantined is stored as the value of this ${quarantine} macro. When it is later read from the queue, the value of the queue file’s q line (Section 11.1.5 ^[V8.13]) is again copied into this ${quarantine} macro.

The ${quarantine} macro can be used to detect whether a message has been quarantined.

The C-language time(3) routine returns an integer value (type

time_t

) that represents the current time as the number of seconds since the start (00:00:00) of January 1, 1970. This current time is instantiated at three different moments as sendmail processes envelopes:

At these moments, an ASCII representation of the current number of seconds is placed into the ${time} macro. At the same moment, the following other macros are also given the current time but in different formats:

Although the ${time} macro is not used in the standard configuration file, it is available for your use in rule sets of your own design. It can, for example, be useful to enforce a timeout on entries when using POP before relay.

When a host connects to the listening sendmail server, that server forks a child copy of itself to handle the connection. Before forking, the server increments the connection count associated with all connections. That count is then used to update the total rate of all connections.

The rate is measured over an interval defined by the ConnectionRateWindowSize option (see Section 24.1.13 ^[V8.13]), which defaults to 60 seconds. This total rate differs from the client rate in that it is the rate for all connections rather than the rate for a particular client address.

The ${total_rate} macro is not used in the standard configuration file but is available for your use in rule sets of your own design.

If you are interested in knowing the rate of connections from individual clients, see the ${client_rate} macro (Section 21.1.4 ^[V8.13]).