sendmail

This directory contains sendmail 8.x source distributions. Those interested in mirroring the sendmail distribution tree should read the MIRROR file in this directory.

The latest version is available in sendmail.8.18.1.tar.{Z,gz}{,.sig} -- the .Z file is compressed, the .gz file is the same bits gzipped, and the .sig files are the PGP signatures for the bits in either of the first two files. Please note that starting with 8.12.8 the compressed/gzipped files are signed, previously the uncompressed .tar file was signed. Please take ONLY ONE of the .Z or .gz files.

Add-ons for the open source sendmail MTA, including spam and virus filters and policy management tools, are available from Proofpoint, Inc. See http://www.proofpoint.com/ for details.

Older versions are in sendmail.${VER}.tar.{Z,gz,sig}. Except for the latest, these are unsupported by the Sendmail.ORG crew. The status of various interesting ${VER}s is:

8.18.1 Stricter enforcement of RFC requirements, full DANE support.
8.17.2 Various fixes, mostly related to EAI.
8.17.1 Experimental support for EAI (SMTPUTF8) and MTA-STS.
8.16.1 DANE support, TLS and logging enhancements.
8.15.2 Some IPv6 enhancements as well as other fixes.
8.15.1 Several new features, especially TLS related; IPv6 format change.
8.14.9 Fixes a file descriptor leak.
8.14.8 Mostly bug fixes, especially IPv6 related. May require patch 8.14.8.m4header
8.14.7 Fixes some problems.
8.14.6 Mostly bug fixes.
8.14.5 Some enhancements and bug fixes.
8.14.4 Fixes some problems.
8.14.3 Fixes regression in 8.14.2 and some bugs.
8.14.2 Fixes some bugs.
8.14.1 Fixes some bugs, enhances documentation.
8.14.0 New milter API, headers are 8 bit "transparent".
8.13.8 Fixes for regressions introduced in 8.13.7 and some other bugs.
8.13.7 Fix for potential denial of service problem.
8.13.6 Security fix. Do not use any older 8.x version.

Patches

sts_san.p0.tgz Fix matching of wildcard SANs for MTA-STS applies to 8.17.1 up to 8.18.1

Note

Since sendmail 8.11 and later includes hooks to cryptography, the following information from OpenSSL applies to sendmail as well.

PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.