diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..873620e
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/sendmail.8.15.2.tar.gz
diff --git a/.sendmail.metadata b/.sendmail.metadata
new file mode 100644
index 0000000..ebc2f68
--- /dev/null
+++ b/.sendmail.metadata
@@ -0,0 +1 @@
+5801d4b06f4e38ef228a5954a44d17636eaa5a16 SOURCES/sendmail.8.15.2.tar.gz
diff --git a/SOURCES/Sendmail-sasl2.conf b/SOURCES/Sendmail-sasl2.conf
new file mode 100644
index 0000000..74ef83f
--- /dev/null
+++ b/SOURCES/Sendmail-sasl2.conf
@@ -0,0 +1 @@
+pwcheck_method:saslauthd
diff --git a/SOURCES/sendmail-8.13.0-cyrus.patch b/SOURCES/sendmail-8.13.0-cyrus.patch
new file mode 100644
index 0000000..e296d5b
--- /dev/null
+++ b/SOURCES/sendmail-8.13.0-cyrus.patch
@@ -0,0 +1,11 @@
+--- sendmail-8.13.0/cf/mailer/cyrus.m4.cyrus 2004-06-30 11:47:47.116910591 +0200
++++ sendmail-8.13.0/cf/mailer/cyrus.m4 2004-06-30 11:49:02.262556546 +0200
+@@ -36,7 +36,7 @@
+ #
+
+ _DEFIFNOT(`CYRUS_MAILER_FLAGS', `Ah5@/:|')
+-ifdef(`CYRUS_MAILER_PATH',, `define(`CYRUS_MAILER_PATH', /usr/cyrus/bin/deliver)')
++ifdef(`CYRUS_MAILER_PATH',, `define(`CYRUS_MAILER_PATH', /usr/lib/cyrus-imapd/deliver)')
+ ifdef(`CYRUS_MAILER_ARGS',, `define(`CYRUS_MAILER_ARGS', `deliver -e -m $h -- $u')')
+ ifdef(`CYRUS_MAILER_USER',, `define(`CYRUS_MAILER_USER', `cyrus:mail')')
+ _DEFIFNOT(`CYRUS_BB_MAILER_FLAGS', `u')
diff --git a/SOURCES/sendmail-8.14.3-sharedmilter.patch b/SOURCES/sendmail-8.14.3-sharedmilter.patch
new file mode 100644
index 0000000..29e1851
--- /dev/null
+++ b/SOURCES/sendmail-8.14.3-sharedmilter.patch
@@ -0,0 +1,50 @@
+diff -up sendmail-8.14.3/devtools/M4/UNIX/sharedlibrary.m4.sharedmilter sendmail-8.14.3/devtools/M4/UNIX/sharedlibrary.m4
+--- sendmail-8.14.3/devtools/M4/UNIX/sharedlibrary.m4.sharedmilter 2009-01-20 15:19:34.000000000 +0100
++++ sendmail-8.14.3/devtools/M4/UNIX/sharedlibrary.m4 2009-01-20 15:19:34.000000000 +0100
+@@ -15,22 +15,23 @@ divert(-1)
+ divert(0)dnl
+ include(confBUILDTOOLSDIR`/M4/'bldM4_TYPE_DIR`/links.m4')dnl
+ bldLIST_PUSH_ITEM(`bldC_PRODUCTS', bldCURRENT_PRODUCT)dnl
+-bldPUSH_TARGET(bldCURRENT_PRODUCT`.a')dnl
++bldPUSH_TARGET(bldCURRENT_PRODUCT.so.confSOVER.confSOPLVL)dnl
+ bldPUSH_INSTALL_TARGET(`install-'bldCURRENT_PRODUCT)dnl
+ bldPUSH_CLEAN_TARGET(bldCURRENT_PRODUCT`-clean')dnl
+
+ include(confBUILDTOOLSDIR`/M4/'bldM4_TYPE_DIR`/defines.m4')
+ divert(bldTARGETS_SECTION)
+-bldCURRENT_PRODUCT.a: ${BEFORE} ${bldCURRENT_PRODUCT`OBJS'}
+- ${AR} ${AROPTS} bldCURRENT_PRODUCT.a ${bldCURRENT_PRODUCT`OBJS'}
+- ${RANLIB} ${RANLIBOPTS} bldCURRENT_PRODUCT.a
++bldCURRENT_PRODUCT.so.confSOVER.confSOPLVL: ${BEFORE} ${bldCURRENT_PRODUCT`OBJS'}
++ ${CC} ${CFLAGS} ${LDOPTS_SO} -o bldCURRENT_PRODUCT.so.confSOVER.confSOPLVL `-Wl,'confSONAME`,'bldCURRENT_PRODUCT`.so.'confSOVER ${bldCURRENT_PRODUCT`OBJS'}
+ ifdef(`bldLINK_SOURCES', `bldMAKE_SOURCE_LINKS(bldLINK_SOURCES)')
+
+-install-`'bldCURRENT_PRODUCT: bldCURRENT_PRODUCT.a
++install-`'bldCURRENT_PRODUCT: bldCURRENT_PRODUCT.so.confSOVER.confSOPLVL
+ ifdef(`bldINSTALLABLE', ` ifdef(`confMKDIR', `if [ ! -d ${DESTDIR}${bldINSTALL_DIR`'LIBDIR} ]; then confMKDIR -p ${DESTDIR}${bldINSTALL_DIR`'LIBDIR}; else :; fi ')
+- ${INSTALL} -c -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} bldCURRENT_PRODUCT.a ${DESTDIR}${LIBDIR}')
++ ${LN} ${LNOPTS} bldCURRENT_PRODUCT.so.confSOVER.confSOPLVL ${DESTDIR}${LIBDIR}/bldCURRENT_PRODUCT.so.confSOVER
++ ${LN} ${LNOPTS} bldCURRENT_PRODUCT.so.confSOVER ${DESTDIR}${LIBDIR}/bldCURRENT_PRODUCT.so
++ ${INSTALL} -c -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} bldCURRENT_PRODUCT.so.confSOVER`.'confSOPLVL ${DESTDIR}${LIBDIR}')
+
+ bldCURRENT_PRODUCT-clean:
+- rm -f ${OBJS} bldCURRENT_PRODUCT.a ${MANPAGES}
++ rm -f ${OBJS} bldCURRENT_PRODUCT.so* ${MANPAGES}
+
+ divert(0)
+diff -up sendmail-8.14.3/libmilter/Makefile.m4.sharedmilter sendmail-8.14.3/libmilter/Makefile.m4
+--- sendmail-8.14.3/libmilter/Makefile.m4.sharedmilter 2008-04-08 07:23:44.000000000 +0200
++++ sendmail-8.14.3/libmilter/Makefile.m4 2009-01-20 15:26:05.000000000 +0100
+@@ -9,7 +9,11 @@ define(`confMT', `true')
+ SMSRCDIR=ifdef(`confSMSRCDIR', `confSMSRCDIR', `${SRCDIR}/sendmail')
+ PREPENDDEF(`confINCDIRS', `-I${SMSRCDIR} ')
+
+-bldPRODUCT_START(`library', `libmilter')
++APPENDDEF(`confOPTIMIZE', `-fno-pie -fPIC')
++define(`runCtest', `esyscmd(`echo -e "#include <stdio.h>\n#include \"../include/libmilter/mfapi.h\"\nint main(){'$1`;return 0;}" | gcc -x c -I../include -o ctest - && ./ctest && rm -f ctest')')dnl
++define(`confSOVER', runCtest(`printf(\"%d.%d\", SM_LM_VRS_MAJOR(SMFI_VERSION), SM_LM_VRS_MINOR(SMFI_VERSION))'))dnl
++define(`confSOPLVL', runCtest(`printf(\"%d\", SM_LM_VRS_PLVL(SMFI_VERSION))'))dnl
++bldPRODUCT_START(`sharedlibrary', `libmilter')
+ define(`bldINSTALLABLE', `true')
+ define(`LIBMILTER_EXTRAS', `errstring.c strl.c')
+ APPENDDEF(`confENVDEF', `-DNOT_SENDMAIL -Dsm_snprintf=snprintf')
diff --git a/SOURCES/sendmail-8.14.3-smrsh_paths.patch b/SOURCES/sendmail-8.14.3-smrsh_paths.patch
new file mode 100644
index 0000000..9240f39
--- /dev/null
+++ b/SOURCES/sendmail-8.14.3-smrsh_paths.patch
@@ -0,0 +1,182 @@
+diff -up sendmail-8.14.3/smrsh/README.smrsh_paths sendmail-8.14.3/smrsh/README
+--- sendmail-8.14.3/smrsh/README.smrsh_paths 2008-02-12 17:40:06.000000000 +0100
++++ sendmail-8.14.3/smrsh/README 2008-07-15 14:40:36.000000000 +0200
+@@ -6,7 +6,7 @@ Software Engineering Institute, Carnegie
+ intended as a supplement to the CERT advisory CA-93:16.sendmail.vulnerability,
+ and to the software, smrsh.c, written by Eric Allman.
+
+-
++* Modified by Red Hat, Inc., to reflect different paths. *
+
+ The smrsh(8) program is intended as a replacement for /bin/sh in the
+ program mailer definition of sendmail(8). This README file describes
+@@ -56,15 +56,15 @@ These can be added to the devtools/Site/
+ global M4 macro confENVDEF or the smrsh specific M4 macro
+ conf_smrsh_ENVDEF.
+
+-As root, install smrsh in /usr/libexec. Using the Build script:
++As root, install smrsh in /usr/sbin. Using the Build script:
+
+ host.domain# sh ./Build install
+
+-For manual installation: install smrsh in the /usr/libexec
++For manual installation: install smrsh in the /usr/sbin
+ directory, with mode 511.
+
+- host.domain# mv smrsh /usr/libexec
+- host.domain# chmod 511 /usr/libexec/smrsh
++ host.domain# mv smrsh /usr/sbin
++ host.domain# chmod 511 /usr/sbin/smrsh
+
+
+
+@@ -86,7 +86,7 @@ perl(1), uudecode(1) or the stream edito
+ acceptable commands.
+
+ If your platform doesn't have a default SMRSH_CMDDIR setting, you will
+-next need to create the directory /usr/adm/sm.bin and populate
++next need to create the directory /etc/smrsh and populate
+ it with the programs that your site feels are allowable for sendmail
+ to execute. This directory is explicitly specified in the source
+ code for smrsh, so changing this directory must be accompanied with
+@@ -95,22 +95,22 @@ a change in smrsh.c.
+
+ You will have to be root to make these modifications.
+
+-After creating the /usr/adm/sm.bin directory, either copy the programs
++After creating the /etc/smrsh directory, either copy the programs
+ to the directory, or establish links to the allowable programs from
+-/usr/adm/sm.bin. Change the file permissions, so that these programs
++/etc/smrsh. Change the file permissions, so that these programs
+ can not be modified by non-root users. If you use links, you should
+ ensure that the target programs are not modifiable.
+
+ To allow the popular vacation(1) program by creating a link in the
+-/usr/adm/sm.bin directory, you should:
++/etc/smrsh directory, you should:
+
+- host.domain# cd /usr/adm/sm.bin
++ host.domain# cd /etc/smrsh
+ host.domain# ln -s /usr/ucb/vacation vacation
+
+
+
+
+-After populating the /usr/adm/sm.bin directory, you can now configure
++After populating the /etc/smrsh directory, you can now configure
+ sendmail to use the restricted shell. Save the current sendmail.cf
+ file prior to modifying it, as a prudent precaution.
+
+@@ -125,7 +125,7 @@ help to locate it.
+
+ In order to configure sendmail to use smrsh, you must modify the Mprog
+ definition in the sendmail.cf file, by replacing the /bin/sh specification
+-with /usr/libexec/smrsh.
++with /usr/sbin/smrsh.
+
+ As an example:
+
+@@ -133,14 +133,14 @@ In most Sun Microsystems' sendmail.cf fi
+ Mprog, P=/bin/sh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
+
+ which should be changed to:
+-Mprog, P=/usr/libexec/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
+- ^^^^^^^^^^^^^^^^^^
++Mprog, P=/usr/sbin/smrsh, F=lsDFMeuP, S=10, R=20, A=sh -c $u
++ ^^^^^^^^^^^^^^^^
+
+ A more generic line may be:
+ Mprog, P=/bin/sh, F=lsDFM, A=sh -c $u
+
+ and should be changed to;
+-Mprog, P=/usr/libexec/smrsh, F=lsDFM, A=sh -c $u
++Mprog, P=/usr/sbin/smrsh, F=lsDFM, A=sh -c $u
+
+
+ After modifying the Mprog definition in the sendmail.cf file, if a frozen
+@@ -151,7 +151,7 @@ or /etc/mail directories. The specific
+ a search of the strings(1) output of the sendmail binary.
+
+ In order to create a new frozen configuration, if it is required:
+- host.domain# /usr/lib/sendmail -bz
++ host.domain# /usr/sbin/sendmail -bz
+
+ Now re-start the sendmail process. An example of how to do this on
+ a typical system follows:
+diff -up sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths sendmail-8.14.3/smrsh/smrsh.8
+--- sendmail-8.14.3/smrsh/smrsh.8.smrsh_paths 2004-08-06 05:55:35.000000000 +0200
++++ sendmail-8.14.3/smrsh/smrsh.8 2008-07-15 14:38:07.000000000 +0200
+@@ -39,7 +39,7 @@ Briefly,
+ .I smrsh
+ limits programs to be in a single directory,
+ by default
+-/usr/adm/sm.bin,
++/etc/smrsh,
+ allowing the system administrator to choose the set of acceptable commands,
+ and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
+ It also rejects any commands with the characters
+@@ -56,10 +56,10 @@ so forwarding to ``/usr/ucb/vacation'',
+ and
+ ``vacation''
+ all actually forward to
+-``/usr/adm/sm.bin/vacation''.
++``/etc/smrsh/vacation''.
+ .PP
+ System administrators should be conservative about populating
+-the sm.bin directory.
++the /etc/smrsh directory.
+ For example, a reasonable additions is
+ .IR vacation (1),
+ and the like.
+@@ -68,7 +68,7 @@ never include any shell or shell-like pr
+ (such as
+ .IR perl (1))
+ in the
+-sm.bin
++/etc/smrsh
+ directory.
+ Note that this does not restrict the use of shell or perl scripts
+ in the sm.bin directory (using the ``#!'' syntax);
+@@ -79,20 +79,7 @@ is a very bad idea.
+ .IR procmail (1)
+ allows users to run arbitrary programs in their
+ .IR procmailrc (5).
+-.SH COMPILATION
+-Compilation should be trivial on most systems.
+-You may need to use \-DSMRSH_PATH=\e"\fIpath\fP\e"
+-to adjust the default search path
+-(defaults to ``/bin:/usr/bin:/usr/ucb'')
+-and/or \-DSMRSH_CMDDIR=\e"\fIdir\fP\e"
+-to change the default program directory
+-(defaults to ``/usr/adm/sm.bin'').
+ .SH FILES
+-/usr/adm/sm.bin \- default directory for restricted programs on most OSs
+-.PP
+-/var/adm/sm.bin \- directory for restricted programs on HP UX and Solaris
+-.PP
+-/usr/libexec/sm.bin \- directory for restricted programs on FreeBSD (>= 3.3) and DragonFly BSD
+-
++/etc/smrsh \- directory for restricted programs
+ .SH SEE ALSO
+ sendmail(8)
+diff -up sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths sendmail-8.14.3/smrsh/smrsh.c
+--- sendmail-8.14.3/smrsh/smrsh.c.smrsh_paths 2004-08-06 20:54:22.000000000 +0200
++++ sendmail-8.14.3/smrsh/smrsh.c 2008-07-15 14:38:07.000000000 +0200
+@@ -77,7 +77,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
+ # ifdef SMRSH_CMDDIR
+ # define CMDDIR SMRSH_CMDDIR
+ # else /* SMRSH_CMDDIR */
+-# define CMDDIR "/usr/adm/sm.bin"
++# define CMDDIR "/etc/smrsh"
+ # endif /* SMRSH_CMDDIR */
+ #endif /* ! CMDDIR */
+
+@@ -89,7 +89,7 @@ SM_IDSTR(id, "@(#)$Id: smrsh.c,v 8.65 20
+ # ifdef SMRSH_PATH
+ # define PATH SMRSH_PATH
+ # else /* SMRSH_PATH */
+-# define PATH "/bin:/usr/bin:/usr/ucb"
++# define PATH "/bin:/usr/bin"
+ # endif /* SMRSH_PATH */
+ #endif /* ! PATH */
+
diff --git a/SOURCES/sendmail-8.14.4-makemapman.patch b/SOURCES/sendmail-8.14.4-makemapman.patch
new file mode 100644
index 0000000..7beb0cd
--- /dev/null
+++ b/SOURCES/sendmail-8.14.4-makemapman.patch
@@ -0,0 +1,56 @@
+--- sendmail-8.14.4/cf/cf/Build 1999-03-02 03:37:12.000000000 +0100
++++ sendmail-8.14.4/cf/cf/Build.makemapman 2010-01-03 22:49:38.000000000 +0100
+@@ -18,7 +18,7 @@
+ SMROOT=${SMROOT-../..}
+ BUILDTOOLS=${BUILDTOOLS-$SMROOT/devtools}
+
+-M4=`sh $BUILDTOOLS/bin/find_m4.sh`
++M4=/usr/bin/m4
+ ret=$?
+ if [ $ret -ne 0 ]
+ then
+--- sendmail-8.14.4/devtools/OS/Linux 2009-01-22 03:15:42.000000000 +0100
++++ sendmail-8.14.4/devtools/OS/Linux.makemapman 2010-01-03 22:50:27.000000000 +0100
+@@ -6,7 +6,7 @@
+ define(`confDEPEND_TYPE', `CC-M')
+ define(`confCCOPTS_SO', `-fPIC')
+ define(`confSM_OS_HEADER', `sm_os_linux')
+-define(`confMANROOT', `/usr/man/man')
++define(`confMANROOT', `/usr/share/man/man')
+ define(`confLIBS', `-ldl')
+ define(`confEBINDIR', `/usr/sbin')
+ APPENDDEF(`confLIBSEARCH', `crypt nsl')
+@@ -16,6 +16,8 @@
+ define(`confMTLDOPTS', `-lpthread')
+ define(`confLDOPTS_SO', `-shared')
+ define(`confSONAME',`-soname')
++define('confSBINGRP', 'mail')
++define('confSBINMODE', '6755')
+
+ ifelse(confBLDVARIANT, `DEBUG',
+ dnl Debug build
+--- sendmail-8.14.4/makemap/makemap.8 2008-05-03 01:07:48.000000000 +0200
++++ sendmail-8.14.4/makemap/makemap.8.makemapman 2010-01-03 22:51:04.000000000 +0100
+@@ -52,12 +52,6 @@
+ parameter.
+ They may be
+ .TP
+-dbm
+-DBM format maps.
+-This requires the
+-ndbm(3)
+-library.
+-.TP
+ btree
+ B-Tree format maps.
+ This requires the new Berkeley DB
+--- sendmail-8.14.4/rmail/rmail.c 2001-09-18 23:45:29.000000000 +0200
++++ sendmail-8.14.4/rmail/rmail.c.makemapman 2010-01-03 22:51:36.000000000 +0100
+@@ -276,7 +276,6 @@
+ args[i++] = _PATH_SENDMAIL; /* Build sendmail's argument list. */
+ args[i++] = "-G"; /* relay submission */
+ args[i++] = "-oee"; /* No errors, just status. */
+- args[i++] = "-odq"; /* Queue it, don't try to deliver. */
+ args[i++] = "-oi"; /* Ignore '.' on a line by itself. */
+
+ /* set from system and protocol used */
diff --git a/SOURCES/sendmail-8.14.8-sasl2-in-etc.patch b/SOURCES/sendmail-8.14.8-sasl2-in-etc.patch
new file mode 100644
index 0000000..fe8f353
--- /dev/null
+++ b/SOURCES/sendmail-8.14.8-sasl2-in-etc.patch
@@ -0,0 +1,31 @@
+diff --git a/sendmail/usersmtp.c b/sendmail/usersmtp.c
+index c217ffa..e4dadd3 100644
+--- a/sendmail/usersmtp.c
++++ b/sendmail/usersmtp.c
+@@ -1331,9 +1331,7 @@ safesaslfile(context, file)
+ {
+ long sff;
+ int r;
+-#if SASL <= 10515
+ size_t len;
+-#endif /* SASL <= 10515 */
+ char *p;
+
+ if (file == NULL || *file == '\0')
+@@ -1369,9 +1367,16 @@ safesaslfile(context, file)
+ #endif /* SASL <= 10515 */
+
+ p = (char *) file;
++ len = strlen(p);
+ if ((r = safefile(p, RunAsUid, RunAsGid, RunAsUserName, sff,
+ S_IRUSR, NULL)) == 0)
+ return SASL_OK;
++#if SASL > 10515
++ /* Expect /usr/lib/sasl2/Sendmail.conf to be missing - config now in /etc/sasl2 */
++ if (type == SASL_VRFY_CONF && r == ENOENT &&
++ len >= 8 && strncmp(p, "/usr/lib", 8) == 0)
++ return SASL_CONTINUE;
++#endif /* SASL > 10515 */
+ if (LogLevel > (r != ENOENT ? 8 : 10))
+ sm_syslog(LOG_WARNING, NOQID, "error: safesasl(%s) failed: %s",
+ p, sm_errstring(r));
diff --git a/SOURCES/sendmail-8.14.9-noversion.patch b/SOURCES/sendmail-8.14.9-noversion.patch
new file mode 100644
index 0000000..f0ca667
--- /dev/null
+++ b/SOURCES/sendmail-8.14.9-noversion.patch
@@ -0,0 +1,13 @@
+--- sendmail-8.14.9/sendmail/helpfile 2014-03-06 18:31:31.000000000 +0100
++++ sendmail-8.14.9/sendmail/helpfile.noversion 2014-05-21 17:25:29.000000000 +0200
+@@ -11,9 +11,7 @@
+ cpyr forth in the LICENSE file which can be found at the top level of
+ cpyr the sendmail distribution.
+ cpyr
+-cpyr $$Id: helpfile,v 8.49 2013-11-22 20:51:55 ca Exp $$
+-cpyr
+-smtp This is sendmail version $v
++smtp This is sendmail
+ smtp Topics:
+ smtp HELO EHLO MAIL RCPT DATA
+ smtp RSET NOOP QUIT HELP VRFY
diff --git a/SOURCES/sendmail-8.14.9-pid.patch b/SOURCES/sendmail-8.14.9-pid.patch
new file mode 100644
index 0000000..6d76959
--- /dev/null
+++ b/SOURCES/sendmail-8.14.9-pid.patch
@@ -0,0 +1,20 @@
+--- sendmail-8.14.9/cf/cf/submit.mc 2014-03-06 18:31:28.000000000 +0100
++++ sendmail-8.14.9/cf/cf/submit.mc.pid 2014-05-21 17:20:14.000000000 +0200
+@@ -15,12 +15,16 @@
+ #
+
+ divert(0)dnl
+-VERSIONID(`$Id: submit.mc,v 8.15 2013-11-22 20:51:08 ca Exp $')
++sinclude(`/usr/share/sendmail-cf/m4/cf.m4')dnl
++VERSIONID(`linux setup')dnl
+ define(`confCF_VERSION', `Submit')dnl
+ define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
+ define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
+ define(`confTIME_ZONE', `USE_TZ')dnl
+ define(`confDONT_INIT_GROUPS', `True')dnl
++define(`confPID_FILE', `/run/sm-client.pid')dnl
++dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')dnl
++FEATURE(`use_ct_file')dnl
+ dnl
+ dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:0:0:0:0:0:0:0:1]
+ FEATURE(`msp', `[127.0.0.1]')dnl
diff --git a/SOURCES/sendmail-8.14.9-vacation.patch b/SOURCES/sendmail-8.14.9-vacation.patch
new file mode 100644
index 0000000..bb031e1
--- /dev/null
+++ b/SOURCES/sendmail-8.14.9-vacation.patch
@@ -0,0 +1,11 @@
+--- sendmail-8.14.9/vacation/Makefile 2014-03-06 18:31:31.000000000 +0100
++++ sendmail-8.14.9/vacation/Makefile.vacation 2014-05-21 17:22:47.000000000 +0200
+@@ -1,7 +1,7 @@
+ # $Id: Makefile,v 8.5 1999-09-23 22:36:45 ca Exp $
+
+ SHELL= /bin/sh
+-BUILD= ./Build
++BUILD= ./Build -f ../redhat.config.m4
+ OPTIONS= $(CONFIG) $(FLAGS)
+
+ all: FRC
diff --git a/SOURCES/sendmail-8.15.1-aliases_dir.patch b/SOURCES/sendmail-8.15.1-aliases_dir.patch
new file mode 100644
index 0000000..808e298
--- /dev/null
+++ b/SOURCES/sendmail-8.15.1-aliases_dir.patch
@@ -0,0 +1,126 @@
+diff --git a/cf/m4/cfhead.m4 b/cf/m4/cfhead.m4
+index 714a3ec..3fd6c1c 100644
+--- a/cf/m4/cfhead.m4
++++ b/cf/m4/cfhead.m4
+@@ -260,7 +260,7 @@ ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')')
+ define(`DATABASE_MAP_TYPE', `hash')
+
+ # set up default values for options
+-define(`ALIAS_FILE', `MAIL_SETTINGS_DIR`'aliases')
++define(`ALIAS_FILE', `/etc/aliases')
+ define(`confMAILER_NAME', ``MAILER-DAEMON'')
+ define(`confFROM_LINE', `From $g $d')
+ define(`confOPERATORS', `.:%@!^/[]+')
+diff --git a/sendmail/aliases.0 b/sendmail/aliases.0
+index cfdbe17..5ea4c28 100644
+--- a/sendmail/aliases.0
++++ b/sendmail/aliases.0
+@@ -63,7 +63,7 @@ D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
+ the list of users defined in that file.
+
+ This is only the raw data file; the actual aliasing information is
+- placed into a binary format in the file /etc/mail/aliases.db using the
++ placed into a binary format in the file /etc/aliases.db using the
+ program newaliases(1). A newaliases command should be executed each
+ time the aliases file is changed for the change to take effect.
+
+diff --git a/sendmail/aliases.5 b/sendmail/aliases.5
+index f09b49c..7b16db2 100644
+--- a/sendmail/aliases.5
++++ b/sendmail/aliases.5
+@@ -23,7 +23,7 @@ ID
+ aliases used by
+ sendmail.
+ The file resides in
+-/etc/mail
++/etc
+ and
+ is formatted as a series of lines of the form
+ .IP
+@@ -96,7 +96,7 @@ list of users defined in that file.
+ .PP
+ This is only the raw data file; the actual aliasing information is
+ placed into a binary format in the file
+-/etc/mail/aliases.db
++/etc/aliases.db
+ using the program
+ newaliases(1).
+ A
+diff --git a/sendmail/newaliases.0 b/sendmail/newaliases.0
+index c77f401..e2a1670 100644
+--- a/sendmail/newaliases.0
++++ b/sendmail/newaliases.0
+@@ -10,7 +10,7 @@ S�SY�YN�NO�OP�PS�SI�IS�S
+
+ D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
+ N�Ne�ew�wa�al�li�ia�as�se�es�s rebuilds the random access data base for the mail aliases
+- file /etc/mail/aliases. It must be run each time this file is changed
++ file /etc/aliases. It must be run each time this file is changed
+ in order for the change to take effect.
+
+ N�Ne�ew�wa�al�li�ia�as�se�es�s is identical to ``sendmail -bi''.
+@@ -22,7 +22,7 @@ D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
+ s�se�en�nd�dm�ma�ai�il�l.�.
+
+ F�FI�IL�LE�ES�S
+- /etc/mail/aliases The mail aliases file
++ /etc/aliases The mail aliases file
+
+ S�SE�EE�E A�AL�LS�SO�O
+ aliases(5), sendmail(8)
+diff --git a/sendmail/newaliases.1 b/sendmail/newaliases.1
+index 59dc0de..9ba8752 100644
+--- a/sendmail/newaliases.1
++++ b/sendmail/newaliases.1
+@@ -20,7 +20,7 @@ newaliases
+ .SH DESCRIPTION
+ .B Newaliases
+ rebuilds the random access data base for the mail aliases file
+-/etc/mail/aliases. It must be run each time this file is changed
++/etc/aliases. It must be run each time this file is changed
+ in order for the change to take effect.
+ .PP
+ .B Newaliases
+@@ -40,7 +40,7 @@ puts a special token into the data base that is required by
+ .B sendmail.
+ .SH FILES
+ .TP 2i
+-/etc/mail/aliases
++/etc/aliases
+ The mail aliases file
+ .SH SEE ALSO
+ aliases(5), sendmail(8)
+diff --git a/sendmail/sendmail.0 b/sendmail/sendmail.0
+index 515d5f7..8236411 100644
+--- a/sendmail/sendmail.0
++++ b/sendmail/sendmail.0
+@@ -434,10 +434,10 @@ F�FI�IL�LE�ES�S
+ are only approximations.
+
+
+- /etc/mail/aliases
++ /etc/aliases
+ raw data for alias names
+
+- /etc/mail/aliases.db
++ /etc/aliases.db
+ data base of alias names
+
+ /etc/mail/sendmail.cf
+diff --git a/sendmail/sendmail.8 b/sendmail/sendmail.8
+index 0356839..1258c26 100644
+--- a/sendmail/sendmail.8
++++ b/sendmail/sendmail.8
+@@ -711,10 +711,10 @@ Thus,
+ these values are only approximations.
+ .PP
+ .TP
+- /etc/mail/aliases
++ /etc/aliases
+ raw data for alias names
+ .TP
+- /etc/mail/aliases.db
++ /etc/aliases.db
+ data base of alias names
+ .TP
+ /etc/mail/sendmail.cf
diff --git a/SOURCES/sendmail-8.15.1-dynamic.patch b/SOURCES/sendmail-8.15.1-dynamic.patch
new file mode 100644
index 0000000..bf6ceed
--- /dev/null
+++ b/SOURCES/sendmail-8.15.1-dynamic.patch
@@ -0,0 +1,46 @@
+--- sendmail-8.14.4/devtools/OS/Linux 2010-01-03 22:55:35.000000000 +0100
++++ sendmail-8.14.4/devtools/OS/Linux.dynamic 2010-01-03 22:59:03.000000000 +0100
+@@ -7,7 +7,7 @@
+ define(`confCCOPTS_SO', `-fPIC')
+ define(`confSM_OS_HEADER', `sm_os_linux')
+ define(`confMANROOT', `/usr/share/man/man')
+-define(`confLIBS', `-ldl')
++define(`confLIBS', `-pie -ldl')
+ define(`confEBINDIR', `/usr/sbin')
+ APPENDDEF(`confLIBSEARCH', `crypt nsl')
+
+@@ -22,19 +22,19 @@
+ ifelse(confBLDVARIANT, `DEBUG',
+ dnl Debug build
+ `
+- define(`confOPTIMIZE',`-g -Wall')
++ define(`confOPTIMIZE',`-g -Wall -fpie')
+ ',
+ dnl Optimized build
+ confBLDVARIANT, `OPTIMIZED',
+ `
+- define(`confOPTIMIZE',`-O2')
++ define(`confOPTIMIZE',`-O2 -fpie')
+ ',
+ dnl Purify build
+ confBLDVARIANT, `PURIFY',
+ `
+- define(`confOPTIMIZE',`-g')
++ define(`confOPTIMIZE',`-g -fpie')
+ ',
+ dnl default
+ `
+- define(`confOPTIMIZE',`-O2')
++ define(`confOPTIMIZE',`-O2 -fpie')
+ ')
+--- sendmail-8.14.4/libsm/Makefile.m4 2006-08-16 23:06:31.000000000 +0200
++++ sendmail-8.14.4/libsm/Makefile.m4.dynamic 2010-01-03 23:01:36.000000000 +0100
+@@ -6,7 +6,7 @@
+ define(`confREQUIRE_SM_OS_H', `true')
+ PREPENDDEF(`confENVDEF', `confMAPDEF')
+ bldPRODUCT_START(`library', `libsm')
+-define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strerror.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c ')
++define(`bldSOURCES', ` assert.c debug.c errstring.c exc.c heap.c match.c rpool.c strdup.c strl.c clrerr.c fclose.c feof.c ferror.c fflush.c fget.c fpos.c findfp.c flags.c fopen.c fprintf.c fpurge.c fput.c fread.c fscanf.c fseek.c fvwrite.c fwalk.c fwrite.c get.c makebuf.c put.c refill.c rewind.c setvbuf.c smstdio.c snprintf.c sscanf.c stdio.c strio.c ungetc.c vasprintf.c vfprintf.c vfscanf.c vprintf.c vsnprintf.c wbuf.c wsetup.c string.c stringf.c xtrap.c strto.c test.c strcasecmp.c strrevcmp.c signal.c clock.c config.c shm.c sem.c mbdb.c strexit.c cf.c ldap.c niprop.c mpeix.c memstat.c util.c inet6_ntop.c ')
+ bldPRODUCT_END
+ dnl msg.c
+ dnl syslogio.c
diff --git a/SOURCES/sendmail-8.15.1-manpage.patch b/SOURCES/sendmail-8.15.1-manpage.patch
new file mode 100644
index 0000000..4cf5fff
--- /dev/null
+++ b/SOURCES/sendmail-8.15.1-manpage.patch
@@ -0,0 +1,18 @@
+diff --git a/sendmail/sendmail.8 b/sendmail/sendmail.8
+index 9e0b9af..0356839 100644
+--- a/sendmail/sendmail.8
++++ b/sendmail/sendmail.8
+@@ -729,13 +729,11 @@ collected statistics
+ /var/spool/mqueue/*
+ temp files
+ .SH SEE ALSO
+-binmail(1),
+ mail(1),
+ rmail(1),
+ syslog(3),
+ aliases(5),
+ mailaddr(7),
+-rc(8)
+ .PP
+ DARPA
+ Internet Request For Comments
diff --git a/SOURCES/sendmail-8.15.2-format-security.patch b/SOURCES/sendmail-8.15.2-format-security.patch
new file mode 100644
index 0000000..5acd75a
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-format-security.patch
@@ -0,0 +1,127 @@
+diff --git a/sendmail/envelope.c b/sendmail/envelope.c
+index bae6b00..beb91a1 100644
+--- a/sendmail/envelope.c
++++ b/sendmail/envelope.c
+@@ -323,7 +323,7 @@ dropenvelope(e, fulldrop, split)
+
+ /* don't free, allocated from e_rpool */
+ e->e_message = sm_rpool_strdup_x(e->e_rpool, buf);
+- message(buf);
++ message("%s", buf);
+ e->e_flags |= EF_CLRQUEUE;
+ }
+ if (msg_timeout == MSG_NOT_BY)
+@@ -420,7 +420,7 @@ dropenvelope(e, fulldrop, split)
+ /* don't free, allocated from e_rpool */
+ e->e_message = sm_rpool_strdup_x(e->e_rpool,
+ buf);
+- message(buf);
++ message("%s", buf);
+ e->e_flags |= EF_WARNING;
+ }
+ if (msg_timeout == MSG_WARN_BY)
+diff --git a/sendmail/parseaddr.c b/sendmail/parseaddr.c
+index 2adb39c..ba99414 100644
+--- a/sendmail/parseaddr.c
++++ b/sendmail/parseaddr.c
+@@ -218,7 +218,7 @@ parseaddr(addr, a, flags, delim, delimptr, e, isrcpt)
+ msg = "Deferring message until queue run";
+ if (tTd(20, 1))
+ sm_dprintf("parseaddr: queueing message\n");
+- message(msg);
++ message("%s", msg);
+ if (e->e_message == NULL && e->e_sendmode != SM_DEFER)
+ e->e_message = sm_rpool_strdup_x(e->e_rpool, msg);
+ a->q_state = QS_QUEUEUP;
+diff --git a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
+index ba636a8..46c5356 100644
+--- a/sendmail/srvrsmtp.c
++++ b/sendmail/srvrsmtp.c
+@@ -122,6 +122,26 @@ extern ENVELOPE BlankEnvelope;
+ #define SKIP_SPACE(s) while (isascii(*s) && isspace(*s)) \
+ (s)++
+
++static inline void
++message1(fmt)
++ char *fmt;
++{
++ if (strchr(fmt, '%') == NULL)
++ message(fmt, NULL);
++ else
++ message("%s", fmt);
++}
++
++static inline void
++usrerr1(fmt)
++ char *fmt;
++{
++ if (strchr(fmt, '%') == NULL)
++ usrerr(fmt, NULL);
++ else
++ usrerr("%s", fmt);
++}
++
+ /*
+ ** PARSE_ESMTP_ARGS -- parse EMSTP arguments (for MAIL, RCPT)
+ **
+@@ -578,13 +598,13 @@ static bool smtp_data __P((SMTP_T *, ENVELOPE *));
+ bool tsave = QuickAbort; \
+ \
+ QuickAbort = false; \
+- usrerr(response); \
++ usrerr1(response); \
+ QuickAbort = tsave; \
+ e->e_sendqueue = NULL; \
+ goto doquit; \
+ } \
+ else \
+- usrerr(response); \
++ usrerr1(response); \
+ break; \
+ \
+ case SMFIR_REJECT: \
+@@ -931,7 +951,7 @@ smtp(nullserver, d_flags, e)
+ }
+ else if (strncmp(nullserver, "421 ", 4) == 0)
+ {
+- message(nullserver);
++ message1(nullserver);
+ goto doquit;
+ }
+
+@@ -1849,7 +1869,7 @@ smtp(nullserver, d_flags, e)
+ if (nullserver != NULL)
+ {
+ if (ISSMTPREPLY(nullserver))
+- usrerr(nullserver);
++ usrerr1(nullserver);
+ else
+ usrerr("550 5.0.0 %s",
+ nullserver);
+@@ -2449,7 +2469,7 @@ smtp(nullserver, d_flags, e)
+ tempfail = true;
+ smtp.sm_milterize = false;
+ if (response != NULL)
+- usrerr(response);
++ usrerr1(response);
+ else
+ message("421 4.7.0 %s closing connection",
+ MyHostName);
+@@ -3656,7 +3676,7 @@ smtp_data(smtp, e)
+ (void) extenhsc(response + 4, ' ', e->e_enhsc);
+ #endif /* _FFR_MILTER_ENHSC */
+
+- usrerr(response);
++ usrerr1(response);
+ if (strncmp(response, "421 ", 4) == 0
+ || strncmp(response, "421-", 4) == 0)
+ {
+@@ -3776,7 +3796,7 @@ smtp_data(smtp, e)
+ if (ISSMTPCODE(response))
+ (void) extenhsc(response + 4, ' ', e->e_enhsc);
+ #endif /* _FFR_MILTER_ENHSC */
+- usrerr(response);
++ usrerr1(response);
+ if (strncmp(response, "421 ", 4) == 0
+ || strncmp(response, "421-", 4) == 0)
+ rv = false;
diff --git a/SOURCES/sendmail-8.15.2-libmilter-socket-activation.patch b/SOURCES/sendmail-8.15.2-libmilter-socket-activation.patch
new file mode 100644
index 0000000..e8251bc
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-libmilter-socket-activation.patch
@@ -0,0 +1,80 @@
+Description: systemd-like socket activation support for libmilter
+Author: Mikhail Gusarov <dottedmag@debian.org
+diff --git a/libmilter/docs/smfi_setconn.html b/libmilter/docs/smfi_setconn.html
+index eba7c5b..5b272a0 100644
+--- a/libmilter/docs/smfi_setconn.html
++++ b/libmilter/docs/smfi_setconn.html
+@@ -43,6 +43,7 @@ Set the socket through which this filter should communicate with sendmail.
+ <LI><CODE>{unix|local}:/path/to/file</CODE> -- A named pipe.
+ <LI><CODE>inet:port@{hostname|ip-address}</CODE> -- An IPV4 socket.
+ <LI><CODE>inet6:port@{hostname|ip-address}</CODE> -- An IPV6 socket.
++ <LI><CODE>fd:number</CODE> -- Pre-opened file descriptor.
+ </UL>
+ </TD></TR>
+ </TABLE>
+diff --git a/libmilter/listener.c b/libmilter/listener.c
+index 11d92bb..2ab533d 100644
+--- a/libmilter/listener.c
++++ b/libmilter/listener.c
+@@ -197,6 +197,11 @@ mi_milteropen(conn, backlog, rmsocket, name)
+ L_socksize = sizeof addr.sin6;
+ }
+ #endif /* NETINET6 */
++ else if (strcasecmp(p, "fd") == 0)
++ {
++ addr.sa.sa_family = AF_UNSPEC;
++ L_socksize = sizeof (_SOCK_ADDR);
++ }
+ else
+ {
+ smi_log(SMI_LOG_ERR, "%s: unknown socket type %s",
+@@ -443,7 +448,21 @@ mi_milteropen(conn, backlog, rmsocket, name)
+ }
+ #endif /* NETINET || NETINET6 */
+
+- sock = socket(addr.sa.sa_family, SOCK_STREAM, 0);
++ if (addr.sa.sa_family == AF_UNSPEC)
++ {
++ char *end;
++ sock = strtol(colon, &end, 10);
++ if (*end != '\0' || sock < 0)
++ {
++ smi_log(SMI_LOG_ERR, "%s: expected positive integer as fd, got %s", name, colon);
++ return INVALID_SOCKET;
++ }
++ }
++ else
++ {
++ sock = socket(addr.sa.sa_family, SOCK_STREAM, 0);
++ }
++
+ if (!ValidSocket(sock))
+ {
+ smi_log(SMI_LOG_ERR,
+@@ -466,6 +485,7 @@ mi_milteropen(conn, backlog, rmsocket, name)
+ #if NETUNIX
+ addr.sa.sa_family != AF_UNIX &&
+ #endif /* NETUNIX */
++ addr.sa.sa_family != AF_UNSPEC &&
+ setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &sockopt,
+ sizeof(sockopt)) == -1)
+ {
+@@ -511,7 +531,8 @@ mi_milteropen(conn, backlog, rmsocket, name)
+ }
+ #endif /* NETUNIX */
+
+- if (bind(sock, &addr.sa, L_socksize) < 0)
++ if (addr.sa.sa_family != AF_UNSPEC &&
++ bind(sock, &addr.sa, L_socksize) < 0)
+ {
+ smi_log(SMI_LOG_ERR,
+ "%s: Unable to bind to port %s: %s",
+@@ -818,7 +839,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
+ # ifdef BSD4_4_SOCKADDR
+ cliaddr.sa.sa_len == 0 ||
+ # endif /* BSD4_4_SOCKADDR */
+- cliaddr.sa.sa_family != L_family))
++ (L_family != AF_UNSPEC && cliaddr.sa.sa_family != L_family)))
+ {
+ (void) closesocket(connfd);
+ connfd = INVALID_SOCKET;
diff --git a/SOURCES/sendmail-8.15.2-localdomain.patch b/SOURCES/sendmail-8.15.2-localdomain.patch
new file mode 100644
index 0000000..36ec981
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-localdomain.patch
@@ -0,0 +1,13 @@
+diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4
+index 696bf36..5a5963b 100644
+--- a/cf/m4/proto.m4
++++ b/cf/m4/proto.m4
+@@ -1898,6 +1898,8 @@ R<@> < $* @ [IPv6:::1] >
+ $: < ? $&{client_name} > < $1 @ [IPv6:::1] >
+ R<@> < $* @ localhost.$m >
+ $: < ? $&{client_name} > < $1 @ localhost.$m >
++R<@> < $* @ localhost.localdomain >
++ $: < ? $&{client_name} > < $1 @ localhost.localdomain >
+ ifdef(`_NO_UUCP_', `dnl',
+ `R<@> < $* @ localhost.UUCP >
+ $: < ? $&{client_name} > < $1 @ localhost.UUCP >')
diff --git a/SOURCES/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch b/SOURCES/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
new file mode 100644
index 0000000..b470358
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
@@ -0,0 +1,20 @@
+diff --git a/sendmail/tls.c b/sendmail/tls.c
+index 16cb93f..9338380 100644
+--- a/sendmail/tls.c
++++ b/sendmail/tls.c
+@@ -1329,13 +1329,8 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
+ }
+
+ #if _FFR_TLS_EC
+- ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+- if (ecdh != NULL)
+- {
+- SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
+- SSL_CTX_set_tmp_ecdh(*ctx, ecdh);
+- EC_KEY_free(ecdh);
+- }
++ SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
++ SSL_CTX_set_ecdh_auto(*ctx, 1);
+ #endif /* _FFR_TLS_EC */
+
+ }
diff --git a/SOURCES/sendmail-8.15.2-openssl-1.1.0-fix.patch b/SOURCES/sendmail-8.15.2-openssl-1.1.0-fix.patch
new file mode 100644
index 0000000..54a6754
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-openssl-1.1.0-fix.patch
@@ -0,0 +1,182 @@
+--- sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 15:20:59.953546417 +0100
++++ sendmail-8.15.2.orig/sendmail/tls.c 2016-12-01 17:26:43.868521378 +0100
+@@ -63,14 +63,28 @@ static unsigned char dh512_g[] =
+ static DH *
+ get_dh512()
+ {
+- DH *dh = NULL;
++ DH *dh;
++ BIGNUM *p, *g;
+
+ if ((dh = DH_new()) == NULL)
+ return NULL;
+- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
++ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
++ if (p == NULL || g == NULL)
++ {
++ BN_free(p);
++ BN_free(g);
++ DH_free(dh);
+ return NULL;
++ }
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L
++ DH_set0_pqg(dh, p, NULL, g);
++#else
++ dh->p = p;
++ dh->g = g;
++#endif
++
+ return dh;
+ }
+
+@@ -117,16 +131,27 @@ get_dh2048()
+ };
+ static unsigned char dh2048_g[]={ 0x02, };
+ DH *dh;
++ BIGNUM *p, *g;
+
+ if ((dh=DH_new()) == NULL)
+ return(NULL);
+- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
+- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
+- if ((dh->p == NULL) || (dh->g == NULL))
++ p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
++ g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
++ if (p == NULL || g == NULL)
+ {
++ BN_free(p);
++ BN_free(g);
+ DH_free(dh);
+- return(NULL);
++ return NULL;
+ }
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L
++ DH_set0_pqg(dh, p, NULL, g);
++#else
++ dh->p = p;
++ dh->g = g;
++#endif
++
+ return(dh);
+ }
+ # endif /* !NO_DH */
+@@ -715,6 +740,54 @@ static char server_session_id_context[]
+ # define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 0
+ #endif
+
++static RSA *
++generate_rsa_key(bits, e)
++ int bits;
++ unsigned long e;
++{
++#if OPENSSL_VERSION_NUMBER < 0x00908000L
++ return RSA_generate_key(bits, e, NULL, NULL);
++#else
++ BIGNUM *bne;
++ RSA *rsa = NULL;
++
++ bne = BN_new();
++ if (bne && BN_set_word(bne, e) != 1)
++ rsa = RSA_new();
++ if (rsa && RSA_generate_key_ex(rsa, bits, bne, NULL) != 1)
++ {
++ RSA_free(rsa);
++ rsa = NULL;
++ }
++ BN_free(bne);
++ return rsa;
++#endif
++}
++
++static DSA *
++generate_dsa_parameters(bits, seed, seed_len, counter_ret, h_ret)
++ int bits;
++ unsigned char *seed;
++ int seed_len;
++ int *counter_ret;
++ unsigned long *h_ret;
++{
++#if OPENSSL_VERSION_NUMBER < 0x00908000L
++ return DSA_generate_parameters(bits, seed, seed_len, counter_ret,
++ h_ret, NULL, NULL);
++#else
++ DSA *dsa = DSA_new();
++
++ if (dsa && DSA_generate_parameters_ex(dsa, bits, seed, seed_len,
++ counter_ret, h_ret, NULL) != 1)
++ {
++ DSA_free(dsa);
++ dsa = NULL;
++ }
++ return dsa;
++#endif
++}
++
+ bool
+ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
+ SSL_CTX **ctx;
+@@ -926,7 +999,7 @@ inittls(ctx, req, options, srv, certfile
+ {
+ /* get a pointer to the current certificate validation store */
+ store = SSL_CTX_get_cert_store(*ctx); /* does not fail */
+- crl_file = BIO_new(BIO_s_file_internal());
++ crl_file = BIO_new(BIO_s_file());
+ if (crl_file != NULL)
+ {
+ if (BIO_read_filename(crl_file, CRLFile) >= 0)
+@@ -1003,8 +1076,7 @@ inittls(ctx, req, options, srv, certfile
+ if (bitset(TLS_I_RSA_TMP, req)
+ # if SM_CONF_SHM
+ && ShmId != SM_SHM_NO_ID &&
+- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL,
+- NULL)) == NULL
++ (rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4)) == NULL
+ # else /* SM_CONF_SHM */
+ && 0 /* no shared memory: no need to generate key now */
+ # endif /* SM_CONF_SHM */
+@@ -1210,8 +1282,8 @@ inittls(ctx, req, options, srv, certfile
+ sm_dprintf("inittls: Generating %d bit DH parameters\n", bits);
+
+ /* this takes a while! */
+- dsa = DSA_generate_parameters(bits, NULL, 0, NULL,
+- NULL, 0, NULL);
++ dsa = generate_dsa_parameters(bits, NULL, 0, NULL,
++ NULL);
+ dh = DSA_dup_DH(dsa);
+ DSA_free(dsa);
+ }
+@@ -1747,7 +1819,7 @@ tmp_rsa_key(s, export, keylength)
+
+ if (rsa_tmp != NULL)
+ RSA_free(rsa_tmp);
+- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL);
++ rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4);
+ if (rsa_tmp == NULL)
+ {
+ if (LogLevel > 0)
+@@ -1974,11 +2046,20 @@ x509_verify_cb(ok, ctx)
+ {
+ if (LogLevel > 13)
+ tls_verify_log(ok, ctx, "x509");
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L
++ if (X509_STORE_CTX_get_error(ctx) ==
++ X509_V_ERR_UNABLE_TO_GET_CRL)
++ {
++ X509_STORE_CTX_set_error(ctx, 0);
++ return 1; /* override it */
++ }
++#else
+ if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL)
+ {
+ ctx->error = 0;
+ return 1; /* override it */
+ }
++#endif
+ }
+ return ok;
+ }
diff --git a/SOURCES/sendmail-8.15.2-qos.patch b/SOURCES/sendmail-8.15.2-qos.patch
new file mode 100644
index 0000000..c0b8b6a
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-qos.patch
@@ -0,0 +1,246 @@
+diff --git a/cf/cf/submit.mc b/cf/cf/submit.mc
+index b9dfb16..cb325cc 100644
+--- a/cf/cf/submit.mc
++++ b/cf/cf/submit.mc
+@@ -22,6 +22,8 @@ define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
+ define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
+ define(`confTIME_ZONE', `USE_TZ')dnl
+ define(`confDONT_INIT_GROUPS', `True')dnl
++dnl # If you're operating in a DSCP/RFC-4594 environment with QoS
++dnl define(`confINET_QOS', `AF11')dnl
+ define(`confPID_FILE', `/run/sm-client.pid')dnl
+ dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')dnl
+ FEATURE(`use_ct_file')dnl
+diff --git a/cf/m4/proto.m4 b/cf/m4/proto.m4
+index 5a5963b..0df3416 100644
+--- a/cf/m4/proto.m4
++++ b/cf/m4/proto.m4
+@@ -251,6 +251,9 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False')
+ # 8-bit data handling
+ _OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `pass8')
+
++# DSCP marking of traffic (IP_TOS)
++_OPTION(InetQoS, `confINET_QOS', `none')
++
+ # wait for alias file rebuild (default units: minutes)
+ _OPTION(AliasWait, `confALIAS_WAIT', `5m')
+
+diff --git a/sendmail/conf.c b/sendmail/conf.c
+index cbb9c76..1b55533 100644
+--- a/sendmail/conf.c
++++ b/sendmail/conf.c
+@@ -6430,6 +6430,10 @@ char *FFRCompileOptions[] =
+ #if _FFR_QF_PARANOIA
+ "_FFR_QF_PARANOIA",
+ #endif
++#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
++ /* QoS */
++ "_FFR_QOS",
++#endif /* _FFR_QOS && defined(SOL_IP) && defined(IP_TOS) */
+ #if _FFR_QUEUE_GROUP_SORTORDER
+ /* Allow QueueSortOrder per queue group. */
+ /* XXX: Still need to actually use qgrp->qg_sortorder */
+diff --git a/sendmail/daemon.c b/sendmail/daemon.c
+index 4288365..86fe319 100644
+--- a/sendmail/daemon.c
++++ b/sendmail/daemon.c
+@@ -104,6 +104,10 @@ static int NDaemons = 0; /* actual number of daemons */
+
+ static time_t NextDiskSpaceCheck = 0;
+
++#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
++int InetQoS = 0; /* none by default */
++#endif /* _FFR_QOS && defined(SOL_IP) && defined(IP_TOS) */
++
+ /*
+ ** GETREQUESTS -- open mail IPC port and get requests.
+ **
+@@ -1139,6 +1143,16 @@ opendaemonsocket(d, firsttime)
+ (void) setsockopt(d->d_socket, SOL_SOCKET,
+ SO_KEEPALIVE, (char *)&on, sizeof(on));
+
++#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
++ if (InetQoS != 0x00
++ && (d->d_addr.sa.sa_family == AF_INET
++ || (d->d_addr.sin6.sin6_family == AF_INET6 && IN6_IS_ADDR_V4MAPPED(d->d_addr.sin6.sin6_addr.s6_addr32)))) {
++ if (setsockopt(d->d_socket, SOL_IP,
++ IP_TOS, (char *)&InetQoS, sizeof(InetQoS)) < 0)
++ syserr("opendaemonsock: daemon %s: setsockopt(IP_TOS)", d->d_name);
++ }
++#endif /* _FFR_QOS && defined(SOL_IP) && defined(IP_TOS) */
++
+ #ifdef SO_RCVBUF
+ if (d->d_tcprcvbufsize > 0)
+ {
+@@ -2571,6 +2585,16 @@ gothostent:
+ return EX_TEMPFAIL;
+ }
+
++#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
++ if (InetQoS != 0x00
++ && (family == AF_INET
++ || (family == AF_INET6 && IN6_IS_ADDR_V4MAPPED(addr.sin6.sin6_addr.s6_addr32))))
++ {
++ if (setsockopt(s, SOL_IP, IP_TOS,
++ (char *)&InetQoS, sizeof(InetQoS)) < 0)
++ syserr("makeconnection: setsockopt(IP_TOS)");
++ }
++#endif /* _FFR_QOS && defined(SOL_IP) && defined(IP_TOS) */
+ #ifdef SO_SNDBUF
+ if (ClientSettings[family].d_tcpsndbufsize > 0)
+ {
+diff --git a/sendmail/readcf.c b/sendmail/readcf.c
+index 2b0fbf7..86892f5 100644
+--- a/sendmail/readcf.c
++++ b/sendmail/readcf.c
+@@ -18,6 +18,7 @@ SM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $")
+
+ #if NETINET || NETINET6
+ # include <arpa/inet.h>
++# include <netinet/ip.h>
+ #endif /* NETINET || NETINET6 */
+
+
+@@ -2888,8 +2889,8 @@ static struct optioninfo
+ # define O_RCPTTHROTDELAY 0xe6
+ { "BadRcptThrottleDelay", O_RCPTTHROTDELAY, OI_SAFE },
+ #endif /* _FFR_RCPTTHROTDELAY */
+-#if 0 && _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
+-# define O_INETQOS 0xe7 /* reserved for FFR_QOS */
++#if _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
++# define O_INETQOS 0xe7
+ { "InetQoS", O_INETQOS, OI_NONE },
+ #endif
+ #if STARTTLS && _FFR_FIPSMODE
+@@ -2914,6 +2915,77 @@ static struct optioninfo
+ { NULL, '\0', OI_NONE }
+ };
+
++#ifdef O_INETQOS
++static struct qosmap
++{
++ char *name; /* name of the setting */
++ int value; /* corresponding setsockopt() value */
++} QoSMap[] = {
++#ifdef IPTOS_CLASS_CS0
++ { "CS0", IPTOS_CLASS_CS0 },
++#endif
++#ifdef IPTOS_CLASS_CS1
++ { "CS1", IPTOS_CLASS_CS1 },
++#endif
++#ifdef IPTOS_DSCP_AF11
++ { "AF11", IPTOS_DSCP_AF11 },
++#endif
++#ifdef IPTOS_DSCP_AF12
++ { "AF12", IPTOS_DSCP_AF12 },
++#endif
++#ifdef IPTOS_DSCP_AF13
++ { "AF13", IPTOS_DSCP_AF13 },
++#endif
++#ifdef IPTOS_CLASS_CS2
++ { "CS2", IPTOS_CLASS_CS2 },
++#endif
++#ifdef IPTOS_DSCP_AF21
++ { "AF21", IPTOS_DSCP_AF21 },
++#endif
++#ifdef IPTOS_DSCP_AF22
++ { "AF22", IPTOS_DSCP_AF22 },
++#endif
++#ifdef IPTOS_DSCP_AF23
++ { "AF23", IPTOS_DSCP_AF23 },
++#endif
++#ifdef IPTOS_CLASS_CS3
++ { "CS3", IPTOS_CLASS_CS3 },
++#endif
++#ifdef IPTOS_DSCP_AF31
++ { "AF31", IPTOS_DSCP_AF31 },
++#endif
++#ifdef IPTOS_DSCP_AF32
++ { "AF32", IPTOS_DSCP_AF32 },
++#endif
++#ifdef IPTOS_DSCP_AF33
++ { "AF33", IPTOS_DSCP_AF33 },
++#endif
++#ifdef IPTOS_CLASS_CS4
++ { "CS4", IPTOS_CLASS_CS4 },
++#endif
++#ifdef IPTOS_DSCP_AF41
++ { "AF41", IPTOS_DSCP_AF41 },
++#endif
++#ifdef IPTOS_DSCP_AF42
++ { "AF42", IPTOS_DSCP_AF42 },
++#endif
++#ifdef IPTOS_DSCP_AF43
++ { "AF43", IPTOS_DSCP_AF43 },
++#endif
++#ifdef IPTOS_CLASS_CS5
++ { "CS5", IPTOS_CLASS_CS5 },
++#endif
++#ifdef IPTOS_CLASS_CS6
++ { "CS6", IPTOS_CLASS_CS6 },
++#endif
++#ifdef IPTOS_CLASS_CS7
++ { "CS7", IPTOS_CLASS_CS7 },
++#endif
++ { "none", 0x00 },
++ { NULL, 0 }
++};
++#endif
++
+ # define CANONIFY(val)
+
+ # define SET_OPT_DEFAULT(opt, val) opt = val
+@@ -4540,6 +4612,33 @@ setoption(opt, val, safe, sticky, e)
+ UseCompressedIPv6Addresses = atobool(val);
+ break;
+
++#ifdef O_INETQOS
++ case O_INETQOS:
++ {
++ struct qosmap *qmp;
++ InetQoS = -1;
++
++ for (qmp = QoSMap; qmp->name != NULL; ++qmp) {
++ if (!strcmp(val, qmp->name)) {
++ InetQoS = qmp->value;
++ break;
++ }
++ }
++
++ /*
++ ** we could allow writing it as a hex value, but
++ ** we don't at this time.
++ **/
++ if (qmp->name == NULL) {
++ (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
++ "Warning: Option: %s unknown parameter '%s'\n",
++ OPTNAME, val);
++ break;
++ }
++ break;
++ }
++#endif
++
+ default:
+ if (tTd(37, 1))
+ {
+diff --git a/sendmail/sendmail.h b/sendmail/sendmail.h
+index b2d0211..3bcc2e2 100644
+--- a/sendmail/sendmail.h
++++ b/sendmail/sendmail.h
+@@ -2537,7 +2537,14 @@ EXTERN struct termescape TermEscape; /* terminal escape codes */
+ EXTERN SOCKADDR ConnectOnlyTo; /* override connection address (for testing) */
+ EXTERN SOCKADDR RealHostAddr; /* address of host we are talking to */
+ extern const SM_EXC_TYPE_T EtypeQuickAbort; /* type of a QuickAbort exception */
+-
++#if _FFR_QOS
++# if !defined(SOL_IP) && defined(IPPROTO_IP)
++# define SOL_IP IPPROTO_IP
++# endif
++# if defined(SOL_IP) && defined(IP_TOS)
++EXTERN int InetQoS; /* QoS mapping */
++# endif
++#endif
+
+ EXTERN int ConnectionRateWindowSize;
+ #if STARTTLS && USE_OPENSSL_ENGINE
diff --git a/SOURCES/sendmail-8.15.2-smtp-session-reuse-fix.patch b/SOURCES/sendmail-8.15.2-smtp-session-reuse-fix.patch
new file mode 100644
index 0000000..bc14841
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-smtp-session-reuse-fix.patch
@@ -0,0 +1,249 @@
+diff -ru a/sendmail/deliver.c b/sendmail/deliver.c
+--- a/sendmail/deliver.c 2016-02-29 06:01:55.000000000 -0800
++++ b/sendmail/deliver.c 2016-02-29 06:02:06.000000000 -0800
+@@ -6274,8 +6274,7 @@
+ tlslogerr(LOG_WARNING, "client");
+ }
+
+- SSL_free(clt_ssl);
+- clt_ssl = NULL;
++ SM_SSL_FREE(clt_ssl);
+ return EX_SOFTWARE;
+ }
+ mci->mci_ssl = clt_ssl;
+@@ -6287,8 +6286,7 @@
+ return EX_OK;
+
+ /* failure */
+- SSL_free(clt_ssl);
+- clt_ssl = NULL;
++ SM_SSL_FREE(clt_ssl);
+ return EX_SOFTWARE;
+ }
+ /*
+@@ -6309,7 +6307,7 @@
+
+ if (!bitset(MCIF_TLSACT, mci->mci_flags))
+ return EX_OK;
+- r = endtls(mci->mci_ssl, "client");
++ r = endtls(&mci->mci_ssl, "client");
+ mci->mci_flags &= ~MCIF_TLSACT;
+ return r;
+ }
+diff -ru a/sendmail/macro.c b/sendmail/macro.c
+--- a/sendmail/macro.c 2016-02-29 06:01:55.000000000 -0800
++++ b/sendmail/macro.c 2016-02-29 06:02:06.000000000 -0800
+@@ -362,6 +362,33 @@
+ }
+
+ /*
++** MACTABCLEAR -- clear entire macro table
++**
++** Parameters:
++** mac -- Macro table.
++**
++** Returns:
++** none.
++**
++** Side Effects:
++** clears entire mac structure including rpool pointer!
++*/
++
++void
++mactabclear(mac)
++ MACROS_T *mac;
++{
++ int i;
++
++ if (mac->mac_rpool == NULL)
++ {
++ for (i = 0; i < MAXMACROID; i++)
++ SM_FREE_CLR(mac->mac_table[i]);
++ }
++ memset((char *) mac, '\0', sizeof(*mac));
++}
++
++/*
+ ** MACDEFINE -- bind a macro name to a value
+ **
+ ** Set a macro to a value, with fancy storage management.
+diff -ru a/sendmail/mci.c b/sendmail/mci.c
+--- a/sendmail/mci.c 2016-02-29 06:01:55.000000000 -0800
++++ b/sendmail/mci.c 2016-02-29 06:02:06.000000000 -0800
+@@ -25,6 +25,7 @@
+ int, bool));
+ static bool mci_load_persistent __P((MCI *));
+ static void mci_uncache __P((MCI **, bool));
++static void mci_clear __P((MCI *));
+ static int mci_lock_host_statfile __P((MCI *));
+ static int mci_read_persistent __P((SM_FILE_T *, MCI *));
+
+@@ -253,6 +254,7 @@
+ SM_FREE_CLR(mci->mci_status);
+ SM_FREE_CLR(mci->mci_rstatus);
+ SM_FREE_CLR(mci->mci_heloname);
++ mci_clear(mci);
+ if (mci->mci_rpool != NULL)
+ {
+ sm_rpool_free(mci->mci_rpool);
+@@ -315,6 +317,41 @@
+ }
+
+ /*
++** MCI_CLEAR -- clear mci
++**
++** Parameters:
++** mci -- the connection to clear.
++**
++** Returns:
++** none.
++*/
++
++static void
++mci_clear(mci)
++ MCI *mci;
++{
++ if (mci == NULL)
++ return;
++
++ mci->mci_maxsize = 0;
++ mci->mci_min_by = 0;
++ mci->mci_deliveries = 0;
++#if SASL
++ if (bitset(MCIF_AUTHACT, mci->mci_flags))
++ sasl_dispose(&mci->mci_conn);
++#endif
++#if STARTTLS
++ if (bitset(MCIF_TLSACT, mci->mci_flags) && mci->mci_ssl != NULL)
++ SM_SSL_FREE(mci->mci_ssl);
++#endif
++
++ /* which flags to preserve? */
++ mci->mci_flags &= MCIF_CACHED;
++ mactabclear(&mci->mci_macro);
++}
++
++
++/*
+ ** MCI_GET -- get information about a particular host
+ **
+ ** Parameters:
+@@ -419,6 +456,7 @@
+ mci->mci_errno = 0;
+ mci->mci_exitstat = EX_OK;
+ }
++ mci_clear(mci);
+ }
+
+ return mci;
+diff -ru a/sendmail/sendmail.h b/sendmail/sendmail.h
+--- a/sendmail/sendmail.h 2016-02-29 06:01:55.000000000 -0800
++++ b/sendmail/sendmail.h 2016-02-29 06:02:06.000000000 -0800
+@@ -1186,6 +1186,7 @@
+ #define macid(name) macid_parse(name, NULL)
+ extern char *macname __P((int));
+ extern char *macvalue __P((int, ENVELOPE *));
++extern void mactabclear __P((MACROS_T *));
+ extern int rscheck __P((char *, char *, char *, ENVELOPE *, int, int, char *, char *, ADDRESS *, char **));
+ extern int rscap __P((char *, char *, char *, ENVELOPE *, char ***, char *, int));
+ extern void setclass __P((int, char *));
+@@ -2002,7 +2003,15 @@
+ extern void setclttls __P((bool));
+ extern bool initsrvtls __P((bool));
+ extern int tls_get_info __P((SSL *, bool, char *, MACROS_T *, bool));
+-extern int endtls __P((SSL *, char *));
++#define SM_SSL_FREE(ssl) \
++ do { \
++ if (ssl != NULL) \
++ { \
++ SSL_free(ssl); \
++ ssl = NULL; \
++ } \
++ } while (0)
++extern int endtls __P((SSL **, char *));
+ extern void tlslogerr __P((int, const char *));
+
+
+diff -ru a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
+--- a/sendmail/srvrsmtp.c 2016-02-29 06:01:55.000000000 -0800
++++ b/sendmail/srvrsmtp.c 2016-02-29 06:02:06.000000000 -0800
+@@ -2122,8 +2122,7 @@
+ if (get_tls_se_options(e, srv_ssl, true) != 0)
+ {
+ message("454 4.3.3 TLS not available: error setting options");
+- SSL_free(srv_ssl);
+- srv_ssl = NULL;
++ SM_SSL_FREE(srv_ssl);
+ goto tls_done;
+ }
+
+@@ -2145,8 +2144,7 @@
+ SSL_set_wfd(srv_ssl, wfd) <= 0)
+ {
+ message("454 4.3.3 TLS not available: error set fd");
+- SSL_free(srv_ssl);
+- srv_ssl = NULL;
++ SM_SSL_FREE(srv_ssl);
+ goto tls_done;
+ }
+ if (!smtps)
+@@ -2188,8 +2186,7 @@
+ tlslogerr(LOG_WARNING, "server");
+ }
+ tls_ok_srv = false;
+- SSL_free(srv_ssl);
+- srv_ssl = NULL;
++ SM_SSL_FREE(srv_ssl);
+
+ /*
+ ** according to the next draft of
+@@ -3416,7 +3413,7 @@
+ /* shutdown TLS connection */
+ if (tls_active)
+ {
+- (void) endtls(srv_ssl, "server");
++ (void) endtls(&srv_ssl, "server");
+ tls_active = false;
+ }
+ #endif /* STARTTLS */
+diff -ru a/sendmail/tls.c b/sendmail/tls.c
+--- a/sendmail/tls.c 2016-02-29 06:01:55.000000000 -0800
++++ b/sendmail/tls.c 2016-02-29 06:02:06.000000000 -0800
+@@ -1624,7 +1624,7 @@
+ ** ENDTLS -- shutdown secure connection
+ **
+ ** Parameters:
+-** ssl -- SSL connection information.
++** pssl -- pointer to TLS session context
+ ** side -- server/client (for logging).
+ **
+ ** Returns:
+@@ -1632,12 +1632,16 @@
+ */
+
+ int
+-endtls(ssl, side)
+- SSL *ssl;
++endtls(pssl, side)
++ SSL **pssl;
+ char *side;
+ {
+ int ret = EX_OK;
++ SSL *ssl;
+
++ SM_REQUIRE(pssl != NULL);
++ ret = EX_OK;
++ ssl = *pssl;
+ if (ssl != NULL)
+ {
+ int r;
+@@ -1703,8 +1707,7 @@
+ ret = EX_SOFTWARE;
+ }
+ # endif /* !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER > 0x0090602fL */
+- SSL_free(ssl);
+- ssl = NULL;
++ SM_SSL_FREE(*pssl);
+ }
+ return ret;
+ }
diff --git a/SOURCES/sendmail-8.15.2-switchfile.patch b/SOURCES/sendmail-8.15.2-switchfile.patch
new file mode 100644
index 0000000..940d5a7
--- /dev/null
+++ b/SOURCES/sendmail-8.15.2-switchfile.patch
@@ -0,0 +1,13 @@
+diff --git a/sendmail/conf.c b/sendmail/conf.c
+index c73334e..cbb9c76 100644
+--- a/sendmail/conf.c
++++ b/sendmail/conf.c
+@@ -986,7 +986,7 @@ switch_map_find(service, maptype, mapreturn)
+ if (p != NULL)
+ *p = '\0';
+ #ifndef SM_NSSWITCH_DELIMS
+-# define SM_NSSWITCH_DELIMS " \t"
++# define SM_NSSWITCH_DELIMS " \t:"
+ #endif /* SM_NSSWITCH_DELIMS */
+ p = strpbrk(buf, SM_NSSWITCH_DELIMS);
+ if (p != NULL)
diff --git a/SOURCES/sendmail-etc-mail-access b/SOURCES/sendmail-etc-mail-access
new file mode 100644
index 0000000..31715ef
--- /dev/null
+++ b/SOURCES/sendmail-etc-mail-access
@@ -0,0 +1,12 @@
+# Check the /usr/share/doc/sendmail/README.cf file for a description
+# of the format of this file. (search for access_db in that file)
+# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
+# package.
+#
+# If you want to use AuthInfo with "M:PLAIN LOGIN", make sure to have the
+# cyrus-sasl-plain package installed.
+#
+# By default we allow relaying from localhost...
+Connect:localhost.localdomain RELAY
+Connect:localhost RELAY
+Connect:127.0.0.1 RELAY
diff --git a/SOURCES/sendmail-etc-mail-domaintable b/SOURCES/sendmail-etc-mail-domaintable
new file mode 100644
index 0000000..2dfd1aa
--- /dev/null
+++ b/SOURCES/sendmail-etc-mail-domaintable
@@ -0,0 +1,4 @@
+# The "domain table" can be used to provide domain name mapping.
+# Use of this should really be limited to your own domains.
+# It may be useful if you change names (e.g., your company
+# changes names from oldname.com to newname.com)
diff --git a/SOURCES/sendmail-etc-mail-local-host-names b/SOURCES/sendmail-etc-mail-local-host-names
new file mode 100644
index 0000000..9248c00
--- /dev/null
+++ b/SOURCES/sendmail-etc-mail-local-host-names
@@ -0,0 +1 @@
+# local-host-names - include all aliases for your machine here.
diff --git a/SOURCES/sendmail-etc-mail-mailertable b/SOURCES/sendmail-etc-mail-mailertable
new file mode 100644
index 0000000..0deb307
--- /dev/null
+++ b/SOURCES/sendmail-etc-mail-mailertable
@@ -0,0 +1,30 @@
+# The "mailer table" can be used to override routing for particular domains
+# (which are not in class {w}, i.e. local host names).
+#
+# hash /etc/mail/mailertable
+#
+# Keys in this database are fully qualified domain names or partial domains
+# preceded by a dot -- for example, "vangogh.CS.Berkeley.EDU" or
+# ".CS.Berkeley.EDU". As a special case of the latter, "." matches any domain
+# not covered by other keys. Values must be of the form:
+#
+# mailer:domain
+#
+# where "mailer" is the internal mailer name, and "domain" is where to send
+# the message. These maps are not reflected into the message header. As a
+# special case, the forms:
+#
+# local:user
+#
+# will forward to the indicated user using the local mailer,
+#
+# local:
+#
+# will forward to the original user in the e-mail address using the local
+# mailer, and
+#
+# error:code message
+# error:D.S.N:code message
+#
+# will give an error message with the indicated SMTP reply code and message,
+# where D.S.N is an RFC 1893 compliant error code.
diff --git a/SOURCES/sendmail-etc-mail-trusted-users b/SOURCES/sendmail-etc-mail-trusted-users
new file mode 100644
index 0000000..986184d
--- /dev/null
+++ b/SOURCES/sendmail-etc-mail-trusted-users
@@ -0,0 +1,2 @@
+# trusted-users - users that can send mail as others without a warning
+# apache, mailman, majordomo, uucp, are good candidates
diff --git a/SOURCES/sendmail-etc-mail-virtusertable b/SOURCES/sendmail-etc-mail-virtusertable
new file mode 100644
index 0000000..cc4b545
--- /dev/null
+++ b/SOURCES/sendmail-etc-mail-virtusertable
@@ -0,0 +1,41 @@
+# A domain-specific form of aliasing, allowing multiple virtual domains to be
+# hosted on one machine.
+#
+# info@foo.com foo-info
+# info@bar.com bar-info
+# joe@bar.com error:nouser 550 No such user here
+# jax@bar.com error:5.7.0:550 Address invalid
+# @baz.org jane@example.net
+#
+# then mail addressed to info@foo.com will be sent to the address foo-info,
+# mail addressed to info@bar.com will be delivered to bar-info, and mail
+# addressed to anyone at baz.org will be sent to jane@example.net, mail to
+# joe@bar.com will be rejected with the specified error message, and mail to
+# jax@bar.com will also have a RFC 1893 compliant error code 5.7.0.
+#
+# The username from the original address is passed as %1 allowing:
+#
+# @foo.org %1@example.com
+#
+# Additionally, if the local part consists of "user+detail" then "detail" is
+# passed as %2 and "+detail" is passed as %3 when a match against user+* is
+# attempted, so entries like
+#
+# old+*@foo.org new+%2@example.com
+# gen+*@foo.org %2@example.com
+# +*@foo.org %1%3@example.com
+# X++@foo.org Z%3@example.com
+# @bar.org %1%3
+#
+# Note: to preserve "+detail" for a default case (@domain) %1%3 must be used
+# as RHS. There are two wildcards after "+": "+" matches only a non-empty
+# detail, "*" matches also empty details, e.g., user+@foo.org matches#
+# +*@foo.org but not ++@foo.org. This can be used to ensure that the
+# parameters %2 and %3 are not empty.
+#
+# All the host names on the left hand side (foo.com, bar.com, and baz.org)
+# must be in class {w} or class {VirtHost}. The latter can be defined by the
+# macros VIRTUSER_DOMAIN or VIRTUSER_DOMAIN_FILE (analogously to
+# MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE). If VIRTUSER_DOMAIN or
+# VIRTUSER_DOMAIN_FILE is used, then the entries of class {VirtHost} are
+# added to class {R}, i.e., relaying is allowed to (and from) those domains.
diff --git a/SOURCES/sendmail-redhat.mc b/SOURCES/sendmail-redhat.mc
new file mode 100644
index 0000000..dd9bc96
--- /dev/null
+++ b/SOURCES/sendmail-redhat.mc
@@ -0,0 +1,181 @@
+divert(-1)dnl
+dnl #
+dnl # This is the sendmail macro config file for m4. If you make changes to
+dnl # /etc/mail/sendmail.mc, you will need to regenerate the
+dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
+dnl # installed and then performing a
+dnl #
+dnl # /etc/mail/make
+dnl #
+include(`@@PATH@@/m4/cf.m4')dnl
+VERSIONID(`setup for linux')dnl
+OSTYPE(`linux')dnl
+dnl #
+dnl # Do not advertize sendmail version.
+dnl #
+dnl define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
+dnl #
+dnl # default logging level is 9, you might want to set it higher to
+dnl # debug the configuration
+dnl #
+dnl define(`confLOG_LEVEL', `9')dnl
+dnl #
+dnl # Uncomment and edit the following line if your outgoing mail needs to
+dnl # be sent out through an external mail server:
+dnl #
+dnl define(`SMART_HOST', `smtp.your.provider')dnl
+dnl #
+define(`confDEF_USER_ID', ``8:12'')dnl
+dnl define(`confAUTO_REBUILD')dnl
+define(`confTO_CONNECT', `1m')dnl
+define(`confTRY_NULL_MX_LIST', `True')dnl
+define(`confDONT_PROBE_INTERFACES', `True')dnl
+define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
+define(`ALIAS_FILE', `/etc/aliases')dnl
+define(`STATUS_FILE', `/var/log/mail/statistics')dnl
+define(`UUCP_MAILER_MAX', `2000000')dnl
+define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
+define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
+define(`confAUTH_OPTIONS', `A')dnl
+dnl #
+dnl # The following allows relaying if the user authenticates, and disallows
+dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
+dnl #
+dnl define(`confAUTH_OPTIONS', `A p')dnl
+dnl #
+dnl # which realm to use in SASL database (sasldb2)
+dnl #
+define(`confAUTH_REALM', `mail')dnl
+dnl #
+dnl # PLAIN is the preferred plaintext authentication method and used by
+dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
+dnl # use LOGIN. Other mechanisms should be used if the connection is not
+dnl # guaranteed secure.
+dnl # Please remember that saslauthd needs to be running for AUTH.
+dnl #
+dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
+dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
+dnl #
+dnl # Basic sendmail TLS configuration with self-signed certificate for
+dnl # inbound SMTP (and also opportunistic TLS for outbound SMTP).
+dnl #
+define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
+define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
+define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
+define(`confSERVER_KEY', `/etc/pki/tls/private/sendmail.key')dnl
+define(`confTLS_SRV_OPTIONS', `V')dnl
+dnl #
+dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
+dnl # slapd, which requires the file to be readble by group ldap
+dnl #
+dnl define(`confDONT_BLAME_SENDMAIL', `groupreadablekeyfile')dnl
+dnl #
+dnl define(`confTO_QUEUEWARN', `4h')dnl
+dnl define(`confTO_QUEUERETURN', `5d')dnl
+dnl define(`confQUEUE_LA', `12')dnl
+dnl define(`confREFUSE_LA', `18')dnl
+define(`confTO_IDENT', `0')dnl
+dnl # If you're operating in a DSCP/RFC-4594 environment with QoS
+dnl define(`confINET_QOS', `AF11')dnl
+dnl FEATURE(delay_checks)dnl
+FEATURE(`no_default_msa', `dnl')dnl
+FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
+FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
+FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
+FEATURE(redirect)dnl
+FEATURE(always_add_domain)dnl
+FEATURE(use_cw_file)dnl
+FEATURE(use_ct_file)dnl
+dnl #
+dnl # The following limits the number of processes sendmail can fork to accept
+dnl # incoming messages or process its message queues to 20.) sendmail refuses
+dnl # to accept connections once it has reached its quota of child processes.
+dnl #
+dnl define(`confMAX_DAEMON_CHILDREN', `20')dnl
+dnl #
+dnl # Limits the number of new connections per second. This caps the overhead
+dnl # incurred due to forking new sendmail processes. May be useful against
+dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address
+dnl # limit would be useful but is not available as an option at this writing.)
+dnl #
+dnl define(`confCONNECTION_RATE_THROTTLE', `3')dnl
+dnl #
+dnl # The -t option will retry delivery if e.g. the user runs over his quota.
+dnl #
+FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
+FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
+FEATURE(`blacklist_recipients')dnl
+EXPOSED_USER(`root')dnl
+dnl #
+dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment
+dnl # the following 2 definitions and activate below in the MAILER section the
+dnl # cyrusv2 mailer.
+dnl #
+dnl define(`confLOCAL_MAILER', `cyrusv2')dnl
+dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl
+dnl #
+dnl # The following causes sendmail to only listen on the IPv4 loopback address
+dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
+dnl # address restriction to accept email from the internet or intranet.
+dnl #
+DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
+dnl #
+dnl # The following causes sendmail to additionally listen to port 587 for
+dnl # mail from MUAs that authenticate. Roaming users who can't reach their
+dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
+dnl # this useful.
+dnl #
+dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
+dnl #
+dnl # The following causes sendmail to additionally listen to port 465, but
+dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
+dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
+dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
+dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
+dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
+dnl #
+dnl # For this to work your OpenSSL certificates must be configured.
+dnl #
+dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
+dnl #
+dnl # The following causes sendmail to additionally listen on the IPv6 loopback
+dnl # device. Remove the loopback address restriction listen to the network.
+dnl #
+dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
+dnl #
+dnl # enable both ipv6 and ipv4 in sendmail:
+dnl #
+dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
+dnl #
+dnl # We strongly recommend not accepting unresolvable domains if you want to
+dnl # protect yourself from spam. However, the laptop and users on computers
+dnl # that do not have 24x7 DNS do need this.
+dnl #
+FEATURE(`accept_unresolvable_domains')dnl
+dnl #
+dnl FEATURE(`relay_based_on_MX')dnl
+dnl #
+dnl # Also accept email sent to "localhost.localdomain" as local email.
+dnl #
+LOCAL_DOMAIN(`localhost.localdomain')dnl
+dnl #
+dnl # The following example makes mail from this host and any additional
+dnl # specified domains appear to be sent from mydomain.com
+dnl #
+dnl MASQUERADE_AS(`mydomain.com')dnl
+dnl #
+dnl # masquerade not just the headers, but the envelope as well
+dnl #
+dnl FEATURE(masquerade_envelope)dnl
+dnl #
+dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
+dnl #
+dnl FEATURE(masquerade_entire_domain)dnl
+dnl #
+dnl MASQUERADE_DOMAIN(localhost)dnl
+dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
+dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
+dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
+MAILER(smtp)dnl
+MAILER(procmail)dnl
+dnl MAILER(cyrusv2)dnl
diff --git a/SOURCES/sendmail.etc-mail-Makefile b/SOURCES/sendmail.etc-mail-Makefile
new file mode 100644
index 0000000..e80f4a9
--- /dev/null
+++ b/SOURCES/sendmail.etc-mail-Makefile
@@ -0,0 +1,8 @@
+# Pass everything to the make script
+
+all:
+%: force
+ @./make $@
+force:;
+
+$(MAKEFILE_LIST):;
diff --git a/SOURCES/sendmail.etc-mail-make b/SOURCES/sendmail.etc-mail-make
new file mode 100644
index 0000000..f345b43
--- /dev/null
+++ b/SOURCES/sendmail.etc-mail-make
@@ -0,0 +1,129 @@
+#!/bin/sh
+# Generate db and cf files if necessary. This used to be handled by
+# /etc/mail/Makefile.
+
+teste() {
+ if ! test -e "$1"; then
+ echo "$1 doesn't exist"
+ exit 2
+ fi
+}
+
+makedb() {
+ teste "${1%.db}"
+
+ if [ -z "$SM_FORCE_DBREBUILD" ]; then
+ test "${1%.db}" -nt "$1" || return 0
+ fi
+
+ if [ "$1" = userdb.db ]; then
+ makemap btree "$1" < "${1%.db}"
+ else
+ makemap hash "$1" < "${1%.db}"
+ fi
+}
+
+makealiasesdb() {
+ uptodate=1
+
+ if [ -z "$SM_FORCE_DBREBUILD" ]; then
+ files=$(grep '^O AliasFile=' sendmail.cf |
+ while read a; do echo ${a#*=}; done)
+
+ for a in $files; do
+ if [ "$a" = /etc/aliases ]; then
+ # /etc/aliases.db may be used by other MTA, make sure nothing
+ # has touched it since our last newaliases call
+ test "$a" -nt "${a}.db" ||
+ test aliasesdb-stamp -nt "${a}.db" ||
+ test aliasesdb-stamp -ot "${a}.db" || continue
+ else
+ test "$a" -nt "${a}.db" || continue
+ fi
+
+ uptodate=0
+ break
+ done
+ else
+ uptodate=0
+ fi
+
+ [ $uptodate = 1 ] && return 0
+
+ # check if alternatives is configured to sendmail
+ if [ "$(readlink -e /usr/bin/newaliases)" = /usr/sbin/sendmail.sendmail ]
+ then
+ /usr/bin/newaliases > /dev/null
+ touch -r /etc/aliases.db aliasesdb-stamp 2> /dev/null
+ else
+ rm -f aliasesdb-stamp
+ fi
+}
+
+makecf() {
+ mc=${1%.cf}.mc
+
+ teste "$mc"
+
+ if [ -z "$SM_FORCE_CFREBUILD" ]; then
+ test "$mc" -nt "$1" || return 0
+ fi
+
+ if test -f /usr/share/sendmail-cf/m4/cf.m4; then
+ umask 022
+ [ -e "$1" ] && mv -f "$1" "$1".bak
+ m4 "$mc" > "$1"
+ else
+ echo "WARNING: '$mc' is modified. Please install package sendmail-cf to update your configuration."
+ exit 15
+ fi
+}
+
+makeall() {
+ # These could be used by sendmail, but are not part of the default install.
+ # To use them you will have to generate your own sendmail.cf with
+ # FEATURE('whatever')
+ test -f bitdomain && makedb bitdomain.db
+ test -f uudomain && makedb uudomain.db
+ test -f genericstable && makedb genericstable.db
+ test -f userdb && makedb userdb.db
+ test -f authinfo && makedb authinfo.db
+
+ makedb virtusertable.db
+ makedb access.db
+ makedb domaintable.db
+ makedb mailertable.db
+
+ makecf sendmail.cf
+ makecf submit.cf
+}
+
+cd /etc/mail || exit 1
+
+[ $# -eq 0 ] && makeall
+
+for target; do
+ case "$target" in
+ *.db)
+ makedb "$target"
+ ;;
+ *.cf)
+ makecf "$target"
+ ;;
+ all)
+ makeall
+ ;;
+ aliases)
+ makealiasesdb
+ ;;
+ clean)
+ rm -f *.db *~ aliasesdb-stamp
+ ;;
+ start|stop|restart)
+ service sendmail "$target"
+ ;;
+ *)
+ echo "Don't know how to make $target"
+ exit 2
+ esac
+done
diff --git a/SOURCES/sendmail.nm-dispatcher b/SOURCES/sendmail.nm-dispatcher
new file mode 100644
index 0000000..b3122e5
--- /dev/null
+++ b/SOURCES/sendmail.nm-dispatcher
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+case "$2" in
+ up|down|vpn-up|vpn-down)
+ /bin/systemctl --no-block try-restart sendmail.service || :
+ ;;
+esac
diff --git a/SOURCES/sendmail.pam b/SOURCES/sendmail.pam
new file mode 100644
index 0000000..73e5348
--- /dev/null
+++ b/SOURCES/sendmail.pam
@@ -0,0 +1,3 @@
+#%PAM-1.0
+auth include password-auth
+account include password-auth
diff --git a/SOURCES/sendmail.service b/SOURCES/sendmail.service
new file mode 100644
index 0000000..c7d35ce
--- /dev/null
+++ b/SOURCES/sendmail.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Sendmail Mail Transport Agent
+After=syslog.target network.target
+Conflicts=postfix.service exim.service
+Wants=sm-client.service
+StartLimitIntervalSec=0
+
+[Service]
+Type=forking
+PIDFile=/run/sendmail.pid
+Environment=SENDMAIL_OPTS=-q1h
+EnvironmentFile=-/etc/sysconfig/sendmail
+ExecStartPre=-/etc/mail/make
+ExecStartPre=-/etc/mail/make aliases
+ExecStart=/usr/sbin/sendmail -bd $SENDMAIL_OPTS $SENDMAIL_OPTARG
+
+[Install]
+WantedBy=multi-user.target
+Also=sm-client.service
diff --git a/SOURCES/sendmail.sysconfig b/SOURCES/sendmail.sysconfig
new file mode 100644
index 0000000..db73530
--- /dev/null
+++ b/SOURCES/sendmail.sysconfig
@@ -0,0 +1 @@
+SENDMAIL_OPTS="-q1h"
diff --git a/SOURCES/sm-client.service b/SOURCES/sm-client.service
new file mode 100644
index 0000000..a450b16
--- /dev/null
+++ b/SOURCES/sm-client.service
@@ -0,0 +1,20 @@
+[Unit]
+Description=Sendmail Mail Transport Client
+After=syslog.target network.target sendmail.service
+Conflicts=postfix.service exim.service
+BindTo=sendmail.service
+StartLimitIntervalSec=0
+
+[Service]
+Type=forking
+PIDFile=/run/sm-client.pid
+Environment=SENDMAIL_OPTS=-q1h
+EnvironmentFile=-/etc/sysconfig/sendmail
+ExecStartPre=/bin/touch /run/sm-client.pid
+ExecStartPre=/bin/chown smmsp:smmsp /run/sm-client.pid
+ExecStartPre=-/sbin/restorecon /run/sm-client.pid
+ExecStartPre=-/etc/mail/make
+ExecStart=/usr/sbin/sendmail -L sm-msp-queue -Ac $SENDMAIL_OPTS $SENDMAIL_OPTARG
+
+[Install]
+WantedBy=multi-user.target
diff --git a/SPECS/sendmail.spec b/SPECS/sendmail.spec
new file mode 100644
index 0000000..208d71d
--- /dev/null
+++ b/SPECS/sendmail.spec
@@ -0,0 +1,1992 @@
+# package options
+%global with_tls yes
+%global with_sasl2 yes
+%global with_milter yes
+%global with_ldap yes
+%global enable_pie yes
+
+%global sendmailcf %{_datadir}/sendmail-cf
+%global stdir %{_localstatedir}/log/mail
+%global smshell /sbin/nologin
+%global spooldir %{_localstatedir}/spool
+%global maildir %{_sysconfdir}/mail
+%global sslcert %{_sysconfdir}/pki/tls/certs/sendmail.pem
+%global sslkey %{_sysconfdir}/pki/tls/private/sendmail.key
+
+# hardened build if not overridden
+%{!?_hardened_build:%global _hardened_build 1}
+
+Summary: A widely used Mail Transport Agent (MTA)
+Name: sendmail
+Version: 8.15.2
+Release: 31%{?dist}
+License: Sendmail
+Group: System Environment/Daemons
+URL: http://www.sendmail.org/
+Source0: ftp://ftp.sendmail.org/pub/sendmail/sendmail.%{version}.tar.gz
+# Systemd Service file
+Source1: sendmail.service
+# NetworkManager dispatch script
+Source2: sendmail.nm-dispatcher
+# script to generate db and cf files
+Source3: sendmail.etc-mail-make
+# default sysconfig file
+Source4: sendmail.sysconfig
+# default /etc/mail/Makefile
+Source5: sendmail.etc-mail-Makefile
+# default sendmail.mc
+Source6: sendmail-redhat.mc
+# Systemd Service file
+Source7: sm-client.service
+# pam config
+Source8: sendmail.pam
+# sasl2 config
+Source11: Sendmail-sasl2.conf
+# default /etc/mail/access
+Source12: sendmail-etc-mail-access
+# default /etc/mail/domaintable
+Source13: sendmail-etc-mail-domaintable
+# default /etc/mail/local-host-names
+Source14: sendmail-etc-mail-local-host-names
+# default /etc/mail/mailertable
+Source15: sendmail-etc-mail-mailertable
+# default /etc/mail/trusted-users
+Source16: sendmail-etc-mail-trusted-users
+# default /etc/mail/virtusertable
+Source17: sendmail-etc-mail-virtusertable
+# fix man path and makemap man page
+Patch3: sendmail-8.14.4-makemapman.patch
+# fix smrsh paths
+Patch4: sendmail-8.14.3-smrsh_paths.patch
+# fix sm-client.pid path
+Patch7: sendmail-8.14.9-pid.patch
+# fix sendmail man page
+Patch10: sendmail-8.15.1-manpage.patch
+# compile with -fpie
+Patch11: sendmail-8.15.1-dynamic.patch
+# fix cyrus path
+Patch12: sendmail-8.13.0-cyrus.patch
+# fix aliases.db path
+Patch13: sendmail-8.15.1-aliases_dir.patch
+# fix vacation Makefile
+Patch14: sendmail-8.14.9-vacation.patch
+# remove version information from sendmail helpfile
+Patch15: sendmail-8.14.9-noversion.patch
+# do not accept localhost.localdomain as valid address from SMTP
+Patch16: sendmail-8.15.2-localdomain.patch
+# build libmilter as DSO
+Patch17: sendmail-8.14.3-sharedmilter.patch
+# skip colon separator when parsing service name in ServiceSwitchFile
+Patch18: sendmail-8.15.2-switchfile.patch
+# silence warning about missing sasl2 config in /usr/lib*, now in /etc/sasl2
+Patch23: sendmail-8.14.8-sasl2-in-etc.patch
+# add QoS support, patch from Philip Prindeville <philipp@fedoraproject.org>
+# upstream reserved option ID 0xe7 for testing of this new feature, #576643
+Patch25: sendmail-8.15.2-qos.patch
+Patch26: sendmail-8.15.2-libmilter-socket-activation.patch
+# patch provided by upstream
+Patch27: sendmail-8.15.2-smtp-session-reuse-fix.patch
+Patch28: sendmail-8.15.2-openssl-1.1.0-fix.patch
+# patch taken from Debian
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807258
+Patch29: sendmail-8.15.2-format-security.patch
+# rhbz#1473971
+Patch30: sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
+Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildRequires: libdb-devel
+BuildRequires: libnsl2-devel
+BuildRequires: groff
+BuildRequires: ghostscript
+BuildRequires: m4
+BuildRequires: systemd
+BuildRequires: gcc
+Provides: MTA smtpdaemon server(smtp)
+Requires(post): systemd coreutils %{_sbindir}/alternatives %{_bindir}/openssl
+Requires(preun): systemd %{_sbindir}/alternatives
+Requires(postun): systemd coreutils %{_sbindir}/alternatives
+Requires(pre): shadow-utils
+Requires: procmail
+Requires: bash >= 2.0
+Requires: setup >= 2.5.31-1
+BuildRequires: setup >= 2.5.31-1
+%if "%{with_tls}" == "yes"
+BuildRequires: openssl-devel
+%endif
+%if "%{with_sasl2}" == "yes"
+BuildRequires: cyrus-sasl-devel openssl-devel
+Requires: %{_sbindir}/saslauthd
+%endif
+%if "%{with_ldap}" == "yes"
+BuildRequires: openldap-devel openssl-devel
+%endif
+
+
+%description
+The Sendmail program is a very widely used Mail Transport Agent (MTA).
+MTAs send mail from one machine to another. Sendmail is not a client
+program, which you use to read your email. Sendmail is a
+behind-the-scenes program which actually moves your email over
+networks or the Internet to where you want it to go.
+
+If you ever need to reconfigure Sendmail, you will also need to have
+the sendmail-cf package installed. If you need documentation on
+Sendmail, you can install the sendmail-doc package.
+
+%package doc
+Summary: Documentation about the Sendmail Mail Transport Agent program
+Group: Documentation
+BuildArch: noarch
+Requires: sendmail = %{version}-%{release}
+
+%description doc
+This package contains the Sendmail Installation and Operation Guide (PDF),
+text files containing configuration documentation, plus a number of
+contributed scripts and tools for use with Sendmail.
+
+%package milter-devel
+Summary: Development files for the sendmail milter library
+Group: Development/Libraries
+Requires: sendmail-milter%{?_isa} = %{version}-%{release}
+# The following Provides: and Obsoletes: can be dropped in f28+
+Provides: sendmail-devel%{?_isa} = %{version}-%{release}
+Provides: sendmail-devel = %{version}-%{release}
+Obsoletes: sendmail-devel < 8.15.2-8
+
+%description milter-devel
+Include files and devel libraries for the milter add-ons as part of sendmail.
+
+%package cf
+Summary: The files needed to reconfigure Sendmail
+Group: System Environment/Daemons
+Requires: sendmail = %{version}-%{release}
+BuildArch: noarch
+Requires: m4
+
+%description cf
+This package includes the configuration files you need to generate the
+sendmail.cf file distributed with the sendmail package. You will need
+the sendmail-cf package if you ever need to reconfigure and rebuild
+your sendmail.cf file.
+
+%package milter
+Summary: The sendmail milter library
+Group: System Environment/Libraries
+
+%description milter
+The sendmail Mail Filter API (Milter) is designed to allow third-party
+programs access to mail messages as they are being processed in order to
+filter meta-information and content.
+
+This package includes the milter shared library.
+
+%prep
+%setup -q
+
+%patch3 -p1 -b .makemapman
+%patch4 -p1 -b .smrsh_paths
+%patch7 -p1 -b .pid
+%patch10 -p1 -b .manpage
+%patch11 -p1 -b .dynamic
+%patch12 -p1 -b .cyrus
+%patch13 -p1 -b .aliases_dir
+%patch14 -p1 -b .vacation
+%patch15 -p1 -b .noversion
+%patch16 -p1 -b .localdomain
+
+cp devtools/M4/UNIX/{,shared}library.m4
+%patch17 -p1 -b .sharedmilter
+
+%patch18 -p1 -b .switchfile
+%patch23 -p1 -b .sasl2-in-etc
+%patch25 -p1 -b .qos
+%patch26 -p1 -b .libmilter-socket-activation
+%patch27 -p1 -b .smtp-session-reuse-fix
+%patch28 -p1 -b .openssl-1.1.0-fix
+%patch29 -p1 -b .format-security
+%patch30 -p1 -b .openssl-1.1.0-ecdhe-fix
+
+for f in RELEASE_NOTES contrib/etrn.0; do
+ iconv -f iso8859-1 -t utf8 -o ${f}{_,} &&
+ touch -r ${f}{,_} && mv -f ${f}{_,}
+done
+
+sed -i 's|/usr/local/bin/perl|%{_bindir}/perl|' contrib/*.pl
+
+%build
+# generate redhat config file
+cat > redhat.config.m4 << EOF
+define(\`confMAPDEF', \`-DNEWDB -DNIS -DMAP_REGEX -DSOCKETMAP -DNAMED_BIND=1')
+define(\`confOPTIMIZE', \`\`\`\`${RPM_OPT_FLAGS}'''')
+define(\`confENVDEF', \`-I%{_includedir}/libdb -I%{_prefix}/kerberos/include -Wall -DXDEBUG=0 -DNETINET6 -DHES_GETMAILHOST -DUSE_VENDOR_CF_PATH=1 -D_FFR_LINUX_MHNL -D_FFR_QOS -D_FILE_OFFSET_BITS=64')
+define(\`confLIBDIRS', \`-L%{_prefix}/kerberos/%{_lib}')
+define(\`confLIBS', \`-lnsl -lcrypt -ldb -lresolv')
+%{?_hardened_build:define(\`confLDOPTS', \`-Xlinker -z -Xlinker relro -Xlinker -z -Xlinker now')}
+define(\`confMANOWN', \`root')
+define(\`confMANGRP', \`root')
+define(\`confMANMODE', \`644')
+define(\`confMAN1SRC', \`1')
+define(\`confMAN5SRC', \`5')
+define(\`confMAN8SRC', \`8')
+define(\`confSTDIR', \`%{stdir}')
+define(\`STATUS_FILE', \`%{stdir}/statistics')
+define(\`confLIBSEARCH', \`db resolv 44bsd')
+EOF
+#'
+
+cat >> redhat.config.m4 << EOF
+%ifarch ppc %{power64} s390x
+APPENDDEF(\`confOPTIMIZE', \`-DSM_CONF_SHM=0')
+%else
+APPENDDEF(\`confOPTIMIZE', \`')
+%endif
+EOF
+
+%if "%{enable_pie}" == "yes"
+%ifarch s390 s390x sparc sparcv9 sparc64
+%global _fpie -fPIE
+%else
+%global _fpie -fpie
+%endif
+cat >> redhat.config.m4 << EOF
+APPENDDEF(\`confOPTIMIZE', \`%{_fpie}')
+APPENDDEF(\`confLIBS', \`-pie')
+EOF
+%endif
+
+%if "%{with_tls}" == "yes"
+cat >> redhat.config.m4 << EOF
+APPENDDEF(\`conf_sendmail_ENVDEF', \`-DSTARTTLS -D_FFR_TLS_1 -D_FFR_TLS_EC -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE')dnl
+APPENDDEF(\`conf_sendmail_LIBS', \`-lssl -lcrypto')dnl
+EOF
+%endif
+
+%if "%{with_sasl2}" == "yes"
+cat >> redhat.config.m4 << EOF
+APPENDDEF(\`confENVDEF', \`-DSASL=2')dnl
+APPENDDEF(\`confLIBS', \`-lsasl2 -lcrypto')dnl
+EOF
+%endif
+
+%if "%{with_milter}" == "yes"
+cat >> redhat.config.m4 << EOF
+APPENDDEF(\`conf_sendmail_ENVDEF', \`-DMILTER')dnl
+APPENDDEF(\`confENVDEF', \`-D_FFR_MILTER_CHECK_REJECTIONS_TOO')dnl
+EOF
+%endif
+
+%if "%{with_ldap}" == "yes"
+cat >> redhat.config.m4 << EOF
+APPENDDEF(\`confMAPDEF', \`-DLDAPMAP -DLDAP_DEPRECATED')dnl
+APPENDDEF(\`confENVDEF', \`-DSM_CONF_LDAP_MEMFREE=1')dnl
+APPENDDEF(\`confLIBS', \`-lldap -llber -lssl -lcrypto')dnl
+EOF
+%endif
+
+DIRS="libsmutil sendmail mailstats rmail praliases smrsh makemap editmap"
+
+%if "%{with_milter}" == "yes"
+DIRS="libmilter $DIRS"
+%endif
+
+for i in $DIRS; do
+ pushd $i
+ sh Build -f ../redhat.config.m4
+ popd
+done
+
+make -C doc/op op.pdf
+
+%install
+rm -rf %{buildroot}
+
+# create directories
+for d in %{_bindir} %{_sbindir} %{_includedir}/libmilter \
+ %{_libdir} %{_mandir}/man{1,5,8} %{maildir} %{stdir} %{spooldir} \
+ %{_docdir}/sendmail %{sendmailcf} %{_sysconfdir}/smrsh\
+ %{spooldir}/clientmqueue %{_sysconfdir}/sysconfig %{_initrddir} \
+ %{_sysconfdir}/pam.d %{_docdir}/sendmail/contrib \
+ %{_sysconfdir}/NetworkManager/dispatcher.d
+do
+ install -m 755 -d %{buildroot}$d
+done
+install -m 700 -d %{buildroot}%{spooldir}/mqueue
+
+# create /usr/lib for 64 bit architectures
+%if "%{_libdir}" != "%{_prefix}/lib"
+install -m 755 -d %{buildroot}%{_prefix}/lib
+%endif
+
+nameuser=`id -nu`
+namegroup=`id -ng`
+
+Make() {
+ make $@ \
+ DESTDIR=%{buildroot} \
+ LIBDIR=%{_libdir} \
+ MANROOT=%{_mandir}/man \
+ LIBMODE=0755 INCMODE=0644 \
+ SBINOWN=${nameuser} SBINGRP=${namegroup} \
+ UBINOWN=${nameuser} UBINGRP=${namegroup} \
+ MANOWN=${nameuser} MANGRP=${namegroup} \
+ INCOWN=${nameuser} INCGRP=${namegroup} \
+ LIBOWN=${nameuser} LIBGRP=${namegroup} \
+ GBINOWN=${nameuser} GBINGRP=${namegroup} \
+ CFOWN=${nameuser} CFGRP=${namegroup} \
+ CFMODE=0644 MSPQOWN=${nameuser}
+}
+
+OBJDIR=obj.$(uname -s).$(uname -r).$(uname -m)
+
+Make install -C $OBJDIR/libmilter
+Make install -C $OBJDIR/sendmail
+Make install -C $OBJDIR/mailstats
+Make force-install -C $OBJDIR/rmail
+Make install -C $OBJDIR/praliases
+Make install -C $OBJDIR/smrsh
+Make install -C $OBJDIR/makemap
+Make install -C $OBJDIR/editmap
+
+# replace absolute with relative symlinks
+ln -sf ../sbin/makemap %{buildroot}%{_bindir}/makemap
+for f in hoststat mailq newaliases purgestat ; do
+ ln -sf ../sbin/sendmail.sendmail %{buildroot}%{_bindir}/${f}
+done
+
+# use /usr/lib, even for 64 bit architectures
+ln -sf ../sbin/sendmail.sendmail %{buildroot}%{_prefix}/lib/sendmail.sendmail
+
+# install docs for sendmail
+install -p -m 644 FAQ %{buildroot}%{_docdir}/sendmail
+install -p -m 644 KNOWNBUGS %{buildroot}%{_docdir}/sendmail
+install -p -m 644 LICENSE %{buildroot}%{_docdir}/sendmail
+install -p -m 644 README %{buildroot}%{_docdir}/sendmail
+install -p -m 644 RELEASE_NOTES %{buildroot}%{_docdir}/sendmail
+gzip -9 %{buildroot}%{_docdir}/sendmail/RELEASE_NOTES
+
+# install docs for sendmail-doc
+install -m 644 doc/op/op.pdf %{buildroot}%{_docdir}/sendmail
+install -p -m 644 sendmail/README %{buildroot}%{_docdir}/sendmail/README.sendmail
+install -p -m 644 sendmail/SECURITY %{buildroot}%{_docdir}/sendmail
+install -p -m 644 smrsh/README %{buildroot}%{_docdir}/sendmail/README.smrsh
+install -p -m 644 libmilter/README %{buildroot}%{_docdir}/sendmail/README.libmilter
+install -p -m 644 cf/README %{buildroot}%{_docdir}/sendmail/README.cf
+install -p -m 644 contrib/* %{buildroot}%{_docdir}/sendmail/contrib
+
+# install the cf files for the sendmail-cf package.
+cp -ar cf/* %{buildroot}%{sendmailcf}
+# remove patch backup files
+rm -rf %{buildroot}%{sendmailcf}/cf/Build.*
+rm -rf %{buildroot}%{sendmailcf}/*/*.mc.*
+rm -rf %{buildroot}%{sendmailcf}/*/*.m4.*
+# remove cf/README file because it is useless for end users
+rm -f %{buildroot}%{sendmailcf}/cf/README
+
+# install sendmail.mc with proper paths
+install -m 644 %{SOURCE6} %{buildroot}%{maildir}/sendmail.mc
+sed -i -e 's|@@PATH@@|%{sendmailcf}|' %{buildroot}%{maildir}/sendmail.mc
+touch -r %{SOURCE6} %{buildroot}%{maildir}/sendmail.mc
+
+# create sendmail.cf
+cp %{buildroot}%{maildir}/sendmail.mc cf/cf/redhat.mc
+sed -i -e 's|%{sendmailcf}|\.\.|' cf/cf/redhat.mc
+%if "%{stdir}" != "%{maildir}"
+sed -i -e 's:%{maildir}/statistics:%{stdir}/statistics:' cf/cf/redhat.mc
+%endif
+(cd cf/cf && m4 redhat.mc > redhat.cf)
+install -m 644 cf/cf/redhat.cf %{buildroot}%{maildir}/sendmail.cf
+install -p -m 644 cf/cf/submit.mc %{buildroot}%{maildir}/submit.mc
+
+# remove our build info as it causes multiarch conflicts
+sed -i '/##### built by.*on/,+3d' %{buildroot}%{maildir}/{submit,sendmail}.cf \
+ %{buildroot}%{sendmailcf}/cf/submit.cf
+
+install -p -m 644 %{SOURCE12} %{buildroot}%{maildir}/access
+install -p -m 644 %{SOURCE13} %{buildroot}%{maildir}/domaintable
+install -p -m 644 %{SOURCE14} %{buildroot}%{maildir}/local-host-names
+install -p -m 644 %{SOURCE15} %{buildroot}%{maildir}/mailertable
+install -p -m 644 %{SOURCE16} %{buildroot}%{maildir}/trusted-users
+install -p -m 644 %{SOURCE17} %{buildroot}%{maildir}/virtusertable
+
+# create db ghosts
+for map in virtusertable access domaintable mailertable ; do
+ touch %{buildroot}%{maildir}/${map}.db
+ chmod 0644 %{buildroot}%{maildir}/${map}.db
+done
+
+touch %{buildroot}%{maildir}/aliasesdb-stamp
+
+touch %{buildroot}%{spooldir}/clientmqueue/sm-client.st
+
+install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/sendmail
+install -p -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/NetworkManager/dispatcher.d/10-sendmail
+install -p -m 755 %{SOURCE3} %{buildroot}%{maildir}/make
+install -p -m 644 %{SOURCE5} %{buildroot}%{maildir}/Makefile
+
+chmod 644 %{buildroot}%{maildir}/helpfile
+
+# Systemd
+mkdir -p %{buildroot}%{_unitdir}
+install -m644 %{SOURCE1} %{buildroot}%{_unitdir}
+install -m644 %{SOURCE7} %{buildroot}%{_unitdir}
+
+# fix permissions to allow debuginfo extraction and stripping
+chmod 755 %{buildroot}%{_sbindir}/{mailstats,makemap,editmap,praliases,sendmail,smrsh}
+chmod 755 %{buildroot}%{_bindir}/rmail
+
+%if "%{with_sasl2}" == "yes"
+install -m 755 -d %{buildroot}%{_sysconfdir}/sasl2
+install -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/sasl2/Sendmail.conf
+%endif
+install -m 644 %{SOURCE8} %{buildroot}%{_sysconfdir}/pam.d/smtp.sendmail
+
+# fix path for statistics file in man pages
+%if "%{stdir}" != "%{maildir}"
+sed -i -e 's:%{maildir}/statistics:%{stdir}/statistics:' %{buildroot}%{_mandir}/man*/*
+%endif
+
+# rename files for alternative usage
+mv %{buildroot}%{_sbindir}/sendmail %{buildroot}%{_sbindir}/sendmail.sendmail
+touch %{buildroot}%{_sbindir}/sendmail
+mv %{buildroot}%{_sbindir}/makemap %{buildroot}%{_sbindir}/makemap.sendmail
+touch %{buildroot}%{_sbindir}/makemap
+mv %{buildroot}%{_sbindir}/editmap %{buildroot}%{_sbindir}/editmap.sendmail
+touch %{buildroot}%{_sbindir}/editmap
+for i in mailq newaliases rmail; do
+ mv %{buildroot}%{_bindir}/$i %{buildroot}%{_bindir}/$i.sendmail
+ touch %{buildroot}%{_bindir}/$i
+done
+mv %{buildroot}%{_mandir}/man1/mailq.1 %{buildroot}%{_mandir}/man1/mailq.sendmail.1
+touch %{buildroot}%{_mandir}/man1/mailq.1
+mv %{buildroot}%{_mandir}/man1/newaliases.1 %{buildroot}%{_mandir}/man1/newaliases.sendmail.1
+touch %{buildroot}%{_mandir}/man1/newaliases.1
+mv %{buildroot}%{_mandir}/man5/aliases.5 %{buildroot}%{_mandir}/man5/aliases.sendmail.5
+touch %{buildroot}%{_mandir}/man5/aliases.5
+mv %{buildroot}%{_mandir}/man8/sendmail.8 %{buildroot}%{_mandir}/man8/sendmail.sendmail.8
+touch %{buildroot}%{_mandir}/man8/sendmail.8
+mv %{buildroot}%{_mandir}/man8/rmail.8 %{buildroot}%{_mandir}/man8/rmail.sendmail.8
+touch %{buildroot}%{_mandir}/man8/rmail.8
+mv %{buildroot}%{_mandir}/man8/makemap.8 %{buildroot}%{_mandir}/man8/makemap.sendmail.8
+touch %{buildroot}%{_mandir}/man8/makemap.8
+mv %{buildroot}%{_mandir}/man8/editmap.8 %{buildroot}%{_mandir}/man8/editmap.sendmail.8
+touch %{buildroot}%{_mandir}/man8/editmap.8
+touch %{buildroot}%{_prefix}/lib/sendmail
+touch %{buildroot}%{_sysconfdir}/pam.d/smtp
+
+# create stub man pages
+for m in man8/hoststat.8 man8/purgestat.8; do
+ [ -f %{buildroot}%{_mandir}/$m ] ||
+ echo ".so man8/sendmail.8" > %{buildroot}%{_mandir}/$m
+done
+
+%pre
+getent group mailnull >/dev/null || \
+ %{_sbindir}/groupadd -g 47 -r mailnull >/dev/null 2>&1
+getent passwd mailnull >/dev/null || \
+ %{_sbindir}/useradd -u 47 -g mailnull -d %{spooldir}/mqueue -r \
+ -s %{smshell} mailnull >/dev/null 2>&1
+getent group smmsp >/dev/null || \
+ %{_sbindir}/groupadd -g 51 -r smmsp >/dev/null 2>&1
+getent passwd smmsp >/dev/null || \
+ %{_sbindir}/useradd -u 51 -g smmsp -d %{spooldir}/mqueue -r \
+ -s %{smshell} smmsp >/dev/null 2>&1
+
+# hack to turn sbin/makemap and man8/makemap.8.gz into alternatives symlink
+# (part of the rhbz#1219178 fix), this could be probably dropped in f25+
+[ -h %{_sbindir}/makemap ] || rm -f %{_sbindir}/makemap || :
+[ -h %{_mandir}/man8/makemap.8.gz ] || rm -f %{_mandir}/man8/makemap.8.gz || :
+
+exit 0
+
+%postun
+%systemd_postun_with_restart sendmail.service sm-client.service
+if [ $1 -ge 1 ] ; then
+ mta=`readlink %{_sysconfdir}/alternatives/mta`
+ if [ "$mta" == "%{_sbindir}/sendmail.sendmail" ]; then
+ %{_sbindir}/alternatives --set mta %{_sbindir}/sendmail.sendmail
+ fi
+fi
+exit 0
+
+%post
+%systemd_post sendmail.service sm-client.service
+
+# Set up the alternatives files for MTAs.
+%{_sbindir}/alternatives --install %{_sbindir}/sendmail mta %{_sbindir}/sendmail.sendmail 90 \
+ --slave %{_sbindir}/makemap mta-makemap %{_sbindir}/makemap.sendmail \
+ --slave %{_sbindir}/editmap mta-editmap %{_sbindir}/editmap.sendmail \
+ --slave %{_bindir}/mailq mta-mailq %{_bindir}/mailq.sendmail \
+ --slave %{_bindir}/newaliases mta-newaliases %{_bindir}/newaliases.sendmail \
+ --slave %{_bindir}/rmail mta-rmail %{_bindir}/rmail.sendmail \
+ --slave %{_prefix}/lib/sendmail mta-sendmail %{_prefix}/lib/sendmail.sendmail \
+ --slave %{_sysconfdir}/pam.d/smtp mta-pam %{_sysconfdir}/pam.d/smtp.sendmail \
+ --slave %{_mandir}/man8/sendmail.8.gz mta-sendmailman %{_mandir}/man8/sendmail.sendmail.8.gz \
+ --slave %{_mandir}/man1/mailq.1.gz mta-mailqman %{_mandir}/man1/mailq.sendmail.1.gz \
+ --slave %{_mandir}/man1/newaliases.1.gz mta-newaliasesman %{_mandir}/man1/newaliases.sendmail.1.gz \
+ --slave %{_mandir}/man5/aliases.5.gz mta-aliasesman %{_mandir}/man5/aliases.sendmail.5.gz \
+ --slave %{_mandir}/man8/rmail.8.gz mta-rmailman %{_mandir}/man8/rmail.sendmail.8.gz \
+ --slave %{_mandir}/man8/makemap.8.gz mta-makemapman %{_mandir}/man8/makemap.sendmail.8.gz \
+ --slave %{_mandir}/man8/editmap.8.gz mta-editmapman %{_mandir}/man8/editmap.sendmail.8.gz \
+ --initscript sendmail > /dev/null 2>&1
+
+# Rebuild maps.
+{
+ chown root %{_sysconfdir}/aliases.db %{maildir}/access.db \
+ %{maildir}/mailertable.db %{maildir}/domaintable.db \
+ %{maildir}/virtusertable.db
+ SM_FORCE_DBREBUILD=1 %{maildir}/make
+ SM_FORCE_DBREBUILD=1 %{maildir}/make aliases
+} > /dev/null 2>&1
+
+# Move existing SASL2 config to new location.
+%if "%{with_sasl2}" == "yes"
+[ -f %{_libdir}/sasl2/Sendmail.conf ] && touch -r %{_sysconfdir}/sasl2/Sendmail.conf \
+ %{_libdir}/sasl2/Sendmail.conf ] && mv -f %{_libdir}/sasl2/Sendmail.conf \
+ %{_sysconfdir}/sasl2 2>/dev/null || :
+%endif
+
+# Create sm-client.st if it doesn't exist
+if [ ! -f %{spooldir}/clientmqueue/sm-client.st ]; then
+ touch %{spooldir}/clientmqueue/sm-client.st
+ chown smmsp:smmsp %{spooldir}/clientmqueue/sm-client.st
+ chmod 0660 %{spooldir}/clientmqueue/sm-client.st
+fi
+
+# Create self-signed SSL certificate
+if [ ! -f %{sslkey} ]; then
+ umask 077
+ %{_bindir}/openssl genrsa 4096 > %{sslkey} 2> /dev/null
+fi
+
+if [ ! -f %{sslcert} ]; then
+ FQDN=`hostname`
+ if [ "x${FQDN}" = "x" ]; then
+ FQDN=localhost.localdomain
+ fi
+
+ %{_bindir}/openssl req -new -key %{sslkey} -x509 -sha256 -days 365 -set_serial $RANDOM -out %{sslcert} \
+ -subj "/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}"
+ chmod 644 %{sslcert}
+fi
+
+exit 0
+
+%preun
+%systemd_preun sendmail.service sm-client.service
+if [ $1 = 0 ]; then
+ %{_sbindir}/alternatives --remove mta %{_sbindir}/sendmail.sendmail
+fi
+exit 0
+
+%post milter -p /sbin/ldconfig
+
+%postun milter -p /sbin/ldconfig
+
+
+%files
+%dir %{_docdir}/sendmail
+%doc %{_docdir}/sendmail/FAQ
+%doc %{_docdir}/sendmail/KNOWNBUGS
+%doc %{_docdir}/sendmail/LICENSE
+%doc %{_docdir}/sendmail/README
+%doc %{_docdir}/sendmail/RELEASE_NOTES.gz
+%{_bindir}/hoststat
+%{_bindir}/makemap
+%{_bindir}/purgestat
+%{_sbindir}/mailstats
+%{_sbindir}/makemap.sendmail
+%{_sbindir}/editmap.sendmail
+%{_sbindir}/praliases
+%attr(2755,root,smmsp) %{_sbindir}/sendmail.sendmail
+%{_bindir}/rmail.sendmail
+%{_bindir}/newaliases.sendmail
+%{_bindir}/mailq.sendmail
+%{_sbindir}/smrsh
+%{_prefix}/lib/sendmail.sendmail
+
+%{_mandir}/man8/rmail.sendmail.8.gz
+%{_mandir}/man8/praliases.8.gz
+%{_mandir}/man8/mailstats.8.gz
+%{_mandir}/man8/makemap.sendmail.8.gz
+%{_mandir}/man8/editmap.sendmail.8.gz
+%{_mandir}/man8/sendmail.sendmail.8.gz
+%{_mandir}/man8/smrsh.8.gz
+%{_mandir}/man8/hoststat.8.gz
+%{_mandir}/man8/purgestat.8.gz
+%{_mandir}/man5/aliases.sendmail.5.gz
+%{_mandir}/man1/newaliases.sendmail.1.gz
+%{_mandir}/man1/mailq.sendmail.1.gz
+
+# dummy attributes for rpmlint
+%ghost %attr(0755,-,-) %{_sbindir}/sendmail
+%ghost %attr(0755,-,-) %{_sbindir}/makemap
+%ghost %attr(0755,-,-) %{_sbindir}/editmap
+%ghost %attr(0755,-,-) %{_bindir}/mailq
+%ghost %attr(0755,-,-) %{_bindir}/newaliases
+%ghost %attr(0755,-,-) %{_bindir}/rmail
+%ghost %attr(0755,-,-) %{_prefix}/lib/sendmail
+
+%ghost %{_sysconfdir}/pam.d/smtp
+%ghost %{_mandir}/man8/sendmail.8.gz
+%ghost %{_mandir}/man1/mailq.1.gz
+%ghost %{_mandir}/man1/newaliases.1.gz
+%ghost %{_mandir}/man5/aliases.5.gz
+%ghost %{_mandir}/man8/rmail.8.gz
+%ghost %{_mandir}/man8/makemap.8.gz
+%ghost %{_mandir}/man8/editmap.8.gz
+
+%dir %{stdir}
+%dir %{_sysconfdir}/smrsh
+%dir %{maildir}
+%attr(0770,smmsp,smmsp) %dir %{spooldir}/clientmqueue
+%attr(0700,root,mail) %dir %{spooldir}/mqueue
+
+%config(noreplace) %verify(not size mtime md5) %{stdir}/statistics
+%config(noreplace) %{maildir}/Makefile
+%config(noreplace) %{maildir}/make
+%config(noreplace) %{maildir}/sendmail.cf
+%config(noreplace) %{maildir}/submit.cf
+%config(noreplace) %{maildir}/helpfile
+%config(noreplace) %{maildir}/sendmail.mc
+%config(noreplace) %{maildir}/submit.mc
+%config(noreplace) %{maildir}/access
+%config(noreplace) %{maildir}/domaintable
+%config(noreplace) %{maildir}/local-host-names
+%config(noreplace) %{maildir}/mailertable
+%config(noreplace) %{maildir}/trusted-users
+%config(noreplace) %{maildir}/virtusertable
+
+%ghost %{maildir}/aliasesdb-stamp
+%ghost %{maildir}/virtusertable.db
+%ghost %{maildir}/access.db
+%ghost %{maildir}/domaintable.db
+%ghost %{maildir}/mailertable.db
+
+%ghost %{spooldir}/clientmqueue/sm-client.st
+
+%{_unitdir}/sendmail.service
+%{_unitdir}/sm-client.service
+%config(noreplace) %{_sysconfdir}/sysconfig/sendmail
+%config(noreplace) %{_sysconfdir}/pam.d/smtp.sendmail
+%{_sysconfdir}/NetworkManager/dispatcher.d/10-sendmail
+
+%if "%{with_sasl2}" == "yes"
+%config(noreplace) %{_sysconfdir}/sasl2/Sendmail.conf
+%endif
+
+%files cf
+%doc %{sendmailcf}/README
+%dir %{sendmailcf}
+%{sendmailcf}/cf
+%{sendmailcf}/domain
+%{sendmailcf}/feature
+%{sendmailcf}/hack
+%{sendmailcf}/m4
+%{sendmailcf}/mailer
+%{sendmailcf}/ostype
+%{sendmailcf}/sendmail.schema
+%{sendmailcf}/sh
+%{sendmailcf}/siteconfig
+
+%files milter-devel
+%doc libmilter/docs/*
+%dir %{_includedir}/libmilter
+%{_includedir}/libmilter/*.h
+%{_libdir}/libmilter.so
+
+%files milter
+%doc LICENSE
+%doc %{_docdir}/sendmail/README.libmilter
+%{_libdir}/libmilter.so.[0-9].[0-9]
+%{_libdir}/libmilter.so.[0-9].[0-9].[0-9]
+
+%files doc
+%{_docdir}/sendmail/README.cf
+%{_docdir}/sendmail/README.sendmail
+%{_docdir}/sendmail/README.smrsh
+%{_docdir}/sendmail/SECURITY
+%{_docdir}/sendmail/op.pdf
+%dir %{_docdir}/sendmail/contrib
+%attr(0644,root,root) %{_docdir}/sendmail/contrib/*
+
+
+%changelog
+* Mon Nov 19 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-31
+- Used _prefix macro for /usr
+ Resolves: rhbz#1650256
+
+* Thu Nov 15 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-30
+- Dropped sysvinit support
+ Resolves: rhbz#1610287
+- Dropped hesiod support
+ Resolves: rhbz#1638491
+
+* Mon Jul 23 2018 Robert Scheck <robert@fedoraproject.org> - 8.15.2-29
+- Add basic sendmail TLS configuration by default (#1607314 #c11)
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 8.15.2-28
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jun 26 2018 Robert Scheck <robert@fedoraproject.org> - 8.15.2-27
+- Use SSL_CTX_use_certificate_chain_file() to handle intermediate
+ certificates passed additionally in confSERVER_CERT (#1565341)
+
+* Tue May 29 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-26
+- Changed libnsl2 paths
+ Resolves: rhbz#1543933
+
+* Wed Mar 07 2018 Adam Williamson <awilliam@redhat.com> - 8.15.2-25
+- Rebuild to fix GCC 8 mis-compilation
+ See https://da.gd/YJVwk ("GCC 8 ABI change on x86_64")
+
+* Mon Feb 19 2018 Ondřej Lysoněk <olysonek@redhat.com> - 8.15.2-24
+- Add gcc to BuildRequires
+
+* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 8.15.2-23
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Sun Jan 21 2018 Björn Esser <besser82@fedoraproject.org> - 8.15.2-22
+- Explicitly BR: libnsl2-devel and add needed paths in build config
+
+* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 8.15.2-21
+- Rebuilt for switch to libxcrypt
+
+* Thu Nov 30 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-20
+- Dropped tcp_wrappers support
+ Resolves: rhbz#1518782
+
+* Fri Aug 18 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-19
+- Replaced compile-fix patch by format-security patch from Debian not to
+ change status codes
+ Resolves: rhbz#1482808
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 8.15.2-18
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Sun Jul 30 2017 Florian Weimer <fweimer@redhat.com> - 8.15.2-17
+- Rebuild with binutils fix for ppc64le (#1475636)
+
+* Thu Jul 27 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-16
+- Fixed ECDHE to work with all curves (openssl-1.1.0-ecdhe-fix patch)
+ Resolves: rhbz#1473971
+
+* Thu Mar 23 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-15
+- Explicitly enabled sm-client statistics
+ Related: rhbz#890585
+- Fixed compilation with -Werror=format-security which seems to be the
+ default in f27+
+
+* Thu Feb 23 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-14
+- Also removed the systemd restart limit from the sm-client service
+ Related: rhbz#1422771
+
+* Tue Feb 21 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-13
+- Removed systemd limit for sendmail restarts to workaround failure due to
+ rapid restarts caused by NetworkManager dispatcher script
+ Resolves: rhbz#1422771
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 8.15.2-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Thu Dec 8 2016 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-11
+- Added SASL AUTH_REALM into default configuration
+ Resolves: rhbz#748279
+- Fixed compilation with openssl-1.1.0
+ Resolves: rhbz#1400239
+
+* Wed Nov 30 2016 Ondřej Lysoněk <olysonek@redhat.com> - 8.15.2-10
+- Enabled _FFR_MILTER_CHECK_REJECTIONS_TOO
+ Resolves: rhbz#1112340
+
+* Mon Aug 08 2016 Ondřej Lysoněk <olysonek@redhat.com> - 8.15.2-9
+- Fixed Provides and Obsoletes in sendmail-milter-devel
+- Made 'Requires: sendmail-milter' in sendmail-milter-devel arch specific
+
+* Thu Jul 28 2016 Ondřej Lysoněk <olysonek@redhat.com> - 8.15.2-8
+- Removed dependency for sendmail in sendmail-devel, renamed sendmail-devel
+ to sendmail-milter-devel
+ Resolves: rhbz#891288
+
+* Fri Jun 3 2016 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-7
+- Enabled editmap
+ Resolves: rhbz#1342393
+
+* Tue Mar 1 2016 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-6
+- Fixed SMTP session reuse bug
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 8.15.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Wed Sep 23 2015 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-4
+- Compiled all with full RELRO, including libmilter
+ Resolves: rhbz#1264035
+
+* Wed Sep 23 2015 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-3
+- Added support for socket activation to libmilter
+ Resolves: rhbz#1262535
+
+* Wed Jul 22 2015 Lubomir Rintel <lkundrak@v3.sk> - 8.15.2-2
+- nm-dispacher: don't block the connection activation
+ Resolves: rhbz#1237070
+
+* Tue Jul 7 2015 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.2-1
+- New version
+ Resolves: rhbz#1239185
+- Dropped ipv6-bad-helo patch (upstreamed)
+- Updated/defuzzified patches
+
+* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.15.1-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Wed May 27 2015 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.1-5
+- Added makemap and its manual page into alternatives
+ Resolves: rhbz#1219178
+
+* Fri Mar 20 2015 Robert Scheck <robert@fedoraproject.org> - 8.15.1-4
+- Use uncompressed (new) IPv6 address format in block_bad_helo.m4
+
+* Tue Mar 10 2015 Adam Jackson <ajax@redhat.com> 8.15.1-3
+- Drop sysvinit subpackage from F23+
+
+* Thu Feb 26 2015 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.1-2
+- Removed code for transition from sysv init to systemd (deprecated)
+
+* Mon Dec 8 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 8.15.1-1
+- New version
+- Dropped hesiod patch (not needed)
+- Dropped libdb5 patch (upstreamed)
+- Rebased patches
+
+* Thu Aug 21 2014 Kevin Fenzi <kevin@scrye.com> - 8.14.9-5
+- Rebuild for rpm bug 1131960
+
+* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.9-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.9-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Mon Jun 2 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.9-2
+- Dropped milterfdleaks patch (not needed)
+
+* Wed May 21 2014 Robert Scheck <robert@fedoraproject.org> - 8.14.9-1
+- Upgrade to 8.14.9
+
+* Sun Apr 13 2014 Robert Scheck <robert@fedoraproject.org> - 8.14.8-2
+- Enable ECDHE support
+
+* Tue Feb 11 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.8-1
+- New version
+ Resolves: rhbz#1059665
+- Updated/defuzzified patches
+
+* Tue Aug 6 2013 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.7-5
+- Used unversioned doc directory
+ Resolves: rhbz#994090
+
+* Sat Aug 03 2013 Petr Pisar <ppisar@redhat.com> - 8.14.7-4
+- Perl 5.18 rebuild
+
+* Fri Aug 2 2013 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.7-3
+- Rebuilt with -D_FILE_OFFSET_BITS=64
+ Related: rhbz#912785
+
+* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 8.14.7-2
+- Perl 5.18 rebuild
+
+* Sun Apr 21 2013 Robert Scheck <robert@fedoraproject.org> - 8.14.7-1
+- Upgrade to 8.14.7
+
+* Mon Feb 25 2013 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.6-4
+- Switched to systemd-rpm macros
+ Resolves: rhbz#850310
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.6-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Wed Jan 16 2013 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.6-2
+- Fixed milter_helo regression (milter-helo-fix patch)
+ Resolves: rhbz#895552
+- Fixed bogus dates in changelog
+
+* Mon Dec 24 2012 Robert Scheck <robert@fedoraproject.org> - 8.14.6-1
+- Upgrade to 8.14.6
+
+* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.5-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Mon Jun 25 2012 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-14
+- Used power64 macro to support more subarchitectures like ppc64p7
+ Resolves: rhbz#834626
+
+* Fri Apr 6 2012 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-13
+- Rebuilt with libdb-5.2
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.5-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Wed Nov 23 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-11
+- Added tighter bound to sm-client.service and sendmail.service
+ Resolves: rhbz#756232
+
+* Mon Oct 24 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-10
+- The nm-dispatcher now uses try-restart instead of restart
+ Resolves: rhbz#748416
+
+* Tue Sep 13 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-9
+- Enabled alternatives --initscript in post section
+- Improved sysvinit subpackage - switched to noarch, added scriptlets
+- Workarounded sm-client stop on SysV to systemd migration
+
+* Tue Aug 30 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-8
+- Enable override of hardened build settings
+
+* Tue Aug 30 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-7
+- Hardened build with full relro
+- Provided SysV initscript in sysvinit subpackage for backward compatibility
+
+* Mon Jul 25 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-6
+- Fixed systemctl disable command in preun section
+- Replaced reload by restart, dropped ExecReload from sendmail.service
+ Resolves: rhbz#719931
+- Switched to systemctl in NetworkManager dispatcher script
+- Added ExecStartPre=-/etc/mail/make to sm-client.service
+- Hardcoded daemon option (-bd) to sendmail.service, dropped the DAEMON var
+- QUEUE var in /etc/sysconfig/sendmail replaced by SENDMAIL_OPTS var
+- Added default preset (-q1h) to SENDMAIL_OPTS var
+
+* Fri Jul 22 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-5
+- Fixed SMTP AUTH over TLS in case of two AUTH lines
+ Resolves: rhbz#716628
+
+* Mon Jul 18 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-4
+- Removed dots from description (there are no dots in systemd packaging
+ guidelines)
+- Changed service type to forking and explicitly specified PID files
+- Fixed creation of sm-client.pid
+- Added Wants to sm-client.service and sendmail.service
+- Replaced each occurrence of /var/run by /run in config files
+- More details are available in rhbz#697636
+
+* Thu Jun 30 2011 Jóhann B. Guðmundsson <johannbg@gmail.com> - 8.14.5-3
+- Introduce systemd unit file, drop SysV support
+
+* Thu Jun 16 2011 Paul Howarth <paul@city-fan.org> - 8.14.5-2
+- Rebuilt with libdb-5.2
+
+* Tue May 17 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.5-1
+- New version 8.14.5
+- Removed m4-ldap-routing, milter-fix-negativeid, man-i-option-fix
+ patches (upstreamed)
+
+* Thu Mar 03 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-21
+- fix negative ctx_id in milter debug output (#577558)
+- fix incomplete description of the -i option in man page (#676824)
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.4-20
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Wed Jan 12 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-19
+- updated QoS patch, including upstream comments and AF_INET6 4-in-6 support
+
+* Mon Jan 10 2011 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-18
+- add QoS support, patch from Philip Prindeville <philipp@fedoraproject.org>
+ upstream reserved option ID 0xe7 for testing of this new feature (#576643)
+
+* Fri Nov 26 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-17
+- change LSB init header to provide $mail-transport-agent (#627413)
+
+* Mon Nov 08 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-16
+- fix m4 ldap routing macro, backport from 8.14.5.Alpha0, (#650366)
+
+* Wed Sep 29 2010 jkeating - 8.14.4-15
+- Rebuilt for gcc bug 634757
+
+* Fri Sep 24 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-14
+- fix MAXHOSTNAMELEN (#485380)
+
+* Mon Sep 13 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-13
+- rebuilt with libdb-5.1
+
+* Wed Aug 25 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-12
+- updated sendmail.nm-dispatcher script to handle VPN connections (#577540)
+
+* Tue Aug 17 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-11
+- README.libmilter moved to milter subpackage
+- updated description of doc subpackage
+- README.redhat removed (not needed any more)
+
+* Wed Aug 04 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-10
+- added stub man pages for hoststat and purgestat
+- rmail man page added to alternatives
+- updated subpackages description
+- sendmail-cf/cf/README is not packaged - it is useless for end users
+- added comments about purpose of files and patches
+- removed redundant license tag from milter subpackage
+
+* Thu Jul 08 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-9
+- added license to milter subpackage according to new Licensing
+ Guidelines
+
+* Mon Jun 14 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-8
+- all 'define' changed to 'global' in spec
+- perl interpreter path fixup moved from 'install' to 'prep'
+
+* Fri Jun 11 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-7
+- silenced warning about non-existing config in {_libdir}/sasl2
+
+* Tue Jun 08 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-6
+- sasl2 config moved from {_libdir}/sasl2 to {_sysconfdir}/sasl2
+- added libdb5 patch for building with libdb-5
+- rebuilt with libdb-5
+
+* Mon May 31 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-5
+- fixed user/group creation
+
+* Tue Mar 02 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-4
+- used noreplace for sasl config
+- used ghost instead of explicit provides
+- deffattr changed to (-,root,root,-)
+
+* Mon Feb 15 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-3
+- fixed libresolv implicit DSO linking (#564647)
+- fixed initscript LSB compliance (#561040)
+
+* Thu Feb 04 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-2
+- fixed typo in spec file
+- fixed aliases_dir patch
+
+* Tue Feb 02 2010 Jaroslav Škarvada <jskarvad@redhat.com> - 8.14.4-1
+- new version 8.14.4 (#552078)
+- RPM attributes S, 5, T not recorded for statistics file
+- adapted patches: makemapman, dynamic, switchfile (#552078)
+- movefiles patch incorporated into aliases_dir patch
+- drop exitpanic patch (fixed upstream)
+
+* Sun Jan 03 2010 Robert Scheck <robert@fedoraproject.org> 8.14.3-10
+- handle IPv6:::1 in block_bad_helo.m4 like 127.0.0.1 (#549217)
+
+* Tue Dec 15 2009 Miroslav Lichvar <mlichvar@redhat.com> 8.14.3-9
+- fix milter file descriptors leaks (#485426)
+- skip colon separator when parsing service name in ServiceSwitchFile
+- return with non-zero exit code when free space is below MinFreeBlocks
+- fix service stop/restart when only smclient is running
+- fix submit.cf and helpfile permissions
+- more merge review fixes (#226407)
+
+* Wed Sep 16 2009 Tomas Mraz <tmraz@redhat.com> - 8.14.3-8
+- Use password-auth common PAM configuration instead of system-auth
+
+* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 8.14.3-7
+- rebuilt with new openssl
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.3-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 8.14.3-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Tue Jan 20 2009 Miroslav Lichvar <mlichvar@redhat.com> 8.14.3-4
+- build shared libmilter (#309281)
+- drop static libraries
+- convert RELEASE_NOTES to UTF-8
+
+* Fri Dec 19 2008 Miroslav Lichvar <mlichvar@redhat.com> 8.14.3-3
+- run newaliases only when necessary
+
+* Wed Dec 03 2008 Miroslav Lichvar <mlichvar@redhat.com> 8.14.3-2
+- add NM dispatcher script (#451575)
+- print warning on service start when sendmail-cf is required (#447148)
+- replace Makefile with shell script to avoid dependency on make (#467841)
+- fix multiarch conflicts (#343161)
+- preserve timestamps on config files
+- gzip RELEASE_NOTES
+- defuzz patches
+- drop gcc2690 patch
+
+* Tue Jul 22 2008 Thomas Woerner <twoerner@redhat.com> 8.14.3-1
+- new version 8.14.3
+
+* Thu Jul 10 2008 Tom "spot" Callaway <tcallawa@redhat.com> 8.14.2-5
+- rebuild against db4-4.7
+
+* Sat Mar 29 2008 Dennis Gilmore <dennis@ausil.us> 8.14.2-4
+- add sparcv9 to the -fPIE list
+
+* Fri Feb 8 2008 Thomas Woerner <twoerner@redhat.com> 8.14.2-3
+- added server(smtp) provide (rhbz#380621)
+
+* Wed Dec 05 2007 Release Engineering <rel-eng at fedoraproject dot org> - 8.14.2-2
+ - Rebuild for deps
+
+* Thu Nov 22 2007 Thomas Woerner <twoerner@redhat.com> 8.14.2-1
+- new version 8.14.2
+
+* Mon Sep 17 2007 Thomas Woerner <twoerner@redhat.com> 8.14.1-4.2
+- made init script fully lsb conform
+
+* Wed Aug 29 2007 Thomas Woerner <twoerner@redhat.com> 8.14.1-4.1
+- fixed condrestart in init script to use exit instead of return
+
+* Mon Aug 27 2007 Thomas Woerner <twoerner@redhat.com> 8.14.1-4
+- do not remove /etc/aliases.db on package removal (rhbz#223637)
+- fixed remaining paths to certs directory in sendmail.mc file
+- added contrib scripts to the doc package (rhbz#183723)
+- added LSB header to init script (rhbz#247053)
+- added plain login information for cyrus-sasl to access file
+- fixed compile problem with glibc-2.6.90+
+- fixed reoccuring m4 include problem (now using sinclude)
+
+* Fri Jul 20 2007 Thomas Woerner <twoerner@redhat.com> 8.14.1-3
+- do not accept localhost.localdomain as valid address from smtp
+
+* Mon Apr 16 2007 Thomas Woerner <twoerner@redhat.com> 8.14.1-2
+- readded chkconfig add for sendmail in post script
+- dropped mysql support (useless without further patching)
+- fixed executable permissions for /usr/sbin/makemap and /usr/sbin/smrsh
+- dropped FFR_UNSAFE_SASL, because it has no effect anymore
+
+* Thu Apr 12 2007 Thomas Woerner <twoerner@redhat.com> 8.14.1-1.1
+- replaced prereq tags with requires() tags.
+
+* Thu Apr 12 2007 Thomas Woerner <twoerner@redhat.com> 8.14.1-1
+- new version 8.14.1
+- spec file cleanup for merge review (rhbz#226407)
+- dropped update support for sendmail versions prior to 8.12.0
+- using pdf documentation
+
+* Tue Feb 6 2007 Thomas Woerner <twoerner@redhat.com> 8.14.0-1
+- new version 8.14.0
+- adapted patches: makemapman, dynamic
+
+* Tue Jan 23 2007 Florian La Roche <laroche@redhat.com>
+- #205803 add sparc/sparc64 to -fPIE list
+- change sendmail.cf reference into sendmail-cf package name
+
+* Mon Dec 4 2006 Thomas Woerner <twoerner@redhat.com> 8.13.8-3.1
+- tcp_wrappers has a new devel and libs sub package, therefore changing build
+ requirement for tcp_wrappers to tcp_wrappers-devel
+
+* Tue Nov 28 2006 Thomas Woerner <twoerner@redhat.com> 8.13.8-3
+- added missing LDAP_DEPRECATED flag (#206288)
+
+* Mon Sep 04 2006 Florian La Roche <laroche@redhat.com>
+- unify sendmail.mc
+- remove version information from sendmail helpfile
+
+* Fri Sep 1 2006 Thomas Woerner <twoerner@redhat.com> 8.13.8-1
+- new version 8.13.8 fixes CVE-2006-4434 (denial of service via a long header
+ line)
+
+* Thu Jul 20 2006 Thomas Woerner <twoerner@redhat.com> 8.13.7-3.1
+- dropped chown of /etc/mail/authinfo.db (#199455)
+
+* Tue Jul 18 2006 Thomas Woerner <twoerner@redhat.com> 8.13.7-3
+- using new syntax for access database (#177566)
+- fixed failure message while shutting down sm-client (#119429)
+ resolution: stop sm-client before sendmail
+- fixed method to specify persistent queue runners (#126760)
+- removed patch backup files from sendmail-cf tree (#152955)
+- fixed missing dnl on SMART_HOST define (#166680)
+- fixed wrong location of aliases and aliases.db file in aliases man page
+ (#166744)
+- enabled CipherList config option for sendmail (#172352)
+- added user chowns for /etc/mail/authinfo.db and move check for cf files
+ (#184341)
+- fixed Makefile of vacation (#191396)
+ vacation is not included in this sendmail package
+- /var/log/mail now belongs to sendmail (#192850)
+
+* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 8.13.7-2.1
+- rebuild
+
+* Mon Jun 19 2006 Thomas Woerner <twoerner@redhat.com> 8.13.7-2
+- dropped reference to Red Hat Linux in sendmail-redhat.mc (#176679)
+
+* Mon Jun 19 2006 Thomas Woerner <twoerner@redhat.com> 8.13.7-1
+- new version 8.13.7 (#195282)
+- fixes CVE-2006-1173 (VU#146718): possible denial of service issue caused by
+ malformed multipart messages (#195776)
+
+* Wed Mar 22 2006 Thomas Woerner <twoerner@redhat.com> 8.13.6-1
+- new version 8.13.6 (fixes VU#834865)
+- dropped libmilter-sigwait patch (fixed in 8.13.6)
+
+* Fri Feb 17 2006 Thomas Woerner <twoerner@redhat.com> 8.13.5-3
+- fixed selinuxenabled path in initscript
+- fixed error handling with sigwait (#137709)
+ Thanks to Jonathan Kamens for the patch
+- fixed prereq for cyrus-sasl: now using /usr/sbin/saslauthd
+- appended 'dnl' to cert tags in sendmail.mc
+
+* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 8.13.5-2.2.1
+- bump again for double-long bug on ppc(64)
+
+* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 8.13.5-2.2
+- rebuilt for new gcc4.1 snapshot and glibc changes
+
+* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
+- rebuilt
+
+* Thu Nov 10 2005 Tomas Mraz <tmraz@redhat.com> 8.13.5-2
+- rebuilt against new openssl
+
+* Mon Oct 10 2005 Tomas Mraz <tmraz@redhat.com>
+- use include instead of pam_stack in pam config
+
+* Mon Sep 19 2005 Thomas Woerner <twoerner@redhat.com> 8.13.5-1
+- new version 8.13.5
+- fixed email address in changelog
+
+* Fri May 6 2005 Thomas Woerner <twoerner@redhat.com> 8.13.4-2
+- using new certificates directory /etc/pki/tls/certs
+
+* Wed Apr 27 2005 Thomas Woerner <twoerrner@redhat.com> 8.13.4-1.1
+- added configuration example for Cyrus-IMAPd to sendmail.mc (#142001)
+ Thanks to Alexander Dalloz
+
+* Tue Apr 12 2005 Thomas Woerner <twoerner@redhat.com> 8.13.4-1
+- new version 8.13.4
+- added requires for the sendmail base package in sendmail-cf, sendmail-devel
+ and sendmail-doc
+- dropped upstream close_wait.p2 patch
+
+* Thu Mar 17 2005 Thomas Woerner <twoerner@redhat.com> 8.13.3-2
+- dropped direct support for bind: no bind in confLIBSEARCH anymore,
+ using libresolv again
+
+* Thu Mar 10 2005 Jason Vas Dias <jvdias@redhat.com> 8.13.3-1.2
+- fix libbind include path - use /usr/include/bind/netdb.h, no
+- /usr/include/netdb.h - bug: 150339
+
+* Tue Mar 1 2005 Thomas Woerner <twoerner@redhat.com> 8.13.3-1.1
+- fixed gcc4 build: use double quotes for confOPTIMIZE to avoid m4 confusion
+ with ','
+- fix for ppc: using tripple-quotes
+
+* Wed Jan 26 2005 Thomas Woerner <twoerner@redhat.com> 8.13.3-1
+- new version 8.13.3 with closewait.p2 patch
+
+* Fri Dec 17 2004 Thomas Woerner <twoerner@redhat.com> 8.13.2-1
+- new version 8.13.2
+- thanks to Robert Scheck for adapting the patches
+
+* Thu Nov 11 2004 Jeff Johnson <jbj@jbj.org> 8.13.1-2.2
+- rebuild against db-4.3.21.
+
+* Tue Oct 26 2004 Thomas Woerner <twoerner@redhat.com> 8.13.1-2.1
+- added missing BuildRequires for groff (#134778)
+- added socketmap support (#131906)
+
+* Wed Sep 1 2004 Thomas Woerner <twoerner@redhat.com> 8.13.1-2
+- applied Sendmail Errata (2004-08-24): errata_cataddr (#131179)
+
+* Mon Aug 2 2004 Thomas Woerner <twoerner@redhat.com> 8.13.1-1
+- new version 1.13.1
+
+* Wed Jun 30 2004 Thomas Woerner <twoerner@redhat.com> 8.13.0-1.1
+- fixed init script to not complain missing sendmail-cf package (#126975)
+- better message in /etc/mail/Makefile for missing sendmail-cf package.
+
+* Mon Jun 21 2004 Thomas Woerner <twoerner@redhat.com> 8.13.0-1
+- new version 8.13.0
+- made /etc/mail/Makefile complain missing sendmail-cf package (#123348)
+- fixed ownership of %%{_includedir}/libmilter (#73977)
+- moved back to /usr/share/ssl/certs as certificate directory (see sendmail.mc)
+- extended sendmail.mc for spam protection
+
+* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Thu Apr 15 2004 Dan Walsh <dwalsh@redhat.com> 8.12.11-4.6
+- Fix selinuxenabled location
+
+* Wed Apr 7 2004 Dan Walsh <dwalsh@redhat.com> 8.12.11-4.5
+- Fix security context of pid file for selinux
+
+* Fri Apr 2 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-4.4
+- fixed alternatives slave for sendmail.sendmail
+
+* Thu Apr 1 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-4.3
+- set path to cyrus-imapd deliver
+
+* Wed Mar 31 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-4.2
+- fixed spec file
+
+* Wed Mar 31 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-4.1
+- added authinfo to possible sendmail maps: /etc/mail/Makefile (#119010)
+- fixed minor version in changelog
+
+* Wed Mar 17 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-4
+- new slave in alternatives for sendmail man page
+
+* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Thu Feb 19 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-3.2
+- removed buildreq for gdbm-devel
+
+* Thu Feb 19 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-3
+- RH3.0E version: sasl1, no pie, old_setup (provide /etc/aliases)
+- new switches for pie and old_setup
+
+* Thu Feb 5 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-2.1
+- new Sendmail.conf for sasl1 (#114726)
+
+* Wed Jan 28 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-2
+- added information for saslauthd and AUTH (#113463)
+- fixed STATUS_FILE in sendmail-redhat.mc (#114302)
+- reset mta after update if mta was sendmail (#114257)
+- enabled pie for ia64 again
+
+* Mon Jan 26 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-1.3
+- removed /etc/aliases (now in setup)
+
+* Thu Jan 22 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-1.2
+- /usr/lib/sendmail is in alternatives, now
+- removed trailing / from stdir
+- fixed define for STATUS_FILE
+
+* Wed Jan 21 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-1.1
+- disabled pie for ia64
+
+* Tue Jan 20 2004 Thomas Woerner <twoerner@redhat.com> 8.12.11-1
+- new version 8.12.11
+- pie
+
+* Mon Jan 12 2004 Thomas Woerner <twoerner@redhat.com> 8.12.10-7
+- fc2 version (with sasl2)
+
+* Mon Jan 12 2004 Thomas Woerner <twoerner@redhat.com> 8.12.10-6
+- reverted to sasl1 for 3.0E: added with_sasl1
+- spec file cleanup
+- new location for statistics file (/var/log/)
+
+* Sun Dec 14 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- Fix download url.
+
+* Sat Dec 13 2003 Jeff Johnson <jbj@jbj.org> 8.12.10-5
+- rebuild against db-4.2.52.
+
+* Thu Dec 11 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix pam alternatives handling
+- add patch from Jakub Jelinek for PIE
+
+* Fri Dec 05 2003 Karsten Hopp <karsten@redhat.de> 8.12.10-3
+- fix usage of RPM_OPT_FLAGS variable in spec file
+- add makecert.sh script to -doc subpackage
+- add cert paths to sendmail.mc
+
+* Wed Nov 26 2003 Karsten Hopp <karsten@redhat.de>
+- fix alternatives (#109313)
+- enable TLS
+
+* Mon Oct 27 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- add some more system account entries into /etc/aliases
+- add example for a mixed IPv6/IPv4 setup
+
+* Fri Oct 24 2003 Harald Hoyer <harald@redhat.de> 8.12.10-2
+- added with_ options
+
+* Thu Sep 25 2003 Jeff Johnson <jbj@jbj.org> 8.12.10-1.2
+- rebuild against db-4.2.42.
+
+* Thu Sep 18 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.10
+
+* Wed Sep 17 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- add security patches for CAN-2003-0694 and CAN-2003-0681
+
+* Mon Sep 01 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- move debug information from sendmail into debuginfo rpm
+- on %%post make sure /etc/aliases.db and /etc/mail/*.db is correctly
+ owned by root
+- do not set confTRUSTED_USER to smmsp in sendmail-redhat.mc
+
+* Fri Aug 08 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- run "make -C /etc/mail" (maybe generating new sendmail.cf, then newaliases
+- added $SENDMAIL_OPTARG that could be set by /etc/sysconfig/sendmail #99224
+
+* Wed Jul 30 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- adjust rpm license tag to say "Sendmail"
+
+* Fri Jul 04 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- enable pie only for a few archs
+- enable full optims for s390 again, compiler seems to be fixed
+
+* Mon Jun 30 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- apply patch from Ulrich Drepper to support -pie
+
+* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Sat May 31 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- make init script more robust #91879
+
+* Sun May 11 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- sendmail-cf requires m4, #90513
+
+* Fri May 9 2003 Nalin Dahyabhai <nalin@redhat.com> 8.12.9-6
+- move Sendmail.conf from /usr/lib/sasl to /usr/lib/sasl2 and change the
+ default pwcheck method to "saslauthd"
+
+* Mon May 5 2003 Nalin Dahyabhai <nalin@redhat.com> 8.12.9-5
+- configure to use libsasl2 instead of libsasl to avoid linking with both
+ (we also link to libldap, which now uses libsasl2)
+- link with -ldb instead of -ldb-4.0 on all releases after RHL 7.3 instead
+ of just 7.3 (all versions of db4-devel thereafter are expected to provide
+ the right linking setup)
+
+* Tue Apr 15 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- add a "umask 022" before building the *.cf files in /etc/mail/Makefile
+
+* Fri Apr 04 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- mark /etc/mail/Makefile as config(noreplace) #87688
+- mark /etc/pam.d/smtp as config(noreplace) #87731
+
+* Sun Mar 30 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.9
+
+* Wed Mar 26 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- call make with the target "all" #86005
+- add start/stop/restart as Makefile targets
+- add another security patch
+
+* Wed Mar 05 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- add correct db4-devel requirements for newer releases
+- completely re-do many ifdef code in the spec-file
+- fix some issues building for older RHL releases
+
+* Mon Feb 24 2003 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Mon Feb 24 2003 Elliot Lee <sopwith@redhat.com>
+- rebuilt
+
+* Mon Feb 24 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.8
+
+* Tue Feb 11 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- rebuilt
+
+* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
+- rebuilt
+
+* Wed Jan 22 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- add a confTRUSTED_USER line into sendmail.mc, submit.mc is already ok
+- add patch from sendmail.org for cf/m4/proto.m4
+
+* Mon Jan 13 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- do not reject all numeric login names if hesiod support is
+ compiled in. #80060
+- remove reference to non-existing man-pages #74552
+
+* Sun Jan 12 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- sendmail-8.12.7-etrn.patch from Jos Vos <jos@xos.nl>
+- submit.mc: enable "use_ct_file" by default #80519
+- add _FFR_MILTER_ROOT_UNSAFE #78223
+
+* Sat Jan 11 2003 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.7
+- hack to make lib64 version work
+- downgrade s390 optims to make it compile
+
+* Mon Jan 6 2003 Nalin Dahyabhai <nalin@redhat.com>
+- add openssl-devel as a build-time requirement
+- preprocess the config file to add the right version of %%{_lib}
+- add kerberos -I and -L flags to build configuration, needed for newer
+ versions of libssl
+
+* Wed Dec 11 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- always have a queue run interval for sm-msp-queue #81424
+- Jos Vos suggests adding another variable for sm-client queue-run
+
+* Mon Dec 02 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- add the following changes from Adrian Havill <havill@redhat.com>
+ to our default sendmail.mc file:
+ - added commented-out-by-default common AUTH/SSL examples
+ - updated m4 example and rpm reference
+ - added more comment documentation
+ - add commented out confAUTO_REBUILD example
+ - improve description about MASQUERADE_AS
+
+* Mon Nov 18 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- add to submit.mc: define(`_MTA_HOST_', `[127.0.0.1]')
+ to deliver directly to localhost IP instead of going through DNS
+- submit.mc: exchange msp and use_ct_file to better enable it
+- do not undefine UUCP_RELAY and BITNET_RELAY
+- sendmail.mc: use LOCAL_DOMAIN instead of "Cw" directly
+- sendmail.mc: add commented out MASQUERADE_AS example
+- re-enable DAEMON variable for now
+
+* Tue Nov 12 2002 Nalin Dahyabhai <nalin@redhat.com>
+- remove absolute path names from the PAM configuration, allowing it to be
+ used by any arch on a multilib system
+
+* Sun Nov 03 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix mailman alias #75129
+
+* Sat Nov 02 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.6
+
+* Fri Oct 04 2002 Phil Knirsch <pknirsch@redhat.com> 8.12.5-7.2
+- Drop optflags to default to build correctly on s390(x).
+
+* Thu Sep 12 2002 Than Ngo <than@redhat.com> 8.12.5-7.1
+- Added fix to build on x86_64
+
+* Thu Aug 29 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- clean up some specfile cruft
+- add more pseudo accounts to /etc/aliases
+
+* Thu Jul 25 2002 Phil Knirsch <pknirsch@redhat.com>
+- Only generate new cf files if the /usr/share/sendmail-cf/m4/cf.m4 exists.
+
+* Wed Jul 24 2002 Phil Knirsch <pknirsch@redhat.com>
+- Changed the behaviour in /etc/mail/Makefile to generate the sendmail.cf and
+ submit.cf from the mc files if they changed.
+- Added a small README.redhat that descibed the new mc file behaviour and the
+ split into sendmail.cf and submit.cf.
+
+* Wed Jul 24 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- suggestions form Stephane Lentz:
+ - add correct include statement into submit.mc (like sendmail.mc)
+ - add commented out further suggestions into submit.mc
+ - disable ident lookups
+
+* Thu Jul 11 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix initscript for the second daemon and pidfile location #67910
+
+* Mon Jul 01 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.5
+
+* Thu Jun 27 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- add further queue runs, slight spec-file cleanups
+
+* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Tue Jun 11 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.4, adjust smrsh patch
+
+* Thu May 23 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Sat Apr 13 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.12.3
+
+* Tue Mar 26 2002 Tim Powers <timp@redhat.com>
+- rebuilt
+
+* Mon Mar 25 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix alternatives --remove #61737
+- add sendmail/SECURITY as docu #61870, #61545
+
+* Wed Mar 20 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- add libsm.a #61270
+- change from /etc/sendmail.cf to /etc/mail/sendmail.cf
+- add milter patch
+
+* Wed Mar 13 2002 Bill Nottingham <notting@redhat.com>
+- ignore DAEMON=no; that configuration no longer functions
+
+* Wed Mar 13 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- make sure more version information is in the cf file #54418
+- do not use "-b" flag when patching in spec file
+- require newer chkconfig version #61035
+- fix preun script #60880
+- add TMPF to access file creation #60956
+
+* Sat Mar 09 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- mv include files to /usr/include/libmilter/ #60795
+- do not use "-f" option to virtusertable #60196
+- ad an example smarthost entry to config file #58298
+
+* Fri Mar 8 2002 Bill Nottingham <notting@redhat.com> 8.12.2-5
+- use alternatives --initscript support
+- run chkconfig --add before alternatives
+
+* Thu Feb 28 2002 Bill Nottingham <notting@redhat.com> 8.12.2-3
+- run alternatives --remove in %%preun
+- add some prereqs
+
+* Mon Feb 25 2002 Nalin Dahyabhai <nalin@redhat.com> 8.12.2-2
+- fix smmsp useradd invocation in %%pre
+- switch back to db3 for storing db files
+
+* Wed Feb 20 2002 Nalin Dahyabhai <nalin@redhat.com> 8.12.2-1
+- update to 8.12.2 (adds STARTTLS support without need for sfio)
+- don't forcibly strip binaries; let the build root handle it
+- add creation of the smmsp account (51/51) in %%pre
+- enable hesiod map support
+- modify default config to use an MSP
+- comment out 'O AutoRebuildAliases' in %%post, otherwise sendmail will
+ fail to restart on upgrades
+
+* Wed Feb 20 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- add proper ifdefs around new alternative stuff to also be able
+ to build this for older releases
+
+* Fri Feb 1 2002 Bill Nottingham <notting@redhat.com> 8.11.6-12
+- %%triggerpostun on older versions to make sure alternatives work on
+ upgrades
+
+* Thu Jan 31 2002 Bill Nottingham <notting@redhat.com> 8.11.6-11
+- clean up alternatives somewhat, provide /usr/sbin/sendmail & friends
+
+* Thu Jan 31 2002 Bernhard Rosenkraenzer <bero@redhat.com> 8.11.6-10
+- Use alternatives
+
+* Tue Jan 22 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix quotation in spec-file
+
+* Thu Jan 10 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- integrate ugly logic to compile this src.rpm also on older Red Hat
+ Linux releases
+- clean up spec file and patches a bit
+- add db4 support
+
+* Wed Jan 09 2002 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix another path to correct docu
+- include sendmail/README in the docu
+- compile with -D_FFR_WORKAROUND_BROKEN_NAMESERVERS, but do not
+ enable this at runtime
+- devel subpackage files owned by root now
+
+* Fri Dec 07 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- change "-q" to "-s" as option to make #57216
+- move milter lib into separate "devel" sub-package
+- add include files to devel sub-package #56064
+- fix pointer in access file to docu #54351
+
+* Mon Sep 10 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- add libmilter docu
+- add support for userdb to /etc/mail/Makefile
+- use "btree" database files if a userdb is used
+- buildrequires tcp_wrappers
+
+* Fri Aug 31 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix libmilter support
+- fix init script to use /etc/mail/Makefile #52932
+
+* Sat Aug 25 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- add libmilter library
+
+* Thu Aug 23 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.11.6
+- correctly use /etc/mail/statistics
+
+* Thu Aug 09 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- change init script back to older conventions #51297
+- remove DoS patch, not needed anymore #51247
+
+* Mon Aug 06 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- add option '-t' to procmail for local mail delivery
+
+* Tue Jul 24 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- point to the map files in sendmail.cf as pointed out by
+ David Beveridge <David@beveridge.com>
+
+* Mon Jul 23 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- add build requires #49695
+- do not call "userdel"
+
+* Tue Jul 10 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- change sendmail.cf to "noreplace"
+
+* Thu Jun 07 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.11.4
+
+* Wed May 09 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.11.3
+- add "localhost.localdomain" to the list of hostnames accepted
+ for local delivery "Cw" in /etc/mail/sendmail.mc
+- add patches from Pekka Savola <pekkas@netcore.fi>
+ - Enable IPv6 at compile time, patch for glibc 2.2 from PLD
+ - Add a commented-out IPv6 daemon .mc line to sendmail.mc
+ - buildrequire: openldap-devel, cyrus-sasl-devel
+
+* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com>
+- rebuild in new environment
+
+* Tue Feb 27 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- add noreplace for /etc/sysconfig/sendmail and /etc/mail/sendmail.mc
+
+* Wed Feb 21 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- add changes from Christopher McCrory <chrismcc@pricegrabber.com>:
+ - prepare /etc/mail/Makefile for more maps not shipped with this rpm
+ - changed sendmail.mc to include some more commented out options,
+ so that people are directly pointed at important options
+ - add /etc/pam.d/smtp for AUTH
+ - add FEATURE(use_ct_file) and /etc/mail/trusted-users
+
+* Fri Feb 16 2001 Tim Powers <timp@redhat.com>
+- don't obsolete postfix and exim, only conflict (for RHN purposes)
+
+* Thu Feb 15 2001 Trond Eivind Glomsrød <teg@redhat.com>
+- obsolete and conflict with exim and postfix
+
+* Wed Feb 14 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix devision by zero bug in #20395
+- mv /usr/lib/sendmail-cf /usr/share/sendmail-cf
+
+* Wed Feb 7 2001 Trond Eivind Glomsrød <teg@redhat.com>
+- i18n tweaks to initscript
+
+* Wed Feb 07 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- aliases.db should be owned by group root
+
+* Wed Jan 24 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- prepare for startup-script translation
+
+* Tue Jan 23 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- enable daemon mode again, but only listen to the loopback device
+ instead of all devices.
+- do not include check.tar with old anti-spam rules
+
+* Fri Jan 12 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix configuration of /etc/aliases
+
+* Mon Jan 08 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- fix interoperation problems with communigate pro
+- disable msa
+
+* Thu Jan 04 2001 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to (security release) 8.11.2
+- build also on RHL 6.x #16061
+- include smrsh man-page #17901
+- use the "-f" flag for makemap to preserve case for virtusertable
+ and userdb in /etc/mail/Makefile - suggested by Harald Hoyer
+- fix /usr/doc -> usr/share/doc in docu #20611
+- wrong path in sendmail.mc #20691
+- tcp-wrapper support wasn't enabled correctly #21642
+- do not expose user "root" when masquerading like in older releases #21643
+- disable the VRFY and EXPN smtp commands #21801
+- disable queue-runs for normal users (restrictqrun privacy flag)
+- fix typo in sendmail.mc #21880, #22682
+- disable daemon mode to see what needs fixing
+
+* Mon Oct 02 2000 Florian La Roche <Florian.LaRoche@redhat.de>
+- update to 8.11.1
+
+* Fri Sep 08 2000 Nalin Dahyabhai <nalin@redhat.com>
+- rebuild in new environment
+
+* Tue Aug 22 2000 Nalin Dahyabhai <nalin@redhat.com>
+- apply fixes for LDAP maps being closed too soon
+
+* Mon Aug 14 2000 Nalin Dahyabhai <nalin@redhat.com>
+- provide /usr/lib/sasl/Sendmail.conf so that people know we can use it (#16064)
+
+* Mon Aug 7 2000 Florian La Roche <Florian.LaRoche@redhat.de>
+- enable listening on the smtp port again
+
+* Fri Aug 4 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix "missing find_m4.sh" problem by defining M4=/usr/bin/m4 (#14767)
+
+* Mon Jul 31 2000 Nalin Dahyabhai <nalin@redhat.com>
+- okay, enable LDAP support again
+- enable SMTP auth support via Cyrus SASL
+
+* Tue Jul 25 2000 Nalin Dahyabhai <nalin@redhat.com>
+- disable the LDAP support until we can remove the sendmail->OpenLDAP->perl dep
+- fix prereq
+
+* Tue Jul 25 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- update to sendmail 8.11.0
+- add LDAP support
+
+* Thu Jul 20 2000 Bill Nottingham <notting@redhat.com>
+- move initscript back
+
+* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
+- automatic rebuild
+
+* Sun Jul 9 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- require procmail
+- add further aliases
+
+* Sat Jul 8 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- prereq init.d
+- fix typo
+
+* Tue Jul 4 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- ignore error from useradd
+
+* Fri Jun 30 2000 Than Ngo <than@redhat.de>
+- FHS fixes
+- /etc/rc.d/init.d -> /etc/init.d
+- fix initscript
+
+* Fri Jun 23 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- change to /usr/share/man
+
+* Wed Jun 21 2000 Preston Brown <pbrown@redhat.com>
+- turn off daemon behaviour by default
+
+* Sun Jun 18 2000 Bill Nottingham <notting@redhat.com>
+- rebuild, fix dependencies
+
+* Sat Jun 10 2000 Bill Nottingham <notting@redhat.com>
+- prereq /usr/sbin/useradd
+
+* Fri May 19 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- enable MAP_REGEX
+- enable tcp_wrapper support
+
+* Thu May 18 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- fix etc/mail/aliases -> /etc/aliases in sendmail-redhat.mc
+
+* Wed May 3 2000 Bill Nottingham <notting@redhat.com>
+- update to 8.10.1
+- fix build without sendmail installed
+- add 'mailnull' user
+
+* Wed Mar 15 2000 Bill Nottingham <notting@redhat.com>
+- update to 8.10.0
+- remove compatiblity chkconfig links
+- add a mailnull user for sendmail to use
+
+* Thu Feb 17 2000 Cristian Gafton <gafton@redhat.com>
+- break the hard link for makemap and create it as a symlnk (#8223)
+
+* Thu Feb 17 2000 Bernhard Rosenkränzer <bero@redhat.com>
+- Fix location of mailertable (Bug #6035)
+
+* Sat Feb 5 2000 Bill Nottingham <notting@redhat.com>
+- fixes for non-root builds (#8178)
+
+* Wed Feb 2 2000 Florian La Roche <Florian.LaRoche@redhat.com>
+- change perms on /etc/sysconfig/sendmail from 0755 to 0644
+- allow compressed man-pages
+
+* Thu Dec 02 1999 Cristian Gafton <gafton@redhat.com>
+- add patch to prevent the DoS when rebuilding aliases
+
+* Wed Sep 1 1999 Jeff Johnson <jbj@redhat.com>
+- install man pages, not groff output (#3746).
+- use dnl not '#' in m4 comment (#3749).
+- add FEATURE(mailtertable) to the config -- example file needs this (#4649).
+- use db2 not db1.
+
+* Tue Aug 31 1999 Jeff Johnson <jbj@redhat.com>
+- add 127.0.0.1 to /etc/mail/access to avoid IDENT: relay problem (#3178).
+
+* Tue Aug 31 1999 Bill Nottingham <notting@redhat.com>
+- chkconfig --del in preun, not postun (#3982)
+
+* Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
+- initscript munging
+
+* Fri Jul 02 1999 Cristian Gafton <gafton@redhat.com>
+- fixed typo bug in comment in the default .mc file (#2812)
+
+* Mon Apr 19 1999 Cristian Gafton <gafton@redhat.com>
+- fox the awk scripts in the postinstall
+- enable FEATURE(accept_unresolvable_domains) by default to make laptop
+ users happy.
+
+* Sun Apr 18 1999 Cristian Gafton <gafton@redhat.com>
+- make the redhat.mc be a separate source files. Sanitize patches that used
+ to touch it.
+- install redhat.mc as /etc/sendmail.mc so that people can easily modify
+ their sendmail.cf configurations.
+
+* Mon Apr 05 1999 Cristian Gafton <gafton@redhat.com>
+- fixed virtusertable patch
+- make smrsh look into /etc/smrsh
+
+* Mon Mar 29 1999 Jeff Johnson <jbj@redhat.com>
+- remove noreplace attr from sednmail.cf.
+
+* Thu Mar 25 1999 Cristian Gafton <gafton@redhat.com>
+- provide a more sane /etc/mail/access default config file
+- use makemap to initializa the empty databases, not touch
+- added a small, but helpful /etc/mail/Makefile
+
+* Mon Mar 22 1999 Jeff Johnson <jbj@redhat.com>
+- correxct dangling symlinks.
+- check for map file existence in %%post.
+
+* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
+- auto rebuild in the new build environment (release 3)
+
+* Fri Mar 19 1999 Jeff Johnson <jbj@redhat.com>
+- improved 8.9.3 config from Mike McHenry <mmchen@minn.net>
+
+* Tue Mar 16 1999 Cristian Gafton <gafton@redhat.com>
+- version 8.9.3
+
+* Tue Dec 29 1998 Cristian Gafton <gafton@redhat.com>
+- build for 6.0
+- use the libdb1 stuff correctly
+
+* Mon Sep 21 1998 Michael K. Johnson <johnsonm@redhat.com>
+- Allow empty QUEUE in /etc/sysconfig/sendmail for those who
+ want to run sendmail in daemon mode without processing the
+ queue regularly.
+
+* Thu Sep 17 1998 Michael K. Johnson <johnsonm@redhat.com>
+- /etc/sysconfig/sendmail
+
+* Fri Aug 28 1998 Jeff Johnson <jbj@redhat.com>
+- recompile statically linked binary for 5.2/sparc
+
+* Tue May 05 1998 Prospector System <bugs@redhat.com>
+- translations modified for de, fr, tr
+
+* Sat May 02 1998 Cristian Gafton <gafton@redhat.com>
+- enhanced initscripts
+
+* Fri May 01 1998 Cristian Gafton <gafton@redhat.com>
+- added a rmail patch
+
+* Wed Oct 29 1997 Donnie Barnes <djb@redhat.com>
+- argh! Fixed some of the db1 handling that had to be added for glibc 2.1
+
+* Fri Oct 24 1997 Donnie Barnes <djb@redhat.com>
+- added support for db1 on SPARC
+
+* Thu Oct 16 1997 Donnie Barnes <djb@redhat.com>
+- added chkconfig support
+- various spec file cleanups
+- changed group to Networking/Daemons (from Daemons). Sure, it runs on
+ non networked systems, but who really *needs* it then?
+
+* Wed Oct 08 1997 Donnie Barnes <djb@redhat.com>
+- made /etc/mail/deny.db a ghost
+- removed preun that used to remove deny.db (ghost handles that now)
+- NOTE: upgrading from the sendmail packages in 4.8, 4.8.1, and possibly
+ 4.9 (all Red Hat betas between 4.2 and 5.0) could cause problems. You
+ may need to do a makemap in /etc/mail and a newaliases after upgrading
+ from those packages. Upgrading from 4.2 or prior should be fine.
+
+* Mon Oct 06 1997 Erik Troan <ewt@redhat.com>
+- made aliases.db a ghost
+
+* Tue Sep 23 1997 Donnie Barnes <djb@redhat.com>
+- fixed preuninstall script to handle aliases.db on upgrades properly
+
+* Mon Sep 15 1997 Donnie Barnes <djb@redhat.com>
+- fixed post-install output and changed /var/spool/mqueue to 755
+
+* Thu Sep 11 1997 Donnie Barnes <djb@redhat.com>
+- fixed /usr/lib/sendmail-cf paths
+
+* Tue Sep 09 1997 Donnie Barnes <djb@redhat.com>
+- updated to 8.8.7
+- added some spam filtration
+- combined some makefile patches
+- added BuildRoot support
+
+* Wed Sep 03 1997 Erik Troan <ewt@redhat.com>
+- marked initscript symlinks as missingok
+- run newalises after creating /var/spool/mqueue
+
+* Thu Jun 12 1997 Erik Troan <ewt@redhat.com>
+- built against glibc, udated release to -6 (skipped -5!)
+
+* Tue Apr 01 1997 Erik Troan <ewt@redhat.com>
+- Added -nsl on the Alpha (for glibc to provide NIS functions).
+
+* Mon Mar 03 1997 Erik Troan <ewt@redhat.com>
+- Added nis support.