Sendmail

Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and delivery methods, including the Simple Mail Transfer Protocol (SMTP) used for email transport over the Internet.

A descendant of the delivermail program written by Eric Allman, Sendmail is a well-known project of the free and open source software and Unix communities. It has spread both as free software and proprietary software.

Overview
Allman wrote the original ARPANET delivermail which shipped in 1979 with 4.0 and 4.1 BSD. He wrote Sendmail as a derivative of delivermail in the early 1980s at UC Berkeley. It shipped with BSD 4.1c in 1983, the first BSD version that included TCP/IP protocols.

In 1996, approximately 80% of the publicly reachable mail-servers on the Internet ran Sendmail. More recent surveys have suggested a decline, with 3.64% of mail servers in March 2021 detected as running Sendmail in a study performed by E-Soft, Inc. A previous survey (December 2007 or earlier) reported 24% of mail servers running Sendmail according to a study performed by Mail Radar.

Allman designed Sendmail to incorporate great flexibility, but it can be daunting to configure for novices. Standard configuration packages delivered with the source code distribution require the use of the M4 macro language which hides much of the configuration complexity. The configuration defines the site-local mail delivery options and their access parameters, the mechanism of forwarding mail to remote sites, as well as many application tuning parameters.

Sendmail supports a variety of mail transfer protocols, including SMTP, DECnet's Mail-11, HylaFAX, QuickPage and UUCP. Additionally, Sendmail v8.12 introduced support for milters - external mail filtering programs that can participate in each step of the SMTP conversation.

Acquisition by Proofpoint, Inc.
Sendmail, Inc was acquired by Proofpoint, Inc. This announcement was released on 1 October 2013.

Security
Sendmail originated in the early days of the Internet, an era when considerations of security did not play a primary role in the development of network software. Early versions of Sendmail suffered from a number of security vulnerabilities that have been corrected over the years.

Sendmail itself incorporated a certain amount of privilege separation in order to avoid exposure to security issues. , current versions of Sendmail, like other modern MTAs, incorporate a number of security improvements and optional features that can be configured to improve security and help prevent abuse.

History of vulnerabilities
Sendmail vulnerabilities in CERT advisories and alerts:



The UNIX-HATERS Handbook dedicated an entire chapter to perceived problems and weaknesses of sendmail.

Implementation
As of sendmail release 8.12.0 the default implementation of sendmail runs as the Unix user smmsp — the sendmail message submission program.