Installing maildrop
                                       
   The typical sequence of commands to install maildrop is as follows:

   ./configure [options]
   make
   make install-strip

   The configure script creates Makefile, and autoconf.h. Before running
   make, you may want to edit autoconf.h, and config.h in order to make
   minor adjustments to the configuration.
   
   When you run configure, you may get some warning messages asking you
   to install automake, autoconf, or even perl packages. These warning
   messages can be safely ignored.
   
   NOTE: configure attempts to automatically configure maildrop according
   to your specific UNIX system. I have enclosed the configure.in source
   for GNU autoconf. This is a beta release. If you find that configure
   does not automatically choose the right options for your system,
   please patch configure.in accordingly, and let me know what you did. I
   may not be able to do much if all you tell me are the error messages.
   You should know how to use GNU autoconf, in order to give me a fix to
   be included in the next release.
   
Options to configure

   Although most configuration is done as described in the following
   section, I am migrating them to the configure script. Currently,
   configure support the following options:
   
     * --enable-DEBUG - specifying this parameter to configure enables
       some debugging code. Used only by those who know how to use it.
       :-)
       
     * --enable-maildrop-uid=userid and --enable-maildrop-gid=mail - sets
       the userid and the groupid for the maildrop program. maildrop is
       installed with the setuid and setgid permissions bits set. These
       options set the actual user id and the group id maildrop is
       installed as. If not specified, they default to "root" and "mail"
       respectively. See MAILBOX_MODE and RESET_GID below for more
       information.
       
   Most UNIX systems invoke the mail delivery agent and specify the
   account to which the message is addressed. The mail delivery agent is
   supposed to be a root setuid program, and it will immediately give up
   root privileges, setting its userid to the indicated user, and
   delivering the message.
   
   Some mail systems run the delivery agent without specifying the
   recipient on the command line. The userid is set by the mail system
   before running the mail delivery agent. In this case, root privileges
   are not required, and you may manually remove the setuid bit after
   installing maildrop.
   
   Some mail systems may use group privileges in order to write to the
   system mailboxes. maildrop is installed with the setgid bit set as
   well, and the mail group is assumed to be 'mail'.  If a mail group
   other than 'mail' is used, specify it via the --enable-maildrop-gid
   option. You will also need to set the RESET_GID variable to 0 (see
   below). If RESET_GID is left alone to its default value of 1, maildrop
   will drop any acquired group ID right away, so its not necessary to
   remove the setgid bit.
   
     * --enable-sendmail=program - sets the initial value for the
       SENDMAIL environment variable in maildrop. This is the pathname to
       the default mail delivery agent. If this option is not specified,
       configure will try to find one by itself.
       
     * --enable-lockext-def=extension - sets the initial value for the
       LOCKEXT environment variable in maildrop. This is the filename
       extension of dotlock files. The default is ".lock".
       
     * --enable-locksleep-def=seconds - sets the initial value for the
       LOCKSLEEP environment variable. This is how long maildrop waits
       before trying to create a dotlock file again, if the dotlock file
       already exists. The default is 5 seconds.
       
     * --enable-locktimeout-def=seconds - sets the initial value for the
       LOCKTIMEOUT environment variable. This is how long maildrop waits
       before removing a stale dotlock file. The default is 60 seconds.
       
     * --enable-lockrefresh-def=seconds - sets the initial value for the
       LOCKREFRESH environment variable. This is how often maildrop
       refreshes its own dotlock files, to keep them from going stale.
       The default is 15 seconds.
       
   See the manual page for maildropfilter for more information on these
   variables.
   
     * --enable-tempdir=directory - sets the name of a subdirectory in
       each user's home directory where maildrop may store temporary
       files. maildrop will create this directory, if missing. The
       default is .tmp.
       
     * --enable-smallmsg=bytes - sets the size of a message, in bytes,
       before maildrop saves the message in a temporary file. Smaller
       messages are read in memory, and filtered and delivered directly
       from memory. In order to avoid consuming excessive amounts of
       expensive RAM, maildrop will save larger messages in a temporary
       file. If the standard input to maildrop is a file, a temporary
       file is not necessary. The default is 8192 bytes.
       
     * --enable-global-timeout=seconds - sets numbers of seconds that
       maildrop is willing to spend in order to deliver a single message.
       This value becomes a hard coded limit. When the time expires,
       maildrop terminates with an EX_TEMPFAIL error code. This is
       intended to stop runaway mail filters. The default is 300 seconds
       (five minutes).
       
     * --enable-crlf-term=flag - if set to 1, maildrop saves messages in
       the mailbox with each line terminated by a carriage return/line
       feed sequence. When set to 0, lines will be terminated by the
       linefeed character only. The default value is 0.
       
     * --enable-restrict-trusted=flag - if set to 1, maildrop permits
       only certain "trusted" userids to use the -d option. Setting this
       variable to 0 allows anyone to use the -d option (provided that
       maildrop has set-userid-to-root privileges). This allows certain
       denial-of-service attacks, so this setting is not recommended. The
       default value is 1.
       
     * --enable-trusted-users='...' - sets the list of users allowed to
       use the -d option if --enable-restrict-trusted is set to 1. If
       --enable-restrict-trusted is set to 0, this option is not used.
       Put a list of userids allowed to use the -d option between the
       apostrophes, separated by single spaces. If your mail transport
       agent is used to run maildrop as a local delivery agent, and if it
       specifies the user to whom the message is to be delivered, then
       this list must include the userid that the mail transport agent
       runs as. If this option is not specified, maildrop attempts to put
       together a list including common mail system userids.
       
     * --enable-gzipped-man=flag - if this option is set to 1, 'make
       install' will install gzipped manual pages. If this option is set
       to 0, 'make install' will not compress manual pages uzing gzip.
       The default is 1, therefore if you do not have gzip, or your man
       command does not support gzipped manual pages, you must manually
       set this option to 0.
       
  Selecting an alternate C++ compiler
  
   maildrop is written in C++. On some systems there will be more than
   one C++ compiler available. If the default C++ compiler that's
   selected by the configure script doesn't work, you may try the
   alternate C++ compiler. First, you must extract the tarball again,
   into a different directory. Then, before running ./configure, set the
   CXX environment variable to the C++ compiler to be used. For example,
   to select the CC compiler:

$ CXX=CC
$ export CXX
$ ./configure [options]

   Then proceed as usual.
   
  Configuring the location of the system mailbox
  
   When maildrop has a message to deliver to a user, maildrop must know
   where the system keeps users' mailboxes. Different UNIX system use
   different conventions to store E-mail. And even on a given UNIX system
   there may be variations due to different mail software being used.
   
   Here are just some of the possible scenarios that may exist, and that
   maildrop knows how to handle:
   
     * All users' mailboxes usually are stored in a single directory, the
       name of the mailbox being the user name. On large systems, the
       mailbox directory can be split into a hierarchical tree, based
       upon the initial letters of the user name. For example, the
       mailbox for the user jtomas is /var/spool/mail/j/jt/jthomas; mail
       for sjones is stored in /var/spool/mail/s/sj/sjones.
       
     * Instead of storing mail in a separate directory, the system may
       store incoming mail in each user's home directory.
       
     * Instead of storing mail in a traditional mailbox file, the system
       may implement a directory based format called maildir, that was
       introduced in the Qmail mail server. With maildrop as your local
       delivery agent you may implement the maildir format without having
       to use Qmail itself.
       
     * When mail is saved in a traditional mailbox file, only one program
       may access the file at the same time. In order to synchronize
       access to the mailbox file, the traditional mechanism uses a
       separate dot-lock file. Newer systems may also use the flock()
       function on the mailbox file itself. maildrop, by default, uses
       both mechanisms, but one or the other can be selected to be used
       exclusively.
       
     * Traditionally, the directory where system mailboxes reside has the
       sticky bit set, and all individual files are owned by their
       respective users, with read/write permissions set for the user
       only, and dot-locking is used to lock the mailbox. An alternative
       arrangement is to remove the sticky bit, and the global
       read/write/execute permissions, on the directory, and use the
       flock() function exclusively.
       
     * Traditionally, the mailbox file is owned exclusively by the user,
       and the read/write access is given to the user only. The mail
       delivery agent runs with root privileges, and changes its userid
       to the user whose mail is being delivered, in order to access the
       mailbox.  Alternatively, the mail delivery agent can be running as
       a separate user, and each mailbox file's group ID is set to the
       same group ID as the mail delivery agent, with read/write access
       given to the mail group.
       
   As you can see, there is a lot of variation in possible mail setups.
   It is important that maildrop is configured to match your existing
   mail setup.  The configure script tries to automatically figure out
   the correct settings, but you MUST always verify the output file,
   autoconf.h, to make sure that the settings are correct. Description of
   each variable defined in autoconf.h follows. In addition, there are
   certain variables defined in a different file, config.h. These are
   settings that autoconf.h cannot automatically determine.
   
    DEFAULT_DEF
    
   This variable specifies the initial setting for the DEFAULT variable
   in maildrop, which should be the location of the system default
   mailbox. If DEFAULT_DEF begins with a slash, it should refer to a
   directory, and maildrop will automatically append the user's name.
   
   If it doesn't begin with a slash, maildrop will prepend the user's
   home directory to DEFAULT_DEF. To use maildrop with qmail, which
   normally delivers to $HOME/Mailbox, set DEFAULT_DEF to ./Mailbox.
   
   The '=' character in DEFAULT_DEF gets replaced by progressive
   characters from the username of the user whose mail is being
   delivered. For example, if mail to the username "john" is delivered to
   /var/spool/mail/j/jo/john and mail to user "root" is delivered to
   /var/spool/mail/r/ro/root, DEFAULT_DEF should be set to
   /var/spool/mail/=/== (maildrop automatically appends the full username
   as the last component).
   
   If the DEFAULT_DEF/DEFAULT variable refers to a direction, maildrop
   assumes that it is delivering mail to a maildir, otherwise maildrop
   will deliver mail to a file, creating a new file if necessary.
   maildrop does not deliver mail to flat directory, like procmail. If
   you need to save messages in a directory, use the included program,
   maildirmake, to create a maildir directory.
   
    MAILBOX_MODE and RESET_GID
    
   Here are the required setting in two of the most common mailbox
   environments:
   
     * Mailbox spool directory has the sticky bit set, mailboxes are
       readable and writeable by the user only - set MAILBOX_MODE to
       0600, and RESET_GID to 1.
       
     * Mailbox spool directory does not have the sticky bit set, is
       writeable by the mail group ID only, mailboxes are readable and
       writeable by the user and the mail group ID - set MAILBOX_MODE to
       0660, and RESET_GID to 0.
       
   MAILBOX_MODE are the permissions maildrop uses to create new mailbox
   files. If a mailbox file already exists, maildrop is not going to
   change its permissions.
   
   RESET_GID indicates whether maildrop should immediately drop any
   set-group-id privileges. maildrop is installed with the set-group-id
   bit set, setting maildrop's group ID to the mail user. If system
   mailbox files have read/write access by both the user and the mail
   group, set RESET_GID to 0, otherwise set it to 1 to keep the mail
   group ID, and specify the mail group using the --enable-maildrop-gid
   flag to configure (see above).
   
    --enable-trusted-users
    
   If --enable-restrict-trusted option given to the configure script is
   set to 1 (this is the default), maildrop allows only the users listed
   in --enable-trusted-users option to be able to use the -d option. See
   the online documentation for the description of the -d option.
   
   Mail can be delivered in two different ways:
   
     * The mail transport agent runs with root privileges. To deliver
       mail to a local user, the mail transport agent runs maildrop after
       changing the user id to the local user. In this case the -d option
       is not needed.
       
     * The mail transport agent runs as a non-privileged user. To deliver
       mail to a local user, the mail transport agent runs the mail
       delivery agent and specifies the user name with the -d option. The
       mail delivery agent is supposed to be a program with root
       privileges, which immediately changes its userid to the one
       specified by the -d option. If this is the case, you must include
       mail transport agent's userid in the --enable-trusted-users list.
       
   If --enable-restrict-trusted option given to the configure script is
   set to 0, anyone can use the -d option. That is not recommended, it
   leaves open a possibility for certain denial-of-service attacks.
   
  Other configuration variables
  
   The configure script also sets the following variables in autoconf.h.
   After running the configure script, you may need to make some
   adjustments to these variables also.
   
    DEFAULT_PATH
    
   This variable in "autoconf.h" sets the initial contents of the PATH
   variable, which is the initial system search path for commands invoked
   by maildrop as child processes.
   
    SENDMAIL_DEF
    
   This variable in "autoconf.h" sets the initial contents of the
   SENDMAIL variable, which is the local mail transport agent. maildrop
   runs this program when instructed to deliver mail to a mailbox whose
   name begins with the forwarding "!" character.
   
    Other variables in autoconf.h
    
   All the other variables are self explanatory, and rarely need to be
   changed.
   
Using maildrop with sendmail

   Maildrop can be easily used as sendmail's local delivery agent,
   instead of procmail. Here is the suggested entry for sendmail.cf,
   courtesy of Eric J. Schwertfeger <ejs@bfd.com>:

Mlocal,         P=/usr/local/bin/maildrop, F=lsAw5:/|@SPfhn, S=10/30, R=20/40,
                T=DNS/RFC822/X-Unix,
                A=maildrop -d $u

   You may also consider including the D, F, and M flags as well.