Things that should be done before the next minor release (patches are,
of course, graciously accepted!):

Important Bugs:
--------------------

- change smtp_info to no_smtp_expn/no_smtp_vrfy.  add warning about
RFC-1123 says "MUST implement VRFY" and "SHOULD implement EXPN" both in
the code and smailconf.5 and note that VRFY is as safe as RCPT TO.

- fix bug where qualify_domain() isn't called for addresses specified on
the command line (i.e. it only seems to be called when '-t' is used)

- fix broken $target_domain when bang paths are used:

	smail -bv -v99 rkk.ru!info
	dtd_aliasfile called
	expand_string(/etc/virtual/${lc:target_domain}, , ) called
	expand_string returns /etc/virtual/info

- verify that it is indeed legal for a SMTP connection timeout error to
still result in forwarding what appears to be a complete message....

- use ftruncate() to remove partially written messages in appendfile.c
if ERR_135 [if possible].

- re-write aliasfile.c in the style of the fwdfile.c with a finish_*()
function which properly expands an owner address for each input address.

- fix directors "domains" handling v.s hash table.  [possibly fixed in
3.2.1?]

- look into crash with empty input file [possibly fixed in 3.2.1?]

- fix "from_field" to never allow "From:" to go missing and if it's nil
do something appropriate....

- fix db lookup parser to allow '#' in left-hand side (if quoted?) [aliasfile]

- investigate the Apparently-To: being set, while input_addr not being set:
(no To/Resent-To/Cc/Bcc, etc., header in data, just envelope "MAIL FROM:")
	
	Received: from [204.92.254.3] by most.weird.com
		via sendmail with smtp (ident woods using rfc1413)
		id <m0udnxb-00076qC@most.weird.com>
		for <unknown>; Tue, 9 Jul 1996 21:20:59 -0400 (EDT)
		(Smail-3.2 1996-Jul-4 #1 built 1996-Jul-4)
	Apparently-To: foo@anet

perhaps $input_addr should be set from envelope (always?).

- do something about the premature lower-casing of user names.  Users
with upper case characters may not be able to receive mail (or at least
read the stuff they've received....)  [this might be the same region of
code that's causing problems for "domains" handling in directors]
(perhaps also add a meta policy flag "allow-mixed-case-users")
[done?  needs a test case.]

- fix aliasfile parser to allow case sensitive aliases (ala above?)
[keep in mind the lists director uses "lists/${lc:user}"]

- HAVE_SETGROUPS on FreeBSD > 1.1.1.5 panics with NFS accesses (Jim
Mercer) [seems FreeBSD and BSDI have gone out on a limb to change the
API to setgroups() such that there is no "default" group -- stupid in my
mind, but; and in that version of FreeBSD there are some incomplete
changes to the API that cause the panic -- too bad in my mind!  ;-), but
this means we probably should do something to handle these OSs.
Possibly fixed in 3.2.1?]

- a zero-byte retry file seems to be un-lockable....

- turn down the verbose logging of failed locks, if known other smail
process holds lock....  eg:

	02/28/96 12:07:36: open_spool: /local/var/spool/smail/input/0trpIB-00076nC: lock failed: Permission denied

Unfortunately this will probably require re-writing the spool locking
functions to use pid-in-a-lock-file mechanisms.  [effectively fixed in
3.2.1 for systems that return EAGAIN if lock_fd() meets another lock?]

- check out what's going on with Apparently-From being added multiple
times

- check out re-writing Apparently-From if from '-f'

- Make sure Apparently-From: or Apparently-To: are only used for mail
coming in via some remote transport such as uucp or smtp, and never for
locally generated mail where "From:" and "To:" should be generated
directly.


Incomplete Features:
--------------------

- fully support $max_message_size [include hints to user about resending
in bounce if not immeadiately rejected by ESMTP, and perhaps add a new
option $truncate_oversize_bounce or similar with default ON].

- enable and test HAVE_DF_SPOOL for all systems were possible [or wait
for autoconf?].

- think about allowing $listen_name to be set on command line too [if
this is used for more than one domain then you'll need separate config
files anyay, so just use -C; but if you are using this to avoid having
smtp some interfaces then this info may be easier to manage in one place
in the /etc/rc* files or whatever].

- investigate a better default value for $return_path_field.

- do something to make aliasfile parsing identical across lookup protos.
(related to 'db lookup parser' bug above?)

- implement 'mailq' to follow through on '-t' option (i.e. read header)

- have 'mailq' print "Mail queue is empty' when it is (isatty()?) ala sendmail

- Put the following in default.c for SVR4's local, pipe, & file transports:

	remove_header="Content-Length",
	append_header="${if !header:Content-Type :Content-Type: text}",
	append_header="Content-Length: $body_size",

- think about how to integrate checkerr and savelog so that security
violations can be snarfed from logfile just after it is cycled.  Perhaps
a new over-all maintenance script (smailmaint?) could do the work and
there would only be one crontab entry necessary.  [syslog logging will
change all of this since then security violations will get more
attention from syslog if the admin desires...]

- add an "always" attribute to the directors drivers, esp. aliasfile.

- change the syntax of smtp_remote_allow patterns (i.e. match_ip()) to
allow use of CIDR notation and/or maybe netmask notation.  [steal code
from tcp_wrappers?]

- think about making smtp_remote_allow capable of specifying a file
lookup mechanism:

       smtp_remote_allow="${lookup:sender_host_addr:ipsearch:{
				/etc/smail/remote.allow}:$value}"

where "ipsearch" iterates the new match_ip() function over all the
values in the file.  (does this mean keeping the double compare?)

- Think about splitting lsearch and USE_LSEARCH_REGEXCMP into a plain
old lsearch and a new "research" (is this a bad name? ;-) for straight
RE linear searches.  Think about not using double quotes to trigger the
RE match, but rather doing it for every key value.  Think about a
combined lsearch/research that would do what lsearch+REGEXCMP does now
with the double quote trigger.

- adjust the error messages in config file parsing to include at least
the line number, and anything else helpful, not just:

05/07/1997 15:40:59: /local/etc/smail/config: parse error: unexpected end of attribute


New Features:
--------------------

- implement optional $max_mailbox_size [optionally as a colon separated
list of "user=size" tokens with something like '*' as the default user
and "nolimit" to unset per user].

- never completely fill the spooldir if HAVE_DF_SPOOL (add optional
$min_spooldir_free?)

- be careful about never filling the logfile too (can we instantly defer
connections if we're out of resources like this?)

- Think about a config variable that could (maybe $log_events?) that
could control which items are logged and which are not [or wait for
syslog support?]

- make the startup log message more verbose (version, build, build date,
release date, etc.) [use $smtp_banner ???]

- write a minimal mailstats replacement (new log file format only)
[real stats, not just what logsumm does]

- implement 'mailq' option to read the "error" queue (mailq -e?)

- implement '-R'

     -Rstring       Go through the  queue  of  pending  mail  and
                    attempt  to  deliver any message with a reci-
                    pient containing the specified string.   This
                    is useful for clearing out mail directed to a
                    machine which has been down for awhile.

- implement ETRN from RFC 1985 ala the above.

- implement other standards-track SMTP extensions....

- when possible make the daemon childer change their ps command line
text to show what they are currently doing.


Miscellaneous:
--------------------

- add #ifdef HAVE_UNISTD_H #include <unistd.h> where appropriate [or
wait for autoconf?].

- remove nested includes from "jump.h" [and everywhere!].

- think about getting <string.h> out of defs.h [or wait for autoconf?]

- investigate: ORIG-ID:<199604230758.AA13625@post.tandem.com\POS,$ZNET^U5>

- think about doing something to allow an alias to be used to force a
"no-such-user" bounce.

- install ".so" longname manual pages on systems with longnames [need to
fix up xrefs too?]

- should we add IsValid*() checking?  from:
<ftp://ftp.cert.org/pub/cert_advisories/CA-96.04.corrupt_info_from_servers>

- read draft-ietf-drums-smtpupd-04.txt [or newer] more carefully.

- think about not stripping comments from aliases, etc., and providing
GCOS info; esp. for EXPN and VRFY, perhaps re-using smtp_info to control.

- Should the "real_user" director set ignore_alias_match?

- consider allowing multiple whitespace characters to act as one when
speparating words in a string parsed by expand_string().
