The syslog() problem is pretty severe since alot more than just sendmail is involved. I few months ago my pager software would crash in strange ways, it turned out report (LOG_INFO, "%s: from=%s, size=%d, to=%s, status=%x, msg=%s", qfname, sender, entry->messagelen, recipient, entry->status, message); was crashing inside report() -- report() is a little syslog/fprintf front end I borrowed out of bootpd. report() basically is static char buf[128]; ... vsprintf(buf, fmt, ap); no bounds checking... unfortunately syslog() is the same thing. one snprintf() I found doesn't actually use the 'n' for bounds checking..ugh. Another implements it like: static char *rcsid = "snprintf.c,v 1.3 1993/08/26 00:47:24 jtc Exp"; f._flags = __SWR | __SSTR; f._bf._base = f._p = (unsigned char *)str; f._bf._size = f._w = n - 1; ret = vfprintf(&f, fmt, ap); This is stdio implementation specific code though. As a quick workaround I ended up doing report.c: static char buf[4096]; /* evil */ and report (LOG_INFO, "%.512s: from=%.512s, size=%d, to=%.512s, status=%x, msg=%.512s", qfname, sender, entry->messagelen, recipient, entry->status, message); on all calls to report()...This still makes an assumption that buf is 4K or so, which is not true on all systems. Grabbing a bunch of syslog.c's found by archie showed atleast one that had a really small buffer. Kinda makes you wonder of a really long domain name might just be able to crash anything that uses syslog(LOG_WHATEVER "hostname:%s", host).. -- mark maf+@osu.edu