When sendmail receives email via SMTP, it gathers its list of envelope recipients from the RCPT TO: command. In that command, two envelope recipients might be specified (and acknowledged) like this:

RCPT To:<userA@your.host.domain>
250 2.1.5 <userA@your.host.domain>... Recipient OK
RCPT To:<userB@your.host.domain>
250 2.1.5 <userB@your.host.domain>... Recipient OK

Here, each RCPT TO: line tells sendmail to deliver a copy of the message to each recipient specified in that line. Each shows the local sendmail acknowledging each recipient.

One method of spamming is to list thousands of recipients for each message—that is, to specify thousands of RCPT TO: commands, causing sendmail to deliver a copy of the message to thousands of recipients. As an antispam measure, V8.10 sendmail introduced an option to limit the number of recipients that can be specified for a given envelope. Called MaxRecipientsPerMessage, that option is used like this:

O MaxRecipientsPerMessage=limit              configuration file (V8.10 and later)
-OMaxRecipientsPerMessage=limit              command line (V8.10 and later)
define(`confMAX_RCPTS_PER_MESSAGE', `limit') mc configuration (V8.10 and later)

The limit tells sendmail the maximum number of recipients it will accept for the current envelope. Any that are specified beyond this limit cause sendmail to acknowledge with this message:

452 4.5.3 Too many recipients

A 452 SMTP acknowledgment tells the sending machine to defer delivery to this recipient until later. This won't hurt legitimate sites because it delays delivery only until the next queue run. Spam sites, however, will be discouraged because they count on having thousands of recipients accepted at once.

The default for limit is zero. If specified as zero or as a negative value, no limit is imposed.

The MaxRecipientsPerMessage option is safe. Even if it is specified from the command line, sendmail retains its special privileges.