README (110560) | README (111823) |
---|---|
1 2 SENDMAIL CONFIGURATION FILES 3 4This document describes the sendmail configuration files. It 5explains how to create a sendmail.cf file for use with sendmail. 6It also describes how to set options for sendmail which are explained 7in the Sendmail Installation and Operation guide (doc/op/op.me). 8 --- 616 unchanged lines hidden (view full) --- 625 host.com procmail:/etc/procmailrcs/host.com 626 627 with the file /etc/procmailrcs/host.com reading: 628 629 :0 # forward mail for host.com 630 ! -oi -f $1 person@other.host 631 632 This would arrange for (anything)@host.com to be sent | 1 2 SENDMAIL CONFIGURATION FILES 3 4This document describes the sendmail configuration files. It 5explains how to create a sendmail.cf file for use with sendmail. 6It also describes how to set options for sendmail which are explained 7in the Sendmail Installation and Operation guide (doc/op/op.me). 8 --- 616 unchanged lines hidden (view full) --- 625 host.com procmail:/etc/procmailrcs/host.com 626 627 with the file /etc/procmailrcs/host.com reading: 628 629 :0 # forward mail for host.com 630 ! -oi -f $1 person@other.host 631 632 This would arrange for (anything)@host.com to be sent |
633 to person@other.host. Within the procmail script, $1 is 634 the name of the sender and $2 is the name of the recipient. | 633 to person@other.host. In a procmail script, $1 is the 634 name of the sender and $2 is the name of the recipient. |
635 If you use this with FEATURE(`local_procmail'), the FEATURE 636 should be listed first. 637 638 Of course there are other ways to solve this particular 639 problem, e.g., a catch-all entry in a virtusertable. 640 641mail11 The DECnet mail11 mailer, useful only if you have the mail11 642 program from gatekeeper.dec.com:/pub/DEC/gwtools (and --- 608 unchanged lines hidden (view full) --- 1251 Some DNS based rejection lists cause failures if asked 1252 for AAAA records. If your sendmail version is compiled 1253 with IPv6 support (NETINET6) and you experience this 1254 problem, add 1255 1256 define(`DNSBL_MAP', `dns -R A') 1257 1258 before the first use of this feature. Alternatively you | 635 If you use this with FEATURE(`local_procmail'), the FEATURE 636 should be listed first. 637 638 Of course there are other ways to solve this particular 639 problem, e.g., a catch-all entry in a virtusertable. 640 641mail11 The DECnet mail11 mailer, useful only if you have the mail11 642 program from gatekeeper.dec.com:/pub/DEC/gwtools (and --- 608 unchanged lines hidden (view full) --- 1251 Some DNS based rejection lists cause failures if asked 1252 for AAAA records. If your sendmail version is compiled 1253 with IPv6 support (NETINET6) and you experience this 1254 problem, add 1255 1256 define(`DNSBL_MAP', `dns -R A') 1257 1258 before the first use of this feature. Alternatively you |
1259 can use enhdnsbl instead (see below). | 1259 can use enhdnsbl instead (see below). Moreover, this 1260 statement can be used to reduce the number of DNS retries, 1261 e.g., |
1260 | 1262 |
1263 define(`DNSBL_MAP', `dns -R A -r2') 1264 1265 See below (EDNSBL_TO) for an explanation. 1266 |
|
1261 NOTE: The default DNS blacklist, blackholes.mail-abuse.org, 1262 is a service offered by the Mail Abuse Prevention System 1263 (MAPS). As of July 31, 2001, MAPS is a subscription 1264 service, so using that network address won't work if you 1265 haven't subscribed. Contact MAPS to subscribe 1266 (http://mail-abuse.org/). 1267 1268enhdnsbl Enhanced version of dnsbl (see above). Further arguments --- 11 unchanged lines hidden (view full) --- 1280 ``127.0.0.2.'', or generate a 451 response if the lookup 1281 temporarily failed. The arguments can contain metasymbols 1282 as they are allowed in the LHS of rules. As the example 1283 shows, the default values are also used if an empty argument, 1284 i.e., `', is specified. This feature requires that sendmail 1285 has been compiled with the flag DNSMAP (see sendmail/README). 1286 1287 Set the EDNSBL_TO mc option to change the DNS retry count | 1267 NOTE: The default DNS blacklist, blackholes.mail-abuse.org, 1268 is a service offered by the Mail Abuse Prevention System 1269 (MAPS). As of July 31, 2001, MAPS is a subscription 1270 service, so using that network address won't work if you 1271 haven't subscribed. Contact MAPS to subscribe 1272 (http://mail-abuse.org/). 1273 1274enhdnsbl Enhanced version of dnsbl (see above). Further arguments --- 11 unchanged lines hidden (view full) --- 1286 ``127.0.0.2.'', or generate a 451 response if the lookup 1287 temporarily failed. The arguments can contain metasymbols 1288 as they are allowed in the LHS of rules. As the example 1289 shows, the default values are also used if an empty argument, 1290 i.e., `', is specified. This feature requires that sendmail 1291 has been compiled with the flag DNSMAP (see sendmail/README). 1292 1293 Set the EDNSBL_TO mc option to change the DNS retry count |
1288 from the default value of 5. | 1294 from the default value of 5, this can be very useful when 1295 a DNS server is not responding, which in turn may cause 1296 clients to time out (an entry stating |
1289 | 1297 |
1298 did not issue MAIL/EXPN/VRFY/ETRN 1299 1300 will be logged). 1301 |
|
1290lookupdotdomain Look up also .domain in the access map. This allows to 1291 match only subdomains. It does not work well with 1292 FEATURE(`relay_hosts_only'), because most lookups for 1293 subdomains are suppressed by the latter feature. 1294 1295loose_relay_check 1296 Normally, if % addressing is used for a recipient, e.g. 1297 user%site@othersite, and othersite is in class {R}, the --- 1672 unchanged lines hidden (view full) --- 2970macro ${auth_ssf}. 2971 2972If sendmail acts as client, it needs some information how to 2973authenticate against another MTA. This information can be provided 2974by the ruleset authinfo or by the option DefaultAuthInfo. The 2975authinfo ruleset looks up {server_name} using the tag AuthInfo: in 2976the access map. If no entry is found, {server_addr} is looked up 2977in the same way and finally just the tag AuthInfo: to provide | 1302lookupdotdomain Look up also .domain in the access map. This allows to 1303 match only subdomains. It does not work well with 1304 FEATURE(`relay_hosts_only'), because most lookups for 1305 subdomains are suppressed by the latter feature. 1306 1307loose_relay_check 1308 Normally, if % addressing is used for a recipient, e.g. 1309 user%site@othersite, and othersite is in class {R}, the --- 1672 unchanged lines hidden (view full) --- 2982macro ${auth_ssf}. 2983 2984If sendmail acts as client, it needs some information how to 2985authenticate against another MTA. This information can be provided 2986by the ruleset authinfo or by the option DefaultAuthInfo. The 2987authinfo ruleset looks up {server_name} using the tag AuthInfo: in 2988the access map. If no entry is found, {server_addr} is looked up 2989in the same way and finally just the tag AuthInfo: to provide |
2978default values. | 2990default values. Note: searches for domain parts or IP nets are 2991only performed if the access map is used; if the authinfo feature 2992is used then only up to three lookups are performed (two exact 2993matches, one default). |
2979 2980Notice: the default configuration file causes the option DefaultAuthInfo 2981to fail since the ruleset authinfo is in the .cf file. If you really 2982want to use DefaultAuthInfo (it is deprecated) then you have to 2983remove the ruleset. 2984 2985The RHS for an AuthInfo: entry in the access map should consists of a 2986list of tokens, each of which has the form: "TDstring" (including --- 5 unchanged lines hidden (view full) --- 2992 I authentication id 2993 P password 2994 R realm 2995 M list of mechanisms delimited by spaces 2996 2997Example entries are: 2998 2999AuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5" | 2994 2995Notice: the default configuration file causes the option DefaultAuthInfo 2996to fail since the ruleset authinfo is in the .cf file. If you really 2997want to use DefaultAuthInfo (it is deprecated) then you have to 2998remove the ruleset. 2999 3000The RHS for an AuthInfo: entry in the access map should consists of a 3001list of tokens, each of which has the form: "TDstring" (including --- 5 unchanged lines hidden (view full) --- 3007 I authentication id 3008 P password 3009 R realm 3010 M list of mechanisms delimited by spaces 3011 3012Example entries are: 3013 3014AuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5" |
3000AuthInfo:more.dom "U:user" "P=c2VjcmV0" | 3015AuthInfo:host.more.dom "U:user" "P=c2VjcmV0" |
3001 | 3016 |
3002User or authentication id must exist as well as the password. All | 3017User id or authentication id must exist as well as the password. All |
3003other entries have default values. If one of user or authentication 3004id is missing, the existing value is used for the missing item. 3005If "R:" is not specified, realm defaults to $j. The list of mechanisms 3006defaults to those specified by AuthMechanisms. 3007 3008Since this map contains sensitive information, either the access 3009map must be unreadable by everyone but root (or the trusted user) 3010or FEATURE(`authinfo') must be used which provides a separate map. --- 1344 unchanged lines hidden (view full) --- 4355 3 Local Ruleset 0 additions 4356 4 UUCP Ruleset 0 additions 4357 5 locally interpreted names (overrides $R) 4358 6 local configuration (at top of file) 4359 7 mailer definitions 4360 8 DNS based blacklists 4361 9 special local rulesets (1 and 2) 4362 | 3018other entries have default values. If one of user or authentication 3019id is missing, the existing value is used for the missing item. 3020If "R:" is not specified, realm defaults to $j. The list of mechanisms 3021defaults to those specified by AuthMechanisms. 3022 3023Since this map contains sensitive information, either the access 3024map must be unreadable by everyone but root (or the trusted user) 3025or FEATURE(`authinfo') must be used which provides a separate map. --- 1344 unchanged lines hidden (view full) --- 4370 3 Local Ruleset 0 additions 4371 4 UUCP Ruleset 0 additions 4372 5 locally interpreted names (overrides $R) 4373 6 local configuration (at top of file) 4374 7 mailer definitions 4375 8 DNS based blacklists 4376 9 special local rulesets (1 and 2) 4377 |
4363$Revision: 8.623.2.18 $, Last updated $Date: 2002/12/29 04:16:51 $ | 4378$Revision: 8.623.2.21 $, Last updated $Date: 2003/01/17 00:36:57 $ |