1
2 SENDMAIL CONFIGURATION FILES
3
4This document describes the sendmail configuration files. This package
5requires a post-V7 version of m4; if you are running the 4.2bsd, SysV.2, or
67th Edition version. SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work.
7GNU m4 version 1.1 or later also works. Unfortunately, the M4 on BSDI 1.0
8doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is
9available from ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the
10latest version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x
11is fine). Use GNU m4 on this platform.
12
13To get started, you may want to look at tcpproto.mc (for TCP-only sites),
14uucpproto.mc (for UUCP-only sites), and clientproto.mc (for clusters of
15clients using a single mail host). Others are versions previously used at
16Berkeley. For example, ucbvax has gone away, but ucbvax.mc demonstrates
17some interesting techniques.
18
19*******************************************************************
20*** BE SURE YOU CUSTOMIZE THESE FILES! They have some ***
21*** Berkeley-specific assumptions built in, such as the name ***
22*** of their UUCP-relay. You'll want to create your own ***
23*** domain description, and use that in place of ***
24*** domain/Berkeley.EDU.m4. ***
25*******************************************************************
26
27
28+--------------------------+
29| INTRODUCTION AND EXAMPLE |
30+--------------------------+
31
32Configuration files are contained in the subdirectory "cf", with a
33suffix ".mc". They must be run through "m4" to produce a ".cf" file.
34You must pre-load "cf.m4":
35
36 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf
37
38Alternatively, you can simply:
39
40 cd ${CFDIR}/cf
41 ./Build config.cf
42
43where ${CFDIR} is the root of the cf directory and config.mc is the
44name of your configuration file. If you are running a version of M4
45that understands the __file__ builtin (versions of GNU m4 >= 0.75 do
46this, but the versions distributed with 4.4BSD and derivatives do not)
47or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory.
48For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST
49use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example:
50
51 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf
52
53Let's examine a typical .mc file:
54
55 divert(-1)
56 #
57 # Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
58 # All rights reserved.
59 # Copyright (c) 1983 Eric P. Allman. All rights reserved.
60 # Copyright (c) 1988, 1993
61 # The Regents of the University of California. All rights reserved.
62 #
63 # By using this file, you agree to the terms and conditions set
64 # forth in the LICENSE file which can be found at the top level of
65 # the sendmail distribution.
66 #
67
68 #
69 # This is a Berkeley-specific configuration file for HP-UX 9.x.
70 # It applies only to the Computer Science Division at Berkeley,
71 # and should not be used elsewhere. It is provided on the sendmail
72 # distribution as a sample only. To create your own configuration
73 # file, create an appropriate domain file in ../domain, change the
74 # `DOMAIN' macro below to reference that file, and copy the result
75 # to a name of your own choosing.
76 #
77 divert(0)
78
79The divert(-1) will delete the crud in the resulting output file.
80The copyright notice can be replaced by whatever your lawyers require;
81our lawyers require the one that is included in these files. A copyleft
82is a copyright by another name. The divert(0) restores regular output.
83
84 VERSIONID(`<SCCS or RCS version id>')
85
86VERSIONID is a macro that stuffs the version information into the
87resulting file. You could use SCCS, RCS, CVS, something else, or
88omit it completely. This is not the same as the version id included
89in SMTP greeting messages -- this is defined in m4/version.m4.
90
91 OSTYPE(`hpux9')dnl
92
93You must specify an OSTYPE to properly configure things such as the
94pathname of the help and status files, the flags needed for the local
95mailer, and other important things. If you omit it, you will get an
96error when you try to build the configuration. Look at the ostype
97directory for the list of known operating system types.
98
99 DOMAIN(`CS.Berkeley.EDU')dnl
100
101This example is specific to the Computer Science Division at Berkeley.
102You can use "DOMAIN(`generic')" to get a sufficiently bland definition
103that may well work for you, or you can create a customized domain
104definition appropriate for your environment.
105
106 MAILER(`local')
107 MAILER(`smtp')
108
109These describe the mailers used at the default CS site. The
110local mailer is always included automatically. Beware: MAILER
111declarations should always be at the end of the configuration file,
112and MAILER(`smtp') should always precede MAILER(`procmail'), and
113MAILER(`uucp'). The general rules are that the order should be:
114
115 VERSIONID
116 OSTYPE
117 DOMAIN
118 FEATURE
119 local macro definitions
120 MAILER
121 LOCAL_RULE_*
122 LOCAL_RULESETS
123
124There are a few exceptions to this rule. Local macro definitions which
125influence a FEATURE() should be done before that feature. For example,
126a define(`PROCMAIL_MAILER_PATH', ...) should be done before
127FEATURE(`local_procmail').
128
129
130+----------------------------+
131| A BRIEF INTRODUCTION TO M4 |
132+----------------------------+
133
134Sendmail uses the M4 macro processor to ``compile'' the configuration
135files. The most important thing to know is that M4 is stream-based,
136that is, it doesn't understand about lines. For this reason, in some
137places you may see the word ``dnl'', which stands for ``delete
138through newline''; essentially, it deletes all characters starting
139at the ``dnl'' up to and including the next newline character. In
140most cases sendmail uses this only to avoid lots of unnecessary
141blank lines in the output.
142
143Other important directives are define(A, B) which defines the macro
144``A'' to have value ``B''. Macros are expanded as they are read, so
145one normally quotes both values to prevent expansion. For example,
146
147 define(`SMART_HOST', `smart.foo.com')
148
149One word of warning: M4 macros are expanded even in lines that appear
150to be comments. For example, if you have
151
152 # See FEATURE(`foo') above
153
154it will not do what you expect, because the FEATURE(`foo') will be
155expanded. This also applies to
156
157 # And then define the $X macro to be the return address
158
159because ``define'' is an M4 keyword. If you want to use them, surround
160them with directed quotes, `like this'.
161
162+----------------+
163| FILE LOCATIONS |
164+----------------+
165
166sendmail 8.9 has introduced a new configuration directory for sendmail
167related files, /etc/mail. The new files available for sendmail 8.9 --
168the class {R} /etc/mail/relay-domains and the access database
169/etc/mail/access -- take advantage of this new directory. Beginning with
1708.10, all files will use this directory by default (some options may be
171set by OSTYPE() files). This new directory should help to restore
172uniformity to sendmail's file locations.
173
174Below is a table of some of the common changes:
175
176Old filename New filename
177------------ ------------
178/etc/bitdomain /etc/mail/bitdomain
179/etc/domaintable /etc/mail/domaintable
180/etc/genericstable /etc/mail/genericstable
181/etc/uudomain /etc/mail/uudomain
182/etc/virtusertable /etc/mail/virtusertable
183/etc/userdb /etc/mail/userdb
184
185/etc/aliases /etc/mail/aliases
186/etc/sendmail/aliases /etc/mail/aliases
187/etc/ucbmail/aliases /etc/mail/aliases
188/usr/adm/sendmail/aliases /etc/mail/aliases
189/usr/lib/aliases /etc/mail/aliases
190/usr/lib/mail/aliases /etc/mail/aliases
191/usr/ucblib/aliases /etc/mail/aliases
192
193/etc/sendmail.cw /etc/mail/local-host-names
194/etc/mail/sendmail.cw /etc/mail/local-host-names
195/etc/sendmail/sendmail.cw /etc/mail/local-host-names
196
197/etc/sendmail.ct /etc/mail/trusted-users
198
199/etc/sendmail.oE /etc/mail/error-header
200
201/etc/sendmail.hf /etc/mail/helpfile
202/etc/mail/sendmail.hf /etc/mail/helpfile
203/usr/ucblib/sendmail.hf /etc/mail/helpfile
204/etc/ucbmail/sendmail.hf /etc/mail/helpfile
205/usr/lib/sendmail.hf /etc/mail/helpfile
206/usr/share/lib/sendmail.hf /etc/mail/helpfile
207/usr/share/misc/sendmail.hf /etc/mail/helpfile
208/share/misc/sendmail.hf /etc/mail/helpfile
209
210/etc/service.switch /etc/mail/service.switch
211
212/etc/sendmail.st /etc/mail/statistics
213/etc/mail/sendmail.st /etc/mail/statistics
214/etc/mailer/sendmail.st /etc/mail/statistics
215/etc/sendmail/sendmail.st /etc/mail/statistics
216/usr/lib/sendmail.st /etc/mail/statistics
217/usr/ucblib/sendmail.st /etc/mail/statistics
218
219Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR
220to create the pathnames. The default value of this variable is
221`/etc/mail/'. If you set this macro to a different value, you MUST include
222a trailing slash.
223
224+--------+
225| OSTYPE |
226+--------+
227
228You MUST define an operating system environment, or the configuration
229file build will puke. There are several environments available; look
230at the "ostype" directory for the current list. This macro changes
231things like the location of the alias file and queue directory. Some
232of these files are identical to one another.
233
234It is IMPERATIVE that the OSTYPE occur before any MAILER definitions.
235In general, the OSTYPE macro should go immediately after any version
236information, and MAILER definitions should always go last.
237
238Operating system definitions are usually easy to write. They may define
239the following variables (everything defaults, so an ostype file may be
240empty). Unfortunately, the list of configuration-supported systems is
241not as broad as the list of source-supported systems, since many of
242the source contributors do not include corresponding ostype files.
243
244ALIAS_FILE [/etc/mail/aliases] The location of the text version
245 of the alias file(s). It can be a comma-separated
246 list of names (but be sure you quote values with
247 commas in them -- for example, use
248 define(`ALIAS_FILE', `a,b')
249 to get "a" and "b" both listed as alias files;
250 otherwise the define() primitive only sees "a").
251HELP_FILE [/etc/mail/helpfile] The name of the file
252 containing information printed in response to
253 the SMTP HELP command.
254QUEUE_DIR [/var/spool/mqueue] The directory containing
255 queue files. To use multiple queues, supply
256 a value ending with an asterisk. For
257 example, /var/spool/mqueue/qd* will use all of the
258 directories or symbolic links to directories
259 beginning with 'qd' in /var/spool/mqueue as queue
260 directories. The names 'qf', 'df', and 'xf' are
261 reserved as specific subdirectories for the
262 corresponding queue file types as explained in
263 doc/op/op.me.
264STATUS_FILE [/etc/mail/statistics] The file containing status
265 information.
266LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail.
267LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The
268 flags lsDFMAw5:/|@q are always included.
269LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local
270 mail.
271LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local
272 mail that you are willing to accept.
273LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of
274 messages to deliver in a single connection. Only
275 useful for LMTP local mailers.
276LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
277 that ARRIVE from an address that resolves to the
278 local mailer and which are converted to MIME will be
279 labeled with this character set.
280LOCAL_MAILER_EOL [undefined] If defined, the string to use as the
281 end of line for the local mailer.
282LOCAL_MAILER_DSN_DIAGNOSTIC_CODE
283 [X-Unix] The DSN Diagnostic-Code value for the
284 local mailer. This should be changed with care.
285LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email.
286LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The
287 flags lsDFM are always included.
288LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog"
289 mail.
290LOCAL_SHELL_DIR [$z:/] The directory search path in which the
291 shell should run.
292USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program
293 used to submit news.
294USENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer.
295USENET_MAILER_ARGS [-m -h -n] The command line arguments for the
296 usenet mailer.
297USENET_MAILER_MAX [100000] The maximum size of messages that will
298 be accepted by the usenet mailer.
299SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default
300 flags are `mDFMuX' for all SMTP-based mailers; the
301 "esmtp" mailer adds `a'; "smtp8" adds `8'; and
302 "dsmtp" adds `%'.
303RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default
304 flags are `mDFMuX' for all SMTP-based mailers; the
305 relay mailer adds `a8'. If this is not defined,
306 then SMTP_MAILER_FLAGS is used.
307SMTP_MAILER_MAX [undefined] The maximum size of messages that will
308 be transported using the smtp, smtp8, esmtp, or dsmtp
309 mailers.
310SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of
311 messages to deliver in a single connection for the
312 smtp, smtp8, esmtp, or dsmtp mailers.
313SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer.
314 About the only reason you would want to change this
315 would be to change the default port.
316ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer.
317SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer.
318DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer.
319RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer.
320RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of
321 messages to deliver in a single connection for the
322 relay mailer.
323SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
324 that ARRIVE from an address that resolves to one of
325 the SMTP mailers and which are converted to MIME will
326 be labeled with this character set.
327UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail.
328UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default
329 flags are `DFMhuU' (and `m' for uucp-new mailer,
330 minus `U' for uucp-dom mailer).
331UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments
332 passed to the UUCP mailer.
333UUCP_MAILER_MAX [100000] The maximum size message accepted for
334 transmission by the UUCP mailers.
335UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
336 that ARRIVE from an address that resolves to one of
337 the UUCP mailers and which are converted to MIME will
338 be labeled with this character set.
339FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to
340 submit FAX messages.
341FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX
342 mailer.
343FAX_MAILER_MAX [100000] The maximum size message accepted for
344 transmission by FAX.
345POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer.
346POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq
347 are always added.
348POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer.
349PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail
350 program. This is also used by
351 FEATURE(`local_procmail').
352PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags
353 DFM are always set. This is NOT used by
354 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS
355 instead.
356PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to
357 the Procmail mailer. This is NOT used by
358 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS
359 instead.
360PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that
361 will be accepted by the procmail mailer.
362MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer.
363MAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer.
364MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11
365 mailer.
366PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery
367 program.
368PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM
369 are always set.
370PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer.
371CYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The
372 flags lsDFMnPq are always included.
373CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver
374 cyrus mail.
375CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed
376 to deliver cyrus mail.
377CYRUS_MAILER_MAX [undefined] If set, the maximum size message that
378 will be accepted by the cyrus mailer.
379CYRUS_MAILER_USER [cyrus:mail] The user and group to become when
380 running the cyrus mailer.
381CYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer.
382 The flags lsDFMnP are always included.
383CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed
384 to deliver cyrusbb mail.
385confEBINDIR [/usr/libexec] The directory for executables.
386 Currently used for FEATURE(`local_lmtp') and
387 FEATURE(`smrsh').
388QPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer.
389QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver
390 qpage mail.
391QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed
392 to deliver qpage mail.
393QPAGE_MAILER_MAX [4096] If set, the maximum size message that
394 will be accepted by the qpage mailer.
395
396Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS:
397MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part of
398the macro Name_MAILER_FLAGS and change can be: flags that should
399be used directly (thus overriding the default value), or if it
400starts with `+' (`-') then those flags are added to (removed from)
401the default value. Example:
402
403 MODIFY_MAILER_FLAGS(`LOCAL', `+e')
404
405will add the flag `e' to LOCAL_MAILER_FLAGS.
406WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS
407unconditionally, i.e., without respecting any definitions in an
408OSTYPE setting.
409
410
411+---------+
412| DOMAINS |
413+---------+
414
415You will probably want to collect domain-dependent defines into one
416file, referenced by the DOMAIN macro. For example, the Berkeley
417domain file includes definitions for several internal distinguished
418hosts:
419
420UUCP_RELAY The host that will accept UUCP-addressed email.
421 If not defined, all UUCP sites must be directly
422 connected.
423BITNET_RELAY The host that will accept BITNET-addressed email.
424 If not defined, the .BITNET pseudo-domain won't work.
425DECNET_RELAY The host that will accept DECNET-addressed email.
426 If not defined, the .DECNET pseudo-domain and addresses
427 of the form node::user will not work.
428FAX_RELAY The host that will accept mail to the .FAX pseudo-domain.
429 The "fax" mailer overrides this value.
430LOCAL_RELAY The site that will handle unqualified names -- that
431 is, names with out an @domain extension.
432 Normally MAIL_HUB is preferred for this function.
433 LOCAL_RELAY is mostly useful in conjunction with
434 FEATURE(stickyhost) -- see the discussion of
435 stickyhost below. If not set, they are assumed to
436 belong on this machine. This allows you to have a
437 central site to store a company- or department-wide
438 alias database. This only works at small sites,
439 and only with some user agents.
440LUSER_RELAY The site that will handle lusers -- that is, apparently
441 local names that aren't local accounts or aliases. To
442 specify a local user instead of a site, set this to
443 ``local:username''.
444
445Any of these can be either ``mailer:hostname'' (in which case the
446mailer is the internal mailer name, such as ``uucp-new'' and the hostname
447is the name of the host as appropriate for that mailer) or just a
448``hostname'', in which case a default mailer type (usually ``relay'',
449a variant on SMTP) is used. WARNING: if you have a wildcard MX
450record matching your domain, you probably want to define these to
451have a trailing dot so that you won't get the mail diverted back
452to yourself.
453
454The domain file can also be used to define a domain name, if needed
455(using "DD<domain>") and set certain site-wide features. If all hosts
456at your site masquerade behind one email name, you could also use
457MASQUERADE_AS here.
458
459You do not have to define a domain -- in particular, if you are a
460single machine sitting off somewhere, it is probably more work than
461it's worth. This is just a mechanism for combining "domain dependent
462knowledge" into one place.
463
464+---------+
465| MAILERS |
466+---------+
467
468There are fewer mailers supported in this version than the previous
469version, owing mostly to a simpler world. As a general rule, put the
470MAILER definitions last in your .mc file, and always put MAILER(`smtp')
471before MAILER(`uucp') and MAILER(`procmail') -- several features and
472definitions will modify the definition of mailers, and the smtp mailer
473modifies the UUCP mailer. Moreover, MAILER(`cyrus'), MAILER(`pop'),
474MAILER(`phquery'), and MAILER(`usenet') must be defined after
475MAILER(`local').
476
477local The local and prog mailers. You will almost always
478 need these; the only exception is if you relay ALL
479 your mail to another site. This mailer is included
480 automatically.
481
482smtp The Simple Mail Transport Protocol mailer. This does
483 not hide hosts behind a gateway or another other
484 such hack; it assumes a world where everyone is
485 running the name server. This file actually defines
486 five mailers: "smtp" for regular (old-style) SMTP to
487 other servers, "esmtp" for extended SMTP to other
488 servers, "smtp8" to do SMTP to other servers without
489 converting 8-bit data to MIME (essentially, this is
490 your statement that you know the other end is 8-bit
491 clean even if it doesn't say so), "dsmtp" to do on
492 demand delivery, and "relay" for transmission to the
493 RELAY_HOST, LUSER_RELAY, or MAIL_HUB.
494
495uucp The UNIX-to-UNIX Copy Program mailer. Actually, this
496 defines two mailers, "uucp-old" (a.k.a. "uucp") and
497 "uucp-new" (a.k.a. "suucp"). The latter is for when you
498 know that the UUCP mailer at the other end can handle
499 multiple recipients in one transfer. If the smtp mailer
500 is also included in your configuration, two other mailers
501 ("uucp-dom" and "uucp-uudom") are also defined [warning:
502 you MUST specify MAILER(smtp) before MAILER(uucp)]. When you
503 include the uucp mailer, sendmail looks for all names in
504 class {U} and sends them to the uucp-old mailer; all
505 names in class {Y} are sent to uucp-new; and all
506 names in class {Z} are sent to uucp-uudom. Note that
507 this is a function of what version of rmail runs on
508 the receiving end, and hence may be out of your control.
509 See the section below describing UUCP mailers in more
510 detail.
511
512usenet Usenet (network news) delivery. If this is specified,
513 an extra rule is added to ruleset 0 that forwards all
514 local email for users named ``group.usenet'' to the
515 ``inews'' program. Note that this works for all groups,
516 and may be considered a security problem.
517
518fax Facsimile transmission. This is experimental and based
519 on Sam Leffler's HylaFAX software. For more information,
520 see http://www.hylafax.org/.
521
522pop Post Office Protocol.
523
524procmail An interface to procmail (does not come with sendmail).
525 This is designed to be used in mailertables. For example,
526 a common question is "how do I forward all mail for a given
527 domain to a single person?". If you have this mailer
528 defined, you could set up a mailertable reading:
529
530 host.com procmail:/etc/procmailrcs/host.com
531
532 with the file /etc/procmailrcs/host.com reading:
533
534 :0 # forward mail for host.com
535 ! -oi -f $1 person@other.host
536
537 This would arrange for (anything)@host.com to be sent
538 to person@other.host. Within the procmail script, $1 is
539 the name of the sender and $2 is the name of the recipient.
540 If you use this with FEATURE(`local_procmail'), the FEATURE
541 should be listed first.
542
543mail11 The DECnet mail11 mailer, useful only if you have the mail11
544 program from gatekeeper.dec.com:/pub/DEC/gwtools (and
545 DECnet, of course). This is for Phase IV DECnet support;
546 if you have Phase V at your site you may have additional
547 problems.
548
549phquery The phquery program. This is somewhat counterintuitively
550 referenced as the "ph" mailer internally. It can be used
551 to do CCSO name server lookups. The phquery program, which
552 this mailer uses, is distributed with the ph client.
553
554cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to
555 a local cyrus user. this mailer can make use of the
556 "user+detail@local.host" syntax; it will deliver the mail to
557 the user's "detail" mailbox if the mailbox's ACL permits.
558 The cyrusbb mailer delivers to a system-wide cyrus mailbox
559 if the mailbox's ACL permits. The cyrus mailer must be
560 defined after the local mailer.
561
562qpage A mailer for QuickPage, a pager interface. See
563 http://www.qpage.org/ for further information.
564
565The local mailer accepts addresses of the form "user+detail", where
566the "+detail" is not used for mailbox matching but is available
567to certain local mail programs (in particular, see
568FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and
569"eric+sww" all indicate the same user, but additional arguments <null>,
570"sendmail", and "sww" may be provided for use in sorting mail.
571
572
573+----------+
574| FEATURES |
575+----------+
576
577Special features can be requested using the "FEATURE" macro. For
578example, the .mc line:
579
580 FEATURE(`use_cw_file')
581
582tells sendmail that you want to have it read an /etc/mail/local-host-names
583file to get values for class {w}. The FEATURE may contain up to 9
584optional parameters -- for example:
585
586 FEATURE(`mailertable', `dbm /usr/lib/mailertable')
587
588The default database map type for the table features can be set with
589
590 define(`DATABASE_MAP_TYPE', `dbm')
591
592which would set it to use ndbm databases. The default is the Berkeley DB
593hash database format. Note that you must still declare a database map type
594if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used
595if no argument is given for the FEATURE. It must be specified before any
596feature that uses a map.
597
598Available features are:
599
600use_cw_file Read the file /etc/mail/local-host-names file to get
601 alternate names for this host. This might be used if you
602 were on a host that MXed for a dynamic set of other hosts.
603 If the set is static, just including the line "Cw<name1>
604 <name2> ..." (where the names are fully qualified domain
605 names) is probably superior. The actual filename can be
606 overridden by redefining confCW_FILE.
607
608use_ct_file Read the file /etc/mail/trusted-users file to get the
609 names of users that will be ``trusted'', that is, able to
610 set their envelope from address using -f without generating
611 a warning message. The actual filename can be overridden
612 by redefining confCT_FILE.
613
614redirect Reject all mail addressed to "address.REDIRECT" with
615 a ``551 User has moved; please try <address>'' message.
616 If this is set, you can alias people who have left
617 to their new address with ".REDIRECT" appended.
618
619nouucp Don't route UUCP addresses. This feature takes one
620 parameter:
621 `reject': reject addresses which have "!" in the local
622 part unless it originates from a system
623 that is allowed to relay.
624 `nospecial': don't do anything special with "!".
625 Warnings: 1. See the NOTICE in the ANTI-SPAM section.
626 2. don't remove "!" from OperatorChars if `reject' is
627 given as parameter.
628
629nocanonify Don't pass addresses to $[ ... $] for canonification
630 by default, i.e., host/domain names are considered canonical,
631 except for unqualified names, which must not be used in this
632 mode (violation of the standard). It can be changed by
633 setting the DaemonPortOptions modifiers (M=). That is,
634 FEATURE(`nocanonify') will be overridden by setting the
635 'c' flag. Conversely, if FEATURE(`nocanonify') is not used,
636 it can be emulated by setting the 'C' flag
637 (DaemonPortOptions=Modifiers=C). This would generally only
638 be used by sites that only act as mail gateways or which have
639 user agents that do full canonification themselves. You may
640 also want to use
641 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off
642 the usual resolver options that do a similar thing.
643
644 An exception list for FEATURE(`nocanonify') can be
645 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE,
646 i.e., a list of domains which are nevertheless passed to
647 $[ ... $] for canonification. This is useful to turn on
648 canonification for local domains, e.g., use
649 CANONIFY_DOMAIN(`my.domain my') to canonify addresses
650 which end in "my.domain" or "my".
651 Another way to require canonification in the local
652 domain is CANONIFY_DOMAIN(`$=m').
653
654 A trailing dot is added to addresses with more than
655 one component in it such that other features which
656 expect a trailing dot (e.g., virtusertable) will
657 still work.
658
659 If `canonify_hosts' is specified as parameter, i.e.,
660 FEATURE(`nocanonify', `canonify_hosts'), then
661 addresses which have only a hostname, e.g.,
662 <user@host>, will be canonified (and hopefully fully
663 qualified), too.
664
665stickyhost This feature is sometimes used with LOCAL_RELAY,
666 although it can be used for a different effect with
667 MAIL_HUB.
668
669 When used without MAIL_HUB, email sent to
670 "user@local.host" are marked as "sticky" -- that
671 is, the local addresses aren't matched against UDB,
672 don't go through ruleset 5, and are not forwarded to
673 the LOCAL_RELAY (if defined).
674
675 With MAIL_HUB, mail addressed to "user@local.host"
676 is forwarded to the mail hub, with the envelope
677 address still remaining "user@local.host".
678 Without stickyhost, the envelope would be changed
679 to "user@mail_hub", in order to protect against
680 mailing loops.
681
682mailertable Include a "mailer table" which can be used to override
683 routing for particular domains (which are not in class {w},
684 i.e. local host names). The argument of the FEATURE may be
685 the key definition. If none is specified, the definition
686 used is:
687
688 hash /etc/mail/mailertable
689
690 Keys in this database are fully qualified domain names
691 or partial domains preceded by a dot -- for example,
692 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a
693 special case of the latter, "." matches any domain not
694 covered by other keys. Values must be of the form:
695 mailer:domain
696 where "mailer" is the internal mailer name, and "domain"
697 is where to send the message. These maps are not
698 reflected into the message header. As a special case,
699 the forms:
700 local:user
701 will forward to the indicated user using the local mailer,
702 local:
703 will forward to the original user in the e-mail address
704 using the local mailer, and
705 error:code message
706 error:D.S.N:code message
707 will give an error message with the indicated SMTP reply
708 code and message, where D.S.N is an RFC 1893 compliant
709 error code.
710
711domaintable Include a "domain table" which can be used to provide
712 domain name mapping. Use of this should really be
713 limited to your own domains. It may be useful if you
714 change names (e.g., your company changes names from
715 oldname.com to newname.com). The argument of the
716 FEATURE may be the key definition. If none is specified,
717 the definition used is:
718
719 hash /etc/mail/domaintable
720
721 The key in this table is the domain name; the value is
722 the new (fully qualified) domain. Anything in the
723 domaintable is reflected into headers; that is, this
724 is done in ruleset 3.
725
726bitdomain Look up bitnet hosts in a table to try to turn them into
727 internet addresses. The table can be built using the
728 bitdomain program contributed by John Gardiner Myers.
729 The argument of the FEATURE may be the key definition; if
730 none is specified, the definition used is:
731
732 hash /etc/mail/bitdomain
733
734 Keys are the bitnet hostname; values are the corresponding
735 internet hostname.
736
737uucpdomain Similar feature for UUCP hosts. The default map definition
738 is:
739
740 hash /etc/mail/uudomain
741
742 At the moment there is no automagic tool to build this
743 database.
744
745always_add_domain
746 Include the local host domain even on locally delivered
747 mail. Normally it is not added on unqualified names.
748 However, if you use a shared message store but do not use
749 the same user name space everywhere, you may need the host
750 name on local names.
751
752allmasquerade If masquerading is enabled (using MASQUERADE_AS), this
753 feature will cause recipient addresses to also masquerade
754 as being from the masquerade host. Normally they get
755 the local hostname. Although this may be right for
756 ordinary users, it can break local aliases. For example,
757 if you send to "localalias", the originating sendmail will
758 find that alias and send to all members, but send the
759 message with "To: localalias@masqueradehost". Since that
760 alias likely does not exist, replies will fail. Use this
761 feature ONLY if you can guarantee that the ENTIRE
762 namespace on your masquerade host supersets all the
763 local entries.
764
765limited_masquerade
766 Normally, any hosts listed in class {w} are masqueraded. If
767 this feature is given, only the hosts listed in class {M} (see
768 below: MASQUERADE_DOMAIN) are masqueraded. This is useful
769 if you have several domains with disjoint namespaces hosted
770 on the same machine.
771
772masquerade_entire_domain
773 If masquerading is enabled (using MASQUERADE_AS) and
774 MASQUERADE_DOMAIN (see below) is set, this feature will
775 cause addresses to be rewritten such that the masquerading
776 domains are actually entire domains to be hidden. All
777 hosts within the masquerading domains will be rewritten
778 to the masquerade name (used in MASQUERADE_AS). For example,
779 if you have:
780
781 MASQUERADE_AS(`masq.com')
782 MASQUERADE_DOMAIN(`foo.org')
783 MASQUERADE_DOMAIN(`bar.com')
784
785 then *foo.org and *bar.com are converted to masq.com. Without
786 this feature, only foo.org and bar.com are masqueraded.
787
788 NOTE: only domains within your jurisdiction and
789 current hierarchy should be masqueraded using this.
790
791genericstable This feature will cause unqualified addresses (i.e., without
792 a domain) and addresses with a domain listed in class {G}
793 to be looked up in a map and turned into another ("generic")
794 form, which can change both the domain name and the user name.
795 This is similar to the userdb functionality. The same types of
796 addresses as for masquerading are looked up, i.e., only header
797 sender addresses unless the allmasquerade and/or
798 masquerade_envelope features are given. Qualified addresses
799 must have the domain part in class {G}; entries can
800 be added to this class by the macros GENERICS_DOMAIN or
801 GENERICS_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
802 MASQUERADE_DOMAIN_FILE, see below).
803
804 The argument of FEATURE(`genericstable') may be the map
805 definition; the default map definition is:
806
807 hash /etc/mail/genericstable
808
809 The key for this table is either the full address, the domain
810 (with a leading @; the localpart is passed as first argument)
811 or the unqualified username (tried in the order mentioned);
812 the value is the new user address. If the new user address
813 does not include a domain, it will be qualified in the standard
814 manner, i.e., using $j or the masquerade name. Note that the
815 address being looked up must be fully qualified. For local
816 mail, it is necessary to use FEATURE(`always_add_domain')
817 for the addresses to be qualified.
818 The "+detail" of an address is passed as %1, so entries like
819
820 old+*@foo.org new+%1@example.com
821 gen+*@foo.org %1@example.com
822
823 and other forms are possible.
824
825generics_entire_domain
826 If the genericstable is enabled and GENERICS_DOMAIN or
827 GENERICS_DOMAIN_FILE is used, this feature will cause
828 addresses to be searched in the map if their domain
829 parts are subdomains of elements in class {G}.
830
831virtusertable A domain-specific form of aliasing, allowing multiple
832 virtual domains to be hosted on one machine. For example,
833 if the virtuser table contained:
834
835 info@foo.com foo-info
836 info@bar.com bar-info
837 joe@bar.com error:nouser No such user here
838 jax@bar.com error:D.S.N:unavailable Address invalid
839 @baz.org jane@example.net
840
841 then mail addressed to info@foo.com will be sent to the
842 address foo-info, mail addressed to info@bar.com will be
843 delivered to bar-info, and mail addressed to anyone at baz.org
844 will be sent to jane@example.net, mail to joe@bar.com will
845 be rejected with the specified error message, and mail to
846 jax@bar.com will also have a RFC 1893 compliant error code
847 D.S.N.
848
849 The username from the original address is passed
850 as %1 allowing:
851
852 @foo.org %1@example.com
853
854 meaning someone@foo.org will be sent to someone@example.com.
855 Additionally, if the local part consists of "user+detail"
856 then "detail" is passed as %2 when a match against user+*
857 is attempted, so entries like
858
859 old+*@foo.org new+%2@example.com
860 gen+*@foo.org %2@example.com
861 +*@foo.org %1+%2@example.com
862
863 and other forms are possible. Note: to preserve "+detail"
864 for a default case (@domain) +*@domain must be used as
865 exemplified above.
866
867 All the host names on the left hand side (foo.com, bar.com,
868 and baz.org) must be in class {w} or class {VirtHost}, the
869 latter can be defined by the macros VIRTUSER_DOMAIN or
870 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
871 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or
872 VIRTUSER_DOMAIN_FILE is used, then the entries of class
873 {VirtHost} are added to class {R}, i.e., relaying is allowed
874 to (and from) those domains. The default map definition is:
875
876 hash /etc/mail/virtusertable
877
878 A new definition can be specified as the second argument of
879 the FEATURE macro, such as
880
881 FEATURE(`virtusertable', `dbm /etc/mail/virtusers')
882
883virtuser_entire_domain
884 If the virtusertable is enabled and VIRTUSER_DOMAIN or
885 VIRTUSER_DOMAIN_FILE is used, this feature will cause
886 addresses to be searched in the map if their domain
887 parts are subdomains of elements in class {VirtHost}.
888
889ldap_routing Implement LDAP-based e-mail recipient routing according to
890 the Internet Draft draft-lachman-laser-ldap-mail-routing-01.
891 This provides a method to re-route addresses with a
892 domain portion in class {LDAPRoute} to either a
893 different mail host or a different address. Hosts can
894 be added to this class using LDAPROUTE_DOMAIN and
895 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
896 MASQUERADE_DOMAIN_FILE, see below).
897
898 See the LDAP ROUTING section below for more information.
899
900nodns If you aren't running DNS at your site (for example,
901 you are UUCP-only connected). It's hard to consider
902 this a "feature", but hey, it had to go somewhere.
903 Actually, as of 8.7 this is a no-op -- remove "dns" from
904 the hosts service switch entry instead.
905
906nullclient This is a special case -- it creates a configuration file
907 containing nothing but support for forwarding all mail to a
908 central hub via a local SMTP-based network. The argument
909 is the name of that hub.
910
911 The only other feature that should be used in conjunction
912 with this one is FEATURE(`nocanonify'). No mailers
913 should be defined. No aliasing or forwarding is done.
914
915local_lmtp Use an LMTP capable local mailer. The argument to this
916 feature is the pathname of an LMTP capable mailer. By
917 default, mail.local is used. This is expected to be the
918 mail.local which came with the 8.9 distribution which is
919 LMTP capable. The path to mail.local is set by the
920 confEBINDIR m4 variable -- making the default
921 LOCAL_MAILER_PATH /usr/libexec/mail.local.
922 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
923 i.e., without respecting any definitions in an OSTYPE setting.
924
925local_procmail Use procmail or another delivery agent as the local mailer.
926 The argument to this feature is the pathname of the
927 delivery agent, which defaults to PROCMAIL_MAILER_PATH.
928 Note that this does NOT use PROCMAIL_MAILER_FLAGS or
929 PROCMAIL_MAILER_ARGS for the local mailer; tweak
930 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or
931 specify the appropriate parameters. When procmail is used,
932 the local mailer can make use of the
933 "user+indicator@local.host" syntax; normally the +indicator
934 is just tossed, but by default it is passed as the -a
935 argument to procmail.
936
937 This feature can take up to three arguments:
938
939 1. Path to the mailer program
940 [default: /usr/local/bin/procmail]
941 2. Argument vector including name of the program
942 [default: procmail -Y -a $h -d $u]
943 3. Flags for the mailer [default: SPfhn9]
944
945 Empty arguments cause the defaults to be taken.
946
947 For example, this allows it to use the maildrop
948 (http://www.flounder.net/~mrsam/maildrop/) mailer instead
949 by specifying:
950
951 FEATURE(`local_procmail', `/usr/local/bin/maildrop',
952 `maildrop -d $u')
953
954 or scanmails using:
955
956 FEATURE(`local_procmail', `/usr/local/bin/scanmails')
957
958 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
959 i.e., without respecting any definitions in an OSTYPE setting.
960
961bestmx_is_local Accept mail as though locally addressed for any host that
962 lists us as the best possible MX record. This generates
963 additional DNS traffic, but should be OK for low to
964 medium traffic hosts. The argument may be a set of
965 domains, which will limit the feature to only apply to
966 these domains -- this will reduce unnecessary DNS
967 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH
968 WILDCARD MX RECORDS!!! If you have a wildcard MX record
969 that matches your domain, you cannot use this feature.
970
971smrsh Use the SendMail Restricted SHell (smrsh) provided
972 with the distribution instead of /bin/sh for mailing
973 to programs. This improves the ability of the local
974 system administrator to control what gets run via
975 e-mail. If an argument is provided it is used as the
976 pathname to smrsh; otherwise, the path defined by
977 confEBINDIR is used for the smrsh binary -- by default,
978 /usr/libexec/smrsh is assumed.
979
980promiscuous_relay
981 By default, the sendmail configuration files do not permit
982 mail relaying (that is, accepting mail from outside your
983 local host (class {w}) and sending it to another host than
984 your local host). This option sets your site to allow
985 mail relaying from any site to any site. In almost all
986 cases, it is better to control relaying more carefully
987 with the access map, class {R}, or authentication. Domains
988 can be added to class {R} by the macros RELAY_DOMAIN or
989 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
990 MASQUERADE_DOMAIN_FILE, see below).
991
992relay_entire_domain
993 By default, only hosts listed as RELAY in the access db
994 will be allowed to relay. This option also allows any
995 host in your domain as defined by class {m}.
996
997relay_hosts_only
998 By default, names that are listed as RELAY in the access
999 db and class {R} are domain names, not host names.
1000 For example, if you specify ``foo.com'', then mail to or
1001 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com
1002 will all be accepted for relaying. This feature changes
1003 the behaviour to lookup individual host names only.
1004
1005relay_based_on_MX
1006 Turns on the ability to allow relaying based on the MX
1007 records of the host portion of an incoming recipient; that
1008 is, if an MX record for host foo.com points to your site,
1009 you will accept and relay mail addressed to foo.com. See
1010 description below for more information before using this
1011 feature. Also, see the KNOWNBUGS entry regarding bestmx
1012 map lookups.
1013
1014 FEATURE(`relay_based_on_MX') does not necessarily allow
1015 routing of these messages which you expect to be allowed,
1016 if route address syntax (or %-hack syntax) is used. If
1017 this is a problem, add entries to the access-table or use
1018 FEATURE(`loose_relay_check').
1019
1020relay_mail_from
1021 Allows relaying if the mail sender is listed as RELAY in
1022 the access map. If an optional argument `domain' is given,
1023 the domain portion of the mail sender is checked too.
1024 This should only be used if absolutely necessary as the
1025 sender address can be easily forged. Use of this feature
1026 requires the "From:" tag be prepended to the key in the
1027 access map; see the discussion of tags and
1028 FEATURE(`relay_mail_from') in the section on ANTI-SPAM
1029 CONFIGURATION CONTROL.
1030
1031relay_local_from
1032 Allows relaying if the domain portion of the mail sender
1033 is a local host. This should only be used if absolutely
1034 necessary as it opens a window for spammers. Specifically,
1035 they can send mail to your mail server that claims to be
1036 from your domain (either directly or via a routed address),
1037 and you will go ahead and relay it out to arbitrary hosts
1038 on the Internet.
1039
1040accept_unqualified_senders
1041 Normally, MAIL FROM: commands in the SMTP session will be
1042 refused if the connection is a network connection and the
1043 sender address does not include a domain name. If your
1044 setup sends local mail unqualified (i.e., MAIL FROM: <joe>),
1045 you will need to use this feature to accept unqualified
1046 sender addresses. Setting the DaemonPortOptions modifier
1047 'u' overrides the default behavior, i.e., unqualified
1048 addresses are accepted even without this FEATURE.
1049 If this FEATURE is not used, the DaemonPortOptions modifier
1050 'f' can be used to enforce fully qualified addresses.
1051
1052accept_unresolvable_domains
1053 Normally, MAIL FROM: commands in the SMTP session will be
1054 refused if the host part of the argument to MAIL FROM:
1055 cannot be located in the host name service (e.g., an A or
1056 MX record in DNS). If you are inside a firewall that has
1057 only a limited view of the Internet host name space, this
1058 could cause problems. In this case you probably want to
1059 use this feature to accept all domains on input, even if
1060 they are unresolvable.
1061
1062access_db Turns on the access database feature. The access db gives
1063 you the ability to allow or refuse to accept mail from
1064 specified domains for administrative reasons. By default,
1065 the access database specification is:
1066
1067 hash /etc/mail/access
1068
1069 The format of the database is described in the anti-spam
1070 configuration control section later in this document.
1071
1072blacklist_recipients
1073 Turns on the ability to block incoming mail for certain
1074 recipient usernames, hostnames, or addresses. For
1075 example, you can block incoming mail to user nobody,
1076 host foo.mydomain.com, or guest@bar.mydomain.com.
1077 These specifications are put in the access db as
1078 described in the anti-spam configuration control section
1079 later in this document.
1080
1081delay_checks The rulesets check_mail and check_relay will not be called
1082 when a client connects or issues a MAIL command, respectively.
1083 Instead, those rulesets will be called by the check_rcpt
1084 ruleset; they will be skipped under certain circumstances.
1085 See "Delay all checks" in "ANTI-SPAM CONFIGURATION CONTROL".
1086
1087rbl This feature is deprecated! Please use dnsbl instead.
1088 Turns on rejection of hosts found in the Realtime Blackhole
1089 List. If an argument is provided it is used as the domain
1090 in which blocked hosts are listed; otherwise, the main
1091 RBL domain rbl.maps.vix.com is used. For details, see
1092 http://maps.vix.com/rbl/.
1093
1094dnsbl Turns on rejection of hosts found in an DNS based rejection
1095 list. If an argument is provided it is used as the domain
1096 in which blocked hosts are listed; otherwise it defaults to
1097 blackholes.mail-abuse.org. An explanation for an DNS based
1098 rejection list can be found http://mail-abuse.org/rbl/. A
1099 second argument can be used to change the default error
1100 message of Mail from $&{client_addr} refused by blackhole site
1101 SERVER where SERVER is replaced by the first argument. This
1102 feature can be included several times to query different DNS
1103 based rejection lists.
1104
1105loose_relay_check
1106 Normally, if % addressing is used for a recipient, e.g.
1107 user%site@othersite, and othersite is in class {R}, the
1108 check_rcpt ruleset will strip @othersite and recheck
1109 user@site for relaying. This feature changes that
1110 behavior. It should not be needed for most installations.
1111
1112no_default_msa Don't generate the default MSA daemon, i.e.,
1113 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E')
1114 To define a MSA daemon with other parameters, use this
1115 FEATURE and introduce new settings via DAEMON_OPTIONS().
1116
1117+-------+
1118| HACKS |
1119+-------+
1120
1121Some things just can't be called features. To make this clear,
1122they go in the hack subdirectory and are referenced using the HACK
1123macro. These will tend to be site-dependent. The release
1124includes the Berkeley-dependent "cssubdomain" hack (that makes
1125sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU;
1126this is intended as a short-term aid while moving hosts into
1127subdomains.
1128
1129
1130+--------------------+
1131| SITE CONFIGURATION |
1132+--------------------+
1133
1134 *****************************************************
1135 * This section is really obsolete, and is preserved *
1136 * only for back compatibility. You should plan on *
1137 * using mailertables for new installations. In *
1138 * particular, it doesn't work for the newer forms *
1139 * of UUCP mailers, such as uucp-uudom. *
1140 *****************************************************
1141
1142Complex sites will need more local configuration information, such as
1143lists of UUCP hosts they speak with directly. This can get a bit more
1144tricky. For an example of a "complex" site, see cf/ucbvax.mc.
1145
1146The SITECONFIG macro allows you to indirectly reference site-dependent
1147configuration information stored in the siteconfig subdirectory. For
1148example, the line
1149
1150 SITECONFIG(`uucp.ucbvax', `ucbvax', `U')
1151
1152reads the file uucp.ucbvax for local connection information. The
1153second parameter is the local name (in this case just "ucbvax" since
1154it is locally connected, and hence a UUCP hostname). The third
1155parameter is the name of both a macro to store the local name (in
1156this case, {U}) and the name of the class (e.g., {U}) in which to store
1157the host information read from the file. Another SITECONFIG line reads
1158
1159 SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W')
1160
1161This says that the file uucp.ucbarpa contains the list of UUCP sites
1162connected to ucbarpa.Berkeley.EDU. Class {W} will be used to
1163store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that
1164is, the name of the relay to which the hosts listed in uucp.ucbarpa
1165are connected. [The machine ucbarpa is gone now, but this
1166out-of-date configuration file has been left around to demonstrate
1167how you might do this.]
1168
1169Note that the case of SITECONFIG with a third parameter of ``U'' is
1170special; the second parameter is assumed to be the UUCP name of the
1171local site, rather than the name of a remote site, and the UUCP name
1172is entered into class {w} (the list of local hostnames) as $U.UUCP.
1173
1174The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing
1175more than a sequence of SITE macros describing connectivity. For
1176example:
1177
1178 SITE(`cnmat')
1179 SITE(`sgi olympus')
1180
1181The second example demonstrates that you can use two names on the
1182same line; these are usually aliases for the same host (or are at
1183least in the same company).
1184
1185
1186+--------------------+
1187| USING UUCP MAILERS |
1188+--------------------+
1189
1190It's hard to get UUCP mailers right because of the extremely ad hoc
1191nature of UUCP addressing. These config files are really designed
1192for domain-based addressing, even for UUCP sites.
1193
1194There are four UUCP mailers available. The choice of which one to
1195use is partly a matter of local preferences and what is running at
1196the other end of your UUCP connection. Unlike good protocols that
1197define what will go over the wire, UUCP uses the policy that you
1198should do what is right for the other end; if they change, you have
1199to change. This makes it hard to do the right thing, and discourages
1200people from updating their software. In general, if you can avoid
1201UUCP, please do.
1202
1203The major choice is whether to go for a domainized scheme or a
1204non-domainized scheme. This depends entirely on what the other
1205end will recognize. If at all possible, you should encourage the
1206other end to go to a domain-based system -- non-domainized addresses
1207don't work entirely properly.
1208
1209The four mailers are:
1210
1211 uucp-old (obsolete name: "uucp")
1212 This is the oldest, the worst (but the closest to UUCP) way of
1213 sending messages accros UUCP connections. It does bangify
1214 everything and prepends $U (your UUCP name) to the sender's
1215 address (which can already be a bang path itself). It can
1216 only send to one address at a time, so it spends a lot of
1217 time copying duplicates of messages. Avoid this if at all
1218 possible.
1219
1220 uucp-new (obsolete name: "suucp")
1221 The same as above, except that it assumes that in one rmail
1222 command you can specify several recipients. It still has a
1223 lot of other problems.
1224
1225 uucp-dom
1226 This UUCP mailer keeps everything as domain addresses.
1227 Basically, it uses the SMTP mailer rewriting rules. This mailer
1228 is only included if MAILER(`smtp') is also specified.
1229
1230 Unfortunately, a lot of UUCP mailer transport agents require
1231 bangified addresses in the envelope, although you can use
1232 domain-based addresses in the message header. (The envelope
1233 shows up as the From_ line on UNIX mail.) So....
1234
1235 uucp-uudom
1236 This is a cross between uucp-new (for the envelope addresses)
1237 and uucp-dom (for the header addresses). It bangifies the
1238 envelope sender (From_ line in messages) without adding the
1239 local hostname, unless there is no host name on the address
1240 at all (e.g., "wolf") or the host component is a UUCP host name
1241 instead of a domain name ("somehost!wolf" instead of
1242 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp')
1243 is also specified.
1244
1245Examples:
1246
1247On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following
1248summarizes the sender rewriting for various mailers.
1249
1250Mailer sender rewriting in the envelope
1251------ ------ -------------------------
1252uucp-{old,new} wolf grasp!wolf
1253uucp-dom wolf wolf@grasp.insa-lyon.fr
1254uucp-uudom wolf grasp.insa-lyon.fr!wolf
1255
1256uucp-{old,new} wolf@fr.net grasp!fr.net!wolf
1257uucp-dom wolf@fr.net wolf@fr.net
1258uucp-uudom wolf@fr.net fr.net!wolf
1259
1260uucp-{old,new} somehost!wolf grasp!somehost!wolf
1261uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr
1262uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf
1263
1264If you are using one of the domainized UUCP mailers, you really want
1265to convert all UUCP addresses to domain format -- otherwise, it will
1266do it for you (and probably not the way you expected). For example,
1267if you have the address foo!bar!baz (and you are not sending to foo),
1268the heuristics will add the @uucp.relay.name or @local.host.name to
1269this address. However, if you map foo to foo.host.name first, it
1270will not add the local hostname. You can do this using the uucpdomain
1271feature.
1272
1273
1274+-------------------+
1275| TWEAKING RULESETS |
1276+-------------------+
1277
1278For more complex configurations, you can define special rules.
1279The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing
1280the names. Any modifications made here are reflected in the header.
1281
1282A common use is to convert old UUCP addresses to SMTP addresses using
1283the UUCPSMTP macro. For example:
1284
1285 LOCAL_RULE_3
1286 UUCPSMTP(`decvax', `decvax.dec.com')
1287 UUCPSMTP(`research', `research.att.com')
1288
1289will cause addresses of the form "decvax!user" and "research!user"
1290to be converted to "user@decvax.dec.com" and "user@research.att.com"
1291respectively.
1292
1293This could also be used to look up hosts in a database map:
1294
1295 LOCAL_RULE_3
1296 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3
1297
1298This map would be defined in the LOCAL_CONFIG portion, as shown below.
1299
1300Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules.
1301For example, new rules are needed to parse hostnames that you accept
1302via MX records. For example, you might have:
1303
1304 LOCAL_RULE_0
1305 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.>
1306
1307You would use this if you had installed an MX record for cnmat.Berkeley.EDU
1308pointing at this host; this rule catches the message and forwards it on
1309using UUCP.
1310
1311You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2.
1312These rulesets are normally empty.
1313
1314A similar macro is LOCAL_CONFIG. This introduces lines added after the
1315boilerplate option setting but before rulesets. Do not declare rulesets in
1316the LOCAL_CONFIG section. It can be used to declare local database maps or
1317whatever. For example:
1318
1319 LOCAL_CONFIG
1320 Khostmap hash /etc/mail/hostmap
1321 Kyplocal nis -m hosts.byname
1322
1323
1324+---------------------------+
1325| MASQUERADING AND RELAYING |
1326+---------------------------+
1327
1328You can have your host masquerade as another using
1329
1330 MASQUERADE_AS(`host.domain')
1331
1332This causes mail being sent to be labeled as coming from the
1333indicated host.domain, rather than $j. One normally masquerades as
1334one of one's own subdomains (for example, it's unlikely that
1335Berkeley would choose to masquerade as an MIT site). This
1336behaviour is modified by a plethora of FEATUREs; in particular, see
1337masquerade_envelope, allmasquerade, limited_masquerade, and
1338masquerade_entire_domain.
1339
1340The masquerade name is not normally canonified, so it is important
1341that it be your One True Name, that is, fully qualified and not a
1342CNAME. However, if you use a CNAME, the receiving side may canonify
1343it for you, so don't think you can cheat CNAME mapping this way.
1344
1345Normally the only addresses that are masqueraded are those that come
1346from this host (that is, are either unqualified or in class {w}, the list
1347of local domain names). You can augment this list, which is realized
1348by class {M} using
1349
1350 MASQUERADE_DOMAIN(`otherhost.domain')
1351
1352The effect of this is that although mail to user@otherhost.domain
1353will not be delivered locally, any mail including any user@otherhost.domain
1354will, when relayed, be rewritten to have the MASQUERADE_AS address.
1355This can be a space-separated list of names.
1356
1357If these names are in a file, you can use
1358
1359 MASQUERADE_DOMAIN_FILE(`filename')
1360
1361to read the list of names from the indicated file (i.e., to add
1362elements to class {M}).
1363
1364To exempt hosts or subdomains from being masqueraded, you can use
1365
1366 MASQUERADE_EXCEPTION(`host.domain')
1367
1368This can come handy if you want to masquerade a whole domain
1369except for one (or a few) host(s).
1370
1371Normally only header addresses are masqueraded. If you want to
1372masquerade the envelope as well, use
1373
1374 FEATURE(`masquerade_envelope')
1375
1376There are always users that need to be "exposed" -- that is, their
1377internal site name should be displayed instead of the masquerade name.
1378Root is an example (which has been "exposed" by default prior to 8.10).
1379You can add users to this list using
1380
1381 EXPOSED_USER(`usernames')
1382
1383This adds users to class {E}; you could also use something like
1384
1385 FE/etc/mail/exposed-users
1386
1387You can also arrange to relay all unqualified names (that is, names
1388without @host) to a relay host. For example, if you have a central
1389email server, you might relay to that host so that users don't have
1390to have .forward files or aliases. You can do this using
1391
1392 define(`LOCAL_RELAY', `mailer:hostname')
1393
1394The ``mailer:'' can be omitted, in which case the mailer defaults to
1395"relay". There are some user names that you don't want relayed, perhaps
1396because of local aliases. A common example is root, which may be
1397locally aliased. You can add entries to this list using
1398
1399 LOCAL_USER(`usernames')
1400
1401This adds users to class {L}; you could also use something like
1402
1403 FL/etc/mail/local-users
1404
1405If you want all incoming mail sent to a centralized hub, as for a
1406shared /var/spool/mail scheme, use
1407
1408 define(`MAIL_HUB', `mailer:hostname')
1409
1410Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY
1411and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will
1412be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB.
1413Note: there is a (long standing) bug which keeps this combination from
1414working for addresses of the form user+detail.
1415Names in class {L} will be delivered locally, so you MUST have aliases or
1416.forward files for them.
1417
1418For example, if you are on machine mastodon.CS.Berkeley.EDU and you have
1419FEATURE(`stickyhost'), the following combinations of settings will have the
1420indicated effects:
1421
1422email sent to.... eric eric@mastodon.CS.Berkeley.EDU
1423
1424LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally)
1425mail.CS.Berkeley.EDU (no local aliasing) (aliasing done)
1426
1427MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
1428mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done)
1429
1430Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
1431MAIL_HUB set as above (no local aliasing) (aliasing done)
1432
1433If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and
1434MAIL_HUB act identically, with MAIL_HUB taking precedence.
1435
1436If you want all outgoing mail to go to a central relay site, define
1437SMART_HOST as well. Briefly:
1438
1439 LOCAL_RELAY applies to unqualified names (e.g., "eric").
1440 MAIL_HUB applies to names qualified with the name of the
1441 local host (e.g., "eric@mastodon.CS.Berkeley.EDU").
1442 SMART_HOST applies to names qualified with other hosts or
1443 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU"
1444 or "eric@[127.0.0.1]").
1445
1446However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY,
1447DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you
1448really want absolutely everything to go to a single central site you will
1449need to unset all the other relays -- or better yet, find or build a
1450minimal config file that does this.
1451
1452For duplicate suppression to work properly, the host name is best
1453specified with a terminal dot:
1454
1455 define(`MAIL_HUB', `host.domain.')
1456 note the trailing dot ---^
1457
1458
1459+--------------+
1460| LDAP ROUTING |
1461+--------------+
1462
1463FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft
1464LDAP Schema for Intranet Mail Routing
1465(draft-lachman-laser-ldap-mail-routing-01). This feature enables
1466LDAP-based rerouting of a particular address to either a different host
1467or a different address. The LDAP lookup is first attempted on the full
1468address (e.g., user@example.com) and then on the domain portion
1469(e.g., @example.com). Be sure to setup your domain for LDAP routing using
1470LDAPROUTE_DOMAIN(), e.g.:
1471
1472 LDAPROUTE_DOMAIN(`example.com')
1473
1474By default, the feature will use the schemas as specified in the draft
1475and will not reject addresses not found by the LDAP lookup. However,
1476this behavior can be changed by giving additional arguments to the FEATURE()
1477command:
1478
1479 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>)
1480
1481where <mailHost> is a map definition describing how to lookup an alternative
1482mail host for a particular address; <mailRoutingAddress> is a map definition
1483describing how to lookup an alternative address for a particular address; and
1484the <bounce> argument, if present and not the word "passthru", dictates
1485that mail should be bounced if neither a mailHost nor mailRoutingAddress
1486is found.
1487
1488The default <mailHost> map definition is:
1489
1490 ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient)
1491 (mailLocalAddress=%0))
1492
1493The default <mailRoutingAddress> map definition is:
1494
1495 ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient)
1496 (mailLocalAddress=%0))
1497
1498Note that neither includes the LDAP server hostname (-h server) or base DN
1499(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that
1500your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with
1501these settings. If this is not the case, the map definitions should be
1502changed as described above.
1503
1504The following possibilities exist as a result of an LDAP lookup on an
1505address:
1506
1507 mailHost is mailRoutingAddress is Results in
1508 ----------- --------------------- ----------
1509 set to a set mail delivered to
1510 "local" host mailRoutingAddress
1511
1512 set to a not set delivered to
1513 "local" host original address
1514
1515 set to a set mailRoutingAddress
1516 remote host relayed to mailHost
1517
1518 set to a not set original address
1519 remote host relayed to mailHost
1520
1521 not set set mail delivered to
1522 mailRoutingAddress
1523
1524 not set not set delivered to
1525 original address *OR*
1526 bounced as unknown user
1527
1528The term "local" host above means the host specified is in class {w}.
1529Note that the last case depends on whether the third argument is given
1530to the FEATURE() command. The default is to deliver the message to the
1531original address.
1532
1533The LDAP entries should be set up with an objectClass of
1534inetLocalMailRecipient and the address be listed in a mailLocalAddress
1535attribute. If present, there must be only one mailHost attribute and it
1536must contain a fully qualified host name as its value. Similarly, if
1537present, there must be only one mailRoutingAddress attribute and it must
1538contain an RFC 822 compliant address. Some example LDAP records (in ldif
1539format):
1540
1541 dn: uid=tom, o=example.com, c=US
1542 objectClass: inetLocalMailRecipient
1543 mailLocalAddress: tom@example.com
1544 mailRoutingAddress: thomas@mailhost.example.com
1545
1546This would deliver mail for tom@example.com to thomas@mailhost.example.com.
1547
1548 dn: uid=dick, o=example.com, c=US
1549 objectClass: inetLocalMailRecipient
1550 mailLocalAddress: dick@example.com
1551 mailHost: eng.example.com
1552
1553This would relay mail for dick@example.com to the same address but redirect
1554the mail to MX records listed for the host eng.example.com.
1555
1556 dn: uid=harry, o=example.com, c=US
1557 objectClass: inetLocalMailRecipient
1558 mailLocalAddress: harry@example.com
1559 mailHost: mktmail.example.com
1560 mailRoutingAddress: harry@mkt.example.com
1561
1562This would relay mail for harry@example.com to the MX records listed for
1563the host mktmail.example.com using the new address harry@mkt.example.com
1564when talking to that host.
1565
1566 dn: uid=virtual.example.com, o=example.com, c=US
1567 objectClass: inetLocalMailRecipient
1568 mailLocalAddress: @virtual.example.com
1569 mailHost: server.example.com
1570 mailRoutingAddress: virtual@example.com
1571
1572This would send all mail destined for any username @virtual.example.com to
1573the machine server.example.com's MX servers and deliver to the address
1574virtual@example.com on that relay machine.
1575
1576
1577+---------------------------------+
1578| ANTI-SPAM CONFIGURATION CONTROL |
1579+---------------------------------+
1580
1581The primary anti-spam features available in sendmail are:
1582
1583* Relaying is denied by default.
1584* Better checking on sender information.
1585* Access database.
1586* Header checks.
1587
1588Relaying (transmission of messages from a site outside your host (class
1589{w}) to another site except yours) is denied by default. Note that this
1590changed in sendmail 8.9; previous versions allowed relaying by default.
1591If you really want to revert to the old behaviour, you will need to use
1592FEATURE(`promiscuous_relay'). You can allow certain domains to relay
1593through your server by adding their domain name or IP address to class
1594{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database
1595(described below). The file consists (like any other file based class)
1596of entries listed on separate lines, e.g.,
1597
1598 sendmail.org
1599 128.32
1600 1:2:3:4:5:6:7
1601 host.mydomain.com
1602
1603If you use
1604
1605 FEATURE(`relay_entire_domain')
1606
1607then any host in any of your local domains (that is, class {m})
1608will be relayed (that is, you will accept mail either to or from any
1609host in your domain).
1610
1611You can also allow relaying based on the MX records of the host
1612portion of an incoming recipient address by using
1613
1614 FEATURE(`relay_based_on_MX')
1615
1616For example, if your server receives a recipient of user@domain.com
1617and domain.com lists your server in its MX records, the mail will be
1618accepted for relay to domain.com. Note that this will stop spammers
1619from using your host to relay spam but it will not stop outsiders from
1620using your server as a relay for their site (that is, they set up an
1621MX record pointing to your mail server, and you will relay mail addressed
1622to them without any prior arrangement). Along the same lines,
1623
1624 FEATURE(`relay_local_from')
1625
1626will allow relaying if the sender specifies a return path (i.e.
1627MAIL FROM: <user@domain>) domain which is a local domain. This a
1628dangerous feature as it will allow spammers to spam using your mail
1629server by simply specifying a return address of user@your.domain.com.
1630It should not be used unless absolutely necessary.
1631A slightly better solution is
1632
1633 FEATURE(`relay_mail_from')
1634
1635which allows relaying if the mail sender is listed as RELAY in the
1636access map. If an optional argument `domain' is given, the domain
1637portion of the mail sender is also checked to allowing relaying.
1638This option only works together with the tag From: for the LHS of
1639the access map entries (see below: Finer control...).
1640
1641
1642If source routing is used in the recipient address (i.e.
1643RCPT TO: <user%site.com@othersite.com>), sendmail will check
1644user@site.com for relaying if othersite.com is an allowed relay host
1645in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used,
1646or the access database if FEATURE(`access_db') is used. To prevent
1647the address from being stripped down, use:
1648
1649 FEATURE(`loose_relay_check')
1650
1651If you think you need to use this feature, you probably do not. This
1652should only be used for sites which have no control over the addresses
1653that they provide a gateway for. Use this FEATURE with caution as it
1654can allow spammers to relay through your server if not setup properly.
1655
1656NOTICE: It is possible to relay mail through a system which the anti-relay
1657rules do not prevent: the case of a system that does use FEATURE(`nouucp',
1658`nospecial') (system A) and relays local messages to a mail hub (e.g., via
1659LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use
1660FEATURE(`nouucp') at all, addresses of the form
1661<example.net!user@local.host> would be relayed to <user@example.net>.
1662System A doesn't recognize `!' as an address separator and therefore
1663forwards it to the mail hub which in turns relays it because it came from
1664a trusted local host. So if a mailserver allows UUCP (bang-format)
1665addresses, all systems from which it allows relaying should do the same
1666or reject those addresses.
1667
1668As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has
1669an unresolvable domain (i.e., one that DNS, your local name service,
1670or special case rules in ruleset 3 cannot locate). If you want to
1671continue to accept such domains, e.g., because you are inside a
1672firewall that has only a limited view of the Internet host name space
1673(note that you will not be able to return mail to them unless you have
1674some "smart host" forwarder), use
1675
1676 FEATURE(`accept_unresolvable_domains')
1677
1678sendmail will also refuse mail if the MAIL FROM: parameter is not
1679fully qualified (i.e., contains a domain as well as a user). If you
1680want to continue to accept such senders, use
1681
1682 FEATURE(`accept_unqualified_senders')
1683
1684Setting the DaemonPortOptions modifier 'u' overrides the default behavior,
1685i.e., unqualified addresses are accepted even without this FEATURE. If
1686this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used
1687to enforce fully qualified addresses.
1688
1689An ``access'' database can be created to accept or reject mail from
1690selected domains. For example, you may choose to reject all mail
1691originating from known spammers. To enable such a database, use
1692
1693 FEATURE(`access_db')
1694
1695The FEATURE macro can accept a second parameter giving the key file
1696definition for the database; for example
1697
1698 FEATURE(`access_db', `hash /etc/mail/access')
1699
1700Remember, since /etc/mail/access is a database, after creating the text
1701file as described below, you must use makemap to create the database
1702map. For example:
1703
1704 makemap hash /etc/mail/access < /etc/mail/access
1705
1706The table itself uses e-mail addresses, domain names, and network
1707numbers as keys. For example,
1708
1709 spammer@aol.com REJECT
1710 cyberspammer.com REJECT
1711 192.168.212 REJECT
1712
1713would refuse mail from spammer@aol.com, any user from cyberspammer.com
1714(or any host within the cyberspammer.com domain), and any host on the
1715192.168.212.* network.
1716
1717The value part of the map can contain:
1718
1719 OK Accept mail even if other rules in the
1720 running ruleset would reject it, for example,
1721 if the domain name is unresolvable.
1722 RELAY Accept mail addressed to the indicated domain or
1723 received from the indicated domain for relaying
1724 through your SMTP server. RELAY also serves as
1725 an implicit OK for the other checks.
1726 REJECT Reject the sender or recipient with a general
1727 purpose message.
1728 DISCARD Discard the message completely using the
1729 $#discard mailer. If it is used in check_compat,
1730 it affects only the designated recipient, not
1731 the whole message as it does in all other cases.
1732 This should only be used if really necessary.
1733 ### any text where ### is an RFC 821 compliant error code and
1734 "any text" is a message to return for the command.
1735 The string should be quoted to avoid surprises,
1736 e.g., sendmail may remove spaces otherwise.
1737 ERROR:### any text
1738 as above, but useful to mark error messages as such.
1739 ERROR:D.S.N:### any text
1740 where D.S.N is an RFC 1893 compliant error code
1741 and the rest as above.
1742
1743For example:
1744
1745 cyberspammer.com ERROR:"550 We don't accept mail from spammers"
1746 okay.cyberspammer.com OK
1747 sendmail.org RELAY
1748 128.32 RELAY
1749 1:2:3:4:5:6:7 RELAY
1750 [127.0.0.3] OK
1751 [1:2:3:4:5:6:7:8] OK
1752
1753would accept mail from okay.cyberspammer.com, but would reject mail from
1754all other hosts at cyberspammer.com with the indicated message. It would
1755allow relaying mail from and to any hosts in the sendmail.org domain, and
1756allow relaying from the 128.32.*.* network and the IPv6 1:2:3:4:5:6:7:*
1757network. The latter two entries are for checks against ${client_name} if
1758the IP address doesn't resolve to a hostname (or is considered as "may be
1759forged").
1760
1761Warning: if you change the RFC 821 compliant error code from the default
1762value of 550, then you should probably also change the RFC 1893 compliant
1763error code to match it. For example, if you use
1764
1765 user@example.com 450 mailbox full
1766
1767the error returned would be "450 4.0.0 mailbox full" which is wrong.
1768Use "450 4.2.2 mailbox full" or "ERROR:4.2.2:450 mailbox full"
1769instead.
1770
1771Note, UUCP users may need to add hostname.UUCP to the access database
1772or class {R}. If you also use:
1773
1774 FEATURE(`relay_hosts_only')
1775
1776then the above example will allow relaying for sendmail.org, but not
1777hosts within the sendmail.org domain. Note that this will also require
1778hosts listed in class {R} to be fully qualified host names.
1779
1780You can also use the access database to block sender addresses based on
1781the username portion of the address. For example:
1782
1783 FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted
1784
1785Note that you must include the @ after the username to signify that
1786this database entry is for checking only the username portion of the
1787sender address.
1788
1789If you use:
1790
1791 FEATURE(`blacklist_recipients')
1792
1793then you can add entries to the map for local users, hosts in your
1794domains, or addresses in your domain which should not receive mail:
1795
1796 badlocaluser@ ERROR:550 Mailbox disabled for this username
1797 host.mydomain.com ERROR:550 That host does not accept mail
1798 user@otherhost.mydomain.com ERROR:550 Mailbox disabled for this recipient
1799
1800This would prevent a recipient of badlocaluser@mydomain.com, any
1801user at host.mydomain.com, and the single address
1802user@otherhost.mydomain.com from receiving mail. Please note: a
1803local username must be now tagged with an @ (this is consistent
1804with the check of the sender address, and hence it is possible to
1805distinguish between hostnames and usernames). Enabling this feature
1806will keep you from sending mails to all addresses that have an
1807error message or REJECT as value part in the access map. Taking
1808the example from above:
1809
1810 spammer@aol.com REJECT
1811 cyberspammer.com REJECT
1812
1813Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com.
1814
1815There is also a ``Realtime Blackhole List'' run by the MAPS project
1816at http://maps.vix.com/. This is a database maintained in DNS of
1817spammers. To use this database, use
1818
1819 FEATURE(`dnsbl')
1820
1821This will cause sendmail to reject mail from any site in the
1822Realtime Blackhole List database. You can specify an alternative
1823RBL domain to check by specifying an argument to the FEATURE.
1824The default error message is
1825
1826 Mail from $&{client_addr} refused by blackhole site DOMAIN
1827
1828where DOMAIN is the first argument of the feature. A second argument
1829can be used to specify a different text. This FEATURE can be
1830included several times to query different DNS based rejection lists,
1831e.g., the dial-up user list (see http://maps.vix.com/dul/).
1832
1833The features described above make use of the check_relay, check_mail,
1834and check_rcpt rulesets. If you wish to include your own checks,
1835you can put your checks in the rulesets Local_check_relay,
1836Local_check_mail, and Local_check_rcpt. For example if you wanted to
1837block senders with all numeric usernames (i.e. 2312343@bigisp.com),
1838you would use Local_check_mail and the new regex map:
1839
1840 LOCAL_CONFIG
1841 Kallnumbers regex -a@MATCH ^[0-9]+$
1842
1843 LOCAL_RULESETS
1844 SLocal_check_mail
1845 # check address against various regex checks
1846 R$* $: $>Parse0 $>3 $1
1847 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $)
1848 R@MATCH $#error $: 553 Header Error
1849
1850These rules are called with the original arguments of the corresponding
1851check_* ruleset. If the local ruleset returns $#OK, no further checking
1852is done by the features described above and the mail is accepted. If the
1853local ruleset resolves to a mailer (such as $#error or $#discard), the
1854appropriate action is taken. Otherwise, the results of the local
1855rewriting are ignored.
1856
1857Finer control by using tags for the LHS of the access map
1858
1859Read this section only if the options listed so far are not sufficient
1860for your purposes. There is now the option to tag entries in the
1861access map according to their type. Three tags are available:
1862
1863 Connect: connection information (${client_addr}, ${client_name})
1864 From: envelope sender
1865 To: envelope recipient
1866
1867If the required item is looked up in a map, it will be tried first
1868with the corresponding tag in front, then (as fallback to enable
1869backward compatibility) without any tag. For example,
1870
1871 From:spammer@some.dom REJECT
1872 To:friend.domain RELAY
1873 Connect:friend.domain OK
1874 Connect:from.domain RELAY
1875 From:good@another.dom OK
1876 From:another.dom REJECT
1877
1878This would deny mails from spammer@some.dom but you could still
1879send mail to that address even if FEATURE(`blacklist_recipients')
1880is enabled. Your system will allow relaying to friend.domain, but
1881not from it (unless enabled by other means). Connections from that
1882domain will be allowed even if it ends up in one of the DNS based
1883rejection lists. Relaying is enabled from from.domain but not to
1884it (since relaying is based on the connection information for
1885outgoing relaying, the tag Connect: must be used; for incoming
1886relaying, which is based on the recipient address, To: must be
1887used). The last two entries allow mails from good@another.dom but
1888reject mail from all other addresses with another.dom as domain
1889part.
1890
1891Delay all checks
1892
1893By using FEATURE(`delay_checks') the rulesets check_mail and check_relay
1894will not be called when a client connects or issues a MAIL command,
1895respectively. Instead, those rulesets will be called by the check_rcpt
1896ruleset; they will be skipped if a sender has been authenticated using
1897a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH().
1898If check_mail returns an error then the RCPT TO command will be rejected
1899with that error. If it returns some other result starting with $# then
1900check_relay will be skipped. If the sender address (or a part of it) is
1901listed in the access map and it has a RHS of OK or RELAY, then check_relay
1902will be skipped. This has an interesting side effect: if your domain is
1903my.domain and you have
1904
1905 my.domain RELAY
1906
1907in the access map, then all e-mail with a sender address of
1908<user@my.domain> gets through, even if check_relay would reject it
1909(e.g., based on the hostname or IP address). This allows spammers
1910to get around DNS based blacklist by faking the sender address. To
1911avoid this problem you have to use tagged entries:
1912
1913 To:my.domain RELAY
1914 Connect:my.domain RELAY
1915
1916if you need those entries at all (class {R} may take care of them).
1917
1918FEATURE(`delay_checks') can take an optional argument:
1919
1920 FEATURE(`delay_checks', `friend')
1921 enables spamfriend test
1922 FEATURE(`delay_checks', `hater')
1923 enables spamhater test
1924
1925If such an argument is given, the recipient will be looked up in the access
1926map (using the tag To:). If the argument is `friend', then the other
1927rulesets will be skipped if the recipient address is found and has RHS
1928spamfriend. If the argument is `hater', then the other rulesets will be
1929applied if the recipient address is found and has RHS spamhater.
1930
1931This allows for simple exceptions from the tests, e.g., by activating
1932the spamfriend option and having
1933
1934 To:abuse@ SPAMFRIEND
1935
1936in the access map, mail to abuse@localdomain will get through. It is
1937also possible to specify a full address or an address with +detail:
1938
1939 To:abuse@abuse.my.domain SPAMFRIEND
1940 To:me+abuse@ SPAMFRIEND
1941
1942
1943Header Checks
1944
1945You can also reject mail on the basis of the contents of headers.
1946This is done by adding a ruleset call to the 'H' header definition command
1947in sendmail.cf. For example, this can be used to check the validity of
1948a Message-ID: header:
1949
1950 LOCAL_RULESETS
1951 HMessage-Id: $>CheckMessageId
1952
1953 SCheckMessageId
1954 R< $+ @ $+ > $@ OK
1955 R$* $#error $: 553 Header Error
1956
1957The alternative format:
1958
1959 HSubject: $>+CheckSubject
1960
1961that is, $>+ instead of $>, gives the full Subject: header including
1962comments to the ruleset (comments in parentheses () are stripped
1963by default).
1964
1965A default ruleset for headers which don't have a specific ruleset
1966defined for them can be given by:
1967
1968 H*: $>CheckHdr
1969
1970Notice: All rules act on tokens as explained in doc/op/op.{me,ps,txt}.
1971That may cause problems with simple header checks due to the
1972tokenization. It might be simpler to use a regex map and apply it
1973to $&{currHeader}.
1974
1975After all of the headers are read, the check_eoh ruleset will be called for
1976any final header-related checks. The ruleset is called with the number of
1977headers and the size of all of the headers in bytes separated by $|. One
1978example usage is to reject messages which do not have a Message-Id:
1979header. However, the Message-Id: header is *NOT* a required header and is
1980not a guaranteed spam indicator. This ruleset is an example and should
1981probably not be used in production.
1982
1983 LOCAL_CONFIG
1984 Kstorage macro
1985
1986 LOCAL_RULESETS
1987 HMessage-Id: $>CheckMessageId
1988
1989 SCheckMessageId
1990 # Record the presence of the header
1991 R$* $: $(storage {MessageIdCheck} $@ OK $) $1
1992 R< $+ @ $+ > $@ OK
1993 R$* $#error $: 553 Header Error
1994
1995 Scheck_eoh
1996 # Check the macro
1997 R$* $: < $&{MessageIdCheck} >
1998 # Clear the macro for the next message
1999 R$* $: $(storage {MessageIdCheck} $) $1
2000 # Has a Message-Id: header
2001 R< $+ > $@ OK
2002 # Allow missing Message-Id: from local mail
2003 R$* $: < $&{client_name} >
2004 R< > $@ OK
2005 R< $=w > $@ OK
2006 # Otherwise, reject the mail
2007 R$* $#error $: 553 Header Error
2008
2009+----------+
2010| STARTTLS |
2011+----------+
2012
2013In this text, cert will be used as an abreviation for X.509 certificate,
2014DN is the distinguished name of a cert, and CA is a certification authority.
2015
2016Macros related to STARTTLS are:
2017
2018${cert_issuer} holds the DN of the CA (the cert issuer).
2019${cert_subject} holds the DN of the cert (called the cert subject).
2020${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1,
2021 SSLv3, SSLv2.
2022${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA,
2023 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA.
2024${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm
2025 used for the connection.
2026${verify} holds the result of the verification of the presented cert. Possible
2027 values are:
2028 OK verification succeeded.
2029 NO no cert presented.
2030 FAIL cert presented but could not be verified, e.g., the signing
2031 CA is missing.
2032 NONE STARTTLS has not been performed.
2033 TEMP temporary error occurred.
2034 PROTOCOL some protocol error occurred.
2035 SOFTWARE STARTTLS handshake failed.
2036${server_name} the name of the server of the current outgoing SMTP
2037 connection.
2038${server_addr} the address of the server of the current outgoing SMTP
2039 connection.
2040
2041Relaying
2042
2043SMTP STARTTLS can allow relaying for senders who have successfully
2044authenticated themselves. This is done in the ruleset RelayAuth. If the
2045verification of the cert failed (${verify} != OK), relaying is subject to
2046the usual rules. Otherwise the DN of the issuer is looked up in the access
2047map using the tag CERTISSUER. If the resulting value is RELAY, relaying is
2048allowed. If it is SUBJECT, the DN of the cert subject is looked up next in
2049the access map. using the tag CERTSUBJECT. If the value is RELAY, relaying
2050is allowed.
2051
2052To make things a bit more flexible (or complicated), the values for
2053${cert_issuer} and ${cert_subject} can be optionally modified by regular
2054expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and
2055_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in
2056rulesets and map lookups, they are modified as follows: each non-printable
2057character and the characters '<', '>', '(', ')', '"', '+' are replaced by
2058their HEX value with a leading '+'. For example:
2059
2060/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email=
2061darth+cert@endmail.org
2062
2063is encoded as:
2064
2065/C=US/ST=California/O=endmail.org/OU=private/CN=
2066Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
2067
2068(line breaks have been inserted for readability).
2069
2070Of course it is also possible to write a simple rulesets that allows
2071relaying for everyone who can present a cert that can be verified, e.g.,
2072
2073LOCAL_RULESETS
2074SLocal_check_rcpt
2075R$* $: $&{verify}
2076ROK $# OK
2077
2078Allowing Connections
2079
2080The rulesets tls_server and tls_client are used to decide whether an SMTP
2081connection is accepted (or should continue).
2082
2083tls_server is called when sendmail acts as client after a STARTTLS command
2084(should) have been issued. The parameter is the value of ${verify}.
2085
2086tls_client is called when sendmail acts as server, after a STARTTLS command
2087has been issued, and from check_mail. The parameter is the value of
2088${verify} and STARTTLS or MAIL, respectively.
2089
2090Both rulesets behave the same. If no access map is in use, the connection
2091will be accepted unless ${verify} is SOFTWARE, in which case the connection
2092is always aborted. Otherwise, ${client_name} (${server_name}) is looked
2093up in the access map using the tag TLS_Srv (or TLS_Clt), which is done
2094with the ruleset LookUpDomain. If no entry is found, ${client_addr}
2095(${server_addr}) is looked up in the access map (same tag, ruleset
2096LookUpAddr). If this doesn't result in an entry either, just the tag is
2097looked up in the access map (included the trailing :). The result of the
2098lookups is then used to call the ruleset tls_connection, which checks the
2099requirement specified by the RHS in the access map against the actual
2100parameters of the current TLS connection, esp. ${verify} and
2101${cipher_bits}. Legal RHSs in the access map are:
2102
2103VERIFY verification must have succeeded
2104VERIFY:bits verification must have succeeded and ${cipher_bits} must
2105 be greater than or equal bits.
2106ENCR:bits ${cipher_bits} must be greater than or equal bits.
2107
2108The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary
2109or permanent error. The default is a temporary error code (403 4.7.0)
2110unless the macro TLS_PERM_ERR is set during generation of the .cf file.
2111
2112If a certain level of encryption is required, then it might also be
2113possible that this level is provided by the security layer from a SASL
2114algorithm, e.g., DIGEST-MD5.
2115
2116Example: e-mail send to secure.example.com should only use an encrypted
2117connection. e-mail received from hosts within the laptop.example.com domain
2118should only be accepted if they have been authenticated.
2119TLS_Srv:secure.example.com ENCR:112
2120TLS_Clt:laptop.example.com PERM+VERIFY:112
2121
2122Notice: requiring that e-mail is sent to a server only encrypted,
2123e.g., via
2124
2125TLS_Srv:secure.domain ENCR:112
2126
2127doesn't necessarily mean that e-mail sent to that domain is encrypted.
2128If the domain has multiple MX servers, e.g.,
2129
2130secure.domain. IN MX 10 mail.secure.domain.
2131secure.domain. IN MX 50 mail.other.domain.
2132
2133then mail to user@secure.domain may go unencrypted to mail.other.domain.
2134
2135
2136Received: Header
2137
2138The Received: header reveals whether STARTTLS has been used. It contains an
2139extra line:
2140
2141(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify})
2142
2143+---------------------+
2144| SMTP AUTHENTICATION |
2145+---------------------+
2146
2147The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be
2148used in anti-relay rulesets to allow relaying for those users that
2149authenticated themselves. A very simple example is:
2150
2151SLocal_check_rcpt
2152R$* $: $&{auth_type}
2153R$+ $# OK
2154
2155which checks whether a user has successfully authenticated using
2156any available mechanism. Depending on the setup of the CYRUS SASL
2157library, more sophisticated rulesets might be required, e.g.,
2158
2159SLocal_check_rcpt
2160R$* $: $&{auth_type} $| $&{auth_authen}
2161RDIGEST-MD5 $| $+@$=w $# OK
2162
2163to allow relaying for users that authenticated using DIGEST-MD5
2164and have an identity in the local domains.
2165
2166The ruleset Strust_auth is used to determine whether a given AUTH=
2167parameter (that is passed to this ruleset) should be trusted. This
2168ruleset may make use of the other ${auth_*} macros. Only if the
2169ruleset resolves to the error mailer, the AUTH= parameter is not
2170trusted. A user supplied ruleset Local_trust_auth can be written
2171to modify the default behavior, which only trust the AUTH=
2172parameter if it is identical to the authenticated user.
2173
2174Per default, relaying is allowed for any user who authenticated
2175via a "trusted" mechanism, i.e., one that is defined via
2176TRUST_AUTH_MECH(`list of mechanisms')
2177For example:
2178TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5')
2179
2180If the selected mechanism provides a security layer the number of
2181bits used for the key of the symmetric cipher is stored in the
2182macro ${auth_ssf}.
2183
2184+--------------------------------+
2185| ADDING NEW MAILERS OR RULESETS |
2186+--------------------------------+
2187
2188Sometimes you may need to add entirely new mailers or rulesets. They
2189should be introduced with the constructs MAILER_DEFINITIONS and
2190LOCAL_RULESETS respectively. For example:
2191
2192 MAILER_DEFINITIONS
2193 Mmymailer, ...
2194 ...
2195
2196 LOCAL_RULESETS
2197 Smyruleset
2198 ...
2199
2200
2201#if _FFR_MILTER
2202+-------------------------+
2203| ADDING NEW MAIL FILTERS |
2204+-------------------------+
2205
2206Sendmail supports mail filters to filter incoming SMTP messages according
2207to the "Sendmail Mail Filter API" documentation. These filters can be
2208configured in your mc file using the two commands:
2209
2210 MAIL_FILTER(`name', `equates')
2211 INPUT_MAIL_FILTER(`name', `equates')
2212
2213The first command, MAIL_FILTER(), simply defines a filter with the given
2214name and equates. For example:
2215
2216 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
2217
2218This creates the equivalent sendmail.cf entry:
2219
2220 Xarchive, S=local:/var/run/archivesock, F=R
2221
2222The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER
2223but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name
2224of the filter such that the filter will actually be called by sendmail.
2225
2226For example, the two commands:
2227
2228 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
2229 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
2230
2231are equivalent to the three commands:
2232
2233 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
2234 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
2235 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck')
2236
2237In general, INPUT_MAIL_FILTER() should be used unless you need to define
2238more filters than you want to use for `confINPUT_MAIL_FILTERS'.
2239
2240Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER()
2241commands will clear the list created by the prior INPUT_MAIL_FILTER()
2242commands.
2243#endif /* _FFR_MILTER */
2244
2245
2246+-------------------------------+
2247| NON-SMTP BASED CONFIGURATIONS |
2248+-------------------------------+
2249
2250These configuration files are designed primarily for use by
2251SMTP-based sites. They may not be well tuned for UUCP-only or
2252UUCP-primarily nodes (the latter is defined as a small local net
2253connected to the rest of the world via UUCP). However, there is
2254one hook to handle some special cases.
2255
2256You can define a ``smart host'' that understands a richer address syntax
2257using:
2258
2259 define(`SMART_HOST', `mailer:hostname')
2260
2261In this case, the ``mailer:'' defaults to "relay". Any messages that
2262can't be handled using the usual UUCP rules are passed to this host.
2263
2264If you are on a local SMTP-based net that connects to the outside
2265world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules.
2266For example:
2267
2268 define(`SMART_HOST', `uucp-new:uunet')
2269 LOCAL_NET_CONFIG
2270 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3
2271
2272This will cause all names that end in your domain name ($m) via
2273SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet.
2274If you have FEATURE(`nocanonify'), you may need to omit the dots after
2275the $m. If you are running a local DNS inside your domain which is
2276not otherwise connected to the outside world, you probably want to
2277use:
2278
2279 define(`SMART_HOST', `smtp:fire.wall.com')
2280 LOCAL_NET_CONFIG
2281 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3
2282
2283That is, send directly only to things you found in your DNS lookup;
2284anything else goes through SMART_HOST.
2285
2286You may need to turn off the anti-spam rules in order to accept
2287UUCP mail with FEATURE(`promiscuous_relay') and
2288FEATURE(`accept_unresolvable_domains').
2289
2290
2291+-----------+
2292| WHO AM I? |
2293+-----------+
2294
2295Normally, the $j macro is automatically defined to be your fully
2296qualified domain name (FQDN). Sendmail does this by getting your
2297host name using gethostname and then calling gethostbyname on the
2298result. For example, in some environments gethostname returns
2299only the root of the host name (such as "foo"); gethostbyname is
2300supposed to return the FQDN ("foo.bar.com"). In some (fairly rare)
2301cases, gethostbyname may fail to return the FQDN. In this case
2302you MUST define confDOMAIN_NAME to be your fully qualified domain
2303name. This is usually done using:
2304
2305 Dmbar.com
2306 define(`confDOMAIN_NAME', `$w.$m')dnl
2307
2308
2309+-----------------------------------+
2310| ACCEPTING MAIL FOR MULTIPLE NAMES |
2311+-----------------------------------+
2312
2313If your host is known by several different names, you need to augment
2314class {w}. This is a list of names by which your host is known, and
2315anything sent to an address using a host name in this list will be
2316treated as local mail. You can do this in two ways: either create the
2317file /etc/mail/local-host-names containing a list of your aliases (one per
2318line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add
2319``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified
2320name of the host, rather than a short name.
2321
2322If you want to have different address in different domains, take
2323a look at the virtusertable feature, which is also explained at
2324http://www.sendmail.org/virtual-hosting.html
2325
2326
2327+--------------------+
2328| USING MAILERTABLES |
2329+--------------------+
2330
2331To use FEATURE(`mailertable'), you will have to create an external
2332database containing the routing information for various domains.
2333For example, a mailertable file in text format might be:
2334
2335 .my.domain xnet:%1.my.domain
2336 uuhost1.my.domain uucp-new:uuhost1
2337 .bitnet smtp:relay.bit.net
2338
2339This should normally be stored in /etc/mail/mailertable. The actual
2340database version of the mailertable is built using:
2341
2342 makemap hash /etc/mail/mailertable < /etc/mail/mailertable
2343
2344The semantics are simple. Any LHS entry that does not begin with
2345a dot matches the full host name indicated. LHS entries beginning
2346with a dot match anything ending with that domain name (including
2347the leading dot) -- that is, they can be thought of as having a
2348leading ".+" regular expression pattern for a non-empty sequence of
2349characters. Matching is done in order of most-to-least qualified
2350-- for example, even though ".my.domain" is listed first in the
2351above example, an entry of "uuhost1.my.domain" will match the second
2352entry since it is more explicit. Note: e-mail to "user@my.domain"
2353does not match any entry in the above table. You need to have
2354something like:
2355
2356 my.domain esmtp:host.my.domain
2357
2358The RHS should always be a "mailer:host" pair. The mailer is the
2359configuration name of a mailer (that is, an {M} line in the
2360sendmail.cf file). The "host" will be the hostname passed to
2361that mailer. In domain-based matches (that is, those with leading
2362dots) the "%1" may be used to interpolate the wildcarded part of
2363the host name. For example, the first line above sends everything
2364addressed to "anything.my.domain" to that same host name, but using
2365the (presumably experimental) xnet mailer.
2366
2367In some cases you may want to temporarily turn off MX records,
2368particularly on gateways. For example, you may want to MX
2369everything in a domain to one machine that then forwards it
2370directly. To do this, you might use the DNS configuration:
2371
2372 *.domain. IN MX 0 relay.machine
2373
2374and on relay.machine use the mailertable:
2375
2376 .domain smtp:[gateway.domain]
2377
2378The [square brackets] turn off MX records for this host only.
2379If you didn't do this, the mailertable would use the MX record
2380again, which would give you an MX loop.
2381
2382
2383+--------------------------------+
2384| USING USERDB TO MAP FULL NAMES |
2385+--------------------------------+
2386
2387The user database was not originally intended for mapping full names
2388to login names (e.g., Eric.Allman => eric), but some people are using
2389it that way. (it is recommended that you set up aliases for this
2390purpose instead -- since you can specify multiple alias files, this
2391is fairly easy.) The intent was to locate the default maildrop at
2392a site, but allow you to override this by sending to a specific host.
2393
2394If you decide to set up the user database in this fashion, it is
2395imperative that you not use FEATURE(`stickyhost') -- otherwise,
2396e-mail sent to Full.Name@local.host.name will be rejected.
2397
2398To build the internal form of the user database, use:
2399
2400 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt
2401
2402As a general rule, it is an extremely bad idea to using full names
2403as e-mail addresses, since they are not in any sense unique. For
2404example, the UNIX software-development community has at least two
2405well-known Peter Deutsches, and at one time Bell Labs had two
2406Stephen R. Bournes with offices along the same hallway. Which one
2407will be forced to suffer the indignity of being Stephen_R_Bourne_2?
2408The less famous of the two, or the one that was hired later?
2409
2410Finger should handle full names (and be fuzzy). Mail should use
2411handles, and not be fuzzy.
2412
2413
2414+--------------------------------+
2415| MISCELLANEOUS SPECIAL FEATURES |
2416+--------------------------------+
2417
2418Plussed users
2419 Sometimes it is convenient to merge configuration on a
2420 centralized mail machine, for example, to forward all
2421 root mail to a mail server. In this case it might be
2422 useful to be able to treat the root addresses as a class
2423 of addresses with subtle differences. You can do this
2424 using plussed users. For example, a client might include
2425 the alias:
2426
2427 root: root+client1@server
2428
2429 On the server, this will match an alias for "root+client1".
2430 If that is not found, the alias "root+*" will be tried,
2431 then "root".
2432
2433
2434+----------------+
2435| SECURITY NOTES |
2436+----------------+
2437
2438A lot of sendmail security comes down to you. Sendmail 8 is much
2439more careful about checking for security problems than previous
2440versions, but there are some things that you still need to watch
2441for. In particular:
2442
2443* Make sure the aliases file isn't writable except by trusted
2444 system personnel. This includes both the text and database
2445 version.
2446
2447* Make sure that other files that sendmail reads, such as the
2448 mailertable, are only writable by trusted system personnel.
2449
2450* The queue directory should not be world writable PARTICULARLY
2451 if your system allows "file giveaways" (that is, if a non-root
2452 user can chown any file they own to any other user).
2453
2454* If your system allows file giveaways, DO NOT create a publically
2455 writable directory for forward files. This will allow anyone
2456 to steal anyone else's e-mail. Instead, create a script that
2457 copies the .forward file from users' home directories once a
2458 night (if you want the non-NFS-mounted forward directory).
2459
2460* If your system allows file giveaways, you'll find that
2461 sendmail is much less trusting of :include: files -- in
2462 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in
2463 /etc/shells before they will be trusted (that is, before
2464 files and programs listed in them will be honored).
2465
2466In general, file giveaways are a mistake -- if you can turn them
2467off, do so.
2468
2469
2470+--------------------------------+
2471| TWEAKING CONFIGURATION OPTIONS |
2472+--------------------------------+
2473
2474There are a large number of configuration options that don't normally
2475need to be changed. However, if you feel you need to tweak them, you
2476can define the following M4 variables. This list is shown in four
2477columns: the name you define, the default value for that definition,
2478the option or macro that is affected (either Ox for an option or Dx
2479for a macro), and a brief description. Greater detail of the semantics
2480can be found in the Installation and Operations Guide.
2481
2482Some options are likely to be deprecated in future versions -- that is,
2483the option is only included to provide back-compatibility. These are
2484marked with "*".
2485
2486Remember that these options are M4 variables, and hence may need to
2487be quoted. In particular, arguments with commas will usually have to
2488be ``double quoted, like this phrase'' to avoid having the comma
2489confuse things. This is common for alias file definitions and for
2490the read timeout.
2491
2492M4 Variable Name Configuration Description & [Default]
2493================ ============= =======================
2494confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used
2495 for internally generated outgoing
2496 messages.
2497confDOMAIN_NAME $j macro If defined, sets $j. This should
2498 only be done if your system cannot
2499 determine your local domain name,
2500 and then it should be set to
2501 $w.Foo.COM, where Foo.COM is your
2502 domain name.
2503confCF_VERSION $Z macro If defined, this is appended to the
2504 configuration version name.
2505confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
2506 internally generated From: address.
2507confRECEIVED_HEADER Received:
2508 [$?sfrom $s $.$?_($?s$|from $.$_)
2509 $.$?{auth_type}(authenticated)
2510 $.by $j ($v/$Z)$?r with $r$. id $i$?u
2511 for $u; $|;
2512 $.$b]
2513 The format of the Received: header
2514 in messages passed through this host.
2515 It is unwise to try to change this.
2516confCW_FILE Fw class [/etc/mail/local-host-names] Name
2517 of file used to get the local
2518 additions to class {w} (local host
2519 names).
2520confCT_FILE Ft class [/etc/mail/trusted-users] Name of
2521 file used to get the local additions
2522 to class {t} (trusted users).
2523confCR_FILE FR class [/etc/mail/relay-domains] Name of
2524 file used to get the local additions
2525 to class {R} (hosts allowed to relay).
2526confTRUSTED_USERS Ct class [no default] Names of users to add to
2527 the list of trusted users. This list
2528 always includes root, uucp, and daemon.
2529 See also FEATURE(`use_ct_file').
2530confTRUSTED_USER TrustedUser [no default] Trusted user for file
2531 ownership and starting the daemon.
2532 Not to be confused with
2533 confTRUSTED_USERS (see above).
2534confSMTP_MAILER - [esmtp] The mailer name used when
2535 SMTP connectivity is required.
2536 One of "smtp", "smtp8",
2537 "esmtp", or "dsmtp".
2538confUUCP_MAILER - [uucp-old] The mailer to be used by
2539 default for bang-format recipient
2540 addresses. See also discussion of
2541 class {U}, class {Y}, and class {Z}
2542 in the MAILER(`uucp') section.
2543confLOCAL_MAILER - [local] The mailer name used when
2544 local connectivity is required.
2545 Almost always "local".
2546confRELAY_MAILER - [relay] The default mailer name used
2547 for relaying any mail (e.g., to a
2548 BITNET_RELAY, a SMART_HOST, or
2549 whatever). This can reasonably be
2550 "uucp-new" if you are on a
2551 UUCP-connected site.
2552confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits?
2553confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling
2554confALIAS_WAIT AliasWait [10m] Time to wait for alias file
2555 rebuild until you get bored and
2556 decide that the apparently pending
2557 rebuild failed.
2558confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on
2559 queue filesystem to accept SMTP mail.
2560 (Prior to 8.7 this was minfree/maxsize,
2561 where minfree was the number of free
2562 blocks and maxsize was the maximum
2563 message size. Use confMAX_MESSAGE_SIZE
2564 for the second value now.)
2565confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages
2566 that will be accepted (in bytes).
2567confBLANK_SUB BlankSub [.] Blank (space) substitution
2568 character.
2569confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately
2570 to mailers marked expensive.
2571confCHECKPOINT_INTERVAL CheckpointInterval
2572 [10] Checkpoint queue files every N
2573 recipients.
2574confDELIVERY_MODE DeliveryMode [background] Default delivery mode.
2575confAUTO_REBUILD AutoRebuildAliases
2576 [False] Automatically rebuild alias
2577 file if needed.
2578 There is a potential for a denial
2579 of service attack if this is set.
2580 This option is deprecated and will
2581 be removed from a future version.
2582confERROR_MODE ErrorMode [print] Error message mode.
2583confERROR_MESSAGE ErrorHeader [undefined] Error message header/file.
2584confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines.
2585confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode.
2586confMATCH_GECOS MatchGECOS [False] Match GECOS field.
2587confMAX_HOP MaxHopCount [25] Maximum hop count.
2588confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd
2589 mode] Ignore dot as terminator for
2590 incoming messages?
2591confBIND_OPTS ResolverOptions [undefined] Default options for DNS
2592 resolver.
2593confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME-
2594 encapsulated messages per RFC 1344.
2595confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward]
2596 The colon-separated list of places to
2597 search for .forward files. N.B.: see
2598 the Security Notes section.
2599confMCI_CACHE_SIZE ConnectionCacheSize
2600 [2] Size of open connection cache.
2601confMCI_CACHE_TIMEOUT ConnectionCacheTimeout
2602 [5m] Open connection cache timeout.
2603confHOST_STATUS_DIRECTORY HostStatusDirectory
2604 [undefined] If set, host status is kept
2605 on disk between sendmail runs in the
2606 named directory tree. This need not be
2607 a full pathname, in which case it is
2608 interpreted relative to the queue
2609 directory.
2610confSINGLE_THREAD_DELIVERY SingleThreadDelivery
2611 [False] If this option and the
2612 HostStatusDirectory option are both
2613 set, single thread deliveries to other
2614 hosts. That is, don't allow any two
2615 sendmails on this host to connect
2616 simultaneously to any other single
2617 host. This can slow down delivery in
2618 some cases, in particular since a
2619 cached but otherwise idle connection
2620 to a host will prevent other sendmails
2621 from connecting to the other host.
2622confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to
2623 deliver error messages. This should
2624 not be necessary because of general
2625 acceptance of the envelope/header
2626 distinction.
2627confLOG_LEVEL LogLevel [9] Log level.
2628confME_TOO MeToo [True] Include sender in group
2629 expansions. This option is
2630 deprecated and will be removed from
2631 a future version.
2632confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when
2633 running newaliases. Since this does
2634 DNS lookups on every address, it can
2635 slow down the alias rebuild process
2636 considerably on large alias files.
2637confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without
2638 special chars are old style.
2639confCLIENT_OPTIONS ClientPortOptions
2640 [none] Options for outgoing SMTP client
2641 connections.
2642confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags.
2643confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional
2644 copies of all error messages.
2645confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function.
2646confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr
2647 syntax addresses to the minimum
2648 possible.
2649confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk
2650 before forking.
2651confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response
2652 on the initial connect.
2653confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial
2654 connect() to complete. This can only
2655 shorten connection timeouts; the kernel
2656 silently enforces an absolute maximum
2657 (which varies depending on the system).
2658confTO_ICONNECT Timeout.iconnect
2659 [undefined] Like Timeout.connect, but
2660 applies only to the very first attempt
2661 to connect to a host in a message.
2662 This allows a single very fast pass
2663 followed by more careful delivery
2664 attempts in the future.
2665confTO_HELO Timeout.helo [5m] The timeout waiting for a response
2666 to a HELO or EHLO command.
2667confTO_MAIL Timeout.mail [10m] The timeout waiting for a
2668 response to the MAIL command.
2669confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response
2670 to the RCPT command.
2671confTO_DATAINIT Timeout.datainit
2672 [5m] The timeout waiting for a 354
2673 response from the DATA command.
2674confTO_DATABLOCK Timeout.datablock
2675 [1h] The timeout waiting for a block
2676 during DATA phase.
2677confTO_DATAFINAL Timeout.datafinal
2678 [1h] The timeout waiting for a response
2679 to the final "." that terminates a
2680 message.
2681confTO_RSET Timeout.rset [5m] The timeout waiting for a response
2682 to the RSET command.
2683confTO_QUIT Timeout.quit [2m] The timeout waiting for a response
2684 to the QUIT command.
2685confTO_MISC Timeout.misc [2m] The timeout waiting for a response
2686 to other SMTP commands.
2687confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout
2688 waiting for a command to be issued.
2689confTO_IDENT Timeout.ident [5s] The timeout waiting for a
2690 response to an IDENT query.
2691confTO_FILEOPEN Timeout.fileopen
2692 [60s] The timeout waiting for a file
2693 (e.g., :include: file) to be opened.
2694confTO_CONTROL Timeout.control
2695 [2m] The timeout for a complete
2696 control socket transaction to complete.
2697confTO_QUEUERETURN Timeout.queuereturn
2698 [5d] The timeout before a message is
2699 returned as undeliverable.
2700confTO_QUEUERETURN_NORMAL
2701 Timeout.queuereturn.normal
2702 [undefined] As above, for normal
2703 priority messages.
2704confTO_QUEUERETURN_URGENT
2705 Timeout.queuereturn.urgent
2706 [undefined] As above, for urgent
2707 priority messages.
2708confTO_QUEUERETURN_NONURGENT
2709 Timeout.queuereturn.non-urgent
2710 [undefined] As above, for non-urgent
2711 (low) priority messages.
2712confTO_QUEUEWARN Timeout.queuewarn
2713 [4h] The timeout before a warning
2714 message is sent to the sender telling
2715 them that the message has been
2716 deferred.
2717confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal
2718 [undefined] As above, for normal
2719 priority messages.
2720confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent
2721 [undefined] As above, for urgent
2722 priority messages.
2723confTO_QUEUEWARN_NONURGENT
2724 Timeout.queuewarn.non-urgent
2725 [undefined] As above, for non-urgent
2726 (low) priority messages.
2727confTO_HOSTSTATUS Timeout.hoststatus
2728 [30m] How long information about host
2729 statuses will be maintained before it
2730 is considered stale and the host should
2731 be retried. This applies both within
2732 a single queue run and to persistent
2733 information (see below).
2734confTO_RESOLVER_RETRANS Timeout.resolver.retrans
2735 [varies] Sets the resolver's
2736 retransmition time interval (in
2737 seconds). Sets both
2738 Timeout.resolver.retrans.first and
2739 Timeout.resolver.retrans.normal.
2740confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first
2741 [varies] Sets the resolver's
2742 retransmition time interval (in
2743 seconds) for the first attempt to
2744 deliver a message.
2745confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal
2746 [varies] Sets the resolver's
2747 retransmition time interval (in
2748 seconds) for all resolver lookups
2749 except the first delivery attempt.
2750confTO_RESOLVER_RETRY Timeout.resolver.retry
2751 [varies] Sets the number of times
2752 to retransmit a resolver query.
2753 Sets both
2754 Timeout.resolver.retry.first and
2755 Timeout.resolver.retry.normal.
2756confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first
2757 [varies] Sets the number of times
2758 to retransmit a resolver query for
2759 the first attempt to deliver a
2760 message.
2761confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal
2762 [varies] Sets the number of times
2763 to retransmit a resolver query for
2764 all resolver lookups except the
2765 first delivery attempt.
2766confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be
2767 USE_SYSTEM to use the system's idea,
2768 USE_TZ to use the user's TZ envariable,
2769 or something else to force that value.
2770confDEF_USER_ID DefaultUser [1:1] Default user id.
2771confUSERDB_SPEC UserDatabaseSpec
2772 [undefined] User database
2773 specification.
2774confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
2775confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
2776 for a host and other arrangements
2777 haven't been made, try connecting
2778 to the host directly; normally this
2779 would be a config error.
2780confQUEUE_LA QueueLA [varies] Load average at which
2781 queue-only function kicks in.
2782 Default values is (8 * numproc)
2783 where numproc is the number of
2784 processors online (if that can be
2785 determined).
2786confREFUSE_LA RefuseLA [varies] Load average at which
2787 incoming SMTP connections are
2788 refused. Default values is (12 *
2789 numproc) where numproc is the
2790 number of processors online (if
2791 that can be determined).
2792confMAX_ALIAS_RECURSION MaxAliasRecursion
2793 [10] Maximum depth of alias recursion.
2794confMAX_DAEMON_CHILDREN MaxDaemonChildren
2795 [undefined] The maximum number of
2796 children the daemon will permit. After
2797 this number, connections will be
2798 rejected. If not set or <= 0, there is
2799 no limit.
2800confMAX_HEADERS_LENGTH MaxHeadersLength
2801 [32768] Maximum length of the sum
2802 of all headers.
2803confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength
2804 [undefined] Maximum length of
2805 certain MIME header field values.
2806confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
2807 [undefined] The maximum number of
2808 connections permitted per second.
2809 After this many connections are
2810 accepted, further connections will be
2811 delayed. If not set or <= 0, there is
2812 no limit.
2813confWORK_RECIPIENT_FACTOR
2814 RecipientFactor [30000] Cost of each recipient.
2815confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a
2816 separate process.
2817confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class.
2818confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt.
2819confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm:
2820 Priority, Host, Filename, or Time.
2821confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job
2822 must sit in the queue between queue
2823 runs. This allows you to set the
2824 queue run interval low for better
2825 responsiveness without trying all
2826 jobs in each run.
2827confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting
2828 unlabeled 8 bit input to MIME, the
2829 character set to use by default.
2830confSERVICE_SWITCH_FILE ServiceSwitchFile
2831 [/etc/mail/service.switch] The file
2832 to use for the service switch on
2833 systems that do not have a
2834 system-defined switch.
2835confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing
2836 "file" type access of hosts names.
2837confDIAL_DELAY DialDelay [0s] If a connection fails, wait this
2838 long and try again. Zero means "don't
2839 retry". This is to allow "dial on
2840 demand" connections to have enough time
2841 to complete a connection.
2842confNO_RCPT_ACTION NoRecipientAction
2843 [none] What to do if there are no legal
2844 recipient fields (To:, Cc: or Bcc:)
2845 in the message. Legal values can
2846 be "none" to just leave the
2847 nonconforming message as is, "add-to"
2848 to add a To: header with all the
2849 known recipients (which may expose
2850 blind recipients), "add-apparently-to"
2851 to do the same but use Apparently-To:
2852 instead of To:, "add-bcc" to add an
2853 empty Bcc: header, or
2854 "add-to-undisclosed" to add the header
2855 ``To: undisclosed-recipients:;''.
2856confSAFE_FILE_ENV SafeFileEnvironment
2857 [undefined] If set, sendmail will do a
2858 chroot() into this directory before
2859 writing files.
2860confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6]
2861 If set, colons are treated as a regular
2862 character in addresses. If not set,
2863 they are treated as the introducer to
2864 the RFC 822 "group" syntax. Colons are
2865 handled properly in route-addrs. This
2866 option defaults on for V5 and lower
2867 configuration files.
2868confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of
2869 any given queue run to this number of
2870 entries. Essentially, this will stop
2871 reading each queue directory after this
2872 number of entries are reached; it does
2873 _not_ pick the highest priority jobs,
2874 so this should be as large as your
2875 system can tolerate. If not set, there
2876 is no limit.
2877confDONT_EXPAND_CNAMES DontExpandCnames
2878 [False] If set, $[ ... $] lookups that
2879 do DNS based lookups do not expand
2880 CNAME records. This currently violates
2881 the published standards, but the IETF
2882 seems to be moving toward legalizing
2883 this. For example, if "FTP.Foo.ORG"
2884 is a CNAME for "Cruft.Foo.ORG", then
2885 with this option set a lookup of
2886 "FTP" will return "FTP.Foo.ORG"; if
2887 clear it returns "Cruft.FOO.ORG". N.B.
2888 you may not see any effect until your
2889 downstream neighbors stop doing CNAME
2890 lookups as well.
2891confFROM_LINE UnixFromLine [From $g $d] The From_ line used
2892 when sending to files or programs.
2893confSINGLE_LINE_FROM_HEADER SingleLineFromHeader
2894 [False] From: lines that have
2895 embedded newlines are unwrapped
2896 onto one line.
2897confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that
2898 does not include a host name.
2899confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full
2900 name phrase (@,;:\()[] are automatic).
2901confOPERATORS OperatorChars [.:%@!^/[]+] Address operator
2902 characters.
2903confSMTP_LOGIN_MSG SmtpGreetingMessage
2904 [$j Sendmail $v/$Z; $b]
2905 The initial (spontaneous) SMTP
2906 greeting message. The word "ESMTP"
2907 will be inserted between the first and
2908 second words to convince other
2909 sendmails to try to speak ESMTP.
2910confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3)
2911 routine will never be invoked. You
2912 might want to do this if you are
2913 running NIS and you have a large group
2914 map, since this call does a sequential
2915 scan of the map; in a large site this
2916 can cause your ypserv to run
2917 essentially full time. If you set
2918 this, agents run on behalf of users
2919 will only have their primary
2920 (/etc/passwd) group permissions.
2921confUNSAFE_GROUP_WRITES UnsafeGroupWrites
2922 [False] If set, group-writable
2923 :include: and .forward files are
2924 considered "unsafe", that is, programs
2925 and files cannot be directly referenced
2926 from such files. World-writable files
2927 are always considered unsafe.
2928confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection
2929 address (for testing).
2930confCONTROL_SOCKET_NAME ControlSocketName
2931 [undefined] Control socket for daemon
2932 management.
2933confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress
2934 [postmaster] If an error occurs when
2935 sending an error message, send that
2936 "double bounce" error message to this
2937 address.
2938confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce
2939 messages which could not be returned
2940 to the user or sent to postmaster.
2941 If not set, the queue file will
2942 be renamed.
2943confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header
2944 implies DSN request.
2945confRUN_AS_USER RunAsUser [undefined] If set, become this user
2946 when reading and delivering mail.
2947 Causes all file reads (e.g., .forward
2948 and :include: files) to be done as
2949 this user. Also, all programs will
2950 be run as this user, and all output
2951 files will be written as this user.
2952 Intended for use only on firewalls
2953 where users do not have accounts.
2954confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage
2955 [infinite] If set, allow no more than
2956 the specified number of recipients in
2957 an SMTP envelope. Further recipients
2958 receive a 452 error code (i.e., they
2959 are deferred for the next delivery
2960 attempt).
2961confDONT_PROBE_INTERFACES DontProbeInterfaces
2962 [False] If set, sendmail will _not_
2963 insert the names and addresses of any
2964 local interfaces into class {w}
2965 (list of known "equivalent" addresses).
2966 If you set this, you must also include
2967 some support for these addresses (e.g.,
2968 in a mailertable entry) -- otherwise,
2969 mail to addresses in this list will
2970 bounce with a configuration error.
2971confPID_FILE PidFile [system dependent] Location of pid
2972 file.
2973confPROCESS_TITLE_PREFIX ProcessTitlePrefix
2974 [undefined] Prefix string for the
2975 process title shown on 'ps' listings.
2976confDONT_BLAME_SENDMAIL DontBlameSendmail
2977 [safe] Override sendmail's file
2978 safety checks. This will definitely
2979 compromise system security and should
2980 not be used unless absolutely
2981 necessary.
2982confREJECT_MSG - [550 Access denied] The message
2983 given if the access database contains
2984 REJECT in the value portion.
2985confDF_BUFFER_SIZE DataFileBufferSize
2986 [4096] The maximum size of a
2987 memory-buffered data (df) file
2988 before a disk-based file is used.
2989confXF_BUFFER_SIZE XScriptFileBufferSize
2990 [4096] The maximum size of a
2991 memory-buffered transcript (xf)
2992 file before a disk-based file is
2993 used.
2994confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5
2995 CRAM-MD5] List of authentication
2996 mechanisms for AUTH (separated by
2997 spaces). The advertised list of
2998 authentication mechanisms will be the
2999 intersection of this list and the list
3000 of available mechanisms as determined
3001 by the CYRUS SASL library.
3002confDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains
3003 authentication information for
3004 outgoing connections. This file
3005 must contain the user id, the
3006 authorization id, the password
3007 (plain text), and the realm to use,
3008 each on a separate line and must be
3009 readable by root (or the trusted
3010 user) only. If no realm is
3011 specified, $j is used.
3012
3013 NOTE: Currently, AuthMechanisms is
3014 used to determine the list of
3015 mechanisms to use on an outgoing
3016 connection. Sites which require a
3017 different list of mechanisms for
3018 incoming connections and outgoing
3019 connections will have the ability
3020 to do this in 8.11 by specifying a
3021 list of mechanisms as the fifth
3022 line of the DefaultAuthInfo file.
3023 If no mechanisms are given in the
3024 file, AuthMechanisms is used. The
3025 code for doing so is included as
3026 in the sendmail source code but
3027 disabled. It can be enabled by
3028 recompiling sendmail with:
3029 -D_FFR_DEFAUTHINFO_MECHS
3030confAUTH_OPTIONS AuthOptions [undefined] If this options is 'A'
3031 then the AUTH= parameter for the
3032 MAIL FROM command is only issued
3033 when authentication succeeded.
3034confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map
3035 specification for LDAP maps. The
3036 value should only contain LDAP
3037 specific settings such as "-h host
3038 -p port -d bindDN", etc. The
3039 settings will be used for all LDAP
3040 maps unless they are specified in
3041 the individual map specification
3042 ('K' command).
3043confCACERT_PATH CACERTPath [undefined] Path to directory
3044 with certs of CAs.
3045confCACERT CACERTFile [undefined] File containing one CA
3046 cert.
3047confSERVER_CERT ServerCertFile [undefined] File containing the
3048 cert of the server, i.e., this cert
3049 is used when sendmail acts as
3050 server.
3051confSERVER_KEY ServerKeyFile [undefined] File containing the
3052 private key belonging to the server
3053 cert.
3054confCLIENT_CERT ClientCertFile [undefined] File containing the
3055 cert of the client, i.e., this cert
3056 is used when sendmail acts as
3057 client.
3058confCLIENT_KEY ClientKeyFile [undefined] File containing the
3059 private key belonging to the client
3060 cert.
3061confDH_PARAMETERS DHParameters [undefined] File containing the
3062 DH parameters.
3063confRAND_FILE RandFile [undefined] File containing random
3064 data (use prefix file:) or the
3065 name of the UNIX socket if EGD is
3066 used (use prefix egd:). STARTTLS
3067 requires this option if the compile
3068 flag HASURANDOM is not set (see
3069 sendmail/README).
3070
3071See also the description of OSTYPE for some parameters that can be
3072tweaked (generally pathnames to mailers).
3073
3074DaemonPortOptions are a special case since multiple daemons can be
3075defined. This can be done via
3076
3077 DAEMON_OPTIONS(`field1=value1,field2=value2,...')
3078
3079If DAEMON_OPTIONS is not used, then the default is
3080
3081 DAEMON_OPTIONS(`Port=smtp, Name=MTA')
3082 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E')
3083
3084If you use one DAEMON_OPTIONS macro, it will alter the parameters
3085of the first of these. The second will still be defaulted; it
3086represents a "Message Submission Agent" (MSA) as defined by RFC
30872476 (see below). To turn off the default definition for the MSA,
3088use FEATURE(`no_default_msa') (see also FEATURES). If you use
3089additional DAEMON_OPTIONS macros, they will add additional daemons.
3090
3091Example 1: To change the port for the SMTP listener, while
3092still using the MSA default, use
3093 DAEMON_OPTIONS(`Port=925, Name=MTA')
3094
3095Example 2: To change the port for the MSA daemon, while still
3096using the default SMTP port, use
3097 FEATURE(`no_default_msa')
3098 DAEMON_OPTIONS(`Name=MTA')
3099 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E')
3100
3101Note that if the first of those DAEMON_OPTIONS lines were omitted, then
3102there would be no listener on the standard SMTP port.
3103
3104Example 3: To listen on both IPv4 and IPv6 interfaces, use
3105
3106 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet')
3107 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6')
3108
3109A "Message Submission Agent" still uses all of the same rulesets for
3110processing the message (and therefore still allows message rejection via
3111the check_* rulesets). In accordance with the RFC, the MSA will ensure
3112that all domains in the envelope are fully qualified if the message is
3113relayed to another MTA. It will also enforce the normal address syntax
3114rules and log error messages. Additionally, by using the M=a modifier
3115you can require authentication before messages are accepted by the MSA.
3116Finally, the M=E modifier shown above disables ETRN as required by RFC
31172476.
3118
3119
3120+-----------+
3121| HIERARCHY |
3122+-----------+
3123
3124Within this directory are several subdirectories, to wit:
3125
3126m4 General support routines. These are typically
3127 very important and should not be changed without
3128 very careful consideration.
3129
3130cf The configuration files themselves. They have
3131 ".mc" suffixes, and must be run through m4 to
3132 become complete. The resulting output should
3133 have a ".cf" suffix.
3134
3135ostype Definitions describing a particular operating
3136 system type. These should always be referenced
3137 using the OSTYPE macro in the .mc file. Examples
3138 include "bsd4.3", "bsd4.4", "sunos3.5", and
3139 "sunos4.1".
3140
3141domain Definitions describing a particular domain, referenced
3142 using the DOMAIN macro in the .mc file. These are
3143 site dependent; for example, "CS.Berkeley.EDU.m4"
3144 describes hosts in the CS.Berkeley.EDU subdomain.
3145
3146mailer Descriptions of mailers. These are referenced using
3147 the MAILER macro in the .mc file.
3148
3149sh Shell files used when building the .cf file from the
3150 .mc file in the cf subdirectory.
3151
3152feature These hold special orthogonal features that you might
3153 want to include. They should be referenced using
3154 the FEATURE macro.
3155
3156hack Local hacks. These can be referenced using the HACK
3157 macro. They shouldn't be of more than voyeuristic
3158 interest outside the .Berkeley.EDU domain, but who knows?
3159
3160siteconfig Site configuration -- e.g., tables of locally connected
3161 UUCP sites.
3162
3163
3164+------------------------+
3165| ADMINISTRATIVE DETAILS |
3166+------------------------+
3167
3168The following sections detail usage of certain internal parts of the
3169sendmail.cf file. Read them carefully if you are trying to modify
3170the current model. If you find the above descriptions adequate, these
3171should be {boring, confusing, tedious, ridiculous} (pick one or more).
3172
3173RULESETS (* means built in to sendmail)
3174
3175 0 * Parsing
3176 1 * Sender rewriting
3177 2 * Recipient rewriting
3178 3 * Canonicalization
3179 4 * Post cleanup
3180 5 * Local address rewrite (after aliasing)
3181 1x mailer rules (sender qualification)
3182 2x mailer rules (recipient qualification)
3183 3x mailer rules (sender header qualification)
3184 4x mailer rules (recipient header qualification)
3185 5x mailer subroutines (general)
3186 6x mailer subroutines (general)
3187 7x mailer subroutines (general)
3188 8x reserved
3189 90 Mailertable host stripping
3190 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail)
3191 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail)
3192 98 Local part of ruleset 0 (ruleset 8 in old sendmail)
3193 99 Guaranteed null (for debugging)
3194
3195
3196MAILERS
3197
3198 0 local, prog local and program mailers
3199 1 [e]smtp, relay SMTP channel
3200 2 uucp-* UNIX-to-UNIX Copy Program
3201 3 netnews Network News delivery
3202 4 fax Sam Leffler's HylaFAX software
3203 5 mail11 DECnet mailer
3204
3205
3206MACROS
3207
3208 A
3209 B Bitnet Relay
3210 C DECnet Relay
3211 D The local domain -- usually not needed
3212 E reserved for X.400 Relay
3213 F FAX Relay
3214 G
3215 H mail Hub (for mail clusters)
3216 I
3217 J
3218 K
3219 L Luser Relay
3220 M Masquerade (who you claim to be)
3221 N
3222 O
3223 P
3224 Q
3225 R Relay (for unqualified names)
3226 S Smart Host
3227 T
3228 U my UUCP name (if you have a UUCP connection)
3229 V UUCP Relay (class {V} hosts)
3230 W UUCP Relay (class {W} hosts)
3231 X UUCP Relay (class {X} hosts)
3232 Y UUCP Relay (all other hosts)
3233 Z Version number
3234
3235
3236CLASSES
3237
3238 A
3239 B domains that are candidates for bestmx lookup
3240 C
3241 D
3242 E addresses that should not seem to come from $M
3243 F hosts this system forward for
3244 G domains that should be looked up in genericstable
3245 H
3246 I
3247 J
3248 K
3249 L addresses that should not be forwarded to $R
3250 M domains that should be mapped to $M
3251 N host/domains that should not be mapped to $M
3252 O operators that indicate network operations (cannot be in local names)
3253 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc.
3254 Q
3255 R domains this system is willing to relay (pass anti-spam filters)
3256 S
3257 T
3258 U locally connected UUCP hosts
3259 V UUCP hosts connected to relay $V
3260 W UUCP hosts connected to relay $W
3261 X UUCP hosts connected to relay $X
3262 Y locally connected smart UUCP hosts
3263 Z locally connected domain-ized UUCP hosts
3264 . the class containing only a dot
3265 [ the class containing only a left bracket
3266
3267
3268M4 DIVERSIONS
3269
3270 1 Local host detection and resolution
3271 2 Local Ruleset 3 additions
3272 3 Local Ruleset 0 additions
3273 4 UUCP Ruleset 0 additions
3274 5 locally interpreted names (overrides $R)
3275 6 local configuration (at top of file)
3276 7 mailer definitions
3277 8 DNS based blacklists
3278 9 special local rulesets (1 and 2)
3279
3280$Revision: 8.383.2.1.2.42 $, Last updated $Date: 2001/02/15 23:40:10 $