190792Sgshapiro# 2223067Sgshapiro# Copyright (c) 1998-2004, 2009, 2010 Sendmail, Inc. and its suppliers. 390792Sgshapiro# All rights reserved. 490792Sgshapiro# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. 590792Sgshapiro# Copyright (c) 1988, 1993 690792Sgshapiro# The Regents of the University of California. All rights reserved. 790792Sgshapiro# 890792Sgshapiro# By using this file, you agree to the terms and conditions set 990792Sgshapiro# forth in the LICENSE file which can be found at the top level of 1090792Sgshapiro# the sendmail distribution. 1190792Sgshapiro# 1290792Sgshapiro# 1390792Sgshapiro 1490792Sgshapiro###################################################################### 1590792Sgshapiro###################################################################### 1690792Sgshapiro##### 1790792Sgshapiro##### SENDMAIL CONFIGURATION FILE 1890792Sgshapiro##### 19249729Sgshapiro##### built by ca@wiz.smi.sendmail.com on Fri Apr 19 08:04:44 PDT 2013 20249729Sgshapiro##### in /extra/home/ca/sm-8.14.7/OpenSource/sendmail-8.14.7/cf/cf 21132943Sgshapiro##### using ../ as configuration include directory 2290792Sgshapiro##### 2390792Sgshapiro###################################################################### 2490792Sgshapiro##### 2590792Sgshapiro##### DO NOT EDIT THIS FILE! Only edit the source .mc file. 2690792Sgshapiro##### 2790792Sgshapiro###################################################################### 2890792Sgshapiro###################################################################### 2990792Sgshapiro 30223067Sgshapiro##### $Id: cfhead.m4,v 8.121 2010/01/07 18:20:19 ca Exp $ ##### 3198121Sgshapiro##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ ##### 32159609Sgshapiro##### $Id: submit.mc,v 8.14 2006/04/05 05:54:41 ca Exp $ ##### 33132943Sgshapiro##### $Id: msp.m4,v 1.33 2004/02/09 22:32:38 ca Exp $ ##### 3490792Sgshapiro 3598121Sgshapiro##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ ##### 3690792Sgshapiro 3790792Sgshapiro 38244833Sgshapiro##### $Id: proto.m4,v 8.760 2012/09/07 16:30:15 ca Exp $ ##### 3990792Sgshapiro 4090792Sgshapiro# level 10 config file format 4190792SgshapiroV10/Berkeley 4290792Sgshapiro 4390792Sgshapiro# override file safeties - setting this option compromises system security, 4490792Sgshapiro# addressing the actual file configuration problem is preferred 4590792Sgshapiro# need to set this before any file actions are encountered in the cf file 4690792Sgshapiro#O DontBlameSendmail=safe 4790792Sgshapiro 4890792Sgshapiro# default LDAP map specification 4990792Sgshapiro# need to set this now before any LDAP maps are defined 5090792Sgshapiro#O LDAPDefaultSpec=-h localhost 5190792Sgshapiro 5290792Sgshapiro################## 5390792Sgshapiro# local info # 5490792Sgshapiro################## 5590792Sgshapiro 5690792Sgshapiro# my LDAP cluster 5790792Sgshapiro# need to set this before any LDAP lookups are done (including classes) 5890792Sgshapiro#D{sendmailMTACluster}$m 5990792Sgshapiro 6090792SgshapiroCwlocalhost 6190792Sgshapiro 6290792Sgshapiro# my official domain name 6390792Sgshapiro# ... define this only if sendmail cannot automatically determine your domain 6490792Sgshapiro#Dj$w.Foo.COM 6590792Sgshapiro 66125820Sgshapiro# host/domain names ending with a token in class P are canonical 6790792SgshapiroCP. 6890792Sgshapiro 6990792Sgshapiro# "Smart" relay host (may be null) 7090792SgshapiroDS 7190792Sgshapiro 7290792Sgshapiro 7390792Sgshapiro# operators that cannot be in local usernames (i.e., network indicators) 7490792SgshapiroCO @ % ! 7590792Sgshapiro 7690792Sgshapiro# a class with just dot (for identifying canonical names) 7790792SgshapiroC.. 7890792Sgshapiro 7990792Sgshapiro# a class with just a left bracket (for identifying domain literals) 8090792SgshapiroC[[ 8190792Sgshapiro 8290792Sgshapiro 8390792Sgshapiro# Resolve map (to check if a host exists in check_mail) 8490792SgshapiroKresolve host -a<OKR> -T<TEMP> 8590792SgshapiroC{ResOk}OKR 8690792Sgshapiro 8790792Sgshapiro 8890792Sgshapiro# Hosts for which relaying is permitted ($=R) 8990792SgshapiroFR-o /etc/mail/relay-domains 9090792Sgshapiro 9190792Sgshapiro# arithmetic map 9290792SgshapiroKarith arith 9390792Sgshapiro 9490792Sgshapiro 9590792Sgshapiro 9690792Sgshapiro 9790792Sgshapiro 9890792Sgshapiro# dequoting map 9990792SgshapiroKdequote dequote 10090792Sgshapiro 10190792Sgshapiro# class E: names that should be exposed as from this host, even if we masquerade 10290792Sgshapiro# class L: names that should be delivered locally, even if we have a relay 10390792Sgshapiro# class M: domains that should be converted to $M 10490792Sgshapiro# class N: domains that should not be converted to $M 10590792Sgshapiro#CL root 10690792Sgshapiro 10790792Sgshapiro 10890792Sgshapiro 10990792Sgshapiro# my name for error messages 11090792SgshapiroDnMAILER-DAEMON 11190792Sgshapiro 11290792Sgshapiro 113110560SgshapiroD{MTAHost}[127.0.0.1] 11490792Sgshapiro 11590792Sgshapiro 11690792Sgshapiro# Configuration version number 117249729SgshapiroDZ8.14.7/Submit 11890792Sgshapiro 11990792Sgshapiro 12090792Sgshapiro############### 12190792Sgshapiro# Options # 12290792Sgshapiro############### 12390792Sgshapiro 12490792Sgshapiro# strip message body to 7 bits on input? 12590792SgshapiroO SevenBitInput=False 12690792Sgshapiro 12790792Sgshapiro# 8-bit data handling 12890792Sgshapiro#O EightBitMode=pass8 12990792Sgshapiro 13090792Sgshapiro# wait for alias file rebuild (default units: minutes) 13190792SgshapiroO AliasWait=10 13290792Sgshapiro 13390792Sgshapiro# location of alias file 13494334Sgshapiro#O AliasFile=/etc/mail/aliases 13590792Sgshapiro 13690792Sgshapiro# minimum number of free blocks on filesystem 13790792SgshapiroO MinFreeBlocks=100 13890792Sgshapiro 13990792Sgshapiro# maximum message size 140132943Sgshapiro#O MaxMessageSize=0 14190792Sgshapiro 14290792Sgshapiro# substitution for space (blank) characters 14390792SgshapiroO BlankSub=. 14490792Sgshapiro 14590792Sgshapiro# avoid connecting to "expensive" mailers on initial submission? 14690792SgshapiroO HoldExpensive=False 14790792Sgshapiro 14890792Sgshapiro# checkpoint queue runs after every N successful deliveries 14990792Sgshapiro#O CheckpointInterval=10 15090792Sgshapiro 15190792Sgshapiro# default delivery mode 15290792SgshapiroO DeliveryMode=i 15390792Sgshapiro 15490792Sgshapiro# error message header/file 15590792Sgshapiro#O ErrorHeader=/etc/mail/error-header 15690792Sgshapiro 15790792Sgshapiro# error mode 15890792Sgshapiro#O ErrorMode=print 15990792Sgshapiro 16090792Sgshapiro# save Unix-style "From_" lines at top of header? 16190792Sgshapiro#O SaveFromLine=False 16290792Sgshapiro 16390792Sgshapiro# queue file mode (qf files) 16490792SgshapiroO QueueFileMode=0660 16590792Sgshapiro 16690792Sgshapiro# temporary file mode 16790792SgshapiroO TempFileMode=0600 16890792Sgshapiro 16990792Sgshapiro# match recipients against GECOS field? 17090792Sgshapiro#O MatchGECOS=False 17190792Sgshapiro 17290792Sgshapiro# maximum hop count 17390792Sgshapiro#O MaxHopCount=25 17490792Sgshapiro 17590792Sgshapiro# location of help file 17690792SgshapiroO HelpFile=/etc/mail/helpfile 17790792Sgshapiro 17890792Sgshapiro# ignore dots as terminators in incoming messages? 17990792Sgshapiro#O IgnoreDots=False 18090792Sgshapiro 18190792Sgshapiro# name resolver options 18290792Sgshapiro#O ResolverOptions=+AAONLY 18390792Sgshapiro 18490792Sgshapiro# deliver MIME-encapsulated error messages? 18590792SgshapiroO SendMimeErrors=True 18690792Sgshapiro 18790792Sgshapiro# Forward file search path 18890792SgshapiroO ForwardPath 18990792Sgshapiro 19090792Sgshapiro# open connection cache size 19190792SgshapiroO ConnectionCacheSize=2 19290792Sgshapiro 19390792Sgshapiro# open connection cache timeout 19490792SgshapiroO ConnectionCacheTimeout=5m 19590792Sgshapiro 19690792Sgshapiro# persistent host status directory 19790792Sgshapiro#O HostStatusDirectory=.hoststat 19890792Sgshapiro 19990792Sgshapiro# single thread deliveries (requires HostStatusDirectory)? 20090792Sgshapiro#O SingleThreadDelivery=False 20190792Sgshapiro 20290792Sgshapiro# use Errors-To: header? 20390792SgshapiroO UseErrorsTo=False 20490792Sgshapiro 20590792Sgshapiro# log level 20690792SgshapiroO LogLevel=9 20790792Sgshapiro 20890792Sgshapiro# send to me too, even in an alias expansion? 20990792Sgshapiro#O MeToo=True 21090792Sgshapiro 21190792Sgshapiro# verify RHS in newaliases? 21290792SgshapiroO CheckAliases=False 21390792Sgshapiro 21490792Sgshapiro# default messages to old style headers if no special punctuation? 21590792SgshapiroO OldStyleHeaders=True 21690792Sgshapiro 21790792Sgshapiro# SMTP daemon options 21890792Sgshapiro 21990792SgshapiroO DaemonPortOptions=Name=NoMTA, Addr=127.0.0.1, M=E 22090792Sgshapiro 22190792Sgshapiro# SMTP client options 22290792Sgshapiro#O ClientPortOptions=Family=inet, Address=0.0.0.0 22390792Sgshapiro 22490792Sgshapiro# Modifiers to define {daemon_flags} for direct submissions 22590792Sgshapiro#O DirectSubmissionModifiers 22690792Sgshapiro 22790792Sgshapiro# Use as mail submission program? See sendmail/SECURITY 22890792SgshapiroO UseMSP=True 22990792Sgshapiro 23090792Sgshapiro# privacy flags 23190792SgshapiroO PrivacyOptions=goaway,noetrn,restrictqrun 23290792Sgshapiro 23390792Sgshapiro# who (if anyone) should get extra copies of error messages 23490792Sgshapiro#O PostmasterCopy=Postmaster 23590792Sgshapiro 23690792Sgshapiro# slope of queue-only function 23790792Sgshapiro#O QueueFactor=600000 23890792Sgshapiro 23990792Sgshapiro# limit on number of concurrent queue runners 24090792Sgshapiro#O MaxQueueChildren 24190792Sgshapiro 24290792Sgshapiro# maximum number of queue-runners per queue-grouping with multiple queues 24390792Sgshapiro#O MaxRunnersPerQueue=1 24490792Sgshapiro 24590792Sgshapiro# priority of queue runners (nice(3)) 24690792Sgshapiro#O NiceQueueRun 24790792Sgshapiro 24890792Sgshapiro# shall we sort the queue by hostname first? 24990792Sgshapiro#O QueueSortOrder=priority 25090792Sgshapiro 25190792Sgshapiro# minimum time in queue before retry 25290792Sgshapiro#O MinQueueAge=30m 25390792Sgshapiro 25490792Sgshapiro# how many jobs can you process in the queue? 255157001Sgshapiro#O MaxQueueRunSize=0 25690792Sgshapiro 25790792Sgshapiro# perform initial split of envelope without checking MX records 25890792Sgshapiro#O FastSplit=1 25990792Sgshapiro 26090792Sgshapiro# queue directory 26190792SgshapiroO QueueDirectory=/var/spool/clientmqueue 26290792Sgshapiro 263168515Sgshapiro# key for shared memory; 0 to turn off, -1 to auto-select 26490792Sgshapiro#O SharedMemoryKey=0 26590792Sgshapiro 266168515Sgshapiro# file to store auto-selected key for shared memory (SharedMemoryKey = -1) 267168515Sgshapiro#O SharedMemoryKeyFile 26894334Sgshapiro 26990792Sgshapiro# timeouts (many of these) 27090792Sgshapiro#O Timeout.initial=5m 27190792Sgshapiro#O Timeout.connect=5m 27290792Sgshapiro#O Timeout.aconnect=0s 27390792Sgshapiro#O Timeout.iconnect=5m 27490792Sgshapiro#O Timeout.helo=5m 27590792Sgshapiro#O Timeout.mail=10m 27690792Sgshapiro#O Timeout.rcpt=1h 27790792Sgshapiro#O Timeout.datainit=5m 27890792Sgshapiro#O Timeout.datablock=1h 27990792Sgshapiro#O Timeout.datafinal=1h 28090792Sgshapiro#O Timeout.rset=5m 28190792Sgshapiro#O Timeout.quit=2m 28290792Sgshapiro#O Timeout.misc=2m 28390792Sgshapiro#O Timeout.command=1h 284132943Sgshapiro#O Timeout.ident=5s 28590792Sgshapiro#O Timeout.fileopen=60s 28690792Sgshapiro#O Timeout.control=2m 28790792SgshapiroO Timeout.queuereturn=5d 28890792Sgshapiro#O Timeout.queuereturn.normal=5d 28990792Sgshapiro#O Timeout.queuereturn.urgent=2d 29090792Sgshapiro#O Timeout.queuereturn.non-urgent=7d 291132943Sgshapiro#O Timeout.queuereturn.dsn=5d 29290792SgshapiroO Timeout.queuewarn=4h 29390792Sgshapiro#O Timeout.queuewarn.normal=4h 29490792Sgshapiro#O Timeout.queuewarn.urgent=1h 29590792Sgshapiro#O Timeout.queuewarn.non-urgent=12h 296132943Sgshapiro#O Timeout.queuewarn.dsn=4h 29790792Sgshapiro#O Timeout.hoststatus=30m 29890792Sgshapiro#O Timeout.resolver.retrans=5s 29990792Sgshapiro#O Timeout.resolver.retrans.first=5s 30090792Sgshapiro#O Timeout.resolver.retrans.normal=5s 30190792Sgshapiro#O Timeout.resolver.retry=4 30290792Sgshapiro#O Timeout.resolver.retry.first=4 30390792Sgshapiro#O Timeout.resolver.retry.normal=4 30490792Sgshapiro#O Timeout.lhlo=2m 30590792Sgshapiro#O Timeout.auth=10m 30690792Sgshapiro#O Timeout.starttls=1h 30790792Sgshapiro 30890792Sgshapiro# time for DeliverBy; extension disabled if less than 0 30990792Sgshapiro#O DeliverByMin=0 31090792Sgshapiro 31190792Sgshapiro# should we not prune routes in route-addr syntax addresses? 31290792Sgshapiro#O DontPruneRoutes=False 31390792Sgshapiro 31490792Sgshapiro# queue up everything before forking? 31590792SgshapiroO SuperSafe=True 31690792Sgshapiro 31790792Sgshapiro# status file 31890792SgshapiroO StatusFile=/var/spool/clientmqueue/sm-client.st 31990792Sgshapiro 32090792Sgshapiro# time zone handling: 32190792Sgshapiro# if undefined, use system default 32290792Sgshapiro# if defined but null, use TZ envariable passed in 32390792Sgshapiro# if defined and non-null, use that info 32494334SgshapiroO TimeZoneSpec= 32590792Sgshapiro 32690792Sgshapiro# default UID (can be username or userid:groupid) 32790792Sgshapiro#O DefaultUser=mailnull 32890792Sgshapiro 32990792Sgshapiro# list of locations of user database file (null means no lookup) 33090792Sgshapiro#O UserDatabaseSpec=/etc/mail/userdb 33190792Sgshapiro 33290792Sgshapiro# fallback MX host 33390792Sgshapiro#O FallbackMXhost=fall.back.host.net 33490792Sgshapiro 335132943Sgshapiro# fallback smart host 336132943Sgshapiro#O FallbackSmartHost=fall.back.host.net 337132943Sgshapiro 33890792Sgshapiro# if we are the best MX host for a site, try it directly instead of config err 33990792Sgshapiro#O TryNullMXList=False 34090792Sgshapiro 34190792Sgshapiro# load average at which we just queue messages 34290792Sgshapiro#O QueueLA=8 34390792Sgshapiro 34490792Sgshapiro# load average at which we refuse connections 34590792Sgshapiro#O RefuseLA=12 34690792Sgshapiro 347132943Sgshapiro# log interval when refusing connections for this long 348132943Sgshapiro#O RejectLogInterval=3h 349132943Sgshapiro 35090792Sgshapiro# load average at which we delay connections; 0 means no limit 35190792Sgshapiro#O DelayLA=0 35290792Sgshapiro 35390792Sgshapiro# maximum number of children we allow at one time 35498841Sgshapiro#O MaxDaemonChildren=0 35590792Sgshapiro 35690792Sgshapiro# maximum number of new connections per second 35790792Sgshapiro#O ConnectionRateThrottle=0 35890792Sgshapiro 359132943Sgshapiro# Width of the window 360132943Sgshapiro#O ConnectionRateWindowSize=60s 361132943Sgshapiro 36290792Sgshapiro# work recipient factor 36390792Sgshapiro#O RecipientFactor=30000 36490792Sgshapiro 36590792Sgshapiro# deliver each queued job in a separate process? 36690792Sgshapiro#O ForkEachJob=False 36790792Sgshapiro 36890792Sgshapiro# work class factor 36990792Sgshapiro#O ClassFactor=1800 37090792Sgshapiro 37190792Sgshapiro# work time factor 37290792Sgshapiro#O RetryFactor=90000 37390792Sgshapiro 37490792Sgshapiro# default character set 375141858Sgshapiro#O DefaultCharSet=unknown-8bit 37690792Sgshapiro 37790792Sgshapiro# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others) 37890792Sgshapiro#O ServiceSwitchFile=/etc/mail/service.switch 37990792Sgshapiro 38090792Sgshapiro# hosts file (normally /etc/hosts) 38190792Sgshapiro#O HostsFile=/etc/hosts 38290792Sgshapiro 38390792Sgshapiro# dialup line delay on connection failure 384157001Sgshapiro#O DialDelay=0s 38590792Sgshapiro 38690792Sgshapiro# action to take if there are no recipients in the message 387157001Sgshapiro#O NoRecipientAction=none 38890792Sgshapiro 38990792Sgshapiro# chrooted environment for writing to files 390157001Sgshapiro#O SafeFileEnvironment 39190792Sgshapiro 39290792Sgshapiro# are colons OK in addresses? 39390792Sgshapiro#O ColonOkInAddr=True 39490792Sgshapiro 39590792Sgshapiro# shall I avoid expanding CNAMEs (violates protocols)? 39690792Sgshapiro#O DontExpandCnames=False 39790792Sgshapiro 39890792Sgshapiro# SMTP initial login message (old $e macro) 39990792SgshapiroO SmtpGreetingMessage=$j Sendmail $v/$Z; $b 40090792Sgshapiro 40190792Sgshapiro# UNIX initial From header format (old $l macro) 40290792SgshapiroO UnixFromLine=From $g $d 40390792Sgshapiro 40490792Sgshapiro# From: lines that have embedded newlines are unwrapped onto one line 40590792Sgshapiro#O SingleLineFromHeader=False 40690792Sgshapiro 40790792Sgshapiro# Allow HELO SMTP command that does not include a host name 40890792Sgshapiro#O AllowBogusHELO=False 40990792Sgshapiro 41090792Sgshapiro# Characters to be quoted in a full name phrase (@,;:\()[] are automatic) 41190792Sgshapiro#O MustQuoteChars=. 41290792Sgshapiro 41390792Sgshapiro# delimiter (operator) characters (old $o macro) 41490792SgshapiroO OperatorChars=.:%@!^/[]+ 41590792Sgshapiro 41690792Sgshapiro# shall I avoid calling initgroups(3) because of high NIS costs? 417110560SgshapiroO DontInitGroups=True 41890792Sgshapiro 41990792Sgshapiro# are group-writable :include: and .forward files (un)trustworthy? 42090792Sgshapiro# True (the default) means they are not trustworthy. 42190792Sgshapiro#O UnsafeGroupWrites=True 42290792Sgshapiro 42390792Sgshapiro 42490792Sgshapiro# where do errors that occur when sending errors get sent? 42590792Sgshapiro#O DoubleBounceAddress=postmaster 42690792Sgshapiro 427168515Sgshapiro# issue temporary errors (4xy) instead of permanent errors (5xy)? 428168515Sgshapiro#O SoftBounce=False 429168515Sgshapiro 43090792Sgshapiro# where to save bounces if all else fails 43190792Sgshapiro#O DeadLetterDrop=/var/tmp/dead.letter 43290792Sgshapiro 43390792Sgshapiro# what user id do we assume for the majority of the processing? 43490792SgshapiroO RunAsUser=smmsp 43590792Sgshapiro 43690792Sgshapiro# maximum number of recipients per SMTP envelope 437132943Sgshapiro#O MaxRecipientsPerMessage=0 43890792Sgshapiro 43990792Sgshapiro# limit the rate recipients per SMTP envelope are accepted 44090792Sgshapiro# once the threshold number of recipients have been rejected 441132943Sgshapiro#O BadRcptThrottle=0 44290792Sgshapiro 443203004Sgshapiro 44490792Sgshapiro# shall we get local names from our installed interfaces? 44590792SgshapiroO DontProbeInterfaces=True 44690792Sgshapiro 44790792Sgshapiro# Return-Receipt-To: header implies DSN request 44890792Sgshapiro#O RrtImpliesDsn=False 44990792Sgshapiro 45090792Sgshapiro# override connection address (for testing) 45190792Sgshapiro#O ConnectOnlyTo=0.0.0.0 45290792Sgshapiro 45390792Sgshapiro# Trusted user for file ownership and starting the daemon 45490792SgshapiroO TrustedUser=smmsp 45590792Sgshapiro 45690792Sgshapiro# Control socket for daemon management 45790792Sgshapiro#O ControlSocketName=/var/spool/mqueue/.control 45890792Sgshapiro 45990792Sgshapiro# Maximum MIME header length to protect MUAs 460132943Sgshapiro#O MaxMimeHeaderLength=0/0 46190792Sgshapiro 46290792Sgshapiro# Maximum length of the sum of all headers 46390792Sgshapiro#O MaxHeadersLength=32768 46490792Sgshapiro 46590792Sgshapiro# Maximum depth of alias recursion 46690792Sgshapiro#O MaxAliasRecursion=10 46790792Sgshapiro 46890792Sgshapiro# location of pid file 46990792SgshapiroO PidFile=/var/spool/clientmqueue/sm-client.pid 47090792Sgshapiro 47190792Sgshapiro# Prefix string for the process title shown on 'ps' listings 47290792Sgshapiro#O ProcessTitlePrefix=prefix 47390792Sgshapiro 47490792Sgshapiro# Data file (df) memory-buffer file maximum size 47590792Sgshapiro#O DataFileBufferSize=4096 47690792Sgshapiro 47790792Sgshapiro# Transcript file (xf) memory-buffer file maximum size 47890792Sgshapiro#O XscriptFileBufferSize=4096 47990792Sgshapiro 48090792Sgshapiro# lookup type to find information about local mailboxes 48190792Sgshapiro#O MailboxDatabase=pw 48290792Sgshapiro 483132943Sgshapiro# override compile time flag REQUIRES_DIR_FSYNC 484132943Sgshapiro#O RequiresDirfsync=true 485132943Sgshapiro 48690792Sgshapiro# list of authentication mechanisms 48790792Sgshapiro#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 48890792Sgshapiro 489132943Sgshapiro# Authentication realm 490132943Sgshapiro#O AuthRealm 491132943Sgshapiro 49290792Sgshapiro# default authentication information for outgoing connections 49390792Sgshapiro#O DefaultAuthInfo=/etc/mail/default-auth-info 49490792Sgshapiro 49590792Sgshapiro# SMTP AUTH flags 49690792Sgshapiro#O AuthOptions 49790792Sgshapiro 49890792Sgshapiro# SMTP AUTH maximum encryption strength 49990792Sgshapiro#O AuthMaxBits 50090792Sgshapiro 50190792Sgshapiro# SMTP STARTTLS server options 50290792Sgshapiro#O TLSSrvOptions 50390792Sgshapiro 504203004Sgshapiro 50590792Sgshapiro# Input mail filters 50690792Sgshapiro#O InputMailFilters 50790792Sgshapiro 50890792Sgshapiro 50990792Sgshapiro# CA directory 510110560Sgshapiro#O CACertPath 51190792Sgshapiro# CA file 512110560Sgshapiro#O CACertFile 51390792Sgshapiro# Server Cert 51490792Sgshapiro#O ServerCertFile 51590792Sgshapiro# Server private key 51690792Sgshapiro#O ServerKeyFile 51790792Sgshapiro# Client Cert 51890792Sgshapiro#O ClientCertFile 51990792Sgshapiro# Client private key 52090792Sgshapiro#O ClientKeyFile 521132943Sgshapiro# File containing certificate revocation lists 522132943Sgshapiro#O CRLFile 52390792Sgshapiro# DHParameters (only required if DSA/DH is used) 52490792Sgshapiro#O DHParameters 52590792Sgshapiro# Random data source (required for systems without /dev/urandom under OpenSSL) 52690792Sgshapiro#O RandFile 52790792Sgshapiro 528168515Sgshapiro# Maximum number of "useless" commands before slowing down 529168515Sgshapiro#O MaxNOOPCommands=20 530168515Sgshapiro 531168515Sgshapiro# Name to use for EHLO (defaults to $j) 532168515Sgshapiro#O HeloName 533168515Sgshapiro 53490792Sgshapiro############################ 53590792Sgshapiro# QUEUE GROUP DEFINITIONS # 53690792Sgshapiro############################ 53790792Sgshapiro 53890792Sgshapiro 53990792Sgshapiro########################### 54090792Sgshapiro# Message precedences # 54190792Sgshapiro########################### 54290792Sgshapiro 54390792SgshapiroPfirst-class=0 54490792SgshapiroPspecial-delivery=100 54590792SgshapiroPlist=-30 54690792SgshapiroPbulk=-60 54790792SgshapiroPjunk=-100 54890792Sgshapiro 54990792Sgshapiro##################### 55090792Sgshapiro# Trusted users # 55190792Sgshapiro##################### 55290792Sgshapiro 55390792Sgshapiro# this is equivalent to setting class "t" 55490792Sgshapiro#Ft/etc/mail/trusted-users 55590792SgshapiroTroot 55690792SgshapiroTdaemon 55790792SgshapiroTuucp 55890792Sgshapiro 55990792Sgshapiro######################### 56090792Sgshapiro# Format of headers # 56190792Sgshapiro######################### 56290792Sgshapiro 56390792SgshapiroH?P?Return-Path: <$g> 56490792SgshapiroHReceived: $?sfrom $s $.$?_($?s$|from $.$_) 56590792Sgshapiro $.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.) 56690792Sgshapiro $.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version} 56790792Sgshapiro (version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u 56890792Sgshapiro for $u; $|; 56990792Sgshapiro $.$b 57090792SgshapiroH?D?Resent-Date: $a 57190792SgshapiroH?D?Date: $a 57290792SgshapiroH?F?Resent-From: $?x$x <$g>$|$g$. 57390792SgshapiroH?F?From: $?x$x <$g>$|$g$. 57490792SgshapiroH?x?Full-Name: $x 57590792Sgshapiro# HPosted-Date: $a 57690792Sgshapiro# H?l?Received-Date: $b 57790792SgshapiroH?M?Resent-Message-Id: <$t.$i@$j> 57890792SgshapiroH?M?Message-Id: <$t.$i@$j> 57990792Sgshapiro 58090792Sgshapiro# 58190792Sgshapiro###################################################################### 58290792Sgshapiro###################################################################### 58390792Sgshapiro##### 58490792Sgshapiro##### REWRITING RULES 58590792Sgshapiro##### 58690792Sgshapiro###################################################################### 58790792Sgshapiro###################################################################### 58890792Sgshapiro 58990792Sgshapiro############################################ 59090792Sgshapiro### Ruleset 3 -- Name Canonicalization ### 59190792Sgshapiro############################################ 59290792SgshapiroScanonify=3 59390792Sgshapiro 59490792Sgshapiro# handle null input (translate to <@> special case) 59590792SgshapiroR$@ $@ <@> 59690792Sgshapiro 59790792Sgshapiro# strip group: syntax (not inside angle brackets!) and trailing semicolon 59890792SgshapiroR$* $: $1 <@> mark addresses 59990792SgshapiroR$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr> 60090792SgshapiroR@ $* <@> $: @ $1 unmark @host:... 60190792SgshapiroR$* [ IPv6 : $+ ] <@> $: $1 [ IPv6 : $2 ] unmark IPv6 addr 60290792SgshapiroR$* :: $* <@> $: $1 :: $2 unmark node::addr 60390792SgshapiroR:include: $* <@> $: :include: $1 unmark :include:... 60490792SgshapiroR$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon 60590792SgshapiroR$* : $* <@> $: $2 strip colon if marked 60690792SgshapiroR$* <@> $: $1 unmark 60790792SgshapiroR$* ; $1 strip trailing semi 60890792SgshapiroR$* < $+ :; > $* $@ $2 :; <@> catch <list:;> 60990792SgshapiroR$* < $* ; > $1 < $2 > bogus bracketed semi 61090792Sgshapiro 61190792Sgshapiro# null input now results from list:; syntax 61290792SgshapiroR$@ $@ :; <@> 61390792Sgshapiro 61490792Sgshapiro# strip angle brackets -- note RFC733 heuristic to get innermost item 61590792SgshapiroR$* $: < $1 > housekeeping <> 61690792SgshapiroR$+ < $* > < $2 > strip excess on left 61790792SgshapiroR< $* > $+ < $1 > strip excess on right 61890792SgshapiroR<> $@ < @ > MAIL FROM:<> case 61990792SgshapiroR< $+ > $: $1 remove housekeeping <> 62090792Sgshapiro 62190792Sgshapiro# strip route address <@a,@b,@c:user@d> -> <user@d> 62290792SgshapiroR@ $+ , $+ $2 62390792SgshapiroR@ [ $* ] : $+ $2 62490792SgshapiroR@ $+ : $+ $2 62590792Sgshapiro 62690792Sgshapiro# find focus for list syntax 62790792SgshapiroR $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax 62890792SgshapiroR $+ : $* ; $@ $1 : $2; list syntax 62990792Sgshapiro 63090792Sgshapiro# find focus for @ syntax addresses 63190792SgshapiroR$+ @ $+ $: $1 < @ $2 > focus on domain 63290792SgshapiroR$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right 63390792SgshapiroR$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical 63490792Sgshapiro 63590792Sgshapiro 63690792Sgshapiro# convert old-style addresses to a domain-based address 63790792SgshapiroR$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names 63890792SgshapiroR$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps 63990792SgshapiroR$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains 64090792Sgshapiro 64190792Sgshapiro# convert node::user addresses into a domain-based address 64290792SgshapiroR$- :: $+ $@ $>Canonify2 $2 < @ $1 .DECNET > resolve DECnet names 64390792SgshapiroR$- . $- :: $+ $@ $>Canonify2 $3 < @ $1.$2 .DECNET > numeric DECnet addr 64490792Sgshapiro 64590792Sgshapiro# if we have % signs, take the rightmost one 64690792SgshapiroR$* % $* $1 @ $2 First make them all @s. 64790792SgshapiroR$* @ $* @ $* $1 % $2 @ $3 Undo all but the last. 64890792SgshapiroR$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish 64990792Sgshapiro 65090792Sgshapiro# else we must be a local name 65190792SgshapiroR$* $@ $>Canonify2 $1 65290792Sgshapiro 65390792Sgshapiro 65490792Sgshapiro################################################ 65590792Sgshapiro### Ruleset 96 -- bottom half of ruleset 3 ### 65690792Sgshapiro################################################ 65790792Sgshapiro 65890792SgshapiroSCanonify2=96 65990792Sgshapiro 66090792Sgshapiro# handle special cases for local names 66190792SgshapiroR$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all 66290792SgshapiroR$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain 66390792SgshapiroR$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain 66490792Sgshapiro 66590792Sgshapiro# check for IPv4/IPv6 domain literal 66690792SgshapiroR$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr] 66790792SgshapiroR$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal 66890792SgshapiroR$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr 66990792Sgshapiro 67090792Sgshapiro 67190792Sgshapiro 67290792Sgshapiro 67390792Sgshapiro 67490792Sgshapiro# if really UUCP, handle it immediately 67590792Sgshapiro 67690792Sgshapiro# try UUCP traffic as a local address 67790792SgshapiroR$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3 67890792SgshapiroR$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3 67990792Sgshapiro 68090792Sgshapiro# hostnames ending in class P are always canonical 68190792SgshapiroR$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4 68290792SgshapiroR$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4 68390792SgshapiroR$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6 68490792SgshapiroR$* CC $* $| $* $: $3 68590792Sgshapiro# pass to name server to make hostname canonical 68690792SgshapiroR$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4 68790792SgshapiroR$* $| $* $: $2 68890792Sgshapiro 68990792Sgshapiro# local host aliases and pseudo-domains are always canonical 69090792SgshapiroR$* < @ $=w > $* $: $1 < @ $2 . > $3 69190792SgshapiroR$* < @ $=M > $* $: $1 < @ $2 . > $3 69290792SgshapiroR$* < @ $* . . > $* $1 < @ $2 . > $3 69390792Sgshapiro 69490792Sgshapiro 69590792Sgshapiro################################################## 69690792Sgshapiro### Ruleset 4 -- Final Output Post-rewriting ### 69790792Sgshapiro################################################## 69890792SgshapiroSfinal=4 69990792Sgshapiro 70090792SgshapiroR$+ :; <@> $@ $1 : handle <list:;> 70190792SgshapiroR$* <@> $@ handle <> and list:; 70290792Sgshapiro 70390792Sgshapiro# strip trailing dot off possibly canonical name 70490792SgshapiroR$* < @ $+ . > $* $1 < @ $2 > $3 70590792Sgshapiro 70690792Sgshapiro# eliminate internal code 70790792SgshapiroR$* < @ *LOCAL* > $* $1 < @ $j > $2 70890792Sgshapiro 70990792Sgshapiro# externalize local domain info 71090792SgshapiroR$* < $+ > $* $1 $2 $3 defocus 71190792SgshapiroR@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 <route-addr> canonical 71290792SgshapiroR@ $* $@ @ $1 ... and exit 71390792Sgshapiro 71490792Sgshapiro# UUCP must always be presented in old form 71590792SgshapiroR$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u 71690792Sgshapiro 71790792Sgshapiro# put DECnet back in :: form 71890792SgshapiroR$+ @ $+ . DECNET $2 :: $1 u@h.DECNET => h::u 71990792Sgshapiro# delete duplicate local names 72090792SgshapiroR$+ % $=w @ $=w $1 @ $2 u%host@host => u@host 72190792Sgshapiro 72290792Sgshapiro 72390792Sgshapiro 72490792Sgshapiro############################################################## 72590792Sgshapiro### Ruleset 97 -- recanonicalize and call ruleset zero ### 72690792Sgshapiro### (used for recursive calls) ### 72790792Sgshapiro############################################################## 72890792Sgshapiro 72990792SgshapiroSRecurse=97 73090792SgshapiroR$* $: $>canonify $1 73190792SgshapiroR$* $@ $>parse $1 73290792Sgshapiro 73390792Sgshapiro 73490792Sgshapiro###################################### 73590792Sgshapiro### Ruleset 0 -- Parse Address ### 73690792Sgshapiro###################################### 73790792Sgshapiro 73890792SgshapiroSparse=0 73990792Sgshapiro 74090792SgshapiroR$* $: $>Parse0 $1 initial parsing 74190792SgshapiroR<@> $#local $: <@> special case error msgs 74290792SgshapiroR$* $: $>ParseLocal $1 handle local hacks 74390792SgshapiroR$* $: $>Parse1 $1 final parsing 74490792Sgshapiro 74590792Sgshapiro# 74690792Sgshapiro# Parse0 -- do initial syntax checking and eliminate local addresses. 74790792Sgshapiro# This should either return with the (possibly modified) input 74890792Sgshapiro# or return with a #error mailer. It should not return with a 74990792Sgshapiro# #mailer other than the #error mailer. 75090792Sgshapiro# 75190792Sgshapiro 75290792SgshapiroSParse0 75390792SgshapiroR<@> $@ <@> special case error msgs 75490792SgshapiroR$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses" 75590792SgshapiroR@ <@ $* > < @ $1 > catch "@@host" bogosity 75690792SgshapiroR<@ $+> $#error $@ 5.1.3 $: "553 User address required" 75790792SgshapiroR$+ <@> $#error $@ 5.1.3 $: "553 Hostname required" 75890792SgshapiroR$* $: <> $1 75990792SgshapiroR<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4 76090792SgshapiroR<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4 76190792SgshapiroR<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "553 Invalid address" 76290792SgshapiroR<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3 76390792SgshapiroR<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part" 76490792SgshapiroR<> $* $1 76590792SgshapiroR$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" 76690792SgshapiroR$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" 76790792SgshapiroR$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address" 76890792SgshapiroR$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address" 76990792SgshapiroR$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address" 77090792Sgshapiro 77190792Sgshapiro 77290792Sgshapiro# now delete the local info -- note $=O to find characters that cause forwarding 77390792SgshapiroR$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user 77490792SgshapiroR< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ... 77590792SgshapiroR$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here 77690792SgshapiroR< @ $+ > $#error $@ 5.1.3 $: "553 User address required" 77790792SgshapiroR$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ... 77890792SgshapiroR$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo" 77990792SgshapiroR< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required" 78090792SgshapiroR$* $=O $* < @ *LOCAL* > 78190792Sgshapiro $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ... 78290792SgshapiroR$* < @ *LOCAL* > $: $1 78390792Sgshapiro 78490792Sgshapiro# 78590792Sgshapiro# Parse1 -- the bottom half of ruleset 0. 78690792Sgshapiro# 78790792Sgshapiro 78890792SgshapiroSParse1 78990792Sgshapiro 79090792Sgshapiro# handle numeric address spec 79190792SgshapiroR$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec 792112810SgshapiroR$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path 79390792SgshapiroR$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send 79490792SgshapiroR$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer 79590792SgshapiroR$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer 79690792Sgshapiro 79790792Sgshapiro 79890792Sgshapiro# short circuit local delivery so forwarded email works 79990792Sgshapiro 80090792Sgshapiro 80190792SgshapiroR$=L < @ $=w . > $#local $: @ $1 special local names 80290792SgshapiroR$+ < @ $=w . > $#local $: $1 regular local name 80390792Sgshapiro 80490792Sgshapiro 80590792Sgshapiro# resolve remotely connected UUCP links (if any) 80690792Sgshapiro 80790792Sgshapiro# resolve fake top level domains by forwarding to other hosts 80890792Sgshapiro 80990792Sgshapiro 81090792Sgshapiro 81190792Sgshapiro# pass names that still have a host to a smarthost (if defined) 81290792SgshapiroR$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name 81390792Sgshapiro 81490792Sgshapiro# deal with other remote names 81590792SgshapiroR$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain 81690792Sgshapiro 81790792Sgshapiro# handle locally delivered names 81890792SgshapiroR$=L $#local $: @ $1 special local names 81990792SgshapiroR$+ $#local $: $1 regular local names 82090792Sgshapiro 82190792Sgshapiro########################################################################### 82290792Sgshapiro### Ruleset 5 -- special rewriting after aliases have been expanded ### 82390792Sgshapiro########################################################################### 82490792Sgshapiro 82590792SgshapiroSLocal_localaddr 82690792SgshapiroSlocaladdr=5 82790792SgshapiroR$+ $: $1 $| $>"Local_localaddr" $1 82890792SgshapiroR$+ $| $#ok $@ $1 no change 82990792SgshapiroR$+ $| $#$* $#$2 83090792SgshapiroR$+ $| $* $: $1 83190792Sgshapiro 83290792Sgshapiro 83390792Sgshapiro 83490792Sgshapiro 83590792Sgshapiro# deal with plussed users so aliases work nicely 83690792SgshapiroR$+ + * $#local $@ $&h $: $1 83790792SgshapiroR$+ + $* $#local $@ + $2 $: $1 + * 83890792Sgshapiro 83990792Sgshapiro# prepend an empty "forward host" on the front 84090792SgshapiroR$+ $: <> $1 84190792Sgshapiro 84290792Sgshapiro 84390792Sgshapiro 84490792SgshapiroR< > $+ $: < > < $1 <> $&h > nope, restore +detail 84590792Sgshapiro 84690792SgshapiroR< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail 84790792SgshapiroR< > < $+ <> $* > $: < > < $1 > else discard 84890792SgshapiroR< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part 84990792SgshapiroR< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra + 85090792SgshapiroR< > < $+ > $@ $1 no +detail 85190792SgshapiroR$+ $: $1 <> $&h add +detail back in 85290792Sgshapiro 85390792SgshapiroR$+ <> + $* $: $1 + $2 check whether +detail 85490792SgshapiroR$+ <> $* $: $1 else discard 85590792SgshapiroR< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension 85690792SgshapiroR< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension 85790792Sgshapiro 85890792SgshapiroR< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 > 85990792Sgshapiro 86090792SgshapiroR< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 > 86190792Sgshapiro 86290792Sgshapiro 86390792Sgshapiro################################################################### 86490792Sgshapiro### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ### 86590792Sgshapiro################################################################### 86690792Sgshapiro 86790792SgshapiroSMailerToTriple=95 86890792SgshapiroR< > $* $@ $1 strip off null relay 86990792SgshapiroR< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4 870120256SgshapiroR< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2 871120256SgshapiroR< error : $+ > $* $#error $: $1 87290792SgshapiroR< local : $* > $* $>CanonLocal < $1 > $2 87390792SgshapiroR< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user 87490792SgshapiroR< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer 87590792SgshapiroR< $=w > $* $@ $2 delete local host 87690792SgshapiroR< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer 87790792Sgshapiro 87890792Sgshapiro################################################################### 87990792Sgshapiro### Ruleset CanonLocal -- canonify local: syntax ### 88090792Sgshapiro################################################################### 88190792Sgshapiro 88290792SgshapiroSCanonLocal 88390792Sgshapiro# strip local host from routed addresses 88490792SgshapiroR< $* > < @ $+ > : $+ $@ $>Recurse $3 88590792SgshapiroR< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4 88690792Sgshapiro 88790792Sgshapiro# strip trailing dot from any host name that may appear 88890792SgshapiroR< $* > $* < @ $* . > $: < $1 > $2 < @ $3 > 88990792Sgshapiro 89090792Sgshapiro# handle local: syntax -- use old user, either with or without host 89190792SgshapiroR< > $* < @ $* > $* $#local $@ $1@$2 $: $1 89290792SgshapiroR< > $+ $#local $@ $1 $: $1 89390792Sgshapiro 89490792Sgshapiro# handle local:user@host syntax -- ignore host part 89590792SgshapiroR< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 > 89690792Sgshapiro 89790792Sgshapiro# handle local:user syntax 89890792SgshapiroR< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1 89990792SgshapiroR< $+ > $* $#local $@ $2 $: $1 90090792Sgshapiro 90190792Sgshapiro################################################################### 90290792Sgshapiro### Ruleset 93 -- convert header names to masqueraded form ### 90390792Sgshapiro################################################################### 90490792Sgshapiro 90590792SgshapiroSMasqHdr=93 90690792Sgshapiro 90790792Sgshapiro 90890792Sgshapiro# do not masquerade anything in class N 90990792SgshapiroR$* < @ $* $=N . > $@ $1 < @ $2 $3 . > 91090792Sgshapiro 91190792SgshapiroR$* < @ *LOCAL* > $@ $1 < @ $j . > 91290792Sgshapiro 91390792Sgshapiro################################################################### 91490792Sgshapiro### Ruleset 94 -- convert envelope names to masqueraded form ### 91590792Sgshapiro################################################################### 91690792Sgshapiro 91790792SgshapiroSMasqEnv=94 91890792SgshapiroR$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 91990792Sgshapiro 92090792Sgshapiro################################################################### 92190792Sgshapiro### Ruleset 98 -- local part of ruleset zero (can be null) ### 92290792Sgshapiro################################################################### 92390792Sgshapiro 92490792SgshapiroSParseLocal=98 92590792Sgshapiro 92690792Sgshapiro 92790792Sgshapiro 92890792Sgshapiro 929244833Sgshapiro 930244833Sgshapiro 93190792Sgshapiro###################################################################### 93290792Sgshapiro### CanonAddr -- Convert an address into a standard form for 93390792Sgshapiro### relay checking. Route address syntax is 93490792Sgshapiro### crudely converted into a %-hack address. 93590792Sgshapiro### 93690792Sgshapiro### Parameters: 93790792Sgshapiro### $1 -- full recipient address 93890792Sgshapiro### 93990792Sgshapiro### Returns: 94090792Sgshapiro### parsed address, not in source route form 94190792Sgshapiro###################################################################### 94290792Sgshapiro 94390792SgshapiroSCanonAddr 94490792SgshapiroR$* $: $>Parse0 $>canonify $1 make domain canonical 94590792Sgshapiro 94690792Sgshapiro 94790792Sgshapiro###################################################################### 94890792Sgshapiro### ParseRecipient -- Strip off hosts in $=R as well as possibly 94990792Sgshapiro### $* $=m or the access database. 95090792Sgshapiro### Check user portion for host separators. 95190792Sgshapiro### 95290792Sgshapiro### Parameters: 95390792Sgshapiro### $1 -- full recipient address 95490792Sgshapiro### 95590792Sgshapiro### Returns: 95690792Sgshapiro### parsed, non-local-relaying address 95790792Sgshapiro###################################################################### 95890792Sgshapiro 95990792SgshapiroSParseRecipient 96090792SgshapiroR$* $: <?> $>CanonAddr $1 96190792SgshapiroR<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots 96290792SgshapiroR<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part 96390792Sgshapiro 96490792Sgshapiro# if no $=O character, no host in the user portion, we are done 96590792SgshapiroR<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4> 96690792SgshapiroR<?> $* $@ $1 96790792Sgshapiro 96890792Sgshapiro 96990792SgshapiroR<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 > 97090792Sgshapiro 97190792Sgshapiro 97290792Sgshapiro 97390792SgshapiroR<RELAY> $* < @ $* > $@ $>ParseRecipient $1 97490792SgshapiroR<$+> $* $@ $2 97590792Sgshapiro 97690792Sgshapiro 97790792Sgshapiro###################################################################### 97890792Sgshapiro### check_relay -- check hostname/address on SMTP startup 97990792Sgshapiro###################################################################### 98090792Sgshapiro 981132943Sgshapiro 982132943Sgshapiro 98390792SgshapiroSLocal_check_relay 98490792SgshapiroScheck_relay 98590792SgshapiroR$* $: $1 $| $>"Local_check_relay" $1 98690792SgshapiroR$* $| $* $| $#$* $#$3 98790792SgshapiroR$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2 98890792Sgshapiro 98990792SgshapiroSBasic_check_relay 99090792Sgshapiro# check for deferred delivery mode 99198121SgshapiroR$* $: < $&{deliveryMode} > $1 99290792SgshapiroR< d > $* $@ deferred 99390792SgshapiroR< $* > $* $: $2 99490792Sgshapiro 99590792Sgshapiro 99690792Sgshapiro 99790792Sgshapiro###################################################################### 99890792Sgshapiro### check_mail -- check SMTP `MAIL FROM:' command argument 99990792Sgshapiro###################################################################### 100090792Sgshapiro 100190792SgshapiroSLocal_check_mail 100290792SgshapiroScheck_mail 100390792SgshapiroR$* $: $1 $| $>"Local_check_mail" $1 100490792SgshapiroR$* $| $#$* $#$2 100590792SgshapiroR$* $| $* $@ $>"Basic_check_mail" $1 100690792Sgshapiro 100790792SgshapiroSBasic_check_mail 100890792Sgshapiro# check for deferred delivery mode 100998121SgshapiroR$* $: < $&{deliveryMode} > $1 101090792SgshapiroR< d > $* $@ deferred 101190792SgshapiroR< $* > $* $: $2 101290792Sgshapiro 101390792Sgshapiro# authenticated? 101490792SgshapiroR$* $: $1 $| $>"tls_client" $&{verify} $| MAIL 101590792SgshapiroR$* $| $#$+ $#$2 101690792SgshapiroR$* $| $* $: $1 101790792Sgshapiro 101890792SgshapiroR<> $@ <OK> we MUST accept <> (RFC 1123) 101990792SgshapiroR$+ $: <?> $1 102090792SgshapiroR<?><$+> $: <@> <$1> 102190792SgshapiroR<?>$+ $: <@> <$1> 102290792SgshapiroR$* $: $&{daemon_flags} $| $1 102390792SgshapiroR$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 > 102490792SgshapiroR$* u $* $| <@> < $* > $: <?> < $3 > 102590792SgshapiroR$* $| $* $: $2 102690792Sgshapiro# handle case of @localhost on address 102790792SgshapiroR<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost > 102890792SgshapiroR<@> < $* @ [127.0.0.1] > 102990792Sgshapiro $: < ? $&{client_name} > < $1 @ [127.0.0.1] > 103090792SgshapiroR<@> < $* @ localhost.$m > 103190792Sgshapiro $: < ? $&{client_name} > < $1 @ localhost.$m > 103290792SgshapiroR<@> < $* @ localhost.UUCP > 103390792Sgshapiro $: < ? $&{client_name} > < $1 @ localhost.UUCP > 103490792SgshapiroR<@> $* $: $1 no localhost as domain 103590792SgshapiroR<? $=w> $* $: $2 local client: ok 103690792SgshapiroR<? $+> <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address" 103790792SgshapiroR<?> $* $: $1 103890792SgshapiroR$* $: <?> $>CanonAddr $1 canonify sender address and mark it 103990792SgshapiroR<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots 104090792Sgshapiro# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) 1041102528SgshapiroR<?> $* < @ $* $=P > $: <OKR> $1 < @ $2 $3 > 1042102528SgshapiroR<?> $* < @ $j > $: <OKR> $1 < @ $j > 104390792SgshapiroR<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 > 104490792SgshapiroR<? $* <$->> $* < @ $+ > 104590792Sgshapiro $: <$2> $3 < @ $4 > 104690792Sgshapiro 104790792Sgshapiro 104890792Sgshapiro# handle case of no @domain on address 104990792SgshapiroR<?> $* $: $&{daemon_flags} $| <?> $1 105090792SgshapiroR$* u $* $| <?> $* $: <OKR> $3 105190792SgshapiroR$* $| $* $: $2 1052110560SgshapiroR<?> $* $: < ? $&{client_addr} > $1 1053102528SgshapiroR<?> $* $@ <OKR> ...local unqualed ok 105490792SgshapiroR<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f 105590792Sgshapiro ...remote is not 105690792Sgshapiro# check results 105790792SgshapiroR<?> $* $: @ $1 mark address: nothing known about it 1058168515SgshapiroR<$={ResOk}> $* $: @ $2 domain ok 105990792SgshapiroR<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve" 106090792SgshapiroR<PERM> $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist" 106190792Sgshapiro 1062168515Sgshapiro 1063168515Sgshapiro 106490792Sgshapiro###################################################################### 106590792Sgshapiro### check_rcpt -- check SMTP `RCPT TO:' command argument 106690792Sgshapiro###################################################################### 106790792Sgshapiro 106890792SgshapiroSLocal_check_rcpt 106990792SgshapiroScheck_rcpt 107090792SgshapiroR$* $: $1 $| $>"Local_check_rcpt" $1 107190792SgshapiroR$* $| $#$* $#$2 107290792SgshapiroR$* $| $* $@ $>"Basic_check_rcpt" $1 107390792Sgshapiro 107490792SgshapiroSBasic_check_rcpt 107590792Sgshapiro# empty address? 107690792SgshapiroR<> $#error $@ nouser $: "553 User address required" 107790792SgshapiroR$@ $#error $@ nouser $: "553 User address required" 107890792Sgshapiro# check for deferred delivery mode 107998121SgshapiroR$* $: < $&{deliveryMode} > $1 108090792SgshapiroR< d > $* $@ deferred 108190792SgshapiroR< $* > $* $: $2 108290792Sgshapiro 108390792Sgshapiro 108490792Sgshapiro###################################################################### 108590792SgshapiroR$* $: $1 $| @ $>"Rcpt_ok" $1 108690792SgshapiroR$* $| @ $#TEMP $+ $: $1 $| T $2 108790792SgshapiroR$* $| @ $#$* $#$2 108890792SgshapiroR$* $| @ RELAY $@ RELAY 108990792SgshapiroR$* $| @ $* $: O $| $>"Relay_ok" $1 109090792SgshapiroR$* $| T $+ $: T $2 $| $>"Relay_ok" $1 109190792SgshapiroR$* $| $#TEMP $+ $#error $2 109290792SgshapiroR$* $| $#$* $#$2 109390792SgshapiroR$* $| RELAY $@ RELAY 109490792SgshapiroR T $+ $| $* $#error $1 109590792Sgshapiro# anything else is bogus 109690792SgshapiroR$* $#error $@ 5.7.1 $: "550 Relaying denied" 109790792Sgshapiro 109890792Sgshapiro 109990792Sgshapiro###################################################################### 110090792Sgshapiro### Rcpt_ok: is the recipient ok? 110190792Sgshapiro###################################################################### 110290792SgshapiroSRcpt_ok 110390792SgshapiroR$* $: $>ParseRecipient $1 strip relayable hosts 110490792Sgshapiro 110590792Sgshapiro 110690792Sgshapiro 110790792Sgshapiro 110890792Sgshapiro# authenticated via TLS? 110990792SgshapiroR$* $: $1 $| $>RelayTLS client authenticated? 111090792SgshapiroR$* $| $# $+ $# $2 error/ok? 111190792SgshapiroR$* $| $* $: $1 no 111290792Sgshapiro 111390792SgshapiroR$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type} 111490792SgshapiroR$* $| $# $* $# $2 111590792SgshapiroR$* $| NO $: $1 111690792SgshapiroR$* $| $* $: $1 $| $&{auth_type} 111790792SgshapiroR$* $| $: $1 111890792SgshapiroR$* $| $={TrustAuthMech} $# RELAY 111990792SgshapiroR$* $| $* $: $1 112090792Sgshapiro# anything terminating locally is ok 112190792SgshapiroR$+ < @ $=w > $@ RELAY 112290792SgshapiroR$+ < @ $* $=R > $@ RELAY 112390792Sgshapiro 112490792Sgshapiro 112590792Sgshapiro 1126132943Sgshapiro 112790792Sgshapiro# check for local user (i.e. unqualified address) 112890792SgshapiroR$* $: <?> $1 112990792SgshapiroR<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 > 113090792Sgshapiro# local user is ok 113190792SgshapiroR<?> $+ $@ RELAY 113290792SgshapiroR<$+> $* $: $2 113390792Sgshapiro 113490792Sgshapiro###################################################################### 113590792Sgshapiro### Relay_ok: is the relay/sender ok? 113690792Sgshapiro###################################################################### 113790792SgshapiroSRelay_ok 113890792Sgshapiro# anything originating locally is ok 113990792Sgshapiro# check IP address 114090792SgshapiroR$* $: $&{client_addr} 114190792SgshapiroR$@ $@ RELAY originated locally 114290792SgshapiroR0 $@ RELAY originated locally 1143110560SgshapiroR127.0.0.1 $@ RELAY originated locally 1144110560SgshapiroRIPv6:::1 $@ RELAY originated locally 114590792SgshapiroR$=R $* $@ RELAY relayable IP address 114690792SgshapiroR$* $: [ $1 ] put brackets around it... 114790792SgshapiroR$=w $@ RELAY ... and see if it is local 114890792Sgshapiro 114990792Sgshapiro 115090792Sgshapiro# check client name: first: did it resolve? 115190792SgshapiroR$* $: < $&{client_resolve} > 1152132943SgshapiroR<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr} 115390792SgshapiroR<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name} 115490792SgshapiroR<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name} 115590792SgshapiroR$* $: <@> $&{client_name} 115690792Sgshapiro# pass to name server to make hostname canonical 115790792SgshapiroR<@> $* $=P $:<?> $1 $2 115890792SgshapiroR<@> $+ $:<?> $[ $1 $] 115990792SgshapiroR$* . $1 strip trailing dots 116090792SgshapiroR<?> $=w $@ RELAY 116190792SgshapiroR<?> $* $=R $@ RELAY 116290792Sgshapiro 116390792Sgshapiro 116490792Sgshapiro 116590792Sgshapiro 1166168515Sgshapiro 116790792Sgshapiro###################################################################### 116890792Sgshapiro### trust_auth: is user trusted to authenticate as someone else? 116990792Sgshapiro### 117090792Sgshapiro### Parameters: 117190792Sgshapiro### $1: AUTH= parameter from MAIL command 117290792Sgshapiro###################################################################### 117390792Sgshapiro 117490792SgshapiroSLocal_trust_auth 117590792SgshapiroStrust_auth 117690792SgshapiroR$* $: $&{auth_type} $| $1 117790792Sgshapiro# required by RFC 2554 section 4. 117890792SgshapiroR$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated" 117990792SgshapiroR$* $| $&{auth_authen} $@ identical 118090792SgshapiroR$* $| <$&{auth_authen}> $@ identical 1181120256SgshapiroR$* $| $* $: $1 $| $>"Local_trust_auth" $2 118290792SgshapiroR$* $| $#$* $#$2 118390792SgshapiroR$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author} 118490792Sgshapiro 118590792Sgshapiro###################################################################### 118690792Sgshapiro### Relay_Auth: allow relaying based on authentication? 118790792Sgshapiro### 118890792Sgshapiro### Parameters: 118990792Sgshapiro### $1: ${auth_type} 119090792Sgshapiro###################################################################### 119190792SgshapiroSLocal_Relay_Auth 119290792Sgshapiro 1193132943Sgshapiro###################################################################### 1194132943Sgshapiro### srv_features: which features to offer to a client? 1195132943Sgshapiro### (done in server) 1196132943Sgshapiro###################################################################### 1197132943SgshapiroSsrv_features 119890792Sgshapiro 119990792Sgshapiro 120090792Sgshapiro###################################################################### 1201132943Sgshapiro### try_tls: try to use STARTTLS? 1202132943Sgshapiro### (done in client) 1203132943Sgshapiro###################################################################### 1204132943SgshapiroStry_tls 1205132943Sgshapiro 1206132943Sgshapiro 1207132943Sgshapiro###################################################################### 1208132943Sgshapiro### tls_rcpt: is connection with server "good" enough? 1209132943Sgshapiro### (done in client, per recipient) 1210132943Sgshapiro### 1211132943Sgshapiro### Parameters: 1212132943Sgshapiro### $1: recipient 1213132943Sgshapiro###################################################################### 1214132943SgshapiroStls_rcpt 1215132943Sgshapiro 1216132943Sgshapiro 1217132943Sgshapiro###################################################################### 121890792Sgshapiro### tls_client: is connection with client "good" enough? 121990792Sgshapiro### (done in server) 122090792Sgshapiro### 122190792Sgshapiro### Parameters: 122290792Sgshapiro### ${verify} $| (MAIL|STARTTLS) 122390792Sgshapiro###################################################################### 122490792SgshapiroStls_client 122590792SgshapiroR$* $| $* $@ $>"TLS_connection" $1 122690792Sgshapiro 122790792Sgshapiro###################################################################### 122890792Sgshapiro### tls_server: is connection with server "good" enough? 122990792Sgshapiro### (done in client) 123090792Sgshapiro### 123190792Sgshapiro### Parameter: 123290792Sgshapiro### ${verify} 123390792Sgshapiro###################################################################### 123490792SgshapiroStls_server 123590792SgshapiroR$* $@ $>"TLS_connection" $1 123690792Sgshapiro 123790792Sgshapiro###################################################################### 123890792Sgshapiro### TLS_connection: is TLS connection "good" enough? 123990792Sgshapiro### 124090792Sgshapiro### Parameters: 124190792Sgshapiro### ${verify} 124290792Sgshapiro### Requirement: RHS from access map, may be ? for none. 124390792Sgshapiro###################################################################### 124490792SgshapiroSTLS_connection 124590792SgshapiroRSOFTWARE $#error $@ 4.7.0 $: "403 TLS handshake." 124690792Sgshapiro 124790792Sgshapiro 124890792Sgshapiro###################################################################### 124990792Sgshapiro### RelayTLS: allow relaying based on TLS authentication 125090792Sgshapiro### 125190792Sgshapiro### Parameters: 125290792Sgshapiro### none 125390792Sgshapiro###################################################################### 125490792SgshapiroSRelayTLS 125590792Sgshapiro# authenticated? 125690792Sgshapiro 125790792Sgshapiro###################################################################### 125890792Sgshapiro### authinfo: lookup authinfo in the access map 125990792Sgshapiro### 126090792Sgshapiro### Parameters: 126190792Sgshapiro### $1: {server_name} 126290792Sgshapiro### $2: {server_addr} 126390792Sgshapiro###################################################################### 126490792SgshapiroSauthinfo 126590792Sgshapiro 126690792Sgshapiro 126790792Sgshapiro 126890792Sgshapiro 1269132943Sgshapiro 1270132943Sgshapiro 1271132943Sgshapiro 1272132943Sgshapiro 127390792SgshapiroSLocal_localaddr 127490792SgshapiroR$+ $: $>ParseRecipient $1 127590792SgshapiroR$* < @ $+ > $* $#relay $@ ${MTAHost} $: $1 < @ $2 > $3 127690792Sgshapiro# DECnet 127790792SgshapiroR$+ :: $+ $#relay $@ ${MTAHost} $: $1 :: $2 127890792SgshapiroR$* $#relay $@ ${MTAHost} $: $1 < @ $j > 127990792Sgshapiro# 128090792Sgshapiro###################################################################### 128190792Sgshapiro###################################################################### 128290792Sgshapiro##### 128390792Sgshapiro##### MAIL FILTER DEFINITIONS 128490792Sgshapiro##### 128590792Sgshapiro###################################################################### 128690792Sgshapiro###################################################################### 128790792Sgshapiro 128890792Sgshapiro# 128990792Sgshapiro###################################################################### 129090792Sgshapiro###################################################################### 129190792Sgshapiro##### 129290792Sgshapiro##### MAILER DEFINITIONS 129390792Sgshapiro##### 129490792Sgshapiro###################################################################### 129590792Sgshapiro###################################################################### 129690792Sgshapiro 129790792Sgshapiro 129890792Sgshapiro################################################## 129990792Sgshapiro### Local and Program Mailer specification ### 130090792Sgshapiro################################################## 130190792Sgshapiro 1302141858Sgshapiro##### $Id: local.m4,v 8.59 2004/11/23 00:37:25 ca Exp $ ##### 130390792Sgshapiro 130490792Sgshapiro# 130590792Sgshapiro# Envelope sender rewriting 130690792Sgshapiro# 130790792SgshapiroSEnvFromL 130890792SgshapiroR<@> $n errors to mailer-daemon 130990792SgshapiroR@ <@ $*> $n temporarily bypass Sun bogosity 131090792SgshapiroR$+ $: $>AddDomain $1 add local domain if needed 131190792SgshapiroR$* $: $>MasqEnv $1 do masquerading 131290792Sgshapiro 131390792Sgshapiro# 131490792Sgshapiro# Envelope recipient rewriting 131590792Sgshapiro# 131690792SgshapiroSEnvToL 131790792SgshapiroR$+ < @ $* > $: $1 strip host part 131890792SgshapiroR$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type 131990792SgshapiroR<e s> $+ + $* $: $1 remove +detail for sender 132090792SgshapiroR< $* > $+ $: $2 else remove mark 132190792Sgshapiro 132290792Sgshapiro# 132390792Sgshapiro# Header sender rewriting 132490792Sgshapiro# 132590792SgshapiroSHdrFromL 132690792SgshapiroR<@> $n errors to mailer-daemon 132790792SgshapiroR@ <@ $*> $n temporarily bypass Sun bogosity 132890792SgshapiroR$+ $: $>AddDomain $1 add local domain if needed 132990792SgshapiroR$* $: $>MasqHdr $1 do masquerading 133090792Sgshapiro 133190792Sgshapiro# 133290792Sgshapiro# Header recipient rewriting 133390792Sgshapiro# 133490792SgshapiroSHdrToL 133590792SgshapiroR$+ $: $>AddDomain $1 add local domain if needed 133690792SgshapiroR$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 133790792Sgshapiro 133890792Sgshapiro# 133990792Sgshapiro# Common code to add local domain name (only if always-add-domain) 134090792Sgshapiro# 134190792SgshapiroSAddDomain 134290792Sgshapiro 134390792SgshapiroMlocal, P=[IPC], F=lmDFMuXkw5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, 134490792Sgshapiro T=DNS/RFC822/SMTP, 134590792Sgshapiro A=TCP $h 134690792SgshapiroMprog, P=[IPC], F=lmDFMuXk5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/, 134790792Sgshapiro T=X-Unix/X-Unix/X-Unix, 134890792Sgshapiro A=TCP $h 134990792Sgshapiro 135090792Sgshapiro##################################### 135190792Sgshapiro### SMTP Mailer specification ### 135290792Sgshapiro##################################### 135390792Sgshapiro 1354168515Sgshapiro##### $Id: smtp.m4,v 8.65 2006/07/12 21:08:10 ca Exp $ ##### 135590792Sgshapiro 135690792Sgshapiro# 135790792Sgshapiro# common sender and masquerading recipient rewriting 135890792Sgshapiro# 135990792SgshapiroSMasqSMTP 136090792SgshapiroR$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified 136190792SgshapiroR$+ $@ $1 < @ *LOCAL* > add local qualification 136290792Sgshapiro 136390792Sgshapiro# 136490792Sgshapiro# convert pseudo-domain addresses to real domain addresses 136590792Sgshapiro# 136690792SgshapiroSPseudoToReal 136790792Sgshapiro 136890792Sgshapiro# pass <route-addr>s through 136990792SgshapiroR< @ $+ > $* $@ < @ $1 > $2 resolve <route-addr> 137090792Sgshapiro 137190792Sgshapiro# output fake domains as user%fake@relay 137290792Sgshapiro 137390792Sgshapiro# do UUCP heuristics; note that these are shared with UUCP mailers 137490792SgshapiroR$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form 137590792SgshapiroR$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form 137690792Sgshapiro 137790792Sgshapiro# leave these in .UUCP form to avoid further tampering 137890792SgshapiroR< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. > 137990792SgshapiroR< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 > 138090792SgshapiroR< $&h ! > $+ $@ $1 < @ $&h .UUCP. > 138190792SgshapiroR< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY 138290792SgshapiroR$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part 138390792SgshapiroR$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY 138490792Sgshapiro 138590792Sgshapiro 138690792Sgshapiro# 138790792Sgshapiro# envelope sender rewriting 138890792Sgshapiro# 138990792SgshapiroSEnvFromSMTP 139090792SgshapiroR$+ $: $>PseudoToReal $1 sender/recipient common 139190792SgshapiroR$* :; <@> $@ list:; special case 139290792SgshapiroR$* $: $>MasqSMTP $1 qualify unqual'ed names 139390792SgshapiroR$+ $: $>MasqEnv $1 do masquerading 139490792Sgshapiro 139590792Sgshapiro 139690792Sgshapiro# 139790792Sgshapiro# envelope recipient rewriting -- 139890792Sgshapiro# also header recipient if not masquerading recipients 139990792Sgshapiro# 140090792SgshapiroSEnvToSMTP 140190792SgshapiroR$+ $: $>PseudoToReal $1 sender/recipient common 140290792SgshapiroR$+ $: $>MasqSMTP $1 qualify unqual'ed names 140390792SgshapiroR$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 140490792Sgshapiro 140590792Sgshapiro# 140690792Sgshapiro# header sender and masquerading header recipient rewriting 140790792Sgshapiro# 140890792SgshapiroSHdrFromSMTP 140990792SgshapiroR$+ $: $>PseudoToReal $1 sender/recipient common 141090792SgshapiroR:; <@> $@ list:; special case 141190792Sgshapiro 141290792Sgshapiro# do special header rewriting 141390792SgshapiroR$* <@> $* $@ $1 <@> $2 pass null host through 141490792SgshapiroR< @ $* > $* $@ < @ $1 > $2 pass route-addr through 141590792SgshapiroR$* $: $>MasqSMTP $1 qualify unqual'ed names 141690792SgshapiroR$+ $: $>MasqHdr $1 do masquerading 141790792Sgshapiro 141890792Sgshapiro 141990792Sgshapiro# 142090792Sgshapiro# relay mailer header masquerading recipient rewriting 142190792Sgshapiro# 142290792SgshapiroSMasqRelay 142390792SgshapiroR$+ $: $>MasqSMTP $1 142490792SgshapiroR$+ $: $>MasqHdr $1 142590792Sgshapiro 142694334SgshapiroMsmtp, P=[IPC], F=mDFMuXk5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 142790792Sgshapiro T=DNS/RFC822/SMTP, 142890792Sgshapiro A=TCP $h 142994334SgshapiroMesmtp, P=[IPC], F=mDFMuXak5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 143090792Sgshapiro T=DNS/RFC822/SMTP, 143190792Sgshapiro A=TCP $h 143294334SgshapiroMsmtp8, P=[IPC], F=mDFMuX8k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 143390792Sgshapiro T=DNS/RFC822/SMTP, 143490792Sgshapiro A=TCP $h 143594334SgshapiroMdsmtp, P=[IPC], F=mDFMuXa%k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 143690792Sgshapiro T=DNS/RFC822/SMTP, 143790792Sgshapiro A=TCP $h 143894334SgshapiroMrelay, P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040, 143990792Sgshapiro T=DNS/RFC822/SMTP, 144090792Sgshapiro A=TCP $h 144190792Sgshapiro 1442132943Sgshapiro### submit.mc ### 1443132943Sgshapiro# divert(-1) 1444132943Sgshapiro# # 1445132943Sgshapiro# # Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. 1446132943Sgshapiro# # All rights reserved. 1447132943Sgshapiro# # 1448132943Sgshapiro# # By using this file, you agree to the terms and conditions set 1449132943Sgshapiro# # forth in the LICENSE file which can be found at the top level of 1450132943Sgshapiro# # the sendmail distribution. 1451132943Sgshapiro# # 1452132943Sgshapiro# # 1453132943Sgshapiro# 1454132943Sgshapiro# # 1455132943Sgshapiro# # This is the prototype file for a set-group-ID sm-msp sendmail that 1456132943Sgshapiro# # acts as a initial mail submission program. 1457132943Sgshapiro# # 1458132943Sgshapiro# 1459132943Sgshapiro# divert(0)dnl 1460159609Sgshapiro# VERSIONID(`$Id: submit.mc,v 8.14 2006/04/05 05:54:41 ca Exp $') 1461132943Sgshapiro# define(`confCF_VERSION', `Submit')dnl 1462132943Sgshapiro# define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining 1463132943Sgshapiro# define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet 1464132943Sgshapiro# define(`confTIME_ZONE', `USE_TZ')dnl 1465132943Sgshapiro# define(`confDONT_INIT_GROUPS', `True')dnl 1466132943Sgshapiro# dnl 1467132943Sgshapiro# dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] 1468132943Sgshapiro# FEATURE(`msp', `[127.0.0.1]')dnl 1469