README revision 203004
1 2 SENDMAIL CONFIGURATION FILES 3 4This document describes the sendmail configuration files. It 5explains how to create a sendmail.cf file for use with sendmail. 6It also describes how to set options for sendmail which are explained 7in the Sendmail Installation and Operation guide (doc/op/op.me). 8 9To get started, you may want to look at tcpproto.mc (for TCP-only 10sites) and clientproto.mc (for clusters of clients using a single 11mail host), or the generic-*.mc files as operating system-specific 12examples. 13 14Table of Content: 15 16INTRODUCTION AND EXAMPLE 17A BRIEF INTRODUCTION TO M4 18FILE LOCATIONS 19OSTYPE 20DOMAINS 21MAILERS 22FEATURES 23HACKS 24SITE CONFIGURATION 25USING UUCP MAILERS 26TWEAKING RULESETS 27MASQUERADING AND RELAYING 28USING LDAP FOR ALIASES, MAPS, AND CLASSES 29LDAP ROUTING 30ANTI-SPAM CONFIGURATION CONTROL 31CONNECTION CONTROL 32STARTTLS 33SMTP AUTHENTICATION 34ADDING NEW MAILERS OR RULESETS 35ADDING NEW MAIL FILTERS 36QUEUE GROUP DEFINITIONS 37NON-SMTP BASED CONFIGURATIONS 38WHO AM I? 39ACCEPTING MAIL FOR MULTIPLE NAMES 40USING MAILERTABLES 41USING USERDB TO MAP FULL NAMES 42MISCELLANEOUS SPECIAL FEATURES 43SECURITY NOTES 44TWEAKING CONFIGURATION OPTIONS 45MESSAGE SUBMISSION PROGRAM 46FORMAT OF FILES AND MAPS 47DIRECTORY LAYOUT 48ADMINISTRATIVE DETAILS 49 50 51+--------------------------+ 52| INTRODUCTION AND EXAMPLE | 53+--------------------------+ 54 55Configuration files are contained in the subdirectory "cf", with a 56suffix ".mc". They must be run through "m4" to produce a ".cf" file. 57You must pre-load "cf.m4": 58 59 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf 60 61Alternatively, you can simply: 62 63 cd ${CFDIR}/cf 64 ./Build config.cf 65 66where ${CFDIR} is the root of the cf directory and config.mc is the 67name of your configuration file. If you are running a version of M4 68that understands the __file__ builtin (versions of GNU m4 >= 0.75 do 69this, but the versions distributed with 4.4BSD and derivatives do not) 70or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory. 71For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST 72use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example: 73 74 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf 75 76Let's examine a typical .mc file: 77 78 divert(-1) 79 # 80 # Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. 81 # All rights reserved. 82 # Copyright (c) 1983 Eric P. Allman. All rights reserved. 83 # Copyright (c) 1988, 1993 84 # The Regents of the University of California. All rights reserved. 85 # 86 # By using this file, you agree to the terms and conditions set 87 # forth in the LICENSE file which can be found at the top level of 88 # the sendmail distribution. 89 # 90 91 # 92 # This is a Berkeley-specific configuration file for HP-UX 9.x. 93 # It applies only to the Computer Science Division at Berkeley, 94 # and should not be used elsewhere. It is provided on the sendmail 95 # distribution as a sample only. To create your own configuration 96 # file, create an appropriate domain file in ../domain, change the 97 # `DOMAIN' macro below to reference that file, and copy the result 98 # to a name of your own choosing. 99 # 100 divert(0) 101 102The divert(-1) will delete the crud in the resulting output file. 103The copyright notice can be replaced by whatever your lawyers require; 104our lawyers require the one that is included in these files. A copyleft 105is a copyright by another name. The divert(0) restores regular output. 106 107 VERSIONID(`<SCCS or RCS version id>') 108 109VERSIONID is a macro that stuffs the version information into the 110resulting file. You could use SCCS, RCS, CVS, something else, or 111omit it completely. This is not the same as the version id included 112in SMTP greeting messages -- this is defined in m4/version.m4. 113 114 OSTYPE(`hpux9')dnl 115 116You must specify an OSTYPE to properly configure things such as the 117pathname of the help and status files, the flags needed for the local 118mailer, and other important things. If you omit it, you will get an 119error when you try to build the configuration. Look at the ostype 120directory for the list of known operating system types. 121 122 DOMAIN(`CS.Berkeley.EDU')dnl 123 124This example is specific to the Computer Science Division at Berkeley. 125You can use "DOMAIN(`generic')" to get a sufficiently bland definition 126that may well work for you, or you can create a customized domain 127definition appropriate for your environment. 128 129 MAILER(`local') 130 MAILER(`smtp') 131 132These describe the mailers used at the default CS site. The local 133mailer is always included automatically. Beware: MAILER declarations 134should only be followed by LOCAL_* sections. The general rules are 135that the order should be: 136 137 VERSIONID 138 OSTYPE 139 DOMAIN 140 FEATURE 141 local macro definitions 142 MAILER 143 LOCAL_CONFIG 144 LOCAL_RULE_* 145 LOCAL_RULESETS 146 147There are a few exceptions to this rule. Local macro definitions which 148influence a FEATURE() should be done before that feature. For example, 149a define(`PROCMAIL_MAILER_PATH', ...) should be done before 150FEATURE(`local_procmail'). 151 152******************************************************************* 153*** BE SURE YOU CUSTOMIZE THESE FILES! They have some *** 154*** Berkeley-specific assumptions built in, such as the name *** 155*** of their UUCP-relay. You'll want to create your own *** 156*** domain description, and use that in place of *** 157*** domain/Berkeley.EDU.m4. *** 158******************************************************************* 159 160 161+----------------------------+ 162| A BRIEF INTRODUCTION TO M4 | 163+----------------------------+ 164 165Sendmail uses the M4 macro processor to ``compile'' the configuration 166files. The most important thing to know is that M4 is stream-based, 167that is, it doesn't understand about lines. For this reason, in some 168places you may see the word ``dnl'', which stands for ``delete 169through newline''; essentially, it deletes all characters starting 170at the ``dnl'' up to and including the next newline character. In 171most cases sendmail uses this only to avoid lots of unnecessary 172blank lines in the output. 173 174Other important directives are define(A, B) which defines the macro 175``A'' to have value ``B''. Macros are expanded as they are read, so 176one normally quotes both values to prevent expansion. For example, 177 178 define(`SMART_HOST', `smart.foo.com') 179 180One word of warning: M4 macros are expanded even in lines that appear 181to be comments. For example, if you have 182 183 # See FEATURE(`foo') above 184 185it will not do what you expect, because the FEATURE(`foo') will be 186expanded. This also applies to 187 188 # And then define the $X macro to be the return address 189 190because ``define'' is an M4 keyword. If you want to use them, surround 191them with directed quotes, `like this'. 192 193Since m4 uses single quotes (opening "`" and closing "'") to quote 194arguments, those quotes can't be used in arguments. For example, 195it is not possible to define a rejection message containing a single 196quote. Usually there are simple workarounds by changing those 197messages; in the worst case it might be ok to change the value 198directly in the generated .cf file, which however is not advised. 199 200 201Notice: 202------- 203 204This package requires a post-V7 version of m4; if you are running the 2054.2bsd, SysV.2, or 7th Edition version. SunOS's /usr/5bin/m4 or 206BSD-Net/2's m4 both work. GNU m4 version 1.1 or later also works. 207Unfortunately, the M4 on BSDI 1.0 doesn't work -- you'll have to use a 208Net/2 or GNU version. GNU m4 is available from 209ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the latest version). 210EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x is fine). Use GNU 211m4 on this platform. 212 213 214+----------------+ 215| FILE LOCATIONS | 216+----------------+ 217 218sendmail 8.9 has introduced a new configuration directory for sendmail 219related files, /etc/mail. The new files available for sendmail 8.9 -- 220the class {R} /etc/mail/relay-domains and the access database 221/etc/mail/access -- take advantage of this new directory. Beginning with 2228.10, all files will use this directory by default (some options may be 223set by OSTYPE() files). This new directory should help to restore 224uniformity to sendmail's file locations. 225 226Below is a table of some of the common changes: 227 228Old filename New filename 229------------ ------------ 230/etc/bitdomain /etc/mail/bitdomain 231/etc/domaintable /etc/mail/domaintable 232/etc/genericstable /etc/mail/genericstable 233/etc/uudomain /etc/mail/uudomain 234/etc/virtusertable /etc/mail/virtusertable 235/etc/userdb /etc/mail/userdb 236 237/etc/aliases /etc/mail/aliases 238/etc/sendmail/aliases /etc/mail/aliases 239/etc/ucbmail/aliases /etc/mail/aliases 240/usr/adm/sendmail/aliases /etc/mail/aliases 241/usr/lib/aliases /etc/mail/aliases 242/usr/lib/mail/aliases /etc/mail/aliases 243/usr/ucblib/aliases /etc/mail/aliases 244 245/etc/sendmail.cw /etc/mail/local-host-names 246/etc/mail/sendmail.cw /etc/mail/local-host-names 247/etc/sendmail/sendmail.cw /etc/mail/local-host-names 248 249/etc/sendmail.ct /etc/mail/trusted-users 250 251/etc/sendmail.oE /etc/mail/error-header 252 253/etc/sendmail.hf /etc/mail/helpfile 254/etc/mail/sendmail.hf /etc/mail/helpfile 255/usr/ucblib/sendmail.hf /etc/mail/helpfile 256/etc/ucbmail/sendmail.hf /etc/mail/helpfile 257/usr/lib/sendmail.hf /etc/mail/helpfile 258/usr/share/lib/sendmail.hf /etc/mail/helpfile 259/usr/share/misc/sendmail.hf /etc/mail/helpfile 260/share/misc/sendmail.hf /etc/mail/helpfile 261 262/etc/service.switch /etc/mail/service.switch 263 264/etc/sendmail.st /etc/mail/statistics 265/etc/mail/sendmail.st /etc/mail/statistics 266/etc/mailer/sendmail.st /etc/mail/statistics 267/etc/sendmail/sendmail.st /etc/mail/statistics 268/usr/lib/sendmail.st /etc/mail/statistics 269/usr/ucblib/sendmail.st /etc/mail/statistics 270 271Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR 272to create the pathnames. The default value of this variable is 273`/etc/mail/'. If you set this macro to a different value, you MUST include 274a trailing slash. 275 276Notice: all filenames used in a .mc (or .cf) file should be absolute 277(starting at the root, i.e., with '/'). Relative filenames most 278likely cause surprises during operations (unless otherwise noted). 279 280 281+--------+ 282| OSTYPE | 283+--------+ 284 285You MUST define an operating system environment, or the configuration 286file build will puke. There are several environments available; look 287at the "ostype" directory for the current list. This macro changes 288things like the location of the alias file and queue directory. Some 289of these files are identical to one another. 290 291It is IMPERATIVE that the OSTYPE occur before any MAILER definitions. 292In general, the OSTYPE macro should go immediately after any version 293information, and MAILER definitions should always go last. 294 295Operating system definitions are usually easy to write. They may define 296the following variables (everything defaults, so an ostype file may be 297empty). Unfortunately, the list of configuration-supported systems is 298not as broad as the list of source-supported systems, since many of 299the source contributors do not include corresponding ostype files. 300 301ALIAS_FILE [/etc/mail/aliases] The location of the text version 302 of the alias file(s). It can be a comma-separated 303 list of names (but be sure you quote values with 304 commas in them -- for example, use 305 define(`ALIAS_FILE', `a,b') 306 to get "a" and "b" both listed as alias files; 307 otherwise the define() primitive only sees "a"). 308HELP_FILE [/etc/mail/helpfile] The name of the file 309 containing information printed in response to 310 the SMTP HELP command. 311QUEUE_DIR [/var/spool/mqueue] The directory containing 312 queue files. To use multiple queues, supply 313 a value ending with an asterisk. For 314 example, /var/spool/mqueue/qd* will use all of the 315 directories or symbolic links to directories 316 beginning with 'qd' in /var/spool/mqueue as queue 317 directories. The names 'qf', 'df', and 'xf' are 318 reserved as specific subdirectories for the 319 corresponding queue file types as explained in 320 doc/op/op.me. See also QUEUE GROUP DEFINITIONS. 321MSP_QUEUE_DIR [/var/spool/clientmqueue] The directory containing 322 queue files for the MSP (Mail Submission Program, 323 see sendmail/SECURITY). 324STATUS_FILE [/etc/mail/statistics] The file containing status 325 information. 326LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. 327LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The 328 flags lsDFMAw5:/|@q are always included. 329LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local 330 mail. 331LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local 332 mail that you are willing to accept. 333LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of 334 messages to deliver in a single connection. Only 335 useful for LMTP local mailers. 336LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 337 that ARRIVE from an address that resolves to the 338 local mailer and which are converted to MIME will be 339 labeled with this character set. 340LOCAL_MAILER_EOL [undefined] If defined, the string to use as the 341 end of line for the local mailer. 342LOCAL_MAILER_DSN_DIAGNOSTIC_CODE 343 [X-Unix] The DSN Diagnostic-Code value for the 344 local mailer. This should be changed with care. 345LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email. 346LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The 347 flags lsDFM are always included. 348LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog" 349 mail. 350LOCAL_SHELL_DIR [$z:/] The directory search path in which the 351 shell should run. 352LOCAL_MAILER_QGRP [undefined] The queue group for the local mailer. 353USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program 354 used to submit news. 355USENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer. 356USENET_MAILER_ARGS [-m -h -n] The command line arguments for the 357 usenet mailer. NOTE: Some versions of inews 358 (such as those shipped with newer versions of INN) 359 use different flags. Double check the defaults 360 against the inews man page. 361USENET_MAILER_MAX [undefined] The maximum size of messages that will 362 be accepted by the usenet mailer. 363USENET_MAILER_QGRP [undefined] The queue group for the usenet mailer. 364SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default 365 flags are `mDFMuX' for all SMTP-based mailers; the 366 "esmtp" mailer adds `a'; "smtp8" adds `8'; and 367 "dsmtp" adds `%'. 368RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default 369 flags are `mDFMuX' for all SMTP-based mailers; the 370 relay mailer adds `a8'. If this is not defined, 371 then SMTP_MAILER_FLAGS is used. 372SMTP_MAILER_MAX [undefined] The maximum size of messages that will 373 be transported using the smtp, smtp8, esmtp, or dsmtp 374 mailers. 375SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of 376 messages to deliver in a single connection for the 377 smtp, smtp8, esmtp, or dsmtp mailers. 378SMTP_MAILER_MAXRCPTS [undefined] If defined, the maximum number of 379 recipients to deliver in a single connection for the 380 smtp, smtp8, esmtp, or dsmtp mailers. 381SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer. 382 About the only reason you would want to change this 383 would be to change the default port. 384ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer. 385SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer. 386DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer. 387RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer. 388SMTP_MAILER_QGRP [undefined] The queue group for the smtp mailer. 389ESMTP_MAILER_QGRP [undefined] The queue group for the esmtp mailer. 390SMTP8_MAILER_QGRP [undefined] The queue group for the smtp8 mailer. 391DSMTP_MAILER_QGRP [undefined] The queue group for the dsmtp mailer. 392RELAY_MAILER_QGRP [undefined] The queue group for the relay mailer. 393RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of 394 messages to deliver in a single connection for the 395 relay mailer. 396SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 397 that ARRIVE from an address that resolves to one of 398 the SMTP mailers and which are converted to MIME will 399 be labeled with this character set. 400SMTP_MAILER_LL [990] The maximum line length for SMTP mailers 401 (except the relay mailer). 402RELAY_MAILER_LL [2040] The maximum line length for the relay mailer. 403UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail. 404UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default 405 flags are `DFMhuU' (and `m' for uucp-new mailer, 406 minus `U' for uucp-dom mailer). 407UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments 408 passed to the UUCP mailer. 409UUCP_MAILER_MAX [100000] The maximum size message accepted for 410 transmission by the UUCP mailers. 411UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 412 that ARRIVE from an address that resolves to one of 413 the UUCP mailers and which are converted to MIME will 414 be labeled with this character set. 415UUCP_MAILER_QGRP [undefined] The queue group for the UUCP mailers. 416FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to 417 submit FAX messages. 418FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX 419 mailer. 420FAX_MAILER_MAX [100000] The maximum size message accepted for 421 transmission by FAX. 422POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer. 423POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq 424 are always added. 425POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer. 426POP_MAILER_QGRP [undefined] The queue group for the pop mailer. 427PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail 428 program. This is also used by 429 FEATURE(`local_procmail'). 430PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags 431 DFM are always set. This is NOT used by 432 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS 433 instead. 434PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to 435 the Procmail mailer. This is NOT used by 436 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS 437 instead. 438PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that 439 will be accepted by the procmail mailer. 440PROCMAIL_MAILER_QGRP [undefined] The queue group for the procmail mailer. 441MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer. 442MAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer. 443MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11 444 mailer. 445MAIL11_MAILER_QGRP [undefined] The queue group for the mail11 mailer. 446PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery 447 program. 448PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM 449 are always set. 450PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer. 451PH_MAILER_QGRP [undefined] The queue group for the ph mailer. 452CYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The 453 flags lsDFMnPq are always included. 454CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver 455 cyrus mail. 456CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed 457 to deliver cyrus mail. 458CYRUS_MAILER_MAX [undefined] If set, the maximum size message that 459 will be accepted by the cyrus mailer. 460CYRUS_MAILER_USER [cyrus:mail] The user and group to become when 461 running the cyrus mailer. 462CYRUS_MAILER_QGRP [undefined] The queue group for the cyrus mailer. 463CYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer. 464 The flags lsDFMnP are always included. 465CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed 466 to deliver cyrusbb mail. 467CYRUSV2_MAILER_FLAGS [A@/:|m] The flags used by the cyrusv2 mailer. The 468 flags lsDFMnqXz are always included. 469CYRUSV2_MAILER_MAXMSGS [undefined] If defined, the maximum number of 470 messages to deliver in a single connection for the 471 cyrusv2 mailer. 472CYRUSV2_MAILER_MAXRCPTS [undefined] If defined, the maximum number of 473 recipients to deliver in a single connection for the 474 cyrusv2 mailer. 475CYRUSV2_MAILER_ARGS [FILE /var/imap/socket/lmtp] The arguments passed 476 to the cyrusv2 mailer. This can be used to 477 change the name of the Unix domain socket, or 478 to switch to delivery via TCP (e.g., `TCP $h lmtp') 479CYRUSV2_MAILER_QGRP [undefined] The queue group for the cyrusv2 mailer. 480CYRUSV2_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 481 that ARRIVE from an address that resolves to one the 482 Cyrus mailer and which are converted to MIME will 483 be labeled with this character set. 484confEBINDIR [/usr/libexec] The directory for executables. 485 Currently used for FEATURE(`local_lmtp') and 486 FEATURE(`smrsh'). 487QPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer. 488QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver 489 qpage mail. 490QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed 491 to deliver qpage mail. 492QPAGE_MAILER_MAX [4096] If set, the maximum size message that 493 will be accepted by the qpage mailer. 494QPAGE_MAILER_QGRP [undefined] The queue group for the qpage mailer. 495LOCAL_PROG_QGRP [undefined] The queue group for the prog mailer. 496 497Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS: 498MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part 499of the macro Name_MAILER_FLAGS (note: that means Name is entirely in 500upper case) and change can be: flags that should be used directly 501(thus overriding the default value), or if it starts with `+' (`-') 502then those flags are added to (removed from) the default value. 503Example: 504 505 MODIFY_MAILER_FLAGS(`LOCAL', `+e') 506 507will add the flag `e' to LOCAL_MAILER_FLAGS. Notice: there are 508several smtp mailers all of which are manipulated individually. 509See the section MAILERS for the available mailer names. 510WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS 511unconditionally, i.e., without respecting any definitions in an 512OSTYPE setting. 513 514 515+---------+ 516| DOMAINS | 517+---------+ 518 519You will probably want to collect domain-dependent defines into one 520file, referenced by the DOMAIN macro. For example, the Berkeley 521domain file includes definitions for several internal distinguished 522hosts: 523 524UUCP_RELAY The host that will accept UUCP-addressed email. 525 If not defined, all UUCP sites must be directly 526 connected. 527BITNET_RELAY The host that will accept BITNET-addressed email. 528 If not defined, the .BITNET pseudo-domain won't work. 529DECNET_RELAY The host that will accept DECNET-addressed email. 530 If not defined, the .DECNET pseudo-domain and addresses 531 of the form node::user will not work. 532FAX_RELAY The host that will accept mail to the .FAX pseudo-domain. 533 The "fax" mailer overrides this value. 534LOCAL_RELAY The site that will handle unqualified names -- that 535 is, names without an @domain extension. 536 Normally MAIL_HUB is preferred for this function. 537 LOCAL_RELAY is mostly useful in conjunction with 538 FEATURE(`stickyhost') -- see the discussion of 539 stickyhost below. If not set, they are assumed to 540 belong on this machine. This allows you to have a 541 central site to store a company- or department-wide 542 alias database. This only works at small sites, 543 and only with some user agents. 544LUSER_RELAY The site that will handle lusers -- that is, apparently 545 local names that aren't local accounts or aliases. To 546 specify a local user instead of a site, set this to 547 ``local:username''. 548 549Any of these can be either ``mailer:hostname'' (in which case the 550mailer is the internal mailer name, such as ``uucp-new'' and the hostname 551is the name of the host as appropriate for that mailer) or just a 552``hostname'', in which case a default mailer type (usually ``relay'', 553a variant on SMTP) is used. WARNING: if you have a wildcard MX 554record matching your domain, you probably want to define these to 555have a trailing dot so that you won't get the mail diverted back 556to yourself. 557 558The domain file can also be used to define a domain name, if needed 559(using "DD<domain>") and set certain site-wide features. If all hosts 560at your site masquerade behind one email name, you could also use 561MASQUERADE_AS here. 562 563You do not have to define a domain -- in particular, if you are a 564single machine sitting off somewhere, it is probably more work than 565it's worth. This is just a mechanism for combining "domain dependent 566knowledge" into one place. 567 568 569+---------+ 570| MAILERS | 571+---------+ 572 573There are fewer mailers supported in this version than the previous 574version, owing mostly to a simpler world. As a general rule, put the 575MAILER definitions last in your .mc file. 576 577local The local and prog mailers. You will almost always 578 need these; the only exception is if you relay ALL 579 your mail to another site. This mailer is included 580 automatically. 581 582smtp The Simple Mail Transport Protocol mailer. This does 583 not hide hosts behind a gateway or another other 584 such hack; it assumes a world where everyone is 585 running the name server. This file actually defines 586 five mailers: "smtp" for regular (old-style) SMTP to 587 other servers, "esmtp" for extended SMTP to other 588 servers, "smtp8" to do SMTP to other servers without 589 converting 8-bit data to MIME (essentially, this is 590 your statement that you know the other end is 8-bit 591 clean even if it doesn't say so), "dsmtp" to do on 592 demand delivery, and "relay" for transmission to the 593 RELAY_HOST, LUSER_RELAY, or MAIL_HUB. 594 595uucp The UNIX-to-UNIX Copy Program mailer. Actually, this 596 defines two mailers, "uucp-old" (a.k.a. "uucp") and 597 "uucp-new" (a.k.a. "suucp"). The latter is for when you 598 know that the UUCP mailer at the other end can handle 599 multiple recipients in one transfer. If the smtp mailer 600 is included in your configuration, two other mailers 601 ("uucp-dom" and "uucp-uudom") are also defined [warning: you 602 MUST specify MAILER(`smtp') before MAILER(`uucp')]. When you 603 include the uucp mailer, sendmail looks for all names in 604 class {U} and sends them to the uucp-old mailer; all 605 names in class {Y} are sent to uucp-new; and all 606 names in class {Z} are sent to uucp-uudom. Note that 607 this is a function of what version of rmail runs on 608 the receiving end, and hence may be out of your control. 609 See the section below describing UUCP mailers in more 610 detail. 611 612usenet Usenet (network news) delivery. If this is specified, 613 an extra rule is added to ruleset 0 that forwards all 614 local email for users named ``group.usenet'' to the 615 ``inews'' program. Note that this works for all groups, 616 and may be considered a security problem. 617 618fax Facsimile transmission. This is experimental and based 619 on Sam Leffler's HylaFAX software. For more information, 620 see http://www.hylafax.org/. 621 622pop Post Office Protocol. 623 624procmail An interface to procmail (does not come with sendmail). 625 This is designed to be used in mailertables. For example, 626 a common question is "how do I forward all mail for a given 627 domain to a single person?". If you have this mailer 628 defined, you could set up a mailertable reading: 629 630 host.com procmail:/etc/procmailrcs/host.com 631 632 with the file /etc/procmailrcs/host.com reading: 633 634 :0 # forward mail for host.com 635 ! -oi -f $1 person@other.host 636 637 This would arrange for (anything)@host.com to be sent 638 to person@other.host. In a procmail script, $1 is the 639 name of the sender and $2 is the name of the recipient. 640 If you use this with FEATURE(`local_procmail'), the FEATURE 641 should be listed first. 642 643 Of course there are other ways to solve this particular 644 problem, e.g., a catch-all entry in a virtusertable. 645 646mail11 The DECnet mail11 mailer, useful only if you have the mail11 647 program from gatekeeper.dec.com:/pub/DEC/gwtools (and 648 DECnet, of course). This is for Phase IV DECnet support; 649 if you have Phase V at your site you may have additional 650 problems. 651 652phquery The phquery program. This is somewhat counterintuitively 653 referenced as the "ph" mailer internally. It can be used 654 to do CCSO name server lookups. The phquery program, which 655 this mailer uses, is distributed with the ph client. 656 657cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to 658 a local cyrus user. this mailer can make use of the 659 "user+detail@local.host" syntax (see 660 FEATURE(`preserve_local_plus_detail')); it will deliver the 661 mail to the user's "detail" mailbox if the mailbox's ACL 662 permits. The cyrusbb mailer delivers to a system-wide 663 cyrus mailbox if the mailbox's ACL permits. The cyrus 664 mailer must be defined after the local mailer. 665 666cyrusv2 The mailer for Cyrus v2.x. The cyrusv2 mailer delivers to 667 local cyrus users via LMTP. This mailer can make use of the 668 "user+detail@local.host" syntax (see 669 FEATURE(`preserve_local_plus_detail')); it will deliver the 670 mail to the user's "detail" mailbox if the mailbox's ACL 671 permits. The cyrusv2 mailer must be defined after the 672 local mailer. 673 674qpage A mailer for QuickPage, a pager interface. See 675 http://www.qpage.org/ for further information. 676 677The local mailer accepts addresses of the form "user+detail", where 678the "+detail" is not used for mailbox matching but is available 679to certain local mail programs (in particular, see 680FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and 681"eric+sww" all indicate the same user, but additional arguments <null>, 682"sendmail", and "sww" may be provided for use in sorting mail. 683 684 685+----------+ 686| FEATURES | 687+----------+ 688 689Special features can be requested using the "FEATURE" macro. For 690example, the .mc line: 691 692 FEATURE(`use_cw_file') 693 694tells sendmail that you want to have it read an /etc/mail/local-host-names 695file to get values for class {w}. A FEATURE may contain up to 9 696optional parameters -- for example: 697 698 FEATURE(`mailertable', `dbm /usr/lib/mailertable') 699 700The default database map type for the table features can be set with 701 702 define(`DATABASE_MAP_TYPE', `dbm') 703 704which would set it to use ndbm databases. The default is the Berkeley DB 705hash database format. Note that you must still declare a database map type 706if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used 707if no argument is given for the FEATURE. It must be specified before any 708feature that uses a map. 709 710Also, features which can take a map definition as an argument can also take 711the special keyword `LDAP'. If that keyword is used, the map will use the 712LDAP definition described in the ``USING LDAP FOR ALIASES, MAPS, AND 713CLASSES'' section below. 714 715Available features are: 716 717use_cw_file Read the file /etc/mail/local-host-names file to get 718 alternate names for this host. This might be used if you 719 were on a host that MXed for a dynamic set of other hosts. 720 If the set is static, just including the line "Cw<name1> 721 <name2> ..." (where the names are fully qualified domain 722 names) is probably superior. The actual filename can be 723 overridden by redefining confCW_FILE. 724 725use_ct_file Read the file /etc/mail/trusted-users file to get the 726 names of users that will be ``trusted'', that is, able to 727 set their envelope from address using -f without generating 728 a warning message. The actual filename can be overridden 729 by redefining confCT_FILE. 730 731redirect Reject all mail addressed to "address.REDIRECT" with 732 a ``551 User has moved; please try <address>'' message. 733 If this is set, you can alias people who have left 734 to their new address with ".REDIRECT" appended. 735 736nouucp Don't route UUCP addresses. This feature takes one 737 parameter: 738 `reject': reject addresses which have "!" in the local 739 part unless it originates from a system 740 that is allowed to relay. 741 `nospecial': don't do anything special with "!". 742 Warnings: 1. See the notice in the anti-spam section. 743 2. don't remove "!" from OperatorChars if `reject' is 744 given as parameter. 745 746nocanonify Don't pass addresses to $[ ... $] for canonification 747 by default, i.e., host/domain names are considered canonical, 748 except for unqualified names, which must not be used in this 749 mode (violation of the standard). It can be changed by 750 setting the DaemonPortOptions modifiers (M=). That is, 751 FEATURE(`nocanonify') will be overridden by setting the 752 'c' flag. Conversely, if FEATURE(`nocanonify') is not used, 753 it can be emulated by setting the 'C' flag 754 (DaemonPortOptions=Modifiers=C). This would generally only 755 be used by sites that only act as mail gateways or which have 756 user agents that do full canonification themselves. You may 757 also want to use 758 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off 759 the usual resolver options that do a similar thing. 760 761 An exception list for FEATURE(`nocanonify') can be 762 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE, 763 i.e., a list of domains which are nevertheless passed to 764 $[ ... $] for canonification. This is useful to turn on 765 canonification for local domains, e.g., use 766 CANONIFY_DOMAIN(`my.domain my') to canonify addresses 767 which end in "my.domain" or "my". 768 Another way to require canonification in the local 769 domain is CANONIFY_DOMAIN(`$=m'). 770 771 A trailing dot is added to addresses with more than 772 one component in it such that other features which 773 expect a trailing dot (e.g., virtusertable) will 774 still work. 775 776 If `canonify_hosts' is specified as parameter, i.e., 777 FEATURE(`nocanonify', `canonify_hosts'), then 778 addresses which have only a hostname, e.g., 779 <user@host>, will be canonified (and hopefully fully 780 qualified), too. 781 782stickyhost This feature is sometimes used with LOCAL_RELAY, 783 although it can be used for a different effect with 784 MAIL_HUB. 785 786 When used without MAIL_HUB, email sent to 787 "user@local.host" are marked as "sticky" -- that 788 is, the local addresses aren't matched against UDB, 789 don't go through ruleset 5, and are not forwarded to 790 the LOCAL_RELAY (if defined). 791 792 With MAIL_HUB, mail addressed to "user@local.host" 793 is forwarded to the mail hub, with the envelope 794 address still remaining "user@local.host". 795 Without stickyhost, the envelope would be changed 796 to "user@mail_hub", in order to protect against 797 mailing loops. 798 799mailertable Include a "mailer table" which can be used to override 800 routing for particular domains (which are not in class {w}, 801 i.e. local host names). The argument of the FEATURE may be 802 the key definition. If none is specified, the definition 803 used is: 804 805 hash /etc/mail/mailertable 806 807 Keys in this database are fully qualified domain names 808 or partial domains preceded by a dot -- for example, 809 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a 810 special case of the latter, "." matches any domain not 811 covered by other keys. Values must be of the form: 812 mailer:domain 813 where "mailer" is the internal mailer name, and "domain" 814 is where to send the message. These maps are not 815 reflected into the message header. As a special case, 816 the forms: 817 local:user 818 will forward to the indicated user using the local mailer, 819 local: 820 will forward to the original user in the e-mail address 821 using the local mailer, and 822 error:code message 823 error:D.S.N:code message 824 will give an error message with the indicated SMTP reply 825 code and message, where D.S.N is an RFC 1893 compliant 826 error code. 827 828domaintable Include a "domain table" which can be used to provide 829 domain name mapping. Use of this should really be 830 limited to your own domains. It may be useful if you 831 change names (e.g., your company changes names from 832 oldname.com to newname.com). The argument of the 833 FEATURE may be the key definition. If none is specified, 834 the definition used is: 835 836 hash /etc/mail/domaintable 837 838 The key in this table is the domain name; the value is 839 the new (fully qualified) domain. Anything in the 840 domaintable is reflected into headers; that is, this 841 is done in ruleset 3. 842 843bitdomain Look up bitnet hosts in a table to try to turn them into 844 internet addresses. The table can be built using the 845 bitdomain program contributed by John Gardiner Myers. 846 The argument of the FEATURE may be the key definition; if 847 none is specified, the definition used is: 848 849 hash /etc/mail/bitdomain 850 851 Keys are the bitnet hostname; values are the corresponding 852 internet hostname. 853 854uucpdomain Similar feature for UUCP hosts. The default map definition 855 is: 856 857 hash /etc/mail/uudomain 858 859 At the moment there is no automagic tool to build this 860 database. 861 862always_add_domain 863 Include the local host domain even on locally delivered 864 mail. Normally it is not added on unqualified names. 865 However, if you use a shared message store but do not use 866 the same user name space everywhere, you may need the host 867 name on local names. An optional argument specifies 868 another domain to be added than the local. 869 870allmasquerade If masquerading is enabled (using MASQUERADE_AS), this 871 feature will cause recipient addresses to also masquerade 872 as being from the masquerade host. Normally they get 873 the local hostname. Although this may be right for 874 ordinary users, it can break local aliases. For example, 875 if you send to "localalias", the originating sendmail will 876 find that alias and send to all members, but send the 877 message with "To: localalias@masqueradehost". Since that 878 alias likely does not exist, replies will fail. Use this 879 feature ONLY if you can guarantee that the ENTIRE 880 namespace on your masquerade host supersets all the 881 local entries. 882 883limited_masquerade 884 Normally, any hosts listed in class {w} are masqueraded. If 885 this feature is given, only the hosts listed in class {M} (see 886 below: MASQUERADE_DOMAIN) are masqueraded. This is useful 887 if you have several domains with disjoint namespaces hosted 888 on the same machine. 889 890masquerade_entire_domain 891 If masquerading is enabled (using MASQUERADE_AS) and 892 MASQUERADE_DOMAIN (see below) is set, this feature will 893 cause addresses to be rewritten such that the masquerading 894 domains are actually entire domains to be hidden. All 895 hosts within the masquerading domains will be rewritten 896 to the masquerade name (used in MASQUERADE_AS). For example, 897 if you have: 898 899 MASQUERADE_AS(`masq.com') 900 MASQUERADE_DOMAIN(`foo.org') 901 MASQUERADE_DOMAIN(`bar.com') 902 903 then *foo.org and *bar.com are converted to masq.com. Without 904 this feature, only foo.org and bar.com are masqueraded. 905 906 NOTE: only domains within your jurisdiction and 907 current hierarchy should be masqueraded using this. 908 909local_no_masquerade 910 This feature prevents the local mailer from masquerading even 911 if MASQUERADE_AS is used. MASQUERADE_AS will only have effect 912 on addresses of mail going outside the local domain. 913 914masquerade_envelope 915 If masquerading is enabled (using MASQUERADE_AS) or the 916 genericstable is in use, this feature will cause envelope 917 addresses to also masquerade as being from the masquerade 918 host. Normally only the header addresses are masqueraded. 919 920genericstable This feature will cause unqualified addresses (i.e., without 921 a domain) and addresses with a domain listed in class {G} 922 to be looked up in a map and turned into another ("generic") 923 form, which can change both the domain name and the user name. 924 Notice: if you use an MSP (as it is default starting with 925 8.12), the MTA will only receive qualified addresses from the 926 MSP (as required by the RFCs). Hence you need to add your 927 domain to class {G}. This feature is similar to the userdb 928 functionality. The same types of addresses as for 929 masquerading are looked up, i.e., only header sender 930 addresses unless the allmasquerade and/or masquerade_envelope 931 features are given. Qualified addresses must have the domain 932 part in class {G}; entries can be added to this class by the 933 macros GENERICS_DOMAIN or GENERICS_DOMAIN_FILE (analogously 934 to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below). 935 936 The argument of FEATURE(`genericstable') may be the map 937 definition; the default map definition is: 938 939 hash /etc/mail/genericstable 940 941 The key for this table is either the full address, the domain 942 (with a leading @; the localpart is passed as first argument) 943 or the unqualified username (tried in the order mentioned); 944 the value is the new user address. If the new user address 945 does not include a domain, it will be qualified in the standard 946 manner, i.e., using $j or the masquerade name. Note that the 947 address being looked up must be fully qualified. For local 948 mail, it is necessary to use FEATURE(`always_add_domain') 949 for the addresses to be qualified. 950 The "+detail" of an address is passed as %1, so entries like 951 952 old+*@foo.org new+%1@example.com 953 gen+*@foo.org %1@example.com 954 955 and other forms are possible. 956 957generics_entire_domain 958 If the genericstable is enabled and GENERICS_DOMAIN or 959 GENERICS_DOMAIN_FILE is used, this feature will cause 960 addresses to be searched in the map if their domain 961 parts are subdomains of elements in class {G}. 962 963virtusertable A domain-specific form of aliasing, allowing multiple 964 virtual domains to be hosted on one machine. For example, 965 if the virtuser table contains: 966 967 info@foo.com foo-info 968 info@bar.com bar-info 969 joe@bar.com error:nouser 550 No such user here 970 jax@bar.com error:5.7.0:550 Address invalid 971 @baz.org jane@example.net 972 973 then mail addressed to info@foo.com will be sent to the 974 address foo-info, mail addressed to info@bar.com will be 975 delivered to bar-info, and mail addressed to anyone at baz.org 976 will be sent to jane@example.net, mail to joe@bar.com will 977 be rejected with the specified error message, and mail to 978 jax@bar.com will also have a RFC 1893 compliant error code 979 5.7.0. 980 981 The username from the original address is passed 982 as %1 allowing: 983 984 @foo.org %1@example.com 985 986 meaning someone@foo.org will be sent to someone@example.com. 987 Additionally, if the local part consists of "user+detail" 988 then "detail" is passed as %2 and "+detail" is passed as %3 989 when a match against user+* is attempted, so entries like 990 991 old+*@foo.org new+%2@example.com 992 gen+*@foo.org %2@example.com 993 +*@foo.org %1%3@example.com 994 X++@foo.org Z%3@example.com 995 @bar.org %1%3 996 997 and other forms are possible. Note: to preserve "+detail" 998 for a default case (@domain) %1%3 must be used as RHS. 999 There are two wildcards after "+": "+" matches only a non-empty 1000 detail, "*" matches also empty details, e.g., user+@foo.org 1001 matches +*@foo.org but not ++@foo.org. This can be used 1002 to ensure that the parameters %2 and %3 are not empty. 1003 1004 All the host names on the left hand side (foo.com, bar.com, 1005 and baz.org) must be in class {w} or class {VirtHost}. The 1006 latter can be defined by the macros VIRTUSER_DOMAIN or 1007 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 1008 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or 1009 VIRTUSER_DOMAIN_FILE is used, then the entries of class 1010 {VirtHost} are added to class {R}, i.e., relaying is allowed 1011 to (and from) those domains, which by default includes also 1012 all subdomains (see relay_hosts_only). The default map 1013 definition is: 1014 1015 hash /etc/mail/virtusertable 1016 1017 A new definition can be specified as the second argument of 1018 the FEATURE macro, such as 1019 1020 FEATURE(`virtusertable', `dbm /etc/mail/virtusers') 1021 1022virtuser_entire_domain 1023 If the virtusertable is enabled and VIRTUSER_DOMAIN or 1024 VIRTUSER_DOMAIN_FILE is used, this feature will cause 1025 addresses to be searched in the map if their domain 1026 parts are subdomains of elements in class {VirtHost}. 1027 1028ldap_routing Implement LDAP-based e-mail recipient routing according to 1029 the Internet Draft draft-lachman-laser-ldap-mail-routing-01. 1030 This provides a method to re-route addresses with a 1031 domain portion in class {LDAPRoute} to either a 1032 different mail host or a different address. Hosts can 1033 be added to this class using LDAPROUTE_DOMAIN and 1034 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 1035 MASQUERADE_DOMAIN_FILE, see below). 1036 1037 See the LDAP ROUTING section below for more information. 1038 1039nullclient This is a special case -- it creates a configuration file 1040 containing nothing but support for forwarding all mail to a 1041 central hub via a local SMTP-based network. The argument 1042 is the name of that hub. 1043 1044 The only other feature that should be used in conjunction 1045 with this one is FEATURE(`nocanonify'). No mailers 1046 should be defined. No aliasing or forwarding is done. 1047 1048local_lmtp Use an LMTP capable local mailer. The argument to this 1049 feature is the pathname of an LMTP capable mailer. By 1050 default, mail.local is used. This is expected to be the 1051 mail.local which came with the 8.9 distribution which is 1052 LMTP capable. The path to mail.local is set by the 1053 confEBINDIR m4 variable -- making the default 1054 LOCAL_MAILER_PATH /usr/libexec/mail.local. 1055 If a different LMTP capable mailer is used, its pathname 1056 can be specified as second parameter and the arguments 1057 passed to it (A=) as third parameter, e.g., 1058 1059 FEATURE(`local_lmtp', `/usr/local/bin/lmtp', `lmtp') 1060 1061 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 1062 i.e., without respecting any definitions in an OSTYPE setting. 1063 1064local_procmail Use procmail or another delivery agent as the local mailer. 1065 The argument to this feature is the pathname of the 1066 delivery agent, which defaults to PROCMAIL_MAILER_PATH. 1067 Note that this does NOT use PROCMAIL_MAILER_FLAGS or 1068 PROCMAIL_MAILER_ARGS for the local mailer; tweak 1069 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or 1070 specify the appropriate parameters. When procmail is used, 1071 the local mailer can make use of the 1072 "user+indicator@local.host" syntax; normally the +indicator 1073 is just tossed, but by default it is passed as the -a 1074 argument to procmail. 1075 1076 This feature can take up to three arguments: 1077 1078 1. Path to the mailer program 1079 [default: /usr/local/bin/procmail] 1080 2. Argument vector including name of the program 1081 [default: procmail -Y -a $h -d $u] 1082 3. Flags for the mailer [default: SPfhn9] 1083 1084 Empty arguments cause the defaults to be taken. 1085 Note that if you are on a system with a broken 1086 setreuid() call, you may need to add -f $f to the procmail 1087 argument vector to pass the proper sender to procmail. 1088 1089 For example, this allows it to use the maildrop 1090 (http://www.flounder.net/~mrsam/maildrop/) mailer instead 1091 by specifying: 1092 1093 FEATURE(`local_procmail', `/usr/local/bin/maildrop', 1094 `maildrop -d $u') 1095 1096 or scanmails using: 1097 1098 FEATURE(`local_procmail', `/usr/local/bin/scanmails') 1099 1100 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 1101 i.e., without respecting any definitions in an OSTYPE setting. 1102 1103bestmx_is_local Accept mail as though locally addressed for any host that 1104 lists us as the best possible MX record. This generates 1105 additional DNS traffic, but should be OK for low to 1106 medium traffic hosts. The argument may be a set of 1107 domains, which will limit the feature to only apply to 1108 these domains -- this will reduce unnecessary DNS 1109 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH 1110 WILDCARD MX RECORDS!!! If you have a wildcard MX record 1111 that matches your domain, you cannot use this feature. 1112 1113smrsh Use the SendMail Restricted SHell (smrsh) provided 1114 with the distribution instead of /bin/sh for mailing 1115 to programs. This improves the ability of the local 1116 system administrator to control what gets run via 1117 e-mail. If an argument is provided it is used as the 1118 pathname to smrsh; otherwise, the path defined by 1119 confEBINDIR is used for the smrsh binary -- by default, 1120 /usr/libexec/smrsh is assumed. 1121 1122promiscuous_relay 1123 By default, the sendmail configuration files do not permit 1124 mail relaying (that is, accepting mail from outside your 1125 local host (class {w}) and sending it to another host than 1126 your local host). This option sets your site to allow 1127 mail relaying from any site to any site. In almost all 1128 cases, it is better to control relaying more carefully 1129 with the access map, class {R}, or authentication. Domains 1130 can be added to class {R} by the macros RELAY_DOMAIN or 1131 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 1132 MASQUERADE_DOMAIN_FILE, see below). 1133 1134relay_entire_domain 1135 This option allows any host in your domain as defined by 1136 class {m} to use your server for relaying. Notice: make 1137 sure that your domain is not just a top level domain, 1138 e.g., com. This can happen if you give your host a name 1139 like example.com instead of host.example.com. 1140 1141relay_hosts_only 1142 By default, names that are listed as RELAY in the access 1143 db and class {R} are treated as domain names, not host names. 1144 For example, if you specify ``foo.com'', then mail to or 1145 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com 1146 will all be accepted for relaying. This feature changes 1147 the behaviour to lookup individual host names only. 1148 1149relay_based_on_MX 1150 Turns on the ability to allow relaying based on the MX 1151 records of the host portion of an incoming recipient; that 1152 is, if an MX record for host foo.com points to your site, 1153 you will accept and relay mail addressed to foo.com. See 1154 description below for more information before using this 1155 feature. Also, see the KNOWNBUGS entry regarding bestmx 1156 map lookups. 1157 1158 FEATURE(`relay_based_on_MX') does not necessarily allow 1159 routing of these messages which you expect to be allowed, 1160 if route address syntax (or %-hack syntax) is used. If 1161 this is a problem, add entries to the access-table or use 1162 FEATURE(`loose_relay_check'). 1163 1164relay_mail_from 1165 Allows relaying if the mail sender is listed as RELAY in 1166 the access map. If an optional argument `domain' (this 1167 is the literal word `domain', not a placeholder) is given, 1168 relaying can be allowed just based on the domain portion 1169 of the sender address. This feature should only be used if 1170 absolutely necessary as the sender address can be easily 1171 forged. Use of this feature requires the "From:" tag to 1172 be used for the key in the access map; see the discussion 1173 of tags and FEATURE(`relay_mail_from') in the section on 1174 anti-spam configuration control. 1175 1176relay_local_from 1177 Allows relaying if the domain portion of the mail sender 1178 is a local host. This should only be used if absolutely 1179 necessary as it opens a window for spammers. Specifically, 1180 they can send mail to your mail server that claims to be 1181 from your domain (either directly or via a routed address), 1182 and you will go ahead and relay it out to arbitrary hosts 1183 on the Internet. 1184 1185accept_unqualified_senders 1186 Normally, MAIL FROM: commands in the SMTP session will be 1187 refused if the connection is a network connection and the 1188 sender address does not include a domain name. If your 1189 setup sends local mail unqualified (i.e., MAIL FROM:<joe>), 1190 you will need to use this feature to accept unqualified 1191 sender addresses. Setting the DaemonPortOptions modifier 1192 'u' overrides the default behavior, i.e., unqualified 1193 addresses are accepted even without this FEATURE. 1194 If this FEATURE is not used, the DaemonPortOptions modifier 1195 'f' can be used to enforce fully qualified addresses. 1196 1197accept_unresolvable_domains 1198 Normally, MAIL FROM: commands in the SMTP session will be 1199 refused if the host part of the argument to MAIL FROM: 1200 cannot be located in the host name service (e.g., an A or 1201 MX record in DNS). If you are inside a firewall that has 1202 only a limited view of the Internet host name space, this 1203 could cause problems. In this case you probably want to 1204 use this feature to accept all domains on input, even if 1205 they are unresolvable. 1206 1207access_db Turns on the access database feature. The access db gives 1208 you the ability to allow or refuse to accept mail from 1209 specified domains for administrative reasons. Moreover, 1210 it can control the behavior of sendmail in various situations. 1211 By default, the access database specification is: 1212 1213 hash -T<TMPF> /etc/mail/access 1214 1215 See the anti-spam configuration control section for further 1216 important information about this feature. Notice: 1217 "-T<TMPF>" is meant literal, do not replace it by anything. 1218 1219blacklist_recipients 1220 Turns on the ability to block incoming mail for certain 1221 recipient usernames, hostnames, or addresses. For 1222 example, you can block incoming mail to user nobody, 1223 host foo.mydomain.com, or guest@bar.mydomain.com. 1224 These specifications are put in the access db as 1225 described in the anti-spam configuration control section 1226 later in this document. 1227 1228delay_checks The rulesets check_mail and check_relay will not be called 1229 when a client connects or issues a MAIL command, respectively. 1230 Instead, those rulesets will be called by the check_rcpt 1231 ruleset; they will be skipped under certain circumstances. 1232 See "Delay all checks" in the anti-spam configuration control 1233 section. Note: this feature is incompatible to the versions 1234 in 8.10 and 8.11. 1235 1236use_client_ptr If this feature is enabled then check_relay will override 1237 its first argument with $&{client_ptr}. This is useful for 1238 rejections based on the unverified hostname of client, 1239 which turns on the same behavior as in earlier sendmail 1240 versions when delay_checks was not in use. See doc/op/op.* 1241 about check_relay, {client_name}, and {client_ptr}. 1242 1243dnsbl Turns on rejection, discarding, or quarantining of hosts 1244 found in a DNS based list. The first argument is used as 1245 the domain in which blocked hosts are listed. A second 1246 argument can be used to change the default error message, 1247 or select one of the operations `discard' and `quarantine'. 1248 Without that second argument, the error message will be 1249 1250 Rejected: IP-ADDRESS listed at SERVER 1251 1252 where IP-ADDRESS and SERVER are replaced by the appropriate 1253 information. By default, temporary lookup failures are 1254 ignored. This behavior can be changed by specifying a 1255 third argument, which must be either `t' or a full error 1256 message. See the anti-spam configuration control section for 1257 an example. The dnsbl feature can be included several times 1258 to query different DNS based rejection lists. See also 1259 enhdnsbl for an enhanced version. 1260 1261 Set the DNSBL_MAP mc option to change the default map 1262 definition from `host'. Set the DNSBL_MAP_OPT mc option 1263 to add additional options to the map specification used. 1264 1265 Some DNS based rejection lists cause failures if asked 1266 for AAAA records. If your sendmail version is compiled 1267 with IPv6 support (NETINET6) and you experience this 1268 problem, add 1269 1270 define(`DNSBL_MAP', `dns -R A') 1271 1272 before the first use of this feature. Alternatively you 1273 can use enhdnsbl instead (see below). Moreover, this 1274 statement can be used to reduce the number of DNS retries, 1275 e.g., 1276 1277 define(`DNSBL_MAP', `dns -R A -r2') 1278 1279 See below (EDNSBL_TO) for an explanation. 1280 1281enhdnsbl Enhanced version of dnsbl (see above). Further arguments 1282 (up to 5) can be used to specify specific return values 1283 from lookups. Temporary lookup failures are ignored unless 1284 a third argument is given, which must be either `t' or a full 1285 error message. By default, any successful lookup will 1286 generate an error. Otherwise the result of the lookup is 1287 compared with the supplied argument(s), and only if a match 1288 occurs an error is generated. For example, 1289 1290 FEATURE(`enhdnsbl', `dnsbl.example.com', `', `t', `127.0.0.2.') 1291 1292 will reject the e-mail if the lookup returns the value 1293 ``127.0.0.2.'', or generate a 451 response if the lookup 1294 temporarily failed. The arguments can contain metasymbols 1295 as they are allowed in the LHS of rules. As the example 1296 shows, the default values are also used if an empty argument, 1297 i.e., `', is specified. This feature requires that sendmail 1298 has been compiled with the flag DNSMAP (see sendmail/README). 1299 1300 Set the EDNSBL_TO mc option to change the DNS retry count 1301 from the default value of 5, this can be very useful when 1302 a DNS server is not responding, which in turn may cause 1303 clients to time out (an entry stating 1304 1305 did not issue MAIL/EXPN/VRFY/ETRN 1306 1307 will be logged). 1308 1309ratecontrol Enable simple ruleset to do connection rate control 1310 checking. This requires entries in access_db of the form 1311 1312 ClientRate:IP.ADD.RE.SS LIMIT 1313 1314 The RHS specifies the maximum number of connections 1315 (an integer number) over the time interval defined 1316 by ConnectionRateWindowSize, where 0 means unlimited. 1317 1318 Take the following example: 1319 1320 ClientRate:10.1.2.3 4 1321 ClientRate:127.0.0.1 0 1322 ClientRate: 10 1323 1324 10.1.2.3 can only make up to 4 connections, the 1325 general limit it 10, and 127.0.0.1 can make an unlimited 1326 number of connections per ConnectionRateWindowSize. 1327 1328 See also CONNECTION CONTROL. 1329 1330conncontrol Enable a simple check of the number of incoming SMTP 1331 connections. This requires entries in access_db of the 1332 form 1333 1334 ClientConn:IP.ADD.RE.SS LIMIT 1335 1336 The RHS specifies the maximum number of open connections 1337 (an integer number). 1338 1339 Take the following example: 1340 1341 ClientConn:10.1.2.3 4 1342 ClientConn:127.0.0.1 0 1343 ClientConn: 10 1344 1345 10.1.2.3 can only have up to 4 open connections, the 1346 general limit it 10, and 127.0.0.1 does not have any 1347 explicit limit. 1348 1349 See also CONNECTION CONTROL. 1350 1351mtamark Experimental support for "Marking Mail Transfer Agents in 1352 Reverse DNS with TXT RRs" (MTAMark), see 1353 draft-stumpf-dns-mtamark-01. Optional arguments are: 1354 1355 1. Error message, default: 1356 1357 550 Rejected: $&{client_addr} not listed as MTA 1358 1359 2. Temporary lookup failures are ignored unless a second 1360 argument is given, which must be either `t' or a full 1361 error message. 1362 1363 3. Lookup prefix, default: _perm._smtp._srv. This should 1364 not be changed unless the draft changes it. 1365 1366 Example: 1367 1368 FEATURE(`mtamark', `', `t') 1369 1370lookupdotdomain Look up also .domain in the access map. This allows to 1371 match only subdomains. It does not work well with 1372 FEATURE(`relay_hosts_only'), because most lookups for 1373 subdomains are suppressed by the latter feature. 1374 1375loose_relay_check 1376 Normally, if % addressing is used for a recipient, e.g. 1377 user%site@othersite, and othersite is in class {R}, the 1378 check_rcpt ruleset will strip @othersite and recheck 1379 user@site for relaying. This feature changes that 1380 behavior. It should not be needed for most installations. 1381 1382authinfo Provide a separate map for client side authentication 1383 information. See SMTP AUTHENTICATION for details. 1384 By default, the authinfo database specification is: 1385 1386 hash /etc/mail/authinfo 1387 1388preserve_luser_host 1389 Preserve the name of the recipient host if LUSER_RELAY is 1390 used. Without this option, the domain part of the 1391 recipient address will be replaced by the host specified as 1392 LUSER_RELAY. This feature only works if the hostname is 1393 passed to the mailer (see mailer triple in op.me). Note 1394 that in the default configuration the local mailer does not 1395 receive the hostname, i.e., the mailer triple has an empty 1396 hostname. 1397 1398preserve_local_plus_detail 1399 Preserve the +detail portion of the address when passing 1400 address to local delivery agent. Disables alias and 1401 .forward +detail stripping (e.g., given user+detail, only 1402 that address will be looked up in the alias file; user+* and 1403 user will not be looked up). Only use if the local 1404 delivery agent in use supports +detail addressing. 1405 1406compat_check Enable ruleset check_compat to look up pairs of addresses 1407 with the Compat: tag -- Compat:sender<@>recipient -- in the 1408 access map. Valid values for the RHS include 1409 DISCARD silently discard recipient 1410 TEMP: return a temporary error 1411 ERROR: return a permanent error 1412 In the last two cases, a 4xy/5xy SMTP reply code should 1413 follow the colon. 1414 1415no_default_msa Don't generate the default MSA daemon, i.e., 1416 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E') 1417 To define a MSA daemon with other parameters, use this 1418 FEATURE and introduce new settings via DAEMON_OPTIONS(). 1419 1420msp Defines config file for Message Submission Program. 1421 See sendmail/SECURITY for details and cf/cf/submit.mc how 1422 to use it. An optional argument can be used to override 1423 the default of `[localhost]' to use as host to send all 1424 e-mails to. Note that MX records will be used if the 1425 specified hostname is not in square brackets (e.g., 1426 [hostname]). If `MSA' is specified as second argument then 1427 port 587 is used to contact the server. Example: 1428 1429 FEATURE(`msp', `', `MSA') 1430 1431 Some more hints about possible changes can be found below 1432 in the section MESSAGE SUBMISSION PROGRAM. 1433 1434 Note: Due to many problems, submit.mc uses 1435 1436 FEATURE(`msp', `[127.0.0.1]') 1437 1438 by default. If you have a machine with IPv6 only, 1439 change it to 1440 1441 FEATURE(`msp', `[IPv6:::1]') 1442 1443 If you want to continue using '[localhost]', (the behavior 1444 up to 8.12.6), use 1445 1446 FEATURE(`msp') 1447 1448queuegroup A simple example how to select a queue group based 1449 on the full e-mail address or the domain of the 1450 recipient. Selection is done via entries in the 1451 access map using the tag QGRP:, for example: 1452 1453 QGRP:example.com main 1454 QGRP:friend@some.org others 1455 QGRP:my.domain local 1456 1457 where "main", "others", and "local" are names of 1458 queue groups. If an argument is specified, it is used 1459 as default queue group. 1460 1461 Note: please read the warning in doc/op/op.me about 1462 queue groups and possible queue manipulations. 1463 1464greet_pause Adds the greet_pause ruleset which enables open proxy 1465 and SMTP slamming protection. The feature can take an 1466 argument specifying the milliseconds to wait: 1467 1468 FEATURE(`greet_pause', `5000') dnl 5 seconds 1469 1470 If FEATURE(`access_db') is enabled, an access database 1471 lookup with the GreetPause tag is done using client 1472 hostname, domain, IP address, or subnet to determine the 1473 pause time: 1474 1475 GreetPause:my.domain 0 1476 GreetPause:example.com 5000 1477 GreetPause:10.1.2 2000 1478 GreetPause:127.0.0.1 0 1479 1480 When using FEATURE(`access_db'), the optional 1481 FEATURE(`greet_pause') argument becomes the default if 1482 nothing is found in the access database. A ruleset called 1483 Local_greet_pause can be used for local modifications, e.g., 1484 1485 LOCAL_RULESETS 1486 SLocal_greet_pause 1487 R$* $: $&{daemon_flags} 1488 R$* a $* $# 0 1489 1490block_bad_helo Reject messages from SMTP clients which provide a HELO/EHLO 1491 argument which is either unqualified, or is one of our own 1492 names (i.e., the server name instead of the client name). 1493 This check is performed at RCPT stage and disabled for the 1494 following cases: 1495 - authenticated sessions, 1496 - connections from IP addresses in class $={R}. 1497 Currently access_db lookups can not be used to 1498 (selectively) disable this test, moreover, 1499 FEATURE(`delay_checks') 1500 is required. 1501 1502require_rdns Reject mail from connecting SMTP clients without proper 1503 rDNS (reverse DNS), functional gethostbyaddr() resolution. 1504 Note: this feature will cause false positives, i.e., there 1505 are legitimate MTAs that do not have proper DNS entries. 1506 Rejecting mails from those MTAs is a local policy decision. 1507 1508 The basic policy is to reject message with a 5xx error if 1509 the IP address fails to resolve. However, if this is a 1510 temporary failure, a 4xx temporary failure is returned. 1511 If the look-up succeeds, but returns an apparently forged 1512 value, this is treated as a temporary failure with a 4xx 1513 error code. 1514 1515 EXCEPTIONS: 1516 1517 Exceptions based on access entries are discussed below. 1518 Any IP address matched using $=R (the "relay-domains" file) 1519 is excepted from the rules. Since we have explicitly 1520 allowed relaying for this host, based on IP address, we 1521 ignore the rDNS failure. 1522 1523 The philosophical assumption here is that most users do 1524 not control their rDNS. They should be able to send mail 1525 through their ISP, whether or not they have valid rDNS. 1526 The class $=R, roughly speaking, contains those IP addresses 1527 and address ranges for which we are the ISP, or are acting 1528 as if the ISP. 1529 1530 If `delay_checks' is in effect (recommended), then any 1531 sender who has authenticated is also excepted from the 1532 restrictions. This happens because the rules produced by 1533 this FEATURE() will not be applied to authenticated senders 1534 (assuming `delay_checks'). 1535 1536 ACCESS MAP ENTRIES: 1537 1538 Entries such as 1539 Connect:1.2.3.4 OK 1540 Connect:1.2 RELAY 1541 will whitelist IP address 1.2.3.4, so that the rDNS 1542 blocking does apply to that IP address 1543 1544 Entries such as 1545 Connect:1.2.3.4 REJECT 1546 will have the effect of forcing a temporary failure for 1547 that address to be treated as a permanent failure. 1548 1549badmx Reject envelope sender addresses (MAIL) whose domain part 1550 resolves to a "bad" MX record. By default these are 1551 MX records which resolve to A records that match the 1552 regular expression: 1553 1554 ^(127\.|10\.|0\.0\.0\.0) 1555 1556 This default regular expression can be overridden by 1557 specifying an argument, e.g., 1558 1559 FEATURE(`badmx', `^127\.0\.0\.1') 1560 1561 Note: this feature requires that the sendmail binary 1562 has been compiled with the options MAP_REGEX and 1563 DNSMAP. 1564 1565+-------+ 1566| HACKS | 1567+-------+ 1568 1569Some things just can't be called features. To make this clear, 1570they go in the hack subdirectory and are referenced using the HACK 1571macro. These will tend to be site-dependent. The release 1572includes the Berkeley-dependent "cssubdomain" hack (that makes 1573sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU; 1574this is intended as a short-term aid while moving hosts into 1575subdomains. 1576 1577 1578+--------------------+ 1579| SITE CONFIGURATION | 1580+--------------------+ 1581 1582 ***************************************************** 1583 * This section is really obsolete, and is preserved * 1584 * only for back compatibility. You should plan on * 1585 * using mailertables for new installations. In * 1586 * particular, it doesn't work for the newer forms * 1587 * of UUCP mailers, such as uucp-uudom. * 1588 ***************************************************** 1589 1590Complex sites will need more local configuration information, such as 1591lists of UUCP hosts they speak with directly. This can get a bit more 1592tricky. For an example of a "complex" site, see cf/ucbvax.mc. 1593 1594The SITECONFIG macro allows you to indirectly reference site-dependent 1595configuration information stored in the siteconfig subdirectory. For 1596example, the line 1597 1598 SITECONFIG(`uucp.ucbvax', `ucbvax', `U') 1599 1600reads the file uucp.ucbvax for local connection information. The 1601second parameter is the local name (in this case just "ucbvax" since 1602it is locally connected, and hence a UUCP hostname). The third 1603parameter is the name of both a macro to store the local name (in 1604this case, {U}) and the name of the class (e.g., {U}) in which to store 1605the host information read from the file. Another SITECONFIG line reads 1606 1607 SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W') 1608 1609This says that the file uucp.ucbarpa contains the list of UUCP sites 1610connected to ucbarpa.Berkeley.EDU. Class {W} will be used to 1611store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that 1612is, the name of the relay to which the hosts listed in uucp.ucbarpa 1613are connected. [The machine ucbarpa is gone now, but this 1614out-of-date configuration file has been left around to demonstrate 1615how you might do this.] 1616 1617Note that the case of SITECONFIG with a third parameter of ``U'' is 1618special; the second parameter is assumed to be the UUCP name of the 1619local site, rather than the name of a remote site, and the UUCP name 1620is entered into class {w} (the list of local hostnames) as $U.UUCP. 1621 1622The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing 1623more than a sequence of SITE macros describing connectivity. For 1624example: 1625 1626 SITE(`cnmat') 1627 SITE(`sgi olympus') 1628 1629The second example demonstrates that you can use two names on the 1630same line; these are usually aliases for the same host (or are at 1631least in the same company). 1632 1633The macro LOCAL_UUCP can be used to add rules into the generated 1634cf file at the place where MAILER(`uucp') inserts its rules. This 1635should only be used if really necessary. 1636 1637+--------------------+ 1638| USING UUCP MAILERS | 1639+--------------------+ 1640 1641It's hard to get UUCP mailers right because of the extremely ad hoc 1642nature of UUCP addressing. These config files are really designed 1643for domain-based addressing, even for UUCP sites. 1644 1645There are four UUCP mailers available. The choice of which one to 1646use is partly a matter of local preferences and what is running at 1647the other end of your UUCP connection. Unlike good protocols that 1648define what will go over the wire, UUCP uses the policy that you 1649should do what is right for the other end; if they change, you have 1650to change. This makes it hard to do the right thing, and discourages 1651people from updating their software. In general, if you can avoid 1652UUCP, please do. 1653 1654The major choice is whether to go for a domainized scheme or a 1655non-domainized scheme. This depends entirely on what the other 1656end will recognize. If at all possible, you should encourage the 1657other end to go to a domain-based system -- non-domainized addresses 1658don't work entirely properly. 1659 1660The four mailers are: 1661 1662 uucp-old (obsolete name: "uucp") 1663 This is the oldest, the worst (but the closest to UUCP) way of 1664 sending messages across UUCP connections. It does bangify 1665 everything and prepends $U (your UUCP name) to the sender's 1666 address (which can already be a bang path itself). It can 1667 only send to one address at a time, so it spends a lot of 1668 time copying duplicates of messages. Avoid this if at all 1669 possible. 1670 1671 uucp-new (obsolete name: "suucp") 1672 The same as above, except that it assumes that in one rmail 1673 command you can specify several recipients. It still has a 1674 lot of other problems. 1675 1676 uucp-dom 1677 This UUCP mailer keeps everything as domain addresses. 1678 Basically, it uses the SMTP mailer rewriting rules. This mailer 1679 is only included if MAILER(`smtp') is specified before 1680 MAILER(`uucp'). 1681 1682 Unfortunately, a lot of UUCP mailer transport agents require 1683 bangified addresses in the envelope, although you can use 1684 domain-based addresses in the message header. (The envelope 1685 shows up as the From_ line on UNIX mail.) So.... 1686 1687 uucp-uudom 1688 This is a cross between uucp-new (for the envelope addresses) 1689 and uucp-dom (for the header addresses). It bangifies the 1690 envelope sender (From_ line in messages) without adding the 1691 local hostname, unless there is no host name on the address 1692 at all (e.g., "wolf") or the host component is a UUCP host name 1693 instead of a domain name ("somehost!wolf" instead of 1694 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp') 1695 is also specified earlier. 1696 1697Examples: 1698 1699On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following 1700summarizes the sender rewriting for various mailers. 1701 1702Mailer sender rewriting in the envelope 1703------ ------ ------------------------- 1704uucp-{old,new} wolf grasp!wolf 1705uucp-dom wolf wolf@grasp.insa-lyon.fr 1706uucp-uudom wolf grasp.insa-lyon.fr!wolf 1707 1708uucp-{old,new} wolf@fr.net grasp!fr.net!wolf 1709uucp-dom wolf@fr.net wolf@fr.net 1710uucp-uudom wolf@fr.net fr.net!wolf 1711 1712uucp-{old,new} somehost!wolf grasp!somehost!wolf 1713uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr 1714uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf 1715 1716If you are using one of the domainized UUCP mailers, you really want 1717to convert all UUCP addresses to domain format -- otherwise, it will 1718do it for you (and probably not the way you expected). For example, 1719if you have the address foo!bar!baz (and you are not sending to foo), 1720the heuristics will add the @uucp.relay.name or @local.host.name to 1721this address. However, if you map foo to foo.host.name first, it 1722will not add the local hostname. You can do this using the uucpdomain 1723feature. 1724 1725 1726+-------------------+ 1727| TWEAKING RULESETS | 1728+-------------------+ 1729 1730For more complex configurations, you can define special rules. 1731The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing 1732the names. Any modifications made here are reflected in the header. 1733 1734A common use is to convert old UUCP addresses to SMTP addresses using 1735the UUCPSMTP macro. For example: 1736 1737 LOCAL_RULE_3 1738 UUCPSMTP(`decvax', `decvax.dec.com') 1739 UUCPSMTP(`research', `research.att.com') 1740 1741will cause addresses of the form "decvax!user" and "research!user" 1742to be converted to "user@decvax.dec.com" and "user@research.att.com" 1743respectively. 1744 1745This could also be used to look up hosts in a database map: 1746 1747 LOCAL_RULE_3 1748 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3 1749 1750This map would be defined in the LOCAL_CONFIG portion, as shown below. 1751 1752Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules. 1753For example, new rules are needed to parse hostnames that you accept 1754via MX records. For example, you might have: 1755 1756 LOCAL_RULE_0 1757 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.> 1758 1759You would use this if you had installed an MX record for cnmat.Berkeley.EDU 1760pointing at this host; this rule catches the message and forwards it on 1761using UUCP. 1762 1763You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2. 1764These rulesets are normally empty. 1765 1766A similar macro is LOCAL_CONFIG. This introduces lines added after the 1767boilerplate option setting but before rulesets. Do not declare rulesets in 1768the LOCAL_CONFIG section. It can be used to declare local database maps or 1769whatever. For example: 1770 1771 LOCAL_CONFIG 1772 Khostmap hash /etc/mail/hostmap 1773 Kyplocal nis -m hosts.byname 1774 1775 1776+---------------------------+ 1777| MASQUERADING AND RELAYING | 1778+---------------------------+ 1779 1780You can have your host masquerade as another using 1781 1782 MASQUERADE_AS(`host.domain') 1783 1784This causes mail being sent to be labeled as coming from the 1785indicated host.domain, rather than $j. One normally masquerades as 1786one of one's own subdomains (for example, it's unlikely that 1787Berkeley would choose to masquerade as an MIT site). This 1788behaviour is modified by a plethora of FEATUREs; in particular, see 1789masquerade_envelope, allmasquerade, limited_masquerade, and 1790masquerade_entire_domain. 1791 1792The masquerade name is not normally canonified, so it is important 1793that it be your One True Name, that is, fully qualified and not a 1794CNAME. However, if you use a CNAME, the receiving side may canonify 1795it for you, so don't think you can cheat CNAME mapping this way. 1796 1797Normally the only addresses that are masqueraded are those that come 1798from this host (that is, are either unqualified or in class {w}, the list 1799of local domain names). You can augment this list, which is realized 1800by class {M} using 1801 1802 MASQUERADE_DOMAIN(`otherhost.domain') 1803 1804The effect of this is that although mail to user@otherhost.domain 1805will not be delivered locally, any mail including any user@otherhost.domain 1806will, when relayed, be rewritten to have the MASQUERADE_AS address. 1807This can be a space-separated list of names. 1808 1809If these names are in a file, you can use 1810 1811 MASQUERADE_DOMAIN_FILE(`filename') 1812 1813to read the list of names from the indicated file (i.e., to add 1814elements to class {M}). 1815 1816To exempt hosts or subdomains from being masqueraded, you can use 1817 1818 MASQUERADE_EXCEPTION(`host.domain') 1819 1820This can come handy if you want to masquerade a whole domain 1821except for one (or a few) host(s). If these names are in a file, 1822you can use 1823 1824 MASQUERADE_EXCEPTION_FILE(`filename') 1825 1826Normally only header addresses are masqueraded. If you want to 1827masquerade the envelope as well, use 1828 1829 FEATURE(`masquerade_envelope') 1830 1831There are always users that need to be "exposed" -- that is, their 1832internal site name should be displayed instead of the masquerade name. 1833Root is an example (which has been "exposed" by default prior to 8.10). 1834You can add users to this list using 1835 1836 EXPOSED_USER(`usernames') 1837 1838This adds users to class {E}; you could also use 1839 1840 EXPOSED_USER_FILE(`filename') 1841 1842You can also arrange to relay all unqualified names (that is, names 1843without @host) to a relay host. For example, if you have a central 1844email server, you might relay to that host so that users don't have 1845to have .forward files or aliases. You can do this using 1846 1847 define(`LOCAL_RELAY', `mailer:hostname') 1848 1849The ``mailer:'' can be omitted, in which case the mailer defaults to 1850"relay". There are some user names that you don't want relayed, perhaps 1851because of local aliases. A common example is root, which may be 1852locally aliased. You can add entries to this list using 1853 1854 LOCAL_USER(`usernames') 1855 1856This adds users to class {L}; you could also use 1857 1858 LOCAL_USER_FILE(`filename') 1859 1860If you want all incoming mail sent to a centralized hub, as for a 1861shared /var/spool/mail scheme, use 1862 1863 define(`MAIL_HUB', `mailer:hostname') 1864 1865Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY 1866and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will 1867be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB. 1868Note: there is a (long standing) bug which keeps this combination from 1869working for addresses of the form user+detail. 1870Names in class {L} will be delivered locally, so you MUST have aliases or 1871.forward files for them. 1872 1873For example, if you are on machine mastodon.CS.Berkeley.EDU and you have 1874FEATURE(`stickyhost'), the following combinations of settings will have the 1875indicated effects: 1876 1877email sent to.... eric eric@mastodon.CS.Berkeley.EDU 1878 1879LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally) 1880mail.CS.Berkeley.EDU (no local aliasing) (aliasing done) 1881 1882MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1883mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done) 1884 1885Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1886MAIL_HUB set as above (no local aliasing) (aliasing done) 1887 1888If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and 1889MAIL_HUB act identically, with MAIL_HUB taking precedence. 1890 1891If you want all outgoing mail to go to a central relay site, define 1892SMART_HOST as well. Briefly: 1893 1894 LOCAL_RELAY applies to unqualified names (e.g., "eric"). 1895 MAIL_HUB applies to names qualified with the name of the 1896 local host (e.g., "eric@mastodon.CS.Berkeley.EDU"). 1897 SMART_HOST applies to names qualified with other hosts or 1898 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU" 1899 or "eric@[127.0.0.1]"). 1900 1901However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY, 1902DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you 1903really want absolutely everything to go to a single central site you will 1904need to unset all the other relays -- or better yet, find or build a 1905minimal config file that does this. 1906 1907For duplicate suppression to work properly, the host name is best 1908specified with a terminal dot: 1909 1910 define(`MAIL_HUB', `host.domain.') 1911 note the trailing dot ---^ 1912 1913 1914+-------------------------------------------+ 1915| USING LDAP FOR ALIASES, MAPS, AND CLASSES | 1916+-------------------------------------------+ 1917 1918LDAP can be used for aliases, maps, and classes by either specifying your 1919own LDAP map specification or using the built-in default LDAP map 1920specification. The built-in default specifications all provide lookups 1921which match against either the machine's fully qualified hostname (${j}) or 1922a "cluster". The cluster allows you to share LDAP entries among a large 1923number of machines without having to enter each of the machine names into 1924each LDAP entry. To set the LDAP cluster name to use for a particular 1925machine or set of machines, set the confLDAP_CLUSTER m4 variable to a 1926unique name. For example: 1927 1928 define(`confLDAP_CLUSTER', `Servers') 1929 1930Here, the word `Servers' will be the cluster name. As an example, assume 1931that smtp.sendmail.org, etrn.sendmail.org, and mx.sendmail.org all belong 1932to the Servers cluster. 1933 1934Some of the LDAP LDIF examples below show use of the Servers cluster. 1935Every entry must have either a sendmailMTAHost or sendmailMTACluster 1936attribute or it will be ignored. Be careful as mixing clusters and 1937individual host records can have surprising results (see the CAUTION 1938sections below). 1939 1940See the file cf/sendmail.schema for the actual LDAP schemas. Note that 1941this schema (and therefore the lookups and examples below) is experimental 1942at this point as it has had little public review. Therefore, it may change 1943in future versions. Feedback via sendmail-YYYY@support.sendmail.org is 1944encouraged (replace YYYY with the current year, e.g., 2005). 1945 1946------- 1947Aliases 1948------- 1949 1950The ALIAS_FILE (O AliasFile) option can be set to use LDAP for alias 1951lookups. To use the default schema, simply use: 1952 1953 define(`ALIAS_FILE', `ldap:') 1954 1955By doing so, you will use the default schema which expands to a map 1956declared as follows: 1957 1958 ldap -k (&(objectClass=sendmailMTAAliasObject) 1959 (sendmailMTAAliasGrouping=aliases) 1960 (|(sendmailMTACluster=${sendmailMTACluster}) 1961 (sendmailMTAHost=$j)) 1962 (sendmailMTAKey=%0)) 1963 -v sendmailMTAAliasValue,sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,sendmailMTAAliasURL:URL:sendmailMTAAliasObject 1964 1965 1966NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually 1967used when the binary expands the `ldap:' token as the AliasFile option is 1968not actually macro-expanded when read from the sendmail.cf file. 1969 1970Example LDAP LDIF entries might be: 1971 1972 dn: sendmailMTAKey=sendmail-list, dc=sendmail, dc=org 1973 objectClass: sendmailMTA 1974 objectClass: sendmailMTAAlias 1975 objectClass: sendmailMTAAliasObject 1976 sendmailMTAAliasGrouping: aliases 1977 sendmailMTAHost: etrn.sendmail.org 1978 sendmailMTAKey: sendmail-list 1979 sendmailMTAAliasValue: ca@example.org 1980 sendmailMTAAliasValue: eric 1981 sendmailMTAAliasValue: gshapiro@example.com 1982 1983 dn: sendmailMTAKey=owner-sendmail-list, dc=sendmail, dc=org 1984 objectClass: sendmailMTA 1985 objectClass: sendmailMTAAlias 1986 objectClass: sendmailMTAAliasObject 1987 sendmailMTAAliasGrouping: aliases 1988 sendmailMTAHost: etrn.sendmail.org 1989 sendmailMTAKey: owner-sendmail-list 1990 sendmailMTAAliasValue: eric 1991 1992 dn: sendmailMTAKey=postmaster, dc=sendmail, dc=org 1993 objectClass: sendmailMTA 1994 objectClass: sendmailMTAAlias 1995 objectClass: sendmailMTAAliasObject 1996 sendmailMTAAliasGrouping: aliases 1997 sendmailMTACluster: Servers 1998 sendmailMTAKey: postmaster 1999 sendmailMTAAliasValue: eric 2000 2001Here, the aliases sendmail-list and owner-sendmail-list will be available 2002only on etrn.sendmail.org but the postmaster alias will be available on 2003every machine in the Servers cluster (including etrn.sendmail.org). 2004 2005CAUTION: aliases are additive so that entries like these: 2006 2007 dn: sendmailMTAKey=bob, dc=sendmail, dc=org 2008 objectClass: sendmailMTA 2009 objectClass: sendmailMTAAlias 2010 objectClass: sendmailMTAAliasObject 2011 sendmailMTAAliasGrouping: aliases 2012 sendmailMTACluster: Servers 2013 sendmailMTAKey: bob 2014 sendmailMTAAliasValue: eric 2015 2016 dn: sendmailMTAKey=bobetrn, dc=sendmail, dc=org 2017 objectClass: sendmailMTA 2018 objectClass: sendmailMTAAlias 2019 objectClass: sendmailMTAAliasObject 2020 sendmailMTAAliasGrouping: aliases 2021 sendmailMTAHost: etrn.sendmail.org 2022 sendmailMTAKey: bob 2023 sendmailMTAAliasValue: gshapiro 2024 2025would mean that on all of the hosts in the cluster, mail to bob would go to 2026eric EXCEPT on etrn.sendmail.org in which case it would go to BOTH eric and 2027gshapiro. 2028 2029If you prefer not to use the default LDAP schema for your aliases, you can 2030specify the map parameters when setting ALIAS_FILE. For example: 2031 2032 define(`ALIAS_FILE', `ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember') 2033 2034---- 2035Maps 2036---- 2037 2038FEATURE()'s which take an optional map definition argument (e.g., access, 2039mailertable, virtusertable, etc.) can instead take the special keyword 2040`LDAP', e.g.: 2041 2042 FEATURE(`access_db', `LDAP') 2043 FEATURE(`virtusertable', `LDAP') 2044 2045When this keyword is given, that map will use LDAP lookups consisting of 2046the objectClass sendmailMTAClassObject, the attribute sendmailMTAMapName 2047with the map name, a search attribute of sendmailMTAKey, and the value 2048attribute sendmailMTAMapValue. 2049 2050The values for sendmailMTAMapName are: 2051 2052 FEATURE() sendmailMTAMapName 2053 --------- ------------------ 2054 access_db access 2055 authinfo authinfo 2056 bitdomain bitdomain 2057 domaintable domain 2058 genericstable generics 2059 mailertable mailer 2060 uucpdomain uucpdomain 2061 virtusertable virtuser 2062 2063For example, FEATURE(`mailertable', `LDAP') would use the map definition: 2064 2065 Kmailertable ldap -k (&(objectClass=sendmailMTAMapObject) 2066 (sendmailMTAMapName=mailer) 2067 (|(sendmailMTACluster=${sendmailMTACluster}) 2068 (sendmailMTAHost=$j)) 2069 (sendmailMTAKey=%0)) 2070 -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject 2071 2072An example LDAP LDIF entry using this map might be: 2073 2074 dn: sendmailMTAMapName=mailer, dc=sendmail, dc=org 2075 objectClass: sendmailMTA 2076 objectClass: sendmailMTAMap 2077 sendmailMTACluster: Servers 2078 sendmailMTAMapName: mailer 2079 2080 dn: sendmailMTAKey=example.com, sendmailMTAMapName=mailer, dc=sendmail, dc=org 2081 objectClass: sendmailMTA 2082 objectClass: sendmailMTAMap 2083 objectClass: sendmailMTAMapObject 2084 sendmailMTAMapName: mailer 2085 sendmailMTACluster: Servers 2086 sendmailMTAKey: example.com 2087 sendmailMTAMapValue: relay:[smtp.example.com] 2088 2089CAUTION: If your LDAP database contains the record above and *ALSO* a host 2090specific record such as: 2091 2092 dn: sendmailMTAKey=example.com@etrn, sendmailMTAMapName=mailer, dc=sendmail, dc=org 2093 objectClass: sendmailMTA 2094 objectClass: sendmailMTAMap 2095 objectClass: sendmailMTAMapObject 2096 sendmailMTAMapName: mailer 2097 sendmailMTAHost: etrn.sendmail.org 2098 sendmailMTAKey: example.com 2099 sendmailMTAMapValue: relay:[mx.example.com] 2100 2101then these entries will give unexpected results. When the lookup is done 2102on etrn.sendmail.org, the effect is that there is *NO* match at all as maps 2103require a single match. Since the host etrn.sendmail.org is also in the 2104Servers cluster, LDAP would return two answers for the example.com map key 2105in which case sendmail would treat this as no match at all. 2106 2107If you prefer not to use the default LDAP schema for your maps, you can 2108specify the map parameters when using the FEATURE(). For example: 2109 2110 FEATURE(`access_db', `ldap:-1 -k (&(objectClass=mapDatabase)(key=%0)) -v value') 2111 2112------- 2113Classes 2114------- 2115 2116Normally, classes can be filled via files or programs. As of 8.12, they 2117can also be filled via map lookups using a new syntax: 2118 2119 F{ClassName}mapkey@mapclass:mapspec 2120 2121mapkey is optional and if not provided the map key will be empty. This can 2122be used with LDAP to read classes from LDAP. Note that the lookup is only 2123done when sendmail is initially started. Use the special value `@LDAP' to 2124use the default LDAP schema. For example: 2125 2126 RELAY_DOMAIN_FILE(`@LDAP') 2127 2128would put all of the attribute sendmailMTAClassValue values of LDAP records 2129with objectClass sendmailMTAClass and an attribute sendmailMTAClassName of 2130'R' into class $={R}. In other words, it is equivalent to the LDAP map 2131specification: 2132 2133 F{R}@ldap:-k (&(objectClass=sendmailMTAClass) 2134 (sendmailMTAClassName=R) 2135 (|(sendmailMTACluster=${sendmailMTACluster}) 2136 (sendmailMTAHost=$j))) 2137 -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass 2138 2139NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually 2140used when the binary expands the `@LDAP' token as class declarations are 2141not actually macro-expanded when read from the sendmail.cf file. 2142 2143This can be used with class related commands such as RELAY_DOMAIN_FILE(), 2144MASQUERADE_DOMAIN_FILE(), etc: 2145 2146 Command sendmailMTAClassName 2147 ------- -------------------- 2148 CANONIFY_DOMAIN_FILE() Canonify 2149 EXPOSED_USER_FILE() E 2150 GENERICS_DOMAIN_FILE() G 2151 LDAPROUTE_DOMAIN_FILE() LDAPRoute 2152 LDAPROUTE_EQUIVALENT_FILE() LDAPRouteEquiv 2153 LOCAL_USER_FILE() L 2154 MASQUERADE_DOMAIN_FILE() M 2155 MASQUERADE_EXCEPTION_FILE() N 2156 RELAY_DOMAIN_FILE() R 2157 VIRTUSER_DOMAIN_FILE() VirtHost 2158 2159You can also add your own as any 'F'ile class of the form: 2160 2161 F{ClassName}@LDAP 2162 ^^^^^^^^^ 2163will use "ClassName" for the sendmailMTAClassName. 2164 2165An example LDAP LDIF entry would look like: 2166 2167 dn: sendmailMTAClassName=R, dc=sendmail, dc=org 2168 objectClass: sendmailMTA 2169 objectClass: sendmailMTAClass 2170 sendmailMTACluster: Servers 2171 sendmailMTAClassName: R 2172 sendmailMTAClassValue: sendmail.org 2173 sendmailMTAClassValue: example.com 2174 sendmailMTAClassValue: 10.56.23 2175 2176CAUTION: If your LDAP database contains the record above and *ALSO* a host 2177specific record such as: 2178 2179 dn: sendmailMTAClassName=R@etrn.sendmail.org, dc=sendmail, dc=org 2180 objectClass: sendmailMTA 2181 objectClass: sendmailMTAClass 2182 sendmailMTAHost: etrn.sendmail.org 2183 sendmailMTAClassName: R 2184 sendmailMTAClassValue: example.com 2185 2186the result will be similar to the aliases caution above. When the lookup 2187is done on etrn.sendmail.org, $={R} would contain all of the entries (from 2188both the cluster match and the host match). In other words, the effective 2189is additive. 2190 2191If you prefer not to use the default LDAP schema for your classes, you can 2192specify the map parameters when using the class command. For example: 2193 2194 VIRTUSER_DOMAIN_FILE(`@ldap:-k (&(objectClass=virtHosts)(host=*)) -v host') 2195 2196Remember, macros can not be used in a class declaration as the binary does 2197not expand them. 2198 2199 2200+--------------+ 2201| LDAP ROUTING | 2202+--------------+ 2203 2204FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft 2205LDAP Schema for Intranet Mail Routing 2206(draft-lachman-laser-ldap-mail-routing-01). This feature enables 2207LDAP-based rerouting of a particular address to either a different host 2208or a different address. The LDAP lookup is first attempted on the full 2209address (e.g., user@example.com) and then on the domain portion 2210(e.g., @example.com). Be sure to setup your domain for LDAP routing using 2211LDAPROUTE_DOMAIN(), e.g.: 2212 2213 LDAPROUTE_DOMAIN(`example.com') 2214 2215Additionally, you can specify equivalent domains for LDAP routing using 2216LDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE(). 'Equivalent' 2217hostnames are mapped to $M (the masqueraded hostname for the server) before 2218the LDAP query. For example, if the mail is addressed to 2219user@host1.example.com, normally the LDAP lookup would only be done for 2220'user@host1.example.com' and '@host1.example.com'. However, if 2221LDAPROUTE_EQUIVALENT(`host1.example.com') is used, the lookups would also be 2222done on 'user@example.com' and '@example.com' after attempting the 2223host1.example.com lookups. 2224 2225By default, the feature will use the schemas as specified in the draft 2226and will not reject addresses not found by the LDAP lookup. However, 2227this behavior can be changed by giving additional arguments to the FEATURE() 2228command: 2229 2230 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>, 2231 <detail>, <nodomain>, <tempfail>) 2232 2233where <mailHost> is a map definition describing how to lookup an alternative 2234mail host for a particular address; <mailRoutingAddress> is a map definition 2235describing how to lookup an alternative address for a particular address; 2236the <bounce> argument, if present and not the word "passthru", dictates 2237that mail should be bounced if neither a mailHost nor mailRoutingAddress 2238is found, if set to "sendertoo", the sender will be rejected if not 2239found in LDAP; and <detail> indicates what actions to take if the address 2240contains +detail information -- `strip' tries the lookup with the +detail 2241and if no matches are found, strips the +detail and tries the lookup again; 2242`preserve', does the same as `strip' but if a mailRoutingAddress match is 2243found, the +detail information is copied to the new address; the <nodomain> 2244argument, if present, will prevent the @domain lookup if the full 2245address is not found in LDAP; the <tempfail> argument, if set to 2246"tempfail", instructs the rules to give an SMTP 4XX temporary 2247error if the LDAP server gives the MTA a temporary failure, or if set to 2248"queue" (the default), the MTA will locally queue the mail. 2249 2250The default <mailHost> map definition is: 2251 2252 ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient) 2253 (mailLocalAddress=%0)) 2254 2255The default <mailRoutingAddress> map definition is: 2256 2257 ldap -1 -T<TMPF> -v mailRoutingAddress 2258 -k (&(objectClass=inetLocalMailRecipient) 2259 (mailLocalAddress=%0)) 2260 2261Note that neither includes the LDAP server hostname (-h server) or base DN 2262(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that 2263your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with 2264these settings. If this is not the case, the map definitions should be 2265changed as described above. The "-T<TMPF>" is required in any user 2266specified map definition to catch temporary errors. 2267 2268The following possibilities exist as a result of an LDAP lookup on an 2269address: 2270 2271 mailHost is mailRoutingAddress is Results in 2272 ----------- --------------------- ---------- 2273 set to a set mail delivered to 2274 "local" host mailRoutingAddress 2275 2276 set to a not set delivered to 2277 "local" host original address 2278 2279 set to a set mailRoutingAddress 2280 remote host relayed to mailHost 2281 2282 set to a not set original address 2283 remote host relayed to mailHost 2284 2285 not set set mail delivered to 2286 mailRoutingAddress 2287 2288 not set not set delivered to 2289 original address *OR* 2290 bounced as unknown user 2291 2292The term "local" host above means the host specified is in class {w}. If 2293the result would mean sending the mail to a different host, that host is 2294looked up in the mailertable before delivery. 2295 2296Note that the last case depends on whether the third argument is given 2297to the FEATURE() command. The default is to deliver the message to the 2298original address. 2299 2300The LDAP entries should be set up with an objectClass of 2301inetLocalMailRecipient and the address be listed in a mailLocalAddress 2302attribute. If present, there must be only one mailHost attribute and it 2303must contain a fully qualified host name as its value. Similarly, if 2304present, there must be only one mailRoutingAddress attribute and it must 2305contain an RFC 822 compliant address. Some example LDAP records (in LDIF 2306format): 2307 2308 dn: uid=tom, o=example.com, c=US 2309 objectClass: inetLocalMailRecipient 2310 mailLocalAddress: tom@example.com 2311 mailRoutingAddress: thomas@mailhost.example.com 2312 2313This would deliver mail for tom@example.com to thomas@mailhost.example.com. 2314 2315 dn: uid=dick, o=example.com, c=US 2316 objectClass: inetLocalMailRecipient 2317 mailLocalAddress: dick@example.com 2318 mailHost: eng.example.com 2319 2320This would relay mail for dick@example.com to the same address but redirect 2321the mail to MX records listed for the host eng.example.com (unless the 2322mailertable overrides). 2323 2324 dn: uid=harry, o=example.com, c=US 2325 objectClass: inetLocalMailRecipient 2326 mailLocalAddress: harry@example.com 2327 mailHost: mktmail.example.com 2328 mailRoutingAddress: harry@mkt.example.com 2329 2330This would relay mail for harry@example.com to the MX records listed for 2331the host mktmail.example.com using the new address harry@mkt.example.com 2332when talking to that host. 2333 2334 dn: uid=virtual.example.com, o=example.com, c=US 2335 objectClass: inetLocalMailRecipient 2336 mailLocalAddress: @virtual.example.com 2337 mailHost: server.example.com 2338 mailRoutingAddress: virtual@example.com 2339 2340This would send all mail destined for any username @virtual.example.com to 2341the machine server.example.com's MX servers and deliver to the address 2342virtual@example.com on that relay machine. 2343 2344 2345+---------------------------------+ 2346| ANTI-SPAM CONFIGURATION CONTROL | 2347+---------------------------------+ 2348 2349The primary anti-spam features available in sendmail are: 2350 2351* Relaying is denied by default. 2352* Better checking on sender information. 2353* Access database. 2354* Header checks. 2355 2356Relaying (transmission of messages from a site outside your host (class 2357{w}) to another site except yours) is denied by default. Note that this 2358changed in sendmail 8.9; previous versions allowed relaying by default. 2359If you really want to revert to the old behaviour, you will need to use 2360FEATURE(`promiscuous_relay'). You can allow certain domains to relay 2361through your server by adding their domain name or IP address to class 2362{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database 2363(described below). Note that IPv6 addresses must be prefaced with "IPv6:". 2364The file consists (like any other file based class) of entries listed on 2365separate lines, e.g., 2366 2367 sendmail.org 2368 128.32 2369 IPv6:2002:c0a8:02c7 2370 IPv6:2002:c0a8:51d2::23f4 2371 host.mydomain.com 2372 [UNIX:localhost] 2373 2374Notice: the last entry allows relaying for connections via a UNIX 2375socket to the MTA/MSP. This might be necessary if your configuration 2376doesn't allow relaying by other means in that case, e.g., by having 2377localhost.$m in class {R} (make sure $m is not just a top level 2378domain). 2379 2380If you use 2381 2382 FEATURE(`relay_entire_domain') 2383 2384then any host in any of your local domains (that is, class {m}) 2385will be relayed (that is, you will accept mail either to or from any 2386host in your domain). 2387 2388You can also allow relaying based on the MX records of the host 2389portion of an incoming recipient address by using 2390 2391 FEATURE(`relay_based_on_MX') 2392 2393For example, if your server receives a recipient of user@domain.com 2394and domain.com lists your server in its MX records, the mail will be 2395accepted for relay to domain.com. This feature may cause problems 2396if MX lookups for the recipient domain are slow or time out. In that 2397case, mail will be temporarily rejected. It is usually better to 2398maintain a list of hosts/domains for which the server acts as relay. 2399Note also that this feature will stop spammers from using your host 2400to relay spam but it will not stop outsiders from using your server 2401as a relay for their site (that is, they set up an MX record pointing 2402to your mail server, and you will relay mail addressed to them 2403without any prior arrangement). Along the same lines, 2404 2405 FEATURE(`relay_local_from') 2406 2407will allow relaying if the sender specifies a return path (i.e. 2408MAIL FROM:<user@domain>) domain which is a local domain. This is a 2409dangerous feature as it will allow spammers to spam using your mail 2410server by simply specifying a return address of user@your.domain.com. 2411It should not be used unless absolutely necessary. 2412A slightly better solution is 2413 2414 FEATURE(`relay_mail_from') 2415 2416which allows relaying if the mail sender is listed as RELAY in the 2417access map. If an optional argument `domain' (this is the literal 2418word `domain', not a placeholder) is given, the domain portion of 2419the mail sender is also checked to allowing relaying. This option 2420only works together with the tag From: for the LHS of the access 2421map entries. This feature allows spammers to abuse your mail server 2422by specifying a return address that you enabled in your access file. 2423This may be harder to figure out for spammers, but it should not 2424be used unless necessary. Instead use SMTP AUTH or STARTTLS to 2425allow relaying for roaming users. 2426 2427 2428If source routing is used in the recipient address (e.g., 2429RCPT TO:<user%site.com@othersite.com>), sendmail will check 2430user@site.com for relaying if othersite.com is an allowed relay host 2431in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, 2432or the access database if FEATURE(`access_db') is used. To prevent 2433the address from being stripped down, use: 2434 2435 FEATURE(`loose_relay_check') 2436 2437If you think you need to use this feature, you probably do not. This 2438should only be used for sites which have no control over the addresses 2439that they provide a gateway for. Use this FEATURE with caution as it 2440can allow spammers to relay through your server if not setup properly. 2441 2442NOTICE: It is possible to relay mail through a system which the anti-relay 2443rules do not prevent: the case of a system that does use FEATURE(`nouucp', 2444`nospecial') (system A) and relays local messages to a mail hub (e.g., via 2445LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use 2446FEATURE(`nouucp') at all, addresses of the form 2447<example.net!user@local.host> would be relayed to <user@example.net>. 2448System A doesn't recognize `!' as an address separator and therefore 2449forwards it to the mail hub which in turns relays it because it came from 2450a trusted local host. So if a mailserver allows UUCP (bang-format) 2451addresses, all systems from which it allows relaying should do the same 2452or reject those addresses. 2453 2454As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has 2455an unresolvable domain (i.e., one that DNS, your local name service, 2456or special case rules in ruleset 3 cannot locate). This also applies 2457to addresses that use domain literals, e.g., <user@[1.2.3.4]>, if the 2458IP address can't be mapped to a host name. If you want to continue 2459to accept such domains, e.g., because you are inside a firewall that 2460has only a limited view of the Internet host name space (note that you 2461will not be able to return mail to them unless you have some "smart 2462host" forwarder), use 2463 2464 FEATURE(`accept_unresolvable_domains') 2465 2466Alternatively, you can allow specific addresses by adding them to 2467the access map, e.g., 2468 2469 From:unresolvable.domain OK 2470 From:[1.2.3.4] OK 2471 From:[1.2.4] OK 2472 2473Notice: domains which are temporarily unresolvable are (temporarily) 2474rejected with a 451 reply code. If those domains should be accepted 2475(which is discouraged) then you can use 2476 2477 LOCAL_CONFIG 2478 C{ResOk}TEMP 2479 2480sendmail will also refuse mail if the MAIL FROM: parameter is not 2481fully qualified (i.e., contains a domain as well as a user). If you 2482want to continue to accept such senders, use 2483 2484 FEATURE(`accept_unqualified_senders') 2485 2486Setting the DaemonPortOptions modifier 'u' overrides the default behavior, 2487i.e., unqualified addresses are accepted even without this FEATURE. If 2488this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used 2489to enforce fully qualified domain names. 2490 2491An ``access'' database can be created to accept or reject mail from 2492selected domains. For example, you may choose to reject all mail 2493originating from known spammers. To enable such a database, use 2494 2495 FEATURE(`access_db') 2496 2497Notice: the access database is applied to the envelope addresses 2498and the connection information, not to the header. 2499 2500The FEATURE macro can accept as second parameter the key file 2501definition for the database; for example 2502 2503 FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access_map') 2504 2505Notice: If a second argument is specified it must contain the option 2506`-T<TMPF>' as shown above. The optional parameters may be 2507 2508 `skip' enables SKIP as value part (see below). 2509 `lookupdotdomain' another way to enable the feature of the 2510 same name (see above). 2511 `relaytofulladdress' enable entries of the form 2512 To:user@example.com RELAY 2513 to allow relaying to just a specific 2514 e-mail address instead of an entire domain. 2515 2516Remember, since /etc/mail/access is a database, after creating the text 2517file as described below, you must use makemap to create the database 2518map. For example: 2519 2520 makemap hash /etc/mail/access < /etc/mail/access 2521 2522The table itself uses e-mail addresses, domain names, and network 2523numbers as keys. Note that IPv6 addresses must be prefaced with "IPv6:". 2524For example, 2525 2526 From:spammer@aol.com REJECT 2527 From:cyberspammer.com REJECT 2528 Connect:cyberspammer.com REJECT 2529 Connect:TLD REJECT 2530 Connect:192.168.212 REJECT 2531 Connect:IPv6:2002:c0a8:02c7 RELAY 2532 Connect:IPv6:2002:c0a8:51d2::23f4 REJECT 2533 2534would refuse mail from spammer@aol.com, any user from cyberspammer.com 2535(or any host within the cyberspammer.com domain), any host in the entire 2536top level domain TLD, 192.168.212.* network, and the IPv6 address 25372002:c0a8:51d2::23f4. It would allow relay for the IPv6 network 25382002:c0a8:02c7::/48. 2539 2540Entries in the access map should be tagged according to their type. 2541Three tags are available: 2542 2543 Connect: connection information (${client_addr}, ${client_name}) 2544 From: envelope sender 2545 To: envelope recipient 2546 2547Notice: untagged entries are deprecated. 2548 2549If the required item is looked up in a map, it will be tried first 2550with the corresponding tag in front, then (as fallback to enable 2551backward compatibility) without any tag, unless the specific feature 2552requires a tag. For example, 2553 2554 From:spammer@some.dom REJECT 2555 To:friend.domain RELAY 2556 Connect:friend.domain OK 2557 Connect:from.domain RELAY 2558 From:good@another.dom OK 2559 From:another.dom REJECT 2560 2561This would deny mails from spammer@some.dom but you could still 2562send mail to that address even if FEATURE(`blacklist_recipients') 2563is enabled. Your system will allow relaying to friend.domain, but 2564not from it (unless enabled by other means). Connections from that 2565domain will be allowed even if it ends up in one of the DNS based 2566rejection lists. Relaying is enabled from from.domain but not to 2567it (since relaying is based on the connection information for 2568outgoing relaying, the tag Connect: must be used; for incoming 2569relaying, which is based on the recipient address, To: must be 2570used). The last two entries allow mails from good@another.dom but 2571reject mail from all other addresses with another.dom as domain 2572part. 2573 2574 2575The value part of the map can contain: 2576 2577 OK Accept mail even if other rules in the running 2578 ruleset would reject it, for example, if the domain 2579 name is unresolvable. "Accept" does not mean 2580 "relay", but at most acceptance for local 2581 recipients. That is, OK allows less than RELAY. 2582 RELAY Accept mail addressed to the indicated domain 2583 (or address if `relaytofulladdress' is set) or 2584 received from the indicated domain for relaying 2585 through your SMTP server. RELAY also serves as 2586 an implicit OK for the other checks. 2587 REJECT Reject the sender or recipient with a general 2588 purpose message. 2589 DISCARD Discard the message completely using the 2590 $#discard mailer. If it is used in check_compat, 2591 it affects only the designated recipient, not 2592 the whole message as it does in all other cases. 2593 This should only be used if really necessary. 2594 SKIP This can only be used for host/domain names 2595 and IP addresses/nets. It will abort the current 2596 search for this entry without accepting or rejecting 2597 it but causing the default action. 2598 ### any text where ### is an RFC 821 compliant error code and 2599 "any text" is a message to return for the command. 2600 The entire string should be quoted to avoid 2601 surprises: 2602 2603 "### any text" 2604 2605 Otherwise sendmail formats the text as email 2606 addresses, e.g., it may remove spaces. 2607 This type is deprecated, use one of the two 2608 ERROR: entries below instead. 2609 ERROR:### any text 2610 as above, but useful to mark error messages as such. 2611 If quotes need to be used to avoid modifications 2612 (see above), they should be placed like this: 2613 2614 ERROR:"### any text" 2615 2616 ERROR:D.S.N:### any text 2617 where D.S.N is an RFC 1893 compliant error code 2618 and the rest as above. If quotes need to be used 2619 to avoid modifications, they should be placed 2620 like this: 2621 2622 ERROR:D.S.N:"### any text" 2623 2624 QUARANTINE:any text 2625 Quarantine the message using the given text as the 2626 quarantining reason. 2627 2628For example: 2629 2630 From:cyberspammer.com ERROR:"550 We don't accept mail from spammers" 2631 From:okay.cyberspammer.com OK 2632 Connect:sendmail.org RELAY 2633 To:sendmail.org RELAY 2634 Connect:128.32 RELAY 2635 Connect:128.32.2 SKIP 2636 Connect:IPv6:1:2:3:4:5:6:7 RELAY 2637 Connect:suspicious.example.com QUARANTINE:Mail from suspicious host 2638 Connect:[127.0.0.3] OK 2639 Connect:[IPv6:1:2:3:4:5:6:7:8] OK 2640 2641would accept mail from okay.cyberspammer.com, but would reject mail 2642from all other hosts at cyberspammer.com with the indicated message. 2643It would allow relaying mail from and to any hosts in the sendmail.org 2644domain, and allow relaying from the IPv6 1:2:3:4:5:6:7:* network 2645and from the 128.32.*.* network except for the 128.32.2.* network, 2646which shows how SKIP is useful to exempt subnets/subdomains. The 2647last two entries are for checks against ${client_name} if the IP 2648address doesn't resolve to a hostname (or is considered as "may be 2649forged"). That is, using square brackets means these are host 2650names, not network numbers. 2651 2652Warning: if you change the RFC 821 compliant error code from the default 2653value of 550, then you should probably also change the RFC 1893 compliant 2654error code to match it. For example, if you use 2655 2656 To:user@example.com ERROR:450 mailbox full 2657 2658the error returned would be "450 5.0.0 mailbox full" which is wrong. 2659Use "ERROR:4.2.2:450 mailbox full" instead. 2660 2661Note, UUCP users may need to add hostname.UUCP to the access database 2662or class {R}. 2663 2664If you also use: 2665 2666 FEATURE(`relay_hosts_only') 2667 2668then the above example will allow relaying for sendmail.org, but not 2669hosts within the sendmail.org domain. Note that this will also require 2670hosts listed in class {R} to be fully qualified host names. 2671 2672You can also use the access database to block sender addresses based on 2673the username portion of the address. For example: 2674 2675 From:FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted 2676 2677Note that you must include the @ after the username to signify that 2678this database entry is for checking only the username portion of the 2679sender address. 2680 2681If you use: 2682 2683 FEATURE(`blacklist_recipients') 2684 2685then you can add entries to the map for local users, hosts in your 2686domains, or addresses in your domain which should not receive mail: 2687 2688 To:badlocaluser@ ERROR:550 Mailbox disabled for badlocaluser 2689 To:host.my.TLD ERROR:550 That host does not accept mail 2690 To:user@other.my.TLD ERROR:550 Mailbox disabled for this recipient 2691 2692This would prevent a recipient of badlocaluser in any of the local 2693domains (class {w}), any user at host.my.TLD, and the single address 2694user@other.my.TLD from receiving mail. Please note: a local username 2695must be now tagged with an @ (this is consistent with the check of 2696the sender address, and hence it is possible to distinguish between 2697hostnames and usernames). Enabling this feature will keep you from 2698sending mails to all addresses that have an error message or REJECT 2699as value part in the access map. Taking the example from above: 2700 2701 spammer@aol.com REJECT 2702 cyberspammer.com REJECT 2703 2704Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com. 2705That's why tagged entries should be used. 2706 2707There are several DNS based blacklists which can be found by 2708querying a search engine. These are databases of spammers 2709maintained in DNS. To use such a database, specify 2710 2711 FEATURE(`dnsbl', `dnsbl.example.com') 2712 2713This will cause sendmail to reject mail from any site listed in the 2714DNS based blacklist. You must select a DNS based blacklist domain 2715to check by specifying an argument to the FEATURE. The default 2716error message is 2717 2718 Rejected: IP-ADDRESS listed at SERVER 2719 2720where IP-ADDRESS and SERVER are replaced by the appropriate 2721information. A second argument can be used to specify a different 2722text or action. For example, 2723 2724 FEATURE(`dnsbl', `dnsbl.example.com', `quarantine') 2725 2726would quarantine the message if the client IP address is listed 2727at `dnsbl.example.com'. 2728 2729By default, temporary lookup failures are ignored 2730and hence cause the connection not to be rejected by the DNS based 2731rejection list. This behavior can be changed by specifying a third 2732argument, which must be either `t' or a full error message. For 2733example: 2734 2735 FEATURE(`dnsbl', `dnsbl.example.com', `', 2736 `"451 Temporary lookup failure for " $&{client_addr} " in dnsbl.example.com"') 2737 2738If `t' is used, the error message is: 2739 2740 451 Temporary lookup failure of IP-ADDRESS at SERVER 2741 2742where IP-ADDRESS and SERVER are replaced by the appropriate 2743information. 2744 2745This FEATURE can be included several times to query different 2746DNS based rejection lists. 2747 2748Notice: to avoid checking your own local domains against those 2749blacklists, use the access_db feature and add: 2750 2751 Connect:10.1 OK 2752 Connect:127.0.0.1 RELAY 2753 2754to the access map, where 10.1 is your local network. You may 2755want to use "RELAY" instead of "OK" to allow also relaying 2756instead of just disabling the DNS lookups in the blacklists. 2757 2758 2759The features described above make use of the check_relay, check_mail, 2760and check_rcpt rulesets. Note that check_relay checks the SMTP 2761client hostname and IP address when the connection is made to your 2762server. It does not check if a mail message is being relayed to 2763another server. That check is done in check_rcpt. If you wish to 2764include your own checks, you can put your checks in the rulesets 2765Local_check_relay, Local_check_mail, and Local_check_rcpt. For 2766example if you wanted to block senders with all numeric usernames 2767(i.e. 2312343@bigisp.com), you would use Local_check_mail and the 2768regex map: 2769 2770 LOCAL_CONFIG 2771 Kallnumbers regex -a@MATCH ^[0-9]+$ 2772 2773 LOCAL_RULESETS 2774 SLocal_check_mail 2775 # check address against various regex checks 2776 R$* $: $>Parse0 $>3 $1 2777 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $) 2778 R@MATCH $#error $: 553 Header Error 2779 2780These rules are called with the original arguments of the corresponding 2781check_* ruleset. If the local ruleset returns $#OK, no further checking 2782is done by the features described above and the mail is accepted. If 2783the local ruleset resolves to a mailer (such as $#error or $#discard), 2784the appropriate action is taken. Other results starting with $# are 2785interpreted by sendmail and may lead to unspecified behavior. Note: do 2786NOT create a mailer with the name OK. Return values that do not start 2787with $# are ignored, i.e., normal processing continues. 2788 2789Delay all checks 2790---------------- 2791 2792By using FEATURE(`delay_checks') the rulesets check_mail and check_relay 2793will not be called when a client connects or issues a MAIL command, 2794respectively. Instead, those rulesets will be called by the check_rcpt 2795ruleset; they will be skipped if a sender has been authenticated using 2796a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(). 2797If check_mail returns an error then the RCPT TO command will be rejected 2798with that error. If it returns some other result starting with $# then 2799check_relay will be skipped. If the sender address (or a part of it) is 2800listed in the access map and it has a RHS of OK or RELAY, then check_relay 2801will be skipped. This has an interesting side effect: if your domain is 2802my.domain and you have 2803 2804 my.domain RELAY 2805 2806in the access map, then any e-mail with a sender address of 2807<user@my.domain> will not be rejected by check_relay even though 2808it would match the hostname or IP address. This allows spammers 2809to get around DNS based blacklist by faking the sender address. To 2810avoid this problem you have to use tagged entries: 2811 2812 To:my.domain RELAY 2813 Connect:my.domain RELAY 2814 2815if you need those entries at all (class {R} may take care of them). 2816 2817FEATURE(`delay_checks') can take an optional argument: 2818 2819 FEATURE(`delay_checks', `friend') 2820 enables spamfriend test 2821 FEATURE(`delay_checks', `hater') 2822 enables spamhater test 2823 2824If such an argument is given, the recipient will be looked up in the 2825access map (using the tag Spam:). If the argument is `friend', then 2826the default behavior is to apply the other rulesets and make a SPAM 2827friend the exception. The rulesets check_mail and check_relay will be 2828skipped only if the recipient address is found and has RHS FRIEND. If 2829the argument is `hater', then the default behavior is to skip the rulesets 2830check_mail and check_relay and make a SPAM hater the exception. The 2831other two rulesets will be applied only if the recipient address is 2832found and has RHS HATER. 2833 2834This allows for simple exceptions from the tests, e.g., by activating 2835the friend option and having 2836 2837 Spam:abuse@ FRIEND 2838 2839in the access map, mail to abuse@localdomain will get through (where 2840"localdomain" is any domain in class {w}). It is also possible to 2841specify a full address or an address with +detail: 2842 2843 Spam:abuse@my.domain FRIEND 2844 Spam:me+abuse@ FRIEND 2845 Spam:spam.domain FRIEND 2846 2847Note: The required tag has been changed in 8.12 from To: to Spam:. 2848This change is incompatible to previous versions. However, you can 2849(for now) simply add the new entries to the access map, the old 2850ones will be ignored. As soon as you removed the old entries from 2851the access map, specify a third parameter (`n') to this feature and 2852the backward compatibility rules will not be in the generated .cf 2853file. 2854 2855Header Checks 2856------------- 2857 2858You can also reject mail on the basis of the contents of headers. 2859This is done by adding a ruleset call to the 'H' header definition command 2860in sendmail.cf. For example, this can be used to check the validity of 2861a Message-ID: header: 2862 2863 LOCAL_CONFIG 2864 HMessage-Id: $>CheckMessageId 2865 2866 LOCAL_RULESETS 2867 SCheckMessageId 2868 R< $+ @ $+ > $@ OK 2869 R$* $#error $: 553 Header Error 2870 2871The alternative format: 2872 2873 HSubject: $>+CheckSubject 2874 2875that is, $>+ instead of $>, gives the full Subject: header including 2876comments to the ruleset (comments in parentheses () are stripped 2877by default). 2878 2879A default ruleset for headers which don't have a specific ruleset 2880defined for them can be given by: 2881 2882 H*: $>CheckHdr 2883 2884Notice: 28851. All rules act on tokens as explained in doc/op/op.{me,ps,txt}. 2886That may cause problems with simple header checks due to the 2887tokenization. It might be simpler to use a regex map and apply it 2888to $&{currHeader}. 28892. There are no default rulesets coming with this distribution of 2890sendmail. You can write your own, can search the WWW for examples, 2891or take a look at cf/cf/knecht.mc. 28923. When using a default ruleset for headers, the name of the header 2893currently being checked can be found in the $&{hdr_name} macro. 2894 2895After all of the headers are read, the check_eoh ruleset will be called for 2896any final header-related checks. The ruleset is called with the number of 2897headers and the size of all of the headers in bytes separated by $|. One 2898example usage is to reject messages which do not have a Message-Id: 2899header. However, the Message-Id: header is *NOT* a required header and is 2900not a guaranteed spam indicator. This ruleset is an example and should 2901probably not be used in production. 2902 2903 LOCAL_CONFIG 2904 Kstorage macro 2905 HMessage-Id: $>CheckMessageId 2906 2907 LOCAL_RULESETS 2908 SCheckMessageId 2909 # Record the presence of the header 2910 R$* $: $(storage {MessageIdCheck} $@ OK $) $1 2911 R< $+ @ $+ > $@ OK 2912 R$* $#error $: 553 Header Error 2913 2914 Scheck_eoh 2915 # Check the macro 2916 R$* $: < $&{MessageIdCheck} > 2917 # Clear the macro for the next message 2918 R$* $: $(storage {MessageIdCheck} $) $1 2919 # Has a Message-Id: header 2920 R< $+ > $@ OK 2921 # Allow missing Message-Id: from local mail 2922 R$* $: < $&{client_name} > 2923 R< > $@ OK 2924 R< $=w > $@ OK 2925 # Otherwise, reject the mail 2926 R$* $#error $: 553 Header Error 2927 2928 2929+--------------------+ 2930| CONNECTION CONTROL | 2931+--------------------+ 2932 2933The features ratecontrol and conncontrol allow to establish connection 2934limits per client IP address or net. These features can limit the 2935rate of connections (connections per time unit) or the number of 2936incoming SMTP connections, respectively. If enabled, appropriate 2937rulesets are called at the end of check_relay, i.e., after DNS 2938blacklists and generic access_db operations. The features require 2939FEATURE(`access_db') to be listed earlier in the mc file. 2940 2941Note: FEATURE(`delay_checks') delays those connection control checks 2942after a recipient address has been received, hence making these 2943connection control features less useful. To run the checks as early 2944as possible, specify the parameter `nodelay', e.g., 2945 2946 FEATURE(`ratecontrol', `nodelay') 2947 2948In that case, FEATURE(`delay_checks') has no effect on connection 2949control (and it must be specified earlier in the mc file). 2950 2951An optional second argument `terminate' specifies whether the 2952rulesets should return the error code 421 which will cause 2953sendmail to terminate the session with that error if it is 2954returned from check_relay, i.e., not delayed as explained in 2955the previous paragraph. Example: 2956 2957 FEATURE(`ratecontrol', `nodelay', `terminate') 2958 2959 2960+----------+ 2961| STARTTLS | 2962+----------+ 2963 2964In this text, cert will be used as an abbreviation for X.509 certificate, 2965DN (CN) is the distinguished (common) name of a cert, and CA is a 2966certification authority, which signs (issues) certs. 2967 2968For STARTTLS to be offered by sendmail you need to set at least 2969these variables (the file names and paths are just examples): 2970 2971 define(`confCACERT_PATH', `/etc/mail/certs/') 2972 define(`confCACERT', `/etc/mail/certs/CA.cert.pem') 2973 define(`confSERVER_CERT', `/etc/mail/certs/my.cert.pem') 2974 define(`confSERVER_KEY', `/etc/mail/certs/my.key.pem') 2975 2976On systems which do not have the compile flag HASURANDOM set (see 2977sendmail/README) you also must set confRAND_FILE. 2978 2979See doc/op/op.{me,ps,txt} for more information about these options, 2980especially the sections ``Certificates for STARTTLS'' and ``PRNG for 2981STARTTLS''. 2982 2983Macros related to STARTTLS are: 2984 2985${cert_issuer} holds the DN of the CA (the cert issuer). 2986${cert_subject} holds the DN of the cert (called the cert subject). 2987${cn_issuer} holds the CN of the CA (the cert issuer). 2988${cn_subject} holds the CN of the cert (called the cert subject). 2989${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1, 2990 TLSv1/SSLv3, SSLv3, SSLv2. 2991${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 2992 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 2993${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm 2994 used for the connection. 2995${verify} holds the result of the verification of the presented cert. 2996 Possible values are: 2997 OK verification succeeded. 2998 NO no cert presented. 2999 NOT no cert requested. 3000 FAIL cert presented but could not be verified, 3001 e.g., the cert of the signing CA is missing. 3002 NONE STARTTLS has not been performed. 3003 TEMP temporary error occurred. 3004 PROTOCOL protocol error occurred (SMTP level). 3005 SOFTWARE STARTTLS handshake failed. 3006${server_name} the name of the server of the current outgoing SMTP 3007 connection. 3008${server_addr} the address of the server of the current outgoing SMTP 3009 connection. 3010 3011Relaying 3012-------- 3013 3014SMTP STARTTLS can allow relaying for remote SMTP clients which have 3015successfully authenticated themselves. If the verification of the cert 3016failed (${verify} != OK), relaying is subject to the usual rules. 3017Otherwise the DN of the issuer is looked up in the access map using the 3018tag CERTISSUER. If the resulting value is RELAY, relaying is allowed. 3019If it is SUBJECT, the DN of the cert subject is looked up next in the 3020access map using the tag CERTSUBJECT. If the value is RELAY, relaying 3021is allowed. 3022 3023To make things a bit more flexible (or complicated), the values for 3024${cert_issuer} and ${cert_subject} can be optionally modified by regular 3025expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and 3026_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in 3027rulesets and map lookups, they are modified as follows: each non-printable 3028character and the characters '<', '>', '(', ')', '"', '+', ' ' are replaced 3029by their HEX value with a leading '+'. For example: 3030 3031/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email= 3032darth+cert@endmail.org 3033 3034is encoded as: 3035 3036/C=US/ST=California/O=endmail.org/OU=private/CN= 3037Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 3038 3039(line breaks have been inserted for readability). 3040 3041The macros which are subject to this encoding are ${cert_subject}, 3042${cert_issuer}, ${cn_subject}, and ${cn_issuer}. 3043 3044Examples: 3045 3046To allow relaying for everyone who can present a cert signed by 3047 3048/C=US/ST=California/O=endmail.org/OU=private/CN= 3049Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 3050 3051simply use: 3052 3053CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN= 3054Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org RELAY 3055 3056To allow relaying only for a subset of machines that have a cert signed by 3057 3058/C=US/ST=California/O=endmail.org/OU=private/CN= 3059Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 3060 3061use: 3062 3063CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN= 3064Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org SUBJECT 3065CertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN= 3066DeathStar/Email=deathstar@endmail.org RELAY 3067 3068Notes: 3069- line breaks have been inserted after "CN=" for readability, 3070 each tagged entry must be one (long) line in the access map. 3071- if OpenSSL 0.9.7 or newer is used then the "Email=" part of a DN 3072 is replaced by "emailAddress=". 3073 3074Of course it is also possible to write a simple ruleset that allows 3075relaying for everyone who can present a cert that can be verified, e.g., 3076 3077LOCAL_RULESETS 3078SLocal_check_rcpt 3079R$* $: $&{verify} 3080ROK $# OK 3081 3082Allowing Connections 3083-------------------- 3084 3085The rulesets tls_server, tls_client, and tls_rcpt are used to decide whether 3086an SMTP connection is accepted (or should continue). 3087 3088tls_server is called when sendmail acts as client after a STARTTLS command 3089(should) have been issued. The parameter is the value of ${verify}. 3090 3091tls_client is called when sendmail acts as server, after a STARTTLS command 3092has been issued, and from check_mail. The parameter is the value of 3093${verify} and STARTTLS or MAIL, respectively. 3094 3095Both rulesets behave the same. If no access map is in use, the connection 3096will be accepted unless ${verify} is SOFTWARE, in which case the connection 3097is always aborted. For tls_server/tls_client, ${client_name}/${server_name} 3098is looked up in the access map using the tag TLS_Srv/TLS_Clt, which is done 3099with the ruleset LookUpDomain. If no entry is found, ${client_addr} 3100(${server_addr}) is looked up in the access map (same tag, ruleset 3101LookUpAddr). If this doesn't result in an entry either, just the tag is 3102looked up in the access map (included the trailing colon). Notice: 3103requiring that e-mail is sent to a server only encrypted, e.g., via 3104 3105TLS_Srv:secure.domain ENCR:112 3106 3107doesn't necessarily mean that e-mail sent to that domain is encrypted. 3108If the domain has multiple MX servers, e.g., 3109 3110secure.domain. IN MX 10 mail.secure.domain. 3111secure.domain. IN MX 50 mail.other.domain. 3112 3113then mail to user@secure.domain may go unencrypted to mail.other.domain. 3114tls_rcpt can be used to address this problem. 3115 3116tls_rcpt is called before a RCPT TO: command is sent. The parameter is the 3117current recipient. This ruleset is only defined if FEATURE(`access_db') 3118is selected. A recipient address user@domain is looked up in the access 3119map in four formats: TLS_Rcpt:user@domain, TLS_Rcpt:user@, TLS_Rcpt:domain, 3120and TLS_Rcpt:; the first match is taken. 3121 3122The result of the lookups is then used to call the ruleset TLS_connection, 3123which checks the requirement specified by the RHS in the access map against 3124the actual parameters of the current TLS connection, esp. ${verify} and 3125${cipher_bits}. Legal RHSs in the access map are: 3126 3127VERIFY verification must have succeeded 3128VERIFY:bits verification must have succeeded and ${cipher_bits} must 3129 be greater than or equal bits. 3130ENCR:bits ${cipher_bits} must be greater than or equal bits. 3131 3132The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary 3133or permanent error. The default is a temporary error code (403 4.7.0) 3134unless the macro TLS_PERM_ERR is set during generation of the .cf file. 3135 3136If a certain level of encryption is required, then it might also be 3137possible that this level is provided by the security layer from a SASL 3138algorithm, e.g., DIGEST-MD5. 3139 3140Furthermore, there can be a list of extensions added. Such a list 3141starts with '+' and the items are separated by '++'. Allowed 3142extensions are: 3143 3144CN:name name must match ${cn_subject} 3145CN ${client_name}/${server_name} must match ${cn_subject} 3146CS:name name must match ${cert_subject} 3147CI:name name must match ${cert_issuer} 3148 3149Example: e-mail sent to secure.example.com should only use an encrypted 3150connection. E-mail received from hosts within the laptop.example.com domain 3151should only be accepted if they have been authenticated. The host which 3152receives e-mail for darth@endmail.org must present a cert that uses the 3153CN smtp.endmail.org. 3154 3155TLS_Srv:secure.example.com ENCR:112 3156TLS_Clt:laptop.example.com PERM+VERIFY:112 3157TLS_Rcpt:darth@endmail.org ENCR:112+CN:smtp.endmail.org 3158 3159 3160Disabling STARTTLS And Setting SMTP Server Features 3161--------------------------------------------------- 3162 3163By default STARTTLS is used whenever possible. However, there are 3164some broken MTAs that don't properly implement STARTTLS. To be able 3165to send to (or receive from) those MTAs, the ruleset try_tls 3166(srv_features) can be used that work together with the access map. 3167Entries for the access map must be tagged with Try_TLS (Srv_Features) 3168and refer to the hostname or IP address of the connecting system. 3169A default case can be specified by using just the tag. For example, 3170the following entries in the access map: 3171 3172 Try_TLS:broken.server NO 3173 Srv_Features:my.domain v 3174 Srv_Features: V 3175 3176will turn off STARTTLS when sending to broken.server (or any host 3177in that domain), and request a client certificate during the TLS 3178handshake only for hosts in my.domain. The valid entries on the RHS 3179for Srv_Features are listed in the Sendmail Installation and 3180Operations Guide. 3181 3182 3183Received: Header 3184---------------- 3185 3186The Received: header reveals whether STARTTLS has been used. It contains an 3187extra line: 3188 3189(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify}) 3190 3191 3192+---------------------+ 3193| SMTP AUTHENTICATION | 3194+---------------------+ 3195 3196The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be 3197used in anti-relay rulesets to allow relaying for those users that 3198authenticated themselves. A very simple example is: 3199 3200SLocal_check_rcpt 3201R$* $: $&{auth_type} 3202R$+ $# OK 3203 3204which checks whether a user has successfully authenticated using 3205any available mechanism. Depending on the setup of the Cyrus SASL 3206library, more sophisticated rulesets might be required, e.g., 3207 3208SLocal_check_rcpt 3209R$* $: $&{auth_type} $| $&{auth_authen} 3210RDIGEST-MD5 $| $+@$=w $# OK 3211 3212to allow relaying for users that authenticated using DIGEST-MD5 3213and have an identity in the local domains. 3214 3215The ruleset trust_auth is used to determine whether a given AUTH= 3216parameter (that is passed to this ruleset) should be trusted. This 3217ruleset may make use of the other ${auth_*} macros. Only if the 3218ruleset resolves to the error mailer, the AUTH= parameter is not 3219trusted. A user supplied ruleset Local_trust_auth can be written 3220to modify the default behavior, which only trust the AUTH= 3221parameter if it is identical to the authenticated user. 3222 3223Per default, relaying is allowed for any user who authenticated 3224via a "trusted" mechanism, i.e., one that is defined via 3225TRUST_AUTH_MECH(`list of mechanisms') 3226For example: 3227TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5') 3228 3229If the selected mechanism provides a security layer the number of 3230bits used for the key of the symmetric cipher is stored in the 3231macro ${auth_ssf}. 3232 3233Providing SMTP AUTH Data when sendmail acts as Client 3234----------------------------------------------------- 3235 3236If sendmail acts as client, it needs some information how to 3237authenticate against another MTA. This information can be provided 3238by the ruleset authinfo or by the option DefaultAuthInfo. The 3239authinfo ruleset looks up {server_name} using the tag AuthInfo: in 3240the access map. If no entry is found, {server_addr} is looked up 3241in the same way and finally just the tag AuthInfo: to provide 3242default values. Note: searches for domain parts or IP nets are 3243only performed if the access map is used; if the authinfo feature 3244is used then only up to three lookups are performed (two exact 3245matches, one default). 3246 3247Note: If your daemon does client authentication when sending, and 3248if it uses either PLAIN or LOGIN authentication, then you *must* 3249prevent ordinary users from seeing verbose output. Do NOT install 3250sendmail set-user-ID. Use PrivacyOptions to turn off verbose output 3251("goaway" works for this). 3252 3253Notice: the default configuration file causes the option DefaultAuthInfo 3254to fail since the ruleset authinfo is in the .cf file. If you really 3255want to use DefaultAuthInfo (it is deprecated) then you have to 3256remove the ruleset. 3257 3258The RHS for an AuthInfo: entry in the access map should consists of a 3259list of tokens, each of which has the form: "TDstring" (including 3260the quotes). T is a tag which describes the item, D is a delimiter, 3261either ':' for simple text or '=' for a base64 encoded string. 3262Valid values for the tag are: 3263 3264 U user (authorization) id 3265 I authentication id 3266 P password 3267 R realm 3268 M list of mechanisms delimited by spaces 3269 3270Example entries are: 3271 3272AuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5" 3273AuthInfo:host.more.dom "U:user" "P=c2VjcmV0" 3274 3275User id or authentication id must exist as well as the password. All 3276other entries have default values. If one of user or authentication 3277id is missing, the existing value is used for the missing item. 3278If "R:" is not specified, realm defaults to $j. The list of mechanisms 3279defaults to those specified by AuthMechanisms. 3280 3281Since this map contains sensitive information, either the access 3282map must be unreadable by everyone but root (or the trusted user) 3283or FEATURE(`authinfo') must be used which provides a separate map. 3284Notice: It is not checked whether the map is actually 3285group/world-unreadable, this is left to the user. 3286 3287+--------------------------------+ 3288| ADDING NEW MAILERS OR RULESETS | 3289+--------------------------------+ 3290 3291Sometimes you may need to add entirely new mailers or rulesets. They 3292should be introduced with the constructs MAILER_DEFINITIONS and 3293LOCAL_RULESETS respectively. For example: 3294 3295 MAILER_DEFINITIONS 3296 Mmymailer, ... 3297 ... 3298 3299 LOCAL_RULESETS 3300 Smyruleset 3301 ... 3302 3303Local additions for the rulesets srv_features, try_tls, tls_rcpt, 3304tls_client, and tls_server can be made using LOCAL_SRV_FEATURES, 3305LOCAL_TRY_TLS, LOCAL_TLS_RCPT, LOCAL_TLS_CLIENT, and LOCAL_TLS_SERVER, 3306respectively. For example, to add a local ruleset that decides 3307whether to try STARTTLS in a sendmail client, use: 3308 3309 LOCAL_TRY_TLS 3310 R... 3311 3312Note: you don't need to add a name for the ruleset, it is implicitly 3313defined by using the appropriate macro. 3314 3315 3316+-------------------------+ 3317| ADDING NEW MAIL FILTERS | 3318+-------------------------+ 3319 3320Sendmail supports mail filters to filter incoming SMTP messages according 3321to the "Sendmail Mail Filter API" documentation. These filters can be 3322configured in your mc file using the two commands: 3323 3324 MAIL_FILTER(`name', `equates') 3325 INPUT_MAIL_FILTER(`name', `equates') 3326 3327The first command, MAIL_FILTER(), simply defines a filter with the given 3328name and equates. For example: 3329 3330 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 3331 3332This creates the equivalent sendmail.cf entry: 3333 3334 Xarchive, S=local:/var/run/archivesock, F=R 3335 3336The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER 3337but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name 3338of the filter such that the filter will actually be called by sendmail. 3339 3340For example, the two commands: 3341 3342 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 3343 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 3344 3345are equivalent to the three commands: 3346 3347 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 3348 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 3349 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck') 3350 3351In general, INPUT_MAIL_FILTER() should be used unless you need to define 3352more filters than you want to use for `confINPUT_MAIL_FILTERS'. 3353 3354Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER() 3355commands will clear the list created by the prior INPUT_MAIL_FILTER() 3356commands. 3357 3358 3359+-------------------------+ 3360| QUEUE GROUP DEFINITIONS | 3361+-------------------------+ 3362 3363In addition to the queue directory (which is the default queue group 3364called "mqueue"), sendmail can deal with multiple queue groups, which 3365are collections of queue directories with the same behaviour. Queue 3366groups can be defined using the command: 3367 3368 QUEUE_GROUP(`name', `equates') 3369 3370For details about queue groups, please see doc/op/op.{me,ps,txt}. 3371 3372+-------------------------------+ 3373| NON-SMTP BASED CONFIGURATIONS | 3374+-------------------------------+ 3375 3376These configuration files are designed primarily for use by 3377SMTP-based sites. They may not be well tuned for UUCP-only or 3378UUCP-primarily nodes (the latter is defined as a small local net 3379connected to the rest of the world via UUCP). However, there is 3380one hook to handle some special cases. 3381 3382You can define a ``smart host'' that understands a richer address syntax 3383using: 3384 3385 define(`SMART_HOST', `mailer:hostname') 3386 3387In this case, the ``mailer:'' defaults to "relay". Any messages that 3388can't be handled using the usual UUCP rules are passed to this host. 3389 3390If you are on a local SMTP-based net that connects to the outside 3391world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules. 3392For example: 3393 3394 define(`SMART_HOST', `uucp-new:uunet') 3395 LOCAL_NET_CONFIG 3396 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3 3397 3398This will cause all names that end in your domain name ($m) to be sent 3399via SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet. 3400If you have FEATURE(`nocanonify'), you may need to omit the dots after 3401the $m. If you are running a local DNS inside your domain which is 3402not otherwise connected to the outside world, you probably want to 3403use: 3404 3405 define(`SMART_HOST', `smtp:fire.wall.com') 3406 LOCAL_NET_CONFIG 3407 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3 3408 3409That is, send directly only to things you found in your DNS lookup; 3410anything else goes through SMART_HOST. 3411 3412You may need to turn off the anti-spam rules in order to accept 3413UUCP mail with FEATURE(`promiscuous_relay') and 3414FEATURE(`accept_unresolvable_domains'). 3415 3416 3417+-----------+ 3418| WHO AM I? | 3419+-----------+ 3420 3421Normally, the $j macro is automatically defined to be your fully 3422qualified domain name (FQDN). Sendmail does this by getting your 3423host name using gethostname and then calling gethostbyname on the 3424result. For example, in some environments gethostname returns 3425only the root of the host name (such as "foo"); gethostbyname is 3426supposed to return the FQDN ("foo.bar.com"). In some (fairly rare) 3427cases, gethostbyname may fail to return the FQDN. In this case 3428you MUST define confDOMAIN_NAME to be your fully qualified domain 3429name. This is usually done using: 3430 3431 Dmbar.com 3432 define(`confDOMAIN_NAME', `$w.$m')dnl 3433 3434 3435+-----------------------------------+ 3436| ACCEPTING MAIL FOR MULTIPLE NAMES | 3437+-----------------------------------+ 3438 3439If your host is known by several different names, you need to augment 3440class {w}. This is a list of names by which your host is known, and 3441anything sent to an address using a host name in this list will be 3442treated as local mail. You can do this in two ways: either create the 3443file /etc/mail/local-host-names containing a list of your aliases (one per 3444line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add 3445``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified 3446name of the host, rather than a short name. 3447 3448If you want to have different address in different domains, take 3449a look at the virtusertable feature, which is also explained at 3450http://www.sendmail.org/virtual-hosting.html 3451 3452 3453+--------------------+ 3454| USING MAILERTABLES | 3455+--------------------+ 3456 3457To use FEATURE(`mailertable'), you will have to create an external 3458database containing the routing information for various domains. 3459For example, a mailertable file in text format might be: 3460 3461 .my.domain xnet:%1.my.domain 3462 uuhost1.my.domain uucp-new:uuhost1 3463 .bitnet smtp:relay.bit.net 3464 3465This should normally be stored in /etc/mail/mailertable. The actual 3466database version of the mailertable is built using: 3467 3468 makemap hash /etc/mail/mailertable < /etc/mail/mailertable 3469 3470The semantics are simple. Any LHS entry that does not begin with 3471a dot matches the full host name indicated. LHS entries beginning 3472with a dot match anything ending with that domain name (including 3473the leading dot) -- that is, they can be thought of as having a 3474leading ".+" regular expression pattern for a non-empty sequence of 3475characters. Matching is done in order of most-to-least qualified 3476-- for example, even though ".my.domain" is listed first in the 3477above example, an entry of "uuhost1.my.domain" will match the second 3478entry since it is more explicit. Note: e-mail to "user@my.domain" 3479does not match any entry in the above table. You need to have 3480something like: 3481 3482 my.domain esmtp:host.my.domain 3483 3484The RHS should always be a "mailer:host" pair. The mailer is the 3485configuration name of a mailer (that is, an M line in the 3486sendmail.cf file). The "host" will be the hostname passed to 3487that mailer. In domain-based matches (that is, those with leading 3488dots) the "%1" may be used to interpolate the wildcarded part of 3489the host name. For example, the first line above sends everything 3490addressed to "anything.my.domain" to that same host name, but using 3491the (presumably experimental) xnet mailer. 3492 3493In some cases you may want to temporarily turn off MX records, 3494particularly on gateways. For example, you may want to MX 3495everything in a domain to one machine that then forwards it 3496directly. To do this, you might use the DNS configuration: 3497 3498 *.domain. IN MX 0 relay.machine 3499 3500and on relay.machine use the mailertable: 3501 3502 .domain smtp:[gateway.domain] 3503 3504The [square brackets] turn off MX records for this host only. 3505If you didn't do this, the mailertable would use the MX record 3506again, which would give you an MX loop. Note that the use of 3507wildcard MX records is almost always a bad idea. Please avoid 3508using them if possible. 3509 3510 3511+--------------------------------+ 3512| USING USERDB TO MAP FULL NAMES | 3513+--------------------------------+ 3514 3515The user database was not originally intended for mapping full names 3516to login names (e.g., Eric.Allman => eric), but some people are using 3517it that way. (it is recommended that you set up aliases for this 3518purpose instead -- since you can specify multiple alias files, this 3519is fairly easy.) The intent was to locate the default maildrop at 3520a site, but allow you to override this by sending to a specific host. 3521 3522If you decide to set up the user database in this fashion, it is 3523imperative that you not use FEATURE(`stickyhost') -- otherwise, 3524e-mail sent to Full.Name@local.host.name will be rejected. 3525 3526To build the internal form of the user database, use: 3527 3528 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt 3529 3530As a general rule, it is an extremely bad idea to using full names 3531as e-mail addresses, since they are not in any sense unique. For 3532example, the UNIX software-development community has at least two 3533well-known Peter Deutsches, and at one time Bell Labs had two 3534Stephen R. Bournes with offices along the same hallway. Which one 3535will be forced to suffer the indignity of being Stephen_R_Bourne_2? 3536The less famous of the two, or the one that was hired later? 3537 3538Finger should handle full names (and be fuzzy). Mail should use 3539handles, and not be fuzzy. 3540 3541 3542+--------------------------------+ 3543| MISCELLANEOUS SPECIAL FEATURES | 3544+--------------------------------+ 3545 3546Plussed users 3547 Sometimes it is convenient to merge configuration on a 3548 centralized mail machine, for example, to forward all 3549 root mail to a mail server. In this case it might be 3550 useful to be able to treat the root addresses as a class 3551 of addresses with subtle differences. You can do this 3552 using plussed users. For example, a client might include 3553 the alias: 3554 3555 root: root+client1@server 3556 3557 On the server, this will match an alias for "root+client1". 3558 If that is not found, the alias "root+*" will be tried, 3559 then "root". 3560 3561 3562+----------------+ 3563| SECURITY NOTES | 3564+----------------+ 3565 3566A lot of sendmail security comes down to you. Sendmail 8 is much 3567more careful about checking for security problems than previous 3568versions, but there are some things that you still need to watch 3569for. In particular: 3570 3571* Make sure the aliases file is not writable except by trusted 3572 system personnel. This includes both the text and database 3573 version. 3574 3575* Make sure that other files that sendmail reads, such as the 3576 mailertable, are only writable by trusted system personnel. 3577 3578* The queue directory should not be world writable PARTICULARLY 3579 if your system allows "file giveaways" (that is, if a non-root 3580 user can chown any file they own to any other user). 3581 3582* If your system allows file giveaways, DO NOT create a publically 3583 writable directory for forward files. This will allow anyone 3584 to steal anyone else's e-mail. Instead, create a script that 3585 copies the .forward file from users' home directories once a 3586 night (if you want the non-NFS-mounted forward directory). 3587 3588* If your system allows file giveaways, you'll find that 3589 sendmail is much less trusting of :include: files -- in 3590 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in 3591 /etc/shells before they will be trusted (that is, before 3592 files and programs listed in them will be honored). 3593 3594In general, file giveaways are a mistake -- if you can turn them 3595off, do so. 3596 3597 3598+--------------------------------+ 3599| TWEAKING CONFIGURATION OPTIONS | 3600+--------------------------------+ 3601 3602There are a large number of configuration options that don't normally 3603need to be changed. However, if you feel you need to tweak them, 3604you can define the following M4 variables. Note that some of these 3605variables require formats that are defined in RFC 2821 or RFC 2822. 3606Before changing them you need to make sure you do not violate those 3607(and other relevant) RFCs. 3608 3609This list is shown in four columns: the name you define, the default 3610value for that definition, the option or macro that is affected 3611(either Ox for an option or Dx for a macro), and a brief description. 3612Greater detail of the semantics can be found in the Installation 3613and Operations Guide. 3614 3615Some options are likely to be deprecated in future versions -- that is, 3616the option is only included to provide back-compatibility. These are 3617marked with "*". 3618 3619Remember that these options are M4 variables, and hence may need to 3620be quoted. In particular, arguments with commas will usually have to 3621be ``double quoted, like this phrase'' to avoid having the comma 3622confuse things. This is common for alias file definitions and for 3623the read timeout. 3624 3625M4 Variable Name Configuration [Default] & Description 3626================ ============= ======================= 3627confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used 3628 for internally generated outgoing 3629 messages. 3630confDOMAIN_NAME $j macro If defined, sets $j. This should 3631 only be done if your system cannot 3632 determine your local domain name, 3633 and then it should be set to 3634 $w.Foo.COM, where Foo.COM is your 3635 domain name. 3636confCF_VERSION $Z macro If defined, this is appended to the 3637 configuration version name. 3638confLDAP_CLUSTER ${sendmailMTACluster} macro 3639 If defined, this is the LDAP 3640 cluster to use for LDAP searches 3641 as described above in ``USING LDAP 3642 FOR ALIASES, MAPS, AND CLASSES''. 3643confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an 3644 internally generated From: address. 3645confRECEIVED_HEADER Received: 3646 [$?sfrom $s $.$?_($?s$|from $.$_) 3647 $.$?{auth_type}(authenticated) 3648 $.by $j ($v/$Z)$?r with $r$. id $i$?u 3649 for $u; $|; 3650 $.$b] 3651 The format of the Received: header 3652 in messages passed through this host. 3653 It is unwise to try to change this. 3654confMESSAGEID_HEADER Message-Id: [<$t.$i@$j>] The format of an 3655 internally generated Message-Id: 3656 header. 3657confCW_FILE Fw class [/etc/mail/local-host-names] Name 3658 of file used to get the local 3659 additions to class {w} (local host 3660 names). 3661confCT_FILE Ft class [/etc/mail/trusted-users] Name of 3662 file used to get the local additions 3663 to class {t} (trusted users). 3664confCR_FILE FR class [/etc/mail/relay-domains] Name of 3665 file used to get the local additions 3666 to class {R} (hosts allowed to relay). 3667confTRUSTED_USERS Ct class [no default] Names of users to add to 3668 the list of trusted users. This list 3669 always includes root, uucp, and daemon. 3670 See also FEATURE(`use_ct_file'). 3671confTRUSTED_USER TrustedUser [no default] Trusted user for file 3672 ownership and starting the daemon. 3673 Not to be confused with 3674 confTRUSTED_USERS (see above). 3675confSMTP_MAILER - [esmtp] The mailer name used when 3676 SMTP connectivity is required. 3677 One of "smtp", "smtp8", 3678 "esmtp", or "dsmtp". 3679confUUCP_MAILER - [uucp-old] The mailer to be used by 3680 default for bang-format recipient 3681 addresses. See also discussion of 3682 class {U}, class {Y}, and class {Z} 3683 in the MAILER(`uucp') section. 3684confLOCAL_MAILER - [local] The mailer name used when 3685 local connectivity is required. 3686 Almost always "local". 3687confRELAY_MAILER - [relay] The default mailer name used 3688 for relaying any mail (e.g., to a 3689 BITNET_RELAY, a SMART_HOST, or 3690 whatever). This can reasonably be 3691 "uucp-new" if you are on a 3692 UUCP-connected site. 3693confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits? 3694confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling 3695confALIAS_WAIT AliasWait [10m] Time to wait for alias file 3696 rebuild until you get bored and 3697 decide that the apparently pending 3698 rebuild failed. 3699confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on 3700 queue filesystem to accept SMTP mail. 3701 (Prior to 8.7 this was minfree/maxsize, 3702 where minfree was the number of free 3703 blocks and maxsize was the maximum 3704 message size. Use confMAX_MESSAGE_SIZE 3705 for the second value now.) 3706confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages 3707 that will be accepted (in bytes). 3708confBLANK_SUB BlankSub [.] Blank (space) substitution 3709 character. 3710confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately 3711 to mailers marked expensive. 3712confCHECKPOINT_INTERVAL CheckpointInterval 3713 [10] Checkpoint queue files every N 3714 recipients. 3715confDELIVERY_MODE DeliveryMode [background] Default delivery mode. 3716confERROR_MODE ErrorMode [print] Error message mode. 3717confERROR_MESSAGE ErrorHeader [undefined] Error message header/file. 3718confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines. 3719confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode. 3720confMATCH_GECOS MatchGECOS [False] Match GECOS field. 3721confMAX_HOP MaxHopCount [25] Maximum hop count. 3722confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd 3723 mode] Ignore dot as terminator for 3724 incoming messages? 3725confBIND_OPTS ResolverOptions [undefined] Default options for DNS 3726 resolver. 3727confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME- 3728 encapsulated messages per RFC 1344. 3729confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward] 3730 The colon-separated list of places to 3731 search for .forward files. N.B.: see 3732 the Security Notes section. 3733confMCI_CACHE_SIZE ConnectionCacheSize 3734 [2] Size of open connection cache. 3735confMCI_CACHE_TIMEOUT ConnectionCacheTimeout 3736 [5m] Open connection cache timeout. 3737confHOST_STATUS_DIRECTORY HostStatusDirectory 3738 [undefined] If set, host status is kept 3739 on disk between sendmail runs in the 3740 named directory tree. This need not be 3741 a full pathname, in which case it is 3742 interpreted relative to the queue 3743 directory. 3744confSINGLE_THREAD_DELIVERY SingleThreadDelivery 3745 [False] If this option and the 3746 HostStatusDirectory option are both 3747 set, single thread deliveries to other 3748 hosts. That is, don't allow any two 3749 sendmails on this host to connect 3750 simultaneously to any other single 3751 host. This can slow down delivery in 3752 some cases, in particular since a 3753 cached but otherwise idle connection 3754 to a host will prevent other sendmails 3755 from connecting to the other host. 3756confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to 3757 deliver error messages. This should 3758 not be necessary because of general 3759 acceptance of the envelope/header 3760 distinction. 3761confLOG_LEVEL LogLevel [9] Log level. 3762confME_TOO MeToo [True] Include sender in group 3763 expansions. This option is 3764 deprecated and will be removed from 3765 a future version. 3766confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when 3767 running newaliases. Since this does 3768 DNS lookups on every address, it can 3769 slow down the alias rebuild process 3770 considerably on large alias files. 3771confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without 3772 special chars are old style. 3773confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags. 3774confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional 3775 copies of all error messages. 3776confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function. 3777confQUEUE_FILE_MODE QueueFileMode [undefined] Default permissions for 3778 queue files (octal). If not set, 3779 sendmail uses 0600 unless its real 3780 and effective uid are different in 3781 which case it uses 0644. 3782confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr 3783 syntax addresses to the minimum 3784 possible. 3785confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk 3786 before forking. 3787confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response 3788 on the initial connect. 3789confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial 3790 connect() to complete. This can only 3791 shorten connection timeouts; the kernel 3792 silently enforces an absolute maximum 3793 (which varies depending on the system). 3794confTO_ICONNECT Timeout.iconnect 3795 [undefined] Like Timeout.connect, but 3796 applies only to the very first attempt 3797 to connect to a host in a message. 3798 This allows a single very fast pass 3799 followed by more careful delivery 3800 attempts in the future. 3801confTO_ACONNECT Timeout.aconnect 3802 [0] The overall timeout waiting for 3803 all connection for a single delivery 3804 attempt to succeed. If 0, no overall 3805 limit is applied. 3806confTO_HELO Timeout.helo [5m] The timeout waiting for a response 3807 to a HELO or EHLO command. 3808confTO_MAIL Timeout.mail [10m] The timeout waiting for a 3809 response to the MAIL command. 3810confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response 3811 to the RCPT command. 3812confTO_DATAINIT Timeout.datainit 3813 [5m] The timeout waiting for a 354 3814 response from the DATA command. 3815confTO_DATABLOCK Timeout.datablock 3816 [1h] The timeout waiting for a block 3817 during DATA phase. 3818confTO_DATAFINAL Timeout.datafinal 3819 [1h] The timeout waiting for a response 3820 to the final "." that terminates a 3821 message. 3822confTO_RSET Timeout.rset [5m] The timeout waiting for a response 3823 to the RSET command. 3824confTO_QUIT Timeout.quit [2m] The timeout waiting for a response 3825 to the QUIT command. 3826confTO_MISC Timeout.misc [2m] The timeout waiting for a response 3827 to other SMTP commands. 3828confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout 3829 waiting for a command to be issued. 3830confTO_IDENT Timeout.ident [5s] The timeout waiting for a 3831 response to an IDENT query. 3832confTO_FILEOPEN Timeout.fileopen 3833 [60s] The timeout waiting for a file 3834 (e.g., :include: file) to be opened. 3835confTO_LHLO Timeout.lhlo [2m] The timeout waiting for a response 3836 to an LMTP LHLO command. 3837confTO_AUTH Timeout.auth [10m] The timeout waiting for a 3838 response in an AUTH dialogue. 3839confTO_STARTTLS Timeout.starttls 3840 [1h] The timeout waiting for a 3841 response to an SMTP STARTTLS command. 3842confTO_CONTROL Timeout.control 3843 [2m] The timeout for a complete 3844 control socket transaction to complete. 3845confTO_QUEUERETURN Timeout.queuereturn 3846 [5d] The timeout before a message is 3847 returned as undeliverable. 3848confTO_QUEUERETURN_NORMAL 3849 Timeout.queuereturn.normal 3850 [undefined] As above, for normal 3851 priority messages. 3852confTO_QUEUERETURN_URGENT 3853 Timeout.queuereturn.urgent 3854 [undefined] As above, for urgent 3855 priority messages. 3856confTO_QUEUERETURN_NONURGENT 3857 Timeout.queuereturn.non-urgent 3858 [undefined] As above, for non-urgent 3859 (low) priority messages. 3860confTO_QUEUERETURN_DSN 3861 Timeout.queuereturn.dsn 3862 [undefined] As above, for delivery 3863 status notification messages. 3864confTO_QUEUEWARN Timeout.queuewarn 3865 [4h] The timeout before a warning 3866 message is sent to the sender telling 3867 them that the message has been 3868 deferred. 3869confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal 3870 [undefined] As above, for normal 3871 priority messages. 3872confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent 3873 [undefined] As above, for urgent 3874 priority messages. 3875confTO_QUEUEWARN_NONURGENT 3876 Timeout.queuewarn.non-urgent 3877 [undefined] As above, for non-urgent 3878 (low) priority messages. 3879confTO_QUEUEWARN_DSN 3880 Timeout.queuewarn.dsn 3881 [undefined] As above, for delivery 3882 status notification messages. 3883confTO_HOSTSTATUS Timeout.hoststatus 3884 [30m] How long information about host 3885 statuses will be maintained before it 3886 is considered stale and the host should 3887 be retried. This applies both within 3888 a single queue run and to persistent 3889 information (see below). 3890confTO_RESOLVER_RETRANS Timeout.resolver.retrans 3891 [varies] Sets the resolver's 3892 retransmission time interval (in 3893 seconds). Sets both 3894 Timeout.resolver.retrans.first and 3895 Timeout.resolver.retrans.normal. 3896confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first 3897 [varies] Sets the resolver's 3898 retransmission time interval (in 3899 seconds) for the first attempt to 3900 deliver a message. 3901confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal 3902 [varies] Sets the resolver's 3903 retransmission time interval (in 3904 seconds) for all resolver lookups 3905 except the first delivery attempt. 3906confTO_RESOLVER_RETRY Timeout.resolver.retry 3907 [varies] Sets the number of times 3908 to retransmit a resolver query. 3909 Sets both 3910 Timeout.resolver.retry.first and 3911 Timeout.resolver.retry.normal. 3912confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first 3913 [varies] Sets the number of times 3914 to retransmit a resolver query for 3915 the first attempt to deliver a 3916 message. 3917confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal 3918 [varies] Sets the number of times 3919 to retransmit a resolver query for 3920 all resolver lookups except the 3921 first delivery attempt. 3922confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be 3923 USE_SYSTEM to use the system's idea, 3924 USE_TZ to use the user's TZ envariable, 3925 or something else to force that value. 3926confDEF_USER_ID DefaultUser [1:1] Default user id. 3927confUSERDB_SPEC UserDatabaseSpec 3928 [undefined] User database 3929 specification. 3930confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host. 3931confFALLBACK_SMARTHOST FallbackSmartHost 3932 [undefined] Fallback smart host. 3933confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX 3934 for a host and other arrangements 3935 haven't been made, try connecting 3936 to the host directly; normally this 3937 would be a config error. 3938confQUEUE_LA QueueLA [varies] Load average at which 3939 queue-only function kicks in. 3940 Default values is (8 * numproc) 3941 where numproc is the number of 3942 processors online (if that can be 3943 determined). 3944confREFUSE_LA RefuseLA [varies] Load average at which 3945 incoming SMTP connections are 3946 refused. Default values is (12 * 3947 numproc) where numproc is the 3948 number of processors online (if 3949 that can be determined). 3950confREJECT_LOG_INTERVAL RejectLogInterval [3h] Log interval when 3951 refusing connections for this long. 3952confDELAY_LA DelayLA [0] Load average at which sendmail 3953 will sleep for one second on most 3954 SMTP commands and before accepting 3955 connections. 0 means no limit. 3956confMAX_ALIAS_RECURSION MaxAliasRecursion 3957 [10] Maximum depth of alias recursion. 3958confMAX_DAEMON_CHILDREN MaxDaemonChildren 3959 [undefined] The maximum number of 3960 children the daemon will permit. After 3961 this number, connections will be 3962 rejected. If not set or <= 0, there is 3963 no limit. 3964confMAX_HEADERS_LENGTH MaxHeadersLength 3965 [32768] Maximum length of the sum 3966 of all headers. 3967confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength 3968 [undefined] Maximum length of 3969 certain MIME header field values. 3970confCONNECTION_RATE_THROTTLE ConnectionRateThrottle 3971 [undefined] The maximum number of 3972 connections permitted per second per 3973 daemon. After this many connections 3974 are accepted, further connections 3975 will be delayed. If not set or <= 0, 3976 there is no limit. 3977confCONNECTION_RATE_WINDOW_SIZE ConnectionRateWindowSize 3978 [60s] Define the length of the 3979 interval for which the number of 3980 incoming connections is maintained. 3981confWORK_RECIPIENT_FACTOR 3982 RecipientFactor [30000] Cost of each recipient. 3983confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a 3984 separate process. 3985confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class. 3986confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt. 3987confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm: 3988 Priority, Host, Filename, Random, 3989 Modification, or Time. 3990confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job 3991 must sit in the queue between queue 3992 runs. This allows you to set the 3993 queue run interval low for better 3994 responsiveness without trying all 3995 jobs in each run. 3996confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting 3997 unlabeled 8 bit input to MIME, the 3998 character set to use by default. 3999confSERVICE_SWITCH_FILE ServiceSwitchFile 4000 [/etc/mail/service.switch] The file 4001 to use for the service switch on 4002 systems that do not have a 4003 system-defined switch. 4004confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing 4005 "file" type access of hosts names. 4006confDIAL_DELAY DialDelay [0s] If a connection fails, wait this 4007 long and try again. Zero means "don't 4008 retry". This is to allow "dial on 4009 demand" connections to have enough time 4010 to complete a connection. 4011confNO_RCPT_ACTION NoRecipientAction 4012 [none] What to do if there are no legal 4013 recipient fields (To:, Cc: or Bcc:) 4014 in the message. Legal values can 4015 be "none" to just leave the 4016 nonconforming message as is, "add-to" 4017 to add a To: header with all the 4018 known recipients (which may expose 4019 blind recipients), "add-apparently-to" 4020 to do the same but use Apparently-To: 4021 instead of To: (strongly discouraged 4022 in accordance with IETF standards), 4023 "add-bcc" to add an empty Bcc: 4024 header, or "add-to-undisclosed" to 4025 add the header 4026 ``To: undisclosed-recipients:;''. 4027confSAFE_FILE_ENV SafeFileEnvironment 4028 [undefined] If set, sendmail will do a 4029 chroot() into this directory before 4030 writing files. 4031confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6] 4032 If set, colons are treated as a regular 4033 character in addresses. If not set, 4034 they are treated as the introducer to 4035 the RFC 822 "group" syntax. Colons are 4036 handled properly in route-addrs. This 4037 option defaults on for V5 and lower 4038 configuration files. 4039confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of 4040 any given queue run to this number of 4041 entries. Essentially, this will stop 4042 reading each queue directory after this 4043 number of entries are reached; it does 4044 _not_ pick the highest priority jobs, 4045 so this should be as large as your 4046 system can tolerate. If not set, there 4047 is no limit. 4048confMAX_QUEUE_CHILDREN MaxQueueChildren 4049 [undefined] Limits the maximum number 4050 of concurrent queue runners active. 4051 This is to keep system resources used 4052 within a reasonable limit. Relates to 4053 Queue Groups and ForkEachJob. 4054confMAX_RUNNERS_PER_QUEUE MaxRunnersPerQueue 4055 [1] Only active when MaxQueueChildren 4056 defined. Controls the maximum number 4057 of queue runners (aka queue children) 4058 active at the same time in a work 4059 group. See also MaxQueueChildren. 4060confDONT_EXPAND_CNAMES DontExpandCnames 4061 [False] If set, $[ ... $] lookups that 4062 do DNS based lookups do not expand 4063 CNAME records. This currently violates 4064 the published standards, but the IETF 4065 seems to be moving toward legalizing 4066 this. For example, if "FTP.Foo.ORG" 4067 is a CNAME for "Cruft.Foo.ORG", then 4068 with this option set a lookup of 4069 "FTP" will return "FTP.Foo.ORG"; if 4070 clear it returns "Cruft.FOO.ORG". N.B. 4071 you may not see any effect until your 4072 downstream neighbors stop doing CNAME 4073 lookups as well. 4074confFROM_LINE UnixFromLine [From $g $d] The From_ line used 4075 when sending to files or programs. 4076confSINGLE_LINE_FROM_HEADER SingleLineFromHeader 4077 [False] From: lines that have 4078 embedded newlines are unwrapped 4079 onto one line. 4080confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that 4081 does not include a host name. 4082confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full 4083 name phrase (@,;:\()[] are automatic). 4084confOPERATORS OperatorChars [.:%@!^/[]+] Address operator 4085 characters. 4086confSMTP_LOGIN_MSG SmtpGreetingMessage 4087 [$j Sendmail $v/$Z; $b] 4088 The initial (spontaneous) SMTP 4089 greeting message. The word "ESMTP" 4090 will be inserted between the first and 4091 second words to convince other 4092 sendmails to try to speak ESMTP. 4093confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) 4094 routine will never be invoked. You 4095 might want to do this if you are 4096 running NIS and you have a large group 4097 map, since this call does a sequential 4098 scan of the map; in a large site this 4099 can cause your ypserv to run 4100 essentially full time. If you set 4101 this, agents run on behalf of users 4102 will only have their primary 4103 (/etc/passwd) group permissions. 4104confUNSAFE_GROUP_WRITES UnsafeGroupWrites 4105 [True] If set, group-writable 4106 :include: and .forward files are 4107 considered "unsafe", that is, programs 4108 and files cannot be directly referenced 4109 from such files. World-writable files 4110 are always considered unsafe. 4111 Notice: this option is deprecated and 4112 will be removed in future versions; 4113 Set GroupWritableForwardFileSafe 4114 and GroupWritableIncludeFileSafe in 4115 DontBlameSendmail if required. 4116confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection 4117 address (for testing). 4118confCONTROL_SOCKET_NAME ControlSocketName 4119 [undefined] Control socket for daemon 4120 management. 4121confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress 4122 [postmaster] If an error occurs when 4123 sending an error message, send that 4124 "double bounce" error message to this 4125 address. If it expands to an empty 4126 string, double bounces are dropped. 4127confSOFT_BOUNCE SoftBounce [False] If set, issue temporary errors 4128 (4xy) instead of permanent errors 4129 (5xy). This can be useful during 4130 testing of a new configuration to 4131 avoid erroneous bouncing of mails. 4132confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce 4133 messages which could not be returned 4134 to the user or sent to postmaster. 4135 If not set, the queue file will 4136 be renamed. 4137confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header 4138 implies DSN request. 4139confRUN_AS_USER RunAsUser [undefined] If set, become this user 4140 when reading and delivering mail. 4141 Causes all file reads (e.g., .forward 4142 and :include: files) to be done as 4143 this user. Also, all programs will 4144 be run as this user, and all output 4145 files will be written as this user. 4146confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage 4147 [infinite] If set, allow no more than 4148 the specified number of recipients in 4149 an SMTP envelope. Further recipients 4150 receive a 452 error code (i.e., they 4151 are deferred for the next delivery 4152 attempt). 4153confBAD_RCPT_THROTTLE BadRcptThrottle [infinite] If set and the specified 4154 number of recipients in a single SMTP 4155 transaction have been rejected, sleep 4156 for one second after each subsequent 4157 RCPT command in that transaction. 4158confDONT_PROBE_INTERFACES DontProbeInterfaces 4159 [False] If set, sendmail will _not_ 4160 insert the names and addresses of any 4161 local interfaces into class {w} 4162 (list of known "equivalent" addresses). 4163 If you set this, you must also include 4164 some support for these addresses (e.g., 4165 in a mailertable entry) -- otherwise, 4166 mail to addresses in this list will 4167 bounce with a configuration error. 4168 If set to "loopback" (without 4169 quotes), sendmail will skip 4170 loopback interfaces (e.g., "lo0"). 4171confPID_FILE PidFile [system dependent] Location of pid 4172 file. 4173confPROCESS_TITLE_PREFIX ProcessTitlePrefix 4174 [undefined] Prefix string for the 4175 process title shown on 'ps' listings. 4176confDONT_BLAME_SENDMAIL DontBlameSendmail 4177 [safe] Override sendmail's file 4178 safety checks. This will definitely 4179 compromise system security and should 4180 not be used unless absolutely 4181 necessary. 4182confREJECT_MSG - [550 Access denied] The message 4183 given if the access database contains 4184 REJECT in the value portion. 4185confRELAY_MSG - [550 Relaying denied] The message 4186 given if an unauthorized relaying 4187 attempt is rejected. 4188confDF_BUFFER_SIZE DataFileBufferSize 4189 [4096] The maximum size of a 4190 memory-buffered data (df) file 4191 before a disk-based file is used. 4192confXF_BUFFER_SIZE XScriptFileBufferSize 4193 [4096] The maximum size of a 4194 memory-buffered transcript (xf) 4195 file before a disk-based file is 4196 used. 4197confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5 4198 CRAM-MD5] List of authentication 4199 mechanisms for AUTH (separated by 4200 spaces). The advertised list of 4201 authentication mechanisms will be the 4202 intersection of this list and the list 4203 of available mechanisms as determined 4204 by the Cyrus SASL library. 4205confAUTH_REALM AuthRealm [undefined] The authentication realm 4206 that is passed to the Cyrus SASL 4207 library. If no realm is specified, 4208 $j is used. 4209confDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains 4210 authentication information for 4211 outgoing connections. This file must 4212 contain the user id, the authorization 4213 id, the password (plain text), the 4214 realm to use, and the list of 4215 mechanisms to try, each on a separate 4216 line and must be readable by root (or 4217 the trusted user) only. If no realm 4218 is specified, $j is used. If no 4219 mechanisms are given in the file, 4220 AuthMechanisms is used. Notice: this 4221 option is deprecated and will be 4222 removed in future versions; it doesn't 4223 work for the MSP since it can't read 4224 the file. Use the authinfo ruleset 4225 instead. See also the section SMTP 4226 AUTHENTICATION. 4227confAUTH_OPTIONS AuthOptions [undefined] If this option is 'A' 4228 then the AUTH= parameter for the 4229 MAIL FROM command is only issued 4230 when authentication succeeded. 4231 See doc/op/op.me for more options 4232 and details. 4233confAUTH_MAX_BITS AuthMaxBits [INT_MAX] Limit the maximum encryption 4234 strength for the security layer in 4235 SMTP AUTH (SASL). Default is 4236 essentially unlimited. 4237confTLS_SRV_OPTIONS TLSSrvOptions If this option is 'V' no client 4238 verification is performed, i.e., 4239 the server doesn't ask for a 4240 certificate. 4241confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map 4242 specification for LDAP maps. The 4243 value should only contain LDAP 4244 specific settings such as "-h host 4245 -p port -d bindDN", etc. The 4246 settings will be used for all LDAP 4247 maps unless they are specified in 4248 the individual map specification 4249 ('K' command). 4250confCACERT_PATH CACertPath [undefined] Path to directory 4251 with certs of CAs. 4252confCACERT CACertFile [undefined] File containing one CA 4253 cert. 4254confSERVER_CERT ServerCertFile [undefined] File containing the 4255 cert of the server, i.e., this cert 4256 is used when sendmail acts as 4257 server. 4258confSERVER_KEY ServerKeyFile [undefined] File containing the 4259 private key belonging to the server 4260 cert. 4261confCLIENT_CERT ClientCertFile [undefined] File containing the 4262 cert of the client, i.e., this cert 4263 is used when sendmail acts as 4264 client. 4265confCLIENT_KEY ClientKeyFile [undefined] File containing the 4266 private key belonging to the client 4267 cert. 4268confCRL CRLFile [undefined] File containing certificate 4269 revocation status, useful for X.509v3 4270 authentication. Note that CRL requires 4271 at least OpenSSL version 0.9.7. 4272confDH_PARAMETERS DHParameters [undefined] File containing the 4273 DH parameters. 4274confRAND_FILE RandFile [undefined] File containing random 4275 data (use prefix file:) or the 4276 name of the UNIX socket if EGD is 4277 used (use prefix egd:). STARTTLS 4278 requires this option if the compile 4279 flag HASURANDOM is not set (see 4280 sendmail/README). 4281confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of 4282 queue runners is set the given value 4283 (nice(3)). 4284confDIRECT_SUBMISSION_MODIFIERS DirectSubmissionModifiers 4285 [undefined] Defines {daemon_flags} 4286 for direct submissions. 4287confUSE_MSP UseMSP [undefined] Use as mail submission 4288 program, see sendmail/SECURITY. 4289confDELIVER_BY_MIN DeliverByMin [0] Minimum time for Deliver By 4290 SMTP Service Extension (RFC 2852). 4291confREQUIRES_DIR_FSYNC RequiresDirfsync [true] RequiresDirfsync can 4292 be used to turn off the compile time 4293 flag REQUIRES_DIR_FSYNC at runtime. 4294 See sendmail/README for details. 4295confSHARED_MEMORY_KEY SharedMemoryKey [0] Key for shared memory. 4296confSHARED_MEMORY_KEY_FILE 4297 SharedMemoryKeyFile 4298 [undefined] File where the 4299 automatically selected key for 4300 shared memory is stored. 4301confFAST_SPLIT FastSplit [1] If set to a value greater than 4302 zero, the initial MX lookups on 4303 addresses is suppressed when they 4304 are sorted which may result in 4305 faster envelope splitting. If the 4306 mail is submitted directly from the 4307 command line, then the value also 4308 limits the number of processes to 4309 deliver the envelopes. 4310confMAILBOX_DATABASE MailboxDatabase [pw] Type of lookup to find 4311 information about local mailboxes. 4312confDEQUOTE_OPTS - [empty] Additional options for the 4313 dequote map. 4314confMAX_NOOP_COMMANDS MaxNOOPCommands [20] Maximum number of "useless" 4315 commands before the SMTP server 4316 will slow down responding. 4317confHELO_NAME HeloName If defined, use as name for EHLO/HELO 4318 command (instead of $j). 4319confINPUT_MAIL_FILTERS InputMailFilters 4320 A comma separated list of filters 4321 which determines which filters and 4322 the invocation sequence are 4323 contacted for incoming SMTP 4324 messages. If none are set, no 4325 filters will be contacted. 4326confMILTER_LOG_LEVEL Milter.LogLevel [9] Log level for input mail filter 4327 actions, defaults to LogLevel. 4328confMILTER_MACROS_CONNECT Milter.macros.connect 4329 [j, _, {daemon_name}, {if_name}, 4330 {if_addr}] Macros to transmit to 4331 milters when a session connection 4332 starts. 4333confMILTER_MACROS_HELO Milter.macros.helo 4334 [{tls_version}, {cipher}, 4335 {cipher_bits}, {cert_subject}, 4336 {cert_issuer}] Macros to transmit to 4337 milters after HELO/EHLO command. 4338confMILTER_MACROS_ENVFROM Milter.macros.envfrom 4339 [i, {auth_type}, {auth_authen}, 4340 {auth_ssf}, {auth_author}, 4341 {mail_mailer}, {mail_host}, 4342 {mail_addr}] Macros to transmit to 4343 milters after MAIL FROM command. 4344confMILTER_MACROS_ENVRCPT Milter.macros.envrcpt 4345 [{rcpt_mailer}, {rcpt_host}, 4346 {rcpt_addr}] Macros to transmit to 4347 milters after RCPT TO command. 4348confMILTER_MACROS_EOM Milter.macros.eom 4349 [{msg_id}] Macros to transmit to 4350 milters after the terminating 4351 DATA '.' is received. 4352confMILTER_MACROS_EOH Milter.macros.eoh 4353 Macros to transmit to milters 4354 after the end of headers. 4355confMILTER_MACROS_DATA Milter.macros.data 4356 Macros to transmit to milters 4357 after DATA command is received. 4358 4359 4360See also the description of OSTYPE for some parameters that can be 4361tweaked (generally pathnames to mailers). 4362 4363ClientPortOptions and DaemonPortOptions are special cases since multiple 4364clients/daemons can be defined. This can be done via 4365 4366 CLIENT_OPTIONS(`field1=value1,field2=value2,...') 4367 DAEMON_OPTIONS(`field1=value1,field2=value2,...') 4368 4369Note that multiple CLIENT_OPTIONS() commands (and therefore multiple 4370ClientPortOptions settings) are allowed in order to give settings for each 4371protocol family (e.g., one for Family=inet and one for Family=inet6). A 4372restriction placed on one family only affects outgoing connections on that 4373particular family. 4374 4375If DAEMON_OPTIONS is not used, then the default is 4376 4377 DAEMON_OPTIONS(`Port=smtp, Name=MTA') 4378 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E') 4379 4380If you use one DAEMON_OPTIONS macro, it will alter the parameters 4381of the first of these. The second will still be defaulted; it 4382represents a "Message Submission Agent" (MSA) as defined by RFC 43832476 (see below). To turn off the default definition for the MSA, 4384use FEATURE(`no_default_msa') (see also FEATURES). If you use 4385additional DAEMON_OPTIONS macros, they will add additional daemons. 4386 4387Example 1: To change the port for the SMTP listener, while 4388still using the MSA default, use 4389 DAEMON_OPTIONS(`Port=925, Name=MTA') 4390 4391Example 2: To change the port for the MSA daemon, while still 4392using the default SMTP port, use 4393 FEATURE(`no_default_msa') 4394 DAEMON_OPTIONS(`Name=MTA') 4395 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E') 4396 4397Note that if the first of those DAEMON_OPTIONS lines were omitted, then 4398there would be no listener on the standard SMTP port. 4399 4400Example 3: To listen on both IPv4 and IPv6 interfaces, use 4401 4402 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet') 4403 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6') 4404 4405A "Message Submission Agent" still uses all of the same rulesets for 4406processing the message (and therefore still allows message rejection via 4407the check_* rulesets). In accordance with the RFC, the MSA will ensure 4408that all domains in envelope addresses are fully qualified if the message 4409is relayed to another MTA. It will also enforce the normal address syntax 4410rules and log error messages. Additionally, by using the M=a modifier you 4411can require authentication before messages are accepted by the MSA. 4412Notice: Do NOT use the 'a' modifier on a public accessible MTA! Finally, 4413the M=E modifier shown above disables ETRN as required by RFC 2476. 4414 4415Mail filters can be defined using the INPUT_MAIL_FILTER() and MAIL_FILTER() 4416commands: 4417 4418 INPUT_MAIL_FILTER(`sample', `S=local:/var/run/f1.sock') 4419 MAIL_FILTER(`myfilter', `S=inet:3333@localhost') 4420 4421The INPUT_MAIL_FILTER() command causes the filter(s) to be called in the 4422same order they were specified by also setting confINPUT_MAIL_FILTERS. A 4423filter can be defined without adding it to the input filter list by using 4424MAIL_FILTER() instead of INPUT_MAIL_FILTER() in your .mc file. 4425Alternatively, you can reset the list of filters and their order by setting 4426confINPUT_MAIL_FILTERS option after all INPUT_MAIL_FILTER() commands in 4427your .mc file. 4428 4429 4430+----------------------------+ 4431| MESSAGE SUBMISSION PROGRAM | 4432+----------------------------+ 4433 4434The purpose of the message submission program (MSP) is explained 4435in sendmail/SECURITY. This section contains a list of caveats and 4436a few hints how for those who want to tweak the default configuration 4437for it (which is installed as submit.cf). 4438 4439Notice: do not add options/features to submit.mc unless you are 4440absolutely sure you need them. Options you may want to change 4441include: 4442 4443- confTRUSTED_USERS, FEATURE(`use_ct_file'), and confCT_FILE for 4444 avoiding X-Authentication warnings. 4445- confTIME_ZONE to change it from the default `USE_TZ'. 4446- confDELIVERY_MODE is set to interactive in msp.m4 instead 4447 of the default background mode. 4448- FEATURE(stickyhost) and LOCAL_RELAY to send unqualified addresses 4449 to the LOCAL_RELAY instead of the default relay. 4450- confRAND_FILE if you use STARTTLS and sendmail is not compiled with 4451 the flag HASURANDOM. 4452 4453The MSP performs hostname canonicalization by default. As also 4454explained in sendmail/SECURITY, mail may end up for various DNS 4455related reasons in the MSP queue. This problem can be minimized by 4456using 4457 4458 FEATURE(`nocanonify', `canonify_hosts') 4459 define(`confDIRECT_SUBMISSION_MODIFIERS', `C') 4460 4461See the discussion about nocanonify for possible side effects. 4462 4463Some things are not intended to work with the MSP. These include 4464features that influence the delivery process (e.g., mailertable, 4465aliases), or those that are only important for a SMTP server (e.g., 4466virtusertable, DaemonPortOptions, multiple queues). Moreover, 4467relaxing certain restrictions (RestrictQueueRun, permissions on 4468queue directory) or adding features (e.g., enabling prog/file mailer) 4469can cause security problems. 4470 4471Other things don't work well with the MSP and require tweaking or 4472workarounds. For example, to allow for client authentication it 4473is not just sufficient to provide a client certificate and the 4474corresponding key, but it is also necessary to make the key group 4475(smmsp) readable and tell sendmail not to complain about that, i.e., 4476 4477 define(`confDONT_BLAME_SENDMAIL', `GroupReadableKeyFile') 4478 4479If the MSP should actually use AUTH then the necessary data 4480should be placed in a map as explained in SMTP AUTHENTICATION: 4481 4482FEATURE(`authinfo', `DATABASE_MAP_TYPE /etc/mail/msp-authinfo') 4483 4484/etc/mail/msp-authinfo should contain an entry like: 4485 4486 AuthInfo:127.0.0.1 "U:smmsp" "P:secret" "M:DIGEST-MD5" 4487 4488The file and the map created by makemap should be owned by smmsp, 4489its group should be smmsp, and it should have mode 640. The database 4490used by the MTA for AUTH must have a corresponding entry. 4491Additionally the MTA must trust this authentication data so the AUTH= 4492part will be relayed on to the next hop. This can be achieved by 4493adding the following to your sendmail.mc file: 4494 4495 LOCAL_RULESETS 4496 SLocal_trust_auth 4497 R$* $: $&{auth_authen} 4498 Rsmmsp $# OK 4499 4500Note: the authentication data can leak to local users who invoke 4501the MSP with debug options or even with -v. For that reason either 4502an authentication mechanism that does not show the password in the 4503AUTH dialogue (e.g., DIGEST-MD5) or a different authentication 4504method like STARTTLS should be used. 4505 4506feature/msp.m4 defines almost all settings for the MSP. Most of 4507those should not be changed at all. Some of the features and options 4508can be overridden if really necessary. It is a bit tricky to do 4509this, because it depends on the actual way the option is defined 4510in feature/msp.m4. If it is directly defined (i.e., define()) then 4511the modified value must be defined after 4512 4513 FEATURE(`msp') 4514 4515If it is conditionally defined (i.e., ifdef()) then the desired 4516value must be defined before the FEATURE line in the .mc file. 4517To see how the options are defined read feature/msp.m4. 4518 4519 4520+--------------------------+ 4521| FORMAT OF FILES AND MAPS | 4522+--------------------------+ 4523 4524Files that define classes, i.e., F{classname}, consist of lines 4525each of which contains a single element of the class. For example, 4526/etc/mail/local-host-names may have the following content: 4527 4528my.domain 4529another.domain 4530 4531Maps must be created using makemap(8) , e.g., 4532 4533 makemap hash MAP < MAP 4534 4535In general, a text file from which a map is created contains lines 4536of the form 4537 4538key value 4539 4540where 'key' and 'value' are also called LHS and RHS, respectively. 4541By default, the delimiter between LHS and RHS is a non-empty sequence 4542of white space characters. 4543 4544 4545+------------------+ 4546| DIRECTORY LAYOUT | 4547+------------------+ 4548 4549Within this directory are several subdirectories, to wit: 4550 4551m4 General support routines. These are typically 4552 very important and should not be changed without 4553 very careful consideration. 4554 4555cf The configuration files themselves. They have 4556 ".mc" suffixes, and must be run through m4 to 4557 become complete. The resulting output should 4558 have a ".cf" suffix. 4559 4560ostype Definitions describing a particular operating 4561 system type. These should always be referenced 4562 using the OSTYPE macro in the .mc file. Examples 4563 include "bsd4.3", "bsd4.4", "sunos3.5", and 4564 "sunos4.1". 4565 4566domain Definitions describing a particular domain, referenced 4567 using the DOMAIN macro in the .mc file. These are 4568 site dependent; for example, "CS.Berkeley.EDU.m4" 4569 describes hosts in the CS.Berkeley.EDU subdomain. 4570 4571mailer Descriptions of mailers. These are referenced using 4572 the MAILER macro in the .mc file. 4573 4574sh Shell files used when building the .cf file from the 4575 .mc file in the cf subdirectory. 4576 4577feature These hold special orthogonal features that you might 4578 want to include. They should be referenced using 4579 the FEATURE macro. 4580 4581hack Local hacks. These can be referenced using the HACK 4582 macro. They shouldn't be of more than voyeuristic 4583 interest outside the .Berkeley.EDU domain, but who knows? 4584 4585siteconfig Site configuration -- e.g., tables of locally connected 4586 UUCP sites. 4587 4588 4589+------------------------+ 4590| ADMINISTRATIVE DETAILS | 4591+------------------------+ 4592 4593The following sections detail usage of certain internal parts of the 4594sendmail.cf file. Read them carefully if you are trying to modify 4595the current model. If you find the above descriptions adequate, these 4596should be {boring, confusing, tedious, ridiculous} (pick one or more). 4597 4598RULESETS (* means built in to sendmail) 4599 4600 0 * Parsing 4601 1 * Sender rewriting 4602 2 * Recipient rewriting 4603 3 * Canonicalization 4604 4 * Post cleanup 4605 5 * Local address rewrite (after aliasing) 4606 1x mailer rules (sender qualification) 4607 2x mailer rules (recipient qualification) 4608 3x mailer rules (sender header qualification) 4609 4x mailer rules (recipient header qualification) 4610 5x mailer subroutines (general) 4611 6x mailer subroutines (general) 4612 7x mailer subroutines (general) 4613 8x reserved 4614 90 Mailertable host stripping 4615 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail) 4616 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail) 4617 98 Local part of ruleset 0 (ruleset 8 in old sendmail) 4618 4619 4620MAILERS 4621 4622 0 local, prog local and program mailers 4623 1 [e]smtp, relay SMTP channel 4624 2 uucp-* UNIX-to-UNIX Copy Program 4625 3 netnews Network News delivery 4626 4 fax Sam Leffler's HylaFAX software 4627 5 mail11 DECnet mailer 4628 4629 4630MACROS 4631 4632 A 4633 B Bitnet Relay 4634 C DECnet Relay 4635 D The local domain -- usually not needed 4636 E reserved for X.400 Relay 4637 F FAX Relay 4638 G 4639 H mail Hub (for mail clusters) 4640 I 4641 J 4642 K 4643 L Luser Relay 4644 M Masquerade (who you claim to be) 4645 N 4646 O 4647 P 4648 Q 4649 R Relay (for unqualified names) 4650 S Smart Host 4651 T 4652 U my UUCP name (if you have a UUCP connection) 4653 V UUCP Relay (class {V} hosts) 4654 W UUCP Relay (class {W} hosts) 4655 X UUCP Relay (class {X} hosts) 4656 Y UUCP Relay (all other hosts) 4657 Z Version number 4658 4659 4660CLASSES 4661 4662 A 4663 B domains that are candidates for bestmx lookup 4664 C 4665 D 4666 E addresses that should not seem to come from $M 4667 F hosts this system forward for 4668 G domains that should be looked up in genericstable 4669 H 4670 I 4671 J 4672 K 4673 L addresses that should not be forwarded to $R 4674 M domains that should be mapped to $M 4675 N host/domains that should not be mapped to $M 4676 O operators that indicate network operations (cannot be in local names) 4677 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc. 4678 Q 4679 R domains this system is willing to relay (pass anti-spam filters) 4680 S 4681 T 4682 U locally connected UUCP hosts 4683 V UUCP hosts connected to relay $V 4684 W UUCP hosts connected to relay $W 4685 X UUCP hosts connected to relay $X 4686 Y locally connected smart UUCP hosts 4687 Z locally connected domain-ized UUCP hosts 4688 . the class containing only a dot 4689 [ the class containing only a left bracket 4690 4691 4692M4 DIVERSIONS 4693 4694 1 Local host detection and resolution 4695 2 Local Ruleset 3 additions 4696 3 Local Ruleset 0 additions 4697 4 UUCP Ruleset 0 additions 4698 5 locally interpreted names (overrides $R) 4699 6 local configuration (at top of file) 4700 7 mailer definitions 4701 8 DNS based blacklists 4702 9 special local rulesets (1 and 2) 4703 4704$Revision: 8.727 $, Last updated $Date: 2009/05/07 23:46:17 $ 4705