README revision 66494
1 2 SENDMAIL CONFIGURATION FILES 3 4This document describes the sendmail configuration files. This package 5requires a post-V7 version of m4; if you are running the 4.2bsd, SysV.2, or 67th Edition version. SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. 7GNU m4 version 1.1 or later also works. Unfortunately, the M4 on BSDI 1.0 8doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is 9available from ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the 10latset version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x 11is fine). Use GNU m4 on this platform. 12 13To get started, you may want to look at tcpproto.mc (for TCP-only sites), 14uucpproto.mc (for UUCP-only sites), and clientproto.mc (for clusters of 15clients using a single mail host). Others are versions previously used at 16Berkeley. For example, ucbvax has gone away, but ucbvax.mc demonstrates 17some interesting techniques. 18 19******************************************************************* 20*** BE SURE YOU CUSTOMIZE THESE FILES! They have some *** 21*** Berkeley-specific assumptions built in, such as the name *** 22*** of their UUCP-relay. You'll want to create your own *** 23*** domain description, and use that in place of *** 24*** domain/Berkeley.EDU.m4. *** 25******************************************************************* 26 27 28+--------------------------+ 29| INTRODUCTION AND EXAMPLE | 30+--------------------------+ 31 32Configuration files are contained in the subdirectory "cf", with a 33suffix ".mc". They must be run through "m4" to produce a ".cf" file. 34You must pre-load "cf.m4": 35 36 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf 37 38Alternatively, you can simply: 39 40 cd ${CFDIR}/cf 41 ./Build config.cf 42 43where ${CFDIR} is the root of the cf directory and config.mc is the 44name of your configuration file. If you are running a version of M4 45that understands the __file__ builtin (versions of GNU m4 >= 0.75 do 46this, but the versions distributed with 4.4BSD and derivatives do not) 47or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory. 48For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST 49use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example: 50 51 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf 52 53Let's examine a typical .mc file: 54 55 divert(-1) 56 # 57 # Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. 58 # All rights reserved. 59 # Copyright (c) 1983 Eric P. Allman. All rights reserved. 60 # Copyright (c) 1988, 1993 61 # The Regents of the University of California. All rights reserved. 62 # 63 # By using this file, you agree to the terms and conditions set 64 # forth in the LICENSE file which can be found at the top level of 65 # the sendmail distribution. 66 # 67 68 # 69 # This is a Berkeley-specific configuration file for HP-UX 9.x. 70 # It applies only to the Computer Science Division at Berkeley, 71 # and should not be used elsewhere. It is provided on the sendmail 72 # distribution as a sample only. To create your own configuration 73 # file, create an appropriate domain file in ../domain, change the 74 # `DOMAIN' macro below to reference that file, and copy the result 75 # to a name of your own choosing. 76 # 77 divert(0) 78 79The divert(-1) will delete the crud in the resulting output file. 80The copyright notice can be replaced by whatever your lawyers require; 81our lawyers require the one that is included in these files. A copyleft 82is a copyright by another name. The divert(0) restores regular output. 83 84 VERSIONID(`<SCCS or RCS version id>') 85 86VERSIONID is a macro that stuffs the version information into the 87resulting file. You could use SCCS, RCS, CVS, something else, or 88omit it completely. This is not the same as the version id included 89in SMTP greeting messages -- this is defined in m4/version.m4. 90 91 OSTYPE(`hpux9')dnl 92 93You must specify an OSTYPE to properly configure things such as the 94pathname of the help and status files, the flags needed for the local 95mailer, and other important things. If you omit it, you will get an 96error when you try to build the configuration. Look at the ostype 97directory for the list of known operating system types. 98 99 DOMAIN(`CS.Berkeley.EDU')dnl 100 101This example is specific to the Computer Science Division at Berkeley. 102You can use "DOMAIN(`generic')" to get a sufficiently bland definition 103that may well work for you, or you can create a customized domain 104definition appropriate for your environment. 105 106 MAILER(`local') 107 MAILER(`smtp') 108 109These describe the mailers used at the default CS site. The 110local mailer is always included automatically. Beware: MAILER 111declarations should always be at the end of the configuration file, 112and MAILER(`smtp') should always precede MAILER(`procmail'), and 113MAILER(`uucp'). The general rules are that the order should be: 114 115 VERSIONID 116 OSTYPE 117 DOMAIN 118 FEATURE 119 local macro definitions 120 MAILER 121 LOCAL_RULE_* 122 LOCAL_RULESETS 123 124There are a few exceptions to this rule. Local macro definitions which 125influence a FEATURE() should be done before that feature. For example, 126a define(`PROCMAIL_MAILER_PATH', ...) should be done before 127FEATURE(`local_procmail'). 128 129 130+----------------------------+ 131| A BRIEF INTRODUCTION TO M4 | 132+----------------------------+ 133 134Sendmail uses the M4 macro processor to ``compile'' the configuration 135files. The most important thing to know is that M4 is stream-based, 136that is, it doesn't understand about lines. For this reason, in some 137places you may see the word ``dnl'', which stands for ``delete 138through newline''; essentially, it deletes all characters starting 139at the ``dnl'' up to and including the next newline character. In 140most cases sendmail uses this only to avoid lots of unnecessary 141blank lines in the output. 142 143Other important directives are define(A, B) which defines the macro 144``A'' to have value ``B''. Macros are expanded as they are read, so 145one normally quotes both values to prevent expansion. For example, 146 147 define(`SMART_HOST', `smart.foo.com') 148 149One word of warning: M4 macros are expanded even in lines that appear 150to be comments. For example, if you have 151 152 # See FEATURE(`foo') above 153 154it will not do what you expect, because the FEATURE(`foo') will be 155expanded. This also applies to 156 157 # And then define the $X macro to be the return address 158 159because ``define'' is an M4 keyword. If you want to use them, surround 160them with directed quotes, `like this'. 161 162+----------------+ 163| FILE LOCATIONS | 164+----------------+ 165 166sendmail 8.9 has introduced a new configuration directory for sendmail 167related files, /etc/mail. The new files available for sendmail 8.9 -- 168the class {R} /etc/mail/relay-domains and the access database 169/etc/mail/access -- take advantage of this new directory. Beginning with 1708.10, all files will use this directory by default (some options may be 171set by OSTYPE() files). This new directory should help to restore 172uniformity to sendmail's file locations. 173 174Below is a table of some of the common changes: 175 176Old filename New filename 177------------ ------------ 178/etc/bitdomain /etc/mail/bitdomain 179/etc/domaintable /etc/mail/domaintable 180/etc/genericstable /etc/mail/genericstable 181/etc/uudomain /etc/mail/uudomain 182/etc/virtusertable /etc/mail/virtusertable 183/etc/userdb /etc/mail/userdb 184 185/etc/aliases /etc/mail/aliases 186/etc/sendmail/aliases /etc/mail/aliases 187/etc/ucbmail/aliases /etc/mail/aliases 188/usr/adm/sendmail/aliases /etc/mail/aliases 189/usr/lib/aliases /etc/mail/aliases 190/usr/lib/mail/aliases /etc/mail/aliases 191/usr/ucblib/aliases /etc/mail/aliases 192 193/etc/sendmail.cw /etc/mail/local-host-names 194/etc/mail/sendmail.cw /etc/mail/local-host-names 195/etc/sendmail/sendmail.cw /etc/mail/local-host-names 196 197/etc/sendmail.ct /etc/mail/trusted-users 198 199/etc/sendmail.oE /etc/mail/error-header 200 201/etc/sendmail.hf /etc/mail/helpfile 202/etc/mail/sendmail.hf /etc/mail/helpfile 203/usr/ucblib/sendmail.hf /etc/mail/helpfile 204/etc/ucbmail/sendmail.hf /etc/mail/helpfile 205/usr/lib/sendmail.hf /etc/mail/helpfile 206/usr/share/lib/sendmail.hf /etc/mail/helpfile 207/usr/share/misc/sendmail.hf /etc/mail/helpfile 208/share/misc/sendmail.hf /etc/mail/helpfile 209 210/etc/service.switch /etc/mail/service.switch 211 212/etc/sendmail.st /etc/mail/statistics 213/etc/mail/sendmail.st /etc/mail/statistics 214/etc/mailer/sendmail.st /etc/mail/statistics 215/etc/sendmail/sendmail.st /etc/mail/statistics 216/usr/lib/sendmail.st /etc/mail/statistics 217/usr/ucblib/sendmail.st /etc/mail/statistics 218 219Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR 220to create the pathnames. The default value of this variable is 221`/etc/mail/'. If you set this macro to a different value, you MUST include 222a trailing slash. 223 224+--------+ 225| OSTYPE | 226+--------+ 227 228You MUST define an operating system environment, or the configuration 229file build will puke. There are several environments available; look 230at the "ostype" directory for the current list. This macro changes 231things like the location of the alias file and queue directory. Some 232of these files are identical to one another. 233 234It is IMPERATIVE that the OSTYPE occur before any MAILER definitions. 235In general, the OSTYPE macro should go immediately after any version 236information, and MAILER definitions should always go last. 237 238Operating system definitions are usually easy to write. They may define 239the following variables (everything defaults, so an ostype file may be 240empty). Unfortunately, the list of configuration-supported systems is 241not as broad as the list of source-supported systems, since many of 242the source contributors do not include corresponding ostype files. 243 244ALIAS_FILE [/etc/mail/aliases] The location of the text version 245 of the alias file(s). It can be a comma-separated 246 list of names (but be sure you quote values with 247 commas in them -- for example, use 248 define(`ALIAS_FILE', `a,b') 249 to get "a" and "b" both listed as alias files; 250 otherwise the define() primitive only sees "a"). 251HELP_FILE [/etc/mail/helpfile] The name of the file 252 containing information printed in response to 253 the SMTP HELP command. 254QUEUE_DIR [/var/spool/mqueue] The directory containing 255 queue files. To use multiple queues, supply 256 a value ending with an asterisk. For 257 example, /var/spool/mqueue/q* will use all of the 258 directories or symbolic links to directories 259 beginning with 'q' in /var/spool/mqueue as queue 260 directories. The names 'qf', 'df', and 'xf' are 261 used as specific subdirectories for the corresponding 262 queue file types. 263STATUS_FILE [/etc/mail/statistics] The file containing status 264 information. 265LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. 266LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The 267 flags lsDFMAw5:/|@q are always included. 268LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local 269 mail. 270LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local 271 mail that you are willing to accept. 272LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of 273 messages to deliver in a single connection. Only 274 useful for LMTP local mailers. 275LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 276 that ARRIVE from an address that resolves to the 277 local mailer and which are converted to MIME will be 278 labeled with this character set. 279LOCAL_MAILER_EOL [undefined] If defined, the string to use as the 280 end of line for the local mailer. 281LOCAL_MAILER_DSN_DIAGNOSTIC_CODE 282 [X-Unix] The DSN Diagnostic-Code value for the 283 local mailer. This should be changed with care. 284LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email. 285LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The 286 flags lsDFM are always included. 287LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog" 288 mail. 289LOCAL_SHELL_DIR [$z:/] The directory search path in which the 290 shell should run. 291USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program 292 used to submit news. 293USENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer. 294USENET_MAILER_ARGS [-m -h -n] The command line arguments for the 295 usenet mailer. 296USENET_MAILER_MAX [100000] The maximum size of messages that will 297 be accepted by the usenet mailer. 298SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default 299 flags are `mDFMuX' for all SMTP-based mailers; the 300 "esmtp" mailer adds `a'; "smtp8" adds `8'; and 301 "dsmtp" adds `%'. 302RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default 303 flags are `mDFMuX' for all SMTP-based mailers; the 304 relay mailer adds `a8'. If this is not defined, 305 then SMTP_MAILER_FLAGS is used. 306SMTP_MAILER_MAX [undefined] The maximum size of messages that will 307 be transported using the smtp, smtp8, esmtp, or dsmtp 308 mailers. 309SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of 310 messages to deliver in a single connection for the 311 smtp, smtp8, esmtp, or dsmtp mailers. 312SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer. 313 About the only reason you would want to change this 314 would be to change the default port. 315ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer. 316SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer. 317DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer. 318RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer. 319RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of 320 messages to deliver in a single connection for the 321 relay mailer. 322SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 323 that ARRIVE from an address that resolves to one of 324 the SMTP mailers and which are converted to MIME will 325 be labeled with this character set. 326UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail. 327UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default 328 flags are `DFMhuU' (and `m' for uucp-new mailer, 329 minus `U' for uucp-dom mailer). 330UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments 331 passed to the UUCP mailer. 332UUCP_MAILER_MAX [100000] The maximum size message accepted for 333 transmission by the UUCP mailers. 334UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 335 that ARRIVE from an address that resolves to one of 336 the UUCP mailers and which are converted to MIME will 337 be labeled with this character set. 338FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to 339 submit FAX messages. 340FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX 341 mailer. 342FAX_MAILER_MAX [100000] The maximum size message accepted for 343 transmission by FAX. 344POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer. 345POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq 346 are always added. 347POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer. 348PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail 349 program. This is also used by 350 FEATURE(`local_procmail'). 351PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags 352 DFM are always set. This is NOT used by 353 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS 354 instead. 355PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to 356 the Procmail mailer. This is NOT used by 357 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS 358 instead. 359PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that 360 will be accepted by the procmail mailer. 361MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer. 362MAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer. 363MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11 364 mailer. 365PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery 366 program. 367PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM 368 are always set. 369PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer. 370CYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The 371 flags lsDFMnPq are always included. 372CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver 373 cyrus mail. 374CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed 375 to deliver cyrus mail. 376CYRUS_MAILER_MAX [undefined] If set, the maximum size message that 377 will be accepted by the cyrus mailer. 378CYRUS_MAILER_USER [cyrus:mail] The user and group to become when 379 running the cyrus mailer. 380CYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer. 381 The flags lsDFMnP are always included. 382CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed 383 to deliver cyrusbb mail. 384confEBINDIR [/usr/libexec] The directory for executables. 385 Currently used for FEATURE(`local_lmtp') and 386 FEATURE(`smrsh'). 387QPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer. 388QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver 389 qpage mail. 390QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed 391 to deliver qpage mail. 392QPAGE_MAILER_MAX [4096] If set, the maximum size message that 393 will be accepted by the qpage mailer. 394 395Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS: 396MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part of 397the macro Name_MAILER_FLAGS and change can be: flags that should 398be used directly (thus overriding the default value), or if it 399starts with `+' (`-') then those flags are added to (removed from) 400the default value. Example: 401 402 MODIFY_MAILER_FLAGS(`LOCAL', `+e') 403 404will add the flag `e' to LOCAL_MAILER_FLAGS. 405WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS 406unconditionally, i.e., without respecting any definitions in an 407OSTYPE setting. 408 409 410+---------+ 411| DOMAINS | 412+---------+ 413 414You will probably want to collect domain-dependent defines into one 415file, referenced by the DOMAIN macro. For example, the Berkeley 416domain file includes definitions for several internal distinguished 417hosts: 418 419UUCP_RELAY The host that will accept UUCP-addressed email. 420 If not defined, all UUCP sites must be directly 421 connected. 422BITNET_RELAY The host that will accept BITNET-addressed email. 423 If not defined, the .BITNET pseudo-domain won't work. 424DECNET_RELAY The host that will accept DECNET-addressed email. 425 If not defined, the .DECNET pseudo-domain and addresses 426 of the form node::user will not work. 427FAX_RELAY The host that will accept mail to the .FAX pseudo-domain. 428 The "fax" mailer overrides this value. 429LOCAL_RELAY DEPRECATED. The site that will handle unqualified 430 names -- that is, names with out an @domain extension. 431 If not set, they are assumed to belong on this machine. 432 This allows you to have a central site to store a 433 company- or department-wide alias database. This 434 only works at small sites, and only with some user 435 agents. 436LUSER_RELAY The site that will handle lusers -- that is, apparently 437 local names that aren't local accounts or aliases. To 438 specify a local user instead of a site, set this to 439 ``local:username''. 440 441Any of these can be either ``mailer:hostname'' (in which case the 442mailer is the internal mailer name, such as ``uucp-new'' and the hostname 443is the name of the host as appropriate for that mailer) or just a 444``hostname'', in which case a default mailer type (usually ``relay'', 445a variant on SMTP) is used. WARNING: if you have a wildcard MX 446record matching your domain, you probably want to define these to 447have a trailing dot so that you won't get the mail diverted back 448to yourself. 449 450The domain file can also be used to define a domain name, if needed 451(using "DD<domain>") and set certain site-wide features. If all hosts 452at your site masquerade behind one email name, you could also use 453MASQUERADE_AS here. 454 455You do not have to define a domain -- in particular, if you are a 456single machine sitting off somewhere, it is probably more work than 457it's worth. This is just a mechanism for combining "domain dependent 458knowledge" into one place. 459 460+---------+ 461| MAILERS | 462+---------+ 463 464There are fewer mailers supported in this version than the previous 465version, owing mostly to a simpler world. As a general rule, put the 466MAILER definitions last in your .mc file, and always put MAILER(`smtp') 467before MAILER(`uucp') and MAILER(`procmail') -- several features and 468definitions will modify the definition of mailers, and the smtp mailer 469modifies the UUCP mailer. Moreover, MAILER(`cyrus'), MAILER(`pop'), 470MAILER(`phquery'), and MAILER(`usenet') must be defined after 471MAILER(`local'). 472 473local The local and prog mailers. You will almost always 474 need these; the only exception is if you relay ALL 475 your mail to another site. This mailer is included 476 automatically. 477 478smtp The Simple Mail Transport Protocol mailer. This does 479 not hide hosts behind a gateway or another other 480 such hack; it assumes a world where everyone is 481 running the name server. This file actually defines 482 five mailers: "smtp" for regular (old-style) SMTP to 483 other servers, "esmtp" for extended SMTP to other 484 servers, "smtp8" to do SMTP to other servers without 485 converting 8-bit data to MIME (essentially, this is 486 your statement that you know the other end is 8-bit 487 clean even if it doesn't say so), "dsmtp" to do on 488 demand delivery, and "relay" for transmission to the 489 RELAY_HOST, LUSER_RELAY, or MAIL_HUB. 490 491uucp The UNIX-to-UNIX Copy Program mailer. Actually, this 492 defines two mailers, "uucp-old" (a.k.a. "uucp") and 493 "uucp-new" (a.k.a. "suucp"). The latter is for when you 494 know that the UUCP mailer at the other end can handle 495 multiple recipients in one transfer. If the smtp mailer 496 is also included in your configuration, two other mailers 497 ("uucp-dom" and "uucp-uudom") are also defined [warning: 498 you MUST specify MAILER(smtp) before MAILER(uucp)]. When you 499 include the uucp mailer, sendmail looks for all names in 500 class {U} and sends them to the uucp-old mailer; all 501 names in class {Y} are sent to uucp-new; and all 502 names in class {Z} are sent to uucp-uudom. Note that 503 this is a function of what version of rmail runs on 504 the receiving end, and hence may be out of your control. 505 See the section below describing UUCP mailers in more 506 detail. 507 508usenet Usenet (network news) delivery. If this is specified, 509 an extra rule is added to ruleset 0 that forwards all 510 local email for users named ``group.usenet'' to the 511 ``inews'' program. Note that this works for all groups, 512 and may be considered a security problem. 513 514fax Facsimile transmission. This is experimental and based 515 on Sam Leffler's HylaFAX software. For more information, 516 see http://www.vix.com/hylafax/. 517 518pop Post Office Protocol. 519 520procmail An interface to procmail (does not come with sendmail). 521 This is designed to be used in mailertables. For example, 522 a common question is "how do I forward all mail for a given 523 domain to a single person?". If you have this mailer 524 defined, you could set up a mailertable reading: 525 526 host.com procmail:/etc/procmailrcs/host.com 527 528 with the file /etc/procmailrcs/host.com reading: 529 530 :0 # forward mail for host.com 531 ! -oi -f $1 person@other.host 532 533 This would arrange for (anything)@host.com to be sent 534 to person@other.host. Within the procmail script, $1 is 535 the name of the sender and $2 is the name of the recipient. 536 If you use this with FEATURE(`local_procmail'), the FEATURE 537 should be listed first. 538 539mail11 The DECnet mail11 mailer, useful only if you have the mail11 540 program from gatekeeper.dec.com:/pub/DEC/gwtools (and 541 DECnet, of course). This is for Phase IV DECnet support; 542 if you have Phase V at your site you may have additional 543 problems. 544 545phquery The phquery program. This is somewhat counterintuitively 546 referenced as the "ph" mailer internally. It can be used 547 to do CCSO name server lookups. The phquery program, which 548 this mailer uses, is distributed with the ph client. 549 550cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to 551 a local cyrus user. this mailer can make use of the 552 "user+detail@local.host" syntax; it will deliver the mail to 553 the user's "detail" mailbox if the mailbox's ACL permits. 554 The cyrusbb mailer delivers to a system-wide cyrus mailbox 555 if the mailbox's ACL permits. The cyrus mailer must be 556 defined after the local mailer. 557 558qpage A mailer for QuickPage, a pager interface. See 559 http://www.qpage.org/ for further information. 560 561The local mailer accepts addresses of the form "user+detail", where 562the "+detail" is not used for mailbox matching but is available 563to certain local mail programs (in particular, see 564FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and 565"eric+sww" all indicate the same user, but additional arguments <null>, 566"sendmail", and "sww" may be provided for use in sorting mail. 567 568 569+----------+ 570| FEATURES | 571+----------+ 572 573Special features can be requested using the "FEATURE" macro. For 574example, the .mc line: 575 576 FEATURE(`use_cw_file') 577 578tells sendmail that you want to have it read an /etc/mail/local-host-names 579file to get values for class {w}. The FEATURE may contain up to 9 580optional parameters -- for example: 581 582 FEATURE(`mailertable', `dbm /usr/lib/mailertable') 583 584The default database map type for the table features can be set with 585 586 define(`DATABASE_MAP_TYPE', `dbm') 587 588which would set it to use ndbm databases. The default is the Berkeley DB 589hash database format. Note that you must still declare a database map type 590if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used 591if no argument is given for the FEATURE. It must be specified before any 592feature that uses a map. 593 594Available features are: 595 596use_cw_file Read the file /etc/mail/local-host-names file to get 597 alternate names for this host. This might be used if you 598 were on a host that MXed for a dynamic set of other hosts. 599 If the set is static, just including the line "Cw<name1> 600 <name2> ..." (where the names are fully qualified domain 601 names) is probably superior. The actual filename can be 602 overridden by redefining confCW_FILE. 603 604use_ct_file Read the file /etc/mail/trusted-users file to get the 605 names of users that will be ``trusted'', that is, able to 606 set their envelope from address using -f without generating 607 a warning message. The actual filename can be overridden 608 by redefining confCT_FILE. 609 610redirect Reject all mail addressed to "address.REDIRECT" with 611 a ``551 User has moved; please try <address>'' message. 612 If this is set, you can alias people who have left 613 to their new address with ".REDIRECT" appended. 614 615nouucp Don't route UUCP addresses. This feature takes one 616 parameter: 617 `reject': reject addresses which have "!" in the local 618 part unless it originates from a system 619 that is allowed to relay. 620 `nospecial': don't do anything special with "!". 621 Warnings: 1. See the NOTICE in the ANTI-SPAM section. 622 2. don't remove "!" from OperatorChars if `reject' is 623 given as parameter. 624 625nocanonify Don't pass addresses to $[ ... $] for canonification 626 by default. It can be changed by setting the 627 DaemonPortOptions modifiers (M=). That is, 628 FEATURE(`nocanonify') will be overridden by setting the 629 'c' flag. Conversely, if FEATURE(`nocanonify') is not used, 630 it can be emulated by setting the 'C' flag 631 (DaemonPortOptions=Modifiers=C). This would generally only 632 be used by sites that only act as mail gateways or which have 633 user agents that do full canonification themselves. You may 634 also want to use 635 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off 636 the usual resolver options that do a similar thing. 637 638 An exception list for FEATURE(`nocanonify') can be 639 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE, 640 i.e., a list of domains which are nevertheless passed to 641 $[ ... $] for canonification. This is useful to turn on 642 canonification for local domains, e.g., use 643 CANONIFY_DOMAIN(`my.domain my') to canonify addresses 644 which end in "my.domain" or "my". 645 Another way to require canonification in the local 646 domain is CANONIFY_DOMAIN(`$=m'). 647 648 A trailing dot is added to addresses with more than 649 one component in it such that other features which 650 expect a trailing dot (e.g., virtusertable) will 651 still work. 652 653 If `canonify_hosts' is specified as parameter, i.e., 654 FEATURE(`nocanonify', `canonify_hosts'), then 655 addresses which have only a hostname, e.g., 656 <user@host>, will be canonified (and hopefully fully 657 qualified), too. 658 659stickyhost If set, email sent to "user@local.host" are marked 660 as "sticky" -- that is, the local addresses aren't 661 matched against UDB and don't go through ruleset 5. 662 This is used if you want a set up where "user" is 663 not necessarily the same as "user@local.host", e.g., 664 to make a distinct domain-wide namespace. Prior to 665 8.7 this was the default, and notsticky was used to 666 turn this off. 667 668mailertable Include a "mailer table" which can be used to override 669 routing for particular domains (which are not in class {w}, 670 i.e. local host names). The argument of the FEATURE may be 671 the key definition. If none is specified, the definition 672 used is: 673 674 hash /etc/mail/mailertable 675 676 Keys in this database are fully qualified domain names 677 or partial domains preceded by a dot -- for example, 678 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a 679 special case of the latter, "." matches any domain not 680 covered by other keys. Values must be of the form: 681 mailer:domain 682 where "mailer" is the internal mailer name, and "domain" 683 is where to send the message. These maps are not 684 reflected into the message header. As a special case, 685 the forms: 686 local:user 687 will forward to the indicated user using the local mailer, 688 local: 689 will forward to the original user in the e-mail address 690 using the local mailer, and 691 error:code message 692 error:D.S.N:code message 693 will give an error message with the indicated SMTP reply 694 code and message, where D.S.N is an RFC 1893 compliant 695 error code. 696 697domaintable Include a "domain table" which can be used to provide 698 domain name mapping. Use of this should really be 699 limited to your own domains. It may be useful if you 700 change names (e.g., your company changes names from 701 oldname.com to newname.com). The argument of the 702 FEATURE may be the key definition. If none is specified, 703 the definition used is: 704 705 hash /etc/mail/domaintable 706 707 The key in this table is the domain name; the value is 708 the new (fully qualified) domain. Anything in the 709 domaintable is reflected into headers; that is, this 710 is done in ruleset 3. 711 712bitdomain Look up bitnet hosts in a table to try to turn them into 713 internet addresses. The table can be built using the 714 bitdomain program contributed by John Gardiner Myers. 715 The argument of the FEATURE may be the key definition; if 716 none is specified, the definition used is: 717 718 hash /etc/mail/bitdomain 719 720 Keys are the bitnet hostname; values are the corresponding 721 internet hostname. 722 723uucpdomain Similar feature for UUCP hosts. The default map definition 724 is: 725 726 hash /etc/mail/uudomain 727 728 At the moment there is no automagic tool to build this 729 database. 730 731always_add_domain 732 Include the local host domain even on locally delivered 733 mail. Normally it is not added on unqualified names. 734 However, if you use a shared message store but do not use 735 the same user name space everywhere, you may need the host 736 name on local names. 737 738allmasquerade If masquerading is enabled (using MASQUERADE_AS), this 739 feature will cause recipient addresses to also masquerade 740 as being from the masquerade host. Normally they get 741 the local hostname. Although this may be right for 742 ordinary users, it can break local aliases. For example, 743 if you send to "localalias", the originating sendmail will 744 find that alias and send to all members, but send the 745 message with "To: localalias@masqueradehost". Since that 746 alias likely does not exist, replies will fail. Use this 747 feature ONLY if you can guarantee that the ENTIRE 748 namespace on your masquerade host supersets all the 749 local entries. 750 751limited_masquerade 752 Normally, any hosts listed in class {w} are masqueraded. If 753 this feature is given, only the hosts listed in class {M} (see 754 below: MASQUERADE_DOMAIN) are masqueraded. This is useful 755 if you have several domains with disjoint namespaces hosted 756 on the same machine. 757 758masquerade_entire_domain 759 If masquerading is enabled (using MASQUERADE_AS) and 760 MASQUERADE_DOMAIN (see below) is set, this feature will 761 cause addresses to be rewritten such that the masquerading 762 domains are actually entire domains to be hidden. All 763 hosts within the masquerading domains will be rewritten 764 to the masquerade name (used in MASQUERADE_AS). For example, 765 if you have: 766 767 MASQUERADE_AS(`masq.com') 768 MASQUERADE_DOMAIN(`foo.org') 769 MASQUERADE_DOMAIN(`bar.com') 770 771 then *foo.org and *bar.com are converted to masq.com. Without 772 this feature, only foo.org and bar.com are masqueraded. 773 774 NOTE: only domains within your jurisdiction and 775 current hierarchy should be masqueraded using this. 776 777genericstable This feature will cause unqualified addresses (i.e., without 778 a domain) and addresses with a domain listed in class {G} 779 to be looked up in a map and turned into another ("generic") 780 form, which can change both the domain name and the user name. 781 This is similar to the userdb functionality. The same types of 782 addresses as for masquerading are looked up, i.e., only header 783 sender addresses unless the allmasquerade and/or 784 masquerade_envelope features are given. Qualified addresses 785 must have the domain part in class {G}; entries can 786 be added to this class by the macros GENERICS_DOMAIN or 787 GENERICS_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 788 MASQUERADE_DOMAIN_FILE, see below). 789 790 The argument of FEATURE(`genericstable') may be the map 791 definition; the default map definition is: 792 793 hash /etc/mail/genericstable 794 795 The key for this table is either the full address, the domain 796 (with a leading @; the localpart is passed as first argument) 797 or the unqualified username (tried in the order mentioned); 798 the value is the new user address. If the new user address 799 does not include a domain, it will be qualified in the standard 800 manner, i.e., using $j or the masquerade name. Note that the 801 address being looked up must be fully qualified. For local 802 mail, it is necessary to use FEATURE(`always_add_domain') 803 for the addresses to be qualified. 804 The "+detail" of an address is passed as %1, so entries like 805 806 old+*@foo.org new+%1@example.com 807 gen+*@foo.org %1@example.com 808 809 and other forms are possible. 810 811generics_entire_domain 812 If the genericstable is enabled and GENERICS_DOMAIN or 813 GENERICS_DOMAIN_FILE is used, this feature will cause 814 addresses to be searched in the map if their domain 815 parts are subdomains of elements in class {G}. 816 817virtusertable A domain-specific form of aliasing, allowing multiple 818 virtual domains to be hosted on one machine. For example, 819 if the virtuser table contained: 820 821 info@foo.com foo-info 822 info@bar.com bar-info 823 joe@bar.com error:nouser No such user here 824 jax@bar.com error:D.S.N:unavailable Address invalid 825 @baz.org jane@example.net 826 827 then mail addressed to info@foo.com will be sent to the 828 address foo-info, mail addressed to info@bar.com will be 829 delivered to bar-info, and mail addressed to anyone at baz.org 830 will be sent to jane@example.net, mail to joe@bar.com will 831 be rejected with the specified error message, and mail to 832 jax@bar.com will also have a RFC 1893 compliant error code 833 D.S.N. 834 835 The username from the original address is passed 836 as %1 allowing: 837 838 @foo.org %1@example.com 839 840 meaning someone@foo.org will be sent to someone@example.com. 841 Additionally, if the local part consists of "user+detail" 842 then "detail" is passed as %2 when a match against user+* 843 is attempted, so entries like 844 845 old+*@foo.org new+%2@example.com 846 gen+*@foo.org %2@example.com 847 +*@foo.org %1+%2@example.com 848 849 and other forms are possible. Note: to preserve "+detail" 850 for a default case (@domain) +*@domain must be used as 851 exemplified above. 852 853 All the host names on the left hand side (foo.com, bar.com, 854 and baz.org) must be in class {w} or class {VirtHost}, the 855 latter can be defined by the macros VIRTUSER_DOMAIN or 856 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 857 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or 858 VIRTUSER_DOMAIN_FILE is used, then the entries of class 859 {VirtHost} are added to class {R}, i.e., relaying is allowed 860 to (and from) those domains. The default map definition is: 861 862 hash /etc/mail/virtusertable 863 864 A new definition can be specified as the second argument of 865 the FEATURE macro, such as 866 867 FEATURE(`virtusertable', `dbm /etc/mail/virtusers') 868 869virtuser_entire_domain 870 If the virtusertable is enabled and VIRTUSER_DOMAIN or 871 VIRTUSER_DOMAIN_FILE is used, this feature will cause 872 addresses to be searched in the map if their domain 873 parts are subdomains of elements in class {VirtHost}. 874 875ldap_routing Implement LDAP-based e-mail recipient routing according to 876 the Internet Draft draft-lachman-laser-ldap-mail-routing-01. 877 This provides a method to re-route addresses with a 878 domain portion in class {LDAPRoute} to either a 879 different mail host or a different address. Hosts can 880 be added to this class using LDAPROUTE_DOMAIN and 881 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 882 MASQUERADE_DOMAIN_FILE, see below). 883 884 See the LDAP ROUTING section below for more information. 885 886nodns If you aren't running DNS at your site (for example, 887 you are UUCP-only connected). It's hard to consider 888 this a "feature", but hey, it had to go somewhere. 889 Actually, as of 8.7 this is a no-op -- remove "dns" from 890 the hosts service switch entry instead. 891 892nullclient This is a special case -- it creates a configuration file 893 containing nothing but support for forwarding all mail to a 894 central hub via a local SMTP-based network. The argument 895 is the name of that hub. 896 897 The only other feature that should be used in conjunction 898 with this one is FEATURE(`nocanonify'). No mailers 899 should be defined. No aliasing or forwarding is done. 900 901local_lmtp Use an LMTP capable local mailer. The argument to this 902 feature is the pathname of an LMTP capable mailer. By 903 default, mail.local is used. This is expected to be the 904 mail.local which came with the 8.9 distribution which is 905 LMTP capable. The path to mail.local is set by the 906 confEBINDIR m4 variable -- making the default 907 LOCAL_MAILER_PATH /usr/libexec/mail.local. 908 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 909 i.e., without respecting any definitions in an OSTYPE setting. 910 911local_procmail Use procmail or another delivery agent as the local mailer. 912 The argument to this feature is the pathname of the 913 delivery agent, which defaults to PROCMAIL_MAILER_PATH. 914 Note that this does NOT use PROCMAIL_MAILER_FLAGS or 915 PROCMAIL_MAILER_ARGS for the local mailer; tweak 916 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or 917 specify the appropriate parameters. When procmail is used, 918 the local mailer can make use of the 919 "user+indicator@local.host" syntax; normally the +indicator 920 is just tossed, but by default it is passed as the -a 921 argument to procmail. 922 923 This feature can take up to three arguments: 924 925 1. Path to the mailer program 926 [default: /usr/local/bin/procmail] 927 2. Argument vector including name of the program 928 [default: procmail -Y -a $h -d $u] 929 3. Flags for the mailer [default: SPfhn9] 930 931 Empty arguments cause the defaults to be taken. 932 933 For example, this allows it to use the maildrop 934 (http://www.flounder.net/~mrsam/maildrop/) mailer instead 935 by specifying: 936 937 FEATURE(`local_procmail', `/usr/local/bin/maildrop', 938 `maildrop -d $u') 939 940 or scanmails using: 941 942 FEATURE(`local_procmail', `/usr/local/bin/scanmails') 943 944 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 945 i.e., without respecting any definitions in an OSTYPE setting. 946 947bestmx_is_local Accept mail as though locally addressed for any host that 948 lists us as the best possible MX record. This generates 949 additional DNS traffic, but should be OK for low to 950 medium traffic hosts. The argument may be a set of 951 domains, which will limit the feature to only apply to 952 these domains -- this will reduce unnecessary DNS 953 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH 954 WILDCARD MX RECORDS!!! If you have a wildcard MX record 955 that matches your domain, you cannot use this feature. 956 957smrsh Use the SendMail Restricted SHell (smrsh) provided 958 with the distribution instead of /bin/sh for mailing 959 to programs. This improves the ability of the local 960 system administrator to control what gets run via 961 e-mail. If an argument is provided it is used as the 962 pathname to smrsh; otherwise, the path defined by 963 confEBINDIR is used for the smrsh binary -- by default, 964 /usr/libexec/smrsh is assumed. 965 966promiscuous_relay 967 By default, the sendmail configuration files do not permit 968 mail relaying (that is, accepting mail from outside your 969 local host (class {w}) and sending it to another host than 970 your local host). This option sets your site to allow 971 mail relaying from any site to any site. In almost all 972 cases, it is better to control relaying more carefully 973 with the access map, class {R}, or authentication. Domains 974 can be added to class {R} by the macros RELAY_DOMAIN or 975 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 976 MASQUERADE_DOMAIN_FILE, see below). 977 978relay_entire_domain 979 By default, only hosts listed as RELAY in the access db 980 will be allowed to relay. This option also allows any 981 host in your domain as defined by class {m}. 982 983relay_hosts_only 984 By default, names that are listed as RELAY in the access 985 db and class {R} are domain names, not host names. 986 For example, if you specify ``foo.com'', then mail to or 987 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com 988 will all be accepted for relaying. This feature changes 989 the behaviour to lookup individual host names only. 990 991relay_based_on_MX 992 Turns on the ability to allow relaying based on the MX 993 records of the host portion of an incoming recipient; that 994 is, if an MX record for host foo.com points to your site, 995 you will accept and relay mail addressed to foo.com. See 996 description below for more information before using this 997 feature. Also, see the KNOWNBUGS entry regarding bestmx 998 map lookups. 999 1000 FEATURE(`relay_based_on_MX') does not necessarily allow 1001 routing of these messages which you expect to be allowed, 1002 if route address syntax (or %-hack syntax) is used. If 1003 this is a problem, add entries to the access-table or use 1004 FEATURE(`loose_relay_check'). 1005 1006relay_mail_from 1007 Allows relaying if the mail sender is listed as RELAY in 1008 the access map. If an optional argument `domain' is given, 1009 the domain portion of the mail sender is checked too. 1010 This should only be used if absolutely necessary as the 1011 sender address can be easily forged. Use of this feature 1012 requires the "From:" tag be prepended to the key in the 1013 access map; see the discussion of tags and 1014 FEATURE(`relay_mail_from') in the section on ANTI-SPAM 1015 CONFIGURATION CONTROL. 1016 1017relay_local_from 1018 Allows relaying if the domain portion of the mail sender 1019 is a local host. This should only be used if absolutely 1020 necessary as it opens a window for spammers. Specifically, 1021 they can send mail to your mail server that claims to be 1022 from your domain (either directly or via a routed address), 1023 and you will go ahead and relay it out to arbitrary hosts 1024 on the Internet. 1025 1026accept_unqualified_senders 1027 Normally, MAIL FROM: commands in the SMTP session will be 1028 refused if the connection is a network connection and the 1029 sender address does not include a domain name. If your 1030 setup sends local mail unqualified (i.e., MAIL FROM: <joe>), 1031 you will need to use this feature to accept unqualified 1032 sender addresses. Setting the DaemonPortOptions modifier 1033 'u' overrides the default behavior, i.e., unqualified 1034 addresses are accepted even without this FEATURE. 1035 If this FEATURE is not used, the DaemonPortOptions modifier 1036 'f' can be used to enforce fully qualified addresses. 1037 1038accept_unresolvable_domains 1039 Normally, MAIL FROM: commands in the SMTP session will be 1040 refused if the host part of the argument to MAIL FROM: 1041 cannot be located in the host name service (e.g., an A or 1042 MX record in DNS). If you are inside a firewall that has 1043 only a limited view of the Internet host name space, this 1044 could cause problems. In this case you probably want to 1045 use this feature to accept all domains on input, even if 1046 they are unresolvable. 1047 1048access_db Turns on the access database feature. The access db gives 1049 you the ability to allow or refuse to accept mail from 1050 specified domains for administrative reasons. By default, 1051 the access database specification is: 1052 1053 hash /etc/mail/access 1054 1055 The format of the database is described in the anti-spam 1056 configuration control section later in this document. 1057 1058blacklist_recipients 1059 Turns on the ability to block incoming mail for certain 1060 recipient usernames, hostnames, or addresses. For 1061 example, you can block incoming mail to user nobody, 1062 host foo.mydomain.com, or guest@bar.mydomain.com. 1063 These specifications are put in the access db as 1064 described in the anti-spam configuration control section 1065 later in this document. 1066 1067rbl This feature is deprecated! Please use dnsbl instead. 1068 Turns on rejection of hosts found in the Realtime Blackhole 1069 List. If an argument is provided it is used as the domain 1070 in which blocked hosts are listed; otherwise, the main 1071 RBL domain rbl.maps.vix.com is used. For details, see 1072 http://maps.vix.com/rbl/. 1073 1074dnsbl Turns on rejection of hosts found in an DNS based rejection 1075 list. If an argument is provided it is used as the domain 1076 in which blocked hosts are listed; otherwise it defaults to 1077 rbl.maps.vix.com. An explanation for an DNS based rejection 1078 list can be found http://maps.vix.com/rbl/. A second argument 1079 can be used to change the default error message of 1080 Mail from $&{client_addr} refused by blackhole site SERVER 1081 where SERVER is replaced by the first argument. This feature 1082 can be included several times to query different DNS based 1083 rejection lists. 1084 1085loose_relay_check 1086 Normally, if % addressing is used for a recipient, e.g. 1087 user%site@othersite, and othersite is in class {R}, the 1088 check_rcpt ruleset will strip @othersite and recheck 1089 user@site for relaying. This feature changes that 1090 behavior. It should not be needed for most installations. 1091 1092no_default_msa Don't generate the default MSA daemon, i.e., 1093 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E') 1094 To define a MSA daemon with other parameters, use this 1095 FEATURE and introduce new settings via DAEMON_OPTIONS(). 1096 1097+-------+ 1098| HACKS | 1099+-------+ 1100 1101Some things just can't be called features. To make this clear, 1102they go in the hack subdirectory and are referenced using the HACK 1103macro. These will tend to be site-dependent. The release 1104includes the Berkeley-dependent "cssubdomain" hack (that makes 1105sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU; 1106this is intended as a short-term aid while moving hosts into 1107subdomains. 1108 1109 1110+--------------------+ 1111| SITE CONFIGURATION | 1112+--------------------+ 1113 1114 ***************************************************** 1115 * This section is really obsolete, and is preserved * 1116 * only for back compatibility. You should plan on * 1117 * using mailertables for new installations. In * 1118 * particular, it doesn't work for the newer forms * 1119 * of UUCP mailers, such as uucp-uudom. * 1120 ***************************************************** 1121 1122Complex sites will need more local configuration information, such as 1123lists of UUCP hosts they speak with directly. This can get a bit more 1124tricky. For an example of a "complex" site, see cf/ucbvax.mc. 1125 1126The SITECONFIG macro allows you to indirectly reference site-dependent 1127configuration information stored in the siteconfig subdirectory. For 1128example, the line 1129 1130 SITECONFIG(`uucp.ucbvax', `ucbvax', `U') 1131 1132reads the file uucp.ucbvax for local connection information. The 1133second parameter is the local name (in this case just "ucbvax" since 1134it is locally connected, and hence a UUCP hostname). The third 1135parameter is the name of both a macro to store the local name (in 1136this case, {U}) and the name of the class (e.g., {U}) in which to store 1137the host information read from the file. Another SITECONFIG line reads 1138 1139 SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W') 1140 1141This says that the file uucp.ucbarpa contains the list of UUCP sites 1142connected to ucbarpa.Berkeley.EDU. Class {W} will be used to 1143store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that 1144is, the name of the relay to which the hosts listed in uucp.ucbarpa 1145are connected. [The machine ucbarpa is gone now, but this 1146out-of-date configuration file has been left around to demonstrate 1147how you might do this.] 1148 1149Note that the case of SITECONFIG with a third parameter of ``U'' is 1150special; the second parameter is assumed to be the UUCP name of the 1151local site, rather than the name of a remote site, and the UUCP name 1152is entered into class {w} (the list of local hostnames) as $U.UUCP. 1153 1154The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing 1155more than a sequence of SITE macros describing connectivity. For 1156example: 1157 1158 SITE(`cnmat') 1159 SITE(`sgi olympus') 1160 1161The second example demonstrates that you can use two names on the 1162same line; these are usually aliases for the same host (or are at 1163least in the same company). 1164 1165 1166+--------------------+ 1167| USING UUCP MAILERS | 1168+--------------------+ 1169 1170It's hard to get UUCP mailers right because of the extremely ad hoc 1171nature of UUCP addressing. These config files are really designed 1172for domain-based addressing, even for UUCP sites. 1173 1174There are four UUCP mailers available. The choice of which one to 1175use is partly a matter of local preferences and what is running at 1176the other end of your UUCP connection. Unlike good protocols that 1177define what will go over the wire, UUCP uses the policy that you 1178should do what is right for the other end; if they change, you have 1179to change. This makes it hard to do the right thing, and discourages 1180people from updating their software. In general, if you can avoid 1181UUCP, please do. 1182 1183The major choice is whether to go for a domainized scheme or a 1184non-domainized scheme. This depends entirely on what the other 1185end will recognize. If at all possible, you should encourage the 1186other end to go to a domain-based system -- non-domainized addresses 1187don't work entirely properly. 1188 1189The four mailers are: 1190 1191 uucp-old (obsolete name: "uucp") 1192 This is the oldest, the worst (but the closest to UUCP) way of 1193 sending messages accros UUCP connections. It does bangify 1194 everything and prepends $U (your UUCP name) to the sender's 1195 address (which can already be a bang path itself). It can 1196 only send to one address at a time, so it spends a lot of 1197 time copying duplicates of messages. Avoid this if at all 1198 possible. 1199 1200 uucp-new (obsolete name: "suucp") 1201 The same as above, except that it assumes that in one rmail 1202 command you can specify several recipients. It still has a 1203 lot of other problems. 1204 1205 uucp-dom 1206 This UUCP mailer keeps everything as domain addresses. 1207 Basically, it uses the SMTP mailer rewriting rules. This mailer 1208 is only included if MAILER(`smtp') is also specified. 1209 1210 Unfortunately, a lot of UUCP mailer transport agents require 1211 bangified addresses in the envelope, although you can use 1212 domain-based addresses in the message header. (The envelope 1213 shows up as the From_ line on UNIX mail.) So.... 1214 1215 uucp-uudom 1216 This is a cross between uucp-new (for the envelope addresses) 1217 and uucp-dom (for the header addresses). It bangifies the 1218 envelope sender (From_ line in messages) without adding the 1219 local hostname, unless there is no host name on the address 1220 at all (e.g., "wolf") or the host component is a UUCP host name 1221 instead of a domain name ("somehost!wolf" instead of 1222 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp') 1223 is also specified. 1224 1225Examples: 1226 1227On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following 1228summarizes the sender rewriting for various mailers. 1229 1230Mailer sender rewriting in the envelope 1231------ ------ ------------------------- 1232uucp-{old,new} wolf grasp!wolf 1233uucp-dom wolf wolf@grasp.insa-lyon.fr 1234uucp-uudom wolf grasp.insa-lyon.fr!wolf 1235 1236uucp-{old,new} wolf@fr.net grasp!fr.net!wolf 1237uucp-dom wolf@fr.net wolf@fr.net 1238uucp-uudom wolf@fr.net fr.net!wolf 1239 1240uucp-{old,new} somehost!wolf grasp!somehost!wolf 1241uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr 1242uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf 1243 1244If you are using one of the domainized UUCP mailers, you really want 1245to convert all UUCP addresses to domain format -- otherwise, it will 1246do it for you (and probably not the way you expected). For example, 1247if you have the address foo!bar!baz (and you are not sending to foo), 1248the heuristics will add the @uucp.relay.name or @local.host.name to 1249this address. However, if you map foo to foo.host.name first, it 1250will not add the local hostname. You can do this using the uucpdomain 1251feature. 1252 1253 1254+-------------------+ 1255| TWEAKING RULESETS | 1256+-------------------+ 1257 1258For more complex configurations, you can define special rules. 1259The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing 1260the names. Any modifications made here are reflected in the header. 1261 1262A common use is to convert old UUCP addresses to SMTP addresses using 1263the UUCPSMTP macro. For example: 1264 1265 LOCAL_RULE_3 1266 UUCPSMTP(`decvax', `decvax.dec.com') 1267 UUCPSMTP(`research', `research.att.com') 1268 1269will cause addresses of the form "decvax!user" and "research!user" 1270to be converted to "user@decvax.dec.com" and "user@research.att.com" 1271respectively. 1272 1273This could also be used to look up hosts in a database map: 1274 1275 LOCAL_RULE_3 1276 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3 1277 1278This map would be defined in the LOCAL_CONFIG portion, as shown below. 1279 1280Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules. 1281For example, new rules are needed to parse hostnames that you accept 1282via MX records. For example, you might have: 1283 1284 LOCAL_RULE_0 1285 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.> 1286 1287You would use this if you had installed an MX record for cnmat.Berkeley.EDU 1288pointing at this host; this rule catches the message and forwards it on 1289using UUCP. 1290 1291You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2. 1292These rulesets are normally empty. 1293 1294A similar macro is LOCAL_CONFIG. This introduces lines added after the 1295boilerplate option setting but before rulesets. Do not declare rulesets in 1296the LOCAL_CONFIG section. It can be used to declare local database maps or 1297whatever. For example: 1298 1299 LOCAL_CONFIG 1300 Khostmap hash /etc/mail/hostmap 1301 Kyplocal nis -m hosts.byname 1302 1303 1304+---------------------------+ 1305| MASQUERADING AND RELAYING | 1306+---------------------------+ 1307 1308You can have your host masquerade as another using 1309 1310 MASQUERADE_AS(`host.domain') 1311 1312This causes mail being sent to be labeled as coming from the 1313indicated host.domain, rather than $j. One normally masquerades as 1314one of one's own subdomains (for example, it's unlikely that 1315Berkeley would choose to masquerade as an MIT site). This 1316behaviour is modified by a plethora of FEATUREs; in particular, see 1317masquerade_envelope, allmasquerade, limited_masquerade, and 1318masquerade_entire_domain. 1319 1320The masquerade name is not normally canonified, so it is important 1321that it be your One True Name, that is, fully qualified and not a 1322CNAME. However, if you use a CNAME, the receiving side may canonify 1323it for you, so don't think you can cheat CNAME mapping this way. 1324 1325Normally the only addresses that are masqueraded are those that come 1326from this host (that is, are either unqualified or in class {w}, the list 1327of local domain names). You can augment this list, which is realized 1328by class {M} using 1329 1330 MASQUERADE_DOMAIN(`otherhost.domain') 1331 1332The effect of this is that although mail to user@otherhost.domain 1333will not be delivered locally, any mail including any user@otherhost.domain 1334will, when relayed, be rewritten to have the MASQUERADE_AS address. 1335This can be a space-separated list of names. 1336 1337If these names are in a file, you can use 1338 1339 MASQUERADE_DOMAIN_FILE(`filename') 1340 1341to read the list of names from the indicated file (i.e., to add 1342elements to class {M}). 1343 1344To exempt hosts or subdomains from being masqueraded, you can use 1345 1346 MASQUERADE_EXCEPTION(`host.domain') 1347 1348This can come handy if you want to masquerade a whole domain 1349except for one (or a few) host(s). 1350 1351Normally only header addresses are masqueraded. If you want to 1352masquerade the envelope as well, use 1353 1354 FEATURE(`masquerade_envelope') 1355 1356There are always users that need to be "exposed" -- that is, their 1357internal site name should be displayed instead of the masquerade name. 1358Root is an example (which has been "exposed" by default prior to 8.10). 1359You can add users to this list using 1360 1361 EXPOSED_USER(`usernames') 1362 1363This adds users to class {E}; you could also use something like 1364 1365 FE/etc/mail/exposed-users 1366 1367You can also arrange to relay all unqualified names (that is, names 1368without @host) to a relay host. For example, if you have a central 1369email server, you might relay to that host so that users don't have 1370to have .forward files or aliases. You can do this using 1371 1372 define(`LOCAL_RELAY', `mailer:hostname') 1373 1374The ``mailer:'' can be omitted, in which case the mailer defaults to 1375"relay". There are some user names that you don't want relayed, perhaps 1376because of local aliases. A common example is root, which may be 1377locally aliased. You can add entries to this list using 1378 1379 LOCAL_USER(`usernames') 1380 1381This adds users to class {L}; you could also use something like 1382 1383 FL/etc/mail/local-users 1384 1385If you want all incoming mail sent to a centralized hub, as for a 1386shared /var/spool/mail scheme, use 1387 1388 define(`MAIL_HUB', `mailer:hostname') 1389 1390Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY 1391and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will 1392be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB. 1393Note: there is a (long standing) bug which keeps this combination from 1394working for addresses of the form user+detail. 1395Names in class {L} will be delivered locally, so you MUST have aliases or 1396.forward files for them. 1397 1398For example, if you are on machine mastodon.CS.Berkeley.EDU and you have 1399FEATURE(`stickyhost'), the following combinations of settings will have the 1400indicated effects: 1401 1402email sent to.... eric eric@mastodon.CS.Berkeley.EDU 1403 1404LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally) 1405mail.CS.Berkeley.EDU (no local aliasing) (aliasing done) 1406 1407MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1408mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done) 1409 1410Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1411MAIL_HUB set as above (no local aliasing) (aliasing done) 1412 1413If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and 1414MAIL_HUB act identically, with MAIL_HUB taking precedence. 1415 1416If you want all outgoing mail to go to a central relay site, define 1417SMART_HOST as well. Briefly: 1418 1419 LOCAL_RELAY applies to unqualified names (e.g., "eric"). 1420 MAIL_HUB applies to names qualified with the name of the 1421 local host (e.g., "eric@mastodon.CS.Berkeley.EDU"). 1422 SMART_HOST applies to names qualified with other hosts or 1423 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU" 1424 or "eric@[127.0.0.1]"). 1425 1426However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY, 1427DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you 1428really want absolutely everything to go to a single central site you will 1429need to unset all the other relays -- or better yet, find or build a 1430minimal config file that does this. 1431 1432For duplicate suppression to work properly, the host name is best 1433specified with a terminal dot: 1434 1435 define(`MAIL_HUB', `host.domain.') 1436 note the trailing dot ---^ 1437 1438 1439+--------------+ 1440| LDAP ROUTING | 1441+--------------+ 1442 1443FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft 1444LDAP Schema for Intranet Mail Routing 1445(draft-lachman-laser-ldap-mail-routing-01). This feature enables 1446LDAP-based rerouting of a particular address to either a different host 1447or a different address. The LDAP lookup is first attempted on the full 1448address (e.g., user@example.com) and then on the domain portion 1449(e.g., @example.com). Be sure to setup your domain for LDAP routing using 1450LDAPROUTE_DOMAIN(), e.g.: 1451 1452 LDAPROUTE_DOMAIN(`example.com') 1453 1454By default, the feature will use the schemas as specified in the draft 1455and will not reject addresses not found by the LDAP lookup. However, 1456this behavior can be changed by giving additional arguments to the FEATURE() 1457command: 1458 1459 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>) 1460 1461where <mailHost> is a map definition describing how to lookup an alternative 1462mail host for a particular address; <mailRoutingAddress> is a map definition 1463describing how to lookup an alternative address for a particular address; and 1464the <bounce> argument, if present and not the word "passthru", dictates 1465that mail should be bounced if neither a mailHost nor mailRoutingAddress 1466is found. 1467 1468The default <mailHost> map definition is: 1469 1470 ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient) 1471 (mailLocalAddress=%0)) 1472 1473The default <mailRoutingAddress> map definition is: 1474 1475 ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient) 1476 (mailLocalAddress=%0)) 1477 1478Note that neither includes the LDAP server hostname (-h server) or base DN 1479(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that 1480your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with 1481these settings. If this is not the case, the map definitions should be 1482changed as described above. 1483 1484The following possibilities exist as a result of an LDAP lookup on an 1485address: 1486 1487 mailHost is mailRoutingAddress is Results in 1488 ----------- --------------------- ---------- 1489 set to a set mail delivered to 1490 "local" host mailRoutingAddress 1491 1492 set to a not set delivered to 1493 "local" host original address 1494 1495 set to a set mailRoutingAddress 1496 remote host relayed to mailHost 1497 1498 set to a not set original address 1499 remote host relayed to mailHost 1500 1501 not set set mail delivered to 1502 mailRoutingAddress 1503 1504 not set not set delivered to 1505 original address *OR* 1506 bounced as unknown user 1507 1508The term "local" host above means the host specified is in class {w}. 1509Note that the last case depends on whether the third argument is given 1510to the FEATURE() command. The default is to deliver the message to the 1511original address. 1512 1513The LDAP entries should be set up with an objectClass of 1514inetLocalMailRecipient and the address be listed in a mailLocalAddress 1515attribute. If present, there must be only one mailHost attribute and it 1516must contain a fully qualified host name as its value. Similarly, if 1517present, there must be only one mailRoutingAddress attribute and it must 1518contain an RFC 822 compliant address. Some example LDAP records (in ldif 1519format): 1520 1521 dn: uid=tom, o=example.com, c=US 1522 objectClass: inetLocalMailRecipient 1523 mailLocalAddress: tom@example.com 1524 mailRoutingAddress: thomas@mailhost.example.com 1525 1526This would deliver mail for tom@example.com to thomas@mailhost.example.com. 1527 1528 dn: uid=dick, o=example.com, c=US 1529 objectClass: inetLocalMailRecipient 1530 mailLocalAddress: dick@example.com 1531 mailHost: eng.example.com 1532 1533This would relay mail for dick@example.com to the same address but redirect 1534the mail to MX records listed for the host eng.example.com. 1535 1536 dn: uid=harry, o=example.com, c=US 1537 objectClass: inetLocalMailRecipient 1538 mailLocalAddress: harry@example.com 1539 mailHost: mktmail.example.com 1540 mailRoutingAddress: harry@mkt.example.com 1541 1542This would relay mail for harry@example.com to the MX records listed for 1543the host mktmail.example.com using the new address harry@mkt.example.com 1544when talking to that host. 1545 1546 dn: uid=virtual.example.com, o=example.com, c=US 1547 objectClass: inetLocalMailRecipient 1548 mailLocalAddress: @virtual.example.com 1549 mailHost: server.example.com 1550 mailRoutingAddress: virtual@example.com 1551 1552This would send all mail destined for any username @virtual.example.com to 1553the machine server.example.com's MX servers and deliver to the address 1554virtual@example.com on that relay machine. 1555 1556 1557+---------------------------------+ 1558| ANTI-SPAM CONFIGURATION CONTROL | 1559+---------------------------------+ 1560 1561The primary anti-spam features available in sendmail are: 1562 1563* Relaying is denied by default. 1564* Better checking on sender information. 1565* Access database. 1566* Header checks. 1567 1568Relaying (transmission of messages from a site outside your host (class 1569{w}) to another site except yours) is denied by default. Note that this 1570changed in sendmail 8.9; previous versions allowed relaying by default. 1571If you really want to revert to the old behaviour, you will need to use 1572FEATURE(`promiscuous_relay'). You can allow certain domains to relay 1573through your server by adding their domain name or IP address to class 1574{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database 1575(described below). The file consists (like any other file based class) 1576of entries listed on separate lines, e.g., 1577 1578 sendmail.org 1579 128.32 1580 1:2:3:4:5:6:7 1581 host.mydomain.com 1582 1583If you use 1584 1585 FEATURE(`relay_entire_domain') 1586 1587then any host in any of your local domains (that is, class {m}) 1588will be relayed (that is, you will accept mail either to or from any 1589host in your domain). 1590 1591You can also allow relaying based on the MX records of the host 1592portion of an incoming recipient address by using 1593 1594 FEATURE(`relay_based_on_MX') 1595 1596For example, if your server receives a recipient of user@domain.com 1597and domain.com lists your server in its MX records, the mail will be 1598accepted for relay to domain.com. Note that this will stop spammers 1599from using your host to relay spam but it will not stop outsiders from 1600using your server as a relay for their site (that is, they set up an 1601MX record pointing to your mail server, and you will relay mail addressed 1602to them without any prior arrangement). Along the same lines, 1603 1604 FEATURE(`relay_local_from') 1605 1606will allow relaying if the sender specifies a return path (i.e. 1607MAIL FROM: <user@domain>) domain which is a local domain. This a 1608dangerous feature as it will allow spammers to spam using your mail 1609server by simply specifying a return address of user@your.domain.com. 1610It should not be used unless absolutely necessary. 1611A slightly better solution is 1612 1613 FEATURE(`relay_mail_from') 1614 1615which allows relaying if the mail sender is listed as RELAY in the 1616access map. If an optional argument `domain' is given, the domain 1617portion of the mail sender is also checked to allowing relaying. 1618This option only works together with the tag From: for the LHS of 1619the access map entries (see below: Finer control...). 1620 1621 1622If source routing is used in the recipient address (i.e. 1623RCPT TO: <user%site.com@othersite.com>), sendmail will check 1624user@site.com for relaying if othersite.com is an allowed relay host 1625in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, 1626or the access database if FEATURE(`access_db') is used. To prevent 1627the address from being stripped down, use: 1628 1629 FEATURE(`loose_relay_check') 1630 1631If you think you need to use this feature, you probably do not. This 1632should only be used for sites which have no control over the addresses 1633that they provide a gateway for. Use this FEATURE with caution as it 1634can allow spammers to relay through your server if not setup properly. 1635 1636NOTICE: It is possible to relay mail through a system which the anti-relay 1637rules do not prevent: the case of a system that does use FEATURE(`nouucp', 1638`nospecial') (system A) and relays local messages to a mail hub (e.g., via 1639LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use 1640FEATURE(`nouucp') at all, addresses of the form 1641<example.net!user@local.host> would be relayed to <user@example.net>. 1642System A doesn't recognize `!' as an address separator and therefore 1643forwards it to the mail hub which in turns relays it because it came from 1644a trusted local host. So if a mailserver allows UUCP (bang-format) 1645addresses, all systems from which it allows relaying should do the same 1646or reject those addresses. 1647 1648As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has 1649an unresolvable domain (i.e., one that DNS, your local name service, 1650or special case rules in ruleset 3 cannot locate). If you want to 1651continue to accept such domains, e.g., because you are inside a 1652firewall that has only a limited view of the Internet host name space 1653(note that you will not be able to return mail to them unless you have 1654some "smart host" forwarder), use 1655 1656 FEATURE(`accept_unresolvable_domains') 1657 1658sendmail will also refuse mail if the MAIL FROM: parameter is not 1659fully qualified (i.e., contains a domain as well as a user). If you 1660want to continue to accept such senders, use 1661 1662 FEATURE(`accept_unqualified_senders') 1663 1664Setting the DaemonPortOptions modifier 'u' overrides the default behavior, 1665i.e., unqualified addresses are accepted even without this FEATURE. If 1666this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used 1667to enforce fully qualified addresses. 1668 1669An ``access'' database can be created to accept or reject mail from 1670selected domains. For example, you may choose to reject all mail 1671originating from known spammers. To enable such a database, use 1672 1673 FEATURE(`access_db') 1674 1675The FEATURE macro can accept a second parameter giving the key file 1676definition for the database; for example 1677 1678 FEATURE(`access_db', `hash /etc/mail/access') 1679 1680Remember, since /etc/mail/access is a database, after creating the text 1681file as described below, you must use makemap to create the database 1682map. For example: 1683 1684 makemap hash /etc/mail/access < /etc/mail/access 1685 1686The table itself uses e-mail addresses, domain names, and network 1687numbers as keys. For example, 1688 1689 spammer@aol.com REJECT 1690 cyberspammer.com REJECT 1691 192.168.212 REJECT 1692 1693would refuse mail from spammer@aol.com, any user from cyberspammer.com 1694(or any host within the cyberspammer.com domain), and any host on the 1695192.168.212.* network. 1696 1697The value part of the map can contain: 1698 1699 OK Accept mail even if other rules in the 1700 running ruleset would reject it, for example, 1701 if the domain name is unresolvable. 1702 RELAY Accept mail addressed to the indicated domain or 1703 received from the indicated domain for relaying 1704 through your SMTP server. RELAY also serves as 1705 an implicit OK for the other checks. 1706 REJECT Reject the sender or recipient with a general 1707 purpose message. 1708 DISCARD Discard the message completely using the 1709 $#discard mailer. For sender addresses it 1710 indicates that you should discard anything 1711 received from the indicated domain. If it 1712 is used for recipients, it affects only 1713 the designated recipients, not the whole 1714 message. 1715 ### any text where ### is an RFC 821 compliant error code and 1716 "any text" is a message to return for the command. 1717 The string should be quoted to avoid surprises, 1718 e.g., sendmail may remove spaces otherwise. 1719 ERROR:### any text 1720 as above, but useful to mark error messages as such. 1721 ERROR:D.S.N:### any text 1722 where D.S.N is an RFC 1893 compliant error code 1723 and the rest as above. 1724 1725For example: 1726 1727 cyberspammer.com ERROR:"550 We don't accept mail from spammers" 1728 okay.cyberspammer.com OK 1729 sendmail.org RELAY 1730 128.32 RELAY 1731 1:2:3:4:5:6:7 RELAY 1732 [127.0.0.3] OK 1733 [1:2:3:4:5:6:7:8] OK 1734 1735would accept mail from okay.cyberspammer.com, but would reject mail from 1736all other hosts at cyberspammer.com with the indicated message. It would 1737allow relaying mail from and to any hosts in the sendmail.org domain, and 1738allow relaying from the 128.32.*.* network and the IPv6 1:2:3:4:5:6:7:* 1739network. The latter two entries are for checks against ${client_name} if 1740the IP address doesn't resolve to a hostname (or is considered as "may be 1741forged"). 1742 1743Warning: if you change the RFC 821 compliant error code from the default 1744value of 550, then you should probably also change the RFC 1893 compliant 1745error code to match it. For example, if you use 1746 1747 user@example.com 450 mailbox full 1748 1749the error returned would be "450 4.0.0 mailbox full" which is wrong. 1750Use "450 4.2.2 mailbox full" or "ERROR:4.2.2:450 mailbox full" 1751instead. 1752 1753Note, UUCP users may need to add hostname.UUCP to the access database 1754or class {R}. If you also use: 1755 1756 FEATURE(`relay_hosts_only') 1757 1758then the above example will allow relaying for sendmail.org, but not 1759hosts within the sendmail.org domain. Note that this will also require 1760hosts listed in class {R} to be fully qualified host names. 1761 1762You can also use the access database to block sender addresses based on 1763the username portion of the address. For example: 1764 1765 FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted 1766 1767Note that you must include the @ after the username to signify that 1768this database entry is for checking only the username portion of the 1769sender address. 1770 1771If you use: 1772 1773 FEATURE(`blacklist_recipients') 1774 1775then you can add entries to the map for local users, hosts in your 1776domains, or addresses in your domain which should not receive mail: 1777 1778 badlocaluser@ ERROR:550 Mailbox disabled for this username 1779 host.mydomain.com ERROR:550 That host does not accept mail 1780 user@otherhost.mydomain.com ERROR:550 Mailbox disabled for this recipient 1781 1782This would prevent a recipient of badlocaluser@mydomain.com, any 1783user at host.mydomain.com, and the single address 1784user@otherhost.mydomain.com from receiving mail. Please note: a 1785local username must be now tagged with an @ (this is consistent 1786with the check of the sender address, and hence it is possible to 1787distinguish between hostnames and usernames). Enabling this feature 1788will keep you from sending mails to all addresses that have an 1789error message or REJECT as value part in the access map. Taking 1790the example from above: 1791 1792 spammer@aol.com REJECT 1793 cyberspammer.com REJECT 1794 1795Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com. 1796 1797There is also a ``Realtime Blackhole List'' run by the MAPS project 1798at http://maps.vix.com/. This is a database maintained in DNS of 1799spammers. To use this database, use 1800 1801 FEATURE(`dnsbl') 1802 1803This will cause sendmail to reject mail from any site in the 1804Realtime Blackhole List database. You can specify an alternative 1805RBL domain to check by specifying an argument to the FEATURE. 1806A second argument can be used to change the default error message 1807Mail from $&{client_addr} refused by blackhole site DOMAIN 1808where DOMAIN is replaced by the first argument. This FEATURE can 1809be included several times to query different DNS based rejection 1810lists, e.g., the dial-up user list (see http://maps.vix.com/dul/). 1811 1812The features described above make use of the check_relay, check_mail, 1813and check_rcpt rulesets. If you wish to include your own checks, 1814you can put your checks in the rulesets Local_check_relay, 1815Local_check_mail, and Local_check_rcpt. For example if you wanted to 1816block senders with all numeric usernames (i.e. 2312343@bigisp.com), 1817you would use Local_check_mail and the new regex map: 1818 1819 LOCAL_CONFIG 1820 Kallnumbers regex -a@MATCH ^[0-9]+$ 1821 1822 LOCAL_RULESETS 1823 SLocal_check_mail 1824 # check address against various regex checks 1825 R$* $: $>Parse0 $>3 $1 1826 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $) 1827 R@MATCH $#error $: 553 Header Error 1828 1829These rules are called with the original arguments of the corresponding 1830check_* ruleset. If the local ruleset returns $#OK, no further checking 1831is done by the features described above and the mail is accepted. If the 1832local ruleset resolves to a mailer (such as $#error or $#discard), the 1833appropriate action is taken. Otherwise, the results of the local 1834rewriting are ignored. 1835 1836Finer control by using tags for the LHS of the access map 1837 1838Read this section only if the options listed so far are not sufficient 1839for your purposes. There is now the option to tag entries in the 1840access map according to their type. Three tags are available: 1841 1842 Connect: connection information (${client_addr}, ${client_name}) 1843 From: sender 1844 To: recipient 1845 1846If the required item is looked up in a map, it will be tried first 1847with the corresponding tag in front, then (as fallback to enable 1848backward compatibility) without any tag. For example, 1849 1850 From:spammer@some.dom REJECT 1851 To:friend.domain RELAY 1852 Connect:friend.domain OK 1853 Connect:from.domain RELAY 1854 From:good@another.dom OK 1855 From:another.dom REJECT 1856 1857This would deny mails from spammer@some.dom but you could still 1858send mail to that address even if FEATURE(`blacklist_recipients') 1859is enabled. Your system will allow relaying to friend.domain, but 1860not from it (unless enabled by other means). Connections from that 1861domain will be allowed even if it ends up in one of the DNS based 1862rejection lists. Relaying is enabled from from.domain but not to 1863it (since relaying is based on the connection information for 1864outgoing relaying, the tag Connect: must be used; for incoming 1865relaying, which is based on the recipient address, To: must be 1866used). The last two entries allow mails from good@another.dom but 1867reject mail from all other addresses with another.dom as domain 1868part. 1869 1870Delay all checks 1871 1872By using FEATURE(`delay_checks') the rulesets check_mail and check_relay 1873will not be called when a client connects or issues a MAIL command, 1874respectively. Instead, those rulesets will be called by the check_rcpt 1875ruleset; they will be skipped if a sender has been authenticated using 1876a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(). 1877If check_mail returns an error then the RCPT TO command will be rejected 1878with that error. If it returns some other result starting with $# then 1879check_relay will be skipped. If the sender address (or a part of it) is 1880listed in the access map and it has a RHS of OK or RELAY, then check_relay 1881will be skipped. This has an interesting side effect: if your domain is 1882my.domain and you have 1883 1884 my.domain RELAY 1885 1886in the access map, then all e-mail with a sender address of 1887<user@my.domain> gets through, even if check_relay would reject it 1888(e.g., based on the hostname or IP address). This allows spammers 1889to get around DNS based blacklist by faking the sender address. To 1890avoid this problem you have to use tagged entries: 1891 1892 To:my.domain RELAY 1893 Connect:my.domain RELAY 1894 1895if you need those entries at all (class {R} may take care of them). 1896 1897FEATURE(`delay_checks') can take an optional argument: 1898 1899 FEATURE(`delay_checks', `friend') 1900 enables spamfriend test 1901 FEATURE(`delay_checks', `hater') 1902 enables spamhater test 1903 1904If such an argument is given, the recipient will be looked up in the access 1905map (using the tag To:). If the argument is `friend', then the other 1906rulesets will be skipped if the recipient address is found and has RHS 1907spamfriend. If the argument is `hater', then the other rulesets will be 1908applied if the recipient address is found and has RHS spamhater. 1909 1910This allows for simple exceptions from the tests, e.g., by activating 1911the spamfriend option and having 1912 1913 To:abuse@ SPAMFRIEND 1914 1915in the access map, mail to abuse@localdomain will get through. It is 1916also possible to specify a full address or an address with +detail: 1917 1918 To:abuse@abuse.my.domain SPAMFRIEND 1919 To:me+abuse@ SPAMFRIEND 1920 1921 1922Header Checks 1923 1924You can also reject mail on the basis of the contents of headers. 1925This is done by adding a ruleset call to the 'H' header definition command 1926in sendmail.cf. For example, this can be used to check the validity of 1927a Message-ID: header: 1928 1929 LOCAL_RULESETS 1930 HMessage-Id: $>CheckMessageId 1931 1932 SCheckMessageId 1933 R< $+ @ $+ > $@ OK 1934 R$* $#error $: 553 Header Error 1935 1936The alternative format: 1937 1938 HSubject: $>+CheckSubject 1939 1940that is, $>+ instead of $>, gives the full Subject: header including 1941comments to the ruleset (comments in parentheses () are stripped 1942by default). 1943 1944A default ruleset for headers which don't have a specific ruleset 1945defined for them can be given by: 1946 1947 H*: $>CheckHdr 1948 1949After all of the headers are read, the check_eoh ruleset will be called for 1950any final header-related checks. The ruleset is called with the number of 1951headers and the size of all of the headers in bytes separated by $|. One 1952example usage is to reject messages which do not have a Message-Id: 1953header. However, the Message-Id: header is *NOT* a required header and is 1954not a guaranteed spam indicator. This ruleset is an example and should 1955probably not be used in production. 1956 1957 LOCAL_CONFIG 1958 Kstorage macro 1959 1960 LOCAL_RULESETS 1961 HMessage-Id: $>CheckMessageId 1962 1963 SCheckMessageId 1964 # Record the presence of the header 1965 R$* $: $(storage {MessageIdCheck} $@ OK $) $1 1966 R< $+ @ $+ > $@ OK 1967 R$* $#error $: 553 Header Error 1968 1969 Scheck_eoh 1970 # Check the macro 1971 R$* $: < $&{MessageIdCheck} > 1972 # Clear the macro for the next message 1973 R$* $: $(storage {MessageIdCheck} $) $1 1974 # Has a Message-Id: header 1975 R< $+ > $@ OK 1976 # Allow missing Message-Id: from local mail 1977 R$* $: < $&{client_name} > 1978 R< > $@ OK 1979 R< $=w > $@ OK 1980 # Otherwise, reject the mail 1981 R$* $#error $: 553 Header Error 1982 1983+----------+ 1984| STARTTLS | 1985+----------+ 1986 1987In this text, cert will be used as an abreviation for X.509 certificate, 1988DN is the distinguished name of a cert, and CA is a certification authority. 1989 1990Macros related to STARTTLS are: 1991 1992${cert_issuer} holds the DN of the CA (the cert issuer). 1993${cert_subject} holds the DN of the cert (called the cert subject). 1994${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1, 1995 SSLv3, SSLv2. 1996${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 1997 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 1998${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm 1999 used for the connection. 2000${verify} holds the result of the verification of the presented cert. Possible 2001 values are: 2002 OK verification succeeded. 2003 NO no cert presented. 2004 FAIL cert presented but could not be verified, e.g., the signing 2005 CA is missing. 2006 NONE STARTTLS has not been performed. 2007 TEMP temporary error occurred. 2008 PROTOCOL some protocol error occurred. 2009 SOFTWARE STARTTLS handshake failed. 2010${server_name} the name of the server of the current outgoing SMTP 2011 connection. 2012${server_addr} the address of the server of the current outgoing SMTP 2013 connection. 2014 2015Relaying 2016 2017SMTP STARTTLS can allow relaying for senders who have successfully 2018authenticated themselves. This is done in the ruleset RelayAuth. If the 2019verification of the cert failed (${verify} != OK), relaying is subject to 2020the usual rules. Otherwise the DN of the issuer is looked up in the access 2021map using the tag CERTISSUER. If the resulting value is RELAY, relaying is 2022allowed. If it is SUBJECT, the DN of the cert subject is looked up next in 2023the access map. using the tag CERTSUBJECT. If the value is RELAY, relaying 2024is allowed. 2025 2026To make things a bit more flexible (or complicated), the values for 2027${cert_issuer} and ${cert_subject} can be optionally modified by regular 2028expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and 2029_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in 2030rulesets and map lookups, they are modified as follows: each non-printable 2031character and the characters '<', '>', '(', ')', '"', '+' are replaced by 2032their HEX value with a leading '+'. For example: 2033 2034/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email= 2035darth+cert@endmail.org 2036 2037is encoded as: 2038 2039/C=US/ST=California/O=endmail.org/OU=private/CN= 2040Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 2041 2042(line breaks have been inserted for readability). 2043 2044Of course it is also possible to write a simple rulesets that allows 2045relaying for everyone who can present a cert that can be verified, e.g., 2046 2047LOCAL_RULESETS 2048SLocal_check_rcpt 2049R$* $: $&{verify} 2050ROK $# OK 2051 2052Allowing Connections 2053 2054The rulesets tls_server and tls_client are used to decide whether an SMTP 2055connection is accepted (or should continue). 2056 2057tls_server is called when sendmail acts as client after a STARTTLS command 2058(should) have been issued. The parameter is the value of ${verify}. 2059 2060tls_client is called when sendmail acts as server, after a STARTTLS command 2061has been issued, and from check_mail. The parameter is the value of 2062${verify} and STARTTLS or MAIL, respectively. 2063 2064Both rulesets behave the same. If no access map is in use, the connection 2065will be accepted unless ${verify} is SOFTWARE, in which case the connection 2066is always aborted. Otherwise, ${client_name} (${server_name}) is looked 2067up in the access map using the tag TLS_Srv (or TLS_Clt), which is done 2068with the ruleset LookUpDomain. If no entry is found, ${client_addr} 2069(${server_addr}) is looked up in the access map (same tag, ruleset 2070LookUpAddr). If this doesn't result in an entry either, just the tag is 2071looked up in the access map (included the trailing :). The result of the 2072lookups is then used to call the ruleset tls_connection, which checks the 2073requirement specified by the RHS in the access map against the actual 2074parameters of the current TLS connection, esp. ${verify} and 2075${cipher_bits}. Legal RHSs in the access map are: 2076 2077VERIFY verification must have succeeded 2078VERIFY:bits verification must have succeeded and ${cipher_bits} must 2079 be greater than or equal bits. 2080ENCR:bits ${cipher_bits} must be greater than or equal bits. 2081 2082The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary 2083or permanent error. The default is a temporary error code (403 4.7.0) 2084unless the macro TLS_PERM_ERR is set during generation of the .cf file. 2085 2086If a certain level of encryption is required, then it might also be 2087possible that this level is provided by the security layer from a SASL 2088algorithm, e.g., DIGEST-MD5. 2089 2090Example: e-mail send to secure.example.com should only use an encrypted 2091connection. e-mail received from hosts within the laptop.example.com domain 2092should only be accepted if they have been authenticated. 2093TLS_Srv:secure.example.com ENCR:112 2094TLS_Clt:laptop.example.com PERM+VERIFY:112 2095 2096Received: Header 2097 2098The Received: header reveals whether STARTTLS has been used. It contains an 2099extra line: 2100 2101(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify}) 2102 2103+---------------------+ 2104| SMTP AUTHENTICATION | 2105+---------------------+ 2106 2107The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be 2108used in anti-relay rulesets to allow relaying for those users that 2109authenticated themselves. A very simple example is: 2110 2111SLocal_check_rcpt 2112R$* $: $&{auth_type} 2113R$+ $# OK 2114 2115which checks whether a user has successfully authenticated using 2116any available mechanism. Depending on the setup of the CYRUS SASL 2117library, more sophisticated rulesets might be required, e.g., 2118 2119SLocal_check_rcpt 2120R$* $: $&{auth_type} $| $&{auth_authen} 2121RDIGEST-MD5 $| $+@$=w $# OK 2122 2123to allow relaying for users that authenticated using DIGEST-MD5 2124and have an identity in the local domains. 2125 2126The ruleset Strust_auth is used to determine whether a given AUTH= 2127parameter (that is passed to this ruleset) should be trusted. This 2128ruleset may make use of the other ${auth_*} macros. Only if the 2129ruleset resolves to the error mailer, the AUTH= parameter is not 2130trusted. A user supplied ruleset Local_trust_auth can be written 2131to modify the default behavior, which only trust the AUTH= 2132parameter if it is identical to the authenticated user. 2133 2134Per default, relaying is allowed for any user who authenticated 2135via a "trusted" mechanism, i.e., one that is defined via 2136TRUST_AUTH_MECH(`list of mechanisms') 2137 2138If the selected mechanism provides a security layer the number of 2139bits used for the key of the symmetric cipher is stored in the 2140macro ${auth_ssf}. 2141 2142+--------------------------------+ 2143| ADDING NEW MAILERS OR RULESETS | 2144+--------------------------------+ 2145 2146Sometimes you may need to add entirely new mailers or rulesets. They 2147should be introduced with the constructs MAILER_DEFINITIONS and 2148LOCAL_RULESETS respectively. For example: 2149 2150 MAILER_DEFINITIONS 2151 Mmymailer, ... 2152 ... 2153 2154 LOCAL_RULESETS 2155 Smyruleset 2156 ... 2157 2158 2159#if _FFR_MILTER 2160+---------------------------+ 2161| ADDING NEW MAILER FILTERS | 2162+---------------------------+ 2163 2164Sendmail supports mail filters to filter incoming SMTP messages according 2165to the "Sendmail Mail Filter API" documentation. These filters can be 2166configured in your mc file using the two commands: 2167 2168 MAIL_FILTER(`name', `equates') 2169 INPUT_MAIL_FILTER(`name', `equates') 2170 2171The first command, MAIL_FILTER(), simply defines a filter with the given 2172name and equates. For example: 2173 2174 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2175 2176This creates the equivalent sendmail.cf entry: 2177 2178 Xarchive, S=local:/var/run/archivesock, F=R 2179 2180The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER 2181but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name 2182of the filter such that the filter will actually be called by sendmail. 2183 2184For example, the two commands: 2185 2186 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2187 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2188 2189are equivalent to the three commands: 2190 2191 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2192 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2193 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck') 2194 2195In general, INPUT_MAIL_FILTER() should be used unless you need to define 2196more filters than you want to use for `confINPUT_MAIL_FILTERS'. 2197 2198Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER() 2199commands will clear the list created by the prior INPUT_MAIL_FILTER() 2200commands. 2201#endif /* _FFR_MILTER */ 2202 2203 2204+-------------------------------+ 2205| NON-SMTP BASED CONFIGURATIONS | 2206+-------------------------------+ 2207 2208These configuration files are designed primarily for use by 2209SMTP-based sites. They may not be well tuned for UUCP-only or 2210UUCP-primarily nodes (the latter is defined as a small local net 2211connected to the rest of the world via UUCP). However, there is 2212one hook to handle some special cases. 2213 2214You can define a ``smart host'' that understands a richer address syntax 2215using: 2216 2217 define(`SMART_HOST', `mailer:hostname') 2218 2219In this case, the ``mailer:'' defaults to "relay". Any messages that 2220can't be handled using the usual UUCP rules are passed to this host. 2221 2222If you are on a local SMTP-based net that connects to the outside 2223world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules. 2224For example: 2225 2226 define(`SMART_HOST', `uucp-new:uunet') 2227 LOCAL_NET_CONFIG 2228 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3 2229 2230This will cause all names that end in your domain name ($m) via 2231SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet. 2232If you have FEATURE(`nocanonify'), you may need to omit the dots after 2233the $m. If you are running a local DNS inside your domain which is 2234not otherwise connected to the outside world, you probably want to 2235use: 2236 2237 define(`SMART_HOST', `smtp:fire.wall.com') 2238 LOCAL_NET_CONFIG 2239 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3 2240 2241That is, send directly only to things you found in your DNS lookup; 2242anything else goes through SMART_HOST. 2243 2244You may need to turn off the anti-spam rules in order to accept 2245UUCP mail with FEATURE(`promiscuous_relay') and 2246FEATURE(`accept_unresolvable_domains'). 2247 2248 2249+-----------+ 2250| WHO AM I? | 2251+-----------+ 2252 2253Normally, the $j macro is automatically defined to be your fully 2254qualified domain name (FQDN). Sendmail does this by getting your 2255host name using gethostname and then calling gethostbyname on the 2256result. For example, in some environments gethostname returns 2257only the root of the host name (such as "foo"); gethostbyname is 2258supposed to return the FQDN ("foo.bar.com"). In some (fairly rare) 2259cases, gethostbyname may fail to return the FQDN. In this case 2260you MUST define confDOMAIN_NAME to be your fully qualified domain 2261name. This is usually done using: 2262 2263 Dmbar.com 2264 define(`confDOMAIN_NAME', `$w.$m')dnl 2265 2266 2267+-----------------------------------+ 2268| ACCEPTING MAIL FOR MULTIPLE NAMES | 2269+-----------------------------------+ 2270 2271If your host is known by several different names, you need to augment 2272class {w}. This is a list of names by which your host is known, and 2273anything sent to an address using a host name in this list will be 2274treated as local mail. You can do this in two ways: either create the 2275file /etc/mail/local-host-names containing a list of your aliases (one per 2276line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add 2277``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified 2278name of the host, rather than a short name. 2279 2280If you want to have different address in different domains, take 2281a look at the virtusertable feature, which is also explained at 2282http://www.sendmail.org/virtual-hosting.html 2283 2284 2285+--------------------+ 2286| USING MAILERTABLES | 2287+--------------------+ 2288 2289To use FEATURE(`mailertable'), you will have to create an external 2290database containing the routing information for various domains. 2291For example, a mailertable file in text format might be: 2292 2293 .my.domain xnet:%1.my.domain 2294 uuhost1.my.domain uucp-new:uuhost1 2295 .bitnet smtp:relay.bit.net 2296 2297This should normally be stored in /etc/mail/mailertable. The actual 2298database version of the mailertable is built using: 2299 2300 makemap hash /etc/mail/mailertable < /etc/mail/mailertable 2301 2302The semantics are simple. Any LHS entry that does not begin with 2303a dot matches the full host name indicated. LHS entries beginning 2304with a dot match anything ending with that domain name (including 2305the leading dot) -- that is, they can be thought of as having a 2306leading ".+" regular expression pattern for a non-empty sequence of 2307characters. Matching is done in order of most-to-least qualified 2308-- for example, even though ".my.domain" is listed first in the 2309above example, an entry of "uuhost1.my.domain" will match the second 2310entry since it is more explicit. Note: e-mail to "user@my.domain" 2311does not match any entry in the above table. You need to have 2312something like: 2313 2314 my.domain esmtp:host.my.domain 2315 2316The RHS should always be a "mailer:host" pair. The mailer is the 2317configuration name of a mailer (that is, an {M} line in the 2318sendmail.cf file). The "host" will be the hostname passed to 2319that mailer. In domain-based matches (that is, those with leading 2320dots) the "%1" may be used to interpolate the wildcarded part of 2321the host name. For example, the first line above sends everything 2322addressed to "anything.my.domain" to that same host name, but using 2323the (presumably experimental) xnet mailer. 2324 2325In some cases you may want to temporarily turn off MX records, 2326particularly on gateways. For example, you may want to MX 2327everything in a domain to one machine that then forwards it 2328directly. To do this, you might use the DNS configuration: 2329 2330 *.domain. IN MX 0 relay.machine 2331 2332and on relay.machine use the mailertable: 2333 2334 .domain smtp:[gateway.domain] 2335 2336The [square brackets] turn off MX records for this host only. 2337If you didn't do this, the mailertable would use the MX record 2338again, which would give you an MX loop. 2339 2340 2341+--------------------------------+ 2342| USING USERDB TO MAP FULL NAMES | 2343+--------------------------------+ 2344 2345The user database was not originally intended for mapping full names 2346to login names (e.g., Eric.Allman => eric), but some people are using 2347it that way. (it is recommended that you set up aliases for this 2348purpose instead -- since you can specify multiple alias files, this 2349is fairly easy.) The intent was to locate the default maildrop at 2350a site, but allow you to override this by sending to a specific host. 2351 2352If you decide to set up the user database in this fashion, it is 2353imperative that you not use FEATURE(`stickyhost') -- otherwise, 2354e-mail sent to Full.Name@local.host.name will be rejected. 2355 2356To build the internal form of the user database, use: 2357 2358 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt 2359 2360As a general rule, it is an extremely bad idea to using full names 2361as e-mail addresses, since they are not in any sense unique. For 2362example, the UNIX software-development community has at least two 2363well-known Peter Deutsches, and at one time Bell Labs had two 2364Stephen R. Bournes with offices along the same hallway. Which one 2365will be forced to suffer the indignity of being Stephen_R_Bourne_2? 2366The less famous of the two, or the one that was hired later? 2367 2368Finger should handle full names (and be fuzzy). Mail should use 2369handles, and not be fuzzy. 2370 2371 2372+--------------------------------+ 2373| MISCELLANEOUS SPECIAL FEATURES | 2374+--------------------------------+ 2375 2376Plussed users 2377 Sometimes it is convenient to merge configuration on a 2378 centralized mail machine, for example, to forward all 2379 root mail to a mail server. In this case it might be 2380 useful to be able to treat the root addresses as a class 2381 of addresses with subtle differences. You can do this 2382 using plussed users. For example, a client might include 2383 the alias: 2384 2385 root: root+client1@server 2386 2387 On the server, this will match an alias for "root+client1". 2388 If that is not found, the alias "root+*" will be tried, 2389 then "root". 2390 2391 2392+----------------+ 2393| SECURITY NOTES | 2394+----------------+ 2395 2396A lot of sendmail security comes down to you. Sendmail 8 is much 2397more careful about checking for security problems than previous 2398versions, but there are some things that you still need to watch 2399for. In particular: 2400 2401* Make sure the aliases file isn't writable except by trusted 2402 system personnel. This includes both the text and database 2403 version. 2404 2405* Make sure that other files that sendmail reads, such as the 2406 mailertable, are only writable by trusted system personnel. 2407 2408* The queue directory should not be world writable PARTICULARLY 2409 if your system allows "file giveaways" (that is, if a non-root 2410 user can chown any file they own to any other user). 2411 2412* If your system allows file giveaways, DO NOT create a publically 2413 writable directory for forward files. This will allow anyone 2414 to steal anyone else's e-mail. Instead, create a script that 2415 copies the .forward file from users' home directories once a 2416 night (if you want the non-NFS-mounted forward directory). 2417 2418* If your system allows file giveaways, you'll find that 2419 sendmail is much less trusting of :include: files -- in 2420 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in 2421 /etc/shells before they will be trusted (that is, before 2422 files and programs listed in them will be honored). 2423 2424In general, file giveaways are a mistake -- if you can turn them 2425off, do so. 2426 2427 2428+--------------------------------+ 2429| TWEAKING CONFIGURATION OPTIONS | 2430+--------------------------------+ 2431 2432There are a large number of configuration options that don't normally 2433need to be changed. However, if you feel you need to tweak them, you 2434can define the following M4 variables. This list is shown in four 2435columns: the name you define, the default value for that definition, 2436the option or macro that is affected (either Ox for an option or Dx 2437for a macro), and a brief description. Greater detail of the semantics 2438can be found in the Installation and Operations Guide. 2439 2440Some options are likely to be deprecated in future versions -- that is, 2441the option is only included to provide back-compatibility. These are 2442marked with "*". 2443 2444Remember that these options are M4 variables, and hence may need to 2445be quoted. In particular, arguments with commas will usually have to 2446be ``double quoted, like this phrase'' to avoid having the comma 2447confuse things. This is common for alias file definitions and for 2448the read timeout. 2449 2450M4 Variable Name Configuration Description & [Default] 2451================ ============= ======================= 2452confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used 2453 for internally generated outgoing 2454 messages. 2455confDOMAIN_NAME $j macro If defined, sets $j. This should 2456 only be done if your system cannot 2457 determine your local domain name, 2458 and then it should be set to 2459 $w.Foo.COM, where Foo.COM is your 2460 domain name. 2461confCF_VERSION $Z macro If defined, this is appended to the 2462 configuration version name. 2463confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an 2464 internally generated From: address. 2465confRECEIVED_HEADER Received: 2466 [$?sfrom $s $.$?_($?s$|from $.$_) 2467 $.$?{auth_type}(authenticated) 2468 $.by $j ($v/$Z)$?r with $r$. id $i$?u 2469 for $u; $|; 2470 $.$b] 2471 The format of the Received: header 2472 in messages passed through this host. 2473 It is unwise to try to change this. 2474confCW_FILE Fw class [/etc/mail/local-host-names] Name 2475 of file used to get the local 2476 additions to class {w} (local host 2477 names). 2478confCT_FILE Ft class [/etc/mail/trusted-users] Name of 2479 file used to get the local additions 2480 to class {t} (trusted users). 2481confCR_FILE FR class [/etc/mail/relay-domains] Name of 2482 file used to get the local additions 2483 to class {R} (hosts allowed to relay). 2484confTRUSTED_USERS Ct class [no default] Names of users to add to 2485 the list of trusted users. This list 2486 always includes root, uucp, and daemon. 2487 See also FEATURE(`use_ct_file'). 2488confTRUSTED_USER TrustedUser [no default] Trusted user for file 2489 ownership and starting the daemon. 2490 Not to be confused with 2491 confTRUSTED_USERS (see above). 2492confSMTP_MAILER - [esmtp] The mailer name used when 2493 SMTP connectivity is required. 2494 One of "smtp", "smtp8", 2495 "esmtp", or "dsmtp". 2496confUUCP_MAILER - [uucp-old] The mailer to be used by 2497 default for bang-format recipient 2498 addresses. See also discussion of 2499 class {U}, class {Y}, and class {Z} 2500 in the MAILER(`uucp') section. 2501confLOCAL_MAILER - [local] The mailer name used when 2502 local connectivity is required. 2503 Almost always "local". 2504confRELAY_MAILER - [relay] The default mailer name used 2505 for relaying any mail (e.g., to a 2506 BITNET_RELAY, a SMART_HOST, or 2507 whatever). This can reasonably be 2508 "uucp-new" if you are on a 2509 UUCP-connected site. 2510confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits? 2511confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling 2512confALIAS_WAIT AliasWait [10m] Time to wait for alias file 2513 rebuild until you get bored and 2514 decide that the apparently pending 2515 rebuild failed. 2516confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on 2517 queue filesystem to accept SMTP mail. 2518 (Prior to 8.7 this was minfree/maxsize, 2519 where minfree was the number of free 2520 blocks and maxsize was the maximum 2521 message size. Use confMAX_MESSAGE_SIZE 2522 for the second value now.) 2523confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages 2524 that will be accepted (in bytes). 2525confBLANK_SUB BlankSub [.] Blank (space) substitution 2526 character. 2527confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately 2528 to mailers marked expensive. 2529confCHECKPOINT_INTERVAL CheckpointInterval 2530 [10] Checkpoint queue files every N 2531 recipients. 2532confDELIVERY_MODE DeliveryMode [background] Default delivery mode. 2533confAUTO_REBUILD AutoRebuildAliases 2534 [False] Automatically rebuild alias 2535 file if needed. 2536 There is a potential for a denial 2537 of service attack if this is set. 2538 This option is deprecated and will 2539 be removed from a future version. 2540confERROR_MODE ErrorMode [print] Error message mode. 2541confERROR_MESSAGE ErrorHeader [undefined] Error message header/file. 2542confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines. 2543confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode. 2544confMATCH_GECOS MatchGECOS [False] Match GECOS field. 2545confMAX_HOP MaxHopCount [25] Maximum hop count. 2546confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd 2547 mode] Ignore dot as terminator for 2548 incoming messages? 2549confBIND_OPTS ResolverOptions [undefined] Default options for DNS 2550 resolver. 2551confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME- 2552 encapsulated messages per RFC 1344. 2553confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward] 2554 The colon-separated list of places to 2555 search for .forward files. N.B.: see 2556 the Security Notes section. 2557confMCI_CACHE_SIZE ConnectionCacheSize 2558 [2] Size of open connection cache. 2559confMCI_CACHE_TIMEOUT ConnectionCacheTimeout 2560 [5m] Open connection cache timeout. 2561confHOST_STATUS_DIRECTORY HostStatusDirectory 2562 [undefined] If set, host status is kept 2563 on disk between sendmail runs in the 2564 named directory tree. This need not be 2565 a full pathname, in which case it is 2566 interpreted relative to the queue 2567 directory. 2568confSINGLE_THREAD_DELIVERY SingleThreadDelivery 2569 [False] If this option and the 2570 HostStatusDirectory option are both 2571 set, single thread deliveries to other 2572 hosts. That is, don't allow any two 2573 sendmails on this host to connect 2574 simultaneously to any other single 2575 host. This can slow down delivery in 2576 some cases, in particular since a 2577 cached but otherwise idle connection 2578 to a host will prevent other sendmails 2579 from connecting to the other host. 2580confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to 2581 deliver error messages. This should 2582 not be necessary because of general 2583 acceptance of the envelope/header 2584 distinction. 2585confLOG_LEVEL LogLevel [9] Log level. 2586confME_TOO MeToo [True] Include sender in group 2587 expansions. This option is 2588 deprecated and will be removed from 2589 a future version. 2590confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when 2591 running newaliases. Since this does 2592 DNS lookups on every address, it can 2593 slow down the alias rebuild process 2594 considerably on large alias files. 2595confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without 2596 special chars are old style. 2597confCLIENT_OPTIONS ClientPortOptions 2598 [none] Options for outgoing SMTP client 2599 connections. 2600confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags. 2601confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional 2602 copies of all error messages. 2603confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function. 2604confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr 2605 syntax addresses to the minimum 2606 possible. 2607confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk 2608 before forking. 2609confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response 2610 on the initial connect. 2611confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial 2612 connect() to complete. This can only 2613 shorten connection timeouts; the kernel 2614 silently enforces an absolute maximum 2615 (which varies depending on the system). 2616confTO_ICONNECT Timeout.iconnect 2617 [undefined] Like Timeout.connect, but 2618 applies only to the very first attempt 2619 to connect to a host in a message. 2620 This allows a single very fast pass 2621 followed by more careful delivery 2622 attempts in the future. 2623confTO_HELO Timeout.helo [5m] The timeout waiting for a response 2624 to a HELO or EHLO command. 2625confTO_MAIL Timeout.mail [10m] The timeout waiting for a 2626 response to the MAIL command. 2627confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response 2628 to the RCPT command. 2629confTO_DATAINIT Timeout.datainit 2630 [5m] The timeout waiting for a 354 2631 response from the DATA command. 2632confTO_DATABLOCK Timeout.datablock 2633 [1h] The timeout waiting for a block 2634 during DATA phase. 2635confTO_DATAFINAL Timeout.datafinal 2636 [1h] The timeout waiting for a response 2637 to the final "." that terminates a 2638 message. 2639confTO_RSET Timeout.rset [5m] The timeout waiting for a response 2640 to the RSET command. 2641confTO_QUIT Timeout.quit [2m] The timeout waiting for a response 2642 to the QUIT command. 2643confTO_MISC Timeout.misc [2m] The timeout waiting for a response 2644 to other SMTP commands. 2645confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout 2646 waiting for a command to be issued. 2647confTO_IDENT Timeout.ident [5s] The timeout waiting for a 2648 response to an IDENT query. 2649confTO_FILEOPEN Timeout.fileopen 2650 [60s] The timeout waiting for a file 2651 (e.g., :include: file) to be opened. 2652confTO_CONTROL Timeout.control 2653 [2m] The timeout for a complete 2654 control socket transaction to complete. 2655confTO_QUEUERETURN Timeout.queuereturn 2656 [5d] The timeout before a message is 2657 returned as undeliverable. 2658confTO_QUEUERETURN_NORMAL 2659 Timeout.queuereturn.normal 2660 [undefined] As above, for normal 2661 priority messages. 2662confTO_QUEUERETURN_URGENT 2663 Timeout.queuereturn.urgent 2664 [undefined] As above, for urgent 2665 priority messages. 2666confTO_QUEUERETURN_NONURGENT 2667 Timeout.queuereturn.non-urgent 2668 [undefined] As above, for non-urgent 2669 (low) priority messages. 2670confTO_QUEUEWARN Timeout.queuewarn 2671 [4h] The timeout before a warning 2672 message is sent to the sender telling 2673 them that the message has been 2674 deferred. 2675confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal 2676 [undefined] As above, for normal 2677 priority messages. 2678confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent 2679 [undefined] As above, for urgent 2680 priority messages. 2681confTO_QUEUEWARN_NONURGENT 2682 Timeout.queuewarn.non-urgent 2683 [undefined] As above, for non-urgent 2684 (low) priority messages. 2685confTO_HOSTSTATUS Timeout.hoststatus 2686 [30m] How long information about host 2687 statuses will be maintained before it 2688 is considered stale and the host should 2689 be retried. This applies both within 2690 a single queue run and to persistent 2691 information (see below). 2692confTO_RESOLVER_RETRANS Timeout.resolver.retrans 2693 [varies] Sets the resolver's 2694 retransmition time interval (in 2695 seconds). Sets both 2696 Timeout.resolver.retrans.first and 2697 Timeout.resolver.retrans.normal. 2698confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first 2699 [varies] Sets the resolver's 2700 retransmition time interval (in 2701 seconds) for the first attempt to 2702 deliver a message. 2703confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal 2704 [varies] Sets the resolver's 2705 retransmition time interval (in 2706 seconds) for all resolver lookups 2707 except the first delivery attempt. 2708confTO_RESOLVER_RETRY Timeout.resolver.retry 2709 [varies] Sets the number of times 2710 to retransmit a resolver query. 2711 Sets both 2712 Timeout.resolver.retry.first and 2713 Timeout.resolver.retry.normal. 2714confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first 2715 [varies] Sets the number of times 2716 to retransmit a resolver query for 2717 the first attempt to deliver a 2718 message. 2719confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal 2720 [varies] Sets the number of times 2721 to retransmit a resolver query for 2722 all resolver lookups except the 2723 first delivery attempt. 2724confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be 2725 USE_SYSTEM to use the system's idea, 2726 USE_TZ to use the user's TZ envariable, 2727 or something else to force that value. 2728confDEF_USER_ID DefaultUser [1:1] Default user id. 2729confUSERDB_SPEC UserDatabaseSpec 2730 [undefined] User database 2731 specification. 2732confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host. 2733confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX 2734 for a host and other arrangements 2735 haven't been made, try connecting 2736 to the host directly; normally this 2737 would be a config error. 2738confQUEUE_LA QueueLA [varies] Load average at which 2739 queue-only function kicks in. 2740 Default values is (8 * numproc) 2741 where numproc is the number of 2742 processors online (if that can be 2743 determined). 2744confREFUSE_LA RefuseLA [varies] Load average at which 2745 incoming SMTP connections are 2746 refused. Default values is (12 * 2747 numproc) where numproc is the 2748 number of processors online (if 2749 that can be determined). 2750confMAX_ALIAS_RECURSION MaxAliasRecursion 2751 [10] Maximum depth of alias recursion. 2752confMAX_DAEMON_CHILDREN MaxDaemonChildren 2753 [undefined] The maximum number of 2754 children the daemon will permit. After 2755 this number, connections will be 2756 rejected. If not set or <= 0, there is 2757 no limit. 2758confMAX_HEADERS_LENGTH MaxHeadersLength 2759 [undefined] Maximum length of the sum 2760 of all headers. 2761confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength 2762 [undefined] Maximum length of 2763 certain MIME header field values. 2764confCONNECTION_RATE_THROTTLE ConnectionRateThrottle 2765 [undefined] The maximum number of 2766 connections permitted per second. 2767 After this many connections are 2768 accepted, further connections will be 2769 delayed. If not set or <= 0, there is 2770 no limit. 2771confWORK_RECIPIENT_FACTOR 2772 RecipientFactor [30000] Cost of each recipient. 2773confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a 2774 separate process. 2775confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class. 2776confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt. 2777confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm: 2778 Priority, Host, Filename, or Time. 2779confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job 2780 must sit in the queue between queue 2781 runs. This allows you to set the 2782 queue run interval low for better 2783 responsiveness without trying all 2784 jobs in each run. 2785confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting 2786 unlabeled 8 bit input to MIME, the 2787 character set to use by default. 2788confSERVICE_SWITCH_FILE ServiceSwitchFile 2789 [/etc/mail/service.switch] The file 2790 to use for the service switch on 2791 systems that do not have a 2792 system-defined switch. 2793confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing 2794 "file" type access of hosts names. 2795confDIAL_DELAY DialDelay [0s] If a connection fails, wait this 2796 long and try again. Zero means "don't 2797 retry". This is to allow "dial on 2798 demand" connections to have enough time 2799 to complete a connection. 2800confNO_RCPT_ACTION NoRecipientAction 2801 [none] What to do if there are no legal 2802 recipient fields (To:, Cc: or Bcc:) 2803 in the message. Legal values can 2804 be "none" to just leave the 2805 nonconforming message as is, "add-to" 2806 to add a To: header with all the 2807 known recipients (which may expose 2808 blind recipients), "add-apparently-to" 2809 to do the same but use Apparently-To: 2810 instead of To:, "add-bcc" to add an 2811 empty Bcc: header, or 2812 "add-to-undisclosed" to add the header 2813 ``To: undisclosed-recipients:;''. 2814confSAFE_FILE_ENV SafeFileEnvironment 2815 [undefined] If set, sendmail will do a 2816 chroot() into this directory before 2817 writing files. 2818confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6] 2819 If set, colons are treated as a regular 2820 character in addresses. If not set, 2821 they are treated as the introducer to 2822 the RFC 822 "group" syntax. Colons are 2823 handled properly in route-addrs. This 2824 option defaults on for V5 and lower 2825 configuration files. 2826confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of 2827 any given queue run to this number of 2828 entries. Essentially, this will stop 2829 reading each queue directory after this 2830 number of entries are reached; it does 2831 _not_ pick the highest priority jobs, 2832 so this should be as large as your 2833 system can tolerate. If not set, there 2834 is no limit. 2835confDONT_EXPAND_CNAMES DontExpandCnames 2836 [False] If set, $[ ... $] lookups that 2837 do DNS based lookups do not expand 2838 CNAME records. This currently violates 2839 the published standards, but the IETF 2840 seems to be moving toward legalizing 2841 this. For example, if "FTP.Foo.ORG" 2842 is a CNAME for "Cruft.Foo.ORG", then 2843 with this option set a lookup of 2844 "FTP" will return "FTP.Foo.ORG"; if 2845 clear it returns "Cruft.FOO.ORG". N.B. 2846 you may not see any effect until your 2847 downstream neighbors stop doing CNAME 2848 lookups as well. 2849confFROM_LINE UnixFromLine [From $g $d] The From_ line used 2850 when sending to files or programs. 2851confSINGLE_LINE_FROM_HEADER SingleLineFromHeader 2852 [False] From: lines that have 2853 embedded newlines are unwrapped 2854 onto one line. 2855confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that 2856 does not include a host name. 2857confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full 2858 name phrase (@,;:\()[] are automatic). 2859confOPERATORS OperatorChars [.:%@!^/[]+] Address operator 2860 characters. 2861confSMTP_LOGIN_MSG SmtpGreetingMessage 2862 [$j Sendmail $v/$Z; $b] 2863 The initial (spontaneous) SMTP 2864 greeting message. The word "ESMTP" 2865 will be inserted between the first and 2866 second words to convince other 2867 sendmails to try to speak ESMTP. 2868confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) 2869 routine will never be invoked. You 2870 might want to do this if you are 2871 running NIS and you have a large group 2872 map, since this call does a sequential 2873 scan of the map; in a large site this 2874 can cause your ypserv to run 2875 essentially full time. If you set 2876 this, agents run on behalf of users 2877 will only have their primary 2878 (/etc/passwd) group permissions. 2879confUNSAFE_GROUP_WRITES UnsafeGroupWrites 2880 [False] If set, group-writable 2881 :include: and .forward files are 2882 considered "unsafe", that is, programs 2883 and files cannot be directly referenced 2884 from such files. World-writable files 2885 are always considered unsafe. 2886confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection 2887 address (for testing). 2888confCONTROL_SOCKET_NAME ControlSocketName 2889 [undefined] Control socket for daemon 2890 management. 2891confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress 2892 [postmaster] If an error occurs when 2893 sending an error message, send that 2894 "double bounce" error message to this 2895 address. 2896confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce 2897 messages which could not be returned 2898 to the user or sent to postmaster. 2899 If not set, the queue file will 2900 be renamed. 2901confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header 2902 implies DSN request. 2903confRUN_AS_USER RunAsUser [undefined] If set, become this user 2904 when reading and delivering mail. 2905 Causes all file reads (e.g., .forward 2906 and :include: files) to be done as 2907 this user. Also, all programs will 2908 be run as this user, and all output 2909 files will be written as this user. 2910 Intended for use only on firewalls 2911 where users do not have accounts. 2912confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage 2913 [infinite] If set, allow no more than 2914 the specified number of recipients in 2915 an SMTP envelope. Further recipients 2916 receive a 452 error code (i.e., they 2917 are deferred for the next delivery 2918 attempt). 2919confDONT_PROBE_INTERFACES DontProbeInterfaces 2920 [False] If set, sendmail will _not_ 2921 insert the names and addresses of any 2922 local interfaces into class {w} 2923 (list of known "equivalent" addresses). 2924 If you set this, you must also include 2925 some support for these addresses (e.g., 2926 in a mailertable entry) -- otherwise, 2927 mail to addresses in this list will 2928 bounce with a configuration error. 2929confPID_FILE PidFile [system dependent] Location of pid 2930 file. 2931confPROCESS_TITLE_PREFIX ProcessTitlePrefix 2932 [undefined] Prefix string for the 2933 process title shown on 'ps' listings. 2934confDONT_BLAME_SENDMAIL DontBlameSendmail 2935 [safe] Override sendmail's file 2936 safety checks. This will definitely 2937 compromise system security and should 2938 not be used unless absolutely 2939 necessary. 2940confREJECT_MSG - [550 Access denied] The message 2941 given if the access database contains 2942 REJECT in the value portion. 2943confDF_BUFFER_SIZE DataFileBufferSize 2944 [4096] The maximum size of a 2945 memory-buffered data (df) file 2946 before a disk-based file is used. 2947confXF_BUFFER_SIZE XScriptFileBufferSize 2948 [4096] The maximum size of a 2949 memory-buffered transcript (xf) 2950 file before a disk-based file is 2951 used. 2952confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5 2953 CRAM-MD5] List of authentication 2954 mechanisms for AUTH (separated by 2955 spaces). The advertised list of 2956 authentication mechanisms will be the 2957 intersection of this list and the list 2958 of available mechanisms as determined 2959 by the CYRUS SASL library. 2960confDEF_AUTH_INFO DefaultAuthInfo [undefined] Filename that contains 2961 authentication information for 2962 outgoing connections. This file 2963 must contain the user id, the 2964 authorization id, the password 2965 (plain text), and the realm to use, 2966 each on a separate line and must be 2967 readable by root (or the trusted 2968 user) only. If no realm is 2969 specified, $j is used. 2970 2971 NOTE: Currently, AuthMechanisms is 2972 used to determine the list of 2973 mechanisms to use on an outgoing 2974 connection. Sites which require a 2975 different list of mechanisms for 2976 incoming connections and outgoing 2977 connections will have the ability 2978 to do this in 8.11 by specifying a 2979 list of mechanisms as the fifth 2980 line of the DefaultAuthInfo file. 2981 If no mechanisms are given in the 2982 file, AuthMechanisms is used. The 2983 code for doing so is included as 2984 in the sendmail source code but 2985 disabled. It can be enabled by 2986 recompiling sendmail with: 2987 -D_FFR_DEFAUTHINFO_MECHS 2988confAUTH_OPTIONS AuthOptions [undefined] If this options is 'A' 2989 then the AUTH= parameter for the 2990 MAIL FROM command is only issued 2991 when authentication succeeded. 2992confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map 2993 specification for LDAP maps. The 2994 value should only contain LDAP 2995 specific settings such as "-h host 2996 -p port -d bindDN", etc. The 2997 settings will be used for all LDAP 2998 maps unless they are specified in 2999 the individual map specification 3000 ('K' command). 3001confCACERT_PATH CACERTPath [undefined] Path to directory 3002 with certs of CAs. 3003confCACERT CACERTFile [undefined] File containing one CA 3004 cert. 3005confSERVER_CERT ServerCertFile [undefined] File containing the 3006 cert of the server, i.e., this cert 3007 is used when sendmail acts as 3008 server. 3009confSERVER_KEY ServerKeyFile [undefined] File containing the 3010 private key belonging to the server 3011 cert. 3012confCLIENT_CERT ClientCertFile [undefined] File containing the 3013 cert of the client, i.e., this cert 3014 is used when sendmail acts as 3015 client. 3016confCLIENT_KEY ClientKeyFile [undefined] File containing the 3017 private key belonging to the client 3018 cert. 3019confDH_PARAMETERS DHParameters [undefined] File containing the 3020 DH parameters. 3021confRAND_FILE RandFile [undefined] File containing random 3022 data (use prefix file:) or the 3023 name of the UNIX socket if EGD is 3024 used (use prefix egd:). STARTTLS 3025 requires this option if the compile 3026 flag HASURANDOM is not set (see 3027 sendmail/README). 3028 3029See also the description of OSTYPE for some parameters that can be 3030tweaked (generally pathnames to mailers). 3031 3032DaemonPortOptions are a special case since multiple daemons can be 3033defined. This can be done via 3034 3035 DAEMON_OPTIONS(`field1=value1,field2=value2,...') 3036 3037If DAEMON_OPTIONS is not used, then the default is 3038 3039 DAEMON_OPTIONS(`Port=smtp, Name=MTA') 3040 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E') 3041 3042If you use one DAEMON_OPTIONS macro, it will alter the parameters 3043of the first of these. The second will still be defaulted; it 3044represents a "Message Submission Agent" (MSA) as defined by RFC 30452476 (see below). To turn off the default definition for the MSA, 3046use FEATURE(`no_default_msa') (see also FEATURES). If you use 3047additional DAEMON_OPTIONS macros, they will add additional daemons. 3048 3049Example 1: To change the port for the SMTP listener, while 3050still using the MSA default, use 3051 DAEMON_OPTIONS(`Port=925, Name=MTA') 3052 3053Example 2: To change the port for the MSA daemon, while still 3054using the default SMTP port, use 3055 FEATURE(`no_default_msa') 3056 DAEMON_OPTIONS(`Name=MTA') 3057 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E') 3058 3059Note that if the first of those DAEMON_OPTIONS lines were omitted, then 3060there would be no listener on the standard SMTP port. 3061 3062Example 3: To listen on both IPv4 and IPv6 interfaces, use 3063 3064 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet') 3065 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6') 3066 3067A "Message Submission Agent" still uses all of the same rulesets for 3068processing the message (and therefore still allows message rejection via 3069the check_* rulesets). In accordance with the RFC, the MSA will ensure 3070that all domains in the envelope are fully qualified if the message is 3071relayed to another MTA. It will also enforce the normal address syntax 3072rules and log error messages. Additionally, by using the M=a modifier 3073you can require authentication before messages are accepted by the MSA. 3074Finally, the M=E modifier shown above disables ETRN as required by RFC 30752476. 3076 3077 3078+-----------+ 3079| HIERARCHY | 3080+-----------+ 3081 3082Within this directory are several subdirectories, to wit: 3083 3084m4 General support routines. These are typically 3085 very important and should not be changed without 3086 very careful consideration. 3087 3088cf The configuration files themselves. They have 3089 ".mc" suffixes, and must be run through m4 to 3090 become complete. The resulting output should 3091 have a ".cf" suffix. 3092 3093ostype Definitions describing a particular operating 3094 system type. These should always be referenced 3095 using the OSTYPE macro in the .mc file. Examples 3096 include "bsd4.3", "bsd4.4", "sunos3.5", and 3097 "sunos4.1". 3098 3099domain Definitions describing a particular domain, referenced 3100 using the DOMAIN macro in the .mc file. These are 3101 site dependent; for example, "CS.Berkeley.EDU.m4" 3102 describes hosts in the CS.Berkeley.EDU subdomain. 3103 3104mailer Descriptions of mailers. These are referenced using 3105 the MAILER macro in the .mc file. 3106 3107sh Shell files used when building the .cf file from the 3108 .mc file in the cf subdirectory. 3109 3110feature These hold special orthogonal features that you might 3111 want to include. They should be referenced using 3112 the FEATURE macro. 3113 3114hack Local hacks. These can be referenced using the HACK 3115 macro. They shouldn't be of more than voyeuristic 3116 interest outside the .Berkeley.EDU domain, but who knows? 3117 3118siteconfig Site configuration -- e.g., tables of locally connected 3119 UUCP sites. 3120 3121 3122+------------------------+ 3123| ADMINISTRATIVE DETAILS | 3124+------------------------+ 3125 3126The following sections detail usage of certain internal parts of the 3127sendmail.cf file. Read them carefully if you are trying to modify 3128the current model. If you find the above descriptions adequate, these 3129should be {boring, confusing, tedious, ridiculous} (pick one or more). 3130 3131RULESETS (* means built in to sendmail) 3132 3133 0 * Parsing 3134 1 * Sender rewriting 3135 2 * Recipient rewriting 3136 3 * Canonicalization 3137 4 * Post cleanup 3138 5 * Local address rewrite (after aliasing) 3139 1x mailer rules (sender qualification) 3140 2x mailer rules (recipient qualification) 3141 3x mailer rules (sender header qualification) 3142 4x mailer rules (recipient header qualification) 3143 5x mailer subroutines (general) 3144 6x mailer subroutines (general) 3145 7x mailer subroutines (general) 3146 8x reserved 3147 90 Mailertable host stripping 3148 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail) 3149 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail) 3150 98 Local part of ruleset 0 (ruleset 8 in old sendmail) 3151 99 Guaranteed null (for debugging) 3152 3153 3154MAILERS 3155 3156 0 local, prog local and program mailers 3157 1 [e]smtp, relay SMTP channel 3158 2 uucp-* UNIX-to-UNIX Copy Program 3159 3 netnews Network News delivery 3160 4 fax Sam Leffler's HylaFAX software 3161 5 mail11 DECnet mailer 3162 3163 3164MACROS 3165 3166 A 3167 B Bitnet Relay 3168 C DECnet Relay 3169 D The local domain -- usually not needed 3170 E reserved for X.400 Relay 3171 F FAX Relay 3172 G 3173 H mail Hub (for mail clusters) 3174 I 3175 J 3176 K 3177 L Luser Relay 3178 M Masquerade (who you claim to be) 3179 N 3180 O 3181 P 3182 Q 3183 R Relay (for unqualified names) 3184 S Smart Host 3185 T 3186 U my UUCP name (if you have a UUCP connection) 3187 V UUCP Relay (class {V} hosts) 3188 W UUCP Relay (class {W} hosts) 3189 X UUCP Relay (class {X} hosts) 3190 Y UUCP Relay (all other hosts) 3191 Z Version number 3192 3193 3194CLASSES 3195 3196 A 3197 B domains that are candidates for bestmx lookup 3198 C 3199 D 3200 E addresses that should not seem to come from $M 3201 F hosts this system forward for 3202 G domains that should be looked up in genericstable 3203 H 3204 I 3205 J 3206 K 3207 L addresses that should not be forwarded to $R 3208 M domains that should be mapped to $M 3209 N host/domains that should not be mapped to $M 3210 O operators that indicate network operations (cannot be in local names) 3211 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc. 3212 Q 3213 R domains this system is willing to relay (pass anti-spam filters) 3214 S 3215 T 3216 U locally connected UUCP hosts 3217 V UUCP hosts connected to relay $V 3218 W UUCP hosts connected to relay $W 3219 X UUCP hosts connected to relay $X 3220 Y locally connected smart UUCP hosts 3221 Z locally connected domain-ized UUCP hosts 3222 . the class containing only a dot 3223 [ the class containing only a left bracket 3224 3225 3226M4 DIVERSIONS 3227 3228 1 Local host detection and resolution 3229 2 Local Ruleset 3 additions 3230 3 Local Ruleset 0 additions 3231 4 UUCP Ruleset 0 additions 3232 5 locally interpreted names (overrides $R) 3233 6 local configuration (at top of file) 3234 7 mailer definitions 3235 8 DNS based blacklists 3236 9 special local rulesets (1 and 2) 3237 3238$Revision: 8.383.2.1.2.24 $, Last updated $Date: 2000/09/24 02:05:54 $ 3239