README revision 82017
1 2 SENDMAIL CONFIGURATION FILES 3 4This document describes the sendmail configuration files. This package 5requires a post-V7 version of m4; if you are running the 4.2bsd, SysV.2, or 67th Edition version. SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. 7GNU m4 version 1.1 or later also works. Unfortunately, the M4 on BSDI 1.0 8doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is 9available from ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the 10latest version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x 11is fine). Use GNU m4 on this platform. 12 13To get started, you may want to look at tcpproto.mc (for TCP-only sites), 14uucpproto.mc (for UUCP-only sites), and clientproto.mc (for clusters of 15clients using a single mail host). Others are versions previously used at 16Berkeley. For example, ucbvax has gone away, but ucbvax.mc demonstrates 17some interesting techniques. 18 19******************************************************************* 20*** BE SURE YOU CUSTOMIZE THESE FILES! They have some *** 21*** Berkeley-specific assumptions built in, such as the name *** 22*** of their UUCP-relay. You'll want to create your own *** 23*** domain description, and use that in place of *** 24*** domain/Berkeley.EDU.m4. *** 25******************************************************************* 26 27 28+--------------------------+ 29| INTRODUCTION AND EXAMPLE | 30+--------------------------+ 31 32Configuration files are contained in the subdirectory "cf", with a 33suffix ".mc". They must be run through "m4" to produce a ".cf" file. 34You must pre-load "cf.m4": 35 36 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf 37 38Alternatively, you can simply: 39 40 cd ${CFDIR}/cf 41 ./Build config.cf 42 43where ${CFDIR} is the root of the cf directory and config.mc is the 44name of your configuration file. If you are running a version of M4 45that understands the __file__ builtin (versions of GNU m4 >= 0.75 do 46this, but the versions distributed with 4.4BSD and derivatives do not) 47or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory. 48For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST 49use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example: 50 51 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf 52 53Let's examine a typical .mc file: 54 55 divert(-1) 56 # 57 # Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. 58 # All rights reserved. 59 # Copyright (c) 1983 Eric P. Allman. All rights reserved. 60 # Copyright (c) 1988, 1993 61 # The Regents of the University of California. All rights reserved. 62 # 63 # By using this file, you agree to the terms and conditions set 64 # forth in the LICENSE file which can be found at the top level of 65 # the sendmail distribution. 66 # 67 68 # 69 # This is a Berkeley-specific configuration file for HP-UX 9.x. 70 # It applies only to the Computer Science Division at Berkeley, 71 # and should not be used elsewhere. It is provided on the sendmail 72 # distribution as a sample only. To create your own configuration 73 # file, create an appropriate domain file in ../domain, change the 74 # `DOMAIN' macro below to reference that file, and copy the result 75 # to a name of your own choosing. 76 # 77 divert(0) 78 79The divert(-1) will delete the crud in the resulting output file. 80The copyright notice can be replaced by whatever your lawyers require; 81our lawyers require the one that is included in these files. A copyleft 82is a copyright by another name. The divert(0) restores regular output. 83 84 VERSIONID(`<SCCS or RCS version id>') 85 86VERSIONID is a macro that stuffs the version information into the 87resulting file. You could use SCCS, RCS, CVS, something else, or 88omit it completely. This is not the same as the version id included 89in SMTP greeting messages -- this is defined in m4/version.m4. 90 91 OSTYPE(`hpux9')dnl 92 93You must specify an OSTYPE to properly configure things such as the 94pathname of the help and status files, the flags needed for the local 95mailer, and other important things. If you omit it, you will get an 96error when you try to build the configuration. Look at the ostype 97directory for the list of known operating system types. 98 99 DOMAIN(`CS.Berkeley.EDU')dnl 100 101This example is specific to the Computer Science Division at Berkeley. 102You can use "DOMAIN(`generic')" to get a sufficiently bland definition 103that may well work for you, or you can create a customized domain 104definition appropriate for your environment. 105 106 MAILER(`local') 107 MAILER(`smtp') 108 109These describe the mailers used at the default CS site. The 110local mailer is always included automatically. Beware: MAILER 111declarations should always be at the end of the configuration file, 112and MAILER(`smtp') should always precede MAILER(`procmail'), and 113MAILER(`uucp'). The general rules are that the order should be: 114 115 VERSIONID 116 OSTYPE 117 DOMAIN 118 FEATURE 119 local macro definitions 120 MAILER 121 LOCAL_RULE_* 122 LOCAL_RULESETS 123 124There are a few exceptions to this rule. Local macro definitions which 125influence a FEATURE() should be done before that feature. For example, 126a define(`PROCMAIL_MAILER_PATH', ...) should be done before 127FEATURE(`local_procmail'). 128 129 130+----------------------------+ 131| A BRIEF INTRODUCTION TO M4 | 132+----------------------------+ 133 134Sendmail uses the M4 macro processor to ``compile'' the configuration 135files. The most important thing to know is that M4 is stream-based, 136that is, it doesn't understand about lines. For this reason, in some 137places you may see the word ``dnl'', which stands for ``delete 138through newline''; essentially, it deletes all characters starting 139at the ``dnl'' up to and including the next newline character. In 140most cases sendmail uses this only to avoid lots of unnecessary 141blank lines in the output. 142 143Other important directives are define(A, B) which defines the macro 144``A'' to have value ``B''. Macros are expanded as they are read, so 145one normally quotes both values to prevent expansion. For example, 146 147 define(`SMART_HOST', `smart.foo.com') 148 149One word of warning: M4 macros are expanded even in lines that appear 150to be comments. For example, if you have 151 152 # See FEATURE(`foo') above 153 154it will not do what you expect, because the FEATURE(`foo') will be 155expanded. This also applies to 156 157 # And then define the $X macro to be the return address 158 159because ``define'' is an M4 keyword. If you want to use them, surround 160them with directed quotes, `like this'. 161 162+----------------+ 163| FILE LOCATIONS | 164+----------------+ 165 166sendmail 8.9 has introduced a new configuration directory for sendmail 167related files, /etc/mail. The new files available for sendmail 8.9 -- 168the class {R} /etc/mail/relay-domains and the access database 169/etc/mail/access -- take advantage of this new directory. Beginning with 1708.10, all files will use this directory by default (some options may be 171set by OSTYPE() files). This new directory should help to restore 172uniformity to sendmail's file locations. 173 174Below is a table of some of the common changes: 175 176Old filename New filename 177------------ ------------ 178/etc/bitdomain /etc/mail/bitdomain 179/etc/domaintable /etc/mail/domaintable 180/etc/genericstable /etc/mail/genericstable 181/etc/uudomain /etc/mail/uudomain 182/etc/virtusertable /etc/mail/virtusertable 183/etc/userdb /etc/mail/userdb 184 185/etc/aliases /etc/mail/aliases 186/etc/sendmail/aliases /etc/mail/aliases 187/etc/ucbmail/aliases /etc/mail/aliases 188/usr/adm/sendmail/aliases /etc/mail/aliases 189/usr/lib/aliases /etc/mail/aliases 190/usr/lib/mail/aliases /etc/mail/aliases 191/usr/ucblib/aliases /etc/mail/aliases 192 193/etc/sendmail.cw /etc/mail/local-host-names 194/etc/mail/sendmail.cw /etc/mail/local-host-names 195/etc/sendmail/sendmail.cw /etc/mail/local-host-names 196 197/etc/sendmail.ct /etc/mail/trusted-users 198 199/etc/sendmail.oE /etc/mail/error-header 200 201/etc/sendmail.hf /etc/mail/helpfile 202/etc/mail/sendmail.hf /etc/mail/helpfile 203/usr/ucblib/sendmail.hf /etc/mail/helpfile 204/etc/ucbmail/sendmail.hf /etc/mail/helpfile 205/usr/lib/sendmail.hf /etc/mail/helpfile 206/usr/share/lib/sendmail.hf /etc/mail/helpfile 207/usr/share/misc/sendmail.hf /etc/mail/helpfile 208/share/misc/sendmail.hf /etc/mail/helpfile 209 210/etc/service.switch /etc/mail/service.switch 211 212/etc/sendmail.st /etc/mail/statistics 213/etc/mail/sendmail.st /etc/mail/statistics 214/etc/mailer/sendmail.st /etc/mail/statistics 215/etc/sendmail/sendmail.st /etc/mail/statistics 216/usr/lib/sendmail.st /etc/mail/statistics 217/usr/ucblib/sendmail.st /etc/mail/statistics 218 219Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR 220to create the pathnames. The default value of this variable is 221`/etc/mail/'. If you set this macro to a different value, you MUST include 222a trailing slash. 223 224Notice: all filenames used in a .mc (or .cf) file should be absolute 225(starting at the root, i.e., with '/'). Relative filenames most 226likely cause surprises during operations (unless otherwise noted). 227 228 229+--------+ 230| OSTYPE | 231+--------+ 232 233You MUST define an operating system environment, or the configuration 234file build will puke. There are several environments available; look 235at the "ostype" directory for the current list. This macro changes 236things like the location of the alias file and queue directory. Some 237of these files are identical to one another. 238 239It is IMPERATIVE that the OSTYPE occur before any MAILER definitions. 240In general, the OSTYPE macro should go immediately after any version 241information, and MAILER definitions should always go last. 242 243Operating system definitions are usually easy to write. They may define 244the following variables (everything defaults, so an ostype file may be 245empty). Unfortunately, the list of configuration-supported systems is 246not as broad as the list of source-supported systems, since many of 247the source contributors do not include corresponding ostype files. 248 249ALIAS_FILE [/etc/mail/aliases] The location of the text version 250 of the alias file(s). It can be a comma-separated 251 list of names (but be sure you quote values with 252 commas in them -- for example, use 253 define(`ALIAS_FILE', `a,b') 254 to get "a" and "b" both listed as alias files; 255 otherwise the define() primitive only sees "a"). 256HELP_FILE [/etc/mail/helpfile] The name of the file 257 containing information printed in response to 258 the SMTP HELP command. 259QUEUE_DIR [/var/spool/mqueue] The directory containing 260 queue files. To use multiple queues, supply 261 a value ending with an asterisk. For 262 example, /var/spool/mqueue/qd* will use all of the 263 directories or symbolic links to directories 264 beginning with 'qd' in /var/spool/mqueue as queue 265 directories. The names 'qf', 'df', and 'xf' are 266 reserved as specific subdirectories for the 267 corresponding queue file types as explained in 268 doc/op/op.me. 269STATUS_FILE [/etc/mail/statistics] The file containing status 270 information. 271LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. 272LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The 273 flags lsDFMAw5:/|@q are always included. 274LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local 275 mail. 276LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local 277 mail that you are willing to accept. 278LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of 279 messages to deliver in a single connection. Only 280 useful for LMTP local mailers. 281LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 282 that ARRIVE from an address that resolves to the 283 local mailer and which are converted to MIME will be 284 labeled with this character set. 285LOCAL_MAILER_EOL [undefined] If defined, the string to use as the 286 end of line for the local mailer. 287LOCAL_MAILER_DSN_DIAGNOSTIC_CODE 288 [X-Unix] The DSN Diagnostic-Code value for the 289 local mailer. This should be changed with care. 290LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email. 291LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The 292 flags lsDFM are always included. 293LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog" 294 mail. 295LOCAL_SHELL_DIR [$z:/] The directory search path in which the 296 shell should run. 297USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program 298 used to submit news. 299USENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer. 300USENET_MAILER_ARGS [-m -h -n] The command line arguments for the 301 usenet mailer. 302USENET_MAILER_MAX [100000] The maximum size of messages that will 303 be accepted by the usenet mailer. 304SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default 305 flags are `mDFMuX' for all SMTP-based mailers; the 306 "esmtp" mailer adds `a'; "smtp8" adds `8'; and 307 "dsmtp" adds `%'. 308RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default 309 flags are `mDFMuX' for all SMTP-based mailers; the 310 relay mailer adds `a8'. If this is not defined, 311 then SMTP_MAILER_FLAGS is used. 312SMTP_MAILER_MAX [undefined] The maximum size of messages that will 313 be transported using the smtp, smtp8, esmtp, or dsmtp 314 mailers. 315SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of 316 messages to deliver in a single connection for the 317 smtp, smtp8, esmtp, or dsmtp mailers. 318SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer. 319 About the only reason you would want to change this 320 would be to change the default port. 321ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer. 322SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer. 323DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer. 324RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer. 325RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of 326 messages to deliver in a single connection for the 327 relay mailer. 328SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 329 that ARRIVE from an address that resolves to one of 330 the SMTP mailers and which are converted to MIME will 331 be labeled with this character set. 332UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail. 333UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default 334 flags are `DFMhuU' (and `m' for uucp-new mailer, 335 minus `U' for uucp-dom mailer). 336UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments 337 passed to the UUCP mailer. 338UUCP_MAILER_MAX [100000] The maximum size message accepted for 339 transmission by the UUCP mailers. 340UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 341 that ARRIVE from an address that resolves to one of 342 the UUCP mailers and which are converted to MIME will 343 be labeled with this character set. 344FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to 345 submit FAX messages. 346FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX 347 mailer. 348FAX_MAILER_MAX [100000] The maximum size message accepted for 349 transmission by FAX. 350POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer. 351POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq 352 are always added. 353POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer. 354PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail 355 program. This is also used by 356 FEATURE(`local_procmail'). 357PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags 358 DFM are always set. This is NOT used by 359 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS 360 instead. 361PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to 362 the Procmail mailer. This is NOT used by 363 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS 364 instead. 365PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that 366 will be accepted by the procmail mailer. 367MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer. 368MAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer. 369MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11 370 mailer. 371PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery 372 program. 373PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM 374 are always set. 375PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer. 376CYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The 377 flags lsDFMnPq are always included. 378CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver 379 cyrus mail. 380CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed 381 to deliver cyrus mail. 382CYRUS_MAILER_MAX [undefined] If set, the maximum size message that 383 will be accepted by the cyrus mailer. 384CYRUS_MAILER_USER [cyrus:mail] The user and group to become when 385 running the cyrus mailer. 386CYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer. 387 The flags lsDFMnP are always included. 388CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed 389 to deliver cyrusbb mail. 390confEBINDIR [/usr/libexec] The directory for executables. 391 Currently used for FEATURE(`local_lmtp') and 392 FEATURE(`smrsh'). 393QPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer. 394QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver 395 qpage mail. 396QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed 397 to deliver qpage mail. 398QPAGE_MAILER_MAX [4096] If set, the maximum size message that 399 will be accepted by the qpage mailer. 400 401Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS: 402MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part of 403the macro Name_MAILER_FLAGS and change can be: flags that should 404be used directly (thus overriding the default value), or if it 405starts with `+' (`-') then those flags are added to (removed from) 406the default value. Example: 407 408 MODIFY_MAILER_FLAGS(`LOCAL', `+e') 409 410will add the flag `e' to LOCAL_MAILER_FLAGS. 411WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS 412unconditionally, i.e., without respecting any definitions in an 413OSTYPE setting. 414 415 416+---------+ 417| DOMAINS | 418+---------+ 419 420You will probably want to collect domain-dependent defines into one 421file, referenced by the DOMAIN macro. For example, the Berkeley 422domain file includes definitions for several internal distinguished 423hosts: 424 425UUCP_RELAY The host that will accept UUCP-addressed email. 426 If not defined, all UUCP sites must be directly 427 connected. 428BITNET_RELAY The host that will accept BITNET-addressed email. 429 If not defined, the .BITNET pseudo-domain won't work. 430DECNET_RELAY The host that will accept DECNET-addressed email. 431 If not defined, the .DECNET pseudo-domain and addresses 432 of the form node::user will not work. 433FAX_RELAY The host that will accept mail to the .FAX pseudo-domain. 434 The "fax" mailer overrides this value. 435LOCAL_RELAY The site that will handle unqualified names -- that 436 is, names without an @domain extension. 437 Normally MAIL_HUB is preferred for this function. 438 LOCAL_RELAY is mostly useful in conjunction with 439 FEATURE(stickyhost) -- see the discussion of 440 stickyhost below. If not set, they are assumed to 441 belong on this machine. This allows you to have a 442 central site to store a company- or department-wide 443 alias database. This only works at small sites, 444 and only with some user agents. 445LUSER_RELAY The site that will handle lusers -- that is, apparently 446 local names that aren't local accounts or aliases. To 447 specify a local user instead of a site, set this to 448 ``local:username''. 449 450Any of these can be either ``mailer:hostname'' (in which case the 451mailer is the internal mailer name, such as ``uucp-new'' and the hostname 452is the name of the host as appropriate for that mailer) or just a 453``hostname'', in which case a default mailer type (usually ``relay'', 454a variant on SMTP) is used. WARNING: if you have a wildcard MX 455record matching your domain, you probably want to define these to 456have a trailing dot so that you won't get the mail diverted back 457to yourself. 458 459The domain file can also be used to define a domain name, if needed 460(using "DD<domain>") and set certain site-wide features. If all hosts 461at your site masquerade behind one email name, you could also use 462MASQUERADE_AS here. 463 464You do not have to define a domain -- in particular, if you are a 465single machine sitting off somewhere, it is probably more work than 466it's worth. This is just a mechanism for combining "domain dependent 467knowledge" into one place. 468 469+---------+ 470| MAILERS | 471+---------+ 472 473There are fewer mailers supported in this version than the previous 474version, owing mostly to a simpler world. As a general rule, put the 475MAILER definitions last in your .mc file, and always put MAILER(`smtp') 476before MAILER(`uucp') and MAILER(`procmail') -- several features and 477definitions will modify the definition of mailers, and the smtp mailer 478modifies the UUCP mailer. Moreover, MAILER(`cyrus'), MAILER(`pop'), 479MAILER(`phquery'), and MAILER(`usenet') must be defined after 480MAILER(`local'). 481 482local The local and prog mailers. You will almost always 483 need these; the only exception is if you relay ALL 484 your mail to another site. This mailer is included 485 automatically. 486 487smtp The Simple Mail Transport Protocol mailer. This does 488 not hide hosts behind a gateway or another other 489 such hack; it assumes a world where everyone is 490 running the name server. This file actually defines 491 five mailers: "smtp" for regular (old-style) SMTP to 492 other servers, "esmtp" for extended SMTP to other 493 servers, "smtp8" to do SMTP to other servers without 494 converting 8-bit data to MIME (essentially, this is 495 your statement that you know the other end is 8-bit 496 clean even if it doesn't say so), "dsmtp" to do on 497 demand delivery, and "relay" for transmission to the 498 RELAY_HOST, LUSER_RELAY, or MAIL_HUB. 499 500uucp The UNIX-to-UNIX Copy Program mailer. Actually, this 501 defines two mailers, "uucp-old" (a.k.a. "uucp") and 502 "uucp-new" (a.k.a. "suucp"). The latter is for when you 503 know that the UUCP mailer at the other end can handle 504 multiple recipients in one transfer. If the smtp mailer 505 is also included in your configuration, two other mailers 506 ("uucp-dom" and "uucp-uudom") are also defined [warning: 507 you MUST specify MAILER(smtp) before MAILER(uucp)]. When you 508 include the uucp mailer, sendmail looks for all names in 509 class {U} and sends them to the uucp-old mailer; all 510 names in class {Y} are sent to uucp-new; and all 511 names in class {Z} are sent to uucp-uudom. Note that 512 this is a function of what version of rmail runs on 513 the receiving end, and hence may be out of your control. 514 See the section below describing UUCP mailers in more 515 detail. 516 517usenet Usenet (network news) delivery. If this is specified, 518 an extra rule is added to ruleset 0 that forwards all 519 local email for users named ``group.usenet'' to the 520 ``inews'' program. Note that this works for all groups, 521 and may be considered a security problem. 522 523fax Facsimile transmission. This is experimental and based 524 on Sam Leffler's HylaFAX software. For more information, 525 see http://www.hylafax.org/. 526 527pop Post Office Protocol. 528 529procmail An interface to procmail (does not come with sendmail). 530 This is designed to be used in mailertables. For example, 531 a common question is "how do I forward all mail for a given 532 domain to a single person?". If you have this mailer 533 defined, you could set up a mailertable reading: 534 535 host.com procmail:/etc/procmailrcs/host.com 536 537 with the file /etc/procmailrcs/host.com reading: 538 539 :0 # forward mail for host.com 540 ! -oi -f $1 person@other.host 541 542 This would arrange for (anything)@host.com to be sent 543 to person@other.host. Within the procmail script, $1 is 544 the name of the sender and $2 is the name of the recipient. 545 If you use this with FEATURE(`local_procmail'), the FEATURE 546 should be listed first. 547 548mail11 The DECnet mail11 mailer, useful only if you have the mail11 549 program from gatekeeper.dec.com:/pub/DEC/gwtools (and 550 DECnet, of course). This is for Phase IV DECnet support; 551 if you have Phase V at your site you may have additional 552 problems. 553 554phquery The phquery program. This is somewhat counterintuitively 555 referenced as the "ph" mailer internally. It can be used 556 to do CCSO name server lookups. The phquery program, which 557 this mailer uses, is distributed with the ph client. 558 559cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to 560 a local cyrus user. this mailer can make use of the 561 "user+detail@local.host" syntax; it will deliver the mail to 562 the user's "detail" mailbox if the mailbox's ACL permits. 563 The cyrusbb mailer delivers to a system-wide cyrus mailbox 564 if the mailbox's ACL permits. The cyrus mailer must be 565 defined after the local mailer. 566 567qpage A mailer for QuickPage, a pager interface. See 568 http://www.qpage.org/ for further information. 569 570The local mailer accepts addresses of the form "user+detail", where 571the "+detail" is not used for mailbox matching but is available 572to certain local mail programs (in particular, see 573FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and 574"eric+sww" all indicate the same user, but additional arguments <null>, 575"sendmail", and "sww" may be provided for use in sorting mail. 576 577 578+----------+ 579| FEATURES | 580+----------+ 581 582Special features can be requested using the "FEATURE" macro. For 583example, the .mc line: 584 585 FEATURE(`use_cw_file') 586 587tells sendmail that you want to have it read an /etc/mail/local-host-names 588file to get values for class {w}. The FEATURE may contain up to 9 589optional parameters -- for example: 590 591 FEATURE(`mailertable', `dbm /usr/lib/mailertable') 592 593The default database map type for the table features can be set with 594 595 define(`DATABASE_MAP_TYPE', `dbm') 596 597which would set it to use ndbm databases. The default is the Berkeley DB 598hash database format. Note that you must still declare a database map type 599if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used 600if no argument is given for the FEATURE. It must be specified before any 601feature that uses a map. 602 603Available features are: 604 605use_cw_file Read the file /etc/mail/local-host-names file to get 606 alternate names for this host. This might be used if you 607 were on a host that MXed for a dynamic set of other hosts. 608 If the set is static, just including the line "Cw<name1> 609 <name2> ..." (where the names are fully qualified domain 610 names) is probably superior. The actual filename can be 611 overridden by redefining confCW_FILE. 612 613use_ct_file Read the file /etc/mail/trusted-users file to get the 614 names of users that will be ``trusted'', that is, able to 615 set their envelope from address using -f without generating 616 a warning message. The actual filename can be overridden 617 by redefining confCT_FILE. 618 619redirect Reject all mail addressed to "address.REDIRECT" with 620 a ``551 User has moved; please try <address>'' message. 621 If this is set, you can alias people who have left 622 to their new address with ".REDIRECT" appended. 623 624nouucp Don't route UUCP addresses. This feature takes one 625 parameter: 626 `reject': reject addresses which have "!" in the local 627 part unless it originates from a system 628 that is allowed to relay. 629 `nospecial': don't do anything special with "!". 630 Warnings: 1. See the NOTICE in the ANTI-SPAM section. 631 2. don't remove "!" from OperatorChars if `reject' is 632 given as parameter. 633 634nocanonify Don't pass addresses to $[ ... $] for canonification 635 by default, i.e., host/domain names are considered canonical, 636 except for unqualified names, which must not be used in this 637 mode (violation of the standard). It can be changed by 638 setting the DaemonPortOptions modifiers (M=). That is, 639 FEATURE(`nocanonify') will be overridden by setting the 640 'c' flag. Conversely, if FEATURE(`nocanonify') is not used, 641 it can be emulated by setting the 'C' flag 642 (DaemonPortOptions=Modifiers=C). This would generally only 643 be used by sites that only act as mail gateways or which have 644 user agents that do full canonification themselves. You may 645 also want to use 646 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off 647 the usual resolver options that do a similar thing. 648 649 An exception list for FEATURE(`nocanonify') can be 650 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE, 651 i.e., a list of domains which are nevertheless passed to 652 $[ ... $] for canonification. This is useful to turn on 653 canonification for local domains, e.g., use 654 CANONIFY_DOMAIN(`my.domain my') to canonify addresses 655 which end in "my.domain" or "my". 656 Another way to require canonification in the local 657 domain is CANONIFY_DOMAIN(`$=m'). 658 659 A trailing dot is added to addresses with more than 660 one component in it such that other features which 661 expect a trailing dot (e.g., virtusertable) will 662 still work. 663 664 If `canonify_hosts' is specified as parameter, i.e., 665 FEATURE(`nocanonify', `canonify_hosts'), then 666 addresses which have only a hostname, e.g., 667 <user@host>, will be canonified (and hopefully fully 668 qualified), too. 669 670stickyhost This feature is sometimes used with LOCAL_RELAY, 671 although it can be used for a different effect with 672 MAIL_HUB. 673 674 When used without MAIL_HUB, email sent to 675 "user@local.host" are marked as "sticky" -- that 676 is, the local addresses aren't matched against UDB, 677 don't go through ruleset 5, and are not forwarded to 678 the LOCAL_RELAY (if defined). 679 680 With MAIL_HUB, mail addressed to "user@local.host" 681 is forwarded to the mail hub, with the envelope 682 address still remaining "user@local.host". 683 Without stickyhost, the envelope would be changed 684 to "user@mail_hub", in order to protect against 685 mailing loops. 686 687mailertable Include a "mailer table" which can be used to override 688 routing for particular domains (which are not in class {w}, 689 i.e. local host names). The argument of the FEATURE may be 690 the key definition. If none is specified, the definition 691 used is: 692 693 hash /etc/mail/mailertable 694 695 Keys in this database are fully qualified domain names 696 or partial domains preceded by a dot -- for example, 697 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a 698 special case of the latter, "." matches any domain not 699 covered by other keys. Values must be of the form: 700 mailer:domain 701 where "mailer" is the internal mailer name, and "domain" 702 is where to send the message. These maps are not 703 reflected into the message header. As a special case, 704 the forms: 705 local:user 706 will forward to the indicated user using the local mailer, 707 local: 708 will forward to the original user in the e-mail address 709 using the local mailer, and 710 error:code message 711 error:D.S.N:code message 712 will give an error message with the indicated SMTP reply 713 code and message, where D.S.N is an RFC 1893 compliant 714 error code. 715 716domaintable Include a "domain table" which can be used to provide 717 domain name mapping. Use of this should really be 718 limited to your own domains. It may be useful if you 719 change names (e.g., your company changes names from 720 oldname.com to newname.com). The argument of the 721 FEATURE may be the key definition. If none is specified, 722 the definition used is: 723 724 hash /etc/mail/domaintable 725 726 The key in this table is the domain name; the value is 727 the new (fully qualified) domain. Anything in the 728 domaintable is reflected into headers; that is, this 729 is done in ruleset 3. 730 731bitdomain Look up bitnet hosts in a table to try to turn them into 732 internet addresses. The table can be built using the 733 bitdomain program contributed by John Gardiner Myers. 734 The argument of the FEATURE may be the key definition; if 735 none is specified, the definition used is: 736 737 hash /etc/mail/bitdomain 738 739 Keys are the bitnet hostname; values are the corresponding 740 internet hostname. 741 742uucpdomain Similar feature for UUCP hosts. The default map definition 743 is: 744 745 hash /etc/mail/uudomain 746 747 At the moment there is no automagic tool to build this 748 database. 749 750always_add_domain 751 Include the local host domain even on locally delivered 752 mail. Normally it is not added on unqualified names. 753 However, if you use a shared message store but do not use 754 the same user name space everywhere, you may need the host 755 name on local names. 756 757allmasquerade If masquerading is enabled (using MASQUERADE_AS), this 758 feature will cause recipient addresses to also masquerade 759 as being from the masquerade host. Normally they get 760 the local hostname. Although this may be right for 761 ordinary users, it can break local aliases. For example, 762 if you send to "localalias", the originating sendmail will 763 find that alias and send to all members, but send the 764 message with "To: localalias@masqueradehost". Since that 765 alias likely does not exist, replies will fail. Use this 766 feature ONLY if you can guarantee that the ENTIRE 767 namespace on your masquerade host supersets all the 768 local entries. 769 770limited_masquerade 771 Normally, any hosts listed in class {w} are masqueraded. If 772 this feature is given, only the hosts listed in class {M} (see 773 below: MASQUERADE_DOMAIN) are masqueraded. This is useful 774 if you have several domains with disjoint namespaces hosted 775 on the same machine. 776 777masquerade_entire_domain 778 If masquerading is enabled (using MASQUERADE_AS) and 779 MASQUERADE_DOMAIN (see below) is set, this feature will 780 cause addresses to be rewritten such that the masquerading 781 domains are actually entire domains to be hidden. All 782 hosts within the masquerading domains will be rewritten 783 to the masquerade name (used in MASQUERADE_AS). For example, 784 if you have: 785 786 MASQUERADE_AS(`masq.com') 787 MASQUERADE_DOMAIN(`foo.org') 788 MASQUERADE_DOMAIN(`bar.com') 789 790 then *foo.org and *bar.com are converted to masq.com. Without 791 this feature, only foo.org and bar.com are masqueraded. 792 793 NOTE: only domains within your jurisdiction and 794 current hierarchy should be masqueraded using this. 795 796genericstable This feature will cause unqualified addresses (i.e., without 797 a domain) and addresses with a domain listed in class {G} 798 to be looked up in a map and turned into another ("generic") 799 form, which can change both the domain name and the user name. 800 This is similar to the userdb functionality. The same types of 801 addresses as for masquerading are looked up, i.e., only header 802 sender addresses unless the allmasquerade and/or 803 masquerade_envelope features are given. Qualified addresses 804 must have the domain part in class {G}; entries can 805 be added to this class by the macros GENERICS_DOMAIN or 806 GENERICS_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 807 MASQUERADE_DOMAIN_FILE, see below). 808 809 The argument of FEATURE(`genericstable') may be the map 810 definition; the default map definition is: 811 812 hash /etc/mail/genericstable 813 814 The key for this table is either the full address, the domain 815 (with a leading @; the localpart is passed as first argument) 816 or the unqualified username (tried in the order mentioned); 817 the value is the new user address. If the new user address 818 does not include a domain, it will be qualified in the standard 819 manner, i.e., using $j or the masquerade name. Note that the 820 address being looked up must be fully qualified. For local 821 mail, it is necessary to use FEATURE(`always_add_domain') 822 for the addresses to be qualified. 823 The "+detail" of an address is passed as %1, so entries like 824 825 old+*@foo.org new+%1@example.com 826 gen+*@foo.org %1@example.com 827 828 and other forms are possible. 829 830generics_entire_domain 831 If the genericstable is enabled and GENERICS_DOMAIN or 832 GENERICS_DOMAIN_FILE is used, this feature will cause 833 addresses to be searched in the map if their domain 834 parts are subdomains of elements in class {G}. 835 836virtusertable A domain-specific form of aliasing, allowing multiple 837 virtual domains to be hosted on one machine. For example, 838 if the virtuser table contained: 839 840 info@foo.com foo-info 841 info@bar.com bar-info 842 joe@bar.com error:nouser No such user here 843 jax@bar.com error:D.S.N:unavailable Address invalid 844 @baz.org jane@example.net 845 846 then mail addressed to info@foo.com will be sent to the 847 address foo-info, mail addressed to info@bar.com will be 848 delivered to bar-info, and mail addressed to anyone at baz.org 849 will be sent to jane@example.net, mail to joe@bar.com will 850 be rejected with the specified error message, and mail to 851 jax@bar.com will also have a RFC 1893 compliant error code 852 D.S.N. 853 854 The username from the original address is passed 855 as %1 allowing: 856 857 @foo.org %1@example.com 858 859 meaning someone@foo.org will be sent to someone@example.com. 860 Additionally, if the local part consists of "user+detail" 861 then "detail" is passed as %2 when a match against user+* 862 is attempted, so entries like 863 864 old+*@foo.org new+%2@example.com 865 gen+*@foo.org %2@example.com 866 +*@foo.org %1+%2@example.com 867 868 and other forms are possible. Note: to preserve "+detail" 869 for a default case (@domain) +*@domain must be used as 870 exemplified above. 871 872 All the host names on the left hand side (foo.com, bar.com, 873 and baz.org) must be in class {w} or class {VirtHost}, the 874 latter can be defined by the macros VIRTUSER_DOMAIN or 875 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 876 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or 877 VIRTUSER_DOMAIN_FILE is used, then the entries of class 878 {VirtHost} are added to class {R}, i.e., relaying is allowed 879 to (and from) those domains. The default map definition is: 880 881 hash /etc/mail/virtusertable 882 883 A new definition can be specified as the second argument of 884 the FEATURE macro, such as 885 886 FEATURE(`virtusertable', `dbm /etc/mail/virtusers') 887 888virtuser_entire_domain 889 If the virtusertable is enabled and VIRTUSER_DOMAIN or 890 VIRTUSER_DOMAIN_FILE is used, this feature will cause 891 addresses to be searched in the map if their domain 892 parts are subdomains of elements in class {VirtHost}. 893 894ldap_routing Implement LDAP-based e-mail recipient routing according to 895 the Internet Draft draft-lachman-laser-ldap-mail-routing-01. 896 This provides a method to re-route addresses with a 897 domain portion in class {LDAPRoute} to either a 898 different mail host or a different address. Hosts can 899 be added to this class using LDAPROUTE_DOMAIN and 900 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 901 MASQUERADE_DOMAIN_FILE, see below). 902 903 See the LDAP ROUTING section below for more information. 904 905nodns If you aren't running DNS at your site (for example, 906 you are UUCP-only connected). It's hard to consider 907 this a "feature", but hey, it had to go somewhere. 908 Actually, as of 8.7 this is a no-op -- remove "dns" from 909 the hosts service switch entry instead. 910 911nullclient This is a special case -- it creates a configuration file 912 containing nothing but support for forwarding all mail to a 913 central hub via a local SMTP-based network. The argument 914 is the name of that hub. 915 916 The only other feature that should be used in conjunction 917 with this one is FEATURE(`nocanonify'). No mailers 918 should be defined. No aliasing or forwarding is done. 919 920local_lmtp Use an LMTP capable local mailer. The argument to this 921 feature is the pathname of an LMTP capable mailer. By 922 default, mail.local is used. This is expected to be the 923 mail.local which came with the 8.9 distribution which is 924 LMTP capable. The path to mail.local is set by the 925 confEBINDIR m4 variable -- making the default 926 LOCAL_MAILER_PATH /usr/libexec/mail.local. 927 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 928 i.e., without respecting any definitions in an OSTYPE setting. 929 930local_procmail Use procmail or another delivery agent as the local mailer. 931 The argument to this feature is the pathname of the 932 delivery agent, which defaults to PROCMAIL_MAILER_PATH. 933 Note that this does NOT use PROCMAIL_MAILER_FLAGS or 934 PROCMAIL_MAILER_ARGS for the local mailer; tweak 935 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or 936 specify the appropriate parameters. When procmail is used, 937 the local mailer can make use of the 938 "user+indicator@local.host" syntax; normally the +indicator 939 is just tossed, but by default it is passed as the -a 940 argument to procmail. 941 942 This feature can take up to three arguments: 943 944 1. Path to the mailer program 945 [default: /usr/local/bin/procmail] 946 2. Argument vector including name of the program 947 [default: procmail -Y -a $h -d $u] 948 3. Flags for the mailer [default: SPfhn9] 949 950 Empty arguments cause the defaults to be taken. 951 952 For example, this allows it to use the maildrop 953 (http://www.flounder.net/~mrsam/maildrop/) mailer instead 954 by specifying: 955 956 FEATURE(`local_procmail', `/usr/local/bin/maildrop', 957 `maildrop -d $u') 958 959 or scanmails using: 960 961 FEATURE(`local_procmail', `/usr/local/bin/scanmails') 962 963 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 964 i.e., without respecting any definitions in an OSTYPE setting. 965 966bestmx_is_local Accept mail as though locally addressed for any host that 967 lists us as the best possible MX record. This generates 968 additional DNS traffic, but should be OK for low to 969 medium traffic hosts. The argument may be a set of 970 domains, which will limit the feature to only apply to 971 these domains -- this will reduce unnecessary DNS 972 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH 973 WILDCARD MX RECORDS!!! If you have a wildcard MX record 974 that matches your domain, you cannot use this feature. 975 976smrsh Use the SendMail Restricted SHell (smrsh) provided 977 with the distribution instead of /bin/sh for mailing 978 to programs. This improves the ability of the local 979 system administrator to control what gets run via 980 e-mail. If an argument is provided it is used as the 981 pathname to smrsh; otherwise, the path defined by 982 confEBINDIR is used for the smrsh binary -- by default, 983 /usr/libexec/smrsh is assumed. 984 985promiscuous_relay 986 By default, the sendmail configuration files do not permit 987 mail relaying (that is, accepting mail from outside your 988 local host (class {w}) and sending it to another host than 989 your local host). This option sets your site to allow 990 mail relaying from any site to any site. In almost all 991 cases, it is better to control relaying more carefully 992 with the access map, class {R}, or authentication. Domains 993 can be added to class {R} by the macros RELAY_DOMAIN or 994 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 995 MASQUERADE_DOMAIN_FILE, see below). 996 997relay_entire_domain 998 By default, only hosts listed as RELAY in the access db 999 will be allowed to relay. This option also allows any 1000 host in your domain as defined by class {m}. 1001 1002relay_hosts_only 1003 By default, names that are listed as RELAY in the access 1004 db and class {R} are domain names, not host names. 1005 For example, if you specify ``foo.com'', then mail to or 1006 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com 1007 will all be accepted for relaying. This feature changes 1008 the behaviour to lookup individual host names only. 1009 1010relay_based_on_MX 1011 Turns on the ability to allow relaying based on the MX 1012 records of the host portion of an incoming recipient; that 1013 is, if an MX record for host foo.com points to your site, 1014 you will accept and relay mail addressed to foo.com. See 1015 description below for more information before using this 1016 feature. Also, see the KNOWNBUGS entry regarding bestmx 1017 map lookups. 1018 1019 FEATURE(`relay_based_on_MX') does not necessarily allow 1020 routing of these messages which you expect to be allowed, 1021 if route address syntax (or %-hack syntax) is used. If 1022 this is a problem, add entries to the access-table or use 1023 FEATURE(`loose_relay_check'). 1024 1025relay_mail_from 1026 Allows relaying if the mail sender is listed as RELAY in 1027 the access map. If an optional argument `domain' is given, 1028 the domain portion of the mail sender is checked too. 1029 This should only be used if absolutely necessary as the 1030 sender address can be easily forged. Use of this feature 1031 requires the "From:" tag be prepended to the key in the 1032 access map; see the discussion of tags and 1033 FEATURE(`relay_mail_from') in the section on ANTI-SPAM 1034 CONFIGURATION CONTROL. 1035 1036relay_local_from 1037 Allows relaying if the domain portion of the mail sender 1038 is a local host. This should only be used if absolutely 1039 necessary as it opens a window for spammers. Specifically, 1040 they can send mail to your mail server that claims to be 1041 from your domain (either directly or via a routed address), 1042 and you will go ahead and relay it out to arbitrary hosts 1043 on the Internet. 1044 1045accept_unqualified_senders 1046 Normally, MAIL FROM: commands in the SMTP session will be 1047 refused if the connection is a network connection and the 1048 sender address does not include a domain name. If your 1049 setup sends local mail unqualified (i.e., MAIL FROM: <joe>), 1050 you will need to use this feature to accept unqualified 1051 sender addresses. Setting the DaemonPortOptions modifier 1052 'u' overrides the default behavior, i.e., unqualified 1053 addresses are accepted even without this FEATURE. 1054 If this FEATURE is not used, the DaemonPortOptions modifier 1055 'f' can be used to enforce fully qualified addresses. 1056 1057accept_unresolvable_domains 1058 Normally, MAIL FROM: commands in the SMTP session will be 1059 refused if the host part of the argument to MAIL FROM: 1060 cannot be located in the host name service (e.g., an A or 1061 MX record in DNS). If you are inside a firewall that has 1062 only a limited view of the Internet host name space, this 1063 could cause problems. In this case you probably want to 1064 use this feature to accept all domains on input, even if 1065 they are unresolvable. 1066 1067access_db Turns on the access database feature. The access db gives 1068 you the ability to allow or refuse to accept mail from 1069 specified domains for administrative reasons. By default, 1070 the access database specification is: 1071 1072 hash /etc/mail/access 1073 1074 The format of the database is described in the anti-spam 1075 configuration control section later in this document. 1076 1077blacklist_recipients 1078 Turns on the ability to block incoming mail for certain 1079 recipient usernames, hostnames, or addresses. For 1080 example, you can block incoming mail to user nobody, 1081 host foo.mydomain.com, or guest@bar.mydomain.com. 1082 These specifications are put in the access db as 1083 described in the anti-spam configuration control section 1084 later in this document. 1085 1086delay_checks The rulesets check_mail and check_relay will not be called 1087 when a client connects or issues a MAIL command, respectively. 1088 Instead, those rulesets will be called by the check_rcpt 1089 ruleset; they will be skipped under certain circumstances. 1090 See "Delay all checks" in "ANTI-SPAM CONFIGURATION CONTROL". 1091 1092rbl This feature is deprecated! Please use dnsbl instead. 1093 Turns on rejection of hosts found in the Realtime Blackhole 1094 List. If an argument is provided it is used as the domain 1095 in which blocked hosts are listed; otherwise, the main RBL 1096 domain rbl.maps.vix.com is used (see NOTE below). For 1097 details, see http://maps.vix.com/rbl/. 1098 1099dnsbl Turns on rejection of hosts found in an DNS based rejection 1100 list. If an argument is provided it is used as the domain 1101 in which blocked hosts are listed; otherwise it defaults to 1102 blackholes.mail-abuse.org. An explanation for an DNS based 1103 rejection list can be found http://mail-abuse.org/rbl/. A 1104 second argument can be used to change the default error 1105 message of Mail from $&{client_addr} refused by blackhole site 1106 SERVER where SERVER is replaced by the first argument. This 1107 feature can be included several times to query different DNS 1108 based rejection lists. 1109 1110 NOTE: The default DNS blacklist, blackholes.mail-abuse.org, 1111 is a service offered by the Mail Abuse Prevention System 1112 (MAPS). As of July 31, 2001, MAPS is a subscription 1113 service, so using that network address won't work if you 1114 haven't subscribed. Contact MAPS to subscribe 1115 (http://mail-abuse.org/). 1116 1117loose_relay_check 1118 Normally, if % addressing is used for a recipient, e.g. 1119 user%site@othersite, and othersite is in class {R}, the 1120 check_rcpt ruleset will strip @othersite and recheck 1121 user@site for relaying. This feature changes that 1122 behavior. It should not be needed for most installations. 1123 1124no_default_msa Don't generate the default MSA daemon, i.e., 1125 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E') 1126 To define a MSA daemon with other parameters, use this 1127 FEATURE and introduce new settings via DAEMON_OPTIONS(). 1128 1129+-------+ 1130| HACKS | 1131+-------+ 1132 1133Some things just can't be called features. To make this clear, 1134they go in the hack subdirectory and are referenced using the HACK 1135macro. These will tend to be site-dependent. The release 1136includes the Berkeley-dependent "cssubdomain" hack (that makes 1137sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU; 1138this is intended as a short-term aid while moving hosts into 1139subdomains. 1140 1141 1142+--------------------+ 1143| SITE CONFIGURATION | 1144+--------------------+ 1145 1146 ***************************************************** 1147 * This section is really obsolete, and is preserved * 1148 * only for back compatibility. You should plan on * 1149 * using mailertables for new installations. In * 1150 * particular, it doesn't work for the newer forms * 1151 * of UUCP mailers, such as uucp-uudom. * 1152 ***************************************************** 1153 1154Complex sites will need more local configuration information, such as 1155lists of UUCP hosts they speak with directly. This can get a bit more 1156tricky. For an example of a "complex" site, see cf/ucbvax.mc. 1157 1158The SITECONFIG macro allows you to indirectly reference site-dependent 1159configuration information stored in the siteconfig subdirectory. For 1160example, the line 1161 1162 SITECONFIG(`uucp.ucbvax', `ucbvax', `U') 1163 1164reads the file uucp.ucbvax for local connection information. The 1165second parameter is the local name (in this case just "ucbvax" since 1166it is locally connected, and hence a UUCP hostname). The third 1167parameter is the name of both a macro to store the local name (in 1168this case, {U}) and the name of the class (e.g., {U}) in which to store 1169the host information read from the file. Another SITECONFIG line reads 1170 1171 SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W') 1172 1173This says that the file uucp.ucbarpa contains the list of UUCP sites 1174connected to ucbarpa.Berkeley.EDU. Class {W} will be used to 1175store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that 1176is, the name of the relay to which the hosts listed in uucp.ucbarpa 1177are connected. [The machine ucbarpa is gone now, but this 1178out-of-date configuration file has been left around to demonstrate 1179how you might do this.] 1180 1181Note that the case of SITECONFIG with a third parameter of ``U'' is 1182special; the second parameter is assumed to be the UUCP name of the 1183local site, rather than the name of a remote site, and the UUCP name 1184is entered into class {w} (the list of local hostnames) as $U.UUCP. 1185 1186The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing 1187more than a sequence of SITE macros describing connectivity. For 1188example: 1189 1190 SITE(`cnmat') 1191 SITE(`sgi olympus') 1192 1193The second example demonstrates that you can use two names on the 1194same line; these are usually aliases for the same host (or are at 1195least in the same company). 1196 1197 1198+--------------------+ 1199| USING UUCP MAILERS | 1200+--------------------+ 1201 1202It's hard to get UUCP mailers right because of the extremely ad hoc 1203nature of UUCP addressing. These config files are really designed 1204for domain-based addressing, even for UUCP sites. 1205 1206There are four UUCP mailers available. The choice of which one to 1207use is partly a matter of local preferences and what is running at 1208the other end of your UUCP connection. Unlike good protocols that 1209define what will go over the wire, UUCP uses the policy that you 1210should do what is right for the other end; if they change, you have 1211to change. This makes it hard to do the right thing, and discourages 1212people from updating their software. In general, if you can avoid 1213UUCP, please do. 1214 1215The major choice is whether to go for a domainized scheme or a 1216non-domainized scheme. This depends entirely on what the other 1217end will recognize. If at all possible, you should encourage the 1218other end to go to a domain-based system -- non-domainized addresses 1219don't work entirely properly. 1220 1221The four mailers are: 1222 1223 uucp-old (obsolete name: "uucp") 1224 This is the oldest, the worst (but the closest to UUCP) way of 1225 sending messages accros UUCP connections. It does bangify 1226 everything and prepends $U (your UUCP name) to the sender's 1227 address (which can already be a bang path itself). It can 1228 only send to one address at a time, so it spends a lot of 1229 time copying duplicates of messages. Avoid this if at all 1230 possible. 1231 1232 uucp-new (obsolete name: "suucp") 1233 The same as above, except that it assumes that in one rmail 1234 command you can specify several recipients. It still has a 1235 lot of other problems. 1236 1237 uucp-dom 1238 This UUCP mailer keeps everything as domain addresses. 1239 Basically, it uses the SMTP mailer rewriting rules. This mailer 1240 is only included if MAILER(`smtp') is also specified. 1241 1242 Unfortunately, a lot of UUCP mailer transport agents require 1243 bangified addresses in the envelope, although you can use 1244 domain-based addresses in the message header. (The envelope 1245 shows up as the From_ line on UNIX mail.) So.... 1246 1247 uucp-uudom 1248 This is a cross between uucp-new (for the envelope addresses) 1249 and uucp-dom (for the header addresses). It bangifies the 1250 envelope sender (From_ line in messages) without adding the 1251 local hostname, unless there is no host name on the address 1252 at all (e.g., "wolf") or the host component is a UUCP host name 1253 instead of a domain name ("somehost!wolf" instead of 1254 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp') 1255 is also specified. 1256 1257Examples: 1258 1259On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following 1260summarizes the sender rewriting for various mailers. 1261 1262Mailer sender rewriting in the envelope 1263------ ------ ------------------------- 1264uucp-{old,new} wolf grasp!wolf 1265uucp-dom wolf wolf@grasp.insa-lyon.fr 1266uucp-uudom wolf grasp.insa-lyon.fr!wolf 1267 1268uucp-{old,new} wolf@fr.net grasp!fr.net!wolf 1269uucp-dom wolf@fr.net wolf@fr.net 1270uucp-uudom wolf@fr.net fr.net!wolf 1271 1272uucp-{old,new} somehost!wolf grasp!somehost!wolf 1273uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr 1274uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf 1275 1276If you are using one of the domainized UUCP mailers, you really want 1277to convert all UUCP addresses to domain format -- otherwise, it will 1278do it for you (and probably not the way you expected). For example, 1279if you have the address foo!bar!baz (and you are not sending to foo), 1280the heuristics will add the @uucp.relay.name or @local.host.name to 1281this address. However, if you map foo to foo.host.name first, it 1282will not add the local hostname. You can do this using the uucpdomain 1283feature. 1284 1285 1286+-------------------+ 1287| TWEAKING RULESETS | 1288+-------------------+ 1289 1290For more complex configurations, you can define special rules. 1291The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing 1292the names. Any modifications made here are reflected in the header. 1293 1294A common use is to convert old UUCP addresses to SMTP addresses using 1295the UUCPSMTP macro. For example: 1296 1297 LOCAL_RULE_3 1298 UUCPSMTP(`decvax', `decvax.dec.com') 1299 UUCPSMTP(`research', `research.att.com') 1300 1301will cause addresses of the form "decvax!user" and "research!user" 1302to be converted to "user@decvax.dec.com" and "user@research.att.com" 1303respectively. 1304 1305This could also be used to look up hosts in a database map: 1306 1307 LOCAL_RULE_3 1308 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3 1309 1310This map would be defined in the LOCAL_CONFIG portion, as shown below. 1311 1312Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules. 1313For example, new rules are needed to parse hostnames that you accept 1314via MX records. For example, you might have: 1315 1316 LOCAL_RULE_0 1317 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.> 1318 1319You would use this if you had installed an MX record for cnmat.Berkeley.EDU 1320pointing at this host; this rule catches the message and forwards it on 1321using UUCP. 1322 1323You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2. 1324These rulesets are normally empty. 1325 1326A similar macro is LOCAL_CONFIG. This introduces lines added after the 1327boilerplate option setting but before rulesets. Do not declare rulesets in 1328the LOCAL_CONFIG section. It can be used to declare local database maps or 1329whatever. For example: 1330 1331 LOCAL_CONFIG 1332 Khostmap hash /etc/mail/hostmap 1333 Kyplocal nis -m hosts.byname 1334 1335 1336+---------------------------+ 1337| MASQUERADING AND RELAYING | 1338+---------------------------+ 1339 1340You can have your host masquerade as another using 1341 1342 MASQUERADE_AS(`host.domain') 1343 1344This causes mail being sent to be labeled as coming from the 1345indicated host.domain, rather than $j. One normally masquerades as 1346one of one's own subdomains (for example, it's unlikely that 1347Berkeley would choose to masquerade as an MIT site). This 1348behaviour is modified by a plethora of FEATUREs; in particular, see 1349masquerade_envelope, allmasquerade, limited_masquerade, and 1350masquerade_entire_domain. 1351 1352The masquerade name is not normally canonified, so it is important 1353that it be your One True Name, that is, fully qualified and not a 1354CNAME. However, if you use a CNAME, the receiving side may canonify 1355it for you, so don't think you can cheat CNAME mapping this way. 1356 1357Normally the only addresses that are masqueraded are those that come 1358from this host (that is, are either unqualified or in class {w}, the list 1359of local domain names). You can augment this list, which is realized 1360by class {M} using 1361 1362 MASQUERADE_DOMAIN(`otherhost.domain') 1363 1364The effect of this is that although mail to user@otherhost.domain 1365will not be delivered locally, any mail including any user@otherhost.domain 1366will, when relayed, be rewritten to have the MASQUERADE_AS address. 1367This can be a space-separated list of names. 1368 1369If these names are in a file, you can use 1370 1371 MASQUERADE_DOMAIN_FILE(`filename') 1372 1373to read the list of names from the indicated file (i.e., to add 1374elements to class {M}). 1375 1376To exempt hosts or subdomains from being masqueraded, you can use 1377 1378 MASQUERADE_EXCEPTION(`host.domain') 1379 1380This can come handy if you want to masquerade a whole domain 1381except for one (or a few) host(s). 1382 1383Normally only header addresses are masqueraded. If you want to 1384masquerade the envelope as well, use 1385 1386 FEATURE(`masquerade_envelope') 1387 1388There are always users that need to be "exposed" -- that is, their 1389internal site name should be displayed instead of the masquerade name. 1390Root is an example (which has been "exposed" by default prior to 8.10). 1391You can add users to this list using 1392 1393 EXPOSED_USER(`usernames') 1394 1395This adds users to class {E}; you could also use something like 1396 1397 FE/etc/mail/exposed-users 1398 1399You can also arrange to relay all unqualified names (that is, names 1400without @host) to a relay host. For example, if you have a central 1401email server, you might relay to that host so that users don't have 1402to have .forward files or aliases. You can do this using 1403 1404 define(`LOCAL_RELAY', `mailer:hostname') 1405 1406The ``mailer:'' can be omitted, in which case the mailer defaults to 1407"relay". There are some user names that you don't want relayed, perhaps 1408because of local aliases. A common example is root, which may be 1409locally aliased. You can add entries to this list using 1410 1411 LOCAL_USER(`usernames') 1412 1413This adds users to class {L}; you could also use something like 1414 1415 FL/etc/mail/local-users 1416 1417If you want all incoming mail sent to a centralized hub, as for a 1418shared /var/spool/mail scheme, use 1419 1420 define(`MAIL_HUB', `mailer:hostname') 1421 1422Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY 1423and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will 1424be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB. 1425Note: there is a (long standing) bug which keeps this combination from 1426working for addresses of the form user+detail. 1427Names in class {L} will be delivered locally, so you MUST have aliases or 1428.forward files for them. 1429 1430For example, if you are on machine mastodon.CS.Berkeley.EDU and you have 1431FEATURE(`stickyhost'), the following combinations of settings will have the 1432indicated effects: 1433 1434email sent to.... eric eric@mastodon.CS.Berkeley.EDU 1435 1436LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally) 1437mail.CS.Berkeley.EDU (no local aliasing) (aliasing done) 1438 1439MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1440mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done) 1441 1442Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1443MAIL_HUB set as above (no local aliasing) (aliasing done) 1444 1445If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and 1446MAIL_HUB act identically, with MAIL_HUB taking precedence. 1447 1448If you want all outgoing mail to go to a central relay site, define 1449SMART_HOST as well. Briefly: 1450 1451 LOCAL_RELAY applies to unqualified names (e.g., "eric"). 1452 MAIL_HUB applies to names qualified with the name of the 1453 local host (e.g., "eric@mastodon.CS.Berkeley.EDU"). 1454 SMART_HOST applies to names qualified with other hosts or 1455 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU" 1456 or "eric@[127.0.0.1]"). 1457 1458However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY, 1459DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you 1460really want absolutely everything to go to a single central site you will 1461need to unset all the other relays -- or better yet, find or build a 1462minimal config file that does this. 1463 1464For duplicate suppression to work properly, the host name is best 1465specified with a terminal dot: 1466 1467 define(`MAIL_HUB', `host.domain.') 1468 note the trailing dot ---^ 1469 1470 1471+--------------+ 1472| LDAP ROUTING | 1473+--------------+ 1474 1475FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft 1476LDAP Schema for Intranet Mail Routing 1477(draft-lachman-laser-ldap-mail-routing-01). This feature enables 1478LDAP-based rerouting of a particular address to either a different host 1479or a different address. The LDAP lookup is first attempted on the full 1480address (e.g., user@example.com) and then on the domain portion 1481(e.g., @example.com). Be sure to setup your domain for LDAP routing using 1482LDAPROUTE_DOMAIN(), e.g.: 1483 1484 LDAPROUTE_DOMAIN(`example.com') 1485 1486By default, the feature will use the schemas as specified in the draft 1487and will not reject addresses not found by the LDAP lookup. However, 1488this behavior can be changed by giving additional arguments to the FEATURE() 1489command: 1490 1491 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>) 1492 1493where <mailHost> is a map definition describing how to lookup an alternative 1494mail host for a particular address; <mailRoutingAddress> is a map definition 1495describing how to lookup an alternative address for a particular address; and 1496the <bounce> argument, if present and not the word "passthru", dictates 1497that mail should be bounced if neither a mailHost nor mailRoutingAddress 1498is found. 1499 1500The default <mailHost> map definition is: 1501 1502 ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient) 1503 (mailLocalAddress=%0)) 1504 1505The default <mailRoutingAddress> map definition is: 1506 1507 ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient) 1508 (mailLocalAddress=%0)) 1509 1510Note that neither includes the LDAP server hostname (-h server) or base DN 1511(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that 1512your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with 1513these settings. If this is not the case, the map definitions should be 1514changed as described above. 1515 1516The following possibilities exist as a result of an LDAP lookup on an 1517address: 1518 1519 mailHost is mailRoutingAddress is Results in 1520 ----------- --------------------- ---------- 1521 set to a set mail delivered to 1522 "local" host mailRoutingAddress 1523 1524 set to a not set delivered to 1525 "local" host original address 1526 1527 set to a set mailRoutingAddress 1528 remote host relayed to mailHost 1529 1530 set to a not set original address 1531 remote host relayed to mailHost 1532 1533 not set set mail delivered to 1534 mailRoutingAddress 1535 1536 not set not set delivered to 1537 original address *OR* 1538 bounced as unknown user 1539 1540The term "local" host above means the host specified is in class {w}. 1541Note that the last case depends on whether the third argument is given 1542to the FEATURE() command. The default is to deliver the message to the 1543original address. 1544 1545The LDAP entries should be set up with an objectClass of 1546inetLocalMailRecipient and the address be listed in a mailLocalAddress 1547attribute. If present, there must be only one mailHost attribute and it 1548must contain a fully qualified host name as its value. Similarly, if 1549present, there must be only one mailRoutingAddress attribute and it must 1550contain an RFC 822 compliant address. Some example LDAP records (in ldif 1551format): 1552 1553 dn: uid=tom, o=example.com, c=US 1554 objectClass: inetLocalMailRecipient 1555 mailLocalAddress: tom@example.com 1556 mailRoutingAddress: thomas@mailhost.example.com 1557 1558This would deliver mail for tom@example.com to thomas@mailhost.example.com. 1559 1560 dn: uid=dick, o=example.com, c=US 1561 objectClass: inetLocalMailRecipient 1562 mailLocalAddress: dick@example.com 1563 mailHost: eng.example.com 1564 1565This would relay mail for dick@example.com to the same address but redirect 1566the mail to MX records listed for the host eng.example.com. 1567 1568 dn: uid=harry, o=example.com, c=US 1569 objectClass: inetLocalMailRecipient 1570 mailLocalAddress: harry@example.com 1571 mailHost: mktmail.example.com 1572 mailRoutingAddress: harry@mkt.example.com 1573 1574This would relay mail for harry@example.com to the MX records listed for 1575the host mktmail.example.com using the new address harry@mkt.example.com 1576when talking to that host. 1577 1578 dn: uid=virtual.example.com, o=example.com, c=US 1579 objectClass: inetLocalMailRecipient 1580 mailLocalAddress: @virtual.example.com 1581 mailHost: server.example.com 1582 mailRoutingAddress: virtual@example.com 1583 1584This would send all mail destined for any username @virtual.example.com to 1585the machine server.example.com's MX servers and deliver to the address 1586virtual@example.com on that relay machine. 1587 1588 1589+---------------------------------+ 1590| ANTI-SPAM CONFIGURATION CONTROL | 1591+---------------------------------+ 1592 1593The primary anti-spam features available in sendmail are: 1594 1595* Relaying is denied by default. 1596* Better checking on sender information. 1597* Access database. 1598* Header checks. 1599 1600Relaying (transmission of messages from a site outside your host (class 1601{w}) to another site except yours) is denied by default. Note that this 1602changed in sendmail 8.9; previous versions allowed relaying by default. 1603If you really want to revert to the old behaviour, you will need to use 1604FEATURE(`promiscuous_relay'). You can allow certain domains to relay 1605through your server by adding their domain name or IP address to class 1606{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database 1607(described below). The file consists (like any other file based class) 1608of entries listed on separate lines, e.g., 1609 1610 sendmail.org 1611 128.32 1612 1:2:3:4:5:6:7 1613 host.mydomain.com 1614 1615If you use 1616 1617 FEATURE(`relay_entire_domain') 1618 1619then any host in any of your local domains (that is, class {m}) 1620will be relayed (that is, you will accept mail either to or from any 1621host in your domain). 1622 1623You can also allow relaying based on the MX records of the host 1624portion of an incoming recipient address by using 1625 1626 FEATURE(`relay_based_on_MX') 1627 1628For example, if your server receives a recipient of user@domain.com 1629and domain.com lists your server in its MX records, the mail will be 1630accepted for relay to domain.com. Note that this will stop spammers 1631from using your host to relay spam but it will not stop outsiders from 1632using your server as a relay for their site (that is, they set up an 1633MX record pointing to your mail server, and you will relay mail addressed 1634to them without any prior arrangement). Along the same lines, 1635 1636 FEATURE(`relay_local_from') 1637 1638will allow relaying if the sender specifies a return path (i.e. 1639MAIL FROM: <user@domain>) domain which is a local domain. This a 1640dangerous feature as it will allow spammers to spam using your mail 1641server by simply specifying a return address of user@your.domain.com. 1642It should not be used unless absolutely necessary. 1643A slightly better solution is 1644 1645 FEATURE(`relay_mail_from') 1646 1647which allows relaying if the mail sender is listed as RELAY in the 1648access map. If an optional argument `domain' is given, the domain 1649portion of the mail sender is also checked to allowing relaying. 1650This option only works together with the tag From: for the LHS of 1651the access map entries (see below: Finer control...). 1652 1653 1654If source routing is used in the recipient address (i.e. 1655RCPT TO: <user%site.com@othersite.com>), sendmail will check 1656user@site.com for relaying if othersite.com is an allowed relay host 1657in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, 1658or the access database if FEATURE(`access_db') is used. To prevent 1659the address from being stripped down, use: 1660 1661 FEATURE(`loose_relay_check') 1662 1663If you think you need to use this feature, you probably do not. This 1664should only be used for sites which have no control over the addresses 1665that they provide a gateway for. Use this FEATURE with caution as it 1666can allow spammers to relay through your server if not setup properly. 1667 1668NOTICE: It is possible to relay mail through a system which the anti-relay 1669rules do not prevent: the case of a system that does use FEATURE(`nouucp', 1670`nospecial') (system A) and relays local messages to a mail hub (e.g., via 1671LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use 1672FEATURE(`nouucp') at all, addresses of the form 1673<example.net!user@local.host> would be relayed to <user@example.net>. 1674System A doesn't recognize `!' as an address separator and therefore 1675forwards it to the mail hub which in turns relays it because it came from 1676a trusted local host. So if a mailserver allows UUCP (bang-format) 1677addresses, all systems from which it allows relaying should do the same 1678or reject those addresses. 1679 1680As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has 1681an unresolvable domain (i.e., one that DNS, your local name service, 1682or special case rules in ruleset 3 cannot locate). If you want to 1683continue to accept such domains, e.g., because you are inside a 1684firewall that has only a limited view of the Internet host name space 1685(note that you will not be able to return mail to them unless you have 1686some "smart host" forwarder), use 1687 1688 FEATURE(`accept_unresolvable_domains') 1689 1690sendmail will also refuse mail if the MAIL FROM: parameter is not 1691fully qualified (i.e., contains a domain as well as a user). If you 1692want to continue to accept such senders, use 1693 1694 FEATURE(`accept_unqualified_senders') 1695 1696Setting the DaemonPortOptions modifier 'u' overrides the default behavior, 1697i.e., unqualified addresses are accepted even without this FEATURE. If 1698this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used 1699to enforce fully qualified addresses. 1700 1701An ``access'' database can be created to accept or reject mail from 1702selected domains. For example, you may choose to reject all mail 1703originating from known spammers. To enable such a database, use 1704 1705 FEATURE(`access_db') 1706 1707The FEATURE macro can accept a second parameter giving the key file 1708definition for the database; for example 1709 1710 FEATURE(`access_db', `hash /etc/mail/access') 1711 1712Remember, since /etc/mail/access is a database, after creating the text 1713file as described below, you must use makemap to create the database 1714map. For example: 1715 1716 makemap hash /etc/mail/access < /etc/mail/access 1717 1718The table itself uses e-mail addresses, domain names, and network 1719numbers as keys. For example, 1720 1721 spammer@aol.com REJECT 1722 cyberspammer.com REJECT 1723 192.168.212 REJECT 1724 1725would refuse mail from spammer@aol.com, any user from cyberspammer.com 1726(or any host within the cyberspammer.com domain), and any host on the 1727192.168.212.* network. 1728 1729The value part of the map can contain: 1730 1731 OK Accept mail even if other rules in the 1732 running ruleset would reject it, for example, 1733 if the domain name is unresolvable. 1734 RELAY Accept mail addressed to the indicated domain or 1735 received from the indicated domain for relaying 1736 through your SMTP server. RELAY also serves as 1737 an implicit OK for the other checks. 1738 REJECT Reject the sender or recipient with a general 1739 purpose message. 1740 DISCARD Discard the message completely using the 1741 $#discard mailer. If it is used in check_compat, 1742 it affects only the designated recipient, not 1743 the whole message as it does in all other cases. 1744 This should only be used if really necessary. 1745 ### any text where ### is an RFC 821 compliant error code and 1746 "any text" is a message to return for the command. 1747 The string should be quoted to avoid surprises, 1748 e.g., sendmail may remove spaces otherwise. 1749 ERROR:### any text 1750 as above, but useful to mark error messages as such. 1751 ERROR:D.S.N:### any text 1752 where D.S.N is an RFC 1893 compliant error code 1753 and the rest as above. 1754 1755For example: 1756 1757 cyberspammer.com ERROR:"550 We don't accept mail from spammers" 1758 okay.cyberspammer.com OK 1759 sendmail.org RELAY 1760 128.32 RELAY 1761 1:2:3:4:5:6:7 RELAY 1762 [127.0.0.3] OK 1763 [1:2:3:4:5:6:7:8] OK 1764 1765would accept mail from okay.cyberspammer.com, but would reject mail from 1766all other hosts at cyberspammer.com with the indicated message. It would 1767allow relaying mail from and to any hosts in the sendmail.org domain, and 1768allow relaying from the 128.32.*.* network and the IPv6 1:2:3:4:5:6:7:* 1769network. The latter two entries are for checks against ${client_name} if 1770the IP address doesn't resolve to a hostname (or is considered as "may be 1771forged"). 1772 1773Warning: if you change the RFC 821 compliant error code from the default 1774value of 550, then you should probably also change the RFC 1893 compliant 1775error code to match it. For example, if you use 1776 1777 user@example.com 450 mailbox full 1778 1779the error returned would be "450 4.0.0 mailbox full" which is wrong. 1780Use "450 4.2.2 mailbox full" or "ERROR:4.2.2:450 mailbox full" 1781instead. 1782 1783Note, UUCP users may need to add hostname.UUCP to the access database 1784or class {R}. If you also use: 1785 1786 FEATURE(`relay_hosts_only') 1787 1788then the above example will allow relaying for sendmail.org, but not 1789hosts within the sendmail.org domain. Note that this will also require 1790hosts listed in class {R} to be fully qualified host names. 1791 1792You can also use the access database to block sender addresses based on 1793the username portion of the address. For example: 1794 1795 FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted 1796 1797Note that you must include the @ after the username to signify that 1798this database entry is for checking only the username portion of the 1799sender address. 1800 1801If you use: 1802 1803 FEATURE(`blacklist_recipients') 1804 1805then you can add entries to the map for local users, hosts in your 1806domains, or addresses in your domain which should not receive mail: 1807 1808 badlocaluser@ ERROR:550 Mailbox disabled for this username 1809 host.mydomain.com ERROR:550 That host does not accept mail 1810 user@otherhost.mydomain.com ERROR:550 Mailbox disabled for this recipient 1811 1812This would prevent a recipient of badlocaluser@mydomain.com, any 1813user at host.mydomain.com, and the single address 1814user@otherhost.mydomain.com from receiving mail. Please note: a 1815local username must be now tagged with an @ (this is consistent 1816with the check of the sender address, and hence it is possible to 1817distinguish between hostnames and usernames). Enabling this feature 1818will keep you from sending mails to all addresses that have an 1819error message or REJECT as value part in the access map. Taking 1820the example from above: 1821 1822 spammer@aol.com REJECT 1823 cyberspammer.com REJECT 1824 1825Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com. 1826 1827There is also a ``Realtime Blackhole List'' run by the MAPS project 1828at http://maps.vix.com/. This is a database maintained in DNS of 1829spammers. To use this database, use 1830 1831 FEATURE(`dnsbl') 1832 1833This will cause sendmail to reject mail from any site in the 1834Realtime Blackhole List database. This default DNS blacklist, 1835blackholes.mail-abuse.org, is a service offered by the Mail Abuse 1836Prevention System (MAPS). As of July 31, 2001, MAPS is a subscription 1837service, so using that network address won't work if you haven't 1838subscribed. Contact MAPS to subscribe (http://mail-abuse.org/). 1839 1840You can specify an alternative RBL server to check by specifying an 1841argument to the FEATURE. The default error message is 1842 1843You can specify an alternative RBL domain to check by specifying an 1844argument to the FEATURE. The default error message is 1845 1846 Mail from $&{client_addr} refused by blackhole site DOMAIN 1847 1848where DOMAIN is the first argument of the feature. A second argument 1849can be used to specify a different text. This FEATURE can be 1850included several times to query different DNS based rejection lists, 1851e.g., the dial-up user list (see http://maps.vix.com/dul/). 1852 1853The features described above make use of the check_relay, check_mail, 1854and check_rcpt rulesets. If you wish to include your own checks, 1855you can put your checks in the rulesets Local_check_relay, 1856Local_check_mail, and Local_check_rcpt. For example if you wanted to 1857block senders with all numeric usernames (i.e. 2312343@bigisp.com), 1858you would use Local_check_mail and the new regex map: 1859 1860 LOCAL_CONFIG 1861 Kallnumbers regex -a@MATCH ^[0-9]+$ 1862 1863 LOCAL_RULESETS 1864 SLocal_check_mail 1865 # check address against various regex checks 1866 R$* $: $>Parse0 $>3 $1 1867 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $) 1868 R@MATCH $#error $: 553 Header Error 1869 1870These rules are called with the original arguments of the corresponding 1871check_* ruleset. If the local ruleset returns $#OK, no further checking 1872is done by the features described above and the mail is accepted. If the 1873local ruleset resolves to a mailer (such as $#error or $#discard), the 1874appropriate action is taken. Otherwise, the results of the local 1875rewriting are ignored. 1876 1877Finer control by using tags for the LHS of the access map 1878 1879Read this section only if the options listed so far are not sufficient 1880for your purposes. There is now the option to tag entries in the 1881access map according to their type. Three tags are available: 1882 1883 Connect: connection information (${client_addr}, ${client_name}) 1884 From: envelope sender 1885 To: envelope recipient 1886 1887If the required item is looked up in a map, it will be tried first 1888with the corresponding tag in front, then (as fallback to enable 1889backward compatibility) without any tag. For example, 1890 1891 From:spammer@some.dom REJECT 1892 To:friend.domain RELAY 1893 Connect:friend.domain OK 1894 Connect:from.domain RELAY 1895 From:good@another.dom OK 1896 From:another.dom REJECT 1897 1898This would deny mails from spammer@some.dom but you could still 1899send mail to that address even if FEATURE(`blacklist_recipients') 1900is enabled. Your system will allow relaying to friend.domain, but 1901not from it (unless enabled by other means). Connections from that 1902domain will be allowed even if it ends up in one of the DNS based 1903rejection lists. Relaying is enabled from from.domain but not to 1904it (since relaying is based on the connection information for 1905outgoing relaying, the tag Connect: must be used; for incoming 1906relaying, which is based on the recipient address, To: must be 1907used). The last two entries allow mails from good@another.dom but 1908reject mail from all other addresses with another.dom as domain 1909part. 1910 1911Delay all checks 1912 1913By using FEATURE(`delay_checks') the rulesets check_mail and check_relay 1914will not be called when a client connects or issues a MAIL command, 1915respectively. Instead, those rulesets will be called by the check_rcpt 1916ruleset; they will be skipped if a sender has been authenticated using 1917a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(). 1918If check_mail returns an error then the RCPT TO command will be rejected 1919with that error. If it returns some other result starting with $# then 1920check_relay will be skipped. If the sender address (or a part of it) is 1921listed in the access map and it has a RHS of OK or RELAY, then check_relay 1922will be skipped. This has an interesting side effect: if your domain is 1923my.domain and you have 1924 1925 my.domain RELAY 1926 1927in the access map, then all e-mail with a sender address of 1928<user@my.domain> gets through, even if check_relay would reject it 1929(e.g., based on the hostname or IP address). This allows spammers 1930to get around DNS based blacklist by faking the sender address. To 1931avoid this problem you have to use tagged entries: 1932 1933 To:my.domain RELAY 1934 Connect:my.domain RELAY 1935 1936if you need those entries at all (class {R} may take care of them). 1937 1938FEATURE(`delay_checks') can take an optional argument: 1939 1940 FEATURE(`delay_checks', `friend') 1941 enables spamfriend test 1942 FEATURE(`delay_checks', `hater') 1943 enables spamhater test 1944 1945If such an argument is given, the recipient will be looked up in the access 1946map (using the tag To:). If the argument is `friend', then the other 1947rulesets will be skipped if the recipient address is found and has RHS 1948spamfriend. If the argument is `hater', then the other rulesets will be 1949applied if the recipient address is found and has RHS spamhater. 1950 1951This allows for simple exceptions from the tests, e.g., by activating 1952the spamfriend option and having 1953 1954 To:abuse@ SPAMFRIEND 1955 1956in the access map, mail to abuse@localdomain will get through. It is 1957also possible to specify a full address or an address with +detail: 1958 1959 To:abuse@abuse.my.domain SPAMFRIEND 1960 To:me+abuse@ SPAMFRIEND 1961 1962 1963Header Checks 1964 1965You can also reject mail on the basis of the contents of headers. 1966This is done by adding a ruleset call to the 'H' header definition command 1967in sendmail.cf. For example, this can be used to check the validity of 1968a Message-ID: header: 1969 1970 LOCAL_RULESETS 1971 HMessage-Id: $>CheckMessageId 1972 1973 SCheckMessageId 1974 R< $+ @ $+ > $@ OK 1975 R$* $#error $: 553 Header Error 1976 1977The alternative format: 1978 1979 HSubject: $>+CheckSubject 1980 1981that is, $>+ instead of $>, gives the full Subject: header including 1982comments to the ruleset (comments in parentheses () are stripped 1983by default). 1984 1985A default ruleset for headers which don't have a specific ruleset 1986defined for them can be given by: 1987 1988 H*: $>CheckHdr 1989 1990Notice: All rules act on tokens as explained in doc/op/op.{me,ps,txt}. 1991That may cause problems with simple header checks due to the 1992tokenization. It might be simpler to use a regex map and apply it 1993to $&{currHeader}. 1994 1995After all of the headers are read, the check_eoh ruleset will be called for 1996any final header-related checks. The ruleset is called with the number of 1997headers and the size of all of the headers in bytes separated by $|. One 1998example usage is to reject messages which do not have a Message-Id: 1999header. However, the Message-Id: header is *NOT* a required header and is 2000not a guaranteed spam indicator. This ruleset is an example and should 2001probably not be used in production. 2002 2003 LOCAL_CONFIG 2004 Kstorage macro 2005 2006 LOCAL_RULESETS 2007 HMessage-Id: $>CheckMessageId 2008 2009 SCheckMessageId 2010 # Record the presence of the header 2011 R$* $: $(storage {MessageIdCheck} $@ OK $) $1 2012 R< $+ @ $+ > $@ OK 2013 R$* $#error $: 553 Header Error 2014 2015 Scheck_eoh 2016 # Check the macro 2017 R$* $: < $&{MessageIdCheck} > 2018 # Clear the macro for the next message 2019 R$* $: $(storage {MessageIdCheck} $) $1 2020 # Has a Message-Id: header 2021 R< $+ > $@ OK 2022 # Allow missing Message-Id: from local mail 2023 R$* $: < $&{client_name} > 2024 R< > $@ OK 2025 R< $=w > $@ OK 2026 # Otherwise, reject the mail 2027 R$* $#error $: 553 Header Error 2028 2029+----------+ 2030| STARTTLS | 2031+----------+ 2032 2033In this text, cert will be used as an abreviation for X.509 certificate, 2034DN is the distinguished name of a cert, and CA is a certification authority. 2035 2036For STARTTLS to be offered by sendmail you need to set at least 2037this variables (the file names and paths are just examples): 2038 2039 define(`confCACERT_PATH', `/etc/mail/certs/') 2040 define(`confCACERT', `/etc/mail/certs/CA.cert.pem') 2041 define(`confSERVER_CERT', `/etc/mail/certs/my.cert.pem') 2042 define(`confSERVER_KEY', `/etc/mail/certs/my.key.pem') 2043 2044On systems which do not have the compile flag HASURANDOM set (see 2045sendmail/README) you also must set confRAND_FILE. 2046 2047See doc/op/op.{me,ps} for more information about these options, 2048esp. the sections ``Certificates for STARTTLS'' and ``PRNG for 2049STARTTLS''. 2050 2051Macros related to STARTTLS are: 2052 2053${cert_issuer} holds the DN of the CA (the cert issuer). 2054${cert_subject} holds the DN of the cert (called the cert subject). 2055${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1, 2056 SSLv3, SSLv2. 2057${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 2058 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 2059${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm 2060 used for the connection. 2061${verify} holds the result of the verification of the presented cert. Possible 2062 values are: 2063 OK verification succeeded. 2064 NO no cert presented. 2065 FAIL cert presented but could not be verified, e.g., the signing 2066 CA is missing. 2067 NONE STARTTLS has not been performed. 2068 TEMP temporary error occurred. 2069 PROTOCOL some protocol error occurred. 2070 SOFTWARE STARTTLS handshake failed. 2071${server_name} the name of the server of the current outgoing SMTP 2072 connection. 2073${server_addr} the address of the server of the current outgoing SMTP 2074 connection. 2075 2076Relaying 2077 2078SMTP STARTTLS can allow relaying for senders who have successfully 2079authenticated themselves. This is done in the ruleset RelayAuth. If the 2080verification of the cert failed (${verify} != OK), relaying is subject to 2081the usual rules. Otherwise the DN of the issuer is looked up in the access 2082map using the tag CERTISSUER. If the resulting value is RELAY, relaying is 2083allowed. If it is SUBJECT, the DN of the cert subject is looked up next in 2084the access map. using the tag CERTSUBJECT. If the value is RELAY, relaying 2085is allowed. 2086 2087To make things a bit more flexible (or complicated), the values for 2088${cert_issuer} and ${cert_subject} can be optionally modified by regular 2089expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and 2090_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in 2091rulesets and map lookups, they are modified as follows: each non-printable 2092character and the characters '<', '>', '(', ')', '"', '+' are replaced by 2093their HEX value with a leading '+'. For example: 2094 2095/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email= 2096darth+cert@endmail.org 2097 2098is encoded as: 2099 2100/C=US/ST=California/O=endmail.org/OU=private/CN= 2101Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 2102 2103(line breaks have been inserted for readability). 2104 2105Of course it is also possible to write a simple rulesets that allows 2106relaying for everyone who can present a cert that can be verified, e.g., 2107 2108LOCAL_RULESETS 2109SLocal_check_rcpt 2110R$* $: $&{verify} 2111ROK $# OK 2112 2113Allowing Connections 2114 2115The rulesets tls_server and tls_client are used to decide whether an SMTP 2116connection is accepted (or should continue). 2117 2118tls_server is called when sendmail acts as client after a STARTTLS command 2119(should) have been issued. The parameter is the value of ${verify}. 2120 2121tls_client is called when sendmail acts as server, after a STARTTLS command 2122has been issued, and from check_mail. The parameter is the value of 2123${verify} and STARTTLS or MAIL, respectively. 2124 2125Both rulesets behave the same. If no access map is in use, the connection 2126will be accepted unless ${verify} is SOFTWARE, in which case the connection 2127is always aborted. Otherwise, ${client_name} (${server_name}) is looked 2128up in the access map using the tag TLS_Srv (or TLS_Clt), which is done 2129with the ruleset LookUpDomain. If no entry is found, ${client_addr} 2130(${server_addr}) is looked up in the access map (same tag, ruleset 2131LookUpAddr). If this doesn't result in an entry either, just the tag is 2132looked up in the access map (included the trailing :). The result of the 2133lookups is then used to call the ruleset tls_connection, which checks the 2134requirement specified by the RHS in the access map against the actual 2135parameters of the current TLS connection, esp. ${verify} and 2136${cipher_bits}. Legal RHSs in the access map are: 2137 2138VERIFY verification must have succeeded 2139VERIFY:bits verification must have succeeded and ${cipher_bits} must 2140 be greater than or equal bits. 2141ENCR:bits ${cipher_bits} must be greater than or equal bits. 2142 2143The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary 2144or permanent error. The default is a temporary error code (403 4.7.0) 2145unless the macro TLS_PERM_ERR is set during generation of the .cf file. 2146 2147If a certain level of encryption is required, then it might also be 2148possible that this level is provided by the security layer from a SASL 2149algorithm, e.g., DIGEST-MD5. 2150 2151Example: e-mail sent to secure.example.com should only use an encrypted 2152connection. e-mail received from hosts within the laptop.example.com domain 2153should only be accepted if they have been authenticated. 2154TLS_Srv:secure.example.com ENCR:112 2155TLS_Clt:laptop.example.com PERM+VERIFY:112 2156 2157Notice: requiring that e-mail is sent to a server only encrypted, 2158e.g., via 2159 2160TLS_Srv:secure.domain ENCR:112 2161 2162doesn't necessarily mean that e-mail sent to that domain is encrypted. 2163If the domain has multiple MX servers, e.g., 2164 2165secure.domain. IN MX 10 mail.secure.domain. 2166secure.domain. IN MX 50 mail.other.domain. 2167 2168then mail to user@secure.domain may go unencrypted to mail.other.domain. 2169 2170 2171Received: Header 2172 2173The Received: header reveals whether STARTTLS has been used. It contains an 2174extra line: 2175 2176(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify}) 2177 2178+---------------------+ 2179| SMTP AUTHENTICATION | 2180+---------------------+ 2181 2182The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be 2183used in anti-relay rulesets to allow relaying for those users that 2184authenticated themselves. A very simple example is: 2185 2186SLocal_check_rcpt 2187R$* $: $&{auth_type} 2188R$+ $# OK 2189 2190which checks whether a user has successfully authenticated using 2191any available mechanism. Depending on the setup of the CYRUS SASL 2192library, more sophisticated rulesets might be required, e.g., 2193 2194SLocal_check_rcpt 2195R$* $: $&{auth_type} $| $&{auth_authen} 2196RDIGEST-MD5 $| $+@$=w $# OK 2197 2198to allow relaying for users that authenticated using DIGEST-MD5 2199and have an identity in the local domains. 2200 2201The ruleset Strust_auth is used to determine whether a given AUTH= 2202parameter (that is passed to this ruleset) should be trusted. This 2203ruleset may make use of the other ${auth_*} macros. Only if the 2204ruleset resolves to the error mailer, the AUTH= parameter is not 2205trusted. A user supplied ruleset Local_trust_auth can be written 2206to modify the default behavior, which only trust the AUTH= 2207parameter if it is identical to the authenticated user. 2208 2209Per default, relaying is allowed for any user who authenticated 2210via a "trusted" mechanism, i.e., one that is defined via 2211TRUST_AUTH_MECH(`list of mechanisms') 2212For example: 2213TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5') 2214 2215If the selected mechanism provides a security layer the number of 2216bits used for the key of the symmetric cipher is stored in the 2217macro ${auth_ssf}. 2218 2219+--------------------------------+ 2220| ADDING NEW MAILERS OR RULESETS | 2221+--------------------------------+ 2222 2223Sometimes you may need to add entirely new mailers or rulesets. They 2224should be introduced with the constructs MAILER_DEFINITIONS and 2225LOCAL_RULESETS respectively. For example: 2226 2227 MAILER_DEFINITIONS 2228 Mmymailer, ... 2229 ... 2230 2231 LOCAL_RULESETS 2232 Smyruleset 2233 ... 2234 2235 2236#if _FFR_MILTER 2237+-------------------------+ 2238| ADDING NEW MAIL FILTERS | 2239+-------------------------+ 2240 2241Sendmail supports mail filters to filter incoming SMTP messages according 2242to the "Sendmail Mail Filter API" documentation. These filters can be 2243configured in your mc file using the two commands: 2244 2245 MAIL_FILTER(`name', `equates') 2246 INPUT_MAIL_FILTER(`name', `equates') 2247 2248The first command, MAIL_FILTER(), simply defines a filter with the given 2249name and equates. For example: 2250 2251 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2252 2253This creates the equivalent sendmail.cf entry: 2254 2255 Xarchive, S=local:/var/run/archivesock, F=R 2256 2257The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER 2258but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name 2259of the filter such that the filter will actually be called by sendmail. 2260 2261For example, the two commands: 2262 2263 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2264 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2265 2266are equivalent to the three commands: 2267 2268 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2269 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2270 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck') 2271 2272In general, INPUT_MAIL_FILTER() should be used unless you need to define 2273more filters than you want to use for `confINPUT_MAIL_FILTERS'. 2274 2275Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER() 2276commands will clear the list created by the prior INPUT_MAIL_FILTER() 2277commands. 2278#endif /* _FFR_MILTER */ 2279 2280 2281+-------------------------------+ 2282| NON-SMTP BASED CONFIGURATIONS | 2283+-------------------------------+ 2284 2285These configuration files are designed primarily for use by 2286SMTP-based sites. They may not be well tuned for UUCP-only or 2287UUCP-primarily nodes (the latter is defined as a small local net 2288connected to the rest of the world via UUCP). However, there is 2289one hook to handle some special cases. 2290 2291You can define a ``smart host'' that understands a richer address syntax 2292using: 2293 2294 define(`SMART_HOST', `mailer:hostname') 2295 2296In this case, the ``mailer:'' defaults to "relay". Any messages that 2297can't be handled using the usual UUCP rules are passed to this host. 2298 2299If you are on a local SMTP-based net that connects to the outside 2300world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules. 2301For example: 2302 2303 define(`SMART_HOST', `uucp-new:uunet') 2304 LOCAL_NET_CONFIG 2305 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3 2306 2307This will cause all names that end in your domain name ($m) via 2308SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet. 2309If you have FEATURE(`nocanonify'), you may need to omit the dots after 2310the $m. If you are running a local DNS inside your domain which is 2311not otherwise connected to the outside world, you probably want to 2312use: 2313 2314 define(`SMART_HOST', `smtp:fire.wall.com') 2315 LOCAL_NET_CONFIG 2316 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3 2317 2318That is, send directly only to things you found in your DNS lookup; 2319anything else goes through SMART_HOST. 2320 2321You may need to turn off the anti-spam rules in order to accept 2322UUCP mail with FEATURE(`promiscuous_relay') and 2323FEATURE(`accept_unresolvable_domains'). 2324 2325 2326+-----------+ 2327| WHO AM I? | 2328+-----------+ 2329 2330Normally, the $j macro is automatically defined to be your fully 2331qualified domain name (FQDN). Sendmail does this by getting your 2332host name using gethostname and then calling gethostbyname on the 2333result. For example, in some environments gethostname returns 2334only the root of the host name (such as "foo"); gethostbyname is 2335supposed to return the FQDN ("foo.bar.com"). In some (fairly rare) 2336cases, gethostbyname may fail to return the FQDN. In this case 2337you MUST define confDOMAIN_NAME to be your fully qualified domain 2338name. This is usually done using: 2339 2340 Dmbar.com 2341 define(`confDOMAIN_NAME', `$w.$m')dnl 2342 2343 2344+-----------------------------------+ 2345| ACCEPTING MAIL FOR MULTIPLE NAMES | 2346+-----------------------------------+ 2347 2348If your host is known by several different names, you need to augment 2349class {w}. This is a list of names by which your host is known, and 2350anything sent to an address using a host name in this list will be 2351treated as local mail. You can do this in two ways: either create the 2352file /etc/mail/local-host-names containing a list of your aliases (one per 2353line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add 2354``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified 2355name of the host, rather than a short name. 2356 2357If you want to have different address in different domains, take 2358a look at the virtusertable feature, which is also explained at 2359http://www.sendmail.org/virtual-hosting.html 2360 2361 2362+--------------------+ 2363| USING MAILERTABLES | 2364+--------------------+ 2365 2366To use FEATURE(`mailertable'), you will have to create an external 2367database containing the routing information for various domains. 2368For example, a mailertable file in text format might be: 2369 2370 .my.domain xnet:%1.my.domain 2371 uuhost1.my.domain uucp-new:uuhost1 2372 .bitnet smtp:relay.bit.net 2373 2374This should normally be stored in /etc/mail/mailertable. The actual 2375database version of the mailertable is built using: 2376 2377 makemap hash /etc/mail/mailertable < /etc/mail/mailertable 2378 2379The semantics are simple. Any LHS entry that does not begin with 2380a dot matches the full host name indicated. LHS entries beginning 2381with a dot match anything ending with that domain name (including 2382the leading dot) -- that is, they can be thought of as having a 2383leading ".+" regular expression pattern for a non-empty sequence of 2384characters. Matching is done in order of most-to-least qualified 2385-- for example, even though ".my.domain" is listed first in the 2386above example, an entry of "uuhost1.my.domain" will match the second 2387entry since it is more explicit. Note: e-mail to "user@my.domain" 2388does not match any entry in the above table. You need to have 2389something like: 2390 2391 my.domain esmtp:host.my.domain 2392 2393The RHS should always be a "mailer:host" pair. The mailer is the 2394configuration name of a mailer (that is, an {M} line in the 2395sendmail.cf file). The "host" will be the hostname passed to 2396that mailer. In domain-based matches (that is, those with leading 2397dots) the "%1" may be used to interpolate the wildcarded part of 2398the host name. For example, the first line above sends everything 2399addressed to "anything.my.domain" to that same host name, but using 2400the (presumably experimental) xnet mailer. 2401 2402In some cases you may want to temporarily turn off MX records, 2403particularly on gateways. For example, you may want to MX 2404everything in a domain to one machine that then forwards it 2405directly. To do this, you might use the DNS configuration: 2406 2407 *.domain. IN MX 0 relay.machine 2408 2409and on relay.machine use the mailertable: 2410 2411 .domain smtp:[gateway.domain] 2412 2413The [square brackets] turn off MX records for this host only. 2414If you didn't do this, the mailertable would use the MX record 2415again, which would give you an MX loop. 2416 2417 2418+--------------------------------+ 2419| USING USERDB TO MAP FULL NAMES | 2420+--------------------------------+ 2421 2422The user database was not originally intended for mapping full names 2423to login names (e.g., Eric.Allman => eric), but some people are using 2424it that way. (it is recommended that you set up aliases for this 2425purpose instead -- since you can specify multiple alias files, this 2426is fairly easy.) The intent was to locate the default maildrop at 2427a site, but allow you to override this by sending to a specific host. 2428 2429If you decide to set up the user database in this fashion, it is 2430imperative that you not use FEATURE(`stickyhost') -- otherwise, 2431e-mail sent to Full.Name@local.host.name will be rejected. 2432 2433To build the internal form of the user database, use: 2434 2435 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt 2436 2437As a general rule, it is an extremely bad idea to using full names 2438as e-mail addresses, since they are not in any sense unique. For 2439example, the UNIX software-development community has at least two 2440well-known Peter Deutsches, and at one time Bell Labs had two 2441Stephen R. Bournes with offices along the same hallway. Which one 2442will be forced to suffer the indignity of being Stephen_R_Bourne_2? 2443The less famous of the two, or the one that was hired later? 2444 2445Finger should handle full names (and be fuzzy). Mail should use 2446handles, and not be fuzzy. 2447 2448 2449+--------------------------------+ 2450| MISCELLANEOUS SPECIAL FEATURES | 2451+--------------------------------+ 2452 2453Plussed users 2454 Sometimes it is convenient to merge configuration on a 2455 centralized mail machine, for example, to forward all 2456 root mail to a mail server. In this case it might be 2457 useful to be able to treat the root addresses as a class 2458 of addresses with subtle differences. You can do this 2459 using plussed users. For example, a client might include 2460 the alias: 2461 2462 root: root+client1@server 2463 2464 On the server, this will match an alias for "root+client1". 2465 If that is not found, the alias "root+*" will be tried, 2466 then "root". 2467 2468 2469+----------------+ 2470| SECURITY NOTES | 2471+----------------+ 2472 2473A lot of sendmail security comes down to you. Sendmail 8 is much 2474more careful about checking for security problems than previous 2475versions, but there are some things that you still need to watch 2476for. In particular: 2477 2478* Make sure the aliases file isn't writable except by trusted 2479 system personnel. This includes both the text and database 2480 version. 2481 2482* Make sure that other files that sendmail reads, such as the 2483 mailertable, are only writable by trusted system personnel. 2484 2485* The queue directory should not be world writable PARTICULARLY 2486 if your system allows "file giveaways" (that is, if a non-root 2487 user can chown any file they own to any other user). 2488 2489* If your system allows file giveaways, DO NOT create a publically 2490 writable directory for forward files. This will allow anyone 2491 to steal anyone else's e-mail. Instead, create a script that 2492 copies the .forward file from users' home directories once a 2493 night (if you want the non-NFS-mounted forward directory). 2494 2495* If your system allows file giveaways, you'll find that 2496 sendmail is much less trusting of :include: files -- in 2497 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in 2498 /etc/shells before they will be trusted (that is, before 2499 files and programs listed in them will be honored). 2500 2501In general, file giveaways are a mistake -- if you can turn them 2502off, do so. 2503 2504 2505+--------------------------------+ 2506| TWEAKING CONFIGURATION OPTIONS | 2507+--------------------------------+ 2508 2509There are a large number of configuration options that don't normally 2510need to be changed. However, if you feel you need to tweak them, you 2511can define the following M4 variables. This list is shown in four 2512columns: the name you define, the default value for that definition, 2513the option or macro that is affected (either Ox for an option or Dx 2514for a macro), and a brief description. Greater detail of the semantics 2515can be found in the Installation and Operations Guide. 2516 2517Some options are likely to be deprecated in future versions -- that is, 2518the option is only included to provide back-compatibility. These are 2519marked with "*". 2520 2521Remember that these options are M4 variables, and hence may need to 2522be quoted. In particular, arguments with commas will usually have to 2523be ``double quoted, like this phrase'' to avoid having the comma 2524confuse things. This is common for alias file definitions and for 2525the read timeout. 2526 2527M4 Variable Name Configuration Description & [Default] 2528================ ============= ======================= 2529confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used 2530 for internally generated outgoing 2531 messages. 2532confDOMAIN_NAME $j macro If defined, sets $j. This should 2533 only be done if your system cannot 2534 determine your local domain name, 2535 and then it should be set to 2536 $w.Foo.COM, where Foo.COM is your 2537 domain name. 2538confCF_VERSION $Z macro If defined, this is appended to the 2539 configuration version name. 2540confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an 2541 internally generated From: address. 2542confRECEIVED_HEADER Received: 2543 [$?sfrom $s $.$?_($?s$|from $.$_) 2544 $.$?{auth_type}(authenticated) 2545 $.by $j ($v/$Z)$?r with $r$. id $i$?u 2546 for $u; $|; 2547 $.$b] 2548 The format of the Received: header 2549 in messages passed through this host. 2550 It is unwise to try to change this. 2551confCW_FILE Fw class [/etc/mail/local-host-names] Name 2552 of file used to get the local 2553 additions to class {w} (local host 2554 names). 2555confCT_FILE Ft class [/etc/mail/trusted-users] Name of 2556 file used to get the local additions 2557 to class {t} (trusted users). 2558confCR_FILE FR class [/etc/mail/relay-domains] Name of 2559 file used to get the local additions 2560 to class {R} (hosts allowed to relay). 2561confTRUSTED_USERS Ct class [no default] Names of users to add to 2562 the list of trusted users. This list 2563 always includes root, uucp, and daemon. 2564 See also FEATURE(`use_ct_file'). 2565confTRUSTED_USER TrustedUser [no default] Trusted user for file 2566 ownership and starting the daemon. 2567 Not to be confused with 2568 confTRUSTED_USERS (see above). 2569confSMTP_MAILER - [esmtp] The mailer name used when 2570 SMTP connectivity is required. 2571 One of "smtp", "smtp8", 2572 "esmtp", or "dsmtp". 2573confUUCP_MAILER - [uucp-old] The mailer to be used by 2574 default for bang-format recipient 2575 addresses. See also discussion of 2576 class {U}, class {Y}, and class {Z} 2577 in the MAILER(`uucp') section. 2578confLOCAL_MAILER - [local] The mailer name used when 2579 local connectivity is required. 2580 Almost always "local". 2581confRELAY_MAILER - [relay] The default mailer name used 2582 for relaying any mail (e.g., to a 2583 BITNET_RELAY, a SMART_HOST, or 2584 whatever). This can reasonably be 2585 "uucp-new" if you are on a 2586 UUCP-connected site. 2587confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits? 2588confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling 2589confALIAS_WAIT AliasWait [10m] Time to wait for alias file 2590 rebuild until you get bored and 2591 decide that the apparently pending 2592 rebuild failed. 2593confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on 2594 queue filesystem to accept SMTP mail. 2595 (Prior to 8.7 this was minfree/maxsize, 2596 where minfree was the number of free 2597 blocks and maxsize was the maximum 2598 message size. Use confMAX_MESSAGE_SIZE 2599 for the second value now.) 2600confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages 2601 that will be accepted (in bytes). 2602confBLANK_SUB BlankSub [.] Blank (space) substitution 2603 character. 2604confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately 2605 to mailers marked expensive. 2606confCHECKPOINT_INTERVAL CheckpointInterval 2607 [10] Checkpoint queue files every N 2608 recipients. 2609confDELIVERY_MODE DeliveryMode [background] Default delivery mode. 2610confAUTO_REBUILD AutoRebuildAliases 2611 [False] Automatically rebuild alias 2612 file if needed. 2613 There is a potential for a denial 2614 of service attack if this is set. 2615 This option is deprecated and will 2616 be removed from a future version. 2617confERROR_MODE ErrorMode [print] Error message mode. 2618confERROR_MESSAGE ErrorHeader [undefined] Error message header/file. 2619confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines. 2620confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode. 2621confMATCH_GECOS MatchGECOS [False] Match GECOS field. 2622confMAX_HOP MaxHopCount [25] Maximum hop count. 2623confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd 2624 mode] Ignore dot as terminator for 2625 incoming messages? 2626confBIND_OPTS ResolverOptions [undefined] Default options for DNS 2627 resolver. 2628confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME- 2629 encapsulated messages per RFC 1344. 2630confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward] 2631 The colon-separated list of places to 2632 search for .forward files. N.B.: see 2633 the Security Notes section. 2634confMCI_CACHE_SIZE ConnectionCacheSize 2635 [2] Size of open connection cache. 2636confMCI_CACHE_TIMEOUT ConnectionCacheTimeout 2637 [5m] Open connection cache timeout. 2638confHOST_STATUS_DIRECTORY HostStatusDirectory 2639 [undefined] If set, host status is kept 2640 on disk between sendmail runs in the 2641 named directory tree. This need not be 2642 a full pathname, in which case it is 2643 interpreted relative to the queue 2644 directory. 2645confSINGLE_THREAD_DELIVERY SingleThreadDelivery 2646 [False] If this option and the 2647 HostStatusDirectory option are both 2648 set, single thread deliveries to other 2649 hosts. That is, don't allow any two 2650 sendmails on this host to connect 2651 simultaneously to any other single 2652 host. This can slow down delivery in 2653 some cases, in particular since a 2654 cached but otherwise idle connection 2655 to a host will prevent other sendmails 2656 from connecting to the other host. 2657confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to 2658 deliver error messages. This should 2659 not be necessary because of general 2660 acceptance of the envelope/header 2661 distinction. 2662confLOG_LEVEL LogLevel [9] Log level. 2663confME_TOO MeToo [True] Include sender in group 2664 expansions. This option is 2665 deprecated and will be removed from 2666 a future version. 2667confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when 2668 running newaliases. Since this does 2669 DNS lookups on every address, it can 2670 slow down the alias rebuild process 2671 considerably on large alias files. 2672confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without 2673 special chars are old style. 2674confCLIENT_OPTIONS ClientPortOptions 2675 [none] Options for outgoing SMTP client 2676 connections. 2677confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags. 2678confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional 2679 copies of all error messages. 2680confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function. 2681confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr 2682 syntax addresses to the minimum 2683 possible. 2684confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk 2685 before forking. 2686confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response 2687 on the initial connect. 2688confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial 2689 connect() to complete. This can only 2690 shorten connection timeouts; the kernel 2691 silently enforces an absolute maximum 2692 (which varies depending on the system). 2693confTO_ICONNECT Timeout.iconnect 2694 [undefined] Like Timeout.connect, but 2695 applies only to the very first attempt 2696 to connect to a host in a message. 2697 This allows a single very fast pass 2698 followed by more careful delivery 2699 attempts in the future. 2700confTO_HELO Timeout.helo [5m] The timeout waiting for a response 2701 to a HELO or EHLO command. 2702confTO_MAIL Timeout.mail [10m] The timeout waiting for a 2703 response to the MAIL command. 2704confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response 2705 to the RCPT command. 2706confTO_DATAINIT Timeout.datainit 2707 [5m] The timeout waiting for a 354 2708 response from the DATA command. 2709confTO_DATABLOCK Timeout.datablock 2710 [1h] The timeout waiting for a block 2711 during DATA phase. 2712confTO_DATAFINAL Timeout.datafinal 2713 [1h] The timeout waiting for a response 2714 to the final "." that terminates a 2715 message. 2716confTO_RSET Timeout.rset [5m] The timeout waiting for a response 2717 to the RSET command. 2718confTO_QUIT Timeout.quit [2m] The timeout waiting for a response 2719 to the QUIT command. 2720confTO_MISC Timeout.misc [2m] The timeout waiting for a response 2721 to other SMTP commands. 2722confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout 2723 waiting for a command to be issued. 2724confTO_IDENT Timeout.ident [5s] The timeout waiting for a 2725 response to an IDENT query. 2726confTO_FILEOPEN Timeout.fileopen 2727 [60s] The timeout waiting for a file 2728 (e.g., :include: file) to be opened. 2729confTO_CONTROL Timeout.control 2730 [2m] The timeout for a complete 2731 control socket transaction to complete. 2732confTO_QUEUERETURN Timeout.queuereturn 2733 [5d] The timeout before a message is 2734 returned as undeliverable. 2735confTO_QUEUERETURN_NORMAL 2736 Timeout.queuereturn.normal 2737 [undefined] As above, for normal 2738 priority messages. 2739confTO_QUEUERETURN_URGENT 2740 Timeout.queuereturn.urgent 2741 [undefined] As above, for urgent 2742 priority messages. 2743confTO_QUEUERETURN_NONURGENT 2744 Timeout.queuereturn.non-urgent 2745 [undefined] As above, for non-urgent 2746 (low) priority messages. 2747confTO_QUEUEWARN Timeout.queuewarn 2748 [4h] The timeout before a warning 2749 message is sent to the sender telling 2750 them that the message has been 2751 deferred. 2752confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal 2753 [undefined] As above, for normal 2754 priority messages. 2755confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent 2756 [undefined] As above, for urgent 2757 priority messages. 2758confTO_QUEUEWARN_NONURGENT 2759 Timeout.queuewarn.non-urgent 2760 [undefined] As above, for non-urgent 2761 (low) priority messages. 2762confTO_HOSTSTATUS Timeout.hoststatus 2763 [30m] How long information about host 2764 statuses will be maintained before it 2765 is considered stale and the host should 2766 be retried. This applies both within 2767 a single queue run and to persistent 2768 information (see below). 2769confTO_RESOLVER_RETRANS Timeout.resolver.retrans 2770 [varies] Sets the resolver's 2771 retransmition time interval (in 2772 seconds). Sets both 2773 Timeout.resolver.retrans.first and 2774 Timeout.resolver.retrans.normal. 2775confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first 2776 [varies] Sets the resolver's 2777 retransmition time interval (in 2778 seconds) for the first attempt to 2779 deliver a message. 2780confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal 2781 [varies] Sets the resolver's 2782 retransmition time interval (in 2783 seconds) for all resolver lookups 2784 except the first delivery attempt. 2785confTO_RESOLVER_RETRY Timeout.resolver.retry 2786 [varies] Sets the number of times 2787 to retransmit a resolver query. 2788 Sets both 2789 Timeout.resolver.retry.first and 2790 Timeout.resolver.retry.normal. 2791confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first 2792 [varies] Sets the number of times 2793 to retransmit a resolver query for 2794 the first attempt to deliver a 2795 message. 2796confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal 2797 [varies] Sets the number of times 2798 to retransmit a resolver query for 2799 all resolver lookups except the 2800 first delivery attempt. 2801confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be 2802 USE_SYSTEM to use the system's idea, 2803 USE_TZ to use the user's TZ envariable, 2804 or something else to force that value. 2805confDEF_USER_ID DefaultUser [1:1] Default user id. 2806confUSERDB_SPEC UserDatabaseSpec 2807 [undefined] User database 2808 specification. 2809confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host. 2810confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX 2811 for a host and other arrangements 2812 haven't been made, try connecting 2813 to the host directly; normally this 2814 would be a config error. 2815confQUEUE_LA QueueLA [varies] Load average at which 2816 queue-only function kicks in. 2817 Default values is (8 * numproc) 2818 where numproc is the number of 2819 processors online (if that can be 2820 determined). 2821confREFUSE_LA RefuseLA [varies] Load average at which 2822 incoming SMTP connections are 2823 refused. Default values is (12 * 2824 numproc) where numproc is the 2825 number of processors online (if 2826 that can be determined). 2827confMAX_ALIAS_RECURSION MaxAliasRecursion 2828 [10] Maximum depth of alias recursion. 2829confMAX_DAEMON_CHILDREN MaxDaemonChildren 2830 [undefined] The maximum number of 2831 children the daemon will permit. After 2832 this number, connections will be 2833 rejected. If not set or <= 0, there is 2834 no limit. 2835confMAX_HEADERS_LENGTH MaxHeadersLength 2836 [32768] Maximum length of the sum 2837 of all headers. 2838confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength 2839 [undefined] Maximum length of 2840 certain MIME header field values. 2841confCONNECTION_RATE_THROTTLE ConnectionRateThrottle 2842 [undefined] The maximum number of 2843 connections permitted per second. 2844 After this many connections are 2845 accepted, further connections will be 2846 delayed. If not set or <= 0, there is 2847 no limit. 2848confWORK_RECIPIENT_FACTOR 2849 RecipientFactor [30000] Cost of each recipient. 2850confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a 2851 separate process. 2852confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class. 2853confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt. 2854confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm: 2855 Priority, Host, Filename, or Time. 2856confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job 2857 must sit in the queue between queue 2858 runs. This allows you to set the 2859 queue run interval low for better 2860 responsiveness without trying all 2861 jobs in each run. 2862confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting 2863 unlabeled 8 bit input to MIME, the 2864 character set to use by default. 2865confSERVICE_SWITCH_FILE ServiceSwitchFile 2866 [/etc/mail/service.switch] The file 2867 to use for the service switch on 2868 systems that do not have a 2869 system-defined switch. 2870confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing 2871 "file" type access of hosts names. 2872confDIAL_DELAY DialDelay [0s] If a connection fails, wait this 2873 long and try again. Zero means "don't 2874 retry". This is to allow "dial on 2875 demand" connections to have enough time 2876 to complete a connection. 2877confNO_RCPT_ACTION NoRecipientAction 2878 [none] What to do if there are no legal 2879 recipient fields (To:, Cc: or Bcc:) 2880 in the message. Legal values can 2881 be "none" to just leave the 2882 nonconforming message as is, "add-to" 2883 to add a To: header with all the 2884 known recipients (which may expose 2885 blind recipients), "add-apparently-to" 2886 to do the same but use Apparently-To: 2887 instead of To:, "add-bcc" to add an 2888 empty Bcc: header, or 2889 "add-to-undisclosed" to add the header 2890 ``To: undisclosed-recipients:;''. 2891confSAFE_FILE_ENV SafeFileEnvironment 2892 [undefined] If set, sendmail will do a 2893 chroot() into this directory before 2894 writing files. 2895confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6] 2896 If set, colons are treated as a regular 2897 character in addresses. If not set, 2898 they are treated as the introducer to 2899 the RFC 822 "group" syntax. Colons are 2900 handled properly in route-addrs. This 2901 option defaults on for V5 and lower 2902 configuration files. 2903confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of 2904 any given queue run to this number of 2905 entries. Essentially, this will stop 2906 reading each queue directory after this 2907 number of entries are reached; it does 2908 _not_ pick the highest priority jobs, 2909 so this should be as large as your 2910 system can tolerate. If not set, there 2911 is no limit. 2912confDONT_EXPAND_CNAMES DontExpandCnames 2913 [False] If set, $[ ... $] lookups that 2914 do DNS based lookups do not expand 2915 CNAME records. This currently violates 2916 the published standards, but the IETF 2917 seems to be moving toward legalizing 2918 this. For example, if "FTP.Foo.ORG" 2919 is a CNAME for "Cruft.Foo.ORG", then 2920 with this option set a lookup of 2921 "FTP" will return "FTP.Foo.ORG"; if 2922 clear it returns "Cruft.FOO.ORG". N.B. 2923 you may not see any effect until your 2924 downstream neighbors stop doing CNAME 2925 lookups as well. 2926confFROM_LINE UnixFromLine [From $g $d] The From_ line used 2927 when sending to files or programs. 2928confSINGLE_LINE_FROM_HEADER SingleLineFromHeader 2929 [False] From: lines that have 2930 embedded newlines are unwrapped 2931 onto one line. 2932confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that 2933 does not include a host name. 2934confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full 2935 name phrase (@,;:\()[] are automatic). 2936confOPERATORS OperatorChars [.:%@!^/[]+] Address operator 2937 characters. 2938confSMTP_LOGIN_MSG SmtpGreetingMessage 2939 [$j Sendmail $v/$Z; $b] 2940 The initial (spontaneous) SMTP 2941 greeting message. The word "ESMTP" 2942 will be inserted between the first and 2943 second words to convince other 2944 sendmails to try to speak ESMTP. 2945confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) 2946 routine will never be invoked. You 2947 might want to do this if you are 2948 running NIS and you have a large group 2949 map, since this call does a sequential 2950 scan of the map; in a large site this 2951 can cause your ypserv to run 2952 essentially full time. If you set 2953 this, agents run on behalf of users 2954 will only have their primary 2955 (/etc/passwd) group permissions. 2956confUNSAFE_GROUP_WRITES UnsafeGroupWrites 2957 [False] If set, group-writable 2958 :include: and .forward files are 2959 considered "unsafe", that is, programs 2960 and files cannot be directly referenced 2961 from such files. World-writable files 2962 are always considered unsafe. 2963confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection 2964 address (for testing). 2965confCONTROL_SOCKET_NAME ControlSocketName 2966 [undefined] Control socket for daemon 2967 management. 2968confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress 2969 [postmaster] If an error occurs when 2970 sending an error message, send that 2971 "double bounce" error message to this 2972 address. 2973confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce 2974 messages which could not be returned 2975 to the user or sent to postmaster. 2976 If not set, the queue file will 2977 be renamed. 2978confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header 2979 implies DSN request. 2980confRUN_AS_USER RunAsUser [undefined] If set, become this user 2981 when reading and delivering mail. 2982 Causes all file reads (e.g., .forward 2983 and :include: files) to be done as 2984 this user. Also, all programs will 2985 be run as this user, and all output 2986 files will be written as this user. 2987 Intended for use only on firewalls 2988 where users do not have accounts. 2989confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage 2990 [infinite] If set, allow no more than 2991 the specified number of recipients in 2992 an SMTP envelope. Further recipients 2993 receive a 452 error code (i.e., they 2994 are deferred for the next delivery 2995 attempt). 2996confDONT_PROBE_INTERFACES DontProbeInterfaces 2997 [False] If set, sendmail will _not_ 2998 insert the names and addresses of any 2999 local interfaces into class {w} 3000 (list of known "equivalent" addresses). 3001 If you set this, you must also include 3002 some support for these addresses (e.g., 3003 in a mailertable entry) -- otherwise, 3004 mail to addresses in this list will 3005 bounce with a configuration error. 3006confPID_FILE PidFile [system dependent] Location of pid 3007 file. 3008confPROCESS_TITLE_PREFIX ProcessTitlePrefix 3009 [undefined] Prefix string for the 3010 process title shown on 'ps' listings. 3011confDONT_BLAME_SENDMAIL DontBlameSendmail 3012 [safe] Override sendmail's file 3013 safety checks. This will definitely 3014 compromise system security and should 3015 not be used unless absolutely 3016 necessary. 3017confREJECT_MSG - [550 Access denied] The message 3018 given if the access database contains 3019 REJECT in the value portion. 3020confDF_BUFFER_SIZE DataFileBufferSize 3021 [4096] The maximum size of a 3022 memory-buffered data (df) file 3023 before a disk-based file is used. 3024confXF_BUFFER_SIZE XScriptFileBufferSize 3025 [4096] The maximum size of a 3026 memory-buffered transcript (xf) 3027 file before a disk-based file is 3028 used. 3029confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5 3030 CRAM-MD5] List of authentication 3031 mechanisms for AUTH (separated by 3032 spaces). The advertised list of 3033 authentication mechanisms will be the 3034 intersection of this list and the list 3035 of available mechanisms as determined 3036 by the CYRUS SASL library. 3037confDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains 3038 authentication information for 3039 outgoing connections. This file 3040 must contain the user id, the 3041 authorization id, the password 3042 (plain text), and the realm to use, 3043 each on a separate line and must be 3044 readable by root (or the trusted 3045 user) only. If no realm is 3046 specified, $j is used. 3047 3048 NOTE: Currently, AuthMechanisms is 3049 used to determine the list of 3050 mechanisms to use on an outgoing 3051 connection. Sites which require a 3052 different list of mechanisms for 3053 incoming connections and outgoing 3054 connections will have the ability 3055 to do this in 8.11 by specifying a 3056 list of mechanisms as the fifth 3057 line of the DefaultAuthInfo file. 3058 If no mechanisms are given in the 3059 file, AuthMechanisms is used. The 3060 code for doing so is included as 3061 in the sendmail source code but 3062 disabled. It can be enabled by 3063 recompiling sendmail with: 3064 -D_FFR_DEFAUTHINFO_MECHS 3065confAUTH_OPTIONS AuthOptions [undefined] If this options is 'A' 3066 then the AUTH= parameter for the 3067 MAIL FROM command is only issued 3068 when authentication succeeded. 3069confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map 3070 specification for LDAP maps. The 3071 value should only contain LDAP 3072 specific settings such as "-h host 3073 -p port -d bindDN", etc. The 3074 settings will be used for all LDAP 3075 maps unless they are specified in 3076 the individual map specification 3077 ('K' command). 3078confCACERT_PATH CACERTPath [undefined] Path to directory 3079 with certs of CAs. 3080confCACERT CACERTFile [undefined] File containing one CA 3081 cert. 3082confSERVER_CERT ServerCertFile [undefined] File containing the 3083 cert of the server, i.e., this cert 3084 is used when sendmail acts as 3085 server. 3086confSERVER_KEY ServerKeyFile [undefined] File containing the 3087 private key belonging to the server 3088 cert. 3089confCLIENT_CERT ClientCertFile [undefined] File containing the 3090 cert of the client, i.e., this cert 3091 is used when sendmail acts as 3092 client. 3093confCLIENT_KEY ClientKeyFile [undefined] File containing the 3094 private key belonging to the client 3095 cert. 3096confDH_PARAMETERS DHParameters [undefined] File containing the 3097 DH parameters. 3098confRAND_FILE RandFile [undefined] File containing random 3099 data (use prefix file:) or the 3100 name of the UNIX socket if EGD is 3101 used (use prefix egd:). STARTTLS 3102 requires this option if the compile 3103 flag HASURANDOM is not set (see 3104 sendmail/README). 3105 3106See also the description of OSTYPE for some parameters that can be 3107tweaked (generally pathnames to mailers). 3108 3109DaemonPortOptions are a special case since multiple daemons can be 3110defined. This can be done via 3111 3112 DAEMON_OPTIONS(`field1=value1,field2=value2,...') 3113 3114If DAEMON_OPTIONS is not used, then the default is 3115 3116 DAEMON_OPTIONS(`Port=smtp, Name=MTA') 3117 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E') 3118 3119If you use one DAEMON_OPTIONS macro, it will alter the parameters 3120of the first of these. The second will still be defaulted; it 3121represents a "Message Submission Agent" (MSA) as defined by RFC 31222476 (see below). To turn off the default definition for the MSA, 3123use FEATURE(`no_default_msa') (see also FEATURES). If you use 3124additional DAEMON_OPTIONS macros, they will add additional daemons. 3125 3126Example 1: To change the port for the SMTP listener, while 3127still using the MSA default, use 3128 DAEMON_OPTIONS(`Port=925, Name=MTA') 3129 3130Example 2: To change the port for the MSA daemon, while still 3131using the default SMTP port, use 3132 FEATURE(`no_default_msa') 3133 DAEMON_OPTIONS(`Name=MTA') 3134 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E') 3135 3136Note that if the first of those DAEMON_OPTIONS lines were omitted, then 3137there would be no listener on the standard SMTP port. 3138 3139Example 3: To listen on both IPv4 and IPv6 interfaces, use 3140 3141 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet') 3142 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6') 3143 3144A "Message Submission Agent" still uses all of the same rulesets for 3145processing the message (and therefore still allows message rejection via 3146the check_* rulesets). In accordance with the RFC, the MSA will ensure 3147that all domains in the envelope are fully qualified if the message is 3148relayed to another MTA. It will also enforce the normal address syntax 3149rules and log error messages. Additionally, by using the M=a modifier 3150you can require authentication before messages are accepted by the MSA. 3151Notice: Do NOT use the 'a' modifier on a public accessible MTA! 3152Finally, the M=E modifier shown above disables ETRN as required by RFC 31532476. 3154 3155 3156+-----------+ 3157| HIERARCHY | 3158+-----------+ 3159 3160Within this directory are several subdirectories, to wit: 3161 3162m4 General support routines. These are typically 3163 very important and should not be changed without 3164 very careful consideration. 3165 3166cf The configuration files themselves. They have 3167 ".mc" suffixes, and must be run through m4 to 3168 become complete. The resulting output should 3169 have a ".cf" suffix. 3170 3171ostype Definitions describing a particular operating 3172 system type. These should always be referenced 3173 using the OSTYPE macro in the .mc file. Examples 3174 include "bsd4.3", "bsd4.4", "sunos3.5", and 3175 "sunos4.1". 3176 3177domain Definitions describing a particular domain, referenced 3178 using the DOMAIN macro in the .mc file. These are 3179 site dependent; for example, "CS.Berkeley.EDU.m4" 3180 describes hosts in the CS.Berkeley.EDU subdomain. 3181 3182mailer Descriptions of mailers. These are referenced using 3183 the MAILER macro in the .mc file. 3184 3185sh Shell files used when building the .cf file from the 3186 .mc file in the cf subdirectory. 3187 3188feature These hold special orthogonal features that you might 3189 want to include. They should be referenced using 3190 the FEATURE macro. 3191 3192hack Local hacks. These can be referenced using the HACK 3193 macro. They shouldn't be of more than voyeuristic 3194 interest outside the .Berkeley.EDU domain, but who knows? 3195 3196siteconfig Site configuration -- e.g., tables of locally connected 3197 UUCP sites. 3198 3199 3200+------------------------+ 3201| ADMINISTRATIVE DETAILS | 3202+------------------------+ 3203 3204The following sections detail usage of certain internal parts of the 3205sendmail.cf file. Read them carefully if you are trying to modify 3206the current model. If you find the above descriptions adequate, these 3207should be {boring, confusing, tedious, ridiculous} (pick one or more). 3208 3209RULESETS (* means built in to sendmail) 3210 3211 0 * Parsing 3212 1 * Sender rewriting 3213 2 * Recipient rewriting 3214 3 * Canonicalization 3215 4 * Post cleanup 3216 5 * Local address rewrite (after aliasing) 3217 1x mailer rules (sender qualification) 3218 2x mailer rules (recipient qualification) 3219 3x mailer rules (sender header qualification) 3220 4x mailer rules (recipient header qualification) 3221 5x mailer subroutines (general) 3222 6x mailer subroutines (general) 3223 7x mailer subroutines (general) 3224 8x reserved 3225 90 Mailertable host stripping 3226 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail) 3227 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail) 3228 98 Local part of ruleset 0 (ruleset 8 in old sendmail) 3229 99 Guaranteed null (for debugging) 3230 3231 3232MAILERS 3233 3234 0 local, prog local and program mailers 3235 1 [e]smtp, relay SMTP channel 3236 2 uucp-* UNIX-to-UNIX Copy Program 3237 3 netnews Network News delivery 3238 4 fax Sam Leffler's HylaFAX software 3239 5 mail11 DECnet mailer 3240 3241 3242MACROS 3243 3244 A 3245 B Bitnet Relay 3246 C DECnet Relay 3247 D The local domain -- usually not needed 3248 E reserved for X.400 Relay 3249 F FAX Relay 3250 G 3251 H mail Hub (for mail clusters) 3252 I 3253 J 3254 K 3255 L Luser Relay 3256 M Masquerade (who you claim to be) 3257 N 3258 O 3259 P 3260 Q 3261 R Relay (for unqualified names) 3262 S Smart Host 3263 T 3264 U my UUCP name (if you have a UUCP connection) 3265 V UUCP Relay (class {V} hosts) 3266 W UUCP Relay (class {W} hosts) 3267 X UUCP Relay (class {X} hosts) 3268 Y UUCP Relay (all other hosts) 3269 Z Version number 3270 3271 3272CLASSES 3273 3274 A 3275 B domains that are candidates for bestmx lookup 3276 C 3277 D 3278 E addresses that should not seem to come from $M 3279 F hosts this system forward for 3280 G domains that should be looked up in genericstable 3281 H 3282 I 3283 J 3284 K 3285 L addresses that should not be forwarded to $R 3286 M domains that should be mapped to $M 3287 N host/domains that should not be mapped to $M 3288 O operators that indicate network operations (cannot be in local names) 3289 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc. 3290 Q 3291 R domains this system is willing to relay (pass anti-spam filters) 3292 S 3293 T 3294 U locally connected UUCP hosts 3295 V UUCP hosts connected to relay $V 3296 W UUCP hosts connected to relay $W 3297 X UUCP hosts connected to relay $X 3298 Y locally connected smart UUCP hosts 3299 Z locally connected domain-ized UUCP hosts 3300 . the class containing only a dot 3301 [ the class containing only a left bracket 3302 3303 3304M4 DIVERSIONS 3305 3306 1 Local host detection and resolution 3307 2 Local Ruleset 3 additions 3308 3 Local Ruleset 0 additions 3309 4 UUCP Ruleset 0 additions 3310 5 locally interpreted names (overrides $R) 3311 6 local configuration (at top of file) 3312 7 mailer definitions 3313 8 DNS based blacklists 3314 9 special local rulesets (1 and 2) 3315 3316$Revision: 8.383.2.1.2.49 $, Last updated $Date: 2001/08/14 15:25:36 $ 3317