proto.m4 revision 43730 
1divert(-1)
2#
3# Copyright (c) 1998 Sendmail, Inc.  All rights reserved.
4# Copyright (c) 1983, 1995 Eric P. Allman.  All rights reserved.
5# Copyright (c) 1988, 1993
6#	The Regents of the University of California.  All rights reserved.
7#
8# By using this file, you agree to the terms and conditions set
9# forth in the LICENSE file which can be found at the top level of
10# the sendmail distribution.
11#
12#
13divert(0)
14
15VERSIONID(`@(#)proto.m4	8.243 (Berkeley) 2/2/1999')
16
17MAILER(local)dnl
18
19# level 8 config file format
20V8/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley')
21divert(-1)
22
23# do some sanity checking
24ifdef(`__OSTYPE__',,
25	`errprint(`*** ERROR: No system type defined (use OSTYPE macro)')')
26
27# pick our default mailers
28ifdef(`confSMTP_MAILER',, `define(`confSMTP_MAILER', `esmtp')')
29ifdef(`confLOCAL_MAILER',, `define(`confLOCAL_MAILER', `local')')
30ifdef(`confRELAY_MAILER',,
31	`define(`confRELAY_MAILER',
32		`ifdef(`_MAILER_smtp_', `relay',
33			`ifdef(`_MAILER_uucp', `uucp-new', `unknown')')')')
34ifdef(`confUUCP_MAILER',, `define(`confUUCP_MAILER', `uucp-old')')
35define(`_SMTP_', `confSMTP_MAILER')dnl		for readability only
36define(`_LOCAL_', `confLOCAL_MAILER')dnl	for readability only
37define(`_RELAY_', `confRELAY_MAILER')dnl	for readability only
38define(`_UUCP_', `confUUCP_MAILER')dnl		for readability only
39
40# set our default hashed database type
41ifdef(`DATABASE_MAP_TYPE',, `define(`DATABASE_MAP_TYPE', `hash')')
42
43# back compatibility with old config files
44ifdef(`confDEF_GROUP_ID',
45	`errprint(`*** confDEF_GROUP_ID is obsolete.')
46	 errprint(`    Use confDEF_USER_ID with a colon in the value instead.')')
47ifdef(`confREAD_TIMEOUT',
48	`errprint(`*** confREAD_TIMEOUT is obsolete.')
49	 errprint(`    Use individual confTO_<timeout> parameters instead.')')
50ifdef(`confMESSAGE_TIMEOUT',
51	`define(`_ARG_', index(confMESSAGE_TIMEOUT, /))
52	 ifelse(_ARG_, -1,
53		`define(`confTO_QUEUERETURN', confMESSAGE_TIMEOUT)',
54		`define(`confTO_QUEUERETURN',
55			substr(confMESSAGE_TIMEOUT, 0, _ARG_))
56		 define(`confTO_QUEUEWARN',
57			substr(confMESSAGE_TIMEOUT, eval(_ARG_+1)))')')
58ifdef(`confMIN_FREE_BLOCKS', `ifelse(index(confMIN_FREE_BLOCKS, /), -1,,
59	`errprint(`*** compound confMIN_FREE_BLOCKS is obsolete.')
60	 errprint(`    Use confMAX_MESSAGE_SIZE for the second part of the value.')')')
61
62# clean option definitions below....
63define(`_OPTION', `ifdef(`$2', `O $1=$2', `#O $1`'ifelse($3, `',, `=$3')')')dnl
64
65divert(0)dnl
66
67# override file safeties - setting this option compromises system security
68# need to set this now for the sake of class files
69_OPTION(DontBlameSendmail, `confDONT_BLAME_SENDMAIL', safe)
70
71##################
72#   local info   #
73##################
74
75Cwlocalhost
76ifdef(`USE_CW_FILE',
77`# file containing names of hosts for which we receive email
78Fw`'confCW_FILE',
79	`dnl')
80
81# my official domain name
82# ... `define' this only if sendmail cannot automatically determine your domain
83ifdef(`confDOMAIN_NAME', `Dj`'confDOMAIN_NAME', `#Dj$w.Foo.COM')
84
85ifdef(`_NULL_CLIENT_ONLY_', `divert(-1)')dnl
86
87CP.
88
89ifdef(`UUCP_RELAY',
90`# UUCP relay host
91DY`'UUCP_RELAY
92CPUUCP
93
94')dnl
95ifdef(`BITNET_RELAY',
96`#  BITNET relay host
97DB`'BITNET_RELAY
98CPBITNET
99
100')dnl
101ifdef(`DECNET_RELAY',
102`define(`_USE_DECNET_SYNTAX_', 1)dnl
103# DECnet relay host
104DC`'DECNET_RELAY
105CPDECNET
106
107')dnl
108ifdef(`FAX_RELAY',
109`# FAX relay host
110DF`'FAX_RELAY
111CPFAX
112
113')dnl
114# "Smart" relay host (may be null)
115DS`'ifdef(`SMART_HOST', SMART_HOST)
116
117ifdef(`LUSER_RELAY', `dnl
118# place to which unknown users should be forwarded
119Kuser user -m -a<>
120DL`'LUSER_RELAY',
121`dnl')
122
123# operators that cannot be in local usernames (i.e., network indicators)
124CO @ % ifdef(`_NO_UUCP_', `', `!')
125
126# a class with just dot (for identifying canonical names)
127C..
128
129# a class with just a left bracket (for identifying domain literals)
130C[[
131
132ifdef(`MAILER_TABLE', `dnl
133# Mailer table (overriding domains)
134Kmailertable MAILER_TABLE',
135`dnl')
136
137ifdef(`DOMAIN_TABLE', `dnl
138# Domain table (adding domains)
139Kdomaintable DOMAIN_TABLE',
140`dnl')
141
142ifdef(`GENERICS_TABLE', `dnl
143# Generics table (mapping outgoing addresses)
144Kgenerics GENERICS_TABLE',
145`dnl')
146
147ifdef(`UUDOMAIN_TABLE', `dnl
148# UUCP domain table
149Kuudomain UUDOMAIN_TABLE',
150`dnl')
151
152ifdef(`BITDOMAIN_TABLE', `dnl
153# BITNET mapping table
154Kbitdomain BITDOMAIN_TABLE',
155`dnl')
156
157ifdef(`VIRTUSER_TABLE', `dnl
158# Virtual user table (maps incoming users)
159Kvirtuser VIRTUSER_TABLE',
160`dnl')
161
162ifdef(`ACCESS_TABLE', `dnl
163# Access list database (for spam stomping)
164Kaccess ACCESS_TABLE',
165`dnl')
166
167ifdef(`_RELAY_MX_SERVED_', `dnl
168# MX map (to allow relaying to hosts that we MX for)
169Kmxserved bestmx -z: -T<TEMP>',
170`dnl')
171
172ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',`dnl',`dnl
173# Resolve map (to check if a host exists in check_mail)
174Kresolve host -a<OK> -T<TEMP>')
175
176ifdef(`confCR_FILE', `dnl
177# Hosts that will permit relaying ($=R)
178FR`'confCR_FILE',
179`dnl')
180
181# who I send unqualified names to (null means deliver locally)
182DR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY)
183
184# who gets all local email traffic ($R has precedence for unqualified names)
185DH`'ifdef(`MAIL_HUB', MAIL_HUB)
186
187# dequoting map
188Kdequote dequote
189
190divert(0)dnl	# end of nullclient diversion
191# class E: names that should be exposed as from this host, even if we masquerade
192ifdef(`_NULL_CLIENT_ONLY_', `#',
193`# class L: names that should be delivered locally, even if we have a relay
194# class M: domains that should be converted to $M
195#CL root
196')CE root
197undivert(5)dnl
198
199# who I masquerade as (null for no masquerading) (see also $=M)
200DM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME)
201
202# my name for error messages
203ifdef(`confMAILER_NAME', `Dn`'confMAILER_NAME', `#DnMAILER-DAEMON')
204
205undivert(6)dnl
206include(_CF_DIR_`m4/version.m4')
207
208###############
209#   Options   #
210###############
211
212# strip message body to 7 bits on input?
213_OPTION(SevenBitInput, `confSEVEN_BIT_INPUT')
214
215# 8-bit data handling
216_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', adaptive)
217
218ifdef(`_NULL_CLIENT_ONLY_', `dnl', `
219# wait for alias file rebuild (default units: minutes)
220_OPTION(AliasWait, `confALIAS_WAIT', 5m)
221
222# location of alias file
223_OPTION(AliasFile, `ALIAS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/aliases, /etc/aliases))
224')
225# minimum number of free blocks on filesystem
226_OPTION(MinFreeBlocks, `confMIN_FREE_BLOCKS', 100)
227
228# maximum message size
229_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', 1000000)
230
231# substitution for space (blank) characters
232_OPTION(BlankSub, `confBLANK_SUB', _)
233
234# avoid connecting to "expensive" mailers on initial submission?
235_OPTION(HoldExpensive, `confCON_EXPENSIVE')
236
237# checkpoint queue runs after every N successful deliveries
238_OPTION(CheckpointInterval, `confCHECKPOINT_INTERVAL', 10)
239
240# default delivery mode
241_OPTION(DeliveryMode, `confDELIVERY_MODE', background)
242
243# automatically rebuild the alias database?
244_OPTION(AutoRebuildAliases, `confAUTO_REBUILD')
245
246# error message header/file
247_OPTION(ErrorHeader, `confERROR_MESSAGE', ifdef(`_USE_ETC_MAIL_', /etc/mail/error-header, /etc/sendmail.oE))
248
249# error mode
250_OPTION(ErrorMode, `confERROR_MODE', print)
251
252# save Unix-style "From_" lines at top of header?
253_OPTION(SaveFromLine, `confSAVE_FROM_LINES')
254
255# temporary file mode
256_OPTION(TempFileMode, `confTEMP_FILE_MODE', 0600)
257
258# match recipients against GECOS field?
259_OPTION(MatchGECOS, `confMATCH_GECOS')
260
261# maximum hop count
262_OPTION(MaxHopCount, `confMAX_HOP', 17)
263
264# location of help file
265O HelpFile=ifdef(`HELP_FILE', HELP_FILE, ifdef(`_USE_ETC_MAIL_', /etc/mail/helpfile, /usr/lib/sendmail.hf))
266
267# ignore dots as terminators in incoming messages?
268_OPTION(IgnoreDots, `confIGNORE_DOTS')
269
270# name resolver options
271_OPTION(ResolverOptions, `confBIND_OPTS', +AAONLY)
272
273# deliver MIME-encapsulated error messages?
274_OPTION(SendMimeErrors, `confMIME_FORMAT_ERRORS')
275
276# Forward file search path
277_OPTION(ForwardPath, `confFORWARD_PATH', /var/forward/$u:$z/.forward.$w:$z/.forward)
278
279# open connection cache size
280_OPTION(ConnectionCacheSize, `confMCI_CACHE_SIZE', 2)
281
282# open connection cache timeout
283_OPTION(ConnectionCacheTimeout, `confMCI_CACHE_TIMEOUT', 5m)
284
285# persistent host status directory
286_OPTION(HostStatusDirectory, `confHOST_STATUS_DIRECTORY', .hoststat)
287
288# single thread deliveries (requires HostStatusDirectory)?
289_OPTION(SingleThreadDelivery, `confSINGLE_THREAD_DELIVERY')
290
291# use Errors-To: header?
292_OPTION(UseErrorsTo, `confUSE_ERRORS_TO')
293
294# log level
295_OPTION(LogLevel, `confLOG_LEVEL', 10)
296
297# send to me too, even in an alias expansion?
298_OPTION(MeToo, `confME_TOO')
299
300# verify RHS in newaliases?
301_OPTION(CheckAliases, `confCHECK_ALIASES')
302
303# default messages to old style headers if no special punctuation?
304_OPTION(OldStyleHeaders, `confOLD_STYLE_HEADERS')
305
306# SMTP daemon options
307_OPTION(DaemonPortOptions, `confDAEMON_OPTIONS', Port=esmtp)
308
309# privacy flags
310_OPTION(PrivacyOptions, `confPRIVACY_FLAGS', authwarnings)
311
312# who (if anyone) should get extra copies of error messages
313_OPTION(PostMasterCopy, `confCOPY_ERRORS_TO', Postmaster)
314
315# slope of queue-only function
316_OPTION(QueueFactor, `confQUEUE_FACTOR', 600000)
317
318# queue directory
319O QueueDirectory=ifdef(`QUEUE_DIR', QUEUE_DIR, /var/spool/mqueue)
320
321# timeouts (many of these)
322_OPTION(Timeout.initial, `confTO_INITIAL', 5m)
323_OPTION(Timeout.connect, `confTO_CONNECT', 5m)
324_OPTION(Timeout.iconnect, `confTO_ICONNECT', 5m)
325_OPTION(Timeout.helo, `confTO_HELO', 5m)
326_OPTION(Timeout.mail, `confTO_MAIL', 10m)
327_OPTION(Timeout.rcpt, `confTO_RCPT', 1h)
328_OPTION(Timeout.datainit, `confTO_DATAINIT', 5m)
329_OPTION(Timeout.datablock, `confTO_DATABLOCK', 1h)
330_OPTION(Timeout.datafinal, `confTO_DATAFINAL', 1h)
331_OPTION(Timeout.rset, `confTO_RSET', 5m)
332_OPTION(Timeout.quit, `confTO_QUIT', 2m)
333_OPTION(Timeout.misc, `confTO_MISC', 2m)
334_OPTION(Timeout.command, `confTO_COMMAND', 1h)
335_OPTION(Timeout.ident, `confTO_IDENT', 30s)
336_OPTION(Timeout.fileopen, `confTO_FILEOPEN', 60s)
337_OPTION(Timeout.queuereturn, `confTO_QUEUERETURN', 5d)
338_OPTION(Timeout.queuereturn.normal, `confTO_QUEUERETURN_NORMAL', 5d)
339_OPTION(Timeout.queuereturn.urgent, `confTO_QUEUERETURN_URGENT', 2d)
340_OPTION(Timeout.queuereturn.non-urgent, `confTO_QUEUERETURN_NONURGENT', 7d)
341_OPTION(Timeout.queuewarn, `confTO_QUEUEWARN', 4h)
342_OPTION(Timeout.queuewarn.normal, `confTO_QUEUEWARN_NORMAL', 4h)
343_OPTION(Timeout.queuewarn.urgent, `confTO_QUEUEWARN_URGENT', 1h)
344_OPTION(Timeout.queuewarn.non-urgent, `confTO_QUEUEWARN_NONURGENT', 12h)
345_OPTION(Timeout.hoststatus, `confTO_HOSTSTATUS', 30m)
346
347# should we not prune routes in route-addr syntax addresses?
348_OPTION(DontPruneRoutes, `confDONT_PRUNE_ROUTES')
349
350# queue up everything before forking?
351_OPTION(SuperSafe, `confSAFE_QUEUE')
352
353# status file
354O StatusFile=ifdef(`STATUS_FILE', `STATUS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/statistics, /etc/sendmail.st))
355
356# time zone handling:
357#  if undefined, use system default
358#  if defined but null, use TZ envariable passed in
359#  if defined and non-null, use that info
360ifelse(confTIME_ZONE, `USE_SYSTEM', `#O TimeZoneSpec=',
361	confTIME_ZONE, `USE_TZ', `O TimeZoneSpec=',
362	`O TimeZoneSpec=confTIME_ZONE')
363
364# default UID (can be username or userid:groupid)
365_OPTION(DefaultUser, `confDEF_USER_ID', mailnull)
366
367# list of locations of user database file (null means no lookup)
368_OPTION(UserDatabaseSpec, `confUSERDB_SPEC', ifdef(`_USE_ETC_MAIL_', /etc/mail/userdb, /etc/userdb))
369
370# fallback MX host
371_OPTION(FallbackMXhost, `confFALLBACK_MX', fall.back.host.net)
372
373# if we are the best MX host for a site, try it directly instead of config err
374_OPTION(TryNullMXList, `confTRY_NULL_MX_LIST')
375
376# load average at which we just queue messages
377_OPTION(QueueLA, `confQUEUE_LA', 8)
378
379# load average at which we refuse connections
380_OPTION(RefuseLA, `confREFUSE_LA', 12)
381
382# maximum number of children we allow at one time
383_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', 12)
384
385# maximum number of new connections per second
386_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', 3)
387
388# work recipient factor
389_OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', 30000)
390
391# deliver each queued job in a separate process?
392_OPTION(ForkEachJob, `confSEPARATE_PROC')
393
394# work class factor
395_OPTION(ClassFactor, `confWORK_CLASS_FACTOR', 1800)
396
397# work time factor
398_OPTION(RetryFactor, `confWORK_TIME_FACTOR', 90000)
399
400# shall we sort the queue by hostname first?
401_OPTION(QueueSortOrder, `confQUEUE_SORT_ORDER', priority)
402
403# minimum time in queue before retry
404_OPTION(MinQueueAge, `confMIN_QUEUE_AGE', 30m)
405
406# default character set
407_OPTION(DefaultCharSet, `confDEF_CHAR_SET', iso-8859-1)
408
409# service switch file (ignored on Solaris, Ultrix, OSF/1, others)
410_OPTION(ServiceSwitchFile, `confSERVICE_SWITCH_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/service.switch, /etc/service.switch))
411
412# hosts file (normally /etc/hosts)
413_OPTION(HostsFile, `confHOSTS_FILE', /etc/hosts)
414
415# dialup line delay on connection failure
416_OPTION(DialDelay, `confDIAL_DELAY', 10s)
417
418# action to take if there are no recipients in the message
419_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', add-to-undisclosed)
420
421# chrooted environment for writing to files
422_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', /arch)
423
424# are colons OK in addresses?
425_OPTION(ColonOkInAddr, `confCOLON_OK_IN_ADDR')
426
427# how many jobs can you process in the queue?
428_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', 10000)
429
430# shall I avoid expanding CNAMEs (violates protocols)?
431_OPTION(DontExpandCnames, `confDONT_EXPAND_CNAMES')
432
433# SMTP initial login message (old $e macro)
434_OPTION(SmtpGreetingMessage, `confSMTP_LOGIN_MSG')
435
436# UNIX initial From header format (old $l macro)
437_OPTION(UnixFromLine, `confFROM_LINE')
438
439# From: lines that have embedded newlines are unwrapped onto one line
440_OPTION(SingleLineFromHeader, `confSINGLE_LINE_FROM_HEADER', False)
441
442# Allow HELO SMTP command that does not `include' a host name
443_OPTION(AllowBogusHELO, `confALLOW_BOGUS_HELO', False)
444
445# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
446_OPTION(MustQuoteChars, `confMUST_QUOTE_CHARS', .)
447
448# delimiter (operator) characters (old $o macro)
449_OPTION(OperatorChars, `confOPERATORS')
450
451# shall I avoid calling initgroups(3) because of high NIS costs?
452_OPTION(DontInitGroups, `confDONT_INIT_GROUPS')
453
454# are group-writable `:include:' and .forward files (un)trustworthy?
455_OPTION(UnsafeGroupWrites, `confUNSAFE_GROUP_WRITES')
456
457# where do errors that occur when sending errors get sent?
458_OPTION(DoubleBounceAddress, `confDOUBLE_BOUNCE_ADDRESS', postmaster)
459
460# what user id do we assume for the majority of the processing?
461_OPTION(RunAsUser, `confRUN_AS_USER', sendmail)
462
463# maximum number of recipients per SMTP envelope
464_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', 100)
465
466# shall we get local names from our installed interfaces?
467_OPTION(DontProbeInterfaces, `confDONT_PROBE_INTERFACES')
468
469ifdef(`confTRUSTED_USER',
470`# Trusted user for file ownership and starting the daemon
471O TrustedUser=confTRUSTED_USER
472')
473ifdef(`confCONTROL_SOCKET_NAME',
474`# Control socket for daemon management
475O ControlSocketName=confCONTROL_SOCKET_NAME
476')
477ifdef(`confMAX_MIME_HEADER_LENGTH',
478`# Maximum MIME header length to protect MUAs
479O MaxMimeHeaderLength=confMAX_MIME_HEADER_LENGTH
480')
481ifdef(`confMAX_HEADERS_LENGTH',
482`# Maximum length of the sum of all headers
483O MaxHeadersLength=confMAX_HEADERS_LENGTH
484')
485
486###########################
487#   Message precedences   #
488###########################
489
490Pfirst-class=0
491Pspecial-delivery=100
492Plist=-30
493Pbulk=-60
494Pjunk=-100
495
496#####################
497#   Trusted users   #
498#####################
499
500# this is equivalent to setting class "t"
501ifdef(`_USE_CT_FILE_', `', `#')Ft`'ifdef(`confCT_FILE', confCT_FILE, ifdef(`_USE_ETC_MAIL_', `/etc/mail/trusted-users', `/etc/sendmail.ct'))
502Troot
503Tdaemon
504ifdef(`_NO_UUCP_', `dnl', `Tuucp')
505ifdef(`confTRUSTED_USERS', `T`'confTRUSTED_USERS', `dnl')
506
507#########################
508#   Format of headers   #
509#########################
510
511ifdef(`confFROM_HEADER',, `define(`confFROM_HEADER', `$?x$x <$g>$|$g$.')')dnl
512H?P?Return-Path: <$g>
513HReceived: confRECEIVED_HEADER
514H?D?Resent-Date: $a
515H?D?Date: $a
516H?F?Resent-From: confFROM_HEADER
517H?F?From: confFROM_HEADER
518H?x?Full-Name: $x
519# HPosted-Date: $a
520# H?l?Received-Date: $b
521H?M?Resent-Message-Id: <$t.$i@$j>
522H?M?Message-Id: <$t.$i@$j>
523ifdef(`_NULL_CLIENT_ONLY_',
524	`include(_CF_DIR_`'m4/nullrelay.m4)m4exit',
525	`dnl')
526#
527######################################################################
528######################################################################
529#####
530#####			REWRITING RULES
531#####
532######################################################################
533######################################################################
534
535############################################
536###  Ruleset 3 -- Name Canonicalization  ###
537############################################
538S3
539
540# handle null input (translate to <@> special case)
541R$@			$@ <@>
542
543# strip group: syntax (not inside angle brackets!) and trailing semicolon
544R$*			$: $1 <@>			mark addresses
545R$* < $* > $* <@>	$: $1 < $2 > $3			unmark <addr>
546R@ $* <@>		$: @ $1				unmark @host:...
547R$* :: $* <@>		$: $1 :: $2			unmark node::addr
548R:`include': $* <@>	$: :`include': $1			unmark :`include':...
549R$* [ $* : $* ] <@>	$: $1 [ $2 : $3 ]		unmark IPv6 addrs
550R$* : $* [ $* ]		$: $1 : $2 [ $3 ] <@>		remark if leading colon
551R$* : $* <@>		$: $2				strip colon if marked
552R$* <@>			$: $1				unmark
553R$* ;			   $1				strip trailing semi
554R$* < $* ; >		   $1 < $2 >			bogus bracketed semi
555
556# null input now results from list:; syntax
557R$@			$@ :; <@>
558
559# strip angle brackets -- note RFC733 heuristic to get innermost item
560R$*			$: < $1 >			housekeeping <>
561R$+ < $* >		   < $2 >			strip excess on left
562R< $* > $+		   < $1 >			strip excess on right
563R<>			$@ < @ >			MAIL FROM:<> case
564R< $+ >			$: $1				remove housekeeping <>
565
566# make sure <@a,@b,@c:user@d> syntax is easy to parse -- undone later
567R@ $+ , $+		@ $1 : $2			change all "," to ":"
568
569# localize and dispose of route-based addresses
570R@ $+ : $+		$@ $>96 < @$1 > : $2		handle <route-addr>
571
572# find focus for list syntax
573R $+ : $* ; @ $+	$@ $>96 $1 : $2 ; < @ $3 >	list syntax
574R $+ : $* ;		$@ $1 : $2;			list syntax
575
576# find focus for @ syntax addresses
577R$+ @ $+		$: $1 < @ $2 >			focus on domain
578R$+ < $+ @ $+ >		$1 $2 < @ $3 >			move gaze right
579R$+ < @ $+ >		$@ $>96 $1 < @ $2 >		already canonical
580
581# do some sanity checking
582R$* < @ $* : $* > $*	$1 < @ $2 $3 > $4		nix colons in addrs
583
584ifdef(`_NO_UUCP_', `dnl',
585`# convert old-style addresses to a domain-based address
586R$- ! $+		$@ $>96 $2 < @ $1 .UUCP >	resolve uucp names
587R$+ . $- ! $+		$@ $>96 $3 < @ $1 . $2 >		domain uucps
588R$+ ! $+		$@ $>96 $2 < @ $1 .UUCP >	uucp subdomains
589')
590ifdef(`_USE_DECNET_SYNTAX_',
591`# convert node::user addresses into a domain-based address
592R$- :: $+		$@ $>96 $2 < @ $1 .DECNET >	resolve DECnet names
593R$- . $- :: $+		$@ $>96 $3 < @ $1.$2 .DECNET >	numeric DECnet addr
594',
595	`dnl')
596# if we have % signs, take the rightmost one
597R$* % $*		$1 @ $2				First make them all @s.
598R$* @ $* @ $*		$1 % $2 @ $3			Undo all but the last.
599R$* @ $*		$@ $>96 $1 < @ $2 >		Insert < > and finish
600
601# else we must be a local name
602R$*			$@ $>96 $1
603
604
605################################################
606###  Ruleset 96 -- bottom half of ruleset 3  ###
607################################################
608
609S96
610
611# handle special cases for local names
612R$* < @ localhost > $*		$: $1 < @ $j . > $2		no domain at all
613R$* < @ localhost . $m > $*	$: $1 < @ $j . > $2		local domain
614ifdef(`_NO_UUCP_', `dnl',
615`R$* < @ localhost . UUCP > $*	$: $1 < @ $j . > $2		.UUCP domain')
616R$* < @ [ $+ ] > $*		$: $1 < @@ [ $2 ] > $3		mark [a.b.c.d]
617R$* < @@ $=w > $*		$: $1 < @ $j . > $3		self-literal
618R$* < @@ $+ > $*		$@ $1 < @ $2 > $3		canon IP addr
619
620ifdef(`DOMAIN_TABLE', `dnl
621# look up domains in the domain table
622R$* < @ $+ > $* 		$: $1 < @ $(domaintable $2 $) > $3', `dnl')
623
624undivert(2)dnl
625
626ifdef(`BITDOMAIN_TABLE', `dnl
627# handle BITNET mapping
628R$* < @ $+ .BITNET > $*		$: $1 < @ $(bitdomain $2 $: $2.BITNET $) > $3', `dnl')
629
630ifdef(`UUDOMAIN_TABLE', `dnl
631# handle UUCP mapping
632R$* < @ $+ .UUCP > $*		$: $1 < @ $(uudomain $2 $: $2.UUCP $) > $3', `dnl')
633
634ifdef(`_NO_UUCP_', `dnl',
635`ifdef(`UUCP_RELAY',
636`# pass UUCP addresses straight through
637R$* < @ $+ . UUCP > $*		$@ $1 < @ $2 . UUCP . > $3',
638`# if really UUCP, handle it immediately
639ifdef(`_CLASS_U_',
640`R$* < @ $=U . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
641ifdef(`_CLASS_V_',
642`R$* < @ $=V . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
643ifdef(`_CLASS_W_',
644`R$* < @ $=W . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
645ifdef(`_CLASS_X_',
646`R$* < @ $=X . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
647ifdef(`_CLASS_Y_',
648`R$* < @ $=Y . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
649
650ifdef(`_NO_CANONIFY_', `dnl', `dnl
651# try UUCP traffic as a local address
652R$* < @ $+ . UUCP > $*		$: $1 < @ $[ $2 $] . UUCP . > $3
653R$* < @ $+ . . UUCP . > $*	$@ $1 < @ $2 . > $3')
654')')
655ifdef(`_NO_CANONIFY_', `dnl', `dnl
656# pass to name server to make hostname canonical
657R$* < @ $* $~P > $*		$: $1 < @ $[ $2 $3 $] > $4')
658
659# local host aliases and pseudo-domains are always canonical
660R$* < @ $=w > $*		$: $1 < @ $2 . > $3
661R$* < @ $j > $*			$: $1 < @ $j . > $2
662ifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
663`R$* < @ $* $=M > $*		$: $1 < @ $2 $3 . > $4',
664`R$* < @ $=M > $*		$: $1 < @ $2 . > $3')
665R$* < @ $* $=P > $*		$: $1 < @ $2 $3 . > $4
666R$* < @ $* . . > $*		$1 < @ $2 . > $3
667
668
669##################################################
670###  Ruleset 4 -- Final Output Post-rewriting  ###
671##################################################
672S4
673
674R$* <@>			$@				handle <> and list:;
675
676# strip trailing dot off possibly canonical name
677R$* < @ $+ . > $*	$1 < @ $2 > $3
678
679# eliminate internal code -- should never get this far!
680R$* < @ *LOCAL* > $*	$1 < @ $j > $2
681
682# externalize local domain info
683R$* < $+ > $*		$1 $2 $3			defocus
684R@ $+ : @ $+ : $+	@ $1 , @ $2 : $3		<route-addr> canonical
685R@ $*			$@ @ $1				... and exit
686
687ifdef(`_NO_UUCP_', `dnl',
688`# UUCP must always be presented in old form
689R$+ @ $- . UUCP		$2!$1				u@h.UUCP => h!u')
690
691ifdef(`_USE_DECNET_SYNTAX_',
692`# put DECnet back in :: form
693R$+ @ $+ . DECNET	$2 :: $1			u@h.DECNET => h::u',
694	`dnl')
695# delete duplicate local names
696R$+ % $=w @ $=w		$1 @ $2				u%host@host => u@host
697
698
699
700##############################################################
701###   Ruleset 97 -- recanonicalize and call ruleset zero   ###
702###		   (used for recursive calls)		   ###
703##############################################################
704
705S`'97
706R$*			$: $>3 $1
707R$*			$@ $>0 $1
708
709
710######################################
711###   Ruleset 0 -- Parse Address   ###
712######################################
713
714S0
715
716R$*			$: $>Parse0 $1		initial parsing
717R<@>			$#_LOCAL_ $: <@>		special case error msgs
718R$*			$: $>98 $1		handle local hacks
719R$*			$: $>Parse1 $1		final parsing
720
721#
722#  Parse0 -- do initial syntax checking and eliminate local addresses.
723#	This should either return with the (possibly modified) input
724#	or return with a #error mailer.  It should not return with a
725#	#mailer other than the #error mailer.
726#
727
728SParse0
729R<@>			$@ <@>			special case error msgs
730R$* : $* ; <@>		$#error $@ 5.1.3 $: "List:; syntax illegal for recipient addresses"
731#R@ <@ $* >		< @ $1 >		catch "@@host" bogosity
732R<@ $+>			$#error $@ 5.1.3 $: "User address required"
733R$*			$: <> $1
734R<> $* < @ [ $+ ] > $*	$1 < @ [ $2 ] > $3
735R<> $* <$* : $* > $*	$#error $@ 5.1.3 $: "Colon illegal in host name part"
736R<> $*			$1
737R$* < @ . $* > $*	$#error $@ 5.1.2 $: "Invalid host name"
738R$* < @ $* .. $* > $*	$#error $@ 5.1.2 $: "Invalid host name"
739
740# now delete the local info -- note $=O to find characters that cause forwarding
741R$* < @ > $*		$@ $>Parse0 $>3 $1		user@ => user
742R< @ $=w . > : $*	$@ $>Parse0 $>3 $2		@here:... -> ...
743R$- < @ $=w . >		$: $(dequote $1 $) < @ $2 . >	dequote "foo"@here
744R< @ $+ >		$#error $@ 5.1.3 $: "User address required"
745R$* $=O $* < @ $=w . >	$@ $>Parse0 $>3 $1 $2 $3	...@here -> ...
746R$- 			$: $(dequote $1 $) < @ *LOCAL* >	dequote "foo"
747R< @ *LOCAL* >		$#error $@ 5.1.3 $: "User address required"
748R$* $=O $* < @ *LOCAL* >
749			$@ $>Parse0 $>3 $1 $2 $3	...@*LOCAL* -> ...
750R$* < @ *LOCAL* >	$: $1
751
752#
753#  Parse1 -- the bottom half of ruleset 0.
754#
755
756SParse1
757ifdef(`_MAILER_smtp_',
758`# handle numeric address spec
759R$* < @ [ $+ ] > $*	$: $>98 $1 < @ [ $2 ] > $3	numeric internet spec
760R$* < @ [ $+ ] > $*	$#_SMTP_ $@ [$2] $: $1 < @ [$2] > $3	still numeric: send',
761	`dnl')
762
763ifdef(`VIRTUSER_TABLE', `dnl
764# handle virtual users
765R$+ < @ $=w . > 	$: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
766R<@> $+ + $* < @ $* . >
767			$: < $(virtuser $1 + * @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . >
768R<@> $+ + $* < @ $* . >
769			$: < $(virtuser $1 @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . >
770R<@> $+ < @ $+ . >	$: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
771R<@> $+			$: $1
772R< error : $- $+ > $* 	$#error $@ $(dequote $1 $) $: $2
773R< $+ > $+ < @ $+ >	$: $>97 $1',
774`dnl')
775
776# short circuit local delivery so forwarded email works
777ifdef(`_MAILER_usenet_', `dnl
778R$+ . USENET < @ $=w . >	$#usenet $: $1		handle usenet specially', `dnl')
779ifdef(`_STICKY_LOCAL_DOMAIN_',
780`R$+ < @ $=w . >		$: < $H > $1 < @ $2 . >		first try hub
781R< $+ > $+ < $+ >	$>95 < $1 > $2 < $3 >		yep ....
782R< > $+ + $* < $+ >	$#_LOCAL_ $: $1 + $2		plussed name?
783R< > $+ < $+ >		$#_LOCAL_ $: @ $1			nope, local address',
784`R$=L < @ $=w . >	$#_LOCAL_ $: @ $1		special local names
785R$+ < @ $=w . >		$#_LOCAL_ $: $1			regular local name')
786
787ifdef(`MAILER_TABLE', `dnl
788# not local -- try mailer table lookup
789R$* <@ $+ > $*		$: < $2 > $1 < @ $2 > $3	extract host name
790R< $+ . > $*		$: < $1 > $2			strip trailing dot
791R< $+ > $*		$: < $(mailertable $1 $) > $2	lookup
792R< $~[ : $* > $* 	$>95 < $1 : $2 > $3		check -- resolved?
793R< $+ > $*		$: $>90 <$1> $2			try domain',
794`dnl')
795undivert(4)dnl
796
797ifdef(`_NO_UUCP_', `dnl',
798`# resolve remotely connected UUCP links (if any)
799ifdef(`_CLASS_V_',
800`R$* < @ $=V . UUCP . > $*		$: $>95 < $V > $1 <@$2.UUCP.> $3',
801	`dnl')
802ifdef(`_CLASS_W_',
803`R$* < @ $=W . UUCP . > $*		$: $>95 < $W > $1 <@$2.UUCP.> $3',
804	`dnl')
805ifdef(`_CLASS_X_',
806`R$* < @ $=X . UUCP . > $*		$: $>95 < $X > $1 <@$2.UUCP.> $3',
807	`dnl')')
808
809# resolve fake top level domains by forwarding to other hosts
810ifdef(`BITNET_RELAY',
811`R$*<@$+.BITNET.>$*	$: $>95 < $B > $1 <@$2.BITNET.> $3	user@host.BITNET',
812	`dnl')
813ifdef(`DECNET_RELAY',
814`R$*<@$+.DECNET.>$*	$: $>95 < $C > $1 <@$2.DECNET.> $3	user@host.DECNET',
815	`dnl')
816ifdef(`_MAILER_pop_',
817`R$+ < @ POP. >		$#pop $: $1			user@POP',
818	`dnl')
819ifdef(`_MAILER_fax_',
820`R$+ < @ $+ .FAX. >	$#fax $@ $2 $: $1		user@host.FAX',
821`ifdef(`FAX_RELAY',
822`R$*<@$+.FAX.>$*		$: $>95 < $F > $1 <@$2.FAX.> $3	user@host.FAX',
823	`dnl')')
824
825ifdef(`UUCP_RELAY',
826`# forward non-local UUCP traffic to our UUCP relay
827R$*<@$*.UUCP.>$*		$: $>95 < $Y > $1 <@$2.UUCP.> $3	uucp mail',
828`ifdef(`_MAILER_uucp_',
829`# forward other UUCP traffic straight to UUCP
830R$* < @ $+ .UUCP. > $*		$#_UUCP_ $@ $2 $: $1 < @ $2 .UUCP. > $3	user@host.UUCP',
831	`dnl')')
832ifdef(`_MAILER_usenet_', `
833# addresses sent to net.group.USENET will get forwarded to a newsgroup
834R$+ . USENET		$#usenet $: $1',
835	`dnl')
836
837ifdef(`_LOCAL_RULES_',
838`# figure out what should stay in our local mail system
839undivert(1)', `dnl')
840
841# pass names that still have a host to a smarthost (if defined)
842R$* < @ $* > $*		$: $>95 < $S > $1 < @ $2 > $3	glue on smarthost name
843
844# deal with other remote names
845ifdef(`_MAILER_smtp_',
846`R$* < @$* > $*		$#_SMTP_ $@ $2 $: $1 < @ $2 > $3		user@host.domain',
847`R$* < @$* > $*		$#error $@ 5.1.2 $: "Unrecognized host name " $2')
848
849# handle locally delivered names
850R$=L			$#_LOCAL_ $: @ $1			special local names
851R$+			$#_LOCAL_ $: $1			regular local names
852
853###########################################################################
854###   Ruleset 5 -- special rewriting after aliases have been expanded   ###
855###########################################################################
856
857S5
858
859# deal with plussed users so aliases work nicely
860R$+ + *			$#_LOCAL_ $@ $&h $: $1
861R$+ + $*		$#_LOCAL_ $@ + $2 $: $1 + *
862
863# prepend an empty "forward host" on the front
864R$+			$: <> $1
865
866ifdef(`LUSER_RELAY', `dnl
867# send unrecognized local users to a relay host
868R< > $+ 		$: < $L . > $(user $1 $)	look up user
869R< $* > $+ <> $*	$: < > $2 $3			found; strip $L
870R< $* . > $+		$: < $1 > $2			strip extra dot',
871`dnl')
872
873# see if we have a relay or a hub
874R< > $+			$: < $H > $1			try hub
875R< > $+			$: < $R > $1			try relay
876R< > $+			$: < > < $1 $&h >		nope, restore +detail
877R< > < $+ + $* > $*	   < > < $1 > + $2 $3		find the user part
878R< > < $+ > + $*	$#_LOCAL_ $@ $2 $: @ $1		strip the extra +
879R< > < $+ >		$@ $1				no +detail
880R$+			$: $1 <> $&h			add +detail back in
881R$+ <> + $*		$: $1 + $2			check whether +detail
882R$+ <> $*		$: $1				else discard
883R< local : $* > $*	$: $>95 < local : $1 > $2	no host extension
884R< error : $* > $*	$: $>95 < error : $1 > $2	no host extension
885R< $- : $+ > $+		$: $>95 < $1 : $2 > $3 < @ $2 >
886R< $+ > $+		$@ $>95 < $1 > $2 < @ $1 >
887
888ifdef(`MAILER_TABLE', `dnl
889###################################################################
890###  Ruleset 90 -- try domain part of mailertable entry 	###
891###################################################################
892
893S90
894R$* <$- . $+ > $*	$: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4
895R$* <$~[ : $* > $*	$>95 < $2 : $3 > $4		check -- resolved?
896R$* < . $+ > $* 	$@ $>90 $1 . <$2> $3		no -- strip & try again
897R$* < $* > $*		$: < $(mailertable . $@ $1$2 $) > $3	try "."
898R< $~[ : $* > $*	$>95 < $1 : $2 > $3		"." found?
899R< $* > $*		$@ $2				no mailertable match',
900`dnl')
901
902###################################################################
903###  Ruleset 95 -- canonify mailer:[user@]host syntax to triple	###
904###################################################################
905
906S95
907R< > $*				$@ $1			strip off null relay
908R< error : $- $+ > $*		$#error $@ $(dequote $1 $) $: $2
909R< local : $* > $*		$>CanonLocal < $1 > $2
910R< $- : $+ @ $+ > $*<$*>$*	$# $1 $@ $3 $: $2<@$3>	use literal user
911R< $- : $+ > $*			$# $1 $@ $2 $: $3	try qualified mailer
912R< $=w > $*			$@ $2			delete local host
913R< $+ > $*			$#_RELAY_ $@ $1 $: $2	use unqualified mailer
914
915###################################################################
916###  Ruleset CanonLocal -- canonify local: syntax		###
917###################################################################
918
919SCanonLocal
920# strip local host from routed addresses
921R< $* > < @ $+ > : $+		$@ $>97 $3
922R< $* > $+ $=O $+ < @ $+ >	$@ $>97 $2 $3 $4
923
924# strip trailing dot from any host name that may appear
925R< $* > $* < @ $* . >		$: < $1 > $2 < @ $3 >
926
927# handle local: syntax -- use old user, either with or without host
928R< > $* < @ $* > $*		$#_LOCAL_ $@ $1@$2 $: $1
929R< > $+				$#_LOCAL_ $@ $1    $: $1
930
931# handle local:user@host syntax -- ignore host part
932R< $+ @ $+ > $* < @ $* >	$: < $1 > $3 < @ $4 >
933
934# handle local:user syntax
935R< $+ > $* <@ $* > $*		$#_LOCAL_ $@ $2@$3 $: $1
936R< $+ > $* 			$#_LOCAL_ $@ $2    $: $1
937
938###################################################################
939###  Ruleset 93 -- convert header names to masqueraded form	###
940###################################################################
941
942S93
943
944ifdef(`GENERICS_TABLE', `dnl
945# handle generics database
946ifdef(`_GENERICS_ENTIRE_DOMAIN_',
947`R$+ < @ $* $=G . >	$: < $1@$2$3 > $1 < @ $2$3 . > @	mark',
948`R$+ < @ $=G . >	$: < $1@$2 > $1 < @ $2 . > @	mark')
949R$+ < @ *LOCAL* >	$: < $1@$j > $1 < @ *LOCAL* > @	mark
950R< $+ > $+ < $* > @	$: < $(generics $1 $: $) > $2 < $3 >
951R< > $+ < @ $+ > 	$: < $(generics $1 $: $) > $1 < @ $2 >
952R< $* @ $* > $* < $* >	$@ $>3 $1 @ $2			found qualified
953R< $+ > $* < $* >	$: $>3 $1 @ *LOCAL*		found unqualified
954R< > $*			$: $1				not found',
955`dnl')
956
957# special case the users that should be exposed
958R$=E < @ *LOCAL* >	$@ $1 < @ $j . >		leave exposed
959ifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
960`R$=E < @ $* $=M . >	$@ $1 < @ $2 $3 . >',
961`R$=E < @ $=M . >	$@ $1 < @ $2 . >')
962ifdef(`_LIMITED_MASQUERADE_', `dnl',
963`R$=E < @ $=w . >	$@ $1 < @ $2 . >')
964
965# handle domain-specific masquerading
966ifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
967`R$* < @ $* $=M . > $*	$: $1 < @ $2 $3 . @ $M > $4	convert masqueraded doms',
968`R$* < @ $=M . > $*	$: $1 < @ $2 . @ $M > $3	convert masqueraded doms')
969ifdef(`_LIMITED_MASQUERADE_', `dnl',
970`R$* < @ $=w . > $*	$: $1 < @ $2 . @ $M > $3')
971R$* < @ *LOCAL* > $*	$: $1 < @ $j . @ $M > $2
972R$* < @ $+ @ > $*	$: $1 < @ $2 > $3		$M is null
973R$* < @ $+ @ $+ > $*	$: $1 < @ $3 . > $4		$M is not null
974
975###################################################################
976###  Ruleset 94 -- convert envelope names to masqueraded form	###
977###################################################################
978
979S94
980ifdef(`_MASQUERADE_ENVELOPE_',
981`R$+			$@ $>93 $1',
982`R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2')
983
984###################################################################
985###  Ruleset 98 -- local part of ruleset zero (can be null)	###
986###################################################################
987
988S98
989undivert(3)dnl
990
991ifelse(substr(confDELIVERY_MODE,0,1), `d', `errprint(`WARNING: Antispam rules not available in deferred delivery mode.')')
992ifdef(`ACCESS_TABLE', `dnl
993######################################################################
994###  LookUpDomain -- search for domain in access database
995###
996###	Parameters:
997###		<$1> -- key (domain name)
998###		<$2> -- default (what to return if not found in db)
999###		<$3> -- passthru (additional data passed unchanged through)
1000######################################################################
1001
1002SLookUpDomain
1003R<$+> <$+> <$*>		$: < $(access $1 $: ? $) > <$1> <$2> <$3>
1004R<?> <$+.$+> <$+> <$*>	$@ $>LookUpDomain <$2> <$3> <$4>
1005R<?> <$+> <$+> <$*>	$@ <$2> <$3>
1006R<$*> <$+> <$+> <$*>	$@ <$1> <$4>
1007
1008######################################################################
1009###  LookUpAddress -- search for host address in access database
1010###
1011###	Parameters:
1012###		<$1> -- key (dot quadded host address)
1013###		<$2> -- default (what to return if not found in db)
1014###		<$3> -- passthru (additional data passed through)
1015######################################################################
1016
1017SLookUpAddress
1018R<$+> <$+> <$*>		$: < $(access $1 $: ? $) > <$1> <$2> <$3>
1019R<?> <$+.$-> <$+> <$*>	$@ $>LookUpAddress <$1> <$3> <$4>
1020R<?> <$+> <$+> <$*>	$@ <$2> <$3>
1021R<$*> <$+> <$+> <$*>	$@ <$1> <$4>',
1022`dnl')
1023
1024######################################################################
1025###  CanonAddr --	Convert an address into a standard form for
1026###			relay checking.  Route address syntax is
1027###			crudely converted into a %-hack address.
1028###
1029###	Parameters:
1030###		$1 -- full recipient address
1031###
1032###	Returns:
1033###		parsed address, not in source route form
1034######################################################################
1035
1036SCanonAddr
1037R$*			$: $>Parse0 $>3 $1	make domain canonical
1038R< @ $+ > : $* @ $*	< @ $1 > : $2 % $3	change @ to % in src route
1039R$* < @ $+ > : $* : $*	$3 $1 < @ $2 > : $4	change to % hack.
1040R$* < @ $+ > : $*	$3 $1 < @ $2 >
1041
1042######################################################################
1043###  ParseRecipient --	Strip off hosts in $=R as well as possibly
1044###			$* $=m or the access database.
1045###			Check user portion for host separators.
1046###
1047###	Parameters:
1048###		$1 -- full recipient address
1049###
1050###	Returns:
1051###		parsed, non-local-relaying address
1052######################################################################
1053
1054SParseRecipient
1055R$*				$: <?> $>CanonAddr $1
1056R<?> $* < @ $* . >		<?> $1 < @ $2 >			strip trailing dots
1057R<?> $- < @ $* >		$: <?> $(dequote $1 $) < @ $2 >	dequote local part
1058
1059# if no $=O character, no host in the user portion, we are done
1060R<?> $* $=O $* < @ $* >		$: <NO> $1 $2 $3 < @ $4>
1061R<?> $*				$@ $1
1062
1063ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
1064# if we relay, check username portion for user%host so host can be checked also
1065R<NO> $* < @ $* $=m >		$: <RELAY> $1 < @ $2 $3 >', `dnl')
1066
1067ifdef(`_RELAY_MX_SERVED_', `dnl
1068R<NO> $* < @ $+ >		$: <MX> < : $(mxserved $2 $) : > < $1 < @$2 > >
1069R<MX> < : $* <TEMP> : > $*	$#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
1070R<MX> < $* : $=w. : $* > < $+ >	$: <RELAY> $4
1071R<MX> < : $* : > < $+ >		$: <NO> $2', `dnl')
1072
1073ifdef(`_RELAY_HOSTS_ONLY_',
1074`R<NO> $* < @ $=R >		$: <RELAY> $1 < @ $2 >
1075ifdef(`ACCESS_TABLE', `dnl
1076R<NO> $* < @ $+ >		$: <$(access $2 $: NO $)> $1 < @ $2 >',`dnl')',
1077`R<NO> $* < @ $* $=R >		$: <RELAY> $1 < @ $2 $3 >
1078ifdef(`ACCESS_TABLE', `dnl
1079R<NO> $* < @ $+ >		$: $>LookUpDomain <$2> <NO> <$1 < @ $2 >>
1080R<$+> <$+>			$: <$1> $2',`dnl')')
1081
1082R<RELAY> $* < @ $* >		$@ $>ParseRecipient $1
1083R<$-> $*			$@ $2
1084
1085######################################################################
1086###  check_relay -- check hostname/address on SMTP startup
1087######################################################################
1088
1089SLocal_check_relay
1090Scheck_relay
1091R$*			$: $1 $| $>"Local_check_relay" $1
1092R$* $| $* $| $#$*	$#$3
1093R$* $| $* $| $*		$@ $>"Basic_check_relay" $1 $| $2
1094
1095SBasic_check_relay
1096# check for deferred delivery mode
1097R$*			$: < ${deliveryMode} > $1
1098R< d > $*		$@ deferred
1099R< $* > $*		$: $2
1100
1101ifdef(`ACCESS_TABLE', `dnl
1102R$+ $| $+		$: $>LookUpDomain < $1 > <?> < $2 >
1103R<?> < $+ >		$: $>LookUpAddress < $1 > <?> < $1 >
1104R<?> < $+ >		$: $1
1105R<OK> < $* >		$@ OK
1106R<RELAY> < $* >		$@ RELAY
1107R<REJECT> $*		$#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')"
1108R<DISCARD> $*		$#discard $: discard
1109R<$+> $*		$#error $@ 5.7.1 $: $1', `dnl')
1110
1111ifdef(`_RBL_', `dnl
1112# DNS based IP address spam lists
1113R$*			$: $&{client_addr}
1114R$-.$-.$-.$-		$: $(host $4.$3.$2.$1._RBL_. $: OK $)
1115ROK			$@ OK
1116R$+			$#error $@ 5.7.1 $: "Mail from " $&{client_addr} " refused by blackhole site _RBL_"',
1117`dnl')
1118
1119######################################################################
1120###  check_mail -- check SMTP ``MAIL FROM:'' command argument
1121######################################################################
1122
1123SLocal_check_mail
1124Scheck_mail
1125R$*			$: $1 $| $>"Local_check_mail" $1
1126R$* $| $#$*		$#$2
1127R$* $| $*		$@ $>"Basic_check_mail" $1
1128
1129SBasic_check_mail
1130# check for deferred delivery mode
1131R$*			$: < ${deliveryMode} > $1
1132R< d > $*		$@ deferred
1133R< $* > $*		$: $2
1134
1135R<>			$@ <OK>
1136R$*			$: <?> $>CanonAddr $1
1137R<?> $* < @ $+ . >	<?> $1 < @ $2 >			strip trailing dots
1138# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
1139R<?> $* < $* $=P > $*	$: <OK> $1 < @ $2 $3 > $4
1140ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',
1141`R<?> $* < @ $+ > $*	$: <OK> $1 < @ $2 > $3		... unresolvable OK',
1142`R<?> $* < @ $+ > $*	$: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 > $3
1143R<? $* <$->> $* < @ $+ > $*
1144			$: <$2> $3 < @ $4 > $5')
1145
1146ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
1147# handle case of @localhost on address
1148R<$+> $* < @localhost >	$: < ? $&{client_name} > <$1> $2 < @localhost >
1149R<$+> $* < @localhost.$m >
1150			$: < ? $&{client_name} > <$1> $2 < @localhost.$m >
1151ifdef(`_NO_UUCP_', `dnl',
1152`R<$+> $* < @localhost.UUCP >
1153			$: < ? $&{client_name} > <$1> $2 < @localhost.UUCP >')
1154R<? $=w> <$+> $*	<?> <$2> $3
1155R<? $+> <$+> $*		$#error $@ 5.5.4 $: "553 Real domain name required"
1156R<?> <$+> $*		$: <$1> $2')
1157
1158ifdef(`ACCESS_TABLE', `dnl
1159# lookup localpart (user@)
1160R<$+> $* < @ $+ > $*	$: <USER $(access $2@ $: ? $) > <$1> $2 < @ $3 > $4
1161# no match, try full address (user@domain rest)
1162R<USER ?> <$+> $* < @ $* > $*
1163			$: <USER $(access $2@$3$4 $: ? $) > <$1> $2 < @ $3 > $4
1164# no match, try address (user@domain)
1165R<USER ?> <$+> $+ < @ $+ > $*
1166			$: <USER $(access $2@$3 $: ? $) > <$1> $2 < @ $3 > $4
1167# no match, try (sub)domain (domain)
1168R<USER ?> <$+> $* < @ $+ > $*
1169			$: $>LookUpDomain <$3> <$1> <>
1170# check unqualified user in access database
1171R<?> $*			$: <USER $(access $1@ $: ? $) > <?> $1
1172# retransform for further use
1173R<USER $+> <$+> $*	$: <$1> $3',
1174`dnl')
1175
1176ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
1177# handle case of no @domain on address
1178R<?> $*			$: < ? $&{client_name} > $1
1179R<?> $*			$@ <OK>				...local unqualed ok
1180R<? $+> $*		$#error $@ 5.5.4 $: "553 Domain name required"
1181							...remote is not')
1182# check results
1183R<?> $*			$@ <OK>
1184R<OK> $*		$@ <OK>
1185R<TEMP> $*		$#error $@ 4.1.8 $: "451 Sender domain must resolve"
1186R<PERM> $*		$#error $@ 5.1.8 $: "501 Sender domain must exist"
1187ifdef(`ACCESS_TABLE', `dnl
1188R<RELAY> $*		$@ <RELAY>
1189R<DISCARD> $*		$#discard $: discard
1190R<REJECT> $*		$#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')"
1191R<$+> $*		$#error $@ 5.7.1 $: $1		error from access db',
1192`dnl')
1193
1194######################################################################
1195###  check_rcpt -- check SMTP ``RCPT TO:'' command argument
1196######################################################################
1197
1198SLocal_check_rcpt
1199Scheck_rcpt
1200R$*			$: $1 $| $>"Local_check_rcpt" $1
1201R$* $| $#$*		$#$2
1202R$* $| $*		$@ $>"Basic_check_rcpt" $1
1203
1204SBasic_check_rcpt
1205# check for deferred delivery mode
1206R$*			$: < ${deliveryMode} > $1
1207R< d > $*		$@ deferred
1208R< $* > $*		$: $2
1209
1210ifdef(`_LOOSE_RELAY_CHECK_',`dnl
1211R$*			$: $>CanonAddr $1
1212R$* < @ $* . >		$1 < @ $2 >			strip trailing dots',
1213`R$*			$: $>ParseRecipient $1		strip relayable hosts')
1214
1215ifdef(`_BESTMX_IS_LOCAL_',`dnl
1216ifelse(_BESTMX_IS_LOCAL_, `', `dnl
1217# unlimited bestmx
1218R$* < @ $* > $*			$: $1 < @ $2 @@ $(bestmx $2 $) > $3',
1219`dnl
1220# limit bestmx to $=B
1221R$* < @ $* $=B > $*		$: $1 < @ $2 $3 @@ $(bestmx $2 $3 $) > $4')
1222R$* $=O $* < @ $* @@ $=w . > $*	$@ $>Basic_check_rcpt $1 $2 $3
1223R$* < @ $* @@ $=w . > $*	$: $1 < @ $3 > $4
1224R$* < @ $* @@ $* > $*		$: $1 < @ $2 > $4')
1225
1226ifdef(`_BLACKLIST_RCPT_',`dnl
1227ifdef(`ACCESS_TABLE', `dnl
1228# blacklist local users or any host from receiving mail
1229R$*			$: <?> $1
1230R<?> $+ < @ $=w >	$: <> <USER $1> <FULL $1@$2> <HOST $2> <$1 < @ $2 >>
1231R<?> $+ < @ $* >	$: <> <FULL $1@$2> <HOST $2> <$1 < @ $2 >>
1232R<?> $+			$: <> <USER $1> <$1>
1233R<> <USER $+> $*	$: <$(access $1 $: $)> $2
1234R<> <FULL $+> $*	$: <$(access $1 $: $)> $2
1235R<OK> <FULL $+> $*	$: <$(access $1 $: $)> $2
1236R<> <HOST $+> $*	$: <$(access $1 $: $)> $2
1237R<OK> <HOST $+> $*	$: <$(access $1 $: $)> $2
1238R<> <$*>		$: $1
1239R<OK> <$*>		$: $1
1240R<RELAY> <$*>		$: $1
1241R<REJECT> $*		$#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient"
1242R<$+> $*		$#error $@ 5.2.1 $: $1			error from access db', `dnl')', `dnl')
1243
1244ifdef(`_PROMISCUOUS_RELAY_', `dnl', `dnl
1245# anything terminating locally is ok
1246ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
1247R$+ < @ $* $=m >	$@ OK', `dnl')
1248R$+ < @ $=w >		$@ OK
1249ifdef(`_RELAY_HOSTS_ONLY_',
1250`R$+ < @ $=R >		$@ OK
1251ifdef(`ACCESS_TABLE', `dnl
1252R$+ < @ $* >		$: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')',
1253`R$+ < @ $* $=R >	$@ OK
1254ifdef(`ACCESS_TABLE', `dnl
1255R$+ < @ $* >		$: $>LookUpDomain <$2> <?> <$1 < @ $2 >>',`dnl')')
1256ifdef(`ACCESS_TABLE', `dnl
1257R<RELAY> $*		$@ RELAY
1258R<$*> <$*>		$: $2',`dnl')
1259
1260ifdef(`_RELAY_MX_SERVED_', `dnl
1261# allow relaying for hosts which we MX serve
1262R$+ < @ $* >		$: < : $(mxserved $2 $) : > $1 < @ $2 >
1263R< : $* <TEMP> : > $*	$#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
1264R<$* : $=w . : $*> $*	$@ OK
1265R< : $* : > $*		$: $2',
1266`dnl')
1267
1268# check for local user (i.e. unqualified address)
1269R$*			$: <?> $1
1270R<?> $* < @ $+ >	$: <REMOTE> $1 < @ $2 >
1271# local user is ok
1272R<?> $+			$@ OK
1273R<$+> $*		$: $2
1274
1275# anything originating locally is ok
1276R$*			$: <?> $&{client_name}
1277# check if bracketed IP address (forward lookup != reverse lookup)
1278R<?> [$+]		$: <BAD> [$1]
1279# pass to name server to make hostname canonical
1280R<?> $* $~P 		$: <?> $[ $1 $2 $]
1281R<$-> $*		$: $2
1282R$* .			$1				strip trailing dots
1283R$@			$@ OK
1284ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
1285R$* $=m			$@ OK', `dnl')
1286R$=w			$@ OK
1287ifdef(`_RELAY_HOSTS_ONLY_',
1288`R$=R			$@ OK
1289ifdef(`ACCESS_TABLE', `dnl
1290R$*			$: <$(access $1 $: ? $)> <$1>',`dnl')',
1291`R$* $=R			$@ OK
1292ifdef(`ACCESS_TABLE', `dnl
1293R$*			$: $>LookUpDomain <$1> <?> <$1>',`dnl')')
1294ifdef(`ACCESS_TABLE', `dnl
1295R<RELAY> $*		$@ RELAY
1296R<$*> <$*>		$: $2',`dnl')
1297
1298# check IP address
1299R$*			$: $&{client_addr}
1300R$@			$@ OK			originated locally
1301R0			$@ OK			originated locally
1302R$=R $*			$@ OK			relayable IP address
1303ifdef(`ACCESS_TABLE', `dnl
1304R$*			$: $>LookUpAddress <$1> <?> <$1>
1305R<RELAY> $* 		$@ RELAY		relayable IP address
1306R<$*> <$*>		$: $2', `dnl')
1307R$*			$: [ $1 ]		put brackets around it...
1308R$=w			$@ OK			... and see if it is local
1309
1310ifdef(`_RELAY_LOCAL_FROM_', `dnl
1311# anything with a local FROM is ok
1312R$*			$: $1 $| $>CanonAddr $&f
1313R$* $| $+ < @ $=w . >	$@ OK			FROM local
1314R$* $| $*		$: $1
1315', `dnl')
1316
1317# anything else is bogus
1318R$*			$#error $@ 5.7.1 $: "550 Relaying denied"')
1319
1320undivert(9)dnl
1321#
1322######################################################################
1323######################################################################
1324#####
1325`#####			MAILER DEFINITIONS'
1326#####
1327######################################################################
1328######################################################################
1329undivert(7)dnl
1330