README revision 132943
138032Speter 264562Sgshapiro SENDMAIL CONFIGURATION FILES 338032Speter 490792SgshapiroThis document describes the sendmail configuration files. It 590792Sgshapiroexplains how to create a sendmail.cf file for use with sendmail. 690792SgshapiroIt also describes how to set options for sendmail which are explained 790792Sgshapiroin the Sendmail Installation and Operation guide (doc/op/op.me). 838032Speter 990792SgshapiroTo get started, you may want to look at tcpproto.mc (for TCP-only 1090792Sgshapirosites) and clientproto.mc (for clusters of clients using a single 1190792Sgshapiromail host), or the generic-*.mc files as operating system-specific 1290792Sgshapiroexamples. 1338032Speter 1490792SgshapiroTable of Content: 1538032Speter 1690792SgshapiroINTRODUCTION AND EXAMPLE 1790792SgshapiroA BRIEF INTRODUCTION TO M4 1890792SgshapiroFILE LOCATIONS 1990792SgshapiroOSTYPE 2090792SgshapiroDOMAINS 2190792SgshapiroMAILERS 2290792SgshapiroFEATURES 2390792SgshapiroHACKS 2490792SgshapiroSITE CONFIGURATION 2590792SgshapiroUSING UUCP MAILERS 2690792SgshapiroTWEAKING RULESETS 2790792SgshapiroMASQUERADING AND RELAYING 2890792SgshapiroUSING LDAP FOR ALIASES, MAPS, AND CLASSES 2990792SgshapiroLDAP ROUTING 3090792SgshapiroANTI-SPAM CONFIGURATION CONTROL 31132943SgshapiroCONNECTION CONTROL 3290792SgshapiroSTARTTLS 3390792SgshapiroSMTP AUTHENTICATION 3490792SgshapiroADDING NEW MAILERS OR RULESETS 3590792SgshapiroADDING NEW MAIL FILTERS 3690792SgshapiroQUEUE GROUP DEFINITIONS 3790792SgshapiroNON-SMTP BASED CONFIGURATIONS 3890792SgshapiroWHO AM I? 3990792SgshapiroACCEPTING MAIL FOR MULTIPLE NAMES 4090792SgshapiroUSING MAILERTABLES 4190792SgshapiroUSING USERDB TO MAP FULL NAMES 4290792SgshapiroMISCELLANEOUS SPECIAL FEATURES 4390792SgshapiroSECURITY NOTES 4490792SgshapiroTWEAKING CONFIGURATION OPTIONS 4590792SgshapiroMESSAGE SUBMISSION PROGRAM 4690792SgshapiroFORMAT OF FILES AND MAPS 4790792SgshapiroDIRECTORY LAYOUT 4890792SgshapiroADMINISTRATIVE DETAILS 4938032Speter 5090792Sgshapiro 5138032Speter+--------------------------+ 5238032Speter| INTRODUCTION AND EXAMPLE | 5338032Speter+--------------------------+ 5438032Speter 5538032SpeterConfiguration files are contained in the subdirectory "cf", with a 5638032Spetersuffix ".mc". They must be run through "m4" to produce a ".cf" file. 5738032SpeterYou must pre-load "cf.m4": 5838032Speter 5938032Speter m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf 6038032Speter 6164562SgshapiroAlternatively, you can simply: 6264562Sgshapiro 6364562Sgshapiro cd ${CFDIR}/cf 6464562Sgshapiro ./Build config.cf 6564562Sgshapiro 6638032Speterwhere ${CFDIR} is the root of the cf directory and config.mc is the 6738032Spetername of your configuration file. If you are running a version of M4 6838032Speterthat understands the __file__ builtin (versions of GNU m4 >= 0.75 do 6938032Speterthis, but the versions distributed with 4.4BSD and derivatives do not) 7038032Speteror the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory. 7138032SpeterFor "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST 7238032Speteruse -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example: 7338032Speter 7438032Speter m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf 7538032Speter 7638032SpeterLet's examine a typical .mc file: 7738032Speter 7838032Speter divert(-1) 7938032Speter # 80132943Sgshapiro # Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. 8164562Sgshapiro # All rights reserved. 8238032Speter # Copyright (c) 1983 Eric P. Allman. All rights reserved. 8338032Speter # Copyright (c) 1988, 1993 8438032Speter # The Regents of the University of California. All rights reserved. 8538032Speter # 8638032Speter # By using this file, you agree to the terms and conditions set 8738032Speter # forth in the LICENSE file which can be found at the top level of 8838032Speter # the sendmail distribution. 8938032Speter # 9038032Speter 9138032Speter # 9238032Speter # This is a Berkeley-specific configuration file for HP-UX 9.x. 9338032Speter # It applies only to the Computer Science Division at Berkeley, 9438032Speter # and should not be used elsewhere. It is provided on the sendmail 9538032Speter # distribution as a sample only. To create your own configuration 9638032Speter # file, create an appropriate domain file in ../domain, change the 9738032Speter # `DOMAIN' macro below to reference that file, and copy the result 9838032Speter # to a name of your own choosing. 9938032Speter # 10038032Speter divert(0) 10138032Speter 10238032SpeterThe divert(-1) will delete the crud in the resulting output file. 10338032SpeterThe copyright notice can be replaced by whatever your lawyers require; 10464562Sgshapiroour lawyers require the one that is included in these files. A copyleft 10538032Speteris a copyright by another name. The divert(0) restores regular output. 10638032Speter 10738032Speter VERSIONID(`<SCCS or RCS version id>') 10838032Speter 10938032SpeterVERSIONID is a macro that stuffs the version information into the 11064562Sgshapiroresulting file. You could use SCCS, RCS, CVS, something else, or 11138032Speteromit it completely. This is not the same as the version id included 11238032Speterin SMTP greeting messages -- this is defined in m4/version.m4. 11338032Speter 11464562Sgshapiro OSTYPE(`hpux9')dnl 11538032Speter 11638032SpeterYou must specify an OSTYPE to properly configure things such as the 11738032Speterpathname of the help and status files, the flags needed for the local 11838032Spetermailer, and other important things. If you omit it, you will get an 11938032Spetererror when you try to build the configuration. Look at the ostype 12038032Speterdirectory for the list of known operating system types. 12138032Speter 12264562Sgshapiro DOMAIN(`CS.Berkeley.EDU')dnl 12338032Speter 12438032SpeterThis example is specific to the Computer Science Division at Berkeley. 12564562SgshapiroYou can use "DOMAIN(`generic')" to get a sufficiently bland definition 12638032Speterthat may well work for you, or you can create a customized domain 12738032Speterdefinition appropriate for your environment. 12838032Speter 12964562Sgshapiro MAILER(`local') 13064562Sgshapiro MAILER(`smtp') 13138032Speter 13290792SgshapiroThese describe the mailers used at the default CS site. The local 13390792Sgshapiromailer is always included automatically. Beware: MAILER declarations 134132943Sgshapiroshould only be followed by LOCAL_* sections. The general rules are 135132943Sgshapirothat the order should be: 13638032Speter 13738032Speter VERSIONID 13838032Speter OSTYPE 13938032Speter DOMAIN 14038032Speter FEATURE 14138032Speter local macro definitions 14238032Speter MAILER 14390792Sgshapiro LOCAL_CONFIG 14464562Sgshapiro LOCAL_RULE_* 14564562Sgshapiro LOCAL_RULESETS 14638032Speter 14764562SgshapiroThere are a few exceptions to this rule. Local macro definitions which 14864562Sgshapiroinfluence a FEATURE() should be done before that feature. For example, 14964562Sgshapiroa define(`PROCMAIL_MAILER_PATH', ...) should be done before 15064562SgshapiroFEATURE(`local_procmail'). 15138032Speter 15290792Sgshapiro******************************************************************* 15390792Sgshapiro*** BE SURE YOU CUSTOMIZE THESE FILES! They have some *** 15490792Sgshapiro*** Berkeley-specific assumptions built in, such as the name *** 15590792Sgshapiro*** of their UUCP-relay. You'll want to create your own *** 15690792Sgshapiro*** domain description, and use that in place of *** 15790792Sgshapiro*** domain/Berkeley.EDU.m4. *** 15890792Sgshapiro******************************************************************* 15964562Sgshapiro 16090792Sgshapiro 16138032Speter+----------------------------+ 16238032Speter| A BRIEF INTRODUCTION TO M4 | 16338032Speter+----------------------------+ 16438032Speter 16538032SpeterSendmail uses the M4 macro processor to ``compile'' the configuration 16638032Speterfiles. The most important thing to know is that M4 is stream-based, 16738032Speterthat is, it doesn't understand about lines. For this reason, in some 16838032Speterplaces you may see the word ``dnl'', which stands for ``delete 16938032Speterthrough newline''; essentially, it deletes all characters starting 17038032Speterat the ``dnl'' up to and including the next newline character. In 17138032Spetermost cases sendmail uses this only to avoid lots of unnecessary 17238032Speterblank lines in the output. 17338032Speter 17438032SpeterOther important directives are define(A, B) which defines the macro 17538032Speter``A'' to have value ``B''. Macros are expanded as they are read, so 17638032Speterone normally quotes both values to prevent expansion. For example, 17738032Speter 17838032Speter define(`SMART_HOST', `smart.foo.com') 17938032Speter 18038032SpeterOne word of warning: M4 macros are expanded even in lines that appear 18138032Speterto be comments. For example, if you have 18238032Speter 18364562Sgshapiro # See FEATURE(`foo') above 18438032Speter 18564562Sgshapiroit will not do what you expect, because the FEATURE(`foo') will be 18638032Speterexpanded. This also applies to 18738032Speter 18838032Speter # And then define the $X macro to be the return address 18938032Speter 19038032Speterbecause ``define'' is an M4 keyword. If you want to use them, surround 19138032Speterthem with directed quotes, `like this'. 19238032Speter 193110560SgshapiroSince m4 uses single quotes (opening "`" and closing "'") to quote 194110560Sgshapiroarguments, those quotes can't be used in arguments. For example, 195110560Sgshapiroit is not possible to define a rejection message containing a single 196110560Sgshapiroquote. Usually there are simple workarounds by changing those 197110560Sgshapiromessages; in the worst case it might be ok to change the value 198110560Sgshapirodirectly in the generated .cf file, which however is not advised. 19990792Sgshapiro 200110560Sgshapiro 20190792SgshapiroNotice: 20290792Sgshapiro------- 20390792Sgshapiro 20490792SgshapiroThis package requires a post-V7 version of m4; if you are running the 20590792Sgshapiro4.2bsd, SysV.2, or 7th Edition version. SunOS's /usr/5bin/m4 or 20690792SgshapiroBSD-Net/2's m4 both work. GNU m4 version 1.1 or later also works. 20790792SgshapiroUnfortunately, the M4 on BSDI 1.0 doesn't work -- you'll have to use a 20890792SgshapiroNet/2 or GNU version. GNU m4 is available from 20990792Sgshapiroftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the latest version). 21090792SgshapiroEXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x is fine). Use GNU 21190792Sgshapirom4 on this platform. 21290792Sgshapiro 21390792Sgshapiro 21438032Speter+----------------+ 21538032Speter| FILE LOCATIONS | 21638032Speter+----------------+ 21738032Speter 21838032Spetersendmail 8.9 has introduced a new configuration directory for sendmail 21938032Speterrelated files, /etc/mail. The new files available for sendmail 8.9 -- 22064562Sgshapirothe class {R} /etc/mail/relay-domains and the access database 22164562Sgshapiro/etc/mail/access -- take advantage of this new directory. Beginning with 22264562Sgshapiro8.10, all files will use this directory by default (some options may be 22364562Sgshapiroset by OSTYPE() files). This new directory should help to restore 22464562Sgshapirouniformity to sendmail's file locations. 22538032Speter 22664562SgshapiroBelow is a table of some of the common changes: 22764562Sgshapiro 22864562SgshapiroOld filename New filename 22964562Sgshapiro------------ ------------ 23064562Sgshapiro/etc/bitdomain /etc/mail/bitdomain 23164562Sgshapiro/etc/domaintable /etc/mail/domaintable 23264562Sgshapiro/etc/genericstable /etc/mail/genericstable 23364562Sgshapiro/etc/uudomain /etc/mail/uudomain 23464562Sgshapiro/etc/virtusertable /etc/mail/virtusertable 23564562Sgshapiro/etc/userdb /etc/mail/userdb 23664562Sgshapiro 23764562Sgshapiro/etc/aliases /etc/mail/aliases 23864562Sgshapiro/etc/sendmail/aliases /etc/mail/aliases 23964562Sgshapiro/etc/ucbmail/aliases /etc/mail/aliases 24064562Sgshapiro/usr/adm/sendmail/aliases /etc/mail/aliases 24164562Sgshapiro/usr/lib/aliases /etc/mail/aliases 24264562Sgshapiro/usr/lib/mail/aliases /etc/mail/aliases 24364562Sgshapiro/usr/ucblib/aliases /etc/mail/aliases 24464562Sgshapiro 24564562Sgshapiro/etc/sendmail.cw /etc/mail/local-host-names 24664562Sgshapiro/etc/mail/sendmail.cw /etc/mail/local-host-names 24764562Sgshapiro/etc/sendmail/sendmail.cw /etc/mail/local-host-names 24864562Sgshapiro 24964562Sgshapiro/etc/sendmail.ct /etc/mail/trusted-users 25064562Sgshapiro 25164562Sgshapiro/etc/sendmail.oE /etc/mail/error-header 25264562Sgshapiro 25364562Sgshapiro/etc/sendmail.hf /etc/mail/helpfile 25464562Sgshapiro/etc/mail/sendmail.hf /etc/mail/helpfile 25564562Sgshapiro/usr/ucblib/sendmail.hf /etc/mail/helpfile 25664562Sgshapiro/etc/ucbmail/sendmail.hf /etc/mail/helpfile 25764562Sgshapiro/usr/lib/sendmail.hf /etc/mail/helpfile 25864562Sgshapiro/usr/share/lib/sendmail.hf /etc/mail/helpfile 25964562Sgshapiro/usr/share/misc/sendmail.hf /etc/mail/helpfile 26064562Sgshapiro/share/misc/sendmail.hf /etc/mail/helpfile 26164562Sgshapiro 26264562Sgshapiro/etc/service.switch /etc/mail/service.switch 26364562Sgshapiro 26464562Sgshapiro/etc/sendmail.st /etc/mail/statistics 26564562Sgshapiro/etc/mail/sendmail.st /etc/mail/statistics 26664562Sgshapiro/etc/mailer/sendmail.st /etc/mail/statistics 26764562Sgshapiro/etc/sendmail/sendmail.st /etc/mail/statistics 26864562Sgshapiro/usr/lib/sendmail.st /etc/mail/statistics 26964562Sgshapiro/usr/ucblib/sendmail.st /etc/mail/statistics 27064562Sgshapiro 27164562SgshapiroNote that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR 27264562Sgshapiroto create the pathnames. The default value of this variable is 27364562Sgshapiro`/etc/mail/'. If you set this macro to a different value, you MUST include 27464562Sgshapiroa trailing slash. 27564562Sgshapiro 27680785SgshapiroNotice: all filenames used in a .mc (or .cf) file should be absolute 27780785Sgshapiro(starting at the root, i.e., with '/'). Relative filenames most 27880785Sgshapirolikely cause surprises during operations (unless otherwise noted). 27980785Sgshapiro 28080785Sgshapiro 28138032Speter+--------+ 28238032Speter| OSTYPE | 28338032Speter+--------+ 28438032Speter 28538032SpeterYou MUST define an operating system environment, or the configuration 28638032Speterfile build will puke. There are several environments available; look 28738032Speterat the "ostype" directory for the current list. This macro changes 28838032Speterthings like the location of the alias file and queue directory. Some 28938032Speterof these files are identical to one another. 29038032Speter 29138032SpeterIt is IMPERATIVE that the OSTYPE occur before any MAILER definitions. 29238032SpeterIn general, the OSTYPE macro should go immediately after any version 29338032Speterinformation, and MAILER definitions should always go last. 29438032Speter 29538032SpeterOperating system definitions are usually easy to write. They may define 29638032Speterthe following variables (everything defaults, so an ostype file may be 29738032Speterempty). Unfortunately, the list of configuration-supported systems is 29838032Speternot as broad as the list of source-supported systems, since many of 29938032Speterthe source contributors do not include corresponding ostype files. 30038032Speter 30164562SgshapiroALIAS_FILE [/etc/mail/aliases] The location of the text version 30238032Speter of the alias file(s). It can be a comma-separated 30338032Speter list of names (but be sure you quote values with 30438032Speter commas in them -- for example, use 30538032Speter define(`ALIAS_FILE', `a,b') 30638032Speter to get "a" and "b" both listed as alias files; 30738032Speter otherwise the define() primitive only sees "a"). 30864562SgshapiroHELP_FILE [/etc/mail/helpfile] The name of the file 30938032Speter containing information printed in response to 31038032Speter the SMTP HELP command. 31138032SpeterQUEUE_DIR [/var/spool/mqueue] The directory containing 31264562Sgshapiro queue files. To use multiple queues, supply 31364562Sgshapiro a value ending with an asterisk. For 31473188Sgshapiro example, /var/spool/mqueue/qd* will use all of the 31564562Sgshapiro directories or symbolic links to directories 31673188Sgshapiro beginning with 'qd' in /var/spool/mqueue as queue 31764562Sgshapiro directories. The names 'qf', 'df', and 'xf' are 31873188Sgshapiro reserved as specific subdirectories for the 31973188Sgshapiro corresponding queue file types as explained in 32090792Sgshapiro doc/op/op.me. See also QUEUE GROUP DEFINITIONS. 32190792SgshapiroMSP_QUEUE_DIR [/var/spool/clientmqueue] The directory containing 32290792Sgshapiro queue files for the MSP (Mail Submission Program, 32390792Sgshapiro see sendmail/SECURITY). 32464562SgshapiroSTATUS_FILE [/etc/mail/statistics] The file containing status 32538032Speter information. 32638032SpeterLOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. 32764562SgshapiroLOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The 32864562Sgshapiro flags lsDFMAw5:/|@q are always included. 32938032SpeterLOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local 33038032Speter mail. 33138032SpeterLOCAL_MAILER_MAX [undefined] If defined, the maximum size of local 33238032Speter mail that you are willing to accept. 33364562SgshapiroLOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of 33464562Sgshapiro messages to deliver in a single connection. Only 33564562Sgshapiro useful for LMTP local mailers. 33638032SpeterLOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 33738032Speter that ARRIVE from an address that resolves to the 33838032Speter local mailer and which are converted to MIME will be 33938032Speter labeled with this character set. 34064562SgshapiroLOCAL_MAILER_EOL [undefined] If defined, the string to use as the 34164562Sgshapiro end of line for the local mailer. 34264562SgshapiroLOCAL_MAILER_DSN_DIAGNOSTIC_CODE 34364562Sgshapiro [X-Unix] The DSN Diagnostic-Code value for the 34464562Sgshapiro local mailer. This should be changed with care. 34538032SpeterLOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email. 34638032SpeterLOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The 34738032Speter flags lsDFM are always included. 34838032SpeterLOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog" 34938032Speter mail. 35038032SpeterLOCAL_SHELL_DIR [$z:/] The directory search path in which the 35138032Speter shell should run. 35290792SgshapiroLOCAL_MAILER_QGRP [undefined] The queue group for the local mailer. 35338032SpeterUSENET_MAILER_PATH [/usr/lib/news/inews] The name of the program 35438032Speter used to submit news. 35564562SgshapiroUSENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer. 35638032SpeterUSENET_MAILER_ARGS [-m -h -n] The command line arguments for the 35790792Sgshapiro usenet mailer. NOTE: Some versions of inews 35890792Sgshapiro (such as those shipped with newer versions of INN) 35990792Sgshapiro use different flags. Double check the defaults 36090792Sgshapiro against the inews man page. 361102528SgshapiroUSENET_MAILER_MAX [undefined] The maximum size of messages that will 36238032Speter be accepted by the usenet mailer. 36390792SgshapiroUSENET_MAILER_QGRP [undefined] The queue group for the usenet mailer. 36438032SpeterSMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default 36564562Sgshapiro flags are `mDFMuX' for all SMTP-based mailers; the 36664562Sgshapiro "esmtp" mailer adds `a'; "smtp8" adds `8'; and 36764562Sgshapiro "dsmtp" adds `%'. 36864562SgshapiroRELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default 36964562Sgshapiro flags are `mDFMuX' for all SMTP-based mailers; the 37064562Sgshapiro relay mailer adds `a8'. If this is not defined, 37164562Sgshapiro then SMTP_MAILER_FLAGS is used. 37238032SpeterSMTP_MAILER_MAX [undefined] The maximum size of messages that will 37364562Sgshapiro be transported using the smtp, smtp8, esmtp, or dsmtp 37438032Speter mailers. 37564562SgshapiroSMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of 37664562Sgshapiro messages to deliver in a single connection for the 37764562Sgshapiro smtp, smtp8, esmtp, or dsmtp mailers. 37894334SgshapiroSMTP_MAILER_MAXRCPTS [undefined] If defined, the maximum number of 37994334Sgshapiro recipients to deliver in a single connection for the 38094334Sgshapiro smtp, smtp8, esmtp, or dsmtp mailers. 38166494SgshapiroSMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer. 38238032Speter About the only reason you would want to change this 38338032Speter would be to change the default port. 38466494SgshapiroESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer. 38566494SgshapiroSMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer. 38666494SgshapiroDSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer. 38766494SgshapiroRELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer. 38890792SgshapiroSMTP_MAILER_QGRP [undefined] The queue group for the smtp mailer. 38990792SgshapiroESMTP_MAILER_QGRP [undefined] The queue group for the esmtp mailer. 39090792SgshapiroSMTP8_MAILER_QGRP [undefined] The queue group for the smtp8 mailer. 39190792SgshapiroDSMTP_MAILER_QGRP [undefined] The queue group for the dsmtp mailer. 39290792SgshapiroRELAY_MAILER_QGRP [undefined] The queue group for the relay mailer. 39364562SgshapiroRELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of 39464562Sgshapiro messages to deliver in a single connection for the 39564562Sgshapiro relay mailer. 39638032SpeterSMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 39738032Speter that ARRIVE from an address that resolves to one of 39838032Speter the SMTP mailers and which are converted to MIME will 39938032Speter be labeled with this character set. 40038032SpeterUUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail. 40138032SpeterUUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default 40238032Speter flags are `DFMhuU' (and `m' for uucp-new mailer, 40338032Speter minus `U' for uucp-dom mailer). 40438032SpeterUUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments 40538032Speter passed to the UUCP mailer. 40638032SpeterUUCP_MAILER_MAX [100000] The maximum size message accepted for 40738032Speter transmission by the UUCP mailers. 40838032SpeterUUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 40938032Speter that ARRIVE from an address that resolves to one of 41038032Speter the UUCP mailers and which are converted to MIME will 41138032Speter be labeled with this character set. 41290792SgshapiroUUCP_MAILER_QGRP [undefined] The queue group for the UUCP mailers. 41338032SpeterFAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to 41438032Speter submit FAX messages. 41538032SpeterFAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX 41638032Speter mailer. 41738032SpeterFAX_MAILER_MAX [100000] The maximum size message accepted for 41838032Speter transmission by FAX. 41938032SpeterPOP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer. 42064562SgshapiroPOP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq 42138032Speter are always added. 42238032SpeterPOP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer. 42390792SgshapiroPOP_MAILER_QGRP [undefined] The queue group for the pop mailer. 42438032SpeterPROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail 42543730Speter program. This is also used by 42643730Speter FEATURE(`local_procmail'). 42738032SpeterPROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags 42864562Sgshapiro DFM are always set. This is NOT used by 42943730Speter FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS 43038032Speter instead. 43138032SpeterPROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to 43238032Speter the Procmail mailer. This is NOT used by 43343730Speter FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS 43438032Speter instead. 43538032SpeterPROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that 43638032Speter will be accepted by the procmail mailer. 43790792SgshapiroPROCMAIL_MAILER_QGRP [undefined] The queue group for the procmail mailer. 43838032SpeterMAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer. 43938032SpeterMAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer. 44038032SpeterMAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11 44138032Speter mailer. 44290792SgshapiroMAIL11_MAILER_QGRP [undefined] The queue group for the mail11 mailer. 44338032SpeterPH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery 44438032Speter program. 44564562SgshapiroPH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM 44664562Sgshapiro are always set. 44738032SpeterPH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer. 44890792SgshapiroPH_MAILER_QGRP [undefined] The queue group for the ph mailer. 44964562SgshapiroCYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The 45038032Speter flags lsDFMnPq are always included. 45138032SpeterCYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver 45238032Speter cyrus mail. 45338032SpeterCYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed 45438032Speter to deliver cyrus mail. 45538032SpeterCYRUS_MAILER_MAX [undefined] If set, the maximum size message that 45638032Speter will be accepted by the cyrus mailer. 45738032SpeterCYRUS_MAILER_USER [cyrus:mail] The user and group to become when 45838032Speter running the cyrus mailer. 45990792SgshapiroCYRUS_MAILER_QGRP [undefined] The queue group for the cyrus mailer. 46064562SgshapiroCYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer. 46164562Sgshapiro The flags lsDFMnP are always included. 46238032SpeterCYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed 46338032Speter to deliver cyrusbb mail. 46498121SgshapiroCYRUSV2_MAILER_FLAGS [A@/:|m] The flags used by the cyrusv2 mailer. The 46598121Sgshapiro flags lsDFMnqXz are always included. 46698121SgshapiroCYRUSV2_MAILER_MAXMSGS [undefined] If defined, the maximum number of 46798121Sgshapiro messages to deliver in a single connection for the 46898121Sgshapiro cyrusv2 mailer. 46998121SgshapiroCYRUSV2_MAILER_MAXRCPTS [undefined] If defined, the maximum number of 47098121Sgshapiro recipients to deliver in a single connection for the 47198121Sgshapiro cyrusv2 mailer. 47298121SgshapiroCYRUSV2_MAILER_ARGS [FILE /var/imap/socket/lmtp] The arguments passed 47398121Sgshapiro to the cyrusv2 mailer. This can be used to 47498121Sgshapiro change the name of the Unix domain socket, or 47598121Sgshapiro to switch to delivery via TCP (e.g., `TCP $h lmtp') 47698121SgshapiroCYRUSV2_MAILER_QGRP [undefined] The queue group for the cyrusv2 mailer. 477110560SgshapiroCYRUSV2_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 478110560Sgshapiro that ARRIVE from an address that resolves to one the 479110560Sgshapiro Cyrus mailer and which are converted to MIME will 480110560Sgshapiro be labeled with this character set. 48138032SpeterconfEBINDIR [/usr/libexec] The directory for executables. 48243730Speter Currently used for FEATURE(`local_lmtp') and 48343730Speter FEATURE(`smrsh'). 48464562SgshapiroQPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer. 48564562SgshapiroQPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver 48664562Sgshapiro qpage mail. 48764562SgshapiroQPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed 48864562Sgshapiro to deliver qpage mail. 48964562SgshapiroQPAGE_MAILER_MAX [4096] If set, the maximum size message that 49064562Sgshapiro will be accepted by the qpage mailer. 49190792SgshapiroQPAGE_MAILER_QGRP [undefined] The queue group for the qpage mailer. 49290792SgshapiroLOCAL_PROG_QGRP [undefined] The queue group for the prog mailer. 49338032Speter 49464562SgshapiroNote: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS: 49564562SgshapiroMODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part of 49664562Sgshapirothe macro Name_MAILER_FLAGS and change can be: flags that should 49764562Sgshapirobe used directly (thus overriding the default value), or if it 49864562Sgshapirostarts with `+' (`-') then those flags are added to (removed from) 49964562Sgshapirothe default value. Example: 50038032Speter 50164562Sgshapiro MODIFY_MAILER_FLAGS(`LOCAL', `+e') 50238032Speter 50390792Sgshapirowill add the flag `e' to LOCAL_MAILER_FLAGS. Notice: there are 50490792Sgshapiroseveral smtp mailers all of which are manipulated individually. 50590792SgshapiroSee the section MAILERS for the available mailer names. 50664562SgshapiroWARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS 50764562Sgshapirounconditionally, i.e., without respecting any definitions in an 50864562SgshapiroOSTYPE setting. 50964562Sgshapiro 51064562Sgshapiro 51138032Speter+---------+ 51238032Speter| DOMAINS | 51338032Speter+---------+ 51438032Speter 51538032SpeterYou will probably want to collect domain-dependent defines into one 51664562Sgshapirofile, referenced by the DOMAIN macro. For example, the Berkeley 51738032Speterdomain file includes definitions for several internal distinguished 51838032Speterhosts: 51938032Speter 52038032SpeterUUCP_RELAY The host that will accept UUCP-addressed email. 52138032Speter If not defined, all UUCP sites must be directly 52238032Speter connected. 52338032SpeterBITNET_RELAY The host that will accept BITNET-addressed email. 52438032Speter If not defined, the .BITNET pseudo-domain won't work. 52538032SpeterDECNET_RELAY The host that will accept DECNET-addressed email. 52638032Speter If not defined, the .DECNET pseudo-domain and addresses 52738032Speter of the form node::user will not work. 52838032SpeterFAX_RELAY The host that will accept mail to the .FAX pseudo-domain. 52938032Speter The "fax" mailer overrides this value. 53071345SgshapiroLOCAL_RELAY The site that will handle unqualified names -- that 53182017Sgshapiro is, names without an @domain extension. 53271345Sgshapiro Normally MAIL_HUB is preferred for this function. 53371345Sgshapiro LOCAL_RELAY is mostly useful in conjunction with 53490792Sgshapiro FEATURE(`stickyhost') -- see the discussion of 53571345Sgshapiro stickyhost below. If not set, they are assumed to 53671345Sgshapiro belong on this machine. This allows you to have a 53771345Sgshapiro central site to store a company- or department-wide 53871345Sgshapiro alias database. This only works at small sites, 53971345Sgshapiro and only with some user agents. 54038032SpeterLUSER_RELAY The site that will handle lusers -- that is, apparently 54164562Sgshapiro local names that aren't local accounts or aliases. To 54264562Sgshapiro specify a local user instead of a site, set this to 54364562Sgshapiro ``local:username''. 54438032Speter 54538032SpeterAny of these can be either ``mailer:hostname'' (in which case the 54638032Spetermailer is the internal mailer name, such as ``uucp-new'' and the hostname 54738032Speteris the name of the host as appropriate for that mailer) or just a 54838032Speter``hostname'', in which case a default mailer type (usually ``relay'', 54938032Spetera variant on SMTP) is used. WARNING: if you have a wildcard MX 55038032Speterrecord matching your domain, you probably want to define these to 55138032Speterhave a trailing dot so that you won't get the mail diverted back 55238032Speterto yourself. 55338032Speter 55438032SpeterThe domain file can also be used to define a domain name, if needed 55538032Speter(using "DD<domain>") and set certain site-wide features. If all hosts 55638032Speterat your site masquerade behind one email name, you could also use 55738032SpeterMASQUERADE_AS here. 55838032Speter 55938032SpeterYou do not have to define a domain -- in particular, if you are a 56038032Spetersingle machine sitting off somewhere, it is probably more work than 56138032Speterit's worth. This is just a mechanism for combining "domain dependent 56238032Speterknowledge" into one place. 56338032Speter 56490792Sgshapiro 56538032Speter+---------+ 56638032Speter| MAILERS | 56738032Speter+---------+ 56838032Speter 56938032SpeterThere are fewer mailers supported in this version than the previous 57038032Speterversion, owing mostly to a simpler world. As a general rule, put the 57190792SgshapiroMAILER definitions last in your .mc file. 57238032Speter 57338032Speterlocal The local and prog mailers. You will almost always 57438032Speter need these; the only exception is if you relay ALL 57538032Speter your mail to another site. This mailer is included 57638032Speter automatically. 57738032Speter 57838032Spetersmtp The Simple Mail Transport Protocol mailer. This does 57938032Speter not hide hosts behind a gateway or another other 58038032Speter such hack; it assumes a world where everyone is 58138032Speter running the name server. This file actually defines 58264562Sgshapiro five mailers: "smtp" for regular (old-style) SMTP to 58338032Speter other servers, "esmtp" for extended SMTP to other 58438032Speter servers, "smtp8" to do SMTP to other servers without 58538032Speter converting 8-bit data to MIME (essentially, this is 58638032Speter your statement that you know the other end is 8-bit 58764562Sgshapiro clean even if it doesn't say so), "dsmtp" to do on 58864562Sgshapiro demand delivery, and "relay" for transmission to the 58964562Sgshapiro RELAY_HOST, LUSER_RELAY, or MAIL_HUB. 59038032Speter 59166494Sgshapirouucp The UNIX-to-UNIX Copy Program mailer. Actually, this 59238032Speter defines two mailers, "uucp-old" (a.k.a. "uucp") and 59338032Speter "uucp-new" (a.k.a. "suucp"). The latter is for when you 59438032Speter know that the UUCP mailer at the other end can handle 59538032Speter multiple recipients in one transfer. If the smtp mailer 59690792Sgshapiro is included in your configuration, two other mailers 59790792Sgshapiro ("uucp-dom" and "uucp-uudom") are also defined [warning: you 59890792Sgshapiro MUST specify MAILER(`smtp') before MAILER(`uucp')]. When you 59938032Speter include the uucp mailer, sendmail looks for all names in 60064562Sgshapiro class {U} and sends them to the uucp-old mailer; all 60164562Sgshapiro names in class {Y} are sent to uucp-new; and all 60264562Sgshapiro names in class {Z} are sent to uucp-uudom. Note that 60338032Speter this is a function of what version of rmail runs on 60438032Speter the receiving end, and hence may be out of your control. 60538032Speter See the section below describing UUCP mailers in more 60638032Speter detail. 60738032Speter 60838032Speterusenet Usenet (network news) delivery. If this is specified, 60938032Speter an extra rule is added to ruleset 0 that forwards all 61038032Speter local email for users named ``group.usenet'' to the 61138032Speter ``inews'' program. Note that this works for all groups, 61238032Speter and may be considered a security problem. 61338032Speter 61438032Speterfax Facsimile transmission. This is experimental and based 61538032Speter on Sam Leffler's HylaFAX software. For more information, 61671345Sgshapiro see http://www.hylafax.org/. 61738032Speter 61838032Speterpop Post Office Protocol. 61938032Speter 62038032Speterprocmail An interface to procmail (does not come with sendmail). 62138032Speter This is designed to be used in mailertables. For example, 62238032Speter a common question is "how do I forward all mail for a given 62338032Speter domain to a single person?". If you have this mailer 62438032Speter defined, you could set up a mailertable reading: 62538032Speter 62638032Speter host.com procmail:/etc/procmailrcs/host.com 62738032Speter 62838032Speter with the file /etc/procmailrcs/host.com reading: 62938032Speter 63038032Speter :0 # forward mail for host.com 63138032Speter ! -oi -f $1 person@other.host 63238032Speter 63338032Speter This would arrange for (anything)@host.com to be sent 634111823Sgshapiro to person@other.host. In a procmail script, $1 is the 635111823Sgshapiro name of the sender and $2 is the name of the recipient. 63643730Speter If you use this with FEATURE(`local_procmail'), the FEATURE 63738032Speter should be listed first. 63838032Speter 63990792Sgshapiro Of course there are other ways to solve this particular 64090792Sgshapiro problem, e.g., a catch-all entry in a virtusertable. 64190792Sgshapiro 64238032Spetermail11 The DECnet mail11 mailer, useful only if you have the mail11 64338032Speter program from gatekeeper.dec.com:/pub/DEC/gwtools (and 64438032Speter DECnet, of course). This is for Phase IV DECnet support; 64538032Speter if you have Phase V at your site you may have additional 64638032Speter problems. 64738032Speter 64838032Speterphquery The phquery program. This is somewhat counterintuitively 64938032Speter referenced as the "ph" mailer internally. It can be used 65038032Speter to do CCSO name server lookups. The phquery program, which 65138032Speter this mailer uses, is distributed with the ph client. 65238032Speter 65338032Spetercyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to 65438032Speter a local cyrus user. this mailer can make use of the 65590792Sgshapiro "user+detail@local.host" syntax (see 65690792Sgshapiro FEATURE(`preserve_local_plus_detail')); it will deliver the 65790792Sgshapiro mail to the user's "detail" mailbox if the mailbox's ACL 65890792Sgshapiro permits. The cyrusbb mailer delivers to a system-wide 65990792Sgshapiro cyrus mailbox if the mailbox's ACL permits. The cyrus 66090792Sgshapiro mailer must be defined after the local mailer. 66138032Speter 66298121Sgshapirocyrusv2 The mailer for Cyrus v2.x. The cyrusv2 mailer delivers to 66398121Sgshapiro local cyrus users via LMTP. This mailer can make use of the 66498121Sgshapiro "user+detail@local.host" syntax (see 66598121Sgshapiro FEATURE(`preserve_local_plus_detail')); it will deliver the 66698121Sgshapiro mail to the user's "detail" mailbox if the mailbox's ACL 66798121Sgshapiro permits. The cyrusv2 mailer must be defined after the 66898121Sgshapiro local mailer. 66998121Sgshapiro 67064562Sgshapiroqpage A mailer for QuickPage, a pager interface. See 67164562Sgshapiro http://www.qpage.org/ for further information. 67238032Speter 67338032SpeterThe local mailer accepts addresses of the form "user+detail", where 67438032Speterthe "+detail" is not used for mailbox matching but is available 67543730Speterto certain local mail programs (in particular, see 67643730SpeterFEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and 67743730Speter"eric+sww" all indicate the same user, but additional arguments <null>, 67843730Speter"sendmail", and "sww" may be provided for use in sorting mail. 67938032Speter 68038032Speter 68138032Speter+----------+ 68238032Speter| FEATURES | 68338032Speter+----------+ 68438032Speter 68538032SpeterSpecial features can be requested using the "FEATURE" macro. For 68638032Speterexample, the .mc line: 68738032Speter 68843730Speter FEATURE(`use_cw_file') 68938032Speter 69064562Sgshapirotells sendmail that you want to have it read an /etc/mail/local-host-names 69190792Sgshapirofile to get values for class {w}. A FEATURE may contain up to 9 69264562Sgshapirooptional parameters -- for example: 69338032Speter 69443730Speter FEATURE(`mailertable', `dbm /usr/lib/mailertable') 69538032Speter 69638032SpeterThe default database map type for the table features can be set with 69764562Sgshapiro 69838032Speter define(`DATABASE_MAP_TYPE', `dbm') 69938032Speter 70038032Speterwhich would set it to use ndbm databases. The default is the Berkeley DB 70138032Speterhash database format. Note that you must still declare a database map type 70238032Speterif you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used 70364562Sgshapiroif no argument is given for the FEATURE. It must be specified before any 70464562Sgshapirofeature that uses a map. 70538032Speter 70690792SgshapiroAlso, features which can take a map definition as an argument can also take 70790792Sgshapirothe special keyword `LDAP'. If that keyword is used, the map will use the 70890792SgshapiroLDAP definition described in the ``USING LDAP FOR ALIASES, MAPS, AND 70990792SgshapiroCLASSES'' section below. 71090792Sgshapiro 71138032SpeterAvailable features are: 71238032Speter 71364562Sgshapirouse_cw_file Read the file /etc/mail/local-host-names file to get 71464562Sgshapiro alternate names for this host. This might be used if you 71564562Sgshapiro were on a host that MXed for a dynamic set of other hosts. 71664562Sgshapiro If the set is static, just including the line "Cw<name1> 71764562Sgshapiro <name2> ..." (where the names are fully qualified domain 71864562Sgshapiro names) is probably superior. The actual filename can be 71964562Sgshapiro overridden by redefining confCW_FILE. 72038032Speter 72164562Sgshapirouse_ct_file Read the file /etc/mail/trusted-users file to get the 72264562Sgshapiro names of users that will be ``trusted'', that is, able to 72364562Sgshapiro set their envelope from address using -f without generating 72464562Sgshapiro a warning message. The actual filename can be overridden 72564562Sgshapiro by redefining confCT_FILE. 72638032Speter 72738032Speterredirect Reject all mail addressed to "address.REDIRECT" with 72864562Sgshapiro a ``551 User has moved; please try <address>'' message. 72938032Speter If this is set, you can alias people who have left 73038032Speter to their new address with ".REDIRECT" appended. 73138032Speter 73264562Sgshapironouucp Don't route UUCP addresses. This feature takes one 73364562Sgshapiro parameter: 73464562Sgshapiro `reject': reject addresses which have "!" in the local 73564562Sgshapiro part unless it originates from a system 73664562Sgshapiro that is allowed to relay. 73764562Sgshapiro `nospecial': don't do anything special with "!". 73890792Sgshapiro Warnings: 1. See the notice in the anti-spam section. 73964562Sgshapiro 2. don't remove "!" from OperatorChars if `reject' is 74064562Sgshapiro given as parameter. 74138032Speter 74264562Sgshapironocanonify Don't pass addresses to $[ ... $] for canonification 74371345Sgshapiro by default, i.e., host/domain names are considered canonical, 74471345Sgshapiro except for unqualified names, which must not be used in this 74571345Sgshapiro mode (violation of the standard). It can be changed by 74671345Sgshapiro setting the DaemonPortOptions modifiers (M=). That is, 74764562Sgshapiro FEATURE(`nocanonify') will be overridden by setting the 74864562Sgshapiro 'c' flag. Conversely, if FEATURE(`nocanonify') is not used, 74964562Sgshapiro it can be emulated by setting the 'C' flag 75064562Sgshapiro (DaemonPortOptions=Modifiers=C). This would generally only 75164562Sgshapiro be used by sites that only act as mail gateways or which have 75264562Sgshapiro user agents that do full canonification themselves. You may 75364562Sgshapiro also want to use 75464562Sgshapiro "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off 75564562Sgshapiro the usual resolver options that do a similar thing. 75638032Speter 75764562Sgshapiro An exception list for FEATURE(`nocanonify') can be 75864562Sgshapiro specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE, 75964562Sgshapiro i.e., a list of domains which are nevertheless passed to 76064562Sgshapiro $[ ... $] for canonification. This is useful to turn on 76164562Sgshapiro canonification for local domains, e.g., use 76264562Sgshapiro CANONIFY_DOMAIN(`my.domain my') to canonify addresses 76364562Sgshapiro which end in "my.domain" or "my". 76464562Sgshapiro Another way to require canonification in the local 76564562Sgshapiro domain is CANONIFY_DOMAIN(`$=m'). 76664562Sgshapiro 76764562Sgshapiro A trailing dot is added to addresses with more than 76864562Sgshapiro one component in it such that other features which 76964562Sgshapiro expect a trailing dot (e.g., virtusertable) will 77064562Sgshapiro still work. 77164562Sgshapiro 77264562Sgshapiro If `canonify_hosts' is specified as parameter, i.e., 77364562Sgshapiro FEATURE(`nocanonify', `canonify_hosts'), then 77464562Sgshapiro addresses which have only a hostname, e.g., 77564562Sgshapiro <user@host>, will be canonified (and hopefully fully 77664562Sgshapiro qualified), too. 77764562Sgshapiro 77871345Sgshapirostickyhost This feature is sometimes used with LOCAL_RELAY, 77971345Sgshapiro although it can be used for a different effect with 78071345Sgshapiro MAIL_HUB. 78138032Speter 78273188Sgshapiro When used without MAIL_HUB, email sent to 78371345Sgshapiro "user@local.host" are marked as "sticky" -- that 78471345Sgshapiro is, the local addresses aren't matched against UDB, 78571345Sgshapiro don't go through ruleset 5, and are not forwarded to 78671345Sgshapiro the LOCAL_RELAY (if defined). 78771345Sgshapiro 78871345Sgshapiro With MAIL_HUB, mail addressed to "user@local.host" 78971345Sgshapiro is forwarded to the mail hub, with the envelope 79071345Sgshapiro address still remaining "user@local.host". 79171345Sgshapiro Without stickyhost, the envelope would be changed 79271345Sgshapiro to "user@mail_hub", in order to protect against 79371345Sgshapiro mailing loops. 79471345Sgshapiro 79538032Spetermailertable Include a "mailer table" which can be used to override 79664562Sgshapiro routing for particular domains (which are not in class {w}, 79764562Sgshapiro i.e. local host names). The argument of the FEATURE may be 79864562Sgshapiro the key definition. If none is specified, the definition 79964562Sgshapiro used is: 80043730Speter 80164562Sgshapiro hash /etc/mail/mailertable 80243730Speter 80338032Speter Keys in this database are fully qualified domain names 80438032Speter or partial domains preceded by a dot -- for example, 80564562Sgshapiro "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a 80664562Sgshapiro special case of the latter, "." matches any domain not 80764562Sgshapiro covered by other keys. Values must be of the form: 80838032Speter mailer:domain 80938032Speter where "mailer" is the internal mailer name, and "domain" 81038032Speter is where to send the message. These maps are not 81138032Speter reflected into the message header. As a special case, 81238032Speter the forms: 81338032Speter local:user 81438032Speter will forward to the indicated user using the local mailer, 81538032Speter local: 81638032Speter will forward to the original user in the e-mail address 81738032Speter using the local mailer, and 81838032Speter error:code message 81964562Sgshapiro error:D.S.N:code message 82064562Sgshapiro will give an error message with the indicated SMTP reply 82164562Sgshapiro code and message, where D.S.N is an RFC 1893 compliant 82264562Sgshapiro error code. 82338032Speter 82438032Speterdomaintable Include a "domain table" which can be used to provide 82538032Speter domain name mapping. Use of this should really be 82638032Speter limited to your own domains. It may be useful if you 82738032Speter change names (e.g., your company changes names from 82838032Speter oldname.com to newname.com). The argument of the 82938032Speter FEATURE may be the key definition. If none is specified, 83038032Speter the definition used is: 83143730Speter 83264562Sgshapiro hash /etc/mail/domaintable 83343730Speter 83438032Speter The key in this table is the domain name; the value is 83538032Speter the new (fully qualified) domain. Anything in the 83638032Speter domaintable is reflected into headers; that is, this 83738032Speter is done in ruleset 3. 83838032Speter 83938032Speterbitdomain Look up bitnet hosts in a table to try to turn them into 84038032Speter internet addresses. The table can be built using the 84138032Speter bitdomain program contributed by John Gardiner Myers. 84238032Speter The argument of the FEATURE may be the key definition; if 84338032Speter none is specified, the definition used is: 84443730Speter 84564562Sgshapiro hash /etc/mail/bitdomain 84643730Speter 84738032Speter Keys are the bitnet hostname; values are the corresponding 84838032Speter internet hostname. 84938032Speter 85038032Speteruucpdomain Similar feature for UUCP hosts. The default map definition 85138032Speter is: 85243730Speter 85364562Sgshapiro hash /etc/mail/uudomain 85443730Speter 85538032Speter At the moment there is no automagic tool to build this 85638032Speter database. 85738032Speter 85838032Speteralways_add_domain 85938032Speter Include the local host domain even on locally delivered 86038032Speter mail. Normally it is not added on unqualified names. 86138032Speter However, if you use a shared message store but do not use 86238032Speter the same user name space everywhere, you may need the host 86390792Sgshapiro name on local names. An optional argument specifies 86490792Sgshapiro another domain to be added than the local. 86538032Speter 86638032Speterallmasquerade If masquerading is enabled (using MASQUERADE_AS), this 86738032Speter feature will cause recipient addresses to also masquerade 86838032Speter as being from the masquerade host. Normally they get 86938032Speter the local hostname. Although this may be right for 87038032Speter ordinary users, it can break local aliases. For example, 87138032Speter if you send to "localalias", the originating sendmail will 87238032Speter find that alias and send to all members, but send the 87338032Speter message with "To: localalias@masqueradehost". Since that 87438032Speter alias likely does not exist, replies will fail. Use this 87538032Speter feature ONLY if you can guarantee that the ENTIRE 87638032Speter namespace on your masquerade host supersets all the 87738032Speter local entries. 87838032Speter 87938032Speterlimited_masquerade 88064562Sgshapiro Normally, any hosts listed in class {w} are masqueraded. If 88164562Sgshapiro this feature is given, only the hosts listed in class {M} (see 88264562Sgshapiro below: MASQUERADE_DOMAIN) are masqueraded. This is useful 88364562Sgshapiro if you have several domains with disjoint namespaces hosted 88464562Sgshapiro on the same machine. 88538032Speter 88638032Spetermasquerade_entire_domain 88764562Sgshapiro If masquerading is enabled (using MASQUERADE_AS) and 88838032Speter MASQUERADE_DOMAIN (see below) is set, this feature will 88938032Speter cause addresses to be rewritten such that the masquerading 89038032Speter domains are actually entire domains to be hidden. All 89138032Speter hosts within the masquerading domains will be rewritten 89238032Speter to the masquerade name (used in MASQUERADE_AS). For example, 89338032Speter if you have: 89438032Speter 89564562Sgshapiro MASQUERADE_AS(`masq.com') 89664562Sgshapiro MASQUERADE_DOMAIN(`foo.org') 89764562Sgshapiro MASQUERADE_DOMAIN(`bar.com') 89838032Speter 89938032Speter then *foo.org and *bar.com are converted to masq.com. Without 90038032Speter this feature, only foo.org and bar.com are masqueraded. 90138032Speter 90238032Speter NOTE: only domains within your jurisdiction and 90338032Speter current hierarchy should be masqueraded using this. 90438032Speter 90590792Sgshapirolocal_no_masquerade 90690792Sgshapiro This feature prevents the local mailer from masquerading even 90790792Sgshapiro if MASQUERADE_AS is used. MASQUERADE_AS will only have effect 90890792Sgshapiro on addresses of mail going outside the local domain. 90990792Sgshapiro 910110560Sgshapiromasquerade_envelope 911110560Sgshapiro If masquerading is enabled (using MASQUERADE_AS) or the 912110560Sgshapiro genericstable is in use, this feature will cause envelope 913110560Sgshapiro addresses to also masquerade as being from the masquerade 914110560Sgshapiro host. Normally only the header addresses are masqueraded. 915110560Sgshapiro 91664562Sgshapirogenericstable This feature will cause unqualified addresses (i.e., without 91764562Sgshapiro a domain) and addresses with a domain listed in class {G} 91864562Sgshapiro to be looked up in a map and turned into another ("generic") 91964562Sgshapiro form, which can change both the domain name and the user name. 92090792Sgshapiro Notice: if you use an MSP (as it is default starting with 92190792Sgshapiro 8.12), the MTA will only receive qualified addresses from the 92290792Sgshapiro MSP (as required by the RFCs). Hence you need to add your 92390792Sgshapiro domain to class {G}. This feature is similar to the userdb 92490792Sgshapiro functionality. The same types of addresses as for 92590792Sgshapiro masquerading are looked up, i.e., only header sender 92690792Sgshapiro addresses unless the allmasquerade and/or masquerade_envelope 92790792Sgshapiro features are given. Qualified addresses must have the domain 92890792Sgshapiro part in class {G}; entries can be added to this class by the 92990792Sgshapiro macros GENERICS_DOMAIN or GENERICS_DOMAIN_FILE (analogously 93090792Sgshapiro to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below). 93138032Speter 93243730Speter The argument of FEATURE(`genericstable') may be the map 93338032Speter definition; the default map definition is: 93438032Speter 93564562Sgshapiro hash /etc/mail/genericstable 93638032Speter 93764562Sgshapiro The key for this table is either the full address, the domain 93864562Sgshapiro (with a leading @; the localpart is passed as first argument) 93964562Sgshapiro or the unqualified username (tried in the order mentioned); 94064562Sgshapiro the value is the new user address. If the new user address 94164562Sgshapiro does not include a domain, it will be qualified in the standard 94264562Sgshapiro manner, i.e., using $j or the masquerade name. Note that the 94338032Speter address being looked up must be fully qualified. For local 94443730Speter mail, it is necessary to use FEATURE(`always_add_domain') 94543730Speter for the addresses to be qualified. 94664562Sgshapiro The "+detail" of an address is passed as %1, so entries like 94738032Speter 94864562Sgshapiro old+*@foo.org new+%1@example.com 94964562Sgshapiro gen+*@foo.org %1@example.com 95064562Sgshapiro 95164562Sgshapiro and other forms are possible. 95264562Sgshapiro 95364562Sgshapirogenerics_entire_domain 95464562Sgshapiro If the genericstable is enabled and GENERICS_DOMAIN or 95564562Sgshapiro GENERICS_DOMAIN_FILE is used, this feature will cause 95664562Sgshapiro addresses to be searched in the map if their domain 95764562Sgshapiro parts are subdomains of elements in class {G}. 95864562Sgshapiro 95938032Spetervirtusertable A domain-specific form of aliasing, allowing multiple 96038032Speter virtual domains to be hosted on one machine. For example, 96138032Speter if the virtuser table contained: 96238032Speter 96338032Speter info@foo.com foo-info 96438032Speter info@bar.com bar-info 96590792Sgshapiro joe@bar.com error:nouser 550 No such user here 96690792Sgshapiro jax@bar.com error:5.7.0:550 Address invalid 96764562Sgshapiro @baz.org jane@example.net 96838032Speter 96938032Speter then mail addressed to info@foo.com will be sent to the 97038032Speter address foo-info, mail addressed to info@bar.com will be 97164562Sgshapiro delivered to bar-info, and mail addressed to anyone at baz.org 97264562Sgshapiro will be sent to jane@example.net, mail to joe@bar.com will 97364562Sgshapiro be rejected with the specified error message, and mail to 97464562Sgshapiro jax@bar.com will also have a RFC 1893 compliant error code 97590792Sgshapiro 5.7.0. 97638032Speter 97764562Sgshapiro The username from the original address is passed 97864562Sgshapiro as %1 allowing: 97938032Speter 98064562Sgshapiro @foo.org %1@example.com 98138032Speter 98264562Sgshapiro meaning someone@foo.org will be sent to someone@example.com. 98364562Sgshapiro Additionally, if the local part consists of "user+detail" 98490792Sgshapiro then "detail" is passed as %2 and "+detail" is passed as %3 98590792Sgshapiro when a match against user+* is attempted, so entries like 98664562Sgshapiro 98764562Sgshapiro old+*@foo.org new+%2@example.com 98864562Sgshapiro gen+*@foo.org %2@example.com 98990792Sgshapiro +*@foo.org %1%3@example.com 99090792Sgshapiro X++@foo.org Z%3@example.com 99190792Sgshapiro @bar.org %1%3 99264562Sgshapiro 99364562Sgshapiro and other forms are possible. Note: to preserve "+detail" 99490792Sgshapiro for a default case (@domain) %1%3 must be used as RHS. 99590792Sgshapiro There are two wildcards after "+": "+" matches only a non-empty 99690792Sgshapiro detail, "*" matches also empty details, e.g., user+@foo.org 99790792Sgshapiro matches +*@foo.org but not ++@foo.org. This can be used 99890792Sgshapiro to ensure that the parameters %2 and %3 are not empty. 99964562Sgshapiro 100038032Speter All the host names on the left hand side (foo.com, bar.com, 100190792Sgshapiro and baz.org) must be in class {w} or class {VirtHost}. The 100264562Sgshapiro latter can be defined by the macros VIRTUSER_DOMAIN or 100364562Sgshapiro VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 100464562Sgshapiro MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or 100564562Sgshapiro VIRTUSER_DOMAIN_FILE is used, then the entries of class 100664562Sgshapiro {VirtHost} are added to class {R}, i.e., relaying is allowed 100764562Sgshapiro to (and from) those domains. The default map definition is: 100838032Speter 100964562Sgshapiro hash /etc/mail/virtusertable 101038032Speter 101138032Speter A new definition can be specified as the second argument of 101238032Speter the FEATURE macro, such as 101338032Speter 101464562Sgshapiro FEATURE(`virtusertable', `dbm /etc/mail/virtusers') 101538032Speter 101664562Sgshapirovirtuser_entire_domain 101764562Sgshapiro If the virtusertable is enabled and VIRTUSER_DOMAIN or 101864562Sgshapiro VIRTUSER_DOMAIN_FILE is used, this feature will cause 101964562Sgshapiro addresses to be searched in the map if their domain 102064562Sgshapiro parts are subdomains of elements in class {VirtHost}. 102164562Sgshapiro 102264562Sgshapiroldap_routing Implement LDAP-based e-mail recipient routing according to 102364562Sgshapiro the Internet Draft draft-lachman-laser-ldap-mail-routing-01. 102464562Sgshapiro This provides a method to re-route addresses with a 102564562Sgshapiro domain portion in class {LDAPRoute} to either a 102664562Sgshapiro different mail host or a different address. Hosts can 102764562Sgshapiro be added to this class using LDAPROUTE_DOMAIN and 102864562Sgshapiro LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 102964562Sgshapiro MASQUERADE_DOMAIN_FILE, see below). 103064562Sgshapiro 103164562Sgshapiro See the LDAP ROUTING section below for more information. 103264562Sgshapiro 103364562Sgshapironodns If you aren't running DNS at your site (for example, 103464562Sgshapiro you are UUCP-only connected). It's hard to consider 103538032Speter this a "feature", but hey, it had to go somewhere. 103638032Speter Actually, as of 8.7 this is a no-op -- remove "dns" from 103738032Speter the hosts service switch entry instead. 103838032Speter 103964562Sgshapironullclient This is a special case -- it creates a configuration file 104064562Sgshapiro containing nothing but support for forwarding all mail to a 104164562Sgshapiro central hub via a local SMTP-based network. The argument 104264562Sgshapiro is the name of that hub. 104364562Sgshapiro 104438032Speter The only other feature that should be used in conjunction 104564562Sgshapiro with this one is FEATURE(`nocanonify'). No mailers 104638032Speter should be defined. No aliasing or forwarding is done. 104738032Speter 104838032Speterlocal_lmtp Use an LMTP capable local mailer. The argument to this 104938032Speter feature is the pathname of an LMTP capable mailer. By 105038032Speter default, mail.local is used. This is expected to be the 105138032Speter mail.local which came with the 8.9 distribution which is 105238032Speter LMTP capable. The path to mail.local is set by the 105338032Speter confEBINDIR m4 variable -- making the default 105438032Speter LOCAL_MAILER_PATH /usr/libexec/mail.local. 1055132943Sgshapiro If a different LMTP capable mailer is used, its pathname 1056132943Sgshapiro can be specified as second parameter and the arguments 1057132943Sgshapiro passed to it (A=) as third parameter, e.g., 1058132943Sgshapiro 1059132943Sgshapiro FEATURE(`local_lmtp', `/usr/local/bin/lmtp', `lmtp') 1060132943Sgshapiro 106164562Sgshapiro WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 106264562Sgshapiro i.e., without respecting any definitions in an OSTYPE setting. 106338032Speter 106464562Sgshapirolocal_procmail Use procmail or another delivery agent as the local mailer. 106564562Sgshapiro The argument to this feature is the pathname of the 106664562Sgshapiro delivery agent, which defaults to PROCMAIL_MAILER_PATH. 106764562Sgshapiro Note that this does NOT use PROCMAIL_MAILER_FLAGS or 106864562Sgshapiro PROCMAIL_MAILER_ARGS for the local mailer; tweak 106964562Sgshapiro LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or 107064562Sgshapiro specify the appropriate parameters. When procmail is used, 107164562Sgshapiro the local mailer can make use of the 107264562Sgshapiro "user+indicator@local.host" syntax; normally the +indicator 107364562Sgshapiro is just tossed, but by default it is passed as the -a 107464562Sgshapiro argument to procmail. 107538032Speter 107664562Sgshapiro This feature can take up to three arguments: 107764562Sgshapiro 107864562Sgshapiro 1. Path to the mailer program 107964562Sgshapiro [default: /usr/local/bin/procmail] 108064562Sgshapiro 2. Argument vector including name of the program 108164562Sgshapiro [default: procmail -Y -a $h -d $u] 108264562Sgshapiro 3. Flags for the mailer [default: SPfhn9] 108364562Sgshapiro 108464562Sgshapiro Empty arguments cause the defaults to be taken. 1085110560Sgshapiro Note that if you are on a system with a broken 1086110560Sgshapiro setreuid() call, you may need to add -f $f to the procmail 1087110560Sgshapiro argument vector to pass the proper sender to procmail. 108864562Sgshapiro 108964562Sgshapiro For example, this allows it to use the maildrop 109064562Sgshapiro (http://www.flounder.net/~mrsam/maildrop/) mailer instead 109164562Sgshapiro by specifying: 109264562Sgshapiro 109364562Sgshapiro FEATURE(`local_procmail', `/usr/local/bin/maildrop', 109464562Sgshapiro `maildrop -d $u') 109564562Sgshapiro 109664562Sgshapiro or scanmails using: 109764562Sgshapiro 109864562Sgshapiro FEATURE(`local_procmail', `/usr/local/bin/scanmails') 109964562Sgshapiro 110064562Sgshapiro WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 110164562Sgshapiro i.e., without respecting any definitions in an OSTYPE setting. 110264562Sgshapiro 110338032Speterbestmx_is_local Accept mail as though locally addressed for any host that 110438032Speter lists us as the best possible MX record. This generates 110538032Speter additional DNS traffic, but should be OK for low to 110638032Speter medium traffic hosts. The argument may be a set of 110738032Speter domains, which will limit the feature to only apply to 110838032Speter these domains -- this will reduce unnecessary DNS 110938032Speter traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH 111038032Speter WILDCARD MX RECORDS!!! If you have a wildcard MX record 111138032Speter that matches your domain, you cannot use this feature. 111238032Speter 111338032Spetersmrsh Use the SendMail Restricted SHell (smrsh) provided 111438032Speter with the distribution instead of /bin/sh for mailing 111538032Speter to programs. This improves the ability of the local 111638032Speter system administrator to control what gets run via 111738032Speter e-mail. If an argument is provided it is used as the 111838032Speter pathname to smrsh; otherwise, the path defined by 111938032Speter confEBINDIR is used for the smrsh binary -- by default, 112038032Speter /usr/libexec/smrsh is assumed. 112138032Speter 112238032Speterpromiscuous_relay 112338032Speter By default, the sendmail configuration files do not permit 112438032Speter mail relaying (that is, accepting mail from outside your 112564562Sgshapiro local host (class {w}) and sending it to another host than 112664562Sgshapiro your local host). This option sets your site to allow 112764562Sgshapiro mail relaying from any site to any site. In almost all 112864562Sgshapiro cases, it is better to control relaying more carefully 112964562Sgshapiro with the access map, class {R}, or authentication. Domains 113064562Sgshapiro can be added to class {R} by the macros RELAY_DOMAIN or 113164562Sgshapiro RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 113264562Sgshapiro MASQUERADE_DOMAIN_FILE, see below). 113338032Speter 113438032Speterrelay_entire_domain 113598121Sgshapiro This option allows any host in your domain as defined by 113698121Sgshapiro class {m} to use your server for relaying. Notice: make 113798121Sgshapiro sure that your domain is not just a top level domain, 113898121Sgshapiro e.g., com. This can happen if you give your host a name 113998121Sgshapiro like example.com instead of host.example.com. 114038032Speter 114138032Speterrelay_hosts_only 114238032Speter By default, names that are listed as RELAY in the access 114398121Sgshapiro db and class {R} are treated as domain names, not host names. 114438032Speter For example, if you specify ``foo.com'', then mail to or 114538032Speter from foo.com, abc.foo.com, or a.very.deep.domain.foo.com 114638032Speter will all be accepted for relaying. This feature changes 114738032Speter the behaviour to lookup individual host names only. 114838032Speter 114938032Speterrelay_based_on_MX 115038032Speter Turns on the ability to allow relaying based on the MX 115142575Speter records of the host portion of an incoming recipient; that 115242575Speter is, if an MX record for host foo.com points to your site, 115342575Speter you will accept and relay mail addressed to foo.com. See 115438032Speter description below for more information before using this 115542575Speter feature. Also, see the KNOWNBUGS entry regarding bestmx 115642575Speter map lookups. 115738032Speter 115843730Speter FEATURE(`relay_based_on_MX') does not necessarily allow 115942575Speter routing of these messages which you expect to be allowed, 116042575Speter if route address syntax (or %-hack syntax) is used. If 116142575Speter this is a problem, add entries to the access-table or use 116243730Speter FEATURE(`loose_relay_check'). 116342575Speter 116464562Sgshapirorelay_mail_from 116564562Sgshapiro Allows relaying if the mail sender is listed as RELAY in 1166110560Sgshapiro the access map. If an optional argument `domain' (this 1167110560Sgshapiro is the literal word `domain', not a placeholder) is given, 116890792Sgshapiro relaying can be allowed just based on the domain portion 116990792Sgshapiro of the sender address. This feature should only be used if 117090792Sgshapiro absolutely necessary as the sender address can be easily 117198121Sgshapiro forged. Use of this feature requires the "From:" tag to 117298121Sgshapiro be used for the key in the access map; see the discussion 117390792Sgshapiro of tags and FEATURE(`relay_mail_from') in the section on 117490792Sgshapiro anti-spam configuration control. 117564562Sgshapiro 117638032Speterrelay_local_from 117738032Speter Allows relaying if the domain portion of the mail sender 117838032Speter is a local host. This should only be used if absolutely 117942575Speter necessary as it opens a window for spammers. Specifically, 118042575Speter they can send mail to your mail server that claims to be 118142575Speter from your domain (either directly or via a routed address), 118242575Speter and you will go ahead and relay it out to arbitrary hosts 118342575Speter on the Internet. 118464562Sgshapiro 118538032Speteraccept_unqualified_senders 118638032Speter Normally, MAIL FROM: commands in the SMTP session will be 118738032Speter refused if the connection is a network connection and the 118838032Speter sender address does not include a domain name. If your 118964562Sgshapiro setup sends local mail unqualified (i.e., MAIL FROM: <joe>), 119038032Speter you will need to use this feature to accept unqualified 119164562Sgshapiro sender addresses. Setting the DaemonPortOptions modifier 119264562Sgshapiro 'u' overrides the default behavior, i.e., unqualified 119364562Sgshapiro addresses are accepted even without this FEATURE. 119464562Sgshapiro If this FEATURE is not used, the DaemonPortOptions modifier 119564562Sgshapiro 'f' can be used to enforce fully qualified addresses. 119664562Sgshapiro 119738032Speteraccept_unresolvable_domains 119838032Speter Normally, MAIL FROM: commands in the SMTP session will be 119964562Sgshapiro refused if the host part of the argument to MAIL FROM: 120064562Sgshapiro cannot be located in the host name service (e.g., an A or 120164562Sgshapiro MX record in DNS). If you are inside a firewall that has 120264562Sgshapiro only a limited view of the Internet host name space, this 120364562Sgshapiro could cause problems. In this case you probably want to 120464562Sgshapiro use this feature to accept all domains on input, even if 120564562Sgshapiro they are unresolvable. 120638032Speter 120738032Speteraccess_db Turns on the access database feature. The access db gives 120838032Speter you the ability to allow or refuse to accept mail from 120990792Sgshapiro specified domains for administrative reasons. Moreover, 121090792Sgshapiro it can control the behavior of sendmail in various situations. 121190792Sgshapiro By default, the access database specification is: 121238032Speter 121390792Sgshapiro hash -T<TMPF> /etc/mail/access 121443730Speter 121590792Sgshapiro See the anti-spam configuration control section for further 121690792Sgshapiro important information about this feature. Notice: 121790792Sgshapiro "-T<TMPF>" is meant literal, do not replace it by anything. 121843730Speter 121938032Speterblacklist_recipients 122038032Speter Turns on the ability to block incoming mail for certain 122138032Speter recipient usernames, hostnames, or addresses. For 122238032Speter example, you can block incoming mail to user nobody, 122338032Speter host foo.mydomain.com, or guest@bar.mydomain.com. 122438032Speter These specifications are put in the access db as 122564562Sgshapiro described in the anti-spam configuration control section 122664562Sgshapiro later in this document. 122738032Speter 122871345Sgshapirodelay_checks The rulesets check_mail and check_relay will not be called 122971345Sgshapiro when a client connects or issues a MAIL command, respectively. 123071345Sgshapiro Instead, those rulesets will be called by the check_rcpt 123171345Sgshapiro ruleset; they will be skipped under certain circumstances. 123290792Sgshapiro See "Delay all checks" in the anti-spam configuration control 123390792Sgshapiro section. Note: this feature is incompatible to the versions 123490792Sgshapiro in 8.10 and 8.11. 123571345Sgshapiro 1236132943Sgshapirouse_client_ptr If this feature is enabled then check_relay will override 1237132943Sgshapiro its first argument with $&{client_ptr}. This is useful for 1238132943Sgshapiro rejections based on the unverified hostname of client, 1239132943Sgshapiro which turns on the same behavior as in earlier sendmail 1240132943Sgshapiro versions when delay_checks was not in use. See doc/op/op.* 1241132943Sgshapiro about check_relay, {client_name}, and {client_ptr}. 1242132943Sgshapiro 124364562Sgshapirodnsbl Turns on rejection of hosts found in an DNS based rejection 124464562Sgshapiro list. If an argument is provided it is used as the domain 124564562Sgshapiro in which blocked hosts are listed; otherwise it defaults to 124671345Sgshapiro blackholes.mail-abuse.org. An explanation for an DNS based 124790792Sgshapiro rejection list can be found at http://mail-abuse.org/rbl/. 124890792Sgshapiro A second argument can be used to change the default error 124990792Sgshapiro message. Without that second argument, the error message 125090792Sgshapiro will be 125198841Sgshapiro Rejected: IP-ADDRESS listed at SERVER 125290792Sgshapiro where IP-ADDRESS and SERVER are replaced by the appropriate 125390792Sgshapiro information. By default, temporary lookup failures are 125490792Sgshapiro ignored. This behavior can be changed by specifying a 125590792Sgshapiro third argument, which must be either `t' or a full error 125690792Sgshapiro message. See the anti-spam configuration control section for 125790792Sgshapiro an example. The dnsbl feature can be included several times 125890792Sgshapiro to query different DNS based rejection lists. See also 125990792Sgshapiro enhdnsbl for an enhanced version. 126064562Sgshapiro 1261110560Sgshapiro Set the DNSBL_MAP mc option to change the default map 1262110560Sgshapiro definition from `host'. Set the DNSBL_MAP_OPT mc option 1263110560Sgshapiro to add additional options to the map specification used. 1264110560Sgshapiro 126598121Sgshapiro Some DNS based rejection lists cause failures if asked 126698121Sgshapiro for AAAA records. If your sendmail version is compiled 126798121Sgshapiro with IPv6 support (NETINET6) and you experience this 126898121Sgshapiro problem, add 126998121Sgshapiro 127098121Sgshapiro define(`DNSBL_MAP', `dns -R A') 127198121Sgshapiro 127298121Sgshapiro before the first use of this feature. Alternatively you 1273111823Sgshapiro can use enhdnsbl instead (see below). Moreover, this 1274111823Sgshapiro statement can be used to reduce the number of DNS retries, 1275111823Sgshapiro e.g., 127698121Sgshapiro 1277111823Sgshapiro define(`DNSBL_MAP', `dns -R A -r2') 1278111823Sgshapiro 1279111823Sgshapiro See below (EDNSBL_TO) for an explanation. 1280111823Sgshapiro 128180785Sgshapiro NOTE: The default DNS blacklist, blackholes.mail-abuse.org, 128280785Sgshapiro is a service offered by the Mail Abuse Prevention System 128380785Sgshapiro (MAPS). As of July 31, 2001, MAPS is a subscription 128480785Sgshapiro service, so using that network address won't work if you 128580785Sgshapiro haven't subscribed. Contact MAPS to subscribe 128680785Sgshapiro (http://mail-abuse.org/). 128780785Sgshapiro 128890792Sgshapiroenhdnsbl Enhanced version of dnsbl (see above). Further arguments 128990792Sgshapiro (up to 5) can be used to specify specific return values 129090792Sgshapiro from lookups. Temporary lookup failures are ignored unless 129190792Sgshapiro a third argument is given, which must be either `t' or a full 129290792Sgshapiro error message. By default, any successful lookup will 129390792Sgshapiro generate an error. Otherwise the result of the lookup is 129490792Sgshapiro compared with the supplied argument(s), and only if a match 129590792Sgshapiro occurs an error is generated. For example, 129690792Sgshapiro 129790792Sgshapiro FEATURE(`enhdnsbl', `dnsbl.example.com', `', `t', `127.0.0.2.') 129890792Sgshapiro 129990792Sgshapiro will reject the e-mail if the lookup returns the value 130090792Sgshapiro ``127.0.0.2.'', or generate a 451 response if the lookup 130190792Sgshapiro temporarily failed. The arguments can contain metasymbols 130290792Sgshapiro as they are allowed in the LHS of rules. As the example 130390792Sgshapiro shows, the default values are also used if an empty argument, 130490792Sgshapiro i.e., `', is specified. This feature requires that sendmail 130590792Sgshapiro has been compiled with the flag DNSMAP (see sendmail/README). 130690792Sgshapiro 1307110560Sgshapiro Set the EDNSBL_TO mc option to change the DNS retry count 1308111823Sgshapiro from the default value of 5, this can be very useful when 1309111823Sgshapiro a DNS server is not responding, which in turn may cause 1310111823Sgshapiro clients to time out (an entry stating 1311110560Sgshapiro 1312111823Sgshapiro did not issue MAIL/EXPN/VRFY/ETRN 1313111823Sgshapiro 1314111823Sgshapiro will be logged). 1315111823Sgshapiro 1316132943Sgshapiroratecontrol Enable simple ruleset to do connection rate control 1317132943Sgshapiro checking. This requires entries in access_db of the form 1318132943Sgshapiro 1319132943Sgshapiro ClientRate:IP.ADD.RE.SS LIMIT 1320132943Sgshapiro 1321132943Sgshapiro The RHS specifies the maximum number of connections 1322132943Sgshapiro (an integer number) over the time interval defined 1323132943Sgshapiro by ConnectionRateWindowSize, where 0 means unlimited. 1324132943Sgshapiro 1325132943Sgshapiro Take the following example: 1326132943Sgshapiro 1327132943Sgshapiro ClientRate:10.1.2.3 4 1328132943Sgshapiro ClientRate:127.0.0.1 0 1329132943Sgshapiro ClientRate: 10 1330132943Sgshapiro 1331132943Sgshapiro 10.1.2.3 can only make up to 4 connections, the 1332132943Sgshapiro general limit it 10, and 127.0.0.1 can make an unlimited 1333132943Sgshapiro number of connections per ConnectionRateWindowSize. 1334132943Sgshapiro 1335132943Sgshapiro See also CONNECTION CONTROL. 1336132943Sgshapiro 1337132943Sgshapiroconncontrol Enable a simple check of the number of incoming SMTP 1338132943Sgshapiro connections. This requires entries in access_db of the 1339132943Sgshapiro form 1340132943Sgshapiro 1341132943Sgshapiro ClientConn:IP.ADD.RE.SS LIMIT 1342132943Sgshapiro 1343132943Sgshapiro The RHS specifies the maximum number of open connections 1344132943Sgshapiro (an integer number). 1345132943Sgshapiro 1346132943Sgshapiro Take the following example: 1347132943Sgshapiro 1348132943Sgshapiro ClientConn:10.1.2.3 4 1349132943Sgshapiro ClientConn:127.0.0.1 0 1350132943Sgshapiro ClientConn: 10 1351132943Sgshapiro 1352132943Sgshapiro 10.1.2.3 can only have up to 4 open connections, the 1353132943Sgshapiro general limit it 10, and 127.0.0.1 does not have any 1354132943Sgshapiro explicit limit. 1355132943Sgshapiro 1356132943Sgshapiro See also CONNECTION CONTROL. 1357132943Sgshapiro 1358132943Sgshapiromtamark Experimental support for "Marking Mail Transfer Agents in 1359132943Sgshapiro Reverse DNS with TXT RRs" (MTAMark), see 1360132943Sgshapiro draft-stumpf-dns-mtamark-01. Optional arguments are: 1361132943Sgshapiro 1362132943Sgshapiro 1. Error message, default: 1363132943Sgshapiro 1364132943Sgshapiro 550 Rejected: $&{client_addr} not listed as MTA 1365132943Sgshapiro 1366132943Sgshapiro 2. Temporary lookup failures are ignored unless a second 1367132943Sgshapiro argument is given, which must be either `t' or a full 1368132943Sgshapiro error message. 1369132943Sgshapiro 1370132943Sgshapiro 3. Lookup prefix, default: _perm._smtp._srv. This should 1371132943Sgshapiro not be changed unless the draft changes it. 1372132943Sgshapiro 1373132943Sgshapiro Example: 1374132943Sgshapiro 1375132943Sgshapiro FEATURE(`mtamark', `', `t') 1376132943Sgshapiro 137790792Sgshapirolookupdotdomain Look up also .domain in the access map. This allows to 137890792Sgshapiro match only subdomains. It does not work well with 137990792Sgshapiro FEATURE(`relay_hosts_only'), because most lookups for 138090792Sgshapiro subdomains are suppressed by the latter feature. 138190792Sgshapiro 138238032Speterloose_relay_check 138364562Sgshapiro Normally, if % addressing is used for a recipient, e.g. 138464562Sgshapiro user%site@othersite, and othersite is in class {R}, the 138538032Speter check_rcpt ruleset will strip @othersite and recheck 138638032Speter user@site for relaying. This feature changes that 138738032Speter behavior. It should not be needed for most installations. 138838032Speter 138990792Sgshapiroauthinfo Provide a separate map for client side authentication 139090792Sgshapiro information. See SMTP AUTHENTICATION for details. 139190792Sgshapiro By default, the authinfo database specification is: 139290792Sgshapiro 139390792Sgshapiro hash /etc/mail/authinfo 139490792Sgshapiro 139590792Sgshapiropreserve_luser_host 139690792Sgshapiro Preserve the name of the recipient host if LUSER_RELAY is 139790792Sgshapiro used. Without this option, the domain part of the 139890792Sgshapiro recipient address will be replaced by the host specified as 139990792Sgshapiro LUSER_RELAY. This feature only works if the hostname is 140090792Sgshapiro passed to the mailer (see mailer triple in op.me). Note 140190792Sgshapiro that in the default configuration the local mailer does not 140290792Sgshapiro receive the hostname, i.e., the mailer triple has an empty 140390792Sgshapiro hostname. 140490792Sgshapiro 140590792Sgshapiropreserve_local_plus_detail 140690792Sgshapiro Preserve the +detail portion of the address when passing 140790792Sgshapiro address to local delivery agent. Disables alias and 140890792Sgshapiro .forward +detail stripping (e.g., given user+detail, only 140990792Sgshapiro that address will be looked up in the alias file; user+* and 141090792Sgshapiro user will not be looked up). Only use if the local 141190792Sgshapiro delivery agent in use supports +detail addressing. 141290792Sgshapiro 141390792Sgshapirocompat_check Enable ruleset check_compat to look up pairs of addresses 141490792Sgshapiro with the Compat: tag -- Compat:sender<@>recipient -- in the 141590792Sgshapiro access map. Valid values for the RHS include 141690792Sgshapiro DISCARD silently discard recipient 141790792Sgshapiro TEMP: return a temporary error 141890792Sgshapiro ERROR: return a permanent error 141990792Sgshapiro In the last two cases, a 4xy/5xy SMTP reply code should 142090792Sgshapiro follow the colon. 142190792Sgshapiro 142264562Sgshapirono_default_msa Don't generate the default MSA daemon, i.e., 142364562Sgshapiro DAEMON_OPTIONS(`Port=587,Name=MSA,M=E') 142464562Sgshapiro To define a MSA daemon with other parameters, use this 142564562Sgshapiro FEATURE and introduce new settings via DAEMON_OPTIONS(). 142638032Speter 142790792Sgshapiromsp Defines config file for Message Submission Program. 142894334Sgshapiro See sendmail/SECURITY for details and cf/cf/submit.mc how 142994334Sgshapiro to use it. An optional argument can be used to override 143094334Sgshapiro the default of `[localhost]' to use as host to send all 143194334Sgshapiro e-mails to. Note that MX records will be used if the 143294334Sgshapiro specified hostname is not in square brackets (e.g., 143394334Sgshapiro [hostname]). If `MSA' is specified as second argument then 143494334Sgshapiro port 587 is used to contact the server. Example: 143590792Sgshapiro 143690792Sgshapiro FEATURE(`msp', `', `MSA') 143790792Sgshapiro 143890792Sgshapiro Some more hints about possible changes can be found below 143990792Sgshapiro in the section MESSAGE SUBMISSION PROGRAM. 144090792Sgshapiro 1441110560Sgshapiro Note: Due to many problems, submit.mc uses 144298121Sgshapiro 144398121Sgshapiro FEATURE(`msp', `[127.0.0.1]') 144498121Sgshapiro 1445110560Sgshapiro by default. If you have a machine with IPv6 only, 1446110560Sgshapiro change it to 1447110560Sgshapiro 1448110560Sgshapiro FEATURE(`msp', `[IPv6:::1]') 1449110560Sgshapiro 1450110560Sgshapiro If you want to continue using '[localhost]', (the behavior 1451110560Sgshapiro up to 8.12.6), use 1452110560Sgshapiro 1453110560Sgshapiro FEATURE(`msp') 1454110560Sgshapiro 145590792Sgshapiroqueuegroup A simple example how to select a queue group based 145690792Sgshapiro on the full e-mail address or the domain of the 145790792Sgshapiro recipient. Selection is done via entries in the 145890792Sgshapiro access map using the tag QGRP:, for example: 145990792Sgshapiro 146090792Sgshapiro QGRP:example.com main 146190792Sgshapiro QGRP:friend@some.org others 146290792Sgshapiro QGRP:my.domain local 146390792Sgshapiro 146490792Sgshapiro where "main", "others", and "local" are names of 146590792Sgshapiro queue groups. If an argument is specified, it is used 146690792Sgshapiro as default queue group. 146790792Sgshapiro 146894334Sgshapiro Note: please read the warning in doc/op/op.me about 146994334Sgshapiro queue groups and possible queue manipulations. 147094334Sgshapiro 1471132943Sgshapirogreet_pause Adds the greet_pause ruleset which enables open proxy 1472132943Sgshapiro and SMTP slamming protection. The feature can take an 1473132943Sgshapiro argument specifying the milliseconds to wait: 1474132943Sgshapiro 1475132943Sgshapiro FEATURE(`greet_pause', `5000') dnl 5 seconds 1476132943Sgshapiro 1477132943Sgshapiro If FEATURE(`access_db') is enabled, an access database 1478132943Sgshapiro lookup with the GreetPause tag is done using client 1479132943Sgshapiro hostname, domain, IP address, or subnet to determine the 1480132943Sgshapiro pause time: 1481132943Sgshapiro 1482132943Sgshapiro GreetPause:my.domain 0 1483132943Sgshapiro GreetPause:example.com 5000 1484132943Sgshapiro GreetPause:10.1.2 2000 1485132943Sgshapiro GreetPause:127.0.0.1 0 1486132943Sgshapiro 1487132943Sgshapiro When using FEATURE(`access_db'), the optional 1488132943Sgshapiro FEATURE(`greet_pause') argument becomes the default if 1489132943Sgshapiro nothing is found in the access database. A ruleset called 1490132943Sgshapiro Local_greet_pause can be used for local modifications, e.g., 1491132943Sgshapiro 1492132943Sgshapiro LOCAL_RULESETS 1493132943Sgshapiro SLocal_greet_pause 1494132943Sgshapiro R$* $: $&{daemon_flags} 1495132943Sgshapiro R$* a $* $# 0 1496132943Sgshapiro 149738032Speter+-------+ 149838032Speter| HACKS | 149938032Speter+-------+ 150038032Speter 150138032SpeterSome things just can't be called features. To make this clear, 150238032Speterthey go in the hack subdirectory and are referenced using the HACK 150338032Spetermacro. These will tend to be site-dependent. The release 150438032Speterincludes the Berkeley-dependent "cssubdomain" hack (that makes 150538032Spetersendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU; 150664562Sgshapirothis is intended as a short-term aid while moving hosts into 150738032Spetersubdomains. 150838032Speter 150938032Speter 151038032Speter+--------------------+ 151138032Speter| SITE CONFIGURATION | 151238032Speter+--------------------+ 151338032Speter 151438032Speter ***************************************************** 151538032Speter * This section is really obsolete, and is preserved * 151638032Speter * only for back compatibility. You should plan on * 151790792Sgshapiro * using mailertables for new installations. In * 151838032Speter * particular, it doesn't work for the newer forms * 151938032Speter * of UUCP mailers, such as uucp-uudom. * 152038032Speter ***************************************************** 152138032Speter 152238032SpeterComplex sites will need more local configuration information, such as 152338032Speterlists of UUCP hosts they speak with directly. This can get a bit more 152438032Spetertricky. For an example of a "complex" site, see cf/ucbvax.mc. 152538032Speter 152638032SpeterThe SITECONFIG macro allows you to indirectly reference site-dependent 152738032Speterconfiguration information stored in the siteconfig subdirectory. For 152838032Speterexample, the line 152938032Speter 153064562Sgshapiro SITECONFIG(`uucp.ucbvax', `ucbvax', `U') 153138032Speter 153238032Speterreads the file uucp.ucbvax for local connection information. The 153338032Spetersecond parameter is the local name (in this case just "ucbvax" since 153438032Speterit is locally connected, and hence a UUCP hostname). The third 153538032Speterparameter is the name of both a macro to store the local name (in 153664562Sgshapirothis case, {U}) and the name of the class (e.g., {U}) in which to store 153738032Speterthe host information read from the file. Another SITECONFIG line reads 153838032Speter 153964562Sgshapiro SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W') 154038032Speter 154138032SpeterThis says that the file uucp.ucbarpa contains the list of UUCP sites 154264562Sgshapiroconnected to ucbarpa.Berkeley.EDU. Class {W} will be used to 154338032Speterstore this list, and $W is defined to be ucbarpa.Berkeley.EDU, that 154438032Speteris, the name of the relay to which the hosts listed in uucp.ucbarpa 154564562Sgshapiroare connected. [The machine ucbarpa is gone now, but this 154664562Sgshapiroout-of-date configuration file has been left around to demonstrate 154764562Sgshapirohow you might do this.] 154838032Speter 154938032SpeterNote that the case of SITECONFIG with a third parameter of ``U'' is 155038032Speterspecial; the second parameter is assumed to be the UUCP name of the 155138032Speterlocal site, rather than the name of a remote site, and the UUCP name 155264562Sgshapirois entered into class {w} (the list of local hostnames) as $U.UUCP. 155338032Speter 155438032SpeterThe siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing 155538032Spetermore than a sequence of SITE macros describing connectivity. For 155638032Speterexample: 155738032Speter 155864562Sgshapiro SITE(`cnmat') 155964562Sgshapiro SITE(`sgi olympus') 156038032Speter 156138032SpeterThe second example demonstrates that you can use two names on the 156238032Spetersame line; these are usually aliases for the same host (or are at 156338032Speterleast in the same company). 156438032Speter 1565132943SgshapiroThe macro LOCAL_UUCP can be used to add rules into the generated 1566132943Sgshapirocf file at the place where MAILER(`uucp') inserts its rules. This 1567132943Sgshapiroshould only be used if really necessary. 156838032Speter 156938032Speter+--------------------+ 157038032Speter| USING UUCP MAILERS | 157138032Speter+--------------------+ 157238032Speter 157338032SpeterIt's hard to get UUCP mailers right because of the extremely ad hoc 157438032Speternature of UUCP addressing. These config files are really designed 157538032Speterfor domain-based addressing, even for UUCP sites. 157638032Speter 157738032SpeterThere are four UUCP mailers available. The choice of which one to 157838032Speteruse is partly a matter of local preferences and what is running at 157938032Speterthe other end of your UUCP connection. Unlike good protocols that 158038032Speterdefine what will go over the wire, UUCP uses the policy that you 158138032Spetershould do what is right for the other end; if they change, you have 158238032Speterto change. This makes it hard to do the right thing, and discourages 158338032Speterpeople from updating their software. In general, if you can avoid 158438032SpeterUUCP, please do. 158538032Speter 158638032SpeterThe major choice is whether to go for a domainized scheme or a 158738032Speternon-domainized scheme. This depends entirely on what the other 158838032Speterend will recognize. If at all possible, you should encourage the 158938032Speterother end to go to a domain-based system -- non-domainized addresses 159038032Speterdon't work entirely properly. 159138032Speter 159238032SpeterThe four mailers are: 159338032Speter 159438032Speter uucp-old (obsolete name: "uucp") 159538032Speter This is the oldest, the worst (but the closest to UUCP) way of 159638032Speter sending messages accros UUCP connections. It does bangify 159738032Speter everything and prepends $U (your UUCP name) to the sender's 159838032Speter address (which can already be a bang path itself). It can 159938032Speter only send to one address at a time, so it spends a lot of 160038032Speter time copying duplicates of messages. Avoid this if at all 160138032Speter possible. 160238032Speter 160338032Speter uucp-new (obsolete name: "suucp") 160438032Speter The same as above, except that it assumes that in one rmail 160538032Speter command you can specify several recipients. It still has a 160638032Speter lot of other problems. 160738032Speter 160838032Speter uucp-dom 160938032Speter This UUCP mailer keeps everything as domain addresses. 161038032Speter Basically, it uses the SMTP mailer rewriting rules. This mailer 161190792Sgshapiro is only included if MAILER(`smtp') is specified before 161290792Sgshapiro MAILER(`uucp'). 161338032Speter 161438032Speter Unfortunately, a lot of UUCP mailer transport agents require 161538032Speter bangified addresses in the envelope, although you can use 161638032Speter domain-based addresses in the message header. (The envelope 161738032Speter shows up as the From_ line on UNIX mail.) So.... 161838032Speter 161938032Speter uucp-uudom 162038032Speter This is a cross between uucp-new (for the envelope addresses) 162138032Speter and uucp-dom (for the header addresses). It bangifies the 162238032Speter envelope sender (From_ line in messages) without adding the 162338032Speter local hostname, unless there is no host name on the address 162438032Speter at all (e.g., "wolf") or the host component is a UUCP host name 162538032Speter instead of a domain name ("somehost!wolf" instead of 162664562Sgshapiro "some.dom.ain!wolf"). This is also included only if MAILER(`smtp') 162790792Sgshapiro is also specified earlier. 162838032Speter 162938032SpeterExamples: 163038032Speter 163164562SgshapiroOn host grasp.insa-lyon.fr (UUCP host name "grasp"), the following 163264562Sgshapirosummarizes the sender rewriting for various mailers. 163338032Speter 163466494SgshapiroMailer sender rewriting in the envelope 163538032Speter------ ------ ------------------------- 163638032Speteruucp-{old,new} wolf grasp!wolf 163738032Speteruucp-dom wolf wolf@grasp.insa-lyon.fr 163838032Speteruucp-uudom wolf grasp.insa-lyon.fr!wolf 163938032Speter 164038032Speteruucp-{old,new} wolf@fr.net grasp!fr.net!wolf 164138032Speteruucp-dom wolf@fr.net wolf@fr.net 164238032Speteruucp-uudom wolf@fr.net fr.net!wolf 164338032Speter 164438032Speteruucp-{old,new} somehost!wolf grasp!somehost!wolf 164538032Speteruucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr 164638032Speteruucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf 164738032Speter 164838032SpeterIf you are using one of the domainized UUCP mailers, you really want 164938032Speterto convert all UUCP addresses to domain format -- otherwise, it will 165038032Speterdo it for you (and probably not the way you expected). For example, 165138032Speterif you have the address foo!bar!baz (and you are not sending to foo), 165238032Speterthe heuristics will add the @uucp.relay.name or @local.host.name to 165338032Speterthis address. However, if you map foo to foo.host.name first, it 165438032Speterwill not add the local hostname. You can do this using the uucpdomain 165538032Speterfeature. 165638032Speter 165738032Speter 165838032Speter+-------------------+ 165938032Speter| TWEAKING RULESETS | 166038032Speter+-------------------+ 166138032Speter 166238032SpeterFor more complex configurations, you can define special rules. 166338032SpeterThe macro LOCAL_RULE_3 introduces rules that are used in canonicalizing 166438032Speterthe names. Any modifications made here are reflected in the header. 166538032Speter 166638032SpeterA common use is to convert old UUCP addresses to SMTP addresses using 166738032Speterthe UUCPSMTP macro. For example: 166838032Speter 166938032Speter LOCAL_RULE_3 167064562Sgshapiro UUCPSMTP(`decvax', `decvax.dec.com') 167164562Sgshapiro UUCPSMTP(`research', `research.att.com') 167238032Speter 167338032Speterwill cause addresses of the form "decvax!user" and "research!user" 167438032Speterto be converted to "user@decvax.dec.com" and "user@research.att.com" 167538032Speterrespectively. 167638032Speter 167738032SpeterThis could also be used to look up hosts in a database map: 167838032Speter 167938032Speter LOCAL_RULE_3 168038032Speter R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3 168138032Speter 168238032SpeterThis map would be defined in the LOCAL_CONFIG portion, as shown below. 168338032Speter 168438032SpeterSimilarly, LOCAL_RULE_0 can be used to introduce new parsing rules. 168538032SpeterFor example, new rules are needed to parse hostnames that you accept 168638032Spetervia MX records. For example, you might have: 168738032Speter 168838032Speter LOCAL_RULE_0 168938032Speter R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.> 169038032Speter 169138032SpeterYou would use this if you had installed an MX record for cnmat.Berkeley.EDU 169238032Speterpointing at this host; this rule catches the message and forwards it on 169338032Speterusing UUCP. 169438032Speter 169538032SpeterYou can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2. 169638032SpeterThese rulesets are normally empty. 169738032Speter 169838032SpeterA similar macro is LOCAL_CONFIG. This introduces lines added after the 169964562Sgshapiroboilerplate option setting but before rulesets. Do not declare rulesets in 170064562Sgshapirothe LOCAL_CONFIG section. It can be used to declare local database maps or 170164562Sgshapirowhatever. For example: 170238032Speter 170338032Speter LOCAL_CONFIG 170464562Sgshapiro Khostmap hash /etc/mail/hostmap 170538032Speter Kyplocal nis -m hosts.byname 170638032Speter 170738032Speter 170838032Speter+---------------------------+ 170938032Speter| MASQUERADING AND RELAYING | 171038032Speter+---------------------------+ 171138032Speter 171238032SpeterYou can have your host masquerade as another using 171338032Speter 171464562Sgshapiro MASQUERADE_AS(`host.domain') 171538032Speter 171638032SpeterThis causes mail being sent to be labeled as coming from the 171738032Speterindicated host.domain, rather than $j. One normally masquerades as 171864562Sgshapiroone of one's own subdomains (for example, it's unlikely that 171964562SgshapiroBerkeley would choose to masquerade as an MIT site). This 172064562Sgshapirobehaviour is modified by a plethora of FEATUREs; in particular, see 172164562Sgshapiromasquerade_envelope, allmasquerade, limited_masquerade, and 172264562Sgshapiromasquerade_entire_domain. 172338032Speter 172438032SpeterThe masquerade name is not normally canonified, so it is important 172538032Speterthat it be your One True Name, that is, fully qualified and not a 172638032SpeterCNAME. However, if you use a CNAME, the receiving side may canonify 172738032Speterit for you, so don't think you can cheat CNAME mapping this way. 172838032Speter 172938032SpeterNormally the only addresses that are masqueraded are those that come 173064562Sgshapirofrom this host (that is, are either unqualified or in class {w}, the list 173164562Sgshapiroof local domain names). You can augment this list, which is realized 173264562Sgshapiroby class {M} using 173338032Speter 173464562Sgshapiro MASQUERADE_DOMAIN(`otherhost.domain') 173538032Speter 173638032SpeterThe effect of this is that although mail to user@otherhost.domain 173738032Speterwill not be delivered locally, any mail including any user@otherhost.domain 173838032Speterwill, when relayed, be rewritten to have the MASQUERADE_AS address. 173938032SpeterThis can be a space-separated list of names. 174038032Speter 174138032SpeterIf these names are in a file, you can use 174238032Speter 174364562Sgshapiro MASQUERADE_DOMAIN_FILE(`filename') 174438032Speter 174564562Sgshapiroto read the list of names from the indicated file (i.e., to add 174664562Sgshapiroelements to class {M}). 174738032Speter 174864562SgshapiroTo exempt hosts or subdomains from being masqueraded, you can use 174964562Sgshapiro 175064562Sgshapiro MASQUERADE_EXCEPTION(`host.domain') 175164562Sgshapiro 175264562SgshapiroThis can come handy if you want to masquerade a whole domain 175390792Sgshapiroexcept for one (or a few) host(s). If these names are in a file, 175490792Sgshapiroyou can use 175564562Sgshapiro 175690792Sgshapiro MASQUERADE_EXCEPTION_FILE(`filename') 175790792Sgshapiro 175838032SpeterNormally only header addresses are masqueraded. If you want to 175938032Spetermasquerade the envelope as well, use 176038032Speter 176143730Speter FEATURE(`masquerade_envelope') 176238032Speter 176338032SpeterThere are always users that need to be "exposed" -- that is, their 176438032Speterinternal site name should be displayed instead of the masquerade name. 176564562SgshapiroRoot is an example (which has been "exposed" by default prior to 8.10). 176664562SgshapiroYou can add users to this list using 176738032Speter 176864562Sgshapiro EXPOSED_USER(`usernames') 176938032Speter 177090792SgshapiroThis adds users to class {E}; you could also use 177138032Speter 177290792Sgshapiro EXPOSED_USER_FILE(`filename') 177338032Speter 177438032SpeterYou can also arrange to relay all unqualified names (that is, names 177538032Speterwithout @host) to a relay host. For example, if you have a central 177638032Speteremail server, you might relay to that host so that users don't have 177738032Speterto have .forward files or aliases. You can do this using 177838032Speter 177943730Speter define(`LOCAL_RELAY', `mailer:hostname') 178038032Speter 178138032SpeterThe ``mailer:'' can be omitted, in which case the mailer defaults to 178238032Speter"relay". There are some user names that you don't want relayed, perhaps 178338032Speterbecause of local aliases. A common example is root, which may be 178438032Speterlocally aliased. You can add entries to this list using 178538032Speter 178664562Sgshapiro LOCAL_USER(`usernames') 178738032Speter 178890792SgshapiroThis adds users to class {L}; you could also use 178938032Speter 179090792Sgshapiro LOCAL_USER_FILE(`filename') 179138032Speter 179238032SpeterIf you want all incoming mail sent to a centralized hub, as for a 179338032Spetershared /var/spool/mail scheme, use 179438032Speter 179543730Speter define(`MAIL_HUB', `mailer:hostname') 179638032Speter 179738032SpeterAgain, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY 179843730Speterand MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will 179938032Speterbe sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB. 180064562SgshapiroNote: there is a (long standing) bug which keeps this combination from 180164562Sgshapiroworking for addresses of the form user+detail. 180264562SgshapiroNames in class {L} will be delivered locally, so you MUST have aliases or 180338032Speter.forward files for them. 180438032Speter 180538032SpeterFor example, if you are on machine mastodon.CS.Berkeley.EDU and you have 180643730SpeterFEATURE(`stickyhost'), the following combinations of settings will have the 180738032Speterindicated effects: 180838032Speter 180938032Speteremail sent to.... eric eric@mastodon.CS.Berkeley.EDU 181038032Speter 181138032SpeterLOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally) 181238032Spetermail.CS.Berkeley.EDU (no local aliasing) (aliasing done) 181338032Speter 181438032SpeterMAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 181538032Spetermammoth.CS.Berkeley.EDU (aliasing done) (aliasing done) 181638032Speter 181738032SpeterBoth LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 181838032SpeterMAIL_HUB set as above (no local aliasing) (aliasing done) 181938032Speter 182043730SpeterIf you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and 182138032SpeterMAIL_HUB act identically, with MAIL_HUB taking precedence. 182238032Speter 182338032SpeterIf you want all outgoing mail to go to a central relay site, define 182438032SpeterSMART_HOST as well. Briefly: 182538032Speter 182638032Speter LOCAL_RELAY applies to unqualified names (e.g., "eric"). 182738032Speter MAIL_HUB applies to names qualified with the name of the 182838032Speter local host (e.g., "eric@mastodon.CS.Berkeley.EDU"). 182964562Sgshapiro SMART_HOST applies to names qualified with other hosts or 183064562Sgshapiro bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU" 183164562Sgshapiro or "eric@[127.0.0.1]"). 183238032Speter 183338032SpeterHowever, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY, 183438032SpeterDECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you 183538032Speterreally want absolutely everything to go to a single central site you will 183638032Speterneed to unset all the other relays -- or better yet, find or build a 183738032Speterminimal config file that does this. 183838032Speter 183938032SpeterFor duplicate suppression to work properly, the host name is best 184038032Speterspecified with a terminal dot: 184138032Speter 184238032Speter define(`MAIL_HUB', `host.domain.') 184338032Speter note the trailing dot ---^ 184438032Speter 184538032Speter 184690792Sgshapiro+-------------------------------------------+ 184790792Sgshapiro| USING LDAP FOR ALIASES, MAPS, AND CLASSES | 184890792Sgshapiro+-------------------------------------------+ 184990792Sgshapiro 185090792SgshapiroLDAP can be used for aliases, maps, and classes by either specifying your 185190792Sgshapiroown LDAP map specification or using the built-in default LDAP map 185290792Sgshapirospecification. The built-in default specifications all provide lookups 185390792Sgshapirowhich match against either the machine's fully qualified hostname (${j}) or 185490792Sgshapiroa "cluster". The cluster allows you to share LDAP entries among a large 185590792Sgshapironumber of machines without having to enter each of the machine names into 185690792Sgshapiroeach LDAP entry. To set the LDAP cluster name to use for a particular 185790792Sgshapiromachine or set of machines, set the confLDAP_CLUSTER m4 variable to a 185890792Sgshapirounique name. For example: 185990792Sgshapiro 186090792Sgshapiro define(`confLDAP_CLUSTER', `Servers') 186190792Sgshapiro 186290792SgshapiroHere, the word `Servers' will be the cluster name. As an example, assume 186390792Sgshapirothat smtp.sendmail.org, etrn.sendmail.org, and mx.sendmail.org all belong 186490792Sgshapiroto the Servers cluster. 186590792Sgshapiro 186690792SgshapiroSome of the LDAP LDIF examples below show use of the Servers cluster. 186790792SgshapiroEvery entry must have either a sendmailMTAHost or sendmailMTACluster 186890792Sgshapiroattribute or it will be ignored. Be careful as mixing clusters and 186990792Sgshapiroindividual host records can have surprising results (see the CAUTION 187090792Sgshapirosections below). 187190792Sgshapiro 187290792SgshapiroSee the file cf/sendmail.schema for the actual LDAP schemas. Note that 187390792Sgshapirothis schema (and therefore the lookups and examples below) is experimental 187490792Sgshapiroat this point as it has had little public review. Therefore, it may change 187590792Sgshapiroin future versions. Feedback via sendmail@sendmail.org is encouraged. 187690792Sgshapiro 187790792Sgshapiro------- 187890792SgshapiroAliases 187990792Sgshapiro------- 188090792Sgshapiro 188190792SgshapiroThe ALIAS_FILE (O AliasFile) option can be set to use LDAP for alias 188290792Sgshapirolookups. To use the default schema, simply use: 188390792Sgshapiro 188490792Sgshapiro define(`ALIAS_FILE', `ldap:') 188590792Sgshapiro 188690792SgshapiroBy doing so, you will use the default schema which expands to a map 188790792Sgshapirodeclared as follows: 188890792Sgshapiro 188990792Sgshapiro ldap -k (&(objectClass=sendmailMTAAliasObject) 189090792Sgshapiro (sendmailMTAAliasGrouping=aliases) 189190792Sgshapiro (|(sendmailMTACluster=${sendmailMTACluster}) 189290792Sgshapiro (sendmailMTAHost=$j)) 189390792Sgshapiro (sendmailMTAKey=%0)) 1894132943Sgshapiro -v sendmailMTAAliasValue,sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,sendmailMTAAliasURL:URL:sendmailMTAAliasObject 189590792Sgshapiro 1896132943Sgshapiro 189790792SgshapiroNOTE: The macros shown above ${sendmailMTACluster} and $j are not actually 189890792Sgshapiroused when the binary expands the `ldap:' token as the AliasFile option is 189990792Sgshapironot actually macro-expanded when read from the sendmail.cf file. 190090792Sgshapiro 190190792SgshapiroExample LDAP LDIF entries might be: 190290792Sgshapiro 190390792Sgshapiro dn: sendmailMTAKey=sendmail-list, dc=sendmail, dc=org 190490792Sgshapiro objectClass: sendmailMTA 190590792Sgshapiro objectClass: sendmailMTAAlias 190690792Sgshapiro objectClass: sendmailMTAAliasObject 190790792Sgshapiro sendmailMTAAliasGrouping: aliases 190890792Sgshapiro sendmailMTAHost: etrn.sendmail.org 190990792Sgshapiro sendmailMTAKey: sendmail-list 191090792Sgshapiro sendmailMTAAliasValue: ca@example.org 191190792Sgshapiro sendmailMTAAliasValue: eric 191290792Sgshapiro sendmailMTAAliasValue: gshapiro@example.com 191390792Sgshapiro 191490792Sgshapiro dn: sendmailMTAKey=owner-sendmail-list, dc=sendmail, dc=org 191590792Sgshapiro objectClass: sendmailMTA 191690792Sgshapiro objectClass: sendmailMTAAlias 191790792Sgshapiro objectClass: sendmailMTAAliasObject 191890792Sgshapiro sendmailMTAAliasGrouping: aliases 191990792Sgshapiro sendmailMTAHost: etrn.sendmail.org 192090792Sgshapiro sendmailMTAKey: owner-sendmail-list 192190792Sgshapiro sendmailMTAAliasValue: eric 192290792Sgshapiro 192390792Sgshapiro dn: sendmailMTAKey=postmaster, dc=sendmail, dc=org 192490792Sgshapiro objectClass: sendmailMTA 192590792Sgshapiro objectClass: sendmailMTAAlias 192690792Sgshapiro objectClass: sendmailMTAAliasObject 192790792Sgshapiro sendmailMTAAliasGrouping: aliases 192890792Sgshapiro sendmailMTACluster: Servers 192990792Sgshapiro sendmailMTAKey: postmaster 193090792Sgshapiro sendmailMTAAliasValue: eric 193190792Sgshapiro 193290792SgshapiroHere, the aliases sendmail-list and owner-sendmail-list will be available 193390792Sgshapiroonly on etrn.sendmail.org but the postmaster alias will be available on 193490792Sgshapiroevery machine in the Servers cluster (including etrn.sendmail.org). 193590792Sgshapiro 193690792SgshapiroCAUTION: aliases are additive so that entries like these: 193790792Sgshapiro 193890792Sgshapiro dn: sendmailMTAKey=bob, dc=sendmail, dc=org 193990792Sgshapiro objectClass: sendmailMTA 194090792Sgshapiro objectClass: sendmailMTAAlias 194190792Sgshapiro objectClass: sendmailMTAAliasObject 194290792Sgshapiro sendmailMTAAliasGrouping: aliases 194390792Sgshapiro sendmailMTACluster: Servers 194490792Sgshapiro sendmailMTAKey: bob 194590792Sgshapiro sendmailMTAAliasValue: eric 194690792Sgshapiro 194794334Sgshapiro dn: sendmailMTAKey=bobetrn, dc=sendmail, dc=org 194890792Sgshapiro objectClass: sendmailMTA 194990792Sgshapiro objectClass: sendmailMTAAlias 195090792Sgshapiro objectClass: sendmailMTAAliasObject 195190792Sgshapiro sendmailMTAAliasGrouping: aliases 195290792Sgshapiro sendmailMTAHost: etrn.sendmail.org 195390792Sgshapiro sendmailMTAKey: bob 195490792Sgshapiro sendmailMTAAliasValue: gshapiro 195590792Sgshapiro 195690792Sgshapirowould mean that on all of the hosts in the cluster, mail to bob would go to 195790792Sgshapiroeric EXCEPT on etrn.sendmail.org in which case it would go to BOTH eric and 195890792Sgshapirogshapiro. 195990792Sgshapiro 196090792SgshapiroIf you prefer not to use the default LDAP schema for your aliases, you can 196190792Sgshapirospecify the map parameters when setting ALIAS_FILE. For example: 196290792Sgshapiro 196390792Sgshapiro define(`ALIAS_FILE', `ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember') 196490792Sgshapiro 196590792Sgshapiro---- 196690792SgshapiroMaps 196790792Sgshapiro---- 196890792Sgshapiro 196990792SgshapiroFEATURE()'s which take an optional map definition argument (e.g., access, 197090792Sgshapiromailertable, virtusertable, etc.) can instead take the special keyword 197190792Sgshapiro`LDAP', e.g.: 197290792Sgshapiro 197390792Sgshapiro FEATURE(`access_db', `LDAP') 197490792Sgshapiro FEATURE(`virtusertable', `LDAP') 197590792Sgshapiro 197690792SgshapiroWhen this keyword is given, that map will use LDAP lookups consisting of 197790792Sgshapirothe objectClass sendmailMTAClassObject, the attribute sendmailMTAMapName 197890792Sgshapirowith the map name, a search attribute of sendmailMTAKey, and the value 197990792Sgshapiroattribute sendmailMTAMapValue. 198090792Sgshapiro 198190792SgshapiroThe values for sendmailMTAMapName are: 198290792Sgshapiro 198390792Sgshapiro FEATURE() sendmailMTAMapName 198490792Sgshapiro --------- ------------------ 198590792Sgshapiro access_db access 198690792Sgshapiro authinfo authinfo 198790792Sgshapiro bitdomain bitdomain 198890792Sgshapiro domaintable domain 198990792Sgshapiro genericstable generics 199090792Sgshapiro mailertable mailer 199190792Sgshapiro uucpdomain uucpdomain 199290792Sgshapiro virtusertable virtuser 199390792Sgshapiro 199490792SgshapiroFor example, FEATURE(`mailertable', `LDAP') would use the map definition: 199590792Sgshapiro 199690792Sgshapiro Kmailertable ldap -k (&(objectClass=sendmailMTAMapObject) 199790792Sgshapiro (sendmailMTAMapName=mailer) 199890792Sgshapiro (|(sendmailMTACluster=${sendmailMTACluster}) 199990792Sgshapiro (sendmailMTAHost=$j)) 200090792Sgshapiro (sendmailMTAKey=%0)) 2001132943Sgshapiro -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject 200290792Sgshapiro 200390792SgshapiroAn example LDAP LDIF entry using this map might be: 200490792Sgshapiro 200590792Sgshapiro dn: sendmailMTAMapName=mailer, dc=sendmail, dc=org 200690792Sgshapiro objectClass: sendmailMTA 200790792Sgshapiro objectClass: sendmailMTAMap 200890792Sgshapiro sendmailMTACluster: Servers 200990792Sgshapiro sendmailMTAMapName: mailer 201090792Sgshapiro 201190792Sgshapiro dn: sendmailMTAKey=example.com, sendmailMTAMapName=mailer, dc=sendmail, dc=org 201290792Sgshapiro objectClass: sendmailMTA 201390792Sgshapiro objectClass: sendmailMTAMap 201490792Sgshapiro objectClass: sendmailMTAMapObject 201590792Sgshapiro sendmailMTAMapName: mailer 201690792Sgshapiro sendmailMTACluster: Servers 201790792Sgshapiro sendmailMTAKey: example.com 201890792Sgshapiro sendmailMTAMapValue: relay:[smtp.example.com] 201990792Sgshapiro 202090792SgshapiroCAUTION: If your LDAP database contains the record above and *ALSO* a host 202190792Sgshapirospecific record such as: 202290792Sgshapiro 202390792Sgshapiro dn: sendmailMTAKey=example.com@etrn, sendmailMTAMapName=mailer, dc=sendmail, dc=org 202490792Sgshapiro objectClass: sendmailMTA 202590792Sgshapiro objectClass: sendmailMTAMap 202690792Sgshapiro objectClass: sendmailMTAMapObject 202790792Sgshapiro sendmailMTAMapName: mailer 202890792Sgshapiro sendmailMTAHost: etrn.sendmail.org 202990792Sgshapiro sendmailMTAKey: example.com 203090792Sgshapiro sendmailMTAMapValue: relay:[mx.example.com] 203190792Sgshapiro 203290792Sgshapirothen these entries will give unexpected results. When the lookup is done 203390792Sgshapiroon etrn.sendmail.org, the effect is that there is *NO* match at all as maps 203490792Sgshapirorequire a single match. Since the host etrn.sendmail.org is also in the 203590792SgshapiroServers cluster, LDAP would return two answers for the example.com map key 203690792Sgshapiroin which case sendmail would treat this as no match at all. 203790792Sgshapiro 203890792SgshapiroIf you prefer not to use the default LDAP schema for your maps, you can 203990792Sgshapirospecify the map parameters when using the FEATURE(). For example: 204090792Sgshapiro 204190792Sgshapiro FEATURE(`access_db', `ldap:-1 -k (&(objectClass=mapDatabase)(key=%0)) -v value') 204290792Sgshapiro 204390792Sgshapiro------- 204490792SgshapiroClasses 204590792Sgshapiro------- 204690792Sgshapiro 204790792SgshapiroNormally, classes can be filled via files or programs. As of 8.12, they 204890792Sgshapirocan also be filled via map lookups using a new syntax: 204990792Sgshapiro 205090792Sgshapiro F{ClassName}mapkey@mapclass:mapspec 205190792Sgshapiro 205290792Sgshapiromapkey is optional and if not provided the map key will be empty. This can 205390792Sgshapirobe used with LDAP to read classes from LDAP. Note that the lookup is only 205490792Sgshapirodone when sendmail is initially started. Use the special value `@LDAP' to 205590792Sgshapirouse the default LDAP schema. For example: 205690792Sgshapiro 205790792Sgshapiro RELAY_DOMAIN_FILE(`@LDAP') 205890792Sgshapiro 205990792Sgshapirowould put all of the attribute sendmailMTAClassValue values of LDAP records 206090792Sgshapirowith objectClass sendmailMTAClass and an attribute sendmailMTAClassName of 206190792Sgshapiro'R' into class $={R}. In other words, it is equivalent to the LDAP map 206290792Sgshapirospecification: 206390792Sgshapiro 206490792Sgshapiro F{R}@ldap:-k (&(objectClass=sendmailMTAClass) 206590792Sgshapiro (sendmailMTAClassName=R) 206690792Sgshapiro (|(sendmailMTACluster=${sendmailMTACluster}) 206790792Sgshapiro (sendmailMTAHost=$j))) 2068132943Sgshapiro -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass 206990792Sgshapiro 207090792SgshapiroNOTE: The macros shown above ${sendmailMTACluster} and $j are not actually 207190792Sgshapiroused when the binary expands the `@LDAP' token as class declarations are 207290792Sgshapironot actually macro-expanded when read from the sendmail.cf file. 207390792Sgshapiro 207490792SgshapiroThis can be used with class related commands such as RELAY_DOMAIN_FILE(), 207590792SgshapiroMASQUERADE_DOMAIN_FILE(), etc: 207690792Sgshapiro 207790792Sgshapiro Command sendmailMTAClassName 207890792Sgshapiro ------- -------------------- 207990792Sgshapiro CANONIFY_DOMAIN_FILE() Canonify 208090792Sgshapiro EXPOSED_USER_FILE() E 208190792Sgshapiro GENERICS_DOMAIN_FILE() G 208290792Sgshapiro LDAPROUTE_DOMAIN_FILE() LDAPRoute 208390792Sgshapiro LDAPROUTE_EQUIVALENT_FILE() LDAPRouteEquiv 208490792Sgshapiro LOCAL_USER_FILE() L 208590792Sgshapiro MASQUERADE_DOMAIN_FILE() M 208690792Sgshapiro MASQUERADE_EXCEPTION_FILE() N 208790792Sgshapiro RELAY_DOMAIN_FILE() R 208890792Sgshapiro VIRTUSER_DOMAIN_FILE() VirtHost 208990792Sgshapiro 209090792SgshapiroYou can also add your own as any 'F'ile class of the form: 209190792Sgshapiro 209290792Sgshapiro F{ClassName}@LDAP 209390792Sgshapiro ^^^^^^^^^ 209490792Sgshapirowill use "ClassName" for the sendmailMTAClassName. 209590792Sgshapiro 209690792SgshapiroAn example LDAP LDIF entry would look like: 209790792Sgshapiro 209890792Sgshapiro dn: sendmailMTAClassName=R, dc=sendmail, dc=org 209990792Sgshapiro objectClass: sendmailMTA 210090792Sgshapiro objectClass: sendmailMTAClass 210190792Sgshapiro sendmailMTACluster: Servers 210290792Sgshapiro sendmailMTAClassName: R 210390792Sgshapiro sendmailMTAClassValue: sendmail.org 210490792Sgshapiro sendmailMTAClassValue: example.com 210590792Sgshapiro sendmailMTAClassValue: 10.56.23 210690792Sgshapiro 210790792SgshapiroCAUTION: If your LDAP database contains the record above and *ALSO* a host 210890792Sgshapirospecific record such as: 210990792Sgshapiro 211090792Sgshapiro dn: sendmailMTAClassName=R@etrn.sendmail.org, dc=sendmail, dc=org 211190792Sgshapiro objectClass: sendmailMTA 211290792Sgshapiro objectClass: sendmailMTAClass 211390792Sgshapiro sendmailMTAHost: etrn.sendmail.org 211490792Sgshapiro sendmailMTAClassName: R 211590792Sgshapiro sendmailMTAClassValue: example.com 211690792Sgshapiro 211790792Sgshapirothe result will be similar to the aliases caution above. When the lookup 211890792Sgshapirois done on etrn.sendmail.org, $={R} would contain all of the entries (from 211990792Sgshapiroboth the cluster match and the host match). In other words, the effective 212090792Sgshapirois additive. 212190792Sgshapiro 212290792SgshapiroIf you prefer not to use the default LDAP schema for your classes, you can 212390792Sgshapirospecify the map parameters when using the class command. For example: 212490792Sgshapiro 212590792Sgshapiro VIRTUSER_DOMAIN_FILE(`@ldap:-k (&(objectClass=virtHosts)(host=*)) -v host') 212690792Sgshapiro 212790792SgshapiroRemember, macros can not be used in a class declaration as the binary does 212890792Sgshapironot expand them. 212990792Sgshapiro 213090792Sgshapiro 213164562Sgshapiro+--------------+ 213264562Sgshapiro| LDAP ROUTING | 213364562Sgshapiro+--------------+ 213464562Sgshapiro 213564562SgshapiroFEATURE(`ldap_routing') can be used to implement the IETF Internet Draft 213664562SgshapiroLDAP Schema for Intranet Mail Routing 213764562Sgshapiro(draft-lachman-laser-ldap-mail-routing-01). This feature enables 213864562SgshapiroLDAP-based rerouting of a particular address to either a different host 213964562Sgshapiroor a different address. The LDAP lookup is first attempted on the full 214064562Sgshapiroaddress (e.g., user@example.com) and then on the domain portion 214164562Sgshapiro(e.g., @example.com). Be sure to setup your domain for LDAP routing using 214264562SgshapiroLDAPROUTE_DOMAIN(), e.g.: 214364562Sgshapiro 214464562Sgshapiro LDAPROUTE_DOMAIN(`example.com') 214564562Sgshapiro 214690792SgshapiroAdditionally, you can specify equivalent domains for LDAP routing using 214790792SgshapiroLDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE(). 'Equivalent' 214890792Sgshapirohostnames are mapped to $M (the masqueraded hostname for the server) before 214990792Sgshapirothe LDAP query. For example, if the mail is addressed to 215090792Sgshapirouser@host1.example.com, normally the LDAP lookup would only be done for 215190792Sgshapiro'user@host1.example.com' and '@host1.example.com'. However, if 215290792SgshapiroLDAPROUTE_EQUIVALENT(`host1.example.com') is used, the lookups would also be 215390792Sgshapirodone on 'user@example.com' and '@example.com' after attempting the 215490792Sgshapirohost1.example.com lookups. 215590792Sgshapiro 215664562SgshapiroBy default, the feature will use the schemas as specified in the draft 215764562Sgshapiroand will not reject addresses not found by the LDAP lookup. However, 215864562Sgshapirothis behavior can be changed by giving additional arguments to the FEATURE() 215964562Sgshapirocommand: 216064562Sgshapiro 2161132943Sgshapiro FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>, 2162132943Sgshapiro <detail>, <nodomain>, <tempfail>) 216364562Sgshapiro 216464562Sgshapirowhere <mailHost> is a map definition describing how to lookup an alternative 216564562Sgshapiromail host for a particular address; <mailRoutingAddress> is a map definition 216690792Sgshapirodescribing how to lookup an alternative address for a particular address; 216764562Sgshapirothe <bounce> argument, if present and not the word "passthru", dictates 216864562Sgshapirothat mail should be bounced if neither a mailHost nor mailRoutingAddress 2169132943Sgshapirois found, if set to "sendertoo", the sender will be rejected if not 2170132943Sgshapirofound in LDAP; and <detail> indicates what actions to take if the address 217190792Sgshapirocontains +detail information -- `strip' tries the lookup with the +detail 217290792Sgshapiroand if no matches are found, strips the +detail and tries the lookup again; 217390792Sgshapiro`preserve', does the same as `strip' but if a mailRoutingAddress match is 2174132943Sgshapirofound, the +detail information is copied to the new address; the <nodomain> 2175132943Sgshapiroargument, if present, will prevent the @domain lookup if the full 2176132943Sgshapiroaddress is not found in LDAP; the <tempfail> argument, if set to 2177132943Sgshapiro"tempfail", instructs the rules to give an SMTP 4XX temporary 2178132943Sgshapiroerror if the LDAP server gives the MTA a temporary failure, or if set to 2179132943Sgshapiro"queue" (the default), the MTA will locally queue the mail. 218064562Sgshapiro 218164562SgshapiroThe default <mailHost> map definition is: 218264562Sgshapiro 218394334Sgshapiro ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient) 218464562Sgshapiro (mailLocalAddress=%0)) 218564562Sgshapiro 218664562SgshapiroThe default <mailRoutingAddress> map definition is: 218764562Sgshapiro 218894334Sgshapiro ldap -1 -T<TMPF> -v mailRoutingAddress 218994334Sgshapiro -k (&(objectClass=inetLocalMailRecipient) 219094334Sgshapiro (mailLocalAddress=%0)) 219164562Sgshapiro 219264562SgshapiroNote that neither includes the LDAP server hostname (-h server) or base DN 219364562Sgshapiro(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that 219464562Sgshapiroyour .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with 219564562Sgshapirothese settings. If this is not the case, the map definitions should be 219694334Sgshapirochanged as described above. The "-T<TMPF>" is required in any user 219794334Sgshapirospecified map definition to catch temporary errors. 219864562Sgshapiro 219964562SgshapiroThe following possibilities exist as a result of an LDAP lookup on an 220064562Sgshapiroaddress: 220164562Sgshapiro 220264562Sgshapiro mailHost is mailRoutingAddress is Results in 220364562Sgshapiro ----------- --------------------- ---------- 220464562Sgshapiro set to a set mail delivered to 220564562Sgshapiro "local" host mailRoutingAddress 220664562Sgshapiro 220764562Sgshapiro set to a not set delivered to 220864562Sgshapiro "local" host original address 220964562Sgshapiro 221064562Sgshapiro set to a set mailRoutingAddress 221164562Sgshapiro remote host relayed to mailHost 221264562Sgshapiro 221364562Sgshapiro set to a not set original address 221464562Sgshapiro remote host relayed to mailHost 221564562Sgshapiro 221664562Sgshapiro not set set mail delivered to 221764562Sgshapiro mailRoutingAddress 221864562Sgshapiro 221964562Sgshapiro not set not set delivered to 222064562Sgshapiro original address *OR* 222164562Sgshapiro bounced as unknown user 222264562Sgshapiro 222390792SgshapiroThe term "local" host above means the host specified is in class {w}. If 222490792Sgshapirothe result would mean sending the mail to a different host, that host is 222590792Sgshapirolooked up in the mailertable before delivery. 222690792Sgshapiro 222764562SgshapiroNote that the last case depends on whether the third argument is given 222864562Sgshapiroto the FEATURE() command. The default is to deliver the message to the 222964562Sgshapirooriginal address. 223064562Sgshapiro 223164562SgshapiroThe LDAP entries should be set up with an objectClass of 223264562SgshapiroinetLocalMailRecipient and the address be listed in a mailLocalAddress 223364562Sgshapiroattribute. If present, there must be only one mailHost attribute and it 223464562Sgshapiromust contain a fully qualified host name as its value. Similarly, if 223564562Sgshapiropresent, there must be only one mailRoutingAddress attribute and it must 223690792Sgshapirocontain an RFC 822 compliant address. Some example LDAP records (in LDIF 223764562Sgshapiroformat): 223864562Sgshapiro 223964562Sgshapiro dn: uid=tom, o=example.com, c=US 224064562Sgshapiro objectClass: inetLocalMailRecipient 224164562Sgshapiro mailLocalAddress: tom@example.com 224264562Sgshapiro mailRoutingAddress: thomas@mailhost.example.com 224364562Sgshapiro 224464562SgshapiroThis would deliver mail for tom@example.com to thomas@mailhost.example.com. 224564562Sgshapiro 224664562Sgshapiro dn: uid=dick, o=example.com, c=US 224764562Sgshapiro objectClass: inetLocalMailRecipient 224864562Sgshapiro mailLocalAddress: dick@example.com 224964562Sgshapiro mailHost: eng.example.com 225064562Sgshapiro 225164562SgshapiroThis would relay mail for dick@example.com to the same address but redirect 225290792Sgshapirothe mail to MX records listed for the host eng.example.com (unless the 225390792Sgshapiromailertable overrides). 225464562Sgshapiro 225564562Sgshapiro dn: uid=harry, o=example.com, c=US 225664562Sgshapiro objectClass: inetLocalMailRecipient 225764562Sgshapiro mailLocalAddress: harry@example.com 225864562Sgshapiro mailHost: mktmail.example.com 225964562Sgshapiro mailRoutingAddress: harry@mkt.example.com 226064562Sgshapiro 226164562SgshapiroThis would relay mail for harry@example.com to the MX records listed for 226264562Sgshapirothe host mktmail.example.com using the new address harry@mkt.example.com 226364562Sgshapirowhen talking to that host. 226464562Sgshapiro 226564562Sgshapiro dn: uid=virtual.example.com, o=example.com, c=US 226664562Sgshapiro objectClass: inetLocalMailRecipient 226764562Sgshapiro mailLocalAddress: @virtual.example.com 226864562Sgshapiro mailHost: server.example.com 226964562Sgshapiro mailRoutingAddress: virtual@example.com 227064562Sgshapiro 227164562SgshapiroThis would send all mail destined for any username @virtual.example.com to 227264562Sgshapirothe machine server.example.com's MX servers and deliver to the address 227364562Sgshapirovirtual@example.com on that relay machine. 227464562Sgshapiro 227564562Sgshapiro 227638032Speter+---------------------------------+ 227738032Speter| ANTI-SPAM CONFIGURATION CONTROL | 227838032Speter+---------------------------------+ 227938032Speter 228038032SpeterThe primary anti-spam features available in sendmail are: 228138032Speter 228238032Speter* Relaying is denied by default. 228338032Speter* Better checking on sender information. 228438032Speter* Access database. 228538032Speter* Header checks. 228638032Speter 228764562SgshapiroRelaying (transmission of messages from a site outside your host (class 228864562Sgshapiro{w}) to another site except yours) is denied by default. Note that this 228964562Sgshapirochanged in sendmail 8.9; previous versions allowed relaying by default. 229064562SgshapiroIf you really want to revert to the old behaviour, you will need to use 229164562SgshapiroFEATURE(`promiscuous_relay'). You can allow certain domains to relay 229264562Sgshapirothrough your server by adding their domain name or IP address to class 229364562Sgshapiro{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database 229490792Sgshapiro(described below). Note that IPv6 addresses must be prefaced with "IPv6:". 229590792SgshapiroThe file consists (like any other file based class) of entries listed on 229690792Sgshapiroseparate lines, e.g., 229738032Speter 229864562Sgshapiro sendmail.org 229964562Sgshapiro 128.32 230090792Sgshapiro IPv6:2002:c0a8:02c7 230190792Sgshapiro IPv6:2002:c0a8:51d2::23f4 230264562Sgshapiro host.mydomain.com 230390792Sgshapiro [UNIX:localhost] 230464562Sgshapiro 230590792SgshapiroNotice: the last entry allows relaying for connections via a UNIX 230690792Sgshapirosocket to the MTA/MSP. This might be necessary if your configuration 230790792Sgshapirodoesn't allow relaying by other means in that case, e.g., by having 230890792Sgshapirolocalhost.$m in class {R} (make sure $m is not just a top level 230990792Sgshapirodomain). 231090792Sgshapiro 231138032SpeterIf you use 231238032Speter 231343730Speter FEATURE(`relay_entire_domain') 231438032Speter 231564562Sgshapirothen any host in any of your local domains (that is, class {m}) 231642575Speterwill be relayed (that is, you will accept mail either to or from any 231742575Speterhost in your domain). 231838032Speter 231938032SpeterYou can also allow relaying based on the MX records of the host 232038032Speterportion of an incoming recipient address by using 232138032Speter 232243730Speter FEATURE(`relay_based_on_MX') 232338032Speter 232438032SpeterFor example, if your server receives a recipient of user@domain.com 232538032Speterand domain.com lists your server in its MX records, the mail will be 232690792Sgshapiroaccepted for relay to domain.com. This feature may cause problems 232790792Sgshapiroif MX lookups for the recipient domain are slow or time out. In that 232890792Sgshapirocase, mail will be temporarily rejected. It is usually better to 232990792Sgshapiromaintain a list of hosts/domains for which the server acts as relay. 233090792SgshapiroNote also that this feature will stop spammers from using your host 233190792Sgshapiroto relay spam but it will not stop outsiders from using your server 233290792Sgshapiroas a relay for their site (that is, they set up an MX record pointing 233390792Sgshapiroto your mail server, and you will relay mail addressed to them 233490792Sgshapirowithout any prior arrangement). Along the same lines, 233538032Speter 233643730Speter FEATURE(`relay_local_from') 233738032Speter 233838032Speterwill allow relaying if the sender specifies a return path (i.e. 233990792SgshapiroMAIL FROM: <user@domain>) domain which is a local domain. This is a 234038032Speterdangerous feature as it will allow spammers to spam using your mail 234138032Speterserver by simply specifying a return address of user@your.domain.com. 234238032SpeterIt should not be used unless absolutely necessary. 234364562SgshapiroA slightly better solution is 234438032Speter 234564562Sgshapiro FEATURE(`relay_mail_from') 234664562Sgshapiro 234764562Sgshapirowhich allows relaying if the mail sender is listed as RELAY in the 2348110560Sgshapiroaccess map. If an optional argument `domain' (this is the literal 2349110560Sgshapiroword `domain', not a placeholder) is given, the domain portion of 2350110560Sgshapirothe mail sender is also checked to allowing relaying. This option 2351110560Sgshapiroonly works together with the tag From: for the LHS of the access 2352132943Sgshapiromap entries. This feature allows spammers to abuse your mail server 2353132943Sgshapiroby specifying a return address that you enabled in your access file. 2354132943SgshapiroThis may be harder to figure out for spammers, but it should not 2355132943Sgshapirobe used unless necessary. Instead use SMTP AUTH or STARTTLS to 2356132943Sgshapiroallow relaying for roaming users. 235764562Sgshapiro 235864562Sgshapiro 235990792SgshapiroIf source routing is used in the recipient address (e.g., 236038032SpeterRCPT TO: <user%site.com@othersite.com>), sendmail will check 236138032Speteruser@site.com for relaying if othersite.com is an allowed relay host 236264562Sgshapiroin either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, 236343730Speteror the access database if FEATURE(`access_db') is used. To prevent 236438032Speterthe address from being stripped down, use: 236538032Speter 236643730Speter FEATURE(`loose_relay_check') 236738032Speter 236838032SpeterIf you think you need to use this feature, you probably do not. This 236938032Spetershould only be used for sites which have no control over the addresses 237038032Speterthat they provide a gateway for. Use this FEATURE with caution as it 237138032Spetercan allow spammers to relay through your server if not setup properly. 237238032Speter 237364562SgshapiroNOTICE: It is possible to relay mail through a system which the anti-relay 237464562Sgshapirorules do not prevent: the case of a system that does use FEATURE(`nouucp', 237564562Sgshapiro`nospecial') (system A) and relays local messages to a mail hub (e.g., via 237664562SgshapiroLOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use 237764562SgshapiroFEATURE(`nouucp') at all, addresses of the form 237864562Sgshapiro<example.net!user@local.host> would be relayed to <user@example.net>. 237964562SgshapiroSystem A doesn't recognize `!' as an address separator and therefore 238064562Sgshapiroforwards it to the mail hub which in turns relays it because it came from 238164562Sgshapiroa trusted local host. So if a mailserver allows UUCP (bang-format) 238264562Sgshapiroaddresses, all systems from which it allows relaying should do the same 238364562Sgshapiroor reject those addresses. 238464562Sgshapiro 238538032SpeterAs of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has 238638032Speteran unresolvable domain (i.e., one that DNS, your local name service, 238790792Sgshapiroor special case rules in ruleset 3 cannot locate). This also applies 238890792Sgshapiroto addresses that use domain literals, e.g., <user@[1.2.3.4]>, if the 238990792SgshapiroIP address can't be mapped to a host name. If you want to continue 239090792Sgshapiroto accept such domains, e.g., because you are inside a firewall that 239190792Sgshapirohas only a limited view of the Internet host name space (note that you 239290792Sgshapirowill not be able to return mail to them unless you have some "smart 239390792Sgshapirohost" forwarder), use 239438032Speter 239543730Speter FEATURE(`accept_unresolvable_domains') 239638032Speter 239790792SgshapiroAlternatively, you can allow specific addresses by adding them to 239890792Sgshapirothe access map, e.g., 239990792Sgshapiro 240090792Sgshapiro From:unresolvable.domain OK 240190792Sgshapiro From:[1.2.3.4] OK 240290792Sgshapiro From:[1.2.4] OK 240390792Sgshapiro 240490792SgshapiroNotice: domains which are temporarily unresolvable are (temporarily) 240590792Sgshapirorejected with a 451 reply code. If those domains should be accepted 240690792Sgshapiro(which is discouraged) then you can use 240790792Sgshapiro 240890792Sgshapiro LOCAL_CONFIG 240990792Sgshapiro C{ResOk}TEMP 241090792Sgshapiro 241138032Spetersendmail will also refuse mail if the MAIL FROM: parameter is not 241238032Speterfully qualified (i.e., contains a domain as well as a user). If you 241338032Speterwant to continue to accept such senders, use 241438032Speter 241543730Speter FEATURE(`accept_unqualified_senders') 241638032Speter 241764562SgshapiroSetting the DaemonPortOptions modifier 'u' overrides the default behavior, 241864562Sgshapiroi.e., unqualified addresses are accepted even without this FEATURE. If 241964562Sgshapirothis FEATURE is not used, the DaemonPortOptions modifier 'f' can be used 242090792Sgshapiroto enforce fully qualified domain names. 242164562Sgshapiro 242238032SpeterAn ``access'' database can be created to accept or reject mail from 242338032Speterselected domains. For example, you may choose to reject all mail 242438032Speteroriginating from known spammers. To enable such a database, use 242538032Speter 242643730Speter FEATURE(`access_db') 242738032Speter 242890792SgshapiroNotice: the access database is applied to the envelope addresses 242990792Sgshapiroand the connection information, not to the header. 243090792Sgshapiro 243190792SgshapiroThe FEATURE macro can accept as second parameter the key file 243238032Speterdefinition for the database; for example 243338032Speter 243490792Sgshapiro FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access_map') 243538032Speter 243690792SgshapiroNotice: If a second argument is specified it must contain the option 243790792Sgshapiro`-T<TMPF>' as shown above. The optional third and fourth parameters 243890792Sgshapiromay be `skip' or `lookupdotdomain'. The former enables SKIP as 243990792Sgshapirovalue part (see below), the latter is another way to enable the 244090792Sgshapirofeature of the same name (see above). 244190792Sgshapiro 244242575SpeterRemember, since /etc/mail/access is a database, after creating the text 244342575Speterfile as described below, you must use makemap to create the database 244442575Spetermap. For example: 244542575Speter 244643730Speter makemap hash /etc/mail/access < /etc/mail/access 244742575Speter 244838032SpeterThe table itself uses e-mail addresses, domain names, and network 244990792Sgshapironumbers as keys. Note that IPv6 addresses must be prefaced with "IPv6:". 245090792SgshapiroFor example, 245138032Speter 2452132943Sgshapiro From:spammer@aol.com REJECT 2453132943Sgshapiro From:cyberspammer.com REJECT 2454132943Sgshapiro Connect:cyberspammer.com REJECT 2455132943Sgshapiro Connect:TLD REJECT 2456132943Sgshapiro Connect:192.168.212 REJECT 2457132943Sgshapiro Connect:IPv6:2002:c0a8:02c7 RELAY 2458132943Sgshapiro Connect:IPv6:2002:c0a8:51d2::23f4 REJECT 245938032Speter 246038032Speterwould refuse mail from spammer@aol.com, any user from cyberspammer.com 246194334Sgshapiro(or any host within the cyberspammer.com domain), any host in the entire 246294334Sgshapirotop level domain TLD, 192.168.212.* network, and the IPv6 address 246394334Sgshapiro2002:c0a8:51d2::23f4. It would allow relay for the IPv6 network 246494334Sgshapiro2002:c0a8:02c7::/48. 246538032Speter 2466132943SgshapiroEntries in the access map should be tagged according to their type. 2467132943SgshapiroThree tags are available: 2468132943Sgshapiro 2469132943Sgshapiro Connect: connection information (${client_addr}, ${client_name}) 2470132943Sgshapiro From: envelope sender 2471132943Sgshapiro To: envelope recipient 2472132943Sgshapiro 2473132943SgshapiroNotice: untagged entries are deprecated. 2474132943Sgshapiro 2475132943SgshapiroIf the required item is looked up in a map, it will be tried first 2476132943Sgshapirowith the corresponding tag in front, then (as fallback to enable 2477132943Sgshapirobackward compatibility) without any tag, unless the specific feature 2478132943Sgshapirorequires a tag. For example, 2479132943Sgshapiro 2480132943Sgshapiro From:spammer@some.dom REJECT 2481132943Sgshapiro To:friend.domain RELAY 2482132943Sgshapiro Connect:friend.domain OK 2483132943Sgshapiro Connect:from.domain RELAY 2484132943Sgshapiro From:good@another.dom OK 2485132943Sgshapiro From:another.dom REJECT 2486132943Sgshapiro 2487132943SgshapiroThis would deny mails from spammer@some.dom but you could still 2488132943Sgshapirosend mail to that address even if FEATURE(`blacklist_recipients') 2489132943Sgshapirois enabled. Your system will allow relaying to friend.domain, but 2490132943Sgshapironot from it (unless enabled by other means). Connections from that 2491132943Sgshapirodomain will be allowed even if it ends up in one of the DNS based 2492132943Sgshapirorejection lists. Relaying is enabled from from.domain but not to 2493132943Sgshapiroit (since relaying is based on the connection information for 2494132943Sgshapirooutgoing relaying, the tag Connect: must be used; for incoming 2495132943Sgshapirorelaying, which is based on the recipient address, To: must be 2496132943Sgshapiroused). The last two entries allow mails from good@another.dom but 2497132943Sgshapiroreject mail from all other addresses with another.dom as domain 2498132943Sgshapiropart. 2499132943Sgshapiro 2500132943Sgshapiro 250138032SpeterThe value part of the map can contain: 250238032Speter 250390792Sgshapiro OK Accept mail even if other rules in the running 250490792Sgshapiro ruleset would reject it, for example, if the domain 250590792Sgshapiro name is unresolvable. "Accept" does not mean 250690792Sgshapiro "relay", but at most acceptance for local 250790792Sgshapiro recipients. That is, OK allows less than RELAY. 250842575Speter RELAY Accept mail addressed to the indicated domain or 250942575Speter received from the indicated domain for relaying 251042575Speter through your SMTP server. RELAY also serves as 251142575Speter an implicit OK for the other checks. 251242575Speter REJECT Reject the sender or recipient with a general 251338032Speter purpose message. 251442575Speter DISCARD Discard the message completely using the 251571345Sgshapiro $#discard mailer. If it is used in check_compat, 251671345Sgshapiro it affects only the designated recipient, not 251771345Sgshapiro the whole message as it does in all other cases. 251871345Sgshapiro This should only be used if really necessary. 251990792Sgshapiro SKIP This can only be used for host/domain names 252090792Sgshapiro and IP addresses/nets. It will abort the current 252190792Sgshapiro search for this entry without accepting or rejecting 252290792Sgshapiro it but causing the default action. 252366494Sgshapiro ### any text where ### is an RFC 821 compliant error code and 252466494Sgshapiro "any text" is a message to return for the command. 252566494Sgshapiro The string should be quoted to avoid surprises, 252666494Sgshapiro e.g., sendmail may remove spaces otherwise. 2527132943Sgshapiro This type is deprecated, use one of the two 252890792Sgshapiro ERROR: entries below instead. 252964562Sgshapiro ERROR:### any text 253064562Sgshapiro as above, but useful to mark error messages as such. 253164562Sgshapiro ERROR:D.S.N:### any text 253264562Sgshapiro where D.S.N is an RFC 1893 compliant error code 253364562Sgshapiro and the rest as above. 2534132943Sgshapiro QUARANTINE:any text 2535132943Sgshapiro Quarantine the message using the given text as the 2536132943Sgshapiro quarantining reason. 253738032Speter 253838032SpeterFor example: 253938032Speter 2540132943Sgshapiro From:cyberspammer.com ERROR:"550 We don't accept mail from spammers" 2541132943Sgshapiro From:okay.cyberspammer.com OK 2542132943Sgshapiro Connect:sendmail.org RELAY 2543132943Sgshapiro To:sendmail.org RELAY 2544132943Sgshapiro Connect:128.32 RELAY 2545132943Sgshapiro Connect:128.32.2 SKIP 2546132943Sgshapiro Connect:IPv6:1:2:3:4:5:6:7 RELAY 2547132943Sgshapiro Connect:suspicious.example.com QUARANTINE:Mail from suspicious host 2548132943Sgshapiro Connect:[127.0.0.3] OK 2549132943Sgshapiro Connect:[IPv6:1:2:3:4:5:6:7:8] OK 255038032Speter 2551132943Sgshapirowould accept mail from okay.cyberspammer.com, but would reject mail 2552132943Sgshapirofrom all other hosts at cyberspammer.com with the indicated message. 2553132943SgshapiroIt would allow relaying mail from and to any hosts in the sendmail.org 2554132943Sgshapirodomain, and allow relaying from the IPv6 1:2:3:4:5:6:7:* network 2555132943Sgshapiroand from the 128.32.*.* network except for the 128.32.2.* network, 2556132943Sgshapirowhich shows how SKIP is useful to exempt subnets/subdomains. The 2557132943Sgshapirolast two entries are for checks against ${client_name} if the IP 2558132943Sgshapiroaddress doesn't resolve to a hostname (or is considered as "may be 2559132943Sgshapiroforged"). That is, using square brackets means these are host 2560132943Sgshapironames, not network numbers. 256138032Speter 256264562SgshapiroWarning: if you change the RFC 821 compliant error code from the default 256364562Sgshapirovalue of 550, then you should probably also change the RFC 1893 compliant 256464562Sgshapiroerror code to match it. For example, if you use 256564562Sgshapiro 2566132943Sgshapiro To:user@example.com ERROR:450 mailbox full 256764562Sgshapiro 256890792Sgshapirothe error returned would be "450 5.0.0 mailbox full" which is wrong. 256990792SgshapiroUse "ERROR:4.2.2:450 mailbox full" instead. 257064562Sgshapiro 257164562SgshapiroNote, UUCP users may need to add hostname.UUCP to the access database 257290792Sgshapiroor class {R}. 257364562Sgshapiro 257490792SgshapiroIf you also use: 257590792Sgshapiro 257643730Speter FEATURE(`relay_hosts_only') 257738032Speter 257838032Speterthen the above example will allow relaying for sendmail.org, but not 257938032Speterhosts within the sendmail.org domain. Note that this will also require 258064562Sgshapirohosts listed in class {R} to be fully qualified host names. 258138032Speter 258238032SpeterYou can also use the access database to block sender addresses based on 258338032Speterthe username portion of the address. For example: 258438032Speter 2585132943Sgshapiro From:FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted 258638032Speter 258738032SpeterNote that you must include the @ after the username to signify that 258838032Speterthis database entry is for checking only the username portion of the 258938032Spetersender address. 259038032Speter 259138032SpeterIf you use: 259238032Speter 259343730Speter FEATURE(`blacklist_recipients') 259438032Speter 259538032Speterthen you can add entries to the map for local users, hosts in your 259638032Speterdomains, or addresses in your domain which should not receive mail: 259738032Speter 2598132943Sgshapiro To:badlocaluser@ ERROR:550 Mailbox disabled for badlocaluser 2599132943Sgshapiro To:host.my.TLD ERROR:550 That host does not accept mail 2600132943Sgshapiro To:user@other.my.TLD ERROR:550 Mailbox disabled for this recipient 260138032Speter 2602132943SgshapiroThis would prevent a recipient of badlocaluser in any of the local 2603132943Sgshapirodomains (class {w}), any user at host.my.TLD, and the single address 2604132943Sgshapirouser@other.my.TLD from receiving mail. Please note: a local username 2605132943Sgshapiromust be now tagged with an @ (this is consistent with the check of 2606132943Sgshapirothe sender address, and hence it is possible to distinguish between 2607132943Sgshapirohostnames and usernames). Enabling this feature will keep you from 2608132943Sgshapirosending mails to all addresses that have an error message or REJECT 2609132943Sgshapiroas value part in the access map. Taking the example from above: 261038032Speter 261142575Speter spammer@aol.com REJECT 261242575Speter cyberspammer.com REJECT 261342575Speter 261442575SpeterMail can't be sent to spammer@aol.com or anyone at cyberspammer.com. 2615132943SgshapiroThat's why tagged entries should be used. 261642575Speter 261790792SgshapiroThere are several DNS based blacklists, the first of which was 261890792Sgshapirothe RBL (``Realtime Blackhole List'') run by the MAPS project, 261990792Sgshapirosee http://mail-abuse.org/. These are databases of spammers 262090792Sgshapiromaintained in DNS. To use such a database, specify 262138032Speter 262264562Sgshapiro FEATURE(`dnsbl') 262338032Speter 262490792SgshapiroThis will cause sendmail to reject mail from any site in the original 262580785SgshapiroRealtime Blackhole List database. This default DNS blacklist, 262680785Sgshapiroblackholes.mail-abuse.org, is a service offered by the Mail Abuse 262780785SgshapiroPrevention System (MAPS). As of July 31, 2001, MAPS is a subscription 262880785Sgshapiroservice, so using that network address won't work if you haven't 262980785Sgshapirosubscribed. Contact MAPS to subscribe (http://mail-abuse.org/). 263038032Speter 263180785SgshapiroYou can specify an alternative RBL server to check by specifying an 263280785Sgshapiroargument to the FEATURE. The default error message is 263380785Sgshapiro 263498841Sgshapiro Rejected: IP-ADDRESS listed at SERVER 263580785Sgshapiro 263690792Sgshapirowhere IP-ADDRESS and SERVER are replaced by the appropriate 263790792Sgshapiroinformation. A second argument can be used to specify a different 263890792Sgshapirotext. By default, temporary lookup failures are ignored and hence 263990792Sgshapirocause the connection not to be rejected by the DNS based rejection 264090792Sgshapirolist. This behavior can be changed by specifying a third argument, 264190792Sgshapirowhich must be either `t' or a full error message. For example: 264271345Sgshapiro 264390792Sgshapiro FEATURE(`dnsbl', `dnsbl.example.com', `', 264490792Sgshapiro `"451 Temporary lookup failure for " $&{client_addr} " in dnsbl.example.com"') 264571345Sgshapiro 264690792SgshapiroIf `t' is used, the error message is: 264790792Sgshapiro 264890792Sgshapiro 451 Temporary lookup failure of IP-ADDRESS at SERVER 264990792Sgshapiro 265090792Sgshapirowhere IP-ADDRESS and SERVER are replaced by the appropriate 265190792Sgshapiroinformation. 265290792Sgshapiro 265390792SgshapiroThis FEATURE can be included several times to query different 265490792SgshapiroDNS based rejection lists, e.g., the dial-up user list (see 265590792Sgshapirohttp://mail-abuse.org/dul/). 265690792Sgshapiro 265790792SgshapiroNotice: to avoid checking your own local domains against those 265890792Sgshapiroblacklists, use the access_db feature and add: 265990792Sgshapiro 266090792Sgshapiro Connect:10.1 OK 266190792Sgshapiro Connect:127.0.0.1 RELAY 266290792Sgshapiro 266390792Sgshapiroto the access map, where 10.1 is your local network. You may 266490792Sgshapirowant to use "RELAY" instead of "OK" to allow also relaying 266590792Sgshapiroinstead of just disabling the DNS lookups in the backlists. 266690792Sgshapiro 266790792Sgshapiro 266838032SpeterThe features described above make use of the check_relay, check_mail, 2669110560Sgshapiroand check_rcpt rulesets. Note that check_relay checks the SMTP 2670110560Sgshapiroclient hostname and IP address when the connection is made to your 2671110560Sgshapiroserver. It does not check if a mail message is being relayed to 2672110560Sgshapiroanother server. That check is done in check_rcpt. If you wish to 2673110560Sgshapiroinclude your own checks, you can put your checks in the rulesets 2674110560SgshapiroLocal_check_relay, Local_check_mail, and Local_check_rcpt. For 2675110560Sgshapiroexample if you wanted to block senders with all numeric usernames 2676110560Sgshapiro(i.e. 2312343@bigisp.com), you would use Local_check_mail and the 2677110560Sgshapiroregex map: 267838032Speter 267964562Sgshapiro LOCAL_CONFIG 268064562Sgshapiro Kallnumbers regex -a@MATCH ^[0-9]+$ 268164562Sgshapiro 268264562Sgshapiro LOCAL_RULESETS 268364562Sgshapiro SLocal_check_mail 268464562Sgshapiro # check address against various regex checks 268538032Speter R$* $: $>Parse0 $>3 $1 268664562Sgshapiro R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $) 268764562Sgshapiro R@MATCH $#error $: 553 Header Error 268838032Speter 268938032SpeterThese rules are called with the original arguments of the corresponding 269038032Spetercheck_* ruleset. If the local ruleset returns $#OK, no further checking 2691132943Sgshapirois done by the features described above and the mail is accepted. If 2692132943Sgshapirothe local ruleset resolves to a mailer (such as $#error or $#discard), 2693132943Sgshapirothe appropriate action is taken. Other results starting with $# are 2694132943Sgshapirointerpreted by sendmail and may lead to unspecified behavior. Note: do 2695132943SgshapiroNOT create a mailer with the name OK. Return values that do not start 2696132943Sgshapirowith $# are ignored, i.e., normal processing continues. 269738032Speter 269864562SgshapiroDelay all checks 269990792Sgshapiro---------------- 270064562Sgshapiro 270164562SgshapiroBy using FEATURE(`delay_checks') the rulesets check_mail and check_relay 270264562Sgshapirowill not be called when a client connects or issues a MAIL command, 270364562Sgshapirorespectively. Instead, those rulesets will be called by the check_rcpt 270464562Sgshapiroruleset; they will be skipped if a sender has been authenticated using 270564562Sgshapiroa "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(). 270664562SgshapiroIf check_mail returns an error then the RCPT TO command will be rejected 270764562Sgshapirowith that error. If it returns some other result starting with $# then 270864562Sgshapirocheck_relay will be skipped. If the sender address (or a part of it) is 270964562Sgshapirolisted in the access map and it has a RHS of OK or RELAY, then check_relay 271064562Sgshapirowill be skipped. This has an interesting side effect: if your domain is 271164562Sgshapiromy.domain and you have 271264562Sgshapiro 271364562Sgshapiro my.domain RELAY 271464562Sgshapiro 2715125820Sgshapiroin the access map, then any e-mail with a sender address of 2716125820Sgshapiro<user@my.domain> will not be rejected by check_relay even though 2717125820Sgshapiroit would match the hostname or IP address. This allows spammers 271864562Sgshapiroto get around DNS based blacklist by faking the sender address. To 271964562Sgshapiroavoid this problem you have to use tagged entries: 272064562Sgshapiro 272164562Sgshapiro To:my.domain RELAY 272264562Sgshapiro Connect:my.domain RELAY 272364562Sgshapiro 272464562Sgshapiroif you need those entries at all (class {R} may take care of them). 272573188Sgshapiro 272664562SgshapiroFEATURE(`delay_checks') can take an optional argument: 272764562Sgshapiro 272864562Sgshapiro FEATURE(`delay_checks', `friend') 272964562Sgshapiro enables spamfriend test 273064562Sgshapiro FEATURE(`delay_checks', `hater') 273164562Sgshapiro enables spamhater test 273264562Sgshapiro 273394334SgshapiroIf such an argument is given, the recipient will be looked up in the 273494334Sgshapiroaccess map (using the tag Spam:). If the argument is `friend', then 273594334Sgshapirothe default behavior is to apply the other rulesets and make a SPAM 273694334Sgshapirofriend the exception. The rulesets check_mail and check_relay will be 273794334Sgshapiroskipped only if the recipient address is found and has RHS FRIEND. If 273894334Sgshapirothe argument is `hater', then the default behavior is to skip the rulesets 273994334Sgshapirocheck_mail and check_relay and make a SPAM hater the exception. The 274094334Sgshapiroother two rulesets will be applied only if the recipient address is 274194334Sgshapirofound and has RHS HATER. 274264562Sgshapiro 274364562SgshapiroThis allows for simple exceptions from the tests, e.g., by activating 274490792Sgshapirothe friend option and having 274564562Sgshapiro 274690792Sgshapiro Spam:abuse@ FRIEND 274764562Sgshapiro 2748110560Sgshapiroin the access map, mail to abuse@localdomain will get through (where 2749110560Sgshapiro"localdomain" is any domain in class {w}). It is also possible to 2750110560Sgshapirospecify a full address or an address with +detail: 275164562Sgshapiro 275290792Sgshapiro Spam:abuse@my.domain FRIEND 275390792Sgshapiro Spam:me+abuse@ FRIEND 275490792Sgshapiro Spam:spam.domain FRIEND 275564562Sgshapiro 275690792SgshapiroNote: The required tag has been changed in 8.12 from To: to Spam:. 275790792SgshapiroThis change is incompatible to previous versions. However, you can 275890792Sgshapiro(for now) simply add the new entries to the access map, the old 275990792Sgshapiroones will be ignored. As soon as you removed the old entries from 276090792Sgshapirothe access map, specify a third parameter (`n') to this feature and 276190792Sgshapirothe backward compatibility rules will not be in the generated .cf 276290792Sgshapirofile. 276364562Sgshapiro 276464562SgshapiroHeader Checks 276590792Sgshapiro------------- 276664562Sgshapiro 276738032SpeterYou can also reject mail on the basis of the contents of headers. 276838032SpeterThis is done by adding a ruleset call to the 'H' header definition command 276938032Speterin sendmail.cf. For example, this can be used to check the validity of 277038032Spetera Message-ID: header: 277138032Speter 2772110560Sgshapiro LOCAL_CONFIG 277338032Speter HMessage-Id: $>CheckMessageId 277438032Speter 2775110560Sgshapiro LOCAL_RULESETS 277638032Speter SCheckMessageId 277738032Speter R< $+ @ $+ > $@ OK 277838032Speter R$* $#error $: 553 Header Error 277938032Speter 278064562SgshapiroThe alternative format: 278138032Speter 278264562Sgshapiro HSubject: $>+CheckSubject 278342575Speter 278464562Sgshapirothat is, $>+ instead of $>, gives the full Subject: header including 278564562Sgshapirocomments to the ruleset (comments in parentheses () are stripped 278664562Sgshapiroby default). 278742575Speter 278864562SgshapiroA default ruleset for headers which don't have a specific ruleset 278964562Sgshapirodefined for them can be given by: 279042575Speter 279164562Sgshapiro H*: $>CheckHdr 279243730Speter 279390792SgshapiroNotice: 279490792Sgshapiro1. All rules act on tokens as explained in doc/op/op.{me,ps,txt}. 279573188SgshapiroThat may cause problems with simple header checks due to the 279690792Sgshapirotokenization. It might be simpler to use a regex map and apply it 279773188Sgshapiroto $&{currHeader}. 279890792Sgshapiro2. There are no default rulesets coming with this distribution of 279990792Sgshapirosendmail. You can either write your own or you can search the 280090792SgshapiroWWW for examples, e.g., http://www.digitalanswers.org/check_local/ 2801132943Sgshapiro3. When using a default ruleset for headers, the name of the header 2802132943Sgshapirocurrently being checked can be found in the $&{hdr_name} macro. 280373188Sgshapiro 280464562SgshapiroAfter all of the headers are read, the check_eoh ruleset will be called for 280564562Sgshapiroany final header-related checks. The ruleset is called with the number of 280664562Sgshapiroheaders and the size of all of the headers in bytes separated by $|. One 280764562Sgshapiroexample usage is to reject messages which do not have a Message-Id: 280864562Sgshapiroheader. However, the Message-Id: header is *NOT* a required header and is 280964562Sgshapironot a guaranteed spam indicator. This ruleset is an example and should 281064562Sgshapiroprobably not be used in production. 281164562Sgshapiro 281264562Sgshapiro LOCAL_CONFIG 281364562Sgshapiro Kstorage macro 2814110560Sgshapiro HMessage-Id: $>CheckMessageId 281564562Sgshapiro 281664562Sgshapiro LOCAL_RULESETS 281764562Sgshapiro SCheckMessageId 281864562Sgshapiro # Record the presence of the header 281964562Sgshapiro R$* $: $(storage {MessageIdCheck} $@ OK $) $1 282064562Sgshapiro R< $+ @ $+ > $@ OK 282164562Sgshapiro R$* $#error $: 553 Header Error 282264562Sgshapiro 282364562Sgshapiro Scheck_eoh 282464562Sgshapiro # Check the macro 282564562Sgshapiro R$* $: < $&{MessageIdCheck} > 282664562Sgshapiro # Clear the macro for the next message 282764562Sgshapiro R$* $: $(storage {MessageIdCheck} $) $1 282864562Sgshapiro # Has a Message-Id: header 282964562Sgshapiro R< $+ > $@ OK 283064562Sgshapiro # Allow missing Message-Id: from local mail 283164562Sgshapiro R$* $: < $&{client_name} > 283264562Sgshapiro R< > $@ OK 283364562Sgshapiro R< $=w > $@ OK 283464562Sgshapiro # Otherwise, reject the mail 283564562Sgshapiro R$* $#error $: 553 Header Error 283664562Sgshapiro 2837132943Sgshapiro 2838132943Sgshapiro+--------------------+ 2839132943Sgshapiro| CONNECTION CONTROL | 2840132943Sgshapiro+--------------------+ 2841132943Sgshapiro 2842132943SgshapiroThe features ratecontrol and conncontrol allow to establish connection 2843132943Sgshapirolimits per client IP address or net. These features can limit the 2844132943Sgshapirorate of connections (connections per time unit) or the number of 2845132943Sgshapiroincoming SMTP connections, respectively. If enabled, appropriate 2846132943Sgshapirorulesets are called at the end of check_relay, i.e., after DNS 2847132943Sgshapiroblacklists and generic access_db operations. The features require 2848132943SgshapiroFEATURE(`access_db') to be listed earlier in the mc file. 2849132943Sgshapiro 2850132943SgshapiroNote: FEATURE(`delay_checks') delays those connection control checks 2851132943Sgshapiroafter a recipient address has been received, hence making these 2852132943Sgshapiroconnection control features less useful. To run the checks as early 2853132943Sgshapiroas possible, specify the parameter `nodelay', e.g., 2854132943Sgshapiro 2855132943Sgshapiro FEATURE(`ratecontrol', `nodelay') 2856132943Sgshapiro 2857132943SgshapiroIn that case, FEATURE(`delay_checks') has no effect on connection 2858132943Sgshapirocontrol (and it must be specified earlier in the mc file). 2859132943Sgshapiro 2860132943SgshapiroAn optional second argument `terminate' specifies whether the 2861132943Sgshapirorulesets should return the error code 421 which will cause 2862132943Sgshapirosendmail to terminate the session with that error if it is 2863132943Sgshapiroreturned from check_relay, i.e., not delayed as explained in 2864132943Sgshapirothe previous paragraph. Example: 2865132943Sgshapiro 2866132943Sgshapiro FEATURE(`ratecontrol', `nodelay', `terminate') 2867132943Sgshapiro 2868132943Sgshapiro 286966494Sgshapiro+----------+ 287066494Sgshapiro| STARTTLS | 287166494Sgshapiro+----------+ 287264562Sgshapiro 287364562SgshapiroIn this text, cert will be used as an abreviation for X.509 certificate, 287490792SgshapiroDN (CN) is the distinguished (common) name of a cert, and CA is a 287590792Sgshapirocertification authority, which signs (issues) certs. 287664562Sgshapiro 287780785SgshapiroFor STARTTLS to be offered by sendmail you need to set at least 287880785Sgshapirothis variables (the file names and paths are just examples): 287980785Sgshapiro 288080785Sgshapiro define(`confCACERT_PATH', `/etc/mail/certs/') 288180785Sgshapiro define(`confCACERT', `/etc/mail/certs/CA.cert.pem') 288280785Sgshapiro define(`confSERVER_CERT', `/etc/mail/certs/my.cert.pem') 288380785Sgshapiro define(`confSERVER_KEY', `/etc/mail/certs/my.key.pem') 288480785Sgshapiro 288580785SgshapiroOn systems which do not have the compile flag HASURANDOM set (see 288680785Sgshapirosendmail/README) you also must set confRAND_FILE. 288780785Sgshapiro 288890792SgshapiroSee doc/op/op.{me,ps,txt} for more information about these options, 288990792Sgshapiroespecially the sections ``Certificates for STARTTLS'' and ``PRNG for 289080785SgshapiroSTARTTLS''. 289180785Sgshapiro 289264562SgshapiroMacros related to STARTTLS are: 289364562Sgshapiro 289464562Sgshapiro${cert_issuer} holds the DN of the CA (the cert issuer). 289564562Sgshapiro${cert_subject} holds the DN of the cert (called the cert subject). 289690792Sgshapiro${cn_issuer} holds the CN of the CA (the cert issuer). 289790792Sgshapiro${cn_subject} holds the CN of the cert (called the cert subject). 289864562Sgshapiro${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1, 289990792Sgshapiro TLSv1/SSLv3, SSLv3, SSLv2. 290064562Sgshapiro${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 290164562Sgshapiro EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 290264562Sgshapiro${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm 290364562Sgshapiro used for the connection. 290490792Sgshapiro${verify} holds the result of the verification of the presented cert. 290590792Sgshapiro Possible values are: 290690792Sgshapiro OK verification succeeded. 290790792Sgshapiro NO no cert presented. 290890792Sgshapiro NOT no cert requested. 290990792Sgshapiro FAIL cert presented but could not be verified, 291090792Sgshapiro e.g., the cert of the signing CA is missing. 291190792Sgshapiro NONE STARTTLS has not been performed. 291290792Sgshapiro TEMP temporary error occurred. 291390792Sgshapiro PROTOCOL protocol error occurred (SMTP level). 291464562Sgshapiro SOFTWARE STARTTLS handshake failed. 291590792Sgshapiro${server_name} the name of the server of the current outgoing SMTP 291664562Sgshapiro connection. 291790792Sgshapiro${server_addr} the address of the server of the current outgoing SMTP 291864562Sgshapiro connection. 291964562Sgshapiro 292064562SgshapiroRelaying 292190792Sgshapiro-------- 292264562Sgshapiro 2923110560SgshapiroSMTP STARTTLS can allow relaying for remote SMTP clients which have 2924120256Sgshapirosuccessfully authenticated themselves. If the verification of the cert 2925120256Sgshapirofailed (${verify} != OK), relaying is subject to the usual rules. 2926120256SgshapiroOtherwise the DN of the issuer is looked up in the access map using the 2927120256Sgshapirotag CERTISSUER. If the resulting value is RELAY, relaying is allowed. 2928120256SgshapiroIf it is SUBJECT, the DN of the cert subject is looked up next in the 2929120256Sgshapiroaccess map using the tag CERTSUBJECT. If the value is RELAY, relaying 2930120256Sgshapirois allowed. 2931110560Sgshapiro 2932132943SgshapiroTo make things a bit more flexible (or complicated), the values for 293364562Sgshapiro${cert_issuer} and ${cert_subject} can be optionally modified by regular 293464562Sgshapiroexpressions defined in the m4 variables _CERT_REGEX_ISSUER_ and 293590792Sgshapiro_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in 293664562Sgshapirorulesets and map lookups, they are modified as follows: each non-printable 2937110560Sgshapirocharacter and the characters '<', '>', '(', ')', '"', '+', ' ' are replaced 2938110560Sgshapiroby their HEX value with a leading '+'. For example: 293964562Sgshapiro 294064562Sgshapiro/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email= 294164562Sgshapirodarth+cert@endmail.org 294264562Sgshapiro 294364562Sgshapirois encoded as: 294464562Sgshapiro 294564562Sgshapiro/C=US/ST=California/O=endmail.org/OU=private/CN= 294664562SgshapiroDarth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 294764562Sgshapiro 294864562Sgshapiro(line breaks have been inserted for readability). 294964562Sgshapiro 2950110560SgshapiroThe macros which are subject to this encoding are ${cert_subject}, 2951110560Sgshapiro${cert_issuer}, ${cn_subject}, and ${cn_issuer}. 2952110560Sgshapiro 295390792SgshapiroExamples: 295490792Sgshapiro 295590792SgshapiroTo allow relaying for everyone who can present a cert signed by 295690792Sgshapiro 295790792Sgshapiro/C=US/ST=California/O=endmail.org/OU=private/CN= 295890792SgshapiroDarth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 295990792Sgshapiro 296090792Sgshapirosimply use: 296190792Sgshapiro 2962110560SgshapiroCertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN= 296390792SgshapiroDarth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org RELAY 296490792Sgshapiro 296590792SgshapiroTo allow relaying only for a subset of machines that have a cert signed by 296690792Sgshapiro 296790792Sgshapiro/C=US/ST=California/O=endmail.org/OU=private/CN= 296890792SgshapiroDarth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 296990792Sgshapiro 297090792Sgshapirouse: 297190792Sgshapiro 2972110560SgshapiroCertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN= 297390792SgshapiroDarth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org SUBJECT 2974110560SgshapiroCertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN= 297590792SgshapiroDeathStar/Email=deathstar@endmail.org RELAY 297690792Sgshapiro 2977132943SgshapiroNotes: 2978132943Sgshapiro- line breaks have been inserted after "CN=" for readability, 2979132943Sgshapiro each tagged entry must be one (long) line in the access map. 2980132943Sgshapiro- if OpenSSL 0.9.7 or newer is used then the "Email=" part of a DN 2981132943Sgshapiro is replaced by "emailAddress=". 298290792Sgshapiro 298390792SgshapiroOf course it is also possible to write a simple ruleset that allows 298464562Sgshapirorelaying for everyone who can present a cert that can be verified, e.g., 298564562Sgshapiro 298664562SgshapiroLOCAL_RULESETS 298764562SgshapiroSLocal_check_rcpt 298864562SgshapiroR$* $: $&{verify} 298964562SgshapiroROK $# OK 299064562Sgshapiro 299164562SgshapiroAllowing Connections 299290792Sgshapiro-------------------- 299364562Sgshapiro 299490792SgshapiroThe rulesets tls_server, tls_client, and tls_rcpt are used to decide whether 299590792Sgshapiroan SMTP connection is accepted (or should continue). 299664562Sgshapiro 299764562Sgshapirotls_server is called when sendmail acts as client after a STARTTLS command 299890792Sgshapiro(should) have been issued. The parameter is the value of ${verify}. 299964562Sgshapiro 300064562Sgshapirotls_client is called when sendmail acts as server, after a STARTTLS command 300190792Sgshapirohas been issued, and from check_mail. The parameter is the value of 300264562Sgshapiro${verify} and STARTTLS or MAIL, respectively. 300364562Sgshapiro 300490792SgshapiroBoth rulesets behave the same. If no access map is in use, the connection 300564562Sgshapirowill be accepted unless ${verify} is SOFTWARE, in which case the connection 300690792Sgshapirois always aborted. For tls_server/tls_client, ${client_name}/${server_name} 300790792Sgshapirois looked up in the access map using the tag TLS_Srv/TLS_Clt, which is done 300890792Sgshapirowith the ruleset LookUpDomain. If no entry is found, ${client_addr} 300964562Sgshapiro(${server_addr}) is looked up in the access map (same tag, ruleset 301090792SgshapiroLookUpAddr). If this doesn't result in an entry either, just the tag is 301190792Sgshapirolooked up in the access map (included the trailing colon). Notice: 301290792Sgshapirorequiring that e-mail is sent to a server only encrypted, e.g., via 301364562Sgshapiro 301490792SgshapiroTLS_Srv:secure.domain ENCR:112 301590792Sgshapiro 301690792Sgshapirodoesn't necessarily mean that e-mail sent to that domain is encrypted. 301790792SgshapiroIf the domain has multiple MX servers, e.g., 301890792Sgshapiro 301990792Sgshapirosecure.domain. IN MX 10 mail.secure.domain. 302090792Sgshapirosecure.domain. IN MX 50 mail.other.domain. 302190792Sgshapiro 302290792Sgshapirothen mail to user@secure.domain may go unencrypted to mail.other.domain. 302390792Sgshapirotls_rcpt can be used to address this problem. 302490792Sgshapiro 302590792Sgshapirotls_rcpt is called before a RCPT TO: command is sent. The parameter is the 302690792Sgshapirocurrent recipient. This ruleset is only defined if FEATURE(`access_db') 302790792Sgshapirois selected. A recipient address user@domain is looked up in the access 302890792Sgshapiromap in four formats: TLS_Rcpt:user@domain, TLS_Rcpt:user@, TLS_Rcpt:domain, 302990792Sgshapiroand TLS_Rcpt:; the first match is taken. 303090792Sgshapiro 303190792SgshapiroThe result of the lookups is then used to call the ruleset TLS_connection, 303290792Sgshapirowhich checks the requirement specified by the RHS in the access map against 303390792Sgshapirothe actual parameters of the current TLS connection, esp. ${verify} and 303490792Sgshapiro${cipher_bits}. Legal RHSs in the access map are: 303590792Sgshapiro 303664562SgshapiroVERIFY verification must have succeeded 303764562SgshapiroVERIFY:bits verification must have succeeded and ${cipher_bits} must 303864562Sgshapiro be greater than or equal bits. 303964562SgshapiroENCR:bits ${cipher_bits} must be greater than or equal bits. 304064562Sgshapiro 304164562SgshapiroThe RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary 304290792Sgshapiroor permanent error. The default is a temporary error code (403 4.7.0) 304364562Sgshapirounless the macro TLS_PERM_ERR is set during generation of the .cf file. 304464562Sgshapiro 304564562SgshapiroIf a certain level of encryption is required, then it might also be 304664562Sgshapiropossible that this level is provided by the security layer from a SASL 304764562Sgshapiroalgorithm, e.g., DIGEST-MD5. 304864562Sgshapiro 304990792SgshapiroFurthermore, there can be a list of extensions added. Such a list 305090792Sgshapirostarts with '+' and the items are separated by '++'. Allowed 305190792Sgshapiroextensions are: 305290792Sgshapiro 305390792SgshapiroCN:name name must match ${cn_subject} 305490792SgshapiroCN ${server_name} must match ${cn_subject} 305590792SgshapiroCS:name name must match ${cert_subject} 305690792SgshapiroCI:name name must match ${cert_issuer} 305790792Sgshapiro 305882017SgshapiroExample: e-mail sent to secure.example.com should only use an encrypted 305990792Sgshapiroconnection. E-mail received from hosts within the laptop.example.com domain 306090792Sgshapiroshould only be accepted if they have been authenticated. The host which 306190792Sgshapiroreceives e-mail for darth@endmail.org must present a cert that uses the 306290792SgshapiroCN smtp.endmail.org. 306390792Sgshapiro 306464562SgshapiroTLS_Srv:secure.example.com ENCR:112 306564562SgshapiroTLS_Clt:laptop.example.com PERM+VERIFY:112 306690792SgshapiroTLS_Rcpt:darth@endmail.org ENCR:112+CN:smtp.endmail.org 306764562Sgshapiro 306873188Sgshapiro 306990792SgshapiroDisabling STARTTLS And Setting SMTP Server Features 307090792Sgshapiro--------------------------------------------------- 307173188Sgshapiro 307290792SgshapiroBy default STARTTLS is used whenever possible. However, there are 307390792Sgshapirosome broken MTAs that don't properly implement STARTTLS. To be able 307490792Sgshapiroto send to (or receive from) those MTAs, the ruleset try_tls 307590792Sgshapiro(srv_features) can be used that work together with the access map. 307690792SgshapiroEntries for the access map must be tagged with Try_TLS (Srv_Features) 307790792Sgshapiroand refer to the hostname or IP address of the connecting system. 307890792SgshapiroA default case can be specified by using just the tag. For example, 307990792Sgshapirothe following entries in the access map: 308073188Sgshapiro 308190792Sgshapiro Try_TLS:broken.server NO 308290792Sgshapiro Srv_Features:my.domain v 308390792Sgshapiro Srv_Features: V 308473188Sgshapiro 308590792Sgshapirowill turn off STARTTLS when sending to broken.server (or any host 308690792Sgshapiroin that domain), and request a client certificate during the TLS 308790792Sgshapirohandshake only for hosts in my.domain. The valid entries on the RHS 308890792Sgshapirofor Srv_Features are listed in the Sendmail Installation and 308990792SgshapiroOperations Guide. 309073188Sgshapiro 309173188Sgshapiro 309264562SgshapiroReceived: Header 309390792Sgshapiro---------------- 309464562Sgshapiro 309590792SgshapiroThe Received: header reveals whether STARTTLS has been used. It contains an 309664562Sgshapiroextra line: 309764562Sgshapiro 309890792Sgshapiro(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify}) 309964562Sgshapiro 310090792Sgshapiro 310166494Sgshapiro+---------------------+ 310266494Sgshapiro| SMTP AUTHENTICATION | 310366494Sgshapiro+---------------------+ 310464562Sgshapiro 310564562SgshapiroThe macros ${auth_authen}, ${auth_author}, and ${auth_type} can be 310664562Sgshapiroused in anti-relay rulesets to allow relaying for those users that 310764562Sgshapiroauthenticated themselves. A very simple example is: 310864562Sgshapiro 310964562SgshapiroSLocal_check_rcpt 311064562SgshapiroR$* $: $&{auth_type} 311164562SgshapiroR$+ $# OK 311264562Sgshapiro 311364562Sgshapirowhich checks whether a user has successfully authenticated using 3114132943Sgshapiroany available mechanism. Depending on the setup of the Cyrus SASL 311564562Sgshapirolibrary, more sophisticated rulesets might be required, e.g., 311664562Sgshapiro 311764562SgshapiroSLocal_check_rcpt 311864562SgshapiroR$* $: $&{auth_type} $| $&{auth_authen} 311964562SgshapiroRDIGEST-MD5 $| $+@$=w $# OK 312064562Sgshapiro 312164562Sgshapiroto allow relaying for users that authenticated using DIGEST-MD5 312264562Sgshapiroand have an identity in the local domains. 312364562Sgshapiro 312490792SgshapiroThe ruleset trust_auth is used to determine whether a given AUTH= 312564562Sgshapiroparameter (that is passed to this ruleset) should be trusted. This 312664562Sgshapiroruleset may make use of the other ${auth_*} macros. Only if the 312764562Sgshapiroruleset resolves to the error mailer, the AUTH= parameter is not 312864562Sgshapirotrusted. A user supplied ruleset Local_trust_auth can be written 312964562Sgshapiroto modify the default behavior, which only trust the AUTH= 313064562Sgshapiroparameter if it is identical to the authenticated user. 313164562Sgshapiro 313264562SgshapiroPer default, relaying is allowed for any user who authenticated 313364562Sgshapirovia a "trusted" mechanism, i.e., one that is defined via 313464562SgshapiroTRUST_AUTH_MECH(`list of mechanisms') 313571345SgshapiroFor example: 313671345SgshapiroTRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5') 313764562Sgshapiro 313864562SgshapiroIf the selected mechanism provides a security layer the number of 313964562Sgshapirobits used for the key of the symmetric cipher is stored in the 314064562Sgshapiromacro ${auth_ssf}. 314164562Sgshapiro 3142132943SgshapiroProviding SMTP AUTH Data when sendmail acts as Client 3143132943Sgshapiro----------------------------------------------------- 3144132943Sgshapiro 314590792SgshapiroIf sendmail acts as client, it needs some information how to 314690792Sgshapiroauthenticate against another MTA. This information can be provided 314790792Sgshapiroby the ruleset authinfo or by the option DefaultAuthInfo. The 314890792Sgshapiroauthinfo ruleset looks up {server_name} using the tag AuthInfo: in 314990792Sgshapirothe access map. If no entry is found, {server_addr} is looked up 315090792Sgshapiroin the same way and finally just the tag AuthInfo: to provide 3151111823Sgshapirodefault values. Note: searches for domain parts or IP nets are 3152111823Sgshapiroonly performed if the access map is used; if the authinfo feature 3153111823Sgshapirois used then only up to three lookups are performed (two exact 3154111823Sgshapiromatches, one default). 315590792Sgshapiro 3156132943SgshapiroNote: If your daemon does client authentication when sending, and 3157132943Sgshapiroif it uses either PLAIN or LOGIN authentication, then you *must* 3158132943Sgshapiroprevent ordinary users from seeing verbose output. Do NOT install 3159132943Sgshapirosendmail set-user-ID. Use PrivacyOptions to turn off verbose output 3160132943Sgshapiro("goaway" works for this). 3161132943Sgshapiro 316290792SgshapiroNotice: the default configuration file causes the option DefaultAuthInfo 316390792Sgshapiroto fail since the ruleset authinfo is in the .cf file. If you really 316490792Sgshapirowant to use DefaultAuthInfo (it is deprecated) then you have to 316590792Sgshapiroremove the ruleset. 316690792Sgshapiro 316790792SgshapiroThe RHS for an AuthInfo: entry in the access map should consists of a 316890792Sgshapirolist of tokens, each of which has the form: "TDstring" (including 316990792Sgshapirothe quotes). T is a tag which describes the item, D is a delimiter, 317090792Sgshapiroeither ':' for simple text or '=' for a base64 encoded string. 317190792SgshapiroValid values for the tag are: 317290792Sgshapiro 317390792Sgshapiro U user (authorization) id 317490792Sgshapiro I authentication id 317590792Sgshapiro P password 317690792Sgshapiro R realm 317790792Sgshapiro M list of mechanisms delimited by spaces 317890792Sgshapiro 317990792SgshapiroExample entries are: 318090792Sgshapiro 318190792SgshapiroAuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5" 3182111823SgshapiroAuthInfo:host.more.dom "U:user" "P=c2VjcmV0" 318390792Sgshapiro 3184111823SgshapiroUser id or authentication id must exist as well as the password. All 318590792Sgshapiroother entries have default values. If one of user or authentication 318690792Sgshapiroid is missing, the existing value is used for the missing item. 318790792SgshapiroIf "R:" is not specified, realm defaults to $j. The list of mechanisms 318890792Sgshapirodefaults to those specified by AuthMechanisms. 318990792Sgshapiro 319090792SgshapiroSince this map contains sensitive information, either the access 319190792Sgshapiromap must be unreadable by everyone but root (or the trusted user) 319290792Sgshapiroor FEATURE(`authinfo') must be used which provides a separate map. 319390792SgshapiroNotice: It is not checked whether the map is actually 319490792Sgshapirogroup/world-unreadable, this is left to the user. 319590792Sgshapiro 319664562Sgshapiro+--------------------------------+ 319738032Speter| ADDING NEW MAILERS OR RULESETS | 319838032Speter+--------------------------------+ 319938032Speter 320038032SpeterSometimes you may need to add entirely new mailers or rulesets. They 320138032Spetershould be introduced with the constructs MAILER_DEFINITIONS and 320238032SpeterLOCAL_RULESETS respectively. For example: 320338032Speter 320438032Speter MAILER_DEFINITIONS 320538032Speter Mmymailer, ... 320638032Speter ... 320738032Speter 320838032Speter LOCAL_RULESETS 320938032Speter Smyruleset 321038032Speter ... 321138032Speter 321290792SgshapiroLocal additions for the rulesets srv_features, try_tls, tls_rcpt, 321390792Sgshapirotls_client, and tls_server can be made using LOCAL_SRV_FEATURES, 321490792SgshapiroLOCAL_TRY_TLS, LOCAL_TLS_RCPT, LOCAL_TLS_CLIENT, and LOCAL_TLS_SERVER, 321590792Sgshapirorespectively. For example, to add a local ruleset that decides 321690792Sgshapirowhether to try STARTTLS in a sendmail client, use: 321738032Speter 321890792Sgshapiro LOCAL_TRY_TLS 321990792Sgshapiro R... 322090792Sgshapiro 322190792SgshapiroNote: you don't need to add a name for the ruleset, it is implicitly 322290792Sgshapirodefined by using the appropriate macro. 322390792Sgshapiro 322490792Sgshapiro 322571345Sgshapiro+-------------------------+ 322671345Sgshapiro| ADDING NEW MAIL FILTERS | 322771345Sgshapiro+-------------------------+ 322864562Sgshapiro 322964562SgshapiroSendmail supports mail filters to filter incoming SMTP messages according 323064562Sgshapiroto the "Sendmail Mail Filter API" documentation. These filters can be 323164562Sgshapiroconfigured in your mc file using the two commands: 323264562Sgshapiro 323364562Sgshapiro MAIL_FILTER(`name', `equates') 323464562Sgshapiro INPUT_MAIL_FILTER(`name', `equates') 323564562Sgshapiro 323664562SgshapiroThe first command, MAIL_FILTER(), simply defines a filter with the given 323764562Sgshapironame and equates. For example: 323864562Sgshapiro 323964562Sgshapiro MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 324064562Sgshapiro 324164562SgshapiroThis creates the equivalent sendmail.cf entry: 324264562Sgshapiro 324364562Sgshapiro Xarchive, S=local:/var/run/archivesock, F=R 324464562Sgshapiro 324564562SgshapiroThe INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER 324664562Sgshapirobut also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name 324764562Sgshapiroof the filter such that the filter will actually be called by sendmail. 324864562Sgshapiro 324964562SgshapiroFor example, the two commands: 325064562Sgshapiro 325164562Sgshapiro INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 325264562Sgshapiro INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 325364562Sgshapiro 325464562Sgshapiroare equivalent to the three commands: 325564562Sgshapiro 325664562Sgshapiro MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 325764562Sgshapiro MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 325864562Sgshapiro define(`confINPUT_MAIL_FILTERS', `archive, spamcheck') 325964562Sgshapiro 326064562SgshapiroIn general, INPUT_MAIL_FILTER() should be used unless you need to define 326164562Sgshapiromore filters than you want to use for `confINPUT_MAIL_FILTERS'. 326264562Sgshapiro 326364562SgshapiroNote that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER() 326464562Sgshapirocommands will clear the list created by the prior INPUT_MAIL_FILTER() 326564562Sgshapirocommands. 326664562Sgshapiro 326764562Sgshapiro 326890792Sgshapiro+-------------------------+ 326990792Sgshapiro| QUEUE GROUP DEFINITIONS | 327090792Sgshapiro+-------------------------+ 327190792Sgshapiro 327290792SgshapiroIn addition to the queue directory (which is the default queue group 327390792Sgshapirocalled "mqueue"), sendmail can deal with multiple queue groups, which 327490792Sgshapiroare collections of queue directories with the same behaviour. Queue 327590792Sgshapirogroups can be defined using the command: 327690792Sgshapiro 327790792Sgshapiro QUEUE_GROUP(`name', `equates') 327890792Sgshapiro 327990792SgshapiroFor details about queue groups, please see doc/op/op.{me,ps,txt}. 328090792Sgshapiro 328138032Speter+-------------------------------+ 328238032Speter| NON-SMTP BASED CONFIGURATIONS | 328338032Speter+-------------------------------+ 328438032Speter 328564562SgshapiroThese configuration files are designed primarily for use by 328664562SgshapiroSMTP-based sites. They may not be well tuned for UUCP-only or 328738032SpeterUUCP-primarily nodes (the latter is defined as a small local net 328864562Sgshapiroconnected to the rest of the world via UUCP). However, there is 328964562Sgshapiroone hook to handle some special cases. 329038032Speter 329138032SpeterYou can define a ``smart host'' that understands a richer address syntax 329238032Speterusing: 329338032Speter 329443730Speter define(`SMART_HOST', `mailer:hostname') 329538032Speter 329638032SpeterIn this case, the ``mailer:'' defaults to "relay". Any messages that 329738032Spetercan't be handled using the usual UUCP rules are passed to this host. 329838032Speter 329938032SpeterIf you are on a local SMTP-based net that connects to the outside 330038032Speterworld via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules. 330138032SpeterFor example: 330238032Speter 330364562Sgshapiro define(`SMART_HOST', `uucp-new:uunet') 330438032Speter LOCAL_NET_CONFIG 330538032Speter R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3 330638032Speter 330794334SgshapiroThis will cause all names that end in your domain name ($m) to be sent 330894334Sgshapirovia SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet. 330943730SpeterIf you have FEATURE(`nocanonify'), you may need to omit the dots after 331038032Speterthe $m. If you are running a local DNS inside your domain which is 331138032Speternot otherwise connected to the outside world, you probably want to 331238032Speteruse: 331338032Speter 331443730Speter define(`SMART_HOST', `smtp:fire.wall.com') 331538032Speter LOCAL_NET_CONFIG 331638032Speter R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3 331738032Speter 331838032SpeterThat is, send directly only to things you found in your DNS lookup; 331938032Speteranything else goes through SMART_HOST. 332038032Speter 332138032SpeterYou may need to turn off the anti-spam rules in order to accept 332243730SpeterUUCP mail with FEATURE(`promiscuous_relay') and 332343730SpeterFEATURE(`accept_unresolvable_domains'). 332438032Speter 332538032Speter 332638032Speter+-----------+ 332738032Speter| WHO AM I? | 332838032Speter+-----------+ 332938032Speter 333038032SpeterNormally, the $j macro is automatically defined to be your fully 333138032Speterqualified domain name (FQDN). Sendmail does this by getting your 333238032Speterhost name using gethostname and then calling gethostbyname on the 333338032Speterresult. For example, in some environments gethostname returns 333438032Speteronly the root of the host name (such as "foo"); gethostbyname is 333538032Spetersupposed to return the FQDN ("foo.bar.com"). In some (fairly rare) 333638032Spetercases, gethostbyname may fail to return the FQDN. In this case 333738032Speteryou MUST define confDOMAIN_NAME to be your fully qualified domain 333838032Spetername. This is usually done using: 333938032Speter 334038032Speter Dmbar.com 334138032Speter define(`confDOMAIN_NAME', `$w.$m')dnl 334238032Speter 334338032Speter 334464562Sgshapiro+-----------------------------------+ 334564562Sgshapiro| ACCEPTING MAIL FOR MULTIPLE NAMES | 334664562Sgshapiro+-----------------------------------+ 334764562Sgshapiro 334864562SgshapiroIf your host is known by several different names, you need to augment 334964562Sgshapiroclass {w}. This is a list of names by which your host is known, and 335064562Sgshapiroanything sent to an address using a host name in this list will be 335164562Sgshapirotreated as local mail. You can do this in two ways: either create the 335264562Sgshapirofile /etc/mail/local-host-names containing a list of your aliases (one per 335364562Sgshapiroline), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add 335464562Sgshapiro``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified 335564562Sgshapironame of the host, rather than a short name. 335664562Sgshapiro 335764562SgshapiroIf you want to have different address in different domains, take 335864562Sgshapiroa look at the virtusertable feature, which is also explained at 335964562Sgshapirohttp://www.sendmail.org/virtual-hosting.html 336064562Sgshapiro 336164562Sgshapiro 336238032Speter+--------------------+ 336338032Speter| USING MAILERTABLES | 336438032Speter+--------------------+ 336538032Speter 336643730SpeterTo use FEATURE(`mailertable'), you will have to create an external 336738032Speterdatabase containing the routing information for various domains. 336838032SpeterFor example, a mailertable file in text format might be: 336938032Speter 337038032Speter .my.domain xnet:%1.my.domain 337164562Sgshapiro uuhost1.my.domain uucp-new:uuhost1 337238032Speter .bitnet smtp:relay.bit.net 337338032Speter 337464562SgshapiroThis should normally be stored in /etc/mail/mailertable. The actual 337538032Speterdatabase version of the mailertable is built using: 337638032Speter 337764562Sgshapiro makemap hash /etc/mail/mailertable < /etc/mail/mailertable 337838032Speter 337938032SpeterThe semantics are simple. Any LHS entry that does not begin with 338038032Spetera dot matches the full host name indicated. LHS entries beginning 338166494Sgshapirowith a dot match anything ending with that domain name (including 338266494Sgshapirothe leading dot) -- that is, they can be thought of as having a 338366494Sgshapiroleading ".+" regular expression pattern for a non-empty sequence of 338466494Sgshapirocharacters. Matching is done in order of most-to-least qualified 338566494Sgshapiro-- for example, even though ".my.domain" is listed first in the 338666494Sgshapiroabove example, an entry of "uuhost1.my.domain" will match the second 338766494Sgshapiroentry since it is more explicit. Note: e-mail to "user@my.domain" 338866494Sgshapirodoes not match any entry in the above table. You need to have 338966494Sgshapirosomething like: 339038032Speter 339164562Sgshapiro my.domain esmtp:host.my.domain 339264562Sgshapiro 339338032SpeterThe RHS should always be a "mailer:host" pair. The mailer is the 339490792Sgshapiroconfiguration name of a mailer (that is, an M line in the 339538032Spetersendmail.cf file). The "host" will be the hostname passed to 339638032Speterthat mailer. In domain-based matches (that is, those with leading 339738032Speterdots) the "%1" may be used to interpolate the wildcarded part of 339838032Speterthe host name. For example, the first line above sends everything 339938032Speteraddressed to "anything.my.domain" to that same host name, but using 340038032Speterthe (presumably experimental) xnet mailer. 340138032Speter 340238032SpeterIn some cases you may want to temporarily turn off MX records, 340338032Speterparticularly on gateways. For example, you may want to MX 340438032Spetereverything in a domain to one machine that then forwards it 340538032Speterdirectly. To do this, you might use the DNS configuration: 340638032Speter 340738032Speter *.domain. IN MX 0 relay.machine 340838032Speter 340938032Speterand on relay.machine use the mailertable: 341038032Speter 341138032Speter .domain smtp:[gateway.domain] 341238032Speter 341338032SpeterThe [square brackets] turn off MX records for this host only. 341438032SpeterIf you didn't do this, the mailertable would use the MX record 3415120256Sgshapiroagain, which would give you an MX loop. Note that the use of 3416120256Sgshapirowildcard MX records is almost always a bad idea. Please avoid 3417120256Sgshapirousing them if possible. 341838032Speter 341938032Speter 342038032Speter+--------------------------------+ 342138032Speter| USING USERDB TO MAP FULL NAMES | 342238032Speter+--------------------------------+ 342338032Speter 342438032SpeterThe user database was not originally intended for mapping full names 342538032Speterto login names (e.g., Eric.Allman => eric), but some people are using 342664562Sgshapiroit that way. (it is recommended that you set up aliases for this 342738032Speterpurpose instead -- since you can specify multiple alias files, this 342838032Speteris fairly easy.) The intent was to locate the default maildrop at 342938032Spetera site, but allow you to override this by sending to a specific host. 343038032Speter 343138032SpeterIf you decide to set up the user database in this fashion, it is 343243730Speterimperative that you not use FEATURE(`stickyhost') -- otherwise, 343338032Spetere-mail sent to Full.Name@local.host.name will be rejected. 343438032Speter 343538032SpeterTo build the internal form of the user database, use: 343638032Speter 343764562Sgshapiro makemap btree /etc/mail/userdb < /etc/mail/userdb.txt 343838032Speter 343964562SgshapiroAs a general rule, it is an extremely bad idea to using full names 344064562Sgshapiroas e-mail addresses, since they are not in any sense unique. For 344166494Sgshapiroexample, the UNIX software-development community has at least two 344264562Sgshapirowell-known Peter Deutsches, and at one time Bell Labs had two 344364562SgshapiroStephen R. Bournes with offices along the same hallway. Which one 344464562Sgshapirowill be forced to suffer the indignity of being Stephen_R_Bourne_2? 344564562SgshapiroThe less famous of the two, or the one that was hired later? 344638032Speter 344738032SpeterFinger should handle full names (and be fuzzy). Mail should use 344864562Sgshapirohandles, and not be fuzzy. 344938032Speter 345038032Speter 345138032Speter+--------------------------------+ 345238032Speter| MISCELLANEOUS SPECIAL FEATURES | 345338032Speter+--------------------------------+ 345438032Speter 345538032SpeterPlussed users 345638032Speter Sometimes it is convenient to merge configuration on a 345738032Speter centralized mail machine, for example, to forward all 345838032Speter root mail to a mail server. In this case it might be 345938032Speter useful to be able to treat the root addresses as a class 346038032Speter of addresses with subtle differences. You can do this 346138032Speter using plussed users. For example, a client might include 346238032Speter the alias: 346338032Speter 346438032Speter root: root+client1@server 346538032Speter 346638032Speter On the server, this will match an alias for "root+client1". 346738032Speter If that is not found, the alias "root+*" will be tried, 346838032Speter then "root". 346938032Speter 347038032Speter 347138032Speter+----------------+ 347238032Speter| SECURITY NOTES | 347338032Speter+----------------+ 347438032Speter 347538032SpeterA lot of sendmail security comes down to you. Sendmail 8 is much 347638032Spetermore careful about checking for security problems than previous 347738032Speterversions, but there are some things that you still need to watch 347838032Speterfor. In particular: 347938032Speter 348098121Sgshapiro* Make sure the aliases file is not writable except by trusted 348138032Speter system personnel. This includes both the text and database 348238032Speter version. 348338032Speter 348438032Speter* Make sure that other files that sendmail reads, such as the 348538032Speter mailertable, are only writable by trusted system personnel. 348638032Speter 348738032Speter* The queue directory should not be world writable PARTICULARLY 348838032Speter if your system allows "file giveaways" (that is, if a non-root 348938032Speter user can chown any file they own to any other user). 349038032Speter 349138032Speter* If your system allows file giveaways, DO NOT create a publically 349238032Speter writable directory for forward files. This will allow anyone 349338032Speter to steal anyone else's e-mail. Instead, create a script that 349438032Speter copies the .forward file from users' home directories once a 349538032Speter night (if you want the non-NFS-mounted forward directory). 349638032Speter 349738032Speter* If your system allows file giveaways, you'll find that 349838032Speter sendmail is much less trusting of :include: files -- in 349938032Speter particular, you'll have to have /SENDMAIL/ANY/SHELL/ in 350038032Speter /etc/shells before they will be trusted (that is, before 350138032Speter files and programs listed in them will be honored). 350238032Speter 350338032SpeterIn general, file giveaways are a mistake -- if you can turn them 350464562Sgshapirooff, do so. 350538032Speter 350638032Speter 350738032Speter+--------------------------------+ 350838032Speter| TWEAKING CONFIGURATION OPTIONS | 350938032Speter+--------------------------------+ 351038032Speter 351138032SpeterThere are a large number of configuration options that don't normally 3512132943Sgshapironeed to be changed. However, if you feel you need to tweak them, 3513132943Sgshapiroyou can define the following M4 variables. Note that some of these 3514132943Sgshapirovariables require formats that are defined in RFC 2821 or RFC 2822. 3515132943SgshapiroBefore changing them you need to make sure you do not violate those 3516132943Sgshapiro(and other relevant) RFCs. 351738032Speter 3518132943SgshapiroThis list is shown in four columns: the name you define, the default 3519132943Sgshapirovalue for that definition, the option or macro that is affected 3520132943Sgshapiro(either Ox for an option or Dx for a macro), and a brief description. 3521132943SgshapiroGreater detail of the semantics can be found in the Installation 3522132943Sgshapiroand Operations Guide. 3523132943Sgshapiro 352438032SpeterSome options are likely to be deprecated in future versions -- that is, 352538032Speterthe option is only included to provide back-compatibility. These are 352638032Spetermarked with "*". 352738032Speter 352838032SpeterRemember that these options are M4 variables, and hence may need to 352938032Speterbe quoted. In particular, arguments with commas will usually have to 353038032Speterbe ``double quoted, like this phrase'' to avoid having the comma 353138032Speterconfuse things. This is common for alias file definitions and for 353238032Speterthe read timeout. 353338032Speter 3534132943SgshapiroM4 Variable Name Configuration [Default] & Description 353538032Speter================ ============= ======================= 353638032SpeterconfMAILER_NAME $n macro [MAILER-DAEMON] The sender name used 353738032Speter for internally generated outgoing 353838032Speter messages. 353938032SpeterconfDOMAIN_NAME $j macro If defined, sets $j. This should 354038032Speter only be done if your system cannot 354138032Speter determine your local domain name, 354238032Speter and then it should be set to 354338032Speter $w.Foo.COM, where Foo.COM is your 354438032Speter domain name. 354538032SpeterconfCF_VERSION $Z macro If defined, this is appended to the 354638032Speter configuration version name. 354790792SgshapiroconfLDAP_CLUSTER ${sendmailMTACluster} macro 354890792Sgshapiro If defined, this is the LDAP 354990792Sgshapiro cluster to use for LDAP searches 355090792Sgshapiro as described above in ``USING LDAP 355190792Sgshapiro FOR ALIASES, MAPS, AND CLASSES''. 355264562SgshapiroconfFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an 355338032Speter internally generated From: address. 355438032SpeterconfRECEIVED_HEADER Received: 355538032Speter [$?sfrom $s $.$?_($?s$|from $.$_) 355664562Sgshapiro $.$?{auth_type}(authenticated) 355738032Speter $.by $j ($v/$Z)$?r with $r$. id $i$?u 355838032Speter for $u; $|; 355938032Speter $.$b] 356038032Speter The format of the Received: header 356138032Speter in messages passed through this host. 356238032Speter It is unwise to try to change this. 3563132943SgshapiroconfMESSAGEID_HEADER Message-Id: [<$t.$i@$j>] The format of an 3564132943Sgshapiro internally generated Message-Id: 3565132943Sgshapiro header. 356664562SgshapiroconfCW_FILE Fw class [/etc/mail/local-host-names] Name 356764562Sgshapiro of file used to get the local 356864562Sgshapiro additions to class {w} (local host 356964562Sgshapiro names). 357064562SgshapiroconfCT_FILE Ft class [/etc/mail/trusted-users] Name of 357164562Sgshapiro file used to get the local additions 357264562Sgshapiro to class {t} (trusted users). 357338032SpeterconfCR_FILE FR class [/etc/mail/relay-domains] Name of 357438032Speter file used to get the local additions 357564562Sgshapiro to class {R} (hosts allowed to relay). 357638032SpeterconfTRUSTED_USERS Ct class [no default] Names of users to add to 357738032Speter the list of trusted users. This list 357838032Speter always includes root, uucp, and daemon. 357943730Speter See also FEATURE(`use_ct_file'). 358064562SgshapiroconfTRUSTED_USER TrustedUser [no default] Trusted user for file 358164562Sgshapiro ownership and starting the daemon. 358264562Sgshapiro Not to be confused with 358364562Sgshapiro confTRUSTED_USERS (see above). 358438032SpeterconfSMTP_MAILER - [esmtp] The mailer name used when 358538032Speter SMTP connectivity is required. 358664562Sgshapiro One of "smtp", "smtp8", 358764562Sgshapiro "esmtp", or "dsmtp". 358838032SpeterconfUUCP_MAILER - [uucp-old] The mailer to be used by 358938032Speter default for bang-format recipient 359038032Speter addresses. See also discussion of 359164562Sgshapiro class {U}, class {Y}, and class {Z} 359264562Sgshapiro in the MAILER(`uucp') section. 359338032SpeterconfLOCAL_MAILER - [local] The mailer name used when 359438032Speter local connectivity is required. 359538032Speter Almost always "local". 359638032SpeterconfRELAY_MAILER - [relay] The default mailer name used 359738032Speter for relaying any mail (e.g., to a 359838032Speter BITNET_RELAY, a SMART_HOST, or 359938032Speter whatever). This can reasonably be 360038032Speter "uucp-new" if you are on a 360138032Speter UUCP-connected site. 360238032SpeterconfSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits? 360338032SpeterconfEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling 360438032SpeterconfALIAS_WAIT AliasWait [10m] Time to wait for alias file 360538032Speter rebuild until you get bored and 360638032Speter decide that the apparently pending 360738032Speter rebuild failed. 360838032SpeterconfMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on 360938032Speter queue filesystem to accept SMTP mail. 361038032Speter (Prior to 8.7 this was minfree/maxsize, 361138032Speter where minfree was the number of free 361238032Speter blocks and maxsize was the maximum 361338032Speter message size. Use confMAX_MESSAGE_SIZE 361438032Speter for the second value now.) 361538032SpeterconfMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages 361638032Speter that will be accepted (in bytes). 361738032SpeterconfBLANK_SUB BlankSub [.] Blank (space) substitution 361838032Speter character. 361938032SpeterconfCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately 362064562Sgshapiro to mailers marked expensive. 362138032SpeterconfCHECKPOINT_INTERVAL CheckpointInterval 362238032Speter [10] Checkpoint queue files every N 362338032Speter recipients. 362438032SpeterconfDELIVERY_MODE DeliveryMode [background] Default delivery mode. 362538032SpeterconfERROR_MODE ErrorMode [print] Error message mode. 362638032SpeterconfERROR_MESSAGE ErrorHeader [undefined] Error message header/file. 362742575SpeterconfSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines. 362838032SpeterconfTEMP_FILE_MODE TempFileMode [0600] Temporary file mode. 362938032SpeterconfMATCH_GECOS MatchGECOS [False] Match GECOS field. 363038032SpeterconfMAX_HOP MaxHopCount [25] Maximum hop count. 363164562SgshapiroconfIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd 363264562Sgshapiro mode] Ignore dot as terminator for 363364562Sgshapiro incoming messages? 363438032SpeterconfBIND_OPTS ResolverOptions [undefined] Default options for DNS 363538032Speter resolver. 363638032SpeterconfMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME- 363738032Speter encapsulated messages per RFC 1344. 363838032SpeterconfFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward] 363938032Speter The colon-separated list of places to 364038032Speter search for .forward files. N.B.: see 364138032Speter the Security Notes section. 364238032SpeterconfMCI_CACHE_SIZE ConnectionCacheSize 364338032Speter [2] Size of open connection cache. 364438032SpeterconfMCI_CACHE_TIMEOUT ConnectionCacheTimeout 364538032Speter [5m] Open connection cache timeout. 364638032SpeterconfHOST_STATUS_DIRECTORY HostStatusDirectory 364738032Speter [undefined] If set, host status is kept 364838032Speter on disk between sendmail runs in the 364938032Speter named directory tree. This need not be 365038032Speter a full pathname, in which case it is 365138032Speter interpreted relative to the queue 365238032Speter directory. 365338032SpeterconfSINGLE_THREAD_DELIVERY SingleThreadDelivery 365438032Speter [False] If this option and the 365538032Speter HostStatusDirectory option are both 365638032Speter set, single thread deliveries to other 365738032Speter hosts. That is, don't allow any two 365838032Speter sendmails on this host to connect 365938032Speter simultaneously to any other single 366038032Speter host. This can slow down delivery in 366138032Speter some cases, in particular since a 366238032Speter cached but otherwise idle connection 366338032Speter to a host will prevent other sendmails 366438032Speter from connecting to the other host. 366564562SgshapiroconfUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to 366638032Speter deliver error messages. This should 366738032Speter not be necessary because of general 366838032Speter acceptance of the envelope/header 366938032Speter distinction. 367038032SpeterconfLOG_LEVEL LogLevel [9] Log level. 367164562SgshapiroconfME_TOO MeToo [True] Include sender in group 367264562Sgshapiro expansions. This option is 367364562Sgshapiro deprecated and will be removed from 367464562Sgshapiro a future version. 367538032SpeterconfCHECK_ALIASES CheckAliases [False] Check RHS of aliases when 367638032Speter running newaliases. Since this does 367738032Speter DNS lookups on every address, it can 367838032Speter slow down the alias rebuild process 367938032Speter considerably on large alias files. 368038032SpeterconfOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without 368138032Speter special chars are old style. 368238032SpeterconfPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags. 368338032SpeterconfCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional 368438032Speter copies of all error messages. 368538032SpeterconfQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function. 368690792SgshapiroconfQUEUE_FILE_MODE QueueFileMode [undefined] Default permissions for 368790792Sgshapiro queue files (octal). If not set, 368890792Sgshapiro sendmail uses 0600 unless its real 368990792Sgshapiro and effective uid are different in 369090792Sgshapiro which case it uses 0644. 369138032SpeterconfDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr 369238032Speter syntax addresses to the minimum 369338032Speter possible. 369438032SpeterconfSAFE_QUEUE* SuperSafe [True] Commit all messages to disk 369538032Speter before forking. 369638032SpeterconfTO_INITIAL Timeout.initial [5m] The timeout waiting for a response 369738032Speter on the initial connect. 369838032SpeterconfTO_CONNECT Timeout.connect [0] The timeout waiting for an initial 369938032Speter connect() to complete. This can only 370038032Speter shorten connection timeouts; the kernel 370138032Speter silently enforces an absolute maximum 370238032Speter (which varies depending on the system). 370338032SpeterconfTO_ICONNECT Timeout.iconnect 370438032Speter [undefined] Like Timeout.connect, but 370538032Speter applies only to the very first attempt 370638032Speter to connect to a host in a message. 370738032Speter This allows a single very fast pass 370838032Speter followed by more careful delivery 370938032Speter attempts in the future. 371090792SgshapiroconfTO_ACONNECT Timeout.aconnect 371190792Sgshapiro [0] The overall timeout waiting for 371290792Sgshapiro all connection for a single delivery 371390792Sgshapiro attempt to succeed. If 0, no overall 371490792Sgshapiro limit is applied. 371538032SpeterconfTO_HELO Timeout.helo [5m] The timeout waiting for a response 371638032Speter to a HELO or EHLO command. 371738032SpeterconfTO_MAIL Timeout.mail [10m] The timeout waiting for a 371838032Speter response to the MAIL command. 371938032SpeterconfTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response 372038032Speter to the RCPT command. 372138032SpeterconfTO_DATAINIT Timeout.datainit 372238032Speter [5m] The timeout waiting for a 354 372338032Speter response from the DATA command. 372438032SpeterconfTO_DATABLOCK Timeout.datablock 372538032Speter [1h] The timeout waiting for a block 372638032Speter during DATA phase. 372738032SpeterconfTO_DATAFINAL Timeout.datafinal 372838032Speter [1h] The timeout waiting for a response 372938032Speter to the final "." that terminates a 373038032Speter message. 373138032SpeterconfTO_RSET Timeout.rset [5m] The timeout waiting for a response 373238032Speter to the RSET command. 373338032SpeterconfTO_QUIT Timeout.quit [2m] The timeout waiting for a response 373438032Speter to the QUIT command. 373538032SpeterconfTO_MISC Timeout.misc [2m] The timeout waiting for a response 373638032Speter to other SMTP commands. 373764562SgshapiroconfTO_COMMAND Timeout.command [1h] In server SMTP, the timeout 373864562Sgshapiro waiting for a command to be issued. 373964562SgshapiroconfTO_IDENT Timeout.ident [5s] The timeout waiting for a 374064562Sgshapiro response to an IDENT query. 374138032SpeterconfTO_FILEOPEN Timeout.fileopen 374238032Speter [60s] The timeout waiting for a file 374338032Speter (e.g., :include: file) to be opened. 374490792SgshapiroconfTO_LHLO Timeout.lhlo [2m] The timeout waiting for a response 374590792Sgshapiro to an LMTP LHLO command. 374690792SgshapiroconfTO_AUTH Timeout.auth [10m] The timeout waiting for a 374790792Sgshapiro response in an AUTH dialogue. 374890792SgshapiroconfTO_STARTTLS Timeout.starttls 374990792Sgshapiro [1h] The timeout waiting for a 375090792Sgshapiro response to an SMTP STARTTLS command. 375164562SgshapiroconfTO_CONTROL Timeout.control 375264562Sgshapiro [2m] The timeout for a complete 375364562Sgshapiro control socket transaction to complete. 375438032SpeterconfTO_QUEUERETURN Timeout.queuereturn 375538032Speter [5d] The timeout before a message is 375638032Speter returned as undeliverable. 375738032SpeterconfTO_QUEUERETURN_NORMAL 375838032Speter Timeout.queuereturn.normal 375938032Speter [undefined] As above, for normal 376038032Speter priority messages. 376138032SpeterconfTO_QUEUERETURN_URGENT 376238032Speter Timeout.queuereturn.urgent 376338032Speter [undefined] As above, for urgent 376438032Speter priority messages. 376538032SpeterconfTO_QUEUERETURN_NONURGENT 376638032Speter Timeout.queuereturn.non-urgent 376738032Speter [undefined] As above, for non-urgent 376838032Speter (low) priority messages. 3769132943SgshapiroconfTO_QUEUERETURN_DSN 3770132943Sgshapiro Timeout.queuereturn.dsn 3771132943Sgshapiro [undefined] As above, for delivery 3772132943Sgshapiro status notification messages. 377338032SpeterconfTO_QUEUEWARN Timeout.queuewarn 377438032Speter [4h] The timeout before a warning 377538032Speter message is sent to the sender telling 377664562Sgshapiro them that the message has been 377764562Sgshapiro deferred. 377838032SpeterconfTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal 377938032Speter [undefined] As above, for normal 378038032Speter priority messages. 378138032SpeterconfTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent 378238032Speter [undefined] As above, for urgent 378338032Speter priority messages. 378438032SpeterconfTO_QUEUEWARN_NONURGENT 378538032Speter Timeout.queuewarn.non-urgent 378638032Speter [undefined] As above, for non-urgent 378738032Speter (low) priority messages. 3788132943SgshapiroconfTO_QUEUEWARN_DSN 3789132943Sgshapiro Timeout.queuewarn.dsn 3790132943Sgshapiro [undefined] As above, for delivery 3791132943Sgshapiro status notification messages. 379238032SpeterconfTO_HOSTSTATUS Timeout.hoststatus 379338032Speter [30m] How long information about host 379438032Speter statuses will be maintained before it 379538032Speter is considered stale and the host should 379638032Speter be retried. This applies both within 379738032Speter a single queue run and to persistent 379838032Speter information (see below). 379964562SgshapiroconfTO_RESOLVER_RETRANS Timeout.resolver.retrans 380064562Sgshapiro [varies] Sets the resolver's 380198121Sgshapiro retransmission time interval (in 380264562Sgshapiro seconds). Sets both 380364562Sgshapiro Timeout.resolver.retrans.first and 380464562Sgshapiro Timeout.resolver.retrans.normal. 380564562SgshapiroconfTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first 380664562Sgshapiro [varies] Sets the resolver's 380798121Sgshapiro retransmission time interval (in 380864562Sgshapiro seconds) for the first attempt to 380964562Sgshapiro deliver a message. 381064562SgshapiroconfTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal 381164562Sgshapiro [varies] Sets the resolver's 381298121Sgshapiro retransmission time interval (in 381364562Sgshapiro seconds) for all resolver lookups 381464562Sgshapiro except the first delivery attempt. 381564562SgshapiroconfTO_RESOLVER_RETRY Timeout.resolver.retry 381664562Sgshapiro [varies] Sets the number of times 381764562Sgshapiro to retransmit a resolver query. 381864562Sgshapiro Sets both 381964562Sgshapiro Timeout.resolver.retry.first and 382064562Sgshapiro Timeout.resolver.retry.normal. 382164562SgshapiroconfTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first 382264562Sgshapiro [varies] Sets the number of times 382364562Sgshapiro to retransmit a resolver query for 382464562Sgshapiro the first attempt to deliver a 382564562Sgshapiro message. 382664562SgshapiroconfTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal 382764562Sgshapiro [varies] Sets the number of times 382864562Sgshapiro to retransmit a resolver query for 382964562Sgshapiro all resolver lookups except the 383064562Sgshapiro first delivery attempt. 383138032SpeterconfTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be 383238032Speter USE_SYSTEM to use the system's idea, 383338032Speter USE_TZ to use the user's TZ envariable, 383438032Speter or something else to force that value. 383538032SpeterconfDEF_USER_ID DefaultUser [1:1] Default user id. 383638032SpeterconfUSERDB_SPEC UserDatabaseSpec 383764562Sgshapiro [undefined] User database 383864562Sgshapiro specification. 383938032SpeterconfFALLBACK_MX FallbackMXhost [undefined] Fallback MX host. 3840132943SgshapiroconfFALLBACK_SMARTHOST FallbackSmartHost 3841132943Sgshapiro [undefined] Fallback smart host. 384264562SgshapiroconfTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX 384364562Sgshapiro for a host and other arrangements 384464562Sgshapiro haven't been made, try connecting 384564562Sgshapiro to the host directly; normally this 384664562Sgshapiro would be a config error. 384764562SgshapiroconfQUEUE_LA QueueLA [varies] Load average at which 384864562Sgshapiro queue-only function kicks in. 384964562Sgshapiro Default values is (8 * numproc) 385064562Sgshapiro where numproc is the number of 385164562Sgshapiro processors online (if that can be 385264562Sgshapiro determined). 385364562SgshapiroconfREFUSE_LA RefuseLA [varies] Load average at which 385464562Sgshapiro incoming SMTP connections are 385564562Sgshapiro refused. Default values is (12 * 385664562Sgshapiro numproc) where numproc is the 385764562Sgshapiro number of processors online (if 385864562Sgshapiro that can be determined). 3859132943SgshapiroconfREJECT_LOG_INTERVAL RejectLogInterval [3h] Log interval when 3860132943Sgshapiro refusing connections for this long. 386190792SgshapiroconfDELAY_LA DelayLA [0] Load average at which sendmail 386290792Sgshapiro will sleep for one second on most 386390792Sgshapiro SMTP commands and before accepting 386490792Sgshapiro connections. 0 means no limit. 386564562SgshapiroconfMAX_ALIAS_RECURSION MaxAliasRecursion 386664562Sgshapiro [10] Maximum depth of alias recursion. 386738032SpeterconfMAX_DAEMON_CHILDREN MaxDaemonChildren 386838032Speter [undefined] The maximum number of 386938032Speter children the daemon will permit. After 387038032Speter this number, connections will be 387138032Speter rejected. If not set or <= 0, there is 387238032Speter no limit. 387364562SgshapiroconfMAX_HEADERS_LENGTH MaxHeadersLength 387471345Sgshapiro [32768] Maximum length of the sum 387564562Sgshapiro of all headers. 387664562SgshapiroconfMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength 387764562Sgshapiro [undefined] Maximum length of 387864562Sgshapiro certain MIME header field values. 387938032SpeterconfCONNECTION_RATE_THROTTLE ConnectionRateThrottle 388038032Speter [undefined] The maximum number of 388190792Sgshapiro connections permitted per second per 388290792Sgshapiro daemon. After this many connections 388390792Sgshapiro are accepted, further connections 388490792Sgshapiro will be delayed. If not set or <= 0, 388590792Sgshapiro there is no limit. 3886132943SgshapiroconfCONNECTION_RATE_WINDOW_SIZE ConnectionRateWindowSize 3887132943Sgshapiro [60s] Define the length of the 3888132943Sgshapiro interval for which the number of 3889132943Sgshapiro incoming connections is maintained. 389038032SpeterconfWORK_RECIPIENT_FACTOR 389138032Speter RecipientFactor [30000] Cost of each recipient. 389264562SgshapiroconfSEPARATE_PROC ForkEachJob [False] Run all deliveries in a 389364562Sgshapiro separate process. 389438032SpeterconfWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class. 389538032SpeterconfWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt. 389638032SpeterconfQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm: 389790792Sgshapiro Priority, Host, Filename, Random, 389890792Sgshapiro Modification, or Time. 389938032SpeterconfMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job 390038032Speter must sit in the queue between queue 390138032Speter runs. This allows you to set the 390238032Speter queue run interval low for better 390338032Speter responsiveness without trying all 390438032Speter jobs in each run. 390538032SpeterconfDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting 390638032Speter unlabeled 8 bit input to MIME, the 390738032Speter character set to use by default. 390838032SpeterconfSERVICE_SWITCH_FILE ServiceSwitchFile 390964562Sgshapiro [/etc/mail/service.switch] The file 391064562Sgshapiro to use for the service switch on 391164562Sgshapiro systems that do not have a 391264562Sgshapiro system-defined switch. 391338032SpeterconfHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing 391438032Speter "file" type access of hosts names. 391538032SpeterconfDIAL_DELAY DialDelay [0s] If a connection fails, wait this 391638032Speter long and try again. Zero means "don't 391738032Speter retry". This is to allow "dial on 391838032Speter demand" connections to have enough time 391938032Speter to complete a connection. 392038032SpeterconfNO_RCPT_ACTION NoRecipientAction 392138032Speter [none] What to do if there are no legal 392238032Speter recipient fields (To:, Cc: or Bcc:) 392338032Speter in the message. Legal values can 392438032Speter be "none" to just leave the 392538032Speter nonconforming message as is, "add-to" 392638032Speter to add a To: header with all the 392738032Speter known recipients (which may expose 392838032Speter blind recipients), "add-apparently-to" 392938032Speter to do the same but use Apparently-To: 393090792Sgshapiro instead of To: (strongly discouraged 393190792Sgshapiro in accordance with IETF standards), 393290792Sgshapiro "add-bcc" to add an empty Bcc: 393390792Sgshapiro header, or "add-to-undisclosed" to 393490792Sgshapiro add the header 393538032Speter ``To: undisclosed-recipients:;''. 393638032SpeterconfSAFE_FILE_ENV SafeFileEnvironment 393738032Speter [undefined] If set, sendmail will do a 393838032Speter chroot() into this directory before 393938032Speter writing files. 394038032SpeterconfCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6] 394138032Speter If set, colons are treated as a regular 394238032Speter character in addresses. If not set, 394338032Speter they are treated as the introducer to 394438032Speter the RFC 822 "group" syntax. Colons are 394538032Speter handled properly in route-addrs. This 394638032Speter option defaults on for V5 and lower 394738032Speter configuration files. 394838032SpeterconfMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of 394938032Speter any given queue run to this number of 395038032Speter entries. Essentially, this will stop 395164562Sgshapiro reading each queue directory after this 395238032Speter number of entries are reached; it does 395338032Speter _not_ pick the highest priority jobs, 395438032Speter so this should be as large as your 395538032Speter system can tolerate. If not set, there 395638032Speter is no limit. 395790792SgshapiroconfMAX_QUEUE_CHILDREN MaxQueueChildren 395890792Sgshapiro [undefined] Limits the maximum number 395990792Sgshapiro of concurrent queue runners active. 396090792Sgshapiro This is to keep system resources used 396190792Sgshapiro within a reasonable limit. Relates to 3962132943Sgshapiro Queue Groups and ForkEachJob. 396390792SgshapiroconfMAX_RUNNERS_PER_QUEUE MaxRunnersPerQueue 396490792Sgshapiro [1] Only active when MaxQueueChildren 396590792Sgshapiro defined. Controls the maximum number 396690792Sgshapiro of queue runners (aka queue children) 396790792Sgshapiro active at the same time in a work 396890792Sgshapiro group. See also MaxQueueChildren. 396938032SpeterconfDONT_EXPAND_CNAMES DontExpandCnames 397038032Speter [False] If set, $[ ... $] lookups that 397138032Speter do DNS based lookups do not expand 397238032Speter CNAME records. This currently violates 397338032Speter the published standards, but the IETF 397438032Speter seems to be moving toward legalizing 397538032Speter this. For example, if "FTP.Foo.ORG" 397638032Speter is a CNAME for "Cruft.Foo.ORG", then 397738032Speter with this option set a lookup of 397838032Speter "FTP" will return "FTP.Foo.ORG"; if 397938032Speter clear it returns "Cruft.FOO.ORG". N.B. 398038032Speter you may not see any effect until your 398138032Speter downstream neighbors stop doing CNAME 398238032Speter lookups as well. 398364562SgshapiroconfFROM_LINE UnixFromLine [From $g $d] The From_ line used 398438032Speter when sending to files or programs. 398538032SpeterconfSINGLE_LINE_FROM_HEADER SingleLineFromHeader 398638032Speter [False] From: lines that have 398738032Speter embedded newlines are unwrapped 398838032Speter onto one line. 398938032SpeterconfALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that 399038032Speter does not include a host name. 399138032SpeterconfMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full 399238032Speter name phrase (@,;:\()[] are automatic). 399338032SpeterconfOPERATORS OperatorChars [.:%@!^/[]+] Address operator 399438032Speter characters. 399538032SpeterconfSMTP_LOGIN_MSG SmtpGreetingMessage 399638032Speter [$j Sendmail $v/$Z; $b] 399738032Speter The initial (spontaneous) SMTP 399838032Speter greeting message. The word "ESMTP" 399938032Speter will be inserted between the first and 400038032Speter second words to convince other 400138032Speter sendmails to try to speak ESMTP. 400238032SpeterconfDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) 400338032Speter routine will never be invoked. You 400438032Speter might want to do this if you are 400538032Speter running NIS and you have a large group 400638032Speter map, since this call does a sequential 400738032Speter scan of the map; in a large site this 400838032Speter can cause your ypserv to run 400938032Speter essentially full time. If you set 401038032Speter this, agents run on behalf of users 401138032Speter will only have their primary 401238032Speter (/etc/passwd) group permissions. 401338032SpeterconfUNSAFE_GROUP_WRITES UnsafeGroupWrites 401438032Speter [False] If set, group-writable 401538032Speter :include: and .forward files are 401638032Speter considered "unsafe", that is, programs 401738032Speter and files cannot be directly referenced 401838032Speter from such files. World-writable files 401938032Speter are always considered unsafe. 402064562SgshapiroconfCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection 402164562Sgshapiro address (for testing). 402264562SgshapiroconfCONTROL_SOCKET_NAME ControlSocketName 402364562Sgshapiro [undefined] Control socket for daemon 402464562Sgshapiro management. 402538032SpeterconfDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress 402638032Speter [postmaster] If an error occurs when 402738032Speter sending an error message, send that 402838032Speter "double bounce" error message to this 402990792Sgshapiro address. If it expands to an empty 403090792Sgshapiro string, double bounces are dropped. 403164562SgshapiroconfDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce 403264562Sgshapiro messages which could not be returned 403364562Sgshapiro to the user or sent to postmaster. 403464562Sgshapiro If not set, the queue file will 403564562Sgshapiro be renamed. 403664562SgshapiroconfRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header 403764562Sgshapiro implies DSN request. 403838032SpeterconfRUN_AS_USER RunAsUser [undefined] If set, become this user 403938032Speter when reading and delivering mail. 404038032Speter Causes all file reads (e.g., .forward 404138032Speter and :include: files) to be done as 404238032Speter this user. Also, all programs will 404338032Speter be run as this user, and all output 404438032Speter files will be written as this user. 404538032SpeterconfMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage 404638032Speter [infinite] If set, allow no more than 404738032Speter the specified number of recipients in 404838032Speter an SMTP envelope. Further recipients 404938032Speter receive a 452 error code (i.e., they 405038032Speter are deferred for the next delivery 405138032Speter attempt). 4052125820SgshapiroconfBAD_RCPT_THROTTLE BadRcptThrottle [infinite] If set and the specified 4053125820Sgshapiro number of recipients in a single SMTP 4054125820Sgshapiro transaction have been rejected, sleep 4055125820Sgshapiro for one second after each subsequent 4056125820Sgshapiro RCPT command in that transaction. 405738032SpeterconfDONT_PROBE_INTERFACES DontProbeInterfaces 405838032Speter [False] If set, sendmail will _not_ 405938032Speter insert the names and addresses of any 406064562Sgshapiro local interfaces into class {w} 406138032Speter (list of known "equivalent" addresses). 406238032Speter If you set this, you must also include 406338032Speter some support for these addresses (e.g., 406438032Speter in a mailertable entry) -- otherwise, 406538032Speter mail to addresses in this list will 406638032Speter bounce with a configuration error. 406790792Sgshapiro If set to "loopback" (without 406890792Sgshapiro quotes), sendmail will skip 406990792Sgshapiro loopback interfaces (e.g., "lo0"). 407064562SgshapiroconfPID_FILE PidFile [system dependent] Location of pid 407164562Sgshapiro file. 407264562SgshapiroconfPROCESS_TITLE_PREFIX ProcessTitlePrefix 407364562Sgshapiro [undefined] Prefix string for the 407464562Sgshapiro process title shown on 'ps' listings. 407538032SpeterconfDONT_BLAME_SENDMAIL DontBlameSendmail 407638032Speter [safe] Override sendmail's file 407738032Speter safety checks. This will definitely 407838032Speter compromise system security and should 407938032Speter not be used unless absolutely 408038032Speter necessary. 408138032SpeterconfREJECT_MSG - [550 Access denied] The message 408238032Speter given if the access database contains 408338032Speter REJECT in the value portion. 408490792SgshapiroconfRELAY_MSG - [550 Relaying denied] The message 408590792Sgshapiro given if an unauthorized relaying 408690792Sgshapiro attempt is rejected. 408764562SgshapiroconfDF_BUFFER_SIZE DataFileBufferSize 408864562Sgshapiro [4096] The maximum size of a 408964562Sgshapiro memory-buffered data (df) file 409064562Sgshapiro before a disk-based file is used. 409164562SgshapiroconfXF_BUFFER_SIZE XScriptFileBufferSize 409264562Sgshapiro [4096] The maximum size of a 409364562Sgshapiro memory-buffered transcript (xf) 409464562Sgshapiro file before a disk-based file is 409564562Sgshapiro used. 409664562SgshapiroconfAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5 409764562Sgshapiro CRAM-MD5] List of authentication 409864562Sgshapiro mechanisms for AUTH (separated by 409964562Sgshapiro spaces). The advertised list of 410064562Sgshapiro authentication mechanisms will be the 410164562Sgshapiro intersection of this list and the list 410264562Sgshapiro of available mechanisms as determined 4103132943Sgshapiro by the Cyrus SASL library. 4104132943SgshapiroconfAUTH_REALM AuthRealm [undefined] The authentication realm 4105132943Sgshapiro that is passed to the Cyrus SASL 4106132943Sgshapiro library. If no realm is specified, 4107132943Sgshapiro $j is used. 410873188SgshapiroconfDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains 410964562Sgshapiro authentication information for 411090792Sgshapiro outgoing connections. This file must 411190792Sgshapiro contain the user id, the authorization 411290792Sgshapiro id, the password (plain text), the 411390792Sgshapiro realm to use, and the list of 411490792Sgshapiro mechanisms to try, each on a separate 411590792Sgshapiro line and must be readable by root (or 411690792Sgshapiro the trusted user) only. If no realm 411790792Sgshapiro is specified, $j is used. If no 411890792Sgshapiro mechanisms are given in the file, 411990792Sgshapiro AuthMechanisms is used. Notice: this 412090792Sgshapiro option is deprecated and will be 412190792Sgshapiro removed in future versions; it doesn't 412290792Sgshapiro work for the MSP since it can't read 412390792Sgshapiro the file. Use the authinfo ruleset 412490792Sgshapiro instead. See also the section SMTP 412590792Sgshapiro AUTHENTICATION. 412690792SgshapiroconfAUTH_OPTIONS AuthOptions [undefined] If this option is 'A' 412764562Sgshapiro then the AUTH= parameter for the 412864562Sgshapiro MAIL FROM command is only issued 412964562Sgshapiro when authentication succeeded. 413090792Sgshapiro Other values (which should be listed 413190792Sgshapiro one after the other without any 413290792Sgshapiro intervening characters except for 413390792Sgshapiro space or comma) are a, c, d, f, p, 413490792Sgshapiro and y. See doc/op/op.me for 413590792Sgshapiro details. 413690792SgshapiroconfAUTH_MAX_BITS AuthMaxBits [INT_MAX] Limit the maximum encryption 413790792Sgshapiro strength for the security layer in 413890792Sgshapiro SMTP AUTH (SASL). Default is 413990792Sgshapiro essentially unlimited. 414090792SgshapiroconfTLS_SRV_OPTIONS TLSSrvOptions If this option is 'V' no client 414190792Sgshapiro verification is performed, i.e., 414290792Sgshapiro the server doesn't ask for a 414390792Sgshapiro certificate. 414464562SgshapiroconfLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map 414564562Sgshapiro specification for LDAP maps. The 414664562Sgshapiro value should only contain LDAP 414764562Sgshapiro specific settings such as "-h host 414864562Sgshapiro -p port -d bindDN", etc. The 414964562Sgshapiro settings will be used for all LDAP 415064562Sgshapiro maps unless they are specified in 415164562Sgshapiro the individual map specification 415264562Sgshapiro ('K' command). 4153110560SgshapiroconfCACERT_PATH CACertPath [undefined] Path to directory 415464562Sgshapiro with certs of CAs. 4155110560SgshapiroconfCACERT CACertFile [undefined] File containing one CA 415664562Sgshapiro cert. 415764562SgshapiroconfSERVER_CERT ServerCertFile [undefined] File containing the 415864562Sgshapiro cert of the server, i.e., this cert 415964562Sgshapiro is used when sendmail acts as 416064562Sgshapiro server. 416164562SgshapiroconfSERVER_KEY ServerKeyFile [undefined] File containing the 416264562Sgshapiro private key belonging to the server 416364562Sgshapiro cert. 416464562SgshapiroconfCLIENT_CERT ClientCertFile [undefined] File containing the 416564562Sgshapiro cert of the client, i.e., this cert 416664562Sgshapiro is used when sendmail acts as 416764562Sgshapiro client. 416864562SgshapiroconfCLIENT_KEY ClientKeyFile [undefined] File containing the 416964562Sgshapiro private key belonging to the client 417064562Sgshapiro cert. 4171132943SgshapiroconfCRL CRLFile [undefined] File containing certificate 4172132943Sgshapiro revocation status, useful for X.509v3 4173132943Sgshapiro authentication. Note that CRL requires 4174132943Sgshapiro at least OpenSSL version 0.9.7. 417564562SgshapiroconfDH_PARAMETERS DHParameters [undefined] File containing the 417664562Sgshapiro DH parameters. 417764562SgshapiroconfRAND_FILE RandFile [undefined] File containing random 417866494Sgshapiro data (use prefix file:) or the 417966494Sgshapiro name of the UNIX socket if EGD is 418066494Sgshapiro used (use prefix egd:). STARTTLS 418166494Sgshapiro requires this option if the compile 418266494Sgshapiro flag HASURANDOM is not set (see 418364562Sgshapiro sendmail/README). 418490792SgshapiroconfNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of 418590792Sgshapiro queue runners is set the given value 418690792Sgshapiro (nice(3)). 418790792SgshapiroconfDIRECT_SUBMISSION_MODIFIERS DirectSubmissionModifiers 418890792Sgshapiro [undefined] Defines {daemon_flags} 418990792Sgshapiro for direct submissions. 419090792SgshapiroconfUSE_MSP UseMSP [false] Use as mail submission 419190792Sgshapiro program, see sendmail/SECURITY. 419290792SgshapiroconfDELIVER_BY_MIN DeliverByMin [0] Minimum time for Deliver By 419390792Sgshapiro SMTP Service Extension (RFC 2852). 4194132943SgshapiroconfREQUIRES_DIR_FSYNC RequiresDirfsync [true] RequiresDirfsync can 4195132943Sgshapiro be used to turn off the compile time 4196132943Sgshapiro flag REQUIRES_DIR_FSYNC at runtime. 4197132943Sgshapiro See sendmail/README for details. 419890792SgshapiroconfSHARED_MEMORY_KEY SharedMemoryKey [0] Key for shared memory. 419990792SgshapiroconfFAST_SPLIT FastSplit [1] If set to a value greater than 420090792Sgshapiro zero, the initial MX lookups on 420190792Sgshapiro addresses is suppressed when they 420290792Sgshapiro are sorted which may result in 420390792Sgshapiro faster envelope splitting. If the 420490792Sgshapiro mail is submitted directly from the 420590792Sgshapiro command line, then the value also 420690792Sgshapiro limits the number of processes to 420790792Sgshapiro deliver the envelopes. 420890792SgshapiroconfMAILBOX_DATABASE MailboxDatabase [pw] Type of lookup to find 420990792Sgshapiro information about local mailboxes. 421090792SgshapiroconfDEQUOTE_OPTS - [empty] Additional options for the 421190792Sgshapiro dequote map. 421290792SgshapiroconfINPUT_MAIL_FILTERS InputMailFilters 421390792Sgshapiro A comma separated list of filters 421490792Sgshapiro which determines which filters and 421590792Sgshapiro the invocation sequence are 421690792Sgshapiro contacted for incoming SMTP 421790792Sgshapiro messages. If none are set, no 421890792Sgshapiro filters will be contacted. 421990792SgshapiroconfMILTER_LOG_LEVEL Milter.LogLevel [9] Log level for input mail filter 422090792Sgshapiro actions, defaults to LogLevel. 422190792SgshapiroconfMILTER_MACROS_CONNECT Milter.macros.connect 4222110560Sgshapiro [j, _, {daemon_name}, {if_name}, 4223110560Sgshapiro {if_addr}] Macros to transmit to 4224110560Sgshapiro milters when a session connection 4225110560Sgshapiro starts. 422690792SgshapiroconfMILTER_MACROS_HELO Milter.macros.helo 4227110560Sgshapiro [{tls_version}, {cipher}, 4228110560Sgshapiro {cipher_bits}, {cert_subject}, 4229110560Sgshapiro {cert_issuer}] Macros to transmit to 4230110560Sgshapiro milters after HELO/EHLO command. 423190792SgshapiroconfMILTER_MACROS_ENVFROM Milter.macros.envfrom 4232110560Sgshapiro [i, {auth_type}, {auth_authen}, 4233110560Sgshapiro {auth_ssf}, {auth_author}, 4234110560Sgshapiro {mail_mailer}, {mail_host}, 4235110560Sgshapiro {mail_addr}] Macros to transmit to 4236110560Sgshapiro milters after MAIL FROM command. 423790792SgshapiroconfMILTER_MACROS_ENVRCPT Milter.macros.envrcpt 4238110560Sgshapiro [{rcpt_mailer}, {rcpt_host}, 4239110560Sgshapiro {rcpt_addr}] Macros to transmit to 4240110560Sgshapiro milters after RCPT TO command. 4241132943SgshapiroconfMILTER_MACROS_EOM Milter.macros.eom 4242132943Sgshapiro [{msg_id}] Macros to transmit to 4243132943Sgshapiro milters after DATA command. 424464562Sgshapiro 424590792Sgshapiro 424638032SpeterSee also the description of OSTYPE for some parameters that can be 424738032Spetertweaked (generally pathnames to mailers). 424838032Speter 424990792SgshapiroClientPortOptions and DaemonPortOptions are special cases since multiple 425090792Sgshapiroclients/daemons can be defined. This can be done via 425138032Speter 425290792Sgshapiro CLIENT_OPTIONS(`field1=value1,field2=value2,...') 425364562Sgshapiro DAEMON_OPTIONS(`field1=value1,field2=value2,...') 425464562Sgshapiro 425590792SgshapiroNote that multiple CLIENT_OPTIONS() commands (and therefore multiple 425690792SgshapiroClientPortOptions settings) are allowed in order to give settings for each 425790792Sgshapiroprotocol family (e.g., one for Family=inet and one for Family=inet6). A 425890792Sgshapirorestriction placed on one family only affects outgoing connections on that 425990792Sgshapiroparticular family. 426090792Sgshapiro 426164562SgshapiroIf DAEMON_OPTIONS is not used, then the default is 426264562Sgshapiro 426364562Sgshapiro DAEMON_OPTIONS(`Port=smtp, Name=MTA') 426464562Sgshapiro DAEMON_OPTIONS(`Port=587, Name=MSA, M=E') 426564562Sgshapiro 426664562SgshapiroIf you use one DAEMON_OPTIONS macro, it will alter the parameters 426764562Sgshapiroof the first of these. The second will still be defaulted; it 426864562Sgshapirorepresents a "Message Submission Agent" (MSA) as defined by RFC 426964562Sgshapiro2476 (see below). To turn off the default definition for the MSA, 427064562Sgshapirouse FEATURE(`no_default_msa') (see also FEATURES). If you use 427164562Sgshapiroadditional DAEMON_OPTIONS macros, they will add additional daemons. 427264562Sgshapiro 427364562SgshapiroExample 1: To change the port for the SMTP listener, while 427464562Sgshapirostill using the MSA default, use 427564562Sgshapiro DAEMON_OPTIONS(`Port=925, Name=MTA') 427664562Sgshapiro 427764562SgshapiroExample 2: To change the port for the MSA daemon, while still 427864562Sgshapirousing the default SMTP port, use 427964562Sgshapiro FEATURE(`no_default_msa') 428064562Sgshapiro DAEMON_OPTIONS(`Name=MTA') 428164562Sgshapiro DAEMON_OPTIONS(`Port=987, Name=MSA, M=E') 428264562Sgshapiro 428364562SgshapiroNote that if the first of those DAEMON_OPTIONS lines were omitted, then 428464562Sgshapirothere would be no listener on the standard SMTP port. 428564562Sgshapiro 428664562SgshapiroExample 3: To listen on both IPv4 and IPv6 interfaces, use 428764562Sgshapiro 428864562Sgshapiro DAEMON_OPTIONS(`Name=MTA-v4, Family=inet') 428964562Sgshapiro DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6') 429064562Sgshapiro 429164562SgshapiroA "Message Submission Agent" still uses all of the same rulesets for 429264562Sgshapiroprocessing the message (and therefore still allows message rejection via 429364562Sgshapirothe check_* rulesets). In accordance with the RFC, the MSA will ensure 4294110560Sgshapirothat all domains in envelope addresses are fully qualified if the message 4295110560Sgshapirois relayed to another MTA. It will also enforce the normal address syntax 4296110560Sgshapirorules and log error messages. Additionally, by using the M=a modifier you 4297110560Sgshapirocan require authentication before messages are accepted by the MSA. 4298110560SgshapiroNotice: Do NOT use the 'a' modifier on a public accessible MTA! Finally, 4299110560Sgshapirothe M=E modifier shown above disables ETRN as required by RFC 2476. 430064562Sgshapiro 430190792SgshapiroMail filters can be defined using the INPUT_MAIL_FILTER() and MAIL_FILTER() 430290792Sgshapirocommands: 430364562Sgshapiro 430490792Sgshapiro INPUT_MAIL_FILTER(`sample', `S=local:/var/run/f1.sock') 430590792Sgshapiro MAIL_FILTER(`myfilter', `S=inet:3333@localhost') 430638032Speter 430790792SgshapiroThe INPUT_MAIL_FILTER() command causes the filter(s) to be called in the 430890792Sgshapirosame order they were specified by also setting confINPUT_MAIL_FILTERS. A 430990792Sgshapirofilter can be defined without adding it to the input filter list by using 431090792SgshapiroMAIL_FILTER() instead of INPUT_MAIL_FILTER() in your .mc file. 431190792SgshapiroAlternatively, you can reset the list of filters and their order by setting 431290792SgshapiroconfINPUT_MAIL_FILTERS option after all INPUT_MAIL_FILTER() commands in 431390792Sgshapiroyour .mc file. 431490792Sgshapiro 431590792Sgshapiro 431690792Sgshapiro+----------------------------+ 431790792Sgshapiro| MESSAGE SUBMISSION PROGRAM | 431890792Sgshapiro+----------------------------+ 431990792Sgshapiro 432090792SgshapiroThe purpose of the message submission program (MSP) is explained 432190792Sgshapiroin sendmail/SECURITY. This section contains a list of caveats and 432290792Sgshapiroa few hints how for those who want to tweak the default configuration 432390792Sgshapirofor it (which is installed as submit.cf). 432490792Sgshapiro 432590792SgshapiroNotice: do not add options/features to submit.mc unless you are 432690792Sgshapiroabsolutely sure you need them. Options you may want to change 432790792Sgshapiroinclude: 432890792Sgshapiro 432994334Sgshapiro- confTRUSTED_USERS, FEATURE(`use_ct_file'), and confCT_FILE for 433098121Sgshapiro avoiding X-Authentication warnings. 433194334Sgshapiro- confTIME_ZONE to change it from the default `USE_TZ'. 433290792Sgshapiro- confDELIVERY_MODE is set to interactive in msp.m4 instead 433390792Sgshapiro of the default background mode. 433498121Sgshapiro- FEATURE(stickyhost) and LOCAL_RELAY to send unqualified addresses 433598121Sgshapiro to the LOCAL_RELAY instead of the default relay. 433698121Sgshapiro- confRAND_FILE if you use STARTTLS and sendmail is not compiled with 433798121Sgshapiro the flag HASURANDOM. 433890792Sgshapiro 433998121SgshapiroThe MSP performs hostname canonicalization by default. As also 434098121Sgshapiroexplained in sendmail/SECURITY, mail may end up for various DNS 434198121Sgshapirorelated reasons in the MSP queue. This problem can be minimized by 434298121Sgshapirousing 434398121Sgshapiro 434498121Sgshapiro FEATURE(`nocanonify', `canonify_hosts') 434598121Sgshapiro define(`confDIRECT_SUBMISSION_MODIFIERS', `C') 434698121Sgshapiro 434798121SgshapiroSee the discussion about nocanonify for possible side effects. 434898121Sgshapiro 434990792SgshapiroSome things are not intended to work with the MSP. These include 435090792Sgshapirofeatures that influence the delivery process (e.g., mailertable, 435190792Sgshapiroaliases), or those that are only important for a SMTP server (e.g., 435290792Sgshapirovirtusertable, DaemonPortOptions, multiple queues). Moreover, 435390792Sgshapirorelaxing certain restrictions (RestrictQueueRun, permissions on 435490792Sgshapiroqueue directory) or adding features (e.g., enabling prog/file mailer) 435590792Sgshapirocan cause security problems. 435690792Sgshapiro 435790792SgshapiroOther things don't work well with the MSP and require tweaking or 435890792Sgshapiroworkarounds. For example, to allow for client authentication it 435990792Sgshapirois not just sufficient to provide a client certificate and the 436090792Sgshapirocorresponding key, but it is also necessary to make the key group 436190792Sgshapiro(smmsp) readable and tell sendmail not to complain about that, i.e., 436290792Sgshapiro 436390792Sgshapiro define(`confDONT_BLAME_SENDMAIL', `GroupReadableKeyFile') 436490792Sgshapiro 436590792SgshapiroIf the MSP should actually use AUTH then the necessary data 436690792Sgshapiroshould be placed in a map as explained in SMTP AUTHENTICATION: 436790792Sgshapiro 436890792SgshapiroFEATURE(`authinfo', `DATABASE_MAP_TYPE /etc/mail/msp-authinfo') 436990792Sgshapiro 437090792Sgshapiro/etc/mail/msp-authinfo should contain an entry like: 437190792Sgshapiro 437290792Sgshapiro AuthInfo:127.0.0.1 "U:smmsp" "P:secret" "M:DIGEST-MD5" 437390792Sgshapiro 437490792SgshapiroThe file and the map created by makemap should be owned by smmsp, 437590792Sgshapiroits group should be smmsp, and it should have mode 640. The database 437690792Sgshapiroused by the MTA for AUTH must have a corresponding entry. 437790792SgshapiroAdditionally the MTA must trust this authentication data so the AUTH= 437890792Sgshapiropart will be relayed on to the next hop. This can be achieved by 437990792Sgshapiroadding the following to your sendmail.mc file: 438090792Sgshapiro 438190792Sgshapiro LOCAL_RULESETS 438290792Sgshapiro SLocal_trust_auth 438390792Sgshapiro R$* $: $&{auth_authen} 438490792Sgshapiro Rsmmsp $# OK 438590792Sgshapiro 4386132943SgshapiroNote: the authentication data can leak to local users who invoke 4387132943Sgshapirothe MSP with debug options or even with -v. For that reason either 4388132943Sgshapiroan authentication mechanism that does not show the password in the 4389132943SgshapiroAUTH dialogue (e.g., DIGEST-MD5) or a different authentication 4390132943Sgshapiromethod like STARTTLS should be used. 4391132943Sgshapiro 439290792Sgshapirofeature/msp.m4 defines almost all settings for the MSP. Most of 439390792Sgshapirothose should not be changed at all. Some of the features and options 439490792Sgshapirocan be overridden if really necessary. It is a bit tricky to do 439590792Sgshapirothis, because it depends on the actual way the option is defined 439690792Sgshapiroin feature/msp.m4. If it is directly defined (i.e., define()) then 439790792Sgshapirothe modified value must be defined after 439890792Sgshapiro 439990792Sgshapiro FEATURE(`msp') 440090792Sgshapiro 440190792SgshapiroIf it is conditionally defined (i.e., ifdef()) then the desired 440290792Sgshapirovalue must be defined before the FEATURE line in the .mc file. 440390792SgshapiroTo see how the options are defined read feature/msp.m4. 440490792Sgshapiro 440590792Sgshapiro 440690792Sgshapiro+--------------------------+ 440790792Sgshapiro| FORMAT OF FILES AND MAPS | 440890792Sgshapiro+--------------------------+ 440990792Sgshapiro 441090792SgshapiroFiles that define classes, i.e., F{classname}, consist of lines 441190792Sgshapiroeach of which contains a single element of the class. For example, 441290792Sgshapiro/etc/mail/local-host-names may have the following content: 441390792Sgshapiro 441490792Sgshapiromy.domain 441590792Sgshapiroanother.domain 441690792Sgshapiro 441790792SgshapiroMaps must be created using makemap(8) , e.g., 441890792Sgshapiro 441990792Sgshapiro makemap hash MAP < MAP 442090792Sgshapiro 442190792SgshapiroIn general, a text file from which a map is created contains lines 442290792Sgshapiroof the form 442390792Sgshapiro 442490792Sgshapirokey value 442590792Sgshapiro 442690792Sgshapirowhere 'key' and 'value' are also called LHS and RHS, respectively. 442790792SgshapiroBy default, the delimiter between LHS and RHS is a non-empty sequence 442890792Sgshapiroof white space characters. 442990792Sgshapiro 443090792Sgshapiro 443190792Sgshapiro+------------------+ 443290792Sgshapiro| DIRECTORY LAYOUT | 443390792Sgshapiro+------------------+ 443490792Sgshapiro 443538032SpeterWithin this directory are several subdirectories, to wit: 443638032Speter 443738032Speterm4 General support routines. These are typically 443838032Speter very important and should not be changed without 443938032Speter very careful consideration. 444038032Speter 444138032Spetercf The configuration files themselves. They have 444238032Speter ".mc" suffixes, and must be run through m4 to 444338032Speter become complete. The resulting output should 444438032Speter have a ".cf" suffix. 444538032Speter 444638032Speterostype Definitions describing a particular operating 444738032Speter system type. These should always be referenced 444838032Speter using the OSTYPE macro in the .mc file. Examples 444938032Speter include "bsd4.3", "bsd4.4", "sunos3.5", and 445038032Speter "sunos4.1". 445138032Speter 445238032Speterdomain Definitions describing a particular domain, referenced 445338032Speter using the DOMAIN macro in the .mc file. These are 445438032Speter site dependent; for example, "CS.Berkeley.EDU.m4" 445538032Speter describes hosts in the CS.Berkeley.EDU subdomain. 445638032Speter 445766494Sgshapiromailer Descriptions of mailers. These are referenced using 445838032Speter the MAILER macro in the .mc file. 445938032Speter 446038032Spetersh Shell files used when building the .cf file from the 446138032Speter .mc file in the cf subdirectory. 446238032Speter 446338032Speterfeature These hold special orthogonal features that you might 446438032Speter want to include. They should be referenced using 446538032Speter the FEATURE macro. 446638032Speter 446738032Speterhack Local hacks. These can be referenced using the HACK 446838032Speter macro. They shouldn't be of more than voyeuristic 446938032Speter interest outside the .Berkeley.EDU domain, but who knows? 447038032Speter 447138032Spetersiteconfig Site configuration -- e.g., tables of locally connected 447238032Speter UUCP sites. 447338032Speter 447438032Speter 447538032Speter+------------------------+ 447638032Speter| ADMINISTRATIVE DETAILS | 447738032Speter+------------------------+ 447838032Speter 447938032SpeterThe following sections detail usage of certain internal parts of the 448038032Spetersendmail.cf file. Read them carefully if you are trying to modify 448138032Speterthe current model. If you find the above descriptions adequate, these 448238032Spetershould be {boring, confusing, tedious, ridiculous} (pick one or more). 448338032Speter 448438032SpeterRULESETS (* means built in to sendmail) 448538032Speter 448638032Speter 0 * Parsing 448738032Speter 1 * Sender rewriting 448838032Speter 2 * Recipient rewriting 448938032Speter 3 * Canonicalization 449038032Speter 4 * Post cleanup 449138032Speter 5 * Local address rewrite (after aliasing) 449238032Speter 1x mailer rules (sender qualification) 449338032Speter 2x mailer rules (recipient qualification) 449438032Speter 3x mailer rules (sender header qualification) 449538032Speter 4x mailer rules (recipient header qualification) 449638032Speter 5x mailer subroutines (general) 449738032Speter 6x mailer subroutines (general) 449838032Speter 7x mailer subroutines (general) 449938032Speter 8x reserved 450038032Speter 90 Mailertable host stripping 450138032Speter 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail) 450238032Speter 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail) 450338032Speter 98 Local part of ruleset 0 (ruleset 8 in old sendmail) 450438032Speter 450538032Speter 450638032SpeterMAILERS 450738032Speter 450838032Speter 0 local, prog local and program mailers 450938032Speter 1 [e]smtp, relay SMTP channel 451038032Speter 2 uucp-* UNIX-to-UNIX Copy Program 451138032Speter 3 netnews Network News delivery 451238032Speter 4 fax Sam Leffler's HylaFAX software 451338032Speter 5 mail11 DECnet mailer 451438032Speter 451538032Speter 451638032SpeterMACROS 451738032Speter 451838032Speter A 451938032Speter B Bitnet Relay 452038032Speter C DECnet Relay 452138032Speter D The local domain -- usually not needed 452238032Speter E reserved for X.400 Relay 452338032Speter F FAX Relay 452438032Speter G 452538032Speter H mail Hub (for mail clusters) 452638032Speter I 452738032Speter J 452838032Speter K 452938032Speter L Luser Relay 453064562Sgshapiro M Masquerade (who you claim to be) 453138032Speter N 453238032Speter O 453338032Speter P 453438032Speter Q 453538032Speter R Relay (for unqualified names) 453638032Speter S Smart Host 453738032Speter T 453864562Sgshapiro U my UUCP name (if you have a UUCP connection) 453964562Sgshapiro V UUCP Relay (class {V} hosts) 454064562Sgshapiro W UUCP Relay (class {W} hosts) 454164562Sgshapiro X UUCP Relay (class {X} hosts) 454238032Speter Y UUCP Relay (all other hosts) 454338032Speter Z Version number 454438032Speter 454538032Speter 454638032SpeterCLASSES 454738032Speter 454838032Speter A 454938032Speter B domains that are candidates for bestmx lookup 455038032Speter C 455138032Speter D 455238032Speter E addresses that should not seem to come from $M 455364562Sgshapiro F hosts this system forward for 455438032Speter G domains that should be looked up in genericstable 455538032Speter H 455638032Speter I 455738032Speter J 455838032Speter K 455938032Speter L addresses that should not be forwarded to $R 456038032Speter M domains that should be mapped to $M 456164562Sgshapiro N host/domains that should not be mapped to $M 456238032Speter O operators that indicate network operations (cannot be in local names) 456338032Speter P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc. 456438032Speter Q 456564562Sgshapiro R domains this system is willing to relay (pass anti-spam filters) 456638032Speter S 456738032Speter T 456838032Speter U locally connected UUCP hosts 456938032Speter V UUCP hosts connected to relay $V 457038032Speter W UUCP hosts connected to relay $W 457138032Speter X UUCP hosts connected to relay $X 457238032Speter Y locally connected smart UUCP hosts 457338032Speter Z locally connected domain-ized UUCP hosts 457438032Speter . the class containing only a dot 457538032Speter [ the class containing only a left bracket 457638032Speter 457738032Speter 457838032SpeterM4 DIVERSIONS 457938032Speter 458038032Speter 1 Local host detection and resolution 458138032Speter 2 Local Ruleset 3 additions 458238032Speter 3 Local Ruleset 0 additions 458338032Speter 4 UUCP Ruleset 0 additions 458438032Speter 5 locally interpreted names (overrides $R) 458538032Speter 6 local configuration (at top of file) 458638032Speter 7 mailer definitions 458764562Sgshapiro 8 DNS based blacklists 458838032Speter 9 special local rulesets (1 and 2) 458964562Sgshapiro 4590132943Sgshapiro$Revision: 8.691 $, Last updated $Date: 2004/07/19 17:47:34 $ 4591