README revision 71345
1 2 SENDMAIL CONFIGURATION FILES 3 4This document describes the sendmail configuration files. This package 5requires a post-V7 version of m4; if you are running the 4.2bsd, SysV.2, or 67th Edition version. SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. 7GNU m4 version 1.1 or later also works. Unfortunately, the M4 on BSDI 1.0 8doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is 9available from ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the 10latest version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x 11is fine). Use GNU m4 on this platform. 12 13To get started, you may want to look at tcpproto.mc (for TCP-only sites), 14uucpproto.mc (for UUCP-only sites), and clientproto.mc (for clusters of 15clients using a single mail host). Others are versions previously used at 16Berkeley. For example, ucbvax has gone away, but ucbvax.mc demonstrates 17some interesting techniques. 18 19******************************************************************* 20*** BE SURE YOU CUSTOMIZE THESE FILES! They have some *** 21*** Berkeley-specific assumptions built in, such as the name *** 22*** of their UUCP-relay. You'll want to create your own *** 23*** domain description, and use that in place of *** 24*** domain/Berkeley.EDU.m4. *** 25******************************************************************* 26 27 28+--------------------------+ 29| INTRODUCTION AND EXAMPLE | 30+--------------------------+ 31 32Configuration files are contained in the subdirectory "cf", with a 33suffix ".mc". They must be run through "m4" to produce a ".cf" file. 34You must pre-load "cf.m4": 35 36 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf 37 38Alternatively, you can simply: 39 40 cd ${CFDIR}/cf 41 ./Build config.cf 42 43where ${CFDIR} is the root of the cf directory and config.mc is the 44name of your configuration file. If you are running a version of M4 45that understands the __file__ builtin (versions of GNU m4 >= 0.75 do 46this, but the versions distributed with 4.4BSD and derivatives do not) 47or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory. 48For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST 49use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example: 50 51 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf 52 53Let's examine a typical .mc file: 54 55 divert(-1) 56 # 57 # Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. 58 # All rights reserved. 59 # Copyright (c) 1983 Eric P. Allman. All rights reserved. 60 # Copyright (c) 1988, 1993 61 # The Regents of the University of California. All rights reserved. 62 # 63 # By using this file, you agree to the terms and conditions set 64 # forth in the LICENSE file which can be found at the top level of 65 # the sendmail distribution. 66 # 67 68 # 69 # This is a Berkeley-specific configuration file for HP-UX 9.x. 70 # It applies only to the Computer Science Division at Berkeley, 71 # and should not be used elsewhere. It is provided on the sendmail 72 # distribution as a sample only. To create your own configuration 73 # file, create an appropriate domain file in ../domain, change the 74 # `DOMAIN' macro below to reference that file, and copy the result 75 # to a name of your own choosing. 76 # 77 divert(0) 78 79The divert(-1) will delete the crud in the resulting output file. 80The copyright notice can be replaced by whatever your lawyers require; 81our lawyers require the one that is included in these files. A copyleft 82is a copyright by another name. The divert(0) restores regular output. 83 84 VERSIONID(`<SCCS or RCS version id>') 85 86VERSIONID is a macro that stuffs the version information into the 87resulting file. You could use SCCS, RCS, CVS, something else, or 88omit it completely. This is not the same as the version id included 89in SMTP greeting messages -- this is defined in m4/version.m4. 90 91 OSTYPE(`hpux9')dnl 92 93You must specify an OSTYPE to properly configure things such as the 94pathname of the help and status files, the flags needed for the local 95mailer, and other important things. If you omit it, you will get an 96error when you try to build the configuration. Look at the ostype 97directory for the list of known operating system types. 98 99 DOMAIN(`CS.Berkeley.EDU')dnl 100 101This example is specific to the Computer Science Division at Berkeley. 102You can use "DOMAIN(`generic')" to get a sufficiently bland definition 103that may well work for you, or you can create a customized domain 104definition appropriate for your environment. 105 106 MAILER(`local') 107 MAILER(`smtp') 108 109These describe the mailers used at the default CS site. The 110local mailer is always included automatically. Beware: MAILER 111declarations should always be at the end of the configuration file, 112and MAILER(`smtp') should always precede MAILER(`procmail'), and 113MAILER(`uucp'). The general rules are that the order should be: 114 115 VERSIONID 116 OSTYPE 117 DOMAIN 118 FEATURE 119 local macro definitions 120 MAILER 121 LOCAL_RULE_* 122 LOCAL_RULESETS 123 124There are a few exceptions to this rule. Local macro definitions which 125influence a FEATURE() should be done before that feature. For example, 126a define(`PROCMAIL_MAILER_PATH', ...) should be done before 127FEATURE(`local_procmail'). 128 129 130+----------------------------+ 131| A BRIEF INTRODUCTION TO M4 | 132+----------------------------+ 133 134Sendmail uses the M4 macro processor to ``compile'' the configuration 135files. The most important thing to know is that M4 is stream-based, 136that is, it doesn't understand about lines. For this reason, in some 137places you may see the word ``dnl'', which stands for ``delete 138through newline''; essentially, it deletes all characters starting 139at the ``dnl'' up to and including the next newline character. In 140most cases sendmail uses this only to avoid lots of unnecessary 141blank lines in the output. 142 143Other important directives are define(A, B) which defines the macro 144``A'' to have value ``B''. Macros are expanded as they are read, so 145one normally quotes both values to prevent expansion. For example, 146 147 define(`SMART_HOST', `smart.foo.com') 148 149One word of warning: M4 macros are expanded even in lines that appear 150to be comments. For example, if you have 151 152 # See FEATURE(`foo') above 153 154it will not do what you expect, because the FEATURE(`foo') will be 155expanded. This also applies to 156 157 # And then define the $X macro to be the return address 158 159because ``define'' is an M4 keyword. If you want to use them, surround 160them with directed quotes, `like this'. 161 162+----------------+ 163| FILE LOCATIONS | 164+----------------+ 165 166sendmail 8.9 has introduced a new configuration directory for sendmail 167related files, /etc/mail. The new files available for sendmail 8.9 -- 168the class {R} /etc/mail/relay-domains and the access database 169/etc/mail/access -- take advantage of this new directory. Beginning with 1708.10, all files will use this directory by default (some options may be 171set by OSTYPE() files). This new directory should help to restore 172uniformity to sendmail's file locations. 173 174Below is a table of some of the common changes: 175 176Old filename New filename 177------------ ------------ 178/etc/bitdomain /etc/mail/bitdomain 179/etc/domaintable /etc/mail/domaintable 180/etc/genericstable /etc/mail/genericstable 181/etc/uudomain /etc/mail/uudomain 182/etc/virtusertable /etc/mail/virtusertable 183/etc/userdb /etc/mail/userdb 184 185/etc/aliases /etc/mail/aliases 186/etc/sendmail/aliases /etc/mail/aliases 187/etc/ucbmail/aliases /etc/mail/aliases 188/usr/adm/sendmail/aliases /etc/mail/aliases 189/usr/lib/aliases /etc/mail/aliases 190/usr/lib/mail/aliases /etc/mail/aliases 191/usr/ucblib/aliases /etc/mail/aliases 192 193/etc/sendmail.cw /etc/mail/local-host-names 194/etc/mail/sendmail.cw /etc/mail/local-host-names 195/etc/sendmail/sendmail.cw /etc/mail/local-host-names 196 197/etc/sendmail.ct /etc/mail/trusted-users 198 199/etc/sendmail.oE /etc/mail/error-header 200 201/etc/sendmail.hf /etc/mail/helpfile 202/etc/mail/sendmail.hf /etc/mail/helpfile 203/usr/ucblib/sendmail.hf /etc/mail/helpfile 204/etc/ucbmail/sendmail.hf /etc/mail/helpfile 205/usr/lib/sendmail.hf /etc/mail/helpfile 206/usr/share/lib/sendmail.hf /etc/mail/helpfile 207/usr/share/misc/sendmail.hf /etc/mail/helpfile 208/share/misc/sendmail.hf /etc/mail/helpfile 209 210/etc/service.switch /etc/mail/service.switch 211 212/etc/sendmail.st /etc/mail/statistics 213/etc/mail/sendmail.st /etc/mail/statistics 214/etc/mailer/sendmail.st /etc/mail/statistics 215/etc/sendmail/sendmail.st /etc/mail/statistics 216/usr/lib/sendmail.st /etc/mail/statistics 217/usr/ucblib/sendmail.st /etc/mail/statistics 218 219Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR 220to create the pathnames. The default value of this variable is 221`/etc/mail/'. If you set this macro to a different value, you MUST include 222a trailing slash. 223 224+--------+ 225| OSTYPE | 226+--------+ 227 228You MUST define an operating system environment, or the configuration 229file build will puke. There are several environments available; look 230at the "ostype" directory for the current list. This macro changes 231things like the location of the alias file and queue directory. Some 232of these files are identical to one another. 233 234It is IMPERATIVE that the OSTYPE occur before any MAILER definitions. 235In general, the OSTYPE macro should go immediately after any version 236information, and MAILER definitions should always go last. 237 238Operating system definitions are usually easy to write. They may define 239the following variables (everything defaults, so an ostype file may be 240empty). Unfortunately, the list of configuration-supported systems is 241not as broad as the list of source-supported systems, since many of 242the source contributors do not include corresponding ostype files. 243 244ALIAS_FILE [/etc/mail/aliases] The location of the text version 245 of the alias file(s). It can be a comma-separated 246 list of names (but be sure you quote values with 247 commas in them -- for example, use 248 define(`ALIAS_FILE', `a,b') 249 to get "a" and "b" both listed as alias files; 250 otherwise the define() primitive only sees "a"). 251HELP_FILE [/etc/mail/helpfile] The name of the file 252 containing information printed in response to 253 the SMTP HELP command. 254QUEUE_DIR [/var/spool/mqueue] The directory containing 255 queue files. To use multiple queues, supply 256 a value ending with an asterisk. For 257 example, /var/spool/mqueue/q* will use all of the 258 directories or symbolic links to directories 259 beginning with 'q' in /var/spool/mqueue as queue 260 directories. The names 'qf', 'df', and 'xf' are 261 used as specific subdirectories for the corresponding 262 queue file types. 263STATUS_FILE [/etc/mail/statistics] The file containing status 264 information. 265LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. 266LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The 267 flags lsDFMAw5:/|@q are always included. 268LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local 269 mail. 270LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local 271 mail that you are willing to accept. 272LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of 273 messages to deliver in a single connection. Only 274 useful for LMTP local mailers. 275LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 276 that ARRIVE from an address that resolves to the 277 local mailer and which are converted to MIME will be 278 labeled with this character set. 279LOCAL_MAILER_EOL [undefined] If defined, the string to use as the 280 end of line for the local mailer. 281LOCAL_MAILER_DSN_DIAGNOSTIC_CODE 282 [X-Unix] The DSN Diagnostic-Code value for the 283 local mailer. This should be changed with care. 284LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email. 285LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The 286 flags lsDFM are always included. 287LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog" 288 mail. 289LOCAL_SHELL_DIR [$z:/] The directory search path in which the 290 shell should run. 291USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program 292 used to submit news. 293USENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer. 294USENET_MAILER_ARGS [-m -h -n] The command line arguments for the 295 usenet mailer. 296USENET_MAILER_MAX [100000] The maximum size of messages that will 297 be accepted by the usenet mailer. 298SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default 299 flags are `mDFMuX' for all SMTP-based mailers; the 300 "esmtp" mailer adds `a'; "smtp8" adds `8'; and 301 "dsmtp" adds `%'. 302RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default 303 flags are `mDFMuX' for all SMTP-based mailers; the 304 relay mailer adds `a8'. If this is not defined, 305 then SMTP_MAILER_FLAGS is used. 306SMTP_MAILER_MAX [undefined] The maximum size of messages that will 307 be transported using the smtp, smtp8, esmtp, or dsmtp 308 mailers. 309SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of 310 messages to deliver in a single connection for the 311 smtp, smtp8, esmtp, or dsmtp mailers. 312SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer. 313 About the only reason you would want to change this 314 would be to change the default port. 315ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer. 316SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer. 317DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer. 318RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer. 319RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of 320 messages to deliver in a single connection for the 321 relay mailer. 322SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 323 that ARRIVE from an address that resolves to one of 324 the SMTP mailers and which are converted to MIME will 325 be labeled with this character set. 326UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail. 327UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default 328 flags are `DFMhuU' (and `m' for uucp-new mailer, 329 minus `U' for uucp-dom mailer). 330UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments 331 passed to the UUCP mailer. 332UUCP_MAILER_MAX [100000] The maximum size message accepted for 333 transmission by the UUCP mailers. 334UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 335 that ARRIVE from an address that resolves to one of 336 the UUCP mailers and which are converted to MIME will 337 be labeled with this character set. 338FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to 339 submit FAX messages. 340FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX 341 mailer. 342FAX_MAILER_MAX [100000] The maximum size message accepted for 343 transmission by FAX. 344POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer. 345POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq 346 are always added. 347POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer. 348PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail 349 program. This is also used by 350 FEATURE(`local_procmail'). 351PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags 352 DFM are always set. This is NOT used by 353 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS 354 instead. 355PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to 356 the Procmail mailer. This is NOT used by 357 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS 358 instead. 359PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that 360 will be accepted by the procmail mailer. 361MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer. 362MAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer. 363MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11 364 mailer. 365PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery 366 program. 367PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM 368 are always set. 369PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer. 370CYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The 371 flags lsDFMnPq are always included. 372CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver 373 cyrus mail. 374CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed 375 to deliver cyrus mail. 376CYRUS_MAILER_MAX [undefined] If set, the maximum size message that 377 will be accepted by the cyrus mailer. 378CYRUS_MAILER_USER [cyrus:mail] The user and group to become when 379 running the cyrus mailer. 380CYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer. 381 The flags lsDFMnP are always included. 382CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed 383 to deliver cyrusbb mail. 384confEBINDIR [/usr/libexec] The directory for executables. 385 Currently used for FEATURE(`local_lmtp') and 386 FEATURE(`smrsh'). 387QPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer. 388QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver 389 qpage mail. 390QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed 391 to deliver qpage mail. 392QPAGE_MAILER_MAX [4096] If set, the maximum size message that 393 will be accepted by the qpage mailer. 394 395Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS: 396MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part of 397the macro Name_MAILER_FLAGS and change can be: flags that should 398be used directly (thus overriding the default value), or if it 399starts with `+' (`-') then those flags are added to (removed from) 400the default value. Example: 401 402 MODIFY_MAILER_FLAGS(`LOCAL', `+e') 403 404will add the flag `e' to LOCAL_MAILER_FLAGS. 405WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS 406unconditionally, i.e., without respecting any definitions in an 407OSTYPE setting. 408 409 410+---------+ 411| DOMAINS | 412+---------+ 413 414You will probably want to collect domain-dependent defines into one 415file, referenced by the DOMAIN macro. For example, the Berkeley 416domain file includes definitions for several internal distinguished 417hosts: 418 419UUCP_RELAY The host that will accept UUCP-addressed email. 420 If not defined, all UUCP sites must be directly 421 connected. 422BITNET_RELAY The host that will accept BITNET-addressed email. 423 If not defined, the .BITNET pseudo-domain won't work. 424DECNET_RELAY The host that will accept DECNET-addressed email. 425 If not defined, the .DECNET pseudo-domain and addresses 426 of the form node::user will not work. 427FAX_RELAY The host that will accept mail to the .FAX pseudo-domain. 428 The "fax" mailer overrides this value. 429LOCAL_RELAY The site that will handle unqualified names -- that 430 is, names with out an @domain extension. 431 Normally MAIL_HUB is preferred for this function. 432 LOCAL_RELAY is mostly useful in conjunction with 433 FEATURE(stickyhost) -- see the discussion of 434 stickyhost below. If not set, they are assumed to 435 belong on this machine. This allows you to have a 436 central site to store a company- or department-wide 437 alias database. This only works at small sites, 438 and only with some user agents. 439LUSER_RELAY The site that will handle lusers -- that is, apparently 440 local names that aren't local accounts or aliases. To 441 specify a local user instead of a site, set this to 442 ``local:username''. 443 444Any of these can be either ``mailer:hostname'' (in which case the 445mailer is the internal mailer name, such as ``uucp-new'' and the hostname 446is the name of the host as appropriate for that mailer) or just a 447``hostname'', in which case a default mailer type (usually ``relay'', 448a variant on SMTP) is used. WARNING: if you have a wildcard MX 449record matching your domain, you probably want to define these to 450have a trailing dot so that you won't get the mail diverted back 451to yourself. 452 453The domain file can also be used to define a domain name, if needed 454(using "DD<domain>") and set certain site-wide features. If all hosts 455at your site masquerade behind one email name, you could also use 456MASQUERADE_AS here. 457 458You do not have to define a domain -- in particular, if you are a 459single machine sitting off somewhere, it is probably more work than 460it's worth. This is just a mechanism for combining "domain dependent 461knowledge" into one place. 462 463+---------+ 464| MAILERS | 465+---------+ 466 467There are fewer mailers supported in this version than the previous 468version, owing mostly to a simpler world. As a general rule, put the 469MAILER definitions last in your .mc file, and always put MAILER(`smtp') 470before MAILER(`uucp') and MAILER(`procmail') -- several features and 471definitions will modify the definition of mailers, and the smtp mailer 472modifies the UUCP mailer. Moreover, MAILER(`cyrus'), MAILER(`pop'), 473MAILER(`phquery'), and MAILER(`usenet') must be defined after 474MAILER(`local'). 475 476local The local and prog mailers. You will almost always 477 need these; the only exception is if you relay ALL 478 your mail to another site. This mailer is included 479 automatically. 480 481smtp The Simple Mail Transport Protocol mailer. This does 482 not hide hosts behind a gateway or another other 483 such hack; it assumes a world where everyone is 484 running the name server. This file actually defines 485 five mailers: "smtp" for regular (old-style) SMTP to 486 other servers, "esmtp" for extended SMTP to other 487 servers, "smtp8" to do SMTP to other servers without 488 converting 8-bit data to MIME (essentially, this is 489 your statement that you know the other end is 8-bit 490 clean even if it doesn't say so), "dsmtp" to do on 491 demand delivery, and "relay" for transmission to the 492 RELAY_HOST, LUSER_RELAY, or MAIL_HUB. 493 494uucp The UNIX-to-UNIX Copy Program mailer. Actually, this 495 defines two mailers, "uucp-old" (a.k.a. "uucp") and 496 "uucp-new" (a.k.a. "suucp"). The latter is for when you 497 know that the UUCP mailer at the other end can handle 498 multiple recipients in one transfer. If the smtp mailer 499 is also included in your configuration, two other mailers 500 ("uucp-dom" and "uucp-uudom") are also defined [warning: 501 you MUST specify MAILER(smtp) before MAILER(uucp)]. When you 502 include the uucp mailer, sendmail looks for all names in 503 class {U} and sends them to the uucp-old mailer; all 504 names in class {Y} are sent to uucp-new; and all 505 names in class {Z} are sent to uucp-uudom. Note that 506 this is a function of what version of rmail runs on 507 the receiving end, and hence may be out of your control. 508 See the section below describing UUCP mailers in more 509 detail. 510 511usenet Usenet (network news) delivery. If this is specified, 512 an extra rule is added to ruleset 0 that forwards all 513 local email for users named ``group.usenet'' to the 514 ``inews'' program. Note that this works for all groups, 515 and may be considered a security problem. 516 517fax Facsimile transmission. This is experimental and based 518 on Sam Leffler's HylaFAX software. For more information, 519 see http://www.hylafax.org/. 520 521pop Post Office Protocol. 522 523procmail An interface to procmail (does not come with sendmail). 524 This is designed to be used in mailertables. For example, 525 a common question is "how do I forward all mail for a given 526 domain to a single person?". If you have this mailer 527 defined, you could set up a mailertable reading: 528 529 host.com procmail:/etc/procmailrcs/host.com 530 531 with the file /etc/procmailrcs/host.com reading: 532 533 :0 # forward mail for host.com 534 ! -oi -f $1 person@other.host 535 536 This would arrange for (anything)@host.com to be sent 537 to person@other.host. Within the procmail script, $1 is 538 the name of the sender and $2 is the name of the recipient. 539 If you use this with FEATURE(`local_procmail'), the FEATURE 540 should be listed first. 541 542mail11 The DECnet mail11 mailer, useful only if you have the mail11 543 program from gatekeeper.dec.com:/pub/DEC/gwtools (and 544 DECnet, of course). This is for Phase IV DECnet support; 545 if you have Phase V at your site you may have additional 546 problems. 547 548phquery The phquery program. This is somewhat counterintuitively 549 referenced as the "ph" mailer internally. It can be used 550 to do CCSO name server lookups. The phquery program, which 551 this mailer uses, is distributed with the ph client. 552 553cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to 554 a local cyrus user. this mailer can make use of the 555 "user+detail@local.host" syntax; it will deliver the mail to 556 the user's "detail" mailbox if the mailbox's ACL permits. 557 The cyrusbb mailer delivers to a system-wide cyrus mailbox 558 if the mailbox's ACL permits. The cyrus mailer must be 559 defined after the local mailer. 560 561qpage A mailer for QuickPage, a pager interface. See 562 http://www.qpage.org/ for further information. 563 564The local mailer accepts addresses of the form "user+detail", where 565the "+detail" is not used for mailbox matching but is available 566to certain local mail programs (in particular, see 567FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and 568"eric+sww" all indicate the same user, but additional arguments <null>, 569"sendmail", and "sww" may be provided for use in sorting mail. 570 571 572+----------+ 573| FEATURES | 574+----------+ 575 576Special features can be requested using the "FEATURE" macro. For 577example, the .mc line: 578 579 FEATURE(`use_cw_file') 580 581tells sendmail that you want to have it read an /etc/mail/local-host-names 582file to get values for class {w}. The FEATURE may contain up to 9 583optional parameters -- for example: 584 585 FEATURE(`mailertable', `dbm /usr/lib/mailertable') 586 587The default database map type for the table features can be set with 588 589 define(`DATABASE_MAP_TYPE', `dbm') 590 591which would set it to use ndbm databases. The default is the Berkeley DB 592hash database format. Note that you must still declare a database map type 593if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used 594if no argument is given for the FEATURE. It must be specified before any 595feature that uses a map. 596 597Available features are: 598 599use_cw_file Read the file /etc/mail/local-host-names file to get 600 alternate names for this host. This might be used if you 601 were on a host that MXed for a dynamic set of other hosts. 602 If the set is static, just including the line "Cw<name1> 603 <name2> ..." (where the names are fully qualified domain 604 names) is probably superior. The actual filename can be 605 overridden by redefining confCW_FILE. 606 607use_ct_file Read the file /etc/mail/trusted-users file to get the 608 names of users that will be ``trusted'', that is, able to 609 set their envelope from address using -f without generating 610 a warning message. The actual filename can be overridden 611 by redefining confCT_FILE. 612 613redirect Reject all mail addressed to "address.REDIRECT" with 614 a ``551 User has moved; please try <address>'' message. 615 If this is set, you can alias people who have left 616 to their new address with ".REDIRECT" appended. 617 618nouucp Don't route UUCP addresses. This feature takes one 619 parameter: 620 `reject': reject addresses which have "!" in the local 621 part unless it originates from a system 622 that is allowed to relay. 623 `nospecial': don't do anything special with "!". 624 Warnings: 1. See the NOTICE in the ANTI-SPAM section. 625 2. don't remove "!" from OperatorChars if `reject' is 626 given as parameter. 627 628nocanonify Don't pass addresses to $[ ... $] for canonification 629 by default, i.e., host/domain names are considered canonical, 630 except for unqualified names, which must not be used in this 631 mode (violation of the standard). It can be changed by 632 setting the DaemonPortOptions modifiers (M=). That is, 633 FEATURE(`nocanonify') will be overridden by setting the 634 'c' flag. Conversely, if FEATURE(`nocanonify') is not used, 635 it can be emulated by setting the 'C' flag 636 (DaemonPortOptions=Modifiers=C). This would generally only 637 be used by sites that only act as mail gateways or which have 638 user agents that do full canonification themselves. You may 639 also want to use 640 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off 641 the usual resolver options that do a similar thing. 642 643 An exception list for FEATURE(`nocanonify') can be 644 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE, 645 i.e., a list of domains which are nevertheless passed to 646 $[ ... $] for canonification. This is useful to turn on 647 canonification for local domains, e.g., use 648 CANONIFY_DOMAIN(`my.domain my') to canonify addresses 649 which end in "my.domain" or "my". 650 Another way to require canonification in the local 651 domain is CANONIFY_DOMAIN(`$=m'). 652 653 A trailing dot is added to addresses with more than 654 one component in it such that other features which 655 expect a trailing dot (e.g., virtusertable) will 656 still work. 657 658 If `canonify_hosts' is specified as parameter, i.e., 659 FEATURE(`nocanonify', `canonify_hosts'), then 660 addresses which have only a hostname, e.g., 661 <user@host>, will be canonified (and hopefully fully 662 qualified), too. 663 664stickyhost This feature is sometimes used with LOCAL_RELAY, 665 although it can be used for a different effect with 666 MAIL_HUB. 667 668 When used with without MAIL_HUB, email sent to 669 "user@local.host" are marked as "sticky" -- that 670 is, the local addresses aren't matched against UDB, 671 don't go through ruleset 5, and are not forwarded to 672 the LOCAL_RELAY (if defined). 673 674 With MAIL_HUB, mail addressed to "user@local.host" 675 is forwarded to the mail hub, with the envelope 676 address still remaining "user@local.host". 677 Without stickyhost, the envelope would be changed 678 to "user@mail_hub", in order to protect against 679 mailing loops. 680 681mailertable Include a "mailer table" which can be used to override 682 routing for particular domains (which are not in class {w}, 683 i.e. local host names). The argument of the FEATURE may be 684 the key definition. If none is specified, the definition 685 used is: 686 687 hash /etc/mail/mailertable 688 689 Keys in this database are fully qualified domain names 690 or partial domains preceded by a dot -- for example, 691 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a 692 special case of the latter, "." matches any domain not 693 covered by other keys. Values must be of the form: 694 mailer:domain 695 where "mailer" is the internal mailer name, and "domain" 696 is where to send the message. These maps are not 697 reflected into the message header. As a special case, 698 the forms: 699 local:user 700 will forward to the indicated user using the local mailer, 701 local: 702 will forward to the original user in the e-mail address 703 using the local mailer, and 704 error:code message 705 error:D.S.N:code message 706 will give an error message with the indicated SMTP reply 707 code and message, where D.S.N is an RFC 1893 compliant 708 error code. 709 710domaintable Include a "domain table" which can be used to provide 711 domain name mapping. Use of this should really be 712 limited to your own domains. It may be useful if you 713 change names (e.g., your company changes names from 714 oldname.com to newname.com). The argument of the 715 FEATURE may be the key definition. If none is specified, 716 the definition used is: 717 718 hash /etc/mail/domaintable 719 720 The key in this table is the domain name; the value is 721 the new (fully qualified) domain. Anything in the 722 domaintable is reflected into headers; that is, this 723 is done in ruleset 3. 724 725bitdomain Look up bitnet hosts in a table to try to turn them into 726 internet addresses. The table can be built using the 727 bitdomain program contributed by John Gardiner Myers. 728 The argument of the FEATURE may be the key definition; if 729 none is specified, the definition used is: 730 731 hash /etc/mail/bitdomain 732 733 Keys are the bitnet hostname; values are the corresponding 734 internet hostname. 735 736uucpdomain Similar feature for UUCP hosts. The default map definition 737 is: 738 739 hash /etc/mail/uudomain 740 741 At the moment there is no automagic tool to build this 742 database. 743 744always_add_domain 745 Include the local host domain even on locally delivered 746 mail. Normally it is not added on unqualified names. 747 However, if you use a shared message store but do not use 748 the same user name space everywhere, you may need the host 749 name on local names. 750 751allmasquerade If masquerading is enabled (using MASQUERADE_AS), this 752 feature will cause recipient addresses to also masquerade 753 as being from the masquerade host. Normally they get 754 the local hostname. Although this may be right for 755 ordinary users, it can break local aliases. For example, 756 if you send to "localalias", the originating sendmail will 757 find that alias and send to all members, but send the 758 message with "To: localalias@masqueradehost". Since that 759 alias likely does not exist, replies will fail. Use this 760 feature ONLY if you can guarantee that the ENTIRE 761 namespace on your masquerade host supersets all the 762 local entries. 763 764limited_masquerade 765 Normally, any hosts listed in class {w} are masqueraded. If 766 this feature is given, only the hosts listed in class {M} (see 767 below: MASQUERADE_DOMAIN) are masqueraded. This is useful 768 if you have several domains with disjoint namespaces hosted 769 on the same machine. 770 771masquerade_entire_domain 772 If masquerading is enabled (using MASQUERADE_AS) and 773 MASQUERADE_DOMAIN (see below) is set, this feature will 774 cause addresses to be rewritten such that the masquerading 775 domains are actually entire domains to be hidden. All 776 hosts within the masquerading domains will be rewritten 777 to the masquerade name (used in MASQUERADE_AS). For example, 778 if you have: 779 780 MASQUERADE_AS(`masq.com') 781 MASQUERADE_DOMAIN(`foo.org') 782 MASQUERADE_DOMAIN(`bar.com') 783 784 then *foo.org and *bar.com are converted to masq.com. Without 785 this feature, only foo.org and bar.com are masqueraded. 786 787 NOTE: only domains within your jurisdiction and 788 current hierarchy should be masqueraded using this. 789 790genericstable This feature will cause unqualified addresses (i.e., without 791 a domain) and addresses with a domain listed in class {G} 792 to be looked up in a map and turned into another ("generic") 793 form, which can change both the domain name and the user name. 794 This is similar to the userdb functionality. The same types of 795 addresses as for masquerading are looked up, i.e., only header 796 sender addresses unless the allmasquerade and/or 797 masquerade_envelope features are given. Qualified addresses 798 must have the domain part in class {G}; entries can 799 be added to this class by the macros GENERICS_DOMAIN or 800 GENERICS_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 801 MASQUERADE_DOMAIN_FILE, see below). 802 803 The argument of FEATURE(`genericstable') may be the map 804 definition; the default map definition is: 805 806 hash /etc/mail/genericstable 807 808 The key for this table is either the full address, the domain 809 (with a leading @; the localpart is passed as first argument) 810 or the unqualified username (tried in the order mentioned); 811 the value is the new user address. If the new user address 812 does not include a domain, it will be qualified in the standard 813 manner, i.e., using $j or the masquerade name. Note that the 814 address being looked up must be fully qualified. For local 815 mail, it is necessary to use FEATURE(`always_add_domain') 816 for the addresses to be qualified. 817 The "+detail" of an address is passed as %1, so entries like 818 819 old+*@foo.org new+%1@example.com 820 gen+*@foo.org %1@example.com 821 822 and other forms are possible. 823 824generics_entire_domain 825 If the genericstable is enabled and GENERICS_DOMAIN or 826 GENERICS_DOMAIN_FILE is used, this feature will cause 827 addresses to be searched in the map if their domain 828 parts are subdomains of elements in class {G}. 829 830virtusertable A domain-specific form of aliasing, allowing multiple 831 virtual domains to be hosted on one machine. For example, 832 if the virtuser table contained: 833 834 info@foo.com foo-info 835 info@bar.com bar-info 836 joe@bar.com error:nouser No such user here 837 jax@bar.com error:D.S.N:unavailable Address invalid 838 @baz.org jane@example.net 839 840 then mail addressed to info@foo.com will be sent to the 841 address foo-info, mail addressed to info@bar.com will be 842 delivered to bar-info, and mail addressed to anyone at baz.org 843 will be sent to jane@example.net, mail to joe@bar.com will 844 be rejected with the specified error message, and mail to 845 jax@bar.com will also have a RFC 1893 compliant error code 846 D.S.N. 847 848 The username from the original address is passed 849 as %1 allowing: 850 851 @foo.org %1@example.com 852 853 meaning someone@foo.org will be sent to someone@example.com. 854 Additionally, if the local part consists of "user+detail" 855 then "detail" is passed as %2 when a match against user+* 856 is attempted, so entries like 857 858 old+*@foo.org new+%2@example.com 859 gen+*@foo.org %2@example.com 860 +*@foo.org %1+%2@example.com 861 862 and other forms are possible. Note: to preserve "+detail" 863 for a default case (@domain) +*@domain must be used as 864 exemplified above. 865 866 All the host names on the left hand side (foo.com, bar.com, 867 and baz.org) must be in class {w} or class {VirtHost}, the 868 latter can be defined by the macros VIRTUSER_DOMAIN or 869 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 870 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or 871 VIRTUSER_DOMAIN_FILE is used, then the entries of class 872 {VirtHost} are added to class {R}, i.e., relaying is allowed 873 to (and from) those domains. The default map definition is: 874 875 hash /etc/mail/virtusertable 876 877 A new definition can be specified as the second argument of 878 the FEATURE macro, such as 879 880 FEATURE(`virtusertable', `dbm /etc/mail/virtusers') 881 882virtuser_entire_domain 883 If the virtusertable is enabled and VIRTUSER_DOMAIN or 884 VIRTUSER_DOMAIN_FILE is used, this feature will cause 885 addresses to be searched in the map if their domain 886 parts are subdomains of elements in class {VirtHost}. 887 888ldap_routing Implement LDAP-based e-mail recipient routing according to 889 the Internet Draft draft-lachman-laser-ldap-mail-routing-01. 890 This provides a method to re-route addresses with a 891 domain portion in class {LDAPRoute} to either a 892 different mail host or a different address. Hosts can 893 be added to this class using LDAPROUTE_DOMAIN and 894 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 895 MASQUERADE_DOMAIN_FILE, see below). 896 897 See the LDAP ROUTING section below for more information. 898 899nodns If you aren't running DNS at your site (for example, 900 you are UUCP-only connected). It's hard to consider 901 this a "feature", but hey, it had to go somewhere. 902 Actually, as of 8.7 this is a no-op -- remove "dns" from 903 the hosts service switch entry instead. 904 905nullclient This is a special case -- it creates a configuration file 906 containing nothing but support for forwarding all mail to a 907 central hub via a local SMTP-based network. The argument 908 is the name of that hub. 909 910 The only other feature that should be used in conjunction 911 with this one is FEATURE(`nocanonify'). No mailers 912 should be defined. No aliasing or forwarding is done. 913 914local_lmtp Use an LMTP capable local mailer. The argument to this 915 feature is the pathname of an LMTP capable mailer. By 916 default, mail.local is used. This is expected to be the 917 mail.local which came with the 8.9 distribution which is 918 LMTP capable. The path to mail.local is set by the 919 confEBINDIR m4 variable -- making the default 920 LOCAL_MAILER_PATH /usr/libexec/mail.local. 921 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 922 i.e., without respecting any definitions in an OSTYPE setting. 923 924local_procmail Use procmail or another delivery agent as the local mailer. 925 The argument to this feature is the pathname of the 926 delivery agent, which defaults to PROCMAIL_MAILER_PATH. 927 Note that this does NOT use PROCMAIL_MAILER_FLAGS or 928 PROCMAIL_MAILER_ARGS for the local mailer; tweak 929 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or 930 specify the appropriate parameters. When procmail is used, 931 the local mailer can make use of the 932 "user+indicator@local.host" syntax; normally the +indicator 933 is just tossed, but by default it is passed as the -a 934 argument to procmail. 935 936 This feature can take up to three arguments: 937 938 1. Path to the mailer program 939 [default: /usr/local/bin/procmail] 940 2. Argument vector including name of the program 941 [default: procmail -Y -a $h -d $u] 942 3. Flags for the mailer [default: SPfhn9] 943 944 Empty arguments cause the defaults to be taken. 945 946 For example, this allows it to use the maildrop 947 (http://www.flounder.net/~mrsam/maildrop/) mailer instead 948 by specifying: 949 950 FEATURE(`local_procmail', `/usr/local/bin/maildrop', 951 `maildrop -d $u') 952 953 or scanmails using: 954 955 FEATURE(`local_procmail', `/usr/local/bin/scanmails') 956 957 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 958 i.e., without respecting any definitions in an OSTYPE setting. 959 960bestmx_is_local Accept mail as though locally addressed for any host that 961 lists us as the best possible MX record. This generates 962 additional DNS traffic, but should be OK for low to 963 medium traffic hosts. The argument may be a set of 964 domains, which will limit the feature to only apply to 965 these domains -- this will reduce unnecessary DNS 966 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH 967 WILDCARD MX RECORDS!!! If you have a wildcard MX record 968 that matches your domain, you cannot use this feature. 969 970smrsh Use the SendMail Restricted SHell (smrsh) provided 971 with the distribution instead of /bin/sh for mailing 972 to programs. This improves the ability of the local 973 system administrator to control what gets run via 974 e-mail. If an argument is provided it is used as the 975 pathname to smrsh; otherwise, the path defined by 976 confEBINDIR is used for the smrsh binary -- by default, 977 /usr/libexec/smrsh is assumed. 978 979promiscuous_relay 980 By default, the sendmail configuration files do not permit 981 mail relaying (that is, accepting mail from outside your 982 local host (class {w}) and sending it to another host than 983 your local host). This option sets your site to allow 984 mail relaying from any site to any site. In almost all 985 cases, it is better to control relaying more carefully 986 with the access map, class {R}, or authentication. Domains 987 can be added to class {R} by the macros RELAY_DOMAIN or 988 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 989 MASQUERADE_DOMAIN_FILE, see below). 990 991relay_entire_domain 992 By default, only hosts listed as RELAY in the access db 993 will be allowed to relay. This option also allows any 994 host in your domain as defined by class {m}. 995 996relay_hosts_only 997 By default, names that are listed as RELAY in the access 998 db and class {R} are domain names, not host names. 999 For example, if you specify ``foo.com'', then mail to or 1000 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com 1001 will all be accepted for relaying. This feature changes 1002 the behaviour to lookup individual host names only. 1003 1004relay_based_on_MX 1005 Turns on the ability to allow relaying based on the MX 1006 records of the host portion of an incoming recipient; that 1007 is, if an MX record for host foo.com points to your site, 1008 you will accept and relay mail addressed to foo.com. See 1009 description below for more information before using this 1010 feature. Also, see the KNOWNBUGS entry regarding bestmx 1011 map lookups. 1012 1013 FEATURE(`relay_based_on_MX') does not necessarily allow 1014 routing of these messages which you expect to be allowed, 1015 if route address syntax (or %-hack syntax) is used. If 1016 this is a problem, add entries to the access-table or use 1017 FEATURE(`loose_relay_check'). 1018 1019relay_mail_from 1020 Allows relaying if the mail sender is listed as RELAY in 1021 the access map. If an optional argument `domain' is given, 1022 the domain portion of the mail sender is checked too. 1023 This should only be used if absolutely necessary as the 1024 sender address can be easily forged. Use of this feature 1025 requires the "From:" tag be prepended to the key in the 1026 access map; see the discussion of tags and 1027 FEATURE(`relay_mail_from') in the section on ANTI-SPAM 1028 CONFIGURATION CONTROL. 1029 1030relay_local_from 1031 Allows relaying if the domain portion of the mail sender 1032 is a local host. This should only be used if absolutely 1033 necessary as it opens a window for spammers. Specifically, 1034 they can send mail to your mail server that claims to be 1035 from your domain (either directly or via a routed address), 1036 and you will go ahead and relay it out to arbitrary hosts 1037 on the Internet. 1038 1039accept_unqualified_senders 1040 Normally, MAIL FROM: commands in the SMTP session will be 1041 refused if the connection is a network connection and the 1042 sender address does not include a domain name. If your 1043 setup sends local mail unqualified (i.e., MAIL FROM: <joe>), 1044 you will need to use this feature to accept unqualified 1045 sender addresses. Setting the DaemonPortOptions modifier 1046 'u' overrides the default behavior, i.e., unqualified 1047 addresses are accepted even without this FEATURE. 1048 If this FEATURE is not used, the DaemonPortOptions modifier 1049 'f' can be used to enforce fully qualified addresses. 1050 1051accept_unresolvable_domains 1052 Normally, MAIL FROM: commands in the SMTP session will be 1053 refused if the host part of the argument to MAIL FROM: 1054 cannot be located in the host name service (e.g., an A or 1055 MX record in DNS). If you are inside a firewall that has 1056 only a limited view of the Internet host name space, this 1057 could cause problems. In this case you probably want to 1058 use this feature to accept all domains on input, even if 1059 they are unresolvable. 1060 1061access_db Turns on the access database feature. The access db gives 1062 you the ability to allow or refuse to accept mail from 1063 specified domains for administrative reasons. By default, 1064 the access database specification is: 1065 1066 hash /etc/mail/access 1067 1068 The format of the database is described in the anti-spam 1069 configuration control section later in this document. 1070 1071blacklist_recipients 1072 Turns on the ability to block incoming mail for certain 1073 recipient usernames, hostnames, or addresses. For 1074 example, you can block incoming mail to user nobody, 1075 host foo.mydomain.com, or guest@bar.mydomain.com. 1076 These specifications are put in the access db as 1077 described in the anti-spam configuration control section 1078 later in this document. 1079 1080delay_checks The rulesets check_mail and check_relay will not be called 1081 when a client connects or issues a MAIL command, respectively. 1082 Instead, those rulesets will be called by the check_rcpt 1083 ruleset; they will be skipped under certain circumstances. 1084 See "Delay all checks" in "ANTI-SPAM CONFIGURATION CONTROL". 1085 1086rbl This feature is deprecated! Please use dnsbl instead. 1087 Turns on rejection of hosts found in the Realtime Blackhole 1088 List. If an argument is provided it is used as the domain 1089 in which blocked hosts are listed; otherwise, the main 1090 RBL domain rbl.maps.vix.com is used. For details, see 1091 http://maps.vix.com/rbl/. 1092 1093dnsbl Turns on rejection of hosts found in an DNS based rejection 1094 list. If an argument is provided it is used as the domain 1095 in which blocked hosts are listed; otherwise it defaults to 1096 blackholes.mail-abuse.org. An explanation for an DNS based 1097 rejection list can be found http://mail-abuse.org/rbl/. A 1098 second argument can be used to change the default error 1099 message of Mail from $&{client_addr} refused by blackhole site 1100 SERVER where SERVER is replaced by the first argument. This 1101 feature can be included several times to query different DNS 1102 based rejection lists. 1103 1104loose_relay_check 1105 Normally, if % addressing is used for a recipient, e.g. 1106 user%site@othersite, and othersite is in class {R}, the 1107 check_rcpt ruleset will strip @othersite and recheck 1108 user@site for relaying. This feature changes that 1109 behavior. It should not be needed for most installations. 1110 1111no_default_msa Don't generate the default MSA daemon, i.e., 1112 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E') 1113 To define a MSA daemon with other parameters, use this 1114 FEATURE and introduce new settings via DAEMON_OPTIONS(). 1115 1116+-------+ 1117| HACKS | 1118+-------+ 1119 1120Some things just can't be called features. To make this clear, 1121they go in the hack subdirectory and are referenced using the HACK 1122macro. These will tend to be site-dependent. The release 1123includes the Berkeley-dependent "cssubdomain" hack (that makes 1124sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU; 1125this is intended as a short-term aid while moving hosts into 1126subdomains. 1127 1128 1129+--------------------+ 1130| SITE CONFIGURATION | 1131+--------------------+ 1132 1133 ***************************************************** 1134 * This section is really obsolete, and is preserved * 1135 * only for back compatibility. You should plan on * 1136 * using mailertables for new installations. In * 1137 * particular, it doesn't work for the newer forms * 1138 * of UUCP mailers, such as uucp-uudom. * 1139 ***************************************************** 1140 1141Complex sites will need more local configuration information, such as 1142lists of UUCP hosts they speak with directly. This can get a bit more 1143tricky. For an example of a "complex" site, see cf/ucbvax.mc. 1144 1145The SITECONFIG macro allows you to indirectly reference site-dependent 1146configuration information stored in the siteconfig subdirectory. For 1147example, the line 1148 1149 SITECONFIG(`uucp.ucbvax', `ucbvax', `U') 1150 1151reads the file uucp.ucbvax for local connection information. The 1152second parameter is the local name (in this case just "ucbvax" since 1153it is locally connected, and hence a UUCP hostname). The third 1154parameter is the name of both a macro to store the local name (in 1155this case, {U}) and the name of the class (e.g., {U}) in which to store 1156the host information read from the file. Another SITECONFIG line reads 1157 1158 SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W') 1159 1160This says that the file uucp.ucbarpa contains the list of UUCP sites 1161connected to ucbarpa.Berkeley.EDU. Class {W} will be used to 1162store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that 1163is, the name of the relay to which the hosts listed in uucp.ucbarpa 1164are connected. [The machine ucbarpa is gone now, but this 1165out-of-date configuration file has been left around to demonstrate 1166how you might do this.] 1167 1168Note that the case of SITECONFIG with a third parameter of ``U'' is 1169special; the second parameter is assumed to be the UUCP name of the 1170local site, rather than the name of a remote site, and the UUCP name 1171is entered into class {w} (the list of local hostnames) as $U.UUCP. 1172 1173The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing 1174more than a sequence of SITE macros describing connectivity. For 1175example: 1176 1177 SITE(`cnmat') 1178 SITE(`sgi olympus') 1179 1180The second example demonstrates that you can use two names on the 1181same line; these are usually aliases for the same host (or are at 1182least in the same company). 1183 1184 1185+--------------------+ 1186| USING UUCP MAILERS | 1187+--------------------+ 1188 1189It's hard to get UUCP mailers right because of the extremely ad hoc 1190nature of UUCP addressing. These config files are really designed 1191for domain-based addressing, even for UUCP sites. 1192 1193There are four UUCP mailers available. The choice of which one to 1194use is partly a matter of local preferences and what is running at 1195the other end of your UUCP connection. Unlike good protocols that 1196define what will go over the wire, UUCP uses the policy that you 1197should do what is right for the other end; if they change, you have 1198to change. This makes it hard to do the right thing, and discourages 1199people from updating their software. In general, if you can avoid 1200UUCP, please do. 1201 1202The major choice is whether to go for a domainized scheme or a 1203non-domainized scheme. This depends entirely on what the other 1204end will recognize. If at all possible, you should encourage the 1205other end to go to a domain-based system -- non-domainized addresses 1206don't work entirely properly. 1207 1208The four mailers are: 1209 1210 uucp-old (obsolete name: "uucp") 1211 This is the oldest, the worst (but the closest to UUCP) way of 1212 sending messages accros UUCP connections. It does bangify 1213 everything and prepends $U (your UUCP name) to the sender's 1214 address (which can already be a bang path itself). It can 1215 only send to one address at a time, so it spends a lot of 1216 time copying duplicates of messages. Avoid this if at all 1217 possible. 1218 1219 uucp-new (obsolete name: "suucp") 1220 The same as above, except that it assumes that in one rmail 1221 command you can specify several recipients. It still has a 1222 lot of other problems. 1223 1224 uucp-dom 1225 This UUCP mailer keeps everything as domain addresses. 1226 Basically, it uses the SMTP mailer rewriting rules. This mailer 1227 is only included if MAILER(`smtp') is also specified. 1228 1229 Unfortunately, a lot of UUCP mailer transport agents require 1230 bangified addresses in the envelope, although you can use 1231 domain-based addresses in the message header. (The envelope 1232 shows up as the From_ line on UNIX mail.) So.... 1233 1234 uucp-uudom 1235 This is a cross between uucp-new (for the envelope addresses) 1236 and uucp-dom (for the header addresses). It bangifies the 1237 envelope sender (From_ line in messages) without adding the 1238 local hostname, unless there is no host name on the address 1239 at all (e.g., "wolf") or the host component is a UUCP host name 1240 instead of a domain name ("somehost!wolf" instead of 1241 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp') 1242 is also specified. 1243 1244Examples: 1245 1246On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following 1247summarizes the sender rewriting for various mailers. 1248 1249Mailer sender rewriting in the envelope 1250------ ------ ------------------------- 1251uucp-{old,new} wolf grasp!wolf 1252uucp-dom wolf wolf@grasp.insa-lyon.fr 1253uucp-uudom wolf grasp.insa-lyon.fr!wolf 1254 1255uucp-{old,new} wolf@fr.net grasp!fr.net!wolf 1256uucp-dom wolf@fr.net wolf@fr.net 1257uucp-uudom wolf@fr.net fr.net!wolf 1258 1259uucp-{old,new} somehost!wolf grasp!somehost!wolf 1260uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr 1261uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf 1262 1263If you are using one of the domainized UUCP mailers, you really want 1264to convert all UUCP addresses to domain format -- otherwise, it will 1265do it for you (and probably not the way you expected). For example, 1266if you have the address foo!bar!baz (and you are not sending to foo), 1267the heuristics will add the @uucp.relay.name or @local.host.name to 1268this address. However, if you map foo to foo.host.name first, it 1269will not add the local hostname. You can do this using the uucpdomain 1270feature. 1271 1272 1273+-------------------+ 1274| TWEAKING RULESETS | 1275+-------------------+ 1276 1277For more complex configurations, you can define special rules. 1278The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing 1279the names. Any modifications made here are reflected in the header. 1280 1281A common use is to convert old UUCP addresses to SMTP addresses using 1282the UUCPSMTP macro. For example: 1283 1284 LOCAL_RULE_3 1285 UUCPSMTP(`decvax', `decvax.dec.com') 1286 UUCPSMTP(`research', `research.att.com') 1287 1288will cause addresses of the form "decvax!user" and "research!user" 1289to be converted to "user@decvax.dec.com" and "user@research.att.com" 1290respectively. 1291 1292This could also be used to look up hosts in a database map: 1293 1294 LOCAL_RULE_3 1295 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3 1296 1297This map would be defined in the LOCAL_CONFIG portion, as shown below. 1298 1299Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules. 1300For example, new rules are needed to parse hostnames that you accept 1301via MX records. For example, you might have: 1302 1303 LOCAL_RULE_0 1304 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.> 1305 1306You would use this if you had installed an MX record for cnmat.Berkeley.EDU 1307pointing at this host; this rule catches the message and forwards it on 1308using UUCP. 1309 1310You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2. 1311These rulesets are normally empty. 1312 1313A similar macro is LOCAL_CONFIG. This introduces lines added after the 1314boilerplate option setting but before rulesets. Do not declare rulesets in 1315the LOCAL_CONFIG section. It can be used to declare local database maps or 1316whatever. For example: 1317 1318 LOCAL_CONFIG 1319 Khostmap hash /etc/mail/hostmap 1320 Kyplocal nis -m hosts.byname 1321 1322 1323+---------------------------+ 1324| MASQUERADING AND RELAYING | 1325+---------------------------+ 1326 1327You can have your host masquerade as another using 1328 1329 MASQUERADE_AS(`host.domain') 1330 1331This causes mail being sent to be labeled as coming from the 1332indicated host.domain, rather than $j. One normally masquerades as 1333one of one's own subdomains (for example, it's unlikely that 1334Berkeley would choose to masquerade as an MIT site). This 1335behaviour is modified by a plethora of FEATUREs; in particular, see 1336masquerade_envelope, allmasquerade, limited_masquerade, and 1337masquerade_entire_domain. 1338 1339The masquerade name is not normally canonified, so it is important 1340that it be your One True Name, that is, fully qualified and not a 1341CNAME. However, if you use a CNAME, the receiving side may canonify 1342it for you, so don't think you can cheat CNAME mapping this way. 1343 1344Normally the only addresses that are masqueraded are those that come 1345from this host (that is, are either unqualified or in class {w}, the list 1346of local domain names). You can augment this list, which is realized 1347by class {M} using 1348 1349 MASQUERADE_DOMAIN(`otherhost.domain') 1350 1351The effect of this is that although mail to user@otherhost.domain 1352will not be delivered locally, any mail including any user@otherhost.domain 1353will, when relayed, be rewritten to have the MASQUERADE_AS address. 1354This can be a space-separated list of names. 1355 1356If these names are in a file, you can use 1357 1358 MASQUERADE_DOMAIN_FILE(`filename') 1359 1360to read the list of names from the indicated file (i.e., to add 1361elements to class {M}). 1362 1363To exempt hosts or subdomains from being masqueraded, you can use 1364 1365 MASQUERADE_EXCEPTION(`host.domain') 1366 1367This can come handy if you want to masquerade a whole domain 1368except for one (or a few) host(s). 1369 1370Normally only header addresses are masqueraded. If you want to 1371masquerade the envelope as well, use 1372 1373 FEATURE(`masquerade_envelope') 1374 1375There are always users that need to be "exposed" -- that is, their 1376internal site name should be displayed instead of the masquerade name. 1377Root is an example (which has been "exposed" by default prior to 8.10). 1378You can add users to this list using 1379 1380 EXPOSED_USER(`usernames') 1381 1382This adds users to class {E}; you could also use something like 1383 1384 FE/etc/mail/exposed-users 1385 1386You can also arrange to relay all unqualified names (that is, names 1387without @host) to a relay host. For example, if you have a central 1388email server, you might relay to that host so that users don't have 1389to have .forward files or aliases. You can do this using 1390 1391 define(`LOCAL_RELAY', `mailer:hostname') 1392 1393The ``mailer:'' can be omitted, in which case the mailer defaults to 1394"relay". There are some user names that you don't want relayed, perhaps 1395because of local aliases. A common example is root, which may be 1396locally aliased. You can add entries to this list using 1397 1398 LOCAL_USER(`usernames') 1399 1400This adds users to class {L}; you could also use something like 1401 1402 FL/etc/mail/local-users 1403 1404If you want all incoming mail sent to a centralized hub, as for a 1405shared /var/spool/mail scheme, use 1406 1407 define(`MAIL_HUB', `mailer:hostname') 1408 1409Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY 1410and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will 1411be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB. 1412Note: there is a (long standing) bug which keeps this combination from 1413working for addresses of the form user+detail. 1414Names in class {L} will be delivered locally, so you MUST have aliases or 1415.forward files for them. 1416 1417For example, if you are on machine mastodon.CS.Berkeley.EDU and you have 1418FEATURE(`stickyhost'), the following combinations of settings will have the 1419indicated effects: 1420 1421email sent to.... eric eric@mastodon.CS.Berkeley.EDU 1422 1423LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally) 1424mail.CS.Berkeley.EDU (no local aliasing) (aliasing done) 1425 1426MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1427mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done) 1428 1429Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1430MAIL_HUB set as above (no local aliasing) (aliasing done) 1431 1432If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and 1433MAIL_HUB act identically, with MAIL_HUB taking precedence. 1434 1435If you want all outgoing mail to go to a central relay site, define 1436SMART_HOST as well. Briefly: 1437 1438 LOCAL_RELAY applies to unqualified names (e.g., "eric"). 1439 MAIL_HUB applies to names qualified with the name of the 1440 local host (e.g., "eric@mastodon.CS.Berkeley.EDU"). 1441 SMART_HOST applies to names qualified with other hosts or 1442 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU" 1443 or "eric@[127.0.0.1]"). 1444 1445However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY, 1446DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you 1447really want absolutely everything to go to a single central site you will 1448need to unset all the other relays -- or better yet, find or build a 1449minimal config file that does this. 1450 1451For duplicate suppression to work properly, the host name is best 1452specified with a terminal dot: 1453 1454 define(`MAIL_HUB', `host.domain.') 1455 note the trailing dot ---^ 1456 1457 1458+--------------+ 1459| LDAP ROUTING | 1460+--------------+ 1461 1462FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft 1463LDAP Schema for Intranet Mail Routing 1464(draft-lachman-laser-ldap-mail-routing-01). This feature enables 1465LDAP-based rerouting of a particular address to either a different host 1466or a different address. The LDAP lookup is first attempted on the full 1467address (e.g., user@example.com) and then on the domain portion 1468(e.g., @example.com). Be sure to setup your domain for LDAP routing using 1469LDAPROUTE_DOMAIN(), e.g.: 1470 1471 LDAPROUTE_DOMAIN(`example.com') 1472 1473By default, the feature will use the schemas as specified in the draft 1474and will not reject addresses not found by the LDAP lookup. However, 1475this behavior can be changed by giving additional arguments to the FEATURE() 1476command: 1477 1478 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>) 1479 1480where <mailHost> is a map definition describing how to lookup an alternative 1481mail host for a particular address; <mailRoutingAddress> is a map definition 1482describing how to lookup an alternative address for a particular address; and 1483the <bounce> argument, if present and not the word "passthru", dictates 1484that mail should be bounced if neither a mailHost nor mailRoutingAddress 1485is found. 1486 1487The default <mailHost> map definition is: 1488 1489 ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient) 1490 (mailLocalAddress=%0)) 1491 1492The default <mailRoutingAddress> map definition is: 1493 1494 ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient) 1495 (mailLocalAddress=%0)) 1496 1497Note that neither includes the LDAP server hostname (-h server) or base DN 1498(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that 1499your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with 1500these settings. If this is not the case, the map definitions should be 1501changed as described above. 1502 1503The following possibilities exist as a result of an LDAP lookup on an 1504address: 1505 1506 mailHost is mailRoutingAddress is Results in 1507 ----------- --------------------- ---------- 1508 set to a set mail delivered to 1509 "local" host mailRoutingAddress 1510 1511 set to a not set delivered to 1512 "local" host original address 1513 1514 set to a set mailRoutingAddress 1515 remote host relayed to mailHost 1516 1517 set to a not set original address 1518 remote host relayed to mailHost 1519 1520 not set set mail delivered to 1521 mailRoutingAddress 1522 1523 not set not set delivered to 1524 original address *OR* 1525 bounced as unknown user 1526 1527The term "local" host above means the host specified is in class {w}. 1528Note that the last case depends on whether the third argument is given 1529to the FEATURE() command. The default is to deliver the message to the 1530original address. 1531 1532The LDAP entries should be set up with an objectClass of 1533inetLocalMailRecipient and the address be listed in a mailLocalAddress 1534attribute. If present, there must be only one mailHost attribute and it 1535must contain a fully qualified host name as its value. Similarly, if 1536present, there must be only one mailRoutingAddress attribute and it must 1537contain an RFC 822 compliant address. Some example LDAP records (in ldif 1538format): 1539 1540 dn: uid=tom, o=example.com, c=US 1541 objectClass: inetLocalMailRecipient 1542 mailLocalAddress: tom@example.com 1543 mailRoutingAddress: thomas@mailhost.example.com 1544 1545This would deliver mail for tom@example.com to thomas@mailhost.example.com. 1546 1547 dn: uid=dick, o=example.com, c=US 1548 objectClass: inetLocalMailRecipient 1549 mailLocalAddress: dick@example.com 1550 mailHost: eng.example.com 1551 1552This would relay mail for dick@example.com to the same address but redirect 1553the mail to MX records listed for the host eng.example.com. 1554 1555 dn: uid=harry, o=example.com, c=US 1556 objectClass: inetLocalMailRecipient 1557 mailLocalAddress: harry@example.com 1558 mailHost: mktmail.example.com 1559 mailRoutingAddress: harry@mkt.example.com 1560 1561This would relay mail for harry@example.com to the MX records listed for 1562the host mktmail.example.com using the new address harry@mkt.example.com 1563when talking to that host. 1564 1565 dn: uid=virtual.example.com, o=example.com, c=US 1566 objectClass: inetLocalMailRecipient 1567 mailLocalAddress: @virtual.example.com 1568 mailHost: server.example.com 1569 mailRoutingAddress: virtual@example.com 1570 1571This would send all mail destined for any username @virtual.example.com to 1572the machine server.example.com's MX servers and deliver to the address 1573virtual@example.com on that relay machine. 1574 1575 1576+---------------------------------+ 1577| ANTI-SPAM CONFIGURATION CONTROL | 1578+---------------------------------+ 1579 1580The primary anti-spam features available in sendmail are: 1581 1582* Relaying is denied by default. 1583* Better checking on sender information. 1584* Access database. 1585* Header checks. 1586 1587Relaying (transmission of messages from a site outside your host (class 1588{w}) to another site except yours) is denied by default. Note that this 1589changed in sendmail 8.9; previous versions allowed relaying by default. 1590If you really want to revert to the old behaviour, you will need to use 1591FEATURE(`promiscuous_relay'). You can allow certain domains to relay 1592through your server by adding their domain name or IP address to class 1593{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database 1594(described below). The file consists (like any other file based class) 1595of entries listed on separate lines, e.g., 1596 1597 sendmail.org 1598 128.32 1599 1:2:3:4:5:6:7 1600 host.mydomain.com 1601 1602If you use 1603 1604 FEATURE(`relay_entire_domain') 1605 1606then any host in any of your local domains (that is, class {m}) 1607will be relayed (that is, you will accept mail either to or from any 1608host in your domain). 1609 1610You can also allow relaying based on the MX records of the host 1611portion of an incoming recipient address by using 1612 1613 FEATURE(`relay_based_on_MX') 1614 1615For example, if your server receives a recipient of user@domain.com 1616and domain.com lists your server in its MX records, the mail will be 1617accepted for relay to domain.com. Note that this will stop spammers 1618from using your host to relay spam but it will not stop outsiders from 1619using your server as a relay for their site (that is, they set up an 1620MX record pointing to your mail server, and you will relay mail addressed 1621to them without any prior arrangement). Along the same lines, 1622 1623 FEATURE(`relay_local_from') 1624 1625will allow relaying if the sender specifies a return path (i.e. 1626MAIL FROM: <user@domain>) domain which is a local domain. This a 1627dangerous feature as it will allow spammers to spam using your mail 1628server by simply specifying a return address of user@your.domain.com. 1629It should not be used unless absolutely necessary. 1630A slightly better solution is 1631 1632 FEATURE(`relay_mail_from') 1633 1634which allows relaying if the mail sender is listed as RELAY in the 1635access map. If an optional argument `domain' is given, the domain 1636portion of the mail sender is also checked to allowing relaying. 1637This option only works together with the tag From: for the LHS of 1638the access map entries (see below: Finer control...). 1639 1640 1641If source routing is used in the recipient address (i.e. 1642RCPT TO: <user%site.com@othersite.com>), sendmail will check 1643user@site.com for relaying if othersite.com is an allowed relay host 1644in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, 1645or the access database if FEATURE(`access_db') is used. To prevent 1646the address from being stripped down, use: 1647 1648 FEATURE(`loose_relay_check') 1649 1650If you think you need to use this feature, you probably do not. This 1651should only be used for sites which have no control over the addresses 1652that they provide a gateway for. Use this FEATURE with caution as it 1653can allow spammers to relay through your server if not setup properly. 1654 1655NOTICE: It is possible to relay mail through a system which the anti-relay 1656rules do not prevent: the case of a system that does use FEATURE(`nouucp', 1657`nospecial') (system A) and relays local messages to a mail hub (e.g., via 1658LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use 1659FEATURE(`nouucp') at all, addresses of the form 1660<example.net!user@local.host> would be relayed to <user@example.net>. 1661System A doesn't recognize `!' as an address separator and therefore 1662forwards it to the mail hub which in turns relays it because it came from 1663a trusted local host. So if a mailserver allows UUCP (bang-format) 1664addresses, all systems from which it allows relaying should do the same 1665or reject those addresses. 1666 1667As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has 1668an unresolvable domain (i.e., one that DNS, your local name service, 1669or special case rules in ruleset 3 cannot locate). If you want to 1670continue to accept such domains, e.g., because you are inside a 1671firewall that has only a limited view of the Internet host name space 1672(note that you will not be able to return mail to them unless you have 1673some "smart host" forwarder), use 1674 1675 FEATURE(`accept_unresolvable_domains') 1676 1677sendmail will also refuse mail if the MAIL FROM: parameter is not 1678fully qualified (i.e., contains a domain as well as a user). If you 1679want to continue to accept such senders, use 1680 1681 FEATURE(`accept_unqualified_senders') 1682 1683Setting the DaemonPortOptions modifier 'u' overrides the default behavior, 1684i.e., unqualified addresses are accepted even without this FEATURE. If 1685this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used 1686to enforce fully qualified addresses. 1687 1688An ``access'' database can be created to accept or reject mail from 1689selected domains. For example, you may choose to reject all mail 1690originating from known spammers. To enable such a database, use 1691 1692 FEATURE(`access_db') 1693 1694The FEATURE macro can accept a second parameter giving the key file 1695definition for the database; for example 1696 1697 FEATURE(`access_db', `hash /etc/mail/access') 1698 1699Remember, since /etc/mail/access is a database, after creating the text 1700file as described below, you must use makemap to create the database 1701map. For example: 1702 1703 makemap hash /etc/mail/access < /etc/mail/access 1704 1705The table itself uses e-mail addresses, domain names, and network 1706numbers as keys. For example, 1707 1708 spammer@aol.com REJECT 1709 cyberspammer.com REJECT 1710 192.168.212 REJECT 1711 1712would refuse mail from spammer@aol.com, any user from cyberspammer.com 1713(or any host within the cyberspammer.com domain), and any host on the 1714192.168.212.* network. 1715 1716The value part of the map can contain: 1717 1718 OK Accept mail even if other rules in the 1719 running ruleset would reject it, for example, 1720 if the domain name is unresolvable. 1721 RELAY Accept mail addressed to the indicated domain or 1722 received from the indicated domain for relaying 1723 through your SMTP server. RELAY also serves as 1724 an implicit OK for the other checks. 1725 REJECT Reject the sender or recipient with a general 1726 purpose message. 1727 DISCARD Discard the message completely using the 1728 $#discard mailer. If it is used in check_compat, 1729 it affects only the designated recipient, not 1730 the whole message as it does in all other cases. 1731 This should only be used if really necessary. 1732 ### any text where ### is an RFC 821 compliant error code and 1733 "any text" is a message to return for the command. 1734 The string should be quoted to avoid surprises, 1735 e.g., sendmail may remove spaces otherwise. 1736 ERROR:### any text 1737 as above, but useful to mark error messages as such. 1738 ERROR:D.S.N:### any text 1739 where D.S.N is an RFC 1893 compliant error code 1740 and the rest as above. 1741 1742For example: 1743 1744 cyberspammer.com ERROR:"550 We don't accept mail from spammers" 1745 okay.cyberspammer.com OK 1746 sendmail.org RELAY 1747 128.32 RELAY 1748 1:2:3:4:5:6:7 RELAY 1749 [127.0.0.3] OK 1750 [1:2:3:4:5:6:7:8] OK 1751 1752would accept mail from okay.cyberspammer.com, but would reject mail from 1753all other hosts at cyberspammer.com with the indicated message. It would 1754allow relaying mail from and to any hosts in the sendmail.org domain, and 1755allow relaying from the 128.32.*.* network and the IPv6 1:2:3:4:5:6:7:* 1756network. The latter two entries are for checks against ${client_name} if 1757the IP address doesn't resolve to a hostname (or is considered as "may be 1758forged"). 1759 1760Warning: if you change the RFC 821 compliant error code from the default 1761value of 550, then you should probably also change the RFC 1893 compliant 1762error code to match it. For example, if you use 1763 1764 user@example.com 450 mailbox full 1765 1766the error returned would be "450 4.0.0 mailbox full" which is wrong. 1767Use "450 4.2.2 mailbox full" or "ERROR:4.2.2:450 mailbox full" 1768instead. 1769 1770Note, UUCP users may need to add hostname.UUCP to the access database 1771or class {R}. If you also use: 1772 1773 FEATURE(`relay_hosts_only') 1774 1775then the above example will allow relaying for sendmail.org, but not 1776hosts within the sendmail.org domain. Note that this will also require 1777hosts listed in class {R} to be fully qualified host names. 1778 1779You can also use the access database to block sender addresses based on 1780the username portion of the address. For example: 1781 1782 FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted 1783 1784Note that you must include the @ after the username to signify that 1785this database entry is for checking only the username portion of the 1786sender address. 1787 1788If you use: 1789 1790 FEATURE(`blacklist_recipients') 1791 1792then you can add entries to the map for local users, hosts in your 1793domains, or addresses in your domain which should not receive mail: 1794 1795 badlocaluser@ ERROR:550 Mailbox disabled for this username 1796 host.mydomain.com ERROR:550 That host does not accept mail 1797 user@otherhost.mydomain.com ERROR:550 Mailbox disabled for this recipient 1798 1799This would prevent a recipient of badlocaluser@mydomain.com, any 1800user at host.mydomain.com, and the single address 1801user@otherhost.mydomain.com from receiving mail. Please note: a 1802local username must be now tagged with an @ (this is consistent 1803with the check of the sender address, and hence it is possible to 1804distinguish between hostnames and usernames). Enabling this feature 1805will keep you from sending mails to all addresses that have an 1806error message or REJECT as value part in the access map. Taking 1807the example from above: 1808 1809 spammer@aol.com REJECT 1810 cyberspammer.com REJECT 1811 1812Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com. 1813 1814There is also a ``Realtime Blackhole List'' run by the MAPS project 1815at http://maps.vix.com/. This is a database maintained in DNS of 1816spammers. To use this database, use 1817 1818 FEATURE(`dnsbl') 1819 1820This will cause sendmail to reject mail from any site in the 1821Realtime Blackhole List database. You can specify an alternative 1822RBL domain to check by specifying an argument to the FEATURE. 1823The default error message is 1824 1825 Mail from $&{client_addr} refused by blackhole site DOMAIN 1826 1827where DOMAIN is the first argument of the feature. A second argument 1828can be used to specify a different text. This FEATURE can be 1829included several times to query different DNS based rejection lists, 1830e.g., the dial-up user list (see http://maps.vix.com/dul/). 1831 1832The features described above make use of the check_relay, check_mail, 1833and check_rcpt rulesets. If you wish to include your own checks, 1834you can put your checks in the rulesets Local_check_relay, 1835Local_check_mail, and Local_check_rcpt. For example if you wanted to 1836block senders with all numeric usernames (i.e. 2312343@bigisp.com), 1837you would use Local_check_mail and the new regex map: 1838 1839 LOCAL_CONFIG 1840 Kallnumbers regex -a@MATCH ^[0-9]+$ 1841 1842 LOCAL_RULESETS 1843 SLocal_check_mail 1844 # check address against various regex checks 1845 R$* $: $>Parse0 $>3 $1 1846 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $) 1847 R@MATCH $#error $: 553 Header Error 1848 1849These rules are called with the original arguments of the corresponding 1850check_* ruleset. If the local ruleset returns $#OK, no further checking 1851is done by the features described above and the mail is accepted. If the 1852local ruleset resolves to a mailer (such as $#error or $#discard), the 1853appropriate action is taken. Otherwise, the results of the local 1854rewriting are ignored. 1855 1856Finer control by using tags for the LHS of the access map 1857 1858Read this section only if the options listed so far are not sufficient 1859for your purposes. There is now the option to tag entries in the 1860access map according to their type. Three tags are available: 1861 1862 Connect: connection information (${client_addr}, ${client_name}) 1863 From: sender 1864 To: recipient 1865 1866If the required item is looked up in a map, it will be tried first 1867with the corresponding tag in front, then (as fallback to enable 1868backward compatibility) without any tag. For example, 1869 1870 From:spammer@some.dom REJECT 1871 To:friend.domain RELAY 1872 Connect:friend.domain OK 1873 Connect:from.domain RELAY 1874 From:good@another.dom OK 1875 From:another.dom REJECT 1876 1877This would deny mails from spammer@some.dom but you could still 1878send mail to that address even if FEATURE(`blacklist_recipients') 1879is enabled. Your system will allow relaying to friend.domain, but 1880not from it (unless enabled by other means). Connections from that 1881domain will be allowed even if it ends up in one of the DNS based 1882rejection lists. Relaying is enabled from from.domain but not to 1883it (since relaying is based on the connection information for 1884outgoing relaying, the tag Connect: must be used; for incoming 1885relaying, which is based on the recipient address, To: must be 1886used). The last two entries allow mails from good@another.dom but 1887reject mail from all other addresses with another.dom as domain 1888part. 1889 1890Delay all checks 1891 1892By using FEATURE(`delay_checks') the rulesets check_mail and check_relay 1893will not be called when a client connects or issues a MAIL command, 1894respectively. Instead, those rulesets will be called by the check_rcpt 1895ruleset; they will be skipped if a sender has been authenticated using 1896a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(). 1897If check_mail returns an error then the RCPT TO command will be rejected 1898with that error. If it returns some other result starting with $# then 1899check_relay will be skipped. If the sender address (or a part of it) is 1900listed in the access map and it has a RHS of OK or RELAY, then check_relay 1901will be skipped. This has an interesting side effect: if your domain is 1902my.domain and you have 1903 1904 my.domain RELAY 1905 1906in the access map, then all e-mail with a sender address of 1907<user@my.domain> gets through, even if check_relay would reject it 1908(e.g., based on the hostname or IP address). This allows spammers 1909to get around DNS based blacklist by faking the sender address. To 1910avoid this problem you have to use tagged entries: 1911 1912 To:my.domain RELAY 1913 Connect:my.domain RELAY 1914 1915if you need those entries at all (class {R} may take care of them). 1916 1917FEATURE(`delay_checks') can take an optional argument: 1918 1919 FEATURE(`delay_checks', `friend') 1920 enables spamfriend test 1921 FEATURE(`delay_checks', `hater') 1922 enables spamhater test 1923 1924If such an argument is given, the recipient will be looked up in the access 1925map (using the tag To:). If the argument is `friend', then the other 1926rulesets will be skipped if the recipient address is found and has RHS 1927spamfriend. If the argument is `hater', then the other rulesets will be 1928applied if the recipient address is found and has RHS spamhater. 1929 1930This allows for simple exceptions from the tests, e.g., by activating 1931the spamfriend option and having 1932 1933 To:abuse@ SPAMFRIEND 1934 1935in the access map, mail to abuse@localdomain will get through. It is 1936also possible to specify a full address or an address with +detail: 1937 1938 To:abuse@abuse.my.domain SPAMFRIEND 1939 To:me+abuse@ SPAMFRIEND 1940 1941 1942Header Checks 1943 1944You can also reject mail on the basis of the contents of headers. 1945This is done by adding a ruleset call to the 'H' header definition command 1946in sendmail.cf. For example, this can be used to check the validity of 1947a Message-ID: header: 1948 1949 LOCAL_RULESETS 1950 HMessage-Id: $>CheckMessageId 1951 1952 SCheckMessageId 1953 R< $+ @ $+ > $@ OK 1954 R$* $#error $: 553 Header Error 1955 1956The alternative format: 1957 1958 HSubject: $>+CheckSubject 1959 1960that is, $>+ instead of $>, gives the full Subject: header including 1961comments to the ruleset (comments in parentheses () are stripped 1962by default). 1963 1964A default ruleset for headers which don't have a specific ruleset 1965defined for them can be given by: 1966 1967 H*: $>CheckHdr 1968 1969After all of the headers are read, the check_eoh ruleset will be called for 1970any final header-related checks. The ruleset is called with the number of 1971headers and the size of all of the headers in bytes separated by $|. One 1972example usage is to reject messages which do not have a Message-Id: 1973header. However, the Message-Id: header is *NOT* a required header and is 1974not a guaranteed spam indicator. This ruleset is an example and should 1975probably not be used in production. 1976 1977 LOCAL_CONFIG 1978 Kstorage macro 1979 1980 LOCAL_RULESETS 1981 HMessage-Id: $>CheckMessageId 1982 1983 SCheckMessageId 1984 # Record the presence of the header 1985 R$* $: $(storage {MessageIdCheck} $@ OK $) $1 1986 R< $+ @ $+ > $@ OK 1987 R$* $#error $: 553 Header Error 1988 1989 Scheck_eoh 1990 # Check the macro 1991 R$* $: < $&{MessageIdCheck} > 1992 # Clear the macro for the next message 1993 R$* $: $(storage {MessageIdCheck} $) $1 1994 # Has a Message-Id: header 1995 R< $+ > $@ OK 1996 # Allow missing Message-Id: from local mail 1997 R$* $: < $&{client_name} > 1998 R< > $@ OK 1999 R< $=w > $@ OK 2000 # Otherwise, reject the mail 2001 R$* $#error $: 553 Header Error 2002 2003+----------+ 2004| STARTTLS | 2005+----------+ 2006 2007In this text, cert will be used as an abreviation for X.509 certificate, 2008DN is the distinguished name of a cert, and CA is a certification authority. 2009 2010Macros related to STARTTLS are: 2011 2012${cert_issuer} holds the DN of the CA (the cert issuer). 2013${cert_subject} holds the DN of the cert (called the cert subject). 2014${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1, 2015 SSLv3, SSLv2. 2016${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 2017 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 2018${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm 2019 used for the connection. 2020${verify} holds the result of the verification of the presented cert. Possible 2021 values are: 2022 OK verification succeeded. 2023 NO no cert presented. 2024 FAIL cert presented but could not be verified, e.g., the signing 2025 CA is missing. 2026 NONE STARTTLS has not been performed. 2027 TEMP temporary error occurred. 2028 PROTOCOL some protocol error occurred. 2029 SOFTWARE STARTTLS handshake failed. 2030${server_name} the name of the server of the current outgoing SMTP 2031 connection. 2032${server_addr} the address of the server of the current outgoing SMTP 2033 connection. 2034 2035Relaying 2036 2037SMTP STARTTLS can allow relaying for senders who have successfully 2038authenticated themselves. This is done in the ruleset RelayAuth. If the 2039verification of the cert failed (${verify} != OK), relaying is subject to 2040the usual rules. Otherwise the DN of the issuer is looked up in the access 2041map using the tag CERTISSUER. If the resulting value is RELAY, relaying is 2042allowed. If it is SUBJECT, the DN of the cert subject is looked up next in 2043the access map. using the tag CERTSUBJECT. If the value is RELAY, relaying 2044is allowed. 2045 2046To make things a bit more flexible (or complicated), the values for 2047${cert_issuer} and ${cert_subject} can be optionally modified by regular 2048expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and 2049_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in 2050rulesets and map lookups, they are modified as follows: each non-printable 2051character and the characters '<', '>', '(', ')', '"', '+' are replaced by 2052their HEX value with a leading '+'. For example: 2053 2054/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email= 2055darth+cert@endmail.org 2056 2057is encoded as: 2058 2059/C=US/ST=California/O=endmail.org/OU=private/CN= 2060Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 2061 2062(line breaks have been inserted for readability). 2063 2064Of course it is also possible to write a simple rulesets that allows 2065relaying for everyone who can present a cert that can be verified, e.g., 2066 2067LOCAL_RULESETS 2068SLocal_check_rcpt 2069R$* $: $&{verify} 2070ROK $# OK 2071 2072Allowing Connections 2073 2074The rulesets tls_server and tls_client are used to decide whether an SMTP 2075connection is accepted (or should continue). 2076 2077tls_server is called when sendmail acts as client after a STARTTLS command 2078(should) have been issued. The parameter is the value of ${verify}. 2079 2080tls_client is called when sendmail acts as server, after a STARTTLS command 2081has been issued, and from check_mail. The parameter is the value of 2082${verify} and STARTTLS or MAIL, respectively. 2083 2084Both rulesets behave the same. If no access map is in use, the connection 2085will be accepted unless ${verify} is SOFTWARE, in which case the connection 2086is always aborted. Otherwise, ${client_name} (${server_name}) is looked 2087up in the access map using the tag TLS_Srv (or TLS_Clt), which is done 2088with the ruleset LookUpDomain. If no entry is found, ${client_addr} 2089(${server_addr}) is looked up in the access map (same tag, ruleset 2090LookUpAddr). If this doesn't result in an entry either, just the tag is 2091looked up in the access map (included the trailing :). The result of the 2092lookups is then used to call the ruleset tls_connection, which checks the 2093requirement specified by the RHS in the access map against the actual 2094parameters of the current TLS connection, esp. ${verify} and 2095${cipher_bits}. Legal RHSs in the access map are: 2096 2097VERIFY verification must have succeeded 2098VERIFY:bits verification must have succeeded and ${cipher_bits} must 2099 be greater than or equal bits. 2100ENCR:bits ${cipher_bits} must be greater than or equal bits. 2101 2102The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary 2103or permanent error. The default is a temporary error code (403 4.7.0) 2104unless the macro TLS_PERM_ERR is set during generation of the .cf file. 2105 2106If a certain level of encryption is required, then it might also be 2107possible that this level is provided by the security layer from a SASL 2108algorithm, e.g., DIGEST-MD5. 2109 2110Example: e-mail send to secure.example.com should only use an encrypted 2111connection. e-mail received from hosts within the laptop.example.com domain 2112should only be accepted if they have been authenticated. 2113TLS_Srv:secure.example.com ENCR:112 2114TLS_Clt:laptop.example.com PERM+VERIFY:112 2115 2116Received: Header 2117 2118The Received: header reveals whether STARTTLS has been used. It contains an 2119extra line: 2120 2121(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify}) 2122 2123+---------------------+ 2124| SMTP AUTHENTICATION | 2125+---------------------+ 2126 2127The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be 2128used in anti-relay rulesets to allow relaying for those users that 2129authenticated themselves. A very simple example is: 2130 2131SLocal_check_rcpt 2132R$* $: $&{auth_type} 2133R$+ $# OK 2134 2135which checks whether a user has successfully authenticated using 2136any available mechanism. Depending on the setup of the CYRUS SASL 2137library, more sophisticated rulesets might be required, e.g., 2138 2139SLocal_check_rcpt 2140R$* $: $&{auth_type} $| $&{auth_authen} 2141RDIGEST-MD5 $| $+@$=w $# OK 2142 2143to allow relaying for users that authenticated using DIGEST-MD5 2144and have an identity in the local domains. 2145 2146The ruleset Strust_auth is used to determine whether a given AUTH= 2147parameter (that is passed to this ruleset) should be trusted. This 2148ruleset may make use of the other ${auth_*} macros. Only if the 2149ruleset resolves to the error mailer, the AUTH= parameter is not 2150trusted. A user supplied ruleset Local_trust_auth can be written 2151to modify the default behavior, which only trust the AUTH= 2152parameter if it is identical to the authenticated user. 2153 2154Per default, relaying is allowed for any user who authenticated 2155via a "trusted" mechanism, i.e., one that is defined via 2156TRUST_AUTH_MECH(`list of mechanisms') 2157For example: 2158TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5') 2159 2160If the selected mechanism provides a security layer the number of 2161bits used for the key of the symmetric cipher is stored in the 2162macro ${auth_ssf}. 2163 2164+--------------------------------+ 2165| ADDING NEW MAILERS OR RULESETS | 2166+--------------------------------+ 2167 2168Sometimes you may need to add entirely new mailers or rulesets. They 2169should be introduced with the constructs MAILER_DEFINITIONS and 2170LOCAL_RULESETS respectively. For example: 2171 2172 MAILER_DEFINITIONS 2173 Mmymailer, ... 2174 ... 2175 2176 LOCAL_RULESETS 2177 Smyruleset 2178 ... 2179 2180 2181#if _FFR_MILTER 2182+-------------------------+ 2183| ADDING NEW MAIL FILTERS | 2184+-------------------------+ 2185 2186Sendmail supports mail filters to filter incoming SMTP messages according 2187to the "Sendmail Mail Filter API" documentation. These filters can be 2188configured in your mc file using the two commands: 2189 2190 MAIL_FILTER(`name', `equates') 2191 INPUT_MAIL_FILTER(`name', `equates') 2192 2193The first command, MAIL_FILTER(), simply defines a filter with the given 2194name and equates. For example: 2195 2196 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2197 2198This creates the equivalent sendmail.cf entry: 2199 2200 Xarchive, S=local:/var/run/archivesock, F=R 2201 2202The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER 2203but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name 2204of the filter such that the filter will actually be called by sendmail. 2205 2206For example, the two commands: 2207 2208 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2209 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2210 2211are equivalent to the three commands: 2212 2213 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2214 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2215 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck') 2216 2217In general, INPUT_MAIL_FILTER() should be used unless you need to define 2218more filters than you want to use for `confINPUT_MAIL_FILTERS'. 2219 2220Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER() 2221commands will clear the list created by the prior INPUT_MAIL_FILTER() 2222commands. 2223#endif /* _FFR_MILTER */ 2224 2225 2226+-------------------------------+ 2227| NON-SMTP BASED CONFIGURATIONS | 2228+-------------------------------+ 2229 2230These configuration files are designed primarily for use by 2231SMTP-based sites. They may not be well tuned for UUCP-only or 2232UUCP-primarily nodes (the latter is defined as a small local net 2233connected to the rest of the world via UUCP). However, there is 2234one hook to handle some special cases. 2235 2236You can define a ``smart host'' that understands a richer address syntax 2237using: 2238 2239 define(`SMART_HOST', `mailer:hostname') 2240 2241In this case, the ``mailer:'' defaults to "relay". Any messages that 2242can't be handled using the usual UUCP rules are passed to this host. 2243 2244If you are on a local SMTP-based net that connects to the outside 2245world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules. 2246For example: 2247 2248 define(`SMART_HOST', `uucp-new:uunet') 2249 LOCAL_NET_CONFIG 2250 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3 2251 2252This will cause all names that end in your domain name ($m) via 2253SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet. 2254If you have FEATURE(`nocanonify'), you may need to omit the dots after 2255the $m. If you are running a local DNS inside your domain which is 2256not otherwise connected to the outside world, you probably want to 2257use: 2258 2259 define(`SMART_HOST', `smtp:fire.wall.com') 2260 LOCAL_NET_CONFIG 2261 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3 2262 2263That is, send directly only to things you found in your DNS lookup; 2264anything else goes through SMART_HOST. 2265 2266You may need to turn off the anti-spam rules in order to accept 2267UUCP mail with FEATURE(`promiscuous_relay') and 2268FEATURE(`accept_unresolvable_domains'). 2269 2270 2271+-----------+ 2272| WHO AM I? | 2273+-----------+ 2274 2275Normally, the $j macro is automatically defined to be your fully 2276qualified domain name (FQDN). Sendmail does this by getting your 2277host name using gethostname and then calling gethostbyname on the 2278result. For example, in some environments gethostname returns 2279only the root of the host name (such as "foo"); gethostbyname is 2280supposed to return the FQDN ("foo.bar.com"). In some (fairly rare) 2281cases, gethostbyname may fail to return the FQDN. In this case 2282you MUST define confDOMAIN_NAME to be your fully qualified domain 2283name. This is usually done using: 2284 2285 Dmbar.com 2286 define(`confDOMAIN_NAME', `$w.$m')dnl 2287 2288 2289+-----------------------------------+ 2290| ACCEPTING MAIL FOR MULTIPLE NAMES | 2291+-----------------------------------+ 2292 2293If your host is known by several different names, you need to augment 2294class {w}. This is a list of names by which your host is known, and 2295anything sent to an address using a host name in this list will be 2296treated as local mail. You can do this in two ways: either create the 2297file /etc/mail/local-host-names containing a list of your aliases (one per 2298line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add 2299``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified 2300name of the host, rather than a short name. 2301 2302If you want to have different address in different domains, take 2303a look at the virtusertable feature, which is also explained at 2304http://www.sendmail.org/virtual-hosting.html 2305 2306 2307+--------------------+ 2308| USING MAILERTABLES | 2309+--------------------+ 2310 2311To use FEATURE(`mailertable'), you will have to create an external 2312database containing the routing information for various domains. 2313For example, a mailertable file in text format might be: 2314 2315 .my.domain xnet:%1.my.domain 2316 uuhost1.my.domain uucp-new:uuhost1 2317 .bitnet smtp:relay.bit.net 2318 2319This should normally be stored in /etc/mail/mailertable. The actual 2320database version of the mailertable is built using: 2321 2322 makemap hash /etc/mail/mailertable < /etc/mail/mailertable 2323 2324The semantics are simple. Any LHS entry that does not begin with 2325a dot matches the full host name indicated. LHS entries beginning 2326with a dot match anything ending with that domain name (including 2327the leading dot) -- that is, they can be thought of as having a 2328leading ".+" regular expression pattern for a non-empty sequence of 2329characters. Matching is done in order of most-to-least qualified 2330-- for example, even though ".my.domain" is listed first in the 2331above example, an entry of "uuhost1.my.domain" will match the second 2332entry since it is more explicit. Note: e-mail to "user@my.domain" 2333does not match any entry in the above table. You need to have 2334something like: 2335 2336 my.domain esmtp:host.my.domain 2337 2338The RHS should always be a "mailer:host" pair. The mailer is the 2339configuration name of a mailer (that is, an {M} line in the 2340sendmail.cf file). The "host" will be the hostname passed to 2341that mailer. In domain-based matches (that is, those with leading 2342dots) the "%1" may be used to interpolate the wildcarded part of 2343the host name. For example, the first line above sends everything 2344addressed to "anything.my.domain" to that same host name, but using 2345the (presumably experimental) xnet mailer. 2346 2347In some cases you may want to temporarily turn off MX records, 2348particularly on gateways. For example, you may want to MX 2349everything in a domain to one machine that then forwards it 2350directly. To do this, you might use the DNS configuration: 2351 2352 *.domain. IN MX 0 relay.machine 2353 2354and on relay.machine use the mailertable: 2355 2356 .domain smtp:[gateway.domain] 2357 2358The [square brackets] turn off MX records for this host only. 2359If you didn't do this, the mailertable would use the MX record 2360again, which would give you an MX loop. 2361 2362 2363+--------------------------------+ 2364| USING USERDB TO MAP FULL NAMES | 2365+--------------------------------+ 2366 2367The user database was not originally intended for mapping full names 2368to login names (e.g., Eric.Allman => eric), but some people are using 2369it that way. (it is recommended that you set up aliases for this 2370purpose instead -- since you can specify multiple alias files, this 2371is fairly easy.) The intent was to locate the default maildrop at 2372a site, but allow you to override this by sending to a specific host. 2373 2374If you decide to set up the user database in this fashion, it is 2375imperative that you not use FEATURE(`stickyhost') -- otherwise, 2376e-mail sent to Full.Name@local.host.name will be rejected. 2377 2378To build the internal form of the user database, use: 2379 2380 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt 2381 2382As a general rule, it is an extremely bad idea to using full names 2383as e-mail addresses, since they are not in any sense unique. For 2384example, the UNIX software-development community has at least two 2385well-known Peter Deutsches, and at one time Bell Labs had two 2386Stephen R. Bournes with offices along the same hallway. Which one 2387will be forced to suffer the indignity of being Stephen_R_Bourne_2? 2388The less famous of the two, or the one that was hired later? 2389 2390Finger should handle full names (and be fuzzy). Mail should use 2391handles, and not be fuzzy. 2392 2393 2394+--------------------------------+ 2395| MISCELLANEOUS SPECIAL FEATURES | 2396+--------------------------------+ 2397 2398Plussed users 2399 Sometimes it is convenient to merge configuration on a 2400 centralized mail machine, for example, to forward all 2401 root mail to a mail server. In this case it might be 2402 useful to be able to treat the root addresses as a class 2403 of addresses with subtle differences. You can do this 2404 using plussed users. For example, a client might include 2405 the alias: 2406 2407 root: root+client1@server 2408 2409 On the server, this will match an alias for "root+client1". 2410 If that is not found, the alias "root+*" will be tried, 2411 then "root". 2412 2413 2414+----------------+ 2415| SECURITY NOTES | 2416+----------------+ 2417 2418A lot of sendmail security comes down to you. Sendmail 8 is much 2419more careful about checking for security problems than previous 2420versions, but there are some things that you still need to watch 2421for. In particular: 2422 2423* Make sure the aliases file isn't writable except by trusted 2424 system personnel. This includes both the text and database 2425 version. 2426 2427* Make sure that other files that sendmail reads, such as the 2428 mailertable, are only writable by trusted system personnel. 2429 2430* The queue directory should not be world writable PARTICULARLY 2431 if your system allows "file giveaways" (that is, if a non-root 2432 user can chown any file they own to any other user). 2433 2434* If your system allows file giveaways, DO NOT create a publically 2435 writable directory for forward files. This will allow anyone 2436 to steal anyone else's e-mail. Instead, create a script that 2437 copies the .forward file from users' home directories once a 2438 night (if you want the non-NFS-mounted forward directory). 2439 2440* If your system allows file giveaways, you'll find that 2441 sendmail is much less trusting of :include: files -- in 2442 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in 2443 /etc/shells before they will be trusted (that is, before 2444 files and programs listed in them will be honored). 2445 2446In general, file giveaways are a mistake -- if you can turn them 2447off, do so. 2448 2449 2450+--------------------------------+ 2451| TWEAKING CONFIGURATION OPTIONS | 2452+--------------------------------+ 2453 2454There are a large number of configuration options that don't normally 2455need to be changed. However, if you feel you need to tweak them, you 2456can define the following M4 variables. This list is shown in four 2457columns: the name you define, the default value for that definition, 2458the option or macro that is affected (either Ox for an option or Dx 2459for a macro), and a brief description. Greater detail of the semantics 2460can be found in the Installation and Operations Guide. 2461 2462Some options are likely to be deprecated in future versions -- that is, 2463the option is only included to provide back-compatibility. These are 2464marked with "*". 2465 2466Remember that these options are M4 variables, and hence may need to 2467be quoted. In particular, arguments with commas will usually have to 2468be ``double quoted, like this phrase'' to avoid having the comma 2469confuse things. This is common for alias file definitions and for 2470the read timeout. 2471 2472M4 Variable Name Configuration Description & [Default] 2473================ ============= ======================= 2474confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used 2475 for internally generated outgoing 2476 messages. 2477confDOMAIN_NAME $j macro If defined, sets $j. This should 2478 only be done if your system cannot 2479 determine your local domain name, 2480 and then it should be set to 2481 $w.Foo.COM, where Foo.COM is your 2482 domain name. 2483confCF_VERSION $Z macro If defined, this is appended to the 2484 configuration version name. 2485confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an 2486 internally generated From: address. 2487confRECEIVED_HEADER Received: 2488 [$?sfrom $s $.$?_($?s$|from $.$_) 2489 $.$?{auth_type}(authenticated) 2490 $.by $j ($v/$Z)$?r with $r$. id $i$?u 2491 for $u; $|; 2492 $.$b] 2493 The format of the Received: header 2494 in messages passed through this host. 2495 It is unwise to try to change this. 2496confCW_FILE Fw class [/etc/mail/local-host-names] Name 2497 of file used to get the local 2498 additions to class {w} (local host 2499 names). 2500confCT_FILE Ft class [/etc/mail/trusted-users] Name of 2501 file used to get the local additions 2502 to class {t} (trusted users). 2503confCR_FILE FR class [/etc/mail/relay-domains] Name of 2504 file used to get the local additions 2505 to class {R} (hosts allowed to relay). 2506confTRUSTED_USERS Ct class [no default] Names of users to add to 2507 the list of trusted users. This list 2508 always includes root, uucp, and daemon. 2509 See also FEATURE(`use_ct_file'). 2510confTRUSTED_USER TrustedUser [no default] Trusted user for file 2511 ownership and starting the daemon. 2512 Not to be confused with 2513 confTRUSTED_USERS (see above). 2514confSMTP_MAILER - [esmtp] The mailer name used when 2515 SMTP connectivity is required. 2516 One of "smtp", "smtp8", 2517 "esmtp", or "dsmtp". 2518confUUCP_MAILER - [uucp-old] The mailer to be used by 2519 default for bang-format recipient 2520 addresses. See also discussion of 2521 class {U}, class {Y}, and class {Z} 2522 in the MAILER(`uucp') section. 2523confLOCAL_MAILER - [local] The mailer name used when 2524 local connectivity is required. 2525 Almost always "local". 2526confRELAY_MAILER - [relay] The default mailer name used 2527 for relaying any mail (e.g., to a 2528 BITNET_RELAY, a SMART_HOST, or 2529 whatever). This can reasonably be 2530 "uucp-new" if you are on a 2531 UUCP-connected site. 2532confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits? 2533confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling 2534confALIAS_WAIT AliasWait [10m] Time to wait for alias file 2535 rebuild until you get bored and 2536 decide that the apparently pending 2537 rebuild failed. 2538confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on 2539 queue filesystem to accept SMTP mail. 2540 (Prior to 8.7 this was minfree/maxsize, 2541 where minfree was the number of free 2542 blocks and maxsize was the maximum 2543 message size. Use confMAX_MESSAGE_SIZE 2544 for the second value now.) 2545confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages 2546 that will be accepted (in bytes). 2547confBLANK_SUB BlankSub [.] Blank (space) substitution 2548 character. 2549confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately 2550 to mailers marked expensive. 2551confCHECKPOINT_INTERVAL CheckpointInterval 2552 [10] Checkpoint queue files every N 2553 recipients. 2554confDELIVERY_MODE DeliveryMode [background] Default delivery mode. 2555confAUTO_REBUILD AutoRebuildAliases 2556 [False] Automatically rebuild alias 2557 file if needed. 2558 There is a potential for a denial 2559 of service attack if this is set. 2560 This option is deprecated and will 2561 be removed from a future version. 2562confERROR_MODE ErrorMode [print] Error message mode. 2563confERROR_MESSAGE ErrorHeader [undefined] Error message header/file. 2564confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines. 2565confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode. 2566confMATCH_GECOS MatchGECOS [False] Match GECOS field. 2567confMAX_HOP MaxHopCount [25] Maximum hop count. 2568confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd 2569 mode] Ignore dot as terminator for 2570 incoming messages? 2571confBIND_OPTS ResolverOptions [undefined] Default options for DNS 2572 resolver. 2573confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME- 2574 encapsulated messages per RFC 1344. 2575confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward] 2576 The colon-separated list of places to 2577 search for .forward files. N.B.: see 2578 the Security Notes section. 2579confMCI_CACHE_SIZE ConnectionCacheSize 2580 [2] Size of open connection cache. 2581confMCI_CACHE_TIMEOUT ConnectionCacheTimeout 2582 [5m] Open connection cache timeout. 2583confHOST_STATUS_DIRECTORY HostStatusDirectory 2584 [undefined] If set, host status is kept 2585 on disk between sendmail runs in the 2586 named directory tree. This need not be 2587 a full pathname, in which case it is 2588 interpreted relative to the queue 2589 directory. 2590confSINGLE_THREAD_DELIVERY SingleThreadDelivery 2591 [False] If this option and the 2592 HostStatusDirectory option are both 2593 set, single thread deliveries to other 2594 hosts. That is, don't allow any two 2595 sendmails on this host to connect 2596 simultaneously to any other single 2597 host. This can slow down delivery in 2598 some cases, in particular since a 2599 cached but otherwise idle connection 2600 to a host will prevent other sendmails 2601 from connecting to the other host. 2602confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to 2603 deliver error messages. This should 2604 not be necessary because of general 2605 acceptance of the envelope/header 2606 distinction. 2607confLOG_LEVEL LogLevel [9] Log level. 2608confME_TOO MeToo [True] Include sender in group 2609 expansions. This option is 2610 deprecated and will be removed from 2611 a future version. 2612confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when 2613 running newaliases. Since this does 2614 DNS lookups on every address, it can 2615 slow down the alias rebuild process 2616 considerably on large alias files. 2617confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without 2618 special chars are old style. 2619confCLIENT_OPTIONS ClientPortOptions 2620 [none] Options for outgoing SMTP client 2621 connections. 2622confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags. 2623confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional 2624 copies of all error messages. 2625confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function. 2626confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr 2627 syntax addresses to the minimum 2628 possible. 2629confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk 2630 before forking. 2631confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response 2632 on the initial connect. 2633confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial 2634 connect() to complete. This can only 2635 shorten connection timeouts; the kernel 2636 silently enforces an absolute maximum 2637 (which varies depending on the system). 2638confTO_ICONNECT Timeout.iconnect 2639 [undefined] Like Timeout.connect, but 2640 applies only to the very first attempt 2641 to connect to a host in a message. 2642 This allows a single very fast pass 2643 followed by more careful delivery 2644 attempts in the future. 2645confTO_HELO Timeout.helo [5m] The timeout waiting for a response 2646 to a HELO or EHLO command. 2647confTO_MAIL Timeout.mail [10m] The timeout waiting for a 2648 response to the MAIL command. 2649confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response 2650 to the RCPT command. 2651confTO_DATAINIT Timeout.datainit 2652 [5m] The timeout waiting for a 354 2653 response from the DATA command. 2654confTO_DATABLOCK Timeout.datablock 2655 [1h] The timeout waiting for a block 2656 during DATA phase. 2657confTO_DATAFINAL Timeout.datafinal 2658 [1h] The timeout waiting for a response 2659 to the final "." that terminates a 2660 message. 2661confTO_RSET Timeout.rset [5m] The timeout waiting for a response 2662 to the RSET command. 2663confTO_QUIT Timeout.quit [2m] The timeout waiting for a response 2664 to the QUIT command. 2665confTO_MISC Timeout.misc [2m] The timeout waiting for a response 2666 to other SMTP commands. 2667confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout 2668 waiting for a command to be issued. 2669confTO_IDENT Timeout.ident [5s] The timeout waiting for a 2670 response to an IDENT query. 2671confTO_FILEOPEN Timeout.fileopen 2672 [60s] The timeout waiting for a file 2673 (e.g., :include: file) to be opened. 2674confTO_CONTROL Timeout.control 2675 [2m] The timeout for a complete 2676 control socket transaction to complete. 2677confTO_QUEUERETURN Timeout.queuereturn 2678 [5d] The timeout before a message is 2679 returned as undeliverable. 2680confTO_QUEUERETURN_NORMAL 2681 Timeout.queuereturn.normal 2682 [undefined] As above, for normal 2683 priority messages. 2684confTO_QUEUERETURN_URGENT 2685 Timeout.queuereturn.urgent 2686 [undefined] As above, for urgent 2687 priority messages. 2688confTO_QUEUERETURN_NONURGENT 2689 Timeout.queuereturn.non-urgent 2690 [undefined] As above, for non-urgent 2691 (low) priority messages. 2692confTO_QUEUEWARN Timeout.queuewarn 2693 [4h] The timeout before a warning 2694 message is sent to the sender telling 2695 them that the message has been 2696 deferred. 2697confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal 2698 [undefined] As above, for normal 2699 priority messages. 2700confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent 2701 [undefined] As above, for urgent 2702 priority messages. 2703confTO_QUEUEWARN_NONURGENT 2704 Timeout.queuewarn.non-urgent 2705 [undefined] As above, for non-urgent 2706 (low) priority messages. 2707confTO_HOSTSTATUS Timeout.hoststatus 2708 [30m] How long information about host 2709 statuses will be maintained before it 2710 is considered stale and the host should 2711 be retried. This applies both within 2712 a single queue run and to persistent 2713 information (see below). 2714confTO_RESOLVER_RETRANS Timeout.resolver.retrans 2715 [varies] Sets the resolver's 2716 retransmition time interval (in 2717 seconds). Sets both 2718 Timeout.resolver.retrans.first and 2719 Timeout.resolver.retrans.normal. 2720confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first 2721 [varies] Sets the resolver's 2722 retransmition time interval (in 2723 seconds) for the first attempt to 2724 deliver a message. 2725confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal 2726 [varies] Sets the resolver's 2727 retransmition time interval (in 2728 seconds) for all resolver lookups 2729 except the first delivery attempt. 2730confTO_RESOLVER_RETRY Timeout.resolver.retry 2731 [varies] Sets the number of times 2732 to retransmit a resolver query. 2733 Sets both 2734 Timeout.resolver.retry.first and 2735 Timeout.resolver.retry.normal. 2736confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first 2737 [varies] Sets the number of times 2738 to retransmit a resolver query for 2739 the first attempt to deliver a 2740 message. 2741confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal 2742 [varies] Sets the number of times 2743 to retransmit a resolver query for 2744 all resolver lookups except the 2745 first delivery attempt. 2746confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be 2747 USE_SYSTEM to use the system's idea, 2748 USE_TZ to use the user's TZ envariable, 2749 or something else to force that value. 2750confDEF_USER_ID DefaultUser [1:1] Default user id. 2751confUSERDB_SPEC UserDatabaseSpec 2752 [undefined] User database 2753 specification. 2754confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host. 2755confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX 2756 for a host and other arrangements 2757 haven't been made, try connecting 2758 to the host directly; normally this 2759 would be a config error. 2760confQUEUE_LA QueueLA [varies] Load average at which 2761 queue-only function kicks in. 2762 Default values is (8 * numproc) 2763 where numproc is the number of 2764 processors online (if that can be 2765 determined). 2766confREFUSE_LA RefuseLA [varies] Load average at which 2767 incoming SMTP connections are 2768 refused. Default values is (12 * 2769 numproc) where numproc is the 2770 number of processors online (if 2771 that can be determined). 2772confMAX_ALIAS_RECURSION MaxAliasRecursion 2773 [10] Maximum depth of alias recursion. 2774confMAX_DAEMON_CHILDREN MaxDaemonChildren 2775 [undefined] The maximum number of 2776 children the daemon will permit. After 2777 this number, connections will be 2778 rejected. If not set or <= 0, there is 2779 no limit. 2780confMAX_HEADERS_LENGTH MaxHeadersLength 2781 [32768] Maximum length of the sum 2782 of all headers. 2783confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength 2784 [undefined] Maximum length of 2785 certain MIME header field values. 2786confCONNECTION_RATE_THROTTLE ConnectionRateThrottle 2787 [undefined] The maximum number of 2788 connections permitted per second. 2789 After this many connections are 2790 accepted, further connections will be 2791 delayed. If not set or <= 0, there is 2792 no limit. 2793confWORK_RECIPIENT_FACTOR 2794 RecipientFactor [30000] Cost of each recipient. 2795confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a 2796 separate process. 2797confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class. 2798confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt. 2799confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm: 2800 Priority, Host, Filename, or Time. 2801confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job 2802 must sit in the queue between queue 2803 runs. This allows you to set the 2804 queue run interval low for better 2805 responsiveness without trying all 2806 jobs in each run. 2807confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting 2808 unlabeled 8 bit input to MIME, the 2809 character set to use by default. 2810confSERVICE_SWITCH_FILE ServiceSwitchFile 2811 [/etc/mail/service.switch] The file 2812 to use for the service switch on 2813 systems that do not have a 2814 system-defined switch. 2815confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing 2816 "file" type access of hosts names. 2817confDIAL_DELAY DialDelay [0s] If a connection fails, wait this 2818 long and try again. Zero means "don't 2819 retry". This is to allow "dial on 2820 demand" connections to have enough time 2821 to complete a connection. 2822confNO_RCPT_ACTION NoRecipientAction 2823 [none] What to do if there are no legal 2824 recipient fields (To:, Cc: or Bcc:) 2825 in the message. Legal values can 2826 be "none" to just leave the 2827 nonconforming message as is, "add-to" 2828 to add a To: header with all the 2829 known recipients (which may expose 2830 blind recipients), "add-apparently-to" 2831 to do the same but use Apparently-To: 2832 instead of To:, "add-bcc" to add an 2833 empty Bcc: header, or 2834 "add-to-undisclosed" to add the header 2835 ``To: undisclosed-recipients:;''. 2836confSAFE_FILE_ENV SafeFileEnvironment 2837 [undefined] If set, sendmail will do a 2838 chroot() into this directory before 2839 writing files. 2840confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6] 2841 If set, colons are treated as a regular 2842 character in addresses. If not set, 2843 they are treated as the introducer to 2844 the RFC 822 "group" syntax. Colons are 2845 handled properly in route-addrs. This 2846 option defaults on for V5 and lower 2847 configuration files. 2848confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of 2849 any given queue run to this number of 2850 entries. Essentially, this will stop 2851 reading each queue directory after this 2852 number of entries are reached; it does 2853 _not_ pick the highest priority jobs, 2854 so this should be as large as your 2855 system can tolerate. If not set, there 2856 is no limit. 2857confDONT_EXPAND_CNAMES DontExpandCnames 2858 [False] If set, $[ ... $] lookups that 2859 do DNS based lookups do not expand 2860 CNAME records. This currently violates 2861 the published standards, but the IETF 2862 seems to be moving toward legalizing 2863 this. For example, if "FTP.Foo.ORG" 2864 is a CNAME for "Cruft.Foo.ORG", then 2865 with this option set a lookup of 2866 "FTP" will return "FTP.Foo.ORG"; if 2867 clear it returns "Cruft.FOO.ORG". N.B. 2868 you may not see any effect until your 2869 downstream neighbors stop doing CNAME 2870 lookups as well. 2871confFROM_LINE UnixFromLine [From $g $d] The From_ line used 2872 when sending to files or programs. 2873confSINGLE_LINE_FROM_HEADER SingleLineFromHeader 2874 [False] From: lines that have 2875 embedded newlines are unwrapped 2876 onto one line. 2877confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that 2878 does not include a host name. 2879confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full 2880 name phrase (@,;:\()[] are automatic). 2881confOPERATORS OperatorChars [.:%@!^/[]+] Address operator 2882 characters. 2883confSMTP_LOGIN_MSG SmtpGreetingMessage 2884 [$j Sendmail $v/$Z; $b] 2885 The initial (spontaneous) SMTP 2886 greeting message. The word "ESMTP" 2887 will be inserted between the first and 2888 second words to convince other 2889 sendmails to try to speak ESMTP. 2890confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) 2891 routine will never be invoked. You 2892 might want to do this if you are 2893 running NIS and you have a large group 2894 map, since this call does a sequential 2895 scan of the map; in a large site this 2896 can cause your ypserv to run 2897 essentially full time. If you set 2898 this, agents run on behalf of users 2899 will only have their primary 2900 (/etc/passwd) group permissions. 2901confUNSAFE_GROUP_WRITES UnsafeGroupWrites 2902 [False] If set, group-writable 2903 :include: and .forward files are 2904 considered "unsafe", that is, programs 2905 and files cannot be directly referenced 2906 from such files. World-writable files 2907 are always considered unsafe. 2908confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection 2909 address (for testing). 2910confCONTROL_SOCKET_NAME ControlSocketName 2911 [undefined] Control socket for daemon 2912 management. 2913confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress 2914 [postmaster] If an error occurs when 2915 sending an error message, send that 2916 "double bounce" error message to this 2917 address. 2918confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce 2919 messages which could not be returned 2920 to the user or sent to postmaster. 2921 If not set, the queue file will 2922 be renamed. 2923confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header 2924 implies DSN request. 2925confRUN_AS_USER RunAsUser [undefined] If set, become this user 2926 when reading and delivering mail. 2927 Causes all file reads (e.g., .forward 2928 and :include: files) to be done as 2929 this user. Also, all programs will 2930 be run as this user, and all output 2931 files will be written as this user. 2932 Intended for use only on firewalls 2933 where users do not have accounts. 2934confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage 2935 [infinite] If set, allow no more than 2936 the specified number of recipients in 2937 an SMTP envelope. Further recipients 2938 receive a 452 error code (i.e., they 2939 are deferred for the next delivery 2940 attempt). 2941confDONT_PROBE_INTERFACES DontProbeInterfaces 2942 [False] If set, sendmail will _not_ 2943 insert the names and addresses of any 2944 local interfaces into class {w} 2945 (list of known "equivalent" addresses). 2946 If you set this, you must also include 2947 some support for these addresses (e.g., 2948 in a mailertable entry) -- otherwise, 2949 mail to addresses in this list will 2950 bounce with a configuration error. 2951confPID_FILE PidFile [system dependent] Location of pid 2952 file. 2953confPROCESS_TITLE_PREFIX ProcessTitlePrefix 2954 [undefined] Prefix string for the 2955 process title shown on 'ps' listings. 2956confDONT_BLAME_SENDMAIL DontBlameSendmail 2957 [safe] Override sendmail's file 2958 safety checks. This will definitely 2959 compromise system security and should 2960 not be used unless absolutely 2961 necessary. 2962confREJECT_MSG - [550 Access denied] The message 2963 given if the access database contains 2964 REJECT in the value portion. 2965confDF_BUFFER_SIZE DataFileBufferSize 2966 [4096] The maximum size of a 2967 memory-buffered data (df) file 2968 before a disk-based file is used. 2969confXF_BUFFER_SIZE XScriptFileBufferSize 2970 [4096] The maximum size of a 2971 memory-buffered transcript (xf) 2972 file before a disk-based file is 2973 used. 2974confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5 2975 CRAM-MD5] List of authentication 2976 mechanisms for AUTH (separated by 2977 spaces). The advertised list of 2978 authentication mechanisms will be the 2979 intersection of this list and the list 2980 of available mechanisms as determined 2981 by the CYRUS SASL library. 2982confDEF_AUTH_INFO DefaultAuthInfo [undefined] Filename that contains 2983 authentication information for 2984 outgoing connections. This file 2985 must contain the user id, the 2986 authorization id, the password 2987 (plain text), and the realm to use, 2988 each on a separate line and must be 2989 readable by root (or the trusted 2990 user) only. If no realm is 2991 specified, $j is used. 2992 2993 NOTE: Currently, AuthMechanisms is 2994 used to determine the list of 2995 mechanisms to use on an outgoing 2996 connection. Sites which require a 2997 different list of mechanisms for 2998 incoming connections and outgoing 2999 connections will have the ability 3000 to do this in 8.11 by specifying a 3001 list of mechanisms as the fifth 3002 line of the DefaultAuthInfo file. 3003 If no mechanisms are given in the 3004 file, AuthMechanisms is used. The 3005 code for doing so is included as 3006 in the sendmail source code but 3007 disabled. It can be enabled by 3008 recompiling sendmail with: 3009 -D_FFR_DEFAUTHINFO_MECHS 3010confAUTH_OPTIONS AuthOptions [undefined] If this options is 'A' 3011 then the AUTH= parameter for the 3012 MAIL FROM command is only issued 3013 when authentication succeeded. 3014confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map 3015 specification for LDAP maps. The 3016 value should only contain LDAP 3017 specific settings such as "-h host 3018 -p port -d bindDN", etc. The 3019 settings will be used for all LDAP 3020 maps unless they are specified in 3021 the individual map specification 3022 ('K' command). 3023confCACERT_PATH CACERTPath [undefined] Path to directory 3024 with certs of CAs. 3025confCACERT CACERTFile [undefined] File containing one CA 3026 cert. 3027confSERVER_CERT ServerCertFile [undefined] File containing the 3028 cert of the server, i.e., this cert 3029 is used when sendmail acts as 3030 server. 3031confSERVER_KEY ServerKeyFile [undefined] File containing the 3032 private key belonging to the server 3033 cert. 3034confCLIENT_CERT ClientCertFile [undefined] File containing the 3035 cert of the client, i.e., this cert 3036 is used when sendmail acts as 3037 client. 3038confCLIENT_KEY ClientKeyFile [undefined] File containing the 3039 private key belonging to the client 3040 cert. 3041confDH_PARAMETERS DHParameters [undefined] File containing the 3042 DH parameters. 3043confRAND_FILE RandFile [undefined] File containing random 3044 data (use prefix file:) or the 3045 name of the UNIX socket if EGD is 3046 used (use prefix egd:). STARTTLS 3047 requires this option if the compile 3048 flag HASURANDOM is not set (see 3049 sendmail/README). 3050 3051See also the description of OSTYPE for some parameters that can be 3052tweaked (generally pathnames to mailers). 3053 3054DaemonPortOptions are a special case since multiple daemons can be 3055defined. This can be done via 3056 3057 DAEMON_OPTIONS(`field1=value1,field2=value2,...') 3058 3059If DAEMON_OPTIONS is not used, then the default is 3060 3061 DAEMON_OPTIONS(`Port=smtp, Name=MTA') 3062 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E') 3063 3064If you use one DAEMON_OPTIONS macro, it will alter the parameters 3065of the first of these. The second will still be defaulted; it 3066represents a "Message Submission Agent" (MSA) as defined by RFC 30672476 (see below). To turn off the default definition for the MSA, 3068use FEATURE(`no_default_msa') (see also FEATURES). If you use 3069additional DAEMON_OPTIONS macros, they will add additional daemons. 3070 3071Example 1: To change the port for the SMTP listener, while 3072still using the MSA default, use 3073 DAEMON_OPTIONS(`Port=925, Name=MTA') 3074 3075Example 2: To change the port for the MSA daemon, while still 3076using the default SMTP port, use 3077 FEATURE(`no_default_msa') 3078 DAEMON_OPTIONS(`Name=MTA') 3079 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E') 3080 3081Note that if the first of those DAEMON_OPTIONS lines were omitted, then 3082there would be no listener on the standard SMTP port. 3083 3084Example 3: To listen on both IPv4 and IPv6 interfaces, use 3085 3086 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet') 3087 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6') 3088 3089A "Message Submission Agent" still uses all of the same rulesets for 3090processing the message (and therefore still allows message rejection via 3091the check_* rulesets). In accordance with the RFC, the MSA will ensure 3092that all domains in the envelope are fully qualified if the message is 3093relayed to another MTA. It will also enforce the normal address syntax 3094rules and log error messages. Additionally, by using the M=a modifier 3095you can require authentication before messages are accepted by the MSA. 3096Finally, the M=E modifier shown above disables ETRN as required by RFC 30972476. 3098 3099 3100+-----------+ 3101| HIERARCHY | 3102+-----------+ 3103 3104Within this directory are several subdirectories, to wit: 3105 3106m4 General support routines. These are typically 3107 very important and should not be changed without 3108 very careful consideration. 3109 3110cf The configuration files themselves. They have 3111 ".mc" suffixes, and must be run through m4 to 3112 become complete. The resulting output should 3113 have a ".cf" suffix. 3114 3115ostype Definitions describing a particular operating 3116 system type. These should always be referenced 3117 using the OSTYPE macro in the .mc file. Examples 3118 include "bsd4.3", "bsd4.4", "sunos3.5", and 3119 "sunos4.1". 3120 3121domain Definitions describing a particular domain, referenced 3122 using the DOMAIN macro in the .mc file. These are 3123 site dependent; for example, "CS.Berkeley.EDU.m4" 3124 describes hosts in the CS.Berkeley.EDU subdomain. 3125 3126mailer Descriptions of mailers. These are referenced using 3127 the MAILER macro in the .mc file. 3128 3129sh Shell files used when building the .cf file from the 3130 .mc file in the cf subdirectory. 3131 3132feature These hold special orthogonal features that you might 3133 want to include. They should be referenced using 3134 the FEATURE macro. 3135 3136hack Local hacks. These can be referenced using the HACK 3137 macro. They shouldn't be of more than voyeuristic 3138 interest outside the .Berkeley.EDU domain, but who knows? 3139 3140siteconfig Site configuration -- e.g., tables of locally connected 3141 UUCP sites. 3142 3143 3144+------------------------+ 3145| ADMINISTRATIVE DETAILS | 3146+------------------------+ 3147 3148The following sections detail usage of certain internal parts of the 3149sendmail.cf file. Read them carefully if you are trying to modify 3150the current model. If you find the above descriptions adequate, these 3151should be {boring, confusing, tedious, ridiculous} (pick one or more). 3152 3153RULESETS (* means built in to sendmail) 3154 3155 0 * Parsing 3156 1 * Sender rewriting 3157 2 * Recipient rewriting 3158 3 * Canonicalization 3159 4 * Post cleanup 3160 5 * Local address rewrite (after aliasing) 3161 1x mailer rules (sender qualification) 3162 2x mailer rules (recipient qualification) 3163 3x mailer rules (sender header qualification) 3164 4x mailer rules (recipient header qualification) 3165 5x mailer subroutines (general) 3166 6x mailer subroutines (general) 3167 7x mailer subroutines (general) 3168 8x reserved 3169 90 Mailertable host stripping 3170 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail) 3171 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail) 3172 98 Local part of ruleset 0 (ruleset 8 in old sendmail) 3173 99 Guaranteed null (for debugging) 3174 3175 3176MAILERS 3177 3178 0 local, prog local and program mailers 3179 1 [e]smtp, relay SMTP channel 3180 2 uucp-* UNIX-to-UNIX Copy Program 3181 3 netnews Network News delivery 3182 4 fax Sam Leffler's HylaFAX software 3183 5 mail11 DECnet mailer 3184 3185 3186MACROS 3187 3188 A 3189 B Bitnet Relay 3190 C DECnet Relay 3191 D The local domain -- usually not needed 3192 E reserved for X.400 Relay 3193 F FAX Relay 3194 G 3195 H mail Hub (for mail clusters) 3196 I 3197 J 3198 K 3199 L Luser Relay 3200 M Masquerade (who you claim to be) 3201 N 3202 O 3203 P 3204 Q 3205 R Relay (for unqualified names) 3206 S Smart Host 3207 T 3208 U my UUCP name (if you have a UUCP connection) 3209 V UUCP Relay (class {V} hosts) 3210 W UUCP Relay (class {W} hosts) 3211 X UUCP Relay (class {X} hosts) 3212 Y UUCP Relay (all other hosts) 3213 Z Version number 3214 3215 3216CLASSES 3217 3218 A 3219 B domains that are candidates for bestmx lookup 3220 C 3221 D 3222 E addresses that should not seem to come from $M 3223 F hosts this system forward for 3224 G domains that should be looked up in genericstable 3225 H 3226 I 3227 J 3228 K 3229 L addresses that should not be forwarded to $R 3230 M domains that should be mapped to $M 3231 N host/domains that should not be mapped to $M 3232 O operators that indicate network operations (cannot be in local names) 3233 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc. 3234 Q 3235 R domains this system is willing to relay (pass anti-spam filters) 3236 S 3237 T 3238 U locally connected UUCP hosts 3239 V UUCP hosts connected to relay $V 3240 W UUCP hosts connected to relay $W 3241 X UUCP hosts connected to relay $X 3242 Y locally connected smart UUCP hosts 3243 Z locally connected domain-ized UUCP hosts 3244 . the class containing only a dot 3245 [ the class containing only a left bracket 3246 3247 3248M4 DIVERSIONS 3249 3250 1 Local host detection and resolution 3251 2 Local Ruleset 3 additions 3252 3 Local Ruleset 0 additions 3253 4 UUCP Ruleset 0 additions 3254 5 locally interpreted names (overrides $R) 3255 6 local configuration (at top of file) 3256 7 mailer definitions 3257 8 DNS based blacklists 3258 9 special local rulesets (1 and 2) 3259 3260$Revision: 8.383.2.1.2.35 $, Last updated $Date: 2000/12/17 17:19:11 $ 3261