proto.m4 revision 42575 
138032Speterdivert(-1)
238032Speter#
338032Speter# Copyright (c) 1998 Sendmail, Inc.  All rights reserved.
438032Speter# Copyright (c) 1983, 1995 Eric P. Allman.  All rights reserved.
538032Speter# Copyright (c) 1988, 1993
638032Speter#	The Regents of the University of California.  All rights reserved.
738032Speter#
838032Speter# By using this file, you agree to the terms and conditions set
938032Speter# forth in the LICENSE file which can be found at the top level of
1038032Speter# the sendmail distribution.
1138032Speter#
1238032Speter#
1338032Speterdivert(0)
1438032Speter
1542575SpeterVERSIONID(`@(#)proto.m4	8.237 (Berkeley) 12/17/1998')
1638032Speter
1738032SpeterMAILER(local)dnl
1838032Speter
1938032Speter# level 8 config file format
2042575SpeterV8/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley')
2138032Speterdivert(-1)
2238032Speter
2338032Speter# do some sanity checking
2438032Speterifdef(`__OSTYPE__',,
2538032Speter	`errprint(`*** ERROR: No system type defined (use OSTYPE macro)')')
2638032Speter
2738032Speter# pick our default mailers
2838032Speterifdef(`confSMTP_MAILER',, `define(`confSMTP_MAILER', `esmtp')')
2938032Speterifdef(`confLOCAL_MAILER',, `define(`confLOCAL_MAILER', `local')')
3038032Speterifdef(`confRELAY_MAILER',,
3138032Speter	`define(`confRELAY_MAILER',
3238032Speter		`ifdef(`_MAILER_smtp_', `relay',
3338032Speter			`ifdef(`_MAILER_uucp', `uucp-new', `unknown')')')')
3438032Speterifdef(`confUUCP_MAILER',, `define(`confUUCP_MAILER', `uucp-old')')
3538032Speterdefine(`_SMTP_', `confSMTP_MAILER')dnl		for readability only
3638032Speterdefine(`_LOCAL_', `confLOCAL_MAILER')dnl	for readability only
3738032Speterdefine(`_RELAY_', `confRELAY_MAILER')dnl	for readability only
3838032Speterdefine(`_UUCP_', `confUUCP_MAILER')dnl		for readability only
3938032Speter
4038032Speter# set our default hashed database type
4138032Speterifdef(`DATABASE_MAP_TYPE',, `define(`DATABASE_MAP_TYPE', `hash')')
4238032Speter
4338032Speter# back compatibility with old config files
4438032Speterifdef(`confDEF_GROUP_ID',
4538032Speter	`errprint(`*** confDEF_GROUP_ID is obsolete.')
4638032Speter	 errprint(`    Use confDEF_USER_ID with a colon in the value instead.')')
4738032Speterifdef(`confREAD_TIMEOUT',
4838032Speter	`errprint(`*** confREAD_TIMEOUT is obsolete.')
4938032Speter	 errprint(`    Use individual confTO_<timeout> parameters instead.')')
5038032Speterifdef(`confMESSAGE_TIMEOUT',
5138032Speter	`define(`_ARG_', index(confMESSAGE_TIMEOUT, /))
5238032Speter	 ifelse(_ARG_, -1,
5338032Speter		`define(`confTO_QUEUERETURN', confMESSAGE_TIMEOUT)',
5438032Speter		`define(`confTO_QUEUERETURN',
5538032Speter			substr(confMESSAGE_TIMEOUT, 0, _ARG_))
5638032Speter		 define(`confTO_QUEUEWARN',
5738032Speter			substr(confMESSAGE_TIMEOUT, eval(_ARG_+1)))')')
5838032Speterifdef(`confMIN_FREE_BLOCKS', `ifelse(index(confMIN_FREE_BLOCKS, /), -1,,
5938032Speter	`errprint(`*** compound confMIN_FREE_BLOCKS is obsolete.')
6038032Speter	 errprint(`    Use confMAX_MESSAGE_SIZE for the second part of the value.')')')
6138032Speter
6238032Speter# clean option definitions below....
6338032Speterdefine(`_OPTION', `ifdef(`$2', `O $1=$2', `#O $1`'ifelse($3, `',, `=$3')')')dnl
6438032Speter
6538032Speterdivert(0)dnl
6638032Speter
6738032Speter# override file safeties - setting this option compromises system security
6838032Speter# need to set this now for the sake of class files
6938032Speter_OPTION(DontBlameSendmail, `confDONT_BLAME_SENDMAIL', safe)
7038032Speter
7138032Speter##################
7238032Speter#   local info   #
7338032Speter##################
7438032Speter
7538032SpeterCwlocalhost
7638032Speterifdef(`USE_CW_FILE',
7738032Speter`# file containing names of hosts for which we receive email
7838032SpeterFw`'confCW_FILE',
7938032Speter	`dnl')
8038032Speter
8138032Speter# my official domain name
8238032Speter# ... `define' this only if sendmail cannot automatically determine your domain
8338032Speterifdef(`confDOMAIN_NAME', `Dj`'confDOMAIN_NAME', `#Dj$w.Foo.COM')
8438032Speter
8538032Speterifdef(`_NULL_CLIENT_ONLY_', `divert(-1)')dnl
8638032Speter
8738032SpeterCP.
8838032Speter
8938032Speterifdef(`UUCP_RELAY',
9038032Speter`# UUCP relay host
9138032SpeterDY`'UUCP_RELAY
9238032SpeterCPUUCP
9338032Speter
9438032Speter')dnl
9538032Speterifdef(`BITNET_RELAY',
9638032Speter`#  BITNET relay host
9738032SpeterDB`'BITNET_RELAY
9838032SpeterCPBITNET
9938032Speter
10038032Speter')dnl
10138032Speterifdef(`DECNET_RELAY',
10238032Speter`define(`_USE_DECNET_SYNTAX_', 1)dnl
10338032Speter# DECnet relay host
10438032SpeterDC`'DECNET_RELAY
10538032SpeterCPDECNET
10638032Speter
10738032Speter')dnl
10838032Speterifdef(`FAX_RELAY',
10938032Speter`# FAX relay host
11038032SpeterDF`'FAX_RELAY
11138032SpeterCPFAX
11238032Speter
11338032Speter')dnl
11438032Speter# "Smart" relay host (may be null)
11538032SpeterDS`'ifdef(`SMART_HOST', SMART_HOST)
11638032Speter
11738032Speterifdef(`LUSER_RELAY', `dnl
11838032Speter# place to which unknown users should be forwarded
11938032SpeterKuser user -m -a<>
12038032SpeterDL`'LUSER_RELAY',
12138032Speter`dnl')
12238032Speter
12338032Speter# operators that cannot be in local usernames (i.e., network indicators)
12438032SpeterCO @ % ifdef(`_NO_UUCP_', `', `!')
12538032Speter
12638032Speter# a class with just dot (for identifying canonical names)
12738032SpeterC..
12838032Speter
12938032Speter# a class with just a left bracket (for identifying domain literals)
13038032SpeterC[[
13138032Speter
13238032Speterifdef(`MAILER_TABLE', `dnl
13338032Speter# Mailer table (overriding domains)
13438032SpeterKmailertable MAILER_TABLE',
13538032Speter`dnl')
13638032Speter
13738032Speterifdef(`DOMAIN_TABLE', `dnl
13838032Speter# Domain table (adding domains)
13938032SpeterKdomaintable DOMAIN_TABLE',
14038032Speter`dnl')
14138032Speter
14238032Speterifdef(`GENERICS_TABLE', `dnl
14338032Speter# Generics table (mapping outgoing addresses)
14438032SpeterKgenerics GENERICS_TABLE',
14538032Speter`dnl')
14638032Speter
14738032Speterifdef(`UUDOMAIN_TABLE', `dnl
14838032Speter# UUCP domain table
14938032SpeterKuudomain UUDOMAIN_TABLE',
15038032Speter`dnl')
15138032Speter
15238032Speterifdef(`BITDOMAIN_TABLE', `dnl
15338032Speter# BITNET mapping table
15438032SpeterKbitdomain BITDOMAIN_TABLE',
15538032Speter`dnl')
15638032Speter
15738032Speterifdef(`VIRTUSER_TABLE', `dnl
15838032Speter# Virtual user table (maps incoming users)
15938032SpeterKvirtuser VIRTUSER_TABLE',
16038032Speter`dnl')
16138032Speter
16238032Speterifdef(`ACCESS_TABLE', `dnl
16338032Speter# Access list database (for spam stomping)
16438032SpeterKaccess ACCESS_TABLE',
16538032Speter`dnl')
16638032Speter
16738032Speterifdef(`_RELAY_MX_SERVED_', `dnl
16838032Speter# MX map (to allow relaying to hosts that we MX for)
16938032SpeterKmxserved bestmx -z: -T<TEMP>',
17038032Speter`dnl')
17138032Speter
17238032Speterifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',`dnl',`dnl
17338032Speter# Resolve map (to check if a host exists in check_mail)
17438032SpeterKresolve host -a<OK> -T<TEMP>')
17538032Speter
17638032Speterifdef(`confCR_FILE', `dnl
17738032Speter# Hosts that will permit relaying ($=R)
17838032SpeterFR`'confCR_FILE',
17938032Speter`dnl')
18038032Speter
18138032Speter# who I send unqualified names to (null means deliver locally)
18238032SpeterDR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY)
18338032Speter
18438032Speter# who gets all local email traffic ($R has precedence for unqualified names)
18538032SpeterDH`'ifdef(`MAIL_HUB', MAIL_HUB)
18638032Speter
18738032Speter# dequoting map
18838032SpeterKdequote dequote
18938032Speter
19038032Speterdivert(0)dnl	# end of nullclient diversion
19138032Speter# class E: names that should be exposed as from this host, even if we masquerade
19238032Speterifdef(`_NULL_CLIENT_ONLY_', `#',
19338032Speter`# class L: names that should be delivered locally, even if we have a relay
19438032Speter# class M: domains that should be converted to $M
19538032Speter#CL root
19638032Speter')CE root
19738032Speterundivert(5)dnl
19838032Speter
19938032Speter# who I masquerade as (null for no masquerading) (see also $=M)
20038032SpeterDM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME)
20138032Speter
20238032Speter# my name for error messages
20338032Speterifdef(`confMAILER_NAME', `Dn`'confMAILER_NAME', `#DnMAILER-DAEMON')
20438032Speter
20538032Speterundivert(6)dnl
20638032Speterinclude(_CF_DIR_`m4/version.m4')
20738032Speter
20838032Speter###############
20938032Speter#   Options   #
21038032Speter###############
21138032Speter
21238032Speter# strip message body to 7 bits on input?
21338032Speter_OPTION(SevenBitInput, `confSEVEN_BIT_INPUT')
21438032Speter
21538032Speter# 8-bit data handling
21638032Speter_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', adaptive)
21738032Speter
21838032Speterifdef(`_NULL_CLIENT_ONLY_', `dnl', `
21938032Speter# wait for alias file rebuild (default units: minutes)
22038032Speter_OPTION(AliasWait, `confALIAS_WAIT', 5m)
22138032Speter
22238032Speter# location of alias file
22342575Speter_OPTION(AliasFile, `ALIAS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/aliases, /etc/aliases))
22438032Speter')
22538032Speter# minimum number of free blocks on filesystem
22638032Speter_OPTION(MinFreeBlocks, `confMIN_FREE_BLOCKS', 100)
22738032Speter
22838032Speter# maximum message size
22938032Speter_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', 1000000)
23038032Speter
23138032Speter# substitution for space (blank) characters
23238032Speter_OPTION(BlankSub, `confBLANK_SUB', _)
23338032Speter
23438032Speter# avoid connecting to "expensive" mailers on initial submission?
23538032Speter_OPTION(HoldExpensive, `confCON_EXPENSIVE')
23638032Speter
23738032Speter# checkpoint queue runs after every N successful deliveries
23838032Speter_OPTION(CheckpointInterval, `confCHECKPOINT_INTERVAL', 10)
23938032Speter
24038032Speter# default delivery mode
24138032Speter_OPTION(DeliveryMode, `confDELIVERY_MODE', background)
24238032Speter
24338032Speter# automatically rebuild the alias database?
24438032Speter_OPTION(AutoRebuildAliases, `confAUTO_REBUILD')
24538032Speter
24638032Speter# error message header/file
24742575Speter_OPTION(ErrorHeader, `confERROR_MESSAGE', ifdef(`_USE_ETC_MAIL_', /etc/mail/error-header, /etc/sendmail.oE))
24838032Speter
24938032Speter# error mode
25038032Speter_OPTION(ErrorMode, `confERROR_MODE', print)
25138032Speter
25238032Speter# save Unix-style "From_" lines at top of header?
25338032Speter_OPTION(SaveFromLine, `confSAVE_FROM_LINES')
25438032Speter
25538032Speter# temporary file mode
25638032Speter_OPTION(TempFileMode, `confTEMP_FILE_MODE', 0600)
25738032Speter
25838032Speter# match recipients against GECOS field?
25938032Speter_OPTION(MatchGECOS, `confMATCH_GECOS')
26038032Speter
26138032Speter# maximum hop count
26238032Speter_OPTION(MaxHopCount, `confMAX_HOP', 17)
26338032Speter
26438032Speter# location of help file
26542575SpeterO HelpFile=ifdef(`HELP_FILE', HELP_FILE, ifdef(`_USE_ETC_MAIL_', /etc/mail/helpfile, /usr/lib/sendmail.hf))
26638032Speter
26738032Speter# ignore dots as terminators in incoming messages?
26838032Speter_OPTION(IgnoreDots, `confIGNORE_DOTS')
26938032Speter
27038032Speter# name resolver options
27138032Speter_OPTION(ResolverOptions, `confBIND_OPTS', +AAONLY)
27238032Speter
27338032Speter# deliver MIME-encapsulated error messages?
27438032Speter_OPTION(SendMimeErrors, `confMIME_FORMAT_ERRORS')
27538032Speter
27638032Speter# Forward file search path
27738032Speter_OPTION(ForwardPath, `confFORWARD_PATH', /var/forward/$u:$z/.forward.$w:$z/.forward)
27838032Speter
27938032Speter# open connection cache size
28038032Speter_OPTION(ConnectionCacheSize, `confMCI_CACHE_SIZE', 2)
28138032Speter
28238032Speter# open connection cache timeout
28338032Speter_OPTION(ConnectionCacheTimeout, `confMCI_CACHE_TIMEOUT', 5m)
28438032Speter
28538032Speter# persistent host status directory
28638032Speter_OPTION(HostStatusDirectory, `confHOST_STATUS_DIRECTORY', .hoststat)
28738032Speter
28838032Speter# single thread deliveries (requires HostStatusDirectory)?
28938032Speter_OPTION(SingleThreadDelivery, `confSINGLE_THREAD_DELIVERY')
29038032Speter
29138032Speter# use Errors-To: header?
29238032Speter_OPTION(UseErrorsTo, `confUSE_ERRORS_TO')
29338032Speter
29438032Speter# log level
29538032Speter_OPTION(LogLevel, `confLOG_LEVEL', 10)
29638032Speter
29738032Speter# send to me too, even in an alias expansion?
29838032Speter_OPTION(MeToo, `confME_TOO')
29938032Speter
30038032Speter# verify RHS in newaliases?
30138032Speter_OPTION(CheckAliases, `confCHECK_ALIASES')
30238032Speter
30338032Speter# default messages to old style headers if no special punctuation?
30438032Speter_OPTION(OldStyleHeaders, `confOLD_STYLE_HEADERS')
30538032Speter
30638032Speter# SMTP daemon options
30738032Speter_OPTION(DaemonPortOptions, `confDAEMON_OPTIONS', Port=esmtp)
30838032Speter
30938032Speter# privacy flags
31038032Speter_OPTION(PrivacyOptions, `confPRIVACY_FLAGS', authwarnings)
31138032Speter
31238032Speter# who (if anyone) should get extra copies of error messages
31338032Speter_OPTION(PostMasterCopy, `confCOPY_ERRORS_TO', Postmaster)
31438032Speter
31538032Speter# slope of queue-only function
31638032Speter_OPTION(QueueFactor, `confQUEUE_FACTOR', 600000)
31738032Speter
31838032Speter# queue directory
31938032SpeterO QueueDirectory=ifdef(`QUEUE_DIR', QUEUE_DIR, /var/spool/mqueue)
32038032Speter
32138032Speter# timeouts (many of these)
32238032Speter_OPTION(Timeout.initial, `confTO_INITIAL', 5m)
32338032Speter_OPTION(Timeout.connect, `confTO_CONNECT', 5m)
32438032Speter_OPTION(Timeout.iconnect, `confTO_ICONNECT', 5m)
32538032Speter_OPTION(Timeout.helo, `confTO_HELO', 5m)
32638032Speter_OPTION(Timeout.mail, `confTO_MAIL', 10m)
32738032Speter_OPTION(Timeout.rcpt, `confTO_RCPT', 1h)
32838032Speter_OPTION(Timeout.datainit, `confTO_DATAINIT', 5m)
32938032Speter_OPTION(Timeout.datablock, `confTO_DATABLOCK', 1h)
33038032Speter_OPTION(Timeout.datafinal, `confTO_DATAFINAL', 1h)
33138032Speter_OPTION(Timeout.rset, `confTO_RSET', 5m)
33238032Speter_OPTION(Timeout.quit, `confTO_QUIT', 2m)
33338032Speter_OPTION(Timeout.misc, `confTO_MISC', 2m)
33438032Speter_OPTION(Timeout.command, `confTO_COMMAND', 1h)
33538032Speter_OPTION(Timeout.ident, `confTO_IDENT', 30s)
33638032Speter_OPTION(Timeout.fileopen, `confTO_FILEOPEN', 60s)
33738032Speter_OPTION(Timeout.queuereturn, `confTO_QUEUERETURN', 5d)
33838032Speter_OPTION(Timeout.queuereturn.normal, `confTO_QUEUERETURN_NORMAL', 5d)
33938032Speter_OPTION(Timeout.queuereturn.urgent, `confTO_QUEUERETURN_URGENT', 2d)
34038032Speter_OPTION(Timeout.queuereturn.non-urgent, `confTO_QUEUERETURN_NONURGENT', 7d)
34138032Speter_OPTION(Timeout.queuewarn, `confTO_QUEUEWARN', 4h)
34238032Speter_OPTION(Timeout.queuewarn.normal, `confTO_QUEUEWARN_NORMAL', 4h)
34338032Speter_OPTION(Timeout.queuewarn.urgent, `confTO_QUEUEWARN_URGENT', 1h)
34438032Speter_OPTION(Timeout.queuewarn.non-urgent, `confTO_QUEUEWARN_NONURGENT', 12h)
34538032Speter_OPTION(Timeout.hoststatus, `confTO_HOSTSTATUS', 30m)
34638032Speter
34738032Speter# should we not prune routes in route-addr syntax addresses?
34838032Speter_OPTION(DontPruneRoutes, `confDONT_PRUNE_ROUTES')
34938032Speter
35038032Speter# queue up everything before forking?
35138032Speter_OPTION(SuperSafe, `confSAFE_QUEUE')
35238032Speter
35338032Speter# status file
35442575SpeterO StatusFile=ifdef(`STATUS_FILE', `STATUS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/statistics, /etc/sendmail.st))
35538032Speter
35638032Speter# time zone handling:
35738032Speter#  if undefined, use system default
35838032Speter#  if defined but null, use TZ envariable passed in
35938032Speter#  if defined and non-null, use that info
36038032Speterifelse(confTIME_ZONE, `USE_SYSTEM', `#O TimeZoneSpec=',
36138032Speter	confTIME_ZONE, `USE_TZ', `O TimeZoneSpec=',
36238032Speter	`O TimeZoneSpec=confTIME_ZONE')
36338032Speter
36438032Speter# default UID (can be username or userid:groupid)
36538032Speter_OPTION(DefaultUser, `confDEF_USER_ID', mailnull)
36638032Speter
36738032Speter# list of locations of user database file (null means no lookup)
36842575Speter_OPTION(UserDatabaseSpec, `confUSERDB_SPEC', ifdef(`_USE_ETC_MAIL_', /etc/mail/userdb, /etc/userdb))
36938032Speter
37038032Speter# fallback MX host
37138032Speter_OPTION(FallbackMXhost, `confFALLBACK_MX', fall.back.host.net)
37238032Speter
37338032Speter# if we are the best MX host for a site, try it directly instead of config err
37438032Speter_OPTION(TryNullMXList, `confTRY_NULL_MX_LIST')
37538032Speter
37638032Speter# load average at which we just queue messages
37738032Speter_OPTION(QueueLA, `confQUEUE_LA', 8)
37838032Speter
37938032Speter# load average at which we refuse connections
38038032Speter_OPTION(RefuseLA, `confREFUSE_LA', 12)
38138032Speter
38238032Speter# maximum number of children we allow at one time
38338032Speter_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', 12)
38438032Speter
38538032Speter# maximum number of new connections per second
38638032Speter_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', 3)
38738032Speter
38838032Speter# work recipient factor
38938032Speter_OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', 30000)
39038032Speter
39138032Speter# deliver each queued job in a separate process?
39238032Speter_OPTION(ForkEachJob, `confSEPARATE_PROC')
39338032Speter
39438032Speter# work class factor
39538032Speter_OPTION(ClassFactor, `confWORK_CLASS_FACTOR', 1800)
39638032Speter
39738032Speter# work time factor
39838032Speter_OPTION(RetryFactor, `confWORK_TIME_FACTOR', 90000)
39938032Speter
40038032Speter# shall we sort the queue by hostname first?
40138032Speter_OPTION(QueueSortOrder, `confQUEUE_SORT_ORDER', priority)
40238032Speter
40338032Speter# minimum time in queue before retry
40438032Speter_OPTION(MinQueueAge, `confMIN_QUEUE_AGE', 30m)
40538032Speter
40638032Speter# default character set
40738032Speter_OPTION(DefaultCharSet, `confDEF_CHAR_SET', iso-8859-1)
40838032Speter
40938032Speter# service switch file (ignored on Solaris, Ultrix, OSF/1, others)
41042575Speter_OPTION(ServiceSwitchFile, `confSERVICE_SWITCH_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/service.switch, /etc/service.switch))
41138032Speter
41238032Speter# hosts file (normally /etc/hosts)
41338032Speter_OPTION(HostsFile, `confHOSTS_FILE', /etc/hosts)
41438032Speter
41538032Speter# dialup line delay on connection failure
41638032Speter_OPTION(DialDelay, `confDIAL_DELAY', 10s)
41738032Speter
41838032Speter# action to take if there are no recipients in the message
41938032Speter_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', add-to-undisclosed)
42038032Speter
42138032Speter# chrooted environment for writing to files
42238032Speter_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', /arch)
42338032Speter
42438032Speter# are colons OK in addresses?
42538032Speter_OPTION(ColonOkInAddr, `confCOLON_OK_IN_ADDR')
42638032Speter
42738032Speter# how many jobs can you process in the queue?
42838032Speter_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', 10000)
42938032Speter
43038032Speter# shall I avoid expanding CNAMEs (violates protocols)?
43138032Speter_OPTION(DontExpandCnames, `confDONT_EXPAND_CNAMES')
43238032Speter
43338032Speter# SMTP initial login message (old $e macro)
43438032Speter_OPTION(SmtpGreetingMessage, `confSMTP_LOGIN_MSG')
43538032Speter
43638032Speter# UNIX initial From header format (old $l macro)
43738032Speter_OPTION(UnixFromLine, `confFROM_LINE')
43838032Speter
43938032Speter# From: lines that have embedded newlines are unwrapped onto one line
44038032Speter_OPTION(SingleLineFromHeader, `confSINGLE_LINE_FROM_HEADER', False)
44138032Speter
44238032Speter# Allow HELO SMTP command that does not `include' a host name
44338032Speter_OPTION(AllowBogusHELO, `confALLOW_BOGUS_HELO', False)
44438032Speter
44538032Speter# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
44638032Speter_OPTION(MustQuoteChars, `confMUST_QUOTE_CHARS', .)
44738032Speter
44838032Speter# delimiter (operator) characters (old $o macro)
44938032Speter_OPTION(OperatorChars, `confOPERATORS')
45038032Speter
45138032Speter# shall I avoid calling initgroups(3) because of high NIS costs?
45238032Speter_OPTION(DontInitGroups, `confDONT_INIT_GROUPS')
45338032Speter
45438032Speter# are group-writable `:include:' and .forward files (un)trustworthy?
45538032Speter_OPTION(UnsafeGroupWrites, `confUNSAFE_GROUP_WRITES')
45638032Speter
45738032Speter# where do errors that occur when sending errors get sent?
45838032Speter_OPTION(DoubleBounceAddress, `confDOUBLE_BOUNCE_ADDRESS', postmaster)
45938032Speter
46038032Speter# what user id do we assume for the majority of the processing?
46138032Speter_OPTION(RunAsUser, `confRUN_AS_USER', sendmail)
46238032Speter
46338032Speter# maximum number of recipients per SMTP envelope
46438032Speter_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', 100)
46538032Speter
46638032Speter# shall we get local names from our installed interfaces?
46738032Speter_OPTION(DontProbeInterfaces, `confDONT_PROBE_INTERFACES')
46838032Speter
46942575Speterifdef(`confTRUSTED_USER',
47042575Speter`# Trusted user for file ownership and starting the daemon
47142575SpeterO TrustedUser=confTRUSTED_USER
47242575Speter')
47342575Speterifdef(`confCONTROL_SOCKET_NAME',
47442575Speter`# Control socket for daemon management
47542575SpeterO ControlSocketName=confCONTROL_SOCKET_NAME
47642575Speter')
47742575Speterifdef(`confMAX_MIME_HEADER_LENGTH',
47842575Speter`# Maximum MIME header length to protect MUAs
47942575SpeterO MaxMimeHeaderLength=confMAX_MIME_HEADER_LENGTH
48042575Speter')
48142575Speter
48238032Speter###########################
48338032Speter#   Message precedences   #
48438032Speter###########################
48538032Speter
48638032SpeterPfirst-class=0
48738032SpeterPspecial-delivery=100
48838032SpeterPlist=-30
48938032SpeterPbulk=-60
49038032SpeterPjunk=-100
49138032Speter
49238032Speter#####################
49338032Speter#   Trusted users   #
49438032Speter#####################
49538032Speter
49638032Speter# this is equivalent to setting class "t"
49742575Speterifdef(`_USE_CT_FILE_', `', `#')Ft`'ifdef(`confCT_FILE', confCT_FILE, ifdef(`_USE_ETC_MAIL_', `/etc/mail/trusted-users', `/etc/sendmail.ct'))
49838032SpeterTroot
49938032SpeterTdaemon
50038032Speterifdef(`_NO_UUCP_', `dnl', `Tuucp')
50138032Speterifdef(`confTRUSTED_USERS', `T`'confTRUSTED_USERS', `dnl')
50238032Speter
50338032Speter#########################
50438032Speter#   Format of headers   #
50538032Speter#########################
50638032Speter
50738032Speterifdef(`confFROM_HEADER',, `define(`confFROM_HEADER', `$?x$x <$g>$|$g$.')')dnl
50838032SpeterH?P?Return-Path: <$g>
50938032SpeterHReceived: confRECEIVED_HEADER
51038032SpeterH?D?Resent-Date: $a
51138032SpeterH?D?Date: $a
51238032SpeterH?F?Resent-From: confFROM_HEADER
51338032SpeterH?F?From: confFROM_HEADER
51438032SpeterH?x?Full-Name: $x
51538032Speter# HPosted-Date: $a
51638032Speter# H?l?Received-Date: $b
51738032SpeterH?M?Resent-Message-Id: <$t.$i@$j>
51838032SpeterH?M?Message-Id: <$t.$i@$j>
51938032Speterifdef(`_NULL_CLIENT_ONLY_',
52038032Speter	`include(_CF_DIR_`'m4/nullrelay.m4)m4exit',
52138032Speter	`dnl')
52238032Speter#
52338032Speter######################################################################
52438032Speter######################################################################
52538032Speter#####
52638032Speter#####			REWRITING RULES
52738032Speter#####
52838032Speter######################################################################
52938032Speter######################################################################
53038032Speter
53138032Speter############################################
53238032Speter###  Ruleset 3 -- Name Canonicalization  ###
53338032Speter############################################
53438032SpeterS3
53538032Speter
53638032Speter# handle null input (translate to <@> special case)
53738032SpeterR$@			$@ <@>
53838032Speter
53938032Speter# strip group: syntax (not inside angle brackets!) and trailing semicolon
54038032SpeterR$*			$: $1 <@>			mark addresses
54138032SpeterR$* < $* > $* <@>	$: $1 < $2 > $3			unmark <addr>
54238032SpeterR@ $* <@>		$: @ $1				unmark @host:...
54338032SpeterR$* :: $* <@>		$: $1 :: $2			unmark node::addr
54438032SpeterR:`include': $* <@>	$: :`include': $1			unmark :`include':...
54538032SpeterR$* [ $* : $* ] <@>	$: $1 [ $2 : $3 ]		unmark IPv6 addrs
54638032SpeterR$* : $* [ $* ]		$: $1 : $2 [ $3 ] <@>		remark if leading colon
54738032SpeterR$* : $* <@>		$: $2				strip colon if marked
54838032SpeterR$* <@>			$: $1				unmark
54938032SpeterR$* ;			   $1				strip trailing semi
55038032SpeterR$* < $* ; >		   $1 < $2 >			bogus bracketed semi
55138032Speter
55238032Speter# null input now results from list:; syntax
55338032SpeterR$@			$@ :; <@>
55438032Speter
55538032Speter# strip angle brackets -- note RFC733 heuristic to get innermost item
55638032SpeterR$*			$: < $1 >			housekeeping <>
55738032SpeterR$+ < $* >		   < $2 >			strip excess on left
55838032SpeterR< $* > $+		   < $1 >			strip excess on right
55938032SpeterR<>			$@ < @ >			MAIL FROM:<> case
56038032SpeterR< $+ >			$: $1				remove housekeeping <>
56138032Speter
56238032Speter# make sure <@a,@b,@c:user@d> syntax is easy to parse -- undone later
56338032SpeterR@ $+ , $+		@ $1 : $2			change all "," to ":"
56438032Speter
56538032Speter# localize and dispose of route-based addresses
56638032SpeterR@ $+ : $+		$@ $>96 < @$1 > : $2		handle <route-addr>
56738032Speter
56838032Speter# find focus for list syntax
56938032SpeterR $+ : $* ; @ $+	$@ $>96 $1 : $2 ; < @ $3 >	list syntax
57038032SpeterR $+ : $* ;		$@ $1 : $2;			list syntax
57138032Speter
57238032Speter# find focus for @ syntax addresses
57338032SpeterR$+ @ $+		$: $1 < @ $2 >			focus on domain
57438032SpeterR$+ < $+ @ $+ >		$1 $2 < @ $3 >			move gaze right
57538032SpeterR$+ < @ $+ >		$@ $>96 $1 < @ $2 >		already canonical
57638032Speter
57738032Speter# do some sanity checking
57838032SpeterR$* < @ $* : $* > $*	$1 < @ $2 $3 > $4		nix colons in addrs
57938032Speter
58038032Speterifdef(`_NO_UUCP_', `dnl',
58138032Speter`# convert old-style addresses to a domain-based address
58238032SpeterR$- ! $+		$@ $>96 $2 < @ $1 .UUCP >	resolve uucp names
58338032SpeterR$+ . $- ! $+		$@ $>96 $3 < @ $1 . $2 >		domain uucps
58438032SpeterR$+ ! $+		$@ $>96 $2 < @ $1 .UUCP >	uucp subdomains
58538032Speter')
58638032Speterifdef(`_USE_DECNET_SYNTAX_',
58738032Speter`# convert node::user addresses into a domain-based address
58838032SpeterR$- :: $+		$@ $>96 $2 < @ $1 .DECNET >	resolve DECnet names
58938032SpeterR$- . $- :: $+		$@ $>96 $3 < @ $1.$2 .DECNET >	numeric DECnet addr
59038032Speter',
59138032Speter	`dnl')
59238032Speter# if we have % signs, take the rightmost one
59338032SpeterR$* % $*		$1 @ $2				First make them all @s.
59438032SpeterR$* @ $* @ $*		$1 % $2 @ $3			Undo all but the last.
59538032SpeterR$* @ $*		$@ $>96 $1 < @ $2 >		Insert < > and finish
59638032Speter
59738032Speter# else we must be a local name
59838032SpeterR$*			$@ $>96 $1
59938032Speter
60038032Speter
60138032Speter################################################
60238032Speter###  Ruleset 96 -- bottom half of ruleset 3  ###
60338032Speter################################################
60438032Speter
60538032SpeterS96
60638032Speter
60738032Speter# handle special cases for local names
60838032SpeterR$* < @ localhost > $*		$: $1 < @ $j . > $2		no domain at all
60938032SpeterR$* < @ localhost . $m > $*	$: $1 < @ $j . > $2		local domain
61038032Speterifdef(`_NO_UUCP_', `dnl',
61138032Speter`R$* < @ localhost . UUCP > $*	$: $1 < @ $j . > $2		.UUCP domain')
61238032SpeterR$* < @ [ $+ ] > $*		$: $1 < @@ [ $2 ] > $3		mark [a.b.c.d]
61338032SpeterR$* < @@ $=w > $*		$: $1 < @ $j . > $3		self-literal
61438032SpeterR$* < @@ $+ > $*		$@ $1 < @ $2 > $3		canon IP addr
61538032Speter
61638032Speterifdef(`DOMAIN_TABLE', `dnl
61738032Speter# look up domains in the domain table
61838032SpeterR$* < @ $+ > $* 		$: $1 < @ $(domaintable $2 $) > $3', `dnl')
61938032Speter
62038032Speterundivert(2)dnl
62138032Speter
62238032Speterifdef(`BITDOMAIN_TABLE', `dnl
62338032Speter# handle BITNET mapping
62438032SpeterR$* < @ $+ .BITNET > $*		$: $1 < @ $(bitdomain $2 $: $2.BITNET $) > $3', `dnl')
62538032Speter
62638032Speterifdef(`UUDOMAIN_TABLE', `dnl
62738032Speter# handle UUCP mapping
62838032SpeterR$* < @ $+ .UUCP > $*		$: $1 < @ $(uudomain $2 $: $2.UUCP $) > $3', `dnl')
62938032Speter
63038032Speterifdef(`_NO_UUCP_', `dnl',
63138032Speter`ifdef(`UUCP_RELAY',
63238032Speter`# pass UUCP addresses straight through
63338032SpeterR$* < @ $+ . UUCP > $*		$@ $1 < @ $2 . UUCP . > $3',
63438032Speter`# if really UUCP, handle it immediately
63538032Speterifdef(`_CLASS_U_',
63638032Speter`R$* < @ $=U . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
63738032Speterifdef(`_CLASS_V_',
63838032Speter`R$* < @ $=V . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
63938032Speterifdef(`_CLASS_W_',
64038032Speter`R$* < @ $=W . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
64138032Speterifdef(`_CLASS_X_',
64238032Speter`R$* < @ $=X . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
64338032Speterifdef(`_CLASS_Y_',
64438032Speter`R$* < @ $=Y . UUCP > $*	$@ $1 < @ $2 . UUCP . > $3', `dnl')
64538032Speter
64638032Speterifdef(`_NO_CANONIFY_', `dnl', `dnl
64738032Speter# try UUCP traffic as a local address
64838032SpeterR$* < @ $+ . UUCP > $*		$: $1 < @ $[ $2 $] . UUCP . > $3
64938032SpeterR$* < @ $+ . . UUCP . > $*	$@ $1 < @ $2 . > $3')
65038032Speter')')
65138032Speterifdef(`_NO_CANONIFY_', `dnl', `dnl
65238032Speter# pass to name server to make hostname canonical
65338032SpeterR$* < @ $* $~P > $*		$: $1 < @ $[ $2 $3 $] > $4')
65438032Speter
65538032Speter# local host aliases and pseudo-domains are always canonical
65638032SpeterR$* < @ $=w > $*		$: $1 < @ $2 . > $3
65738032SpeterR$* < @ $j > $*			$: $1 < @ $j . > $2
65838032Speterifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
65938032Speter`R$* < @ $* $=M > $*		$: $1 < @ $2 $3 . > $4',
66038032Speter`R$* < @ $=M > $*		$: $1 < @ $2 . > $3')
66138032SpeterR$* < @ $* $=P > $*		$: $1 < @ $2 $3 . > $4
66238032SpeterR$* < @ $* . . > $*		$1 < @ $2 . > $3
66338032Speter
66438032Speter
66538032Speter##################################################
66638032Speter###  Ruleset 4 -- Final Output Post-rewriting  ###
66738032Speter##################################################
66838032SpeterS4
66938032Speter
67038032SpeterR$* <@>			$@				handle <> and list:;
67138032Speter
67238032Speter# strip trailing dot off possibly canonical name
67338032SpeterR$* < @ $+ . > $*	$1 < @ $2 > $3
67438032Speter
67538032Speter# eliminate internal code -- should never get this far!
67638032SpeterR$* < @ *LOCAL* > $*	$1 < @ $j > $2
67738032Speter
67838032Speter# externalize local domain info
67938032SpeterR$* < $+ > $*		$1 $2 $3			defocus
68038032SpeterR@ $+ : @ $+ : $+	@ $1 , @ $2 : $3		<route-addr> canonical
68138032SpeterR@ $*			$@ @ $1				... and exit
68238032Speter
68338032Speterifdef(`_NO_UUCP_', `dnl',
68438032Speter`# UUCP must always be presented in old form
68538032SpeterR$+ @ $- . UUCP		$2!$1				u@h.UUCP => h!u')
68638032Speter
68738032Speterifdef(`_USE_DECNET_SYNTAX_',
68838032Speter`# put DECnet back in :: form
68938032SpeterR$+ @ $+ . DECNET	$2 :: $1			u@h.DECNET => h::u',
69038032Speter	`dnl')
69138032Speter# delete duplicate local names
69238032SpeterR$+ % $=w @ $=w		$1 @ $2				u%host@host => u@host
69338032Speter
69438032Speter
69538032Speter
69638032Speter##############################################################
69738032Speter###   Ruleset 97 -- recanonicalize and call ruleset zero   ###
69838032Speter###		   (used for recursive calls)		   ###
69938032Speter##############################################################
70038032Speter
70138032SpeterS`'97
70238032SpeterR$*			$: $>3 $1
70338032SpeterR$*			$@ $>0 $1
70438032Speter
70538032Speter
70638032Speter######################################
70738032Speter###   Ruleset 0 -- Parse Address   ###
70838032Speter######################################
70938032Speter
71038032SpeterS0
71138032Speter
71238032SpeterR$*			$: $>Parse0 $1		initial parsing
71338032SpeterR<@>			$#_LOCAL_ $: <@>		special case error msgs
71438032SpeterR$*			$: $>98 $1		handle local hacks
71538032SpeterR$*			$: $>Parse1 $1		final parsing
71638032Speter
71738032Speter#
71838032Speter#  Parse0 -- do initial syntax checking and eliminate local addresses.
71938032Speter#	This should either return with the (possibly modified) input
72038032Speter#	or return with a #error mailer.  It should not return with a
72138032Speter#	#mailer other than the #error mailer.
72238032Speter#
72338032Speter
72438032SpeterSParse0
72538032SpeterR<@>			$@ <@>			special case error msgs
72638032SpeterR$* : $* ; <@>		$#error $@ 5.1.3 $: "List:; syntax illegal for recipient addresses"
72738032Speter#R@ <@ $* >		< @ $1 >		catch "@@host" bogosity
72838032SpeterR<@ $+>			$#error $@ 5.1.3 $: "User address required"
72938032SpeterR$*			$: <> $1
73038032SpeterR<> $* < @ [ $+ ] > $*	$1 < @ [ $2 ] > $3
73138032SpeterR<> $* <$* : $* > $*	$#error $@ 5.1.3 $: "Colon illegal in host name part"
73238032SpeterR<> $*			$1
73338032SpeterR$* < @ . $* > $*	$#error $@ 5.1.2 $: "Invalid host name"
73438032SpeterR$* < @ $* .. $* > $*	$#error $@ 5.1.2 $: "Invalid host name"
73538032Speter
73638032Speter# now delete the local info -- note $=O to find characters that cause forwarding
73738032SpeterR$* < @ > $*		$@ $>Parse0 $>3 $1		user@ => user
73838032SpeterR< @ $=w . > : $*	$@ $>Parse0 $>3 $2		@here:... -> ...
73938032SpeterR$- < @ $=w . >		$: $(dequote $1 $) < @ $2 . >	dequote "foo"@here
74038032SpeterR< @ $+ >		$#error $@ 5.1.3 $: "User address required"
74138032SpeterR$* $=O $* < @ $=w . >	$@ $>Parse0 $>3 $1 $2 $3	...@here -> ...
74238032SpeterR$- 			$: $(dequote $1 $) < @ *LOCAL* >	dequote "foo"
74338032SpeterR< @ *LOCAL* >		$#error $@ 5.1.3 $: "User address required"
74438032SpeterR$* $=O $* < @ *LOCAL* >
74538032Speter			$@ $>Parse0 $>3 $1 $2 $3	...@*LOCAL* -> ...
74638032SpeterR$* < @ *LOCAL* >	$: $1
74738032Speter
74838032Speter#
74938032Speter#  Parse1 -- the bottom half of ruleset 0.
75038032Speter#
75138032Speter
75238032SpeterSParse1
75338032Speterifdef(`_MAILER_smtp_',
75438032Speter`# handle numeric address spec
75538032SpeterR$* < @ [ $+ ] > $*	$: $>98 $1 < @ [ $2 ] > $3	numeric internet spec
75638032SpeterR$* < @ [ $+ ] > $*	$#_SMTP_ $@ [$2] $: $1 < @ [$2] > $3	still numeric: send',
75738032Speter	`dnl')
75838032Speter
75938032Speterifdef(`VIRTUSER_TABLE', `dnl
76038032Speter# handle virtual users
76138032SpeterR$+ < @ $=w . > 	$: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
76238032SpeterR<@> $+ + $* < @ $* . >
76338032Speter			$: < $(virtuser $1 + * @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . >
76438032SpeterR<@> $+ + $* < @ $* . >
76538032Speter			$: < $(virtuser $1 @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . >
76638032SpeterR<@> $+ < @ $+ . >	$: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
76738032SpeterR<@> $+			$: $1
76838032SpeterR< error : $- $+ > $* 	$#error $@ $(dequote $1 $) $: $2
76938032SpeterR< $+ > $+ < @ $+ >	$: $>97 $1',
77038032Speter`dnl')
77138032Speter
77238032Speter# short circuit local delivery so forwarded email works
77338032Speterifdef(`_MAILER_usenet_', `dnl
77438032SpeterR$+ . USENET < @ $=w . >	$#usenet $: $1		handle usenet specially', `dnl')
77538032Speterifdef(`_STICKY_LOCAL_DOMAIN_',
77638032Speter`R$+ < @ $=w . >		$: < $H > $1 < @ $2 . >		first try hub
77738032SpeterR< $+ > $+ < $+ >	$>95 < $1 > $2 < $3 >		yep ....
77838032SpeterR< > $+ + $* < $+ >	$#_LOCAL_ $: $1 + $2		plussed name?
77938032SpeterR< > $+ < $+ >		$#_LOCAL_ $: @ $1			nope, local address',
78038032Speter`R$=L < @ $=w . >	$#_LOCAL_ $: @ $1		special local names
78138032SpeterR$+ < @ $=w . >		$#_LOCAL_ $: $1			regular local name')
78238032Speter
78338032Speterifdef(`MAILER_TABLE', `dnl
78438032Speter# not local -- try mailer table lookup
78538032SpeterR$* <@ $+ > $*		$: < $2 > $1 < @ $2 > $3	extract host name
78638032SpeterR< $+ . > $*		$: < $1 > $2			strip trailing dot
78738032SpeterR< $+ > $*		$: < $(mailertable $1 $) > $2	lookup
78838032SpeterR< $~[ : $+ > $* 	$>95 < $1 : $2 > $3		check -- resolved?
78938032SpeterR< $+ > $*		$: $>90 <$1> $2			try domain',
79038032Speter`dnl')
79138032Speterundivert(4)dnl
79238032Speter
79338032Speterifdef(`_NO_UUCP_', `dnl',
79438032Speter`# resolve remotely connected UUCP links (if any)
79538032Speterifdef(`_CLASS_V_',
79638032Speter`R$* < @ $=V . UUCP . > $*		$: $>95 < $V > $1 <@$2.UUCP.> $3',
79738032Speter	`dnl')
79838032Speterifdef(`_CLASS_W_',
79938032Speter`R$* < @ $=W . UUCP . > $*		$: $>95 < $W > $1 <@$2.UUCP.> $3',
80038032Speter	`dnl')
80138032Speterifdef(`_CLASS_X_',
80238032Speter`R$* < @ $=X . UUCP . > $*		$: $>95 < $X > $1 <@$2.UUCP.> $3',
80338032Speter	`dnl')')
80438032Speter
80538032Speter# resolve fake top level domains by forwarding to other hosts
80638032Speterifdef(`BITNET_RELAY',
80738032Speter`R$*<@$+.BITNET.>$*	$: $>95 < $B > $1 <@$2.BITNET.> $3	user@host.BITNET',
80838032Speter	`dnl')
80938032Speterifdef(`DECNET_RELAY',
81038032Speter`R$*<@$+.DECNET.>$*	$: $>95 < $C > $1 <@$2.DECNET.> $3	user@host.DECNET',
81138032Speter	`dnl')
81238032Speterifdef(`_MAILER_pop_',
81338032Speter`R$+ < @ POP. >		$#pop $: $1			user@POP',
81438032Speter	`dnl')
81538032Speterifdef(`_MAILER_fax_',
81638032Speter`R$+ < @ $+ .FAX. >	$#fax $@ $2 $: $1		user@host.FAX',
81738032Speter`ifdef(`FAX_RELAY',
81838032Speter`R$*<@$+.FAX.>$*		$: $>95 < $F > $1 <@$2.FAX.> $3	user@host.FAX',
81938032Speter	`dnl')')
82038032Speter
82138032Speterifdef(`UUCP_RELAY',
82238032Speter`# forward non-local UUCP traffic to our UUCP relay
82338032SpeterR$*<@$*.UUCP.>$*		$: $>95 < $Y > $1 <@$2.UUCP.> $3	uucp mail',
82438032Speter`ifdef(`_MAILER_uucp_',
82538032Speter`# forward other UUCP traffic straight to UUCP
82638032SpeterR$* < @ $+ .UUCP. > $*		$#_UUCP_ $@ $2 $: $1 < @ $2 .UUCP. > $3	user@host.UUCP',
82738032Speter	`dnl')')
82838032Speterifdef(`_MAILER_usenet_', `
82938032Speter# addresses sent to net.group.USENET will get forwarded to a newsgroup
83038032SpeterR$+ . USENET		$#usenet $: $1',
83138032Speter	`dnl')
83238032Speter
83338032Speterifdef(`_LOCAL_RULES_',
83438032Speter`# figure out what should stay in our local mail system
83538032Speterundivert(1)', `dnl')
83638032Speter
83738032Speter# pass names that still have a host to a smarthost (if defined)
83838032SpeterR$* < @ $* > $*		$: $>95 < $S > $1 < @ $2 > $3	glue on smarthost name
83938032Speter
84038032Speter# deal with other remote names
84138032Speterifdef(`_MAILER_smtp_',
84238032Speter`R$* < @$* > $*		$#_SMTP_ $@ $2 $: $1 < @ $2 > $3		user@host.domain',
84342575Speter`R$* < @$* > $*		$#error $@ 5.1.2 $: "Unrecognized host name " $2')
84438032Speter
84538032Speter# handle locally delivered names
84638032SpeterR$=L			$#_LOCAL_ $: @ $1			special local names
84738032SpeterR$+			$#_LOCAL_ $: $1			regular local names
84838032Speter
84938032Speter###########################################################################
85038032Speter###   Ruleset 5 -- special rewriting after aliases have been expanded   ###
85138032Speter###########################################################################
85238032Speter
85338032SpeterS5
85438032Speter
85538032Speter# deal with plussed users so aliases work nicely
85638032SpeterR$+ + *			$#_LOCAL_ $@ $&h $: $1
85738032SpeterR$+ + $*		$#_LOCAL_ $@ + $2 $: $1 + *
85838032Speter
85938032Speter# prepend an empty "forward host" on the front
86038032SpeterR$+			$: <> $1
86138032Speter
86238032Speterifdef(`LUSER_RELAY', `dnl
86338032Speter# send unrecognized local users to a relay host
86438032SpeterR< > $+ 		$: < $L . > $(user $1 $)	look up user
86538032SpeterR< $* > $+ <> $*	$: < > $2 $3			found; strip $L
86638032SpeterR< $* . > $+		$: < $1 > $2			strip extra dot',
86738032Speter`dnl')
86838032Speter
86938032Speter# see if we have a relay or a hub
87038032SpeterR< > $+			$: < $H > $1			try hub
87138032SpeterR< > $+			$: < $R > $1			try relay
87238032SpeterR< > $+			$: < > < $1 $&h >		nope, restore +detail
87338032SpeterR< > < $+ + $* > $*	   < > < $1 > + $2 $3		find the user part
87438032SpeterR< > < $+ > + $*	$#_LOCAL_ $@ $2 $: @ $1		strip the extra +
87538032SpeterR< > < $+ >		$@ $1				no +detail
87638032SpeterR$+			$: $1 $&h			add +detail back in
87738032SpeterR< local : $* > $*	$: $>95 < local : $1 > $2	no host extension
87838032SpeterR< error : $* > $*	$: $>95 < error : $1 > $2	no host extension
87938032SpeterR< $- : $+ > $+		$: $>95 < $1 : $2 > $3 < @ $2 >
88038032SpeterR< $+ > $+		$@ $>95 < $1 > $2 < @ $1 >
88138032Speter
88238032Speterifdef(`MAILER_TABLE', `dnl
88338032Speter###################################################################
88438032Speter###  Ruleset 90 -- try domain part of mailertable entry 	###
88538032Speter###################################################################
88638032Speter
88738032SpeterS90
88838032SpeterR$* <$- . $+ > $*	$: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4
88938032SpeterR$* <$~[ : $+ > $*	$>95 < $2 : $3 > $4		check -- resolved?
89038032SpeterR$* < . $+ > $* 	$@ $>90 $1 . <$2> $3		no -- strip & try again
89138032SpeterR$* < $* > $*		$: < $(mailertable . $@ $1$2 $) > $3	try "."
89238032SpeterR< $~[ : $+ > $*	$>95 < $1 : $2 > $3		"." found?
89338032SpeterR< $* > $*		$@ $2				no mailertable match',
89438032Speter`dnl')
89538032Speter
89638032Speter###################################################################
89738032Speter###  Ruleset 95 -- canonify mailer:[user@]host syntax to triple	###
89838032Speter###################################################################
89938032Speter
90038032SpeterS95
90138032SpeterR< > $*				$@ $1			strip off null relay
90238032SpeterR< error : $- $+ > $*		$#error $@ $(dequote $1 $) $: $2
90338032SpeterR< local : $* > $*		$>CanonLocal < $1 > $2
90438032SpeterR< $- : $+ @ $+ > $*<$*>$*	$# $1 $@ $3 $: $2<@$3>	use literal user
90538032SpeterR< $- : $+ > $*			$# $1 $@ $2 $: $3	try qualified mailer
90638032SpeterR< $=w > $*			$@ $2			delete local host
90738032SpeterR< $+ > $*			$#_RELAY_ $@ $1 $: $2	use unqualified mailer
90838032Speter
90938032Speter###################################################################
91038032Speter###  Ruleset CanonLocal -- canonify local: syntax		###
91138032Speter###################################################################
91238032Speter
91338032SpeterSCanonLocal
91438032Speter# strip trailing dot from any host name that may appear
91538032SpeterR< $* > $* < @ $* . >		$: < $1 > $2 < @ $3 >
91638032Speter
91738032Speter# handle local: syntax -- use old user, either with or without host
91838032SpeterR< > $* < @ $* > $*		$#_LOCAL_ $@ $1@$2 $: $1
91938032SpeterR< > $+				$#_LOCAL_ $@ $1    $: $1
92038032Speter
92138032Speter# handle local:user@host syntax -- ignore host part
92238032SpeterR< $+ @ $+ > $* < @ $* >	$: < $1 > $3 < @ $4 >
92338032Speter
92438032Speter# handle local:user syntax
92538032SpeterR< $+ > $* <@ $* > $*		$#_LOCAL_ $@ $2@$3 $: $1
92638032SpeterR< $+ > $* 			$#_LOCAL_ $@ $2    $: $1
92738032Speter
92838032Speter###################################################################
92938032Speter###  Ruleset 93 -- convert header names to masqueraded form	###
93038032Speter###################################################################
93138032Speter
93238032SpeterS93
93338032Speter
93438032Speterifdef(`GENERICS_TABLE', `dnl
93538032Speter# handle generics database
93638032Speterifdef(`_GENERICS_ENTIRE_DOMAIN_',
93738032Speter`R$+ < @ $* $=G . >	$: < $1@$2$3 > $1 < @ $2$3 . > @	mark',
93838032Speter`R$+ < @ $=G . >	$: < $1@$2 > $1 < @ $2 . > @	mark')
93938032SpeterR$+ < @ *LOCAL* >	$: < $1@$j > $1 < @ *LOCAL* > @	mark
94038032SpeterR< $+ > $+ < $* > @	$: < $(generics $1 $: $) > $2 < $3 >
94138032SpeterR< > $+ < @ $+ > 	$: < $(generics $1 $: $) > $1 < @ $2 >
94238032SpeterR< $* @ $* > $* < $* >	$@ $>3 $1 @ $2			found qualified
94338032SpeterR< $+ > $* < $* >	$: $>3 $1 @ *LOCAL*		found unqualified
94438032SpeterR< > $*			$: $1				not found',
94538032Speter`dnl')
94638032Speter
94738032Speter# special case the users that should be exposed
94838032SpeterR$=E < @ *LOCAL* >	$@ $1 < @ $j . >		leave exposed
94938032Speterifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
95038032Speter`R$=E < @ $* $=M . >	$@ $1 < @ $2 $3 . >',
95138032Speter`R$=E < @ $=M . >	$@ $1 < @ $2 . >')
95238032Speterifdef(`_LIMITED_MASQUERADE_', `dnl',
95338032Speter`R$=E < @ $=w . >	$@ $1 < @ $2 . >')
95438032Speter
95538032Speter# handle domain-specific masquerading
95638032Speterifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
95738032Speter`R$* < @ $* $=M . > $*	$: $1 < @ $2 $3 . @ $M > $4	convert masqueraded doms',
95838032Speter`R$* < @ $=M . > $*	$: $1 < @ $2 . @ $M > $3	convert masqueraded doms')
95938032Speterifdef(`_LIMITED_MASQUERADE_', `dnl',
96038032Speter`R$* < @ $=w . > $*	$: $1 < @ $2 . @ $M > $3')
96138032SpeterR$* < @ *LOCAL* > $*	$: $1 < @ $j . @ $M > $2
96238032SpeterR$* < @ $+ @ > $*	$: $1 < @ $2 > $3		$M is null
96338032SpeterR$* < @ $+ @ $+ > $*	$: $1 < @ $3 . > $4		$M is not null
96438032Speter
96538032Speter###################################################################
96638032Speter###  Ruleset 94 -- convert envelope names to masqueraded form	###
96738032Speter###################################################################
96838032Speter
96938032SpeterS94
97038032Speterifdef(`_MASQUERADE_ENVELOPE_',
97138032Speter`R$+			$@ $>93 $1',
97238032Speter`R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2')
97338032Speter
97438032Speter###################################################################
97538032Speter###  Ruleset 98 -- local part of ruleset zero (can be null)	###
97638032Speter###################################################################
97738032Speter
97838032SpeterS98
97938032Speterundivert(3)dnl
98038032Speter
98142575Speterifelse(substr(confDELIVERY_MODE,0,1), `d', `errprint(`WARNING: Antispam rules not available in deferred delivery mode.')')
98238032Speterifdef(`ACCESS_TABLE', `dnl
98338032Speter######################################################################
98438032Speter###  LookUpDomain -- search for domain in access database
98538032Speter###
98638032Speter###	Parameters:
98738032Speter###		<$1> -- key (domain name)
98838032Speter###		<$2> -- default (what to return if not found in db)
98938032Speter###		<$3> -- passthru (additional data passed unchanged through)
99038032Speter######################################################################
99138032Speter
99238032SpeterSLookUpDomain
99338032SpeterR<$+> <$+> <$*>		$: < $(access $1 $: ? $) > <$1> <$2> <$3>
99438032SpeterR<?> <$+.$+> <$+> <$*>	$@ $>LookUpDomain <$2> <$3> <$4>
99538032SpeterR<?> <$+> <$+> <$*>	$@ <$2> <$3>
99638032SpeterR<$*> <$+> <$+> <$*>	$@ <$1> <$4>
99738032Speter
99838032Speter######################################################################
99938032Speter###  LookUpAddress -- search for host address in access database
100038032Speter###
100138032Speter###	Parameters:
100238032Speter###		<$1> -- key (dot quadded host address)
100338032Speter###		<$2> -- default (what to return if not found in db)
100438032Speter###		<$3> -- passthru (additional data passed through)
100538032Speter######################################################################
100638032Speter
100738032SpeterSLookUpAddress
100838032SpeterR<$+> <$+> <$*>		$: < $(access $1 $: ? $) > <$1> <$2> <$3>
100938032SpeterR<?> <$+.$-> <$+> <$*>	$@ $>LookUpAddress <$1> <$3> <$4>
101038032SpeterR<?> <$+> <$+> <$*>	$@ <$2> <$3>
101138032SpeterR<$*> <$+> <$+> <$*>	$@ <$1> <$4>',
101238032Speter`dnl')
101338032Speter
101438032Speter######################################################################
101542575Speter###  CanonAddr --	Convert an address into a standard form for
101642575Speter###			relay checking.  Route address syntax is
101742575Speter###			crudely converted into a %-hack address.
101842575Speter###
101942575Speter###	Parameters:
102042575Speter###		$1 -- full recipient address
102142575Speter###
102242575Speter###	Returns:
102342575Speter###		parsed address, not in source route form
102442575Speter######################################################################
102542575Speter
102642575SpeterSCanonAddr
102742575SpeterR$*			$: $>Parse0 $>3 $1	make domain canonical
102842575SpeterR< @ $+ > : $* @ $*	< @ $1 > : $2 % $3	change @ to % in src route
102942575SpeterR$* < @ $+ > : $* : $*	$3 $1 < @ $2 > : $4	change to % hack.
103042575SpeterR$* < @ $+ > : $*	$3 $1 < @ $2 >
103142575Speter
103242575Speter######################################################################
103338032Speter###  ParseRecipient --	Strip off hosts in $=R as well as possibly
103438032Speter###			$* $=m or the access database.
103538032Speter###			Check user portion for host separators.
103638032Speter###
103738032Speter###	Parameters:
103838032Speter###		$1 -- full recipient address
103938032Speter###
104038032Speter###	Returns:
104138032Speter###		parsed, non-local-relaying address
104238032Speter######################################################################
104338032Speter
104438032SpeterSParseRecipient
104542575SpeterR$*				$: <?> $>CanonAddr $1
104642575SpeterR<?> $* < @ $* . >		<?> $1 < @ $2 >			strip trailing dots
104742575SpeterR<?> $- < @ $* >		$: <?> $(dequote $1 $) < @ $2 >	dequote local part
104838032Speter
104938032Speter# if no $=O character, no host in the user portion, we are done
105042575SpeterR<?> $* $=O $* < @ $* >		$: <NO> $1 $2 $3 < @ $4>
105142575SpeterR<?> $*				$@ $1
105238032Speter
105338032Speterifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
105438032Speter# if we relay, check username portion for user%host so host can be checked also
105542575SpeterR<NO> $* < @ $* $=m >		$: <RELAY> $1 < @ $2 $3 >', `dnl')
105642575Speter
105742575Speterifdef(`_RELAY_MX_SERVED_', `dnl
105842575SpeterR<NO> $* < @ $+ >		$: <MX> < : $(mxserved $2 $) : > < $1 < @$2 > >
105942575SpeterR<MX> < : $* <TEMP> : > $*	$#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
106042575SpeterR<MX> < $* : $=w. : $* > < $+ >	$: <RELAY> $4
106142575SpeterR<MX> < : $* : > < $+ >		$: <NO> $2', `dnl')
106242575Speter
106338032Speterifdef(`_RELAY_HOSTS_ONLY_',
106442575Speter`R<NO> $* < @ $=R >		$: <RELAY> $1 < @ $2 >
106538032Speterifdef(`ACCESS_TABLE', `dnl
106642575SpeterR<NO> $* < @ $+ >		$: <$(access $2 $: NO $)> $1 < @ $2 >',`dnl')',
106742575Speter`R<NO> $* < @ $* $=R >		$: <RELAY> $1 < @ $2 $3 >
106838032Speterifdef(`ACCESS_TABLE', `dnl
106942575SpeterR<NO> $* < @ $+ >		$: $>LookUpDomain <$2> <NO> <$1 < @ $2 >>
107042575SpeterR<$+> <$+>			$: <$1> $2',`dnl')')
107138032Speter
107242575SpeterR<RELAY> $* < @ $* >		$@ $>ParseRecipient $1
107342575SpeterR<$-> $*			$@ $2
107442575Speter
107538032Speter######################################################################
107638032Speter###  check_relay -- check hostname/address on SMTP startup
107738032Speter######################################################################
107838032Speter
107938032SpeterSLocal_check_relay
108038032SpeterScheck_relay
108138032SpeterR$*			$: $1 $| $>"Local_check_relay" $1
108238032SpeterR$* $| $* $| $#$*	$#$3
108338032SpeterR$* $| $* $| $*		$@ $>"Basic_check_relay" $1 $| $2
108438032Speter
108538032SpeterSBasic_check_relay
108638032Speter# check for deferred delivery mode
108738032SpeterR$*			$: < ${deliveryMode} > $1
108838032SpeterR< d > $*		$@ deferred
108938032SpeterR< $* > $*		$: $2
109038032Speter
109138032Speterifdef(`ACCESS_TABLE', `dnl
109238032SpeterR$+ $| $+		$: $>LookUpDomain < $1 > <?> < $2 >
109342575SpeterR<?> < $+ >		$: $>LookUpAddress < $1 > <?> < $1 >
109442575SpeterR<?> < $+ >		$: $1
109542575SpeterR<OK> < $* >		$@ OK
109642575SpeterR<RELAY> < $* >		$@ RELAY
109738032SpeterR<REJECT> $*		$#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')"
109838032SpeterR<DISCARD> $*		$#discard $: discard
109938032SpeterR<$+> $*		$#error $@ 5.7.1 $: $1', `dnl')
110038032Speter
110138032Speterifdef(`_RBL_', `dnl
110242575Speter# DNS based IP address spam lists
110338032SpeterR$*			$: $&{client_addr}
110438032SpeterR$-.$-.$-.$-		$: $(host $4.$3.$2.$1._RBL_. $: OK $)
110538032SpeterROK			$@ OK
110642575SpeterR$+			$#error $@ 5.7.1 $: "Mail from " $&{client_addr} " refused by blackhole site _RBL_"',
110738032Speter`dnl')
110838032Speter
110938032Speter######################################################################
111038032Speter###  check_mail -- check SMTP ``MAIL FROM:'' command argument
111138032Speter######################################################################
111238032Speter
111338032SpeterSLocal_check_mail
111438032SpeterScheck_mail
111538032SpeterR$*			$: $1 $| $>"Local_check_mail" $1
111638032SpeterR$* $| $#$*		$#$2
111738032SpeterR$* $| $*		$@ $>"Basic_check_mail" $1
111838032Speter
111938032SpeterSBasic_check_mail
112038032Speter# check for deferred delivery mode
112138032SpeterR$*			$: < ${deliveryMode} > $1
112238032SpeterR< d > $*		$@ deferred
112338032SpeterR< $* > $*		$: $2
112438032Speter
112538032SpeterR<>			$@ <OK>
112642575SpeterR$*			$: <?> $>CanonAddr $1
112742575SpeterR<?> $* < @ $+ . >	<?> $1 < @ $2 >			strip trailing dots
112838032Speter# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
112938032SpeterR<?> $* < $* $=P > $*	$: <OK> $1 < @ $2 $3 > $4
113038032Speterifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',
113138032Speter`R<?> $* < @ $+ > $*	$: <OK> $1 < @ $2 > $3		... unresolvable OK',
113238032Speter`R<?> $* < @ $+ > $*	$: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 > $3
113338032SpeterR<? $* <$->> $* < @ $+ > $*
113438032Speter			$: <$2> $3 < @ $4 > $5')
113538032Speter
113638032Speterifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
113738032Speter# handle case of @localhost on address
113838032SpeterR<$+> $* < @localhost >	$: < ? $&{client_name} > <$1> $2 < @localhost >
113938032SpeterR<$+> $* < @localhost.$m >
114038032Speter			$: < ? $&{client_name} > <$1> $2 < @localhost.$m >
114138032Speterifdef(`_NO_UUCP_', `dnl',
114238032Speter`R<$+> $* < @localhost.UUCP >
114338032Speter			$: < ? $&{client_name} > <$1> $2 < @localhost.UUCP >')
114438032SpeterR<? $=w> <$+> $*	<?> <$2> $3
114538032SpeterR<? $+> <$+> $*		$#error $@ 5.5.4 $: "553 Real domain name required"
114638032SpeterR<?> <$+> $*		$: <$1> $2')
114738032Speter
114838032Speterifdef(`ACCESS_TABLE', `dnl
114938032Speter# lookup localpart (user@)
115038032SpeterR<$+> $* < @ $+ > $*	$: <USER $(access $2@ $: ? $) > <$1> $2 < @ $3 > $4
115138032Speter# no match, try full address (user@domain rest)
115238032SpeterR<USER ?> <$+> $* < @ $* > $*
115338032Speter			$: <USER $(access $2@$3$4 $: ? $) > <$1> $2 < @ $3 > $4
115438032Speter# no match, try address (user@domain)
115538032SpeterR<USER ?> <$+> $+ < @ $+ > $*
115638032Speter			$: <USER $(access $2@$3 $: ? $) > <$1> $2 < @ $3 > $4
115738032Speter# no match, try (sub)domain (domain)
115838032SpeterR<USER ?> <$+> $* < @ $+ > $*
115938032Speter			$: $>LookUpDomain <$3> <$1> <>
116038032Speter# check unqualified user in access database
116138032SpeterR<?> $*			$: <USER $(access $1@ $: ? $) > <?> $1
116238032Speter# retransform for further use
116338032SpeterR<USER $+> <$+> $*	$: <$1> $3',
116438032Speter`dnl')
116538032Speter
116638032Speterifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
116738032Speter# handle case of no @domain on address
116838032SpeterR<?> $*			$: < ? $&{client_name} > $1
116938032SpeterR<?> $*			$@ <OK>				...local unqualed ok
117038032SpeterR<? $+> $*		$#error $@ 5.5.4 $: "553 Domain name required"
117138032Speter							...remote is not')
117238032Speter# check results
117338032SpeterR<?> $*			$@ <OK>
117438032SpeterR<OK> $*		$@ <OK>
117538032SpeterR<TEMP> $*		$#error $@ 4.1.8 $: "451 Sender domain must resolve"
117638032SpeterR<PERM> $*		$#error $@ 5.1.8 $: "501 Sender domain must exist"
117738032Speterifdef(`ACCESS_TABLE', `dnl
117838032SpeterR<RELAY> $*		$@ <RELAY>
117938032SpeterR<DISCARD> $*		$#discard $: discard
118038032SpeterR<REJECT> $*		$#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')"
118138032SpeterR<$+> $*		$#error $@ 5.7.1 $: $1		error from access db',
118238032Speter`dnl')
118338032Speter
118438032Speter######################################################################
118538032Speter###  check_rcpt -- check SMTP ``RCPT TO:'' command argument
118638032Speter######################################################################
118738032Speter
118838032SpeterSLocal_check_rcpt
118938032SpeterScheck_rcpt
119038032SpeterR$*			$: $1 $| $>"Local_check_rcpt" $1
119138032SpeterR$* $| $#$*		$#$2
119238032SpeterR$* $| $*		$@ $>"Basic_check_rcpt" $1
119338032Speter
119438032SpeterSBasic_check_rcpt
119538032Speter# check for deferred delivery mode
119638032SpeterR$*			$: < ${deliveryMode} > $1
119738032SpeterR< d > $*		$@ deferred
119838032SpeterR< $* > $*		$: $2
119938032Speter
120038032Speterifdef(`_LOOSE_RELAY_CHECK_',`dnl
120142575SpeterR$*			$: $>CanonAddr $1
120238032SpeterR$* < @ $* . >		$1 < @ $2 >			strip trailing dots',
120338032Speter`R$*			$: $>ParseRecipient $1		strip relayable hosts')
120438032Speter
120542575Speterifdef(`_BESTMX_IS_LOCAL_',`dnl
120642575Speterifelse(_BESTMX_IS_LOCAL_, `', `dnl
120742575Speter# unlimited bestmx
120842575SpeterR$* < @ $* > $*			$: $1 < @ $2 @@ $(bestmx $2 $) > $3',
120942575Speter`dnl
121042575Speter# limit bestmx to $=B
121142575SpeterR$* < @ $* $=B > $*		$: $1 < @ $2 $3 . @@ $(bestmx $2 $3 $) > $4')
121242575SpeterR$* $=O $* < @ $* @@ $=w . > $*	$@ $>Basic_check_rcpt $1 $2 $3
121342575SpeterR$* < @ $* @@ $=w . > $*	$: $1 < @ $3 > $4
121442575SpeterR$* < @ $* @@ $* > $*		$: $1 < @ $2 > $4')
121542575Speter
121638032Speterifdef(`_BLACKLIST_RCPT_',`dnl
121738032Speterifdef(`ACCESS_TABLE', `dnl
121838032Speter# blacklist local users or any host from receiving mail
121938032SpeterR$*			$: <?> $1
122038032SpeterR<?> $+ < @ $=w >	$: <> <USER $1> <FULL $1@$2> <HOST $2> <$1 < @ $2 >>
122138032SpeterR<?> $+ < @ $* >	$: <> <FULL $1@$2> <HOST $2> <$1 < @ $2 >>
122238032SpeterR<?> $+			$: <> <USER $1> <$1>
122338032SpeterR<> <USER $+> $*	$: <$(access $1 $: $)> $2
122438032SpeterR<> <FULL $+> $*	$: <$(access $1 $: $)> $2
122538032SpeterR<OK> <FULL $+> $*	$: <$(access $1 $: $)> $2
122638032SpeterR<> <HOST $+> $*	$: <$(access $1 $: $)> $2
122738032SpeterR<OK> <HOST $+> $*	$: <$(access $1 $: $)> $2
122838032SpeterR<> <$*>		$: $1
122938032SpeterR<OK> <$*>		$: $1
123038032SpeterR<RELAY> <$*>		$: $1
123138032SpeterR<REJECT> $*		$#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient"
123238032SpeterR<$+> $*		$#error $@ 5.2.1 $: $1			error from access db', `dnl')', `dnl')
123338032Speter
123438032Speterifdef(`_PROMISCUOUS_RELAY_', `dnl', `dnl
123538032Speter# anything terminating locally is ok
123638032Speterifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
123738032SpeterR$+ < @ $* $=m >	$@ OK', `dnl')
123838032SpeterR$+ < @ $=w >		$@ OK
123938032Speterifdef(`_RELAY_HOSTS_ONLY_',
124038032Speter`R$+ < @ $=R >		$@ OK
124138032Speterifdef(`ACCESS_TABLE', `dnl
124238032SpeterR$+ < @ $* >		$: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')',
124338032Speter`R$+ < @ $* $=R >	$@ OK
124438032Speterifdef(`ACCESS_TABLE', `dnl
124538032SpeterR$+ < @ $* >		$: $>LookUpDomain <$2> <?> <$1 < @ $2 >>',`dnl')')
124638032Speterifdef(`ACCESS_TABLE', `dnl
124738032SpeterR<RELAY> $*		$@ RELAY
124838032SpeterR<$*> <$*>		$: $2',`dnl')
124938032Speter
125038032Speterifdef(`_RELAY_MX_SERVED_', `dnl
125138032Speter# allow relaying for hosts which we MX serve
125238032SpeterR$+ < @ $* >		$: < : $(mxserved $2 $) : > $1 < @ $2 >
125338032SpeterR< : $* <TEMP> : > $*	$#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
125438032SpeterR<$* : $=w . : $*> $*	$@ OK
125542575SpeterR< : $* : > $*		$: $2',
125638032Speter`dnl')
125738032Speter
125838032Speter# check for local user (i.e. unqualified address)
125938032SpeterR$*			$: <?> $1
126042575SpeterR<?> $* < @ $+ >	$: <REMOTE> $1 < @ $2 >
126138032Speter# local user is ok
126238032SpeterR<?> $+			$@ OK
126338032SpeterR<$+> $*		$: $2
126438032Speter
126538032Speter# anything originating locally is ok
126638032SpeterR$*			$: <?> $&{client_name}
126738032Speter# check if bracketed IP address (forward lookup != reverse lookup)
126838032SpeterR<?> [$+]		$: <BAD> [$1]
126938032Speter# pass to name server to make hostname canonical
127038032SpeterR<?> $* $~P 		$: <?> $[ $1 $2 $]
127138032SpeterR<$-> $*		$: $2
127238032SpeterR$* .			$1				strip trailing dots
127338032SpeterR$@			$@ OK
127438032Speterifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
127538032SpeterR$* $=m			$@ OK', `dnl')
127638032SpeterR$=w			$@ OK
127738032Speterifdef(`_RELAY_HOSTS_ONLY_',
127838032Speter`R$=R			$@ OK
127938032Speterifdef(`ACCESS_TABLE', `dnl
128038032SpeterR$*			$: <$(access $1 $: ? $)> <$1>',`dnl')',
128138032Speter`R$* $=R			$@ OK
128238032Speterifdef(`ACCESS_TABLE', `dnl
128338032SpeterR$*			$: $>LookUpDomain <$1> <?> <$1>',`dnl')')
128438032Speterifdef(`ACCESS_TABLE', `dnl
128538032SpeterR<RELAY> $*		$@ RELAY
128638032SpeterR<$*> <$*>		$: $2',`dnl')
128738032Speter
128838032Speter# check IP address
128938032SpeterR$*			$: $&{client_addr}
129038032SpeterR$@			$@ OK			originated locally
129138032SpeterR0			$@ OK			originated locally
129238032SpeterR$=R $*			$@ OK			relayable IP address
129338032Speterifdef(`ACCESS_TABLE', `dnl
129438032SpeterR$*			$: $>LookUpAddress <$1> <?> <$1>
129538032SpeterR<RELAY> $* 		$@ RELAY		relayable IP address
129638032SpeterR<$*> <$*>		$: $2', `dnl')
129738032SpeterR$*			$: [ $1 ]		put brackets around it...
129838032SpeterR$=w			$@ OK			... and see if it is local
129938032Speter
130038032Speterifdef(`_RELAY_LOCAL_FROM_', `dnl
130138032Speter# anything with a local FROM is ok
130242575SpeterR$*			$: $1 $| $>CanonAddr $&f
130338032SpeterR$* $| $+ < @ $=w . >	$@ OK			FROM local
130438032SpeterR$* $| $*		$: $1
130538032Speter', `dnl')
130638032Speter
130738032Speter# anything else is bogus
130838032SpeterR$*			$#error $@ 5.7.1 $: "550 Relaying denied"')
130938032Speter
131038032Speterundivert(9)dnl
131138032Speter#
131238032Speter######################################################################
131338032Speter######################################################################
131438032Speter#####
131538032Speter`#####			MAILER DEFINITIONS'
131638032Speter#####
131738032Speter######################################################################
131838032Speter######################################################################
131938032Speterundivert(7)dnl
1320