proto.m4 revision 42575
1divert(-1) 2# 3# Copyright (c) 1998 Sendmail, Inc. All rights reserved. 4# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. 5# Copyright (c) 1988, 1993 6# The Regents of the University of California. All rights reserved. 7# 8# By using this file, you agree to the terms and conditions set 9# forth in the LICENSE file which can be found at the top level of 10# the sendmail distribution. 11# 12# 13divert(0) 14 15VERSIONID(`@(#)proto.m4 8.237 (Berkeley) 12/17/1998') 16 17MAILER(local)dnl 18 19# level 8 config file format 20V8/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley') 21divert(-1) 22 23# do some sanity checking 24ifdef(`__OSTYPE__',, 25 `errprint(`*** ERROR: No system type defined (use OSTYPE macro)')') 26 27# pick our default mailers 28ifdef(`confSMTP_MAILER',, `define(`confSMTP_MAILER', `esmtp')') 29ifdef(`confLOCAL_MAILER',, `define(`confLOCAL_MAILER', `local')') 30ifdef(`confRELAY_MAILER',, 31 `define(`confRELAY_MAILER', 32 `ifdef(`_MAILER_smtp_', `relay', 33 `ifdef(`_MAILER_uucp', `uucp-new', `unknown')')')') 34ifdef(`confUUCP_MAILER',, `define(`confUUCP_MAILER', `uucp-old')') 35define(`_SMTP_', `confSMTP_MAILER')dnl for readability only 36define(`_LOCAL_', `confLOCAL_MAILER')dnl for readability only 37define(`_RELAY_', `confRELAY_MAILER')dnl for readability only 38define(`_UUCP_', `confUUCP_MAILER')dnl for readability only 39 40# set our default hashed database type 41ifdef(`DATABASE_MAP_TYPE',, `define(`DATABASE_MAP_TYPE', `hash')') 42 43# back compatibility with old config files 44ifdef(`confDEF_GROUP_ID', 45 `errprint(`*** confDEF_GROUP_ID is obsolete.') 46 errprint(` Use confDEF_USER_ID with a colon in the value instead.')') 47ifdef(`confREAD_TIMEOUT', 48 `errprint(`*** confREAD_TIMEOUT is obsolete.') 49 errprint(` Use individual confTO_<timeout> parameters instead.')') 50ifdef(`confMESSAGE_TIMEOUT', 51 `define(`_ARG_', index(confMESSAGE_TIMEOUT, /)) 52 ifelse(_ARG_, -1, 53 `define(`confTO_QUEUERETURN', confMESSAGE_TIMEOUT)', 54 `define(`confTO_QUEUERETURN', 55 substr(confMESSAGE_TIMEOUT, 0, _ARG_)) 56 define(`confTO_QUEUEWARN', 57 substr(confMESSAGE_TIMEOUT, eval(_ARG_+1)))')') 58ifdef(`confMIN_FREE_BLOCKS', `ifelse(index(confMIN_FREE_BLOCKS, /), -1,, 59 `errprint(`*** compound confMIN_FREE_BLOCKS is obsolete.') 60 errprint(` Use confMAX_MESSAGE_SIZE for the second part of the value.')')') 61 62# clean option definitions below.... 63define(`_OPTION', `ifdef(`$2', `O $1=$2', `#O $1`'ifelse($3, `',, `=$3')')')dnl 64 65divert(0)dnl 66 67# override file safeties - setting this option compromises system security 68# need to set this now for the sake of class files 69_OPTION(DontBlameSendmail, `confDONT_BLAME_SENDMAIL', safe) 70 71################## 72# local info # 73################## 74 75Cwlocalhost 76ifdef(`USE_CW_FILE', 77`# file containing names of hosts for which we receive email 78Fw`'confCW_FILE', 79 `dnl') 80 81# my official domain name 82# ... `define' this only if sendmail cannot automatically determine your domain 83ifdef(`confDOMAIN_NAME', `Dj`'confDOMAIN_NAME', `#Dj$w.Foo.COM') 84 85ifdef(`_NULL_CLIENT_ONLY_', `divert(-1)')dnl 86 87CP. 88 89ifdef(`UUCP_RELAY', 90`# UUCP relay host 91DY`'UUCP_RELAY 92CPUUCP 93 94')dnl 95ifdef(`BITNET_RELAY', 96`# BITNET relay host 97DB`'BITNET_RELAY 98CPBITNET 99 100')dnl 101ifdef(`DECNET_RELAY', 102`define(`_USE_DECNET_SYNTAX_', 1)dnl 103# DECnet relay host 104DC`'DECNET_RELAY 105CPDECNET 106 107')dnl 108ifdef(`FAX_RELAY', 109`# FAX relay host 110DF`'FAX_RELAY 111CPFAX 112 113')dnl 114# "Smart" relay host (may be null) 115DS`'ifdef(`SMART_HOST', SMART_HOST) 116 117ifdef(`LUSER_RELAY', `dnl 118# place to which unknown users should be forwarded 119Kuser user -m -a<> 120DL`'LUSER_RELAY', 121`dnl') 122 123# operators that cannot be in local usernames (i.e., network indicators) 124CO @ % ifdef(`_NO_UUCP_', `', `!') 125 126# a class with just dot (for identifying canonical names) 127C.. 128 129# a class with just a left bracket (for identifying domain literals) 130C[[ 131 132ifdef(`MAILER_TABLE', `dnl 133# Mailer table (overriding domains) 134Kmailertable MAILER_TABLE', 135`dnl') 136 137ifdef(`DOMAIN_TABLE', `dnl 138# Domain table (adding domains) 139Kdomaintable DOMAIN_TABLE', 140`dnl') 141 142ifdef(`GENERICS_TABLE', `dnl 143# Generics table (mapping outgoing addresses) 144Kgenerics GENERICS_TABLE', 145`dnl') 146 147ifdef(`UUDOMAIN_TABLE', `dnl 148# UUCP domain table 149Kuudomain UUDOMAIN_TABLE', 150`dnl') 151 152ifdef(`BITDOMAIN_TABLE', `dnl 153# BITNET mapping table 154Kbitdomain BITDOMAIN_TABLE', 155`dnl') 156 157ifdef(`VIRTUSER_TABLE', `dnl 158# Virtual user table (maps incoming users) 159Kvirtuser VIRTUSER_TABLE', 160`dnl') 161 162ifdef(`ACCESS_TABLE', `dnl 163# Access list database (for spam stomping) 164Kaccess ACCESS_TABLE', 165`dnl') 166 167ifdef(`_RELAY_MX_SERVED_', `dnl 168# MX map (to allow relaying to hosts that we MX for) 169Kmxserved bestmx -z: -T<TEMP>', 170`dnl') 171 172ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',`dnl',`dnl 173# Resolve map (to check if a host exists in check_mail) 174Kresolve host -a<OK> -T<TEMP>') 175 176ifdef(`confCR_FILE', `dnl 177# Hosts that will permit relaying ($=R) 178FR`'confCR_FILE', 179`dnl') 180 181# who I send unqualified names to (null means deliver locally) 182DR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY) 183 184# who gets all local email traffic ($R has precedence for unqualified names) 185DH`'ifdef(`MAIL_HUB', MAIL_HUB) 186 187# dequoting map 188Kdequote dequote 189 190divert(0)dnl # end of nullclient diversion 191# class E: names that should be exposed as from this host, even if we masquerade 192ifdef(`_NULL_CLIENT_ONLY_', `#', 193`# class L: names that should be delivered locally, even if we have a relay 194# class M: domains that should be converted to $M 195#CL root 196')CE root 197undivert(5)dnl 198 199# who I masquerade as (null for no masquerading) (see also $=M) 200DM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME) 201 202# my name for error messages 203ifdef(`confMAILER_NAME', `Dn`'confMAILER_NAME', `#DnMAILER-DAEMON') 204 205undivert(6)dnl 206include(_CF_DIR_`m4/version.m4') 207 208############### 209# Options # 210############### 211 212# strip message body to 7 bits on input? 213_OPTION(SevenBitInput, `confSEVEN_BIT_INPUT') 214 215# 8-bit data handling 216_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', adaptive) 217 218ifdef(`_NULL_CLIENT_ONLY_', `dnl', ` 219# wait for alias file rebuild (default units: minutes) 220_OPTION(AliasWait, `confALIAS_WAIT', 5m) 221 222# location of alias file 223_OPTION(AliasFile, `ALIAS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/aliases, /etc/aliases)) 224') 225# minimum number of free blocks on filesystem 226_OPTION(MinFreeBlocks, `confMIN_FREE_BLOCKS', 100) 227 228# maximum message size 229_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', 1000000) 230 231# substitution for space (blank) characters 232_OPTION(BlankSub, `confBLANK_SUB', _) 233 234# avoid connecting to "expensive" mailers on initial submission? 235_OPTION(HoldExpensive, `confCON_EXPENSIVE') 236 237# checkpoint queue runs after every N successful deliveries 238_OPTION(CheckpointInterval, `confCHECKPOINT_INTERVAL', 10) 239 240# default delivery mode 241_OPTION(DeliveryMode, `confDELIVERY_MODE', background) 242 243# automatically rebuild the alias database? 244_OPTION(AutoRebuildAliases, `confAUTO_REBUILD') 245 246# error message header/file 247_OPTION(ErrorHeader, `confERROR_MESSAGE', ifdef(`_USE_ETC_MAIL_', /etc/mail/error-header, /etc/sendmail.oE)) 248 249# error mode 250_OPTION(ErrorMode, `confERROR_MODE', print) 251 252# save Unix-style "From_" lines at top of header? 253_OPTION(SaveFromLine, `confSAVE_FROM_LINES') 254 255# temporary file mode 256_OPTION(TempFileMode, `confTEMP_FILE_MODE', 0600) 257 258# match recipients against GECOS field? 259_OPTION(MatchGECOS, `confMATCH_GECOS') 260 261# maximum hop count 262_OPTION(MaxHopCount, `confMAX_HOP', 17) 263 264# location of help file 265O HelpFile=ifdef(`HELP_FILE', HELP_FILE, ifdef(`_USE_ETC_MAIL_', /etc/mail/helpfile, /usr/lib/sendmail.hf)) 266 267# ignore dots as terminators in incoming messages? 268_OPTION(IgnoreDots, `confIGNORE_DOTS') 269 270# name resolver options 271_OPTION(ResolverOptions, `confBIND_OPTS', +AAONLY) 272 273# deliver MIME-encapsulated error messages? 274_OPTION(SendMimeErrors, `confMIME_FORMAT_ERRORS') 275 276# Forward file search path 277_OPTION(ForwardPath, `confFORWARD_PATH', /var/forward/$u:$z/.forward.$w:$z/.forward) 278 279# open connection cache size 280_OPTION(ConnectionCacheSize, `confMCI_CACHE_SIZE', 2) 281 282# open connection cache timeout 283_OPTION(ConnectionCacheTimeout, `confMCI_CACHE_TIMEOUT', 5m) 284 285# persistent host status directory 286_OPTION(HostStatusDirectory, `confHOST_STATUS_DIRECTORY', .hoststat) 287 288# single thread deliveries (requires HostStatusDirectory)? 289_OPTION(SingleThreadDelivery, `confSINGLE_THREAD_DELIVERY') 290 291# use Errors-To: header? 292_OPTION(UseErrorsTo, `confUSE_ERRORS_TO') 293 294# log level 295_OPTION(LogLevel, `confLOG_LEVEL', 10) 296 297# send to me too, even in an alias expansion? 298_OPTION(MeToo, `confME_TOO') 299 300# verify RHS in newaliases? 301_OPTION(CheckAliases, `confCHECK_ALIASES') 302 303# default messages to old style headers if no special punctuation? 304_OPTION(OldStyleHeaders, `confOLD_STYLE_HEADERS') 305 306# SMTP daemon options 307_OPTION(DaemonPortOptions, `confDAEMON_OPTIONS', Port=esmtp) 308 309# privacy flags 310_OPTION(PrivacyOptions, `confPRIVACY_FLAGS', authwarnings) 311 312# who (if anyone) should get extra copies of error messages 313_OPTION(PostMasterCopy, `confCOPY_ERRORS_TO', Postmaster) 314 315# slope of queue-only function 316_OPTION(QueueFactor, `confQUEUE_FACTOR', 600000) 317 318# queue directory 319O QueueDirectory=ifdef(`QUEUE_DIR', QUEUE_DIR, /var/spool/mqueue) 320 321# timeouts (many of these) 322_OPTION(Timeout.initial, `confTO_INITIAL', 5m) 323_OPTION(Timeout.connect, `confTO_CONNECT', 5m) 324_OPTION(Timeout.iconnect, `confTO_ICONNECT', 5m) 325_OPTION(Timeout.helo, `confTO_HELO', 5m) 326_OPTION(Timeout.mail, `confTO_MAIL', 10m) 327_OPTION(Timeout.rcpt, `confTO_RCPT', 1h) 328_OPTION(Timeout.datainit, `confTO_DATAINIT', 5m) 329_OPTION(Timeout.datablock, `confTO_DATABLOCK', 1h) 330_OPTION(Timeout.datafinal, `confTO_DATAFINAL', 1h) 331_OPTION(Timeout.rset, `confTO_RSET', 5m) 332_OPTION(Timeout.quit, `confTO_QUIT', 2m) 333_OPTION(Timeout.misc, `confTO_MISC', 2m) 334_OPTION(Timeout.command, `confTO_COMMAND', 1h) 335_OPTION(Timeout.ident, `confTO_IDENT', 30s) 336_OPTION(Timeout.fileopen, `confTO_FILEOPEN', 60s) 337_OPTION(Timeout.queuereturn, `confTO_QUEUERETURN', 5d) 338_OPTION(Timeout.queuereturn.normal, `confTO_QUEUERETURN_NORMAL', 5d) 339_OPTION(Timeout.queuereturn.urgent, `confTO_QUEUERETURN_URGENT', 2d) 340_OPTION(Timeout.queuereturn.non-urgent, `confTO_QUEUERETURN_NONURGENT', 7d) 341_OPTION(Timeout.queuewarn, `confTO_QUEUEWARN', 4h) 342_OPTION(Timeout.queuewarn.normal, `confTO_QUEUEWARN_NORMAL', 4h) 343_OPTION(Timeout.queuewarn.urgent, `confTO_QUEUEWARN_URGENT', 1h) 344_OPTION(Timeout.queuewarn.non-urgent, `confTO_QUEUEWARN_NONURGENT', 12h) 345_OPTION(Timeout.hoststatus, `confTO_HOSTSTATUS', 30m) 346 347# should we not prune routes in route-addr syntax addresses? 348_OPTION(DontPruneRoutes, `confDONT_PRUNE_ROUTES') 349 350# queue up everything before forking? 351_OPTION(SuperSafe, `confSAFE_QUEUE') 352 353# status file 354O StatusFile=ifdef(`STATUS_FILE', `STATUS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/statistics, /etc/sendmail.st)) 355 356# time zone handling: 357# if undefined, use system default 358# if defined but null, use TZ envariable passed in 359# if defined and non-null, use that info 360ifelse(confTIME_ZONE, `USE_SYSTEM', `#O TimeZoneSpec=', 361 confTIME_ZONE, `USE_TZ', `O TimeZoneSpec=', 362 `O TimeZoneSpec=confTIME_ZONE') 363 364# default UID (can be username or userid:groupid) 365_OPTION(DefaultUser, `confDEF_USER_ID', mailnull) 366 367# list of locations of user database file (null means no lookup) 368_OPTION(UserDatabaseSpec, `confUSERDB_SPEC', ifdef(`_USE_ETC_MAIL_', /etc/mail/userdb, /etc/userdb)) 369 370# fallback MX host 371_OPTION(FallbackMXhost, `confFALLBACK_MX', fall.back.host.net) 372 373# if we are the best MX host for a site, try it directly instead of config err 374_OPTION(TryNullMXList, `confTRY_NULL_MX_LIST') 375 376# load average at which we just queue messages 377_OPTION(QueueLA, `confQUEUE_LA', 8) 378 379# load average at which we refuse connections 380_OPTION(RefuseLA, `confREFUSE_LA', 12) 381 382# maximum number of children we allow at one time 383_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', 12) 384 385# maximum number of new connections per second 386_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', 3) 387 388# work recipient factor 389_OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', 30000) 390 391# deliver each queued job in a separate process? 392_OPTION(ForkEachJob, `confSEPARATE_PROC') 393 394# work class factor 395_OPTION(ClassFactor, `confWORK_CLASS_FACTOR', 1800) 396 397# work time factor 398_OPTION(RetryFactor, `confWORK_TIME_FACTOR', 90000) 399 400# shall we sort the queue by hostname first? 401_OPTION(QueueSortOrder, `confQUEUE_SORT_ORDER', priority) 402 403# minimum time in queue before retry 404_OPTION(MinQueueAge, `confMIN_QUEUE_AGE', 30m) 405 406# default character set 407_OPTION(DefaultCharSet, `confDEF_CHAR_SET', iso-8859-1) 408 409# service switch file (ignored on Solaris, Ultrix, OSF/1, others) 410_OPTION(ServiceSwitchFile, `confSERVICE_SWITCH_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/service.switch, /etc/service.switch)) 411 412# hosts file (normally /etc/hosts) 413_OPTION(HostsFile, `confHOSTS_FILE', /etc/hosts) 414 415# dialup line delay on connection failure 416_OPTION(DialDelay, `confDIAL_DELAY', 10s) 417 418# action to take if there are no recipients in the message 419_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', add-to-undisclosed) 420 421# chrooted environment for writing to files 422_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', /arch) 423 424# are colons OK in addresses? 425_OPTION(ColonOkInAddr, `confCOLON_OK_IN_ADDR') 426 427# how many jobs can you process in the queue? 428_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', 10000) 429 430# shall I avoid expanding CNAMEs (violates protocols)? 431_OPTION(DontExpandCnames, `confDONT_EXPAND_CNAMES') 432 433# SMTP initial login message (old $e macro) 434_OPTION(SmtpGreetingMessage, `confSMTP_LOGIN_MSG') 435 436# UNIX initial From header format (old $l macro) 437_OPTION(UnixFromLine, `confFROM_LINE') 438 439# From: lines that have embedded newlines are unwrapped onto one line 440_OPTION(SingleLineFromHeader, `confSINGLE_LINE_FROM_HEADER', False) 441 442# Allow HELO SMTP command that does not `include' a host name 443_OPTION(AllowBogusHELO, `confALLOW_BOGUS_HELO', False) 444 445# Characters to be quoted in a full name phrase (@,;:\()[] are automatic) 446_OPTION(MustQuoteChars, `confMUST_QUOTE_CHARS', .) 447 448# delimiter (operator) characters (old $o macro) 449_OPTION(OperatorChars, `confOPERATORS') 450 451# shall I avoid calling initgroups(3) because of high NIS costs? 452_OPTION(DontInitGroups, `confDONT_INIT_GROUPS') 453 454# are group-writable `:include:' and .forward files (un)trustworthy? 455_OPTION(UnsafeGroupWrites, `confUNSAFE_GROUP_WRITES') 456 457# where do errors that occur when sending errors get sent? 458_OPTION(DoubleBounceAddress, `confDOUBLE_BOUNCE_ADDRESS', postmaster) 459 460# what user id do we assume for the majority of the processing? 461_OPTION(RunAsUser, `confRUN_AS_USER', sendmail) 462 463# maximum number of recipients per SMTP envelope 464_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', 100) 465 466# shall we get local names from our installed interfaces? 467_OPTION(DontProbeInterfaces, `confDONT_PROBE_INTERFACES') 468 469ifdef(`confTRUSTED_USER', 470`# Trusted user for file ownership and starting the daemon 471O TrustedUser=confTRUSTED_USER 472') 473ifdef(`confCONTROL_SOCKET_NAME', 474`# Control socket for daemon management 475O ControlSocketName=confCONTROL_SOCKET_NAME 476') 477ifdef(`confMAX_MIME_HEADER_LENGTH', 478`# Maximum MIME header length to protect MUAs 479O MaxMimeHeaderLength=confMAX_MIME_HEADER_LENGTH 480') 481 482########################### 483# Message precedences # 484########################### 485 486Pfirst-class=0 487Pspecial-delivery=100 488Plist=-30 489Pbulk=-60 490Pjunk=-100 491 492##################### 493# Trusted users # 494##################### 495 496# this is equivalent to setting class "t" 497ifdef(`_USE_CT_FILE_', `', `#')Ft`'ifdef(`confCT_FILE', confCT_FILE, ifdef(`_USE_ETC_MAIL_', `/etc/mail/trusted-users', `/etc/sendmail.ct')) 498Troot 499Tdaemon 500ifdef(`_NO_UUCP_', `dnl', `Tuucp') 501ifdef(`confTRUSTED_USERS', `T`'confTRUSTED_USERS', `dnl') 502 503######################### 504# Format of headers # 505######################### 506 507ifdef(`confFROM_HEADER',, `define(`confFROM_HEADER', `$?x$x <$g>$|$g$.')')dnl 508H?P?Return-Path: <$g> 509HReceived: confRECEIVED_HEADER 510H?D?Resent-Date: $a 511H?D?Date: $a 512H?F?Resent-From: confFROM_HEADER 513H?F?From: confFROM_HEADER 514H?x?Full-Name: $x 515# HPosted-Date: $a 516# H?l?Received-Date: $b 517H?M?Resent-Message-Id: <$t.$i@$j> 518H?M?Message-Id: <$t.$i@$j> 519ifdef(`_NULL_CLIENT_ONLY_', 520 `include(_CF_DIR_`'m4/nullrelay.m4)m4exit', 521 `dnl') 522# 523###################################################################### 524###################################################################### 525##### 526##### REWRITING RULES 527##### 528###################################################################### 529###################################################################### 530 531############################################ 532### Ruleset 3 -- Name Canonicalization ### 533############################################ 534S3 535 536# handle null input (translate to <@> special case) 537R$@ $@ <@> 538 539# strip group: syntax (not inside angle brackets!) and trailing semicolon 540R$* $: $1 <@> mark addresses 541R$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr> 542R@ $* <@> $: @ $1 unmark @host:... 543R$* :: $* <@> $: $1 :: $2 unmark node::addr 544R:`include': $* <@> $: :`include': $1 unmark :`include':... 545R$* [ $* : $* ] <@> $: $1 [ $2 : $3 ] unmark IPv6 addrs 546R$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon 547R$* : $* <@> $: $2 strip colon if marked 548R$* <@> $: $1 unmark 549R$* ; $1 strip trailing semi 550R$* < $* ; > $1 < $2 > bogus bracketed semi 551 552# null input now results from list:; syntax 553R$@ $@ :; <@> 554 555# strip angle brackets -- note RFC733 heuristic to get innermost item 556R$* $: < $1 > housekeeping <> 557R$+ < $* > < $2 > strip excess on left 558R< $* > $+ < $1 > strip excess on right 559R<> $@ < @ > MAIL FROM:<> case 560R< $+ > $: $1 remove housekeeping <> 561 562# make sure <@a,@b,@c:user@d> syntax is easy to parse -- undone later 563R@ $+ , $+ @ $1 : $2 change all "," to ":" 564 565# localize and dispose of route-based addresses 566R@ $+ : $+ $@ $>96 < @$1 > : $2 handle <route-addr> 567 568# find focus for list syntax 569R $+ : $* ; @ $+ $@ $>96 $1 : $2 ; < @ $3 > list syntax 570R $+ : $* ; $@ $1 : $2; list syntax 571 572# find focus for @ syntax addresses 573R$+ @ $+ $: $1 < @ $2 > focus on domain 574R$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right 575R$+ < @ $+ > $@ $>96 $1 < @ $2 > already canonical 576 577# do some sanity checking 578R$* < @ $* : $* > $* $1 < @ $2 $3 > $4 nix colons in addrs 579 580ifdef(`_NO_UUCP_', `dnl', 581`# convert old-style addresses to a domain-based address 582R$- ! $+ $@ $>96 $2 < @ $1 .UUCP > resolve uucp names 583R$+ . $- ! $+ $@ $>96 $3 < @ $1 . $2 > domain uucps 584R$+ ! $+ $@ $>96 $2 < @ $1 .UUCP > uucp subdomains 585') 586ifdef(`_USE_DECNET_SYNTAX_', 587`# convert node::user addresses into a domain-based address 588R$- :: $+ $@ $>96 $2 < @ $1 .DECNET > resolve DECnet names 589R$- . $- :: $+ $@ $>96 $3 < @ $1.$2 .DECNET > numeric DECnet addr 590', 591 `dnl') 592# if we have % signs, take the rightmost one 593R$* % $* $1 @ $2 First make them all @s. 594R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last. 595R$* @ $* $@ $>96 $1 < @ $2 > Insert < > and finish 596 597# else we must be a local name 598R$* $@ $>96 $1 599 600 601################################################ 602### Ruleset 96 -- bottom half of ruleset 3 ### 603################################################ 604 605S96 606 607# handle special cases for local names 608R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all 609R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain 610ifdef(`_NO_UUCP_', `dnl', 611`R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain') 612R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [a.b.c.d] 613R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal 614R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr 615 616ifdef(`DOMAIN_TABLE', `dnl 617# look up domains in the domain table 618R$* < @ $+ > $* $: $1 < @ $(domaintable $2 $) > $3', `dnl') 619 620undivert(2)dnl 621 622ifdef(`BITDOMAIN_TABLE', `dnl 623# handle BITNET mapping 624R$* < @ $+ .BITNET > $* $: $1 < @ $(bitdomain $2 $: $2.BITNET $) > $3', `dnl') 625 626ifdef(`UUDOMAIN_TABLE', `dnl 627# handle UUCP mapping 628R$* < @ $+ .UUCP > $* $: $1 < @ $(uudomain $2 $: $2.UUCP $) > $3', `dnl') 629 630ifdef(`_NO_UUCP_', `dnl', 631`ifdef(`UUCP_RELAY', 632`# pass UUCP addresses straight through 633R$* < @ $+ . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', 634`# if really UUCP, handle it immediately 635ifdef(`_CLASS_U_', 636`R$* < @ $=U . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl') 637ifdef(`_CLASS_V_', 638`R$* < @ $=V . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl') 639ifdef(`_CLASS_W_', 640`R$* < @ $=W . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl') 641ifdef(`_CLASS_X_', 642`R$* < @ $=X . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl') 643ifdef(`_CLASS_Y_', 644`R$* < @ $=Y . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl') 645 646ifdef(`_NO_CANONIFY_', `dnl', `dnl 647# try UUCP traffic as a local address 648R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3 649R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3') 650')') 651ifdef(`_NO_CANONIFY_', `dnl', `dnl 652# pass to name server to make hostname canonical 653R$* < @ $* $~P > $* $: $1 < @ $[ $2 $3 $] > $4') 654 655# local host aliases and pseudo-domains are always canonical 656R$* < @ $=w > $* $: $1 < @ $2 . > $3 657R$* < @ $j > $* $: $1 < @ $j . > $2 658ifdef(`_MASQUERADE_ENTIRE_DOMAIN_', 659`R$* < @ $* $=M > $* $: $1 < @ $2 $3 . > $4', 660`R$* < @ $=M > $* $: $1 < @ $2 . > $3') 661R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4 662R$* < @ $* . . > $* $1 < @ $2 . > $3 663 664 665################################################## 666### Ruleset 4 -- Final Output Post-rewriting ### 667################################################## 668S4 669 670R$* <@> $@ handle <> and list:; 671 672# strip trailing dot off possibly canonical name 673R$* < @ $+ . > $* $1 < @ $2 > $3 674 675# eliminate internal code -- should never get this far! 676R$* < @ *LOCAL* > $* $1 < @ $j > $2 677 678# externalize local domain info 679R$* < $+ > $* $1 $2 $3 defocus 680R@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 <route-addr> canonical 681R@ $* $@ @ $1 ... and exit 682 683ifdef(`_NO_UUCP_', `dnl', 684`# UUCP must always be presented in old form 685R$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u') 686 687ifdef(`_USE_DECNET_SYNTAX_', 688`# put DECnet back in :: form 689R$+ @ $+ . DECNET $2 :: $1 u@h.DECNET => h::u', 690 `dnl') 691# delete duplicate local names 692R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host 693 694 695 696############################################################## 697### Ruleset 97 -- recanonicalize and call ruleset zero ### 698### (used for recursive calls) ### 699############################################################## 700 701S`'97 702R$* $: $>3 $1 703R$* $@ $>0 $1 704 705 706###################################### 707### Ruleset 0 -- Parse Address ### 708###################################### 709 710S0 711 712R$* $: $>Parse0 $1 initial parsing 713R<@> $#_LOCAL_ $: <@> special case error msgs 714R$* $: $>98 $1 handle local hacks 715R$* $: $>Parse1 $1 final parsing 716 717# 718# Parse0 -- do initial syntax checking and eliminate local addresses. 719# This should either return with the (possibly modified) input 720# or return with a #error mailer. It should not return with a 721# #mailer other than the #error mailer. 722# 723 724SParse0 725R<@> $@ <@> special case error msgs 726R$* : $* ; <@> $#error $@ 5.1.3 $: "List:; syntax illegal for recipient addresses" 727#R@ <@ $* > < @ $1 > catch "@@host" bogosity 728R<@ $+> $#error $@ 5.1.3 $: "User address required" 729R$* $: <> $1 730R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3 731R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "Colon illegal in host name part" 732R<> $* $1 733R$* < @ . $* > $* $#error $@ 5.1.2 $: "Invalid host name" 734R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "Invalid host name" 735 736# now delete the local info -- note $=O to find characters that cause forwarding 737R$* < @ > $* $@ $>Parse0 $>3 $1 user@ => user 738R< @ $=w . > : $* $@ $>Parse0 $>3 $2 @here:... -> ... 739R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here 740R< @ $+ > $#error $@ 5.1.3 $: "User address required" 741R$* $=O $* < @ $=w . > $@ $>Parse0 $>3 $1 $2 $3 ...@here -> ... 742R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo" 743R< @ *LOCAL* > $#error $@ 5.1.3 $: "User address required" 744R$* $=O $* < @ *LOCAL* > 745 $@ $>Parse0 $>3 $1 $2 $3 ...@*LOCAL* -> ... 746R$* < @ *LOCAL* > $: $1 747 748# 749# Parse1 -- the bottom half of ruleset 0. 750# 751 752SParse1 753ifdef(`_MAILER_smtp_', 754`# handle numeric address spec 755R$* < @ [ $+ ] > $* $: $>98 $1 < @ [ $2 ] > $3 numeric internet spec 756R$* < @ [ $+ ] > $* $#_SMTP_ $@ [$2] $: $1 < @ [$2] > $3 still numeric: send', 757 `dnl') 758 759ifdef(`VIRTUSER_TABLE', `dnl 760# handle virtual users 761R$+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . > 762R<@> $+ + $* < @ $* . > 763 $: < $(virtuser $1 + * @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . > 764R<@> $+ + $* < @ $* . > 765 $: < $(virtuser $1 @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . > 766R<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . > 767R<@> $+ $: $1 768R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2 769R< $+ > $+ < @ $+ > $: $>97 $1', 770`dnl') 771 772# short circuit local delivery so forwarded email works 773ifdef(`_MAILER_usenet_', `dnl 774R$+ . USENET < @ $=w . > $#usenet $: $1 handle usenet specially', `dnl') 775ifdef(`_STICKY_LOCAL_DOMAIN_', 776`R$+ < @ $=w . > $: < $H > $1 < @ $2 . > first try hub 777R< $+ > $+ < $+ > $>95 < $1 > $2 < $3 > yep .... 778R< > $+ + $* < $+ > $#_LOCAL_ $: $1 + $2 plussed name? 779R< > $+ < $+ > $#_LOCAL_ $: @ $1 nope, local address', 780`R$=L < @ $=w . > $#_LOCAL_ $: @ $1 special local names 781R$+ < @ $=w . > $#_LOCAL_ $: $1 regular local name') 782 783ifdef(`MAILER_TABLE', `dnl 784# not local -- try mailer table lookup 785R$* <@ $+ > $* $: < $2 > $1 < @ $2 > $3 extract host name 786R< $+ . > $* $: < $1 > $2 strip trailing dot 787R< $+ > $* $: < $(mailertable $1 $) > $2 lookup 788R< $~[ : $+ > $* $>95 < $1 : $2 > $3 check -- resolved? 789R< $+ > $* $: $>90 <$1> $2 try domain', 790`dnl') 791undivert(4)dnl 792 793ifdef(`_NO_UUCP_', `dnl', 794`# resolve remotely connected UUCP links (if any) 795ifdef(`_CLASS_V_', 796`R$* < @ $=V . UUCP . > $* $: $>95 < $V > $1 <@$2.UUCP.> $3', 797 `dnl') 798ifdef(`_CLASS_W_', 799`R$* < @ $=W . UUCP . > $* $: $>95 < $W > $1 <@$2.UUCP.> $3', 800 `dnl') 801ifdef(`_CLASS_X_', 802`R$* < @ $=X . UUCP . > $* $: $>95 < $X > $1 <@$2.UUCP.> $3', 803 `dnl')') 804 805# resolve fake top level domains by forwarding to other hosts 806ifdef(`BITNET_RELAY', 807`R$*<@$+.BITNET.>$* $: $>95 < $B > $1 <@$2.BITNET.> $3 user@host.BITNET', 808 `dnl') 809ifdef(`DECNET_RELAY', 810`R$*<@$+.DECNET.>$* $: $>95 < $C > $1 <@$2.DECNET.> $3 user@host.DECNET', 811 `dnl') 812ifdef(`_MAILER_pop_', 813`R$+ < @ POP. > $#pop $: $1 user@POP', 814 `dnl') 815ifdef(`_MAILER_fax_', 816`R$+ < @ $+ .FAX. > $#fax $@ $2 $: $1 user@host.FAX', 817`ifdef(`FAX_RELAY', 818`R$*<@$+.FAX.>$* $: $>95 < $F > $1 <@$2.FAX.> $3 user@host.FAX', 819 `dnl')') 820 821ifdef(`UUCP_RELAY', 822`# forward non-local UUCP traffic to our UUCP relay 823R$*<@$*.UUCP.>$* $: $>95 < $Y > $1 <@$2.UUCP.> $3 uucp mail', 824`ifdef(`_MAILER_uucp_', 825`# forward other UUCP traffic straight to UUCP 826R$* < @ $+ .UUCP. > $* $#_UUCP_ $@ $2 $: $1 < @ $2 .UUCP. > $3 user@host.UUCP', 827 `dnl')') 828ifdef(`_MAILER_usenet_', ` 829# addresses sent to net.group.USENET will get forwarded to a newsgroup 830R$+ . USENET $#usenet $: $1', 831 `dnl') 832 833ifdef(`_LOCAL_RULES_', 834`# figure out what should stay in our local mail system 835undivert(1)', `dnl') 836 837# pass names that still have a host to a smarthost (if defined) 838R$* < @ $* > $* $: $>95 < $S > $1 < @ $2 > $3 glue on smarthost name 839 840# deal with other remote names 841ifdef(`_MAILER_smtp_', 842`R$* < @$* > $* $#_SMTP_ $@ $2 $: $1 < @ $2 > $3 user@host.domain', 843`R$* < @$* > $* $#error $@ 5.1.2 $: "Unrecognized host name " $2') 844 845# handle locally delivered names 846R$=L $#_LOCAL_ $: @ $1 special local names 847R$+ $#_LOCAL_ $: $1 regular local names 848 849########################################################################### 850### Ruleset 5 -- special rewriting after aliases have been expanded ### 851########################################################################### 852 853S5 854 855# deal with plussed users so aliases work nicely 856R$+ + * $#_LOCAL_ $@ $&h $: $1 857R$+ + $* $#_LOCAL_ $@ + $2 $: $1 + * 858 859# prepend an empty "forward host" on the front 860R$+ $: <> $1 861 862ifdef(`LUSER_RELAY', `dnl 863# send unrecognized local users to a relay host 864R< > $+ $: < $L . > $(user $1 $) look up user 865R< $* > $+ <> $* $: < > $2 $3 found; strip $L 866R< $* . > $+ $: < $1 > $2 strip extra dot', 867`dnl') 868 869# see if we have a relay or a hub 870R< > $+ $: < $H > $1 try hub 871R< > $+ $: < $R > $1 try relay 872R< > $+ $: < > < $1 $&h > nope, restore +detail 873R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part 874R< > < $+ > + $* $#_LOCAL_ $@ $2 $: @ $1 strip the extra + 875R< > < $+ > $@ $1 no +detail 876R$+ $: $1 $&h add +detail back in 877R< local : $* > $* $: $>95 < local : $1 > $2 no host extension 878R< error : $* > $* $: $>95 < error : $1 > $2 no host extension 879R< $- : $+ > $+ $: $>95 < $1 : $2 > $3 < @ $2 > 880R< $+ > $+ $@ $>95 < $1 > $2 < @ $1 > 881 882ifdef(`MAILER_TABLE', `dnl 883################################################################### 884### Ruleset 90 -- try domain part of mailertable entry ### 885################################################################### 886 887S90 888R$* <$- . $+ > $* $: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4 889R$* <$~[ : $+ > $* $>95 < $2 : $3 > $4 check -- resolved? 890R$* < . $+ > $* $@ $>90 $1 . <$2> $3 no -- strip & try again 891R$* < $* > $* $: < $(mailertable . $@ $1$2 $) > $3 try "." 892R< $~[ : $+ > $* $>95 < $1 : $2 > $3 "." found? 893R< $* > $* $@ $2 no mailertable match', 894`dnl') 895 896################################################################### 897### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ### 898################################################################### 899 900S95 901R< > $* $@ $1 strip off null relay 902R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2 903R< local : $* > $* $>CanonLocal < $1 > $2 904R< $- : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user 905R< $- : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer 906R< $=w > $* $@ $2 delete local host 907R< $+ > $* $#_RELAY_ $@ $1 $: $2 use unqualified mailer 908 909################################################################### 910### Ruleset CanonLocal -- canonify local: syntax ### 911################################################################### 912 913SCanonLocal 914# strip trailing dot from any host name that may appear 915R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 > 916 917# handle local: syntax -- use old user, either with or without host 918R< > $* < @ $* > $* $#_LOCAL_ $@ $1@$2 $: $1 919R< > $+ $#_LOCAL_ $@ $1 $: $1 920 921# handle local:user@host syntax -- ignore host part 922R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 > 923 924# handle local:user syntax 925R< $+ > $* <@ $* > $* $#_LOCAL_ $@ $2@$3 $: $1 926R< $+ > $* $#_LOCAL_ $@ $2 $: $1 927 928################################################################### 929### Ruleset 93 -- convert header names to masqueraded form ### 930################################################################### 931 932S93 933 934ifdef(`GENERICS_TABLE', `dnl 935# handle generics database 936ifdef(`_GENERICS_ENTIRE_DOMAIN_', 937`R$+ < @ $* $=G . > $: < $1@$2$3 > $1 < @ $2$3 . > @ mark', 938`R$+ < @ $=G . > $: < $1@$2 > $1 < @ $2 . > @ mark') 939R$+ < @ *LOCAL* > $: < $1@$j > $1 < @ *LOCAL* > @ mark 940R< $+ > $+ < $* > @ $: < $(generics $1 $: $) > $2 < $3 > 941R< > $+ < @ $+ > $: < $(generics $1 $: $) > $1 < @ $2 > 942R< $* @ $* > $* < $* > $@ $>3 $1 @ $2 found qualified 943R< $+ > $* < $* > $: $>3 $1 @ *LOCAL* found unqualified 944R< > $* $: $1 not found', 945`dnl') 946 947# special case the users that should be exposed 948R$=E < @ *LOCAL* > $@ $1 < @ $j . > leave exposed 949ifdef(`_MASQUERADE_ENTIRE_DOMAIN_', 950`R$=E < @ $* $=M . > $@ $1 < @ $2 $3 . >', 951`R$=E < @ $=M . > $@ $1 < @ $2 . >') 952ifdef(`_LIMITED_MASQUERADE_', `dnl', 953`R$=E < @ $=w . > $@ $1 < @ $2 . >') 954 955# handle domain-specific masquerading 956ifdef(`_MASQUERADE_ENTIRE_DOMAIN_', 957`R$* < @ $* $=M . > $* $: $1 < @ $2 $3 . @ $M > $4 convert masqueraded doms', 958`R$* < @ $=M . > $* $: $1 < @ $2 . @ $M > $3 convert masqueraded doms') 959ifdef(`_LIMITED_MASQUERADE_', `dnl', 960`R$* < @ $=w . > $* $: $1 < @ $2 . @ $M > $3') 961R$* < @ *LOCAL* > $* $: $1 < @ $j . @ $M > $2 962R$* < @ $+ @ > $* $: $1 < @ $2 > $3 $M is null 963R$* < @ $+ @ $+ > $* $: $1 < @ $3 . > $4 $M is not null 964 965################################################################### 966### Ruleset 94 -- convert envelope names to masqueraded form ### 967################################################################### 968 969S94 970ifdef(`_MASQUERADE_ENVELOPE_', 971`R$+ $@ $>93 $1', 972`R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2') 973 974################################################################### 975### Ruleset 98 -- local part of ruleset zero (can be null) ### 976################################################################### 977 978S98 979undivert(3)dnl 980 981ifelse(substr(confDELIVERY_MODE,0,1), `d', `errprint(`WARNING: Antispam rules not available in deferred delivery mode.')') 982ifdef(`ACCESS_TABLE', `dnl 983###################################################################### 984### LookUpDomain -- search for domain in access database 985### 986### Parameters: 987### <$1> -- key (domain name) 988### <$2> -- default (what to return if not found in db) 989### <$3> -- passthru (additional data passed unchanged through) 990###################################################################### 991 992SLookUpDomain 993R<$+> <$+> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <$3> 994R<?> <$+.$+> <$+> <$*> $@ $>LookUpDomain <$2> <$3> <$4> 995R<?> <$+> <$+> <$*> $@ <$2> <$3> 996R<$*> <$+> <$+> <$*> $@ <$1> <$4> 997 998###################################################################### 999### LookUpAddress -- search for host address in access database 1000### 1001### Parameters: 1002### <$1> -- key (dot quadded host address) 1003### <$2> -- default (what to return if not found in db) 1004### <$3> -- passthru (additional data passed through) 1005###################################################################### 1006 1007SLookUpAddress 1008R<$+> <$+> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <$3> 1009R<?> <$+.$-> <$+> <$*> $@ $>LookUpAddress <$1> <$3> <$4> 1010R<?> <$+> <$+> <$*> $@ <$2> <$3> 1011R<$*> <$+> <$+> <$*> $@ <$1> <$4>', 1012`dnl') 1013 1014###################################################################### 1015### CanonAddr -- Convert an address into a standard form for 1016### relay checking. Route address syntax is 1017### crudely converted into a %-hack address. 1018### 1019### Parameters: 1020### $1 -- full recipient address 1021### 1022### Returns: 1023### parsed address, not in source route form 1024###################################################################### 1025 1026SCanonAddr 1027R$* $: $>Parse0 $>3 $1 make domain canonical 1028R< @ $+ > : $* @ $* < @ $1 > : $2 % $3 change @ to % in src route 1029R$* < @ $+ > : $* : $* $3 $1 < @ $2 > : $4 change to % hack. 1030R$* < @ $+ > : $* $3 $1 < @ $2 > 1031 1032###################################################################### 1033### ParseRecipient -- Strip off hosts in $=R as well as possibly 1034### $* $=m or the access database. 1035### Check user portion for host separators. 1036### 1037### Parameters: 1038### $1 -- full recipient address 1039### 1040### Returns: 1041### parsed, non-local-relaying address 1042###################################################################### 1043 1044SParseRecipient 1045R$* $: <?> $>CanonAddr $1 1046R<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots 1047R<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part 1048 1049# if no $=O character, no host in the user portion, we are done 1050R<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4> 1051R<?> $* $@ $1 1052 1053ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl 1054# if we relay, check username portion for user%host so host can be checked also 1055R<NO> $* < @ $* $=m > $: <RELAY> $1 < @ $2 $3 >', `dnl') 1056 1057ifdef(`_RELAY_MX_SERVED_', `dnl 1058R<NO> $* < @ $+ > $: <MX> < : $(mxserved $2 $) : > < $1 < @$2 > > 1059R<MX> < : $* <TEMP> : > $* $#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1 1060R<MX> < $* : $=w. : $* > < $+ > $: <RELAY> $4 1061R<MX> < : $* : > < $+ > $: <NO> $2', `dnl') 1062 1063ifdef(`_RELAY_HOSTS_ONLY_', 1064`R<NO> $* < @ $=R > $: <RELAY> $1 < @ $2 > 1065ifdef(`ACCESS_TABLE', `dnl 1066R<NO> $* < @ $+ > $: <$(access $2 $: NO $)> $1 < @ $2 >',`dnl')', 1067`R<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 > 1068ifdef(`ACCESS_TABLE', `dnl 1069R<NO> $* < @ $+ > $: $>LookUpDomain <$2> <NO> <$1 < @ $2 >> 1070R<$+> <$+> $: <$1> $2',`dnl')') 1071 1072R<RELAY> $* < @ $* > $@ $>ParseRecipient $1 1073R<$-> $* $@ $2 1074 1075###################################################################### 1076### check_relay -- check hostname/address on SMTP startup 1077###################################################################### 1078 1079SLocal_check_relay 1080Scheck_relay 1081R$* $: $1 $| $>"Local_check_relay" $1 1082R$* $| $* $| $#$* $#$3 1083R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2 1084 1085SBasic_check_relay 1086# check for deferred delivery mode 1087R$* $: < ${deliveryMode} > $1 1088R< d > $* $@ deferred 1089R< $* > $* $: $2 1090 1091ifdef(`ACCESS_TABLE', `dnl 1092R$+ $| $+ $: $>LookUpDomain < $1 > <?> < $2 > 1093R<?> < $+ > $: $>LookUpAddress < $1 > <?> < $1 > 1094R<?> < $+ > $: $1 1095R<OK> < $* > $@ OK 1096R<RELAY> < $* > $@ RELAY 1097R<REJECT> $* $#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')" 1098R<DISCARD> $* $#discard $: discard 1099R<$+> $* $#error $@ 5.7.1 $: $1', `dnl') 1100 1101ifdef(`_RBL_', `dnl 1102# DNS based IP address spam lists 1103R$* $: $&{client_addr} 1104R$-.$-.$-.$- $: $(host $4.$3.$2.$1._RBL_. $: OK $) 1105ROK $@ OK 1106R$+ $#error $@ 5.7.1 $: "Mail from " $&{client_addr} " refused by blackhole site _RBL_"', 1107`dnl') 1108 1109###################################################################### 1110### check_mail -- check SMTP ``MAIL FROM:'' command argument 1111###################################################################### 1112 1113SLocal_check_mail 1114Scheck_mail 1115R$* $: $1 $| $>"Local_check_mail" $1 1116R$* $| $#$* $#$2 1117R$* $| $* $@ $>"Basic_check_mail" $1 1118 1119SBasic_check_mail 1120# check for deferred delivery mode 1121R$* $: < ${deliveryMode} > $1 1122R< d > $* $@ deferred 1123R< $* > $* $: $2 1124 1125R<> $@ <OK> 1126R$* $: <?> $>CanonAddr $1 1127R<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots 1128# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) 1129R<?> $* < $* $=P > $* $: <OK> $1 < @ $2 $3 > $4 1130ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_', 1131`R<?> $* < @ $+ > $* $: <OK> $1 < @ $2 > $3 ... unresolvable OK', 1132`R<?> $* < @ $+ > $* $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 > $3 1133R<? $* <$->> $* < @ $+ > $* 1134 $: <$2> $3 < @ $4 > $5') 1135 1136ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl 1137# handle case of @localhost on address 1138R<$+> $* < @localhost > $: < ? $&{client_name} > <$1> $2 < @localhost > 1139R<$+> $* < @localhost.$m > 1140 $: < ? $&{client_name} > <$1> $2 < @localhost.$m > 1141ifdef(`_NO_UUCP_', `dnl', 1142`R<$+> $* < @localhost.UUCP > 1143 $: < ? $&{client_name} > <$1> $2 < @localhost.UUCP >') 1144R<? $=w> <$+> $* <?> <$2> $3 1145R<? $+> <$+> $* $#error $@ 5.5.4 $: "553 Real domain name required" 1146R<?> <$+> $* $: <$1> $2') 1147 1148ifdef(`ACCESS_TABLE', `dnl 1149# lookup localpart (user@) 1150R<$+> $* < @ $+ > $* $: <USER $(access $2@ $: ? $) > <$1> $2 < @ $3 > $4 1151# no match, try full address (user@domain rest) 1152R<USER ?> <$+> $* < @ $* > $* 1153 $: <USER $(access $2@$3$4 $: ? $) > <$1> $2 < @ $3 > $4 1154# no match, try address (user@domain) 1155R<USER ?> <$+> $+ < @ $+ > $* 1156 $: <USER $(access $2@$3 $: ? $) > <$1> $2 < @ $3 > $4 1157# no match, try (sub)domain (domain) 1158R<USER ?> <$+> $* < @ $+ > $* 1159 $: $>LookUpDomain <$3> <$1> <> 1160# check unqualified user in access database 1161R<?> $* $: <USER $(access $1@ $: ? $) > <?> $1 1162# retransform for further use 1163R<USER $+> <$+> $* $: <$1> $3', 1164`dnl') 1165 1166ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl 1167# handle case of no @domain on address 1168R<?> $* $: < ? $&{client_name} > $1 1169R<?> $* $@ <OK> ...local unqualed ok 1170R<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required" 1171 ...remote is not') 1172# check results 1173R<?> $* $@ <OK> 1174R<OK> $* $@ <OK> 1175R<TEMP> $* $#error $@ 4.1.8 $: "451 Sender domain must resolve" 1176R<PERM> $* $#error $@ 5.1.8 $: "501 Sender domain must exist" 1177ifdef(`ACCESS_TABLE', `dnl 1178R<RELAY> $* $@ <RELAY> 1179R<DISCARD> $* $#discard $: discard 1180R<REJECT> $* $#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')" 1181R<$+> $* $#error $@ 5.7.1 $: $1 error from access db', 1182`dnl') 1183 1184###################################################################### 1185### check_rcpt -- check SMTP ``RCPT TO:'' command argument 1186###################################################################### 1187 1188SLocal_check_rcpt 1189Scheck_rcpt 1190R$* $: $1 $| $>"Local_check_rcpt" $1 1191R$* $| $#$* $#$2 1192R$* $| $* $@ $>"Basic_check_rcpt" $1 1193 1194SBasic_check_rcpt 1195# check for deferred delivery mode 1196R$* $: < ${deliveryMode} > $1 1197R< d > $* $@ deferred 1198R< $* > $* $: $2 1199 1200ifdef(`_LOOSE_RELAY_CHECK_',`dnl 1201R$* $: $>CanonAddr $1 1202R$* < @ $* . > $1 < @ $2 > strip trailing dots', 1203`R$* $: $>ParseRecipient $1 strip relayable hosts') 1204 1205ifdef(`_BESTMX_IS_LOCAL_',`dnl 1206ifelse(_BESTMX_IS_LOCAL_, `', `dnl 1207# unlimited bestmx 1208R$* < @ $* > $* $: $1 < @ $2 @@ $(bestmx $2 $) > $3', 1209`dnl 1210# limit bestmx to $=B 1211R$* < @ $* $=B > $* $: $1 < @ $2 $3 . @@ $(bestmx $2 $3 $) > $4') 1212R$* $=O $* < @ $* @@ $=w . > $* $@ $>Basic_check_rcpt $1 $2 $3 1213R$* < @ $* @@ $=w . > $* $: $1 < @ $3 > $4 1214R$* < @ $* @@ $* > $* $: $1 < @ $2 > $4') 1215 1216ifdef(`_BLACKLIST_RCPT_',`dnl 1217ifdef(`ACCESS_TABLE', `dnl 1218# blacklist local users or any host from receiving mail 1219R$* $: <?> $1 1220R<?> $+ < @ $=w > $: <> <USER $1> <FULL $1@$2> <HOST $2> <$1 < @ $2 >> 1221R<?> $+ < @ $* > $: <> <FULL $1@$2> <HOST $2> <$1 < @ $2 >> 1222R<?> $+ $: <> <USER $1> <$1> 1223R<> <USER $+> $* $: <$(access $1 $: $)> $2 1224R<> <FULL $+> $* $: <$(access $1 $: $)> $2 1225R<OK> <FULL $+> $* $: <$(access $1 $: $)> $2 1226R<> <HOST $+> $* $: <$(access $1 $: $)> $2 1227R<OK> <HOST $+> $* $: <$(access $1 $: $)> $2 1228R<> <$*> $: $1 1229R<OK> <$*> $: $1 1230R<RELAY> <$*> $: $1 1231R<REJECT> $* $#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient" 1232R<$+> $* $#error $@ 5.2.1 $: $1 error from access db', `dnl')', `dnl') 1233 1234ifdef(`_PROMISCUOUS_RELAY_', `dnl', `dnl 1235# anything terminating locally is ok 1236ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl 1237R$+ < @ $* $=m > $@ OK', `dnl') 1238R$+ < @ $=w > $@ OK 1239ifdef(`_RELAY_HOSTS_ONLY_', 1240`R$+ < @ $=R > $@ OK 1241ifdef(`ACCESS_TABLE', `dnl 1242R$+ < @ $* > $: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')', 1243`R$+ < @ $* $=R > $@ OK 1244ifdef(`ACCESS_TABLE', `dnl 1245R$+ < @ $* > $: $>LookUpDomain <$2> <?> <$1 < @ $2 >>',`dnl')') 1246ifdef(`ACCESS_TABLE', `dnl 1247R<RELAY> $* $@ RELAY 1248R<$*> <$*> $: $2',`dnl') 1249 1250ifdef(`_RELAY_MX_SERVED_', `dnl 1251# allow relaying for hosts which we MX serve 1252R$+ < @ $* > $: < : $(mxserved $2 $) : > $1 < @ $2 > 1253R< : $* <TEMP> : > $* $#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1 1254R<$* : $=w . : $*> $* $@ OK 1255R< : $* : > $* $: $2', 1256`dnl') 1257 1258# check for local user (i.e. unqualified address) 1259R$* $: <?> $1 1260R<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 > 1261# local user is ok 1262R<?> $+ $@ OK 1263R<$+> $* $: $2 1264 1265# anything originating locally is ok 1266R$* $: <?> $&{client_name} 1267# check if bracketed IP address (forward lookup != reverse lookup) 1268R<?> [$+] $: <BAD> [$1] 1269# pass to name server to make hostname canonical 1270R<?> $* $~P $: <?> $[ $1 $2 $] 1271R<$-> $* $: $2 1272R$* . $1 strip trailing dots 1273R$@ $@ OK 1274ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl 1275R$* $=m $@ OK', `dnl') 1276R$=w $@ OK 1277ifdef(`_RELAY_HOSTS_ONLY_', 1278`R$=R $@ OK 1279ifdef(`ACCESS_TABLE', `dnl 1280R$* $: <$(access $1 $: ? $)> <$1>',`dnl')', 1281`R$* $=R $@ OK 1282ifdef(`ACCESS_TABLE', `dnl 1283R$* $: $>LookUpDomain <$1> <?> <$1>',`dnl')') 1284ifdef(`ACCESS_TABLE', `dnl 1285R<RELAY> $* $@ RELAY 1286R<$*> <$*> $: $2',`dnl') 1287 1288# check IP address 1289R$* $: $&{client_addr} 1290R$@ $@ OK originated locally 1291R0 $@ OK originated locally 1292R$=R $* $@ OK relayable IP address 1293ifdef(`ACCESS_TABLE', `dnl 1294R$* $: $>LookUpAddress <$1> <?> <$1> 1295R<RELAY> $* $@ RELAY relayable IP address 1296R<$*> <$*> $: $2', `dnl') 1297R$* $: [ $1 ] put brackets around it... 1298R$=w $@ OK ... and see if it is local 1299 1300ifdef(`_RELAY_LOCAL_FROM_', `dnl 1301# anything with a local FROM is ok 1302R$* $: $1 $| $>CanonAddr $&f 1303R$* $| $+ < @ $=w . > $@ OK FROM local 1304R$* $| $* $: $1 1305', `dnl') 1306 1307# anything else is bogus 1308R$* $#error $@ 5.7.1 $: "550 Relaying denied"') 1309 1310undivert(9)dnl 1311# 1312###################################################################### 1313###################################################################### 1314##### 1315`##### MAILER DEFINITIONS' 1316##### 1317###################################################################### 1318###################################################################### 1319undivert(7)dnl 1320