knecht.mc revision 90792 
1divert(-1)
2#
3# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
4#	All rights reserved.
5# Copyright (c) 1983 Eric P. Allman.  All rights reserved.
6# Copyright (c) 1988, 1993
7#	The Regents of the University of California.  All rights reserved.
8#
9# By using this file, you agree to the terms and conditions set
10# forth in the LICENSE file which can be found at the top level of
11# the sendmail distribution.
12#
13#
14
15#
16#  This is specific to Eric's home machine.
17#
18#	Run daemon with -bd -q5m
19#
20
21divert(0)
22VERSIONID(`$Id: knecht.mc,v 8.55 2001/08/01 22:20:40 eric Exp $')
23OSTYPE(bsd4.4)
24DOMAIN(generic)
25
26define(`ALIAS_FILE', ``/etc/mail/aliases, /var/listmanager/aliases'')
27define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward+$h:$z/.forward')
28define(`confDEF_USER_ID', `mailnull')
29define(`confHOST_STATUS_DIRECTORY', `.hoststat')
30define(`confTO_ICONNECT', `10s')
31define(`confCOPY_ERRORS_TO', `Postmaster')
32define(`confTO_QUEUEWARN', `8h')
33define(`confMIN_QUEUE_AGE', `27m')
34define(`confTRUSTED_USERS', ``www listmgr'')
35define(`confPRIVACY_FLAGS', ``authwarnings,noexpn,novrfy'')
36
37define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')
38define(`confCACERT_PATH', `CERT_DIR')
39define(`confCACERT', `CERT_DIR/CAcert.pem')
40define(`confSERVER_CERT', `CERT_DIR/MYcert.pem')
41define(`confSERVER_KEY', `CERT_DIR/MYkey.pem')
42define(`confCLIENT_CERT', `CERT_DIR/MYcert.pem')
43define(`confCLIENT_KEY', `CERT_DIR/MYkey.pem')
44
45FEATURE(access_db)
46FEATURE(local_lmtp)
47FEATURE(virtusertable)
48
49FEATURE(`nocanonify', `canonify_hosts')
50CANONIFY_DOMAIN(`sendmail.org')
51CANONIFY_DOMAIN_FILE(`/etc/mail/canonify-domains')
52
53dnl #  at most 10 queue runners
54define(`confMAX_QUEUE_CHILDREN', `20')
55
56define(`confMAX_RUNNERS_PER_QUEUE', `5')
57
58dnl #  run at most 10 concurrent processes for initial submission
59define(`confFAST_SPLIT', `10')
60
61dnl #  10 runners, split into at most 15 recipients per envelope
62QUEUE_GROUP(`mqueue', `P=/var/spool/mqueue, R=5, r=15, F=f')
63
64MAILER(local)
65MAILER(smtp)
66
67LOCAL_CONFIG
68#
69#  Regular expression to reject:
70#    * numeric-only localparts from aol.com and msn.com
71#    * localparts starting with a digit from juno.com
72#
73Kcheckaddress regex -a@MATCH
74   ^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com)\.?>
75
76#
77#  Names that won't be allowed in a To: line (local-part and domains)
78#
79C{RejectToLocalparts}	friend you
80C{RejectToDomains}	public.com
81
82LOCAL_RULESETS
83HTo: $>CheckTo
84
85SCheckTo
86R$={RejectToLocalparts}@$*	$#error $: "553 Header error"
87R$*@$={RejectToDomains}		$#error $: "553 Header error"
88
89HMessage-Id: $>CheckMessageId
90
91SCheckMessageId
92R< $+ @ $+ >			$@ OK
93R$*				$#error $: "554 Header error"
94
95HReceived: $>CheckReceived
96
97SCheckReceived
98R$* ......................................................... $*
99				$#error $: "554 Header error"
100
101#
102# Reject certain senders
103#	Regex match to catch things in quotes
104#
105HFrom: $>+CheckFrom
106KCheckFrom regex -a@MATCH
107	[^a-z]?(Net-Pa)[^a-z]
108
109SCheckFrom
110R$*				$: $( CheckFrom $1 $)
111R@MATCH				$#error $: "553 Header error"
112
113LOCAL_RULESETS
114SLocal_check_mail
115# check address against various regex checks
116R$*				$: $>Parse0 $>3 $1
117R$+				$: $(checkaddress $1 $)
118R@MATCH				$#error $: "553 Header error"
119
120#
121#  Following code from Anthony Howe <achowe@snert.com>.  The check
122#  for the Outlook Express marker may hit some legal messages, but
123#  the Content-Disposition is clearly illegal.
124#
125
126#########################################################################
127#
128# w32.sircam.worm@mm
129#
130# There are serveral patterns that appear common ONLY to SirCam worm and
131# not to Outlook Express, which claims to have sent the worm.  There are
132# four headers that always appear together and in this order:
133#
134#  X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
135#  X-Mailer: Microsoft Outlook Express 5.50.4133.2400
136#  Content-Type: multipart/mixed; boundary="----27AA9124_Outlook_Express_message_boundary"
137#  Content-Disposition: Multipart message
138#
139# Empirical study of the worm message headers vs. true Outlook Express
140# (5.50.4133.2400 & 5.50.4522.1200) messages with multipart/mixed attachments
141# shows Outlook Express does:
142#
143#  a) NOT supply a Content-Disposition header for multipart/mixed messages.
144#  b) NOT specify the header X-MimeOLE header name in all-caps
145#  c) NOT specify boundary tag with the expression "_Outlook_Express_message_boundary"
146#
147# The solution below catches any one of this three issues. This is not an ideal
148# solution, but a temporary measure. A correct solution would be to check for
149# the presence of ALL three header attributes. Also the solution is incomplete
150# since Outlook Express 5.0 and 4.0 were not compared.
151#
152# NOTE regex keys are first dequoted and spaces removed before matching.
153# This caused me no end of grief.
154#
155#########################################################################
156
157LOCAL_RULESETS
158
159KSirCamWormMarker regex -f -aSUSPECT multipart/mixed;boundary=----.+_Outlook_Express_message_boundary
160HContent-Type:		$>CheckContentType
161
162SCheckContentType
163R$+			$: $(SirCamWormMarker $1 $)
164RSUSPECT		$#error $: "553 Possible virus, see http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html"
165
166HContent-Disposition:	$>CheckContentDisposition
167
168SCheckContentDisposition
169R$-			$@ OK
170R$- ; $+		$@ OK
171R$*			$#error $: "553 Illegal Content-Disposition"
172