knecht.mc revision 90792
1divert(-1) 2# 3# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. 4# All rights reserved. 5# Copyright (c) 1983 Eric P. Allman. All rights reserved. 6# Copyright (c) 1988, 1993 7# The Regents of the University of California. All rights reserved. 8# 9# By using this file, you agree to the terms and conditions set 10# forth in the LICENSE file which can be found at the top level of 11# the sendmail distribution. 12# 13# 14 15# 16# This is specific to Eric's home machine. 17# 18# Run daemon with -bd -q5m 19# 20 21divert(0) 22VERSIONID(`$Id: knecht.mc,v 8.55 2001/08/01 22:20:40 eric Exp $') 23OSTYPE(bsd4.4) 24DOMAIN(generic) 25 26define(`ALIAS_FILE', ``/etc/mail/aliases, /var/listmanager/aliases'') 27define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward+$h:$z/.forward') 28define(`confDEF_USER_ID', `mailnull') 29define(`confHOST_STATUS_DIRECTORY', `.hoststat') 30define(`confTO_ICONNECT', `10s') 31define(`confCOPY_ERRORS_TO', `Postmaster') 32define(`confTO_QUEUEWARN', `8h') 33define(`confMIN_QUEUE_AGE', `27m') 34define(`confTRUSTED_USERS', ``www listmgr'') 35define(`confPRIVACY_FLAGS', ``authwarnings,noexpn,novrfy'') 36 37define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs') 38define(`confCACERT_PATH', `CERT_DIR') 39define(`confCACERT', `CERT_DIR/CAcert.pem') 40define(`confSERVER_CERT', `CERT_DIR/MYcert.pem') 41define(`confSERVER_KEY', `CERT_DIR/MYkey.pem') 42define(`confCLIENT_CERT', `CERT_DIR/MYcert.pem') 43define(`confCLIENT_KEY', `CERT_DIR/MYkey.pem') 44 45FEATURE(access_db) 46FEATURE(local_lmtp) 47FEATURE(virtusertable) 48 49FEATURE(`nocanonify', `canonify_hosts') 50CANONIFY_DOMAIN(`sendmail.org') 51CANONIFY_DOMAIN_FILE(`/etc/mail/canonify-domains') 52 53dnl # at most 10 queue runners 54define(`confMAX_QUEUE_CHILDREN', `20') 55 56define(`confMAX_RUNNERS_PER_QUEUE', `5') 57 58dnl # run at most 10 concurrent processes for initial submission 59define(`confFAST_SPLIT', `10') 60 61dnl # 10 runners, split into at most 15 recipients per envelope 62QUEUE_GROUP(`mqueue', `P=/var/spool/mqueue, R=5, r=15, F=f') 63 64MAILER(local) 65MAILER(smtp) 66 67LOCAL_CONFIG 68# 69# Regular expression to reject: 70# * numeric-only localparts from aol.com and msn.com 71# * localparts starting with a digit from juno.com 72# 73Kcheckaddress regex -a@MATCH 74 ^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com)\.?> 75 76# 77# Names that won't be allowed in a To: line (local-part and domains) 78# 79C{RejectToLocalparts} friend you 80C{RejectToDomains} public.com 81 82LOCAL_RULESETS 83HTo: $>CheckTo 84 85SCheckTo 86R$={RejectToLocalparts}@$* $#error $: "553 Header error" 87R$*@$={RejectToDomains} $#error $: "553 Header error" 88 89HMessage-Id: $>CheckMessageId 90 91SCheckMessageId 92R< $+ @ $+ > $@ OK 93R$* $#error $: "554 Header error" 94 95HReceived: $>CheckReceived 96 97SCheckReceived 98R$* ......................................................... $* 99 $#error $: "554 Header error" 100 101# 102# Reject certain senders 103# Regex match to catch things in quotes 104# 105HFrom: $>+CheckFrom 106KCheckFrom regex -a@MATCH 107 [^a-z]?(Net-Pa)[^a-z] 108 109SCheckFrom 110R$* $: $( CheckFrom $1 $) 111R@MATCH $#error $: "553 Header error" 112 113LOCAL_RULESETS 114SLocal_check_mail 115# check address against various regex checks 116R$* $: $>Parse0 $>3 $1 117R$+ $: $(checkaddress $1 $) 118R@MATCH $#error $: "553 Header error" 119 120# 121# Following code from Anthony Howe <achowe@snert.com>. The check 122# for the Outlook Express marker may hit some legal messages, but 123# the Content-Disposition is clearly illegal. 124# 125 126######################################################################### 127# 128# w32.sircam.worm@mm 129# 130# There are serveral patterns that appear common ONLY to SirCam worm and 131# not to Outlook Express, which claims to have sent the worm. There are 132# four headers that always appear together and in this order: 133# 134# X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 135# X-Mailer: Microsoft Outlook Express 5.50.4133.2400 136# Content-Type: multipart/mixed; boundary="----27AA9124_Outlook_Express_message_boundary" 137# Content-Disposition: Multipart message 138# 139# Empirical study of the worm message headers vs. true Outlook Express 140# (5.50.4133.2400 & 5.50.4522.1200) messages with multipart/mixed attachments 141# shows Outlook Express does: 142# 143# a) NOT supply a Content-Disposition header for multipart/mixed messages. 144# b) NOT specify the header X-MimeOLE header name in all-caps 145# c) NOT specify boundary tag with the expression "_Outlook_Express_message_boundary" 146# 147# The solution below catches any one of this three issues. This is not an ideal 148# solution, but a temporary measure. A correct solution would be to check for 149# the presence of ALL three header attributes. Also the solution is incomplete 150# since Outlook Express 5.0 and 4.0 were not compared. 151# 152# NOTE regex keys are first dequoted and spaces removed before matching. 153# This caused me no end of grief. 154# 155######################################################################### 156 157LOCAL_RULESETS 158 159KSirCamWormMarker regex -f -aSUSPECT multipart/mixed;boundary=----.+_Outlook_Express_message_boundary 160HContent-Type: $>CheckContentType 161 162SCheckContentType 163R$+ $: $(SirCamWormMarker $1 $) 164RSUSPECT $#error $: "553 Possible virus, see http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html" 165 166HContent-Disposition: $>CheckContentDisposition 167 168SCheckContentDisposition 169R$- $@ OK 170R$- ; $+ $@ OK 171R$* $#error $: "553 Illegal Content-Disposition" 172