submit.cf revision 120256
1#
2# Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
3#	All rights reserved.
4# Copyright (c) 1983, 1995 Eric P. Allman.  All rights reserved.
5# Copyright (c) 1988, 1993
6#	The Regents of the University of California.  All rights reserved.
7#
8# By using this file, you agree to the terms and conditions set
9# forth in the LICENSE file which can be found at the top level of
10# the sendmail distribution.
11#
12#
13
14######################################################################
15######################################################################
16#####
17#####		SENDMAIL CONFIGURATION FILE
18#####
19#####
20######################################################################
21#####
22#####	DO NOT EDIT THIS FILE!  Only edit the source .mc file.
23#####
24######################################################################
25######################################################################
26
27#####  $Id: cfhead.m4,v 8.108.2.3 2003/04/03 17:51:51 ca Exp $  #####
28#####  $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $  #####
29#####  $Id: submit.mc,v 8.6.2.7 2003/09/10 22:11:56 ca Exp $  #####
30#####  $Id: msp.m4,v 1.32 2002/03/26 22:02:03 ca Exp $  #####
31
32#####  $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $  #####
33
34
35#####  $Id: proto.m4,v 8.649.2.24 2003/08/04 21:14:26 ca Exp $  #####
36
37# level 10 config file format
38V10/Berkeley
39
40# override file safeties - setting this option compromises system security,
41# addressing the actual file configuration problem is preferred
42# need to set this before any file actions are encountered in the cf file
43#O DontBlameSendmail=safe
44
45# default LDAP map specification
46# need to set this now before any LDAP maps are defined
47#O LDAPDefaultSpec=-h localhost
48
49##################
50#   local info   #
51##################
52
53# my LDAP cluster
54# need to set this before any LDAP lookups are done (including classes)
55#D{sendmailMTACluster}$m
56
57Cwlocalhost
58
59# my official domain name
60# ... define this only if sendmail cannot automatically determine your domain
61#Dj$w.Foo.COM
62
63CP.
64
65# "Smart" relay host (may be null)
66DS
67
68
69# operators that cannot be in local usernames (i.e., network indicators)
70CO @ % !
71
72# a class with just dot (for identifying canonical names)
73C..
74
75# a class with just a left bracket (for identifying domain literals)
76C[[
77
78
79# Resolve map (to check if a host exists in check_mail)
80Kresolve host -a<OKR> -T<TEMP>
81C{ResOk}OKR
82
83
84# Hosts for which relaying is permitted ($=R)
85FR-o /etc/mail/relay-domains
86
87# arithmetic map
88Karith arith
89
90
91
92
93
94# dequoting map
95Kdequote dequote
96
97# class E: names that should be exposed as from this host, even if we masquerade
98# class L: names that should be delivered locally, even if we have a relay
99# class M: domains that should be converted to $M
100# class N: domains that should not be converted to $M
101#CL root
102
103
104
105# my name for error messages
106DnMAILER-DAEMON
107
108
109D{MTAHost}[127.0.0.1]
110
111
112# Configuration version number
113DZ8.12.10/Submit
114
115
116###############
117#   Options   #
118###############
119
120# strip message body to 7 bits on input?
121O SevenBitInput=False
122
123# 8-bit data handling
124#O EightBitMode=pass8
125
126# wait for alias file rebuild (default units: minutes)
127O AliasWait=10
128
129# location of alias file
130#O AliasFile=/etc/mail/aliases
131
132# minimum number of free blocks on filesystem
133O MinFreeBlocks=100
134
135# maximum message size
136#O MaxMessageSize=1000000
137
138# substitution for space (blank) characters
139O BlankSub=.
140
141# avoid connecting to "expensive" mailers on initial submission?
142O HoldExpensive=False
143
144# checkpoint queue runs after every N successful deliveries
145#O CheckpointInterval=10
146
147# default delivery mode
148O DeliveryMode=i
149
150# error message header/file
151#O ErrorHeader=/etc/mail/error-header
152
153# error mode
154#O ErrorMode=print
155
156# save Unix-style "From_" lines at top of header?
157#O SaveFromLine=False
158
159# queue file mode (qf files)
160O QueueFileMode=0660
161
162# temporary file mode
163O TempFileMode=0600
164
165# match recipients against GECOS field?
166#O MatchGECOS=False
167
168# maximum hop count
169#O MaxHopCount=25
170
171# location of help file
172O HelpFile=/etc/mail/helpfile
173
174# ignore dots as terminators in incoming messages?
175#O IgnoreDots=False
176
177# name resolver options
178#O ResolverOptions=+AAONLY
179
180# deliver MIME-encapsulated error messages?
181O SendMimeErrors=True
182
183# Forward file search path
184O ForwardPath
185
186# open connection cache size
187O ConnectionCacheSize=2
188
189# open connection cache timeout
190O ConnectionCacheTimeout=5m
191
192# persistent host status directory
193#O HostStatusDirectory=.hoststat
194
195# single thread deliveries (requires HostStatusDirectory)?
196#O SingleThreadDelivery=False
197
198# use Errors-To: header?
199O UseErrorsTo=False
200
201# log level
202O LogLevel=9
203
204# send to me too, even in an alias expansion?
205#O MeToo=True
206
207# verify RHS in newaliases?
208O CheckAliases=False
209
210# default messages to old style headers if no special punctuation?
211O OldStyleHeaders=True
212
213# SMTP daemon options
214
215O DaemonPortOptions=Name=NoMTA, Addr=127.0.0.1, M=E
216
217# SMTP client options
218#O ClientPortOptions=Family=inet, Address=0.0.0.0
219
220# Modifiers to define {daemon_flags} for direct submissions
221#O DirectSubmissionModifiers
222
223# Use as mail submission program? See sendmail/SECURITY
224O UseMSP=True
225
226# privacy flags
227O PrivacyOptions=goaway,noetrn,restrictqrun
228
229# who (if anyone) should get extra copies of error messages
230#O PostmasterCopy=Postmaster
231
232# slope of queue-only function
233#O QueueFactor=600000
234
235# limit on number of concurrent queue runners
236#O MaxQueueChildren
237
238# maximum number of queue-runners per queue-grouping with multiple queues
239#O MaxRunnersPerQueue=1
240
241# priority of queue runners (nice(3))
242#O NiceQueueRun
243
244# shall we sort the queue by hostname first?
245#O QueueSortOrder=priority
246
247# minimum time in queue before retry
248#O MinQueueAge=30m
249
250# how many jobs can you process in the queue?
251#O MaxQueueRunSize=10000
252
253# perform initial split of envelope without checking MX records
254#O FastSplit=1
255
256# queue directory
257O QueueDirectory=/var/spool/clientmqueue
258
259# key for shared memory; 0 to turn off
260#O SharedMemoryKey=0
261
262
263
264# timeouts (many of these)
265#O Timeout.initial=5m
266#O Timeout.connect=5m
267#O Timeout.aconnect=0s
268#O Timeout.iconnect=5m
269#O Timeout.helo=5m
270#O Timeout.mail=10m
271#O Timeout.rcpt=1h
272#O Timeout.datainit=5m
273#O Timeout.datablock=1h
274#O Timeout.datafinal=1h
275#O Timeout.rset=5m
276#O Timeout.quit=2m
277#O Timeout.misc=2m
278#O Timeout.command=1h
279#O Timeout.ident=5s
280#O Timeout.fileopen=60s
281#O Timeout.control=2m
282O Timeout.queuereturn=5d
283#O Timeout.queuereturn.normal=5d
284#O Timeout.queuereturn.urgent=2d
285#O Timeout.queuereturn.non-urgent=7d
286
287O Timeout.queuewarn=4h
288#O Timeout.queuewarn.normal=4h
289#O Timeout.queuewarn.urgent=1h
290#O Timeout.queuewarn.non-urgent=12h
291
292#O Timeout.hoststatus=30m
293#O Timeout.resolver.retrans=5s
294#O Timeout.resolver.retrans.first=5s
295#O Timeout.resolver.retrans.normal=5s
296#O Timeout.resolver.retry=4
297#O Timeout.resolver.retry.first=4
298#O Timeout.resolver.retry.normal=4
299#O Timeout.lhlo=2m
300#O Timeout.auth=10m
301#O Timeout.starttls=1h
302
303# time for DeliverBy; extension disabled if less than 0
304#O DeliverByMin=0
305
306# should we not prune routes in route-addr syntax addresses?
307#O DontPruneRoutes=False
308
309# queue up everything before forking?
310O SuperSafe=True
311
312# status file
313O StatusFile=/var/spool/clientmqueue/sm-client.st
314
315# time zone handling:
316#  if undefined, use system default
317#  if defined but null, use TZ envariable passed in
318#  if defined and non-null, use that info
319O TimeZoneSpec=
320
321# default UID (can be username or userid:groupid)
322#O DefaultUser=mailnull
323
324# list of locations of user database file (null means no lookup)
325#O UserDatabaseSpec=/etc/mail/userdb
326
327# fallback MX host
328#O FallbackMXhost=fall.back.host.net
329
330# if we are the best MX host for a site, try it directly instead of config err
331#O TryNullMXList=False
332
333# load average at which we just queue messages
334#O QueueLA=8
335
336# load average at which we refuse connections
337#O RefuseLA=12
338
339# load average at which we delay connections; 0 means no limit
340#O DelayLA=0
341
342# maximum number of children we allow at one time
343#O MaxDaemonChildren=0
344
345# maximum number of new connections per second
346#O ConnectionRateThrottle=0
347
348# work recipient factor
349#O RecipientFactor=30000
350
351# deliver each queued job in a separate process?
352#O ForkEachJob=False
353
354# work class factor
355#O ClassFactor=1800
356
357# work time factor
358#O RetryFactor=90000
359
360# default character set
361#O DefaultCharSet=iso-8859-1
362
363# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others)
364#O ServiceSwitchFile=/etc/mail/service.switch
365
366# hosts file (normally /etc/hosts)
367#O HostsFile=/etc/hosts
368
369# dialup line delay on connection failure
370#O DialDelay=10s
371
372# action to take if there are no recipients in the message
373#O NoRecipientAction=add-to-undisclosed
374
375# chrooted environment for writing to files
376#O SafeFileEnvironment=/arch
377
378# are colons OK in addresses?
379#O ColonOkInAddr=True
380
381# shall I avoid expanding CNAMEs (violates protocols)?
382#O DontExpandCnames=False
383
384# SMTP initial login message (old $e macro)
385O SmtpGreetingMessage=$j Sendmail $v/$Z; $b
386
387# UNIX initial From header format (old $l macro)
388O UnixFromLine=From $g $d
389
390# From: lines that have embedded newlines are unwrapped onto one line
391#O SingleLineFromHeader=False
392
393# Allow HELO SMTP command that does not include a host name
394#O AllowBogusHELO=False
395
396# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
397#O MustQuoteChars=.
398
399# delimiter (operator) characters (old $o macro)
400O OperatorChars=.:%@!^/[]+
401
402# shall I avoid calling initgroups(3) because of high NIS costs?
403O DontInitGroups=True
404
405# are group-writable :include: and .forward files (un)trustworthy?
406# True (the default) means they are not trustworthy.
407#O UnsafeGroupWrites=True
408
409
410# where do errors that occur when sending errors get sent?
411#O DoubleBounceAddress=postmaster
412
413# where to save bounces if all else fails
414#O DeadLetterDrop=/var/tmp/dead.letter
415
416# what user id do we assume for the majority of the processing?
417O RunAsUser=smmsp
418
419# maximum number of recipients per SMTP envelope
420#O MaxRecipientsPerMessage=100
421
422# limit the rate recipients per SMTP envelope are accepted
423# once the threshold number of recipients have been rejected
424#O BadRcptThrottle=20
425
426# shall we get local names from our installed interfaces?
427O DontProbeInterfaces=True
428
429# Return-Receipt-To: header implies DSN request
430#O RrtImpliesDsn=False
431
432# override connection address (for testing)
433#O ConnectOnlyTo=0.0.0.0
434
435# Trusted user for file ownership and starting the daemon
436O TrustedUser=smmsp
437
438# Control socket for daemon management
439#O ControlSocketName=/var/spool/mqueue/.control
440
441# Maximum MIME header length to protect MUAs
442#O MaxMimeHeaderLength=2048/1024
443
444# Maximum length of the sum of all headers
445#O MaxHeadersLength=32768
446
447# Maximum depth of alias recursion
448#O MaxAliasRecursion=10
449
450# location of pid file
451O PidFile=/var/spool/clientmqueue/sm-client.pid
452
453# Prefix string for the process title shown on 'ps' listings
454#O ProcessTitlePrefix=prefix
455
456# Data file (df) memory-buffer file maximum size
457#O DataFileBufferSize=4096
458
459# Transcript file (xf) memory-buffer file maximum size
460#O XscriptFileBufferSize=4096
461
462# lookup type to find information about local mailboxes
463#O MailboxDatabase=pw
464
465# list of authentication mechanisms
466#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
467
468# default authentication information for outgoing connections
469#O DefaultAuthInfo=/etc/mail/default-auth-info
470
471# SMTP AUTH flags
472#O AuthOptions
473
474# SMTP AUTH maximum encryption strength
475#O AuthMaxBits
476
477# SMTP STARTTLS server options
478#O TLSSrvOptions
479
480# Input mail filters
481#O InputMailFilters
482
483
484# CA directory
485#O CACertPath
486# CA file
487#O CACertFile
488# Server Cert
489#O ServerCertFile
490# Server private key
491#O ServerKeyFile
492# Client Cert
493#O ClientCertFile
494# Client private key
495#O ClientKeyFile
496# DHParameters (only required if DSA/DH is used)
497#O DHParameters
498# Random data source (required for systems without /dev/urandom under OpenSSL)
499#O RandFile
500
501############################
502# QUEUE GROUP DEFINITIONS  #
503############################
504
505
506###########################
507#   Message precedences   #
508###########################
509
510Pfirst-class=0
511Pspecial-delivery=100
512Plist=-30
513Pbulk=-60
514Pjunk=-100
515
516#####################
517#   Trusted users   #
518#####################
519
520# this is equivalent to setting class "t"
521#Ft/etc/mail/trusted-users
522Troot
523Tdaemon
524Tuucp
525
526#########################
527#   Format of headers   #
528#########################
529
530H?P?Return-Path: <$g>
531HReceived: $?sfrom $s $.$?_($?s$|from $.$_)
532	$.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.)
533	$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}
534	(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u
535	for $u; $|;
536	$.$b
537H?D?Resent-Date: $a
538H?D?Date: $a
539H?F?Resent-From: $?x$x <$g>$|$g$.
540H?F?From: $?x$x <$g>$|$g$.
541H?x?Full-Name: $x
542# HPosted-Date: $a
543# H?l?Received-Date: $b
544H?M?Resent-Message-Id: <$t.$i@$j>
545H?M?Message-Id: <$t.$i@$j>
546
547#
548######################################################################
549######################################################################
550#####
551#####			REWRITING RULES
552#####
553######################################################################
554######################################################################
555
556############################################
557###  Ruleset 3 -- Name Canonicalization  ###
558############################################
559Scanonify=3
560
561# handle null input (translate to <@> special case)
562R$@			$@ <@>
563
564# strip group: syntax (not inside angle brackets!) and trailing semicolon
565R$*			$: $1 <@>			mark addresses
566R$* < $* > $* <@>	$: $1 < $2 > $3			unmark <addr>
567R@ $* <@>		$: @ $1				unmark @host:...
568R$* [ IPv6 : $+ ] <@>	$: $1 [ IPv6 : $2 ]		unmark IPv6 addr
569R$* :: $* <@>		$: $1 :: $2			unmark node::addr
570R:include: $* <@>	$: :include: $1			unmark :include:...
571R$* : $* [ $* ]		$: $1 : $2 [ $3 ] <@>		remark if leading colon
572R$* : $* <@>		$: $2				strip colon if marked
573R$* <@>			$: $1				unmark
574R$* ;			   $1				strip trailing semi
575R$* < $+ :; > $*	$@ $2 :; <@>			catch <list:;>
576R$* < $* ; >		   $1 < $2 >			bogus bracketed semi
577
578# null input now results from list:; syntax
579R$@			$@ :; <@>
580
581# strip angle brackets -- note RFC733 heuristic to get innermost item
582R$*			$: < $1 >			housekeeping <>
583R$+ < $* >		   < $2 >			strip excess on left
584R< $* > $+		   < $1 >			strip excess on right
585R<>			$@ < @ >			MAIL FROM:<> case
586R< $+ >			$: $1				remove housekeeping <>
587
588# strip route address <@a,@b,@c:user@d> -> <user@d>
589R@ $+ , $+		$2
590R@ [ $* ] : $+		$2
591R@ $+ : $+		$2
592
593# find focus for list syntax
594R $+ : $* ; @ $+	$@ $>Canonify2 $1 : $2 ; < @ $3 >	list syntax
595R $+ : $* ;		$@ $1 : $2;			list syntax
596
597# find focus for @ syntax addresses
598R$+ @ $+		$: $1 < @ $2 >			focus on domain
599R$+ < $+ @ $+ >		$1 $2 < @ $3 >			move gaze right
600R$+ < @ $+ >		$@ $>Canonify2 $1 < @ $2 >	already canonical
601
602
603# convert old-style addresses to a domain-based address
604R$- ! $+		$@ $>Canonify2 $2 < @ $1 .UUCP >	resolve uucp names
605R$+ . $- ! $+		$@ $>Canonify2 $3 < @ $1 . $2 >		domain uucps
606R$+ ! $+		$@ $>Canonify2 $2 < @ $1 .UUCP >	uucp subdomains
607
608# convert node::user addresses into a domain-based address
609R$- :: $+		$@ $>Canonify2 $2 < @ $1 .DECNET >	resolve DECnet names
610R$- . $- :: $+		$@ $>Canonify2 $3 < @ $1.$2 .DECNET >	numeric DECnet addr
611
612# if we have % signs, take the rightmost one
613R$* % $*		$1 @ $2				First make them all @s.
614R$* @ $* @ $*		$1 % $2 @ $3			Undo all but the last.
615R$* @ $*		$@ $>Canonify2 $1 < @ $2 >	Insert < > and finish
616
617# else we must be a local name
618R$*			$@ $>Canonify2 $1
619
620
621################################################
622###  Ruleset 96 -- bottom half of ruleset 3  ###
623################################################
624
625SCanonify2=96
626
627# handle special cases for local names
628R$* < @ localhost > $*		$: $1 < @ $j . > $2		no domain at all
629R$* < @ localhost . $m > $*	$: $1 < @ $j . > $2		local domain
630R$* < @ localhost . UUCP > $*	$: $1 < @ $j . > $2		.UUCP domain
631
632# check for IPv4/IPv6 domain literal
633R$* < @ [ $+ ] > $*		$: $1 < @@ [ $2 ] > $3		mark [addr]
634R$* < @@ $=w > $*		$: $1 < @ $j . > $3		self-literal
635R$* < @@ $+ > $*		$@ $1 < @ $2 > $3		canon IP addr
636
637
638
639
640
641# if really UUCP, handle it immediately
642
643# try UUCP traffic as a local address
644R$* < @ $+ . UUCP > $*		$: $1 < @ $[ $2 $] . UUCP . > $3
645R$* < @ $+ . . UUCP . > $*	$@ $1 < @ $2 . > $3
646
647# hostnames ending in class P are always canonical
648R$* < @ $* $=P > $*		$: $1 < @ $2 $3 . > $4
649R$* < @ $* $~P > $*		$: $&{daemon_flags} $| $1 < @ $2 $3 > $4
650R$* CC $* $| $* < @ $+.$+ > $*	$: $3 < @ $4.$5 . > $6
651R$* CC $* $| $*			$: $3
652# pass to name server to make hostname canonical
653R$* $| $* < @ $* > $*		$: $2 < @ $[ $3 $] > $4
654R$* $| $*			$: $2
655
656# local host aliases and pseudo-domains are always canonical
657R$* < @ $=w > $*		$: $1 < @ $2 . > $3
658R$* < @ $=M > $*		$: $1 < @ $2 . > $3
659R$* < @ $* . . > $*		$1 < @ $2 . > $3
660
661
662##################################################
663###  Ruleset 4 -- Final Output Post-rewriting  ###
664##################################################
665Sfinal=4
666
667R$+ :; <@>		$@ $1 :				handle <list:;>
668R$* <@>			$@				handle <> and list:;
669
670# strip trailing dot off possibly canonical name
671R$* < @ $+ . > $*	$1 < @ $2 > $3
672
673# eliminate internal code
674R$* < @ *LOCAL* > $*	$1 < @ $j > $2
675
676# externalize local domain info
677R$* < $+ > $*		$1 $2 $3			defocus
678R@ $+ : @ $+ : $+	@ $1 , @ $2 : $3		<route-addr> canonical
679R@ $*			$@ @ $1				... and exit
680
681# UUCP must always be presented in old form
682R$+ @ $- . UUCP		$2!$1				u@h.UUCP => h!u
683
684# put DECnet back in :: form
685R$+ @ $+ . DECNET	$2 :: $1			u@h.DECNET => h::u
686# delete duplicate local names
687R$+ % $=w @ $=w		$1 @ $2				u%host@host => u@host
688
689
690
691##############################################################
692###   Ruleset 97 -- recanonicalize and call ruleset zero   ###
693###		   (used for recursive calls)		   ###
694##############################################################
695
696SRecurse=97
697R$*			$: $>canonify $1
698R$*			$@ $>parse $1
699
700
701######################################
702###   Ruleset 0 -- Parse Address   ###
703######################################
704
705Sparse=0
706
707R$*			$: $>Parse0 $1		initial parsing
708R<@>			$#local $: <@>		special case error msgs
709R$*			$: $>ParseLocal $1	handle local hacks
710R$*			$: $>Parse1 $1		final parsing
711
712#
713#  Parse0 -- do initial syntax checking and eliminate local addresses.
714#	This should either return with the (possibly modified) input
715#	or return with a #error mailer.  It should not return with a
716#	#mailer other than the #error mailer.
717#
718
719SParse0
720R<@>			$@ <@>			special case error msgs
721R$* : $* ; <@>		$#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses"
722R@ <@ $* >		< @ $1 >		catch "@@host" bogosity
723R<@ $+>			$#error $@ 5.1.3 $: "553 User address required"
724R$+ <@>			$#error $@ 5.1.3 $: "553 Hostname required"
725R$*			$: <> $1
726R<> $* < @ [ $* ] : $+ > $*	$1 < @ [ $2 ] : $3 > $4
727R<> $* < @ [ $* ] , $+ > $*	$1 < @ [ $2 ] , $3 > $4
728R<> $* < @ [ $* ] $+ > $*	$#error $@ 5.1.2 $: "553 Invalid address"
729R<> $* < @ [ $+ ] > $*		$1 < @ [ $2 ] > $3
730R<> $* <$* : $* > $*	$#error $@ 5.1.3 $: "553 Colon illegal in host name part"
731R<> $*			$1
732R$* < @ . $* > $*	$#error $@ 5.1.2 $: "553 Invalid host name"
733R$* < @ $* .. $* > $*	$#error $@ 5.1.2 $: "553 Invalid host name"
734R$* < @ $* @ > $*	$#error $@ 5.1.2 $: "553 Invalid route address"
735R$* @ $* < @ $* > $*	$#error $@ 5.1.3 $: "553 Invalid route address"
736R$* , $~O $*		$#error $@ 5.1.3 $: "553 Invalid route address"
737
738
739# now delete the local info -- note $=O to find characters that cause forwarding
740R$* < @ > $*		$@ $>Parse0 $>canonify $1	user@ => user
741R< @ $=w . > : $*	$@ $>Parse0 $>canonify $2	@here:... -> ...
742R$- < @ $=w . >		$: $(dequote $1 $) < @ $2 . >	dequote "foo"@here
743R< @ $+ >		$#error $@ 5.1.3 $: "553 User address required"
744R$* $=O $* < @ $=w . >	$@ $>Parse0 $>canonify $1 $2 $3	...@here -> ...
745R$- 			$: $(dequote $1 $) < @ *LOCAL* >	dequote "foo"
746R< @ *LOCAL* >		$#error $@ 5.1.3 $: "553 User address required"
747R$* $=O $* < @ *LOCAL* >
748			$@ $>Parse0 $>canonify $1 $2 $3	...@*LOCAL* -> ...
749R$* < @ *LOCAL* >	$: $1
750
751#
752#  Parse1 -- the bottom half of ruleset 0.
753#
754
755SParse1
756
757# handle numeric address spec
758R$* < @ [ $+ ] > $*	$: $>ParseLocal $1 < @ [ $2 ] > $3	numeric internet spec
759R$* < @ [ $+ ] > $*	$: $1 < @ [ $2 ] : $S > $3	Add smart host to path
760R$* < @ [ $+ ] : > $*		$#esmtp $@ [$2] $: $1 < @ [$2] > $3	no smarthost: send
761R$* < @ [ $+ ] : $- : $*> $*	$#$3 $@ $4 $: $1 < @ [$2] > $5	smarthost with mailer
762R$* < @ [ $+ ] : $+ > $*	$#esmtp $@ $3 $: $1 < @ [$2] > $4	smarthost without mailer
763
764
765# short circuit local delivery so forwarded email works
766
767
768R$=L < @ $=w . >	$#local $: @ $1			special local names
769R$+ < @ $=w . >		$#local $: $1			regular local name
770
771
772# resolve remotely connected UUCP links (if any)
773
774# resolve fake top level domains by forwarding to other hosts
775
776
777
778# pass names that still have a host to a smarthost (if defined)
779R$* < @ $* > $*		$: $>MailerToTriple < $S > $1 < @ $2 > $3	glue on smarthost name
780
781# deal with other remote names
782R$* < @$* > $*		$#esmtp $@ $2 $: $1 < @ $2 > $3	user@host.domain
783
784# handle locally delivered names
785R$=L			$#local $: @ $1		special local names
786R$+			$#local $: $1			regular local names
787
788###########################################################################
789###   Ruleset 5 -- special rewriting after aliases have been expanded   ###
790###########################################################################
791
792SLocal_localaddr
793Slocaladdr=5
794R$+			$: $1 $| $>"Local_localaddr" $1
795R$+ $| $#ok		$@ $1			no change
796R$+ $| $#$*		$#$2
797R$+ $| $*		$: $1
798
799
800
801
802# deal with plussed users so aliases work nicely
803R$+ + *			$#local $@ $&h $: $1
804R$+ + $*		$#local $@ + $2 $: $1 + *
805
806# prepend an empty "forward host" on the front
807R$+			$: <> $1
808
809
810
811R< > $+			$: < > < $1 <> $&h >		nope, restore +detail
812
813R< > < $+ <> + $* >	$: < > < $1 + $2 >		check whether +detail
814R< > < $+ <> $* >	$: < > < $1 >			else discard
815R< > < $+ + $* > $*	   < > < $1 > + $2 $3		find the user part
816R< > < $+ > + $*	$#local $@ $2 $: @ $1		strip the extra +
817R< > < $+ >		$@ $1				no +detail
818R$+			$: $1 <> $&h			add +detail back in
819
820R$+ <> + $*		$: $1 + $2			check whether +detail
821R$+ <> $*		$: $1				else discard
822R< local : $* > $*	$: $>MailerToTriple < local : $1 > $2	no host extension
823R< error : $* > $*	$: $>MailerToTriple < error : $1 > $2	no host extension
824
825R< $~[ : $+ > $+	$: $>MailerToTriple < $1 : $2 > $3 < @ $2 >
826
827R< $+ > $+		$@ $>MailerToTriple < $1 > $2 < @ $1 >
828
829
830###################################################################
831###  Ruleset 95 -- canonify mailer:[user@]host syntax to triple	###
832###################################################################
833
834SMailerToTriple=95
835R< > $*				$@ $1			strip off null relay
836R< error : $-.$-.$- : $+ > $* 	$#error $@ $1.$2.$3 $: $4
837R< error : $- : $+ > $*		$#error $@ $(dequote $1 $) $: $2
838R< error : $+ > $*		$#error $: $1
839R< local : $* > $*		$>CanonLocal < $1 > $2
840R< $~[ : $+ @ $+ > $*<$*>$*	$# $1 $@ $3 $: $2<@$3>	use literal user
841R< $~[ : $+ > $*		$# $1 $@ $2 $: $3	try qualified mailer
842R< $=w > $*			$@ $2			delete local host
843R< $+ > $*			$#relay $@ $1 $: $2	use unqualified mailer
844
845###################################################################
846###  Ruleset CanonLocal -- canonify local: syntax		###
847###################################################################
848
849SCanonLocal
850# strip local host from routed addresses
851R< $* > < @ $+ > : $+		$@ $>Recurse $3
852R< $* > $+ $=O $+ < @ $+ >	$@ $>Recurse $2 $3 $4
853
854# strip trailing dot from any host name that may appear
855R< $* > $* < @ $* . >		$: < $1 > $2 < @ $3 >
856
857# handle local: syntax -- use old user, either with or without host
858R< > $* < @ $* > $*		$#local $@ $1@$2 $: $1
859R< > $+				$#local $@ $1    $: $1
860
861# handle local:user@host syntax -- ignore host part
862R< $+ @ $+ > $* < @ $* >	$: < $1 > $3 < @ $4 >
863
864# handle local:user syntax
865R< $+ > $* <@ $* > $*		$#local $@ $2@$3 $: $1
866R< $+ > $* 			$#local $@ $2    $: $1
867
868###################################################################
869###  Ruleset 93 -- convert header names to masqueraded form	###
870###################################################################
871
872SMasqHdr=93
873
874
875# do not masquerade anything in class N
876R$* < @ $* $=N . >	$@ $1 < @ $2 $3 . >
877
878R$* < @ *LOCAL* >	$@ $1 < @ $j . >
879
880###################################################################
881###  Ruleset 94 -- convert envelope names to masqueraded form	###
882###################################################################
883
884SMasqEnv=94
885R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2
886
887###################################################################
888###  Ruleset 98 -- local part of ruleset zero (can be null)	###
889###################################################################
890
891SParseLocal=98
892
893
894
895
896######################################################################
897###  CanonAddr --	Convert an address into a standard form for
898###			relay checking.  Route address syntax is
899###			crudely converted into a %-hack address.
900###
901###	Parameters:
902###		$1 -- full recipient address
903###
904###	Returns:
905###		parsed address, not in source route form
906######################################################################
907
908SCanonAddr
909R$*			$: $>Parse0 $>canonify $1	make domain canonical
910
911
912######################################################################
913###  ParseRecipient --	Strip off hosts in $=R as well as possibly
914###			$* $=m or the access database.
915###			Check user portion for host separators.
916###
917###	Parameters:
918###		$1 -- full recipient address
919###
920###	Returns:
921###		parsed, non-local-relaying address
922######################################################################
923
924SParseRecipient
925R$*				$: <?> $>CanonAddr $1
926R<?> $* < @ $* . >		<?> $1 < @ $2 >			strip trailing dots
927R<?> $- < @ $* >		$: <?> $(dequote $1 $) < @ $2 >	dequote local part
928
929# if no $=O character, no host in the user portion, we are done
930R<?> $* $=O $* < @ $* >		$: <NO> $1 $2 $3 < @ $4>
931R<?> $*				$@ $1
932
933
934R<NO> $* < @ $* $=R >		$: <RELAY> $1 < @ $2 $3 >
935
936
937
938R<RELAY> $* < @ $* >		$@ $>ParseRecipient $1
939R<$+> $*			$@ $2
940
941
942######################################################################
943###  check_relay -- check hostname/address on SMTP startup
944######################################################################
945
946SLocal_check_relay
947Scheck_relay
948R$*			$: $1 $| $>"Local_check_relay" $1
949R$* $| $* $| $#$*	$#$3
950R$* $| $* $| $*		$@ $>"Basic_check_relay" $1 $| $2
951
952SBasic_check_relay
953# check for deferred delivery mode
954R$*			$: < $&{deliveryMode} > $1
955R< d > $*		$@ deferred
956R< $* > $*		$: $2
957
958
959
960
961######################################################################
962###  check_mail -- check SMTP `MAIL FROM:' command argument
963######################################################################
964
965SLocal_check_mail
966Scheck_mail
967R$*			$: $1 $| $>"Local_check_mail" $1
968R$* $| $#$*		$#$2
969R$* $| $*		$@ $>"Basic_check_mail" $1
970
971SBasic_check_mail
972# check for deferred delivery mode
973R$*			$: < $&{deliveryMode} > $1
974R< d > $*		$@ deferred
975R< $* > $*		$: $2
976
977# authenticated?
978R$*			$: $1 $| $>"tls_client" $&{verify} $| MAIL
979R$* $| $#$+		$#$2
980R$* $| $*		$: $1
981
982R<>			$@ <OK>			we MUST accept <> (RFC 1123)
983R$+			$: <?> $1
984R<?><$+>		$: <@> <$1>
985R<?>$+			$: <@> <$1>
986R$*			$: $&{daemon_flags} $| $1
987R$* f $* $| <@> < $* @ $- >	$: < ? $&{client_name} > < $3 @ $4 >
988R$* u $* $| <@> < $* >	$: <?> < $3 >
989R$* $| $*		$: $2
990# handle case of @localhost on address
991R<@> < $* @ localhost >	$: < ? $&{client_name} > < $1 @ localhost >
992R<@> < $* @ [127.0.0.1] >
993			$: < ? $&{client_name} > < $1 @ [127.0.0.1] >
994R<@> < $* @ localhost.$m >
995			$: < ? $&{client_name} > < $1 @ localhost.$m >
996R<@> < $* @ localhost.UUCP >
997			$: < ? $&{client_name} > < $1 @ localhost.UUCP >
998R<@> $*			$: $1			no localhost as domain
999R<? $=w> $*		$: $2			local client: ok
1000R<? $+> <$+>		$#error $@ 5.5.4 $: "553 Real domain name required for sender address"
1001R<?> $*			$: $1
1002R$*			$: <?> $>CanonAddr $1		canonify sender address and mark it
1003R<?> $* < @ $+ . >	<?> $1 < @ $2 >			strip trailing dots
1004# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
1005R<?> $* < @ $* $=P >	$: <OKR> $1 < @ $2 $3 >
1006R<?> $* < @ $j >	$: <OKR> $1 < @ $j >
1007R<?> $* < @ $+ >	$: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
1008R<? $* <$->> $* < @ $+ >
1009			$: <$2> $3 < @ $4 >
1010
1011
1012# handle case of no @domain on address
1013R<?> $*			$: $&{daemon_flags} $| <?> $1
1014R$* u $* $| <?> $*	$: <OKR> $3
1015R$* $| $*		$: $2
1016R<?> $*			$: < ? $&{client_addr} > $1
1017R<?> $*			$@ <OKR>			...local unqualed ok
1018R<? $+> $*		$#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f
1019							...remote is not
1020# check results
1021R<?> $*			$: @ $1		mark address: nothing known about it
1022R<$={ResOk}> $*		$@ <OKR>	domain ok: stop
1023R<TEMP> $*		$#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
1024R<PERM> $*		$#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist"
1025
1026######################################################################
1027###  check_rcpt -- check SMTP `RCPT TO:' command argument
1028######################################################################
1029
1030SLocal_check_rcpt
1031Scheck_rcpt
1032R$*			$: $1 $| $>"Local_check_rcpt" $1
1033R$* $| $#$*		$#$2
1034R$* $| $*		$@ $>"Basic_check_rcpt" $1
1035
1036SBasic_check_rcpt
1037# empty address?
1038R<>			$#error $@ nouser $: "553 User address required"
1039R$@			$#error $@ nouser $: "553 User address required"
1040# check for deferred delivery mode
1041R$*			$: < $&{deliveryMode} > $1
1042R< d > $*		$@ deferred
1043R< $* > $*		$: $2
1044
1045
1046######################################################################
1047R$*			$: $1 $| @ $>"Rcpt_ok" $1
1048R$* $| @ $#TEMP $+	$: $1 $| T $2
1049R$* $| @ $#$*		$#$2
1050R$* $| @ RELAY		$@ RELAY
1051R$* $| @ $*		$: O $| $>"Relay_ok" $1
1052R$* $| T $+		$: T $2 $| $>"Relay_ok" $1
1053R$* $| $#TEMP $+	$#error $2
1054R$* $| $#$*		$#$2
1055R$* $| RELAY		$@ RELAY
1056R T $+ $| $*		$#error $1
1057# anything else is bogus
1058R$*			$#error $@ 5.7.1 $: "550 Relaying denied"
1059
1060
1061######################################################################
1062### Rcpt_ok: is the recipient ok?
1063######################################################################
1064SRcpt_ok
1065R$*			$: $>ParseRecipient $1		strip relayable hosts
1066
1067
1068
1069
1070# authenticated via TLS?
1071R$*			$: $1 $| $>RelayTLS	client authenticated?
1072R$* $| $# $+		$# $2			error/ok?
1073R$* $| $*		$: $1			no
1074
1075R$*			$: $1 $| $>"Local_Relay_Auth" $&{auth_type}
1076R$* $| $# $*		$# $2
1077R$* $| NO		$: $1
1078R$* $| $*		$: $1 $| $&{auth_type}
1079R$* $|			$: $1
1080R$* $| $={TrustAuthMech}	$# RELAY
1081R$* $| $*		$: $1
1082# anything terminating locally is ok
1083R$+ < @ $=w >		$@ RELAY
1084R$+ < @ $* $=R >	$@ RELAY
1085
1086
1087
1088# check for local user (i.e. unqualified address)
1089R$*			$: <?> $1
1090R<?> $* < @ $+ >	$: <REMOTE> $1 < @ $2 >
1091# local user is ok
1092R<?> $+			$@ RELAY
1093R<$+> $*		$: $2
1094
1095######################################################################
1096### Relay_ok: is the relay/sender ok?
1097######################################################################
1098SRelay_ok
1099# anything originating locally is ok
1100# check IP address
1101R$*			$: $&{client_addr}
1102R$@			$@ RELAY		originated locally
1103R0			$@ RELAY		originated locally
1104R127.0.0.1		$@ RELAY		originated locally
1105RIPv6:::1		$@ RELAY		originated locally
1106R$=R $*			$@ RELAY		relayable IP address
1107R$*			$: [ $1 ]		put brackets around it...
1108R$=w			$@ RELAY		... and see if it is local
1109
1110
1111# check client name: first: did it resolve?
1112R$*			$: < $&{client_resolve} >
1113R<TEMP>			$#TEMP $@ 4.7.1 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
1114R<FORGED>		$#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
1115R<FAIL>			$#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
1116R$*			$: <@> $&{client_name}
1117# pass to name server to make hostname canonical
1118R<@> $* $=P 		$:<?>  $1 $2
1119R<@> $+			$:<?>  $[ $1 $]
1120R$* .			$1			strip trailing dots
1121R<?> $=w		$@ RELAY
1122R<?> $* $=R			$@ RELAY
1123
1124
1125
1126
1127######################################################################
1128###  trust_auth: is user trusted to authenticate as someone else?
1129###
1130###	Parameters:
1131###		$1: AUTH= parameter from MAIL command
1132######################################################################
1133
1134SLocal_trust_auth
1135Strust_auth
1136R$*			$: $&{auth_type} $| $1
1137# required by RFC 2554 section 4.
1138R$@ $| $*		$#error $@ 5.7.1 $: "550 not authenticated"
1139R$* $| $&{auth_authen}		$@ identical
1140R$* $| <$&{auth_authen}>	$@ identical
1141R$* $| $*		$: $1 $| $>"Local_trust_auth" $2
1142R$* $| $#$*		$#$2
1143R$*			$#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}
1144
1145######################################################################
1146###  Relay_Auth: allow relaying based on authentication?
1147###
1148###	Parameters:
1149###		$1: ${auth_type}
1150######################################################################
1151SLocal_Relay_Auth
1152
1153
1154
1155######################################################################
1156###  tls_client: is connection with client "good" enough?
1157###	(done in server)
1158###
1159###	Parameters:
1160###		${verify} $| (MAIL|STARTTLS)
1161######################################################################
1162Stls_client
1163R$* $| $*	$@ $>"TLS_connection" $1
1164
1165######################################################################
1166###  tls_server: is connection with server "good" enough?
1167###	(done in client)
1168###
1169###	Parameter:
1170###		${verify}
1171######################################################################
1172Stls_server
1173R$*		$@ $>"TLS_connection" $1
1174
1175######################################################################
1176###  TLS_connection: is TLS connection "good" enough?
1177###
1178###	Parameters:
1179###		${verify}
1180###		Requirement: RHS from access map, may be ? for none.
1181######################################################################
1182STLS_connection
1183RSOFTWARE	$#error $@ 4.7.0 $: "403 TLS handshake."
1184
1185
1186######################################################################
1187###  RelayTLS: allow relaying based on TLS authentication
1188###
1189###	Parameters:
1190###		none
1191######################################################################
1192SRelayTLS
1193# authenticated?
1194
1195######################################################################
1196###  authinfo: lookup authinfo in the access map
1197###
1198###	Parameters:
1199###		$1: {server_name}
1200###		$2: {server_addr}
1201######################################################################
1202Sauthinfo
1203
1204
1205
1206
1207SLocal_localaddr
1208R$+			$: $>ParseRecipient $1
1209R$* < @ $+ > $*		$#relay $@ ${MTAHost} $: $1 < @ $2 > $3
1210# DECnet
1211R$+ :: $+		$#relay $@ ${MTAHost} $: $1 :: $2
1212R$*			$#relay $@ ${MTAHost} $: $1 < @ $j >
1213#
1214######################################################################
1215######################################################################
1216#####
1217#####			MAIL FILTER DEFINITIONS
1218#####
1219######################################################################
1220######################################################################
1221
1222#
1223######################################################################
1224######################################################################
1225#####
1226#####			MAILER DEFINITIONS
1227#####
1228######################################################################
1229######################################################################
1230
1231
1232##################################################
1233###   Local and Program Mailer specification   ###
1234##################################################
1235
1236#####  $Id: local.m4,v 8.58 2000/10/26 01:58:29 ca Exp $  #####
1237
1238#
1239#  Envelope sender rewriting
1240#
1241SEnvFromL
1242R<@>			$n			errors to mailer-daemon
1243R@ <@ $*>		$n			temporarily bypass Sun bogosity
1244R$+			$: $>AddDomain $1	add local domain if needed
1245R$*			$: $>MasqEnv $1		do masquerading
1246
1247#
1248#  Envelope recipient rewriting
1249#
1250SEnvToL
1251R$+ < @ $* >		$: $1			strip host part
1252R$+ + $*		$: < $&{addr_type} > $1 + $2	mark with addr type
1253R<e s> $+ + $*		$: $1			remove +detail for sender
1254R< $* > $+		$: $2			else remove mark
1255
1256#
1257#  Header sender rewriting
1258#
1259SHdrFromL
1260R<@>			$n			errors to mailer-daemon
1261R@ <@ $*>		$n			temporarily bypass Sun bogosity
1262R$+			$: $>AddDomain $1	add local domain if needed
1263R$*			$: $>MasqHdr $1		do masquerading
1264
1265#
1266#  Header recipient rewriting
1267#
1268SHdrToL
1269R$+			$: $>AddDomain $1	add local domain if needed
1270R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2
1271
1272#
1273#  Common code to add local domain name (only if always-add-domain)
1274#
1275SAddDomain
1276
1277Mlocal,		P=[IPC], F=lmDFMuXkw5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
1278		T=DNS/RFC822/SMTP,
1279		A=TCP $h
1280Mprog,		P=[IPC], F=lmDFMuXk5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
1281		T=X-Unix/X-Unix/X-Unix,
1282		A=TCP $h
1283
1284#####################################
1285###   SMTP Mailer specification   ###
1286#####################################
1287
1288#####  $Id: smtp.m4,v 8.64 2001/04/03 01:52:54 gshapiro Exp $  #####
1289
1290#
1291#  common sender and masquerading recipient rewriting
1292#
1293SMasqSMTP
1294R$* < @ $* > $*		$@ $1 < @ $2 > $3		already fully qualified
1295R$+			$@ $1 < @ *LOCAL* >		add local qualification
1296
1297#
1298#  convert pseudo-domain addresses to real domain addresses
1299#
1300SPseudoToReal
1301
1302# pass <route-addr>s through
1303R< @ $+ > $*		$@ < @ $1 > $2			resolve <route-addr>
1304
1305# output fake domains as user%fake@relay
1306
1307# do UUCP heuristics; note that these are shared with UUCP mailers
1308R$+ < @ $+ .UUCP. >	$: < $2 ! > $1			convert to UUCP form
1309R$+ < @ $* > $*		$@ $1 < @ $2 > $3		not UUCP form
1310
1311# leave these in .UUCP form to avoid further tampering
1312R< $&h ! > $- ! $+	$@ $2 < @ $1 .UUCP. >
1313R< $&h ! > $-.$+ ! $+	$@ $3 < @ $1.$2 >
1314R< $&h ! > $+		$@ $1 < @ $&h .UUCP. >
1315R< $+ ! > $+		$: $1 ! $2 < @ $Y >		use UUCP_RELAY
1316R$+ < @ $~[ $* : $+ >	$@ $1 < @ $4 >			strip mailer: part
1317R$+ < @ >		$: $1 < @ *LOCAL* >		if no UUCP_RELAY
1318
1319
1320#
1321#  envelope sender rewriting
1322#
1323SEnvFromSMTP
1324R$+			$: $>PseudoToReal $1		sender/recipient common
1325R$* :; <@>		$@				list:; special case
1326R$*			$: $>MasqSMTP $1		qualify unqual'ed names
1327R$+			$: $>MasqEnv $1			do masquerading
1328
1329
1330#
1331#  envelope recipient rewriting --
1332#  also header recipient if not masquerading recipients
1333#
1334SEnvToSMTP
1335R$+			$: $>PseudoToReal $1		sender/recipient common
1336R$+			$: $>MasqSMTP $1		qualify unqual'ed names
1337R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2
1338
1339#
1340#  header sender and masquerading header recipient rewriting
1341#
1342SHdrFromSMTP
1343R$+			$: $>PseudoToReal $1		sender/recipient common
1344R:; <@>			$@				list:; special case
1345
1346# do special header rewriting
1347R$* <@> $*		$@ $1 <@> $2			pass null host through
1348R< @ $* > $*		$@ < @ $1 > $2			pass route-addr through
1349R$*			$: $>MasqSMTP $1		qualify unqual'ed names
1350R$+			$: $>MasqHdr $1			do masquerading
1351
1352
1353#
1354#  relay mailer header masquerading recipient rewriting
1355#
1356SMasqRelay
1357R$+			$: $>MasqSMTP $1
1358R$+			$: $>MasqHdr $1
1359
1360Msmtp,		P=[IPC], F=mDFMuXk5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1361		T=DNS/RFC822/SMTP,
1362		A=TCP $h
1363Mesmtp,		P=[IPC], F=mDFMuXak5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1364		T=DNS/RFC822/SMTP,
1365		A=TCP $h
1366Msmtp8,		P=[IPC], F=mDFMuX8k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1367		T=DNS/RFC822/SMTP,
1368		A=TCP $h
1369Mdsmtp,		P=[IPC], F=mDFMuXa%k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1370		T=DNS/RFC822/SMTP,
1371		A=TCP $h
1372Mrelay,		P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040,
1373		T=DNS/RFC822/SMTP,
1374		A=TCP $h
1375
1376