| 3 |
- |
1 |
#
|
|
|
2 |
# Copyright (c) 1998-2004, 2009 Sendmail, Inc. and its suppliers.
|
|
|
3 |
# All rights reserved.
|
|
|
4 |
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
|
|
|
5 |
# Copyright (c) 1988, 1993
|
|
|
6 |
# The Regents of the University of California. All rights reserved.
|
|
|
7 |
#
|
|
|
8 |
# By using this file, you agree to the terms and conditions set
|
|
|
9 |
# forth in the LICENSE file which can be found at the top level of
|
|
|
10 |
# the sendmail distribution.
|
|
|
11 |
#
|
|
|
12 |
#
|
|
|
13 |
|
|
|
14 |
######################################################################
|
|
|
15 |
######################################################################
|
|
|
16 |
#####
|
|
|
17 |
##### SENDMAIL CONFIGURATION FILE
|
|
|
18 |
#####
|
|
|
19 |
######################################################################
|
|
|
20 |
#####
|
|
|
21 |
##### DO NOT EDIT THIS FILE! Only edit the source .mc file.
|
|
|
22 |
#####
|
|
|
23 |
######################################################################
|
|
|
24 |
######################################################################
|
|
|
25 |
|
|
|
26 |
##### $Id: cfhead.m4,v 8.120 2009/01/23 22:39:21 ca Exp $ #####
|
|
|
27 |
##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ #####
|
|
|
28 |
##### linux setup #####
|
|
|
29 |
##### $Id: use_ct_file.m4,v 8.11 2001/08/26 20:58:57 gshapiro Exp $ #####
|
|
|
30 |
|
|
|
31 |
##### $Id: msp.m4,v 1.33 2004/02/09 22:32:38 ca Exp $ #####
|
|
|
32 |
|
|
|
33 |
##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ #####
|
|
|
34 |
|
|
|
35 |
|
|
|
36 |
##### $Id: proto.m4,v 8.741 2009/12/11 00:04:53 ca Exp $ #####
|
|
|
37 |
|
|
|
38 |
# level 10 config file format
|
|
|
39 |
V10/Berkeley
|
|
|
40 |
|
|
|
41 |
# override file safeties - setting this option compromises system security,
|
|
|
42 |
# addressing the actual file configuration problem is preferred
|
|
|
43 |
# need to set this before any file actions are encountered in the cf file
|
|
|
44 |
#O DontBlameSendmail=safe
|
|
|
45 |
|
|
|
46 |
# default LDAP map specification
|
|
|
47 |
# need to set this now before any LDAP maps are defined
|
|
|
48 |
#O LDAPDefaultSpec=-h localhost
|
|
|
49 |
|
|
|
50 |
##################
|
|
|
51 |
# local info #
|
|
|
52 |
##################
|
|
|
53 |
|
|
|
54 |
# my LDAP cluster
|
|
|
55 |
# need to set this before any LDAP lookups are done (including classes)
|
|
|
56 |
#D{sendmailMTACluster}$m
|
|
|
57 |
|
|
|
58 |
Cwlocalhost
|
|
|
59 |
|
|
|
60 |
# my official domain name
|
|
|
61 |
# ... define this only if sendmail cannot automatically determine your domain
|
|
|
62 |
#Dj$w.Foo.COM
|
|
|
63 |
|
|
|
64 |
# host/domain names ending with a token in class P are canonical
|
|
|
65 |
CP.
|
|
|
66 |
|
|
|
67 |
# "Smart" relay host (may be null)
|
|
|
68 |
DS
|
|
|
69 |
|
|
|
70 |
|
|
|
71 |
# operators that cannot be in local usernames (i.e., network indicators)
|
|
|
72 |
CO @ % !
|
|
|
73 |
|
|
|
74 |
# a class with just dot (for identifying canonical names)
|
|
|
75 |
C..
|
|
|
76 |
|
|
|
77 |
# a class with just a left bracket (for identifying domain literals)
|
|
|
78 |
C[[
|
|
|
79 |
|
|
|
80 |
|
|
|
81 |
# Resolve map (to check if a host exists in check_mail)
|
|
|
82 |
Kresolve host -a<OKR> -T<TEMP>
|
|
|
83 |
C{ResOk}OKR
|
|
|
84 |
|
|
|
85 |
|
|
|
86 |
# Hosts for which relaying is permitted ($=R)
|
|
|
87 |
FR-o /etc/mail/relay-domains
|
|
|
88 |
|
|
|
89 |
# arithmetic map
|
|
|
90 |
Karith arith
|
|
|
91 |
|
|
|
92 |
|
|
|
93 |
|
|
|
94 |
|
|
|
95 |
|
|
|
96 |
# dequoting map
|
|
|
97 |
Kdequote dequote
|
|
|
98 |
|
|
|
99 |
# class E: names that should be exposed as from this host, even if we masquerade
|
|
|
100 |
# class L: names that should be delivered locally, even if we have a relay
|
|
|
101 |
# class M: domains that should be converted to $M
|
|
|
102 |
# class N: domains that should not be converted to $M
|
|
|
103 |
#CL root
|
|
|
104 |
|
|
|
105 |
|
|
|
106 |
|
|
|
107 |
# my name for error messages
|
|
|
108 |
DnMAILER-DAEMON
|
|
|
109 |
|
|
|
110 |
|
|
|
111 |
D{MTAHost}[127.0.0.1]
|
|
|
112 |
|
|
|
113 |
|
|
|
114 |
# Configuration version number
|
|
|
115 |
DZ8.14.4/Submit
|
|
|
116 |
|
|
|
117 |
|
|
|
118 |
###############
|
|
|
119 |
# Options #
|
|
|
120 |
###############
|
|
|
121 |
|
|
|
122 |
# strip message body to 7 bits on input?
|
|
|
123 |
O SevenBitInput=False
|
|
|
124 |
|
|
|
125 |
# 8-bit data handling
|
|
|
126 |
#O EightBitMode=pass8
|
|
|
127 |
|
|
|
128 |
# wait for alias file rebuild (default units: minutes)
|
|
|
129 |
O AliasWait=10
|
|
|
130 |
|
|
|
131 |
# location of alias file
|
|
|
132 |
#O AliasFile=/etc/mail/aliases
|
|
|
133 |
|
|
|
134 |
# minimum number of free blocks on filesystem
|
|
|
135 |
O MinFreeBlocks=100
|
|
|
136 |
|
|
|
137 |
# maximum message size
|
|
|
138 |
#O MaxMessageSize=0
|
|
|
139 |
|
|
|
140 |
# substitution for space (blank) characters
|
|
|
141 |
O BlankSub=.
|
|
|
142 |
|
|
|
143 |
# avoid connecting to "expensive" mailers on initial submission?
|
|
|
144 |
O HoldExpensive=False
|
|
|
145 |
|
|
|
146 |
# checkpoint queue runs after every N successful deliveries
|
|
|
147 |
#O CheckpointInterval=10
|
|
|
148 |
|
|
|
149 |
# default delivery mode
|
|
|
150 |
O DeliveryMode=i
|
|
|
151 |
|
|
|
152 |
# error message header/file
|
|
|
153 |
#O ErrorHeader=/etc/mail/error-header
|
|
|
154 |
|
|
|
155 |
# error mode
|
|
|
156 |
#O ErrorMode=print
|
|
|
157 |
|
|
|
158 |
# save Unix-style "From_" lines at top of header?
|
|
|
159 |
#O SaveFromLine=False
|
|
|
160 |
|
|
|
161 |
# queue file mode (qf files)
|
|
|
162 |
O QueueFileMode=0660
|
|
|
163 |
|
|
|
164 |
# temporary file mode
|
|
|
165 |
O TempFileMode=0600
|
|
|
166 |
|
|
|
167 |
# match recipients against GECOS field?
|
|
|
168 |
#O MatchGECOS=False
|
|
|
169 |
|
|
|
170 |
# maximum hop count
|
|
|
171 |
#O MaxHopCount=25
|
|
|
172 |
|
|
|
173 |
# location of help file
|
|
|
174 |
O HelpFile=/etc/mail/helpfile
|
|
|
175 |
|
|
|
176 |
# ignore dots as terminators in incoming messages?
|
|
|
177 |
#O IgnoreDots=False
|
|
|
178 |
|
|
|
179 |
# name resolver options
|
|
|
180 |
#O ResolverOptions=+AAONLY
|
|
|
181 |
|
|
|
182 |
# deliver MIME-encapsulated error messages?
|
|
|
183 |
O SendMimeErrors=True
|
|
|
184 |
|
|
|
185 |
# Forward file search path
|
|
|
186 |
O ForwardPath
|
|
|
187 |
|
|
|
188 |
# open connection cache size
|
|
|
189 |
O ConnectionCacheSize=2
|
|
|
190 |
|
|
|
191 |
# open connection cache timeout
|
|
|
192 |
O ConnectionCacheTimeout=5m
|
|
|
193 |
|
|
|
194 |
# persistent host status directory
|
|
|
195 |
#O HostStatusDirectory=.hoststat
|
|
|
196 |
|
|
|
197 |
# single thread deliveries (requires HostStatusDirectory)?
|
|
|
198 |
#O SingleThreadDelivery=False
|
|
|
199 |
|
|
|
200 |
# use Errors-To: header?
|
|
|
201 |
O UseErrorsTo=False
|
|
|
202 |
|
|
|
203 |
# log level
|
|
|
204 |
O LogLevel=9
|
|
|
205 |
|
|
|
206 |
# send to me too, even in an alias expansion?
|
|
|
207 |
#O MeToo=True
|
|
|
208 |
|
|
|
209 |
# verify RHS in newaliases?
|
|
|
210 |
O CheckAliases=False
|
|
|
211 |
|
|
|
212 |
# default messages to old style headers if no special punctuation?
|
|
|
213 |
O OldStyleHeaders=True
|
|
|
214 |
|
|
|
215 |
# SMTP daemon options
|
|
|
216 |
|
|
|
217 |
O DaemonPortOptions=Name=NoMTA, Addr=127.0.0.1, M=E
|
|
|
218 |
|
|
|
219 |
# SMTP client options
|
|
|
220 |
#O ClientPortOptions=Family=inet, Address=0.0.0.0
|
|
|
221 |
|
|
|
222 |
# Modifiers to define {daemon_flags} for direct submissions
|
|
|
223 |
#O DirectSubmissionModifiers
|
|
|
224 |
|
|
|
225 |
# Use as mail submission program? See sendmail/SECURITY
|
|
|
226 |
O UseMSP=True
|
|
|
227 |
|
|
|
228 |
# privacy flags
|
|
|
229 |
O PrivacyOptions=goaway,noetrn,restrictqrun
|
|
|
230 |
|
|
|
231 |
# who (if anyone) should get extra copies of error messages
|
|
|
232 |
#O PostmasterCopy=Postmaster
|
|
|
233 |
|
|
|
234 |
# slope of queue-only function
|
|
|
235 |
#O QueueFactor=600000
|
|
|
236 |
|
|
|
237 |
# limit on number of concurrent queue runners
|
|
|
238 |
#O MaxQueueChildren
|
|
|
239 |
|
|
|
240 |
# maximum number of queue-runners per queue-grouping with multiple queues
|
|
|
241 |
#O MaxRunnersPerQueue=1
|
|
|
242 |
|
|
|
243 |
# priority of queue runners (nice(3))
|
|
|
244 |
#O NiceQueueRun
|
|
|
245 |
|
|
|
246 |
# shall we sort the queue by hostname first?
|
|
|
247 |
#O QueueSortOrder=priority
|
|
|
248 |
|
|
|
249 |
# minimum time in queue before retry
|
|
|
250 |
#O MinQueueAge=30m
|
|
|
251 |
|
|
|
252 |
# how many jobs can you process in the queue?
|
|
|
253 |
#O MaxQueueRunSize=0
|
|
|
254 |
|
|
|
255 |
# perform initial split of envelope without checking MX records
|
|
|
256 |
#O FastSplit=1
|
|
|
257 |
|
|
|
258 |
# queue directory
|
|
|
259 |
O QueueDirectory=/var/spool/clientmqueue
|
|
|
260 |
|
|
|
261 |
# key for shared memory; 0 to turn off, -1 to auto-select
|
|
|
262 |
#O SharedMemoryKey=0
|
|
|
263 |
|
|
|
264 |
# file to store auto-selected key for shared memory (SharedMemoryKey = -1)
|
|
|
265 |
#O SharedMemoryKeyFile
|
|
|
266 |
|
|
|
267 |
# timeouts (many of these)
|
|
|
268 |
#O Timeout.initial=5m
|
|
|
269 |
#O Timeout.connect=5m
|
|
|
270 |
#O Timeout.aconnect=0s
|
|
|
271 |
#O Timeout.iconnect=5m
|
|
|
272 |
#O Timeout.helo=5m
|
|
|
273 |
#O Timeout.mail=10m
|
|
|
274 |
#O Timeout.rcpt=1h
|
|
|
275 |
#O Timeout.datainit=5m
|
|
|
276 |
#O Timeout.datablock=1h
|
|
|
277 |
#O Timeout.datafinal=1h
|
|
|
278 |
#O Timeout.rset=5m
|
|
|
279 |
#O Timeout.quit=2m
|
|
|
280 |
#O Timeout.misc=2m
|
|
|
281 |
#O Timeout.command=1h
|
|
|
282 |
#O Timeout.ident=5s
|
|
|
283 |
#O Timeout.fileopen=60s
|
|
|
284 |
#O Timeout.control=2m
|
|
|
285 |
O Timeout.queuereturn=5d
|
|
|
286 |
#O Timeout.queuereturn.normal=5d
|
|
|
287 |
#O Timeout.queuereturn.urgent=2d
|
|
|
288 |
#O Timeout.queuereturn.non-urgent=7d
|
|
|
289 |
#O Timeout.queuereturn.dsn=5d
|
|
|
290 |
O Timeout.queuewarn=4h
|
|
|
291 |
#O Timeout.queuewarn.normal=4h
|
|
|
292 |
#O Timeout.queuewarn.urgent=1h
|
|
|
293 |
#O Timeout.queuewarn.non-urgent=12h
|
|
|
294 |
#O Timeout.queuewarn.dsn=4h
|
|
|
295 |
#O Timeout.hoststatus=30m
|
|
|
296 |
#O Timeout.resolver.retrans=5s
|
|
|
297 |
#O Timeout.resolver.retrans.first=5s
|
|
|
298 |
#O Timeout.resolver.retrans.normal=5s
|
|
|
299 |
#O Timeout.resolver.retry=4
|
|
|
300 |
#O Timeout.resolver.retry.first=4
|
|
|
301 |
#O Timeout.resolver.retry.normal=4
|
|
|
302 |
#O Timeout.lhlo=2m
|
|
|
303 |
#O Timeout.auth=10m
|
|
|
304 |
#O Timeout.starttls=1h
|
|
|
305 |
|
|
|
306 |
# time for DeliverBy; extension disabled if less than 0
|
|
|
307 |
#O DeliverByMin=0
|
|
|
308 |
|
|
|
309 |
# should we not prune routes in route-addr syntax addresses?
|
|
|
310 |
#O DontPruneRoutes=False
|
|
|
311 |
|
|
|
312 |
# queue up everything before forking?
|
|
|
313 |
O SuperSafe=True
|
|
|
314 |
|
|
|
315 |
# status file
|
|
|
316 |
O StatusFile=/var/spool/clientmqueue/sm-client.st
|
|
|
317 |
|
|
|
318 |
# time zone handling:
|
|
|
319 |
# if undefined, use system default
|
|
|
320 |
# if defined but null, use TZ envariable passed in
|
|
|
321 |
# if defined and non-null, use that info
|
|
|
322 |
O TimeZoneSpec=
|
|
|
323 |
|
|
|
324 |
# default UID (can be username or userid:groupid)
|
|
|
325 |
#O DefaultUser=mailnull
|
|
|
326 |
|
|
|
327 |
# list of locations of user database file (null means no lookup)
|
|
|
328 |
#O UserDatabaseSpec=/etc/mail/userdb
|
|
|
329 |
|
|
|
330 |
# fallback MX host
|
|
|
331 |
#O FallbackMXhost=fall.back.host.net
|
|
|
332 |
|
|
|
333 |
# fallback smart host
|
|
|
334 |
#O FallbackSmartHost=fall.back.host.net
|
|
|
335 |
|
|
|
336 |
# if we are the best MX host for a site, try it directly instead of config err
|
|
|
337 |
#O TryNullMXList=False
|
|
|
338 |
|
|
|
339 |
# load average at which we just queue messages
|
|
|
340 |
#O QueueLA=8
|
|
|
341 |
|
|
|
342 |
# load average at which we refuse connections
|
|
|
343 |
#O RefuseLA=12
|
|
|
344 |
|
|
|
345 |
# log interval when refusing connections for this long
|
|
|
346 |
#O RejectLogInterval=3h
|
|
|
347 |
|
|
|
348 |
# load average at which we delay connections; 0 means no limit
|
|
|
349 |
#O DelayLA=0
|
|
|
350 |
|
|
|
351 |
# maximum number of children we allow at one time
|
|
|
352 |
#O MaxDaemonChildren=0
|
|
|
353 |
|
|
|
354 |
# maximum number of new connections per second
|
|
|
355 |
#O ConnectionRateThrottle=0
|
|
|
356 |
|
|
|
357 |
# Width of the window
|
|
|
358 |
#O ConnectionRateWindowSize=60s
|
|
|
359 |
|
|
|
360 |
# work recipient factor
|
|
|
361 |
#O RecipientFactor=30000
|
|
|
362 |
|
|
|
363 |
# deliver each queued job in a separate process?
|
|
|
364 |
#O ForkEachJob=False
|
|
|
365 |
|
|
|
366 |
# work class factor
|
|
|
367 |
#O ClassFactor=1800
|
|
|
368 |
|
|
|
369 |
# work time factor
|
|
|
370 |
#O RetryFactor=90000
|
|
|
371 |
|
|
|
372 |
# default character set
|
|
|
373 |
#O DefaultCharSet=unknown-8bit
|
|
|
374 |
|
|
|
375 |
# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others)
|
|
|
376 |
#O ServiceSwitchFile=/etc/mail/service.switch
|
|
|
377 |
|
|
|
378 |
# hosts file (normally /etc/hosts)
|
|
|
379 |
#O HostsFile=/etc/hosts
|
|
|
380 |
|
|
|
381 |
# dialup line delay on connection failure
|
|
|
382 |
#O DialDelay=0s
|
|
|
383 |
|
|
|
384 |
# action to take if there are no recipients in the message
|
|
|
385 |
#O NoRecipientAction=none
|
|
|
386 |
|
|
|
387 |
# chrooted environment for writing to files
|
|
|
388 |
#O SafeFileEnvironment
|
|
|
389 |
|
|
|
390 |
# are colons OK in addresses?
|
|
|
391 |
#O ColonOkInAddr=True
|
|
|
392 |
|
|
|
393 |
# shall I avoid expanding CNAMEs (violates protocols)?
|
|
|
394 |
#O DontExpandCnames=False
|
|
|
395 |
|
|
|
396 |
# SMTP initial login message (old $e macro)
|
|
|
397 |
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b
|
|
|
398 |
|
|
|
399 |
# UNIX initial From header format (old $l macro)
|
|
|
400 |
O UnixFromLine=From $g $d
|
|
|
401 |
|
|
|
402 |
# From: lines that have embedded newlines are unwrapped onto one line
|
|
|
403 |
#O SingleLineFromHeader=False
|
|
|
404 |
|
|
|
405 |
# Allow HELO SMTP command that does not include a host name
|
|
|
406 |
#O AllowBogusHELO=False
|
|
|
407 |
|
|
|
408 |
# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
|
|
|
409 |
#O MustQuoteChars=.
|
|
|
410 |
|
|
|
411 |
# delimiter (operator) characters (old $o macro)
|
|
|
412 |
O OperatorChars=.:%@!^/[]+
|
|
|
413 |
|
|
|
414 |
# shall I avoid calling initgroups(3) because of high NIS costs?
|
|
|
415 |
O DontInitGroups=True
|
|
|
416 |
|
|
|
417 |
# are group-writable :include: and .forward files (un)trustworthy?
|
|
|
418 |
# True (the default) means they are not trustworthy.
|
|
|
419 |
#O UnsafeGroupWrites=True
|
|
|
420 |
|
|
|
421 |
|
|
|
422 |
# where do errors that occur when sending errors get sent?
|
|
|
423 |
#O DoubleBounceAddress=postmaster
|
|
|
424 |
|
|
|
425 |
# issue temporary errors (4xy) instead of permanent errors (5xy)?
|
|
|
426 |
#O SoftBounce=False
|
|
|
427 |
|
|
|
428 |
# where to save bounces if all else fails
|
|
|
429 |
#O DeadLetterDrop=/var/tmp/dead.letter
|
|
|
430 |
|
|
|
431 |
# what user id do we assume for the majority of the processing?
|
|
|
432 |
O RunAsUser=smmsp
|
|
|
433 |
|
|
|
434 |
# maximum number of recipients per SMTP envelope
|
|
|
435 |
#O MaxRecipientsPerMessage=0
|
|
|
436 |
|
|
|
437 |
# limit the rate recipients per SMTP envelope are accepted
|
|
|
438 |
# once the threshold number of recipients have been rejected
|
|
|
439 |
#O BadRcptThrottle=0
|
|
|
440 |
|
|
|
441 |
|
|
|
442 |
# shall we get local names from our installed interfaces?
|
|
|
443 |
O DontProbeInterfaces=True
|
|
|
444 |
|
|
|
445 |
# Return-Receipt-To: header implies DSN request
|
|
|
446 |
#O RrtImpliesDsn=False
|
|
|
447 |
|
|
|
448 |
# override connection address (for testing)
|
|
|
449 |
#O ConnectOnlyTo=0.0.0.0
|
|
|
450 |
|
|
|
451 |
# Trusted user for file ownership and starting the daemon
|
|
|
452 |
O TrustedUser=smmsp
|
|
|
453 |
|
|
|
454 |
# Control socket for daemon management
|
|
|
455 |
#O ControlSocketName=/var/spool/mqueue/.control
|
|
|
456 |
|
|
|
457 |
# Maximum MIME header length to protect MUAs
|
|
|
458 |
#O MaxMimeHeaderLength=0/0
|
|
|
459 |
|
|
|
460 |
# Maximum length of the sum of all headers
|
|
|
461 |
#O MaxHeadersLength=32768
|
|
|
462 |
|
|
|
463 |
# Maximum depth of alias recursion
|
|
|
464 |
#O MaxAliasRecursion=10
|
|
|
465 |
|
|
|
466 |
# location of pid file
|
|
|
467 |
O PidFile=/var/run/sm-client.pid
|
|
|
468 |
|
|
|
469 |
# Prefix string for the process title shown on 'ps' listings
|
|
|
470 |
#O ProcessTitlePrefix=prefix
|
|
|
471 |
|
|
|
472 |
# Data file (df) memory-buffer file maximum size
|
|
|
473 |
#O DataFileBufferSize=4096
|
|
|
474 |
|
|
|
475 |
# Transcript file (xf) memory-buffer file maximum size
|
|
|
476 |
#O XscriptFileBufferSize=4096
|
|
|
477 |
|
|
|
478 |
# lookup type to find information about local mailboxes
|
|
|
479 |
#O MailboxDatabase=pw
|
|
|
480 |
|
|
|
481 |
# override compile time flag REQUIRES_DIR_FSYNC
|
|
|
482 |
#O RequiresDirfsync=true
|
|
|
483 |
|
|
|
484 |
# list of authentication mechanisms
|
|
|
485 |
#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
|
|
|
486 |
|
|
|
487 |
# Authentication realm
|
|
|
488 |
#O AuthRealm
|
|
|
489 |
|
|
|
490 |
# default authentication information for outgoing connections
|
|
|
491 |
#O DefaultAuthInfo=/etc/mail/default-auth-info
|
|
|
492 |
|
|
|
493 |
# SMTP AUTH flags
|
|
|
494 |
#O AuthOptions
|
|
|
495 |
|
|
|
496 |
# SMTP AUTH maximum encryption strength
|
|
|
497 |
#O AuthMaxBits
|
|
|
498 |
|
|
|
499 |
# SMTP STARTTLS server options
|
|
|
500 |
#O TLSSrvOptions
|
|
|
501 |
|
|
|
502 |
|
|
|
503 |
# Input mail filters
|
|
|
504 |
#O InputMailFilters
|
|
|
505 |
|
|
|
506 |
|
|
|
507 |
# CA directory
|
|
|
508 |
#O CACertPath
|
|
|
509 |
# CA file
|
|
|
510 |
#O CACertFile
|
|
|
511 |
# Server Cert
|
|
|
512 |
#O ServerCertFile
|
|
|
513 |
# Server private key
|
|
|
514 |
#O ServerKeyFile
|
|
|
515 |
# Client Cert
|
|
|
516 |
#O ClientCertFile
|
|
|
517 |
# Client private key
|
|
|
518 |
#O ClientKeyFile
|
|
|
519 |
# File containing certificate revocation lists
|
|
|
520 |
#O CRLFile
|
|
|
521 |
# DHParameters (only required if DSA/DH is used)
|
|
|
522 |
#O DHParameters
|
|
|
523 |
# Random data source (required for systems without /dev/urandom under OpenSSL)
|
|
|
524 |
#O RandFile
|
|
|
525 |
|
|
|
526 |
# Maximum number of "useless" commands before slowing down
|
|
|
527 |
#O MaxNOOPCommands=20
|
|
|
528 |
|
|
|
529 |
# Name to use for EHLO (defaults to $j)
|
|
|
530 |
#O HeloName
|
|
|
531 |
|
|
|
532 |
############################
|
|
|
533 |
# QUEUE GROUP DEFINITIONS #
|
|
|
534 |
############################
|
|
|
535 |
|
|
|
536 |
|
|
|
537 |
###########################
|
|
|
538 |
# Message precedences #
|
|
|
539 |
###########################
|
|
|
540 |
|
|
|
541 |
Pfirst-class=0
|
|
|
542 |
Pspecial-delivery=100
|
|
|
543 |
Plist=-30
|
|
|
544 |
Pbulk=-60
|
|
|
545 |
Pjunk=-100
|
|
|
546 |
|
|
|
547 |
#####################
|
|
|
548 |
# Trusted users #
|
|
|
549 |
#####################
|
|
|
550 |
|
|
|
551 |
# this is equivalent to setting class "t"
|
|
|
552 |
Ft/etc/mail/trusted-users
|
|
|
553 |
Troot
|
|
|
554 |
Tdaemon
|
|
|
555 |
Tuucp
|
|
|
556 |
|
|
|
557 |
#########################
|
|
|
558 |
# Format of headers #
|
|
|
559 |
#########################
|
|
|
560 |
|
|
|
561 |
H?P?Return-Path: <$g>
|
|
|
562 |
HReceived: $?sfrom $s $.$?_($?s$|from $.$_)
|
|
|
563 |
$.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.)
|
|
|
564 |
$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}
|
|
|
565 |
(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u
|
|
|
566 |
for $u; $|;
|
|
|
567 |
$.$b
|
|
|
568 |
H?D?Resent-Date: $a
|
|
|
569 |
H?D?Date: $a
|
|
|
570 |
H?F?Resent-From: $?x$x <$g>$|$g$.
|
|
|
571 |
H?F?From: $?x$x <$g>$|$g$.
|
|
|
572 |
H?x?Full-Name: $x
|
|
|
573 |
# HPosted-Date: $a
|
|
|
574 |
# H?l?Received-Date: $b
|
|
|
575 |
H?M?Resent-Message-Id: <$t.$i@$j>
|
|
|
576 |
H?M?Message-Id: <$t.$i@$j>
|
|
|
577 |
|
|
|
578 |
#�
|
|
|
579 |
######################################################################
|
|
|
580 |
######################################################################
|
|
|
581 |
#####
|
|
|
582 |
##### REWRITING RULES
|
|
|
583 |
#####
|
|
|
584 |
######################################################################
|
|
|
585 |
######################################################################
|
|
|
586 |
|
|
|
587 |
############################################
|
|
|
588 |
### Ruleset 3 -- Name Canonicalization ###
|
|
|
589 |
############################################
|
|
|
590 |
Scanonify=3
|
|
|
591 |
|
|
|
592 |
# handle null input (translate to <@> special case)
|
|
|
593 |
R$@ $@ <@>
|
|
|
594 |
|
|
|
595 |
# strip group: syntax (not inside angle brackets!) and trailing semicolon
|
|
|
596 |
R$* $: $1 <@> mark addresses
|
|
|
597 |
R$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr>
|
|
|
598 |
R@ $* <@> $: @ $1 unmark @host:...
|
|
|
599 |
R$* [ IPv6 : $+ ] <@> $: $1 [ IPv6 : $2 ] unmark IPv6 addr
|
|
|
600 |
R$* :: $* <@> $: $1 :: $2 unmark node::addr
|
|
|
601 |
R:include: $* <@> $: :include: $1 unmark :include:...
|
|
|
602 |
R$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon
|
|
|
603 |
R$* : $* <@> $: $2 strip colon if marked
|
|
|
604 |
R$* <@> $: $1 unmark
|
|
|
605 |
R$* ; $1 strip trailing semi
|
|
|
606 |
R$* < $+ :; > $* $@ $2 :; <@> catch <list:;>
|
|
|
607 |
R$* < $* ; > $1 < $2 > bogus bracketed semi
|
|
|
608 |
|
|
|
609 |
# null input now results from list:; syntax
|
|
|
610 |
R$@ $@ :; <@>
|
|
|
611 |
|
|
|
612 |
# strip angle brackets -- note RFC733 heuristic to get innermost item
|
|
|
613 |
R$* $: < $1 > housekeeping <>
|
|
|
614 |
R$+ < $* > < $2 > strip excess on left
|
|
|
615 |
R< $* > $+ < $1 > strip excess on right
|
|
|
616 |
R<> $@ < @ > MAIL FROM:<> case
|
|
|
617 |
R< $+ > $: $1 remove housekeeping <>
|
|
|
618 |
|
|
|
619 |
# strip route address <@a,@b,@c:user@d> -> <user@d>
|
|
|
620 |
R@ $+ , $+ $2
|
|
|
621 |
R@ [ $* ] : $+ $2
|
|
|
622 |
R@ $+ : $+ $2
|
|
|
623 |
|
|
|
624 |
# find focus for list syntax
|
|
|
625 |
R $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax
|
|
|
626 |
R $+ : $* ; $@ $1 : $2; list syntax
|
|
|
627 |
|
|
|
628 |
# find focus for @ syntax addresses
|
|
|
629 |
R$+ @ $+ $: $1 < @ $2 > focus on domain
|
|
|
630 |
R$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right
|
|
|
631 |
R$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical
|
|
|
632 |
|
|
|
633 |
|
|
|
634 |
# convert old-style addresses to a domain-based address
|
|
|
635 |
R$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names
|
|
|
636 |
R$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps
|
|
|
637 |
R$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains
|
|
|
638 |
|
|
|
639 |
# convert node::user addresses into a domain-based address
|
|
|
640 |
R$- :: $+ $@ $>Canonify2 $2 < @ $1 .DECNET > resolve DECnet names
|
|
|
641 |
R$- . $- :: $+ $@ $>Canonify2 $3 < @ $1.$2 .DECNET > numeric DECnet addr
|
|
|
642 |
|
|
|
643 |
# if we have % signs, take the rightmost one
|
|
|
644 |
R$* % $* $1 @ $2 First make them all @s.
|
|
|
645 |
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
|
|
|
646 |
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
|
|
|
647 |
|
|
|
648 |
# else we must be a local name
|
|
|
649 |
R$* $@ $>Canonify2 $1
|
|
|
650 |
|
|
|
651 |
|
|
|
652 |
################################################
|
|
|
653 |
### Ruleset 96 -- bottom half of ruleset 3 ###
|
|
|
654 |
################################################
|
|
|
655 |
|
|
|
656 |
SCanonify2=96
|
|
|
657 |
|
|
|
658 |
# handle special cases for local names
|
|
|
659 |
R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all
|
|
|
660 |
R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain
|
|
|
661 |
R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain
|
|
|
662 |
|
|
|
663 |
# check for IPv4/IPv6 domain literal
|
|
|
664 |
R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr]
|
|
|
665 |
R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal
|
|
|
666 |
R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr
|
|
|
667 |
|
|
|
668 |
|
|
|
669 |
|
|
|
670 |
|
|
|
671 |
|
|
|
672 |
# if really UUCP, handle it immediately
|
|
|
673 |
|
|
|
674 |
# try UUCP traffic as a local address
|
|
|
675 |
R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3
|
|
|
676 |
R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3
|
|
|
677 |
|
|
|
678 |
# hostnames ending in class P are always canonical
|
|
|
679 |
R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4
|
|
|
680 |
R$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4
|
|
|
681 |
R$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6
|
|
|
682 |
R$* CC $* $| $* $: $3
|
|
|
683 |
# pass to name server to make hostname canonical
|
|
|
684 |
R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4
|
|
|
685 |
R$* $| $* $: $2
|
|
|
686 |
|
|
|
687 |
# local host aliases and pseudo-domains are always canonical
|
|
|
688 |
R$* < @ $=w > $* $: $1 < @ $2 . > $3
|
|
|
689 |
R$* < @ $=M > $* $: $1 < @ $2 . > $3
|
|
|
690 |
R$* < @ $* . . > $* $1 < @ $2 . > $3
|
|
|
691 |
|
|
|
692 |
|
|
|
693 |
##################################################
|
|
|
694 |
### Ruleset 4 -- Final Output Post-rewriting ###
|
|
|
695 |
##################################################
|
|
|
696 |
Sfinal=4
|
|
|
697 |
|
|
|
698 |
R$+ :; <@> $@ $1 : handle <list:;>
|
|
|
699 |
R$* <@> $@ handle <> and list:;
|
|
|
700 |
|
|
|
701 |
# strip trailing dot off possibly canonical name
|
|
|
702 |
R$* < @ $+ . > $* $1 < @ $2 > $3
|
|
|
703 |
|
|
|
704 |
# eliminate internal code
|
|
|
705 |
R$* < @ *LOCAL* > $* $1 < @ $j > $2
|
|
|
706 |
|
|
|
707 |
# externalize local domain info
|
|
|
708 |
R$* < $+ > $* $1 $2 $3 defocus
|
|
|
709 |
R@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 <route-addr> canonical
|
|
|
710 |
R@ $* $@ @ $1 ... and exit
|
|
|
711 |
|
|
|
712 |
# UUCP must always be presented in old form
|
|
|
713 |
R$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u
|
|
|
714 |
|
|
|
715 |
# put DECnet back in :: form
|
|
|
716 |
R$+ @ $+ . DECNET $2 :: $1 u@h.DECNET => h::u
|
|
|
717 |
# delete duplicate local names
|
|
|
718 |
R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host
|
|
|
719 |
|
|
|
720 |
|
|
|
721 |
|
|
|
722 |
##############################################################
|
|
|
723 |
### Ruleset 97 -- recanonicalize and call ruleset zero ###
|
|
|
724 |
### (used for recursive calls) ###
|
|
|
725 |
##############################################################
|
|
|
726 |
|
|
|
727 |
SRecurse=97
|
|
|
728 |
R$* $: $>canonify $1
|
|
|
729 |
R$* $@ $>parse $1
|
|
|
730 |
|
|
|
731 |
|
|
|
732 |
######################################
|
|
|
733 |
### Ruleset 0 -- Parse Address ###
|
|
|
734 |
######################################
|
|
|
735 |
|
|
|
736 |
Sparse=0
|
|
|
737 |
|
|
|
738 |
R$* $: $>Parse0 $1 initial parsing
|
|
|
739 |
R<@> $#local $: <@> special case error msgs
|
|
|
740 |
R$* $: $>ParseLocal $1 handle local hacks
|
|
|
741 |
R$* $: $>Parse1 $1 final parsing
|
|
|
742 |
|
|
|
743 |
#
|
|
|
744 |
# Parse0 -- do initial syntax checking and eliminate local addresses.
|
|
|
745 |
# This should either return with the (possibly modified) input
|
|
|
746 |
# or return with a #error mailer. It should not return with a
|
|
|
747 |
# #mailer other than the #error mailer.
|
|
|
748 |
#
|
|
|
749 |
|
|
|
750 |
SParse0
|
|
|
751 |
R<@> $@ <@> special case error msgs
|
|
|
752 |
R$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses"
|
|
|
753 |
R@ <@ $* > < @ $1 > catch "@@host" bogosity
|
|
|
754 |
R<@ $+> $#error $@ 5.1.3 $: "553 User address required"
|
|
|
755 |
R$+ <@> $#error $@ 5.1.3 $: "553 Hostname required"
|
|
|
756 |
R$* $: <> $1
|
|
|
757 |
R<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4
|
|
|
758 |
R<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4
|
|
|
759 |
R<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "553 Invalid address"
|
|
|
760 |
R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3
|
|
|
761 |
R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part"
|
|
|
762 |
R<> $* $1
|
|
|
763 |
R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
|
|
|
764 |
R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
|
|
|
765 |
R$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address"
|
|
|
766 |
R$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address"
|
|
|
767 |
R$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address"
|
|
|
768 |
|
|
|
769 |
|
|
|
770 |
# now delete the local info -- note $=O to find characters that cause forwarding
|
|
|
771 |
R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user
|
|
|
772 |
R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ...
|
|
|
773 |
R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here
|
|
|
774 |
R< @ $+ > $#error $@ 5.1.3 $: "553 User address required"
|
|
|
775 |
R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ...
|
|
|
776 |
R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo"
|
|
|
777 |
R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required"
|
|
|
778 |
R$* $=O $* < @ *LOCAL* >
|
|
|
779 |
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
|
|
|
780 |
R$* < @ *LOCAL* > $: $1
|
|
|
781 |
|
|
|
782 |
#
|
|
|
783 |
# Parse1 -- the bottom half of ruleset 0.
|
|
|
784 |
#
|
|
|
785 |
|
|
|
786 |
SParse1
|
|
|
787 |
|
|
|
788 |
# handle numeric address spec
|
|
|
789 |
R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec
|
|
|
790 |
R$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path
|
|
|
791 |
R$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send
|
|
|
792 |
R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer
|
|
|
793 |
R$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer
|
|
|
794 |
|
|
|
795 |
|
|
|
796 |
# short circuit local delivery so forwarded email works
|
|
|
797 |
|
|
|
798 |
|
|
|
799 |
R$=L < @ $=w . > $#local $: @ $1 special local names
|
|
|
800 |
R$+ < @ $=w . > $#local $: $1 regular local name
|
|
|
801 |
|
|
|
802 |
|
|
|
803 |
# resolve remotely connected UUCP links (if any)
|
|
|
804 |
|
|
|
805 |
# resolve fake top level domains by forwarding to other hosts
|
|
|
806 |
|
|
|
807 |
|
|
|
808 |
|
|
|
809 |
# pass names that still have a host to a smarthost (if defined)
|
|
|
810 |
R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name
|
|
|
811 |
|
|
|
812 |
# deal with other remote names
|
|
|
813 |
R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain
|
|
|
814 |
|
|
|
815 |
# handle locally delivered names
|
|
|
816 |
R$=L $#local $: @ $1 special local names
|
|
|
817 |
R$+ $#local $: $1 regular local names
|
|
|
818 |
|
|
|
819 |
###########################################################################
|
|
|
820 |
### Ruleset 5 -- special rewriting after aliases have been expanded ###
|
|
|
821 |
###########################################################################
|
|
|
822 |
|
|
|
823 |
SLocal_localaddr
|
|
|
824 |
Slocaladdr=5
|
|
|
825 |
R$+ $: $1 $| $>"Local_localaddr" $1
|
|
|
826 |
R$+ $| $#ok $@ $1 no change
|
|
|
827 |
R$+ $| $#$* $#$2
|
|
|
828 |
R$+ $| $* $: $1
|
|
|
829 |
|
|
|
830 |
|
|
|
831 |
|
|
|
832 |
|
|
|
833 |
# deal with plussed users so aliases work nicely
|
|
|
834 |
R$+ + * $#local $@ $&h $: $1
|
|
|
835 |
R$+ + $* $#local $@ + $2 $: $1 + *
|
|
|
836 |
|
|
|
837 |
# prepend an empty "forward host" on the front
|
|
|
838 |
R$+ $: <> $1
|
|
|
839 |
|
|
|
840 |
|
|
|
841 |
|
|
|
842 |
R< > $+ $: < > < $1 <> $&h > nope, restore +detail
|
|
|
843 |
|
|
|
844 |
R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail
|
|
|
845 |
R< > < $+ <> $* > $: < > < $1 > else discard
|
|
|
846 |
R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part
|
|
|
847 |
R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra +
|
|
|
848 |
R< > < $+ > $@ $1 no +detail
|
|
|
849 |
R$+ $: $1 <> $&h add +detail back in
|
|
|
850 |
|
|
|
851 |
R$+ <> + $* $: $1 + $2 check whether +detail
|
|
|
852 |
R$+ <> $* $: $1 else discard
|
|
|
853 |
R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension
|
|
|
854 |
R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension
|
|
|
855 |
|
|
|
856 |
R< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 >
|
|
|
857 |
|
|
|
858 |
R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 >
|
|
|
859 |
|
|
|
860 |
|
|
|
861 |
###################################################################
|
|
|
862 |
### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ###
|
|
|
863 |
###################################################################
|
|
|
864 |
|
|
|
865 |
SMailerToTriple=95
|
|
|
866 |
R< > $* $@ $1 strip off null relay
|
|
|
867 |
R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
|
|
|
868 |
R< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2
|
|
|
869 |
R< error : $+ > $* $#error $: $1
|
|
|
870 |
R< local : $* > $* $>CanonLocal < $1 > $2
|
|
|
871 |
R< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user
|
|
|
872 |
R< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer
|
|
|
873 |
R< $=w > $* $@ $2 delete local host
|
|
|
874 |
R< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer
|
|
|
875 |
|
|
|
876 |
###################################################################
|
|
|
877 |
### Ruleset CanonLocal -- canonify local: syntax ###
|
|
|
878 |
###################################################################
|
|
|
879 |
|
|
|
880 |
SCanonLocal
|
|
|
881 |
# strip local host from routed addresses
|
|
|
882 |
R< $* > < @ $+ > : $+ $@ $>Recurse $3
|
|
|
883 |
R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4
|
|
|
884 |
|
|
|
885 |
# strip trailing dot from any host name that may appear
|
|
|
886 |
R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >
|
|
|
887 |
|
|
|
888 |
# handle local: syntax -- use old user, either with or without host
|
|
|
889 |
R< > $* < @ $* > $* $#local $@ $1@$2 $: $1
|
|
|
890 |
R< > $+ $#local $@ $1 $: $1
|
|
|
891 |
|
|
|
892 |
# handle local:user@host syntax -- ignore host part
|
|
|
893 |
R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 >
|
|
|
894 |
|
|
|
895 |
# handle local:user syntax
|
|
|
896 |
R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1
|
|
|
897 |
R< $+ > $* $#local $@ $2 $: $1
|
|
|
898 |
|
|
|
899 |
###################################################################
|
|
|
900 |
### Ruleset 93 -- convert header names to masqueraded form ###
|
|
|
901 |
###################################################################
|
|
|
902 |
|
|
|
903 |
SMasqHdr=93
|
|
|
904 |
|
|
|
905 |
|
|
|
906 |
# do not masquerade anything in class N
|
|
|
907 |
R$* < @ $* $=N . > $@ $1 < @ $2 $3 . >
|
|
|
908 |
|
|
|
909 |
R$* < @ *LOCAL* > $@ $1 < @ $j . >
|
|
|
910 |
|
|
|
911 |
###################################################################
|
|
|
912 |
### Ruleset 94 -- convert envelope names to masqueraded form ###
|
|
|
913 |
###################################################################
|
|
|
914 |
|
|
|
915 |
SMasqEnv=94
|
|
|
916 |
R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
|
|
|
917 |
|
|
|
918 |
###################################################################
|
|
|
919 |
### Ruleset 98 -- local part of ruleset zero (can be null) ###
|
|
|
920 |
###################################################################
|
|
|
921 |
|
|
|
922 |
SParseLocal=98
|
|
|
923 |
|
|
|
924 |
|
|
|
925 |
|
|
|
926 |
|
|
|
927 |
######################################################################
|
|
|
928 |
### CanonAddr -- Convert an address into a standard form for
|
|
|
929 |
### relay checking. Route address syntax is
|
|
|
930 |
### crudely converted into a %-hack address.
|
|
|
931 |
###
|
|
|
932 |
### Parameters:
|
|
|
933 |
### $1 -- full recipient address
|
|
|
934 |
###
|
|
|
935 |
### Returns:
|
|
|
936 |
### parsed address, not in source route form
|
|
|
937 |
######################################################################
|
|
|
938 |
|
|
|
939 |
SCanonAddr
|
|
|
940 |
R$* $: $>Parse0 $>canonify $1 make domain canonical
|
|
|
941 |
|
|
|
942 |
|
|
|
943 |
######################################################################
|
|
|
944 |
### ParseRecipient -- Strip off hosts in $=R as well as possibly
|
|
|
945 |
### $* $=m or the access database.
|
|
|
946 |
### Check user portion for host separators.
|
|
|
947 |
###
|
|
|
948 |
### Parameters:
|
|
|
949 |
### $1 -- full recipient address
|
|
|
950 |
###
|
|
|
951 |
### Returns:
|
|
|
952 |
### parsed, non-local-relaying address
|
|
|
953 |
######################################################################
|
|
|
954 |
|
|
|
955 |
SParseRecipient
|
|
|
956 |
R$* $: <?> $>CanonAddr $1
|
|
|
957 |
R<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots
|
|
|
958 |
R<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part
|
|
|
959 |
|
|
|
960 |
# if no $=O character, no host in the user portion, we are done
|
|
|
961 |
R<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4>
|
|
|
962 |
R<?> $* $@ $1
|
|
|
963 |
|
|
|
964 |
|
|
|
965 |
R<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 >
|
|
|
966 |
|
|
|
967 |
|
|
|
968 |
|
|
|
969 |
R<RELAY> $* < @ $* > $@ $>ParseRecipient $1
|
|
|
970 |
R<$+> $* $@ $2
|
|
|
971 |
|
|
|
972 |
|
|
|
973 |
######################################################################
|
|
|
974 |
### check_relay -- check hostname/address on SMTP startup
|
|
|
975 |
######################################################################
|
|
|
976 |
|
|
|
977 |
|
|
|
978 |
|
|
|
979 |
SLocal_check_relay
|
|
|
980 |
Scheck_relay
|
|
|
981 |
R$* $: $1 $| $>"Local_check_relay" $1
|
|
|
982 |
R$* $| $* $| $#$* $#$3
|
|
|
983 |
R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2
|
|
|
984 |
|
|
|
985 |
SBasic_check_relay
|
|
|
986 |
# check for deferred delivery mode
|
|
|
987 |
R$* $: < $&{deliveryMode} > $1
|
|
|
988 |
R< d > $* $@ deferred
|
|
|
989 |
R< $* > $* $: $2
|
|
|
990 |
|
|
|
991 |
|
|
|
992 |
|
|
|
993 |
|
|
|
994 |
######################################################################
|
|
|
995 |
### check_mail -- check SMTP `MAIL FROM:' command argument
|
|
|
996 |
######################################################################
|
|
|
997 |
|
|
|
998 |
SLocal_check_mail
|
|
|
999 |
Scheck_mail
|
|
|
1000 |
R$* $: $1 $| $>"Local_check_mail" $1
|
|
|
1001 |
R$* $| $#$* $#$2
|
|
|
1002 |
R$* $| $* $@ $>"Basic_check_mail" $1
|
|
|
1003 |
|
|
|
1004 |
SBasic_check_mail
|
|
|
1005 |
# check for deferred delivery mode
|
|
|
1006 |
R$* $: < $&{deliveryMode} > $1
|
|
|
1007 |
R< d > $* $@ deferred
|
|
|
1008 |
R< $* > $* $: $2
|
|
|
1009 |
|
|
|
1010 |
# authenticated?
|
|
|
1011 |
R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
|
|
|
1012 |
R$* $| $#$+ $#$2
|
|
|
1013 |
R$* $| $* $: $1
|
|
|
1014 |
|
|
|
1015 |
R<> $@ <OK> we MUST accept <> (RFC 1123)
|
|
|
1016 |
R$+ $: <?> $1
|
|
|
1017 |
R<?><$+> $: <@> <$1>
|
|
|
1018 |
R<?>$+ $: <@> <$1>
|
|
|
1019 |
R$* $: $&{daemon_flags} $| $1
|
|
|
1020 |
R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >
|
|
|
1021 |
R$* u $* $| <@> < $* > $: <?> < $3 >
|
|
|
1022 |
R$* $| $* $: $2
|
|
|
1023 |
# handle case of @localhost on address
|
|
|
1024 |
R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost >
|
|
|
1025 |
R<@> < $* @ [127.0.0.1] >
|
|
|
1026 |
$: < ? $&{client_name} > < $1 @ [127.0.0.1] >
|
|
|
1027 |
R<@> < $* @ localhost.$m >
|
|
|
1028 |
$: < ? $&{client_name} > < $1 @ localhost.$m >
|
|
|
1029 |
R<@> < $* @ localhost.localdomain >
|
|
|
1030 |
$: < ? $&{client_name} > < $1 @ localhost.localdomain >
|
|
|
1031 |
R<@> < $* @ localhost.UUCP >
|
|
|
1032 |
$: < ? $&{client_name} > < $1 @ localhost.UUCP >
|
|
|
1033 |
R<@> $* $: $1 no localhost as domain
|
|
|
1034 |
R<? $=w> $* $: $2 local client: ok
|
|
|
1035 |
R<? $+> <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address"
|
|
|
1036 |
R<?> $* $: $1
|
|
|
1037 |
R$* $: <?> $>CanonAddr $1 canonify sender address and mark it
|
|
|
1038 |
R<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots
|
|
|
1039 |
# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
|
|
|
1040 |
R<?> $* < @ $* $=P > $: <OKR> $1 < @ $2 $3 >
|
|
|
1041 |
R<?> $* < @ $j > $: <OKR> $1 < @ $j >
|
|
|
1042 |
R<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
|
|
|
1043 |
R<? $* <$->> $* < @ $+ >
|
|
|
1044 |
$: <$2> $3 < @ $4 >
|
|
|
1045 |
|
|
|
1046 |
|
|
|
1047 |
# handle case of no @domain on address
|
|
|
1048 |
R<?> $* $: $&{daemon_flags} $| <?> $1
|
|
|
1049 |
R$* u $* $| <?> $* $: <OKR> $3
|
|
|
1050 |
R$* $| $* $: $2
|
|
|
1051 |
R<?> $* $: < ? $&{client_addr} > $1
|
|
|
1052 |
R<?> $* $@ <OKR> ...local unqualed ok
|
|
|
1053 |
R<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f
|
|
|
1054 |
...remote is not
|
|
|
1055 |
# check results
|
|
|
1056 |
R<?> $* $: @ $1 mark address: nothing known about it
|
|
|
1057 |
R<$={ResOk}> $* $: @ $2 domain ok
|
|
|
1058 |
R<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
|
|
|
1059 |
R<PERM> $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist"
|
|
|
1060 |
|
|
|
1061 |
|
|
|
1062 |
|
|
|
1063 |
######################################################################
|
|
|
1064 |
### check_rcpt -- check SMTP `RCPT TO:' command argument
|
|
|
1065 |
######################################################################
|
|
|
1066 |
|
|
|
1067 |
SLocal_check_rcpt
|
|
|
1068 |
Scheck_rcpt
|
|
|
1069 |
R$* $: $1 $| $>"Local_check_rcpt" $1
|
|
|
1070 |
R$* $| $#$* $#$2
|
|
|
1071 |
R$* $| $* $@ $>"Basic_check_rcpt" $1
|
|
|
1072 |
|
|
|
1073 |
SBasic_check_rcpt
|
|
|
1074 |
# empty address?
|
|
|
1075 |
R<> $#error $@ nouser $: "553 User address required"
|
|
|
1076 |
R$@ $#error $@ nouser $: "553 User address required"
|
|
|
1077 |
# check for deferred delivery mode
|
|
|
1078 |
R$* $: < $&{deliveryMode} > $1
|
|
|
1079 |
R< d > $* $@ deferred
|
|
|
1080 |
R< $* > $* $: $2
|
|
|
1081 |
|
|
|
1082 |
|
|
|
1083 |
######################################################################
|
|
|
1084 |
R$* $: $1 $| @ $>"Rcpt_ok" $1
|
|
|
1085 |
R$* $| @ $#TEMP $+ $: $1 $| T $2
|
|
|
1086 |
R$* $| @ $#$* $#$2
|
|
|
1087 |
R$* $| @ RELAY $@ RELAY
|
|
|
1088 |
R$* $| @ $* $: O $| $>"Relay_ok" $1
|
|
|
1089 |
R$* $| T $+ $: T $2 $| $>"Relay_ok" $1
|
|
|
1090 |
R$* $| $#TEMP $+ $#error $2
|
|
|
1091 |
R$* $| $#$* $#$2
|
|
|
1092 |
R$* $| RELAY $@ RELAY
|
|
|
1093 |
R T $+ $| $* $#error $1
|
|
|
1094 |
# anything else is bogus
|
|
|
1095 |
R$* $#error $@ 5.7.1 $: "550 Relaying denied"
|
|
|
1096 |
|
|
|
1097 |
|
|
|
1098 |
######################################################################
|
|
|
1099 |
### Rcpt_ok: is the recipient ok?
|
|
|
1100 |
######################################################################
|
|
|
1101 |
SRcpt_ok
|
|
|
1102 |
R$* $: $>ParseRecipient $1 strip relayable hosts
|
|
|
1103 |
|
|
|
1104 |
|
|
|
1105 |
|
|
|
1106 |
|
|
|
1107 |
# authenticated via TLS?
|
|
|
1108 |
R$* $: $1 $| $>RelayTLS client authenticated?
|
|
|
1109 |
R$* $| $# $+ $# $2 error/ok?
|
|
|
1110 |
R$* $| $* $: $1 no
|
|
|
1111 |
|
|
|
1112 |
R$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type}
|
|
|
1113 |
R$* $| $# $* $# $2
|
|
|
1114 |
R$* $| NO $: $1
|
|
|
1115 |
R$* $| $* $: $1 $| $&{auth_type}
|
|
|
1116 |
R$* $| $: $1
|
|
|
1117 |
R$* $| $={TrustAuthMech} $# RELAY
|
|
|
1118 |
R$* $| $* $: $1
|
|
|
1119 |
# anything terminating locally is ok
|
|
|
1120 |
R$+ < @ $=w > $@ RELAY
|
|
|
1121 |
R$+ < @ $* $=R > $@ RELAY
|
|
|
1122 |
|
|
|
1123 |
|
|
|
1124 |
|
|
|
1125 |
|
|
|
1126 |
# check for local user (i.e. unqualified address)
|
|
|
1127 |
R$* $: <?> $1
|
|
|
1128 |
R<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 >
|
|
|
1129 |
# local user is ok
|
|
|
1130 |
R<?> $+ $@ RELAY
|
|
|
1131 |
R<$+> $* $: $2
|
|
|
1132 |
|
|
|
1133 |
######################################################################
|
|
|
1134 |
### Relay_ok: is the relay/sender ok?
|
|
|
1135 |
######################################################################
|
|
|
1136 |
SRelay_ok
|
|
|
1137 |
# anything originating locally is ok
|
|
|
1138 |
# check IP address
|
|
|
1139 |
R$* $: $&{client_addr}
|
|
|
1140 |
R$@ $@ RELAY originated locally
|
|
|
1141 |
R0 $@ RELAY originated locally
|
|
|
1142 |
R127.0.0.1 $@ RELAY originated locally
|
|
|
1143 |
RIPv6:::1 $@ RELAY originated locally
|
|
|
1144 |
R$=R $* $@ RELAY relayable IP address
|
|
|
1145 |
R$* $: [ $1 ] put brackets around it...
|
|
|
1146 |
R$=w $@ RELAY ... and see if it is local
|
|
|
1147 |
|
|
|
1148 |
|
|
|
1149 |
# check client name: first: did it resolve?
|
|
|
1150 |
R$* $: < $&{client_resolve} >
|
|
|
1151 |
R<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
|
|
|
1152 |
R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
|
|
|
1153 |
R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
|
|
|
1154 |
R$* $: <@> $&{client_name}
|
|
|
1155 |
# pass to name server to make hostname canonical
|
|
|
1156 |
R<@> $* $=P $:<?> $1 $2
|
|
|
1157 |
R<@> $+ $:<?> $[ $1 $]
|
|
|
1158 |
R$* . $1 strip trailing dots
|
|
|
1159 |
R<?> $=w $@ RELAY
|
|
|
1160 |
R<?> $* $=R $@ RELAY
|
|
|
1161 |
|
|
|
1162 |
|
|
|
1163 |
|
|
|
1164 |
|
|
|
1165 |
|
|
|
1166 |
######################################################################
|
|
|
1167 |
### trust_auth: is user trusted to authenticate as someone else?
|
|
|
1168 |
###
|
|
|
1169 |
### Parameters:
|
|
|
1170 |
### $1: AUTH= parameter from MAIL command
|
|
|
1171 |
######################################################################
|
|
|
1172 |
|
|
|
1173 |
SLocal_trust_auth
|
|
|
1174 |
Strust_auth
|
|
|
1175 |
R$* $: $&{auth_type} $| $1
|
|
|
1176 |
# required by RFC 2554 section 4.
|
|
|
1177 |
R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated"
|
|
|
1178 |
R$* $| $&{auth_authen} $@ identical
|
|
|
1179 |
R$* $| <$&{auth_authen}> $@ identical
|
|
|
1180 |
R$* $| $* $: $1 $| $>"Local_trust_auth" $2
|
|
|
1181 |
R$* $| $#$* $#$2
|
|
|
1182 |
R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}
|
|
|
1183 |
|
|
|
1184 |
######################################################################
|
|
|
1185 |
### Relay_Auth: allow relaying based on authentication?
|
|
|
1186 |
###
|
|
|
1187 |
### Parameters:
|
|
|
1188 |
### $1: ${auth_type}
|
|
|
1189 |
######################################################################
|
|
|
1190 |
SLocal_Relay_Auth
|
|
|
1191 |
|
|
|
1192 |
######################################################################
|
|
|
1193 |
### srv_features: which features to offer to a client?
|
|
|
1194 |
### (done in server)
|
|
|
1195 |
######################################################################
|
|
|
1196 |
Ssrv_features
|
|
|
1197 |
|
|
|
1198 |
|
|
|
1199 |
######################################################################
|
|
|
1200 |
### try_tls: try to use STARTTLS?
|
|
|
1201 |
### (done in client)
|
|
|
1202 |
######################################################################
|
|
|
1203 |
Stry_tls
|
|
|
1204 |
|
|
|
1205 |
|
|
|
1206 |
######################################################################
|
|
|
1207 |
### tls_rcpt: is connection with server "good" enough?
|
|
|
1208 |
### (done in client, per recipient)
|
|
|
1209 |
###
|
|
|
1210 |
### Parameters:
|
|
|
1211 |
### $1: recipient
|
|
|
1212 |
######################################################################
|
|
|
1213 |
Stls_rcpt
|
|
|
1214 |
|
|
|
1215 |
|
|
|
1216 |
######################################################################
|
|
|
1217 |
### tls_client: is connection with client "good" enough?
|
|
|
1218 |
### (done in server)
|
|
|
1219 |
###
|
|
|
1220 |
### Parameters:
|
|
|
1221 |
### ${verify} $| (MAIL|STARTTLS)
|
|
|
1222 |
######################################################################
|
|
|
1223 |
Stls_client
|
|
|
1224 |
R$* $| $* $@ $>"TLS_connection" $1
|
|
|
1225 |
|
|
|
1226 |
######################################################################
|
|
|
1227 |
### tls_server: is connection with server "good" enough?
|
|
|
1228 |
### (done in client)
|
|
|
1229 |
###
|
|
|
1230 |
### Parameter:
|
|
|
1231 |
### ${verify}
|
|
|
1232 |
######################################################################
|
|
|
1233 |
Stls_server
|
|
|
1234 |
R$* $@ $>"TLS_connection" $1
|
|
|
1235 |
|
|
|
1236 |
######################################################################
|
|
|
1237 |
### TLS_connection: is TLS connection "good" enough?
|
|
|
1238 |
###
|
|
|
1239 |
### Parameters:
|
|
|
1240 |
### ${verify}
|
|
|
1241 |
### Requirement: RHS from access map, may be ? for none.
|
|
|
1242 |
######################################################################
|
|
|
1243 |
STLS_connection
|
|
|
1244 |
RSOFTWARE $#error $@ 4.7.0 $: "403 TLS handshake."
|
|
|
1245 |
|
|
|
1246 |
|
|
|
1247 |
######################################################################
|
|
|
1248 |
### RelayTLS: allow relaying based on TLS authentication
|
|
|
1249 |
###
|
|
|
1250 |
### Parameters:
|
|
|
1251 |
### none
|
|
|
1252 |
######################################################################
|
|
|
1253 |
SRelayTLS
|
|
|
1254 |
# authenticated?
|
|
|
1255 |
|
|
|
1256 |
######################################################################
|
|
|
1257 |
### authinfo: lookup authinfo in the access map
|
|
|
1258 |
###
|
|
|
1259 |
### Parameters:
|
|
|
1260 |
### $1: {server_name}
|
|
|
1261 |
### $2: {server_addr}
|
|
|
1262 |
######################################################################
|
|
|
1263 |
Sauthinfo
|
|
|
1264 |
|
|
|
1265 |
|
|
|
1266 |
|
|
|
1267 |
|
|
|
1268 |
|
|
|
1269 |
|
|
|
1270 |
|
|
|
1271 |
|
|
|
1272 |
SLocal_localaddr
|
|
|
1273 |
R$+ $: $>ParseRecipient $1
|
|
|
1274 |
R$* < @ $+ > $* $#relay $@ ${MTAHost} $: $1 < @ $2 > $3
|
|
|
1275 |
# DECnet
|
|
|
1276 |
R$+ :: $+ $#relay $@ ${MTAHost} $: $1 :: $2
|
|
|
1277 |
R$* $#relay $@ ${MTAHost} $: $1 < @ $j >
|
|
|
1278 |
#�
|
|
|
1279 |
######################################################################
|
|
|
1280 |
######################################################################
|
|
|
1281 |
#####
|
|
|
1282 |
##### MAIL FILTER DEFINITIONS
|
|
|
1283 |
#####
|
|
|
1284 |
######################################################################
|
|
|
1285 |
######################################################################
|
|
|
1286 |
|
|
|
1287 |
#�
|
|
|
1288 |
######################################################################
|
|
|
1289 |
######################################################################
|
|
|
1290 |
#####
|
|
|
1291 |
##### MAILER DEFINITIONS
|
|
|
1292 |
#####
|
|
|
1293 |
######################################################################
|
|
|
1294 |
######################################################################
|
|
|
1295 |
|
|
|
1296 |
|
|
|
1297 |
##################################################
|
|
|
1298 |
### Local and Program Mailer specification ###
|
|
|
1299 |
##################################################
|
|
|
1300 |
|
|
|
1301 |
##### $Id: local.m4,v 8.59 2004/11/23 00:37:25 ca Exp $ #####
|
|
|
1302 |
|
|
|
1303 |
#
|
|
|
1304 |
# Envelope sender rewriting
|
|
|
1305 |
#
|
|
|
1306 |
SEnvFromL
|
|
|
1307 |
R<@> $n errors to mailer-daemon
|
|
|
1308 |
R@ <@ $*> $n temporarily bypass Sun bogosity
|
|
|
1309 |
R$+ $: $>AddDomain $1 add local domain if needed
|
|
|
1310 |
R$* $: $>MasqEnv $1 do masquerading
|
|
|
1311 |
|
|
|
1312 |
#
|
|
|
1313 |
# Envelope recipient rewriting
|
|
|
1314 |
#
|
|
|
1315 |
SEnvToL
|
|
|
1316 |
R$+ < @ $* > $: $1 strip host part
|
|
|
1317 |
R$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type
|
|
|
1318 |
R<e s> $+ + $* $: $1 remove +detail for sender
|
|
|
1319 |
R< $* > $+ $: $2 else remove mark
|
|
|
1320 |
|
|
|
1321 |
#
|
|
|
1322 |
# Header sender rewriting
|
|
|
1323 |
#
|
|
|
1324 |
SHdrFromL
|
|
|
1325 |
R<@> $n errors to mailer-daemon
|
|
|
1326 |
R@ <@ $*> $n temporarily bypass Sun bogosity
|
|
|
1327 |
R$+ $: $>AddDomain $1 add local domain if needed
|
|
|
1328 |
R$* $: $>MasqHdr $1 do masquerading
|
|
|
1329 |
|
|
|
1330 |
#
|
|
|
1331 |
# Header recipient rewriting
|
|
|
1332 |
#
|
|
|
1333 |
SHdrToL
|
|
|
1334 |
R$+ $: $>AddDomain $1 add local domain if needed
|
|
|
1335 |
R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
|
|
|
1336 |
|
|
|
1337 |
#
|
|
|
1338 |
# Common code to add local domain name (only if always-add-domain)
|
|
|
1339 |
#
|
|
|
1340 |
SAddDomain
|
|
|
1341 |
|
|
|
1342 |
Mlocal, P=[IPC], F=lmDFMuXkw5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
|
|
|
1343 |
T=DNS/RFC822/SMTP,
|
|
|
1344 |
A=TCP $h
|
|
|
1345 |
Mprog, P=[IPC], F=lmDFMuXk5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
|
|
|
1346 |
T=X-Unix/X-Unix/X-Unix,
|
|
|
1347 |
A=TCP $h
|
|
|
1348 |
|
|
|
1349 |
#####################################
|
|
|
1350 |
### SMTP Mailer specification ###
|
|
|
1351 |
#####################################
|
|
|
1352 |
|
|
|
1353 |
##### $Id: smtp.m4,v 8.65 2006/07/12 21:08:10 ca Exp $ #####
|
|
|
1354 |
|
|
|
1355 |
#
|
|
|
1356 |
# common sender and masquerading recipient rewriting
|
|
|
1357 |
#
|
|
|
1358 |
SMasqSMTP
|
|
|
1359 |
R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
|
|
|
1360 |
R$+ $@ $1 < @ *LOCAL* > add local qualification
|
|
|
1361 |
|
|
|
1362 |
#
|
|
|
1363 |
# convert pseudo-domain addresses to real domain addresses
|
|
|
1364 |
#
|
|
|
1365 |
SPseudoToReal
|
|
|
1366 |
|
|
|
1367 |
# pass <route-addr>s through
|
|
|
1368 |
R< @ $+ > $* $@ < @ $1 > $2 resolve <route-addr>
|
|
|
1369 |
|
|
|
1370 |
# output fake domains as user%fake@relay
|
|
|
1371 |
|
|
|
1372 |
# do UUCP heuristics; note that these are shared with UUCP mailers
|
|
|
1373 |
R$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form
|
|
|
1374 |
R$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form
|
|
|
1375 |
|
|
|
1376 |
# leave these in .UUCP form to avoid further tampering
|
|
|
1377 |
R< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. >
|
|
|
1378 |
R< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 >
|
|
|
1379 |
R< $&h ! > $+ $@ $1 < @ $&h .UUCP. >
|
|
|
1380 |
R< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY
|
|
|
1381 |
R$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part
|
|
|
1382 |
R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY
|
|
|
1383 |
|
|
|
1384 |
|
|
|
1385 |
#
|
|
|
1386 |
# envelope sender rewriting
|
|
|
1387 |
#
|
|
|
1388 |
SEnvFromSMTP
|
|
|
1389 |
R$+ $: $>PseudoToReal $1 sender/recipient common
|
|
|
1390 |
R$* :; <@> $@ list:; special case
|
|
|
1391 |
R$* $: $>MasqSMTP $1 qualify unqual'ed names
|
|
|
1392 |
R$+ $: $>MasqEnv $1 do masquerading
|
|
|
1393 |
|
|
|
1394 |
|
|
|
1395 |
#
|
|
|
1396 |
# envelope recipient rewriting --
|
|
|
1397 |
# also header recipient if not masquerading recipients
|
|
|
1398 |
#
|
|
|
1399 |
SEnvToSMTP
|
|
|
1400 |
R$+ $: $>PseudoToReal $1 sender/recipient common
|
|
|
1401 |
R$+ $: $>MasqSMTP $1 qualify unqual'ed names
|
|
|
1402 |
R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
|
|
|
1403 |
|
|
|
1404 |
#
|
|
|
1405 |
# header sender and masquerading header recipient rewriting
|
|
|
1406 |
#
|
|
|
1407 |
SHdrFromSMTP
|
|
|
1408 |
R$+ $: $>PseudoToReal $1 sender/recipient common
|
|
|
1409 |
R:; <@> $@ list:; special case
|
|
|
1410 |
|
|
|
1411 |
# do special header rewriting
|
|
|
1412 |
R$* <@> $* $@ $1 <@> $2 pass null host through
|
|
|
1413 |
R< @ $* > $* $@ < @ $1 > $2 pass route-addr through
|
|
|
1414 |
R$* $: $>MasqSMTP $1 qualify unqual'ed names
|
|
|
1415 |
R$+ $: $>MasqHdr $1 do masquerading
|
|
|
1416 |
|
|
|
1417 |
|
|
|
1418 |
#
|
|
|
1419 |
# relay mailer header masquerading recipient rewriting
|
|
|
1420 |
#
|
|
|
1421 |
SMasqRelay
|
|
|
1422 |
R$+ $: $>MasqSMTP $1
|
|
|
1423 |
R$+ $: $>MasqHdr $1
|
|
|
1424 |
|
|
|
1425 |
Msmtp, P=[IPC], F=mDFMuXk5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
|
|
|
1426 |
T=DNS/RFC822/SMTP,
|
|
|
1427 |
A=TCP $h
|
|
|
1428 |
Mesmtp, P=[IPC], F=mDFMuXak5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
|
|
|
1429 |
T=DNS/RFC822/SMTP,
|
|
|
1430 |
A=TCP $h
|
|
|
1431 |
Msmtp8, P=[IPC], F=mDFMuX8k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
|
|
|
1432 |
T=DNS/RFC822/SMTP,
|
|
|
1433 |
A=TCP $h
|
|
|
1434 |
Mdsmtp, P=[IPC], F=mDFMuXa%k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
|
|
|
1435 |
T=DNS/RFC822/SMTP,
|
|
|
1436 |
A=TCP $h
|
|
|
1437 |
Mrelay, P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040,
|
|
|
1438 |
T=DNS/RFC822/SMTP,
|
|
|
1439 |
A=TCP $h
|
|
|
1440 |
|
|
|
1441 |
### submit.mc ###
|
|
|
1442 |
# divert(-1)
|
|
|
1443 |
# #
|
|
|
1444 |
# # Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers.
|
|
|
1445 |
# # All rights reserved.
|
|
|
1446 |
# #
|
|
|
1447 |
# # By using this file, you agree to the terms and conditions set
|
|
|
1448 |
# # forth in the LICENSE file which can be found at the top level of
|
|
|
1449 |
# # the sendmail distribution.
|
|
|
1450 |
# #
|
|
|
1451 |
# #
|
|
|
1452 |
#
|
|
|
1453 |
# #
|
|
|
1454 |
# # This is the prototype file for a set-group-ID sm-msp sendmail that
|
|
|
1455 |
# # acts as a initial mail submission program.
|
|
|
1456 |
# #
|
|
|
1457 |
#
|
|
|
1458 |
# divert(0)dnl
|
|
|
1459 |
# sinclude(`/usr/share/sendmail-cf/m4/cf.m4')dnl
|
|
|
1460 |
# VERSIONID(`linux setup')dnl
|
|
|
1461 |
# define(`confCF_VERSION', `Submit')dnl
|
|
|
1462 |
# define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining
|
|
|
1463 |
# define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet
|
|
|
1464 |
# define(`confTIME_ZONE', `USE_TZ')dnl
|
|
|
1465 |
# define(`confDONT_INIT_GROUPS', `True')dnl
|
|
|
1466 |
# define(`confPID_FILE', `/var/run/sm-client.pid')dnl
|
|
|
1467 |
# dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C')dnl
|
|
|
1468 |
# FEATURE(`use_ct_file')dnl
|
|
|
1469 |
# dnl
|
|
|
1470 |
# dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1]
|
|
|
1471 |
# FEATURE(`msp', `[127.0.0.1]')dnl
|