submit.cf revision 261363
1231200Smm# 2232153Smm# Copyright (c) 1998-2004, 2009, 2010 Proofpoint, Inc. and its suppliers. 3231200Smm# All rights reserved. 4231200Smm# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. 5231200Smm# Copyright (c) 1988, 1993 6231200Smm# The Regents of the University of California. All rights reserved. 7231200Smm# 8231200Smm# By using this file, you agree to the terms and conditions set 9231200Smm# forth in the LICENSE file which can be found at the top level of 10231200Smm# the sendmail distribution. 11231200Smm# 12231200Smm# 13231200Smm 14231200Smm###################################################################### 15231200Smm###################################################################### 16231200Smm##### 17231200Smm##### SENDMAIL CONFIGURATION FILE 18231200Smm##### 19231200Smm##### built by ca@lab.smi.sendmail.com on Thu Jan 23 12:29:13 PST 2014 20231200Smm##### in /home/ca/sm8-rel/sm-8.14.8/OpenSource/sendmail-8.14.8/cf/cf 21231200Smm##### using ../ as configuration include directory 22231200Smm##### 23231200Smm###################################################################### 24231200Smm##### 25231200Smm##### DO NOT EDIT THIS FILE! Only edit the source .mc file. 26231200Smm##### 27231200Smm###################################################################### 28231200Smm###################################################################### 29231200Smm 30231200Smm##### $Id: cfhead.m4,v 8.122 2013/11/22 20:51:13 ca Exp $ ##### 31231200Smm##### $Id: cf.m4,v 8.33 2013/11/22 20:51:13 ca Exp $ ##### 32231200Smm##### $Id: submit.mc,v 8.15 2013/11/22 20:51:08 ca Exp $ ##### 33231200Smm##### $Id: msp.m4,v 1.34 2013/11/22 20:51:11 ca Exp $ ##### 34231200Smm 35231200Smm##### $Id: no_default_msa.m4,v 8.3 2013/11/22 20:51:11 ca Exp $ ##### 36231200Smm 37231200Smm 38231200Smm##### $Id: proto.m4,v 8.762 2013/11/22 20:51:13 ca Exp $ ##### 39231200Smm 40231200Smm# level 10 config file format 41231200SmmV10/Berkeley 42231200Smm 43231200Smm# override file safeties - setting this option compromises system security, 44231200Smm# addressing the actual file configuration problem is preferred 45231200Smm# need to set this before any file actions are encountered in the cf file 46231200Smm#O DontBlameSendmail=safe 47231200Smm 48231200Smm# default LDAP map specification 49231200Smm# need to set this now before any LDAP maps are defined 50231200Smm#O LDAPDefaultSpec=-h localhost 51231200Smm 52231200Smm################## 53231200Smm# local info # 54231200Smm################## 55231200Smm 56231200Smm# my LDAP cluster 57231200Smm# need to set this before any LDAP lookups are done (including classes) 58231200Smm#D{sendmailMTACluster}$m 59231200Smm 60231200SmmCwlocalhost 61231200Smm 62231200Smm# my official domain name 63231200Smm# ... define this only if sendmail cannot automatically determine your domain 64231200Smm#Dj$w.Foo.COM 65231200Smm 66231200Smm# host/domain names ending with a token in class P are canonical 67231200SmmCP. 68231200Smm 69231200Smm# "Smart" relay host (may be null) 70311042SmmDS 71231200Smm 72231200Smm 73231200Smm# operators that cannot be in local usernames (i.e., network indicators) 74231200SmmCO @ % ! 75231200Smm 76231200Smm# a class with just dot (for identifying canonical names) 77231200SmmC.. 78231200Smm 79231200Smm# a class with just a left bracket (for identifying domain literals) 80231200SmmC[[ 81231200Smm 82231200Smm 83231200Smm# Resolve map (to check if a host exists in check_mail) 84231200SmmKresolve host -a<OKR> -T<TEMP> 85231200SmmC{ResOk}OKR 86231200Smm 87231200Smm 88231200Smm# Hosts for which relaying is permitted ($=R) 89231200SmmFR-o /etc/mail/relay-domains 90231200Smm 91231200Smm# arithmetic map 92231200SmmKarith arith 93231200Smm 94231200Smm 95231200Smm 96231200Smm 97231200Smm 98231200Smm# dequoting map 99231200SmmKdequote dequote 100231200Smm 101231200Smm# class E: names that should be exposed as from this host, even if we masquerade 102231200Smm# class L: names that should be delivered locally, even if we have a relay 103231200Smm# class M: domains that should be converted to $M 104231200Smm# class N: domains that should not be converted to $M 105231200Smm#CL root 106231200Smm 107231200Smm 108231200Smm 109231200Smm# my name for error messages 110231200SmmDnMAILER-DAEMON 111231200Smm 112231200Smm 113231200SmmD{MTAHost}[127.0.0.1] 114231200Smm 115231200Smm 116231200Smm# Configuration version number 117231200SmmDZ8.14.8/Submit 118231200Smm 119231200Smm 120231200Smm############### 121231200Smm# Options # 122231200Smm############### 123231200Smm 124231200Smm# strip message body to 7 bits on input? 125231200SmmO SevenBitInput=False 126231200Smm 127231200Smm# 8-bit data handling 128231200Smm#O EightBitMode=pass8 129231200Smm 130231200Smm# wait for alias file rebuild (default units: minutes) 131231200SmmO AliasWait=10 132231200Smm 133231200Smm# location of alias file 134231200Smm#O AliasFile=/etc/mail/aliases 135231200Smm 136231200Smm# minimum number of free blocks on filesystem 137231200SmmO MinFreeBlocks=100 138231200Smm 139231200Smm# maximum message size 140231200Smm#O MaxMessageSize=0 141231200Smm 142231200Smm# substitution for space (blank) characters 143231200SmmO BlankSub=. 144231200Smm 145231200Smm# avoid connecting to "expensive" mailers on initial submission? 146231200SmmO HoldExpensive=False 147231200Smm 148231200Smm# checkpoint queue runs after every N successful deliveries 149231200Smm#O CheckpointInterval=10 150231200Smm 151231200Smm# default delivery mode 152231200SmmO DeliveryMode=i 153231200Smm 154231200Smm# error message header/file 155231200Smm#O ErrorHeader=/etc/mail/error-header 156231200Smm 157231200Smm# error mode 158231200Smm#O ErrorMode=print 159231200Smm 160231200Smm# save Unix-style "From_" lines at top of header? 161231200Smm#O SaveFromLine=False 162231200Smm 163231200Smm# queue file mode (qf files) 164231200SmmO QueueFileMode=0660 165231200Smm 166231200Smm# temporary file mode 167231200SmmO TempFileMode=0600 168231200Smm 169231200Smm# match recipients against GECOS field? 170231200Smm#O MatchGECOS=False 171231200Smm 172231200Smm# maximum hop count 173231200Smm#O MaxHopCount=25 174231200Smm 175231200Smm# location of help file 176231200SmmO HelpFile=/etc/mail/helpfile 177231200Smm 178231200Smm# ignore dots as terminators in incoming messages? 179231200Smm#O IgnoreDots=False 180231200Smm 181231200Smm# name resolver options 182316338Smm#O ResolverOptions=+AAONLY 183231200Smm 184231200Smm# deliver MIME-encapsulated error messages? 185231200SmmO SendMimeErrors=True 186231200Smm 187231200Smm# Forward file search path 188231200SmmO ForwardPath 189231200Smm 190231200Smm# open connection cache size 191231200SmmO ConnectionCacheSize=2 192231200Smm 193231200Smm# open connection cache timeout 194231200SmmO ConnectionCacheTimeout=5m 195231200Smm 196231200Smm# persistent host status directory 197231200Smm#O HostStatusDirectory=.hoststat 198231200Smm 199231200Smm# single thread deliveries (requires HostStatusDirectory)? 200231200Smm#O SingleThreadDelivery=False 201231200Smm 202231200Smm# use Errors-To: header? 203231200SmmO UseErrorsTo=False 204231200Smm 205231200Smm# log level 206231200SmmO LogLevel=9 207231200Smm 208231200Smm# send to me too, even in an alias expansion? 209231200Smm#O MeToo=True 210231200Smm 211231200Smm# verify RHS in newaliases? 212231200SmmO CheckAliases=False 213231200Smm 214231200Smm# default messages to old style headers if no special punctuation? 215231200SmmO OldStyleHeaders=True 216231200Smm 217231200Smm# SMTP daemon options 218231200Smm 219231200SmmO DaemonPortOptions=Name=NoMTA, Addr=127.0.0.1, M=E 220231200Smm 221231200Smm# SMTP client options 222231200Smm#O ClientPortOptions=Family=inet, Address=0.0.0.0 223231200Smm 224231200Smm# Modifiers to define {daemon_flags} for direct submissions 225231200Smm#O DirectSubmissionModifiers 226231200Smm 227231200Smm# Use as mail submission program? See sendmail/SECURITY 228231200SmmO UseMSP=True 229231200Smm 230231200Smm# privacy flags 231231200SmmO PrivacyOptions=goaway,noetrn,restrictqrun 232231200Smm 233231200Smm# who (if anyone) should get extra copies of error messages 234231200Smm#O PostmasterCopy=Postmaster 235231200Smm 236231200Smm# slope of queue-only function 237231200Smm#O QueueFactor=600000 238231200Smm 239231200Smm# limit on number of concurrent queue runners 240231200Smm#O MaxQueueChildren 241231200Smm 242231200Smm# maximum number of queue-runners per queue-grouping with multiple queues 243231200Smm#O MaxRunnersPerQueue=1 244231200Smm 245231200Smm# priority of queue runners (nice(3)) 246231200Smm#O NiceQueueRun 247231200Smm 248231200Smm# shall we sort the queue by hostname first? 249231200Smm#O QueueSortOrder=priority 250231200Smm 251231200Smm# minimum time in queue before retry 252231200Smm#O MinQueueAge=30m 253231200Smm 254231200Smm# how many jobs can you process in the queue? 255231200Smm#O MaxQueueRunSize=0 256231200Smm 257231200Smm# perform initial split of envelope without checking MX records 258231200Smm#O FastSplit=1 259231200Smm 260231200Smm# queue directory 261231200SmmO QueueDirectory=/var/spool/clientmqueue 262231200Smm 263231200Smm# key for shared memory; 0 to turn off, -1 to auto-select 264231200Smm#O SharedMemoryKey=0 265231200Smm 266231200Smm# file to store auto-selected key for shared memory (SharedMemoryKey = -1) 267231200Smm#O SharedMemoryKeyFile 268231200Smm 269231200Smm# timeouts (many of these) 270231200Smm#O Timeout.initial=5m 271231200Smm#O Timeout.connect=5m 272231200Smm#O Timeout.aconnect=0s 273231200Smm#O Timeout.iconnect=5m 274231200Smm#O Timeout.helo=5m 275231200Smm#O Timeout.mail=10m 276231200Smm#O Timeout.rcpt=1h 277231200Smm#O Timeout.datainit=5m 278231200Smm#O Timeout.datablock=1h 279231200Smm#O Timeout.datafinal=1h 280231200Smm#O Timeout.rset=5m 281231200Smm#O Timeout.quit=2m 282231200Smm#O Timeout.misc=2m 283231200Smm#O Timeout.command=1h 284231200Smm#O Timeout.ident=5s 285231200Smm#O Timeout.fileopen=60s 286231200Smm#O Timeout.control=2m 287238856SmmO Timeout.queuereturn=5d 288238856Smm#O Timeout.queuereturn.normal=5d 289231200Smm#O Timeout.queuereturn.urgent=2d 290231200Smm#O Timeout.queuereturn.non-urgent=7d 291231200Smm#O Timeout.queuereturn.dsn=5d 292231200SmmO Timeout.queuewarn=4h 293231200Smm#O Timeout.queuewarn.normal=4h 294231200Smm#O Timeout.queuewarn.urgent=1h 295231200Smm#O Timeout.queuewarn.non-urgent=12h 296231200Smm#O Timeout.queuewarn.dsn=4h 297231200Smm#O Timeout.hoststatus=30m 298231200Smm#O Timeout.resolver.retrans=5s 299231200Smm#O Timeout.resolver.retrans.first=5s 300231200Smm#O Timeout.resolver.retrans.normal=5s 301231200Smm#O Timeout.resolver.retry=4 302231200Smm#O Timeout.resolver.retry.first=4 303231200Smm#O Timeout.resolver.retry.normal=4 304231200Smm#O Timeout.lhlo=2m 305231200Smm#O Timeout.auth=10m 306231200Smm#O Timeout.starttls=1h 307231200Smm 308231200Smm# time for DeliverBy; extension disabled if less than 0 309231200Smm#O DeliverByMin=0 310231200Smm 311231200Smm# should we not prune routes in route-addr syntax addresses? 312231200Smm#O DontPruneRoutes=False 313231200Smm 314231200Smm# queue up everything before forking? 315231200SmmO SuperSafe=True 316231200Smm 317231200Smm# status file 318231200SmmO StatusFile=/var/spool/clientmqueue/sm-client.st 319231200Smm 320231200Smm# time zone handling: 321231200Smm# if undefined, use system default 322231200Smm# if defined but null, use TZ envariable passed in 323231200Smm# if defined and non-null, use that info 324231200SmmO TimeZoneSpec= 325231200Smm 326231200Smm# default UID (can be username or userid:groupid) 327231200Smm#O DefaultUser=mailnull 328231200Smm 329231200Smm# list of locations of user database file (null means no lookup) 330231200Smm#O UserDatabaseSpec=/etc/mail/userdb 331231200Smm 332231200Smm# fallback MX host 333231200Smm#O FallbackMXhost=fall.back.host.net 334231200Smm 335231200Smm# fallback smart host 336231200Smm#O FallbackSmartHost=fall.back.host.net 337231200Smm 338231200Smm# if we are the best MX host for a site, try it directly instead of config err 339231200Smm#O TryNullMXList=False 340231200Smm 341231200Smm# load average at which we just queue messages 342231200Smm#O QueueLA=8 343231200Smm 344231200Smm# load average at which we refuse connections 345231200Smm#O RefuseLA=12 346232153Smm 347231200Smm# log interval when refusing connections for this long 348231200Smm#O RejectLogInterval=3h 349231200Smm 350231200Smm# load average at which we delay connections; 0 means no limit 351231200Smm#O DelayLA=0 352231200Smm 353231200Smm# maximum number of children we allow at one time 354231200Smm#O MaxDaemonChildren=0 355231200Smm 356231200Smm# maximum number of new connections per second 357231200Smm#O ConnectionRateThrottle=0 358231200Smm 359231200Smm# Width of the window 360231200Smm#O ConnectionRateWindowSize=60s 361231200Smm 362231200Smm# work recipient factor 363231200Smm#O RecipientFactor=30000 364231200Smm 365231200Smm# deliver each queued job in a separate process? 366231200Smm#O ForkEachJob=False 367231200Smm 368231200Smm# work class factor 369231200Smm#O ClassFactor=1800 370231200Smm 371231200Smm# work time factor 372231200Smm#O RetryFactor=90000 373231200Smm 374231200Smm# default character set 375231200Smm#O DefaultCharSet=unknown-8bit 376248616Smm 377302001Smm# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others) 378302001Smm#O ServiceSwitchFile=/etc/mail/service.switch 379302001Smm 380231200Smm# hosts file (normally /etc/hosts) 381231200Smm#O HostsFile=/etc/hosts 382231200Smm 383231200Smm# dialup line delay on connection failure 384231200Smm#O DialDelay=0s 385231200Smm 386231200Smm# action to take if there are no recipients in the message 387231200Smm#O NoRecipientAction=none 388231200Smm 389231200Smm# chrooted environment for writing to files 390231200Smm#O SafeFileEnvironment 391231200Smm 392231200Smm# are colons OK in addresses? 393231200Smm#O ColonOkInAddr=True 394231200Smm 395231200Smm# shall I avoid expanding CNAMEs (violates protocols)? 396231200Smm#O DontExpandCnames=False 397231200Smm 398231200Smm# SMTP initial login message (old $e macro) 399231200SmmO SmtpGreetingMessage=$j Sendmail $v/$Z; $b 400231200Smm 401231200Smm# UNIX initial From header format (old $l macro) 402231200SmmO UnixFromLine=From $g $d 403231200Smm 404231200Smm# From: lines that have embedded newlines are unwrapped onto one line 405231200Smm#O SingleLineFromHeader=False 406231200Smm 407231200Smm# Allow HELO SMTP command that does not include a host name 408231200Smm#O AllowBogusHELO=False 409231200Smm 410231200Smm# Characters to be quoted in a full name phrase (@,;:\()[] are automatic) 411231200Smm#O MustQuoteChars=. 412231200Smm 413231200Smm# delimiter (operator) characters (old $o macro) 414231200SmmO OperatorChars=.:%@!^/[]+ 415231200Smm 416231200Smm# shall I avoid calling initgroups(3) because of high NIS costs? 417231200SmmO DontInitGroups=True 418231200Smm 419231200Smm# are group-writable :include: and .forward files (un)trustworthy? 420231200Smm# True (the default) means they are not trustworthy. 421231200Smm#O UnsafeGroupWrites=True 422231200Smm 423231200Smm 424231200Smm# where do errors that occur when sending errors get sent? 425231200Smm#O DoubleBounceAddress=postmaster 426231200Smm 427231200Smm# issue temporary errors (4xy) instead of permanent errors (5xy)? 428231200Smm#O SoftBounce=False 429231200Smm 430231200Smm# where to save bounces if all else fails 431231200Smm#O DeadLetterDrop=/var/tmp/dead.letter 432231200Smm 433231200Smm# what user id do we assume for the majority of the processing? 434231200SmmO RunAsUser=smmsp 435231200Smm 436231200Smm# maximum number of recipients per SMTP envelope 437231200Smm#O MaxRecipientsPerMessage=0 438231200Smm 439231200Smm# limit the rate recipients per SMTP envelope are accepted 440231200Smm# once the threshold number of recipients have been rejected 441231200Smm#O BadRcptThrottle=0 442231200Smm 443231200Smm 444231200Smm# shall we get local names from our installed interfaces? 445231200SmmO DontProbeInterfaces=True 446231200Smm 447231200Smm# Return-Receipt-To: header implies DSN request 448231200Smm#O RrtImpliesDsn=False 449231200Smm 450231200Smm# override connection address (for testing) 451231200Smm#O ConnectOnlyTo=0.0.0.0 452231200Smm 453231200Smm# Trusted user for file ownership and starting the daemon 454231200SmmO TrustedUser=smmsp 455231200Smm 456231200Smm# Control socket for daemon management 457231200Smm#O ControlSocketName=/var/spool/mqueue/.control 458231200Smm 459231200Smm# Maximum MIME header length to protect MUAs 460231200Smm#O MaxMimeHeaderLength=0/0 461231200Smm 462231200Smm# Maximum length of the sum of all headers 463231200Smm#O MaxHeadersLength=32768 464231200Smm 465231200Smm# Maximum depth of alias recursion 466231200Smm#O MaxAliasRecursion=10 467231200Smm 468231200Smm# location of pid file 469231200SmmO PidFile=/var/spool/clientmqueue/sm-client.pid 470231200Smm 471231200Smm# Prefix string for the process title shown on 'ps' listings 472231200Smm#O ProcessTitlePrefix=prefix 473231200Smm 474231200Smm# Data file (df) memory-buffer file maximum size 475231200Smm#O DataFileBufferSize=4096 476231200Smm 477232153Smm# Transcript file (xf) memory-buffer file maximum size 478232153Smm#O XscriptFileBufferSize=4096 479231200Smm 480232153Smm# lookup type to find information about local mailboxes 481232153Smm#O MailboxDatabase=pw 482232153Smm 483232153Smm# override compile time flag REQUIRES_DIR_FSYNC 484231200Smm#O RequiresDirfsync=true 485231200Smm 486231200Smm# list of authentication mechanisms 487231200Smm#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 488231200Smm 489231200Smm# Authentication realm 490231200Smm#O AuthRealm 491231200Smm 492231200Smm# default authentication information for outgoing connections 493231200Smm#O DefaultAuthInfo=/etc/mail/default-auth-info 494231200Smm 495231200Smm# SMTP AUTH flags 496231200Smm#O AuthOptions 497231200Smm 498231200Smm# SMTP AUTH maximum encryption strength 499231200Smm#O AuthMaxBits 500231200Smm 501231200Smm# SMTP STARTTLS server options 502231200Smm#O TLSSrvOptions 503231200Smm 504231200Smm 505231200Smm# Input mail filters 506231200Smm#O InputMailFilters 507231200Smm 508231200Smm 509231200Smm# CA directory 510231200Smm#O CACertPath 511231200Smm# CA file 512231200Smm#O CACertFile 513231200Smm# Server Cert 514231200Smm#O ServerCertFile 515231200Smm# Server private key 516231200Smm#O ServerKeyFile 517231200Smm# Client Cert 518231200Smm#O ClientCertFile 519231200Smm# Client private key 520231200Smm#O ClientKeyFile 521231200Smm# File containing certificate revocation lists 522231200Smm#O CRLFile 523231200Smm# DHParameters (only required if DSA/DH is used) 524231200Smm#O DHParameters 525231200Smm# Random data source (required for systems without /dev/urandom under OpenSSL) 526231200Smm#O RandFile 527231200Smm 528231200Smm# Maximum number of "useless" commands before slowing down 529231200Smm#O MaxNOOPCommands=20 530231200Smm 531231200Smm# Name to use for EHLO (defaults to $j) 532231200Smm#O HeloName 533231200Smm 534231200Smm############################ 535231200Smm# QUEUE GROUP DEFINITIONS # 536248616Smm############################ 537231200Smm 538231200Smm 539231200Smm########################### 540231200Smm# Message precedences # 541231200Smm########################### 542231200Smm 543231200SmmPfirst-class=0 544231200SmmPspecial-delivery=100 545231200SmmPlist=-30 546231200SmmPbulk=-60 547248616SmmPjunk=-100 548231200Smm 549231200Smm##################### 550231200Smm# Trusted users # 551231200Smm##################### 552231200Smm 553231200Smm# this is equivalent to setting class "t" 554231200Smm#Ft/etc/mail/trusted-users 555231200SmmTroot 556231200SmmTdaemon 557231200SmmTuucp 558231200Smm 559231200Smm######################### 560231200Smm# Format of headers # 561231200Smm######################### 562231200Smm 563231200SmmH?P?Return-Path: <$g> 564231200SmmHReceived: $?sfrom $s $.$?_($?s$|from $.$_) 565231200Smm $.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.) 566231200Smm $.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version} 567231200Smm (version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u 568231200Smm for $u; $|; 569231200Smm $.$b 570231200SmmH?D?Resent-Date: $a 571231200SmmH?D?Date: $a 572231200SmmH?F?Resent-From: $?x$x <$g>$|$g$. 573231200SmmH?F?From: $?x$x <$g>$|$g$. 574231200SmmH?x?Full-Name: $x 575231200Smm# HPosted-Date: $a 576231200Smm# H?l?Received-Date: $b 577231200SmmH?M?Resent-Message-Id: <$t.$i@$j> 578231200SmmH?M?Message-Id: <$t.$i@$j> 579231200Smm 580231200Smm# 581231200Smm###################################################################### 582231200Smm###################################################################### 583231200Smm##### 584231200Smm##### REWRITING RULES 585231200Smm##### 586231200Smm###################################################################### 587231200Smm###################################################################### 588231200Smm 589231200Smm############################################ 590231200Smm### Ruleset 3 -- Name Canonicalization ### 591231200Smm############################################ 592231200SmmScanonify=3 593231200Smm 594231200Smm# handle null input (translate to <@> special case) 595231200SmmR$@ $@ <@> 596231200Smm 597231200Smm# strip group: syntax (not inside angle brackets!) and trailing semicolon 598231200SmmR$* $: $1 <@> mark addresses 599231200SmmR$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr> 600231200SmmR@ $* <@> $: @ $1 unmark @host:... 601231200SmmR$* [ IPv6 : $+ ] <@> $: $1 [ IPv6 : $2 ] unmark IPv6 addr 602231200SmmR$* :: $* <@> $: $1 :: $2 unmark node::addr 603231200SmmR:include: $* <@> $: :include: $1 unmark :include:... 604231200SmmR$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon 605231200SmmR$* : $* <@> $: $2 strip colon if marked 606231200SmmR$* <@> $: $1 unmark 607231200SmmR$* ; $1 strip trailing semi 608231200SmmR$* < $+ :; > $* $@ $2 :; <@> catch <list:;> 609231200SmmR$* < $* ; > $1 < $2 > bogus bracketed semi 610231200Smm 611231200Smm# null input now results from list:; syntax 612231200SmmR$@ $@ :; <@> 613231200Smm 614231200Smm# strip angle brackets -- note RFC733 heuristic to get innermost item 615231200SmmR$* $: < $1 > housekeeping <> 616231200SmmR$+ < $* > < $2 > strip excess on left 617231200SmmR< $* > $+ < $1 > strip excess on right 618231200SmmR<> $@ < @ > MAIL FROM:<> case 619231200SmmR< $+ > $: $1 remove housekeeping <> 620231200Smm 621231200Smm# strip route address <@a,@b,@c:user@d> -> <user@d> 622231200SmmR@ $+ , $+ $2 623248616SmmR@ [ $* ] : $+ $2 624231200SmmR@ $+ : $+ $2 625248616Smm 626231200Smm# find focus for list syntax 627231200SmmR $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax 628231200SmmR $+ : $* ; $@ $1 : $2; list syntax 629231200Smm 630231200Smm# find focus for @ syntax addresses 631231200SmmR$+ @ $+ $: $1 < @ $2 > focus on domain 632231200SmmR$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right 633231200SmmR$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical 634231200Smm 635231200Smm 636231200Smm# convert old-style addresses to a domain-based address 637231200SmmR$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names 638231200SmmR$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps 639311042SmmR$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains 640231200Smm 641231200Smm# convert node::user addresses into a domain-based address 642231200SmmR$- :: $+ $@ $>Canonify2 $2 < @ $1 .DECNET > resolve DECnet names 643231200SmmR$- . $- :: $+ $@ $>Canonify2 $3 < @ $1.$2 .DECNET > numeric DECnet addr 644311042Smm 645311042Smm# if we have % signs, take the rightmost one 646231200SmmR$* % $* $1 @ $2 First make them all @s. 647231200SmmR$* @ $* @ $* $1 % $2 @ $3 Undo all but the last. 648231200SmmR$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish 649231200Smm 650231200Smm# else we must be a local name 651231200SmmR$* $@ $>Canonify2 $1 652231200Smm 653231200Smm 654231200Smm################################################ 655231200Smm### Ruleset 96 -- bottom half of ruleset 3 ### 656231200Smm################################################ 657231200Smm 658231200SmmSCanonify2=96 659231200Smm 660231200Smm# handle special cases for local names 661231200SmmR$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all 662231200SmmR$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain 663231200SmmR$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain 664231200Smm 665231200Smm# check for IPv4/IPv6 domain literal 666231200SmmR$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr] 667231200SmmR$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal 668231200SmmR$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr 669231200Smm 670231200Smm 671231200Smm 672231200Smm 673231200Smm 674231200Smm# if really UUCP, handle it immediately 675231200Smm 676231200Smm# try UUCP traffic as a local address 677231200SmmR$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3 678231200SmmR$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3 679231200Smm 680231200Smm# hostnames ending in class P are always canonical 681231200SmmR$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4 682231200SmmR$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4 683231200SmmR$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6 684231200SmmR$* CC $* $| $* $: $3 685231200Smm# pass to name server to make hostname canonical 686231200SmmR$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4 687231200SmmR$* $| $* $: $2 688231200Smm 689231200Smm# local host aliases and pseudo-domains are always canonical 690231200SmmR$* < @ $=w > $* $: $1 < @ $2 . > $3 691231200SmmR$* < @ $=M > $* $: $1 < @ $2 . > $3 692231200SmmR$* < @ $* . . > $* $1 < @ $2 . > $3 693231200Smm 694231200Smm 695231200Smm################################################## 696231200Smm### Ruleset 4 -- Final Output Post-rewriting ### 697231200Smm################################################## 698231200SmmSfinal=4 699231200Smm 700231200SmmR$+ :; <@> $@ $1 : handle <list:;> 701231200SmmR$* <@> $@ handle <> and list:; 702231200Smm 703231200Smm# strip trailing dot off possibly canonical name 704231200SmmR$* < @ $+ . > $* $1 < @ $2 > $3 705231200Smm 706231200Smm# eliminate internal code 707231200SmmR$* < @ *LOCAL* > $* $1 < @ $j > $2 708231200Smm 709231200Smm# externalize local domain info 710231200SmmR$* < $+ > $* $1 $2 $3 defocus 711231200SmmR@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 <route-addr> canonical 712231200SmmR@ $* $@ @ $1 ... and exit 713231200Smm 714231200Smm# UUCP must always be presented in old form 715231200SmmR$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u 716231200Smm 717231200Smm# put DECnet back in :: form 718231200SmmR$+ @ $+ . DECNET $2 :: $1 u@h.DECNET => h::u 719231200Smm# delete duplicate local names 720231200SmmR$+ % $=w @ $=w $1 @ $2 u%host@host => u@host 721231200Smm 722231200Smm 723231200Smm 724231200Smm############################################################## 725231200Smm### Ruleset 97 -- recanonicalize and call ruleset zero ### 726231200Smm### (used for recursive calls) ### 727231200Smm############################################################## 728231200Smm 729231200SmmSRecurse=97 730231200SmmR$* $: $>canonify $1 731231200SmmR$* $@ $>parse $1 732231200Smm 733231200Smm 734231200Smm###################################### 735231200Smm### Ruleset 0 -- Parse Address ### 736231200Smm###################################### 737231200Smm 738231200SmmSparse=0 739231200Smm 740231200SmmR$* $: $>Parse0 $1 initial parsing 741231200SmmR<@> $#local $: <@> special case error msgs 742231200SmmR$* $: $>ParseLocal $1 handle local hacks 743231200SmmR$* $: $>Parse1 $1 final parsing 744231200Smm 745231200Smm# 746231200Smm# Parse0 -- do initial syntax checking and eliminate local addresses. 747231200Smm# This should either return with the (possibly modified) input 748231200Smm# or return with a #error mailer. It should not return with a 749231200Smm# #mailer other than the #error mailer. 750231200Smm# 751231200Smm 752231200SmmSParse0 753231200SmmR<@> $@ <@> special case error msgs 754231200SmmR$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses" 755231200SmmR@ <@ $* > < @ $1 > catch "@@host" bogosity 756231200SmmR<@ $+> $#error $@ 5.1.3 $: "553 User address required" 757231200SmmR$+ <@> $#error $@ 5.1.3 $: "553 Hostname required" 758231200SmmR$* $: <> $1 759231200SmmR<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4 760231200SmmR<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4 761231200SmmR<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "553 Invalid address" 762231200SmmR<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3 763231200SmmR<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part" 764231200SmmR<> $* $1 765231200SmmR$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" 766231200SmmR$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" 767231200SmmR$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address" 768231200SmmR$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address" 769231200SmmR$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address" 770231200Smm 771231200Smm 772231200Smm# now delete the local info -- note $=O to find characters that cause forwarding 773231200SmmR$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user 774231200SmmR< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ... 775231200SmmR$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here 776231200SmmR< @ $+ > $#error $@ 5.1.3 $: "553 User address required" 777231200SmmR$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ... 778231200SmmR$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo" 779231200SmmR< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required" 780231200SmmR$* $=O $* < @ *LOCAL* > 781231200Smm $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ... 782231200SmmR$* < @ *LOCAL* > $: $1 783231200Smm 784231200Smm# 785231200Smm# Parse1 -- the bottom half of ruleset 0. 786231200Smm# 787231200Smm 788231200SmmSParse1 789231200Smm 790231200Smm# handle numeric address spec 791231200SmmR$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec 792231200SmmR$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path 793231200SmmR$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send 794231200SmmR$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer 795231200SmmR$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer 796231200Smm 797231200Smm 798231200Smm# short circuit local delivery so forwarded email works 799238856Smm 800231200Smm 801231200SmmR$=L < @ $=w . > $#local $: @ $1 special local names 802231200SmmR$+ < @ $=w . > $#local $: $1 regular local name 803231200Smm 804231200Smm 805231200Smm# resolve remotely connected UUCP links (if any) 806231200Smm 807231200Smm# resolve fake top level domains by forwarding to other hosts 808231200Smm 809231200Smm 810231200Smm 811231200Smm# pass names that still have a host to a smarthost (if defined) 812231200SmmR$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name 813231200Smm 814231200Smm# deal with other remote names 815231200SmmR$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain 816231200Smm 817231200Smm# handle locally delivered names 818231200SmmR$=L $#local $: @ $1 special local names 819231200SmmR$+ $#local $: $1 regular local names 820231200Smm 821231200Smm########################################################################### 822231200Smm### Ruleset 5 -- special rewriting after aliases have been expanded ### 823231200Smm########################################################################### 824231200Smm 825231200SmmSLocal_localaddr 826231200SmmSlocaladdr=5 827231200SmmR$+ $: $1 $| $>"Local_localaddr" $1 828231200SmmR$+ $| $#ok $@ $1 no change 829231200SmmR$+ $| $#$* $#$2 830231200SmmR$+ $| $* $: $1 831231200Smm 832231200Smm 833231200Smm 834231200Smm 835231200Smm# deal with plussed users so aliases work nicely 836231200SmmR$+ + * $#local $@ $&h $: $1 837231200SmmR$+ + $* $#local $@ + $2 $: $1 + * 838231200Smm 839231200Smm# prepend an empty "forward host" on the front 840231200SmmR$+ $: <> $1 841231200Smm 842231200Smm 843231200Smm 844231200SmmR< > $+ $: < > < $1 <> $&h > nope, restore +detail 845231200Smm 846231200SmmR< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail 847231200SmmR< > < $+ <> $* > $: < > < $1 > else discard 848231200SmmR< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part 849231200SmmR< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra + 850231200SmmR< > < $+ > $@ $1 no +detail 851231200SmmR$+ $: $1 <> $&h add +detail back in 852231200Smm 853231200SmmR$+ <> + $* $: $1 + $2 check whether +detail 854231200SmmR$+ <> $* $: $1 else discard 855231200SmmR< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension 856231200SmmR< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension 857231200Smm 858231200SmmR< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 > 859231200Smm 860231200SmmR< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 > 861231200Smm 862231200Smm 863231200Smm################################################################### 864231200Smm### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ### 865231200Smm################################################################### 866231200Smm 867231200SmmSMailerToTriple=95 868231200SmmR< > $* $@ $1 strip off null relay 869231200SmmR< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4 870231200SmmR< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2 871231200SmmR< error : $+ > $* $#error $: $1 872231200SmmR< local : $* > $* $>CanonLocal < $1 > $2 873231200SmmR< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user 874231200SmmR< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer 875231200SmmR< $=w > $* $@ $2 delete local host 876231200SmmR< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer 877231200Smm 878231200Smm################################################################### 879231200Smm### Ruleset CanonLocal -- canonify local: syntax ### 880231200Smm################################################################### 881231200Smm 882231200SmmSCanonLocal 883231200Smm# strip local host from routed addresses 884231200SmmR< $* > < @ $+ > : $+ $@ $>Recurse $3 885231200SmmR< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4 886231200Smm 887231200Smm# strip trailing dot from any host name that may appear 888231200SmmR< $* > $* < @ $* . > $: < $1 > $2 < @ $3 > 889231200Smm 890231200Smm# handle local: syntax -- use old user, either with or without host 891231200SmmR< > $* < @ $* > $* $#local $@ $1@$2 $: $1 892231200SmmR< > $+ $#local $@ $1 $: $1 893231200Smm 894231200Smm# handle local:user@host syntax -- ignore host part 895231200SmmR< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 > 896231200Smm 897231200Smm# handle local:user syntax 898231200SmmR< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1 899231200SmmR< $+ > $* $#local $@ $2 $: $1 900231200Smm 901231200Smm################################################################### 902231200Smm### Ruleset 93 -- convert header names to masqueraded form ### 903231200Smm################################################################### 904231200Smm 905231200SmmSMasqHdr=93 906231200Smm 907231200Smm 908231200Smm# do not masquerade anything in class N 909231200SmmR$* < @ $* $=N . > $@ $1 < @ $2 $3 . > 910231200Smm 911231200SmmR$* < @ *LOCAL* > $@ $1 < @ $j . > 912231200Smm 913231200Smm################################################################### 914231200Smm### Ruleset 94 -- convert envelope names to masqueraded form ### 915231200Smm################################################################### 916231200Smm 917231200SmmSMasqEnv=94 918231200SmmR$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 919231200Smm 920231200Smm################################################################### 921231200Smm### Ruleset 98 -- local part of ruleset zero (can be null) ### 922231200Smm################################################################### 923231200Smm 924231200SmmSParseLocal=98 925231200Smm 926231200Smm 927231200Smm 928231200Smm 929231200Smm 930231200Smm 931231200Smm###################################################################### 932231200Smm### CanonAddr -- Convert an address into a standard form for 933231200Smm### relay checking. Route address syntax is 934231200Smm### crudely converted into a %-hack address. 935231200Smm### 936231200Smm### Parameters: 937231200Smm### $1 -- full recipient address 938231200Smm### 939231200Smm### Returns: 940231200Smm### parsed address, not in source route form 941231200Smm###################################################################### 942231200Smm 943231200SmmSCanonAddr 944231200SmmR$* $: $>Parse0 $>canonify $1 make domain canonical 945231200Smm 946231200Smm 947231200Smm###################################################################### 948231200Smm### ParseRecipient -- Strip off hosts in $=R as well as possibly 949231200Smm### $* $=m or the access database. 950231200Smm### Check user portion for host separators. 951231200Smm### 952231200Smm### Parameters: 953231200Smm### $1 -- full recipient address 954231200Smm### 955231200Smm### Returns: 956231200Smm### parsed, non-local-relaying address 957231200Smm###################################################################### 958231200Smm 959231200SmmSParseRecipient 960231200SmmR$* $: <?> $>CanonAddr $1 961231200SmmR<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots 962231200SmmR<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part 963231200Smm 964231200Smm# if no $=O character, no host in the user portion, we are done 965231200SmmR<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4> 966231200SmmR<?> $* $@ $1 967231200Smm 968231200Smm 969231200SmmR<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 > 970231200Smm 971231200Smm 972231200Smm 973231200SmmR<RELAY> $* < @ $* > $@ $>ParseRecipient $1 974231200SmmR<$+> $* $@ $2 975231200Smm 976231200Smm 977231200Smm###################################################################### 978231200Smm### check_relay -- check hostname/address on SMTP startup 979231200Smm###################################################################### 980231200Smm 981231200Smm 982231200Smm 983231200SmmSLocal_check_relay 984231200SmmScheck_relay 985231200SmmR$* $: $1 $| $>"Local_check_relay" $1 986231200SmmR$* $| $* $| $#$* $#$3 987231200SmmR$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2 988231200Smm 989238856SmmSBasic_check_relay 990231200Smm# check for deferred delivery mode 991231200SmmR$* $: < $&{deliveryMode} > $1 992231200SmmR< d > $* $@ deferred 993231200SmmR< $* > $* $: $2 994231200Smm 995231200Smm 996231200Smm 997231200Smm###################################################################### 998231200Smm### check_mail -- check SMTP `MAIL FROM:' command argument 999231200Smm###################################################################### 1000231200Smm 1001231200SmmSLocal_check_mail 1002231200SmmScheck_mail 1003231200SmmR$* $: $1 $| $>"Local_check_mail" $1 1004231200SmmR$* $| $#$* $#$2 1005231200SmmR$* $| $* $@ $>"Basic_check_mail" $1 1006231200Smm 1007231200SmmSBasic_check_mail 1008231200Smm# check for deferred delivery mode 1009231200SmmR$* $: < $&{deliveryMode} > $1 1010231200SmmR< d > $* $@ deferred 1011231200SmmR< $* > $* $: $2 1012231200Smm 1013231200Smm# authenticated? 1014231200SmmR$* $: $1 $| $>"tls_client" $&{verify} $| MAIL 1015231200SmmR$* $| $#$+ $#$2 1016231200SmmR$* $| $* $: $1 1017231200Smm 1018231200SmmR<> $@ <OK> we MUST accept <> (RFC 1123) 1019231200SmmR$+ $: <?> $1 1020231200SmmR<?><$+> $: <@> <$1> 1021231200SmmR<?>$+ $: <@> <$1> 1022231200SmmR$* $: $&{daemon_flags} $| $1 1023231200SmmR$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 > 1024231200SmmR$* u $* $| <@> < $* > $: <?> < $3 > 1025231200SmmR$* $| $* $: $2 1026231200Smm# handle case of @localhost on address 1027238856SmmR<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost > 1028238856SmmR<@> < $* @ [127.0.0.1] > 1029238856Smm $: < ? $&{client_name} > < $1 @ [127.0.0.1] > 1030238856SmmR<@> < $* @ localhost.$m > 1031238856Smm $: < ? $&{client_name} > < $1 @ localhost.$m > 1032238856SmmR<@> < $* @ localhost.UUCP > 1033238856Smm $: < ? $&{client_name} > < $1 @ localhost.UUCP > 1034238856SmmR<@> $* $: $1 no localhost as domain 1035238856SmmR<? $=w> $* $: $2 local client: ok 1036238856SmmR<? $+> <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address" 1037238856SmmR<?> $* $: $1 1038238856SmmR$* $: <?> $>CanonAddr $1 canonify sender address and mark it 1039238856SmmR<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots 1040231200Smm# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) 1041231200SmmR<?> $* < @ $* $=P > $: <OKR> $1 < @ $2 $3 > 1042238856SmmR<?> $* < @ $j > $: <OKR> $1 < @ $j > 1043231200SmmR<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 > 1044231200SmmR<? $* <$->> $* < @ $+ > 1045231200Smm $: <$2> $3 < @ $4 > 1046231200Smm 1047231200Smm 1048231200Smm# handle case of no @domain on address 1049231200SmmR<?> $* $: $&{daemon_flags} $| <?> $1 1050231200SmmR$* u $* $| <?> $* $: <OKR> $3 1051231200SmmR$* $| $* $: $2 1052231200SmmR<?> $* $: < ? $&{client_addr} > $1 1053231200SmmR<?> $* $@ <OKR> ...local unqualed ok 1054231200SmmR<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f 1055231200Smm ...remote is not 1056231200Smm# check results 1057231200SmmR<?> $* $: @ $1 mark address: nothing known about it 1058231200SmmR<$={ResOk}> $* $: @ $2 domain ok 1059231200SmmR<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve" 1060231200SmmR<PERM> $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist" 1061231200Smm 1062231200Smm 1063231200Smm 1064231200Smm###################################################################### 1065248616Smm### check_rcpt -- check SMTP `RCPT TO:' command argument 1066231200Smm###################################################################### 1067231200Smm 1068248616SmmSLocal_check_rcpt 1069231200SmmScheck_rcpt 1070231200SmmR$* $: $1 $| $>"Local_check_rcpt" $1 1071248616SmmR$* $| $#$* $#$2 1072231200SmmR$* $| $* $@ $>"Basic_check_rcpt" $1 1073231200Smm 1074231200SmmSBasic_check_rcpt 1075231200Smm# empty address? 1076231200SmmR<> $#error $@ nouser $: "553 User address required" 1077231200SmmR$@ $#error $@ nouser $: "553 User address required" 1078231200Smm# check for deferred delivery mode 1079231200SmmR$* $: < $&{deliveryMode} > $1 1080231200SmmR< d > $* $@ deferred 1081231200SmmR< $* > $* $: $2 1082231200Smm 1083231200Smm 1084231200Smm###################################################################### 1085231200SmmR$* $: $1 $| @ $>"Rcpt_ok" $1 1086231200SmmR$* $| @ $#TEMP $+ $: $1 $| T $2 1087231200SmmR$* $| @ $#$* $#$2 1088231200SmmR$* $| @ RELAY $@ RELAY 1089231200SmmR$* $| @ $* $: O $| $>"Relay_ok" $1 1090231200SmmR$* $| T $+ $: T $2 $| $>"Relay_ok" $1 1091231200SmmR$* $| $#TEMP $+ $#error $2 1092231200SmmR$* $| $#$* $#$2 1093231200SmmR$* $| RELAY $@ RELAY 1094231200SmmR T $+ $| $* $#error $1 1095231200Smm# anything else is bogus 1096231200SmmR$* $#error $@ 5.7.1 $: "550 Relaying denied" 1097231200Smm 1098231200Smm 1099231200Smm###################################################################### 1100231200Smm### Rcpt_ok: is the recipient ok? 1101231200Smm###################################################################### 1102231200SmmSRcpt_ok 1103231200SmmR$* $: $>ParseRecipient $1 strip relayable hosts 1104231200Smm 1105231200Smm 1106231200Smm 1107231200Smm 1108231200Smm# authenticated via TLS? 1109231200SmmR$* $: $1 $| $>RelayTLS client authenticated? 1110231200SmmR$* $| $# $+ $# $2 error/ok? 1111231200SmmR$* $| $* $: $1 no 1112231200Smm 1113231200SmmR$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type} 1114231200SmmR$* $| $# $* $# $2 1115231200SmmR$* $| NO $: $1 1116231200SmmR$* $| $* $: $1 $| $&{auth_type} 1117231200SmmR$* $| $: $1 1118231200SmmR$* $| $={TrustAuthMech} $# RELAY 1119231200SmmR$* $| $* $: $1 1120231200Smm# anything terminating locally is ok 1121231200SmmR$+ < @ $=w > $@ RELAY 1122231200SmmR$+ < @ $* $=R > $@ RELAY 1123231200Smm 1124231200Smm 1125231200Smm 1126231200Smm 1127231200Smm# check for local user (i.e. unqualified address) 1128231200SmmR$* $: <?> $1 1129231200SmmR<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 > 1130231200Smm# local user is ok 1131231200SmmR<?> $+ $@ RELAY 1132231200SmmR<$+> $* $: $2 1133231200Smm 1134231200Smm###################################################################### 1135231200Smm### Relay_ok: is the relay/sender ok? 1136231200Smm###################################################################### 1137231200SmmSRelay_ok 1138231200Smm# anything originating locally is ok 1139231200Smm# check IP address 1140231200SmmR$* $: $&{client_addr} 1141231200SmmR$@ $@ RELAY originated locally 1142231200SmmR0 $@ RELAY originated locally 1143231200SmmR127.0.0.1 $@ RELAY originated locally 1144231200SmmRIPv6:::1 $@ RELAY originated locally 1145231200SmmR$=R $* $@ RELAY relayable IP address 1146231200SmmR$* $: [ $1 ] put brackets around it... 1147231200SmmR$=w $@ RELAY ... and see if it is local 1148231200Smm 1149231200Smm 1150231200Smm# check client name: first: did it resolve? 1151231200SmmR$* $: < $&{client_resolve} > 1152231200SmmR<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr} 1153231200SmmR<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name} 1154231200SmmR<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name} 1155231200SmmR$* $: <@> $&{client_name} 1156231200Smm# pass to name server to make hostname canonical 1157231200SmmR<@> $* $=P $:<?> $1 $2 1158231200SmmR<@> $+ $:<?> $[ $1 $] 1159231200SmmR$* . $1 strip trailing dots 1160231200SmmR<?> $=w $@ RELAY 1161231200SmmR<?> $* $=R $@ RELAY 1162231200Smm 1163231200Smm 1164231200Smm 1165231200Smm 1166231200Smm 1167231200Smm###################################################################### 1168231200Smm### trust_auth: is user trusted to authenticate as someone else? 1169231200Smm### 1170231200Smm### Parameters: 1171231200Smm### $1: AUTH= parameter from MAIL command 1172231200Smm###################################################################### 1173231200Smm 1174231200SmmSLocal_trust_auth 1175368708SmmStrust_auth 1176231200SmmR$* $: $&{auth_type} $| $1 1177231200Smm# required by RFC 2554 section 4. 1178231200SmmR$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated" 1179231200SmmR$* $| $&{auth_authen} $@ identical 1180231200SmmR$* $| <$&{auth_authen}> $@ identical 1181231200SmmR$* $| $* $: $1 $| $>"Local_trust_auth" $2 1182231200SmmR$* $| $#$* $#$2 1183231200SmmR$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author} 1184231200Smm 1185231200Smm###################################################################### 1186231200Smm### Relay_Auth: allow relaying based on authentication? 1187231200Smm### 1188231200Smm### Parameters: 1189231200Smm### $1: ${auth_type} 1190231200Smm###################################################################### 1191231200SmmSLocal_Relay_Auth 1192231200Smm 1193231200Smm###################################################################### 1194231200Smm### srv_features: which features to offer to a client? 1195231200Smm### (done in server) 1196231200Smm###################################################################### 1197231200SmmSsrv_features 1198231200Smm 1199231200Smm 1200231200Smm###################################################################### 1201231200Smm### try_tls: try to use STARTTLS? 1202231200Smm### (done in client) 1203231200Smm###################################################################### 1204231200SmmStry_tls 1205231200Smm 1206231200Smm 1207231200Smm###################################################################### 1208231200Smm### tls_rcpt: is connection with server "good" enough? 1209231200Smm### (done in client, per recipient) 1210231200Smm### 1211231200Smm### Parameters: 1212231200Smm### $1: recipient 1213231200Smm###################################################################### 1214231200SmmStls_rcpt 1215231200Smm 1216231200Smm 1217231200Smm###################################################################### 1218231200Smm### tls_client: is connection with client "good" enough? 1219231200Smm### (done in server) 1220231200Smm### 1221231200Smm### Parameters: 1222231200Smm### ${verify} $| (MAIL|STARTTLS) 1223231200Smm###################################################################### 1224231200SmmStls_client 1225231200SmmR$* $| $* $@ $>"TLS_connection" $1 1226231200Smm 1227231200Smm###################################################################### 1228231200Smm### tls_server: is connection with server "good" enough? 1229231200Smm### (done in client) 1230231200Smm### 1231231200Smm### Parameter: 1232231200Smm### ${verify} 1233231200Smm###################################################################### 1234231200SmmStls_server 1235231200SmmR$* $@ $>"TLS_connection" $1 1236231200Smm 1237231200Smm###################################################################### 1238231200Smm### TLS_connection: is TLS connection "good" enough? 1239231200Smm### 1240231200Smm### Parameters: 1241231200Smm### ${verify} 1242231200Smm### Requirement: RHS from access map, may be ? for none. 1243231200Smm###################################################################### 1244231200SmmSTLS_connection 1245231200SmmRSOFTWARE $#error $@ 4.7.0 $: "403 TLS handshake." 1246231200Smm 1247231200Smm 1248231200Smm###################################################################### 1249231200Smm### RelayTLS: allow relaying based on TLS authentication 1250231200Smm### 1251231200Smm### Parameters: 1252231200Smm### none 1253231200Smm###################################################################### 1254231200SmmSRelayTLS 1255231200Smm# authenticated? 1256231200Smm 1257231200Smm###################################################################### 1258231200Smm### authinfo: lookup authinfo in the access map 1259231200Smm### 1260231200Smm### Parameters: 1261231200Smm### $1: {server_name} 1262231200Smm### $2: {server_addr} 1263231200Smm###################################################################### 1264231200SmmSauthinfo 1265231200Smm 1266231200Smm 1267231200Smm 1268231200Smm 1269231200Smm 1270231200Smm 1271231200Smm 1272231200Smm 1273231200SmmSLocal_localaddr 1274231200SmmR$+ $: $>ParseRecipient $1 1275231200SmmR$* < @ $+ > $* $#relay $@ ${MTAHost} $: $1 < @ $2 > $3 1276231200Smm# DECnet 1277231200SmmR$+ :: $+ $#relay $@ ${MTAHost} $: $1 :: $2 1278231200SmmR$* $#relay $@ ${MTAHost} $: $1 < @ $j > 1279231200Smm# 1280231200Smm###################################################################### 1281231200Smm###################################################################### 1282231200Smm##### 1283231200Smm##### MAIL FILTER DEFINITIONS 1284231200Smm##### 1285231200Smm###################################################################### 1286231200Smm###################################################################### 1287231200Smm 1288231200Smm# 1289231200Smm###################################################################### 1290231200Smm###################################################################### 1291231200Smm##### 1292231200Smm##### MAILER DEFINITIONS 1293231200Smm##### 1294231200Smm###################################################################### 1295231200Smm###################################################################### 1296231200Smm 1297231200Smm 1298231200Smm################################################## 1299231200Smm### Local and Program Mailer specification ### 1300231200Smm################################################## 1301231200Smm 1302231200Smm##### $Id: local.m4,v 8.60 2013/11/22 20:51:14 ca Exp $ ##### 1303231200Smm 1304231200Smm# 1305231200Smm# Envelope sender rewriting 1306231200Smm# 1307231200SmmSEnvFromL 1308231200SmmR<@> $n errors to mailer-daemon 1309231200SmmR@ <@ $*> $n temporarily bypass Sun bogosity 1310231200SmmR$+ $: $>AddDomain $1 add local domain if needed 1311231200SmmR$* $: $>MasqEnv $1 do masquerading 1312231200Smm 1313231200Smm# 1314231200Smm# Envelope recipient rewriting 1315231200Smm# 1316231200SmmSEnvToL 1317231200SmmR$+ < @ $* > $: $1 strip host part 1318231200SmmR$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type 1319231200SmmR<e s> $+ + $* $: $1 remove +detail for sender 1320231200SmmR< $* > $+ $: $2 else remove mark 1321231200Smm 1322231200Smm# 1323231200Smm# Header sender rewriting 1324231200Smm# 1325231200SmmSHdrFromL 1326231200SmmR<@> $n errors to mailer-daemon 1327231200SmmR@ <@ $*> $n temporarily bypass Sun bogosity 1328231200SmmR$+ $: $>AddDomain $1 add local domain if needed 1329231200SmmR$* $: $>MasqHdr $1 do masquerading 1330231200Smm 1331231200Smm# 1332231200Smm# Header recipient rewriting 1333231200Smm# 1334231200SmmSHdrToL 1335231200SmmR$+ $: $>AddDomain $1 add local domain if needed 1336231200SmmR$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 1337231200Smm 1338231200Smm# 1339231200Smm# Common code to add local domain name (only if always-add-domain) 1340231200Smm# 1341231200SmmSAddDomain 1342231200Smm 1343231200SmmMlocal, P=[IPC], F=lmDFMuXkw5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, 1344231200Smm T=DNS/RFC822/SMTP, 1345231200Smm A=TCP $h 1346231200SmmMprog, P=[IPC], F=lmDFMuXk5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/, 1347231200Smm T=X-Unix/X-Unix/X-Unix, 1348231200Smm A=TCP $h 1349231200Smm 1350231200Smm##################################### 1351231200Smm### SMTP Mailer specification ### 1352231200Smm##################################### 1353231200Smm 1354231200Smm##### $Id: smtp.m4,v 8.66 2013/11/22 20:51:14 ca Exp $ ##### 1355231200Smm 1356231200Smm# 1357231200Smm# common sender and masquerading recipient rewriting 1358231200Smm# 1359231200SmmSMasqSMTP 1360231200SmmR$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified 1361231200SmmR$+ $@ $1 < @ *LOCAL* > add local qualification 1362231200Smm 1363231200Smm# 1364231200Smm# convert pseudo-domain addresses to real domain addresses 1365231200Smm# 1366231200SmmSPseudoToReal 1367231200Smm 1368231200Smm# pass <route-addr>s through 1369231200SmmR< @ $+ > $* $@ < @ $1 > $2 resolve <route-addr> 1370231200Smm 1371231200Smm# output fake domains as user%fake@relay 1372231200Smm 1373231200Smm# do UUCP heuristics; note that these are shared with UUCP mailers 1374231200SmmR$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form 1375238856SmmR$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form 1376238856Smm 1377238856Smm# leave these in .UUCP form to avoid further tampering 1378238856SmmR< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. > 1379238856SmmR< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 > 1380238856SmmR< $&h ! > $+ $@ $1 < @ $&h .UUCP. > 1381238856SmmR< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY 1382238856SmmR$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part 1383238856SmmR$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY 1384238856Smm 1385238856Smm 1386238856Smm# 1387238856Smm# envelope sender rewriting 1388238856Smm# 1389238856SmmSEnvFromSMTP 1390238856SmmR$+ $: $>PseudoToReal $1 sender/recipient common 1391231200SmmR$* :; <@> $@ list:; special case 1392231200SmmR$* $: $>MasqSMTP $1 qualify unqual'ed names 1393231200SmmR$+ $: $>MasqEnv $1 do masquerading 1394231200Smm 1395231200Smm 1396231200Smm# 1397231200Smm# envelope recipient rewriting -- 1398231200Smm# also header recipient if not masquerading recipients 1399231200Smm# 1400231200SmmSEnvToSMTP 1401231200SmmR$+ $: $>PseudoToReal $1 sender/recipient common 1402231200SmmR$+ $: $>MasqSMTP $1 qualify unqual'ed names 1403231200SmmR$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 1404231200Smm 1405231200Smm# 1406231200Smm# header sender and masquerading header recipient rewriting 1407231200Smm# 1408231200SmmSHdrFromSMTP 1409231200SmmR$+ $: $>PseudoToReal $1 sender/recipient common 1410231200SmmR:; <@> $@ list:; special case 1411231200Smm 1412231200Smm# do special header rewriting 1413231200SmmR$* <@> $* $@ $1 <@> $2 pass null host through 1414231200SmmR< @ $* > $* $@ < @ $1 > $2 pass route-addr through 1415231200SmmR$* $: $>MasqSMTP $1 qualify unqual'ed names 1416231200SmmR$+ $: $>MasqHdr $1 do masquerading 1417231200Smm 1418231200Smm 1419231200Smm# 1420231200Smm# relay mailer header masquerading recipient rewriting 1421231200Smm# 1422231200SmmSMasqRelay 1423231200SmmR$+ $: $>MasqSMTP $1 1424231200SmmR$+ $: $>MasqHdr $1 1425231200Smm 1426231200SmmMsmtp, P=[IPC], F=mDFMuXk5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 1427231200Smm T=DNS/RFC822/SMTP, 1428231200Smm A=TCP $h 1429231200SmmMesmtp, P=[IPC], F=mDFMuXak5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 1430231200Smm T=DNS/RFC822/SMTP, 1431231200Smm A=TCP $h 1432231200SmmMsmtp8, P=[IPC], F=mDFMuX8k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 1433231200Smm T=DNS/RFC822/SMTP, 1434231200Smm A=TCP $h 1435231200SmmMdsmtp, P=[IPC], F=mDFMuXa%k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, 1436231200Smm T=DNS/RFC822/SMTP, 1437231200Smm A=TCP $h 1438231200SmmMrelay, P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040, 1439231200Smm T=DNS/RFC822/SMTP, 1440231200Smm A=TCP $h 1441231200Smm 1442231200Smm### submit.mc ### 1443231200Smm# divert(-1) 1444231200Smm# # 1445231200Smm# # Copyright (c) 2001-2003 Proofpoint, Inc. and its suppliers. 1446231200Smm# # All rights reserved. 1447231200Smm# # 1448231200Smm# # By using this file, you agree to the terms and conditions set 1449231200Smm# # forth in the LICENSE file which can be found at the top level of 1450231200Smm# # the sendmail distribution. 1451231200Smm# # 1452231200Smm# # 1453231200Smm# 1454231200Smm# # 1455231200Smm# # This is the prototype file for a set-group-ID sm-msp sendmail that 1456231200Smm# # acts as a initial mail submission program. 1457231200Smm# # 1458231200Smm# 1459231200Smm# divert(0)dnl 1460231200Smm# VERSIONID(`$Id: submit.mc,v 8.15 2013/11/22 20:51:08 ca Exp $') 1461231200Smm# define(`confCF_VERSION', `Submit')dnl 1462231200Smm# define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining 1463231200Smm# define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet 1464231200Smm# define(`confTIME_ZONE', `USE_TZ')dnl 1465231200Smm# define(`confDONT_INIT_GROUPS', `True')dnl 1466231200Smm# dnl 1467231200Smm# dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] 1468231200Smm# FEATURE(`msp', `[127.0.0.1]')dnl 1469231200Smm