1
2 SENDMAIL CONFIGURATION FILES
3
4This document describes the sendmail configuration files. It
5explains how to create a sendmail.cf file for use with sendmail.
6It also describes how to set options for sendmail which are explained
7in the Sendmail Installation and Operation guide (doc/op/op.me).
8
9To get started, you may want to look at tcpproto.mc (for TCP-only
10sites) and clientproto.mc (for clusters of clients using a single
11mail host), or the generic-*.mc files as operating system-specific
12examples.
13
14Table of Content:
15
16INTRODUCTION AND EXAMPLE
17A BRIEF INTRODUCTION TO M4
18FILE LOCATIONS
19OSTYPE
20DOMAINS
21MAILERS
22FEATURES
23HACKS
24SITE CONFIGURATION
25USING UUCP MAILERS
26TWEAKING RULESETS
27MASQUERADING AND RELAYING
28USING LDAP FOR ALIASES, MAPS, AND CLASSES
29LDAP ROUTING
30ANTI-SPAM CONFIGURATION CONTROL
31CONNECTION CONTROL
32STARTTLS
33SMTP AUTHENTICATION
34ADDING NEW MAILERS OR RULESETS
35ADDING NEW MAIL FILTERS
36QUEUE GROUP DEFINITIONS
37NON-SMTP BASED CONFIGURATIONS
38WHO AM I?
39ACCEPTING MAIL FOR MULTIPLE NAMES
40USING MAILERTABLES
41USING USERDB TO MAP FULL NAMES
42MISCELLANEOUS SPECIAL FEATURES
43SECURITY NOTES
44TWEAKING CONFIGURATION OPTIONS
45MESSAGE SUBMISSION PROGRAM
46FORMAT OF FILES AND MAPS
47DIRECTORY LAYOUT
48ADMINISTRATIVE DETAILS
49
50
51+--------------------------+
52| INTRODUCTION AND EXAMPLE |
53+--------------------------+
54
55Configuration files are contained in the subdirectory "cf", with a
56suffix ".mc". They must be run through "m4" to produce a ".cf" file.
57You must pre-load "cf.m4":
58
59 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf
60
61Alternatively, you can simply:
62
63 cd ${CFDIR}/cf
64 ./Build config.cf
65
66where ${CFDIR} is the root of the cf directory and config.mc is the
67name of your configuration file. If you are running a version of M4
68that understands the __file__ builtin (versions of GNU m4 >= 0.75 do
69this, but the versions distributed with 4.4BSD and derivatives do not)
70or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory.
71For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST
72use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example:
73
74 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf
75
76Let's examine a typical .mc file:
77
78 divert(-1)
79 #
80 # Copyright (c) 1998-2005 Proofpoint, Inc. and its suppliers.
81 # All rights reserved.
82 # Copyright (c) 1983 Eric P. Allman. All rights reserved.
83 # Copyright (c) 1988, 1993
84 # The Regents of the University of California. All rights reserved.
85 #
86 # By using this file, you agree to the terms and conditions set
87 # forth in the LICENSE file which can be found at the top level of
88 # the sendmail distribution.
89 #
90
91 #
92 # This is a Berkeley-specific configuration file for HP-UX 9.x.
93 # It applies only to the Computer Science Division at Berkeley,
94 # and should not be used elsewhere. It is provided on the sendmail
95 # distribution as a sample only. To create your own configuration
96 # file, create an appropriate domain file in ../domain, change the
97 # `DOMAIN' macro below to reference that file, and copy the result
98 # to a name of your own choosing.
99 #
100 divert(0)
101
102The divert(-1) will delete the crud in the resulting output file.
103The copyright notice can be replaced by whatever your lawyers require;
104our lawyers require the one that is included in these files. A copyleft
105is a copyright by another name. The divert(0) restores regular output.
106
107 VERSIONID(`<SCCS or RCS version id>')
108
109VERSIONID is a macro that stuffs the version information into the
110resulting file. You could use SCCS, RCS, CVS, something else, or
111omit it completely. This is not the same as the version id included
112in SMTP greeting messages -- this is defined in m4/version.m4.
113
114 OSTYPE(`hpux9')dnl
115
116You must specify an OSTYPE to properly configure things such as the
117pathname of the help and status files, the flags needed for the local
118mailer, and other important things. If you omit it, you will get an
119error when you try to build the configuration. Look at the ostype
120directory for the list of known operating system types.
121
122 DOMAIN(`CS.Berkeley.EDU')dnl
123
124This example is specific to the Computer Science Division at Berkeley.
125You can use "DOMAIN(`generic')" to get a sufficiently bland definition
126that may well work for you, or you can create a customized domain
127definition appropriate for your environment.
128
129 MAILER(`local')
130 MAILER(`smtp')
131
132These describe the mailers used at the default CS site. The local
133mailer is always included automatically. Beware: MAILER declarations
134should only be followed by LOCAL_* sections. The general rules are
135that the order should be:
136
137 VERSIONID
138 OSTYPE
139 DOMAIN
140 FEATURE
141 local macro definitions
142 MAILER
143 LOCAL_CONFIG
144 LOCAL_RULE_*
145 LOCAL_RULESETS
146
147There are a few exceptions to this rule. Local macro definitions which
148influence a FEATURE() should be done before that feature. For example,
149a define(`PROCMAIL_MAILER_PATH', ...) should be done before
150FEATURE(`local_procmail').
151
152*******************************************************************
153*** BE SURE YOU CUSTOMIZE THESE FILES! They have some ***
154*** Berkeley-specific assumptions built in, such as the name ***
155*** of their UUCP-relay. You'll want to create your own ***
156*** domain description, and use that in place of ***
157*** domain/Berkeley.EDU.m4. ***
158*******************************************************************
159
160
161+----------------------------+
162| A BRIEF INTRODUCTION TO M4 |
163+----------------------------+
164
165Sendmail uses the M4 macro processor to ``compile'' the configuration
166files. The most important thing to know is that M4 is stream-based,
167that is, it doesn't understand about lines. For this reason, in some
168places you may see the word ``dnl'', which stands for ``delete
169through newline''; essentially, it deletes all characters starting
170at the ``dnl'' up to and including the next newline character. In
171most cases sendmail uses this only to avoid lots of unnecessary
172blank lines in the output.
173
174Other important directives are define(A, B) which defines the macro
175``A'' to have value ``B''. Macros are expanded as they are read, so
176one normally quotes both values to prevent expansion. For example,
177
178 define(`SMART_HOST', `smart.foo.com')
179
180One word of warning: M4 macros are expanded even in lines that appear
181to be comments. For example, if you have
182
183 # See FEATURE(`foo') above
184
185it will not do what you expect, because the FEATURE(`foo') will be
186expanded. This also applies to
187
188 # And then define the $X macro to be the return address
189
190because ``define'' is an M4 keyword. If you want to use them, surround
191them with directed quotes, `like this'.
192
193Since m4 uses single quotes (opening "`" and closing "'") to quote
194arguments, those quotes can't be used in arguments. For example,
195it is not possible to define a rejection message containing a single
196quote. Usually there are simple workarounds by changing those
197messages; in the worst case it might be ok to change the value
198directly in the generated .cf file, which however is not advised.
199
200
201Notice:
202-------
203
204This package requires a post-V7 version of m4; if you are running the
2054.2bsd, SysV.2, or 7th Edition version. SunOS's /usr/5bin/m4 or
206BSD-Net/2's m4 both work. GNU m4 version 1.1 or later also works.
207Unfortunately, the M4 on BSDI 1.0 doesn't work -- you'll have to use a
208Net/2 or GNU version. GNU m4 is available from
209ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the latest version).
210EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x is fine). Use GNU
211m4 on this platform.
212
213
214+----------------+
215| FILE LOCATIONS |
216+----------------+
217
218sendmail 8.9 has introduced a new configuration directory for sendmail
219related files, /etc/mail. The new files available for sendmail 8.9 --
220the class {R} /etc/mail/relay-domains and the access database
221/etc/mail/access -- take advantage of this new directory. Beginning with
2228.10, all files will use this directory by default (some options may be
223set by OSTYPE() files). This new directory should help to restore
224uniformity to sendmail's file locations.
225
226Below is a table of some of the common changes:
227
228Old filename New filename
229------------ ------------
230/etc/bitdomain /etc/mail/bitdomain
231/etc/domaintable /etc/mail/domaintable
232/etc/genericstable /etc/mail/genericstable
233/etc/uudomain /etc/mail/uudomain
234/etc/virtusertable /etc/mail/virtusertable
235/etc/userdb /etc/mail/userdb
236
237/etc/aliases /etc/mail/aliases
238/etc/sendmail/aliases /etc/mail/aliases
239/etc/ucbmail/aliases /etc/mail/aliases
240/usr/adm/sendmail/aliases /etc/mail/aliases
241/usr/lib/aliases /etc/mail/aliases
242/usr/lib/mail/aliases /etc/mail/aliases
243/usr/ucblib/aliases /etc/mail/aliases
244
245/etc/sendmail.cw /etc/mail/local-host-names
246/etc/mail/sendmail.cw /etc/mail/local-host-names
247/etc/sendmail/sendmail.cw /etc/mail/local-host-names
248
249/etc/sendmail.ct /etc/mail/trusted-users
250
251/etc/sendmail.oE /etc/mail/error-header
252
253/etc/sendmail.hf /etc/mail/helpfile
254/etc/mail/sendmail.hf /etc/mail/helpfile
255/usr/ucblib/sendmail.hf /etc/mail/helpfile
256/etc/ucbmail/sendmail.hf /etc/mail/helpfile
257/usr/lib/sendmail.hf /etc/mail/helpfile
258/usr/share/lib/sendmail.hf /etc/mail/helpfile
259/usr/share/misc/sendmail.hf /etc/mail/helpfile
260/share/misc/sendmail.hf /etc/mail/helpfile
261
262/etc/service.switch /etc/mail/service.switch
263
264/etc/sendmail.st /etc/mail/statistics
265/etc/mail/sendmail.st /etc/mail/statistics
266/etc/mailer/sendmail.st /etc/mail/statistics
267/etc/sendmail/sendmail.st /etc/mail/statistics
268/usr/lib/sendmail.st /etc/mail/statistics
269/usr/ucblib/sendmail.st /etc/mail/statistics
270
271Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR
272to create the pathnames. The default value of this variable is
273`/etc/mail/'. If you set this macro to a different value, you MUST include
274a trailing slash.
275
276Notice: all filenames used in a .mc (or .cf) file should be absolute
277(starting at the root, i.e., with '/'). Relative filenames most
278likely cause surprises during operations (unless otherwise noted).
279
280
281+--------+
282| OSTYPE |
283+--------+
284
285You MUST define an operating system environment, or the configuration
286file build will puke. There are several environments available; look
287at the "ostype" directory for the current list. This macro changes
288things like the location of the alias file and queue directory. Some
289of these files are identical to one another.
290
291It is IMPERATIVE that the OSTYPE occur before any MAILER definitions.
292In general, the OSTYPE macro should go immediately after any version
293information, and MAILER definitions should always go last.
294
295Operating system definitions are usually easy to write. They may define
296the following variables (everything defaults, so an ostype file may be
297empty). Unfortunately, the list of configuration-supported systems is
298not as broad as the list of source-supported systems, since many of
299the source contributors do not include corresponding ostype files.
300
301ALIAS_FILE [/etc/mail/aliases] The location of the text version
302 of the alias file(s). It can be a comma-separated
303 list of names (but be sure you quote values with
304 commas in them -- for example, use
305 define(`ALIAS_FILE', `a,b')
306 to get "a" and "b" both listed as alias files;
307 otherwise the define() primitive only sees "a").
308HELP_FILE [/etc/mail/helpfile] The name of the file
309 containing information printed in response to
310 the SMTP HELP command.
311QUEUE_DIR [/var/spool/mqueue] The directory containing
312 queue files. To use multiple queues, supply
313 a value ending with an asterisk. For
314 example, /var/spool/mqueue/qd* will use all of the
315 directories or symbolic links to directories
316 beginning with 'qd' in /var/spool/mqueue as queue
317 directories. The names 'qf', 'df', and 'xf' are
318 reserved as specific subdirectories for the
319 corresponding queue file types as explained in
320 doc/op/op.me. See also QUEUE GROUP DEFINITIONS.
321MSP_QUEUE_DIR [/var/spool/clientmqueue] The directory containing
322 queue files for the MSP (Mail Submission Program,
323 see sendmail/SECURITY).
324STATUS_FILE [/etc/mail/statistics] The file containing status
325 information.
326LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail.
327LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The
328 flags lsDFMAw5:/|@q are always included.
329LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local
330 mail.
331LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local
332 mail that you are willing to accept.
333LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of
334 messages to deliver in a single connection. Only
335 useful for LMTP local mailers.
336LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
337 that ARRIVE from an address that resolves to the
338 local mailer and which are converted to MIME will be
339 labeled with this character set.
340LOCAL_MAILER_EOL [undefined] If defined, the string to use as the
341 end of line for the local mailer.
342LOCAL_MAILER_DSN_DIAGNOSTIC_CODE
343 [X-Unix] The DSN Diagnostic-Code value for the
344 local mailer. This should be changed with care.
345LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email.
346LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The
347 flags lsDFM are always included.
348LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog"
349 mail.
350LOCAL_SHELL_DIR [$z:/] The directory search path in which the
351 shell should run.
352LOCAL_MAILER_QGRP [undefined] The queue group for the local mailer.
353USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program
354 used to submit news.
355USENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer.
356USENET_MAILER_ARGS [-m -h -n] The command line arguments for the
357 usenet mailer. NOTE: Some versions of inews
358 (such as those shipped with newer versions of INN)
359 use different flags. Double check the defaults
360 against the inews man page.
361USENET_MAILER_MAX [undefined] The maximum size of messages that will
362 be accepted by the usenet mailer.
363USENET_MAILER_QGRP [undefined] The queue group for the usenet mailer.
364SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default
365 flags are `mDFMuX' for all SMTP-based mailers; the
366 "esmtp" mailer adds `a'; "smtp8" adds `8'; and
367 "dsmtp" adds `%'.
368RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default
369 flags are `mDFMuX' for all SMTP-based mailers; the
370 relay mailer adds `a8'. If this is not defined,
371 then SMTP_MAILER_FLAGS is used.
372SMTP_MAILER_MAX [undefined] The maximum size of messages that will
373 be transported using the smtp, smtp8, esmtp, or dsmtp
374 mailers.
375SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of
376 messages to deliver in a single connection for the
377 smtp, smtp8, esmtp, or dsmtp mailers.
378SMTP_MAILER_MAXRCPTS [undefined] If defined, the maximum number of
379 recipients to deliver in a single connection for the
380 smtp, smtp8, esmtp, or dsmtp mailers.
381SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer.
382 About the only reason you would want to change this
383 would be to change the default port.
384ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer.
385SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer.
386DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer.
387RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer.
388SMTP_MAILER_QGRP [undefined] The queue group for the smtp mailer.
389ESMTP_MAILER_QGRP [undefined] The queue group for the esmtp mailer.
390SMTP8_MAILER_QGRP [undefined] The queue group for the smtp8 mailer.
391DSMTP_MAILER_QGRP [undefined] The queue group for the dsmtp mailer.
392RELAY_MAILER_QGRP [undefined] The queue group for the relay mailer.
393RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of
394 messages to deliver in a single connection for the
395 relay mailer.
396SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
397 that ARRIVE from an address that resolves to one of
398 the SMTP mailers and which are converted to MIME will
399 be labeled with this character set.
400SMTP_MAILER_LL [990] The maximum line length for SMTP mailers
401 (except the relay mailer).
402RELAY_MAILER_LL [2040] The maximum line length for the relay mailer.
403UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail.
404UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default
405 flags are `DFMhuU' (and `m' for uucp-new mailer,
406 minus `U' for uucp-dom mailer).
407UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments
408 passed to the UUCP mailer.
409UUCP_MAILER_MAX [100000] The maximum size message accepted for
410 transmission by the UUCP mailers.
411UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
412 that ARRIVE from an address that resolves to one of
413 the UUCP mailers and which are converted to MIME will
414 be labeled with this character set.
415UUCP_MAILER_QGRP [undefined] The queue group for the UUCP mailers.
416FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to
417 submit FAX messages.
418FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX
419 mailer.
420FAX_MAILER_MAX [100000] The maximum size message accepted for
421 transmission by FAX.
422POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer.
423POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq
424 are always added.
425POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer.
426POP_MAILER_QGRP [undefined] The queue group for the pop mailer.
427PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail
428 program. This is also used by
429 FEATURE(`local_procmail').
430PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags
431 DFM are always set. This is NOT used by
432 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS
433 instead.
434PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to
435 the Procmail mailer. This is NOT used by
436 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS
437 instead.
438PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that
439 will be accepted by the procmail mailer.
440PROCMAIL_MAILER_QGRP [undefined] The queue group for the procmail mailer.
441MAIL11_MAILER_PATH [/usr/etc/mail11] The path to the mail11 mailer.
442MAIL11_MAILER_FLAGS [nsFx] Flags for the mail11 mailer.
443MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11
444 mailer.
445MAIL11_MAILER_QGRP [undefined] The queue group for the mail11 mailer.
446PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery
447 program.
448PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM
449 are always set.
450PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer.
451PH_MAILER_QGRP [undefined] The queue group for the ph mailer.
452CYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The
453 flags lsDFMnPq are always included.
454CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver
455 cyrus mail.
456CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed
457 to deliver cyrus mail.
458CYRUS_MAILER_MAX [undefined] If set, the maximum size message that
459 will be accepted by the cyrus mailer.
460CYRUS_MAILER_USER [cyrus:mail] The user and group to become when
461 running the cyrus mailer.
462CYRUS_MAILER_QGRP [undefined] The queue group for the cyrus mailer.
463CYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer.
464 The flags lsDFMnP are always included.
465CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed
466 to deliver cyrusbb mail.
467CYRUSV2_MAILER_FLAGS [A@/:|m] The flags used by the cyrusv2 mailer. The
468 flags lsDFMnqXz are always included.
469CYRUSV2_MAILER_MAXMSGS [undefined] If defined, the maximum number of
470 messages to deliver in a single connection for the
471 cyrusv2 mailer.
472CYRUSV2_MAILER_MAXRCPTS [undefined] If defined, the maximum number of
473 recipients to deliver in a single connection for the
474 cyrusv2 mailer.
475CYRUSV2_MAILER_ARGS [FILE /var/imap/socket/lmtp] The arguments passed
476 to the cyrusv2 mailer. This can be used to
477 change the name of the Unix domain socket, or
478 to switch to delivery via TCP (e.g., `TCP $h lmtp')
479CYRUSV2_MAILER_QGRP [undefined] The queue group for the cyrusv2 mailer.
480CYRUSV2_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
481 that ARRIVE from an address that resolves to one the
482 Cyrus mailer and which are converted to MIME will
483 be labeled with this character set.
484confEBINDIR [/usr/libexec] The directory for executables.
485 Currently used for FEATURE(`local_lmtp') and
486 FEATURE(`smrsh').
487QPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer.
488QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver
489 qpage mail.
490QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed
491 to deliver qpage mail.
492QPAGE_MAILER_MAX [4096] If set, the maximum size message that
493 will be accepted by the qpage mailer.
494QPAGE_MAILER_QGRP [undefined] The queue group for the qpage mailer.
495LOCAL_PROG_QGRP [undefined] The queue group for the prog mailer.
496
497Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS:
498MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part
499of the macro Name_MAILER_FLAGS (note: that means Name is entirely in
500upper case) and change can be: flags that should be used directly
501(thus overriding the default value), or if it starts with `+' (`-')
502then those flags are added to (removed from) the default value.
503Example:
504
505 MODIFY_MAILER_FLAGS(`LOCAL', `+e')
506
507will add the flag `e' to LOCAL_MAILER_FLAGS. Notice: there are
508several smtp mailers all of which are manipulated individually.
509See the section MAILERS for the available mailer names.
510WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS
511unconditionally, i.e., without respecting any definitions in an
512OSTYPE setting.
513
514
515+---------+
516| DOMAINS |
517+---------+
518
519You will probably want to collect domain-dependent defines into one
520file, referenced by the DOMAIN macro. For example, the Berkeley
521domain file includes definitions for several internal distinguished
522hosts:
523
524UUCP_RELAY The host that will accept UUCP-addressed email.
525 If not defined, all UUCP sites must be directly
526 connected.
527BITNET_RELAY The host that will accept BITNET-addressed email.
528 If not defined, the .BITNET pseudo-domain won't work.
529DECNET_RELAY The host that will accept DECNET-addressed email.
530 If not defined, the .DECNET pseudo-domain and addresses
531 of the form node::user will not work.
532FAX_RELAY The host that will accept mail to the .FAX pseudo-domain.
533 The "fax" mailer overrides this value.
534LOCAL_RELAY The site that will handle unqualified names -- that
535 is, names without an @domain extension.
536 Normally MAIL_HUB is preferred for this function.
537 LOCAL_RELAY is mostly useful in conjunction with
538 FEATURE(`stickyhost') -- see the discussion of
539 stickyhost below. If not set, they are assumed to
540 belong on this machine. This allows you to have a
541 central site to store a company- or department-wide
542 alias database. This only works at small sites,
543 and only with some user agents.
544LUSER_RELAY The site that will handle lusers -- that is, apparently
545 local names that aren't local accounts or aliases. To
546 specify a local user instead of a site, set this to
547 ``local:username''.
548
549Any of these can be either ``mailer:hostname'' (in which case the
550mailer is the internal mailer name, such as ``uucp-new'' and the hostname
551is the name of the host as appropriate for that mailer) or just a
552``hostname'', in which case a default mailer type (usually ``relay'',
553a variant on SMTP) is used. WARNING: if you have a wildcard MX
554record matching your domain, you probably want to define these to
555have a trailing dot so that you won't get the mail diverted back
556to yourself.
557
558The domain file can also be used to define a domain name, if needed
559(using "DD<domain>") and set certain site-wide features. If all hosts
560at your site masquerade behind one email name, you could also use
561MASQUERADE_AS here.
562
563You do not have to define a domain -- in particular, if you are a
564single machine sitting off somewhere, it is probably more work than
565it's worth. This is just a mechanism for combining "domain dependent
566knowledge" into one place.
567
568
569+---------+
570| MAILERS |
571+---------+
572
573There are fewer mailers supported in this version than the previous
574version, owing mostly to a simpler world. As a general rule, put the
575MAILER definitions last in your .mc file.
576
577local The local and prog mailers. You will almost always
578 need these; the only exception is if you relay ALL
579 your mail to another site. This mailer is included
580 automatically.
581
582smtp The Simple Mail Transport Protocol mailer. This does
583 not hide hosts behind a gateway or another other
584 such hack; it assumes a world where everyone is
585 running the name server. This file actually defines
586 five mailers: "smtp" for regular (old-style) SMTP to
587 other servers, "esmtp" for extended SMTP to other
588 servers, "smtp8" to do SMTP to other servers without
589 converting 8-bit data to MIME (essentially, this is
590 your statement that you know the other end is 8-bit
591 clean even if it doesn't say so), "dsmtp" to do on
592 demand delivery, and "relay" for transmission to the
593 RELAY_HOST, LUSER_RELAY, or MAIL_HUB.
594
595uucp The UNIX-to-UNIX Copy Program mailer. Actually, this
596 defines two mailers, "uucp-old" (a.k.a. "uucp") and
597 "uucp-new" (a.k.a. "suucp"). The latter is for when you
598 know that the UUCP mailer at the other end can handle
599 multiple recipients in one transfer. If the smtp mailer
600 is included in your configuration, two other mailers
601 ("uucp-dom" and "uucp-uudom") are also defined [warning: you
602 MUST specify MAILER(`smtp') before MAILER(`uucp')]. When you
603 include the uucp mailer, sendmail looks for all names in
604 class {U} and sends them to the uucp-old mailer; all
605 names in class {Y} are sent to uucp-new; and all
606 names in class {Z} are sent to uucp-uudom. Note that
607 this is a function of what version of rmail runs on
608 the receiving end, and hence may be out of your control.
609 See the section below describing UUCP mailers in more
610 detail.
611
612usenet Usenet (network news) delivery. If this is specified,
613 an extra rule is added to ruleset 0 that forwards all
614 local email for users named ``group.usenet'' to the
615 ``inews'' program. Note that this works for all groups,
616 and may be considered a security problem.
617
618fax Facsimile transmission. This is experimental and based
619 on Sam Leffler's HylaFAX software. For more information,
620 see http://www.hylafax.org/.
621
622pop Post Office Protocol.
623
624procmail An interface to procmail (does not come with sendmail).
625 This is designed to be used in mailertables. For example,
626 a common question is "how do I forward all mail for a given
627 domain to a single person?". If you have this mailer
628 defined, you could set up a mailertable reading:
629
630 host.com procmail:/etc/procmailrcs/host.com
631
632 with the file /etc/procmailrcs/host.com reading:
633
634 :0 # forward mail for host.com
635 ! -oi -f $1 person@other.host
636
637 This would arrange for (anything)@host.com to be sent
638 to person@other.host. In a procmail script, $1 is the
639 name of the sender and $2 is the name of the recipient.
640 If you use this with FEATURE(`local_procmail'), the FEATURE
641 should be listed first.
642
643 Of course there are other ways to solve this particular
644 problem, e.g., a catch-all entry in a virtusertable.
645
646mail11 The DECnet mail11 mailer, useful only if you have the mail11
647 program from gatekeeper.dec.com:/pub/DEC/gwtools (and
648 DECnet, of course). This is for Phase IV DECnet support;
649 if you have Phase V at your site you may have additional
650 problems.
651
652phquery The phquery program. This is somewhat counterintuitively
653 referenced as the "ph" mailer internally. It can be used
654 to do CCSO name server lookups. The phquery program, which
655 this mailer uses, is distributed with the ph client.
656
657cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to
658 a local cyrus user. this mailer can make use of the
659 "user+detail@local.host" syntax (see
660 FEATURE(`preserve_local_plus_detail')); it will deliver the
661 mail to the user's "detail" mailbox if the mailbox's ACL
662 permits. The cyrusbb mailer delivers to a system-wide
663 cyrus mailbox if the mailbox's ACL permits. The cyrus
664 mailer must be defined after the local mailer.
665
666cyrusv2 The mailer for Cyrus v2.x. The cyrusv2 mailer delivers to
667 local cyrus users via LMTP. This mailer can make use of the
668 "user+detail@local.host" syntax (see
669 FEATURE(`preserve_local_plus_detail')); it will deliver the
670 mail to the user's "detail" mailbox if the mailbox's ACL
671 permits. The cyrusv2 mailer must be defined after the
672 local mailer.
673
674qpage A mailer for QuickPage, a pager interface. See
675 http://www.qpage.org/ for further information.
676
677The local mailer accepts addresses of the form "user+detail", where
678the "+detail" is not used for mailbox matching but is available
679to certain local mail programs (in particular, see
680FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and
681"eric+sww" all indicate the same user, but additional arguments <null>,
682"sendmail", and "sww" may be provided for use in sorting mail.
683
684
685+----------+
686| FEATURES |
687+----------+
688
689Special features can be requested using the "FEATURE" macro. For
690example, the .mc line:
691
692 FEATURE(`use_cw_file')
693
694tells sendmail that you want to have it read an /etc/mail/local-host-names
695file to get values for class {w}. A FEATURE may contain up to 9
696optional parameters -- for example:
697
698 FEATURE(`mailertable', `dbm /usr/lib/mailertable')
699
700The default database map type for the table features can be set with
701
702 define(`DATABASE_MAP_TYPE', `dbm')
703
704which would set it to use ndbm databases. The default is the Berkeley DB
705hash database format. Note that you must still declare a database map type
706if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used
707if no argument is given for the FEATURE. It must be specified before any
708feature that uses a map.
709
710Also, features which can take a map definition as an argument can also take
711the special keyword `LDAP'. If that keyword is used, the map will use the
712LDAP definition described in the ``USING LDAP FOR ALIASES, MAPS, AND
713CLASSES'' section below.
714
715Available features are:
716
717use_cw_file Read the file /etc/mail/local-host-names file to get
718 alternate names for this host. This might be used if you
719 were on a host that MXed for a dynamic set of other hosts.
720 If the set is static, just including the line "Cw<name1>
721 <name2> ..." (where the names are fully qualified domain
722 names) is probably superior. The actual filename can be
723 overridden by redefining confCW_FILE.
724
725use_ct_file Read the file /etc/mail/trusted-users file to get the
726 names of users that will be ``trusted'', that is, able to
727 set their envelope from address using -f without generating
728 a warning message. The actual filename can be overridden
729 by redefining confCT_FILE.
730
731redirect Reject all mail addressed to "address.REDIRECT" with
732 a ``551 User has moved; please try <address>'' message.
733 If this is set, you can alias people who have left
734 to their new address with ".REDIRECT" appended.
735
736nouucp Don't route UUCP addresses. This feature takes one
737 parameter:
738 `reject': reject addresses which have "!" in the local
739 part unless it originates from a system
740 that is allowed to relay.
741 `nospecial': don't do anything special with "!".
742 Warnings: 1. See the notice in the anti-spam section.
743 2. don't remove "!" from OperatorChars if `reject' is
744 given as parameter.
745
746nocanonify Don't pass addresses to $[ ... $] for canonification
747 by default, i.e., host/domain names are considered canonical,
748 except for unqualified names, which must not be used in this
749 mode (violation of the standard). It can be changed by
750 setting the DaemonPortOptions modifiers (M=). That is,
751 FEATURE(`nocanonify') will be overridden by setting the
752 'c' flag. Conversely, if FEATURE(`nocanonify') is not used,
753 it can be emulated by setting the 'C' flag
754 (DaemonPortOptions=Modifiers=C). This would generally only
755 be used by sites that only act as mail gateways or which have
756 user agents that do full canonification themselves. You may
757 also want to use
758 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off
759 the usual resolver options that do a similar thing.
760
761 An exception list for FEATURE(`nocanonify') can be
762 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE,
763 i.e., a list of domains which are nevertheless passed to
764 $[ ... $] for canonification. This is useful to turn on
765 canonification for local domains, e.g., use
766 CANONIFY_DOMAIN(`my.domain my') to canonify addresses
767 which end in "my.domain" or "my".
768 Another way to require canonification in the local
769 domain is CANONIFY_DOMAIN(`$=m').
770
771 A trailing dot is added to addresses with more than
772 one component in it such that other features which
773 expect a trailing dot (e.g., virtusertable) will
774 still work.
775
776 If `canonify_hosts' is specified as parameter, i.e.,
777 FEATURE(`nocanonify', `canonify_hosts'), then
778 addresses which have only a hostname, e.g.,
779 <user@host>, will be canonified (and hopefully fully
780 qualified), too.
781
782stickyhost This feature is sometimes used with LOCAL_RELAY,
783 although it can be used for a different effect with
784 MAIL_HUB.
785
786 When used without MAIL_HUB, email sent to
787 "user@local.host" are marked as "sticky" -- that
788 is, the local addresses aren't matched against UDB,
789 don't go through ruleset 5, and are not forwarded to
790 the LOCAL_RELAY (if defined).
791
792 With MAIL_HUB, mail addressed to "user@local.host"
793 is forwarded to the mail hub, with the envelope
794 address still remaining "user@local.host".
795 Without stickyhost, the envelope would be changed
796 to "user@mail_hub", in order to protect against
797 mailing loops.
798
799mailertable Include a "mailer table" which can be used to override
800 routing for particular domains (which are not in class {w},
801 i.e. local host names). The argument of the FEATURE may be
802 the key definition. If none is specified, the definition
803 used is:
804
805 hash /etc/mail/mailertable
806
807 Keys in this database are fully qualified domain names
808 or partial domains preceded by a dot -- for example,
809 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a
810 special case of the latter, "." matches any domain not
811 covered by other keys. Values must be of the form:
812 mailer:domain
813 where "mailer" is the internal mailer name, and "domain"
814 is where to send the message. These maps are not
815 reflected into the message header. As a special case,
816 the forms:
817 local:user
818 will forward to the indicated user using the local mailer,
819 local:
820 will forward to the original user in the e-mail address
821 using the local mailer, and
822 error:code message
823 error:D.S.N:code message
824 will give an error message with the indicated SMTP reply
825 code and message, where D.S.N is an RFC 1893 compliant
826 error code.
827
828domaintable Include a "domain table" which can be used to provide
829 domain name mapping. Use of this should really be
830 limited to your own domains. It may be useful if you
831 change names (e.g., your company changes names from
832 oldname.com to newname.com). The argument of the
833 FEATURE may be the key definition. If none is specified,
834 the definition used is:
835
836 hash /etc/mail/domaintable
837
838 The key in this table is the domain name; the value is
839 the new (fully qualified) domain. Anything in the
840 domaintable is reflected into headers; that is, this
841 is done in ruleset 3.
842
843bitdomain Look up bitnet hosts in a table to try to turn them into
844 internet addresses. The table can be built using the
845 bitdomain program contributed by John Gardiner Myers.
846 The argument of the FEATURE may be the key definition; if
847 none is specified, the definition used is:
848
849 hash /etc/mail/bitdomain
850
851 Keys are the bitnet hostname; values are the corresponding
852 internet hostname.
853
854uucpdomain Similar feature for UUCP hosts. The default map definition
855 is:
856
857 hash /etc/mail/uudomain
858
859 At the moment there is no automagic tool to build this
860 database.
861
862always_add_domain
863 Include the local host domain even on locally delivered
864 mail. Normally it is not added on unqualified names.
865 However, if you use a shared message store but do not use
866 the same user name space everywhere, you may need the host
867 name on local names. An optional argument specifies
868 another domain to be added than the local.
869
870allmasquerade If masquerading is enabled (using MASQUERADE_AS), this
871 feature will cause recipient addresses to also masquerade
872 as being from the masquerade host. Normally they get
873 the local hostname. Although this may be right for
874 ordinary users, it can break local aliases. For example,
875 if you send to "localalias", the originating sendmail will
876 find that alias and send to all members, but send the
877 message with "To: localalias@masqueradehost". Since that
878 alias likely does not exist, replies will fail. Use this
879 feature ONLY if you can guarantee that the ENTIRE
880 namespace on your masquerade host supersets all the
881 local entries.
882
883limited_masquerade
884 Normally, any hosts listed in class {w} are masqueraded. If
885 this feature is given, only the hosts listed in class {M} (see
886 below: MASQUERADE_DOMAIN) are masqueraded. This is useful
887 if you have several domains with disjoint namespaces hosted
888 on the same machine.
889
890masquerade_entire_domain
891 If masquerading is enabled (using MASQUERADE_AS) and
892 MASQUERADE_DOMAIN (see below) is set, this feature will
893 cause addresses to be rewritten such that the masquerading
894 domains are actually entire domains to be hidden. All
895 hosts within the masquerading domains will be rewritten
896 to the masquerade name (used in MASQUERADE_AS). For example,
897 if you have:
898
899 MASQUERADE_AS(`masq.com')
900 MASQUERADE_DOMAIN(`foo.org')
901 MASQUERADE_DOMAIN(`bar.com')
902
903 then *foo.org and *bar.com are converted to masq.com. Without
904 this feature, only foo.org and bar.com are masqueraded.
905
906 NOTE: only domains within your jurisdiction and
907 current hierarchy should be masqueraded using this.
908
909local_no_masquerade
910 This feature prevents the local mailer from masquerading even
911 if MASQUERADE_AS is used. MASQUERADE_AS will only have effect
912 on addresses of mail going outside the local domain.
913
914masquerade_envelope
915 If masquerading is enabled (using MASQUERADE_AS) or the
916 genericstable is in use, this feature will cause envelope
917 addresses to also masquerade as being from the masquerade
918 host. Normally only the header addresses are masqueraded.
919
920genericstable This feature will cause unqualified addresses (i.e., without
921 a domain) and addresses with a domain listed in class {G}
922 to be looked up in a map and turned into another ("generic")
923 form, which can change both the domain name and the user name.
924 Notice: if you use an MSP (as it is default starting with
925 8.12), the MTA will only receive qualified addresses from the
926 MSP (as required by the RFCs). Hence you need to add your
927 domain to class {G}. This feature is similar to the userdb
928 functionality. The same types of addresses as for
929 masquerading are looked up, i.e., only header sender
930 addresses unless the allmasquerade and/or masquerade_envelope
931 features are given. Qualified addresses must have the domain
932 part in class {G}; entries can be added to this class by the
933 macros GENERICS_DOMAIN or GENERICS_DOMAIN_FILE (analogously
934 to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below).
935
936 The argument of FEATURE(`genericstable') may be the map
937 definition; the default map definition is:
938
939 hash /etc/mail/genericstable
940
941 The key for this table is either the full address, the domain
942 (with a leading @; the localpart is passed as first argument)
943 or the unqualified username (tried in the order mentioned);
944 the value is the new user address. If the new user address
945 does not include a domain, it will be qualified in the standard
946 manner, i.e., using $j or the masquerade name. Note that the
947 address being looked up must be fully qualified. For local
948 mail, it is necessary to use FEATURE(`always_add_domain')
949 for the addresses to be qualified.
950 The "+detail" of an address is passed as %1, so entries like
951
952 old+*@foo.org new+%1@example.com
953 gen+*@foo.org %1@example.com
954
955 and other forms are possible.
956
957generics_entire_domain
958 If the genericstable is enabled and GENERICS_DOMAIN or
959 GENERICS_DOMAIN_FILE is used, this feature will cause
960 addresses to be searched in the map if their domain
961 parts are subdomains of elements in class {G}.
962
963virtusertable A domain-specific form of aliasing, allowing multiple
964 virtual domains to be hosted on one machine. For example,
965 if the virtuser table contains:
966
967 info@foo.com foo-info
968 info@bar.com bar-info
969 joe@bar.com error:nouser 550 No such user here
970 jax@bar.com error:5.7.0:550 Address invalid
971 @baz.org jane@example.net
972
973 then mail addressed to info@foo.com will be sent to the
974 address foo-info, mail addressed to info@bar.com will be
975 delivered to bar-info, and mail addressed to anyone at baz.org
976 will be sent to jane@example.net, mail to joe@bar.com will
977 be rejected with the specified error message, and mail to
978 jax@bar.com will also have a RFC 1893 compliant error code
979 5.7.0.
980
981 The username from the original address is passed
982 as %1 allowing:
983
984 @foo.org %1@example.com
985
986 meaning someone@foo.org will be sent to someone@example.com.
987 Additionally, if the local part consists of "user+detail"
988 then "detail" is passed as %2 and "+detail" is passed as %3
989 when a match against user+* is attempted, so entries like
990
991 old+*@foo.org new+%2@example.com
992 gen+*@foo.org %2@example.com
993 +*@foo.org %1%3@example.com
994 X++@foo.org Z%3@example.com
995 @bar.org %1%3
996
997 and other forms are possible. Note: to preserve "+detail"
998 for a default case (@domain) %1%3 must be used as RHS.
999 There are two wildcards after "+": "+" matches only a non-empty
1000 detail, "*" matches also empty details, e.g., user+@foo.org
1001 matches +*@foo.org but not ++@foo.org. This can be used
1002 to ensure that the parameters %2 and %3 are not empty.
1003
1004 All the host names on the left hand side (foo.com, bar.com,
1005 and baz.org) must be in class {w} or class {VirtHost}. The
1006 latter can be defined by the macros VIRTUSER_DOMAIN or
1007 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
1008 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or
1009 VIRTUSER_DOMAIN_FILE is used, then the entries of class
1010 {VirtHost} are added to class {R}, i.e., relaying is allowed
1011 to (and from) those domains, which by default includes also
1012 all subdomains (see relay_hosts_only). The default map
1013 definition is:
1014
1015 hash /etc/mail/virtusertable
1016
1017 A new definition can be specified as the second argument of
1018 the FEATURE macro, such as
1019
1020 FEATURE(`virtusertable', `dbm /etc/mail/virtusers')
1021
1022virtuser_entire_domain
1023 If the virtusertable is enabled and VIRTUSER_DOMAIN or
1024 VIRTUSER_DOMAIN_FILE is used, this feature will cause
1025 addresses to be searched in the map if their domain
1026 parts are subdomains of elements in class {VirtHost}.
1027
1028ldap_routing Implement LDAP-based e-mail recipient routing according to
1029 the Internet Draft draft-lachman-laser-ldap-mail-routing-01.
1030 This provides a method to re-route addresses with a
1031 domain portion in class {LDAPRoute} to either a
1032 different mail host or a different address. Hosts can
1033 be added to this class using LDAPROUTE_DOMAIN and
1034 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
1035 MASQUERADE_DOMAIN_FILE, see below).
1036
1037 See the LDAP ROUTING section below for more information.
1038
1039nullclient This is a special case -- it creates a configuration file
1040 containing nothing but support for forwarding all mail to a
1041 central hub via a local SMTP-based network. The argument
1042 is the name of that hub.
1043
1044 The only other feature that should be used in conjunction
1045 with this one is FEATURE(`nocanonify'). No mailers
1046 should be defined. No aliasing or forwarding is done.
1047
1048local_lmtp Use an LMTP capable local mailer. The argument to this
1049 feature is the pathname of an LMTP capable mailer. By
1050 default, mail.local is used. This is expected to be the
1051 mail.local which came with the 8.9 distribution which is
1052 LMTP capable. The path to mail.local is set by the
1053 confEBINDIR m4 variable -- making the default
1054 LOCAL_MAILER_PATH /usr/libexec/mail.local.
1055 If a different LMTP capable mailer is used, its pathname
1056 can be specified as second parameter and the arguments
1057 passed to it (A=) as third parameter, e.g.,
1058
1059 FEATURE(`local_lmtp', `/usr/local/bin/lmtp', `lmtp')
1060
1061 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
1062 i.e., without respecting any definitions in an OSTYPE setting.
1063
1064local_procmail Use procmail or another delivery agent as the local mailer.
1065 The argument to this feature is the pathname of the
1066 delivery agent, which defaults to PROCMAIL_MAILER_PATH.
1067 Note that this does NOT use PROCMAIL_MAILER_FLAGS or
1068 PROCMAIL_MAILER_ARGS for the local mailer; tweak
1069 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or
1070 specify the appropriate parameters. When procmail is used,
1071 the local mailer can make use of the
1072 "user+indicator@local.host" syntax; normally the +indicator
1073 is just tossed, but by default it is passed as the -a
1074 argument to procmail.
1075
1076 This feature can take up to three arguments:
1077
1078 1. Path to the mailer program
1079 [default: /usr/local/bin/procmail]
1080 2. Argument vector including name of the program
1081 [default: procmail -Y -a $h -d $u]
1082 3. Flags for the mailer [default: SPfhn9]
1083
1084 Empty arguments cause the defaults to be taken.
1085 Note that if you are on a system with a broken
1086 setreuid() call, you may need to add -f $f to the procmail
1087 argument vector to pass the proper sender to procmail.
1088
1089 For example, this allows it to use the maildrop
1090 (http://www.flounder.net/~mrsam/maildrop/) mailer instead
1091 by specifying:
1092
1093 FEATURE(`local_procmail', `/usr/local/bin/maildrop',
1094 `maildrop -d $u')
1095
1096 or scanmails using:
1097
1098 FEATURE(`local_procmail', `/usr/local/bin/scanmails')
1099
1100 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
1101 i.e., without respecting any definitions in an OSTYPE setting.
1102
1103bestmx_is_local Accept mail as though locally addressed for any host that
1104 lists us as the best possible MX record. This generates
1105 additional DNS traffic, but should be OK for low to
1106 medium traffic hosts. The argument may be a set of
1107 domains, which will limit the feature to only apply to
1108 these domains -- this will reduce unnecessary DNS
1109 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH
1110 WILDCARD MX RECORDS!!! If you have a wildcard MX record
1111 that matches your domain, you cannot use this feature.
1112
1113smrsh Use the SendMail Restricted SHell (smrsh) provided
1114 with the distribution instead of /bin/sh for mailing
1115 to programs. This improves the ability of the local
1116 system administrator to control what gets run via
1117 e-mail. If an argument is provided it is used as the
1118 pathname to smrsh; otherwise, the path defined by
1119 confEBINDIR is used for the smrsh binary -- by default,
1120 /usr/libexec/smrsh is assumed.
1121
1122promiscuous_relay
1123 By default, the sendmail configuration files do not permit
1124 mail relaying (that is, accepting mail from outside your
1125 local host (class {w}) and sending it to another host than
1126 your local host). This option sets your site to allow
1127 mail relaying from any site to any site. In almost all
1128 cases, it is better to control relaying more carefully
1129 with the access map, class {R}, or authentication. Domains
1130 can be added to class {R} by the macros RELAY_DOMAIN or
1131 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
1132 MASQUERADE_DOMAIN_FILE, see below).
1133
1134relay_entire_domain
1135 This option allows any host in your domain as defined by
1136 class {m} to use your server for relaying. Notice: make
1137 sure that your domain is not just a top level domain,
1138 e.g., com. This can happen if you give your host a name
1139 like example.com instead of host.example.com.
1140
1141relay_hosts_only
1142 By default, names that are listed as RELAY in the access
1143 db and class {R} are treated as domain names, not host names.
1144 For example, if you specify ``foo.com'', then mail to or
1145 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com
1146 will all be accepted for relaying. This feature changes
1147 the behaviour to look up individual host names only.
1148
1149relay_based_on_MX
1150 Turns on the ability to allow relaying based on the MX
1151 records of the host portion of an incoming recipient; that
1152 is, if an MX record for host foo.com points to your site,
1153 you will accept and relay mail addressed to foo.com. See
1154 description below for more information before using this
1155 feature. Also, see the KNOWNBUGS entry regarding bestmx
1156 map lookups.
1157
1158 FEATURE(`relay_based_on_MX') does not necessarily allow
1159 routing of these messages which you expect to be allowed,
1160 if route address syntax (or %-hack syntax) is used. If
1161 this is a problem, add entries to the access-table or use
1162 FEATURE(`loose_relay_check').
1163
1164relay_mail_from
1165 Allows relaying if the mail sender is listed as RELAY in
1166 the access map. If an optional argument `domain' (this
1167 is the literal word `domain', not a placeholder) is given,
1168 relaying can be allowed just based on the domain portion
1169 of the sender address. This feature should only be used if
1170 absolutely necessary as the sender address can be easily
1171 forged. Use of this feature requires the "From:" tag to
1172 be used for the key in the access map; see the discussion
1173 of tags and FEATURE(`relay_mail_from') in the section on
1174 anti-spam configuration control.
1175
1176relay_local_from
1177 Allows relaying if the domain portion of the mail sender
1178 is a local host. This should only be used if absolutely
1179 necessary as it opens a window for spammers. Specifically,
1180 they can send mail to your mail server that claims to be
1181 from your domain (either directly or via a routed address),
1182 and you will go ahead and relay it out to arbitrary hosts
1183 on the Internet.
1184
1185accept_unqualified_senders
1186 Normally, MAIL FROM: commands in the SMTP session will be
1187 refused if the connection is a network connection and the
1188 sender address does not include a domain name. If your
1189 setup sends local mail unqualified (i.e., MAIL FROM:<joe>),
1190 you will need to use this feature to accept unqualified
1191 sender addresses. Setting the DaemonPortOptions modifier
1192 'u' overrides the default behavior, i.e., unqualified
1193 addresses are accepted even without this FEATURE.
1194 If this FEATURE is not used, the DaemonPortOptions modifier
1195 'f' can be used to enforce fully qualified addresses.
1196
1197accept_unresolvable_domains
1198 Normally, MAIL FROM: commands in the SMTP session will be
1199 refused if the host part of the argument to MAIL FROM:
1200 cannot be located in the host name service (e.g., an A or
1201 MX record in DNS). If you are inside a firewall that has
1202 only a limited view of the Internet host name space, this
1203 could cause problems. In this case you probably want to
1204 use this feature to accept all domains on input, even if
1205 they are unresolvable.
1206
1207access_db Turns on the access database feature. The access db gives
1208 you the ability to allow or refuse to accept mail from
1209 specified domains for administrative reasons. Moreover,
1210 it can control the behavior of sendmail in various situations.
1211 By default, the access database specification is:
1212
1213 hash -T<TMPF> /etc/mail/access
1214
1215 See the anti-spam configuration control section for further
1216 important information about this feature. Notice:
1217 "-T<TMPF>" is meant literal, do not replace it by anything.
1218
1219blacklist_recipients
1220 Turns on the ability to block incoming mail for certain
1221 recipient usernames, hostnames, or addresses. For
1222 example, you can block incoming mail to user nobody,
1223 host foo.mydomain.com, or guest@bar.mydomain.com.
1224 These specifications are put in the access db as
1225 described in the anti-spam configuration control section
1226 later in this document.
1227
1228delay_checks The rulesets check_mail and check_relay will not be called
1229 when a client connects or issues a MAIL command, respectively.
1230 Instead, those rulesets will be called by the check_rcpt
1231 ruleset; they will be skipped under certain circumstances.
1232 See "Delay all checks" in the anti-spam configuration control
1233 section. Note: this feature is incompatible to the versions
1234 in 8.10 and 8.11.
1235
1236use_client_ptr If this feature is enabled then check_relay will override
1237 its first argument with $&{client_ptr}. This is useful for
1238 rejections based on the unverified hostname of client,
1239 which turns on the same behavior as in earlier sendmail
1240 versions when delay_checks was not in use. See doc/op/op.*
1241 about check_relay, {client_name}, and {client_ptr}.
1242
1243dnsbl Turns on rejection, discarding, or quarantining of hosts
1244 found in a DNS based list. The first argument is used as
1245 the domain in which blocked hosts are listed. A second
1246 argument can be used to change the default error message,
1247 or select one of the operations `discard' and `quarantine'.
1248 Without that second argument, the error message will be
1249
1250 Rejected: IP-ADDRESS listed at SERVER
1251
1252 where IP-ADDRESS and SERVER are replaced by the appropriate
1253 information. By default, temporary lookup failures are
1254 ignored. This behavior can be changed by specifying a
1255 third argument, which must be either `t' or a full error
1256 message. See the anti-spam configuration control section for
1257 an example. The dnsbl feature can be included several times
1258 to query different DNS based rejection lists. See also
1259 enhdnsbl for an enhanced version.
1260
1261 Set the DNSBL_MAP mc option to change the default map
1262 definition from `host'. Set the DNSBL_MAP_OPT mc option
1263 to add additional options to the map specification used.
1264
1265 Some DNS based rejection lists cause failures if asked
1266 for AAAA records. If your sendmail version is compiled
1267 with IPv6 support (NETINET6) and you experience this
1268 problem, add
1269
1270 define(`DNSBL_MAP', `dns -R A')
1271
1272 before the first use of this feature. Alternatively you
1273 can use enhdnsbl instead (see below). Moreover, this
1274 statement can be used to reduce the number of DNS retries,
1275 e.g.,
1276
1277 define(`DNSBL_MAP', `dns -R A -r2')
1278
1279 See below (EDNSBL_TO) for an explanation.
1280
1281enhdnsbl Enhanced version of dnsbl (see above). Further arguments
1282 (up to 5) can be used to specify specific return values
1283 from lookups. Temporary lookup failures are ignored unless
1284 a third argument is given, which must be either `t' or a full
1285 error message. By default, any successful lookup will
1286 generate an error. Otherwise the result of the lookup is
1287 compared with the supplied argument(s), and only if a match
1288 occurs an error is generated. For example,
1289
1290 FEATURE(`enhdnsbl', `dnsbl.example.com', `', `t', `127.0.0.2.')
1291
1292 will reject the e-mail if the lookup returns the value
1293 ``127.0.0.2.'', or generate a 451 response if the lookup
1294 temporarily failed. The arguments can contain metasymbols
1295 as they are allowed in the LHS of rules. As the example
1296 shows, the default values are also used if an empty argument,
1297 i.e., `', is specified. This feature requires that sendmail
1298 has been compiled with the flag DNSMAP (see sendmail/README).
1299
1300 Set the EDNSBL_TO mc option to change the DNS retry count
1301 from the default value of 5, this can be very useful when
1302 a DNS server is not responding, which in turn may cause
1303 clients to time out (an entry stating
1304
1305 did not issue MAIL/EXPN/VRFY/ETRN
1306
1307 will be logged).
1308
1309ratecontrol Enable simple ruleset to do connection rate control
1310 checking. This requires entries in access_db of the form
1311
1312 ClientRate:IP.ADD.RE.SS LIMIT
1313
1314 The RHS specifies the maximum number of connections
1315 (an integer number) over the time interval defined
1316 by ConnectionRateWindowSize, where 0 means unlimited.
1317
1318 Take the following example:
1319
1320 ClientRate:10.1.2.3 4
1321 ClientRate:127.0.0.1 0
1322 ClientRate: 10
1323
1324 10.1.2.3 can only make up to 4 connections, the
1325 general limit it 10, and 127.0.0.1 can make an unlimited
1326 number of connections per ConnectionRateWindowSize.
1327
1328 See also CONNECTION CONTROL.
1329
1330conncontrol Enable a simple check of the number of incoming SMTP
1331 connections. This requires entries in access_db of the
1332 form
1333
1334 ClientConn:IP.ADD.RE.SS LIMIT
1335
1336 The RHS specifies the maximum number of open connections
1337 (an integer number).
1338
1339 Take the following example:
1340
1341 ClientConn:10.1.2.3 4
1342 ClientConn:127.0.0.1 0
1343 ClientConn: 10
1344
1345 10.1.2.3 can only have up to 4 open connections, the
1346 general limit it 10, and 127.0.0.1 does not have any
1347 explicit limit.
1348
1349 See also CONNECTION CONTROL.
1350
1351mtamark Experimental support for "Marking Mail Transfer Agents in
1352 Reverse DNS with TXT RRs" (MTAMark), see
1353 draft-stumpf-dns-mtamark-01. Optional arguments are:
1354
1355 1. Error message, default:
1356
1357 550 Rejected: $&{client_addr} not listed as MTA
1358
1359 2. Temporary lookup failures are ignored unless a second
1360 argument is given, which must be either `t' or a full
1361 error message.
1362
1363 3. Lookup prefix, default: _perm._smtp._srv. This should
1364 not be changed unless the draft changes it.
1365
1366 Example:
1367
1368 FEATURE(`mtamark', `', `t')
1369
1370lookupdotdomain Look up also .domain in the access map. This allows to
1371 match only subdomains. It does not work well with
1372 FEATURE(`relay_hosts_only'), because most lookups for
1373 subdomains are suppressed by the latter feature.
1374
1375loose_relay_check
1376 Normally, if % addressing is used for a recipient, e.g.
1377 user%site@othersite, and othersite is in class {R}, the
1378 check_rcpt ruleset will strip @othersite and recheck
1379 user@site for relaying. This feature changes that
1380 behavior. It should not be needed for most installations.
1381
1382authinfo Provide a separate map for client side authentication
1383 information. See SMTP AUTHENTICATION for details.
1384 By default, the authinfo database specification is:
1385
1386 hash /etc/mail/authinfo
1387
1388preserve_luser_host
1389 Preserve the name of the recipient host if LUSER_RELAY is
1390 used. Without this option, the domain part of the
1391 recipient address will be replaced by the host specified as
1392 LUSER_RELAY. This feature only works if the hostname is
1393 passed to the mailer (see mailer triple in op.me). Note
1394 that in the default configuration the local mailer does not
1395 receive the hostname, i.e., the mailer triple has an empty
1396 hostname.
1397
1398preserve_local_plus_detail
1399 Preserve the +detail portion of the address when passing
1400 address to local delivery agent. Disables alias and
1401 .forward +detail stripping (e.g., given user+detail, only
1402 that address will be looked up in the alias file; user+* and
1403 user will not be looked up). Only use if the local
1404 delivery agent in use supports +detail addressing.
1405 Moreover, this will most likely not work if the 'w' flag
1406 for the local mailer is set as the entire local address
1407 including +detail is passed to the user lookup function.
1408
1409compat_check Enable ruleset check_compat to look up pairs of addresses
1410 with the Compat: tag -- Compat:sender<@>recipient -- in the
1411 access map. Valid values for the RHS include
1412 DISCARD silently discard recipient
1413 TEMP: return a temporary error
1414 ERROR: return a permanent error
1415 In the last two cases, a 4xy/5xy SMTP reply code should
1416 follow the colon.
1417
1418no_default_msa Don't generate the default MSA daemon, i.e.,
1419 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E')
1420 To define a MSA daemon with other parameters, use this
1421 FEATURE and introduce new settings via DAEMON_OPTIONS().
1422
1423msp Defines config file for Message Submission Program.
1424 See sendmail/SECURITY for details and cf/cf/submit.mc how
1425 to use it. An optional argument can be used to override
1426 the default of `[localhost]' to use as host to send all
1427 e-mails to. Note that MX records will be used if the
1428 specified hostname is not in square brackets (e.g.,
1429 [hostname]). If `MSA' is specified as second argument then
1430 port 587 is used to contact the server. Example:
1431
1432 FEATURE(`msp', `', `MSA')
1433
1434 Some more hints about possible changes can be found below
1435 in the section MESSAGE SUBMISSION PROGRAM.
1436
1437 Note: Due to many problems, submit.mc uses
1438
1439 FEATURE(`msp', `[127.0.0.1]')
1440
1441 by default. If you have a machine with IPv6 only,
1442 change it to
1443
1444 FEATURE(`msp', `[IPv6:::1]')
1445
1446 If you want to continue using '[localhost]', (the behavior
1447 up to 8.12.6), use
1448
1449 FEATURE(`msp')
1450
1451queuegroup A simple example how to select a queue group based
1452 on the full e-mail address or the domain of the
1453 recipient. Selection is done via entries in the
1454 access map using the tag QGRP:, for example:
1455
1456 QGRP:example.com main
1457 QGRP:friend@some.org others
1458 QGRP:my.domain local
1459
1460 where "main", "others", and "local" are names of
1461 queue groups. If an argument is specified, it is used
1462 as default queue group.
1463
1464 Note: please read the warning in doc/op/op.me about
1465 queue groups and possible queue manipulations.
1466
1467greet_pause Adds the greet_pause ruleset which enables open proxy
1468 and SMTP slamming protection. The feature can take an
1469 argument specifying the milliseconds to wait:
1470
1471 FEATURE(`greet_pause', `5000') dnl 5 seconds
1472
1473 If FEATURE(`access_db') is enabled, an access database
1474 lookup with the GreetPause tag is done using client
1475 hostname, domain, IP address, or subnet to determine the
1476 pause time:
1477
1478 GreetPause:my.domain 0
1479 GreetPause:example.com 5000
1480 GreetPause:10.1.2 2000
1481 GreetPause:127.0.0.1 0
1482
1483 When using FEATURE(`access_db'), the optional
1484 FEATURE(`greet_pause') argument becomes the default if
1485 nothing is found in the access database. A ruleset called
1486 Local_greet_pause can be used for local modifications, e.g.,
1487
1488 LOCAL_RULESETS
1489 SLocal_greet_pause
1490 R$* $: $&{daemon_flags}
1491 R$* a $* $# 0
1492
1493block_bad_helo Reject messages from SMTP clients which provide a HELO/EHLO
1494 argument which is either unqualified, or is one of our own
1495 names (i.e., the server name instead of the client name).
1496 This check is performed at RCPT stage and disabled for the
1497 following cases:
1498 - authenticated sessions,
1499 - connections from IP addresses in class $={R}.
1500 Currently access_db lookups can not be used to
1501 (selectively) disable this test, moreover,
1502 FEATURE(`delay_checks')
1503 is required.
1504
1505require_rdns Reject mail from connecting SMTP clients without proper
1506 rDNS (reverse DNS), functional gethostbyaddr() resolution.
1507 Note: this feature will cause false positives, i.e., there
1508 are legitimate MTAs that do not have proper DNS entries.
1509 Rejecting mails from those MTAs is a local policy decision.
1510
1511 The basic policy is to reject message with a 5xx error if
1512 the IP address fails to resolve. However, if this is a
1513 temporary failure, a 4xx temporary failure is returned.
1514 If the look-up succeeds, but returns an apparently forged
1515 value, this is treated as a temporary failure with a 4xx
1516 error code.
1517
1518 EXCEPTIONS:
1519
1520 Exceptions based on access entries are discussed below.
1521 Any IP address matched using $=R (the "relay-domains" file)
1522 is excepted from the rules. Since we have explicitly
1523 allowed relaying for this host, based on IP address, we
1524 ignore the rDNS failure.
1525
1526 The philosophical assumption here is that most users do
1527 not control their rDNS. They should be able to send mail
1528 through their ISP, whether or not they have valid rDNS.
1529 The class $=R, roughly speaking, contains those IP addresses
1530 and address ranges for which we are the ISP, or are acting
1531 as if the ISP.
1532
1533 If `delay_checks' is in effect (recommended), then any
1534 sender who has authenticated is also excepted from the
1535 restrictions. This happens because the rules produced by
1536 this FEATURE() will not be applied to authenticated senders
1537 (assuming `delay_checks').
1538
1539 ACCESS MAP ENTRIES:
1540
1541 Entries such as
1542 Connect:1.2.3.4 OK
1543 Connect:1.2 RELAY
1544 will whitelist IP address 1.2.3.4, so that the rDNS
1545 blocking does apply to that IP address
1546
1547 Entries such as
1548 Connect:1.2.3.4 REJECT
1549 will have the effect of forcing a temporary failure for
1550 that address to be treated as a permanent failure.
1551
1552badmx Reject envelope sender addresses (MAIL) whose domain part
1553 resolves to a "bad" MX record. By default these are
1554 MX records which resolve to A records that match the
1555 regular expression:
1556
1557 ^(127\.|10\.|0\.0\.0\.0)
1558
1559 This default regular expression can be overridden by
1560 specifying an argument, e.g.,
1561
1562 FEATURE(`badmx', `^127\.0\.0\.1')
1563
1564 Note: this feature requires that the sendmail binary
1565 has been compiled with the options MAP_REGEX and
1566 DNSMAP.
1567
1568+-------+
1569| HACKS |
1570+-------+
1571
1572Some things just can't be called features. To make this clear,
1573they go in the hack subdirectory and are referenced using the HACK
1574macro. These will tend to be site-dependent. The release
1575includes the Berkeley-dependent "cssubdomain" hack (that makes
1576sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU;
1577this is intended as a short-term aid while moving hosts into
1578subdomains.
1579
1580
1581+--------------------+
1582| SITE CONFIGURATION |
1583+--------------------+
1584
1585 *****************************************************
1586 * This section is really obsolete, and is preserved *
1587 * only for back compatibility. You should plan on *
1588 * using mailertables for new installations. In *
1589 * particular, it doesn't work for the newer forms *
1590 * of UUCP mailers, such as uucp-uudom. *
1591 *****************************************************
1592
1593Complex sites will need more local configuration information, such as
1594lists of UUCP hosts they speak with directly. This can get a bit more
1595tricky. For an example of a "complex" site, see cf/ucbvax.mc.
1596
1597The SITECONFIG macro allows you to indirectly reference site-dependent
1598configuration information stored in the siteconfig subdirectory. For
1599example, the line
1600
1601 SITECONFIG(`uucp.ucbvax', `ucbvax', `U')
1602
1603reads the file uucp.ucbvax for local connection information. The
1604second parameter is the local name (in this case just "ucbvax" since
1605it is locally connected, and hence a UUCP hostname). The third
1606parameter is the name of both a macro to store the local name (in
1607this case, {U}) and the name of the class (e.g., {U}) in which to store
1608the host information read from the file. Another SITECONFIG line reads
1609
1610 SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W')
1611
1612This says that the file uucp.ucbarpa contains the list of UUCP sites
1613connected to ucbarpa.Berkeley.EDU. Class {W} will be used to
1614store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that
1615is, the name of the relay to which the hosts listed in uucp.ucbarpa
1616are connected. [The machine ucbarpa is gone now, but this
1617out-of-date configuration file has been left around to demonstrate
1618how you might do this.]
1619
1620Note that the case of SITECONFIG with a third parameter of ``U'' is
1621special; the second parameter is assumed to be the UUCP name of the
1622local site, rather than the name of a remote site, and the UUCP name
1623is entered into class {w} (the list of local hostnames) as $U.UUCP.
1624
1625The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing
1626more than a sequence of SITE macros describing connectivity. For
1627example:
1628
1629 SITE(`cnmat')
1630 SITE(`sgi olympus')
1631
1632The second example demonstrates that you can use two names on the
1633same line; these are usually aliases for the same host (or are at
1634least in the same company).
1635
1636The macro LOCAL_UUCP can be used to add rules into the generated
1637cf file at the place where MAILER(`uucp') inserts its rules. This
1638should only be used if really necessary.
1639
1640+--------------------+
1641| USING UUCP MAILERS |
1642+--------------------+
1643
1644It's hard to get UUCP mailers right because of the extremely ad hoc
1645nature of UUCP addressing. These config files are really designed
1646for domain-based addressing, even for UUCP sites.
1647
1648There are four UUCP mailers available. The choice of which one to
1649use is partly a matter of local preferences and what is running at
1650the other end of your UUCP connection. Unlike good protocols that
1651define what will go over the wire, UUCP uses the policy that you
1652should do what is right for the other end; if they change, you have
1653to change. This makes it hard to do the right thing, and discourages
1654people from updating their software. In general, if you can avoid
1655UUCP, please do.
1656
1657The major choice is whether to go for a domainized scheme or a
1658non-domainized scheme. This depends entirely on what the other
1659end will recognize. If at all possible, you should encourage the
1660other end to go to a domain-based system -- non-domainized addresses
1661don't work entirely properly.
1662
1663The four mailers are:
1664
1665 uucp-old (obsolete name: "uucp")
1666 This is the oldest, the worst (but the closest to UUCP) way of
1667 sending messages across UUCP connections. It does bangify
1668 everything and prepends $U (your UUCP name) to the sender's
1669 address (which can already be a bang path itself). It can
1670 only send to one address at a time, so it spends a lot of
1671 time copying duplicates of messages. Avoid this if at all
1672 possible.
1673
1674 uucp-new (obsolete name: "suucp")
1675 The same as above, except that it assumes that in one rmail
1676 command you can specify several recipients. It still has a
1677 lot of other problems.
1678
1679 uucp-dom
1680 This UUCP mailer keeps everything as domain addresses.
1681 Basically, it uses the SMTP mailer rewriting rules. This mailer
1682 is only included if MAILER(`smtp') is specified before
1683 MAILER(`uucp').
1684
1685 Unfortunately, a lot of UUCP mailer transport agents require
1686 bangified addresses in the envelope, although you can use
1687 domain-based addresses in the message header. (The envelope
1688 shows up as the From_ line on UNIX mail.) So....
1689
1690 uucp-uudom
1691 This is a cross between uucp-new (for the envelope addresses)
1692 and uucp-dom (for the header addresses). It bangifies the
1693 envelope sender (From_ line in messages) without adding the
1694 local hostname, unless there is no host name on the address
1695 at all (e.g., "wolf") or the host component is a UUCP host name
1696 instead of a domain name ("somehost!wolf" instead of
1697 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp')
1698 is also specified earlier.
1699
1700Examples:
1701
1702On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following
1703summarizes the sender rewriting for various mailers.
1704
1705Mailer sender rewriting in the envelope
1706------ ------ -------------------------
1707uucp-{old,new} wolf grasp!wolf
1708uucp-dom wolf wolf@grasp.insa-lyon.fr
1709uucp-uudom wolf grasp.insa-lyon.fr!wolf
1710
1711uucp-{old,new} wolf@fr.net grasp!fr.net!wolf
1712uucp-dom wolf@fr.net wolf@fr.net
1713uucp-uudom wolf@fr.net fr.net!wolf
1714
1715uucp-{old,new} somehost!wolf grasp!somehost!wolf
1716uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr
1717uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf
1718
1719If you are using one of the domainized UUCP mailers, you really want
1720to convert all UUCP addresses to domain format -- otherwise, it will
1721do it for you (and probably not the way you expected). For example,
1722if you have the address foo!bar!baz (and you are not sending to foo),
1723the heuristics will add the @uucp.relay.name or @local.host.name to
1724this address. However, if you map foo to foo.host.name first, it
1725will not add the local hostname. You can do this using the uucpdomain
1726feature.
1727
1728
1729+-------------------+
1730| TWEAKING RULESETS |
1731+-------------------+
1732
1733For more complex configurations, you can define special rules.
1734The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing
1735the names. Any modifications made here are reflected in the header.
1736
1737A common use is to convert old UUCP addresses to SMTP addresses using
1738the UUCPSMTP macro. For example:
1739
1740 LOCAL_RULE_3
1741 UUCPSMTP(`decvax', `decvax.dec.com')
1742 UUCPSMTP(`research', `research.att.com')
1743
1744will cause addresses of the form "decvax!user" and "research!user"
1745to be converted to "user@decvax.dec.com" and "user@research.att.com"
1746respectively.
1747
1748This could also be used to look up hosts in a database map:
1749
1750 LOCAL_RULE_3
1751 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3
1752
1753This map would be defined in the LOCAL_CONFIG portion, as shown below.
1754
1755Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules.
1756For example, new rules are needed to parse hostnames that you accept
1757via MX records. For example, you might have:
1758
1759 LOCAL_RULE_0
1760 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.>
1761
1762You would use this if you had installed an MX record for cnmat.Berkeley.EDU
1763pointing at this host; this rule catches the message and forwards it on
1764using UUCP.
1765
1766You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2.
1767These rulesets are normally empty.
1768
1769A similar macro is LOCAL_CONFIG. This introduces lines added after the
1770boilerplate option setting but before rulesets. Do not declare rulesets in
1771the LOCAL_CONFIG section. It can be used to declare local database maps or
1772whatever. For example:
1773
1774 LOCAL_CONFIG
1775 Khostmap hash /etc/mail/hostmap
1776 Kyplocal nis -m hosts.byname
1777
1778
1779+---------------------------+
1780| MASQUERADING AND RELAYING |
1781+---------------------------+
1782
1783You can have your host masquerade as another using
1784
1785 MASQUERADE_AS(`host.domain')
1786
1787This causes mail being sent to be labeled as coming from the
1788indicated host.domain, rather than $j. One normally masquerades as
1789one of one's own subdomains (for example, it's unlikely that
1790Berkeley would choose to masquerade as an MIT site). This
1791behaviour is modified by a plethora of FEATUREs; in particular, see
1792masquerade_envelope, allmasquerade, limited_masquerade, and
1793masquerade_entire_domain.
1794
1795The masquerade name is not normally canonified, so it is important
1796that it be your One True Name, that is, fully qualified and not a
1797CNAME. However, if you use a CNAME, the receiving side may canonify
1798it for you, so don't think you can cheat CNAME mapping this way.
1799
1800Normally the only addresses that are masqueraded are those that come
1801from this host (that is, are either unqualified or in class {w}, the list
1802of local domain names). You can augment this list, which is realized
1803by class {M} using
1804
1805 MASQUERADE_DOMAIN(`otherhost.domain')
1806
1807The effect of this is that although mail to user@otherhost.domain
1808will not be delivered locally, any mail including any user@otherhost.domain
1809will, when relayed, be rewritten to have the MASQUERADE_AS address.
1810This can be a space-separated list of names.
1811
1812If these names are in a file, you can use
1813
1814 MASQUERADE_DOMAIN_FILE(`filename')
1815
1816to read the list of names from the indicated file (i.e., to add
1817elements to class {M}).
1818
1819To exempt hosts or subdomains from being masqueraded, you can use
1820
1821 MASQUERADE_EXCEPTION(`host.domain')
1822
1823This can come handy if you want to masquerade a whole domain
1824except for one (or a few) host(s). If these names are in a file,
1825you can use
1826
1827 MASQUERADE_EXCEPTION_FILE(`filename')
1828
1829Normally only header addresses are masqueraded. If you want to
1830masquerade the envelope as well, use
1831
1832 FEATURE(`masquerade_envelope')
1833
1834There are always users that need to be "exposed" -- that is, their
1835internal site name should be displayed instead of the masquerade name.
1836Root is an example (which has been "exposed" by default prior to 8.10).
1837You can add users to this list using
1838
1839 EXPOSED_USER(`usernames')
1840
1841This adds users to class {E}; you could also use
1842
1843 EXPOSED_USER_FILE(`filename')
1844
1845You can also arrange to relay all unqualified names (that is, names
1846without @host) to a relay host. For example, if you have a central
1847email server, you might relay to that host so that users don't have
1848to have .forward files or aliases. You can do this using
1849
1850 define(`LOCAL_RELAY', `mailer:hostname')
1851
1852The ``mailer:'' can be omitted, in which case the mailer defaults to
1853"relay". There are some user names that you don't want relayed, perhaps
1854because of local aliases. A common example is root, which may be
1855locally aliased. You can add entries to this list using
1856
1857 LOCAL_USER(`usernames')
1858
1859This adds users to class {L}; you could also use
1860
1861 LOCAL_USER_FILE(`filename')
1862
1863If you want all incoming mail sent to a centralized hub, as for a
1864shared /var/spool/mail scheme, use
1865
1866 define(`MAIL_HUB', `mailer:hostname')
1867
1868Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY
1869and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will
1870be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB.
1871Note: there is a (long standing) bug which keeps this combination from
1872working for addresses of the form user+detail.
1873Names in class {L} will be delivered locally, so you MUST have aliases or
1874.forward files for them.
1875
1876For example, if you are on machine mastodon.CS.Berkeley.EDU and you have
1877FEATURE(`stickyhost'), the following combinations of settings will have the
1878indicated effects:
1879
1880email sent to.... eric eric@mastodon.CS.Berkeley.EDU
1881
1882LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally)
1883mail.CS.Berkeley.EDU (no local aliasing) (aliasing done)
1884
1885MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
1886mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done)
1887
1888Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
1889MAIL_HUB set as above (no local aliasing) (aliasing done)
1890
1891If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and
1892MAIL_HUB act identically, with MAIL_HUB taking precedence.
1893
1894If you want all outgoing mail to go to a central relay site, define
1895SMART_HOST as well. Briefly:
1896
1897 LOCAL_RELAY applies to unqualified names (e.g., "eric").
1898 MAIL_HUB applies to names qualified with the name of the
1899 local host (e.g., "eric@mastodon.CS.Berkeley.EDU").
1900 SMART_HOST applies to names qualified with other hosts or
1901 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU"
1902 or "eric@[127.0.0.1]").
1903
1904However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY,
1905DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you
1906really want absolutely everything to go to a single central site you will
1907need to unset all the other relays -- or better yet, find or build a
1908minimal config file that does this.
1909
1910For duplicate suppression to work properly, the host name is best
1911specified with a terminal dot:
1912
1913 define(`MAIL_HUB', `host.domain.')
1914 note the trailing dot ---^
1915
1916
1917+-------------------------------------------+
1918| USING LDAP FOR ALIASES, MAPS, AND CLASSES |
1919+-------------------------------------------+
1920
1921LDAP can be used for aliases, maps, and classes by either specifying your
1922own LDAP map specification or using the built-in default LDAP map
1923specification. The built-in default specifications all provide lookups
1924which match against either the machine's fully qualified hostname (${j}) or
1925a "cluster". The cluster allows you to share LDAP entries among a large
1926number of machines without having to enter each of the machine names into
1927each LDAP entry. To set the LDAP cluster name to use for a particular
1928machine or set of machines, set the confLDAP_CLUSTER m4 variable to a
1929unique name. For example:
1930
1931 define(`confLDAP_CLUSTER', `Servers')
1932
1933Here, the word `Servers' will be the cluster name. As an example, assume
1934that smtp.sendmail.org, etrn.sendmail.org, and mx.sendmail.org all belong
1935to the Servers cluster.
1936
1937Some of the LDAP LDIF examples below show use of the Servers cluster.
1938Every entry must have either a sendmailMTAHost or sendmailMTACluster
1939attribute or it will be ignored. Be careful as mixing clusters and
1940individual host records can have surprising results (see the CAUTION
1941sections below).
1942
1943See the file cf/sendmail.schema for the actual LDAP schemas. Note that
1944this schema (and therefore the lookups and examples below) is experimental
1945at this point as it has had little public review. Therefore, it may change
1946in future versions. Feedback via sendmail-YYYY@support.sendmail.org is
1947encouraged (replace YYYY with the current year, e.g., 2005).
1948
1949-------
1950Aliases
1951-------
1952
1953The ALIAS_FILE (O AliasFile) option can be set to use LDAP for alias
1954lookups. To use the default schema, simply use:
1955
1956 define(`ALIAS_FILE', `ldap:')
1957
1958By doing so, you will use the default schema which expands to a map
1959declared as follows:
1960
1961 ldap -k (&(objectClass=sendmailMTAAliasObject)
1962 (sendmailMTAAliasGrouping=aliases)
1963 (|(sendmailMTACluster=${sendmailMTACluster})
1964 (sendmailMTAHost=$j))
1965 (sendmailMTAKey=%0))
1966 -v sendmailMTAAliasValue,sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,sendmailMTAAliasURL:URL:sendmailMTAAliasObject
1967
1968
1969NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually
1970used when the binary expands the `ldap:' token as the AliasFile option is
1971not actually macro-expanded when read from the sendmail.cf file.
1972
1973Example LDAP LDIF entries might be:
1974
1975 dn: sendmailMTAKey=sendmail-list, dc=sendmail, dc=org
1976 objectClass: sendmailMTA
1977 objectClass: sendmailMTAAlias
1978 objectClass: sendmailMTAAliasObject
1979 sendmailMTAAliasGrouping: aliases
1980 sendmailMTAHost: etrn.sendmail.org
1981 sendmailMTAKey: sendmail-list
1982 sendmailMTAAliasValue: ca@example.org
1983 sendmailMTAAliasValue: eric
1984 sendmailMTAAliasValue: gshapiro@example.com
1985
1986 dn: sendmailMTAKey=owner-sendmail-list, dc=sendmail, dc=org
1987 objectClass: sendmailMTA
1988 objectClass: sendmailMTAAlias
1989 objectClass: sendmailMTAAliasObject
1990 sendmailMTAAliasGrouping: aliases
1991 sendmailMTAHost: etrn.sendmail.org
1992 sendmailMTAKey: owner-sendmail-list
1993 sendmailMTAAliasValue: eric
1994
1995 dn: sendmailMTAKey=postmaster, dc=sendmail, dc=org
1996 objectClass: sendmailMTA
1997 objectClass: sendmailMTAAlias
1998 objectClass: sendmailMTAAliasObject
1999 sendmailMTAAliasGrouping: aliases
2000 sendmailMTACluster: Servers
2001 sendmailMTAKey: postmaster
2002 sendmailMTAAliasValue: eric
2003
2004Here, the aliases sendmail-list and owner-sendmail-list will be available
2005only on etrn.sendmail.org but the postmaster alias will be available on
2006every machine in the Servers cluster (including etrn.sendmail.org).
2007
2008CAUTION: aliases are additive so that entries like these:
2009
2010 dn: sendmailMTAKey=bob, dc=sendmail, dc=org
2011 objectClass: sendmailMTA
2012 objectClass: sendmailMTAAlias
2013 objectClass: sendmailMTAAliasObject
2014 sendmailMTAAliasGrouping: aliases
2015 sendmailMTACluster: Servers
2016 sendmailMTAKey: bob
2017 sendmailMTAAliasValue: eric
2018
2019 dn: sendmailMTAKey=bobetrn, dc=sendmail, dc=org
2020 objectClass: sendmailMTA
2021 objectClass: sendmailMTAAlias
2022 objectClass: sendmailMTAAliasObject
2023 sendmailMTAAliasGrouping: aliases
2024 sendmailMTAHost: etrn.sendmail.org
2025 sendmailMTAKey: bob
2026 sendmailMTAAliasValue: gshapiro
2027
2028would mean that on all of the hosts in the cluster, mail to bob would go to
2029eric EXCEPT on etrn.sendmail.org in which case it would go to BOTH eric and
2030gshapiro.
2031
2032If you prefer not to use the default LDAP schema for your aliases, you can
2033specify the map parameters when setting ALIAS_FILE. For example:
2034
2035 define(`ALIAS_FILE', `ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember')
2036
2037----
2038Maps
2039----
2040
2041FEATURE()'s which take an optional map definition argument (e.g., access,
2042mailertable, virtusertable, etc.) can instead take the special keyword
2043`LDAP', e.g.:
2044
2045 FEATURE(`access_db', `LDAP')
2046 FEATURE(`virtusertable', `LDAP')
2047
2048When this keyword is given, that map will use LDAP lookups consisting of
2049the objectClass sendmailMTAClassObject, the attribute sendmailMTAMapName
2050with the map name, a search attribute of sendmailMTAKey, and the value
2051attribute sendmailMTAMapValue.
2052
2053The values for sendmailMTAMapName are:
2054
2055 FEATURE() sendmailMTAMapName
2056 --------- ------------------
2057 access_db access
2058 authinfo authinfo
2059 bitdomain bitdomain
2060 domaintable domain
2061 genericstable generics
2062 mailertable mailer
2063 uucpdomain uucpdomain
2064 virtusertable virtuser
2065
2066For example, FEATURE(`mailertable', `LDAP') would use the map definition:
2067
2068 Kmailertable ldap -k (&(objectClass=sendmailMTAMapObject)
2069 (sendmailMTAMapName=mailer)
2070 (|(sendmailMTACluster=${sendmailMTACluster})
2071 (sendmailMTAHost=$j))
2072 (sendmailMTAKey=%0))
2073 -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject
2074
2075An example LDAP LDIF entry using this map might be:
2076
2077 dn: sendmailMTAMapName=mailer, dc=sendmail, dc=org
2078 objectClass: sendmailMTA
2079 objectClass: sendmailMTAMap
2080 sendmailMTACluster: Servers
2081 sendmailMTAMapName: mailer
2082
2083 dn: sendmailMTAKey=example.com, sendmailMTAMapName=mailer, dc=sendmail, dc=org
2084 objectClass: sendmailMTA
2085 objectClass: sendmailMTAMap
2086 objectClass: sendmailMTAMapObject
2087 sendmailMTAMapName: mailer
2088 sendmailMTACluster: Servers
2089 sendmailMTAKey: example.com
2090 sendmailMTAMapValue: relay:[smtp.example.com]
2091
2092CAUTION: If your LDAP database contains the record above and *ALSO* a host
2093specific record such as:
2094
2095 dn: sendmailMTAKey=example.com@etrn, sendmailMTAMapName=mailer, dc=sendmail, dc=org
2096 objectClass: sendmailMTA
2097 objectClass: sendmailMTAMap
2098 objectClass: sendmailMTAMapObject
2099 sendmailMTAMapName: mailer
2100 sendmailMTAHost: etrn.sendmail.org
2101 sendmailMTAKey: example.com
2102 sendmailMTAMapValue: relay:[mx.example.com]
2103
2104then these entries will give unexpected results. When the lookup is done
2105on etrn.sendmail.org, the effect is that there is *NO* match at all as maps
2106require a single match. Since the host etrn.sendmail.org is also in the
2107Servers cluster, LDAP would return two answers for the example.com map key
2108in which case sendmail would treat this as no match at all.
2109
2110If you prefer not to use the default LDAP schema for your maps, you can
2111specify the map parameters when using the FEATURE(). For example:
2112
2113 FEATURE(`access_db', `ldap:-1 -k (&(objectClass=mapDatabase)(key=%0)) -v value')
2114
2115-------
2116Classes
2117-------
2118
2119Normally, classes can be filled via files or programs. As of 8.12, they
2120can also be filled via map lookups using a new syntax:
2121
2122 F{ClassName}mapkey@mapclass:mapspec
2123
2124mapkey is optional and if not provided the map key will be empty. This can
2125be used with LDAP to read classes from LDAP. Note that the lookup is only
2126done when sendmail is initially started. Use the special value `@LDAP' to
2127use the default LDAP schema. For example:
2128
2129 RELAY_DOMAIN_FILE(`@LDAP')
2130
2131would put all of the attribute sendmailMTAClassValue values of LDAP records
2132with objectClass sendmailMTAClass and an attribute sendmailMTAClassName of
2133'R' into class $={R}. In other words, it is equivalent to the LDAP map
2134specification:
2135
2136 F{R}@ldap:-k (&(objectClass=sendmailMTAClass)
2137 (sendmailMTAClassName=R)
2138 (|(sendmailMTACluster=${sendmailMTACluster})
2139 (sendmailMTAHost=$j)))
2140 -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass
2141
2142NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually
2143used when the binary expands the `@LDAP' token as class declarations are
2144not actually macro-expanded when read from the sendmail.cf file.
2145
2146This can be used with class related commands such as RELAY_DOMAIN_FILE(),
2147MASQUERADE_DOMAIN_FILE(), etc:
2148
2149 Command sendmailMTAClassName
2150 ------- --------------------
2151 CANONIFY_DOMAIN_FILE() Canonify
2152 EXPOSED_USER_FILE() E
2153 GENERICS_DOMAIN_FILE() G
2154 LDAPROUTE_DOMAIN_FILE() LDAPRoute
2155 LDAPROUTE_EQUIVALENT_FILE() LDAPRouteEquiv
2156 LOCAL_USER_FILE() L
2157 MASQUERADE_DOMAIN_FILE() M
2158 MASQUERADE_EXCEPTION_FILE() N
2159 RELAY_DOMAIN_FILE() R
2160 VIRTUSER_DOMAIN_FILE() VirtHost
2161
2162You can also add your own as any 'F'ile class of the form:
2163
2164 F{ClassName}@LDAP
2165 ^^^^^^^^^
2166will use "ClassName" for the sendmailMTAClassName.
2167
2168An example LDAP LDIF entry would look like:
2169
2170 dn: sendmailMTAClassName=R, dc=sendmail, dc=org
2171 objectClass: sendmailMTA
2172 objectClass: sendmailMTAClass
2173 sendmailMTACluster: Servers
2174 sendmailMTAClassName: R
2175 sendmailMTAClassValue: sendmail.org
2176 sendmailMTAClassValue: example.com
2177 sendmailMTAClassValue: 10.56.23
2178
2179CAUTION: If your LDAP database contains the record above and *ALSO* a host
2180specific record such as:
2181
2182 dn: sendmailMTAClassName=R@etrn.sendmail.org, dc=sendmail, dc=org
2183 objectClass: sendmailMTA
2184 objectClass: sendmailMTAClass
2185 sendmailMTAHost: etrn.sendmail.org
2186 sendmailMTAClassName: R
2187 sendmailMTAClassValue: example.com
2188
2189the result will be similar to the aliases caution above. When the lookup
2190is done on etrn.sendmail.org, $={R} would contain all of the entries (from
2191both the cluster match and the host match). In other words, the effective
2192is additive.
2193
2194If you prefer not to use the default LDAP schema for your classes, you can
2195specify the map parameters when using the class command. For example:
2196
2197 VIRTUSER_DOMAIN_FILE(`@ldap:-k (&(objectClass=virtHosts)(host=*)) -v host')
2198
2199Remember, macros can not be used in a class declaration as the binary does
2200not expand them.
2201
2202
2203+--------------+
2204| LDAP ROUTING |
2205+--------------+
2206
2207FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft
2208LDAP Schema for Intranet Mail Routing
2209(draft-lachman-laser-ldap-mail-routing-01). This feature enables
2210LDAP-based rerouting of a particular address to either a different host
2211or a different address. The LDAP lookup is first attempted on the full
2212address (e.g., user@example.com) and then on the domain portion
2213(e.g., @example.com). Be sure to setup your domain for LDAP routing using
2214LDAPROUTE_DOMAIN(), e.g.:
2215
2216 LDAPROUTE_DOMAIN(`example.com')
2217
2218Additionally, you can specify equivalent domains for LDAP routing using
2219LDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE(). 'Equivalent'
2220hostnames are mapped to $M (the masqueraded hostname for the server) before
2221the LDAP query. For example, if the mail is addressed to
2222user@host1.example.com, normally the LDAP lookup would only be done for
2223'user@host1.example.com' and '@host1.example.com'. However, if
2224LDAPROUTE_EQUIVALENT(`host1.example.com') is used, the lookups would also be
2225done on 'user@example.com' and '@example.com' after attempting the
2226host1.example.com lookups.
2227
2228By default, the feature will use the schemas as specified in the draft
2229and will not reject addresses not found by the LDAP lookup. However,
2230this behavior can be changed by giving additional arguments to the FEATURE()
2231command:
2232
2233 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>,
2234 <detail>, <nodomain>, <tempfail>)
2235
2236where <mailHost> is a map definition describing how to look up an alternative
2237mail host for a particular address; <mailRoutingAddress> is a map definition
2238describing how to look up an alternative address for a particular address;
2239the <bounce> argument, if present and not the word "passthru", dictates
2240that mail should be bounced if neither a mailHost nor mailRoutingAddress
2241is found, if set to "sendertoo", the sender will be rejected if not
2242found in LDAP; and <detail> indicates what actions to take if the address
2243contains +detail information -- `strip' tries the lookup with the +detail
2244and if no matches are found, strips the +detail and tries the lookup again;
2245`preserve', does the same as `strip' but if a mailRoutingAddress match is
2246found, the +detail information is copied to the new address; the <nodomain>
2247argument, if present, will prevent the @domain lookup if the full
2248address is not found in LDAP; the <tempfail> argument, if set to
2249"tempfail", instructs the rules to give an SMTP 4XX temporary
2250error if the LDAP server gives the MTA a temporary failure, or if set to
2251"queue" (the default), the MTA will locally queue the mail.
2252
2253The default <mailHost> map definition is:
2254
2255 ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient)
2256 (mailLocalAddress=%0))
2257
2258The default <mailRoutingAddress> map definition is:
2259
2260 ldap -1 -T<TMPF> -v mailRoutingAddress
2261 -k (&(objectClass=inetLocalMailRecipient)
2262 (mailLocalAddress=%0))
2263
2264Note that neither includes the LDAP server hostname (-h server) or base DN
2265(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that
2266your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with
2267these settings. If this is not the case, the map definitions should be
2268changed as described above. The "-T<TMPF>" is required in any user
2269specified map definition to catch temporary errors.
2270
2271The following possibilities exist as a result of an LDAP lookup on an
2272address:
2273
2274 mailHost is mailRoutingAddress is Results in
2275 ----------- --------------------- ----------
2276 set to a set mail delivered to
2277 "local" host mailRoutingAddress
2278
2279 set to a not set delivered to
2280 "local" host original address
2281
2282 set to a set mailRoutingAddress
2283 remote host relayed to mailHost
2284
2285 set to a not set original address
2286 remote host relayed to mailHost
2287
2288 not set set mail delivered to
2289 mailRoutingAddress
2290
2291 not set not set delivered to
2292 original address *OR*
2293 bounced as unknown user
2294
2295The term "local" host above means the host specified is in class {w}. If
2296the result would mean sending the mail to a different host, that host is
2297looked up in the mailertable before delivery.
2298
2299Note that the last case depends on whether the third argument is given
2300to the FEATURE() command. The default is to deliver the message to the
2301original address.
2302
2303The LDAP entries should be set up with an objectClass of
2304inetLocalMailRecipient and the address be listed in a mailLocalAddress
2305attribute. If present, there must be only one mailHost attribute and it
2306must contain a fully qualified host name as its value. Similarly, if
2307present, there must be only one mailRoutingAddress attribute and it must
2308contain an RFC 822 compliant address. Some example LDAP records (in LDIF
2309format):
2310
2311 dn: uid=tom, o=example.com, c=US
2312 objectClass: inetLocalMailRecipient
2313 mailLocalAddress: tom@example.com
2314 mailRoutingAddress: thomas@mailhost.example.com
2315
2316This would deliver mail for tom@example.com to thomas@mailhost.example.com.
2317
2318 dn: uid=dick, o=example.com, c=US
2319 objectClass: inetLocalMailRecipient
2320 mailLocalAddress: dick@example.com
2321 mailHost: eng.example.com
2322
2323This would relay mail for dick@example.com to the same address but redirect
2324the mail to MX records listed for the host eng.example.com (unless the
2325mailertable overrides).
2326
2327 dn: uid=harry, o=example.com, c=US
2328 objectClass: inetLocalMailRecipient
2329 mailLocalAddress: harry@example.com
2330 mailHost: mktmail.example.com
2331 mailRoutingAddress: harry@mkt.example.com
2332
2333This would relay mail for harry@example.com to the MX records listed for
2334the host mktmail.example.com using the new address harry@mkt.example.com
2335when talking to that host.
2336
2337 dn: uid=virtual.example.com, o=example.com, c=US
2338 objectClass: inetLocalMailRecipient
2339 mailLocalAddress: @virtual.example.com
2340 mailHost: server.example.com
2341 mailRoutingAddress: virtual@example.com
2342
2343This would send all mail destined for any username @virtual.example.com to
2344the machine server.example.com's MX servers and deliver to the address
2345virtual@example.com on that relay machine.
2346
2347
2348+---------------------------------+
2349| ANTI-SPAM CONFIGURATION CONTROL |
2350+---------------------------------+
2351
2352The primary anti-spam features available in sendmail are:
2353
2354* Relaying is denied by default.
2355* Better checking on sender information.
2356* Access database.
2357* Header checks.
2358
2359Relaying (transmission of messages from a site outside your host (class
2360{w}) to another site except yours) is denied by default. Note that this
2361changed in sendmail 8.9; previous versions allowed relaying by default.
2362If you really want to revert to the old behaviour, you will need to use
2363FEATURE(`promiscuous_relay'). You can allow certain domains to relay
2364through your server by adding their domain name or IP address to class
2365{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database
2366(described below). Note that IPv6 addresses must be prefaced with "IPv6:".
2367The file consists (like any other file based class) of entries listed on
2368separate lines, e.g.,
2369
2370 sendmail.org
2371 128.32
2372 IPv6:2002:c0a8:02c7
2373 IPv6:2002:c0a8:51d2::23f4
2374 host.mydomain.com
2375 [UNIX:localhost]
2376
2377Notice: the last entry allows relaying for connections via a UNIX
2378socket to the MTA/MSP. This might be necessary if your configuration
2379doesn't allow relaying by other means in that case, e.g., by having
2380localhost.$m in class {R} (make sure $m is not just a top level
2381domain).
2382
2383If you use
2384
2385 FEATURE(`relay_entire_domain')
2386
2387then any host in any of your local domains (that is, class {m})
2388will be relayed (that is, you will accept mail either to or from any
2389host in your domain).
2390
2391You can also allow relaying based on the MX records of the host
2392portion of an incoming recipient address by using
2393
2394 FEATURE(`relay_based_on_MX')
2395
2396For example, if your server receives a recipient of user@domain.com
2397and domain.com lists your server in its MX records, the mail will be
2398accepted for relay to domain.com. This feature may cause problems
2399if MX lookups for the recipient domain are slow or time out. In that
2400case, mail will be temporarily rejected. It is usually better to
2401maintain a list of hosts/domains for which the server acts as relay.
2402Note also that this feature will stop spammers from using your host
2403to relay spam but it will not stop outsiders from using your server
2404as a relay for their site (that is, they set up an MX record pointing
2405to your mail server, and you will relay mail addressed to them
2406without any prior arrangement). Along the same lines,
2407
2408 FEATURE(`relay_local_from')
2409
2410will allow relaying if the sender specifies a return path (i.e.
2411MAIL FROM:<user@domain>) domain which is a local domain. This is a
2412dangerous feature as it will allow spammers to spam using your mail
2413server by simply specifying a return address of user@your.domain.com.
2414It should not be used unless absolutely necessary.
2415A slightly better solution is
2416
2417 FEATURE(`relay_mail_from')
2418
2419which allows relaying if the mail sender is listed as RELAY in the
2420access map. If an optional argument `domain' (this is the literal
2421word `domain', not a placeholder) is given, the domain portion of
2422the mail sender is also checked to allowing relaying. This option
2423only works together with the tag From: for the LHS of the access
2424map entries. This feature allows spammers to abuse your mail server
2425by specifying a return address that you enabled in your access file.
2426This may be harder to figure out for spammers, but it should not
2427be used unless necessary. Instead use SMTP AUTH or STARTTLS to
2428allow relaying for roaming users.
2429
2430
2431If source routing is used in the recipient address (e.g.,
2432RCPT TO:<user%site.com@othersite.com>), sendmail will check
2433user@site.com for relaying if othersite.com is an allowed relay host
2434in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used,
2435or the access database if FEATURE(`access_db') is used. To prevent
2436the address from being stripped down, use:
2437
2438 FEATURE(`loose_relay_check')
2439
2440If you think you need to use this feature, you probably do not. This
2441should only be used for sites which have no control over the addresses
2442that they provide a gateway for. Use this FEATURE with caution as it
2443can allow spammers to relay through your server if not setup properly.
2444
2445NOTICE: It is possible to relay mail through a system which the anti-relay
2446rules do not prevent: the case of a system that does use FEATURE(`nouucp',
2447`nospecial') (system A) and relays local messages to a mail hub (e.g., via
2448LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use
2449FEATURE(`nouucp') at all, addresses of the form
2450<example.net!user@local.host> would be relayed to <user@example.net>.
2451System A doesn't recognize `!' as an address separator and therefore
2452forwards it to the mail hub which in turns relays it because it came from
2453a trusted local host. So if a mailserver allows UUCP (bang-format)
2454addresses, all systems from which it allows relaying should do the same
2455or reject those addresses.
2456
2457As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has
2458an unresolvable domain (i.e., one that DNS, your local name service,
2459or special case rules in ruleset 3 cannot locate). This also applies
2460to addresses that use domain literals, e.g., <user@[1.2.3.4]>, if the
2461IP address can't be mapped to a host name. If you want to continue
2462to accept such domains, e.g., because you are inside a firewall that
2463has only a limited view of the Internet host name space (note that you
2464will not be able to return mail to them unless you have some "smart
2465host" forwarder), use
2466
2467 FEATURE(`accept_unresolvable_domains')
2468
2469Alternatively, you can allow specific addresses by adding them to
2470the access map, e.g.,
2471
2472 From:unresolvable.domain OK
2473 From:[1.2.3.4] OK
2474 From:[1.2.4] OK
2475
2476Notice: domains which are temporarily unresolvable are (temporarily)
2477rejected with a 451 reply code. If those domains should be accepted
2478(which is discouraged) then you can use
2479
2480 LOCAL_CONFIG
2481 C{ResOk}TEMP
2482
2483sendmail will also refuse mail if the MAIL FROM: parameter is not
2484fully qualified (i.e., contains a domain as well as a user). If you
2485want to continue to accept such senders, use
2486
2487 FEATURE(`accept_unqualified_senders')
2488
2489Setting the DaemonPortOptions modifier 'u' overrides the default behavior,
2490i.e., unqualified addresses are accepted even without this FEATURE. If
2491this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used
2492to enforce fully qualified domain names.
2493
2494An ``access'' database can be created to accept or reject mail from
2495selected domains. For example, you may choose to reject all mail
2496originating from known spammers. To enable such a database, use
2497
2498 FEATURE(`access_db')
2499
2500Notice: the access database is applied to the envelope addresses
2501and the connection information, not to the header.
2502
2503The FEATURE macro can accept as second parameter the key file
2504definition for the database; for example
2505
2506 FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access_map')
2507
2508Notice: If a second argument is specified it must contain the option
2509`-T<TMPF>' as shown above. The optional parameters may be
2510
2511 `skip' enables SKIP as value part (see below).
2512 `lookupdotdomain' another way to enable the feature of the
2513 same name (see above).
2514 `relaytofulladdress' enable entries of the form
2515 To:user@example.com RELAY
2516 to allow relaying to just a specific
2517 e-mail address instead of an entire domain.
2518
2519Remember, since /etc/mail/access is a database, after creating the text
2520file as described below, you must use makemap to create the database
2521map. For example:
2522
2523 makemap hash /etc/mail/access < /etc/mail/access
2524
2525The table itself uses e-mail addresses, domain names, and network
2526numbers as keys. Note that IPv6 addresses must be prefaced with "IPv6:".
2527For example,
2528
2529 From:spammer@aol.com REJECT
2530 From:cyberspammer.com REJECT
2531 Connect:cyberspammer.com REJECT
2532 Connect:TLD REJECT
2533 Connect:192.168.212 REJECT
2534 Connect:IPv6:2002:c0a8:02c7 RELAY
2535 Connect:IPv6:2002:c0a8:51d2::23f4 REJECT
2536
2537would refuse mail from spammer@aol.com, any user from cyberspammer.com
2538(or any host within the cyberspammer.com domain), any host in the entire
2539top level domain TLD, 192.168.212.* network, and the IPv6 address
25402002:c0a8:51d2::23f4. It would allow relay for the IPv6 network
25412002:c0a8:02c7::/48.
2542
2543Entries in the access map should be tagged according to their type.
2544Three tags are available:
2545
2546 Connect: connection information (${client_addr}, ${client_name})
2547 From: envelope sender
2548 To: envelope recipient
2549
2550Notice: untagged entries are deprecated.
2551
2552If the required item is looked up in a map, it will be tried first
2553with the corresponding tag in front, then (as fallback to enable
2554backward compatibility) without any tag, unless the specific feature
2555requires a tag. For example,
2556
2557 From:spammer@some.dom REJECT
2558 To:friend.domain RELAY
2559 Connect:friend.domain OK
2560 Connect:from.domain RELAY
2561 From:good@another.dom OK
2562 From:another.dom REJECT
2563
2564This would deny mails from spammer@some.dom but you could still
2565send mail to that address even if FEATURE(`blacklist_recipients')
2566is enabled. Your system will allow relaying to friend.domain, but
2567not from it (unless enabled by other means). Connections from that
2568domain will be allowed even if it ends up in one of the DNS based
2569rejection lists. Relaying is enabled from from.domain but not to
2570it (since relaying is based on the connection information for
2571outgoing relaying, the tag Connect: must be used; for incoming
2572relaying, which is based on the recipient address, To: must be
2573used). The last two entries allow mails from good@another.dom but
2574reject mail from all other addresses with another.dom as domain
2575part.
2576
2577
2578The value part of the map can contain:
2579
2580 OK Accept mail even if other rules in the running
2581 ruleset would reject it, for example, if the domain
2582 name is unresolvable. "Accept" does not mean
2583 "relay", but at most acceptance for local
2584 recipients. That is, OK allows less than RELAY.
2585 RELAY Accept mail addressed to the indicated domain
2586 (or address if `relaytofulladdress' is set) or
2587 received from the indicated domain for relaying
2588 through your SMTP server. RELAY also serves as
2589 an implicit OK for the other checks.
2590 REJECT Reject the sender or recipient with a general
2591 purpose message.
2592 DISCARD Discard the message completely using the
2593 $#discard mailer. If it is used in check_compat,
2594 it affects only the designated recipient, not
2595 the whole message as it does in all other cases.
2596 This should only be used if really necessary.
2597 SKIP This can only be used for host/domain names
2598 and IP addresses/nets. It will abort the current
2599 search for this entry without accepting or rejecting
2600 it but causing the default action.
2601 ### any text where ### is an RFC 821 compliant error code and
2602 "any text" is a message to return for the command.
2603 The entire string should be quoted to avoid
2604 surprises:
2605
2606 "### any text"
2607
2608 Otherwise sendmail formats the text as email
2609 addresses, e.g., it may remove spaces.
2610 This type is deprecated, use one of the two
2611 ERROR: entries below instead.
2612 ERROR:### any text
2613 as above, but useful to mark error messages as such.
2614 If quotes need to be used to avoid modifications
2615 (see above), they should be placed like this:
2616
2617 ERROR:"### any text"
2618
2619 ERROR:D.S.N:### any text
2620 where D.S.N is an RFC 1893 compliant error code
2621 and the rest as above. If quotes need to be used
2622 to avoid modifications, they should be placed
2623 like this:
2624
2625 ERROR:D.S.N:"### any text"
2626
2627 QUARANTINE:any text
2628 Quarantine the message using the given text as the
2629 quarantining reason.
2630
2631For example:
2632
2633 From:cyberspammer.com ERROR:"550 We don't accept mail from spammers"
2634 From:okay.cyberspammer.com OK
2635 Connect:sendmail.org RELAY
2636 To:sendmail.org RELAY
2637 Connect:128.32 RELAY
2638 Connect:128.32.2 SKIP
2639 Connect:IPv6:1:2:3:4:5:6:7 RELAY
2640 Connect:suspicious.example.com QUARANTINE:Mail from suspicious host
2641 Connect:[127.0.0.3] OK
2642 Connect:[IPv6:1:2:3:4:5:6:7:8] OK
2643
2644would accept mail from okay.cyberspammer.com, but would reject mail
2645from all other hosts at cyberspammer.com with the indicated message.
2646It would allow relaying mail from and to any hosts in the sendmail.org
2647domain, and allow relaying from the IPv6 1:2:3:4:5:6:7:* network
2648and from the 128.32.*.* network except for the 128.32.2.* network,
2649which shows how SKIP is useful to exempt subnets/subdomains. The
2650last two entries are for checks against ${client_name} if the IP
2651address doesn't resolve to a hostname (or is considered as "may be
2652forged"). That is, using square brackets means these are host
2653names, not network numbers.
2654
2655Warning: if you change the RFC 821 compliant error code from the default
2656value of 550, then you should probably also change the RFC 1893 compliant
2657error code to match it. For example, if you use
2658
2659 To:user@example.com ERROR:450 mailbox full
2660
2661the error returned would be "450 5.0.0 mailbox full" which is wrong.
2662Use "ERROR:4.2.2:450 mailbox full" instead.
2663
2664Note, UUCP users may need to add hostname.UUCP to the access database
2665or class {R}.
2666
2667If you also use:
2668
2669 FEATURE(`relay_hosts_only')
2670
2671then the above example will allow relaying for sendmail.org, but not
2672hosts within the sendmail.org domain. Note that this will also require
2673hosts listed in class {R} to be fully qualified host names.
2674
2675You can also use the access database to block sender addresses based on
2676the username portion of the address. For example:
2677
2678 From:FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted
2679
2680Note that you must include the @ after the username to signify that
2681this database entry is for checking only the username portion of the
2682sender address.
2683
2684If you use:
2685
2686 FEATURE(`blacklist_recipients')
2687
2688then you can add entries to the map for local users, hosts in your
2689domains, or addresses in your domain which should not receive mail:
2690
2691 To:badlocaluser@ ERROR:550 Mailbox disabled for badlocaluser
2692 To:host.my.TLD ERROR:550 That host does not accept mail
2693 To:user@other.my.TLD ERROR:550 Mailbox disabled for this recipient
2694
2695This would prevent a recipient of badlocaluser in any of the local
2696domains (class {w}), any user at host.my.TLD, and the single address
2697user@other.my.TLD from receiving mail. Please note: a local username
2698must be now tagged with an @ (this is consistent with the check of
2699the sender address, and hence it is possible to distinguish between
2700hostnames and usernames). Enabling this feature will keep you from
2701sending mails to all addresses that have an error message or REJECT
2702as value part in the access map. Taking the example from above:
2703
2704 spammer@aol.com REJECT
2705 cyberspammer.com REJECT
2706
2707Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com.
2708That's why tagged entries should be used.
2709
2710There are several DNS based blacklists which can be found by
2711querying a search engine. These are databases of spammers
2712maintained in DNS. To use such a database, specify
2713
2714 FEATURE(`dnsbl', `dnsbl.example.com')
2715
2716This will cause sendmail to reject mail from any site listed in the
2717DNS based blacklist. You must select a DNS based blacklist domain
2718to check by specifying an argument to the FEATURE. The default
2719error message is
2720
2721 Rejected: IP-ADDRESS listed at SERVER
2722
2723where IP-ADDRESS and SERVER are replaced by the appropriate
2724information. A second argument can be used to specify a different
2725text or action. For example,
2726
2727 FEATURE(`dnsbl', `dnsbl.example.com', `quarantine')
2728
2729would quarantine the message if the client IP address is listed
2730at `dnsbl.example.com'.
2731
2732By default, temporary lookup failures are ignored
2733and hence cause the connection not to be rejected by the DNS based
2734rejection list. This behavior can be changed by specifying a third
2735argument, which must be either `t' or a full error message. For
2736example:
2737
2738 FEATURE(`dnsbl', `dnsbl.example.com', `',
2739 `"451 Temporary lookup failure for " $&{client_addr} " in dnsbl.example.com"')
2740
2741If `t' is used, the error message is:
2742
2743 451 Temporary lookup failure of IP-ADDRESS at SERVER
2744
2745where IP-ADDRESS and SERVER are replaced by the appropriate
2746information.
2747
2748This FEATURE can be included several times to query different
2749DNS based rejection lists.
2750
2751Notice: to avoid checking your own local domains against those
2752blacklists, use the access_db feature and add:
2753
2754 Connect:10.1 OK
2755 Connect:127.0.0.1 RELAY
2756
2757to the access map, where 10.1 is your local network. You may
2758want to use "RELAY" instead of "OK" to allow also relaying
2759instead of just disabling the DNS lookups in the blacklists.
2760
2761
2762The features described above make use of the check_relay, check_mail,
2763and check_rcpt rulesets. Note that check_relay checks the SMTP
2764client hostname and IP address when the connection is made to your
2765server. It does not check if a mail message is being relayed to
2766another server. That check is done in check_rcpt. If you wish to
2767include your own checks, you can put your checks in the rulesets
2768Local_check_relay, Local_check_mail, and Local_check_rcpt. For
2769example if you wanted to block senders with all numeric usernames
2770(i.e. 2312343@bigisp.com), you would use Local_check_mail and the
2771regex map:
2772
2773 LOCAL_CONFIG
2774 Kallnumbers regex -a@MATCH ^[0-9]+$
2775
2776 LOCAL_RULESETS
2777 SLocal_check_mail
2778 # check address against various regex checks
2779 R$* $: $>Parse0 $>3 $1
2780 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $)
2781 R@MATCH $#error $: 553 Header Error
2782
2783These rules are called with the original arguments of the corresponding
2784check_* ruleset. If the local ruleset returns $#OK, no further checking
2785is done by the features described above and the mail is accepted. If
2786the local ruleset resolves to a mailer (such as $#error or $#discard),
2787the appropriate action is taken. Other results starting with $# are
2788interpreted by sendmail and may lead to unspecified behavior. Note: do
2789NOT create a mailer with the name OK. Return values that do not start
2790with $# are ignored, i.e., normal processing continues.
2791
2792Delay all checks
2793----------------
2794
2795By using FEATURE(`delay_checks') the rulesets check_mail and check_relay
2796will not be called when a client connects or issues a MAIL command,
2797respectively. Instead, those rulesets will be called by the check_rcpt
2798ruleset; they will be skipped if a sender has been authenticated using
2799a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH().
2800If check_mail returns an error then the RCPT TO command will be rejected
2801with that error. If it returns some other result starting with $# then
2802check_relay will be skipped. If the sender address (or a part of it) is
2803listed in the access map and it has a RHS of OK or RELAY, then check_relay
2804will be skipped. This has an interesting side effect: if your domain is
2805my.domain and you have
2806
2807 my.domain RELAY
2808
2809in the access map, then any e-mail with a sender address of
2810<user@my.domain> will not be rejected by check_relay even though
2811it would match the hostname or IP address. This allows spammers
2812to get around DNS based blacklist by faking the sender address. To
2813avoid this problem you have to use tagged entries:
2814
2815 To:my.domain RELAY
2816 Connect:my.domain RELAY
2817
2818if you need those entries at all (class {R} may take care of them).
2819
2820FEATURE(`delay_checks') can take an optional argument:
2821
2822 FEATURE(`delay_checks', `friend')
2823 enables spamfriend test
2824 FEATURE(`delay_checks', `hater')
2825 enables spamhater test
2826
2827If such an argument is given, the recipient will be looked up in the
2828access map (using the tag Spam:). If the argument is `friend', then
2829the default behavior is to apply the other rulesets and make a SPAM
2830friend the exception. The rulesets check_mail and check_relay will be
2831skipped only if the recipient address is found and has RHS FRIEND. If
2832the argument is `hater', then the default behavior is to skip the rulesets
2833check_mail and check_relay and make a SPAM hater the exception. The
2834other two rulesets will be applied only if the recipient address is
2835found and has RHS HATER.
2836
2837This allows for simple exceptions from the tests, e.g., by activating
2838the friend option and having
2839
2840 Spam:abuse@ FRIEND
2841
2842in the access map, mail to abuse@localdomain will get through (where
2843"localdomain" is any domain in class {w}). It is also possible to
2844specify a full address or an address with +detail:
2845
2846 Spam:abuse@my.domain FRIEND
2847 Spam:me+abuse@ FRIEND
2848 Spam:spam.domain FRIEND
2849
2850Note: The required tag has been changed in 8.12 from To: to Spam:.
2851This change is incompatible to previous versions. However, you can
2852(for now) simply add the new entries to the access map, the old
2853ones will be ignored. As soon as you removed the old entries from
2854the access map, specify a third parameter (`n') to this feature and
2855the backward compatibility rules will not be in the generated .cf
2856file.
2857
2858Header Checks
2859-------------
2860
2861You can also reject mail on the basis of the contents of headers.
2862This is done by adding a ruleset call to the 'H' header definition command
2863in sendmail.cf. For example, this can be used to check the validity of
2864a Message-ID: header:
2865
2866 LOCAL_CONFIG
2867 HMessage-Id: $>CheckMessageId
2868
2869 LOCAL_RULESETS
2870 SCheckMessageId
2871 R< $+ @ $+ > $@ OK
2872 R$* $#error $: 553 Header Error
2873
2874The alternative format:
2875
2876 HSubject: $>+CheckSubject
2877
2878that is, $>+ instead of $>, gives the full Subject: header including
2879comments to the ruleset (comments in parentheses () are stripped
2880by default).
2881
2882A default ruleset for headers which don't have a specific ruleset
2883defined for them can be given by:
2884
2885 H*: $>CheckHdr
2886
2887Notice:
28881. All rules act on tokens as explained in doc/op/op.{me,ps,txt}.
2889That may cause problems with simple header checks due to the
2890tokenization. It might be simpler to use a regex map and apply it
2891to $&{currHeader}.
28922. There are no default rulesets coming with this distribution of
2893sendmail. You can write your own, can search the WWW for examples,
2894or take a look at cf/cf/knecht.mc.
28953. When using a default ruleset for headers, the name of the header
2896currently being checked can be found in the $&{hdr_name} macro.
2897
2898After all of the headers are read, the check_eoh ruleset will be called for
2899any final header-related checks. The ruleset is called with the number of
2900headers and the size of all of the headers in bytes separated by $|. One
2901example usage is to reject messages which do not have a Message-Id:
2902header. However, the Message-Id: header is *NOT* a required header and is
2903not a guaranteed spam indicator. This ruleset is an example and should
2904probably not be used in production.
2905
2906 LOCAL_CONFIG
2907 Kstorage macro
2908 HMessage-Id: $>CheckMessageId
2909
2910 LOCAL_RULESETS
2911 SCheckMessageId
2912 # Record the presence of the header
2913 R$* $: $(storage {MessageIdCheck} $@ OK $) $1
2914 R< $+ @ $+ > $@ OK
2915 R$* $#error $: 553 Header Error
2916
2917 Scheck_eoh
2918 # Check the macro
2919 R$* $: < $&{MessageIdCheck} >
2920 # Clear the macro for the next message
2921 R$* $: $(storage {MessageIdCheck} $) $1
2922 # Has a Message-Id: header
2923 R< $+ > $@ OK
2924 # Allow missing Message-Id: from local mail
2925 R$* $: < $&{client_name} >
2926 R< > $@ OK
2927 R< $=w > $@ OK
2928 # Otherwise, reject the mail
2929 R$* $#error $: 553 Header Error
2930
2931
2932+--------------------+
2933| CONNECTION CONTROL |
2934+--------------------+
2935
2936The features ratecontrol and conncontrol allow to establish connection
2937limits per client IP address or net. These features can limit the
2938rate of connections (connections per time unit) or the number of
2939incoming SMTP connections, respectively. If enabled, appropriate
2940rulesets are called at the end of check_relay, i.e., after DNS
2941blacklists and generic access_db operations. The features require
2942FEATURE(`access_db') to be listed earlier in the mc file.
2943
2944Note: FEATURE(`delay_checks') delays those connection control checks
2945after a recipient address has been received, hence making these
2946connection control features less useful. To run the checks as early
2947as possible, specify the parameter `nodelay', e.g.,
2948
2949 FEATURE(`ratecontrol', `nodelay')
2950
2951In that case, FEATURE(`delay_checks') has no effect on connection
2952control (and it must be specified earlier in the mc file).
2953
2954An optional second argument `terminate' specifies whether the
2955rulesets should return the error code 421 which will cause
2956sendmail to terminate the session with that error if it is
2957returned from check_relay, i.e., not delayed as explained in
2958the previous paragraph. Example:
2959
2960 FEATURE(`ratecontrol', `nodelay', `terminate')
2961
2962
2963+----------+
2964| STARTTLS |
2965+----------+
2966
2967In this text, cert will be used as an abbreviation for X.509 certificate,
2968DN (CN) is the distinguished (common) name of a cert, and CA is a
2969certification authority, which signs (issues) certs.
2970
2971For STARTTLS to be offered by sendmail you need to set at least
2972these variables (the file names and paths are just examples):
2973
2974 define(`confCACERT_PATH', `/etc/mail/certs/')
2975 define(`confCACERT', `/etc/mail/certs/CA.cert.pem')
2976 define(`confSERVER_CERT', `/etc/mail/certs/my.cert.pem')
2977 define(`confSERVER_KEY', `/etc/mail/certs/my.key.pem')
2978
2979On systems which do not have the compile flag HASURANDOM set (see
2980sendmail/README) you also must set confRAND_FILE.
2981
2982See doc/op/op.{me,ps,txt} for more information about these options,
2983especially the sections ``Certificates for STARTTLS'' and ``PRNG for
2984STARTTLS''.
2985
2986Macros related to STARTTLS are:
2987
2988${cert_issuer} holds the DN of the CA (the cert issuer).
2989${cert_subject} holds the DN of the cert (called the cert subject).
2990${cn_issuer} holds the CN of the CA (the cert issuer).
2991${cn_subject} holds the CN of the cert (called the cert subject).
2992${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1,
2993 TLSv1/SSLv3, SSLv3, SSLv2.
2994${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA,
2995 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA.
2996${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm
2997 used for the connection.
2998${verify} holds the result of the verification of the presented cert.
2999 Possible values are:
3000 OK verification succeeded.
3001 NO no cert presented.
3002 NOT no cert requested.
3003 FAIL cert presented but could not be verified,
3004 e.g., the cert of the signing CA is missing.
3005 NONE STARTTLS has not been performed.
3006 TEMP temporary error occurred.
3007 PROTOCOL protocol error occurred (SMTP level).
3008 SOFTWARE STARTTLS handshake failed.
3009${server_name} the name of the server of the current outgoing SMTP
3010 connection.
3011${server_addr} the address of the server of the current outgoing SMTP
3012 connection.
3013
3014Relaying
3015--------
3016
3017SMTP STARTTLS can allow relaying for remote SMTP clients which have
3018successfully authenticated themselves. If the verification of the cert
3019failed (${verify} != OK), relaying is subject to the usual rules.
3020Otherwise the DN of the issuer is looked up in the access map using the
3021tag CERTISSUER. If the resulting value is RELAY, relaying is allowed.
3022If it is SUBJECT, the DN of the cert subject is looked up next in the
3023access map using the tag CERTSUBJECT. If the value is RELAY, relaying
3024is allowed.
3025
3026To make things a bit more flexible (or complicated), the values for
3027${cert_issuer} and ${cert_subject} can be optionally modified by regular
3028expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and
3029_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in
3030rulesets and map lookups, they are modified as follows: each non-printable
3031character and the characters '<', '>', '(', ')', '"', '+', ' ' are replaced
3032by their HEX value with a leading '+'. For example:
3033
3034/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email=
3035darth+cert@endmail.org
3036
3037is encoded as:
3038
3039/C=US/ST=California/O=endmail.org/OU=private/CN=
3040Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
3041
3042(line breaks have been inserted for readability).
3043
3044The macros which are subject to this encoding are ${cert_subject},
3045${cert_issuer}, ${cn_subject}, and ${cn_issuer}.
3046
3047Examples:
3048
3049To allow relaying for everyone who can present a cert signed by
3050
3051/C=US/ST=California/O=endmail.org/OU=private/CN=
3052Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
3053
3054simply use:
3055
3056CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
3057Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org RELAY
3058
3059To allow relaying only for a subset of machines that have a cert signed by
3060
3061/C=US/ST=California/O=endmail.org/OU=private/CN=
3062Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
3063
3064use:
3065
3066CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
3067Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org SUBJECT
3068CertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN=
3069DeathStar/Email=deathstar@endmail.org RELAY
3070
3071Notes:
3072- line breaks have been inserted after "CN=" for readability,
3073 each tagged entry must be one (long) line in the access map.
3074- if OpenSSL 0.9.7 or newer is used then the "Email=" part of a DN
3075 is replaced by "emailAddress=".
3076
3077Of course it is also possible to write a simple ruleset that allows
3078relaying for everyone who can present a cert that can be verified, e.g.,
3079
3080LOCAL_RULESETS
3081SLocal_check_rcpt
3082R$* $: $&{verify}
3083ROK $# OK
3084
3085Allowing Connections
3086--------------------
3087
3088The rulesets tls_server, tls_client, and tls_rcpt are used to decide whether
3089an SMTP connection is accepted (or should continue).
3090
3091tls_server is called when sendmail acts as client after a STARTTLS command
3092(should) have been issued. The parameter is the value of ${verify}.
3093
3094tls_client is called when sendmail acts as server, after a STARTTLS command
3095has been issued, and from check_mail. The parameter is the value of
3096${verify} and STARTTLS or MAIL, respectively.
3097
3098Both rulesets behave the same. If no access map is in use, the connection
3099will be accepted unless ${verify} is SOFTWARE, in which case the connection
3100is always aborted. For tls_server/tls_client, ${client_name}/${server_name}
3101is looked up in the access map using the tag TLS_Srv/TLS_Clt, which is done
3102with the ruleset LookUpDomain. If no entry is found, ${client_addr}
3103(${server_addr}) is looked up in the access map (same tag, ruleset
3104LookUpAddr). If this doesn't result in an entry either, just the tag is
3105looked up in the access map (included the trailing colon). Notice:
3106requiring that e-mail is sent to a server only encrypted, e.g., via
3107
3108TLS_Srv:secure.domain ENCR:112
3109
3110doesn't necessarily mean that e-mail sent to that domain is encrypted.
3111If the domain has multiple MX servers, e.g.,
3112
3113secure.domain. IN MX 10 mail.secure.domain.
3114secure.domain. IN MX 50 mail.other.domain.
3115
3116then mail to user@secure.domain may go unencrypted to mail.other.domain.
3117tls_rcpt can be used to address this problem.
3118
3119tls_rcpt is called before a RCPT TO: command is sent. The parameter is the
3120current recipient. This ruleset is only defined if FEATURE(`access_db')
3121is selected. A recipient address user@domain is looked up in the access
3122map in four formats: TLS_Rcpt:user@domain, TLS_Rcpt:user@, TLS_Rcpt:domain,
3123and TLS_Rcpt:; the first match is taken.
3124
3125The result of the lookups is then used to call the ruleset TLS_connection,
3126which checks the requirement specified by the RHS in the access map against
3127the actual parameters of the current TLS connection, esp. ${verify} and
3128${cipher_bits}. Legal RHSs in the access map are:
3129
3130VERIFY verification must have succeeded
3131VERIFY:bits verification must have succeeded and ${cipher_bits} must
3132 be greater than or equal bits.
3133ENCR:bits ${cipher_bits} must be greater than or equal bits.
3134
3135The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary
3136or permanent error. The default is a temporary error code (403 4.7.0)
3137unless the macro TLS_PERM_ERR is set during generation of the .cf file.
3138
3139If a certain level of encryption is required, then it might also be
3140possible that this level is provided by the security layer from a SASL
3141algorithm, e.g., DIGEST-MD5.
3142
3143Furthermore, there can be a list of extensions added. Such a list
3144starts with '+' and the items are separated by '++'. Allowed
3145extensions are:
3146
3147CN:name name must match ${cn_subject}
3148CN ${client_name}/${server_name} must match ${cn_subject}
3149CS:name name must match ${cert_subject}
3150CI:name name must match ${cert_issuer}
3151
3152Example: e-mail sent to secure.example.com should only use an encrypted
3153connection. E-mail received from hosts within the laptop.example.com domain
3154should only be accepted if they have been authenticated. The host which
3155receives e-mail for darth@endmail.org must present a cert that uses the
3156CN smtp.endmail.org.
3157
3158TLS_Srv:secure.example.com ENCR:112
3159TLS_Clt:laptop.example.com PERM+VERIFY:112
3160TLS_Rcpt:darth@endmail.org ENCR:112+CN:smtp.endmail.org
3161
3162
3163Disabling STARTTLS And Setting SMTP Server Features
3164---------------------------------------------------
3165
3166By default STARTTLS is used whenever possible. However, there are
3167some broken MTAs that don't properly implement STARTTLS. To be able
3168to send to (or receive from) those MTAs, the ruleset try_tls
3169(srv_features) can be used that work together with the access map.
3170Entries for the access map must be tagged with Try_TLS (Srv_Features)
3171and refer to the hostname or IP address of the connecting system.
3172A default case can be specified by using just the tag. For example,
3173the following entries in the access map:
3174
3175 Try_TLS:broken.server NO
3176 Srv_Features:my.domain v
3177 Srv_Features: V
3178
3179will turn off STARTTLS when sending to broken.server (or any host
3180in that domain), and request a client certificate during the TLS
3181handshake only for hosts in my.domain. The valid entries on the RHS
3182for Srv_Features are listed in the Sendmail Installation and
3183Operations Guide.
3184
3185
3186Received: Header
3187----------------
3188
3189The Received: header reveals whether STARTTLS has been used. It contains an
3190extra line:
3191
3192(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})
3193
3194
3195+---------------------+
3196| SMTP AUTHENTICATION |
3197+---------------------+
3198
3199The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be
3200used in anti-relay rulesets to allow relaying for those users that
3201authenticated themselves. A very simple example is:
3202
3203SLocal_check_rcpt
3204R$* $: $&{auth_type}
3205R$+ $# OK
3206
3207which checks whether a user has successfully authenticated using
3208any available mechanism. Depending on the setup of the Cyrus SASL
3209library, more sophisticated rulesets might be required, e.g.,
3210
3211SLocal_check_rcpt
3212R$* $: $&{auth_type} $| $&{auth_authen}
3213RDIGEST-MD5 $| $+@$=w $# OK
3214
3215to allow relaying for users that authenticated using DIGEST-MD5
3216and have an identity in the local domains.
3217
3218The ruleset trust_auth is used to determine whether a given AUTH=
3219parameter (that is passed to this ruleset) should be trusted. This
3220ruleset may make use of the other ${auth_*} macros. Only if the
3221ruleset resolves to the error mailer, the AUTH= parameter is not
3222trusted. A user supplied ruleset Local_trust_auth can be written
3223to modify the default behavior, which only trust the AUTH=
3224parameter if it is identical to the authenticated user.
3225
3226Per default, relaying is allowed for any user who authenticated
3227via a "trusted" mechanism, i.e., one that is defined via
3228TRUST_AUTH_MECH(`list of mechanisms')
3229For example:
3230TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5')
3231
3232If the selected mechanism provides a security layer the number of
3233bits used for the key of the symmetric cipher is stored in the
3234macro ${auth_ssf}.
3235
3236Providing SMTP AUTH Data when sendmail acts as Client
3237-----------------------------------------------------
3238
3239If sendmail acts as client, it needs some information how to
3240authenticate against another MTA. This information can be provided
3241by the ruleset authinfo or by the option DefaultAuthInfo. The
3242authinfo ruleset looks up {server_name} using the tag AuthInfo: in
3243the access map. If no entry is found, {server_addr} is looked up
3244in the same way and finally just the tag AuthInfo: to provide
3245default values. Note: searches for domain parts or IP nets are
3246only performed if the access map is used; if the authinfo feature
3247is used then only up to three lookups are performed (two exact
3248matches, one default).
3249
3250Note: If your daemon does client authentication when sending, and
3251if it uses either PLAIN or LOGIN authentication, then you *must*
3252prevent ordinary users from seeing verbose output. Do NOT install
3253sendmail set-user-ID. Use PrivacyOptions to turn off verbose output
3254("goaway" works for this).
3255
3256Notice: the default configuration file causes the option DefaultAuthInfo
3257to fail since the ruleset authinfo is in the .cf file. If you really
3258want to use DefaultAuthInfo (it is deprecated) then you have to
3259remove the ruleset.
3260
3261The RHS for an AuthInfo: entry in the access map should consists of a
3262list of tokens, each of which has the form: "TDstring" (including
3263the quotes). T is a tag which describes the item, D is a delimiter,
3264either ':' for simple text or '=' for a base64 encoded string.
3265Valid values for the tag are:
3266
3267 U user (authorization) id
3268 I authentication id
3269 P password
3270 R realm
3271 M list of mechanisms delimited by spaces
3272
3273Example entries are:
3274
3275AuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5"
3276AuthInfo:host.more.dom "U:user" "P=c2VjcmV0"
3277
3278User id or authentication id must exist as well as the password. All
3279other entries have default values. If one of user or authentication
3280id is missing, the existing value is used for the missing item.
3281If "R:" is not specified, realm defaults to $j. The list of mechanisms
3282defaults to those specified by AuthMechanisms.
3283
3284Since this map contains sensitive information, either the access
3285map must be unreadable by everyone but root (or the trusted user)
3286or FEATURE(`authinfo') must be used which provides a separate map.
3287Notice: It is not checked whether the map is actually
3288group/world-unreadable, this is left to the user.
3289
3290+--------------------------------+
3291| ADDING NEW MAILERS OR RULESETS |
3292+--------------------------------+
3293
3294Sometimes you may need to add entirely new mailers or rulesets. They
3295should be introduced with the constructs MAILER_DEFINITIONS and
3296LOCAL_RULESETS respectively. For example:
3297
3298 MAILER_DEFINITIONS
3299 Mmymailer, ...
3300 ...
3301
3302 LOCAL_RULESETS
3303 Smyruleset
3304 ...
3305
3306Local additions for the rulesets srv_features, try_tls, tls_rcpt,
3307tls_client, and tls_server can be made using LOCAL_SRV_FEATURES,
3308LOCAL_TRY_TLS, LOCAL_TLS_RCPT, LOCAL_TLS_CLIENT, and LOCAL_TLS_SERVER,
3309respectively. For example, to add a local ruleset that decides
3310whether to try STARTTLS in a sendmail client, use:
3311
3312 LOCAL_TRY_TLS
3313 R...
3314
3315Note: you don't need to add a name for the ruleset, it is implicitly
3316defined by using the appropriate macro.
3317
3318
3319+-------------------------+
3320| ADDING NEW MAIL FILTERS |
3321+-------------------------+
3322
3323Sendmail supports mail filters to filter incoming SMTP messages according
3324to the "Sendmail Mail Filter API" documentation. These filters can be
3325configured in your mc file using the two commands:
3326
3327 MAIL_FILTER(`name', `equates')
3328 INPUT_MAIL_FILTER(`name', `equates')
3329
3330The first command, MAIL_FILTER(), simply defines a filter with the given
3331name and equates. For example:
3332
3333 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3334
3335This creates the equivalent sendmail.cf entry:
3336
3337 Xarchive, S=local:/var/run/archivesock, F=R
3338
3339The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER
3340but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name
3341of the filter such that the filter will actually be called by sendmail.
3342
3343For example, the two commands:
3344
3345 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3346 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
3347
3348are equivalent to the three commands:
3349
3350 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3351 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
3352 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck')
3353
3354In general, INPUT_MAIL_FILTER() should be used unless you need to define
3355more filters than you want to use for `confINPUT_MAIL_FILTERS'.
3356
3357Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER()
3358commands will clear the list created by the prior INPUT_MAIL_FILTER()
3359commands.
3360
3361
3362+-------------------------+
3363| QUEUE GROUP DEFINITIONS |
3364+-------------------------+
3365
3366In addition to the queue directory (which is the default queue group
3367called "mqueue"), sendmail can deal with multiple queue groups, which
3368are collections of queue directories with the same behaviour. Queue
3369groups can be defined using the command:
3370
3371 QUEUE_GROUP(`name', `equates')
3372
3373For details about queue groups, please see doc/op/op.{me,ps,txt}.
3374
3375+-------------------------------+
3376| NON-SMTP BASED CONFIGURATIONS |
3377+-------------------------------+
3378
3379These configuration files are designed primarily for use by
3380SMTP-based sites. They may not be well tuned for UUCP-only or
3381UUCP-primarily nodes (the latter is defined as a small local net
3382connected to the rest of the world via UUCP). However, there is
3383one hook to handle some special cases.
3384
3385You can define a ``smart host'' that understands a richer address syntax
3386using:
3387
3388 define(`SMART_HOST', `mailer:hostname')
3389
3390In this case, the ``mailer:'' defaults to "relay". Any messages that
3391can't be handled using the usual UUCP rules are passed to this host.
3392
3393If you are on a local SMTP-based net that connects to the outside
3394world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules.
3395For example:
3396
3397 define(`SMART_HOST', `uucp-new:uunet')
3398 LOCAL_NET_CONFIG
3399 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3
3400
3401This will cause all names that end in your domain name ($m) to be sent
3402via SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet.
3403If you have FEATURE(`nocanonify'), you may need to omit the dots after
3404the $m. If you are running a local DNS inside your domain which is
3405not otherwise connected to the outside world, you probably want to
3406use:
3407
3408 define(`SMART_HOST', `smtp:fire.wall.com')
3409 LOCAL_NET_CONFIG
3410 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3
3411
3412That is, send directly only to things you found in your DNS lookup;
3413anything else goes through SMART_HOST.
3414
3415You may need to turn off the anti-spam rules in order to accept
3416UUCP mail with FEATURE(`promiscuous_relay') and
3417FEATURE(`accept_unresolvable_domains').
3418
3419
3420+-----------+
3421| WHO AM I? |
3422+-----------+
3423
3424Normally, the $j macro is automatically defined to be your fully
3425qualified domain name (FQDN). Sendmail does this by getting your
3426host name using gethostname and then calling gethostbyname on the
3427result. For example, in some environments gethostname returns
3428only the root of the host name (such as "foo"); gethostbyname is
3429supposed to return the FQDN ("foo.bar.com"). In some (fairly rare)
3430cases, gethostbyname may fail to return the FQDN. In this case
3431you MUST define confDOMAIN_NAME to be your fully qualified domain
3432name. This is usually done using:
3433
3434 Dmbar.com
3435 define(`confDOMAIN_NAME', `$w.$m')dnl
3436
3437
3438+-----------------------------------+
3439| ACCEPTING MAIL FOR MULTIPLE NAMES |
3440+-----------------------------------+
3441
3442If your host is known by several different names, you need to augment
3443class {w}. This is a list of names by which your host is known, and
3444anything sent to an address using a host name in this list will be
3445treated as local mail. You can do this in two ways: either create the
3446file /etc/mail/local-host-names containing a list of your aliases (one per
3447line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add
3448``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified
3449name of the host, rather than a short name.
3450
3451If you want to have different address in different domains, take
3452a look at the virtusertable feature, which is also explained at
3453http://www.sendmail.org/virtual-hosting.html
3454
3455
3456+--------------------+
3457| USING MAILERTABLES |
3458+--------------------+
3459
3460To use FEATURE(`mailertable'), you will have to create an external
3461database containing the routing information for various domains.
3462For example, a mailertable file in text format might be:
3463
3464 .my.domain xnet:%1.my.domain
3465 uuhost1.my.domain uucp-new:uuhost1
3466 .bitnet smtp:relay.bit.net
3467
3468This should normally be stored in /etc/mail/mailertable. The actual
3469database version of the mailertable is built using:
3470
3471 makemap hash /etc/mail/mailertable < /etc/mail/mailertable
3472
3473The semantics are simple. Any LHS entry that does not begin with
3474a dot matches the full host name indicated. LHS entries beginning
3475with a dot match anything ending with that domain name (including
3476the leading dot) -- that is, they can be thought of as having a
3477leading ".+" regular expression pattern for a non-empty sequence of
3478characters. Matching is done in order of most-to-least qualified
3479-- for example, even though ".my.domain" is listed first in the
3480above example, an entry of "uuhost1.my.domain" will match the second
3481entry since it is more explicit. Note: e-mail to "user@my.domain"
3482does not match any entry in the above table. You need to have
3483something like:
3484
3485 my.domain esmtp:host.my.domain
3486
3487The RHS should always be a "mailer:host" pair. The mailer is the
3488configuration name of a mailer (that is, an M line in the
3489sendmail.cf file). The "host" will be the hostname passed to
3490that mailer. In domain-based matches (that is, those with leading
3491dots) the "%1" may be used to interpolate the wildcarded part of
3492the host name. For example, the first line above sends everything
3493addressed to "anything.my.domain" to that same host name, but using
3494the (presumably experimental) xnet mailer.
3495
3496In some cases you may want to temporarily turn off MX records,
3497particularly on gateways. For example, you may want to MX
3498everything in a domain to one machine that then forwards it
3499directly. To do this, you might use the DNS configuration:
3500
3501 *.domain. IN MX 0 relay.machine
3502
3503and on relay.machine use the mailertable:
3504
3505 .domain smtp:[gateway.domain]
3506
3507The [square brackets] turn off MX records for this host only.
3508If you didn't do this, the mailertable would use the MX record
3509again, which would give you an MX loop. Note that the use of
3510wildcard MX records is almost always a bad idea. Please avoid
3511using them if possible.
3512
3513
3514+--------------------------------+
3515| USING USERDB TO MAP FULL NAMES |
3516+--------------------------------+
3517
3518The user database was not originally intended for mapping full names
3519to login names (e.g., Eric.Allman => eric), but some people are using
3520it that way. (it is recommended that you set up aliases for this
3521purpose instead -- since you can specify multiple alias files, this
3522is fairly easy.) The intent was to locate the default maildrop at
3523a site, but allow you to override this by sending to a specific host.
3524
3525If you decide to set up the user database in this fashion, it is
3526imperative that you not use FEATURE(`stickyhost') -- otherwise,
3527e-mail sent to Full.Name@local.host.name will be rejected.
3528
3529To build the internal form of the user database, use:
3530
3531 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt
3532
3533As a general rule, it is an extremely bad idea to using full names
3534as e-mail addresses, since they are not in any sense unique. For
3535example, the UNIX software-development community has at least two
3536well-known Peter Deutsches, and at one time Bell Labs had two
3537Stephen R. Bournes with offices along the same hallway. Which one
3538will be forced to suffer the indignity of being Stephen_R_Bourne_2?
3539The less famous of the two, or the one that was hired later?
3540
3541Finger should handle full names (and be fuzzy). Mail should use
3542handles, and not be fuzzy.
3543
3544
3545+--------------------------------+
3546| MISCELLANEOUS SPECIAL FEATURES |
3547+--------------------------------+
3548
3549Plussed users
3550 Sometimes it is convenient to merge configuration on a
3551 centralized mail machine, for example, to forward all
3552 root mail to a mail server. In this case it might be
3553 useful to be able to treat the root addresses as a class
3554 of addresses with subtle differences. You can do this
3555 using plussed users. For example, a client might include
3556 the alias:
3557
3558 root: root+client1@server
3559
3560 On the server, this will match an alias for "root+client1".
3561 If that is not found, the alias "root+*" will be tried,
3562 then "root".
3563
3564
3565+----------------+
3566| SECURITY NOTES |
3567+----------------+
3568
3569A lot of sendmail security comes down to you. Sendmail 8 is much
3570more careful about checking for security problems than previous
3571versions, but there are some things that you still need to watch
3572for. In particular:
3573
3574* Make sure the aliases file is not writable except by trusted
3575 system personnel. This includes both the text and database
3576 version.
3577
3578* Make sure that other files that sendmail reads, such as the
3579 mailertable, are only writable by trusted system personnel.
3580
3581* The queue directory should not be world writable PARTICULARLY
3582 if your system allows "file giveaways" (that is, if a non-root
3583 user can chown any file they own to any other user).
3584
3585* If your system allows file giveaways, DO NOT create a publically
3586 writable directory for forward files. This will allow anyone
3587 to steal anyone else's e-mail. Instead, create a script that
3588 copies the .forward file from users' home directories once a
3589 night (if you want the non-NFS-mounted forward directory).
3590
3591* If your system allows file giveaways, you'll find that
3592 sendmail is much less trusting of :include: files -- in
3593 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in
3594 /etc/shells before they will be trusted (that is, before
3595 files and programs listed in them will be honored).
3596
3597In general, file giveaways are a mistake -- if you can turn them
3598off, do so.
3599
3600
3601+--------------------------------+
3602| TWEAKING CONFIGURATION OPTIONS |
3603+--------------------------------+
3604
3605There are a large number of configuration options that don't normally
3606need to be changed. However, if you feel you need to tweak them,
3607you can define the following M4 variables. Note that some of these
3608variables require formats that are defined in RFC 2821 or RFC 2822.
3609Before changing them you need to make sure you do not violate those
3610(and other relevant) RFCs.
3611
3612This list is shown in four columns: the name you define, the default
3613value for that definition, the option or macro that is affected
3614(either Ox for an option or Dx for a macro), and a brief description.
3615Greater detail of the semantics can be found in the Installation
3616and Operations Guide.
3617
3618Some options are likely to be deprecated in future versions -- that is,
3619the option is only included to provide back-compatibility. These are
3620marked with "*".
3621
3622Remember that these options are M4 variables, and hence may need to
3623be quoted. In particular, arguments with commas will usually have to
3624be ``double quoted, like this phrase'' to avoid having the comma
3625confuse things. This is common for alias file definitions and for
3626the read timeout.
3627
3628M4 Variable Name Configuration [Default] & Description
3629================ ============= =======================
3630confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used
3631 for internally generated outgoing
3632 messages.
3633confDOMAIN_NAME $j macro If defined, sets $j. This should
3634 only be done if your system cannot
3635 determine your local domain name,
3636 and then it should be set to
3637 $w.Foo.COM, where Foo.COM is your
3638 domain name.
3639confCF_VERSION $Z macro If defined, this is appended to the
3640 configuration version name.
3641confLDAP_CLUSTER ${sendmailMTACluster} macro
3642 If defined, this is the LDAP
3643 cluster to use for LDAP searches
3644 as described above in ``USING LDAP
3645 FOR ALIASES, MAPS, AND CLASSES''.
3646confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
3647 internally generated From: address.
3648confRECEIVED_HEADER Received:
3649 [$?sfrom $s $.$?_($?s$|from $.$_)
3650 $.$?{auth_type}(authenticated)
3651 $.by $j ($v/$Z)$?r with $r$. id $i$?u
3652 for $u; $|;
3653 $.$b]
3654 The format of the Received: header
3655 in messages passed through this host.
3656 It is unwise to try to change this.
3657confMESSAGEID_HEADER Message-Id: [<$t.$i@$j>] The format of an
3658 internally generated Message-Id:
3659 header.
3660confCW_FILE Fw class [/etc/mail/local-host-names] Name
3661 of file used to get the local
3662 additions to class {w} (local host
3663 names).
3664confCT_FILE Ft class [/etc/mail/trusted-users] Name of
3665 file used to get the local additions
3666 to class {t} (trusted users).
3667confCR_FILE FR class [/etc/mail/relay-domains] Name of
3668 file used to get the local additions
3669 to class {R} (hosts allowed to relay).
3670confTRUSTED_USERS Ct class [no default] Names of users to add to
3671 the list of trusted users. This list
3672 always includes root, uucp, and daemon.
3673 See also FEATURE(`use_ct_file').
3674confTRUSTED_USER TrustedUser [no default] Trusted user for file
3675 ownership and starting the daemon.
3676 Not to be confused with
3677 confTRUSTED_USERS (see above).
3678confSMTP_MAILER - [esmtp] The mailer name used when
3679 SMTP connectivity is required.
3680 One of "smtp", "smtp8",
3681 "esmtp", or "dsmtp".
3682confUUCP_MAILER - [uucp-old] The mailer to be used by
3683 default for bang-format recipient
3684 addresses. See also discussion of
3685 class {U}, class {Y}, and class {Z}
3686 in the MAILER(`uucp') section.
3687confLOCAL_MAILER - [local] The mailer name used when
3688 local connectivity is required.
3689 Almost always "local".
3690confRELAY_MAILER - [relay] The default mailer name used
3691 for relaying any mail (e.g., to a
3692 BITNET_RELAY, a SMART_HOST, or
3693 whatever). This can reasonably be
3694 "uucp-new" if you are on a
3695 UUCP-connected site.
3696confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits?
3697confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling
3698confALIAS_WAIT AliasWait [10m] Time to wait for alias file
3699 rebuild until you get bored and
3700 decide that the apparently pending
3701 rebuild failed.
3702confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on
3703 queue filesystem to accept SMTP mail.
3704 (Prior to 8.7 this was minfree/maxsize,
3705 where minfree was the number of free
3706 blocks and maxsize was the maximum
3707 message size. Use confMAX_MESSAGE_SIZE
3708 for the second value now.)
3709confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages
3710 that will be accepted (in bytes).
3711confBLANK_SUB BlankSub [.] Blank (space) substitution
3712 character.
3713confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately
3714 to mailers marked expensive.
3715confCHECKPOINT_INTERVAL CheckpointInterval
3716 [10] Checkpoint queue files every N
3717 recipients.
3718confDELIVERY_MODE DeliveryMode [background] Default delivery mode.
3719confERROR_MODE ErrorMode [print] Error message mode.
3720confERROR_MESSAGE ErrorHeader [undefined] Error message header/file.
3721confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines.
3722confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode.
3723confMATCH_GECOS MatchGECOS [False] Match GECOS field.
3724confMAX_HOP MaxHopCount [25] Maximum hop count.
3725confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd
3726 mode] Ignore dot as terminator for
3727 incoming messages?
3728confBIND_OPTS ResolverOptions [undefined] Default options for DNS
3729 resolver.
3730confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME-
3731 encapsulated messages per RFC 1344.
3732confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward]
3733 The colon-separated list of places to
3734 search for .forward files. N.B.: see
3735 the Security Notes section.
3736confMCI_CACHE_SIZE ConnectionCacheSize
3737 [2] Size of open connection cache.
3738confMCI_CACHE_TIMEOUT ConnectionCacheTimeout
3739 [5m] Open connection cache timeout.
3740confHOST_STATUS_DIRECTORY HostStatusDirectory
3741 [undefined] If set, host status is kept
3742 on disk between sendmail runs in the
3743 named directory tree. This need not be
3744 a full pathname, in which case it is
3745 interpreted relative to the queue
3746 directory.
3747confSINGLE_THREAD_DELIVERY SingleThreadDelivery
3748 [False] If this option and the
3749 HostStatusDirectory option are both
3750 set, single thread deliveries to other
3751 hosts. That is, don't allow any two
3752 sendmails on this host to connect
3753 simultaneously to any other single
3754 host. This can slow down delivery in
3755 some cases, in particular since a
3756 cached but otherwise idle connection
3757 to a host will prevent other sendmails
3758 from connecting to the other host.
3759confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to
3760 deliver error messages. This should
3761 not be necessary because of general
3762 acceptance of the envelope/header
3763 distinction.
3764confLOG_LEVEL LogLevel [9] Log level.
3765confME_TOO MeToo [True] Include sender in group
3766 expansions. This option is
3767 deprecated and will be removed from
3768 a future version.
3769confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when
3770 running newaliases. Since this does
3771 DNS lookups on every address, it can
3772 slow down the alias rebuild process
3773 considerably on large alias files.
3774confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without
3775 special chars are old style.
3776confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags.
3777confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional
3778 copies of all error messages.
3779confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function.
3780confQUEUE_FILE_MODE QueueFileMode [undefined] Default permissions for
3781 queue files (octal). If not set,
3782 sendmail uses 0600 unless its real
3783 and effective uid are different in
3784 which case it uses 0644.
3785confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr
3786 syntax addresses to the minimum
3787 possible.
3788confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk
3789 before forking.
3790confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response
3791 on the initial connect.
3792confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial
3793 connect() to complete. This can only
3794 shorten connection timeouts; the kernel
3795 silently enforces an absolute maximum
3796 (which varies depending on the system).
3797confTO_ICONNECT Timeout.iconnect
3798 [undefined] Like Timeout.connect, but
3799 applies only to the very first attempt
3800 to connect to a host in a message.
3801 This allows a single very fast pass
3802 followed by more careful delivery
3803 attempts in the future.
3804confTO_ACONNECT Timeout.aconnect
3805 [0] The overall timeout waiting for
3806 all connection for a single delivery
3807 attempt to succeed. If 0, no overall
3808 limit is applied.
3809confTO_HELO Timeout.helo [5m] The timeout waiting for a response
3810 to a HELO or EHLO command.
3811confTO_MAIL Timeout.mail [10m] The timeout waiting for a
3812 response to the MAIL command.
3813confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response
3814 to the RCPT command.
3815confTO_DATAINIT Timeout.datainit
3816 [5m] The timeout waiting for a 354
3817 response from the DATA command.
3818confTO_DATABLOCK Timeout.datablock
3819 [1h] The timeout waiting for a block
3820 during DATA phase.
3821confTO_DATAFINAL Timeout.datafinal
3822 [1h] The timeout waiting for a response
3823 to the final "." that terminates a
3824 message.
3825confTO_RSET Timeout.rset [5m] The timeout waiting for a response
3826 to the RSET command.
3827confTO_QUIT Timeout.quit [2m] The timeout waiting for a response
3828 to the QUIT command.
3829confTO_MISC Timeout.misc [2m] The timeout waiting for a response
3830 to other SMTP commands.
3831confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout
3832 waiting for a command to be issued.
3833confTO_IDENT Timeout.ident [5s] The timeout waiting for a
3834 response to an IDENT query.
3835confTO_FILEOPEN Timeout.fileopen
3836 [60s] The timeout waiting for a file
3837 (e.g., :include: file) to be opened.
3838confTO_LHLO Timeout.lhlo [2m] The timeout waiting for a response
3839 to an LMTP LHLO command.
3840confTO_AUTH Timeout.auth [10m] The timeout waiting for a
3841 response in an AUTH dialogue.
3842confTO_STARTTLS Timeout.starttls
3843 [1h] The timeout waiting for a
3844 response to an SMTP STARTTLS command.
3845confTO_CONTROL Timeout.control
3846 [2m] The timeout for a complete
3847 control socket transaction to complete.
3848confTO_QUEUERETURN Timeout.queuereturn
3849 [5d] The timeout before a message is
3850 returned as undeliverable.
3851confTO_QUEUERETURN_NORMAL
3852 Timeout.queuereturn.normal
3853 [undefined] As above, for normal
3854 priority messages.
3855confTO_QUEUERETURN_URGENT
3856 Timeout.queuereturn.urgent
3857 [undefined] As above, for urgent
3858 priority messages.
3859confTO_QUEUERETURN_NONURGENT
3860 Timeout.queuereturn.non-urgent
3861 [undefined] As above, for non-urgent
3862 (low) priority messages.
3863confTO_QUEUERETURN_DSN
3864 Timeout.queuereturn.dsn
3865 [undefined] As above, for delivery
3866 status notification messages.
3867confTO_QUEUEWARN Timeout.queuewarn
3868 [4h] The timeout before a warning
3869 message is sent to the sender telling
3870 them that the message has been
3871 deferred.
3872confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal
3873 [undefined] As above, for normal
3874 priority messages.
3875confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent
3876 [undefined] As above, for urgent
3877 priority messages.
3878confTO_QUEUEWARN_NONURGENT
3879 Timeout.queuewarn.non-urgent
3880 [undefined] As above, for non-urgent
3881 (low) priority messages.
3882confTO_QUEUEWARN_DSN
3883 Timeout.queuewarn.dsn
3884 [undefined] As above, for delivery
3885 status notification messages.
3886confTO_HOSTSTATUS Timeout.hoststatus
3887 [30m] How long information about host
3888 statuses will be maintained before it
3889 is considered stale and the host should
3890 be retried. This applies both within
3891 a single queue run and to persistent
3892 information (see below).
3893confTO_RESOLVER_RETRANS Timeout.resolver.retrans
3894 [varies] Sets the resolver's
3895 retransmission time interval (in
3896 seconds). Sets both
3897 Timeout.resolver.retrans.first and
3898 Timeout.resolver.retrans.normal.
3899confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first
3900 [varies] Sets the resolver's
3901 retransmission time interval (in
3902 seconds) for the first attempt to
3903 deliver a message.
3904confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal
3905 [varies] Sets the resolver's
3906 retransmission time interval (in
3907 seconds) for all resolver lookups
3908 except the first delivery attempt.
3909confTO_RESOLVER_RETRY Timeout.resolver.retry
3910 [varies] Sets the number of times
3911 to retransmit a resolver query.
3912 Sets both
3913 Timeout.resolver.retry.first and
3914 Timeout.resolver.retry.normal.
3915confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first
3916 [varies] Sets the number of times
3917 to retransmit a resolver query for
3918 the first attempt to deliver a
3919 message.
3920confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal
3921 [varies] Sets the number of times
3922 to retransmit a resolver query for
3923 all resolver lookups except the
3924 first delivery attempt.
3925confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be
3926 USE_SYSTEM to use the system's idea,
3927 USE_TZ to use the user's TZ envariable,
3928 or something else to force that value.
3929confDEF_USER_ID DefaultUser [1:1] Default user id.
3930confUSERDB_SPEC UserDatabaseSpec
3931 [undefined] User database
3932 specification.
3933confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
3934confFALLBACK_SMARTHOST FallbackSmartHost
3935 [undefined] Fallback smart host.
3936confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
3937 for a host and other arrangements
3938 haven't been made, try connecting
3939 to the host directly; normally this
3940 would be a config error.
3941confQUEUE_LA QueueLA [varies] Load average at which
3942 queue-only function kicks in.
3943 Default values is (8 * numproc)
3944 where numproc is the number of
3945 processors online (if that can be
3946 determined).
3947confREFUSE_LA RefuseLA [varies] Load average at which
3948 incoming SMTP connections are
3949 refused. Default values is (12 *
3950 numproc) where numproc is the
3951 number of processors online (if
3952 that can be determined).
3953confREJECT_LOG_INTERVAL RejectLogInterval [3h] Log interval when
3954 refusing connections for this long.
3955confDELAY_LA DelayLA [0] Load average at which sendmail
3956 will sleep for one second on most
3957 SMTP commands and before accepting
3958 connections. 0 means no limit.
3959confMAX_ALIAS_RECURSION MaxAliasRecursion
3960 [10] Maximum depth of alias recursion.
3961confMAX_DAEMON_CHILDREN MaxDaemonChildren
3962 [undefined] The maximum number of
3963 children the daemon will permit. After
3964 this number, connections will be
3965 rejected. If not set or <= 0, there is
3966 no limit.
3967confMAX_HEADERS_LENGTH MaxHeadersLength
3968 [32768] Maximum length of the sum
3969 of all headers.
3970confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength
3971 [undefined] Maximum length of
3972 certain MIME header field values.
3973confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
3974 [undefined] The maximum number of
3975 connections permitted per second per
3976 daemon. After this many connections
3977 are accepted, further connections
3978 will be delayed. If not set or <= 0,
3979 there is no limit.
3980confCONNECTION_RATE_WINDOW_SIZE ConnectionRateWindowSize
3981 [60s] Define the length of the
3982 interval for which the number of
3983 incoming connections is maintained.
3984confWORK_RECIPIENT_FACTOR
3985 RecipientFactor [30000] Cost of each recipient.
3986confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a
3987 separate process.
3988confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class.
3989confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt.
3990confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm:
3991 Priority, Host, Filename, Random,
3992 Modification, or Time.
3993confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job
3994 must sit in the queue between queue
3995 runs. This allows you to set the
3996 queue run interval low for better
3997 responsiveness without trying all
3998 jobs in each run.
3999confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting
4000 unlabeled 8 bit input to MIME, the
4001 character set to use by default.
4002confSERVICE_SWITCH_FILE ServiceSwitchFile
4003 [/etc/mail/service.switch] The file
4004 to use for the service switch on
4005 systems that do not have a
4006 system-defined switch.
4007confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing
4008 "file" type access of hosts names.
4009confDIAL_DELAY DialDelay [0s] If a connection fails, wait this
4010 long and try again. Zero means "don't
4011 retry". This is to allow "dial on
4012 demand" connections to have enough time
4013 to complete a connection.
4014confNO_RCPT_ACTION NoRecipientAction
4015 [none] What to do if there are no legal
4016 recipient fields (To:, Cc: or Bcc:)
4017 in the message. Legal values can
4018 be "none" to just leave the
4019 nonconforming message as is, "add-to"
4020 to add a To: header with all the
4021 known recipients (which may expose
4022 blind recipients), "add-apparently-to"
4023 to do the same but use Apparently-To:
4024 instead of To: (strongly discouraged
4025 in accordance with IETF standards),
4026 "add-bcc" to add an empty Bcc:
4027 header, or "add-to-undisclosed" to
4028 add the header
4029 ``To: undisclosed-recipients:;''.
4030confSAFE_FILE_ENV SafeFileEnvironment
4031 [undefined] If set, sendmail will do a
4032 chroot() into this directory before
4033 writing files.
4034confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6]
4035 If set, colons are treated as a regular
4036 character in addresses. If not set,
4037 they are treated as the introducer to
4038 the RFC 822 "group" syntax. Colons are
4039 handled properly in route-addrs. This
4040 option defaults on for V5 and lower
4041 configuration files.
4042confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of
4043 any given queue run to this number of
4044 entries. Essentially, this will stop
4045 reading each queue directory after this
4046 number of entries are reached; it does
4047 _not_ pick the highest priority jobs,
4048 so this should be as large as your
4049 system can tolerate. If not set, there
4050 is no limit.
4051confMAX_QUEUE_CHILDREN MaxQueueChildren
4052 [undefined] Limits the maximum number
4053 of concurrent queue runners active.
4054 This is to keep system resources used
4055 within a reasonable limit. Relates to
4056 Queue Groups and ForkEachJob.
4057confMAX_RUNNERS_PER_QUEUE MaxRunnersPerQueue
4058 [1] Only active when MaxQueueChildren
4059 defined. Controls the maximum number
4060 of queue runners (aka queue children)
4061 active at the same time in a work
4062 group. See also MaxQueueChildren.
4063confDONT_EXPAND_CNAMES DontExpandCnames
4064 [False] If set, $[ ... $] lookups that
4065 do DNS based lookups do not expand
4066 CNAME records. This currently violates
4067 the published standards, but the IETF
4068 seems to be moving toward legalizing
4069 this. For example, if "FTP.Foo.ORG"
4070 is a CNAME for "Cruft.Foo.ORG", then
4071 with this option set a lookup of
4072 "FTP" will return "FTP.Foo.ORG"; if
4073 clear it returns "Cruft.FOO.ORG". N.B.
4074 you may not see any effect until your
4075 downstream neighbors stop doing CNAME
4076 lookups as well.
4077confFROM_LINE UnixFromLine [From $g $d] The From_ line used
4078 when sending to files or programs.
4079confSINGLE_LINE_FROM_HEADER SingleLineFromHeader
4080 [False] From: lines that have
4081 embedded newlines are unwrapped
4082 onto one line.
4083confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that
4084 does not include a host name.
4085confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full
4086 name phrase (@,;:\()[] are automatic).
4087confOPERATORS OperatorChars [.:%@!^/[]+] Address operator
4088 characters.
4089confSMTP_LOGIN_MSG SmtpGreetingMessage
4090 [$j Sendmail $v/$Z; $b]
4091 The initial (spontaneous) SMTP
4092 greeting message. The word "ESMTP"
4093 will be inserted between the first and
4094 second words to convince other
4095 sendmails to try to speak ESMTP.
4096confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3)
4097 routine will never be invoked. You
4098 might want to do this if you are
4099 running NIS and you have a large group
4100 map, since this call does a sequential
4101 scan of the map; in a large site this
4102 can cause your ypserv to run
4103 essentially full time. If you set
4104 this, agents run on behalf of users
4105 will only have their primary
4106 (/etc/passwd) group permissions.
4107confUNSAFE_GROUP_WRITES UnsafeGroupWrites
4108 [True] If set, group-writable
4109 :include: and .forward files are
4110 considered "unsafe", that is, programs
4111 and files cannot be directly referenced
4112 from such files. World-writable files
4113 are always considered unsafe.
4114 Notice: this option is deprecated and
4115 will be removed in future versions;
4116 Set GroupWritableForwardFileSafe
4117 and GroupWritableIncludeFileSafe in
4118 DontBlameSendmail if required.
4119confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection
4120 address (for testing).
4121confCONTROL_SOCKET_NAME ControlSocketName
4122 [undefined] Control socket for daemon
4123 management.
4124confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress
4125 [postmaster] If an error occurs when
4126 sending an error message, send that
4127 "double bounce" error message to this
4128 address. If it expands to an empty
4129 string, double bounces are dropped.
4130confSOFT_BOUNCE SoftBounce [False] If set, issue temporary errors
4131 (4xy) instead of permanent errors
4132 (5xy). This can be useful during
4133 testing of a new configuration to
4134 avoid erroneous bouncing of mails.
4135confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce
4136 messages which could not be returned
4137 to the user or sent to postmaster.
4138 If not set, the queue file will
4139 be renamed.
4140confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header
4141 implies DSN request.
4142confRUN_AS_USER RunAsUser [undefined] If set, become this user
4143 when reading and delivering mail.
4144 Causes all file reads (e.g., .forward
4145 and :include: files) to be done as
4146 this user. Also, all programs will
4147 be run as this user, and all output
4148 files will be written as this user.
4149confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage
4150 [infinite] If set, allow no more than
4151 the specified number of recipients in
4152 an SMTP envelope. Further recipients
4153 receive a 452 error code (i.e., they
4154 are deferred for the next delivery
4155 attempt).
4156confBAD_RCPT_THROTTLE BadRcptThrottle [infinite] If set and the specified
4157 number of recipients in a single SMTP
4158 transaction have been rejected, sleep
4159 for one second after each subsequent
4160 RCPT command in that transaction.
4161confDONT_PROBE_INTERFACES DontProbeInterfaces
4162 [False] If set, sendmail will _not_
4163 insert the names and addresses of any
4164 local interfaces into class {w}
4165 (list of known "equivalent" addresses).
4166 If you set this, you must also include
4167 some support for these addresses (e.g.,
4168 in a mailertable entry) -- otherwise,
4169 mail to addresses in this list will
4170 bounce with a configuration error.
4171 If set to "loopback" (without
4172 quotes), sendmail will skip
4173 loopback interfaces (e.g., "lo0").
4174confPID_FILE PidFile [system dependent] Location of pid
4175 file.
4176confPROCESS_TITLE_PREFIX ProcessTitlePrefix
4177 [undefined] Prefix string for the
4178 process title shown on 'ps' listings.
4179confDONT_BLAME_SENDMAIL DontBlameSendmail
4180 [safe] Override sendmail's file
4181 safety checks. This will definitely
4182 compromise system security and should
4183 not be used unless absolutely
4184 necessary.
4185confREJECT_MSG - [550 Access denied] The message
4186 given if the access database contains
4187 REJECT in the value portion.
4188confRELAY_MSG - [550 Relaying denied] The message
4189 given if an unauthorized relaying
4190 attempt is rejected.
4191confDF_BUFFER_SIZE DataFileBufferSize
4192 [4096] The maximum size of a
4193 memory-buffered data (df) file
4194 before a disk-based file is used.
4195confXF_BUFFER_SIZE XScriptFileBufferSize
4196 [4096] The maximum size of a
4197 memory-buffered transcript (xf)
4198 file before a disk-based file is
4199 used.
4200confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5
4201 CRAM-MD5] List of authentication
4202 mechanisms for AUTH (separated by
4203 spaces). The advertised list of
4204 authentication mechanisms will be the
4205 intersection of this list and the list
4206 of available mechanisms as determined
4207 by the Cyrus SASL library.
4208confAUTH_REALM AuthRealm [undefined] The authentication realm
4209 that is passed to the Cyrus SASL
4210 library. If no realm is specified,
4211 $j is used.
4212confDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains
4213 authentication information for
4214 outgoing connections. This file must
4215 contain the user id, the authorization
4216 id, the password (plain text), the
4217 realm to use, and the list of
4218 mechanisms to try, each on a separate
4219 line and must be readable by root (or
4220 the trusted user) only. If no realm
4221 is specified, $j is used. If no
4222 mechanisms are given in the file,
4223 AuthMechanisms is used. Notice: this
4224 option is deprecated and will be
4225 removed in future versions; it doesn't
4226 work for the MSP since it can't read
4227 the file. Use the authinfo ruleset
4228 instead. See also the section SMTP
4229 AUTHENTICATION.
4230confAUTH_OPTIONS AuthOptions [undefined] If this option is 'A'
4231 then the AUTH= parameter for the
4232 MAIL FROM command is only issued
4233 when authentication succeeded.
4234 See doc/op/op.me for more options
4235 and details.
4236confAUTH_MAX_BITS AuthMaxBits [INT_MAX] Limit the maximum encryption
4237 strength for the security layer in
4238 SMTP AUTH (SASL). Default is
4239 essentially unlimited.
4240confTLS_SRV_OPTIONS TLSSrvOptions If this option is 'V' no client
4241 verification is performed, i.e.,
4242 the server doesn't ask for a
4243 certificate.
4244confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map
4245 specification for LDAP maps. The
4246 value should only contain LDAP
4247 specific settings such as "-h host
4248 -p port -d bindDN", etc. The
4249 settings will be used for all LDAP
4250 maps unless they are specified in
4251 the individual map specification
4252 ('K' command).
4253confCACERT_PATH CACertPath [undefined] Path to directory
4254 with certs of CAs.
4255confCACERT CACertFile [undefined] File containing one CA
4256 cert.
4257confSERVER_CERT ServerCertFile [undefined] File containing the
4258 cert of the server, i.e., this cert
4259 is used when sendmail acts as
4260 server.
4261confSERVER_KEY ServerKeyFile [undefined] File containing the
4262 private key belonging to the server
4263 cert.
4264confCLIENT_CERT ClientCertFile [undefined] File containing the
4265 cert of the client, i.e., this cert
4266 is used when sendmail acts as
4267 client.
4268confCLIENT_KEY ClientKeyFile [undefined] File containing the
4269 private key belonging to the client
4270 cert.
4271confCRL CRLFile [undefined] File containing certificate
4272 revocation status, useful for X.509v3
4273 authentication. Note that CRL requires
4274 at least OpenSSL version 0.9.7.
4275confDH_PARAMETERS DHParameters [undefined] File containing the
4276 DH parameters.
4277confRAND_FILE RandFile [undefined] File containing random
4278 data (use prefix file:) or the
4279 name of the UNIX socket if EGD is
4280 used (use prefix egd:). STARTTLS
4281 requires this option if the compile
4282 flag HASURANDOM is not set (see
4283 sendmail/README).
4284confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of
4285 queue runners is set the given value
4286 (nice(3)).
4287confDIRECT_SUBMISSION_MODIFIERS DirectSubmissionModifiers
4288 [undefined] Defines {daemon_flags}
4289 for direct submissions.
4290confUSE_MSP UseMSP [undefined] Use as mail submission
4291 program, see sendmail/SECURITY.
4292confDELIVER_BY_MIN DeliverByMin [0] Minimum time for Deliver By
4293 SMTP Service Extension (RFC 2852).
4294confREQUIRES_DIR_FSYNC RequiresDirfsync [true] RequiresDirfsync can
4295 be used to turn off the compile time
4296 flag REQUIRES_DIR_FSYNC at runtime.
4297 See sendmail/README for details.
4298confSHARED_MEMORY_KEY SharedMemoryKey [0] Key for shared memory.
4299confSHARED_MEMORY_KEY_FILE
4300 SharedMemoryKeyFile
4301 [undefined] File where the
4302 automatically selected key for
4303 shared memory is stored.
4304confFAST_SPLIT FastSplit [1] If set to a value greater than
4305 zero, the initial MX lookups on
4306 addresses is suppressed when they
4307 are sorted which may result in
4308 faster envelope splitting. If the
4309 mail is submitted directly from the
4310 command line, then the value also
4311 limits the number of processes to
4312 deliver the envelopes.
4313confMAILBOX_DATABASE MailboxDatabase [pw] Type of lookup to find
4314 information about local mailboxes.
4315confDEQUOTE_OPTS - [empty] Additional options for the
4316 dequote map.
4317confMAX_NOOP_COMMANDS MaxNOOPCommands [20] Maximum number of "useless"
4318 commands before the SMTP server
4319 will slow down responding.
4320confHELO_NAME HeloName If defined, use as name for EHLO/HELO
4321 command (instead of $j).
4322confINPUT_MAIL_FILTERS InputMailFilters
4323 A comma separated list of filters
4324 which determines which filters and
4325 the invocation sequence are
4326 contacted for incoming SMTP
4327 messages. If none are set, no
4328 filters will be contacted.
4329confMILTER_LOG_LEVEL Milter.LogLevel [9] Log level for input mail filter
4330 actions, defaults to LogLevel.
4331confMILTER_MACROS_CONNECT Milter.macros.connect
4332 [j, _, {daemon_name}, {if_name},
4333 {if_addr}] Macros to transmit to
4334 milters when a session connection
4335 starts.
4336confMILTER_MACROS_HELO Milter.macros.helo
4337 [{tls_version}, {cipher},
4338 {cipher_bits}, {cert_subject},
4339 {cert_issuer}] Macros to transmit to
4340 milters after HELO/EHLO command.
4341confMILTER_MACROS_ENVFROM Milter.macros.envfrom
4342 [i, {auth_type}, {auth_authen},
4343 {auth_ssf}, {auth_author},
4344 {mail_mailer}, {mail_host},
4345 {mail_addr}] Macros to transmit to
4346 milters after MAIL FROM command.
4347confMILTER_MACROS_ENVRCPT Milter.macros.envrcpt
4348 [{rcpt_mailer}, {rcpt_host},
4349 {rcpt_addr}] Macros to transmit to
4350 milters after RCPT TO command.
4351confMILTER_MACROS_EOM Milter.macros.eom
4352 [{msg_id}] Macros to transmit to
4353 milters after the terminating
4354 DATA '.' is received.
4355confMILTER_MACROS_EOH Milter.macros.eoh
4356 Macros to transmit to milters
4357 after the end of headers.
4358confMILTER_MACROS_DATA Milter.macros.data
4359 Macros to transmit to milters
4360 after DATA command is received.
4361
4362
4363See also the description of OSTYPE for some parameters that can be
4364tweaked (generally pathnames to mailers).
4365
4366ClientPortOptions and DaemonPortOptions are special cases since multiple
4367clients/daemons can be defined. This can be done via
4368
4369 CLIENT_OPTIONS(`field1=value1,field2=value2,...')
4370 DAEMON_OPTIONS(`field1=value1,field2=value2,...')
4371
4372Note that multiple CLIENT_OPTIONS() commands (and therefore multiple
4373ClientPortOptions settings) are allowed in order to give settings for each
4374protocol family (e.g., one for Family=inet and one for Family=inet6). A
4375restriction placed on one family only affects outgoing connections on that
4376particular family.
4377
4378If DAEMON_OPTIONS is not used, then the default is
4379
4380 DAEMON_OPTIONS(`Port=smtp, Name=MTA')
4381 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E')
4382
4383If you use one DAEMON_OPTIONS macro, it will alter the parameters
4384of the first of these. The second will still be defaulted; it
4385represents a "Message Submission Agent" (MSA) as defined by RFC
43862476 (see below). To turn off the default definition for the MSA,
4387use FEATURE(`no_default_msa') (see also FEATURES). If you use
4388additional DAEMON_OPTIONS macros, they will add additional daemons.
4389
4390Example 1: To change the port for the SMTP listener, while
4391still using the MSA default, use
4392 DAEMON_OPTIONS(`Port=925, Name=MTA')
4393
4394Example 2: To change the port for the MSA daemon, while still
4395using the default SMTP port, use
4396 FEATURE(`no_default_msa')
4397 DAEMON_OPTIONS(`Name=MTA')
4398 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E')
4399
4400Note that if the first of those DAEMON_OPTIONS lines were omitted, then
4401there would be no listener on the standard SMTP port.
4402
4403Example 3: To listen on both IPv4 and IPv6 interfaces, use
4404
4405 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet')
4406 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6')
4407
4408A "Message Submission Agent" still uses all of the same rulesets for
4409processing the message (and therefore still allows message rejection via
4410the check_* rulesets). In accordance with the RFC, the MSA will ensure
4411that all domains in envelope addresses are fully qualified if the message
4412is relayed to another MTA. It will also enforce the normal address syntax
4413rules and log error messages. Additionally, by using the M=a modifier you
4414can require authentication before messages are accepted by the MSA.
4415Notice: Do NOT use the 'a' modifier on a public accessible MTA! Finally,
4416the M=E modifier shown above disables ETRN as required by RFC 2476.
4417
4418Mail filters can be defined using the INPUT_MAIL_FILTER() and MAIL_FILTER()
4419commands:
4420
4421 INPUT_MAIL_FILTER(`sample', `S=local:/var/run/f1.sock')
4422 MAIL_FILTER(`myfilter', `S=inet:3333@localhost')
4423
4424The INPUT_MAIL_FILTER() command causes the filter(s) to be called in the
4425same order they were specified by also setting confINPUT_MAIL_FILTERS. A
4426filter can be defined without adding it to the input filter list by using
4427MAIL_FILTER() instead of INPUT_MAIL_FILTER() in your .mc file.
4428Alternatively, you can reset the list of filters and their order by setting
4429confINPUT_MAIL_FILTERS option after all INPUT_MAIL_FILTER() commands in
4430your .mc file.
4431
4432
4433+----------------------------+
4434| MESSAGE SUBMISSION PROGRAM |
4435+----------------------------+
4436
4437The purpose of the message submission program (MSP) is explained
4438in sendmail/SECURITY. This section contains a list of caveats and
4439a few hints how for those who want to tweak the default configuration
4440for it (which is installed as submit.cf).
4441
4442Notice: do not add options/features to submit.mc unless you are
4443absolutely sure you need them. Options you may want to change
4444include:
4445
4446- confTRUSTED_USERS, FEATURE(`use_ct_file'), and confCT_FILE for
4447 avoiding X-Authentication warnings.
4448- confTIME_ZONE to change it from the default `USE_TZ'.
4449- confDELIVERY_MODE is set to interactive in msp.m4 instead
4450 of the default background mode.
4451- FEATURE(stickyhost) and LOCAL_RELAY to send unqualified addresses
4452 to the LOCAL_RELAY instead of the default relay.
4453- confRAND_FILE if you use STARTTLS and sendmail is not compiled with
4454 the flag HASURANDOM.
4455
4456The MSP performs hostname canonicalization by default. As also
4457explained in sendmail/SECURITY, mail may end up for various DNS
4458related reasons in the MSP queue. This problem can be minimized by
4459using
4460
4461 FEATURE(`nocanonify', `canonify_hosts')
4462 define(`confDIRECT_SUBMISSION_MODIFIERS', `C')
4463
4464See the discussion about nocanonify for possible side effects.
4465
4466Some things are not intended to work with the MSP. These include
4467features that influence the delivery process (e.g., mailertable,
4468aliases), or those that are only important for a SMTP server (e.g.,
4469virtusertable, DaemonPortOptions, multiple queues). Moreover,
4470relaxing certain restrictions (RestrictQueueRun, permissions on
4471queue directory) or adding features (e.g., enabling prog/file mailer)
4472can cause security problems.
4473
4474Other things don't work well with the MSP and require tweaking or
4475workarounds. For example, to allow for client authentication it
4476is not just sufficient to provide a client certificate and the
4477corresponding key, but it is also necessary to make the key group
4478(smmsp) readable and tell sendmail not to complain about that, i.e.,
4479
4480 define(`confDONT_BLAME_SENDMAIL', `GroupReadableKeyFile')
4481
4482If the MSP should actually use AUTH then the necessary data
4483should be placed in a map as explained in SMTP AUTHENTICATION:
4484
4485FEATURE(`authinfo', `DATABASE_MAP_TYPE /etc/mail/msp-authinfo')
4486
4487/etc/mail/msp-authinfo should contain an entry like:
4488
4489 AuthInfo:127.0.0.1 "U:smmsp" "P:secret" "M:DIGEST-MD5"
4490
4491The file and the map created by makemap should be owned by smmsp,
4492its group should be smmsp, and it should have mode 640. The database
4493used by the MTA for AUTH must have a corresponding entry.
4494Additionally the MTA must trust this authentication data so the AUTH=
4495part will be relayed on to the next hop. This can be achieved by
4496adding the following to your sendmail.mc file:
4497
4498 LOCAL_RULESETS
4499 SLocal_trust_auth
4500 R$* $: $&{auth_authen}
4501 Rsmmsp $# OK
4502
4503Note: the authentication data can leak to local users who invoke
4504the MSP with debug options or even with -v. For that reason either
4505an authentication mechanism that does not show the password in the
4506AUTH dialogue (e.g., DIGEST-MD5) or a different authentication
4507method like STARTTLS should be used.
4508
4509feature/msp.m4 defines almost all settings for the MSP. Most of
4510those should not be changed at all. Some of the features and options
4511can be overridden if really necessary. It is a bit tricky to do
4512this, because it depends on the actual way the option is defined
4513in feature/msp.m4. If it is directly defined (i.e., define()) then
4514the modified value must be defined after
4515
4516 FEATURE(`msp')
4517
4518If it is conditionally defined (i.e., ifdef()) then the desired
4519value must be defined before the FEATURE line in the .mc file.
4520To see how the options are defined read feature/msp.m4.
4521
4522
4523+--------------------------+
4524| FORMAT OF FILES AND MAPS |
4525+--------------------------+
4526
4527Files that define classes, i.e., F{classname}, consist of lines
4528each of which contains a single element of the class. For example,
4529/etc/mail/local-host-names may have the following content:
4530
4531my.domain
4532another.domain
4533
4534Maps must be created using makemap(8) , e.g.,
4535
4536 makemap hash MAP < MAP
4537
4538In general, a text file from which a map is created contains lines
4539of the form
4540
4541key value
4542
4543where 'key' and 'value' are also called LHS and RHS, respectively.
4544By default, the delimiter between LHS and RHS is a non-empty sequence
4545of white space characters.
4546
4547
4548+------------------+
4549| DIRECTORY LAYOUT |
4550+------------------+
4551
4552Within this directory are several subdirectories, to wit:
4553
4554m4 General support routines. These are typically
4555 very important and should not be changed without
4556 very careful consideration.
4557
4558cf The configuration files themselves. They have
4559 ".mc" suffixes, and must be run through m4 to
4560 become complete. The resulting output should
4561 have a ".cf" suffix.
4562
4563ostype Definitions describing a particular operating
4564 system type. These should always be referenced
4565 using the OSTYPE macro in the .mc file. Examples
4566 include "bsd4.3", "bsd4.4", "sunos3.5", and
4567 "sunos4.1".
4568
4569domain Definitions describing a particular domain, referenced
4570 using the DOMAIN macro in the .mc file. These are
4571 site dependent; for example, "CS.Berkeley.EDU.m4"
4572 describes hosts in the CS.Berkeley.EDU subdomain.
4573
4574mailer Descriptions of mailers. These are referenced using
4575 the MAILER macro in the .mc file.
4576
4577sh Shell files used when building the .cf file from the
4578 .mc file in the cf subdirectory.
4579
4580feature These hold special orthogonal features that you might
4581 want to include. They should be referenced using
4582 the FEATURE macro.
4583
4584hack Local hacks. These can be referenced using the HACK
4585 macro. They shouldn't be of more than voyeuristic
4586 interest outside the .Berkeley.EDU domain, but who knows?
4587
4588siteconfig Site configuration -- e.g., tables of locally connected
4589 UUCP sites.
4590
4591
4592+------------------------+
4593| ADMINISTRATIVE DETAILS |
4594+------------------------+
4595
4596The following sections detail usage of certain internal parts of the
4597sendmail.cf file. Read them carefully if you are trying to modify
4598the current model. If you find the above descriptions adequate, these
4599should be {boring, confusing, tedious, ridiculous} (pick one or more).
4600
4601RULESETS (* means built in to sendmail)
4602
4603 0 * Parsing
4604 1 * Sender rewriting
4605 2 * Recipient rewriting
4606 3 * Canonicalization
4607 4 * Post cleanup
4608 5 * Local address rewrite (after aliasing)
4609 1x mailer rules (sender qualification)
4610 2x mailer rules (recipient qualification)
4611 3x mailer rules (sender header qualification)
4612 4x mailer rules (recipient header qualification)
4613 5x mailer subroutines (general)
4614 6x mailer subroutines (general)
4615 7x mailer subroutines (general)
4616 8x reserved
4617 90 Mailertable host stripping
4618 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail)
4619 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail)
4620 98 Local part of ruleset 0 (ruleset 8 in old sendmail)
4621
4622
4623MAILERS
4624
4625 0 local, prog local and program mailers
4626 1 [e]smtp, relay SMTP channel
4627 2 uucp-* UNIX-to-UNIX Copy Program
4628 3 netnews Network News delivery
4629 4 fax Sam Leffler's HylaFAX software
4630 5 mail11 DECnet mailer
4631
4632
4633MACROS
4634
4635 A
4636 B Bitnet Relay
4637 C DECnet Relay
4638 D The local domain -- usually not needed
4639 E reserved for X.400 Relay
4640 F FAX Relay
4641 G
4642 H mail Hub (for mail clusters)
4643 I
4644 J
4645 K
4646 L Luser Relay
4647 M Masquerade (who you claim to be)
4648 N
4649 O
4650 P
4651 Q
4652 R Relay (for unqualified names)
4653 S Smart Host
4654 T
4655 U my UUCP name (if you have a UUCP connection)
4656 V UUCP Relay (class {V} hosts)
4657 W UUCP Relay (class {W} hosts)
4658 X UUCP Relay (class {X} hosts)
4659 Y UUCP Relay (all other hosts)
4660 Z Version number
4661
4662
4663CLASSES
4664
4665 A
4666 B domains that are candidates for bestmx lookup
4667 C
4668 D
4669 E addresses that should not seem to come from $M
4670 F hosts this system forward for
4671 G domains that should be looked up in genericstable
4672 H
4673 I
4674 J
4675 K
4676 L addresses that should not be forwarded to $R
4677 M domains that should be mapped to $M
4678 N host/domains that should not be mapped to $M
4679 O operators that indicate network operations (cannot be in local names)
4680 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc.
4681 Q
4682 R domains this system is willing to relay (pass anti-spam filters)
4683 S
4684 T
4685 U locally connected UUCP hosts
4686 V UUCP hosts connected to relay $V
4687 W UUCP hosts connected to relay $W
4688 X UUCP hosts connected to relay $X
4689 Y locally connected smart UUCP hosts
4690 Z locally connected domain-ized UUCP hosts
4691 . the class containing only a dot
4692 [ the class containing only a left bracket
4693
4694
4695M4 DIVERSIONS
4696
4697 1 Local host detection and resolution
4698 2 Local Ruleset 3 additions
4699 3 Local Ruleset 0 additions
4700 4 UUCP Ruleset 0 additions
4701 5 locally interpreted names (overrides $R)
4702 6 local configuration (at top of file)
4703 7 mailer definitions
4704 8 DNS based blacklists
4705 9 special local rulesets (1 and 2)
4706
4707$Revision: 8.730 $, Last updated $Date: 2014-01-16 15:55:51 $
4708