Lines Matching +full:local +full:- +full:host
9 To get started, you may want to look at tcpproto.mc (for TCP-only
11 mail host), or the generic-*.mc files as operating system-specific
30 ANTI-SPAM CONFIGURATION CONTROL
37 NON-SMTP BASED CONFIGURATIONS
51 +--------------------------+
53 +--------------------------+
57 You must pre-load "cf.m4":
70 or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory.
72 use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example:
74 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf
78 divert(-1)
80 # Copyright (c) 1998-2005 Proofpoint, Inc. and its suppliers.
92 # This is a Berkeley-specific configuration file for HP-UX 9.x.
102 The divert(-1) will delete the crud in the resulting output file.
112 in SMTP greeting messages -- this is defined in m4/version.m4.
117 pathname of the help and status files, the flags needed for the local
129 MAILER(`local')
132 These describe the mailers used at the default CS site. The local
141 local macro definitions
147 There are a few exceptions to this rule. Local macro definitions which
154 *** Berkeley-specific assumptions built in, such as the name ***
155 *** of their UUCP-relay. You'll want to create your own ***
181 +----------------------------+
183 +----------------------------+
186 files. The most important thing to know is that M4 is stream-based,
222 -------
224 This package requires a post-V7 version of m4; if you are running the
226 BSD-Net/2's m4 both work. GNU m4 version 1.1 or later also works.
227 Unfortunately, the M4 on BSDI 1.0 doesn't work -- you'll have to use a
229 ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the latest version).
234 +----------------+
236 +----------------+
239 related files, /etc/mail. The new files available for sendmail 8.9 --
240 the class {R} /etc/mail/relay-domains and the access database
241 /etc/mail/access -- take advantage of this new directory. Beginning with
249 ------------ ------------
265 /etc/sendmail.cw /etc/mail/local-host-names
266 /etc/mail/sendmail.cw /etc/mail/local-host-names
267 /etc/sendmail/sendmail.cw /etc/mail/local-host-names
269 /etc/sendmail.ct /etc/mail/trusted-users
271 /etc/sendmail.oE /etc/mail/error-header
301 +--------+
303 +--------+
317 empty). Unfortunately, the list of configuration-supported systems is
318 not as broad as the list of source-supported systems, since many of
322 of the alias file(s). It can be a comma-separated
324 commas in them -- for example, use
346 LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail.
347 LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The
349 LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local
351 LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local
355 useful for LMTP local mailers.
356 LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
358 local mailer and which are converted to MIME will be
361 end of line for the local mailer.
363 [X-Unix] The DSN Diagnostic-Code value for the
364 local mailer. This should be changed with care.
368 LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog"
372 LOCAL_MAILER_QGRP [undefined] The queue group for the local mailer.
376 USENET_MAILER_ARGS [-m -h -n] The command line arguments for the
385 flags are `mDFMuX' for all SMTP-based mailers; the
389 flags are `mDFMuX' for all SMTP-based mailers; the
416 SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
420 RELAY_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
429 flags are `DFMhuU' (and `m' for uucp-new mailer,
430 minus `U' for uucp-dom mailer).
431 UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments
435 UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
440 FAX_MAILER_PATH [/usr/local/lib/fax/mailfax] The program used to
451 PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail
458 PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to
470 PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery
474 PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer.
480 CYRUS_MAILER_ARGS [deliver -e -m $h -- $u] The arguments passed
489 CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed
504 CYRUSV2_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
512 QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver
514 QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed
525 (thus overriding the default value), or if it starts with `+' (`-')
529 MODIFY_MAILER_FLAGS(`LOCAL', `+e')
539 +---------+
541 +---------+
543 You will probably want to collect domain-dependent defines into one
548 UUCP_RELAY The host that will accept UUCP-addressed email.
551 BITNET_RELAY The host that will accept BITNET-addressed email.
552 If not defined, the .BITNET pseudo-domain won't work.
553 DECNET_RELAY The host that will accept DECNET-addressed email.
554 If not defined, the .DECNET pseudo-domain and addresses
556 FAX_RELAY The host that will accept mail to the .FAX pseudo-domain.
558 LOCAL_RELAY The site that will handle unqualified names -- that
562 FEATURE(`stickyhost') -- see the discussion of
565 central site to store a company- or department-wide
568 LUSER_RELAY The site that will handle lusers -- that is, apparently
569 local names that aren't local accounts or aliases. To
570 specify a local user instead of a site, set this to
571 ``local:username''.
574 mailer is the internal mailer name, such as ``uucp-new'' and the hostname
575 is the name of the host as appropriate for that mailer) or just a
583 (using "DD<domain>") and set certain site-wide features. If all hosts
587 You do not have to define a domain -- in particular, if you are a
593 +---------+
595 +---------+
601 local The local and prog mailers. You will almost always
610 five mailers: "smtp" for regular (old-style) SMTP to
613 converting 8-bit data to MIME (essentially, this is
614 your statement that you know the other end is 8-bit
619 uucp The UNIX-to-UNIX Copy Program mailer. Actually, this
620 defines two mailers, "uucp-old" (a.k.a. "uucp") and
621 "uucp-new" (a.k.a. "suucp"). The latter is for when you
625 ("uucp-dom" and "uucp-uudom") are also defined [warning: you
628 class {U} and sends them to the uucp-old mailer; all
629 names in class {Y} are sent to uucp-new; and all
630 names in class {Z} are sent to uucp-uudom. Note that
638 local email for users named ``group.usenet'' to the
654 host.com procmail:/etc/procmailrcs/host.com
656 with the file /etc/procmailrcs/host.com reading:
658 :0 # forward mail for host.com
659 ! -oi -f $1 person@other.host
661 This would arrange for (anything)@host.com to be sent
662 to person@other.host. In a procmail script, $1 is the
668 problem, e.g., a catch-all entry in a virtusertable.
682 a local cyrus user. this mailer can make use of the
683 "user+detail@local.host" syntax (see
686 permits. The cyrusbb mailer delivers to a system-wide
688 mailer must be defined after the local mailer.
691 local cyrus users via LMTP. This mailer can make use of the
692 "user+detail@local.host" syntax (see
696 local mailer.
701 The local mailer accepts addresses of the form "user+detail", where
703 to certain local mail programs (in particular, see
709 +----------+
711 +----------+
718 tells sendmail that you want to have it read an /etc/mail/local-host-names
720 optional parameters -- for example:
741 use_cw_file Read the file /etc/mail/local-host-names file to get
742 alternate names for this host. This might be used if you
743 were on a host that MXed for a dynamic set of other hosts.
749 use_ct_file Read the file /etc/mail/trusted-users file to get the
751 set their envelope from address using -f without generating
762 `reject': reject addresses which have "!" in the local
766 Warnings: 1. See the notice in the anti-spam section.
772 `reject': reject addresses which have % in the local
776 Warnings: 1. See the notice in the anti-spam section.
781 by default, i.e., host/domain names are considered canonical,
792 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off
799 canonification for local domains, e.g., use
802 Another way to require canonification in the local
813 <user@host>, will be canonified (and hopefully fully
821 "user@local.host" are marked as "sticky" -- that
822 is, the local addresses aren't matched against UDB,
826 With MAIL_HUB, mail addressed to "user@local.host"
828 address still remaining "user@local.host".
835 i.e. local host names). The argument of the FEATURE may be
842 or partial domains preceded by a dot -- for example,
851 local:user
852 will forward to the indicated user using the local mailer,
853 local:
854 will forward to the original user in the e-mail address
855 using the local mailer, and
897 Include the local host domain even on locally delivered
900 the same user name space everywhere, you may need the host
901 name on local names. An optional argument specifies
902 another domain to be added than the local.
906 as being from the masquerade host. Normally they get
907 the local hostname. Although this may be right for
908 ordinary users, it can break local aliases. For example,
914 namespace on your masquerade host supersets all the
915 local entries.
944 This feature prevents the local mailer from masquerading even
946 on addresses of mail going outside the local domain.
952 host. Normally only the header addresses are masqueraded.
981 address being looked up must be fully qualified. For local
997 virtusertable A domain-specific form of aliasing, allowing multiple
1001 info@foo.com foo-info
1002 info@bar.com bar-info
1008 address foo-info, mail addressed to info@bar.com will be
1009 delivered to bar-info, and mail addressed to anyone at baz.org
1021 Additionally, if the local part consists of "user+detail"
1033 There are two wildcards after "+": "+" matches only a non-empty
1038 All the host names on the left hand side (foo.com, bar.com,
1062 ldap_routing Implement LDAP-based e-mail recipient routing according to
1063 the Internet Draft draft-lachman-laser-ldap-mail-routing-01.
1064 This provides a method to re-route addresses with a
1066 different mail host or a different address. Hosts can
1073 nullclient This is a special case -- it creates a configuration file
1075 central hub via a local SMTP-based network. The argument
1082 local_lmtp Use an LMTP capable local mailer. The argument to this
1084 default, mail.local is used. This is expected to be the
1085 mail.local which came with the 8.9 distribution which is
1086 LMTP capable. The path to mail.local is set by the
1087 confEBINDIR m4 variable -- making the default
1088 LOCAL_MAILER_PATH /usr/libexec/mail.local.
1093 FEATURE(`local_lmtp', `/usr/local/bin/lmtp', `lmtp')
1098 local_procmail Use procmail or another delivery agent as the local mailer.
1102 PROCMAIL_MAILER_ARGS for the local mailer; tweak
1105 the local mailer can make use of the
1106 "user+indicator@local.host" syntax; normally the +indicator
1107 is just tossed, but by default it is passed as the -a
1113 [default: /usr/local/bin/procmail]
1115 [default: procmail -Y -a $h -d $u]
1120 setreuid() call, you may need to add -f $f to the procmail
1126 FEATURE(`local_procmail', `/usr/local/bin/maildrop',
1127 `maildrop -d $u')
1131 FEATURE(`local_procmail', `/usr/local/bin/scanmails')
1136 bestmx_is_local Accept mail as though locally addressed for any host that
1141 these domains -- this will reduce unnecessary DNS
1148 to programs. This improves the ability of the local
1150 e-mail. If an argument is provided it is used as the
1152 confEBINDIR is used for the smrsh binary -- by default,
1158 local host (class {w}) and sending it to another host than
1159 your local host). This option sets your site to allow
1168 This option allows any host in your domain as defined by
1171 e.g., com. This can happen if you give your host a name
1172 like example.com instead of host.example.com.
1176 db and class {R} are treated as domain names, not host names.
1180 the behaviour to look up individual host names only.
1184 records of the host portion of an incoming recipient; that
1185 is, if an MX record for host foo.com points to your site,
1193 if route address syntax (or %-hack syntax) is used. If
1194 this is a problem, add entries to the access-table or use
1207 anti-spam configuration control.
1211 is a local host. This should only be used if absolutely
1222 setup sends local mail unqualified (i.e., MAIL FROM:<joe>),
1232 refused if the host part of the argument to MAIL FROM:
1233 cannot be located in the host name service (e.g., an A or
1235 only a limited view of the Internet host name space, this
1246 hash -T<TMPF> /etc/mail/access
1248 See the anti-spam configuration control section for further
1250 "-T<TMPF>" is meant literal, do not replace it by anything.
1256 host foo.mydomain.com, or guest@bar.mydomain.com.
1258 described in the anti-spam configuration control section
1265 See "Delay all checks" in the anti-spam configuration control
1289 Rejected: IP-ADDRESS listed at SERVER
1291 where IP-ADDRESS and SERVER are replaced by the appropriate
1295 message. See the anti-spam configuration control section for
1301 definition from `host'. Set the DNSBL_MAP_OPT mc option
1311 define(`DNSBL_MAP', `dns -R A')
1318 define(`DNSBL_MAP', `dns -R A -r2')
1333 will reject the e-mail if the lookup returns the value
1394 draft-stumpf-dns-mtamark-01. Optional arguments are:
1430 Preserve the name of the recipient host if LUSER_RELAY is
1432 recipient address will be replaced by the host specified as
1435 that in the default configuration the local mailer does not
1441 address to local delivery agent. Disables alias and
1444 user will not be looked up). Only use if the local
1447 for the local mailer is set as the entire local address
1451 with the Compat: tag -- Compat:sender<@>recipient -- in the
1467 the default of `[localhost]' to use as host to send all
1468 e-mails to. Note that MX records will be used if the
1493 on the full e-mail address or the domain of the
1499 QGRP:my.domain local
1501 where "main", "others", and "local" are names of
1527 Local_greet_pause can be used for local modifications, e.g.,
1539 - authenticated sessions,
1540 - connections from IP addresses in class $={R}.
1547 adds the IPv6 and IPv4 localhost IP addresses to $={w} (local
1548 host names) and $={R} (relay permitted).
1554 Rejecting mails from those MTAs is a local policy decision.
1559 If the look-up succeeds, but returns an apparently forged
1566 Any IP address matched using $=R (the "relay-domains" file)
1568 allowed relaying for this host, based on IP address, we
1614 (MTA-STS, see RFC 8461). It sets the option
1617 postfix-mta-sts-resolver (see feature/sts.m4
1627 +-------+
1629 +-------+
1633 macro. These will tend to be site-dependent. The release
1634 includes the Berkeley-dependent "cssubdomain" hack (that makes
1635 sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU;
1636 this is intended as a short-term aid while moving hosts into
1640 +--------------------+
1642 +--------------------+
1649 * of UUCP mailers, such as uucp-uudom. *
1652 Complex sites will need more local configuration information, such as
1656 The SITECONFIG macro allows you to indirectly reference site-dependent
1662 reads the file uucp.ucbvax for local connection information. The
1663 second parameter is the local name (in this case just "ucbvax" since
1665 parameter is the name of both a macro to store the local name (in
1667 the host information read from the file. Another SITECONFIG line reads
1676 out-of-date configuration file has been left around to demonstrate
1681 local site, rather than the name of a remote site, and the UUCP name
1682 is entered into class {w} (the list of local hostnames) as $U.UUCP.
1692 same line; these are usually aliases for the same host (or are at
1700 +--------------------+
1702 +--------------------+
1706 for domain-based addressing, even for UUCP sites.
1709 use is partly a matter of local preferences and what is running at
1718 non-domainized scheme. This depends entirely on what the other
1720 other end to go to a domain-based system -- non-domainized addresses
1725 uucp-old (obsolete name: "uucp")
1734 uucp-new (obsolete name: "suucp")
1739 uucp-dom
1747 domain-based addresses in the message header. (The envelope
1750 uucp-uudom
1751 This is a cross between uucp-new (for the envelope addresses)
1752 and uucp-dom (for the header addresses). It bangifies the
1754 local hostname, unless there is no host name on the address
1755 at all (e.g., "wolf") or the host component is a UUCP host name
1762 On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following
1766 ------ ------ -------------------------
1767 uucp-{old,new} wolf grasp!wolf
1768 uucp-dom wolf wolf@grasp.insa-lyon.fr
1769 uucp-uudom wolf grasp.insa-lyon.fr!wolf
1771 uucp-{old,new} wolf@fr.net grasp!fr.net!wolf
1772 uucp-dom wolf@fr.net wolf@fr.net
1773 uucp-uudom wolf@fr.net fr.net!wolf
1775 uucp-{old,new} somehost!wolf grasp!somehost!wolf
1776 uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr
1777 uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf
1780 to convert all UUCP addresses to domain format -- otherwise, it will
1783 the heuristics will add the @uucp.relay.name or @local.host.name to
1784 this address. However, if you map foo to foo.host.name first, it
1785 will not add the local hostname. You can do this using the uucpdomain
1789 +-------------------+
1791 +-------------------+
1820 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.>
1823 pointing at this host; this rule catches the message and forwards it on
1831 the LOCAL_CONFIG section. It can be used to declare local database maps or
1836 Kyplocal nis -m hosts.byname
1839 +---------------------------+
1841 +---------------------------+
1843 You can have your host masquerade as another using
1845 MASQUERADE_AS(`host.domain')
1848 indicated host.domain, rather than $j. One normally masquerades as
1861 from this host (that is, are either unqualified or in class {w}, the list
1862 of local domain names). You can augment this list, which is realized
1870 This can be a space-separated list of names.
1881 MASQUERADE_EXCEPTION(`host.domain')
1884 except for one (or a few) host(s). If these names are in a file,
1894 There are always users that need to be "exposed" -- that is, their
1906 without @host) to a relay host. For example, if you have a central
1907 email server, you might relay to that host so that users don't have
1914 because of local aliases. A common example is root, which may be
1930 be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB.
1943 mail.CS.Berkeley.EDU (no local aliasing) (aliasing done)
1949 MAIL_HUB set as above (no local aliasing) (aliasing done)
1959 local host (e.g., "eric@mastodon.CS.Berkeley.EDU").
1967 need to unset all the other relays -- or better yet, find or build a
1970 For duplicate suppression to work properly, the host name is best
1973 define(`MAIL_HUB', `host.domain.')
1974 note the trailing dot ---^
1977 +-------------------------------------------+
1979 +-------------------------------------------+
1982 own LDAP map specification or using the built-in default LDAP map
1983 specification. The built-in default specifications all provide lookups
2000 individual host records can have surprising results (see the CAUTION
2006 in future versions. Feedback via sendmail-YYYY@support.sendmail.org is
2009 -------
2011 -------
2021 ldap -k (&(objectClass=sendmailMTAAliasObject)
2026 …-v sendmailMTAAliasValue,sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,sendmailMTAAliasURL:…
2031 not actually macro-expanded when read from the sendmail.cf file.
2035 dn: sendmailMTAKey=sendmail-list, dc=sendmail, dc=org
2041 sendmailMTAKey: sendmail-list
2046 dn: sendmailMTAKey=owner-sendmail-list, dc=sendmail, dc=org
2052 sendmailMTAKey: owner-sendmail-list
2064 Here, the aliases sendmail-list and owner-sendmail-list will be available
2095 define(`ALIAS_FILE', `ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember')
2097 ----
2099 ----
2116 --------- ------------------
2128 Kmailertable ldap -k (&(objectClass=sendmailMTAMapObject)
2133 …-1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:s…
2152 CAUTION: If your LDAP database contains the record above and *ALSO* a host
2166 require a single match. Since the host etrn.sendmail.org is also in the
2173 FEATURE(`access_db', `ldap:-1 -k (&(objectClass=mapDatabase)(key=%0)) -v value')
2175 -------
2177 -------
2196 F{R}@ldap:-k (&(objectClass=sendmailMTAClass)
2200 …-v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:se…
2204 not actually macro-expanded when read from the sendmail.cf file.
2210 ------- --------------------
2239 CAUTION: If your LDAP database contains the record above and *ALSO* a host
2251 both the cluster match and the host match). In other words, the effective
2257 VIRTUSER_DOMAIN_FILE(`@ldap:-k (&(objectClass=virtHosts)(host=*)) -v host')
2263 +--------------+
2265 +--------------+
2269 (draft-lachman-laser-ldap-mail-routing-01). This feature enables
2270 LDAP-based rerouting of a particular address to either a different host
2297 mail host for a particular address; <mailRoutingAddress> is a map definition
2303 contains +detail information -- `strip' tries the lookup with the +detail
2315 ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient)
2320 ldap -1 -T<TMPF> -v mailRoutingAddress
2321 -k (&(objectClass=inetLocalMailRecipient)
2324 Note that neither includes the LDAP server hostname (-h server) or base DN
2325 (-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that
2328 changed as described above. The "-T<TMPF>" is required in any user
2335 ----------- --------------------- ----------
2337 "local" host mailRoutingAddress
2340 "local" host original address
2343 remote host relayed to mailHost
2346 remote host relayed to mailHost
2355 The term "local" host above means the host specified is in class {w}. If
2356 the result would mean sending the mail to a different host, that host is
2366 must contain a fully qualified host name as its value. Similarly, if
2384 the mail to MX records listed for the host eng.example.com (unless the
2394 the host mktmail.example.com using the new address harry@mkt.example.com
2395 when talking to that host.
2408 +---------------------------------+
2409 | ANTI-SPAM CONFIGURATION CONTROL |
2410 +---------------------------------+
2412 The primary anti-spam features available in sendmail are:
2419 Relaying (transmission of messages from a site outside your host (class
2434 host.mydomain.com
2447 then any host in any of your local domains (that is, class {m})
2449 host in your domain).
2451 You can also allow relaying based on the MX records of the host
2462 Note also that this feature will stop spammers from using your host
2471 MAIL FROM:<user@domain>) domain which is a local domain. This is a
2493 user@site.com for relaying if othersite.com is an allowed relay host
2506 anti-relay rules do not prevent: the case of a system that does use
2508 (system A) and relays local messages to a mail hub (e.g., via
2511 <example.net!user@local.host> / <user%example.net@local.host>
2515 because it came from a trusted local host. So if a mailserver
2516 allows UUCP (bang-format) / %-hack addresses, all systems from which
2520 an unresolvable domain (i.e., one that DNS, your local name service,
2523 IP address can't be mapped to a host name. If you want to continue
2525 has only a limited view of the Internet host name space (note that you
2527 host" forwarder), use
2568 FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access_map')
2571 `-T<TMPF>' as shown above. The optional parameters may be
2579 e-mail address instead of an entire domain.
2587 The table itself uses e-mail addresses, domain names, and network
2600 (or any host within the cyberspammer.com domain), any host in the entire
2645 "relay", but at most acceptance for local
2659 SKIP This can only be used for host/domain names
2702 Connect:suspicious.example.com QUARANTINE:Mail from suspicious host
2714 forged"). That is, using square brackets means these are host
2735 hosts listed in class {R} to be fully qualified host names.
2750 then you can add entries to the map for local users, hosts in your
2754 To:host.my.TLD ERROR:550 That host does not accept mail
2757 This would prevent a recipient of badlocaluser in any of the local
2758 domains (class {w}), any user at host.my.TLD, and the single address
2759 user@other.my.TLD from receiving mail. Please note: a local username
2783 Rejected: IP-ADDRESS listed at SERVER
2785 where IP-ADDRESS and SERVER are replaced by the appropriate
2805 451 Temporary lookup failure of IP-ADDRESS at SERVER
2807 where IP-ADDRESS and SERVER are replaced by the appropriate
2813 Notice: to avoid checking your own local domains against those
2819 to the access map, where 10.1 is your local network. You may
2836 Kallnumbers regex -a@MATCH ^[0-9]+$
2846 check_* ruleset. If the local ruleset returns $#OK, no further checking
2848 the local ruleset resolves to a mailer (such as $#error or $#discard),
2855 ----------------
2871 in the access map, then any e-mail with a sender address of
2921 -------------
2926 a Message-ID: header:
2929 HMessage-Id: $>CheckMessageId
2961 any final header-related checks. The ruleset is called with the number of
2963 example usage is to reject messages which do not have a Message-Id:
2964 header. However, the Message-Id: header is *NOT* a required header and is
2970 HMessage-Id: $>CheckMessageId
2984 # Has a Message-Id: header
2986 # Allow missing Message-Id: from local mail
2994 +--------------------+
2996 +--------------------+
3025 +----------+
3027 +----------+
3056 ${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA,
3057 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA.
3077 --------
3092 rulesets and map lookups, they are modified as follows: each non-printable
3145 --------------------
3165 requiring that e-mail is sent to a server only encrypted, e.g., via
3169 doesn't necessarily mean that e-mail sent to that domain is encrypted.
3200 algorithm, e.g., DIGEST-MD5.
3213 Example: e-mail sent to secure.example.com should only use an encrypted
3214 connection. E-mail received from hosts within the laptop.example.com domain
3215 should only be accepted if they have been authenticated. The host which
3216 receives e-mail for darth@endmail.org must present a cert that uses the
3217 CN smtp.endmail.org. E-mail sent to safe.example.com must be verified,
3230 -----------------------
3243 - Options: compare {Server,Client}SSLOptions.
3244 - CipherList: same as the global option.
3245 - CertFile, KeyFile: {Server,Client}{Cert,Key}File
3246 - Flags: see doc/op/op.me for details.
3254 TLS_Clt_features:10.1.0.1 Options=SSL_OP_NO_TLSv1_2; CipherList=ALL:-EXPORT
3278 will turn off STARTTLS when sending to broken.server (or any host
3280 only for hosts in my.domain, and disable MTA-STS for broken.sts.
3286 ----------------
3294 +---------------------+
3296 +---------------------+
3299 used in anti-relay rulesets to allow relaying for those users that
3312 RDIGEST-MD5 $| $+@$=w $# OK
3314 to allow relaying for users that authenticated using DIGEST-MD5
3315 and have an identity in the local domains.
3329 TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5')
3336 -----------------------------------------------------
3352 sendmail set-user-ID. Use PrivacyOptions to turn off verbose output
3374 AuthInfo:other.dom "U:user" "I:user" "P:secret" "R:other.dom" "M:DIGEST-MD5"
3375 AuthInfo:host.more.dom "U:user" "P=c2VjcmV0"
3387 group/world-unreadable, this is left to the user.
3390 +--------------------------------+
3392 +--------------------------------+
3406 Local additions for the rulesets srv_features, clt_features, try_tls,
3409 and LOCAL_TLS_SERVER, respectively. For example, to add a local
3419 +-------------------------+
3421 +-------------------------+
3433 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3437 Xarchive, S=local:/var/run/archivesock, F=R
3445 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3450 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3462 +-------------------------+
3464 +-------------------------+
3476 +-------------------------------+
3477 | NON-SMTP BASED CONFIGURATIONS |
3478 +-------------------------------+
3481 SMTP-based sites. They may not be well tuned for UUCP-only or
3482 UUCP-primarily nodes (the latter is defined as a small local net
3486 You can define a ``smart host'' that understands a richer address syntax
3492 can't be handled using the usual UUCP rules are passed to this host.
3494 If you are on a local SMTP-based net that connects to the outside
3498 define(`SMART_HOST', `uucp-new:uunet')
3503 via SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet.
3505 the $m. If you are running a local DNS inside your domain which is
3516 You may need to turn off the anti-spam rules in order to accept
3521 +-----------+
3523 +-----------+
3527 host name using gethostname and then calling gethostbyname on the
3529 only the root of the host name (such as "foo"); gethostbyname is
3539 +-----------------------------------+
3541 +-----------------------------------+
3543 If your host is known by several different names, you need to augment
3544 class {w}. This is a list of names by which your host is known, and
3545 anything sent to an address using a host name in this list will be
3546 treated as local mail. You can do this in two ways: either create the
3547 file /etc/mail/local-host-names containing a list of your aliases (one per
3549 ``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified
3550 name of the host, rather than a short name.
3554 http://www.sendmail.org/virtual-hosting.html
3557 +--------------------+
3559 +--------------------+
3566 uuhost1.my.domain uucp-new:uuhost1
3575 a dot matches the full host name indicated. LHS entries beginning
3577 the leading dot) -- that is, they can be thought of as having a
3578 leading ".+" regular expression pattern for a non-empty sequence of
3579 characters. Matching is done in order of most-to-least qualified
3580 -- for example, even though ".my.domain" is listed first in the
3582 entry since it is more explicit. Note: e-mail to "user@my.domain"
3586 my.domain esmtp:host.my.domain
3588 The RHS should always be a "mailer:host" pair. The mailer is the
3590 sendmail.cf file). The "host" will be the hostname passed to
3591 that mailer. In domain-based matches (that is, those with leading
3593 the host name. For example, the first line above sends everything
3594 addressed to "anything.my.domain" to that same host name, but using
3608 The [square brackets] turn off MX records for this host only.
3615 +--------------------------------+
3617 +--------------------------------+
3622 purpose instead -- since you can specify multiple alias files, this
3624 a site, but allow you to override this by sending to a specific host.
3627 imperative that you not use FEATURE(`stickyhost') -- otherwise,
3628 e-mail sent to Full.Name@local.host.name will be rejected.
3635 as e-mail addresses, since they are not in any sense unique. For
3636 example, the UNIX software-development community has at least two
3637 well-known Peter Deutsches, and at one time Bell Labs had two
3646 +--------------------------------+
3648 +--------------------------------+
3666 +----------------+
3668 +----------------+
3683 if your system allows "file giveaways" (that is, if a non-root
3688 to steal anyone else's e-mail. Instead, create a script that
3690 night (if you want the non-NFS-mounted forward directory).
3693 sendmail is much less trusting of :include: files -- in
3698 In general, file giveaways are a mistake -- if you can turn them
3702 +--------------------------------+
3704 +--------------------------------+
3719 Some options are likely to be deprecated in future versions -- that is,
3720 the option is only included to provide back-compatibility. These are
3731 confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used
3736 determine your local domain name,
3756 in messages passed through this host.
3758 confMESSAGEID_HEADER Message-Id: [<$t.$i@$j>] The format of an
3759 internally generated Message-Id:
3761 confCW_FILE Fw class [/etc/mail/local-host-names] Name
3762 of file used to get the local
3763 additions to class {w} (local host
3765 confCT_FILE Ft class [/etc/mail/trusted-users] Name of
3766 file used to get the local additions
3768 confCR_FILE FR class [/etc/mail/relay-domains] Name of
3769 file used to get the local additions
3779 confSMTP_MAILER - [esmtp] The mailer name used when
3783 confUUCP_MAILER - [uucp-old] The mailer to be used by
3784 default for bang-format recipient
3788 confLOCAL_MAILER - [local] The mailer name used when
3789 local connectivity is required.
3790 Almost always "local".
3791 confRELAY_MAILER - [relay] The default mailer name used
3795 "uucp-new" if you are on a
3796 UUCP-connected site.
3798 confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling
3826 confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd
3831 confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME-
3834 The colon-separated list of places to
3842 [undefined] If set, host status is kept
3853 sendmails on this host to connect
3855 host. This can slow down delivery in
3858 to a host will prevent other sendmails
3859 from connecting to the other host.
3866 confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to
3886 confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function.
3892 confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr
3907 to connect to a host in a message.
3967 Timeout.queuereturn.non-urgent
3968 [undefined] As above, for non-urgent
3986 Timeout.queuewarn.non-urgent
3987 [undefined] As above, for non-urgent
3994 [30m] How long information about host
3996 is considered stale and the host should
4032 confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be
4040 confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
4042 [undefined] Fallback smart host.
4047 confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
4048 for a host and other arrangements
4050 to the host directly; normally this
4053 queue-only function kicks in.
4102 Priority, Host, Filename, Random,
4117 confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting
4124 system-defined switch.
4137 nonconforming message as is, "add-to"
4140 blind recipients), "add-apparently-to"
4141 to do the same but use Apparently-To:
4144 "add-bcc" to add an empty Bcc:
4145 header, or "add-to-undisclosed" to
4147 ``To: undisclosed-recipients:;''.
4157 handled properly in route-addrs. This
4202 does not include a host name.
4226 [True] If set, group-writable
4230 from such files. World-writable files
4258 confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header
4282 local interfaces into class {w}
4286 in a mailertable entry) -- otherwise,
4303 confREJECT_MSG - [550 Access denied] The message
4306 confRELAY_MSG - [550 Relaying denied] The message
4311 memory-buffered data (df) file
4312 before a disk-based file is used.
4315 memory-buffered transcript (xf)
4316 file before a disk-based file is
4318 confAUTH_MECHANISMS AuthMechanisms [EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5
4319 CRAM-MD5] List of authentication
4373 specific settings such as "-h host
4374 -p port -d bindDN", etc. The
4454 information about local mailboxes.
4455 confDEQUOTE_OPTS - [empty] Additional options for the
4545 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet')
4546 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6')
4561 INPUT_MAIL_FILTER(`sample', `S=local:/var/run/f1.sock')
4573 +----------------------------+
4575 +----------------------------+
4586 - confTRUSTED_USERS, FEATURE(`use_ct_file'), and confCT_FILE for
4587 avoiding X-Authentication warnings.
4588 - confTIME_ZONE to change it from the default `USE_TZ'.
4589 - confDELIVERY_MODE is set to interactive in msp.m4 instead
4591 - FEATURE(stickyhost) and LOCAL_RELAY to send unqualified addresses
4593 - confRAND_FILE if you use STARTTLS and sendmail is not compiled with
4625 FEATURE(`authinfo', `DATABASE_MAP_TYPE /etc/mail/msp-authinfo')
4627 /etc/mail/msp-authinfo should contain an entry like:
4629 AuthInfo:127.0.0.1 "U:smmsp" "P:secret" "M:DIGEST-MD5"
4643 Note: the authentication data can leak to local users who invoke
4644 the MSP with debug options or even with -v. For that reason either
4646 AUTH dialogue (e.g., DIGEST-MD5) or a different authentication
4663 +--------------------------+
4665 +--------------------------+
4669 /etc/mail/local-host-names may have the following content:
4684 By default, the delimiter between LHS and RHS is a non-empty sequence
4688 +------------------+
4690 +------------------+
4724 hack Local hacks. These can be referenced using the HACK
4728 siteconfig Site configuration -- e.g., tables of locally connected
4732 +------------------------+
4734 +------------------------+
4748 5 * Local address rewrite (after aliasing)
4757 90 Mailertable host stripping
4760 98 Local part of ruleset 0 (ruleset 8 in old sendmail)
4765 0 local, prog local and program mailers
4767 2 uucp-* UNIX-to-UNIX Copy Program
4778 D The local domain -- usually not needed
4793 S Smart Host
4818 N host/domains that should not be mapped to $M
4819 O operators that indicate network operations (cannot be in local names)
4820 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc.
4822 R domains this system is willing to relay (pass anti-spam filters)
4830 Z locally connected domain-ized UUCP hosts
4837 1 Local host detection and resolution
4838 2 Local Ruleset 3 additions
4839 3 Local Ruleset 0 additions
4842 6 local configuration (at top of file)
4845 9 special local rulesets (1 and 2)